challenger

OAuth 2.0-based authentication service that validates user can receive messages at a certain address
Log | Files | Refs | Submodules | README | LICENSE
commit 92416fe5266cca610eb5f00f4468eedfc3a23a24
parent f12bd2fb9aea794a1aaa098256a6967c5ff26180
Author: Christian Grothoff <grothoff@gnunet.org>
Date:   Thu,  7 Sep 2023 16:27:47 +0200

add challenger-dbconfig

Diffstat:

Mcontrib/Makefile.am | 8++++++++


Acontrib/challenger-dbconfig | 132+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Mdebian/challenger-httpd.install | 1+


3 files changed, 141 insertions(+), 0 deletions(-)

diff --git a/contrib/Makefile.am b/contrib/Makefile.am
@@ -1,3 +1,11 @@
+# This file is in the public domain.
+
+SUBDIRS = .
+
+bin_SCRIPTS = \
+  challenger-dbconfig
+
+
 tmplpkgdatadir = $(prefix)/share/challenger/templates/
 
 dist_tmplpkgdata_DATA = \
diff --git a/contrib/challenger-dbconfig b/contrib/challenger-dbconfig
@@ -0,0 +1,132 @@
+#!/bin/bash
+# This file is part of GNU TALER.
+# Copyright (C) 2023 Taler Systems SA
+#
+# TALER is free software; you can redistribute it and/or modify it under the
+# terms of the GNU Lesser General Public License as published by the Free Software
+# Foundation; either version 2.1, or (at your option) any later version.
+#
+# TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+# A PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License along with
+# TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
+#
+# @author Christian Grothoff
+#
+#
+# Error checking on
+set -eu
+
+RESET_DB=0
+SKIP_DBINIT=0
+DBUSER="challenger-httpd"
+DBNAME="challenger"
+CFGFILE="/etc/challenger/secrets/challenger-db.secret.conf"
+
+# Parse command-line options
+while getopts ':hn:rsu:' OPTION; do
+    case "$OPTION" in
+        h)
+            echo 'Supported options:'
+            echo "  -c FILENAME  -- write configuration to FILENAME (default: $CFGFILE)"
+            echo "  -n NAME      -- user NAME for database name (default: $DBNAME)"
+            echo "  -r           -- reset database (dangerous)"
+            echo "  -s           -- skip database initialization"
+            echo "  -u USER      -- challenger-httpd to be run by USER (default: $DBUSER)"
+            exit 0
+            ;;
+        n)
+            DBNAME="$OPTARG"
+            ;;
+        r)
+            RESET_DB="1"
+            ;;
+        s)
+            SKIP_DBINIT="1"
+            ;;
+        u)
+            DBUSER="$OPTARG"
+            ;;
+        ?)
+        exit_fail "Unrecognized command line option"
+        ;;
+    esac
+done
+
+if ! id postgres > /dev/null
+then
+    echo "Could not find 'postgres' user. Please install Postgresql first"
+    exit 1
+fi
+
+if [ "$(id -u)" -ne 0 ]
+then
+    echo "This script must be run as root"
+    exit 1
+fi
+
+if [ 0 = "$SKIP_DBINIT" ]
+then
+    if ! challenger-dbinit -v 2> /dev/null
+    then
+        echo "Required 'challenger-dbinit' not found. Please fix your installation."
+    fi
+fi
+
+if ! id "$DBUSER" > /dev/null
+then
+    echo "Could not find '$DBUSER' user. Please set it up first"
+    exit 1
+fi
+
+if sudo -i -u postgres psql "$DBNAME" < /dev/null 2> /dev/null
+then
+    if [ 1 = "$RESET_DB" ]
+    then
+        echo "Deleting existing database $DBNAME." 1>&2
+        sudo -i -u postgres dropdb "$DBNAME"
+    else
+        echo "Database '$DBNAME' already exists, refusing to setup again."
+        echo "Use -r to delete the existing database first (dangerous!)."
+        exit 77
+    fi
+fi
+
+echo "Setting up database user $DBUSER." 1>&2
+
+if ! sudo -i -u postgres createuser "$DBUSER" 2> /dev/null
+then
+    echo "Database user '$DBUSER' already existed. Continuing anyway." 1>&2
+fi
+
+echo "Creating database $DBNAME." 1>&2
+
+if ! sudo -i -u postgres createdb -O "$DBUSER" "$DBNAME"
+then
+    echo "Failed to create database '$DBNAME'"
+    exit 1
+fi
+
+if [ -f "$CFGFILE" ]
+then
+    echo "Adding database configuration to $CFGFILE." 1>&2
+    echo -e "[challengerdb-postgres]\nCONFIG=postgres:///$DBNAME\n" >> "$CFGFILE"
+else
+    echo "Configuration $CFGFILE does not yet exist, creating it." 1>&2
+    mkdir -p "$(dirname "$CFGFILE")"
+    echo -e "[challengerdb-postgres]\nCONFIG=postgres:///$DBNAME\n" >> "$CFGFILE"
+    chown "$DBUSER":root "$CFGFILE"
+    chmod 460 "$CFGFILE"
+fi
+
+if [ 0 = "$SKIP_DBINIT" ]
+then
+    echo "Initializing database $DBNAME." 1>&2
+    sudo -u "$DBUSER" challenger-dbinit
+fi
+
+echo "Database configuration finished." 1>&2
+
+exit 0
diff --git a/debian/challenger-httpd.install b/debian/challenger-httpd.install
@@ -7,6 +7,7 @@ usr/share/challenger/templates/*
 usr/share/challenger/config.d/*
 usr/share/man/man1/challenger-config.1
 usr/share/man/man1/challenger-admin.1
+usr/share/man/man1/challenger-dbconfig.1
 usr/share/man/man1/challenger-dbinit.1
 usr/share/man/man1/challenger-httpd.1