initial commit
This commit is contained in:
33
scripts/postgres/init-db/10-create-roles.sh
Executable file
33
scripts/postgres/init-db/10-create-roles.sh
Executable file
@@ -0,0 +1,33 @@
|
||||
#!/bin/sh
|
||||
set -eu
|
||||
set -o pipefail 2>/dev/null || true
|
||||
|
||||
# Create application roles/users (idempotent).
|
||||
# Runs early to ensure roles exist before databases are created.
|
||||
|
||||
: "${GITEA_DB_USER:=gitea}"
|
||||
: "${GITEA_DB_PASSWORD:=giteapass}"
|
||||
: "${ODOO_DB_USER:=odoo}"
|
||||
: "${ODOO_DB_PASSWORD:=odoopass}"
|
||||
|
||||
echo "[init] create-roles: gitea_user=${GITEA_DB_USER}, odoo_user=${ODOO_DB_USER}"
|
||||
|
||||
role_exists() {
|
||||
psql -tAc "SELECT 1 FROM pg_roles WHERE rolname='$1'" | grep -q 1 || return 1
|
||||
}
|
||||
|
||||
create_role() {
|
||||
local role="$1"; shift
|
||||
local pass="$1"; shift
|
||||
if role_exists "$role"; then
|
||||
echo "[init] role '$role' already exists, skipping"
|
||||
else
|
||||
echo "[init] creating role '$role'"
|
||||
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" -c "CREATE USER \"${role}\" WITH ENCRYPTED PASSWORD '${pass}';"
|
||||
fi
|
||||
}
|
||||
|
||||
create_role "${GITEA_DB_USER}" "${GITEA_DB_PASSWORD}"
|
||||
create_role "${ODOO_DB_USER}" "${ODOO_DB_PASSWORD}"
|
||||
|
||||
echo "[init] create-roles finished"
|
||||
45
scripts/postgres/init-db/20-create-databases.sh
Executable file
45
scripts/postgres/init-db/20-create-databases.sh
Executable file
@@ -0,0 +1,45 @@
|
||||
#!/bin/sh
|
||||
set -eu
|
||||
set -o pipefail 2>/dev/null || true
|
||||
|
||||
# Create application databases and ensure ownership and grants (idempotent).
|
||||
|
||||
: "${GITEA_DB:=giteadb}"
|
||||
: "${GITEA_DB_USER:=gitea}"
|
||||
: "${ODOO_DB:=odoodb}"
|
||||
: "${ODOO_DB_USER:=odoo}"
|
||||
|
||||
echo "[init] create-databases: gitea_db=${GITEA_DB}, odoo_db=${ODOO_DB}"
|
||||
|
||||
db_exists() {
|
||||
psql -tAc "SELECT 1 FROM pg_database WHERE datname='$1'" | grep -q 1 || return 1
|
||||
}
|
||||
|
||||
db_owner() {
|
||||
psql -tAc "SELECT pg_catalog.pg_get_userbyid(datdba) FROM pg_database WHERE datname='$1'" | tr -d '[:space:]'
|
||||
}
|
||||
|
||||
create_or_alter_db() {
|
||||
local db="$1"; shift
|
||||
local owner="$1"; shift
|
||||
|
||||
if db_exists "$db"; then
|
||||
echo "[init] database '$db' already exists"
|
||||
current_owner=$(db_owner "$db") || current_owner=""
|
||||
if [ "$current_owner" != "$owner" ]; then
|
||||
echo "[init] changing owner of '$db' from '$current_owner' to '$owner'"
|
||||
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" -c "ALTER DATABASE \"${db}\" OWNER TO \"${owner}\";"
|
||||
fi
|
||||
else
|
||||
echo "[init] creating database '$db' with owner '$owner'"
|
||||
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" -c "CREATE DATABASE \"${db}\" OWNER \"${owner}\";"
|
||||
fi
|
||||
|
||||
echo "[init] granting privileges on ${db} to ${owner}"
|
||||
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" -c "GRANT ALL PRIVILEGES ON DATABASE \"${db}\" TO \"${owner}\";"
|
||||
}
|
||||
|
||||
create_or_alter_db "${GITEA_DB}" "${GITEA_DB_USER}"
|
||||
create_or_alter_db "${ODOO_DB}" "${ODOO_DB_USER}"
|
||||
|
||||
echo "[init] create-databases finished"
|
||||
Reference in New Issue
Block a user