{"id":16532839,"url":"https://github.com/mjstealey/irods-provider-postgres","last_synced_at":"2025-07-13T18:33:35.749Z","repository":{"id":93420536,"uuid":"70358908","full_name":"mjstealey/irods-provider-postgres","owner":"mjstealey","description":"iRODS catalog provider in Docker - PostgreSQL ICAT - versions 4.1.x and 4.2.x ","archived":false,"fork":false,"pushed_at":"2019-06-25T21:28:48.000Z","size":65,"stargazers_count":10,"open_issues_count":0,"forks_count":11,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-04-08T19:46:39.092Z","etag":null,"topics":["docker","irods","irods-icat","irods-provider","irods-server","postgres","postgresql"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mjstealey.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-10-08T21:40:53.000Z","updated_at":"2024-06-05T21:14:33.000Z","dependencies_parsed_at":"2023-03-08T14:15:22.774Z","dependency_job_id":null,"html_url":"https://github.com/mjstealey/irods-provider-postgres","commit_stats":{"total_commits":37,"total_committers":2,"mean_commits":18.5,"dds":0.08108108108108103,"last_synced_commit":"bf4965d5897bd308797f1c2e091de89036927f07"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/mjstealey/irods-provider-postgres","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mjstealey%2Firods-provider-postgres","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mjstealey%2Firods-provider-postgres/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mjstealey%2Firods-provider-postgres/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mjstealey%2Firods-provider-postgres/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mjstealey","download_url":"https://codeload.github.com/mjstealey/irods-provider-postgres/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mjstealey%2Firods-provider-postgres/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":265186689,"owners_count":23724721,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","irods","irods-icat","irods-provider","irods-server","postgres","postgresql"],"created_at":"2024-10-11T18:13:32.386Z","updated_at":"2025-07-13T18:33:35.743Z","avatar_url":"https://github.com/mjstealey.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# irods-provider-postgres\n\n## What is iRODS?\n\nThe Integrated Rule-Oriented Data System (iRODS) is open source data management software used by research organizations and government agencies worldwide.\n\niRODS is released as a production-level distribution aimed at deployment in mission critical environments. It virtualizes data storage resources, so users can take control of their data, regardless of where and on what device the data is stored.\n\nThe development infrastructure supports exhaustive testing on supported platforms.\n\nThe plugin architecture supports microservices, storage systems, authentication, networking, databases, rule engines, and an extensible API.\n\nFor more details refer to the [official iRODS documentation](https://docs.irods.org/4.2.4).