configure a single postgres superuser; comments

3d11fd3e · Marco Mariani · d7e912bc · 3d11fd3e · 3d11fd3e · 3d11fd3e
Commit 3d11fd3e authored Jan 09, 2013 by Marco Mariani
5 changed files
--- a/slapos/recipe/postgres/__init__.py
+++ b/slapos/recipe/postgres/__init__.py
@@ -84,8 +84,7 @@ class Recipe(GenericBaseRecipe):
        A Postgres cluster is "a collection of databases that is managed
        by a single instance of a running database server".

-        Here we create an empty cluster. The authentication for this
-        command is through the unix socket.
+        Here we create an empty cluster.
        """
        initdb_binary = os.path.join(self.options['bin'], 'initdb')
        self.check_exists(initdb_binary)
@@ -97,6 +96,7 @@ class Recipe(GenericBaseRecipe):
                                   '-D', pgdata,
                                   '-A', 'ident',
                                   '-E', 'UTF8',
+                                   '-U', self.options['user'],
                                   ])
        except subprocess.CalledProcessError:
            raise UserError('Could not create cluster directory in %s' % pgdata)
@@ -155,7 +155,8 @@ class Recipe(GenericBaseRecipe):

    def createSuperuser(self):
        """\
-        Creates a Postgres superuser - other than "slapuser#" for use by the application.
+        Set a password for the Postgres superuser.
+        The application will also use this for its connections.
        """

        # http://postgresql.1045698.n5.nabble.com/Algorithm-for-generating-md5-encrypted-password-not-found-in-documentation-td4919082.html
@@ -166,7 +167,7 @@ class Recipe(GenericBaseRecipe):
        # encrypt the password to avoid storing in the logs
        enc_password = 'md5' + md5.md5(password+user).hexdigest()

-        self.runPostgresCommand(cmd="""CREATE USER "%s" ENCRYPTED PASSWORD '%s' SUPERUSER""" % (user, enc_password))
+        self.runPostgresCommand(cmd="""ALTER USER "%s" ENCRYPTED PASSWORD '%s'""" % (user, enc_password))


    def runPostgresCommand(self, cmd):

--- a/software/postgres/instance.cfg.in
+++ b/software/postgres/instance.cfg.in
@@ -22,12 +22,6 @@ promises = $${directories:etc}/promise
 var = $${buildout:directory}/var


-[symlinks]
-recipe = cns.recipe.symlink
-symlink_target = $${directories:bin}
-symlink_base = ${postgresql:location}/bin
-
-
 #----------------
 #--
 #-- Creates a Postgres cluster, configuration files, and a database.
@@ -39,7 +33,7 @@ recipe = slapos.cookbook:postgres
 ipv6 = $${instance-parameters:ipv6}
 ipv4 = $${instance-parameters:ipv4}
 ipv6_random = $${instance-parameters:ipv6_random}
-user = user
+user = postgres
 port = 5432
 dbname = db
 # pgdata_directory is created by initdb, and should not exist beforehand.
@@ -48,6 +42,16 @@ bin = $${directories:bin}
 services = $${directories:services}


+#----------------
+#--
+#-- Creates symlinks from the instance to the software release.
+
+[symlinks]
+recipe = cns.recipe.symlink
+symlink_target = $${directories:bin}
+symlink_base = ${postgresql:location}/bin
+
+
 #----------------
 #--
 #-- Deploy promise scripts.
@@ -73,7 +77,6 @@ url = $${postgres-instance:url}
 #-- Fetches parameters defined in SlapOS Master for this instance

 [instance-parameters]
-# Fetches parameters defined in SlapOS Master for this instance
 recipe = slapos.cookbook:slapconfiguration
 computer = $${slap-connection:computer-id}
 partition = $${slap-connection:partition-id}

--- a/software/postgres/software.cfg
+++ b/software/postgres/software.cfg
@@ -18,7 +18,7 @@ parts =
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/instance.cfg.in
 output = ${buildout:directory}/instance.cfg
-md5sum = 0a500f601bd3c2d5f1cd7ca24bb9d6f3
+md5sum = b7175c4b086b3d0bfa57a4f132679664
 mode = 0644



--- a/stack/lapp/buildout.cfg
+++ b/stack/lapp/buildout.cfg
@@ -87,7 +87,7 @@ mode = 0644
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/postgres/instance-postgres.cfg.in
 output = ${buildout:directory}/instance-postgres.cfg
-md5sum = 4a339ed20f7579e5558fc53637e441fd
+md5sum = df34ba3a6542855dd01908306695af8d
 mode = 0644

 [instance-postgres-import]

--- a/stack/lapp/postgres/instance-postgres.cfg.in
+++ b/stack/lapp/postgres/instance-postgres.cfg.in
@@ -120,10 +120,10 @@ rotate-num = 30
 notifempty = true
 create = true

+
 #----------------
 #--
 #-- Deploy stunnel.
-#-- XXX This is actually not needed with Postgres.

 [stunnel]
 recipe = slapos.cookbook:stunnel
@@ -165,6 +165,7 @@ certs = $${directory:ca-dir}/certs/
 newcerts = $${directory:ca-dir}/newcerts/
 crl = $${directory:ca-dir}/crl/

+
 #----------------
 #--
 #-- Creates a Postgres cluster, configuration files, and a database.
@@ -192,6 +193,7 @@ wrapper = $${basedirectory:services}/stunnel
 key-file = $${stunnel:key-file}
 cert-file = $${stunnel:cert-file}

+
 #----------------
 #--
 #-- Creates symlinks from the instance to the software release.
@@ -240,6 +242,7 @@ recipe = slapos.cookbook:publish
 url = $${postgres-instance:url}
 ip = $${instance-parameters:ipv6_random}

+
 #----------------
 #--
 #-- Fetches parameters defined in SlapOS Master for this instance