From 5d2732eb6046d44ee34e837e4bb0a66da9d93c3f Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Mon, 30 Aug 2021 19:08:30 +0200 Subject: debian: db setup --- debian/db/install/pgsql | 99 ++++++++++++++----------------------------------- 1 file changed, 28 insertions(+), 71 deletions(-) (limited to 'debian/db/install') diff --git a/debian/db/install/pgsql b/debian/db/install/pgsql index 729940d..dab5d1e 100755 --- a/debian/db/install/pgsql +++ b/debian/db/install/pgsql @@ -5,77 +5,34 @@ set -eu conf_anastasis_db=/etc/anastasis/secrets/anastasis-db.secret.conf conf_override=/etc/anastasis/override.conf -# get database settings from dbconfig-common and configure -# for ADMINISTRATIVE access -if [ -f /etc/dbconfig-common/anastasis.conf ]; then - . /etc/dbconfig-common/anastasis.conf - case "$dbc_dbtype" in - pgsql) - anastasis-config \ - -c $conf_anastasis_db \ - -s "stasis-postgres" \ - -o "CONFIG" \ - -V "postgres:///$dbc_dbname" - anastasis-config \ - -c $conf_override \ - -s "anastasis" \ - -o "DB" \ - -V "postgres" - ;; - sqlite3) - # Later: use something like: - # sqlite:///$DATA_DIR/merchant.db - # But for now, sqlite is unsupported: - echo "Unsupported database type $dbc_type." - exit 1 - ;; - "") - ;; - *) - echo "Unsupported database type $dbc_type." - exit 1 - ;; - esac -fi - -# Run database initialization logic -sudo -u postgres anastasis-dbinit -c /etc/anastasis/anastasis.conf - +# Get database settings from dbconfig-common and write anastasis configuration files. +if [ -f /etc/dbconfig-common/anastasis-httpd.conf ]; then + . /etc/dbconfig-common/anastasis-httpd.conf + case "$dbc_dbtype" in + pgsql) + echo -e "# Config file auto-generated by Debian.\n[anastasis]\nDB=postgres\n\n" > \ + $conf_override + # We assume ident auth here. We might support password auth later. + echo -e "[stasis-postgres]\nCONFIG=postgres:///${dbc_dbname}\n\n" > \ + $conf_anastasis_db -# get database settings from dbconfig-common and configure -# for service access! -if [ -f /etc/dbconfig-common/anastasis.conf ]; then - . /etc/dbconfig-common/anastasis.conf - case "$dbc_dbtype" in - pgsql) - echo "GRANT INSERT, SELECT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO \"$dbc_dbuser\";" \ - | sudo -u postgres psql "postgres:///$dbc_dbname" - echo "GRANT SELECT, UPDATE ON ALL SEQUENCES IN SCHEMA public TO \"$dbc_dbuser\";" \ - | sudo -u postgres psql "postgres:///$dbc_dbname" + # Allow the taler-merchant-httpd user to create schemas, needed by dbinit + echo "GRANT CREATE on database \"$dbc_dbname\" to \"anastasis-httpd\";" | sudo -u postgres psql -f - + # Run database initialization logic + sudo -u anastasis-httpd anastasis-dbinit -c /etc/anastasis/anastasis.conf + ;; + sqlite3) + # Later: use something like: + # sqlite:///$DATA_DIR/anastasis.db + # But for now, sqlite is unsupported: + echo "Unsupported database type $dbc_type." + exit 1 + ;; + "") ;; - anastasis-config \ - -c $conf_anastasis_db \ - -s "stasis-postgres" \ - -o "CONFIG" \ - -V "postgres://$dbc_dbuser:$dbc_dbpass@$dbc_dbserver/$dbc_dbname" - anastasis-config \ - -c $conf_override \ - -s "anastasis" \ - -o "DB" \ - -V "postgres" - ;; - sqlite3) - # Later: use something like: - # sqlite:///$DATA_DIR/merchant.db - # But for now, sqlite is unsupported: - echo "Unsupported database type $dbc_type." - exit 1 - ;; - "") - ;; - *) - echo "Unsupported database type $dbc_type." - exit 1 - ;; - esac + *) + echo "Unsupported database type $dbc_type." + exit 1 + ;; + esac fi -- cgit v1.2.3