\n\n## Supported tags and respective Dockerfile links\n\nThe following tags are supported at: [https://hub.docker.com/r/mjstealey/irods-provider-postgres/](https://hub.docker.com/r/mjstealey/irods-provider-postgres/)\n\n- 4.2.4, latest ([4.2.4/Dockerfile](4.2.4/Dockerfile))\n- 4.2.3 ([4.2.3/Dockerfile](4.2.3/Dockerfile))\n- 4.2.2 ([4.2.2/Dockerfile](4.2.2/Dockerfile))\n- 4.2.1 ([4.2.1/Dockerfile](4.2.1/Dockerfile))\n- 4.2.0 ([4.2.0/Dockerfile](4.2.0/Dockerfile))\n- 4.1.12 ([4.1.12/Dockerfile](4.1.12/Dockerfile))\n- 4.1.11 ([4.1.11/Dockerfile](4.1.11/Dockerfile))\n- 4.1.10 ([4.1.10/Dockerfile](4.1.10/Dockerfile))\n- 4.1.9 ([4.1.9/Dockerfile](4.1.9/Dockerfile))\n- 4.1.8 ([4.1.8/Dockerfile](4.1.8/Dockerfile))\n\n## Get the Docker image\n\n### Pull image from dockerhub\n\n```\ndocker pull mjstealey/irods-provider-postgres:latest\n```\n\n### Build image locally\n\n```\ncd irods-provider-postgres/4.2.4\ndocker build -t irods-provider-postgres:4.2.4 .\n```\n\n## Run the iRODS Provider\n\n```\ndocker run -d --name provider mjstealey/irods-provider-postgres:4.2.4\n```\n\n- **Note**: This image is based from the [PostgreSQL Docker definition files](https://hub.docker.com/_/postgres/) which includes `EXPOSE 5432` (the postgres port), so standard container linking will make it automatically available to the linked containers. The default postgres user and database are created in the entrypoint with `initdb`.\n\n## Running iCommands\n\nSince iRODS is running inside of a Docker container, we need to issue iCommands from within the container's scope. This can be accomplished by either getting on the container as the `irods` user, or invoked from the host.\n\n### On the container\n\n```console\n$ docker exec -ti -u irods provider /bin/bash\nirods@9ca1f64052e0:~$ iadmin lz\ntempZone\nirods@9ca1f64052e0:~$ iadmin lr\nbundleResc\ndemoResc\nirods@9ca1f64052e0:~$ ilsresc -l\nresource name: demoResc\nid: 10014\nzone: tempZone\ntype: unixfilesystem\nclass: cache\nlocation: 9ca1f64052e0\nvault: /var/lib/irods/iRODS/Vault\nfree space:\nfree space time: : Never\nstatus:\ninfo:\ncomment:\ncreate time: 01526144986: 2018-05-12.17:09:46\nmodify time: 01526144986: 2018-05-12.17:09:46\ncontext:\nparent:\nparent context:\nirods@9ca1f64052e0:~$ ils\n/tempZone/home/rods:\nirods@9ca1f64052e0:~$\n```\n\n- **Note**: Since the hostname of the container was not explicitly set, Docker will issue a random ID which in this case is `9ca1f64052e0`. This could be problematic depending on use case and it is left to the user to assign a hostname that is meaningful to their setup.\n\n### On the host\n\n```console\n$ docker exec -ti -u irods provider ilsresc -l\nresource name: demoResc\nid: 10014\nzone: tempZone\ntype: unixfilesystem\nclass: cache\nlocation: 9ca1f64052e0\nvault: /var/lib/irods/iRODS/Vault\nfree space:\nfree space time: : Never\nstatus:\ninfo:\ncomment:\ncreate time: 01526144986: 2018-05-12.17:09:46\nmodify time: 01526144986: 2018-05-12.17:09:46\ncontext:\nparent:\nparent context:\n```\n\n## Environment Variables\n\nThe iRODS service has a multitude of configuration options available to it. The variables used during an installation of iRODS have been exposed to the user as settable environment variables and are honored at runtime.\n\n### `IRODS_SERVICE_ACCOUNT_NAME`\n\nService account name - The account that will be in charge of running iRODS services. Default is `irods`.\n\n### `IRODS_SERVICE_ACCOUNT_GROUP`\n\nService account group - The group that will be in charge of running iRODS services. Default is `irods`.\n\n### `IRODS_SERVER_ROLE` (version 4.2.0+)\n\nCatalog service role - The role of the node being deploy where `1` denotes an iRODS provider and `2` denotes an iRODS consumer. Default is `1`\n\n### `ODBC_DRIVER_FOR_POSTGRES` (version 4.2.0+)\n\nODBC driver - For PostgreSQL where `1` is **PostgreSQL ANSI** and `2` is **PostgreSQL Unicode**. Default is `2`.