Add support for creating extensions on databases

2023-12-01 14:57:55 +01:00 · 2023-12-01 14:57:55 +01:00 · c321402188
parent e37a78ad78
commit c321402188
3 changed files with 19 additions and 6 deletions
--- a/images/ldap2pg/root/entrypoint.d/10-createdb.sh
+++ b/images/ldap2pg/root/entrypoint.d/10-createdb.sh
@ -8,20 +8,28 @@ for IDX in $(printenv | grep -E '^PG_DB_([0-9]+)=' | sed -E 's/^PG_DB_([0-9]+)=.
  DB_OWNER=$(printenv PG_DB_${IDX}_OWNER || echo "${DB_NAME}")
  DB_ENCODING=$(printenv PG_DB_${IDX}_ENCODING || echo "UTF8")
  DB_LOCALE=$(printenv PG_DB_${IDX}_LOCALE || echo "${LANG}")
+  DB_EXTENSIONS=$(printenv PG_DB_${IDX}_EXTENSIONS || echo "")
  if [ "${LDAP2PG_MODE}" = "real" ]; then
    echo "Create postgres role ${DB_OWNER} if needed"
    psql <<_EOSQL
-    SELECT 'CREATE ROLE "${DB_OWNER}"'
-      WHERE NOT EXISTS (SELECT FROM pg_catalog.pg_roles WHERE rolname = '${DB_OWNER}')\gexec
+      SELECT 'CREATE ROLE "${DB_OWNER}"'
+        WHERE NOT EXISTS (SELECT FROM pg_catalog.pg_roles WHERE rolname = '${DB_OWNER}')\gexec
 _EOSQL
    echo "Create postgres database ${DB_NAME} (OWNER \"${DB_OWNER}\" ENCODING \"${DB_ENCODING}\" LOCALE \"${DB_LOCALE}\") if needed"
    psql <<_EOSQL
-    SELECT 'CREATE DATABASE "${DB_NAME}" OWNER "${DB_OWNER}" ENCODING "${DB_ENCODING}" LOCALE "${DB_LOCALE}"'
-      WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname = '${DB_NAME}')\gexec
+      SELECT 'CREATE DATABASE "${DB_NAME}" OWNER "${DB_OWNER}" ENCODING "${DB_ENCODING}" LOCALE "${DB_LOCALE}"'
+        WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname = '${DB_NAME}')\gexec
 _EOSQL
    psql -d ${DB_NAME} <<_EOSQL
-    ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON FUNCTIONS TO pg_database_owner;
+      ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON FUNCTIONS TO pg_database_owner;
 _EOSQL
+    if [ -n "${DB_EXTENSIONS}" ]; then
+      for EXT in $(echo ${DB_EXTENSIONS} | sed -e 's/,/\n/g'); do
+        psql -d ${DB_NAME} <<_EOSQL
+          CREATE EXTENSION IF NOT EXISTS ${EXT};
+_EOSQL
+      done
+    fi
  else
    echo "Would create user ${DB_OWNER} and database ${DB_NAME} (OWNER \"${DB_OWNER}\" ENCODING \"${DB_ENCODING}\" LOCALE \"${DB_LOCALE}\"), but we're running in dry mode"
  fi
--- a/manage.nomad.hcl
+++ b/manage.nomad.hcl
@ -58,6 +58,9 @@ job "[[ .pg.instance ]]-manage[[ $c.consul.suffix ]]" {
  [[- if has $db "locale" ]]
        PG_DB_[[ $idx ]]_LOCALE = [[ $db.locale | toJSON ]]
  [[- end ]]
+  [[- if has $db "extensions" ]]
+        PG_DB_[[ $idx ]]_EXTENSIONS = "[[ join $db.extensions "," ]]"
+  [[- end ]]
 [[- end ]]
        LDAP2PG_CONFIG = "/secrets/ldap2pg.yml"
        LDAP2PG_MODE = [[ $c.mode | toJSON ]]
--- a/variables.yml
+++ b/variables.yml
@ -170,7 +170,7 @@ pg:
  # manage can create database, users and sync permissions from LDAP (using ldap2pg)
  manage:
    # Image to use
-    image: danielberteaud/ldap2pg:6.0-4
+    image: danielberteaud/ldap2pg:6.0-5

    # Resource allocation
    resources:
@ -199,6 +199,8 @@ pg:
    #     owner: erp
    #     encoding: UTF-8
    #     locale: fr_FR.utf8
+    #     extensions:
+    #       - uuid-ossp
    databases: []

    # Schedule to run ldap2pg regularily, to ensure permissions are up to date