From 1b7d25de96d215101547d08babfa2d884343518d Mon Sep 17 00:00:00 2001 From: Kayou Date: Tue, 19 Feb 2019 00:03:46 +0100 Subject: [PATCH 01/20] Update psql --- data/helpers.d/psql | 2 ++ 1 file changed, 2 insertions(+) diff --git a/data/helpers.d/psql b/data/helpers.d/psql index 2ef13482a..2feb6b0ac 100644 --- a/data/helpers.d/psql +++ b/data/helpers.d/psql @@ -1,3 +1,5 @@ +#!/bin/bash + # Create a master password and set up global settings # Please always call this script in install and restore scripts # From b5ae91b34e8edd4cefe99ef56be891b72b663e48 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pierre=20Bourr=C3=A9?= Date: Tue, 19 Feb 2019 01:39:00 +0100 Subject: [PATCH 02/20] [WIP] Update --- data/helpers.d/psql | 216 +++++++++++++++++++++++++++++++++----------- 1 file changed, 162 insertions(+), 54 deletions(-) diff --git a/data/helpers.d/psql b/data/helpers.d/psql index 2feb6b0ac..20edb2fc5 100644 --- a/data/helpers.d/psql +++ b/data/helpers.d/psql @@ -1,75 +1,147 @@ #!/bin/bash -# Create a master password and set up global settings -# Please always call this script in install and restore scripts -# -# usage: ynh_psql_test_if_first_run -ynh_psql_test_if_first_run() { - if [ -f /etc/yunohost/psql ]; - then - echo "PostgreSQL is already installed, no need to create master password" - else - local pgsql="$(ynh_string_random)" - echo "$pgsql" > /etc/yunohost/psql - - if [ -e /etc/postgresql/9.4/ ] - then - local pg_hba=/etc/postgresql/9.4/main/pg_hba.conf - elif [ -e /etc/postgresql/9.6/ ] - then - local pg_hba=/etc/postgresql/9.6/main/pg_hba.conf - else - ynh_die "postgresql shoud be 9.4 or 9.6" - fi - - systemctl start postgresql - sudo --login --user=postgres psql -c"ALTER user postgres WITH PASSWORD '$pgsql'" postgres - - # force all user to connect to local database using passwords - # https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html#EXAMPLE-PG-HBA.CONF - # Note: we can't use peer since YunoHost create users with nologin - # See: https://github.com/YunoHost/yunohost/blob/unstable/data/helpers.d/user - sed -i '/local\s*all\s*all\s*peer/i \ - local all all password' "$pg_hba" - systemctl enable postgresql - systemctl reload postgresql - fi -} +PSQL_ROOT_PWD_FILE=/etc/yunohost/psql # Open a connection as a user # # example: ynh_psql_connect_as 'user' 'pass' <<< "UPDATE ...;" # example: ynh_psql_connect_as 'user' 'pass' < /path/to/file.sql # -# usage: ynh_psql_connect_as user pwd [db] -# | arg: user - the user name to connect as -# | arg: pwd - the user password -# | arg: db - the database to connect to +# usage: ynh_psql_connect_as --user=user --password=password [--database=database] +# | arg: -u, --user - the user name to connect as +# | arg: -p, --password - the user password +# | arg: -d, --database - the database to connect to ynh_psql_connect_as() { - local user="$1" - local pwd="$2" - local db="$3" - sudo --login --user=postgres PGUSER="$user" PGPASSWORD="$pwd" psql "$db" + # Declare an array to define the options of this helper. + local legacy_args=upd + declare -Ar args_array=( [u]=user= [p]=password= [d]=database= ) + local user + local password + local database + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + database="${database:-}" + + sudo --login --user=postgres PGUSER="$user" PGPASSWORD="$password" psql "$database" } -# # Execute a command as root user +# Execute a command as root user # -# usage: ynh_psql_execute_as_root sql [db] -# | arg: sql - the SQL command to execute +# usage: ynh_psql_execute_as_root --sql=sql [--database=database] +# | arg: -s, --sql - the SQL command to execute +# | arg: -d, --database - the database to connect to ynh_psql_execute_as_root () { - local sql="$1" - sudo --login --user=postgres psql <<< "$sql" + # Declare an array to define the options of this helper. + local legacy_args=sd + declare -Ar args_array=( [s]=sql= [d]=database= ) + local sql + local database + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + database="${database:-}" + + ynh_psql_connect_as --user="postgres" --password="$(sudo cat $PSQL_ROOT_PWD_FILE)" \ + --database="$database" <<< "$sql" } # Execute a command from a file as root user # -# usage: ynh_psql_execute_file_as_root file [db] -# | arg: file - the file containing SQL commands -# | arg: db - the database to connect to +# usage: ynh_psql_execute_file_as_root --file=file [--database=database] +# | arg: -f, --file - the file containing SQL commands +# | arg: -d, --database - the database to connect to ynh_psql_execute_file_as_root() { - local file="$1" - local db="$2" - sudo --login --user=postgres psql "$db" < "$file" + # Declare an array to define the options of this helper. + local legacy_args=fd + declare -Ar args_array=( [f]=file= [d]=database= ) + local file + local database + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + database="${database:-}" + + ynh_psql_connect_as --user="postgres" --password="$(sudo cat $PSQL_ROOT_PWD_FILE)" \ + --database="$database" < "$file" +} + +# Create a database and grant optionnaly privilegies to a user +# +# [internal] +# +# usage: ynh_psql_create_db db [user [pwd]] +# | arg: db - the database name to create +# | arg: user - the user to grant privilegies +# | arg: pwd - the password to identify user by +ynh_psql_create_db() { + local db=$1 + + ynh_psql_create_user "$user" "$pwd" + sudo --login --user=postgres createdb --owner="$user" "$db" +} + +# Drop a database +# +# [internal] +# +# If you intend to drop the database *and* the associated user, +# consider using ynh_psql_remove_db instead. +# +# usage: ynh_psql_drop_db db +# | arg: db - the database name to drop +ynh_psql_drop_db() { + local db=$1 + sudo --login --user=postgres dropdb $db +} + +# Dump a database +# +# example: ynh_psql_dump_db 'roundcube' > ./dump.sql +# +# usage: ynh_psql_dump_db --database=database +# | arg: -d, --database - the database name to dump +# | ret: the psqldump output +ynh_psql_dump_db() { + # Declare an array to define the options of this helper. + local legacy_args=d + declare -Ar args_array=( [d]=database= ) + local database + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + + sudo --login --user=postgres pg_dump "$database" +} + +# Create a user +# +# [internal] +# +# usage: ynh_psql_create_user user pwd [host] +# | arg: user - the user name to create +# | arg: pwd - the password to identify user by +ynh_psql_create_user() { + local user=$1 + local psql=$2 + ynh_psql_execute_as_root "CREATE USER $user WITH PASSWORD '$pwd'" +} + +# Check if a psql user exists +# +# usage: ynh_psql_user_exists --user=user +# | arg: -u, --user - the user for which to check existence +ynh_psql_user_exists() +{ + # Declare an array to define the options of this helper. + local legacy_args=u + declare -Ar args_array=( [u]=user= ) + local user + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + + if [[ -z $(ynh_psql_execute_as_root --sql="SELECT 1 FROM pg_roles WHERE rolename='$user';") ]] + then + return 1 + else + return 0 + fi } # Create a database, an user and its password. Then store the password in the app's config @@ -148,3 +220,39 @@ ynh_psql_drop_user() { local user="$1" sudo --login --user=postgres dropuser "$user" } + +# Create a master password and set up global settings +# Please always call this script in install and restore scripts +# +# usage: ynh_psql_test_if_first_run +ynh_psql_test_if_first_run() { + if [ -f /etc/yunohost/psql ]; + then + echo "PostgreSQL is already installed, no need to create master password" + else + local pgsql="$(ynh_string_random)" + echo "$pgsql" > /etc/yunohost/psql + + if [ -e /etc/postgresql/9.4/ ] + then + local pg_hba=/etc/postgresql/9.4/main/pg_hba.conf + elif [ -e /etc/postgresql/9.6/ ] + then + local pg_hba=/etc/postgresql/9.6/main/pg_hba.conf + else + ynh_die "postgresql shoud be 9.4 or 9.6" + fi + + systemctl start postgresql + sudo --login --user=postgres psql -c"ALTER user postgres WITH PASSWORD '$pgsql'" postgres + + # force all user to connect to local database using passwords + # https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html#EXAMPLE-PG-HBA.CONF + # Note: we can't use peer since YunoHost create users with nologin + # See: https://github.com/YunoHost/yunohost/blob/unstable/data/helpers.d/user + sed -i '/local\s*all\s*all\s*peer/i \ + local all all password' "$pg_hba" + systemctl enable postgresql + systemctl reload postgresql + fi +} \ No newline at end of file From d5ca4dd88b3fe49d3c8b9a0780b97e61c1c0e89e Mon Sep 17 00:00:00 2001 From: Kayou Date: Wed, 20 Feb 2019 00:21:44 +0100 Subject: [PATCH 03/20] Fix ynh_psql_user_exists --- data/helpers.d/psql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/data/helpers.d/psql b/data/helpers.d/psql index 20edb2fc5..b6ba5afaf 100644 --- a/data/helpers.d/psql +++ b/data/helpers.d/psql @@ -120,7 +120,7 @@ ynh_psql_dump_db() { ynh_psql_create_user() { local user=$1 local psql=$2 - ynh_psql_execute_as_root "CREATE USER $user WITH PASSWORD '$pwd'" + ynh_psql_execute_as_root --sql="CREATE USER $user WITH PASSWORD '$pwd'" } # Check if a psql user exists @@ -136,7 +136,7 @@ ynh_psql_user_exists() # Manage arguments with getopts