+++ /dev/null
-# DOC: http://wiki.postgresql.org/wiki/Shared_Database_Hosting
-
-#rule apt_get_install postgresql-9.1
-rule insserv_remove postgresql
-rule adduser postgres \
- --disabled-login \
- --disabled-password \
- --group \
- --home /home/postgresql \
- --shell /bin/false \
- --system
-rule adduser postgres-data \
- --disabled-login \
- --disabled-password \
- --group \
- --home /home/postgresql/data \
- --no-create-home \
- --shell /bin/false \
- --system
-sudo usermod --home /home/postgresql postgres
-sudo adduser postgres postgres-data
-sudo rm -rf \
- /etc/postgresql
-sudo install -d -m 1751 -o postgres -g postgres-data \
- /home/postgresql \
- /home/postgresql/etc \
- /home/postgresql/bin \
- /etc/postgresql \
- /etc/postgresql/9.1 \
- /etc/postgresql/9.1/main
-sudo ln -fns \
- /etc/postgresql \
- /home/postgresql/etc/postgresql
-
-if sudo test ! -d /home/postgresql/data
- then
- sudo install -d -m 750 -o postgres -g postgres \
- /home/postgresql/data
- sudo -u postgres pg_createcluster \
- --datadir=/home/postgresql/data \
- --logfile=/home/postgresql/log/9.1/main/cluster.log \
- --socketdir=/run/postgresql \
- 9.1 main
- fi
-
-sudo install -m 640 -o postgres -g postgres /dev/stdin \
- /etc/postgresql/9.1/main/pg_ctl.conf <<-EOF
- pg_ctl_options = ''
- EOF
-sudo install -m 640 -o postgres -g postgres /dev/stdin \
- /etc/postgresql/9.1/main/pg_ident.conf <<-EOF
- # MAPNAME SYSTEM-USERNAME PG-USERNAME
- admin postgres postgres
- admin root postgres
- EOF
-sudo install -m 640 -o postgres -g postgres /dev/stdin \
- /etc/postgresql/9.1/main/start.conf <<-EOF
- EOF
-sudo install -m 640 -o postgres -g postgres /dev/stdin \
- /etc/postgresql/9.1/main/pg_hba.conf <<-EOF
- local all postgres peer map=admin
- local all all peer
- EOF
-sudo install -m 640 -o postgres -g postgres-data \
- "$tool"/etc/postgresql/9.1/main/postgresql.conf \
- /etc/postgresql/9.1/main/postgresql.conf
-sudo find "$tool"/etc/postgresql/bin/ -type f -perm /+x -exec \
- install -m 755 -o root -g root \
- -t /home/postgresql/bin/ {} +
-
-sudo ln -fns \
- ../sv/"$sv" \
- /etc/service/"$sv"
-rule _runit_sv_start "$sv"
-while ! sudo -u postgres psql </dev/null
-do sleep 1; done
-
-# NOTE: supprime l'accès au schéma public depuis public,
-# de sorte à ce que les différents utilisateurices
-# ne voient pas leurs bases de données entre-elleux ;
-sudo -u postgres psql template1 -a -f - <<-EOF
- \set ON_ERROR_STOP on
- REVOKE ALL ON DATABASE template1 FROM public;
- REVOKE ALL ON SCHEMA public FROM public;
- GRANT ALL ON SCHEMA public TO postgres;
- EOF
-# NOTE: ajoute le support de PL/PGSQL s'il ne l'est pas déjà.
-sudo -u postgres psql template1 -a -f - <<-EOF
- \set ON_ERROR_STOP on
- CREATE OR REPLACE FUNCTION create_language_plpgsql()
- RETURNS BOOLEAN AS \$\$
- CREATE LANGUAGE plpgsql;
- SELECT TRUE;
- \$\$ LANGUAGE SQL;
- SELECT CASE WHEN NOT (
- SELECT TRUE AS exists
- FROM pg_language
- WHERE lanname = 'plpgsql'
- UNION
- SELECT FALSE AS exists
- ORDER BY exists DESC
- LIMIT 1
- )
- THEN
- create_language_plpgsql()
- ELSE
- FALSE
- END AS plpgsql_created;
- DROP FUNCTION create_language_plpgsql();
- EOF
-# NOTE: supprime l'accès à la liste des bases données
-# et utilisateurices depuis public.
-sudo -u postgres psql template1 -a -f - <<-EOF
- \set ON_ERROR_STOP on
- REVOKE ALL ON ALL TABLES IN SCHEMA pg_catalog FROM public;
- REVOKE ALL ON SCHEMA pg_catalog FROM public;
- -- REVOKE ALL ON pg_auth_members FROM public;
- -- REVOKE ALL ON pg_authid FROM public;
- -- REVOKE ALL ON pg_database FROM public;
- -- REVOKE ALL ON pg_group FROM public;
- -- REVOKE ALL ON pg_roles FROM public;
- -- REVOKE ALL ON pg_settings FROM public;
- -- REVOKE ALL ON pg_tablespace FROM public;
- -- REVOKE ALL ON pg_user FROM public;
- EOF