#!/bin/sh -eux
user="$1"
db="${2-}"
sudo -u postgres psql "${db-}" -a -f - --set ON_ERROR_STOP=1 <<-EOF
	DO LANGUAGE plpgsql \$\$
	BEGIN
		IF NOT EXISTS (
		 SELECT *
		 FROM pg_catalog.pg_user
		 WHERE usename = '$user'
		 LIMIT 1
		) THEN
			CREATE ROLE $user
			 LOGIN
			 NOCREATEDB
			 NOCREATEROLE
			 NOINHERIT
			 NOSUPERUSER;
		END IF;
	END;
	\$\$;
	GRANT USAGE ON SCHEMA public TO $user;
	${db:+GRANT CONNECT,TEMPORARY ON DATABASE $db TO $user;}
	EOF