ynh_handle_getopts_args "$@" - if [[ -z $(ynh_psql_execute_as_root --sql="SELECT 1 FROM pg_roles WHERE rolename='$user';") ]] + if [[ -n $(sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(sudo cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT rolname FROM pg_roles WHERE rolname='$user';") ]] then return 1 else From d030628a9b36d869e39921f502b9e7f5b58bb1ad Mon Sep 17 00:00:00 2001 From: Kayou Date: Wed, 20 Feb 2019 01:27:27 +0100 Subject: [PATCH 04/20] Update psql helper --- data/helpers.d/psql | 264 +++++++++++++++++++++++--------------------- 1 file changed, 137 insertions(+), 127 deletions(-) diff --git a/data/helpers.d/psql b/data/helpers.d/psql index b6ba5afaf..fb9ffe013 100644 --- a/data/helpers.d/psql +++ b/data/helpers.d/psql @@ -12,15 +12,15 @@ PSQL_ROOT_PWD_FILE=/etc/yunohost/psql # | arg: -p, --password - the user password # | arg: -d, --database - the database to connect to ynh_psql_connect_as() { - # Declare an array to define the options of this helper. - local legacy_args=upd - declare -Ar args_array=( [u]=user= [p]=password= [d]=database= ) - local user - local password - local database - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - database="${database:-}" + # Declare an array to define the options of this helper. + local legacy_args=upd + declare -Ar args_array=([u]=user= [p]=password= [d]=database=) + local user + local password + local database + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + database="${database:-}" sudo --login --user=postgres PGUSER="$user" PGPASSWORD="$password" psql "$database" } @@ -30,18 +30,18 @@ ynh_psql_connect_as() { # usage: ynh_psql_execute_as_root --sql=sql [--database=database] # | arg: -s, --sql - the SQL command to execute # | arg: -d, --database - the database to connect to -ynh_psql_execute_as_root () { - # Declare an array to define the options of this helper. - local legacy_args=sd - declare -Ar args_array=( [s]=sql= [d]=database= ) - local sql - local database - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - database="${database:-}" +ynh_psql_execute_as_root() { + # Declare an array to define the options of this helper. + local legacy_args=sd + declare -Ar args_array=([s]=sql= [d]=database=) + local sql + local database + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + database="${database:-}" - ynh_psql_connect_as --user="postgres" --password="$(sudo cat $PSQL_ROOT_PWD_FILE)" \ - --database="$database" <<< "$sql" + ynh_psql_connect_as --user="postgres" --password="$(sudo cat $PSQL_ROOT_PWD_FILE)" \ + --database="$database" <<<"$sql" } # Execute a command from a file as root user @@ -50,17 +50,17 @@ ynh_psql_execute_as_root () { # | arg: -f, --file - the file containing SQL commands # | arg: -d, --database - the database to connect to ynh_psql_execute_file_as_root() { - # Declare an array to define the options of this helper. - local legacy_args=fd - declare -Ar args_array=( [f]=file= [d]=database= ) - local file - local database - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - database="${database:-}" + # Declare an array to define the options of this helper. + local legacy_args=fd + declare -Ar args_array=([f]=file= [d]=database=) + local file + local database + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + database="${database:-}" - ynh_psql_connect_as --user="postgres" --password="$(sudo cat $PSQL_ROOT_PWD_FILE)" \ - --database="$database" < "$file" + ynh_psql_connect_as --user="postgres" --password="$(sudo cat $PSQL_ROOT_PWD_FILE)" \ + --database="$database" <"$file" } # Create a database and grant optionnaly privilegies to a user @@ -72,10 +72,18 @@ ynh_psql_execute_file_as_root() { # | arg: user - the user to grant privilegies # | arg: pwd - the password to identify user by ynh_psql_create_db() { - local db=$1 + local db=$1 - ynh_psql_create_user "$user" "$pwd" - sudo --login --user=postgres createdb --owner="$user" "$db" + local sql="CREATE DATABASE ${db};" + + # grant all privilegies to user + if [[ $# -gt 1 ]]; then + #ynh_psql_create_user "$user" "$pwd" + sql+=" GRANT ALL PRIVILEGES ON ${db} TO ${2} WITH GRANT OPTION;" + fi + + #sudo --login --user=postgres createdb --owner="$user" "$db" + ynh_psql_execute_as_root --sql="$sql" } # Drop a database @@ -89,7 +97,7 @@ ynh_psql_create_db() { # | arg: db - the database name to drop ynh_psql_drop_db() { local db=$1 - sudo --login --user=postgres dropdb $db + sudo --login --user=postgres dropdb $db } # Dump a database @@ -100,14 +108,14 @@ ynh_psql_drop_db() { # | arg: -d, --database - the database name to dump # | ret: the psqldump output ynh_psql_dump_db() { - # Declare an array to define the options of this helper. - local legacy_args=d - declare -Ar args_array=( [d]=database= ) - local database - # Manage arguments with getopts - ynh_handle_getopts_args "$@" + # Declare an array to define the options of this helper. + local legacy_args=d + declare -Ar args_array=([d]=database=) + local database + # Manage arguments with getopts + ynh_handle_getopts_args "$@" - sudo --login --user=postgres pg_dump "$database" + sudo --login --user=postgres pg_dump "$database" } # Create a user @@ -127,21 +135,48 @@ ynh_psql_create_user() { # # usage: ynh_psql_user_exists --user=user # | arg: -u, --user - the user for which to check existence -ynh_psql_user_exists() -{ - # Declare an array to define the options of this helper. - local legacy_args=u - declare -Ar args_array=( [u]=user= ) - local user - # Manage arguments with getopts - ynh_handle_getopts_args "$@" +ynh_psql_user_exists() { + # Declare an array to define the options of this helper. + local legacy_args=u + declare -Ar args_array=([u]=user=) + local user + # Manage arguments with getopts + ynh_handle_getopts_args "$@" - if [[ -n $(sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(sudo cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT rolname FROM pg_roles WHERE rolname='$user';") ]] - then - return 1 - else - return 0 - fi + if [[ -n $(sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(sudo cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT rolname FROM pg_roles WHERE rolname='$user';") ]]; then + return 1 + else + return 0 + fi +} + +# Check if a psql database exists +# +# usage: ynh_psql_database_exists --database=database +# | arg: -d, --database - the database for which to check existence +ynh_psql_database_exists() { + # Declare an array to define the options of this helper. + local legacy_args=u + declare -Ar args_array=([u]=database=) + local database + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + + if [[ -n $(sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(sudo cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT datname FROM pg_database WHERE datname='$database';") ]]; then + return 1 + else + return 0 + fi +} + +# Drop a user +# +# [internal] +# +# usage: ynh_psql_drop_user user +# | arg: user - the user name to drop +ynh_psql_drop_user() { + ynh_psql_execute_as_root --sql="DROP USER '${1}';" } # Create a database, an user and its password. Then store the password in the app's config @@ -149,76 +184,54 @@ ynh_psql_user_exists() # After executing this helper, the password of the created database will be available in $db_pwd # It will also be stored as "psqlpwd" into the app settings. # -# usage: ynh_psql_setup_db user name [pwd] -# | arg: user - Owner of the database -# | arg: name - Name of the database -# | arg: pwd - Password of the database. If not given, a password will be generated -ynh_psql_setup_db () { - local db_user="$1" - local db_name="$2" - local new_db_pwd=$(ynh_string_random) # Generate a random password - # If $3 is not given, use new_db_pwd instead for db_pwd. - local db_pwd="${3:-$new_db_pwd}" - ynh_psql_create_db "$db_name" "$db_user" "$db_pwd" # Create the database - ynh_app_setting_set "$app" psqlpwd "$db_pwd" # Store the password in the app's config +# usage: ynh_psql_setup_db --db_user=user --db_name=name [--db_pwd=pwd] +# | arg: -u, --db_user - Owner of the database +# | arg: -n, --db_name - Name of the database +# | arg: -p, --db_pwd - Password of the database. If not given, a password will be generated +ynh_psql_setup_db() { + # Declare an array to define the options of this helper. + local legacy_args=unp + declare -Ar args_array=([u]=db_user= [n]=db_name= [p]=db_pwd=) + local db_user + local db_name + db_pwd="" + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + + local new_db_pwd=$(ynh_string_random) # Generate a random password + # If $db_pwd is not given, use new_db_pwd instead for db_pwd + db_pwd="${db_pwd:-$new_db_pwd}" + + ynh_psql_create_db "$db_name" "$db_user" "$db_pwd" # Create the database + ynh_app_setting_set --app=$app --key=psqlpwd --value=$db_pwd # Store the password in the app's config } -# Create a database and grant privilegies to a user +# Remove a database if it exists, and the associated user # -# usage: ynh_psql_create_db db [user [pwd]] -# | arg: db - the database name to create -# | arg: user - the user to grant privilegies -# | arg: pwd - the user password -ynh_psql_create_db() { - local db="$1" - local user="$2" - local pwd="$3" - ynh_psql_create_user "$user" "$pwd" - sudo --login --user=postgres createdb --owner="$user" "$db" -} - -# Drop a database -# -# usage: ynh_psql_drop_db db -# | arg: db - the database name to drop -# | arg: user - the user to drop +# usage: ynh_psql_remove_db --db_user=user --db_name=name +# | arg: -u, --db_user - Owner of the database +# | arg: -n, --db_name - Name of the database ynh_psql_remove_db() { - local db="$1" - local user="$2" - sudo --login --user=postgres dropdb "$db" - ynh_psql_drop_user "$user" -} + # Declare an array to define the options of this helper. + local legacy_args=un + declare -Ar args_array=([u]=db_user= [n]=db_name=) + local db_user + local db_name + # Manage arguments with getopts + ynh_handle_getopts_args "$@" -# Dump a database -# -# example: ynh_psql_dump_db 'roundcube' > ./dump.sql -# -# usage: ynh_psql_dump_db db -# | arg: db - the database name to dump -# | ret: the psqldump output -ynh_psql_dump_db() { - local db="$1" - sudo --login --user=postgres pg_dump "$db" -} + local psql_root_password=$(sudo cat $PSQL_ROOT_PWD_FILE) + if ynh_psql_database_exists "$db_name"; then # Check if the database exists + echo "Removing database $db_name" >&2 + ynh_psql_drop_db $db_name # Remove the database + else + echo "Database $db_name not found" >&2 + fi - -# Create a user -# -# usage: ynh_psql_create_user user pwd [host] -# | arg: user - the user name to create -ynh_psql_create_user() { - local user="$1" - local pwd="$2" - sudo --login --user=postgres psql -c"CREATE USER $user WITH PASSWORD '$pwd'" postgres -} - -# Drop a user -# -# usage: ynh_psql_drop_user user -# | arg: user - the user name to drop -ynh_psql_drop_user() { - local user="$1" - sudo --login --user=postgres dropuser "$user" + # Remove psql user if it exists + if $(ynh_psql_user_exists --user=$db_user); then + ynh_psql_drop_user $db_user + fi } # Create a master password and set up global settings @@ -226,18 +239,15 @@ ynh_psql_drop_user() { # # usage: ynh_psql_test_if_first_run ynh_psql_test_if_first_run() { - if [ -f /etc/yunohost/psql ]; - then + if [ -f /etc/yunohost/psql ]; then echo "PostgreSQL is already installed, no need to create master password" else local pgsql="$(ynh_string_random)" - echo "$pgsql" > /etc/yunohost/psql + echo "$pgsql" >/etc/yunohost/psql - if [ -e /etc/postgresql/9.4/ ] - then + if [ -e /etc/postgresql/9.4/ ]; then local pg_hba=/etc/postgresql/9.4/main/pg_hba.conf - elif [ -e /etc/postgresql/9.6/ ] - then + elif [ -e /etc/postgresql/9.6/ ]; then local pg_hba=/etc/postgresql/9.6/main/pg_hba.conf else ynh_die "postgresql shoud be 9.4 or 9.6" @@ -255,4 +265,4 @@ ynh_psql_test_if_first_run() { systemctl enable postgresql systemctl reload postgresql fi -} \ No newline at end of file +} From f2a4be29920261f0f95921be1cbf84ac2c516374 Mon Sep 17 00:00:00 2001 From: Kayou Date: Wed, 20 Feb 2019 01:39:22 +0100 Subject: [PATCH 05/20] fix ynh_psql_create_db --- data/helpers.d/psql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/helpers.d/psql b/data/helpers.d/psql index fb9ffe013..7843212eb 100644 --- a/data/helpers.d/psql +++ b/data/helpers.d/psql @@ -79,7 +79,7 @@ ynh_psql_create_db() { # grant all privilegies to user if [[ $# -gt 1 ]]; then #ynh_psql_create_user "$user" "$pwd" - sql+=" GRANT ALL PRIVILEGES ON ${db} TO ${2} WITH GRANT OPTION;" + sql+="GRANT ALL PRIVILEGES ON DATABASE ${db} TO ${2} WITH GRANT OPTION;" fi #sudo --login --user=postgres createdb --owner="$user" "$db" From a7af86832eaa134f6613ebff47244841dec8361a Mon Sep 17 00:00:00 2001 From: Kayou Date: Wed, 20 Feb 2019 01:56:14 +0100 Subject: [PATCH 06/20] Small fix --- data/helpers.d/psql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/helpers.d/psql b/data/helpers.d/psql index 7843212eb..d4888982c 100644 --- a/data/helpers.d/psql +++ b/data/helpers.d/psql @@ -221,7 +221,7 @@ ynh_psql_remove_db() { ynh_handle_getopts_args "$@" local psql_root_password=$(sudo cat $PSQL_ROOT_PWD_FILE) - if ynh_psql_database_exists "$db_name"; then # Check if the database exists + if $(ynh_psql_database_exists "$db_name"); then # Check if the database exists echo "Removing database $db_name" >&2 ynh_psql_drop_db $db_name # Remove the database else From 203b8c06a999766ecf2229588787c203ca37c582 Mon Sep 17 00:00:00 2001 From: Kayou Date: Wed, 20 Feb 2019 02:18:24 +0100 Subject: [PATCH 07/20] Fix ynh_psql_user_exists and ynh_psql_database_exists --- data/helpers.d/psql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/data/helpers.d/psql b/data/helpers.d/psql index d4888982c..a3069ce11 100644 --- a/data/helpers.d/psql +++ b/data/helpers.d/psql @@ -143,7 +143,7 @@ ynh_psql_user_exists() { # Manage arguments with getopts ynh_handle_getopts_args "$@" - if [[ -n $(sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(sudo cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT rolname FROM pg_roles WHERE rolname='$user';") ]]; then + if [[ -z $(sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(sudo cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT rolname FROM pg_roles WHERE rolname='$user';") ]]; then return 1 else return 0 @@ -162,7 +162,7 @@ ynh_psql_database_exists() { # Manage arguments with getopts ynh_handle_getopts_args "$@" - if [[ -n $(sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(sudo cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT datname FROM pg_database WHERE datname='$database';") ]]; then + if [[ -z $(sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(sudo cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT datname FROM pg_database WHERE datname='$database';") ]]; then return 1 else return 0 From a20b0e96c809a4b7d23597eea82bbc7f6ce0baa5 Mon Sep 17 00:00:00 2001 From: Kayou Date: Wed, 20 Feb 2019 02:18:38 +0100 Subject: [PATCH 08/20] Fix ynh_psql_setup_db --- data/helpers.d/psql | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/data/helpers.d/psql b/data/helpers.d/psql index a3069ce11..a48aef0fb 100644 --- a/data/helpers.d/psql +++ b/data/helpers.d/psql @@ -78,11 +78,9 @@ ynh_psql_create_db() { # grant all privilegies to user if [[ $# -gt 1 ]]; then - #ynh_psql_create_user "$user" "$pwd" sql+="GRANT ALL PRIVILEGES ON DATABASE ${db} TO ${2} WITH GRANT OPTION;" fi - #sudo --login --user=postgres createdb --owner="$user" "$db" ynh_psql_execute_as_root --sql="$sql" } @@ -128,7 +126,7 @@ ynh_psql_dump_db() { ynh_psql_create_user() { local user=$1 local psql=$2 - ynh_psql_execute_as_root --sql="CREATE USER $user WITH PASSWORD '$pwd'" + ynh_psql_execute_as_root --sql="CREATE USER $user WITH PASSWORD $pwd" } # Check if a psql user exists @@ -176,7 +174,7 @@ ynh_psql_database_exists() { # usage: ynh_psql_drop_user user # | arg: user - the user name to drop ynh_psql_drop_user() { - ynh_psql_execute_as_root --sql="DROP USER '${1}';" + ynh_psql_execute_as_root --sql="DROP USER ${1};" } # Create a database, an user and its password. Then store the password in the app's config @@ -202,6 +200,10 @@ ynh_psql_setup_db() { # If $db_pwd is not given, use new_db_pwd instead for db_pwd db_pwd="${db_pwd:-$new_db_pwd}" + if [ $(ynh_psql_user_exists --user=$db_user) ]; then + ynh_psql_create_user "$db_name" "$db_user" "$db_pwd" + fi + ynh_psql_create_db "$db_name" "$db_user" "$db_pwd" # Create the database ynh_app_setting_set --app=$app --key=psqlpwd --value=$db_pwd # Store the password in the app's config } @@ -230,7 +232,10 @@ ynh_psql_remove_db() { # Remove psql user if it exists if $(ynh_psql_user_exists --user=$db_user); then + echo "Removing user $db_user" >&2 ynh_psql_drop_user $db_user + else + echo "User $db_user not found" >&2 fi } From f0d8f88121361d2677bb5c2a403c8a2f094d0ed4 Mon Sep 17 00:00:00 2001 From: Kayou Date: Wed, 20 Feb 2019 23:57:12 +0100 Subject: [PATCH 09/20] Change $psql to $pwd --- data/helpers.d/psql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/data/helpers.d/psql b/data/helpers.d/psql index a48aef0fb..0c7d70caf 100644 --- a/data/helpers.d/psql +++ b/data/helpers.d/psql @@ -125,8 +125,8 @@ ynh_psql_dump_db() { # | arg: pwd - the password to identify user by ynh_psql_create_user() { local user=$1 - local psql=$2 - ynh_psql_execute_as_root --sql="CREATE USER $user WITH PASSWORD $pwd" + local pwd=$2 + ynh_psql_execute_as_root --sql="CREATE USER $user WITH ENCRYPTED PASSWORD '$pwd'" } # Check if a psql user exists From 3ae5955590e0e9ade4cf3c3625e1cb54e574b66c Mon Sep 17 00:00:00 2001 From: Kayou Date: Wed, 20 Feb 2019 23:58:26 +0100 Subject: [PATCH 10/20] Remove some $() and [] --- data/helpers.d/psql | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/data/helpers.d/psql b/data/helpers.d/psql index 0c7d70caf..f960e6297 100644 --- a/data/helpers.d/psql +++ b/data/helpers.d/psql @@ -200,8 +200,8 @@ ynh_psql_setup_db() { # If $db_pwd is not given, use new_db_pwd instead for db_pwd db_pwd="${db_pwd:-$new_db_pwd}" - if [ $(ynh_psql_user_exists --user=$db_user) ]; then - ynh_psql_create_user "$db_name" "$db_user" "$db_pwd" + if ! ynh_psql_user_exists --user=$db_user; then + ynh_psql_create_user "$db_user" "$db_pwd" fi ynh_psql_create_db "$db_name" "$db_user" "$db_pwd" # Create the database @@ -223,7 +223,7 @@ ynh_psql_remove_db() { ynh_handle_getopts_args "$@" local