\n\n### `IRODS_DATABASE_SERVER_HOSTNAME`\n\nDatabase server's hostname or IP - Location of where the PostgreSQL database is running. Default is `localhost`\n\n### `IRODS_DATABASE_SERVER_PORT`\n\nDatabase server's port - Port which PostgreSQL is listening on. Default is `5432`\n\n### `IRODS_DATABASE_NAME`\n\nDatabase name - Name used to service the iRODS catalog. Default is `ICAT`\n\n### `IRODS_DATABASE_USER_NAME`\n\nDatabase user - User that has owner rights on the iRODS catalog database in PostgreSQL. Default is `irods`\n\n### `IRODS_DATABASE_PASSWORD`\n\nDatabase password - Password for the user that has owner rights on the iRODS catalog database in PostgreSQL. Default is `temppassword`\n\n### `IRODS_DATABASE_USER_PASSWORD_SALT` (version 4.2.0+)\n\nStored passwords salt - Random data that is used as an additional input to a one-way function that \"hashes\" data, a password or passphrase. Salts are closely related to the concept of nonce. Default is `tempsalt`\n\n### `IRODS_ZONE_NAME`\n\nZone name - Logical namespace defining the extent of all resources managed in the iRODS catalog. Default is `tempZone`\n\n### `IRODS_PORT`\n\nZone port - Port over which iRODS services are communicated. Default is `1247`\n\n### `IRODS_PORT_RANGE_BEGIN`\n\nParallel port range (begin) - Beginning port of the range of ports used for parallel transfer. Default is `20000`\n\n### `IRODS_PORT_RANGE_END`\n\nParallel port range (end) - Ending port of the range of ports used for parallel transfer. Default is `20199`\n\n### `IRODS_CONTROL_PLANE_PORT`\n\nControl plane port - Port over which iRODS grid control is communicated. Default is `1248`\n\n### `IRODS_SCHEMA_VALIDATION`\n\nSchema validation base URI - URI used to validate the iRODS schema on the server. Default is `file:///var/lib/irods/configuration_schemas`\n\n### `IRODS_SERVER_ADMINISTRATOR_USER_NAME`\n\niRODS administrator username - Initial adminstrative user created in the iRODS zone. Default is `rods`\n\n### `IRODS_SERVER_ZONE_KEY`\n\nZone key - Unique string of characters used to ID a particular zone. Default is `TEMPORARY_zone_key`\n\n### `IRODS_SERVER_NEGOTIATION_KEY`\n\nNegotiation key - 32 byte string used for inter-server communication. Default is `TEMPORARY_32byte_negotiation_key`\n\n### `IRODS_CONTROL_PLANE_KEY`\n\nControl plane key - 32 byte string used for inter-server communication. Default is `TEMPORARY__32byte_ctrl_plane_key`\n\n### `IRODS_SERVER_ADMINISTRATOR_PASSWORD`\n\niRODS administrator password - Password for the initial adminstrative user created in the iRODS zone. Default is `rods`\n\n### `IRODS_VAULT_DIRECTORY`\n\nVault directory - Physical location on disk associated with the creation of the initial unix filesystem resource named `demoResc`. Default is `/var/lib/irods/iRODS/Vault`\n\n### `UID_POSTGRES`\n\nUID of the postgres service account - This can be set to any available system UID. Default is `999`\n\n### `GID_POSTGRES`\n\nGID of the postgres service account - This can be set to any available system GID .Default is `999`\n\n### `UID_IRODS`\n\nUID of the irods service account - This can be set to any available system UID. Default is `998`\n\n### `GID_IRODS`\n\nGID of the irods service account - This can be