CatalogueRevamping
/
docker-ckan
14
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
docker-ckan/docker/postgres/svc/postgresql/run

112 lines
4.0 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
set -eu
if [[ ! -e "$PGDATA/db_configured" ]]; then
init_db () {
echo "Configuring CKAN database, PostGIS & datastore"
# create CKAN user
setuser postgres psql \
-c "CREATE USER $CKAN_USER WITH PASSWORD '$CKAN_PASS';"
# create CKAN database
setuser postgres createdb \
-O $CKAN_USER $CKAN_DB -T template0 -E utf-8
# setup PostGIS for the database
setuser postgres psql \
-d $CKAN_DB -f /usr/share/postgresql/9.3/contrib/postgis-2.1/postgis.sql
setuser postgres psql \
-d $CKAN_DB -f /usr/share/postgresql/9.3/contrib/postgis-2.1/spatial_ref_sys.sql
setuser postgres psql \
-d $CKAN_DB -f /usr/share/postgresql/9.3/contrib/postgis-2.1/postgis_comments.sql
# change the ownership of the spatial tables
setuser postgres psql \
-d $CKAN_DB -c "ALTER TABLE spatial_ref_sys OWNER TO $CKAN_USER;"
setuser postgres psql \
-d $CKAN_DB -c "ALTER TABLE geometry_columns OWNER TO $CKAN_USER;"
# create Datastore user
setuser postgres psql \
-c "CREATE USER $DATASTORE_USER WITH PASSWORD '$DATASTORE_PASS';"
# create Datastore database
setuser postgres createdb \
-O $CKAN_USER $DATASTORE_DB -T template0 -E utf-8
# configure the permissions for the datastore
setuser postgres psql \
-q <<-EOF
\connect $DATASTORE_DB
-- revoke permissions for the read-only user
REVOKE CREATE ON SCHEMA public FROM PUBLIC;
REVOKE USAGE ON SCHEMA public FROM PUBLIC;
GRANT CREATE ON SCHEMA public TO $CKAN_USER;
GRANT USAGE ON SCHEMA public TO $CKAN_USER;
-- take connect permissions from main db
REVOKE CONNECT ON DATABASE $CKAN_DB FROM $DATASTORE_USER;
-- grant select permissions for read-only user
GRANT CONNECT ON DATABASE $DATASTORE_DB TO $DATASTORE_USER;
GRANT USAGE ON SCHEMA public TO $DATASTORE_USER;
-- grant access to current tables and views to read-only user
GRANT SELECT ON ALL TABLES IN SCHEMA public TO $DATASTORE_USER;
-- grant access to new tables and views by default
ALTER DEFAULT PRIVILEGES FOR USER $CKAN_USER IN SCHEMA public
GRANT SELECT ON TABLES TO $DATASTORE_USER;
EOF
# Database configured
touch $PGDATA/db_configured
}
else
init_db () {
echo "CKAN database & datastore already configured"
}
fi
init_db_when_ready () {
# calls init_db when postgres is running
while [[ ! -e /run/postgresql/9.3-main.pid ]]; do
inotifywait -q -e create /run/postgresql/ >> /dev/null
done
init_db
}
if [[ ! -d "$PGDATA" ]]; then
echo "Creating Postgres Directory..."
# create dirs if needed
mkdir -p $PGDATA
# Ensure postgres owns the PGDATA
chown -R postgres $PGDATA
# Ensure we have the right permissions set on the PGDATA
chmod -R 700 $PGDATA
fi
# initialize db if needed
if [[ ! "$(ls -A $PGDATA)" ]]; then
echo "Initializing PostgreSQL..."
chown -R postgres $PGDATA
# postgres initdb
setuser postgres /usr/lib/postgresql/9.3/bin/initdb --locale=en_US.UTF-8 --encoding=UNICODE $PGDATA
mv $PGDATA/*.conf $PGMAIN/
# Update postgresql.conf settings
sed -i -e "s|^#listen_addresses =.*$|listen_addresses = '*'|" $PGMAIN/postgresql.conf
sed -i -e "s|^#data_directory =.*$|data_directory = '/var/lib/postgresql/9.3/main'|" $PGMAIN/postgresql.conf
sed -i -e "s|^#hba_file =.*$|hba_file = '/etc/postgresql/9.3/main/pg_hba.conf'|" $PGMAIN/postgresql.conf
sed -i -e "s|^#ident_file =.*$|ident_file = '/etc/postgresql/9.3/main/pg_ident.conf'|" $PGMAIN/postgresql.conf
sed -i -e "s|^#external_pid_file =.*$|external_pid_file = '/var/run/postgresql/9.3-main.pid'|" $PGMAIN/postgresql.conf
# Allow connections from anywhere with valid credentials (md5)
echo "local all postgres peer" >> $PGMAIN/pg_hba.conf
echo "host all all 0.0.0.0/0 md5" >> $PGMAIN/pg_hba.conf
fi
init_db_when_ready &
# Start PostgreSQL
echo "Starting PostgreSQL..."
setuser postgres /usr/lib/postgresql/9.3/bin/postgres -D $PGDATA -c config_file=$PGMAIN/postgresql.conf
Reference in New Issue View Git Blame Copy Permalink