psql_root_password=$(sudo cat $PSQL_ROOT_PWD_FILE) - if $(ynh_psql_database_exists "$db_name"); then # Check if the database exists + if ynh_psql_database_exists --database=$db_name; then # Check if the database exists echo "Removing database $db_name" >&2 ynh_psql_drop_db $db_name # Remove the database else @@ -231,7 +231,7 @@ ynh_psql_remove_db() { fi # Remove psql user if it exists - if $(ynh_psql_user_exists --user=$db_user); then + if ynh_psql_user_exists --user=$db_user; then echo "Removing user $db_user" >&2 ynh_psql_drop_user $db_user else From 9b8bd79a37655585e806d04ef96534c96caaf19b Mon Sep 17 00:00:00 2001 From: Kayou Date: Thu, 21 Feb 2019 00:16:57 +0100 Subject: [PATCH 11/20] Don't use [[]] anymore --- data/helpers.d/psql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/data/helpers.d/psql b/data/helpers.d/psql index f960e6297..bdc9a07c2 100644 --- a/data/helpers.d/psql +++ b/data/helpers.d/psql @@ -141,7 +141,7 @@ ynh_psql_user_exists() { # Manage arguments with getopts ynh_handle_getopts_args "$@" - if [[ -z $(sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(sudo cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT rolname FROM pg_roles WHERE rolname='$user';") ]]; then + if ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(sudo cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT rolname FROM pg_roles WHERE rolname='$user';" | grep --quiet "$user" ; then return 1 else return 0 @@ -160,7 +160,7 @@ ynh_psql_database_exists() { # Manage arguments with getopts ynh_handle_getopts_args "$@" - if [[ -z $(sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(sudo cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT datname FROM pg_database WHERE datname='$database';") ]]; then + if ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(sudo cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT datname FROM pg_database WHERE datname='$database';" | grep --quiet "$user"; then return 1 else return 0 From 81bc9987bdb8b75414fabf8dfd54ce6f59e68ab1 Mon Sep 17 00:00:00 2001 From: Kayou Date: Thu, 21 Feb 2019 01:03:10 +0100 Subject: [PATCH 12/20] rework ynh_psql_create_db --- data/helpers.d/psql | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/data/helpers.d/psql b/data/helpers.d/psql index bdc9a07c2..e427582d6 100644 --- a/data/helpers.d/psql +++ b/data/helpers.d/psql @@ -67,18 +67,18 @@ ynh_psql_execute_file_as_root() { # # [internal] # -# usage: ynh_psql_create_db db [user [pwd]] +# usage: ynh_psql_create_db db [user] # | arg: db - the database name to create # | arg: user - the user to grant privilegies -# | arg: pwd - the password to identify user by ynh_psql_create_db() { local db=$1 + local user=$2 local sql="CREATE DATABASE ${db};" # grant all privilegies to user - if [[ $# -gt 1 ]]; then - sql+="GRANT ALL PRIVILEGES ON DATABASE ${db} TO ${2} WITH GRANT OPTION;" + if [ $# -gt 1 ]; then + sql+="GRANT ALL PRIVILEGES ON DATABASE ${db} TO ${user} WITH GRANT OPTION;" fi ynh_psql_execute_as_root --sql="$sql" From b1b14a399d0587258ecef91c8ac3dab2203cf6e8 Mon Sep 17 00:00:00 2001 From: Kayou Date: Thu, 21 Feb 2019 01:03:21 +0100 Subject: [PATCH 13/20] fix ynh_psql_database_exists --- data/helpers.d/psql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/data/helpers.d/psql b/data/helpers.d/psql index e427582d6..8051736c1 100644 --- a/data/helpers.d/psql +++ b/data/helpers.d/psql @@ -154,8 +154,8 @@ ynh_psql_user_exists() { # | arg: -d, --database - the database for which to check existence ynh_psql_database_exists() { # Declare an array to define the options of this helper. - local legacy_args=u - declare -Ar args_array=([u]=database=) + local legacy_args=d + declare -Ar args_array=([d]=database=) local database # Manage arguments with getopts ynh_handle_getopts_args "$@" From 95dd4303344aead0603dbfad765850820a37c4ce Mon Sep 17 00:00:00 2001 From: Kayou Date: Thu, 21 Feb 2019 01:06:38 +0100 Subject: [PATCH 14/20] ynh_psql_create_db take only 2 arguments --- data/helpers.d/psql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/helpers.d/psql b/data/helpers.d/psql index 8051736c1..f5e076d4f 100644 --- a/data/helpers.d/psql +++ b/data/helpers.d/psql @@ -204,7 +204,7 @@ ynh_psql_setup_db() { ynh_psql_create_user "$db_user" "$db_pwd" fi - ynh_psql_create_db "$db_name" "$db_user" "$db_pwd" # Create the database + ynh_psql_create_db "$db_name" "$db_user" # Create the database ynh_app_setting_set --app=$app --key=psqlpwd --value=$db_pwd # Store the password in the app's config } From 49ec93a9c57f5a3fd1c734c8da09967e2d1809ab Mon Sep 17 00:00:00 2001 From: