etc/sv/postgres/configure.sh

   1 # DOC: http://wiki.postgresql.org/wiki/Shared_Database_Hosting
   2
   3 #rule apt_get_install postgresql-9.1
   4 rule insserv_remove  postgresql
   5 rule adduser postgres \
   6  --disabled-login \
   7  --disabled-password \
   8  --group \
   9  --home /home/postgresql \
  10  --shell /bin/false \
  11  --system
  12 rule adduser postgres-data \
  13  --disabled-login \
  14  --disabled-password \
  15  --group \
  16  --home /home/postgresql/data \
  17  --no-create-home \
  18  --shell /bin/false \
  19  --system
  20 sudo usermod --home /home/postgresql postgres
  21 sudo adduser postgres postgres-data
  22 sudo rm -rf \
  23  /etc/postgresql
  24 sudo install -d -m 1751 -o postgres -g postgres-data \
  25  /home/postgresql \
  26  /home/postgresql/etc \
  27  /home/postgresql/bin \
  28  /etc/postgresql \
  29  /etc/postgresql/9.1 \
  30  /etc/postgresql/9.1/main
  31 sudo ln -fns \
  32                  /etc/postgresql \
  33  /home/postgresql/etc/postgresql
  34
  35 if sudo test ! -d /home/postgresql/data
  36  then
  37         sudo install -d -m 750 -o postgres -g postgres \
  38          /home/postgresql/data
  39         sudo -u postgres pg_createcluster \
  40          --datadir=/home/postgresql/data \
  41          --logfile=/home/postgresql/log/9.1/main/cluster.log  \
  42          --socketdir=/run/postgresql \
  43          9.1 main
  44  fi
  45
  46 sudo install -m 640 -o postgres -g postgres /dev/stdin \
  47  /etc/postgresql/9.1/main/pg_ctl.conf <<-EOF
  48         pg_ctl_options = ''
  49         EOF
  50 sudo install -m 640 -o postgres -g postgres /dev/stdin \
  51  /etc/postgresql/9.1/main/pg_ident.conf <<-EOF
  52         # MAPNAME       SYSTEM-USERNAME         PG-USERNAME
  53         admin           postgres                postgres
  54         admin           root                    postgres
  55         EOF
  56 sudo install -m 640 -o postgres -g postgres /dev/stdin \
  57  /etc/postgresql/9.1/main/start.conf <<-EOF
  58         EOF
  59 sudo install -m 640 -o postgres -g postgres /dev/stdin \
  60  /etc/postgresql/9.1/main/pg_hba.conf <<-EOF
  61         local all postgres peer map=admin
  62         local all all      peer
  63         EOF
  64 sudo install -m 640 -o postgres -g postgres-data \
  65  "$tool"/etc/postgresql/9.1/main/postgresql.conf \
  66         /etc/postgresql/9.1/main/postgresql.conf
  67 sudo find "$tool"/etc/postgresql/bin/ -type f -perm /+x -exec \
  68         install -m 755 -o root -g root \
  69          -t /home/postgresql/bin/ {} +
  70
  71 sudo ln -fns \
  72         ../sv/"$sv" \
  73  /etc/service/"$sv"
  74 rule _runit_sv_start "$sv"
  75 while ! sudo -u postgres psql </dev/null
  76 do sleep 1; done
  77
  78 # NOTE: supprime l'accès au schéma public depuis public,
  79 #       de sorte à ce que les différents utilisateurices
  80 #       ne voient pas leurs bases de données entre-elleux ;
  81 sudo -u postgres psql template1 -a -f - <<-EOF
  82         \set ON_ERROR_STOP on
  83         REVOKE ALL ON DATABASE template1 FROM public;
  84         REVOKE ALL ON SCHEMA   public    FROM public;
  85         GRANT  ALL ON SCHEMA   public    TO   postgres;
  86         EOF
  87 # NOTE: ajoute le support de PL/PGSQL s'il ne l'est pas déjà.
  88 sudo -u postgres psql template1 -a -f - <<-EOF
  89         \set ON_ERROR_STOP on
  90         CREATE OR REPLACE FUNCTION create_language_plpgsql()
  91                 RETURNS BOOLEAN AS \$\$
  92                         CREATE LANGUAGE plpgsql;
  93                         SELECT TRUE;
  94                 \$\$ LANGUAGE SQL;
  95         SELECT CASE WHEN NOT (
  96                 SELECT  TRUE AS exists
  97                 FROM    pg_language
  98                 WHERE   lanname = 'plpgsql'
  99                 UNION
 100                 SELECT  FALSE AS exists
 101                 ORDER BY exists DESC
 102                 LIMIT 1
 103          )
 104         THEN
 105                 create_language_plpgsql()
 106         ELSE
 107                 FALSE
 108         END AS plpgsql_created;
 109         DROP FUNCTION create_language_plpgsql();
 110         EOF
 111 # NOTE: supprime l'accès à la liste des bases données
 112 #       et utilisateurices depuis public.
 113 sudo -u postgres psql template1 -a -f - <<-EOF
 114         \set ON_ERROR_STOP on
 115         REVOKE ALL ON ALL TABLES IN SCHEMA pg_catalog FROM public;
 116         REVOKE ALL ON               SCHEMA pg_catalog FROM public;
 117         -- REVOKE ALL ON pg_auth_members FROM public;
 118         -- REVOKE ALL ON pg_authid       FROM public;
 119         -- REVOKE ALL ON pg_database     FROM public;
 120         -- REVOKE ALL ON pg_group        FROM public;
 121         -- REVOKE ALL ON pg_roles        FROM public;
 122         -- REVOKE ALL ON pg_settings     FROM public;
 123         -- REVOKE ALL ON pg_tablespace   FROM public;
 124         -- REVOKE ALL ON pg_user         FROM public;
 125         EOF