Is your feature request related to a problem? Please describe.
Currently, the GeoNode Docker setup for PostGIS does not expose the PostgreSQL configuration on the host filesystem, which makes it difficult to adjust performance or security parameters (e.g., max_connections, idle_in_transaction_session_timeout, password_encryption, pg_hba.conf).
This limits operators' ability to:
- Tune connection-related parameters to match their workloads (e.g., many GeoServer JDBC pools).
- Apply security best practices (e.g., migrating from md5 to scram-sha-256).
- Configure logging, statement timeouts, memory usage, or connection eviction policies.
- Version control their configuration in Git for reproducible deployments.
Curent behavior: command: postgres -c "max_connections=${POSTGRESQL_MAX_CONNECTIONS}"
but does not mount any configuration directory. The actual postgresql.conf and pg_hba.conf remain inside the container volume and are not easily editable.
Describe the solution you'd like
Update the default docker-compose.yml for the db service to include a mounted configuration directory and use include_dir and hba_file to point to it. For example:
db:
image: ${COMPOSE_PROJECT_NAME}/postgis:${POSTGRES_BASE_IMAGE_VERSION}
command:
- postgres
- -c
- include_dir=/etc/postgresql/conf.d
- -c
- hba_file=/etc/postgresql/pg_hba.conf
volumes:
- dbdata:/var/lib/postgresql/data
- dbbackups:/pg_backups
- ./postgres/conf.d:/etc/postgresql/conf.d:ro
- ./postgres/pg_hba.conf:/etc/postgresql/pg_hba.conf:ro
This allows users to:
- Place .conf files in ./postgres/conf.d/ (e.g., 10-tuning.conf) to override defaults.
- Track configuration changes in source control.
- Customize authentication, pooling, and performance without rebuilding the image.
Benefits
Operational flexibility: Makes tuning Postgres straightforward for real-world GeoNode deployments.
Security: Enables easy migration to scram-sha-256 and other security features.
Best practice: Aligns with standard PostgreSQL deployments that use include_dir.
Reproducibility: Configuration can be committed and deployed consistently across environments.
This pattern is already widely used in official Postgres images and is compatible with GeoNode’s existing PostGIS setup. It would be a non-breaking change, as existing users can ignore the mounted directories if not needed.
Is your feature request related to a problem? Please describe.
Currently, the GeoNode Docker setup for PostGIS does not expose the PostgreSQL configuration on the host filesystem, which makes it difficult to adjust performance or security parameters (e.g., max_connections, idle_in_transaction_session_timeout, password_encryption, pg_hba.conf).
This limits operators' ability to:
Curent behavior:
command: postgres -c "max_connections=${POSTGRESQL_MAX_CONNECTIONS}"but does not mount any configuration directory. The actual postgresql.conf and pg_hba.conf remain inside the container volume and are not easily editable.
Describe the solution you'd like
Update the default docker-compose.yml for the db service to include a mounted configuration directory and use include_dir and hba_file to point to it. For example:
This allows users to:
Benefits
Operational flexibility: Makes tuning Postgres straightforward for real-world GeoNode deployments.
Security: Enables easy migration to scram-sha-256 and other security features.
Best practice: Aligns with standard PostgreSQL deployments that use include_dir.
Reproducibility: Configuration can be committed and deployed consistently across environments.
This pattern is already widely used in official Postgres images and is compatible with GeoNode’s existing PostGIS setup. It would be a non-breaking change, as existing users can ignore the mounted directories if not needed.