My changes were lost in new Docker container

Steps to reproduce:

  1. Download and run postgres:9.6.24:

    docker run --name my_container --restart=always -d -p 127.0.0.1:5432:5432 -e POSTGRES_PASSWORD=pgmypass postgres:9.6.24
    

    Here result:

    CONTAINER ID   IMAGE             COMMAND                  CREATED          STATUS          PORTS                      NAMES
    879883bfc84a   postgres:9.6.24   "docker-entrypoint.s…"   26 seconds ago   Up 25 seconds   127.0.0.1:5432->5432/tcp   my_container
    

    OK.

  2. Open file inside container /var/lib/postgresql/data/pg_hba.conf

     docker exec -it my_container bash
       root@879883bfc84a:/# cat /var/lib/postgresql/data/pg_hba.conf
    
       IPv4 local connections:
       host    all             all             127.0.0.1/32            trust
    
  3. Replace file /var/lib/postgresql/data/pg_hba.conf inside container by my file. Copy and overwrite my file from host to container:

    tar --overwrite -c pg_hba.conf | docker exec -i my_container /bin/tar -C /var/lib/postgresql/data/ -x
    
  4. Make sure the file has been modified. Go inside container and open changed file

       docker exec -it my_container bash
           root@879883bfc84a:/# cat /var/lib/postgresql/data/pg_hba.conf
           IPv4 local connections:
           host    all             all            0.0.0.0/0                trust
    

    As you can see the content of file was changed.

  5. Create new image from container

    docker commit my_container
    

    See result:

    docker images
    REPOSITORY   TAG       IMAGE ID       CREATED         SIZE
    <none>       <none>    ee57ad4bc6b4   3 seconds ago   200MB 
    postgres     9.6.24    027ccf656dc1   12 months ago   200MB
    

    Now tag my new image

    docker tag ee57ad4bc6b4 my_new_image:1.0.0
    

    See reult:

    docker images
    REPOSITORY         TAG       IMAGE ID       CREATED              SIZE
    my_new_image       1.0.0     ee57ad4bc6b4   About a minute ago   200MB
    postgres           9.6.24    027ccf656dc1   12 months ago        200MB
    

    OK.

  6. Stop and delete old continer:

    docker stop my_continer
    docker rm my_container
    

    See result:

    docker ps -a
       CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
    

    As you can see not exit any container. OK.

  7. Create new continer from new image

    docker run --name my_new_container_test --restart=always -d -p 127.0.0.1:5432:5432 -e POSTGRES_PASSWORD=pg1210 my_new_image:1.0.0
    

    See result:

    docker ps
    
    CONTAINER ID   IMAGE                    COMMAND                  CREATED         STATUS         PORTS                      NAMES
    3a965dbbd991   my_new_image:1.0.0   "docker-entrypoint.s…"   7 seconds ago   Up 6 seconds   127.0.0.1:5432->5432/tcp   my_new_container
    
  8. Open file inside container /var/lib/postgresql/data/pg_hba.conf

    docker exec -it my_new_container bash
       root@879883bfc84a:/# cat /var/lib/postgresql/data/pg_hba.conf
    
       IPv4 local connections:
       host    all             all             127.0.0.1/32            trust
    

    As you can see my change in files are lost. The content of file is original. Not my changes.

P.S. This problem is only with file pg_hba.config. E.g if I created in the container the folder and file: /Downaloads/myfile.txt then this file not lost in the my container my_new_container.

UPDATE

I was wrong. The entrypoint just appends a line, it will not reset the file, but it is on a volume so when you commit the container, that will not be committed ince that is not part of the container.

The rest of my old answer is correct. You should not change the file, but use POSTGRES_HOST_AUTH_METHOD, but the bets if you don’t trust in every host without a password unless you are just testing on your local computer.

My original answer is below

The entrypoint overwrites that file every time you start the container. Please read the description of that image for solutions and more details

Quote:

POSTGRES_HOST_AUTH_METHOD

This optional variable can be used to control the auth-method for host connections for all databases, all users, and all addresses. If unspecified then scram-sha-256 password authentication is used (in 14+; md5 in older releases). On an uninitialized database, this will populate pg_hba.conf via this approximate line:

echo "host all all all $POSTGRES_HOST_AUTH_METHOD" >> pg_hba.conf

You shouldn’t do that. The right way is to use a Dockerfile and create a custom image so every change is documented and you can rebuild the image everywhere.