setup/postgres/psql_create_database.sql

Fri, 15 Dec 2017 17:39:54 +0100

author
Mike Becker <universe@uap-core.de>
date
Fri, 15 Dec 2017 17:39:54 +0100
changeset 9
20a9b2bc9063
parent 5
131903fc16b8
child 16
4e0998805276
permissions
-rw-r--r--

makes LightPITServlet abstract

2
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
1 -- Create a database owner role, which has no login permissions.
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
2 -- You can either:
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
3 -- 1) login as default user and switch the user
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
4 -- 2) decide to override this decision and give login permissions
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
5 -- 3) use your superuser of choice to manage the database (not recommended!)
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
6 create role lightpit_dbo with password 'lpit_dbo_changeme';
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
7
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
8 -- Create the actual (unprivileged) database user
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
9 create user lightpit_user with password 'lpit_user_changeme';
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
10
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
11 -- Create the LightPIT schema
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
12 create schema lightpit authorization lightpit_dbo;
5
131903fc16b8 moves psql DB setup script to another file (we want to support other engines later) + adds some missing statements to that file
Mike Becker <universe@uap-core.de>
parents: 2
diff changeset
13 grant usage on schema lightpit to lightpit_user;
2
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
14
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
15 -- Grant basic privileges to user (the granting user must be the dbo)
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
16 alter default privileges for role lightpit_dbo in schema lightpit
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
17 grant select, insert, update, delete on tables to lightpit_user;
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
18 alter default privileges for role lightpit_dbo in schema lightpit
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
19 grant usage, select on sequences to lightpit_user;
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
20 alter default privileges for role lightpit_dbo in schema lightpit
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
21 grant execute on functions to lightpit_user;
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
22 alter default privileges for role lightpit_dbo in schema lightpit
fcb452578142 adds create database setup script
Mike Becker <universe@uap-core.de>
parents:
diff changeset
23 grant usage on types to lightpit_user;
5
131903fc16b8 moves psql DB setup script to another file (we want to support other engines later) + adds some missing statements to that file
Mike Becker <universe@uap-core.de>
parents: 2
diff changeset
24
131903fc16b8 moves psql DB setup script to another file (we want to support other engines later) + adds some missing statements to that file
Mike Becker <universe@uap-core.de>
parents: 2
diff changeset
25 -- restrict the search path to the lightpit schema
131903fc16b8 moves psql DB setup script to another file (we want to support other engines later) + adds some missing statements to that file
Mike Becker <universe@uap-core.de>
parents: 2
diff changeset
26 alter role lightpit_dbo set search_path to lightpit;
131903fc16b8 moves psql DB setup script to another file (we want to support other engines later) + adds some missing statements to that file
Mike Becker <universe@uap-core.de>
parents: 2
diff changeset
27 alter role lightpit_user set search_path to lightpit;

mercurial