foxgis
diff --git a/‎migrations/CHANGELOG.md
Lines changed: 6 additions & 6 deletions b/‎migrations/CHANGELOG.md
Lines changed: 6 additions & 6 deletions
diff --git a/‎migrations/db/init-scripts/00000000000003-post-setup.sql
Lines changed: 3 additions & 2 deletions b/‎migrations/db/init-scripts/00000000000003-post-setup.sql
Lines changed: 3 additions & 2 deletions
diff --git a/‎migrations/db/migrate.sh
Lines changed: 3 additions & 3 deletions b/‎migrations/db/migrate.sh
Lines changed: 3 additions & 3 deletions
diff --git a/‎migrations/docker.sh
Lines changed: 6 additions & 10 deletions b/‎migrations/docker.sh
Lines changed: 6 additions & 10 deletions
diff --git a/‎migrations/initdb.sh
Lines changed: 21 additions & 0 deletions b/‎migrations/initdb.sh
Lines changed: 21 additions & 0 deletions
@@ -16,18 +16,18 @@
     - 增加`GRANT USAGE ON SCHEMA extensions TO supabase_storage_admin;`。（为了调用gen_rand_uuid函数）
     - `search_path`增加`extensions`。（为了调用gen_rand_uuid函数）
 4. 修改`00000000000003-post-setup.sql`
-    - 注释`GRANT ALL ON DATABASE postgres TO dashboard_user;`。（瀚高数据库限制）
+    - 增加`db`参数。（用来设置数据库名，而不是默认postgres数据库）
 5. 修改`99-jwt.sql`
     - 增加`db`参数。（用来设置数据库名，而不是默认postgres数据库）
 
 ## migrations
 
 1. 排除`00-extensions.sql`。（pg_stat_statements默认已安装）
-2. 注释`20230529180330_alter_api_roles_for_inherit.sql`。（内容已经在00000000000000-initial-schema.sql实现）
-4. 修改`10000000000000_demote-postgres.sql`。
-    - 注释`GRANT ALL ON DATABASE postgres TO postgres;`。（瀚高数据库限制）
+2. 修改`10000000000000_demote-postgres.sql`。
+    - 注释`GRANT ALL ON DATABASE postgres TO postgres;`。（非必须）
     - 注释`ALTER ROLE postgres NOSUPERUSER CREATEDB CREATEROLE LOGIN REPLICATION BYPASSRLS;`（非必要）
-5. 修改`20221028101028_set_authenticator_timeout.sql`
+3. 修改`20221028101028_set_authenticator_timeout.sql`
     - 将`authenticator`角色的`statement_timeout`设置为60s。
-6. 修改`20240606060239_grant_predefined_roles_to_postgres.sql`
+4. 注释`20230529180330_alter_api_roles_for_inherit.sql`。（内容已经在00000000000000-initial-schema.sql实现）
+5. 修改`20240606060239_grant_predefined_roles_to_postgres.sql`
     - 去除`pg_read_all_data`角色。（PG12无此角色）
@@ -1,4 +1,5 @@
 -- migrate:up
+\set db `echo "$POSTGRES_DB"`
 
 ALTER ROLE supabase_admin SET search_path TO "\$user",public,auth,extensions;
 ALTER ROLE postgres SET search_path TO "\$user",public,extensions;
@@ -101,8 +102,8 @@ END
 $$;
 
 -- Supabase dashboard user
--- CREATE ROLE dashboard_user NOSUPERUSER CREATEDB CREATEROLE REPLICATION;
--- GRANT ALL ON DATABASE postgres TO dashboard_user;
+CREATE ROLE dashboard_user NOSUPERUSER CREATEDB CREATEROLE REPLICATION;
+GRANT ALL ON DATABASE :db TO dashboard_user;
 GRANT ALL ON SCHEMA auth TO dashboard_user;
 GRANT ALL ON SCHEMA extensions TO dashboard_user;
 GRANT ALL ON SCHEMA storage TO dashboard_user;
 
