70 lines
2.7 KiB
Bash
Executable File
70 lines
2.7 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
DEFAULT_SOURCE_DIR="${HOME}/.local/share/trade-bootstrap/sol/trade-r001-canary-secrets"
|
|
SOURCE_HOST="${SOURCE_HOST:-mevnode_bot}"
|
|
SOURCE_NAMESPACE="${SOURCE_NAMESPACE:-trade-staging}"
|
|
SOURCE_DIR="${SOURCE_DIR:-}"
|
|
TARGET_HOST="${TARGET_HOST:-mevnode}"
|
|
PG_VERSION="${PG_VERSION:-16}"
|
|
|
|
ssh_source() {
|
|
ssh -o StrictHostKeyChecking=no "$SOURCE_HOST" "$@"
|
|
}
|
|
|
|
ssh_target() {
|
|
ssh -o StrictHostKeyChecking=no "$TARGET_HOST" "$@"
|
|
}
|
|
|
|
if [ -z "$SOURCE_DIR" ] && [ -d "$DEFAULT_SOURCE_DIR" ]; then
|
|
SOURCE_DIR="$DEFAULT_SOURCE_DIR"
|
|
fi
|
|
|
|
if [ -n "$SOURCE_DIR" ]; then
|
|
SRC_SECRET_JSON="$(cat "${SOURCE_DIR}/trade-postgres.json")"
|
|
else
|
|
SRC_SECRET_JSON="$(ssh_source "sudo k3s kubectl -n ${SOURCE_NAMESPACE} get secret trade-postgres -o json")"
|
|
fi
|
|
POSTGRES_USER="$(printf '%s' "$SRC_SECRET_JSON" | jq -r '.data.POSTGRES_USER' | base64 -d)"
|
|
POSTGRES_PASSWORD="$(printf '%s' "$SRC_SECRET_JSON" | jq -r '.data.POSTGRES_PASSWORD' | base64 -d)"
|
|
POSTGRES_DB="$(printf '%s' "$SRC_SECRET_JSON" | jq -r '.data.POSTGRES_DB' | base64 -d)"
|
|
|
|
ssh_target "if ! dpkg -l | grep -q '^ii timescaledb-2-postgresql-${PG_VERSION} '; then curl -fsSL https://packagecloud.io/install/repositories/timescale/timescaledb/script.deb.sh | sudo bash && sudo apt-get update && sudo DEBIAN_FRONTEND=noninteractive apt-get install -y timescaledb-2-postgresql-${PG_VERSION}; fi"
|
|
|
|
CURRENT_PRELOAD="$(ssh_target "sudo -u postgres psql -Atqc \"show shared_preload_libraries\"")"
|
|
case ",${CURRENT_PRELOAD}," in
|
|
*,timescaledb,*)
|
|
NEW_PRELOAD="${CURRENT_PRELOAD}"
|
|
;;
|
|
,,)
|
|
NEW_PRELOAD="timescaledb"
|
|
;;
|
|
*)
|
|
NEW_PRELOAD="${CURRENT_PRELOAD},timescaledb"
|
|
;;
|
|
esac
|
|
|
|
ssh_target "sudo -u postgres psql -Atqc \"ALTER SYSTEM SET shared_preload_libraries = '${NEW_PRELOAD}';\" && sudo systemctl restart postgresql"
|
|
|
|
APP_USER_SQL=$(printf "%s" "$POSTGRES_USER" | sed "s/'/''/g")
|
|
APP_PASSWORD_SQL=$(printf "%s" "$POSTGRES_PASSWORD" | sed "s/'/''/g")
|
|
APP_DB_SQL=$(printf "%s" "$POSTGRES_DB" | sed "s/'/''/g")
|
|
|
|
ssh_target "sudo -u postgres psql -v ON_ERROR_STOP=1 <<'SQL'
|
|
DO \$\$
|
|
BEGIN
|
|
IF NOT EXISTS (SELECT 1 FROM pg_roles WHERE rolname = '${APP_USER_SQL}') THEN
|
|
EXECUTE format('CREATE ROLE %I LOGIN PASSWORD %L', '${APP_USER_SQL}', '${APP_PASSWORD_SQL}');
|
|
ELSE
|
|
EXECUTE format('ALTER ROLE %I WITH LOGIN PASSWORD %L', '${APP_USER_SQL}', '${APP_PASSWORD_SQL}');
|
|
END IF;
|
|
END
|
|
\$\$;
|
|
SELECT format('CREATE DATABASE %I OWNER %I', '${APP_DB_SQL}', '${APP_USER_SQL}')
|
|
WHERE NOT EXISTS (SELECT 1 FROM pg_database WHERE datname = '${APP_DB_SQL}')
|
|
\\gexec
|
|
ALTER DATABASE \"${POSTGRES_DB}\" OWNER TO \"${POSTGRES_USER}\";
|
|
SQL"
|
|
|
|
echo "Prepared host Postgres on ${TARGET_HOST} for ${POSTGRES_USER}/${POSTGRES_DB} with TimescaleDB enabled"
|