set to any available system GID. Default is `998`\n\n### `POSTGRES_USER`\n\nThis optional environment variable is used in conjunction with `POSTGRES_PASSWORD` to set a user and its password. This variable will create the specified user with superuser power and a database with the same name. If it is not specified, then the default user of `postgres` will be used. Default is `postgres`\n\n### `POSTGRES_PASSWORD`\n\nThis environment variable is recommended for you to use the PostgreSQL image. This environment variable sets the superuser password for PostgreSQL. The default superuser is defined by the `POSTGRES_USER` environment variable. Default is `postgres`\n\n## Persisting data\n\nThe default behavior of Docker is to not persist it's data beyond the lifecycle of the container. This can be allieviated by mapping the data directories of the container to volumes on the host. The primary iRODS and PostgreSQL directories are designed to be volume mountable if the user so chooses.\n\n### `/var/lib/irods`\n\niRODS home - Primary iRODS service files, including default location for the vault, logging and scripts. Ownership of files is based on the `UID_IRODS` and `GID_IRODS` settings.\n\n### `/etc/irods`\n\niRODS configuration - Primary iRODS configuration files that are generated at runtime. Ownership of files is based on the `UID_IRODS` and `GID_IRODS` settings.\n\n### `/var/lib/postgresql/data`\n\nPostgreSQL data - Database service files and data files. Ownership of files is based on the `UID_POSTGRES` and `GID_POSTGRES` settings.\n\n## Examples\n\n### Simple\n\n```\ndocker run -d --name provider \\\n  mjstealey/irods-provider-postgres:latest\n```\nThis call has been daemonized (additional **-d** flag) which would most likely be used in an actual environment\n\nOn completion a running container named **provider** is spawned:\n\n```console\n$ docker ps\nCONTAINER ID        IMAGE                                      COMMAND                  CREATED              STATUS              PORTS                                      NAMES\n3d6855129ec7        mjstealey/irods-provider-postgres:latest   \"/irods-docker-entry…\"   About a minute ago   Up About a minute   1247-1248/tcp, 5432/tcp, 20000-20199/tcp   provider\n```\n\nConfiguration is based on the default environment variables as defined above.\n\n  **NOTE:** The `irods_host` value is set to the ID of the Docker container. This can be specified by the user at runtime using the `-h HOST_NAME` syntax.\n\n### Persisting data\n\nBy sharing volumes from the host to the container, the user can persist data between container instances even if the original container definition is removed from the system.\n\nVolumes to mount:\n\n- **iRODS home**: map to `/var/lib/irods/` on the container\n- **iRODS configuration**: map to `/etc/irods/` on the container\n- **PostgreSQL data**: map to `/var/lib/postgresql/data/` on the container\n\nSE Linux users should note that volume mounts may fail, and may require a `:z` or `:Z` at the end of their volume defintion.\n\n- `-v $(pwd)/var_irods:/var/lib/irods:z`\n\nIt is also recommended to define a **hostname** for the container when persisting data as the hostname information is written to the data store on initialization.