|
|
@@ -4,24 +4,17 @@ mkdir data
|
|
|
pg_dump -d grocery -Ft -f dump
|
|
|
podman-compose -p grocery up -d
|
|
|
podman exec -i grocery_db_1 psql -U postgres -b < <( cat <<EOF
|
|
|
---CREATE DATABASE grocery;
|
|
|
---DROP DATABASE grocery;
|
|
|
CREATE ROLE pi;
|
|
|
+ALTER ROLE pi LOGIN;
|
|
|
CREATE ROLE das;
|
|
|
CREATE ROLE grocery_ro;
|
|
|
ALTER ROLE grocery_ro LOGIN;
|
|
|
+GRANT das TO pi;
|
|
|
EOF
|
|
|
)
|
|
|
podman exec -i grocery_db_1 pg_restore -U postgres -Ce --dbname postgres < dump
|
|
|
-# need to delete the line: host all all all scram-sha-256
|
|
|
-podman exec -i grocery_db_1 bash -c 'cat >> /var/lib/postgresql/data/pg_hba.conf' <<EOF
|
|
|
-host grocery grocery_ro ::1/128 trust
|
|
|
-host grocery grocery_ro 127.0.0.1/32 trust
|
|
|
-host grocery grocery_ro 10.0.0.0/8 trust
|
|
|
-host grocery grocery_ro 172.16.0.0/12 trust
|
|
|
-host grocery grocery_ro 192.168.0.20/32 trust
|
|
|
-host grocery grocery_ro 192.168.0.100/32 trust
|
|
|
-EOF
|
|
|
+podman exec -i grocery_db_1 psql -d grocery -U postgres -c 'grant select on all tables in schema public to pi;'
|
|
|
+sudo cp pg_hba.conf data/pg_hba.conf
|
|
|
podman exec -i grocery_db_1 bash -c 'kill -HUP 1'
|
|
|
|
|
|
|
Pi