mirror of
https://github.com/YunoHost/yunohost.git
synced 2024-09-03 20:06:10 +02:00
321 lines
11 KiB
Bash
321 lines
11 KiB
Bash
#!/bin/bash
|
|
|
|
PSQL_ROOT_PWD_FILE=/etc/yunohost/psql
|
|
PSQL_VERSION=9.6
|
|
|
|
# Open a connection as a user
|
|
#
|
|
# examples:
|
|
# ynh_psql_connect_as 'user' 'pass' <<< "UPDATE ...;"
|
|
# ynh_psql_connect_as 'user' 'pass' < /path/to/file.sql
|
|
#
|
|
# usage: ynh_psql_connect_as --user=user --password=password [--database=database]
|
|
# | arg: -u, --user= - the user name to connect as
|
|
# | arg: -p, --password= - the user password
|
|
# | arg: -d, --database= - the database to connect to
|
|
#
|
|
# Requires YunoHost version 3.5.0 or higher.
|
|
ynh_psql_connect_as() {
|
|
# Declare an array to define the options of this helper.
|
|
local legacy_args=upd
|
|
local -A args_array=([u]=user= [p]=password= [d]=database=)
|
|
local user
|
|
local password
|
|
local database
|
|
# Manage arguments with getopts
|
|
ynh_handle_getopts_args "$@"
|
|
database="${database:-}"
|
|
|
|
sudo --login --user=postgres PGUSER="$user" PGPASSWORD="$password" psql "$database"
|
|
}
|
|
|
|
# Execute a command as root user
|
|
#
|
|
# usage: ynh_psql_execute_as_root --sql=sql [--database=database]
|
|
# | arg: -s, --sql= - the SQL command to execute
|
|
# | arg: -d, --database= - the database to connect to
|
|
#
|
|
# Requires YunoHost version 3.5.0 or higher.
|
|
ynh_psql_execute_as_root() {
|
|
# Declare an array to define the options of this helper.
|
|
local legacy_args=sd
|
|
local -A args_array=([s]=sql= [d]=database=)
|
|
local sql
|
|
local database
|
|
# Manage arguments with getopts
|
|
ynh_handle_getopts_args "$@"
|
|
database="${database:-}"
|
|
|
|
ynh_psql_connect_as --user="postgres" --password="$(cat $PSQL_ROOT_PWD_FILE)" \
|
|
--database="$database" <<<"$sql"
|
|
}
|
|
|
|
# Execute a command from a file as root user
|
|
#
|
|
# usage: ynh_psql_execute_file_as_root --file=file [--database=database]
|
|
# | arg: -f, --file= - the file containing SQL commands
|
|
# | arg: -d, --database= - the database to connect to
|
|
#
|
|
# Requires YunoHost version 3.5.0 or higher.
|
|
ynh_psql_execute_file_as_root() {
|
|
# Declare an array to define the options of this helper.
|
|
local legacy_args=fd
|
|
local -A args_array=([f]=file= [d]=database=)
|
|
local file
|
|
local database
|
|
# Manage arguments with getopts
|
|
ynh_handle_getopts_args "$@"
|
|
database="${database:-}"
|
|
|
|
ynh_psql_connect_as --user="postgres" --password="$(cat $PSQL_ROOT_PWD_FILE)" \
|
|
--database="$database" <"$file"
|
|
}
|
|
|
|
# Create a database and grant optionnaly privilegies to a user
|
|
#
|
|
# [internal]
|
|
#
|
|
# usage: ynh_psql_create_db db [user]
|
|
# | arg: db - the database name to create
|
|
# | arg: user - the user to grant privilegies
|
|
#
|
|
# Requires YunoHost version 3.5.0 or higher.
|
|
ynh_psql_create_db() {
|
|
local db=$1
|
|
local user=${2:-}
|
|
|
|
local sql="CREATE DATABASE ${db};"
|
|
|
|
# grant all privilegies to user
|
|
if [ -n "$user" ]; then
|
|
sql+="ALTER DATABASE ${db} OWNER TO ${user};"
|
|
sql+="GRANT ALL PRIVILEGES ON DATABASE ${db} TO ${user} WITH GRANT OPTION;"
|
|
fi
|
|
|
|
ynh_psql_execute_as_root --sql="$sql"