\n\n1. Create volumes on the host:\n\n\t```\n\tmkdir var_irods  # map to /var/lib/irods/\n\tmkdir etc_irods  # map to /etc/irods/\n\tmkdir var_pgdata # map to /var/lib/postgresql/data/\n\t```\n\n2. Run the docker container with the `-i` flag for **init**:\n\n    ```\n    docker run -d --name provider \\\n      -h irods-provider \\\n      -v $(pwd)/var_irods:/var/lib/irods \\\n      -v $(pwd)/etc_irods:/etc/irods \\\n      -v $(pwd)/var_pgdata:/var/lib/postgresql/data \\\n      mjstealey/irods-provider-postgres:latest\n    ```\n\n\tNote, the host volumes now contain the relevant data to the iRODS deployment\n\n    ```console\n    $ ls -lh var_irods\n    total 24\n    -rw-------@  1 xxxxx  xxxxx   224B May 12 22:08 VERSION.json\n    -rw-r--r--@  1 xxxxx  xxxxx   166B Nov  7  2017 VERSION.json.dist\n    drwxr-xr-x@  4 xxxxx  xxxxx   128B May 12 13:06 clients\n    drwxr-xr-x@  4 xxxxx  xxxxx   128B May 12 13:06 config\n    drwxr-xr-x@  3 xxxxx  xxxxx    96B May 12 13:06 configuration_schemas\n    drwx------@  3 xxxxx  xxxxx    96B May 12 22:08 iRODS\n    -r-xr--r--@  1 xxxxx  xxxxx   283B Nov  7  2017 irodsctl\n    drwxr-xr-x@  7 xxxxx  xxxxx   224B May 12 22:08 log\n    drwxr-xr-x@  6 xxxxx  xxxxx   192B May 12 13:06 msiExecCmd_bin\n    drwxr-xr-x@ 18 xxxxx  xxxxx   576B May 12 13:06 packaging\n    drwxr-xr-x@ 22 xxxxx  xxxxx   704B May 12 13:06 scripts\n    drwxr-xr-x@  4 xxxxx  xxxxx   128B May 12 13:06 test\n\n    $ ls -lh etc_irods\n    total 136\n    -rw-r--r--@ 1 xxxxx  xxxxx   4.9K May 12 22:08 core.dvm\n    -rw-r--r--@ 1 xxxxx  xxxxx   831B May 12 22:08 core.fnm\n    -rw-r--r--@ 1 xxxxx  xxxxx    38K May 12 22:08 core.re\n    -rw-r--r--@ 1 xxxxx  xxxxx   106B May 12 22:08 host_access_control_config.json\n    -rw-r--r--@ 1 xxxxx  xxxxx    90B May 12 22:08 hosts_config.json\n    -rw-------@ 1 xxxxx  xxxxx   3.4K May 12 22:08 server_config.json\n    -rw-r--r--@ 1 xxxxx  xxxxx    64B May 12 22:07 service_account.config\n\n    $ ls -lh var_pgdata\n    total 104\n    -rw-------@  1 xxxxx  xxxxx     3B May 12 22:07 PG_VERSION\n    drwx------@  6 xxxxx  xxxxx   192B May 12 22:07 base\n    drwx------@ 61 xxxxx  xxxxx   1.9K May 12 22:10 global\n    drwx------@  2 xxxxx  xxxxx    64B May 12 22:07 pg_commit_ts\n    drwx------@  2 xxxxx  xxxxx    64B May 12 22:07 pg_dynshmem\n    -rw-------@  1 xxxxx  xxxxx   4.4K May 12 22:07 pg_hba.conf\n    -rw-------@  1 xxxxx  xxxxx   1.6K May 12 22:07 pg_ident.conf\n    drwx------@  5 xxxxx  xxxxx   160B May 12 22:07 pg_logical\n    drwx------@  4 xxxxx  xxxxx   128B May 12 22:07 pg_multixact\n    drwx------@  3 xxxxx  xxxxx    96B May 12 22:07 pg_notify\n    drwx------@  2 xxxxx  xxxxx    64B May 12 22:07 pg_replslot\n    drwx------@  2 xxxxx  xxxxx    64B May 12 22:07 pg_serial\n    drwx------@  2 xxxxx  xxxxx    64B May 12 22:07 pg_snapshots\n    drwx------@  2 xxxxx  xxxxx    64B May 12 22:07 pg_stat\n    drwx------@  6 xxxxx  xxxxx   192B May 12 22:20 pg_stat_tmp\n    drwx------@  3 xxxxx  xxxxx    96B May 12 22:07 pg_subtrans\n    drwx------@  2 xxxxx  xxxxx    64B May 12 22:07 pg_tblspc\n    drwx------@  2 xxxxx  xxxxx    64B May 12 22:07 pg_twophase\n    drwx------@  4 xxxxx  xxxxx   128B May 12 22:07 pg_wal\n    drwx------@  3 xxxxx  xxxxx    96B May 12 22:07 pg_xact\n    -rw-------@  1 xxxxx  xxxxx    88B May 12 22:07 postgresql.auto.conf\n    -rw-------@  1 xxxxx  xxxxx    22K May 12 22:07 postgresql.conf\n    -rw-------@  1 xxxxx  xxxxx    36B May 12 22:07 postmaster.opts\n    -rw-------@  1 xxxxx  xxxxx    95B May 12 22:07 postmaster.pid\n    ```\n\n\tGo ahead and `iput` some data and verify it in the catalog.