From 4562d856f9e61299556a9ac3384a42c35f521a75 Mon Sep 17 00:00:00 2001 From: Sam Rose Date: Tue, 26 Aug 2025 23:37:24 -0400 Subject: [PATCH 1/4] feat: initial pg 18 beta 3 build --- nix/config.nix | 4 ++++ nix/packages/postgres.nix | 48 +++++++++++++++++++++++++++++++++++---- 2 files changed, 47 insertions(+), 5 deletions(-) diff --git a/nix/config.nix b/nix/config.nix index 4076f0cea..159538135 100644 --- a/nix/config.nix +++ b/nix/config.nix @@ -49,6 +49,10 @@ in version = "17.6"; hash = "sha256-4GMKNgCuonURcVVjJZ7CERzV9DU6SwQOC+gn+UzXqLA="; }; + "18" = { + version = "18beta3"; + hash = "sha256-IdhuVe6hEwDDoiEmR9w9SL2ES4MBfPbOVoRjmtj5Ung="; + }; }; orioledb = { "17" = { diff --git a/nix/packages/postgres.nix b/nix/packages/postgres.nix index f8795476e..52b6e5a8f 100644 --- a/nix/packages/postgres.nix +++ b/nix/packages/postgres.nix @@ -53,13 +53,23 @@ #Where we import and build the orioledb extension, we add on our custom extensions # plus the orioledb option #we're not using timescaledb or plv8 in the orioledb-17 version or pg 17 of supabase extensions - orioleFilteredExtensions = builtins.filter ( + gte17FilteredExtensions = builtins.filter ( x: x != ../ext/timescaledb.nix && x != ../ext/timescaledb-2.9.1.nix && x != ../ext/plv8.nix ) ourExtensions; - orioledbExtensions = orioleFilteredExtensions ++ [ ../ext/orioledb.nix ]; - dbExtensions17 = orioleFilteredExtensions; - getPostgresqlPackage = version: pkgs."postgresql_${version}"; + orioledbExtensions = gte17FilteredExtensions ++ [ ../ext/orioledb.nix ]; + + getPostgresqlPackage = + version: + if version == "18" then + pkgs.callPackage ../postgresql/generic.nix { + version = "18beta3"; + hash = "sha256-IdhuVe6hEwDDoiEmR9w9SL2ES4MBfPbOVoRjmtj5Ung="; + jitSupport = false; + self = pkgs; + } + else + pkgs."postgresql_${version}"; # Create a 'receipt' file for a given postgresql package. This is a way # of adding a bit of metadata to the package, which can be used by other # tools to inspect what the contents of the install are: the PSQL @@ -104,7 +114,34 @@ if (builtins.elem version [ "orioledb-17" ]) then orioledbExtensions else if (builtins.elem version [ "17" ]) then - dbExtensions17 + gte17FilteredExtensions + else if (builtins.elem version [ "18" ]) then + # For PG 18, filter out even more extensions that don't support it yet + builtins.filter ( + x: + x != ../ext/timescaledb.nix + && x != ../ext/timescaledb-2.9.1.nix + && x != ../ext/plv8.nix + && x != ../ext/pgaudit.nix # pgaudit doesn't support 18 yet + && x != ../ext/index_advisor.nix + && x != ../ext/pg_net.nix + && x != ../ext/wrappers/default.nix + && x != ../ext/pg_cron.nix + && x != ../ext/pgroonga.nix + && x != ../ext/pg_stat_monitor.nix + && x != ../ext/hypopg.nix + && x != ../ext/pgsql-http.nix + && x != ../ext/pgsodium.nix + && x != ../ext/plpgsql-check.nix + && x != ../ext/rum.nix + && x != ../ext/pgvector.nix + && x != ../ext/pg_tle.nix + && x != ../ext/supautils.nix + && x != ../ext/pg_jsonschema.nix + && x != ../ext/pg_graphql.nix + && x != ../ext/postgis.nix + && x != ../ext/pgrouting.nix + ) ourExtensions else ourExtensions; in @@ -167,6 +204,7 @@ basePackages = { psql_15 = makePostgres "15"; psql_17 = makePostgres "17"; + psql_18 = makePostgres "18"; psql_orioledb-17 = makePostgres "orioledb-17"; }; in From 75dd5dea7b4de3f3612a54129da31183c8901f02 Mon Sep 17 00:00:00 2001 From: Sam Rose Date: Wed, 17 Sep 2025 11:32:39 -0400 Subject: [PATCH 2/4] fix: keep pgjwt deprecated --- nix/packages/postgres.