* tentative merge of onelab myplc

[myplc.git] / plc.d / postgresql

#!/bin/bash
#
# priority: 300
#
# Manage the PostgreSQL database server
#
# Mark Huang <mlhuang@cs.princeton.edu>
# Copyright (C) 2006 The Trustees of Princeton University
#
# $Id: postgresql 635 2007-07-05 11:08:14Z thierry $
#

# Source function library and configuration
. /etc/plc.d/functions
. /etc/planetlab/plc_config
local_config=/etc/planetlab/configs/site.xml

# Be verbose
set -x

# Default locations
PGDATA=/var/lib/pgsql/data
postgresql_conf=$PGDATA/postgresql.conf
pghba_conf=$PGDATA/pg_hba.conf

# Export so that we do not have to specify -p to psql invocations
export PGPORT=$PLC_DB_PORT

# /etc/init.d/postgresql always returns 0, even on failure
postgresql_start ()
{
    # start() always returns 0
    (exec 3>&- 4>&- ; service postgresql start)

    # status() will still return 0 even while still initializing
    if status postmaster && [ -f /var/lock/subsys/postgresql ] ; then
        # The only way we can be sure is if we can access it
        for i in $(seq 1 10) ; do
            # Must do this as the postgres user initially (before we
            # fix pg_hba.conf to passwordless localhost access).
            su -c 'psql -U postgres -c "" template1' postgres && return 0
            sleep 1
        done
    fi

    return 1
}

case "$1" in
    start)
        if [ "$PLC_DB_ENABLED" != "1" ] ; then
            exit 0
        fi

        MESSAGE=$"Starting database server"
        dialog "$MESSAGE"

        # Set data directory and redirect startup output to /var/log/pgsql
        mkdir -p /etc/sysconfig/pgsql
        (
            echo "PGDATA=$PGDATA"
            echo "PGLOG=/var/log/pgsql"
            echo "PGPORT=$PLC_DB_PORT"
        ) >>/etc/sysconfig/pgsql/postgresql

        # Fix ownership (rpm installation may have changed it)
        chown -R -H postgres:postgres $(dirname $PGDATA)

        # PostgreSQL must be started at least once to bootstrap
        # /var/lib/pgsql/data
        if [ ! -f $postgresql_conf ] ; then
            postgresql_start
            check
            service postgresql stop
            check
        fi

        # Enable DB server. PostgreSQL >=8.0 defines listen_addresses,
        # PostgreSQL 7.x uses tcpip_socket.
        if grep -q listen_addresses $postgresql_conf ; then
            sed -i -e '/^listen_addresses/d' $postgresql_conf
            echo "listen_addresses = '*'" >>$postgresql_conf
        elif grep -q tcpip_socket $postgresql_conf ; then
            sed -i -e '/^tcpip_socket/d' $postgresql_conf
            echo "tcpip_socket = true" >>$postgresql_conf
        fi

        # Disable access to all DBs from all hosts
        sed -i -e '/^\(host\|local\)/d' $pghba_conf

        # Enable passwordless localhost access
        echo "local all all trust" >>$pghba_conf

        # Enable access from the API, boot, and web servers
        PLC_API_IP=$(gethostbyname $PLC_API_HOST)
        PLC_BOOT_IP=$(gethostbyname $PLC_BOOT_HOST)
        PLC_WWW_IP=$(gethostbyname $PLC_WWW_HOST)
        (
            echo "host $PLC_DB_NAME $PLC_DB_USER 127.0.0.1/32 password"
            echo "host $PLC_DB_NAME $PLC_DB_USER $PLC_API_IP/32 password"
            echo "host $PLC_DB_NAME $PLC_DB_USER $PLC_BOOT_IP/32 password"
            echo "host $PLC_DB_NAME $PLC_DB_USER $PLC_WWW_IP/32 password"
            # Drupal also uses PostgreSQL
            echo "host drupal $PLC_DB_USER 127.0.0.1/32 password"
            echo "host drupal $PLC_DB_USER $PLC_WWW_IP/32 password"
        ) >>$pghba_conf

        # Append site-specific access rules
        for file in $pghba_conf.d/*.conf ; do
            cat "$file" >>$pghba_conf
        done

        # Fix ownership (sed -i changes it)
        chown postgres:postgres $postgresql_conf $pghba_conf

        # Start up the server
        postgresql_start
        check

        # Create/update the unprivileged database user and password
        if [ -z "$PLC_DB_PASSWORD" ] ; then
            PLC_DB_PASSWORD=$(uuidgen)
            plc-config --category=plc_db --variable=password --value="$PLC_DB_PASSWORD" --save=$local_config $local_config
            service plc reload
        fi
        if ! psql -U $PLC_DB_USER -c "" template1 >/dev/null 2>&1 ; then
            psql -U postgres -c "CREATE USER $PLC_DB_USER PASSWORD '$PLC_DB_PASSWORD'" template1
        else
            psql -U postgres -c "ALTER USER $PLC_DB_USER WITH PASSWORD '$PLC_DB_PASSWORD'" template1
        fi
        check

        # Create the databases if necessary
        if ! psql -U $PLC_DB_USER -c "" $PLC_DB_NAME >/dev/null 2>&1 ; then
            createdb -U postgres --encoding=UNICODE --owner=$PLC_DB_USER $PLC_DB_NAME
            psql -U $PLC_DB_USER -f /usr/share/plc_api/$PLC_DB_NAME.sql $PLC_DB_NAME
        fi
        check
        if ! psql -U $PLC_DB_USER -c "" drupal >/dev/null 2>&1 ; then
            createdb -U postgres --encoding=UNICODE --owner=$PLC_DB_USER drupal
            psql -U $PLC_DB_USER -f /var/www/html/database/database.pgsql drupal
        fi
        check

        result "$MESSAGE"
        ;;

    stop)
        MESSAGE=$"Stopping database server"
        dialog "$MESSAGE"

        # Drop the current user in case the username changes
        psql -U postgres -c "DROP USER $PLC_DB_USER" template1

        # WARNING: If the DB name changes, the old DB will be left
        # intact and a new one will be created. If it changes
        # back, the old DB will not be re-created.

        # Shut down the server
        service postgresql stop

        # /etc/init.d/postgresql fails if it is not running
        [ "$PLC_DB_ENABLED" = 1 ] && check

        result "$MESSAGE"
        ;;
esac

exit $ERRORS