\n\n    ```console\n    $ docker exec -u irods provider iput VERSION.json\n    $ docker exec -u irods provider ils -Lr\n    /tempZone/home/rods:\n      rods              0 demoResc          224 2018-05-13.02:24 \u0026 VERSION.json\n            generic    /var/lib/irods/iRODS/Vault/home/rods/VERSION.json\n    ```\n\n\t**Note**: The physical file can be found at: `$(pwd)/var_irods/iRODS/Vault/home/rods/VERSION.json` of the host\n\n3. Stop and remove the provider container:\n\n\t```\n\tdocker stop provider\n\tdocker rm -fv provider\n\t```\n\tThis destroys any host level definitions or default docker managed volumes related to the provider container and makes it impossible to recover the data from that container if we had not persisted it locally\n\n4. Run a new docker container:\n\n    ```\n    docker run -d --name new-provider \\\n      -h irods-provider \\\n      -v $(pwd)/var_irods:/var/lib/irods \\\n      -v $(pwd)/etc_irods:/etc/irods \\\n      -v $(pwd)/var_pgdata:/var/lib/postgresql/data \\\n      mjstealey/irods-provider-postgres:latest\n    ```\n\tEven though the name of the docker container was changed, the shared host volume mounts and the defined hostname that the container should use remained the same.\n\n\tVerify that the file put from the previous container has persisted on the new container instance.\n\n    ```console\n    $ docker exec -u irods new-provider ils -Lr\n    /tempZone/home/rods:\n      rods              0 demoResc          224 2018-05-13.02:24 \u0026 VERSION.json\n            generic    /var/lib/irods/iRODS/Vault/home/rods/VERSION.json\n    ```\n\n### Real world usage\n\nThe docker based implementation of iRODS can be used as a standard iRODS catalog provider when being installed on a VM or other platform capable of running docker and has a DNS resolvable name.\n\nIn this example we will be using a VM on a private VLAN (not publicly accessible) with:\n\n- Hostname: `mjs-dev-1.edc.renci.org`\n- User: `stealey`\n- UID/GID: `20022`/`10000`\n\t- iRODS files to be owned by `20022`/`10000`\n\t- PostgreSQL files to be owned by `999`/`10000`\n- Map\n\t- host: `/var/provider/lib_irods` to docker - `/var/lib/irods`\n\t- host: `/var/provider/etc_irods` to docker - `/etc/irods`\n\t- host: `/var/provider/pg_data` to docker - `/var/lib/postgresql/data`\n\n**Configuration**\n\nCreate an environment file that captures the essence of what you want to deploy. In this example this has been named `irods-provider.env`. The file only needs to contain the values that are being changed from the default, but all are shown here for completeness.\n\nPasswords generated using [pwgen](https://sourceforge.net/projects/pwgen/): `$ pwgen -cnB 32 1`\n\nExample: `irods-provider.env`\n\n```\nIRODS_SERVICE_ACCOUNT_NAME=irods\nIRODS_SERVICE_ACCOUNT_GROUP=irods\nIRODS_SERVER_ROLE=1\nODBC_DRIVER_FOR_POSTGRES=2\nIRODS_DATABASE_SERVER_HOSTNAME=localhost\nIRODS_DATABASE_SERVER_PORT=5432\nIRODS_DATABASE_NAME=ICAT\nIRODS_DATABASE_USER_NAME=irods\nIRODS_DATABASE_PASSWORD=thooJohkoo4tah9xi3xuehobooNaikoo\nIRODS_DATABASE_USER_PASSWORD_SALT=ifu9ocohteipuchae4eejienoe3bahth\nIRODS_ZONE_NAME=mjsDevZone\nIRODS_PORT=1247\nIRODS_PORT_RANGE_BEGIN=20000\nIRODS_PORT_RANGE_END=20199\nIRODS_CONTROL_PLANE_PORT=1248\nIRODS_SCHEMA_VALIDATION=file:///var/lib/irods/configuration_schemas\nIRODS_SERVER_ADMINISTRATOR_USER_NAME=rods\nIRODS_SERVER_ZONE_KEY=unieg4aing3Ed4Too7choT4ie4Eiceiz\nIRODS_SERVER_NEGOTIATION_KEY=ieb4mahNg7wahiefoo4ahchif9seiC4a\nIRODS_CONTROL_PLANE_KEY=aiNiePhi4queshiacoog3uugai4UhooJ\nIRODS_SERVER_ADMINISTRATOR_PASSWORD=eeThefeig3ahNo9othaequooMo4bohsa\nIRODS_VAULT_DIRECTORY=/var/lib/irods/iRODS/Vault\nUID_POSTGRES=999\nGID_POSTGRES=10000\nUID_IRODS=20022\nGID_IRODS=10000\n```\nCreate