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nix/packages/postgres.nix b/nix/packages/postgres.nix index 52b6e5a8f..f631abfa8 100644 --- a/nix/packages/postgres.nix +++ b/nix/packages/postgres.nix @@ -122,6 +122,7 @@ x != ../ext/timescaledb.nix && x != ../ext/timescaledb-2.9.1.nix && x != ../ext/plv8.nix + && x != ../ext/pgjwt.nix && x != ../ext/pgaudit.nix # pgaudit doesn't support 18 yet && x != ../ext/index_advisor.nix && x != ../ext/pg_net.nix From 45c29b78c71060145d975bd39e05d805d24b52b9 Mon Sep 17 00:00:00 2001 From: Sam Rose Date: Wed, 17 Sep 2025 11:54:59 -0400 Subject: [PATCH 3/4] feat: support for pg 18 --- nix/ext/pg_cron/default.nix | 8 ++++++++ nix/ext/versions.json | 10 ++++++++++ 2 files changed, 18 insertions(+) diff --git a/nix/ext/pg_cron/default.nix b/nix/ext/pg_cron/default.nix index 75215d56a..9c55c4aa7 100644 --- a/nix/ext/pg_cron/default.nix +++ b/nix/ext/pg_cron/default.nix @@ -54,6 +54,14 @@ let mv $out/share/postgresql/extension/pg_cron--1.4--1.4-1.sql $out/share/postgresql/extension/pg_cron--1.4.0--1.4.1.sql mv $out/share/postgresql/extension/pg_cron--1.4-1--1.5.sql $out/share/postgresql/extension/pg_cron--1.4.2--1.5.2.sql mv $out/share/postgresql/extension/pg_cron--1.5--1.6.sql $out/share/postgresql/extension/pg_cron--1.5.2--1.6.4.sql + cat > $out/share/postgresql/extension/pg_cron--1.6--1.6.4.sql << 'EOF' + -- Version alignment migration + -- Both 1.6 and 1.6.4 are actually the same version (1.6.4) + -- This file exists only to allow smooth transition from the old naming scheme + EOF + cat >> $out/share/postgresql/extension/pg_cron--1.6.4--1.6.7.sql << 'EOF' + -- This migration file is empty because there are no changes between 1.6.4 and 1.6.7 + EOF fi # Create versioned control file with modified module path diff --git a/nix/ext/versions.json b/nix/ext/versions.json index a5a289d45..ec67fc11f 100644 --- a/nix/ext/versions.json +++ b/nix/ext/versions.json @@ -57,6 +57,16 @@ ], "rev": "v1.6.4", "hash": "sha256-t1DpFkPiSfdoGG2NgNT7g1lkvSooZoRoUrix6cBID40=" + }, + "1.6.7": { + "postgresql": [ + "15", + "17", + "orioledb-17", + "18" + ], + "rev": "v1.6.7", + "hash": "sha256-oQjaQeIEMbg5pipY8tT4I7bNdyDOwcr/ZJikqgcEZOs=" } }, "pg_net": { From 8b682111770e0134f2165f6c832e1f9438ade494 Mon Sep 17 00:00:00 2001 From: Sam Rose Date: Wed, 17 Sep 2025 16:39:12 -0400 Subject: [PATCH 4/4] feat: supporting postgres 18rc1 --- Dockerfile-18 | 233 ++++++++++++++++++ ansible/vars.yml | 8 +- nix/checks.nix | 13 +- nix/config.nix | 4 +- .../{supautils.nix => supautils/default.nix} | 9 +- nix/ext/supautils/supautils-pg18-compat.patch | 13 + nix/overlays/default.nix | 1 + nix/packages/default.nix | 2 + nix/packages/lib.nix | 2 + nix/packages/postgres.nix | 16 +- nix/packages/start-client.nix | 2 + nix/tools/dbmate-tool.sh.in | 6 +- nix/tools/run-client.sh.in | 10 +- nix/tools/run-server.sh.in | 54 +++- 14 files changed, 342 insertions(+), 31 deletions(-) create mode 100644 Dockerfile-18 rename nix/ext/{supautils.nix => supautils/default.nix} (63%) create mode 100644 nix/ext/supautils/supautils-pg18-compat.patch diff --git a/Dockerfile-18 b/Dockerfile-18 new file mode 100644 index 000000000..7b0294a03 --- /dev/null +++ b/Dockerfile-18 @@ -0,0 +1,233 @@ +# syntax=docker/dockerfile:1.6 +ARG postgresql_major=18 +ARG postgresql_release=${postgresql_major}.0 + +# Bump default build arg to build a package from source +# Bump vars.yml to specify runtime package version +ARG sfcgal_release=1.3.10 +ARG postgis_release=3.3.2 +ARG pgrouting_release=3.4.1 +ARG pgtap_release=1.2.0 +ARG pg_cron_release=1.6.7 +ARG pgaudit_release=1.7.0 +ARG pgjwt_release=9742dab1b2f297ad3811120db7b21451bca2d3c9 +ARG pgsql_http_release=1.5.0 +ARG plpgsql_check_release=2.2.5 +ARG pg_safeupdate_release=1.4 +ARG timescaledb_release=2.9.1 +ARG wal2json_release=2_5 +ARG pljava_release=1.6.4 +ARG plv8_release=3.1.5 +ARG pg_plan_filter_release=5081a7b5cb890876e67d8e7486b6a64c38c9a492 +ARG pg_net_release=0.7.1 +ARG rum_release=1.3.13 +ARG pg_hashids_release=cd0e1b31d52b394a0df64079406a14a4f7387cd6 +ARG libsodium_release=1.0.18 +ARG pgsodium_release=3.1.6 +ARG pg_graphql_release=1.5.11 +ARG pg_stat_monitor_release=1.1.1 +ARG pg_jsonschema_release=0.1.4 +ARG pg_repack_release=1.4.8 +ARG vault_release=0.2.8 +ARG groonga_release=12.0.8 +ARG pgroonga_release=2.4.0 +ARG wrappers_release=0.5.4 +ARG hypopg_release=1.3.1 +ARG pgvector_release=0.4.0 +ARG pg_tle_release=1.3.2 +ARG index_advisor_release=0.2.0 +ARG supautils_release=2.2.0 +ARG wal_g_release=3.0.5 + +FROM ubuntu:noble as base + +RUN apt update -y && apt install -y \ + curl \ + gnupg \ + lsb-release \ + software-properties-common \ + wget \ + sudo \ + tree \ + && apt