Mercurial > gemma
diff schema/install-db.sh @ 330:fd04bccae6ca
Create standard roles as part of the base schema.
We will always need:
1. a gemma service user
2. an initial sys_admin user
so these are now created as part of the base gemma schema.
The install-db script now creates random default passwords for this
accounts.
As the complexity is sufficiently increased by now I also changed the
Quick Start guide to use an configuration file and provided an example
file.
| author | Sascha Wilde <wilde@intevation.de> |
|---|---|
| date | Fri, 03 Aug 2018 13:40:10 +0200 |
| parents | ac760b0f22a9 |
| children | a85f56207d80 |
line wrap: on
line diff
--- a/schema/install-db.sh Fri Aug 03 10:52:03 2018 +0200 +++ b/schema/install-db.sh Fri Aug 03 13:40:10 2018 +0200 @@ -27,6 +27,12 @@ exit 23 } +genpw() +# $1 - length +{ + dd count=1 if=/dev/urandom 2>/dev/null \ + | tr -cd '[:alnum:],._!?-' | tail -c "$1" +} # Defaults: @@ -83,7 +89,8 @@ -c "SET client_min_messages TO WARNING;" \ -f "$BASEDIR/gemma.sql" \ -f "$BASEDIR/manage_users.sql" \ - -f "$BASEDIR/auth.sql" + -f "$BASEDIR/auth.sql" \ + -f "$BASEDIR/std_login_roles.sql" if [[ $demo -eq 1 ]] ; then psql -q -p "$port" -f "$BASEDIR/demo-data/responsibility_areas.sql" \ @@ -91,6 +98,17 @@ psql -q -p "$port" -f "$BASEDIR/demo-data/roles.sql" \ -f "$BASEDIR/demo-data/users.sql" -d "$db" fi + + # Generate and set Passwords + adminpw=`genpw 15` + servicepw=`genpw 15` + + psql -qt -p "$port" -d "$db" \ + -c "ALTER ROLE sysadmin PASSWORD '$adminpw'" + psql -qt -p "$port" -d "$db" \ + -c "ALTER ROLE gemma_service PASSWORD '$servicepw'" + echo "Default admin user 'sysadmin' created with password '$adminpw'." + echo "Back end user 'gemma_service' created with password '$servicepw'." else # Evil mode: drop everything gemma echo "Really drop database '$db' and alle gemma roles? [type 'yes']: "