setup/postgres/psql_create_database.sql

Sun, 26 Nov 2017 16:51:57 +0100

author
Mike Becker <universe@uap-core.de>
date
Sun, 26 Nov 2017 16:51:57 +0100
changeset 5
131903fc16b8
parent 2
setup/01_create_database.sql@fcb452578142
child 16
4e0998805276
permissions
-rw-r--r--

moves psql DB setup script to another file (we want to support other engines later) + adds some missing statements to that file

-- Create a database owner role, which has no login permissions.
-- You can either:
--   1) login as default user and switch the user
--   2) decide to override this decision and give login permissions
--   3) use your superuser of choice to manage the database (not recommended!)
create role lightpit_dbo with password 'lpit_dbo_changeme';

-- Create the actual (unprivileged) database user
create user lightpit_user with password 'lpit_user_changeme';

-- Create the LightPIT schema
create schema lightpit authorization lightpit_dbo;
grant usage on schema lightpit to lightpit_user;

-- Grant basic privileges to user (the granting user must be the dbo)
alter default privileges for role lightpit_dbo in schema lightpit
    grant select, insert, update, delete on tables to lightpit_user;
alter default privileges for role lightpit_dbo in schema lightpit
    grant usage, select on sequences to lightpit_user;
alter default privileges for role lightpit_dbo in schema lightpit
    grant execute on functions to lightpit_user;
alter default privileges for role lightpit_dbo in schema lightpit
    grant usage on types to lightpit_user;

-- restrict the search path to the lightpit schema
alter role lightpit_dbo set search_path to lightpit;
alter role lightpit_user set search_path to lightpit;

mercurial