clean + + +RUN adduser --system --home /var/lib/postgresql --no-create-home --shell /bin/bash --group --gecos "PostgreSQL administrator" postgres +RUN adduser --system --no-create-home --shell /bin/bash --group wal-g +RUN curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install linux \ +--init none \ +--no-confirm \ +--extra-conf "substituters = https://cache.nixos.org https://nix-postgres-artifacts.s3.amazonaws.com" \ +--extra-conf "trusted-public-keys = nix-postgres-artifacts:dGZlQOvKcNEjvT7QEAJbcV6b6uk7VF/hWMjhYleiaLI=% cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + +ENV PATH="${PATH}:/nix/var/nix/profiles/default/bin" + +COPY . /nixpg + +WORKDIR /nixpg + +RUN nix profile install .#psql_18/bin + +RUN nix store gc + +WORKDIR / + + +RUN mkdir -p /usr/lib/postgresql/bin \ + /usr/lib/postgresql/share/postgresql \ + /usr/share/postgresql \ + /var/lib/postgresql \ + && chown -R postgres:postgres /usr/lib/postgresql \ + && chown -R postgres:postgres /var/lib/postgresql \ + && chown -R postgres:postgres /usr/share/postgresql + +# Create symbolic links +RUN ln -s /nix/var/nix/profiles/default/bin/* /usr/lib/postgresql/bin/ \ + && ln -s /nix/var/nix/profiles/default/bin/* /usr/bin/ \ + && chown -R postgres:postgres /usr/bin + +# Create symbolic links for PostgreSQL shares +RUN ln -s /nix/var/nix/profiles/default/share/postgresql/* /usr/lib/postgresql/share/postgresql/ +RUN ln -s /nix/var/nix/profiles/default/share/postgresql/* /usr/share/postgresql/ +RUN chown -R postgres:postgres /usr/lib/postgresql/share/postgresql/ +RUN chown -R postgres:postgres /usr/share/postgresql/ +# Create symbolic links for contrib directory +RUN tree /nix > /tmp/tree.txt && cat /tmp/tree.txt && cat /tmp/tree.txt >&2 + +RUN chown -R postgres:postgres /usr/lib/postgresql + +RUN ln -sf /usr/lib/postgresql/share/postgresql/timezonesets /usr/share/postgresql/timezonesets + + +RUN apt-get update && \ + apt-get install -y --no-install-recommends tzdata + +RUN ln -fs /usr/share/zoneinfo/Etc/UTC /etc/localtime && \ + dpkg-reconfigure --frontend noninteractive tzdata + +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + build-essential \ + checkinstall \ + cmake + +ENV PGDATA=/var/lib/postgresql/data + +#################### +# setup-wal-g.yml +#################### +FROM base as walg +ARG wal_g_release + +WORKDIR /nixpg + +RUN nix profile install .#wal-g-3 && \ + ln -s /nix/var/nix/profiles/default/bin/wal-g-3 /tmp/wal-g + +RUN nix store gc + +WORKDIR / +# #################### +# # Download gosu for easy step-down from root +# #################### +FROM base as gosu +ARG TARGETARCH +# Install dependencies +RUN apt-get update && apt-get install -y --no-install-recommends \ + gnupg \ + ca-certificates \ + && rm -rf /var/lib/apt/lists/* +# Download binary +ARG GOSU_VERSION=1.16 +ARG GOSU_GPG_KEY=B42F6819007F00F88E364FD4036A9C25BF357DD4 +ADD https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$TARGETARCH \ + /usr/local/bin/gosu +ADD https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$TARGETARCH.asc \ + /usr/local/bin/gosu.asc +# Verify checksum +RUN gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys $GOSU_GPG_KEY && \ + gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu && \ + gpgconf --kill all && \ + chmod +x /usr/local/bin/gosu + +# #################### +# # Build final image +# #################### +FROM gosu as production +RUN id postgres || (echo "postgres user does not exist" && exit 1) +# # Setup extensions +COPY --from=walg /tmp/wal-g /usr/local/bin/ + +# # Initialise configs +COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql.conf.j2 /etc/postgresql/postgresql.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_hba.conf.j2 /etc/postgresql/pg_hba.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_ident.conf.j2 /etc/postgresql/pg_ident.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql-stdout-log.conf /etc/postgresql/logging.