Added CT: Postgresql

2025-01-05 17:43:29 +01:00
parent d425174eab
commit c767b21856
11 changed files with 171 additions and 1 deletions
--- a/CT-Files/postgresql/Configs/pgadmin-config_local.py
+++ b/CT-Files/postgresql/Configs/pgadmin-config_local.py
@@ -0,0 +1,22 @@
+#pgAdmin Custom config
+
+##########################################################################
+# Misc stuff
+##########################################################################
+
+# Languages we support in the UI
+LANGUAGES = {
+    'en': 'English'  
+}
+
+##########################################################################
+# External Database Settings
+##########################################################################
+CONFIG_DATABASE_URI = 'postgresql://pgadmin:DBPassword@localhost:5432/pgadmin'
+
+##########################################################################
+# In server mode, SHARED_STORAGE settings
+##########################################################################
+
+# Locations
+SHARED_STORAGE = [{ 'name': 'Shared-Storage', 'path': '/var/lib/pgadmin/storage/shared', 'restricted_access': True}]
--- a/CT-Files/postgresql/Configs/pgadmin-server-import.json
+++ b/CT-Files/postgresql/Configs/pgadmin-server-import.json
@@ -0,0 +1,17 @@
+{
+    "Servers": {
+        "1": {
+            "Name": "localhost",
+            "Group": "Servers",
+            "Host": "localhost",
+            "Port": 5432,
+            "MaintenanceDB": "postgres",
+            "Username": "postgres",
+            "ConnectionParameters": {
+                "sslmode": "prefer",
+                "passfile": "Shared-Storage:/pgpassfile"
+            },
+            "Tags": []
+        }
+    }
+}
--- a/CT-Files/postgresql/Configs/pgadmin-user-preferences.json
+++ b/CT-Files/postgresql/Configs/pgadmin-user-preferences.json
@@ -0,0 +1,6 @@
+{
+    "preferences":
+        {
+            "misc:themes:theme": "system"
+        }
+}
--- a/CT-Files/postgresql/Configs/pgadmin-uwsgi.ini
+++ b/CT-Files/postgresql/Configs/pgadmin-uwsgi.ini
@@ -0,0 +1,12 @@
+[uwsgi]
+http-socket= :80
+chdir = /usr/pgadmin4/web/
+module = pgAdmin4:application
+threads = 25
+processes = 1
+wsgi-file = pgAdmin4.wsgi
+mount = /pgadmin=pgAdmin4:app
+manage-script-name = true
+chmod-socket = 660
+plugins = python3
+home = /usr/pgadmin4/venv
--- a/CT-Files/postgresql/Configs/pgadmin.service
+++ b/CT-Files/postgresql/Configs/pgadmin.service
@@ -0,0 +1,16 @@
+[Unit]
+Description=pgAdmin uwsgi service
+
+[Service]
+ExecStart=/bin/uwsgi-core \
+        --ini /etc/uwsgi/apps-available/pgadmin.ini
+User=pgadmin
+Group=www-data
+Restart=on-failure
+KillSignal=SIGQUIT
+Type=notify
+StandardError=journal
+NotifyAccess=all
+
+[Install]
+WantedBy=multi-user.target
--- a/CT-Files/postgresql/Configs/pgpassfile
+++ b/CT-Files/postgresql/Configs/pgpassfile
@@ -0,0 +1,2 @@
+localhost:5432:*:postgres:Password
+127.0.0.1:5432:*:postgres:Password
--- a/CT-Files/postgresql/Scripts/FirstRun.sh
+++ b/CT-Files/postgresql/Scripts/FirstRun.sh
@@ -0,0 +1,35 @@
+#!/bin/bash
+read -p "Enter your e-mail for pgAdmin login: " PostgressAdminMail
+read -p "Enter new password for pgAdmin and postgresql database admin: " -s NewPostgressPassword
+echo
+echo "Please wait..."
