etc/sv/postgres/configure.sh

   1  # DOC: http://wiki.postgresql.org/wiki/Shared_Database_Hosting
   2 rule apt_get_install postgresql-9.1
   3 rule insserv_remove  postgresql
   4 rule adduser postgres \
   5  --disabled-login \
   6  --disabled-password \
   7  --group \
   8  --home /home/postgresql \
   9  --shell /bin/false \
  10  --system
  11 rule adduser postgres-data \
  12  --disabled-login \
  13  --disabled-password \
  14  --group \
  15  --home /home/postgresql/data \
  16  --no-create-home \
  17  --shell /bin/false \
  18  --system
  19 sudo usermod --home /home/postgresql postgres
  20 sudo adduser postgres postgres-data
  21 sudo rm -rf \
  22  /etc/postgresql
  23 sudo install -d -m 1751 -o postgres -g postgres-data \
  24  /home/postgresql \
  25  /home/postgresql/etc \
  26  /home/postgresql/bin \
  27  /etc/postgresql \
  28  /etc/postgresql/9.1 \
  29  /etc/postgresql/9.1/main
  30 sudo ln -fns \
  31                  /etc/postgresql \
  32  /home/postgresql/etc/postgresql
  33
  34 if sudo test ! -d /home/postgresql/data
  35  then
  36         sudo install -d -m 750 -o postgres -g postgres \
  37          /home/postgresql/data
  38         sudo -u postgres pg_createcluster \
  39          --datadir=/home/postgresql/data \
  40          --logfile=/home/postgresql/log/9.1/main/cluster.log  \
  41          --socketdir=/run/postgresql \
  42          9.1 main
  43  fi
  44
  45 sudo install -m 640 -o postgres -g postgres /dev/stdin \
  46  /etc/postgresql/9.1/main/pg_ctl.conf <<-EOF
  47         pg_ctl_options = ''
  48         EOF
  49 sudo install -m 640 -o postgres -g postgres /dev/stdin \
  50  /etc/postgresql/9.1/main/pg_ident.conf <<-EOF
  51         # MAPNAME       SYSTEM-USERNAME         PG-USERNAME
  52         EOF
  53 sudo install -m 640 -o postgres -g postgres /dev/stdin \
  54  /etc/postgresql/9.1/main/start.conf <<-EOF
  55         EOF
  56 sudo install -m 640 -o postgres -g postgres /dev/stdin \
  57  /etc/postgresql/9.1/main/pg_hba.conf <<-EOF
  58         local all postgres peer
  59         local all all      peer
  60         EOF
  61 sudo install -m 640 -o postgres -g postgres-data \
  62  "$tool"/etc/postgresql/9.1/main/postgresql.conf \
  63         /etc/postgresql/9.1/main/postgresql.conf
  64 sudo find "$tool"/etc/postgresql/bin/ -type f -perm /+x -exec \
  65         install -m 755 -o root -g root \
  66          -t /home/postgresql/bin/ {} +
  67
  68 sudo sv -w 1 start /etc/sv/postgres
  69 while ! sudo -u postgres psql </dev/null
  70 do sleep 1; done
  71 # NOTE: supprime l'accès au schéma public depuis public,
  72 #       de sorte à ce que les différents utilisateurices
  73 #       ne voient pas leurs bases de données entre-elleux ;
  74 sudo -u postgres psql template1 -a -f - <<-EOF
  75         \set ON_ERROR_STOP on
  76         REVOKE ALL ON DATABASE template1 FROM public;
  77         REVOKE ALL ON SCHEMA   public    FROM public;
  78         GRANT  ALL ON SCHEMA   public    TO   postgres;
  79         EOF
  80 # NOTE: ajoute le support de PL/PGSQL s'il ne l'est pas déjà.
  81 sudo -u postgres psql template1 -a -f - <<-EOF
  82         \set ON_ERROR_STOP on
  83         CREATE OR REPLACE FUNCTION create_language_plpgsql()
  84                 RETURNS BOOLEAN AS \$\$
  85                         CREATE LANGUAGE plpgsql;
  86                         SELECT TRUE;
  87                 \$\$ LANGUAGE SQL;
  88         SELECT CASE WHEN NOT (
  89                 SELECT  TRUE AS exists
  90                 FROM    pg_language
  91                 WHERE   lanname = 'plpgsql'
  92                 UNION
  93                 SELECT  FALSE AS exists
  94                 ORDER BY exists DESC
  95                 LIMIT 1
  96          )
  97         THEN
  98                 create_language_plpgsql()
  99         ELSE
 100                 FALSE
 101         END AS plpgsql_created;
 102         DROP FUNCTION create_language_plpgsql();
 103         EOF
 104 # NOTE: supprime l'accès à la liste des bases données
 105 #       et utilisateurices depuis public.
 106 sudo -u postgres psql template1 -a -f - <<-EOF
 107         \set ON_ERROR_STOP on
 108         REVOKE ALL ON pg_auth_members FROM public;
 109         REVOKE ALL ON pg_authid       FROM public;
 110         REVOKE ALL ON pg_database     FROM public;
 111         REVOKE ALL ON pg_group        FROM public;
 112         REVOKE ALL ON pg_roles        FROM public;
 113         REVOKE ALL ON pg_settings     FROM public;
 114         REVOKE ALL ON pg_tablespace   FROM public;
 115         REVOKE ALL ON pg_user         FROM public;
 116         EOF