diff --git a/src/development/stack.yml b/src/development/stack.yml index 9be05378..0125d274 100644 --- a/src/development/stack.yml +++ b/src/development/stack.yml @@ -292,7 +292,6 @@ services: # You can access the database via `adminer`. command: -c vibetype.jwt_expiry_duration='1 month' -c wal_level=logical environment: - POSTGRES_ADDITIONAL_DBS: grafana POSTGRES_DB_FILE: /run/secrets/postgres_db POSTGRES_PASSWORD_FILE: /run/secrets/postgres_password POSTGRES_USER_FILE: /run/secrets/postgres_user @@ -302,8 +301,6 @@ services: secrets: - postgres_db - postgres_password - - postgres_role_service_grafana_password - - postgres_role_service_grafana_username - postgres_user # sysctls: # # Prevent Docker Swarm from killing connections (https://github.com/moby/moby/issues/31208) @@ -312,7 +309,6 @@ services: # - net.ipv4.tcp_keepalive_probes=10 volumes: - postgres_data:/var/lib/postgresql/data/ - - ../production/configurations/postgres/docker-entrypoint-initdb.d/additional-databases.sh:/docker-entrypoint-initdb.d/additional-databases.sh:ro prometheus: # You can access the metrics monitoring at [prometheus.localhost](https://prometheus.localhost/). deploy: @@ -388,6 +384,8 @@ services: # You cannot access the database migrations directly. image: maevsi/sqitch:dev secrets: + - postgres_role_service_grafana_password + - postgres_role_service_grafana_username - postgres_role_service_postgraphile_password - postgres_role_service_postgraphile_username - postgres_role_service_vibetype_password diff --git a/src/production/configurations/postgres/docker-entrypoint-initdb.d/PERMISSIONS.md b/src/production/configurations/postgres/docker-entrypoint-initdb.d/PERMISSIONS.md deleted file mode 100644 index 9dc91f46..00000000 --- a/src/production/configurations/postgres/docker-entrypoint-initdb.d/PERMISSIONS.md +++ /dev/null @@ -1 +0,0 @@ -Ensure this directory (!) and all files within it have permission 755. \ No newline at end of file diff --git a/src/production/configurations/postgres/docker-entrypoint-initdb.d/additional-databases.sh b/src/production/configurations/postgres/docker-entrypoint-initdb.d/additional-databases.sh deleted file mode 100755 index b4ca2e33..00000000 --- a/src/production/configurations/postgres/docker-entrypoint-initdb.d/additional-databases.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/sh - -set -eu - -postgres_user="$(cat /run/secrets/postgres_user)" - -create_database_and_role() { - db_name="$1" - password_file="/run/secrets/postgres_role_service_${db_name}_password" - username_file="/run/secrets/postgres_role_service_${db_name}_username" - - if [ ! -f "$password_file" ]; then - echo "[WARN] Password file for '$db_name' not found, skipping creation" >&2 - return - fi - - if [ ! -f "$username_file" ]; then - echo "[WARN] Username file for '$db_name' not found, skipping creation" >&2 - return - fi - - db_password="$(tr -d '\n' < "$password_file")" - db_username="$(tr -d '\n' < "$username_file")" - - echo "[INFO] Creating user and database: '$db_name'" - - psql -v ON_ERROR_STOP=1 --username "$postgres_user" --dbname "postgres" <<-EOSQL - CREATE ROLE "$db_username" WITH LOGIN PASSWORD '$db_password'; - CREATE DATABASE "$db_name" OWNER "$db_username"; -EOSQL -} - -if [ -n "${POSTGRES_ADDITIONAL_DBS:-}" ]; then - echo "[INFO] Additional database creation requested: $POSTGRES_ADDITIONAL_DBS" - - for db in $POSTGRES_ADDITIONAL_DBS; do - create_database_and_role "$db" - done - - echo "[INFO] Multiple databases and roles created" -fi diff --git a/src/production/production.yml b/src/production/production.yml index 5a3e23e7..733a5fb7 100644 --- a/src/production/production.yml +++ b/src/production/production.yml @@ -82,7 +82,7 @@ services: image: ghcr.io/maevsi/reccoom:0.1.0 volumes: (( prune )) sqitch: - image: ghcr.io/maevsi/sqitch:8.0.0-beta.8 + image: ghcr.io/maevsi/sqitch:8.0.0-beta.9 volumes: (( prune )) traefik: command: