diff options
Diffstat (limited to 'debian')
-rw-r--r-- | debian/anastasis-httpd.config | 24 | ||||
-rw-r--r-- | debian/anastasis-httpd.postinst | 2 | ||||
-rw-r--r-- | debian/anastasis-httpd.postrm | 2 | ||||
-rw-r--r-- | debian/anastasis-httpd.prerm | 2 | ||||
-rw-r--r-- | debian/changelog | 6 | ||||
-rwxr-xr-x | debian/db/install/pgsql | 99 |
6 files changed, 41 insertions, 94 deletions
diff --git a/debian/anastasis-httpd.config b/debian/anastasis-httpd.config index 7ea8a7b..97f57bc 100644 --- a/debian/anastasis-httpd.config +++ b/debian/anastasis-httpd.config @@ -7,32 +7,16 @@ set -e _USERNAME=anastasis-httpd _GROUPNAME=www-data -db_input low anastasis/reconfigure-webserver || true -db_go - -# Set permissions for sqlite3 file -# (for when we support sqlite3 in the future) -dbc_dbfile_owner="${_USERNAME}:${_GROUPNAME}" -dbc_dbfile_perms="0600" - -dbc_psql_createdb_encoding="UTF8" - -# Set MySQL encoding to UTF8, just in case MySQL -# support is added in the future. -dbc_mysql_createdb_encoding="UTF8" +# For now, we only support postgres +dbc_dbtypes=pgsql +dbc_dbuser=${_USERNAME} -# Try to get it to use UNIX domain sockets, if possible. -# (Note: doesn't seem to do much, still uses username+PW+TCP -# on my system :-( dbconfig documentation sucks.). dbc_authmethod_user=ident dbc_authmethod_admin=ident -dbc_dbuser=${_USERNAME} - - if [ -f /usr/share/dbconfig-common/dpkg/config.pgsql ]; then . /usr/share/dbconfig-common/dpkg/config.pgsql - dbc_go anastasis "$@" + dbc_go anastasis-httpd "$@" fi db_stop diff --git a/debian/anastasis-httpd.postinst b/debian/anastasis-httpd.postinst index e9f6d32..fe89acb 100644 --- a/debian/anastasis-httpd.postinst +++ b/debian/anastasis-httpd.postinst @@ -24,7 +24,7 @@ configure) if [ -f /usr/share/dbconfig-common/dpkg/postinst.pgsql ]; then . /usr/share/dbconfig-common/dpkg/postinst.pgsql dbc_pgsql_createdb_encoding="UTF8" - dbc_go anastasis "$@" + dbc_go anastasis-httpd "$@" fi ;; diff --git a/debian/anastasis-httpd.postrm b/debian/anastasis-httpd.postrm index 3b707d2..9954a33 100644 --- a/debian/anastasis-httpd.postrm +++ b/debian/anastasis-httpd.postrm @@ -8,7 +8,7 @@ fi if [ -f /usr/share/dbconfig-common/dpkg/postrm.pgsql ]; then . /usr/share/dbconfig-common/dpkg/postrm.pgsql - dbc_go anastasis "$@" + dbc_go anastasis-httpd "$@" fi case "${1}" in diff --git a/debian/anastasis-httpd.prerm b/debian/anastasis-httpd.prerm index 570b20f..24625c0 100644 --- a/debian/anastasis-httpd.prerm +++ b/debian/anastasis-httpd.prerm @@ -9,7 +9,7 @@ fi if [ -f /usr/share/dbconfig-common/dpkg/prerm.pgsql ]; then . /usr/share/dbconfig-common/dpkg/prerm.pgsql - dbc_go anastasis "$@" + dbc_go anastasis-httpd "$@" fi db_stop diff --git a/debian/changelog b/debian/changelog index f139e46..86fbe88 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +anastasis (0.1.0-1) unstable; urgency=low + + * Debian database setup. + + -- Florian Dold <florian@dold.me> Mon, 30 Aug 2021 19:08:18 +0200 + anastasis (0.1.0) unstable; urgency=low * New upstream release. diff --git a/debian/db/install/pgsql b/debian/db/install/pgsql index 