-
Notifications
You must be signed in to change notification settings - Fork 67
/
setup.sh
executable file
·96 lines (84 loc) · 3.51 KB
/
setup.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
#!/bin/bash
# NOTE: This script expects you've generated a password.
# You can do that using "openssl" as follows, or you could use any password
# generation mechanism you like.
#
# Generate a password value using "openssl":
# openssl rand -hex 12
#
# Generate and assign the value to RIDESHARE_DB_PASSWORD:
# export RIDESHARE_DB_PASSWORD=$(openssl rand -hex 12)
#
# Later, you'll create the special password file ~/.pgpass, and
# place your generated password in it.
#
# COMPATIBILITY: Requires PostgreSQL 16
# ENV VARS: [DB_URL, RIDESHARE_DB_PASSWORD]
# Make sure password is set
if [ -z "$RIDESHARE_DB_PASSWORD" ]; then
echo "Error: 'RIDESHARE_DB_PASSWORD' not set, can't continue."
echo
echo "Check for an existing value in file: ~/.pgpass"
echo "If there's a value, set it like this:"
echo 'export RIDESHARE_DB_PASSWORD="HSnDDgFtyW9fyFI"'
echo "OR generate a new value (See comments in: db/setup.sh)"
exit 1
fi
# Check if the environment variable DB_URL is set
if [ -z "$DB_URL" ]; then
echo "Error: 'DB_URL' not set, can't continue."
echo "This is the connection to your instance, using a superuser like 'postgres'."
echo "The password for 'postgres' is also 'postgres'"
echo "Connect to the 'postgres' database to issue these commands"
echo
echo "See: db/setup.sh"
echo "Run: export DB_URL='postgres://postgres:@localhost:5432/postgres'"
exit 1
fi
# Set up Roles and Users on your PostgreSQL instance
psql $DB_URL -v password_to_save=$RIDESHARE_DB_PASSWORD -a -f db/create_role_owner.sql
psql $DB_URL -a -f db/create_role_readwrite_users.sql
psql $DB_URL -a -f db/create_role_readonly_users.sql
psql $DB_URL -v password_to_save=$RIDESHARE_DB_PASSWORD -a -f db/create_role_app_user.sql
psql $DB_URL -v password_to_save=$RIDESHARE_DB_PASSWORD -a -f db/create_role_app_readonly.sql
# Set up Rideshare development database
psql $DB_URL -a -f db/create_database.sql
# Revoke database privileges on public, drop public schema
psql $DB_URL -a -f db/revoke_drop_public_schema.sql
# Create rideshare schema
psql $DB_URL -a -f db/create_schema.sql
# Perform GRANT operations
psql $DB_URL -a -f db/create_grants_database.sql
psql $DB_URL -a -f db/create_grants_schema.sql
# Alter the default privileges
psql $DB_URL -a -f db/alter_default_privileges_readwrite.sql
psql $DB_URL -a -f db/alter_default_privileges_readonly.sql
psql $DB_URL -a -f db/alter_default_privileges_public.sql
# Add generated password to ~/.pgpass file
echo "Add to ~/.pgpass"
echo "localhost:5432:rideshare_development:owner:$RIDESHARE_DB_PASSWORD
localhost:6432:rideshare_development:owner:$RIDESHARE_DB_PASSWORD
localhost:5432:rideshare_development:app:$RIDESHARE_DB_PASSWORD
localhost:54321:rideshare_development:owner:$RIDESHARE_DB_PASSWORD
localhost:54322:rideshare_development:owner:$RIDESHARE_DB_PASSWORD
*:*:*:replication_user:$RIDESHARE_DB_PASSWORD
*:*:*:app_readonly:$RIDESHARE_DB_PASSWORD" >> ~/.pgpass
# Set file ownership and permissions
echo "chmod ~/.pgpass"
chmod 0600 ~/.pgpass
echo
echo "DONE! 🎉"
echo "Notes:"
echo "Make sure 'graphviz' is installed: 'brew install graphviz'"
echo
echo "Next: run 'bin/rails db:migrate' to apply pending migrations"
echo
echo "If you ran as: 'sh db/setup.sh 2>&1 | tee -a output.log'"
echo "Open the 'output.log' file and check for errors"
echo
echo "The ~/.pgpass file was generated or new values were added to it."
echo
echo "Set the 'DATABASE_URL' env var, which you can find in the .env file:"
echo "To set it in your terminal, run:"
echo
echo "export $(cat .env|grep DATABASE_URL|head -n1)"