25 lines
759 B
Bash
25 lines
759 B
Bash
#!/bin/bash
|
|
set -e
|
|
|
|
echo "Starting Vault Agent to render PgBouncer config..."
|
|
|
|
# Start Vault Agent in background (runs as root for Vault capabilities)
|
|
vault agent -config=/vault/config/agent-config.hcl &
|
|
VAULT_PID=$!
|
|
|
|
# Wait for config to be rendered
|
|
echo "Waiting for PgBouncer config to be rendered..."
|
|
while [ ! -f /etc/pgbouncer/pgbouncer.ini ]; do
|
|
sleep 1
|
|
done
|
|
echo "PgBouncer config rendered."
|
|
|
|
# Fix ownership of rendered config
|
|
chown pgbouncer:pgbouncer /etc/pgbouncer/pgbouncer.ini
|
|
chown -R pgbouncer:pgbouncer /var/run/pgbouncer
|
|
|
|
echo "Starting PgBouncer as pgbouncer user..."
|
|
# Run pgbouncer as non-root user
|
|
# Vault Agent (running as root) will send SIGHUP when credentials rotate
|
|
exec su-exec pgbouncer pgbouncer /etc/pgbouncer/pgbouncer.ini
|