mirror of
https://github.com/YunoHost/yunohost.git
synced 2024-09-03 20:06:10 +02:00
268 lines
8.1 KiB
Bash
268 lines
8.1 KiB
Bash
#!/bin/bash
|
|
|
|
PSQL_ROOT_PWD_FILE=/etc/yunohost/psql
|
|
|
|
# Open a connection as a user
|
|
#
|
|
# example: ynh_psql_connect_as 'user' 'pass' <<< "UPDATE ...;"
|
|
# example: ynh_psql_connect_as 'user' 'pass' < /path/to/file.sql
|
|
#
|
|
# usage: ynh_psql_connect_as --user=user --password=password [--database=database]
|
|
# | arg: -u, --user - the user name to connect as
|
|
# | arg: -p, --password - the user password
|
|
# | arg: -d, --database - the database to connect to
|
|
ynh_psql_connect_as() {
|
|
# Declare an array to define the options of this helper.
|
|
local legacy_args=upd
|
|
declare -Ar args_array=([u]=user= [p]=password= [d]=database=)
|
|
local user
|
|
local password
|
|
local database
|
|
# Manage arguments with getopts
|
|
ynh_handle_getopts_args "$@"
|
|
database="${database:-}"
|
|
|
|
sudo --login --user=postgres PGUSER="$user" PGPASSWORD="$password" psql "$database"
|
|
}
|
|
|
|
# Execute a command as root user
|
|
#
|
|
# usage: ynh_psql_execute_as_root --sql=sql [--database=database]
|
|
# | arg: -s, --sql - the SQL command to execute
|
|
# | arg: -d, --database - the database to connect to
|
|
ynh_psql_execute_as_root() {
|
|
# Declare an array to define the options of this helper.
|
|
local legacy_args=sd
|
|
declare -Ar args_array=([s]=sql= [d]=database=)
|
|
local sql
|
|
local database
|
|
# Manage arguments with getopts
|
|
ynh_handle_getopts_args "$@"
|
|
database="${database:-}"
|
|
|
|
ynh_psql_connect_as --user="postgres" --password="$(sudo cat $PSQL_ROOT_PWD_FILE)" \
|
|
--database="$database" <<<"$sql"
|
|
}
|
|
|
|
# Execute a command from a file as root user
|
|
#
|
|
# usage: ynh_psql_execute_file_as_root --file=file [--database=database]
|
|
# | arg: -f, --file - the file containing SQL commands
|
|
# | arg: -d, --database - the database to connect to
|
|
ynh_psql_execute_file_as_root() {
|
|
# Declare an array to define the options of this helper.
|
|
local legacy_args=fd
|
|
declare -Ar args_array=([f]=file= [d]=database=)
|
|
local file
|
|
local database
|
|
# Manage arguments with getopts
|
|
ynh_handle_getopts_args "$@"
|
|
database="${database:-}"
|
|
|
|
ynh_psql_connect_as --user="postgres" --password="$(sudo cat $PSQL_ROOT_PWD_FILE)" \
|
|
--database="$database" <"$file"
|
|
}
|
|
|
|
# Create a database and grant optionnaly privilegies to a user
|
|
#
|
|
# [internal]
|
|
#
|
|
# usage: ynh_psql_create_db db [user [pwd]]
|
|
# | arg: db - the database name to create
|
|
# | arg: user - the user to grant privilegies
|
|
# | arg: pwd - the password to identify user by
|
|
ynh_psql_create_db() {
|
|
local db=$1
|
|
|
|
local sql="CREATE DATABASE ${db};"
|
|
|
|
# grant all privilegies to user
|
|
if [[ $# -gt 1 ]]; then
|
|
#ynh_psql_create_user "$user" "$pwd"
|
|
sql+=" GRANT ALL PRIVILEGES ON ${db} TO ${2} WITH GRANT OPTION;"
|
|
fi
|
|
|
|
#sudo --login --user=postgres createdb --owner="$user" "$db"
|
|
ynh_psql_execute_as_root --sql="$sql"
