init

2025-06-03 19:47:40 +02:00 · 2025-06-03 19:47:40 +02:00 · 1c9d89946a
commit 1c9d89946a
8 changed files with 185 additions and 0 deletions
--- a/.env.postgres
+++ b/.env.postgres
@ -0,0 +1,4 @@
 POSTGRES_USER=admin
 POSTGRES_PASSWORD=admin
 POSTGRES_DB=chat
 PGDATA=/var/lib/postgresql/data/pgdata
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -0,0 +1,23 @@
 services:
  database:
    image: postgres:17-alpine
    restart: unless-stopped
    ports:
      - 5432:5432
    env_file: .env.postgres
    volumes:
      - pgdata:/var/lib/postgresql/data
      - ./postgres:/docker-entrypoint-initdb.d:ro
  keystore:
    image: valkey/valkey:8-alpine
    restart: unless-stopped
    ports:
      - 6379:6379
    command: valkey-server /usr/local/etc/valkey/valkey.conf
    volumes:
      - ./valkey/valkey.conf:/usr/local/etc/valkey/valkey.conf:ro
      - ./valkey/users.acl:/usr/local/etc/valkey/users.acl:ro
 volumes:
  pgdata:
--- a/postgres/10-init.sql
+++ b/postgres/10-init.sql
@ -0,0 +1,44 @@
 create table if not exists "user" (
  "id" serial primary key,
  "username" varchar(32) not null unique,
  "password_hash" varchar(72) not null,
  "status" varchar(200) not null default '',
  "picture" varchar(300) not null default '',
  "bio" varchar(200) not null default ''
 );
 create table if not exists "role" (
  "id" serial primary key,
  "name" varchar(32) not null unique
 );
 create table if not exists "role_binding" (
  "user_id" integer not null references "user"("id") on delete cascade,
  "role_id" integer not null references "role"("id") on delete cascade,
  primary key ("user_id", "role_id"),
  unique ("user_id", "role_id")
 );
 create table if not exists "channel" (
  "id" serial primary key,
  "name" varchar(32) not null unique,
  "description" varchar(200) default null
 );
 create type "right_t" as enum ('R', 'W', 'RW', 'A');
 create table if not exists "right" (
  "role_id" integer not null references "role"("id"),
  "channel_id" integer not null references "channel"("id"),
  "rights" right_t not null,
  primary key ("role_id", "channel_id"),
  unique ("role_id", "channel_id")
 );
 create table if not exists "message" (
  "id" serial primary key,
  "sender_id" integer not null references "user"("id") on delete cascade,
  "channel_id" integer not null references "channel"("id") on delete cascade,
  "time" timestamp without time zone default (now() at time zone 'utc'),
  "content" varchar(2000) not null
 );
--- a/postgres/20-procedures.sql
+++ b/postgres/20-procedures.sql
@ -0,0 +1,51 @@
 create or replace procedure add_user(
    in in_username varchar(32),
    in in_password_hash varchar(72)
  )
 language plpgsql
 as $$
 begin
  insert into "user" ("username", "password_hash")
  values (in_username, in_password_hash);
  insert into "role_binding" ("user_id", "role_id")
  values (
    (
      select "id"
      from "user"
      where "username" = in_username
    ),
    (
      select "id"
      from "role"
      where "name" = 'member'
    )
  );
 end;
 $$;
 create or replace procedure add_channel(
    in channel_name varchar(32),
    in channel_desc varchar(200)
  )
 language plpgsql
 as $$
 declare
  channel_id integer;
 begin
  insert into "channel" ("name", "description")
  values (channel_name, channel_desc)
  returning "id" into channel_id;
  insert into "right" ("role_id", "channel_id", "rights")
  values (
    (
      select "id"
      from "role"
      where "name" = 'admin'
    ),
    channel_id,
    'A'
  );
 end;
 $$
--- a/postgres/30-triggers.sql
+++ b/postgres/30-triggers.sql
@ -0,0 +1,10 @@
 -- prevent deleting or changing default roles
 create rule protect_special_roles_update as
 on update to "role"
 where old."name" = 'admin' or old."name" = 'member'
 do instead nothing;
 create rule protect_special_roles_delete as
 on delete to "role"
 where old."name" = 'admin' or old."name" = 'member'
 do instead nothing;
--- a/postgres/40-default.sql
+++ b/postgres/40-default.sql
@ -0,0 +1,45 @@
 -- admin account and its role and right
 insert into "user" ("username", "password_hash")
 values (
    'admin',
    '$2a$12$FChbwNEIH9imtkTAkNq35eqMb.1C.1BP3bbuFZwOr7rOrs5luwCzq'
  );
 insert into "role" ("name")
 values ('admin');
 insert into "role_binding" ("user_id", "role_id")
 values (
    (
      select "id"
      from "user"
      where "username" = 'admin'
    ),
    (
      select "id"
      from "role"
      where "name" = 'admin'
    )
  );
 -- default channel
 call add_channel('default', 'default channel');
 -- member role
 insert into "role" ("name")
 values ('member');
 insert into "right" ("role_id", "channel_id", "rights")
 values (
    (
      select "id"
      from "role"
      where "name" = 'member'
    ),
    (
      select "id"
      from "channel"
      where "name" = 'default'
    ),
    'RW'
  );
--- a/valkey/users.acl
+++ b/valkey/users.acl
@ -0,0 +1,4 @@
 user default off
 user admin on >admin allcommands allkeys
 user readonly on >readonly ~* +@read
--- a/valkey/valkey.conf
+++ b/valkey/valkey.conf
@ -0,0 +1,4 @@
 port 6379
 databases 1
 aclfile /usr/local/etc/valkey/users.acl