# HG changeset patch # User Mike Becker # Date 1511711517 -3600 # Node ID 131903fc16b83eebf1c3f9f34fac9bd13d9b49a1 # Parent a89240b61819820b34a0f973569b7458c09c74e1 moves psql DB setup script to another file (we want to support other engines later) + adds some missing statements to that file diff -r a89240b61819 -r 131903fc16b8 setup/01_create_database.sql --- a/setup/01_create_database.sql Sun Nov 26 16:20:38 2017 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,23 +0,0 @@ --- Create a database owner role, which has no login permissions. --- You can either: --- 1) login as default user and switch the user --- 2) decide to override this decision and give login permissions --- 3) use your superuser of choice to manage the database (not recommended!) -create role lightpit_dbo with password 'lpit_dbo_changeme'; - --- Create the actual (unprivileged) database user -create user lightpit_user with password 'lpit_user_changeme'; - --- Create the LightPIT schema -create schema lightpit authorization lightpit_dbo; - - --- Grant basic privileges to user (the granting user must be the dbo) -alter default privileges for role lightpit_dbo in schema lightpit - grant select, insert, update, delete on tables to lightpit_user; -alter default privileges for role lightpit_dbo in schema lightpit - grant usage, select on sequences to lightpit_user; -alter default privileges for role lightpit_dbo in schema lightpit - grant execute on functions to lightpit_user; -alter default privileges for role lightpit_dbo in schema lightpit - grant usage on types to lightpit_user; diff -r a89240b61819 -r 131903fc16b8 setup/postgres/psql_create_database.sql --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/setup/postgres/psql_create_database.sql Sun Nov 26 16:51:57 2017 +0100 @@ -0,0 +1,27 @@ +-- Create a database owner role, which has no login permissions. +-- You can either: +-- 1) login as default user and switch the user +-- 2) decide to override this decision and give login permissions +-- 3) use your superuser of choice to manage the database (not recommended!) +create role lightpit_dbo with password 'lpit_dbo_changeme'; + +-- Create the actual (unprivileged) database user +create user lightpit_user with password 'lpit_user_changeme'; + +-- Create the LightPIT schema +create schema lightpit authorization lightpit_dbo; +grant usage on schema lightpit to lightpit_user; + +-- Grant basic privileges to user (the granting user must be the dbo) +alter default privileges for role lightpit_dbo in schema lightpit + grant select, insert, update, delete on tables to lightpit_user; +alter default privileges for role lightpit_dbo in schema lightpit + grant usage, select on sequences to lightpit_user; +alter default privileges for role lightpit_dbo in schema lightpit + grant execute on functions to lightpit_user; +alter default privileges for role lightpit_dbo in schema lightpit + grant usage on types to lightpit_user; + +-- restrict the search path to the lightpit schema +alter role lightpit_dbo set search_path to lightpit; +alter role lightpit_user set search_path to lightpit;