X-Git-Url: https://git.cyclocoop.org/?p=lhc%2Fateliers.git;a=blobdiff_plain;f=remote%2Fpsql;fp=remote%2Fpsql;h=8e1a21988472d4fbabc28258fd8fd944c9d1f3d7;hp=0000000000000000000000000000000000000000;hb=f5e12fec2c7ef8d743e2d3e32c3bbe37b40c7a73;hpb=6647e7fb851e2dbe5a5c7ec60358f7371bf17183

diff --git a/remote/psql b/remote/psql
new file mode 100755
index 0000000..8e1a219
--- /dev/null
+++ b/remote/psql
@@ -0,0 +1,33 @@
+#!/bin/sh -eu
+tool=$(readlink -e "${0%/*}/..")
+. "$tool"/remote/lib.sh
+
+user=postgres
+key="$tool"/var/sec/x509/postgresql."$local_domainname"/user/"$user"/key.pem
+
+read -r pass <<-EOF
+	$(stdbuf --output 0 tr -d -c '[:alnum:]' <"${random:-/dev/urandom}" | head -c 42)
+	EOF
+gpg --yes --decrypt "$key".gpg |
+openssl rsa -in /dev/stdin -des3 -passout fd:3 -out "$key" 3<<-EOF
+	$pass
+	EOF
+
+PGSSLCERT="$tool"/var/pub/x509/postgresql."$local_domainname"/user/"$user"/crt.pem \
+PGSSLKEY="$key" \
+PGSSLMODE=verify-full \
+PGSSLROOTCERT="$tool"/var/pub/x509/postgresql."$local_domainname"/crt+ca.pem \
+expect -f /dev/fd/3 \
+ psql \
+ --host postgresql."$local_domainname" \
+ --port 5432 \
+ --username "$user" \
+ "$@" 3<<-EOF
+	spawn {*}\$argv
+	expect {
+	 "Enter PEM pass phrase:" {
+			send -- "$pass\\r"
+			interact
+		 }
+	 }
+	EOF