diff options
| author | Florian Dold <florian@dold.me> | 2021-08-28 17:12:32 +0200 |
|---|---|---|
| committer | Florian Dold <florian@dold.me> | 2021-08-28 17:12:42 +0200 |
| commit | 9c3fdba6c1d047093ab970326fef71b0fd65937a (patch) | |
| tree | 7bad6bb224697de40e1e7eb3be4a47d745067153 | |
| parent | 719a3b154ab65327834e160e045d7e95e7b3b090 (diff) | |
| download | merchant-9c3fdba6c1d047093ab970326fef71b0fd65937a.tar.gz merchant-9c3fdba6c1d047093ab970326fef71b0fd65937a.tar.bz2 merchant-9c3fdba6c1d047093ab970326fef71b0fd65937a.zip | |
debian: database setup tweaks
| -rw-r--r-- | debian/changelog | 6 | ||||
| -rwxr-xr-x | debian/db/install/pgsql | 84 | ||||
| -rw-r--r-- | debian/taler-merchant.config | 20 |
3 files changed, 39 insertions, 71 deletions
diff --git a/debian/changelog b/debian/changelog index 49094099..5062061b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +taler-merchant (0.8.2-5) unstable; urgency=low + + * Database setup tweaks. + + -- Florian Dold <dold@taler.net> Sat, 28 Aug 2021 17:12:17 +0200 + taler-merchant (0.8.2-4) unstable; urgency=low * Work around debconf bug. diff --git a/debian/db/install/pgsql b/debian/db/install/pgsql index 04d5a6ed..3ea6b266 100755 --- a/debian/db/install/pgsql +++ b/debian/db/install/pgsql @@ -1,63 +1,35 @@ #!/bin/bash + set -eu + merchantdb_secretconf=/etc/taler/secrets/merchant-db.secret.conf merchantdb_overrideconf=/etc/taler/merchant-overrides.conf -# get database settings from dbconfig-common and configure -# for ADMINISTRATIVE access -if [ -f /etc/dbconfig-common/taler-merchant.conf ]; then - . /etc/dbconfig-common/taler-merchant.conf - case "$dbc_dbtype" in - pgsql) - echo -e "# Config file auto-generated by Debian.\n[merchant]\nDB=postgres\n\n" > \ - $merchantdb_overrideconf - echo -e "[merchantdb-postgres]\nCONFIG=postgres:///${dbc_dbname}\n\n" > \ - $merchantdb_secretconf - ;; - sqlite3) - # Later: use something like: - # sqlite:///$DATA_DIR/merchant.db - # But for now, sqlite is unsupported: - echo "Unsupported database type $dbc_type." - exit 1 - ;; - "") - ;; - *) - echo "Unsupported database type $dbc_type." - exit 1 - ;; - esac -fi -# get database settings from dbconfig-common and configure -# for service access! + +# Get database settings from dbconfig-common and write Taler configuration files. if [ -f /etc/dbconfig-common/taler-merchant.conf ]; then - . /etc/dbconfig-common/taler-merchant.conf - case "$dbc_dbtype" in - pgsql) - echo "GRANT INSERT, SELECT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO \"$dbc_dbuser\";" \ - | sudo -u postgres psql "postgres:///$dbc_dbname" - echo "GRANT SELECT, UPDATE ON ALL SEQUENCES IN SCHEMA public TO \"$dbc_dbuser\";" \ - | sudo -u postgres psql "postgres:///$dbc_dbname" + . /etc/dbconfig-common/taler-merchant.conf + case "$dbc_dbtype" in + pgsql) + echo -e "# Config file auto-generated by Debian.\n[merchant]\nDB=postgres\n\n" > \ + $merchantdb_overrideconf + # We assume ident auth here. We might support password auth later. + echo -e "[merchantdb-postgres]\nCONFIG=postgres:///${dbc_dbname}\n\n" > \ + $merchantdb_secretconf + # Run database initialization logic + sudo -u taler-merchant-httpd taler-merchant-dbinit -c /etc/taler/taler.conf + ;; + sqlite3) + # Later: use something like: + # sqlite:///$DATA_DIR/merchant.db + # But for now, sqlite is unsupported: + echo "Unsupported database type $dbc_type." + exit 1 + ;; + "") ;; - echo -e "[merchantdb-postgres]\nCONFIG=postgres://${dbc_dbuser}:${dbc_dbpass}@${dbc_dbserver}/${dbc_dbname}\n\n" > \ - $merchantdb_secretconf - echo -e "[merchant]\nDB=postgres\n\n" > \ - $merchantdb_overrideconf - ;; - sqlite3) - # Later: use something like: - # sqlite:///$DATA_DIR/merchant.db - # But for now, sqlite is unsupported: - echo "Unsupported database type $dbc_type." - exit 1 - ;; - "") - ;; - *) - echo "Unsupported database type $dbc_type." - exit 1 - ;; - esac + *) + echo "Unsupported database type $dbc_type." + exit 1 + ;; + esac fi -# Run database initialization logic -sudo -u postgres taler-merchant-dbinit -c /etc/taler/taler.conf diff --git a/debian/taler-merchant.config b/debian/taler-merchant.config index 15552fdb..4a876261 100644 --- a/debian/taler-merchant.config +++ b/debian/taler-merchant.config @@ -4,26 +4,16 @@ set -e . /usr/share/debconf/confmodule -# Set permissions for sqlite3 file -# (for when we support sqlite3 in the future) -dbc_dbfile_owner="${_USERNAME}:${_GROUPNAME}" -dbc_dbfile_perms="0600" - -dbc_psql_createdb_encoding="UTF8" +_USERNAME=taler-merchant-httpd +_GROUPNAME=www-data -# Set MySQL encoding to UTF8, just in case MySQL -# support is added in the future. -dbc_mysql_createdb_encoding="UTF8" +# For now, we only support postgres +dbc_dbtypes=pgsql +dbc_dbuser=${_USERNAME} -# Try to get it to use UNIX domain sockets, if possible. -# (Note: doesn't seem to do much, still uses username+PW+TCP -# on my system :-( dbconfig documentation sucks.). dbc_authmethod_user=ident dbc_authmethod_admin=ident -_USERNAME=taler-merchant-httpd -dbc_dbuser=${_USERNAME} - if [ -f /usr/share/dbconfig-common/dpkg/config.pgsql ]; then . /usr/share/dbconfig-common/dpkg/config.pgsql dbc_go taler-merchant "$@" |