Skip to content

Commit 43b53ff

Browse files
avatxusavatxus
authored
chore: user create scripts (#31)
1 parent 9653948 commit 43b53ff

File tree

2 files changed

+85
-0
lines changed

2 files changed

+85
-0
lines changed

scripts/grant_read_access.sh

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,44 @@
1+
#!/bin/bash
2+
export PGSSLMODE=disable
3+
export PG_SUPERUSER=postgres
4+
export PGPASSWORD=""
5+
export PG_NEW_USER=""
6+
export PG_NEW_USER_PASSWORD=""
7+
export PGHOST=localhost
8+
export PGPORT=5432
9+
10+
# Check if all required environment variables are set
11+
if [ -z "$PG_SUPERUSER" ] || [ -z "$PGPASSWORD" ] || [ -z "$PG_NEW_USER" ] || [ -z "$PG_NEW_USER_PASSWORD" ] || [ -z "$PGHOST" ] || [ -z "$PGPORT" ]; then
12+
echo "One or more required environment variables are not set."
13+
echo "Make sure PG_SUPERUSER, PGPASSWORD, PG_NEW_USER, PG_NEW_USER_PASSWORD, PGHOST, and PGPORT are set before running this script."
14+
exit 1
15+
fi
16+
17+
# Target databases
18+
databases=("dbsync-mainnet" "dbsync-preview" "dbsync-preprod")
19+
20+
# Create the new user
21+
echo "Creating user: $PG_NEW_USER"
22+
psql -h "$PGHOST" -p "$PGPORT" -U "$PG_SUPERUSER" -c "CREATE USER \"$PG_NEW_USER\" WITH LOGIN PASSWORD '$PG_NEW_USER_PASSWORD';"
23+
24+
# Loop through each database to grant permissions
25+
for db in "${databases[@]}"; do
26+
echo "Granting permissions on database: $db"
27+
28+
# Grant CONNECT on database
29+
psql -h "$PGHOST" -p "$PGPORT" -U "$PG_SUPERUSER" -d "$db" -c "GRANT CONNECT ON DATABASE \"$db\" TO \"$PG_NEW_USER\";"
30+
31+
# Grant USAGE on the 'public' schema
32+
psql -h "$PGHOST" -p "$PGPORT" -U "$PG_SUPERUSER" -d "$db" -c "GRANT USAGE ON SCHEMA public TO \"$PG_NEW_USER\";"
33+
34+
# Grant SELECT on all tables in the 'public' schema
35+
psql -h "$PGHOST" -p "$PGPORT" -U "$PG_SUPERUSER" -d "$db" -c "GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"$PG_NEW_USER\";"
36+
37+
# Ensure future tables in the 'public' schema also grant SELECT to the user
38+
psql -h "$PGHOST" -p "$PGPORT" -U "$PG_SUPERUSER" -d "$db" -c "ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO \"$PG_NEW_USER\";"
39+
40+
# set max statement timouet
41+
psql -h "$PGHOST" -p "$PGPORT" -U "$PG_SUPERUSER" -d "$db" -c "ALTER ROLE \"$PG_NEW_USER\" SET statement_timeout = '120000';"
42+
done
43+
44+
echo "Permissions granted and user created successfully."

scripts/grant_write_access.sh

Lines changed: 41 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,41 @@
1+
#!/bin/bash
2+
export PGSSLMODE=disable
3+
export PG_SUPERUSER=postgres
4+
export PGPASSWORD=""
5+
export PG_NEW_USER=""
6+
export PG_NEW_USER_PASSWORD=""
7+
export PGHOST=localhost
8+
export PGPORT=5432
9+
10+
# Check if all required environment variables are set
11+
if [ -z "$PG_SUPERUSER" ] || [ -z "$PGPASSWORD" ] || [ -z "$PG_NEW_USER" ] || [ -z "$PG_NEW_USER_PASSWORD" ] || [ -z "$PGHOST" ] || [ -z "$PGPORT" ]; then
12+
echo "One or more required environment variables are not set."
13+
echo "Make sure PG_SUPERUSER, PGPASSWORD, PG_NEW_USER, PG_NEW_USER_PASSWORD, PGHOST, and PGPORT are set before running this script."
14+
exit 1
15+
fi
16+
17+
# Target databases
18+
databases=("dbsync-mainnet" "dbsync-preview" "dbsync-preprod")
19+
20+
# Create the new user
21+
echo "Creating user: $PG_NEW_USER"
22+
psql -h "$PGHOST" -p "$PGPORT" -U "$PG_SUPERUSER" -c "CREATE USER \"$PG_NEW_USER\" WITH LOGIN PASSWORD '$PG_NEW_USER_PASSWORD';"
23+
24+
# Loop through each database to grant permissions
25+
for db in "${databases[@]}"; do
26+
echo "Granting permissions on database: $db"
27+
28+
# Grant CONNECT on database and CREATE on the database to allow schema creation
29+
psql -h "$PGHOST" -p "$PGPORT" -U "$PG_SUPERUSER" -d "$db" -c "GRANT CONNECT, CREATE ON DATABASE \"$db\" TO \"$PG_NEW_USER\";"
30+
31+
# Grant USAGE and CREATE on the 'public' schema to allow view creation and using the schema
32+
psql -h "$PGHOST" -p "$PGPORT" -U "$PG_SUPERUSER" -d "$db" -c "GRANT USAGE, CREATE ON SCHEMA public TO \"$PG_NEW_USER\";"
33+
34+
# Grant SELECT on all tables in the 'public' schema
35+
psql -h "$PGHOST" -p "$PGPORT" -U "$PG_SUPERUSER" -d "$db" -c "GRANT SELECT ON ALL TABLES IN SCHEMA public TO \"$PG_NEW_USER\";"
36+
37+
# Ensure future tables and views in the 'public' schema also grant SELECT to the user
38+
psql -h "$PGHOST" -p "$PGPORT" -U "$PG_SUPERUSER" -d "$db" -c "ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO \"$PG_NEW_USER\";"
39+
done
40+
41+
echo "Permissions granted and user created successfully."

0 commit comments

Comments
 (0)