186 lines
6.2 KiB
SQL
186 lines
6.2 KiB
SQL
-- ==========================================
|
|
-- 02: CREATE DATABASES
|
|
-- ==========================================
|
|
-- This script creates development, staging, and production databases
|
|
-- Runs as: postgres (superuser)
|
|
|
|
\echo '🗄️ Creating databases...'
|
|
|
|
-- ==========================================
|
|
-- DEVELOPMENT DATABASE
|
|
-- ==========================================
|
|
CREATE DATABASE aurganize_dev
|
|
WITH
|
|
OWNER = aurganize_backend_api
|
|
ENCODING = 'UTF8'
|
|
LC_COLLATE = 'en_US.UTF-8'
|
|
LC_CTYPE = 'en_US.UTF-8'
|
|
TABLESPACE = pg_default
|
|
CONNECTION LIMIT = 50
|
|
TEMPLATE = template0;
|
|
|
|
COMMENT ON DATABASE aurganize_dev IS 'Aurganize V6.2 - Development Database';
|
|
|
|
\echo '✅ Database aurganize_dev created'
|
|
|
|
-- ==========================================
|
|
-- STAGING DATABASE
|
|
-- ==========================================
|
|
CREATE DATABASE aurganize_staging
|
|
WITH
|
|
OWNER = aurganize_backend_api
|
|
ENCODING = 'UTF8'
|
|
LC_COLLATE = 'en_US.UTF-8'
|
|
LC_CTYPE = 'en_US.UTF-8'
|
|
TABLESPACE = pg_default
|
|
CONNECTION LIMIT = 50
|
|
TEMPLATE = template0;
|
|
|
|
COMMENT ON DATABASE aurganize_staging IS 'Aurganize V6.2 - Staging Database';
|
|
|
|
\echo '✅ Database aurganize_staging created'
|
|
|
|
-- ==========================================
|
|
-- PRODUCTION DATABASE
|
|
-- ==========================================
|
|
CREATE DATABASE aurganize_prod
|
|
WITH
|
|
OWNER = aurganize_backend_api
|
|
ENCODING = 'UTF8'
|
|
LC_COLLATE = 'en_US.UTF-8'
|
|
LC_CTYPE = 'en_US.UTF-8'
|
|
TABLESPACE = pg_default
|
|
CONNECTION LIMIT = 100
|
|
TEMPLATE = template0;
|
|
|
|
COMMENT ON DATABASE aurganize_prod IS 'Aurganize V6.2 - Production Database';
|
|
|
|
\echo '✅ Database aurganize_prod created'
|
|
|
|
-- ==========================================
|
|
-- GRANT PERMISSIONS - DEVELOPMENT DATABASE
|
|
-- ==========================================
|
|
\echo ''
|
|
\echo '🔐 Configuring permissions for aurganize_dev...'
|
|
|
|
\c aurganize_dev
|
|
|
|
-- Grant schema usage
|
|
GRANT USAGE ON SCHEMA public TO aurganize_backend_api;
|
|
|
|
-- Grant all permissions on tables (current and future)
|
|
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO aurganize_backend_api;
|
|
ALTER DEFAULT PRIVILEGES IN SCHEMA public
|
|
GRANT ALL PRIVILEGES ON TABLES TO aurganize_backend_api;
|
|
|
|
-- Grant sequence permissions (for auto-increment IDs)
|
|
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO aurganize_backend_api;
|
|
ALTER DEFAULT PRIVILEGES IN SCHEMA public
|
|
GRANT ALL PRIVILEGES ON SEQUENCES TO aurganize_backend_api;
|
|
|
|
-- Grant function execution
|
|
GRANT ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA public TO aurganize_backend_api;
|
|
ALTER DEFAULT PRIVILEGES IN SCHEMA public
|
|
GRANT ALL PRIVILEGES ON FUNCTIONS TO aurganize_backend_api;
|
|
|
|
-- Grant read-only access
|
|
GRANT CONNECT ON DATABASE aurganize_dev TO aurganize_readonly;
|
|
GRANT USAGE ON SCHEMA public TO aurganize_readonly;
|
|
GRANT SELECT ON ALL TABLES IN SCHEMA public TO aurganize_readonly;
|
|
|
|
-- Future tables
|
|
ALTER DEFAULT PRIVILEGES IN SCHEMA public
|
|
GRANT SELECT ON TABLES TO aurganize_readonly;
|
|
|
|
\echo '✅ Permissions configured for aurganize_dev'
|
|
|
|
-- ==========================================
|
|
-- GRANT PERMISSIONS - STAGING DATABASE
|
|
-- ==========================================
|
|
\echo ''
|
|
\echo '🔐 Configuring permissions for aurganize_staging...'
