I'm trying to enable streaming replication in the standard postgres:12 docker image, this requires changes to pg_hba.conf. I've managed to update the postgresql.conf via forcibly making the database use it (passing the the -c config_file="<>" flag in docker-compose rather through init scripts).

But I cannot find a parameter or flag option to get the database to use my pg_hba.conf despite trying to do so in startup scripts copied to docker-entrypoint-initdb.d.

Any ideas?

Docker-compose

version: "2"
services:
  postgres:
    build:
      context: ./docker
    environment:
      - POSTGRES_DB=postgres
      - POSTGRES_USER=postgres
      - POSTGRES_PASSWORD=postgres
    command:
      - "postgres"
      - "-c"
      - "config_file=/etc/postgresql/postgresql.conf"
    ports:
      - 5432:5433

Dockerfile:

FROM postgres:12
ENV VERSION 1_0
RUN buildDeps="curl build-essential ca-certificates git   pkg-config glib2.0 postgresql-server-dev-$PG_MAJOR" \
    && apt-get update \
    && apt-get install -y --no-install-recommends  ${buildDeps} \
    && echo "deb http://apt.postgresql.org/pub/repos/apt/ stretch-pgdg main" > /etc/apt/sources.list.d/pgdg.list \
    && curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - \
    && apt-get update \
    && apt-get install -y --no-install-recommends libc++1 postgresql-server-dev-$PG_MAJOR \
    && mkdir -p /tmp/build \
    && curl -o /tmp/build/${VERSIONN}.tar.gz -SL "https://github.com/eulerto/wal2json/archive/wal2json_${VERSION}.tar.gz" \
    && cd /tmp/build/ \
    && tar -xzf /tmp/build/${VERSIONN}.tar.gz -C /tmp/build/ \
    && cd /tmp/build/wal2json-wal2json_${VERSION} \
    && make && make install \
    && cp wal2json.so /usr/lib/postgresql/12/lib/ \
    && cd / \
    && rm -rf /tmp/build \
    && apt-get remove -y --purge ${buildDeps} \
    && apt-get autoremove -y --purge \
    && rm -rf /var/lib/apt/lists/
COPY . /
RUN ./sql_setup.sh
RUN mv setup.sql /docker-entrypoint-initdb.d/

sql_setup.sh

#!/bin/bash
set -e

cat > "$PGDATA/server.key" <<-EOKEY
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----
EOKEY
chmod 0600 "$PGDATA/server.key"

cat > "$PGDATA/server.crt" <<-EOCERT
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
EOCERT

cat << EOF >> /var/lib/postgresql/data/postgresql.conf
port = 5433
ssl = on
ssl_cert_file = 'server.crt'
ssl_key_file = 'server.key'
max_wal_senders = 1
max_replication_slots = 1
wal_level = logical
shared_preload_libraries = wal2json
EOF

cat << EOF >> /var/lib/postgresql/data/pg_hba.conf
# TYPE  DATABASE        USER            ADDRESS                 METHOD
host    all             pass_user       0.0.0.0/0            password
host    all             md5_user        0.0.0.0/0            md5
host    all             scram_user      0.0.0.0/0            scram-sha-256
host    all             pass_user       ::0/0                password
host    all             md5_user        ::0/0                md5
host    all             scram_user      ::0/0                scram-sha-256

hostssl all             ssl_user        0.0.0.0/0            trust
hostssl all             ssl_user        ::0/0                trust
host    all             ssl_user        0.0.0.0/0            reject
host    all             ssl_user        ::0/0                reject

# IPv4 local connections:
host    all             postgres        0.0.0.0/0            trust
# IPv6 local connections:
host    all             postgres        ::0/0                trust
# Unix socket connections:
local   all             postgres                             trust
# Enable streaming replication with wal2json:
host    replication     all             127.0.0.1/32         trust
EOF

setup.sql

CREATE ROLE pass_user PASSWORD 'password' LOGIN;
CREATE ROLE md5_user PASSWORD 'password' LOGIN;
SET password_encryption TO 'scram-sha-256';
CREATE ROLE scram_user PASSWORD 'password' LOGIN;
CREATE ROLE ssl_user LOGIN;
CREATE EXTENSION hstore;
CREATE EXTENSION citext;