flamy_preview/pg18-1C_for_deb13
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Обновить install_pg1c.sh

Browse Source
This commit is contained in:
Crimson
2026-03-25 11:06:51 +00:00
parent 009cec5c0e
commit 6c129cd2a1
1 changed files with 51 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

77
install_pg1c.sh
View File

@@ -29,6 +29,10 @@ require_root() {
[[ "$(id -u)" -eq 0 ]] || fail "Скрипт нужно запускать от root" [[ "$(id -u)" -eq 0 ]] || fail "Скрипт нужно запускать от root"
} }
sql_escape_literal() {
printf "%s" "$1" | sed "s/'/''/g"
}
load_env() { load_env() {
[[ -f "$ENV_FILE" ]] || fail "Файл окружения не найден: $ENV_FILE" [[ -f "$ENV_FILE" ]] || fail "Файл окружения не найден: $ENV_FILE"
@@ -48,31 +52,27 @@ load_env() {
INSTALL_MODE="${INSTALL_MODE:-standalone}" INSTALL_MODE="${INSTALL_MODE:-standalone}"
PG_ADMIN_SUPERUSER="$(bool_norm "${PG_ADMIN_SUPERUSER:-true}")" PG_ADMIN_SUPERUSER="$(bool_norm "${PG_ADMIN_SUPERUSER:-true}")"
PG_CREATE_DB="$(bool_norm "${PG_CREATE_DB:-false}")" PG_CREATE_DB="$(bool_norm "${PG_CREATE_DB:-true}")"
PG_SERVICE_ENABLE="$(bool_norm "${PG_SERVICE_ENABLE:-true}")" PG_SERVICE_ENABLE="$(bool_norm "${PG_SERVICE_ENABLE:-true}")"
PG_SERVICE_START="$(bool_norm "${PG_SERVICE_START:-true}")" PG_SERVICE_START="$(bool_norm "${PG_SERVICE_START:-true}")"
ENFORCE_PASSWORD_AUTH="$(bool_norm "${ENFORCE_PASSWORD_AUTH:-true}")" ENFORCE_PASSWORD_AUTH="$(bool_norm "${ENFORCE_PASSWORD_AUTH:-true}")"
CREATE_HBA_BACKUP="$(bool_norm "${CREATE_HBA_BACKUP:-true}")" CREATE_HBA_BACKUP="$(bool_norm "${CREATE_HBA_BACKUP:-true}")"
PRESERVE_POSTGRES_PEER_LOCAL="$(bool_norm "${PRESERVE_POSTGRES_PEER_LOCAL:-true}")"
SET_POSTGRES_ROLE_PASSWORD="$(bool_norm "${SET_POSTGRES_ROLE_PASSWORD:-false}")"
POSTGRES_ROLE_PASSWORD="${POSTGRES_ROLE_PASSWORD:-}"
POSTGRES_SOCKET_DIR="${POSTGRES_SOCKET_DIR:-/var/run/postgresql}" POSTGRES_SOCKET_DIR="${POSTGRES_SOCKET_DIR:-/var/run/postgresql}"
PG_DB_NAME="${PG_DB_NAME:-}" PG_DB_NAME="${PG_DB_NAME:-}"
REPO_ADD_TMP="${REPO_ADD_TMP:-/tmp/pgpro-repo-add.sh}" REPO_ADD_TMP="${REPO_ADD_TMP:-/tmp/pgpro-repo-add.sh}"
PG_CLUSTER_DIR="${PG_CLUSTER_DIR:-/var/lib/pgpro/1c-18/data}"
# Точечные правила для прикладного доступа
APP_LOCAL_AUTH_METHOD="${APP_LOCAL_AUTH_METHOD:-scram-sha-256}" APP_LOCAL_AUTH_METHOD="${APP_LOCAL_AUTH_METHOD:-scram-sha-256}"
APP_HOST_AUTH_METHOD="${APP_HOST_AUTH_METHOD:-scram-sha-256}" APP_HOST_AUTH_METHOD="${APP_HOST_AUTH_METHOD:-scram-sha-256}"
