--- /dev/null
+#!/bin/sh -eux
+user="$1"
+db="${2-}"
+sudo -u postgres psql "${db-}" -a -f - <<-EOF
+ \set ON_ERROR_STOP on
+ DO LANGUAGE plpgsql \$\$
+ BEGIN
+ IF NOT EXISTS (
+ SELECT *
+ FROM pg_catalog.pg_user
+ WHERE usename = '$user'
+ LIMIT 1
+ ) THEN
+ CREATE ROLE $user
+ LOGIN
+ NOCREATEDB
+ NOCREATEROLE
+ NOINHERIT
+ NOSUPERUSER;
+ END IF;
+ END;
+ \$\$;
+ GRANT USAGE ON SCHEMA public TO $user;
+ ${db:+GRANT CONNECT,TEMPORARY ON DATABASE $db TO $user;}
+ EOF