Add shared postgres (wip)
This commit is contained in:
Peter Smit
73
postgres/init-scripts/01-init-databases.sh
Executable file
73
postgres/init-scripts/01-init-databases.sh
Executable file
@@ -0,0 +1,73 @@
|
||||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
# This script initializes all databases and users for the homelab services
|
||||
# It runs automatically when the PostgreSQL container starts for the first time
|
||||
|
||||
echo "Creating databases and users for homelab services..."
|
||||
|
||||
# Function to create database and user with restricted permissions
|
||||
create_db_and_user() {
|
||||
local db_name=$1
|
||||
local db_user=$2
|
||||
local db_password=$3
|
||||
|
||||
echo "Creating database: $db_name with user: $db_user"
|
||||
|
||||
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
|
||||
-- Create database
|
||||
CREATE DATABASE $db_name;
|
||||
|
||||
-- Create user with password
|
||||
CREATE USER $db_user WITH ENCRYPTED PASSWORD '$db_password';
|
||||
|
||||
-- Grant connection to the specific database only
|
||||
GRANT CONNECT ON DATABASE $db_name TO $db_user;
|
||||
|
||||
-- Make user owner of the database
|
||||
ALTER DATABASE $db_name OWNER TO $db_user;
|
||||
|
||||
-- Connect to the specific database to set schema permissions
|
||||
\c $db_name
|
||||
|
||||
-- Grant schema permissions
|
||||
GRANT ALL ON SCHEMA public TO $db_user;
|
||||
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO $db_user;
|
||||
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO $db_user;
|
||||
GRANT ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA public TO $db_user;
|
||||
|
||||
-- Set default privileges for future objects
|
||||
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO $db_user;
|
||||
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON SEQUENCES TO $db_user;
|
||||
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON FUNCTIONS TO $db_user;
|
||||
|
||||
-- Switch back to postgres database
|
||||
\c postgres
|
||||
EOSQL
|
||||
}
|
||||
|
||||
# Create databases for each service
|
||||
# Using environment variables that will be set in your .env file
|
||||
|
||||
# Spliit
|
||||
create_db_and_user "${SPLIIT_POSTGRES_DB}" "${SPLIIT_POSTGRES_USER}" "${SPLIIT_POSTGRES_PASSWORD}"
|
||||
|
||||
# Shlink
|
||||
create_db_and_user "${SHLINK_POSTGRES_DB}" "${SHLINK_POSTGRES_USER}" "${SHLINK_POSTGRES_PASSWORD}"
|
||||
|
||||
# Immich
|
||||
create_db_and_user "${IMMICH_DB_DATABASE_NAME}" "${IMMICH_DB_USERNAME}" "${IMMICH_DB_PASSWORD}"
|
||||
|
||||
# Nextcloud
|
||||
create_db_and_user "${NEXTCLOUD_POSTGRES_DB}" "${NEXTCLOUD_POSTGRES_USER}" "${NEXTCLOUD_POSTGRES_PASSWORD}"
|
||||
|
||||
# Paperless
|
||||
create_db_and_user "${PAPERLESS_POSTGRES_DB}" "${PAPERLESS_POSTGRES_USER}" "${PAPERLESS_POSTGRES_PASSWORD}"
|
||||
|
||||
# Matrix and co
|
||||
create_db_and_user "${SYNAPSE_POSTGRES_DB}" "${SYNAPSE_POSTGRES_USER}" "${SYNAPSE_POSTGRES_PASSWORD}"
|
||||
create_db_and_user "${MAS_POSTGRES_DB}" "${MAS_POSTGRES_USER}" "${MAS_POSTGRES_PASSWORD}"
|
||||
create_db_and_user "${MAUTRIX_SIGNAL_POSTGRES_DB}" "${MAUTRIX_SIGNAL_POSTGRES_USER}" "${MAUTRIX_SIGNAL_POSTGRES_PASSWORD}"
|
||||
create_db_and_user "${MAUTRIX_WHATSAPP_POSTGRES_DB}" "${MAUTRIX_WHATSAPP_POSTGRES_USER}" "${MAUTRIX_WHATSAPP_POSTGRES_PASSWORD}"
|
||||
|
||||
echo "Database initialization completed successfully!"
|
||||
Reference in New Issue
Block a user