|
|
|
|
\c aurganize_staging
|
|
|
|
-- Grant schema usage
|
|
GRANT USAGE ON SCHEMA public TO aurganize_backend_api;
|
|
|
|
-- Grant all permissions on tables (current and future)
|
|
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO aurganize_backend_api;
|
|
ALTER DEFAULT PRIVILEGES IN SCHEMA public
|
|
GRANT ALL PRIVILEGES ON TABLES TO aurganize_backend_api;
|
|
|
|
-- Grant sequence permissions
|
|
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO aurganize_backend_api;
|
|
ALTER DEFAULT PRIVILEGES IN SCHEMA public
|
|
GRANT ALL PRIVILEGES ON SEQUENCES TO aurganize_backend_api;
|
|
|
|
-- Grant function execution
|
|
GRANT ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA public TO aurganize_backend_api;
|
|
ALTER DEFAULT PRIVILEGES IN SCHEMA public
|
|
GRANT ALL PRIVILEGES ON FUNCTIONS TO aurganize_backend_api;
|
|
|
|
-- Grant read-only access
|
|
GRANT CONNECT ON DATABASE aurganize_staging TO aurganize_readonly;
|
|
GRANT USAGE ON SCHEMA public TO aurganize_readonly;
|
|
GRANT SELECT ON ALL TABLES IN SCHEMA public TO aurganize_readonly;
|
|
|
|
-- Future tables
|
|
ALTER DEFAULT PRIVILEGES IN SCHEMA public
|
|
GRANT SELECT ON TABLES TO aurganize_readonly;
|
|
|
|
\echo '✅ Permissions configured for aurganize_staging'
|
|
|
|
-- ==========================================
|
|
-- GRANT PERMISSIONS - PRODUCTION DATABASE
|
|
-- ==========================================
|
|
\echo ''
|
|
\echo '🔐 Configuring permissions for aurganize_prod...'
|
|
|
|
\c aurganize_prod
|
|
|
|
-- Grant schema usage
|
|
GRANT USAGE ON SCHEMA public TO aurganize_backend_api;
|
|
|
|
-- Grant all permissions on tables (current and future)
|
|
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO aurganize_backend_api;
|
|
ALTER DEFAULT PRIVILEGES IN SCHEMA public
|
|
GRANT ALL PRIVILEGES ON TABLES TO aurganize_backend_api;
|
|
|
|
-- Grant sequence permissions
|
|
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO aurganize_backend_api;
|
|
ALTER DEFAULT PRIVILEGES IN SCHEMA public
|
|
GRANT ALL PRIVILEGES ON SEQUENCES TO aurganize_backend_api;
|
|
|
|
-- Grant function execution
|
|
GRANT ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA public TO aurganize_backend_api;
|
|
ALTER DEFAULT PRIVILEGES IN SCHEMA public
|
|
GRANT ALL PRIVILEGES ON FUNCTIONS TO aurganize_backend_api;
|
|
|
|
-- Grant read-only access
|
|
GRANT CONNECT ON DATABASE aurganize_prod TO aurganize_readonly;
|
|
GRANT USAGE ON SCHEMA public TO aurganize_readonly;
|
|
GRANT SELECT ON ALL TABLES IN SCHEMA public TO aurganize_readonly;
|
|
|
|
-- Future tables
|
|
ALTER DEFAULT PRIVILEGES IN SCHEMA public
|
|
GRANT SELECT ON TABLES TO aurganize_readonly;
|
|
|
|
\echo '✅ Permissions configured for aurganize_prod'
|
|
|
|
-- ==========================================
|
|
-- SUMMARY
|
|
-- ==========================================
|
|
\echo ''
|
|
\echo '=========================================='
|
|
\echo '✅ All databases created and configured!'
|
|
\echo '=========================================='
|
|
\echo ''
|
|
\echo 'Databases:'
|
|
\echo ' - aurganize_dev (development)'
|
|
\echo ' - aurganize_staging (staging)'
|
|
\echo ' - aurganize_prod (production)'
|
|
\echo ''
|
|
\echo 'Owners: aurganize_backend_api'
|
|
\echo 'Read-only access: aurganize_readonly'
|
|
\echo '' |