the directories on the host to share with the provider container and set the permissions to correspond with the UID/GID that will be passed to the container.\n\n```\n$ sudo mkdir -p /var/provider/lib_irods \\\n\t/var/provider/etc_irods \\\n\t/var/provider/pg_data\n$ sudo chown -R 20022:10000 /var/provider/lib_irods \\\n\t/var/provider/etc_irods\n$ sudo chown -R 999:10000 /var/provider/pg_data\n$ sudo ls -alh /var/provider/ ### \u003c-- validate settings\n```\n\n**Deployment**\n\nBecause we want this to interact as a normal iRODS provider, we will need to specify the necessary port mappings for it to do so. specifically ports `1247`, `1248` and `20000-20199`.\n\nRun this docker command from the same directory as the `irods-provider.env` file.\n\n```\ndocker run -d --name provider \\\n  -h mjs-dev-1.edc.renci.org \\\n  --env-file=irods-provider.env \\\n  -v /var/provider/lib_irods:/var/lib/irods \\\n  -v /var/provider/etc_irods:/etc/irods \\\n  -v /var/provider/pg_data:/var/lib/postgresql/data \\\n  -p 1247:1247 \\\n  -p 1248:1248 \\\n  -p 20000-20199:20000-20199 \\\n  mjstealey/irods-provider-postgres:latest\n```\n\nSince the container is being run with the `-d` flag, progress can be monitored by using docker attach to attach a terminal to the `STDOUT` of the container.\n\n```\ndocker attach --sig-proxy=false provider\n```\n\nUse `ctl-c` to exit when finished.\n\nOutput of docker ps should look something like:\n\n```console\n$ docker ps\nCONTAINER ID        IMAGE                                      COMMAND                  CREATED             STATUS              PORTS                                                                              NAMES\nf04993705973        mjstealey/irods-provider-postgres:latest   \"/irods-docker-ent...\"   27 seconds ago      Up 24 seconds       0.0.0.0:1247-1248-\u003e1247-1248/tcp, 0.0.0.0:20000-20199-\u003e20000-20199/tcp, 5432/tcp   provider\n```\n\nThe container should also identify it's hostname as the same that you are running it on.\n\n```console\n$ docker exec provider hostname\nmjs-dev-1.edc.renci.org\n```\n\n**Sample iCommands**\n\nA true test of the system will be to log in from another machine, iinit as the `rods` user from the `mjs-dev-1.edc.renci.org` deployment, and see if iCommands work as they should.\n\nIn this example we will be using `galera-1.edc.renci.org` as the other machine that has our iRODS deployment within it's network scope (on the same VLAN).\n\nFrom `galera-1.edc.renci.org`:\n\n```console\n$ iinit\nOne or more fields in your iRODS environment file (irods_environment.json) are\nmissing; please enter them.\nEnter the host name (DNS) of the server to connect to: mjs-dev-1.edc.renci.org\nEnter the port number: 1247\nEnter your irods user name: rods\nEnter your irods zone: mjsDevZone\nThose values will be added to your environment file (for use by\nother iCommands) if the login succeeds.