5 # Manage the PostgreSQL database server
7 # Mark Huang <mlhuang@cs.princeton.edu>
8 # Copyright (C) 2006 The Trustees of Princeton University
11 # Source function library and configuration
12 . /etc/plc.d/functions
13 . /etc/planetlab/plc_config
14 local_config=/etc/planetlab/configs/site.xml
20 PGDATA=/var/lib/pgsql/data
21 postgresql_conf=$PGDATA/postgresql.conf
22 pghba_conf=$PGDATA/pg_hba.conf
23 postgresql_sysconfig=/etc/sysconfig/pgsql/postgresql
25 # Export so that we do not have to specify -p to psql invocations
26 export PGPORT=$PLC_DB_PORT
28 # can't trust the return of service postgresql start / nor status
29 function postgresql_check () {
31 # wait until postmaster is up and running - or 10s max
32 if systemctl status postgresql >& /dev/null; then
33 # The only way we can be sure is if we can access it
34 for i in $(seq 1 10) ; do
35 # Must do this as the postgres user initially (before we
36 # fix pg_hba.conf to passwordless localhost access).
37 su -c 'psql -U postgres -c "" template1' postgres && return 0
47 if [ "$PLC_DB_ENABLED" != "1" ] ; then
51 MESSAGE=$"Starting PostgreSQL server"
55 # xxx on f16, the systemd init script won't read /etc/sysconfig/pgsql/postgresql any more
56 # need to find out how to perform this configuration, if still needed
57 # Set data directory and redirect startup output to /var/log/pgsql
58 mkdir -p $(dirname $postgresql_sysconfig)
59 touch $postgresql_sysconfig
60 tmp=${postgresql_sysconfig}.new
61 # remove any previous definitions and write ours
62 ( grep -v -E '^(PGDATA=|PGLOG=|PGPORT=)' $postgresql_sysconfig
64 echo "PGLOG=/var/log/pgsql"
65 echo "PGPORT=$PLC_DB_PORT"
66 ) > $tmp ; mv -f $tmp $postgresql_sysconfig
68 ######## /var/lib/pgsql/data
69 # Fix ownership of /var/lib/pgsql (rpm installation may have changed it)
70 chown -R -H postgres:postgres $(dirname $PGDATA)
72 # PostgreSQL must be started at least once to bootstrap
74 if [ ! -f $postgresql_conf ] ; then
75 postgresql-setup --initdb --unit postgresql &> /dev/null || :
79 ######## /var/lib/pgsql/data/postgresql.conf
80 # Enable DB server. drop Postgresql<=7.x
81 # PostgreSQL >=8.0 defines listen_addresses
82 # listen on a specific IP + localhost, more robust when run within a vserver
83 sed -i -e '/^listen_addresses/d' $postgresql_conf
84 echo "listen_addresses = '${PLC_DB_HOST},localhost'" >> $postgresql_conf
85 # tweak timezone to be 'UTC'
86 sed -i -e '/^timezone=/d' $postgresql_conf
87 echo "timezone='UTC'" >> $postgresql_conf
89 ######## /var/lib/pgsql/data/pg_hba.conf
90 # Disable access to MyPLC and drupal DBs from all hosts
91 sed -i -e '/^\(host\|local\)/d' $pghba_conf
93 # Enable passwordless localhost access
94 echo "local all all trust" >>$pghba_conf
96 # Enable access from the API, boot, and web servers
97 PLC_API_IP=$(gethostbyname $PLC_API_HOST)
98 PLC_BOOT_IP=$(gethostbyname $PLC_BOOT_HOST)
99 PLC_WWW_IP=$(gethostbyname $PLC_WWW_HOST)
101 if [ -z "$PLC_API_IP" ] ; then
102 MESSAGE=$"PLC_API_IP is not set"
106 if [ -z "$PLC_BOOT_IP" ] ; then
107 MESSAGE=$"PLC_BOOT_IP is not set"
111 if [ -z "$PLC_WWW_IP" ] ; then
112 MESSAGE=$"PLC_WWW_IP is not set"
116 if [ $ip_failure -eq 1 ] ; then
122 echo "host $PLC_DB_NAME $PLC_DB_USER 127.0.0.1/32 password"
123 echo "host $PLC_DB_NAME $PLC_DB_USER $PLC_API_IP/32 password"
124 echo "host $PLC_DB_NAME $PLC_DB_USER $PLC_BOOT_IP/32 password"
125 echo "host $PLC_DB_NAME $PLC_DB_USER $PLC_WWW_IP/32 password"
126 # Drupal also uses PostgreSQL
127 echo "host drupal $PLC_DB_USER 127.0.0.1/32 password"
128 echo "host drupal $PLC_DB_USER $PLC_WWW_IP/32 password"
131 # Append site-specific access rules
132 for file in $pghba_conf.d/*.conf ; do
133 cat "$file" >>$pghba_conf
136 # Fix ownership (sed -i changes it)
137 chown postgres:postgres $postgresql_conf $pghba_conf
139 ######## Start up the server - ignore retcod and check this our way
140 (exec 3>&- 4>&- ; systemctl start postgresql)
144 ######## Create/update the unprivileged database user and password
145 if [ -z "$PLC_DB_PASSWORD" ] ; then
146 PLC_DB_PASSWORD=$(uuidgen)
147 plc-config --category=plc_db --variable=password --value="$PLC_DB_PASSWORD" --save=$local_config $local_config
151 if ! psql -U $PLC_DB_USER -c "" template1 >/dev/null 2>&1 ; then
152 psql -U postgres -c "CREATE USER $PLC_DB_USER PASSWORD '$PLC_DB_PASSWORD'" template1
154 psql -U postgres -c "ALTER USER $PLC_DB_USER WITH PASSWORD '$PLC_DB_PASSWORD'" template1
158 ######## Create the databases if necessary
159 if ! psql -U $PLC_DB_USER -c "" $PLC_DB_NAME >/dev/null 2>&1 ; then
160 createdb -U postgres --template=template0 --encoding=UNICODE --owner=$PLC_DB_USER $PLC_DB_NAME
161 psql -U $PLC_DB_USER -f /usr/share/plc_api/$PLC_DB_NAME.sql $PLC_DB_NAME
164 if ! psql -U $PLC_DB_USER -c "" drupal >/dev/null 2>&1 ; then
165 createdb -U postgres --template=template0 --encoding=UNICODE --owner=$PLC_DB_USER drupal
166 psql -U $PLC_DB_USER -f /var/www/html/database/database.pgsql drupal
173 MESSAGE=$"Stopping PostgreSQL server"
176 # Drop the current user in case the username changes
177 psql -U postgres -c "DROP USER $PLC_DB_USER" template1
179 # WARNING: If the DB name changes, the old DB will be left
180 # intact and a new one will be created. If it changes
181 # back, the old DB will not be re-created.
183 # Shut down the server
184 systemctl stop postgresql
186 # /etc/init.d/postgresql fails if it is not running
187 [ "$PLC_DB_ENABLED" = 1 ] && check