diff options
Diffstat (limited to 'postgresql-config/src/stage/opt')
4 files changed, 29 insertions, 16 deletions
diff --git a/postgresql-config/src/stage/opt/app/postgresql-config/etc/do-post-install b/postgresql-config/src/stage/opt/app/postgresql-config/etc/do-post-install index 9b25be8..7e8c71b 100644 --- a/postgresql-config/src/stage/opt/app/postgresql-config/etc/do-post-install +++ b/postgresql-config/src/stage/opt/app/postgresql-config/etc/do-post-install @@ -40,38 +40,41 @@ $CFGDIR/etc/makecerts cat $CFGDIR/lib/profile.additions >> ~postgres/.profile # Determine which system is the master. -# For central, we look first in /tmp/postgres.conf. +# For central, we look first in /var/config/DCAE/chef/*-postgres.conf. # If we don't find that, we look at the pgnodes list and pick the first one. -# For edge, we ignore /tmp/postgres.conf and go directly to the pgnodes list. +# For edge, we ignore /var/config/DCAE/chef/*-postgres.conf and go directly to the pgnodes list. # Each edge site has its own master. clustertype=$( ${INSTALL_ROOT}/opt/app/cdf/bin/getpropvalue -n cluster ) ismaster=no case $clustertype in central ) - CONF=/tmp/postgres.conf - if [ -f $CONF ] # OpenDCAE - then + CONFDIR=/var/config/DCAE/chef + CONFCOUNT=$(ls $CONFDIR/*-postgres.conf 2>/dev/null | wc -l) + case "$CONFCOUNT" in + 1 ) # OpenDCAE umask 077 TMP=$(mktemp /tmp/tmp.pi1.XXXXXXXXXX) trap 'rm -f $TMP' 0 1 2 3 15 - sed -e 's/ *: */="/' -e 's/$/"/' -e 's/=""/="/' -e 's/""$/"/' < $CONF > $TMP + sed -e 's/ *: */="/' -e 's/ *$/"/' -e 's/=""/="/' -e 's/""$/"/' < $CONFDIR/*-postgres.conf > $TMP . $TMP case `hostname` in - $master ) ismaster=yes ;; + $master ) ismaster=yes ;; *?* ) ismaster=no ;; '' ) die "master is not set in $CONF" esac PGNODES=$( ${INSTALL_ROOT}/opt/app/cdf/bin/getpropvalue -n pgnodes ) export MASTER=$( gen-repmgr-info -n "$PGNODES" -M "$master" ) [ -n "$MASTER" ] || die "Cannot determine master system. $CONF has '$master' (from env.yaml), which cannot be found in pgnodes." - - else - # not OpenDCAE + ;; + 0 ) # not OpenDCAE ismaster=yes PGNODES=$( ${INSTALL_ROOT}/opt/app/cdf/bin/getpropvalue -n pgnodes ) export MASTER=$( gen-repmgr-info -n "$PGNODES" -m ) - fi + ;; + * ) die "More than one postgres.conf was found: $(ls $CONFDIR/*-postgres.conf 2>&1)" + ;; + esac ;; edge ) host=$( hostname -f ) @@ -86,6 +89,10 @@ esac ssh_and_cdf_okay=no +if pgrep postgres +then pkill postgres +fi + case $ismaster in yes ) # master $CFGDIR/etc/create-ssh-master && diff --git a/postgresql-config/src/stage/opt/app/postgresql-config/etc/gen-pgpass b/postgresql-config/src/stage/opt/app/postgresql-config/etc/gen-pgpass index ca99a0f..3ea9fa1 100644 --- a/postgresql-config/src/stage/opt/app/postgresql-config/etc/gen-pgpass +++ b/postgresql-config/src/stage/opt/app/postgresql-config/etc/gen-pgpass @@ -17,9 +17,10 @@ postgrespswd=$( ${INSTALL_ROOT}/opt/app/cdf/bin/getpropvalue -x -n postgres ) repmgrpswd=$( ${INSTALL_ROOT}/opt/app/cdf/bin/getpropvalue -x -n repmgr ) umask 077 -if [ -f ~postgres/.pgpaas ] +pswdfile=~postgres/.pgpass +if [ -f $pswdfile ] then - ed ~postgres/.pgpaas <<-EOF + ed $pswdfile <<-EOF H g/:postgres:/d g/:repmgr:/d @@ -28,6 +29,6 @@ then EOF fi -echo "*:*:*:postgres:$postgrespswd" >> ~postgres/.pgpass -echo "*:*:*:repmgr:$repmgrpswd" >> ~postgres/.pgpass -chmod go-rwx ~postgres/.pgpass +echo "*:*:*:postgres:$postgrespswd" >> $pswdfile +echo "*:*:*:repmgr:$repmgrpswd" >> $pswdfile +chmod 600 $pswdfile diff --git a/postgresql-config/src/stage/opt/app/postgresql-config/etc/makecerts b/postgresql-config/src/stage/opt/app/postgresql-config/etc/makecerts index a272f7b..46564ab 100755 --- a/postgresql-config/src/stage/opt/app/postgresql-config/etc/makecerts +++ b/postgresql-config/src/stage/opt/app/postgresql-config/etc/makecerts @@ -51,6 +51,8 @@ usage() exit 1 } +set -x + if [ -f "$libdir/ssl-cert-snakeoil.pem" ] && [ -f "$libdir/ssl-cert-snakeoil.key" ]; then if [ "$1" != "--force-overwrite" ]; then exit 0 @@ -83,6 +85,8 @@ trap "rm -f $TMPFILE $TMPOUT" EXIT 1 2 3 15 # create the certificate. +umask 077 + if ! openssl req -config $TMPFILE -new -x509 -days 3650 -nodes \ -out $libdir/ssl-cert-snakeoil.pem \ -keyout $libdir/ssl-cert-snakeoil.key > $TMPOUT 2>&1 diff --git a/postgresql-config/src/stage/opt/app/postgresql-config/etc/start-db b/postgresql-config/src/stage/opt/app/postgresql-config/etc/start-db index 2d50b40..a91d16a 100644 --- a/postgresql-config/src/stage/opt/app/postgresql-config/etc/start-db +++ b/postgresql-config/src/stage/opt/app/postgresql-config/etc/start-db @@ -29,4 +29,5 @@ die() [ -n "$CFGDIR" ] || die "CFGDIR is not set" rm -f $DBROOT/postmaster.pid +chmod 600 $CFGDIR/lib/*.key $PGDIR/bin/pg_ctl start -D $DBROOT -o "-c config_file=$CFGDIR/main/postgresql.conf" |