@@ -34,7 +34,7 @@ begin
   -- postgres role is pre-created during AMI build
   if not exists (select from pg_roles where rolname = 'postgres') then
     create role postgres superuser login password '$PGPASSWORD';
-    alter database postgres owner to postgres;
+    alter database $PGDATABASE owner to postgres;
   end if;
 end \$\$
 EOSQL
@@ -52,11 +52,11 @@ EOSQL
 else
     psql -v ON_ERROR_STOP=1 --no-password --no-psqlrc -U supabase_admin <<EOSQL
   create role postgres superuser login password '$PGPASSWORD';
-  alter database postgres owner to postgres;
+  alter database $PGDATABASE owner to postgres;
 EOSQL
     # run init scripts as postgres user
     DBMATE_MIGRATIONS_DIR="$db/init-scripts" DATABASE_URL="postgres://postgres:$connect" dbmate --no-dump-schema migrate
-    psql -v ON_ERROR_STOP=1 --no-password --no-psqlrc -U postgres -c "ALTER USER supabase_admin WITH PASSWORD '$PGPASSWORD'"
+    # psql -v ON_ERROR_STOP=1 --no-password --no-psqlrc -U postgres -c "ALTER USER supabase_admin WITH PASSWORD '$PGPASSWORD'"
     # run migrations as super user - postgres user demoted in post-setup
     DBMATE_MIGRATIONS_DIR="$db/migrations" DATABASE_URL="postgres://supabase_admin:$connect" dbmate --no-dump-schema migrate
 fi
 
@@ -30,9 +30,12 @@ until docker exec hgdb pg_isready -U sysdba -d highgo -q; do
   sleep 1
 done
 
+# 复制许可文件
+cp hgdb.lic data/
+
 # 更改select version()返回值，以兼容GDAL
 docker exec -i hgdb gosu highgo bash <<- "EOF"
-  hg_version_gen "PostgreSQL 12.7 (HGDB-SEE V4.5)" "瀚高安全版 V4.5" "12.7"
+  hg_version_gen "PostgreSQL 12.7 (HGDB-SEE V4.5)" "PostgreSQL 12.7 (HGDB-SEE V4.5)" "12.7"
 EOF
 
 # 更改数据库配置
@@ -41,9 +44,6 @@ docker exec -i -e PGPASSWORD=$POSTGRES_PASSWORD hgdb gosu highgo psql -U sysdba
   alter system set wal_level = 'logical';
 EOF
 
-# 复制许可文件
-cp hgdb.lic data/
-
 # 重启数据库使配置生效
 docker restart hgdb
 
@@ -58,18 +58,14 @@ docker exec -i -e PGPASSWORD=$POSTGRES_PASSWORD hgdb gosu highgo psql -U syssso
   select set_secure_param('hg_sepv4','dyn_off');
 EOF
 
-# 创建supabase所需的数据库和用户
+# 创建数据库和用户
 docker exec -i -e PGPASSWORD=$POSTGRES_PASSWORD hgdb gosu highgo psql -U sysdba -d highgo <<- EOF
   create role postgres superuser login password '$POSTGRES_PASSWORD';
-  create role supabase_admin superuser login password '$POSTGRES_PASSWORD';
-  create role dashboard_user NOSUPERUSER CREATEDB CREATEROLE REPLICATION;
-  create user supabase_functions_admin NOINHERIT CREATEROLE LOGIN NOREPLICATION PASSWORD '$POSTGRES_PASSWORD';
   create database $POSTGRES_DB with owner postgres;
-  grant all on database $POSTGRES_DB to dashboard_user;
 EOF
 
 # 初始化数据库
-./db/migrate.sh
+./initdb.sh
 
 # 恢复三权分立
 docker exec -i -e PGPASSWORD=$POSTGRES_PASSWORD hgdb gosu highgo psql -U syssso -d highgo <<- "EOF"
 
@@ -0,0 +1,21 @@
+#!/bin/bash
+
+set -euo pipefail
+
+# 加载.env中的环境变量
+set -a; source .env; set +a
+
+# 设置数据库环境变量
+export PGDATABASE="${POSTGRES_DB:-postgres}"
+export PGHOST="${POSTGRES_HOST:-localhost}"
+export PGPORT="${POSTGRES_PORT:-5866}"
+export PGPASSWORD="${POSTGRES_PASSWORD:-}"
+
+# 创建数据库用户
+psql -v ON_ERROR_STOP=1 --no-password --no-psqlrc -U postgres <<-EOSQL
+  create role supabase_admin superuser login password '$POSTGRES_PASSWORD';
+  create user supabase_functions_admin noinherit createrole login noreplication password '$POSTGRES_PASSWORD';
+EOSQL
+
+# 初始化数据库
+./db/migrate.sh