|
|
}
|
|
|
|
# Drop a database
|
|
#
|
|
# [internal]
|
|
#
|
|
# If you intend to drop the database *and* the associated user,
|
|
# consider using ynh_psql_remove_db instead.
|
|
#
|
|
# usage: ynh_psql_drop_db db
|
|
# | arg: db - the database name to drop
|
|
ynh_psql_drop_db() {
|
|
local db=$1
|
|
sudo --login --user=postgres dropdb $db
|
|
}
|
|
|
|
# Dump a database
|
|
#
|
|
# example: ynh_psql_dump_db 'roundcube' > ./dump.sql
|
|
#
|
|
# usage: ynh_psql_dump_db --database=database
|
|
# | arg: -d, --database - the database name to dump
|
|
# | ret: the psqldump output
|
|
ynh_psql_dump_db() {
|
|
# Declare an array to define the options of this helper.
|
|
local legacy_args=d
|
|
declare -Ar args_array=([d]=database=)
|
|
local database
|
|
# Manage arguments with getopts
|
|
ynh_handle_getopts_args "$@"
|
|
|
|
sudo --login --user=postgres pg_dump "$database"
|
|
}
|
|
|
|
# Create a user
|
|
#
|
|
# [internal]
|
|
#
|
|
# usage: ynh_psql_create_user user pwd [host]
|
|
# | arg: user - the user name to create
|
|
# | arg: pwd - the password to identify user by
|
|
ynh_psql_create_user() {
|
|
local user=$1
|
|
local psql=$2
|
|
ynh_psql_execute_as_root --sql="CREATE USER $user WITH PASSWORD '$pwd'"
|
|
}
|
|
|
|
# Check if a psql user exists
|
|
#
|
|
# usage: ynh_psql_user_exists --user=user
|
|
# | arg: -u, --user - the user for which to check existence
|
|
ynh_psql_user_exists() {
|
|
# Declare an array to define the options of this helper.
|
|
local legacy_args=u
|
|
declare -Ar args_array=([u]=user=)
|
|
local user
|
|
# Manage arguments with getopts
|
|
ynh_handle_getopts_args "$@"
|
|
|
|
if [[ -n $(sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(sudo cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT rolname FROM pg_roles WHERE rolname='$user';") ]]; then
|
|
return 1
|
|
else
|
|
return 0
|
|
fi
|
|
}
|
|
|
|
# Check if a psql database exists
|
|
#
|
|
# usage: ynh_psql_database_exists --database=database
|
|
# | arg: -d, --database - the database for which to check existence
|
|
ynh_psql_database_exists() {
|
|
# Declare an array to define the options of this helper.
|
|
local legacy_args=u
|
|
declare -Ar args_array=([u]=database=)
|
|
local database
|
|
# Manage arguments with getopts
|
|
ynh_handle_getopts_args "$@"
|
|
|
|
if [[ -n $(sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(sudo cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT datname FROM pg_database WHERE datname='$database';") ]]; then
|
|
return 1
|
|
else
|
|
return 0
|
|
fi
|
|
}
|
|
|
|
# Drop a user
|
|
#
|
|
# [internal]
|
|
#
|
|
# usage: ynh_psql_drop_user user
|
|
# | arg: user - the user name to drop
|
|
ynh_psql_drop_user() {
|
|
ynh_psql_execute_as_root --sql="DROP USER '${1}';"