|
|
}
|
|
|
|
# Drop a database
|
|
#
|
|
# [internal]
|
|
#
|
|
# If you intend to drop the database *and* the associated user,
|
|
# consider using ynh_psql_remove_db instead.
|
|
#
|
|
# usage: ynh_psql_drop_db db
|
|
# | arg: db - the database name to drop
|
|
#
|
|
# Requires YunoHost version 3.5.0 or higher.
|
|
ynh_psql_drop_db() {
|
|
local db=$1
|
|
# First, force disconnection of all clients connected to the database
|
|
# https://stackoverflow.com/questions/17449420/postgresql-unable-to-drop-database-because-of-some-auto-connections-to-db
|
|
ynh_psql_execute_as_root --sql="REVOKE CONNECT ON DATABASE $db FROM public;" --database="$db"
|
|
ynh_psql_execute_as_root --sql="SELECT pg_terminate_backend (pg_stat_activity.pid) FROM pg_stat_activity WHERE pg_stat_activity.datname = '$db' AND pid <> pg_backend_pid();" --database="$db"
|
|
sudo --login --user=postgres dropdb $db
|
|
}
|
|
|
|
# Dump a database
|
|
#
|
|
# example: ynh_psql_dump_db 'roundcube' > ./dump.sql
|
|
#
|
|
# usage: ynh_psql_dump_db --database=database
|
|
# | arg: -d, --database= - the database name to dump
|
|
# | ret: the psqldump output
|
|
#
|
|
# Requires YunoHost version 3.5.0 or higher.
|
|
ynh_psql_dump_db() {
|
|
# Declare an array to define the options of this helper.
|
|
local legacy_args=d
|
|
local -A args_array=([d]=database=)
|
|
local database
|
|
# Manage arguments with getopts
|
|
ynh_handle_getopts_args "$@"
|
|
|
|
sudo --login --user=postgres pg_dump "$database"
|
|
}
|
|
|
|
# Create a user
|
|
#
|
|
# [internal]
|
|
#
|
|
# usage: ynh_psql_create_user user pwd
|
|
# | arg: user - the user name to create
|
|
# | arg: pwd - the password to identify user by
|
|
#
|
|
# Requires YunoHost version 3.5.0 or higher.
|
|
ynh_psql_create_user() {
|
|
local user=$1
|
|
local pwd=$2
|
|
ynh_psql_execute_as_root --sql="CREATE USER $user WITH ENCRYPTED PASSWORD '$pwd'"
|
|
}
|
|
|
|
# Check if a psql user exists
|
|
#
|
|
# usage: ynh_psql_user_exists --user=user
|
|
# | arg: -u, --user= - the user for which to check existence
|
|
# | exit: Return 1 if the user doesn't exist, 0 otherwise
|
|
#
|
|
# Requires YunoHost version 3.5.0 or higher.
|
|
ynh_psql_user_exists() {
|
|
# Declare an array to define the options of this helper.
|
|
local legacy_args=u
|
|
local -A args_array=([u]=user=)
|
|
local user
|
|
# Manage arguments with getopts
|
|
ynh_handle_getopts_args "$@"
|
|
|
|
if ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT rolname FROM pg_roles WHERE rolname='$user';" | grep --quiet "$user"
|
|
then
|
|
return 1
|
|
else
|
|
return 0
|
|
fi
|
|
}
|
|
|
|
# Check if a psql database exists
|
|
#
|
|
# usage: ynh_psql_database_exists --database=database
|
|
# | arg: -d, --database= - the database for which to check existence
|
|
# | exit: Return 1 if the database doesn't exist, 0 otherwise
|
|
#
|
|
# Requires YunoHost version 3.5.0 or higher.
|
|
ynh_psql_database_exists() {
|
|
# Declare an array to define the options of this helper.
|
|
local legacy_args=d
|
|
local -A args_array=([d]=database=)
|
|
local database
|
|
# Manage arguments with getopts
|
|
ynh_handle_getopts_args "$@"
|
|
|
|
if ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT datname FROM pg_database WHERE datname='$database';" | grep --quiet "$database"
|
|
then
|
|
return 1
|
|
else
|
|
return 0
|
|
fi
|
|
}
|
|
|
|
# Drop a user
|
|
#
|
|
# [internal]
|
|
#
|
|
# usage: ynh_psql_drop_user user
|
|
# | arg: user - the user name to drop
|
|
#
|
|
# Requires YunoHost version 3.5.0 or higher.
|
|
ynh_psql_drop_user() {
|
|
ynh_psql_execute_as_root --sql="DROP USER ${1};"