+
+#Configure Postgresql
+su postgres -c "psql -c \"alter user postgres with password '$NewPostgressPassword';\""
+
+#Configure pgAdmin
+##Create pgadmin db for storing pgAdmin config 
+PGADMIN_DB_PASSWORD=$(dd bs=20 count=1 if=/dev/urandom | base64 | tr +/ _.)
+su postgres -c "psql -c \"CREATE ROLE pgadmin WITH LOGIN NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT NOREPLICATION NOBYPASSRLS CONNECTION LIMIT 25 PASSWORD '$PGADMIN_DB_PASSWORD';\""
+su postgres -c "psql -c \"CREATE DATABASE pgadmin WITH OWNER = pgadmin ENCODING = 'UTF8' LOCALE_PROVIDER = 'libc' CONNECTION LIMIT = -1 IS_TEMPLATE = False;\""
+sed -i "s/DBPassword/$PGADMIN_DB_PASSWORD/" /usr/pgadmin4/web/config_local.py
+
+##Setup the pgAdmin base
+export PGADMIN_SETUP_EMAIL=$PostgressAdminMail
+export PGADMIN_SETUP_PASSWORD=$NewPostgressPassword
+su -pc "/usr/pgadmin4/venv/bin/python3 /usr/pgadmin4/web/setup.py setup-db" pgadmin 
+systemctl restart pgadmin
+
+## add localhost postges server as connection is pgAdmin
+sed -i "s/Password/$NewPostgressPassword/" /opt/Setup/Configs/pgpassfile
+mv /opt/Setup/Configs/pgpassfile /var/lib/pgadmin/storage/shared/pgpassfile
+chown pgadmin: /var/lib/pgadmin/storage/shared/pgpassfile
+chmod 600 /var/lib/pgadmin/storage/shared/pgpassfile
+/usr/pgadmin4/venv/bin/python3 /usr/pgadmin4/web/setup.py load-servers /opt/Setup/Configs/pgadmin-server-import.json --user $PostgressAdminMail
+
+## Set user preferences (i.e. set the theme to system)
+/usr/pgadmin4/venv/bin/python3 /usr/pgadmin4/web/setup.py set-prefs $PostgressAdminMail --input-file /opt/Setup/Configs/pgadmin-user-preferences.json 
+
+##Clean-up
+rm /root/ReadMe /opt/Setup/Configs/pgadmin-server-import.json /opt/Setup/Configs/pgadmin-user-preferences.json
+
--- a/CT-Files/postgresql/Scripts/Init.sh
+++ b/CT-Files/postgresql/Scripts/Init.sh
@@ -0,0 +1,16 @@
+#!/bin/sh
+#Setup postgresql
+printf "\n#User entries (Make sure to reload postgressql after updating this file) \n# TYPE  DATABASE        USER            ADDRESS                 METHOD\n" >> /etc/postgresql/17/main/pg_hba.conf
+sed -i "s|#listen_addresses = 'localhost'|listen_addresses = '*'   |" /etc/postgresql/17/main/postgresql.conf
+
+#Setup pgadmin
+adduser --system --shell /bin/false --ingroup www-data --disabled-password  --disabled-login  --home /var/lib/www/pgadmin pgadmin
+mkdir -p /var/log/pgadmin /var/lib/pgadmin/storage/shared
+chown pgadmin: /var/log/pgadmin /var/lib/pgadmin -R
+mv /opt/Setup/Configs/pgadmin-uwsgi.ini /etc/uwsgi/apps-available/pgadmin.ini
+mv /opt/Setup/Configs/pgadmin-config_local.py /usr/pgadmin4/web/config_local.py
+
+#Setup uwsgi service for pgadmin
+mv /opt/Setup/Configs/pgadmin.service /lib/systemd/system/pgadmin.service
+chmod +x /lib/systemd/system/pgadmin.service
+setcap 'cap_net_bind_service=+ep' /bin/uwsgi-core