APP_HOST_IPV4_CIDR="${APP_HOST_IPV4_CIDR:-127.0.0.1/32}" APP_HOST_IPV4_CIDR="${APP_HOST_IPV4_CIDR:-127.0.0.1/32}"
APP_HOST_IPV6_CIDR="${APP_HOST_IPV6_CIDR:-::1/128}" APP_HOST_IPV6_CIDR="${APP_HOST_IPV6_CIDR:-::1/128}"
# Оставить ли peer для локального системного postgres
PRESERVE_POSTGRES_PEER_LOCAL="$(bool_norm "${PRESERVE_POSTGRES_PEER_LOCAL:-true}")"
# Нужно ли задать пароль роли postgres тоже
SET_POSTGRES_ROLE_PASSWORD="$(bool_norm "${SET_POSTGRES_ROLE_PASSWORD:-false}")"
POSTGRES_ROLE_PASSWORD="${POSTGRES_ROLE_PASSWORD:-}"
case "$INSTALL_MODE" in case "$INSTALL_MODE" in
standalone|parallel) ;; standalone|parallel) ;;
*) fail "INSTALL_MODE должен быть standalone или parallel" ;; *) fail "INSTALL_MODE должен быть standalone или parallel" ;;
@@ -113,7 +113,7 @@ check_os() {
ensure_base_packages() { ensure_base_packages() {
export DEBIAN_FRONTEND=noninteractive export DEBIAN_FRONTEND=noninteractive
apt-get update apt-get update
apt-get install -y wget ca-certificates gnupg apt-transport-https sed grep coreutils apt-get install -y wget ca-certificates gnupg apt-transport-https sed grep coreutils gawk
} }
ensure_repo() { ensure_repo() {
@@ -141,7 +141,7 @@ install_pgpro() {
apt-get install -y "$PACKAGE_PARALLEL" apt-get install -y "$PACKAGE_PARALLEL"
[[ -x "$PGSETUP" ]] || fail "Не найден $PGSETUP" [[ -x "$PGSETUP" ]] || fail "Не найден $PGSETUP"
if [[ ! -d /var/lib/pgpro/1c-18/data/base ]]; then if [[ ! -d "${PG_CLUSTER_DIR}/base" ]]; then
log "Инициализирую новый кластер Postgres Pro 1C 18" log "Инициализирую новый кластер Postgres Pro 1C 18"
"$PGSETUP" initdb "$PGSETUP" initdb
else else
@@ -150,19 +150,48 @@ install_pgpro() {
fi fi
} }
service_unit_exists() {
systemctl list-unit-files --type=service --no-legend 2>/dev/null | awk '{print $1}' | grep -Fxq "${SERVICE_NAME}.service"
}
service_enable() {
if [[ -x "$PGSETUP" ]]; then
"$PGSETUP" service enable
else
systemctl enable "$SERVICE_NAME"
fi
}
service_start() {
if [[ -x "$PGSETUP" ]]; then
"$PGSETUP" service start
else
systemctl start "$SERVICE_NAME"
fi
}
service_restart() {
if [[ -x "$PGSETUP" ]]; then
if "$PGSETUP" service condrestart >/dev/null 2>&1; then
return 0
fi
fi
systemctl restart "$SERVICE_NAME"
}
enable_and_start_service() { enable_and_start_service() {
if ! systemctl list-unit-files | grep -q "^${SERVICE_NAME}\.service"; then if ! service_unit_exists; then
fail "Не найден unit-файл ${SERVICE_NAME}.service" fail "Не найден unit-файл ${SERVICE_NAME}.service"
fi fi
if [[ "$PG_SERVICE_ENABLE" == "true" ]]; then if [[ "$PG_SERVICE_ENABLE" == "true" ]]; then