|
|
}
|
|
|
|
# Create a database, an user and its password. Then store the password in the app's config
|
|
#
|
|
# usage: ynh_psql_setup_db --db_user=user --db_name=name [--db_pwd=pwd]
|
|
# | arg: -u, --db_user= - Owner of the database
|
|
# | arg: -n, --db_name= - Name of the database
|
|
# | arg: -p, --db_pwd= - Password of the database. If not given, a password will be generated
|
|
#
|
|
# After executing this helper, the password of the created database will be available in $db_pwd
|
|
# It will also be stored as "psqlpwd" into the app settings.
|
|
#
|
|
# Requires YunoHost version 2.7.13 or higher.
|
|
ynh_psql_setup_db() {
|
|
# Declare an array to define the options of this helper.
|
|
local legacy_args=unp
|
|
local -A args_array=([u]=db_user= [n]=db_name= [p]=db_pwd=)
|
|
local db_user
|
|
local db_name
|
|
db_pwd=""
|
|
# Manage arguments with getopts
|
|
ynh_handle_getopts_args "$@"
|
|
|
|
if ! ynh_psql_user_exists --user=$db_user; then
|
|
local new_db_pwd=$(ynh_string_random) # Generate a random password
|
|
# If $db_pwd is not given, use new_db_pwd instead for db_pwd
|
|
db_pwd="${db_pwd:-$new_db_pwd}"
|
|
|
|
ynh_psql_create_user "$db_user" "$db_pwd"
|
|
elif [ -z $db_pwd ]; then
|
|
ynh_die --message="The user $db_user exists, please provide his password"
|
|
fi
|
|
|
|
ynh_psql_create_db "$db_name" "$db_user" # Create the database
|
|
ynh_app_setting_set --app=$app --key=psqlpwd --value=$db_pwd # Store the password in the app's config
|
|
}
|
|
|
|
# Remove a database if it exists, and the associated user
|
|
#
|
|
# usage: ynh_psql_remove_db --db_user=user --db_name=name
|
|
# | arg: -u, --db_user= - Owner of the database
|
|
# | arg: -n, --db_name= - Name of the database
|
|
#
|
|
# Requires YunoHost version 2.7.13 or higher.
|
|
ynh_psql_remove_db() {
|
|
# Declare an array to define the options of this helper.
|
|
local legacy_args=un
|
|
local -A args_array=([u]=db_user= [n]=db_name=)
|
|
local db_user
|
|
local db_name
|
|
# Manage arguments with getopts
|
|
ynh_handle_getopts_args "$@"
|
|
|
|
if ynh_psql_database_exists --database=$db_name
|
|
then # Check if the database exists
|
|
ynh_psql_drop_db $db_name # Remove the database
|
|
else
|
|
ynh_print_warn --message="Database $db_name not found"
|
|
fi
|
|
|
|
# Remove psql user if it exists
|
|
if ynh_psql_user_exists --user=$db_user
|
|
then
|
|
ynh_psql_drop_user $db_user
|
|
else
|
|
ynh_print_warn --message="User $db_user not found"
|
|
fi
|
|
}
|
|
|
|
# Create a master password and set up global settings
|
|
# It also make sure that postgresql is installed and running
|
|
# Please always call this script in install and restore scripts
|
|
#
|
|
# usage: ynh_psql_test_if_first_run
|
|
#
|
|
# Requires YunoHost version 2.7.13 or higher.
|
|
ynh_psql_test_if_first_run() {
|
|
|
|
# Make sure postgresql is indeed installed
|
|
dpkg --list | grep -q "ii postgresql-$PSQL_VERSION" || ynh_die "postgresql-$PSQL_VERSION is not installed !?"
|
|
|
|
# Check for some weird issue where postgresql could be installed but etc folder would not exist ...
|
|
[ -e "/etc/postgresql/$PSQL_VERSION" ] || ynh_die "It looks like postgresql was not properly configured ? /etc/postgresql/$PSQL_VERSION is missing ... Could be due to a locale issue, c.f.https://serverfault.com/questions/426989/postgresql-etc-postgresql-doesnt-exist"
|
|
|
|
# Make sure postgresql is started and enabled
|
|
# (N.B. : to check the active state, we check the cluster state because
|
|
# postgresql could be flagged as active even though the cluster is in
|
|
# failed state because of how the service is configured..)
|
|
systemctl is-active postgresql@$PSQL_VERSION-main -q || ynh_systemd_action --service_name=postgresql --action=restart
|
|
systemctl is-enabled postgresql -q || systemctl enable postgresql
|
|
|
|
# If this is the very first time, we define the root password
|
|
# and configure a few things
|
|
if [ ! -f "$PSQL_ROOT_PWD_FILE" ]
|
|
then
|
|
local pg_hba=/etc/postgresql/$PSQL_VERSION/main/pg_hba.conf
|
|
|
|
local psql_root_password="$(ynh_string_random)"
|
|
echo "$psql_root_password" >$PSQL_ROOT_PWD_FILE
|
|
sudo --login --user=postgres psql -c"ALTER user postgres WITH PASSWORD '$psql_root_password'" postgres
|
|
|
|
# force all user to connect to local databases using hashed passwords
|
|
# https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html#EXAMPLE-PG-HBA.CONF
|
|
# Note: we can't use peer since YunoHost create users with nologin
|
|
# See: https://github.com/YunoHost/yunohost/blob/unstable/data/helpers.d/user
|
|
ynh_replace_string --match_string="local\(\s*\)all\(\s*\)all\(\s*\)peer" --replace_string="local\1all\2all\3md5" --target_file="$pg_hba"
|
|
|
|
# Integrate postgresql service in yunohost
|
|
yunohost service add postgresql --log "/var/log/postgresql/"
|
|
|
|
ynh_systemd_action --service_name=postgresql --action=reload
|
|
fi
|
|
}
|