publik-common/publik-create-databases

#!/usr/bin/python3
import argparse
import os
import random
import string
import subprocess
import sys


publik = {
    "authentic2-multitenant": {
        "database": "authentic2_multitenant",
        "user": "authentic-multitenant",
        "extensions": ["unaccent", "pg_trgm"],
    },
    "bijoe": {},
    "chrono": {},
    "combo": {"extensions": ["unaccent"]},
    "fargo": {},
    "hobo": {},
    "passerelle": {},
    "wcs": {},
    "welco": {},
}


def run(command, database="postgres", fake=False):
    cmd = 'sudo -u postgres psql -c "%s" %s' % (command.replace('"', '\\"'), database)
    if fake:
        print(cmd)
    else:
        subprocess.run(cmd, shell=True, check=True)


def write_setting(brique, host, port, password):
    if brique == "wcs":
        print("warning: setting w.c.s. connection password is not implemented")
        return
    settings_d = "/etc/%s/settings.d" % brique
    settings = "%s/database.py" % settings_d
    if not os.path.isdir(settings_d):
        os.system('mkdir -p %s' % settings_d)
    with open(settings, "w") as fh:
        fh.write(
            "DATABASES['default']['HOST'] = '{host}'\n"
            "DATABASES['default']['PORT'] = {port}\n"
            "DATABASES['default']['PASSWORD'] = '{password}'".format(host=host, port=port, password=password)
        )


def main(args):
    for brique, data in publik.items():
        database = data.get("database", brique)
        user = data.get("user", brique)
        extensions = data.get("extensions")
        run('CREATE USER "%s";' % user, fake=args.fake)
        if user == "wcs":
            run("ALTER USER wcs CREATEDB;", fake=args.fake)
        if args.password:
            password = "".join(random.choice(string.ascii_letters + string.digits) for _ in range(16))
            run("ALTER USER \"%s\" with password '%s';" % (user, password), fake=args.fake)
        run(
            "CREATE DATABASE {} WITH OWNER = \"{}\" TEMPLATE = template0 "
            "LC_COLLATE = 'fr_FR.UTF-8' LC_CTYPE = 'fr_FR.UTF-8';".format(database, user),
            fake=args.fake,
        )
        if extensions:
            for e in extensions:
                run("CREATE EXTENSION %s;" % e, database=database, fake=args.fake)
        if not args.fake and args.password:
            write_setting(brique, args.host, args.port, password)


if __name__ == "__main__":
    parser = argparse.ArgumentParser()
    parser.add_argument("--password", action="store_true", help="generate password")
    parser.add_argument("--fake", action="store_true", help="dry-run")
    parser.add_argument("--host", default="localhost")
    parser.add_argument("--port", default="5432")
    args = parser.parse_args()

    if not args.fake and os.geteuid() != 0:
        sys.exit("You need to have privileges to run this script, please try again with sudo.")

    main(args)