log "Включаю автозапуск ${SERVICE_NAME}" log "Включаю автозапуск ${SERVICE_NAME}"
systemctl enable "$SERVICE_NAME" service_enable
fi fi
if [[ "$PG_SERVICE_START" == "true" ]]; then if [[ "$PG_SERVICE_START" == "true" ]]; then
log "Запускаю ${SERVICE_NAME}" log "Запускаю ${SERVICE_NAME}"
systemctl restart "$SERVICE_NAME" service_start
fi fi
} }
@@ -186,10 +215,6 @@ psql_postgres() {
runuser -u postgres -- "$PSQL" -v ON_ERROR_STOP=1 -h "$POSTGRES_SOCKET_DIR" -d postgres "$@" runuser -u postgres -- "$PSQL" -v ON_ERROR_STOP=1 -h "$POSTGRES_SOCKET_DIR" -d postgres "$@"
} }
sql_escape_literal() {
printf "%s" "$1" | sed "s/'/''/g"
}
configure_role() { configure_role() {
[[ -x "$PSQL" ]] || fail "Не найден $PSQL" [[ -x "$PSQL" ]] || fail "Не найден $PSQL"
@@ -288,9 +313,9 @@ prepend_managed_hba_block() {
echo "local all postgres peer" echo "local all postgres peer"
fi fi
echo "local all ${PG_ADMIN_USER} ${APP_LOCAL_AUTH_METHOD}" printf 'local all %s %s\n' "$PG_ADMIN_USER" "$APP_LOCAL_AUTH_METHOD"
echo "host all ${PG_ADMIN_USER} ${APP_HOST_IPV4_CIDR} ${APP_HOST_AUTH_METHOD}" printf 'host all %s %s %s\n' "$PG_ADMIN_USER" "$APP_HOST_IPV4_CIDR" "$APP_HOST_AUTH_METHOD"
echo "host all ${PG_ADMIN_USER} ${APP_HOST_IPV6_CIDR} ${APP_HOST_AUTH_METHOD}" printf 'host all %s %s %s\n' "$PG_ADMIN_USER" "$APP_HOST_IPV6_CIDR" "$APP_HOST_AUTH_METHOD"
echo "# END MANAGED BY install_pg1c.sh" echo "# END MANAGED BY install_pg1c.sh"
echo echo
@@ -319,7 +344,7 @@ configure_pg_hba() {
prepend_managed_hba_block "$hba_file" prepend_managed_hba_block "$hba_file"
log "Перезапускаю ${SERVICE_NAME} после правки pg_hba.conf" log "Перезапускаю ${SERVICE_NAME} после правки pg_hba.conf"
systemctl restart "$SERVICE_NAME" service_restart
wait_for_postgres wait_for_postgres
} }
@@ -341,8 +366,8 @@ show_summary() {
Проверки: Проверки:
systemctl status ${SERVICE_NAME} systemctl status ${SERVICE_NAME}
sudo -u postgres ${PSQL} -h ${POSTGRES_SOCKET_DIR} -d postgres -c "\du" sudo -u postgres ${PSQL} -h ${POSTGRES_SOCKET_DIR} -d postgres -c "\\du"
sudo -u postgres ${PSQL} -h ${POSTGRES_SOCKET_DIR} -d postgres -c "\l" sudo -u postgres ${PSQL} -h ${POSTGRES_SOCKET_DIR} -d postgres -c "\\l"
Подключение под новым пользователем: Подключение под новым пользователем:
${PSQL} -h 127.0.0.1 -U ${PG_ADMIN_USER} -d ${PG_DB_NAME:-postgres} -W ${PSQL} -h 127.0.0.1 -U ${PG_ADMIN_USER} -d ${PG_DB_NAME:-postgres} -W
@@ -376,4 +401,4 @@ main() {
show_summary show_summary
} }
main "$@" main "$@"