dépôts / lhc / ateliers.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Ajout : sauvegardes automatiques des bases postgresql.
[lhc/ateliers.git] / remote / psql
diff --git a/remote/psql b/remote/psql
new file mode 100755 (executable)
index 0000000..8e1a219
--- /dev/null
+++ b/remote/psql
@@ -0,0 +1,33 @@
+#!/bin/sh -eu
+tool=$(readlink -e "${0%/*}/..")
+. "$tool"/remote/lib.sh
+
+user=postgres
+key="$tool"/var/sec/x509/postgresql."$local_domainname"/user/"$user"/key.pem
+
+read -r pass <<-EOF
+       $(stdbuf --output 0 tr -d -c '[:alnum:]' <"${random:-/dev/urandom}" | head -c 42)
+       EOF
+gpg --yes --decrypt "$key".gpg |
+openssl rsa -in /dev/stdin -des3 -passout fd:3 -out "$key" 3<<-EOF
+       $pass
+       EOF
+
+PGSSLCERT="$tool"/var/pub/x509/postgresql."$local_domainname"/user/"$user"/crt.pem \
+PGSSLKEY="$key" \
+PGSSLMODE=verify-full \
+PGSSLROOTCERT="$tool"/var/pub/x509/postgresql."$local_domainname"/crt+ca.pem \
+expect -f /dev/fd/3 \
+ psql \
+ --host postgresql."$local_domainname" \
+ --port 5432 \
+ --username "$user" \
+ "$@" 3<<-EOF
+       spawn {*}\$argv
+       expect {
+        "Enter PEM pass phrase:" {
+                       send -- "$pass\\r"
+                       interact
+                }
+        }
+       EOF
outils d'administration d'ateliers.heureux-cyclage.org