\n\nEnter your current iRODS password: eeThefeig3ahNo9othaequooMo4bohsa\n\n$ ils\n/mjsDevZone/home/rods:\n\n$ iadmin lr\nbundleResc\ndemoResc\n\n$ iadmin lu\nrods#mjsDevZone\n\n$ iadmin lz\nmjsDevZone\n```\n\nTry `iput` from `galera-1.edc.renci.org` using a 10MB test file:\n\n```console\n$ dd if=/dev/zero of=test-file.dat  bs=1M  count=10\n10+0 records in\n10+0 records out\n10485760 bytes (10 MB) copied, 0.0109233 s, 960 MB/s\n$ ls -alh test-file.dat\n-rw-r--r-- 1 xxxxx xxxxx 10M Nov 10 13:32 test-file.dat\n\n$ iput test-file.dat\n$ ils -Lr\n/mjsDevZone/home/rods:\n  rods              0 demoResc     10485760 2017-11-10.13:34 \u0026 test-file.dat\n        generic    /var/lib/irods/iRODS/Vault/home/rods/test-file.dat\n```\n\nVerify file on disk at `mjs-dev-1.edc.renci.org` in the vault:\n\n```console\n$ sudo ls -alh /var/provider/lib_irods/iRODS/Vault/home/rods\ntotal 10M\ndrwxr-x--- 2 xxxxx xxxxx 26 Nov 10 13:34 .\ndrwxr-x--- 3 xxxxx xxxxx 17 Nov 10 13:23 ..\n-rw------- 1 xxxxx xxxxx 10M Nov 10 13:34 test-file.dat\n```\n\nAll other interactions that one would normally have wtih an iRODS provider should hold true for the Docker implementation.\n\nSince the critical files are persisted to the host, adjustment to files such as `/etc/irods/server_config.json` could instead be done at `/var/provider/etc_irods/server_config.json` so long as the appropriate file access permissions are adhered to.\n\n## Additional information\n\nThe provided examples all use the `-d` flag to daemonize the docker container. The output that would normally be displayed to `STDOUT` of the container is therefore suppressed.\n\nOutput example for [iRODS provider v4.2.2](example-output/example-output-4.2.2.md)\n\n### iRODS provider in Docker notes\n\n- 4.2.2 - Debian:stretch based using [PostgreSQL 10](https://github.com/docker-library/postgres/blob/6fe8c15843400444e4ba6906ec6f94b0d526a678/10/Dockerfile) (16.04 Xenial iRODS packages)\n- 4.2.1 - Debian:stretch based using [PostgreSQL 10](https://github.com/docker-library/postgres/blob/6fe8c15843400444e4ba6906ec6f94b0d526a678/10/Dockerfile) (14.04 Trusty iRODS packages)\n- 4.2.0 - Debian:stretch based using [PostgreSQL 10](https://github.com/docker-library/postgres/blob/6fe8c15843400444e4ba6906ec6f94b0d526a678/10/Dockerfile) (14.04 Trusty iRODS packages)\n- 4.1.11 - Debian:stretch based using [PostgreSQL 10](https://github.com/docker-library/postgres/blob/6fe8c15843400444e4ba6906ec6f94b0d526a678/10/Dockerfile) (14.04 Trusty iRODS ftp deb files)\n- 4.1.10 - Debian:stretch based using [PostgreSQL 10](https://github.com/docker-library/postgres/blob/6fe8c15843400444e4ba6906ec6f94b0d526a678/10/Dockerfile) (14.04 Trusty iRODS ftp deb files)\n- 4.1.9 - Debian:stretch based using [PostgreSQL 10](https://github.com/docker-library/postgres/blob/6fe8c15843400444e4ba6906ec6f94b0d526a678/10/Dockerfile) (14.04 Trusty iRODS ftp deb files)\n- 4.1.8 - Debian:stretch based using [PostgreSQL 10](https://github.com/docker-library/postgres/blob/6fe8c15843400444e4ba6906ec6f94b0d526a678/10/Dockerfile) (14.04 Trusty iRODS ftp deb files)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmjstealey%2Firods-provider-postgres","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmjstealey%2Firods-provider-postgres","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmjstealey%2Firods-provider-postgres/lists"}