729940d..dab5d1e 100755 --- a/debian/db/install/pgsql +++ b/debian/db/install/pgsql @@ -5,77 +5,34 @@ set -eu conf_anastasis_db=/etc/anastasis/secrets/anastasis-db.secret.conf conf_override=/etc/anastasis/override.conf -# get database settings from dbconfig-common and configure -# for ADMINISTRATIVE access -if [ -f /etc/dbconfig-common/anastasis.conf ]; then - . /etc/dbconfig-common/anastasis.conf - case "$dbc_dbtype" in - pgsql) - anastasis-config \ - -c $conf_anastasis_db \ - -s "stasis-postgres" \ - -o "CONFIG" \ - -V "postgres:///$dbc_dbname" - anastasis-config \ - -c $conf_override \ - -s "anastasis" \ - -o "DB" \ - -V "postgres" - ;; - sqlite3) - # Later: use something like: - # sqlite:///$DATA_DIR/merchant.db - # But for now, sqlite is unsupported: - echo "Unsupported database type $dbc_type." - exit 1 - ;; - "") - ;; - *) - echo "Unsupported database type $dbc_type." - exit 1 - ;; - esac -fi - -# Run database initialization logic -sudo -u postgres anastasis-dbinit -c /etc/anastasis/anastasis.conf - +# Get database settings from dbconfig-common and write anastasis configuration files. +if [ -f /etc/dbconfig-common/anastasis-httpd.conf ]; then + . /etc/dbconfig-common/anastasis-httpd.conf + case "$dbc_dbtype" in + pgsql) + echo -e "# Config file auto-generated by Debian.\n[anastasis]\nDB=postgres\n\n" > \ + $conf_override + # We assume ident auth here. We might support password auth later. + echo -e "[stasis-postgres]\nCONFIG=postgres:///${dbc_dbname}\n\n" > \ + $conf_anastasis_db -# get database settings from dbconfig-common and configure -# for service access! -if [ -f /etc/dbconfig-common/anastasis.conf ]; then - . /etc/dbconfig-common/anastasis.conf - case "$dbc_dbtype" in - pgsql) - echo "GRANT INSERT, SELECT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO \"$dbc_dbuser\";" \ - | sudo -u postgres psql "postgres:///$dbc_dbname" - echo "GRANT SELECT, UPDATE ON ALL SEQUENCES IN SCHEMA public TO \"$dbc_dbuser\";" \ - | sudo -u postgres psql "postgres:///$dbc_dbname" + # Allow the taler-merchant-httpd user to create schemas, needed by dbinit + echo "GRANT CREATE on database \"$dbc_dbname\" to \"anastasis-httpd\";" | sudo -u postgres psql -f - + # Run database initialization logic + sudo -u anastasis-httpd anastasis-dbinit -c /etc/anastasis/anastasis.conf + ;; + sqlite3) + # Later: use something like: + # sqlite:///$DATA_DIR/anastasis.db + # But for now, sqlite is unsupported: + echo "Unsupported database type $dbc_type." + exit 1 + ;; + "") ;; - anastasis-config \ - -c $conf_anastasis_db \ - -s "stasis-postgres" \ - -o "CONFIG" \ - -V "postgres://$dbc_dbuser:$dbc_dbpass@$dbc_dbserver/$dbc_dbname" - anastasis-config \ - -c $conf_override \ - -s "anastasis" \ - -o "DB" \ - -V "postgres" - ;; - sqlite3) - # Later: use something like: - # sqlite:///$DATA_DIR/merchant.db - # But for now, sqlite is unsupported: - echo "Unsupported database type $dbc_type." - exit 1 - ;; - "") - ;; - *) - echo "Unsupported database type $dbc_type." - exit 1 - ;; - esac + *) + echo "Unsupported database type $dbc_type." + exit 1 + ;; + esac fi |