Kayou Date: Thu, 21 Feb 2019 01:31:31 +0100 Subject: [PATCH 15/20] default argument for a optional argument --- data/helpers.d/psql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/helpers.d/psql b/data/helpers.d/psql index f5e076d4f..47804f585 100644 --- a/data/helpers.d/psql +++ b/data/helpers.d/psql @@ -72,7 +72,7 @@ ynh_psql_execute_file_as_root() { # | arg: user - the user to grant privilegies ynh_psql_create_db() { local db=$1 - local user=$2 + local user=${2:-} local sql="CREATE DATABASE ${db};" From c24d45beff554a7de94b0e9dcc560d0c66896a4d Mon Sep 17 00:00:00 2001 From: Kayou Date: Thu, 21 Feb 2019 01:39:15 +0100 Subject: [PATCH 16/20] remove false promises --- data/helpers.d/psql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/helpers.d/psql b/data/helpers.d/psql index 47804f585..e3c3bb96e 100644 --- a/data/helpers.d/psql +++ b/data/helpers.d/psql @@ -120,7 +120,7 @@ ynh_psql_dump_db() { # # [internal] # -# usage: ynh_psql_create_user user pwd [host] +# usage: ynh_psql_create_user user pwd # | arg: user - the user name to create # | arg: pwd - the password to identify user by ynh_psql_create_user() { From d7f381518348cde6feb6be8a64c510745d35180f Mon Sep 17 00:00:00 2001 From: Kayou Date: Fri, 22 Feb 2019 00:58:12 +0100 Subject: [PATCH 17/20] For your eyes --- data/helpers.d/psql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/helpers.d/psql b/data/helpers.d/psql index e3c3bb96e..1d992d268 100644 --- a/data/helpers.d/psql +++ b/data/helpers.d/psql @@ -77,7 +77,7 @@ ynh_psql_create_db() { local sql="CREATE DATABASE ${db};" # grant all privilegies to user - if [ $# -gt 1 ]; then + if [ -n "$user" ]; then sql+="GRANT ALL PRIVILEGES ON DATABASE ${db} TO ${user} WITH GRANT OPTION;" fi From abc091911c717539cb259a9a353159ba590cb017 Mon Sep 17 00:00:00 2001 From: Kayou Date: Fri, 22 Feb 2019 01:13:23 +0100 Subject: [PATCH 18/20] User ynh_replace_string, add postgresql in the admin panel --- data/helpers.d/psql | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/data/helpers.d/psql b/data/helpers.d/psql index 1d992d268..324cfee83 100644 --- a/data/helpers.d/psql +++ b/data/helpers.d/psql @@ -252,8 +252,10 @@ ynh_psql_test_if_first_run() { if [ -e /etc/postgresql/9.4/ ]; then local pg_hba=/etc/postgresql/9.4/main/pg_hba.conf + local logfile=/var/log/postgresql/postgresql-9.4-main.log elif [ -e /etc/postgresql/9.6/ ]; then local pg_hba=/etc/postgresql/9.6/main/pg_hba.conf + local logfile=/var/log/postgresql/postgresql-9.6-main.log else ynh_die "postgresql shoud be 9.4 or 9.6" fi @@ -265,8 +267,11 @@ ynh_psql_test_if_first_run() { # https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html#EXAMPLE-PG-HBA.CONF # Note: we can't use peer since YunoHost create users with nologin # See: https://github.com/YunoHost/yunohost/blob/unstable/data/helpers.d/user - sed -i '/local\s*all\s*all\s*peer/i \ - local all all password' "$pg_hba" + ynh_replace_string --match_string="local\(\s*\)all\(\s*\)all\(\s*\)peer" --replace_string="local\1all\2all\3password" --target_file="$pg_hba" + + # Advertise service in admin panel + yunohost service add postgresql --log "$logfile" + systemctl enable postgresql systemctl reload postgresql fi From e3dfd63481fd72109ff2bf8bac562b123b95ad90 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 4 Mar 2019 22:54:02 +0100 Subject: [PATCH 19/20] Replace hard-corded value with constant defined above --- data/helpers.d/psql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/helpers.d/psql b/data/helpers.d/psql index 324cfee83..705aeeb9a 100644 --- a/data/helpers.d/psql +++ b/data/helpers.d/psql @@ -244,7 +244,7 @@ ynh_psql_remove_db() { # # usage: ynh_psql_test_if_first_run ynh_psql_test_if_first_run() { - if [ -f /etc/yunohost/psql ]; then + if [ -f "$PSQL_ROOT_PWD_FILE" ]; then echo "PostgreSQL is already installed, no need to create master password" else local pgsql="$(ynh_string_random)" From f1e097a5bdb4bbc462fa823a42cb21e5e9fd7d1a Mon Sep 17 00:00:00 2001 From: Kayou Date: Thu, 7 Mar 2019 11:25:32 +0100 Subject: [PATCH 20/20] Fix tab --- data/helpers.d/psql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/data/helpers.d/psql b/data/helpers.d/psql index 705aeeb9a..f0be628ea 100644 --- a/data/helpers.d/psql +++ b/data/helpers.d/psql @@ -74,9 +74,9 @@ ynh_psql_create_db() { local db=$1 local user=${2:-} - local sql="CREATE DATABASE ${db};" + local sql="CREATE DATABASE ${db};" - # grant all privilegies to user + # grant all privilegies to user if [ -n "$user" ]; then sql+="GRANT ALL PRIVILEGES ON DATABASE ${db} TO ${user} WITH GRANT OPTION;" fi