1 # DOC: http://wiki.postgresql.org/wiki/Shared_Database_Hosting
2 rule apt_get_install postgresql-9.1
3 rule insserv_remove postgresql
4 rule adduser postgres \
8 --home /home
/postgresql \
11 rule adduser postgres-data \
15 --home /home
/postgresql
/data \
19 sudo usermod
--home /home
/postgresql postgres
20 sudo adduser postgres postgres-data
23 sudo
install -d -m 1751 -o postgres
-g postgres-data \
25 /home
/postgresql
/etc \
26 /home
/postgresql
/bin \
29 /etc
/postgresql
/9.1/main
32 /home
/postgresql
/etc
/postgresql
34 if sudo
test ! -d /home
/postgresql
/data
36 sudo
install -d -m 750 -o postgres
-g postgres \
38 sudo
-u postgres pg_createcluster \
39 --datadir=/home
/postgresql
/data \
40 --logfile=/home
/postgresql
/log
/9.1/main
/cluster.log \
41 --socketdir=/run
/postgresql \
45 sudo
install -m 640 -o postgres
-g postgres
/dev
/stdin \
46 /etc
/postgresql
/9.1/main
/pg_ctl.conf
<<-EOF
49 sudo
install -m 640 -o postgres
-g postgres
/dev
/stdin \
50 /etc
/postgresql
/9.1/main
/pg_ident.conf
<<-EOF
51 # MAPNAME SYSTEM-USERNAME PG-USERNAME
53 sudo
install -m 640 -o postgres
-g postgres
/dev
/stdin \
54 /etc
/postgresql
/9.1/main
/start.conf
<<-EOF
56 sudo
install -m 640 -o postgres
-g postgres
/dev
/stdin \
57 /etc
/postgresql
/9.1/main
/pg_hba.conf
<<-EOF
58 local all postgres peer
61 sudo
install -m 640 -o postgres
-g postgres-data \
62 "$tool"/etc
/postgresql
/9.1/main
/postgresql.conf \
63 /etc
/postgresql
/9.1/main
/postgresql.conf
64 sudo
find "$tool"/etc
/postgresql
/bin
/ -type f
-perm /+x
-exec \
65 install -m 755 -o root
-g root \
66 -t /home
/postgresql
/bin
/ {} +
68 sudo sv
-w 1 start
/etc
/sv
/postgres
69 while ! sudo
-u postgres psql
</dev
/null
71 # NOTE: supprime l'accès au schéma public depuis public,
72 # de sorte à ce que les différents utilisateurices
73 # ne voient pas leurs bases de données entre-elleux ;
74 sudo
-u postgres psql template1
-a -f - <<-EOF
76 REVOKE ALL ON DATABASE template1 FROM public;
77 REVOKE ALL ON SCHEMA public FROM public;
78 GRANT ALL ON SCHEMA public TO postgres;
80 # NOTE: ajoute le support de PL/PGSQL s'il ne l'est pas déjà.
81 sudo
-u postgres psql template1
-a -f - <<-EOF
83 CREATE OR REPLACE FUNCTION create_language_plpgsql()
84 RETURNS BOOLEAN AS \$\$
85 CREATE LANGUAGE plpgsql;
88 SELECT CASE WHEN NOT (
91 WHERE lanname = 'plpgsql'
93 SELECT FALSE AS exists
98 create_language_plpgsql()
101 END AS plpgsql_created;
102 DROP FUNCTION create_language_plpgsql();
104 # NOTE: supprime l'accès à la liste des bases données
105 # et utilisateurices depuis public.
106 sudo
-u postgres psql template1
-a -f - <<-EOF
107 \set ON_ERROR_STOP on
108 REVOKE ALL ON pg_auth_members FROM public;
109 REVOKE ALL ON pg_authid FROM public;
110 REVOKE ALL ON pg_database FROM public;
111 REVOKE ALL ON pg_group FROM public;
112 REVOKE ALL ON pg_roles FROM public;
113 REVOKE ALL ON pg_settings FROM public;
114 REVOKE ALL ON pg_tablespace FROM public;
115 REVOKE ALL ON pg_user FROM public;