|
|
}
|
|
|
|
# Create a database, an user and its password. Then store the password in the app's config
|
|
#
|
|
# After executing this helper, the password of the created database will be available in $db_pwd
|
|
# It will also be stored as "psqlpwd" into the app settings.
|
|
#
|
|
# usage: ynh_psql_setup_db --db_user=user --db_name=name [--db_pwd=pwd]
|
|
# | arg: -u, --db_user - Owner of the database
|
|
# | arg: -n, --db_name - Name of the database
|
|
# | arg: -p, --db_pwd - Password of the database. If not given, a password will be generated
|
|
ynh_psql_setup_db() {
|
|
# Declare an array to define the options of this helper.
|
|
local legacy_args=unp
|
|
declare -Ar args_array=([u]=db_user= [n]=db_name= [p]=db_pwd=)
|
|
local db_user
|
|
local db_name
|
|
db_pwd=""
|
|
# Manage arguments with getopts
|
|
ynh_handle_getopts_args "$@"
|
|
|
|
local new_db_pwd=$(ynh_string_random) # Generate a random password
|
|
# If $db_pwd is not given, use new_db_pwd instead for db_pwd
|
|
db_pwd="${db_pwd:-$new_db_pwd}"
|
|
|
|
ynh_psql_create_db "$db_name" "$db_user" "$db_pwd" # Create the database
|
|
ynh_app_setting_set --app=$app --key=psqlpwd --value=$db_pwd # Store the password in the app's config
|
|
}
|
|
|
|
# Remove a database if it exists, and the associated user
|
|
#
|
|
# usage: ynh_psql_remove_db --db_user=user --db_name=name
|
|
# | arg: -u, --db_user - Owner of the database
|
|
# | arg: -n, --db_name - Name of the database
|
|
ynh_psql_remove_db() {
|
|
# Declare an array to define the options of this helper.
|
|
local legacy_args=un
|
|
declare -Ar args_array=([u]=db_user= [n]=db_name=)
|
|
local db_user
|
|
local db_name
|
|
# Manage arguments with getopts
|
|
ynh_handle_getopts_args "$@"
|
|
|
|
local psql_root_password=$(sudo cat $PSQL_ROOT_PWD_FILE)
|
|
if ynh_psql_database_exists "$db_name"; then # Check if the database exists
|
|
echo "Removing database $db_name" >&2
|
|
ynh_psql_drop_db $db_name # Remove the database
|
|
else
|
|
echo "Database $db_name not found" >&2
|
|
fi
|
|
|
|
# Remove psql user if it exists
|
|
if $(ynh_psql_user_exists --user=$db_user); then
|
|
ynh_psql_drop_user $db_user
|
|
fi
|
|
}
|
|
|
|
# Create a master password and set up global settings
|
|
# Please always call this script in install and restore scripts
|
|
#
|
|
# usage: ynh_psql_test_if_first_run
|
|
ynh_psql_test_if_first_run() {
|
|
if [ -f /etc/yunohost/psql ]; then
|
|
echo "PostgreSQL is already installed, no need to create master password"
|
|
else
|
|
local pgsql="$(ynh_string_random)"
|
|
echo "$pgsql" >/etc/yunohost/psql
|
|
|
|
if [ -e /etc/postgresql/9.4/ ]; then
|
|
local pg_hba=/etc/postgresql/9.4/main/pg_hba.conf
|
|
elif [ -e /etc/postgresql/9.6/ ]; then
|
|
local pg_hba=/etc/postgresql/9.6/main/pg_hba.conf
|
|
else
|
|
ynh_die "postgresql shoud be 9.4 or 9.6"
|
|
fi
|
|
|
|
systemctl start postgresql
|
|
sudo --login --user=postgres psql -c"ALTER user postgres WITH PASSWORD '$pgsql'" postgres
|
|
|
|
# force all user to connect to local database using passwords
|
|
# https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html#EXAMPLE-PG-HBA.CONF
|
|
# Note: we can't use peer since YunoHost create users with nologin
|
|
# See: https://github.com/YunoHost/yunohost/blob/unstable/data/helpers.d/user
|
|
sed -i '/local\s*all\s*all\s*peer/i \
|
|
local all all password' "$pg_hba"
|
|
systemctl enable postgresql
|
|
systemctl reload postgresql
|
|
fi
|
|
}
|