diff options
author | Florian Dold <florian@dold.me> | 2024-02-05 22:22:00 +0100 |
---|---|---|
committer | Florian Dold <florian@dold.me> | 2024-02-05 22:22:00 +0100 |
commit | 56316825c16e80e59e3fa42f74674790900def63 (patch) | |
tree | 3f2ee235c8c0ce57c05603617d77e3cfeb1ff56b | |
parent | bc5c9cfae023ee45a586bd1f74ab9c4615d25b7e (diff) | |
download | libeufin-56316825c16e80e59e3fa42f74674790900def63.tar.gz libeufin-56316825c16e80e59e3fa42f74674790900def63.tar.bz2 libeufin-56316825c16e80e59e3fa42f74674790900def63.zip |
dbconfig: set permissions in the right orderv0.9.4-dev.14
-rwxr-xr-x | contrib/libeufin-dbconfig | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/contrib/libeufin-dbconfig b/contrib/libeufin-dbconfig index 1ed0e132..7e7bcad7 100755 --- a/contrib/libeufin-dbconfig +++ b/contrib/libeufin-dbconfig @@ -159,21 +159,18 @@ if [ 1 = "$DO_CREATE" ]; then fi fi -if [ 1 = "$SKIP_DBINIT" ]; then - echo "Database configuration finished, skipping dbinit." 1>&2 - exit 0 -fi - -echo "Initializing database $DBNAME." 1>&2 +# We first initialize the libeufin-nexus DB +# and then adjust permissions for the _v schema, +# so that libeufin-bank can properly initialize +# its DB without running into permission problems. if [ 0 = "$SKIP_DBINIT" ]; then echo "Initializing database '$DBNAME' for libeufin-nexus." 1>&2 sudo -u "$NEXUS_DBUSER" "$NEXUS_DBINIT" -c "$NEXUS_CFGFILE" - echo "Initializing database '$DBNAME' for libeufin-bank." 1>&2 - sudo -u "$BANK_DBUSER" "$BANK_DBINIT" -c "$BANK_CFGFILE" fi if [ 0 = "$SKIP_DBINIT" ] || [ 1 = "$FORCE_PERMS" ]; then + echo "Setting postgres permissions for $BANK_DBUSER" 1>&2 if ! echo "GRANT ALL PRIVILEGES ON DATABASE $DBNAME TO \"$BANK_DBUSER\"" | sudo -i -u postgres psql "$DBNAME"; then exit_fail "Failed to grant access to database '$DBNAME' to '$BANK_DBUSER'." @@ -194,7 +191,15 @@ if [ 0 = "$SKIP_DBINIT" ] || [ 1 = "$FORCE_PERMS" ]; then sudo -i -u postgres psql "$DBNAME"; then exit_fail "Failed to grant all privileges on schema 'libeufin_nexus' to '$BANK_DBUSER'." fi +fi +if [ 0 = "$SKIP_DBINIT" ]; then + echo "Initializing database '$DBNAME' for libeufin-bank." 1>&2 + sudo -u "$BANK_DBUSER" "$BANK_DBINIT" -c "$BANK_CFGFILE" +fi + +if [ 0 = "$SKIP_DBINIT" ] || [ 1 = "$FORCE_PERMS" ]; then + echo "Setting postgres permissions for $NEXUS_DBUSER" 1>&2 if ! echo "GRANT USAGE ON SCHEMA libeufin_bank TO \"$NEXUS_DBUSER\"" | sudo -i -u postgres psql "$DBNAME"; then exit_fail "Failed to grant usage privilege on schema 'libeufin_bank' to '$NEXUS_DBUSER'." |