add create_db and create_user options (#517)

2026-01-27 18:18:55 +00:00 · 2022-04-05 15:54:17 -07:00
parent 4fa5bedf1b
commit f4dfa877b5
2 changed files with 19 additions and 9 deletions
--- a/omnibus/cookbooks/firezone/attributes/default.rb
+++ b/omnibus/cookbooks/firezone/attributes/default.rb
@@ -243,6 +243,12 @@ default['firezone']['database']['parameters'] = {}
 default['firezone']['database']['pool'] = [10, Etc.nprocessors].max
 default['firezone']['database']['extensions'] = { 'plpgsql' => true, 'pg_trgm' => true }

+# Create the DB user. Set this to false if the user already exists.
+default['firezone']['database']['create_user'] = true
+
+# Create the DB. Set this to false if the database already exists.
+default['firezone']['database']['create_db'] = true
+
 # Uncomment to specify a database password. Not usually needed if using the bundled Postgresql.
 # default['firezone']['database']['password'] = 'change_me'

--- a/omnibus/cookbooks/firezone/recipes/database.rb
+++ b/omnibus/cookbooks/firezone/recipes/database.rb
@@ -30,18 +30,22 @@ ENV['PGPORT'] = node['firezone']['database']['port'].to_s
 ENV['PGUSER'] = node['firezone']['database']['user']
 ENV['PGPASSWORD'] = node['firezone']['database']['password']

-enterprise_pg_user node['firezone']['database']['user'] do
-  superuser true
-  password node['firezone']['database']['password'] || ''
-  # If the database user is the same as the main postgres user, don't create it.
-  not_if do
-    node['firezone']['database']['user'] ==
-      node['firezone']['postgresql']['username']
+unless node['firezone']['database']['create_user'] == false
+  enterprise_pg_user node['firezone']['database']['user'] do
+    superuser true
+    password node['firezone']['database']['password'] || ''
+    # If the database user is the same as the main postgres user, don't create it.
+    not_if do
+      node['firezone']['database']['user'] ==
+        node['firezone']['postgresql']['username']
+    end
  end
 end

-enterprise_pg_database node['firezone']['database']['name'] do
-  owner node['firezone']['database']['user']
+unless node['firezone']['database']['create_db'] == false
+  enterprise_pg_database node['firezone']['database']['name'] do
+    owner node['firezone']['database']['user']
+  end
 end

 node['firezone']['database']['extensions'].each do |ext, _enable|