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/supautils.conf.j2 /etc/postgresql-custom/supautils.conf +COPY --chown=postgres:postgres ansible/files/postgresql_extension_custom_scripts /etc/postgresql-custom/extension-custom-scripts +COPY --chown=postgres:postgres ansible/files/pgsodium_getkey_urandom.sh.j2 /usr/lib/postgresql/bin/pgsodium_getkey.sh +COPY --chown=postgres:postgres ansible/files/postgresql_config/custom_read_replica.conf.j2 /etc/postgresql-custom/read-replica.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/custom_walg.conf.j2 /etc/postgresql-custom/wal-g.conf +COPY --chown=postgres:postgres ansible/files/walg_helper_scripts/wal_fetch.sh /home/postgres/wal_fetch.sh +COPY ansible/files/walg_helper_scripts/wal_change_ownership.sh /root/wal_change_ownership.sh + +RUN sed -i \ + -e "s|#unix_socket_directories = '/tmp'|unix_socket_directories = '/var/run/postgresql'|g" \ + -e "s|#session_preload_libraries = ''|session_preload_libraries = 'supautils'|g" \ + -e "s|#include = '/etc/postgresql-custom/supautils.conf'|include = '/etc/postgresql-custom/supautils.conf'|g" \ + -e "s|#include = '/etc/postgresql-custom/wal-g.conf'|include = '/etc/postgresql-custom/wal-g.conf'|g" /etc/postgresql/postgresql.conf && \ + echo "cron.database_name = 'postgres'" >> /etc/postgresql/postgresql.conf && \ + #echo "pljava.libjvm_location = '/usr/lib/jvm/java-11-openjdk-${TARGETARCH}/lib/server/libjvm.so'" >> /etc/postgresql/postgresql.conf && \ + echo "pgsodium.getkey_script= '/usr/lib/postgresql/bin/pgsodium_getkey.sh'" >> /etc/postgresql/postgresql.conf && \ + echo "vault.getkey_script= '/usr/lib/postgresql/bin/pgsodium_getkey.sh'" >> /etc/postgresql/postgresql.conf && \ + echo 'auto_explain.log_min_duration = 10s' >> /etc/postgresql/postgresql.conf && \ + usermod -aG postgres wal-g && \ + mkdir -p /etc/postgresql-custom && \ + chown postgres:postgres /etc/postgresql-custom + + # Remove items from postgresql.conf for PG 18 (remove unsupported extensions) +RUN sed -i 's/ timescaledb,//g;' "/etc/postgresql/postgresql.conf" + #as of pg 16.4 + this db_user_namespace totally deprecated and will break the server if setting is present +RUN sed -i 's/db_user_namespace = off/#db_user_namespace = off/g;' "/etc/postgresql/postgresql.conf" +# Remove more extensions that don't support PG 18 yet +RUN sed -i 's/ timescaledb,//g; s/ plv8,//g; s/ pgjwt,//g; s/ pgaudit,//g' "/etc/postgresql-custom/supautils.conf" + + + +# # Include schema migrations +COPY migrations/db /docker-entrypoint-initdb.d/ +COPY ansible/files/pgbouncer_config/pgbouncer_auth_schema.sql /docker-entrypoint-initdb.d/init-scripts/00-schema.sql +COPY ansible/files/stat_extension.sql /docker-entrypoint-initdb.d/migrations/00-extension.sql + +# # Add upstream entrypoint script pinned for now to last tested version +COPY --from=gosu /usr/local/bin/gosu /usr/local/bin/gosu +ADD --chmod=0755 \ + https://github.com/docker-library/postgres/raw/889f9447cd2dfe21cccfbe9bb7945e3b037e02d8/17/bullseye/docker-entrypoint.sh \ + /usr/local/bin/docker-entrypoint.sh + +RUN mkdir -p /var/run/postgresql && chown postgres:postgres /var/run/postgresql + +ENTRYPOINT ["docker-entrypoint.sh"] + +HEALTHCHECK --interval=2s --timeout=2s --retries=10 CMD pg_isready -U postgres -h localhost +STOPSIGNAL SIGINT +EXPOSE 5432 + +ENV POSTGRES_HOST=/var/run/postgresql +ENV POSTGRES_USER=supabase_admin +ENV POSTGRES_DB=postgres +ENV POSTGRES_INITDB_ARGS="--allow-group-access --locale-provider=icu --encoding=UTF-8 --icu-locale=en_US.UTF-8" +RUN apt-get update && apt-get install -y --no-install-recommends \ + locales \ + && rm -rf /var/lib/apt/lists/* && \ + localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8 \ + && localedef -i C -c -f UTF-8 -A /usr/share/locale/locale.alias C.UTF-8 +RUN echo "C.UTF-8 UTF-8" > /etc/locale.gen && echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen && locale-gen +ENV LANG en_US.UTF-8 +ENV LANGUAGE en_US:en +ENV LC_ALL en_US.UTF-8 +ENV LOCALE_ARCHIVE /usr/lib/locale/locale-archive +RUN mkdir -p /usr/share/postgresql/extension/ && \ + ln -s /usr/lib/postgresql/bin/pgsodium_getkey.sh /usr/share/postgresql/extension/pgsodium_getkey && \ + chmod +x /usr/lib/postgresql/bin/pgsodium_getkey.sh +CMD ["postgres", "-D", "/etc/postgresql"] \ No newline at end of file diff --git a/ansible/vars.yml b/ansible/vars.yml index a32c56d7a..650b42665 100644 --- a/ansible/vars.yml +++ b/ansible/vars.yml @@ -5,13 +5,15 @@ async_mode: true postgres_major: - "15" - "17" + - "18" - "orioledb-17" # Full version strings for each major version postgres_release: - postgresorioledb-17: "17.5.1.026-orioledb" - postgres17: "17.6.1.005" - postgres15: "15.14.1.005" + postgresorioledb-17: "17.5.1.026-orioledb-rc-1" + postgres17: "17.6.1.005-rc-1" + postgres18: "18.0.1.000-rc-1" + postgres15: "15.14.1.005-rc-1" # Non Postgres Extensions pgbouncer_release: "1.19.0" diff --git a/nix/checks.nix b/nix/checks.nix index 7e791b253..b92b70988 100644 --- a/nix/checks.nix +++ b/nix/checks.nix @@ -12,6 +12,7 @@ pkgs-lib = pkgs.callPackage ./packages/lib.nix { psql_15 = self'.packages."psql_15/bin"; psql_17 = self'.packages."psql_17/bin"; + psql_18 = self'.packages."psql_18/bin"; psql_orioledb-17 = self'.packages."psql_orioledb-17/bin"; pgroonga = self'.packages."psql_15/exts/pgroonga"; inherit (self.supabase) defaults; @@ -87,6 +88,8 @@ "15" else if builtins.match "17.*" name != null then "17" + else if builtins.match "18.*" name != null then + "18" else if builtins.match "orioledb-17.*" name != null then "orioledb-17" else @@ -107,6 +110,8 @@ builtins.match "z_orioledb-17_.*" name != null else if version == "17" then builtins.match "z_17_.*" name != null + else if version == "18" then + builtins.match "z_18_.*" name != null else builtins.match "z_15_.*" name != null else @@ -122,11 +127,14 @@ version = builtins.trace "pgpkg.version is: ${pgpkg.version}" pgpkg.version; isOrioledbMatch = builtins.match "^17_[0-9]+$" version != null; isSeventeenMatch = builtins.match "^17[.][0-9]+$" version != null; + isEighteenMatch = builtins.match "^18[.][0-9]+$" version != null; result = if isOrioledbMatch then "orioledb-17" else if isSeventeenMatch then "17" + else if isEighteenMatch then + "18" else "15"; in @@ -140,6 +148,8 @@ "5535" else if (majorVersion == "15") then "5536" + else if (majorVersion == "18") then + "5538" else "5537"; @@ -181,7 +191,7 @@ grep -rn "shared_preload_libraries" "$PGTAP_CLUSTER"/postgresql.conf # Remove timescaledb if running orioledb-17 check echo "I AM ${pgpkg.version}====================================================" - if [[ "${pgpkg.version}" == *"17"* ]]; then + if [[ "${pgpkg.version}" == *"17"* ]] || [[ "${pgpkg.version}" == *"18"* ]]; then perl -pi -e 's/ timescaledb,//g' "$PGTAP_CLUSTER/postgresql.conf" fi #NOTE in the future we may also need to add the orioledb extension to the cluster when cluster is oriole @@ -289,6 +299,7 @@ { psql_15 = makeCheckHarness self'.packages."psql_15/bin"; psql_17 = makeCheckHarness self'.packages."psql_17/bin"; + psql_18 = makeCheckHarness self'.packages."psql_18/bin"; psql_orioledb-17 = makeCheckHarness self'.packages."psql_orioledb-17/bin"; inherit (self'.packages) wal-g-2 diff --git a/nix/config.nix b/nix/config.nix index 159538135..cdd84c115 100644 --- a/nix/config.nix +++ b/nix/config.nix @@ -50,8 +50,8 @@ in hash = "sha256-4GMKNgCuonURcVVjJZ7CERzV9DU6SwQOC+gn+UzXqLA="; }; "18" = { - version = "18beta3"; - hash = "sha256-IdhuVe6hEwDDoiEmR9w9SL2ES4MBfPbOVoRjmtj5Ung="; + version = "18rc1"; + hash = "sha256-saTNwO1ul9EX8ETaZ4FYKdVgACyCEpCp3uhuXkmbL0w="; }; }; orioledb = { diff --git a/nix/ext/supautils.nix b/nix/ext/supautils/default.nix similarity index 63% rename from nix/ext/supautils.nix rename to nix/ext/supautils/default.nix index 75c5c029b..b9cfd5ae8 100644 --- a/nix/ext/supautils.nix +++ b/nix/ext/supautils/default.nix @@ -7,7 +7,7 @@ stdenv.mkDerivation rec { pname = "supautils"; - version = "2.9.4"; + version = "2.10.0"; buildInputs = [ postgresql ]; @@ -15,9 +15,14 @@ stdenv.mkDerivation rec { owner = "supabase"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-qP9fOEWXw+wY49GopTizwxSBEGS0UoseJHVBtKS/BdI="; + hash = "sha256-jhTLC7aoodjHl98nnKxh6TuznrCg28/6b++6OM05WIs="; }; + # Fix PostgreSQL 18 compatibility by making log_skipped_evtrigs static + postPatch = lib.optionalString (lib.versionAtLeast postgresql.version "18") '' + sed -i 's/^bool log_skipped_evtrigs = false;/static bool log_skipped_evtrigs = false;/' src/supautils.c + ''; + installPhase = '' mkdir -p $out/lib diff --git a/nix/ext/supautils/supautils-pg18-compat.patch b/nix/ext/supautils/supautils-pg18-compat.patch new file mode 100644 index 000000000..49a87cdc6 --- /dev/null +++ b/nix/ext/supautils/supautils-pg18-compat.patch @@ -0,0 +1,13 @@ +diff --git a/src/supautils.c b/src/supautils.c +index 1234567..abcdefg 100644 +--- a/src/supautils.c ++++ b/src/supautils.c +@@ -64,7 +64,7 @@ typedef struct EvictCacheState + } EvictCacheState; + + /* GUC to control whether to log an event when an event trigger is skipped */ +-bool log_skipped_evtrigs = false; ++static bool log_skipped_evtrigs = false; + + /* GUC to save the list of constrained extensions */ + char *supabase_reserved_extensions = ""; \ No newline at end of file diff --git a/nix/overlays/default.nix b/nix/overlays/default.nix index a3fd52034..7d819630c 100644 --- a/nix/overlays/default.nix +++ b/nix/overlays/default.nix @@ -9,6 +9,7 @@ inherit (self.packages.${final.system}) postgresql_15 postgresql_17 + postgresql_18 postgresql_orioledb-17 supabase-groonga switch-ext-version diff --git a/nix/packages/default.nix b/nix/packages/default.nix index fca05a10a..681f95689 100644 --- a/nix/packages/default.nix +++ b/nix/packages/default.nix @@ -22,6 +22,7 @@ pkgs-lib = pkgs.callPackage ./lib.nix { psql_15 = self'.packages."psql_15/bin"; psql_17 = self'.packages."psql_17/bin"; + psql_18 = self'.packages."psql_18/bin"; psql_orioledb-17 = self'.packages."psql_orioledb-17/bin"; pgroonga = self'.packages."psql_15/exts/pgroonga"; inherit (self.supabase) defaults; @@ -47,6 +48,7 @@ start-client = pkgs.callPackage ./start-client.nix { psql_15 = self'.packages."psql_15/bin"; psql_17 = self'.packages."psql_17/bin"; + psql_18 = self'.packages."psql_18/bin"; psql_orioledb-17 = self'.packages."psql_orioledb-17/bin"; inherit (self.supabase) defaults; }; diff --git a/nix/packages/lib.nix b/nix/packages/lib.nix index 971909162..bd3a8073f 100644 --- a/nix/packages/lib.nix +++ b/nix/packages/lib.nix @@ -1,6 +1,7 @@ { psql_17, psql_15, + psql_18, psql_orioledb-17, defaults, supabase-groonga, @@ -78,6 +79,7 @@ PGSQL_SUPERUSER = "${defaults.superuser}"; PSQL15_BINDIR = "${psql_15}"; PSQL17_BINDIR = "${psql_17}"; + PSQL18_BINDIR = "${psql_18}"; PSQL_CONF_FILE = "${paths.pgconfigFile}"; PSQLORIOLEDB17_BINDIR = "${psql_orioledb-17}"; PGSODIUM_GETKEY = "${paths.getkeyScript}"; diff --git a/nix/packages/postgres.nix b/nix/packages/postgres.nix index f631abfa8..d2af66519 100644 --- a/nix/packages/postgres.nix +++ b/nix/packages/postgres.nix @@ -46,7 +46,7 @@ ../ext/hypopg.nix ../ext/pg_tle.nix ../ext/wrappers/default.nix - ../ext/supautils.nix + ../ext/supautils ../ext/plv8.nix ]; @@ -59,17 +59,7 @@ orioledbExtensions = gte17FilteredExtensions ++ [ ../ext/orioledb.nix ]; - getPostgresqlPackage = - version: - if version == "18" then - pkgs.callPackage ../postgresql/generic.nix { - version = "18beta3"; - hash = "sha256-IdhuVe6hEwDDoiEmR9w9SL2ES4MBfPbOVoRjmtj5Ung="; - jitSupport = false; - self = pkgs; - } - else - pkgs."postgresql_${version}"; + getPostgresqlPackage = version: pkgs."postgresql_${version}"; # Create a 'receipt' file for a given postgresql package. This is a way # of adding a bit of metadata to the package, which can be used by other # tools to inspect what the contents of the install are: the PSQL @@ -132,12 +122,10 @@ && x != ../ext/pg_stat_monitor.nix && x != ../ext/hypopg.nix && x != ../ext/pgsql-http.nix - && x != ../ext/pgsodium.nix && x != ../ext/plpgsql-check.nix && x != ../ext/rum.nix && x != ../ext/pgvector.nix && x != ../ext/pg_tle.nix - && x != ../ext/supautils.nix && x != ../ext/pg_jsonschema.nix && x != ../ext/pg_graphql.nix && x != ../ext/postgis.nix diff --git a/nix/packages/start-client.nix b/nix/packages/start-client.nix index 84ab06209..2af5e0d72 100644 --- a/nix/packages/start-client.nix +++ b/nix/packages/start-client.nix @@ -2,6 +2,7 @@ runCommand, psql_15, psql_17, + psql_18, psql_orioledb-17, defaults, }: @@ -18,6 +19,7 @@ runCommand "start-postgres-client" { } '' --subst-var-by 'PGSQL_SUPERUSER' '${defaults.superuser}' \ --subst-var-by 'PSQL15_BINDIR' '${psql_15}' \ --subst-var-by 'PSQL17_BINDIR' '${psql_17}' \ + --subst-var-by 'PSQL18_BINDIR' '${psql_18}' \ --subst-var-by 'PSQLORIOLEDB17_BINDIR' '${psql_orioledb-17}' \ --subst-var-by 'MIGRATIONS_DIR' '${migrationsDir}' \ --subst-var-by 'POSTGRESQL_SCHEMA_SQL' '${postgresqlSchemaSql}' \ diff --git a/nix/tools/dbmate-tool.sh.in b/nix/tools/dbmate-tool.sh.in index 934724c03..93d2fb7e7 100644 --- a/nix/tools/dbmate-tool.sh.in +++ b/nix/tools/dbmate-tool.sh.in @@ -61,7 +61,7 @@ print_help() { echo "Usage: nix run .#dbmate-tool -- [options]" echo echo "Options:" - echo " -v, --version [15|17|orioledb-17|all] Specify the PostgreSQL version to use (required defaults to --version all)" + echo " -v, --version [15|17|18|orioledb-17|all] Specify the PostgreSQL version to use (required defaults to --version all)" echo " -p, --port PORT Specify the port number to use (default: 5435)" echo " -h, --help Show this help message" echo " -f, --flake-url URL Specify the flake URL to use (default: github:supabase/postgres)" @@ -84,7 +84,7 @@ while [[ "$#" -gt 0 ]]; do PSQL_VERSION="$2" shift 2 else - echo "Error: --version requires an argument (15, 16, or orioledb-17)" + echo "Error: --version requires an argument (15, 17, 18, or orioledb-17)" exit 1 fi ;; @@ -182,7 +182,7 @@ perform_dump() { # Only use --restrict-key for standard PostgreSQL 15 and 17 versions # OrioleDB doesn't support this flag yet - if [ "$PSQL_VERSION" = "15" ] || [ "$PSQL_VERSION" = "17" ]; then + if [ "$PSQL_VERSION" = "15" ] || [ "$PSQL_VERSION" = "17" ] || [ "$PSQL_VERSION" = "18" ]; then # Use a fixed restrict key for reproducible test dumps # This is safe in testing contexts but should not be used in production dump_cmd="$dump_cmd --restrict-key=SupabaseTestDumpKey123" diff --git a/nix/tools/run-client.sh.in b/nix/tools/run-client.sh.in index 6acb4d6c0..59e601856 100644 --- a/nix/tools/run-client.sh.in +++ b/nix/tools/run-client.sh.in @@ -13,7 +13,7 @@ print_help() { echo "Usage: nix run .#start-client -- [options]" echo echo "Options:" - echo " -v, --version [15|16|orioledb-16] Specify the PostgreSQL version to use (required)" + echo " -v, --version [15|17|18|orioledb-17] Specify the PostgreSQL version to use (required)" echo " -u, --user USER Specify the user/role to use (default: postgres)" echo " -h, --help Show this help message" echo @@ -39,7 +39,7 @@ while [[ "$#" -gt 0 ]]; do PSQL_VERSION="$2" shift 2 else - echo "Error: --version requires an argument (15, 16, or orioledb-16)" + echo "Error: --version requires an argument (15, 17, 18, or orioledb-17)" exit 1 fi ;; @@ -89,12 +89,16 @@ elif [ "$PSQL_VERSION" == "17" ]; then echo "Starting client for PSQL 17" PSQL17=@PSQL17_BINDIR@ BINDIR="$PSQL17" +elif [ "$PSQL_VERSION" == "18" ]; then + echo "Starting client for PSQL 18" + PSQL18=@PSQL18_BINDIR@ + BINDIR="$PSQL18" elif [ "$PSQL_VERSION" == "orioledb-17" ]; then echo "Starting client for PSQL ORIOLEDB 17" PSQLORIOLEDB17=@PSQLORIOLEDB17_BINDIR@ BINDIR="$PSQLORIOLEDB17" else - echo "Please provide a valid Postgres version (15, 17, or orioledb-17)" + echo "Please provide a valid Postgres version (15, 17, 18, or orioledb-17)" exit 1 fi diff --git a/nix/tools/run-server.sh.in b/nix/tools/run-server.sh.in index 182cbe554..79b2cb121 100644 --- a/nix/tools/run-server.sh.in +++ b/nix/tools/run-server.sh.in @@ -20,7 +20,7 @@ print_help() { echo " --getkey-script SCRIPT Provide a custom path to the PGSODIUM_GETKEY_SCRIPT" echo " -h, --help Show this help message" echo - echo "VERSION must be one of: 15, orioledb-17" + echo "VERSION must be one of: 15, 17, 18, orioledb-17" echo "PORT is optional (default: @PGSQL_DEFAULT_PORT@)" } @@ -149,12 +149,16 @@ elif [ "$VERSION" == "17" ]; then echo "Starting server for PSQL 17" PSQL17=@PSQL17_BINDIR@ BINDIR="$PSQL17" +elif [ "$VERSION" == "18" ]; then + echo "Starting server for PSQL 18" + PSQL18=@PSQL18_BINDIR@ + BINDIR="$PSQL18" elif [ "$VERSION" == "orioledb-17" ]; then echo "Starting server for PSQL ORIOLEDB 17" PSQLORIOLEDB17=@PSQLORIOLEDB17_BINDIR@ BINDIR="$PSQLORIOLEDB17" else - echo "Please provide a valid Postgres version (15, 17, orioledb-17)" + echo "Please provide a valid Postgres version (15, 17, 18, orioledb-17)" exit 1 fi @@ -223,7 +227,9 @@ cp -r "$EXTENSION_CUSTOM_SCRIPTS"/* "$DATDIR/extension-custom-scripts" sed "s|supautils.extension_custom_scripts_path = '/etc/postgresql-custom/extension-custom-scripts'|supautils.extension_custom_scripts_path = '$DATDIR/extension-custom-scripts'|" "$SUPAUTILS_CONFIG_FILE" > "$DATDIR/supautils.conf" # Configure PostgreSQL -sed -e "1i\\ +if [ "$VERSION" = "18" ]; then + # PG 18 configuration with pgsodium/vault support + sed -e "1i\\ include = '$DATDIR/supautils.conf'" \ -e "\$a\\ pgsodium.getkey_script = '$PGSODIUM_GETKEY_SCRIPT'" \ @@ -237,6 +243,23 @@ vault.getkey_script = '$PGSODIUM_GETKEY_SCRIPT'" \ -e "\$a\\ session_preload_libraries = 'supautils'" \ "$PSQL_CONF_FILE" > "$DATDIR/postgresql.conf" +else + # All other versions with supautils and pgsodium + sed -e "1i\\ +include = '$DATDIR/supautils.conf'" \ +-e "\$a\\ +pgsodium.getkey_script = '$PGSODIUM_GETKEY_SCRIPT'" \ +-e "\$a\\ +vault.getkey_script = '$PGSODIUM_GETKEY_SCRIPT'" \ +-e "s|data_directory = '/var/lib/postgresql/data'|data_directory = '$DATDIR'|" \ +-e "s|hba_file = '/etc/postgresql/pg_hba.conf'|hba_file = '$DATDIR/pg_hba.conf'|" \ +-e "s|ident_file = '/etc/postgresql/pg_ident.conf'|ident_file = '$DATDIR/pg_ident.conf'|" \ +-e "s|include = '/etc/postgresql/logging.conf'|#&|" \ +-e "s|include = '/etc/postgresql-custom/read-replica.conf'|include = '$DATDIR/read-replica.conf'|" \ +-e "\$a\\ +session_preload_libraries = 'supautils'" \ +"$PSQL_CONF_FILE" > "$DATDIR/postgresql.conf" +fi # Function to configure OrioleDB specific settings orioledb_config_items() { @@ -273,6 +296,31 @@ orioledb_config_items() { perl -pi -e 's/ timescaledb,//g' "$DATDIR/postgresql.conf" perl -pi -e 's/ timescaledb,//g' "$DATDIR/supautils.conf" perl -pi -e 's/ plv8,//g;' "$DATDIR/supautils.conf" + elif [[ "$VERSION" == "18" && "$CURRENT_SYSTEM" != "aarch64-darwin" ]]; then + echo "non-macos pg 18 conf" + sed -i 's/db_user_namespace = off/#db_user_namespace = off/g;' "$DATDIR/postgresql.conf" + # Remove all PG 18 unsupported extensions from shared_preload_libraries + sed -i 's/ pgaudit,//g; s/pgaudit, //g; s/, pgaudit//g;' "$DATDIR/postgresql.conf" + sed -i 's/ plpgsql_check,//g; s/plpgsql_check, //g; s/, plpgsql_check//g;' "$DATDIR/postgresql.conf" + sed -i 's/ pg_cron,//g; s/pg_cron, //g; s/, pg_cron//g;' "$DATDIR/postgresql.conf" + sed -i 's/ pg_net,//g; s/pg_net, //g; s/, pg_net//g;' "$DATDIR/postgresql.conf" + sed -i 's/ timescaledb,//g; s/timescaledb, //g; s/, timescaledb//g;' "$DATDIR/postgresql.conf" + sed -i 's/ pg_tle,//g; s/pg_tle, //g; s/, pg_tle//g;' "$DATDIR/postgresql.conf" + sed -i 's/ timescaledb,//g; s/ plv8,//g; s/ pgjwt,//g; s/ pgaudit,//g;' "$DATDIR/supautils.conf" + elif [[ "$VERSION" == "18" && "$CURRENT_SYSTEM" = "aarch64-darwin" ]]; then + echo "macOS pg 18 conf" + perl -pi -e 's/db_user_namespace = off/#db_user_namespace = off/g;' "$DATDIR/postgresql.conf" + # Remove all PG 18 unsupported extensions from shared_preload_libraries + perl -pi -e 's/ pgaudit,//g; s/pgaudit, //g; s/, pgaudit//g;' "$DATDIR/postgresql.conf" + perl -pi -e 's/ plpgsql_check,//g; s/plpgsql_check, //g; s/, plpgsql_check//g;' "$DATDIR/postgresql.conf" + perl -pi -e 's/ pg_cron,//g; s/pg_cron, //g; s/, pg_cron//g;' "$DATDIR/postgresql.conf" + perl -pi -e 's/ pg_net,//g; s/pg_net, //g; s/, pg_net//g;' "$DATDIR/postgresql.conf" + perl -pi -e 's/ timescaledb,//g; s/timescaledb, //g; s/, timescaledb//g;' "$DATDIR/postgresql.conf" + perl -pi -e 's/ pg_tle,//g; s/pg_tle, //g; s/, pg_tle//g;' "$DATDIR/postgresql.conf" + perl -pi -e 's/ timescaledb,//g' "$DATDIR/supautils.conf" + perl -pi -e 's/ plv8,//g;' "$DATDIR/supautils.conf" + perl -pi -e 's/ pgjwt,//g;' "$DATDIR/supautils.conf" + perl -pi -e 's/ pgaudit,//g;' "$DATDIR/supautils.conf" fi }