fixing shit for aurora

fvaldes33 · fvaldes33 · commit 14045e714f40 · 2023-06-28T11:13:07.000-04:00
diff --git a/migrations/db/migrate.sh b/migrations/db/migrate.sh
@@ -29,10 +29,10 @@ fi
 db=$( cd -- "$( dirname -- "$0" )" > /dev/null 2>&1 && pwd )
 if [ -z "${USE_DBMATE:-}" ]; then
     # run init scripts as postgres user
-    for sql in "$db"/init-scripts/*.sql; do
-        echo "$0: running $sql"
-        psql -v ON_ERROR_STOP=1 --no-password --no-psqlrc -U postgres -f "$sql"
-    done
+    # for sql in "$db"/init-scripts/*.sql; do
+    #     echo "$0: running $sql"
+    #     psql -v ON_ERROR_STOP=1 --no-password --no-psqlrc -U postgres -f "$sql"
+    # done
     psql -v ON_ERROR_STOP=1 --no-password --no-psqlrc -U postgres -c "ALTER USER supabase_admin WITH PASSWORD '$PGPASSWORD'"
     # run migrations as super user - postgres user demoted in post-setup
     for sql in "$db"/migrations/*.sql; do
diff --git a/migrations/db/migrations/10000000000000_demote-postgres.sql b/migrations/db/migrations/10000000000000_demote-postgres.sql
@@ -14,6 +14,7 @@ GRANT ALL ON ALL SEQUENCES IN SCHEMA extensions TO postgres;
 GRANT ALL ON ALL ROUTINES IN SCHEMA auth TO postgres;
 GRANT ALL ON ALL ROUTINES IN SCHEMA storage TO postgres;
 GRANT ALL ON ALL ROUTINES IN SCHEMA extensions TO postgres;
-ALTER ROLE postgres NOSUPERUSER CREATEDB CREATEROLE LOGIN REPLICATION BYPASSRLS;
-
+ALTER ROLE postgres CREATEDB CREATEROLE LOGIN BYPASSRLS;
+GRANT NOSUPERUSER to postgres;
+GRANT rds_replication to postgres;
 -- migrate:down
diff --git a/migrations/db/migrations/20220713082019_pg_cron-pg_net-temp-perms-fix.sql b/migrations/db/migrations/20220713082019_pg_cron-pg_net-temp-perms-fix.sql
@@ -3,10 +3,10 @@ DO $$
 DECLARE
   pg_cron_installed boolean;
 BEGIN
-  -- checks if pg_cron is enabled   
+  -- checks if pg_cron is enabled
   pg_cron_installed = (
-    select count(*) = 1 
-    from pg_available_extensions 
+    select count(*) = 1
+    from pg_available_extensions
     where name = 'pg_cron'
     and installed_version is not null
   );
@@ -27,7 +27,7 @@ BEGIN
     alter default privileges for user supabase_admin in schema cron grant all
         on functions to postgres with grant option;
 
-    grant all privileges on all tables in schema cron to postgres with grant option; 
+    grant all privileges on all tables in schema cron to postgres with grant option;
   END IF;
 END $$;
 
@@ -37,22 +37,23 @@ DECLARE
 BEGIN
   -- checks if pg_net is enabled
   pg_net_installed = (
-    select count(*) = 1 
-    from pg_available_extensions 
+    select count(*) = 1
+    from pg_available_extensions
     where name = 'pg_net'
     and installed_version is not null
-      
+
   );
 
-  IF pg_net_installed 
+  IF pg_net_installed
   THEN
     IF NOT EXISTS (
       SELECT 1
       FROM pg_roles
       WHERE rolname = 'supabase_functions_admin'
     )
     THEN
-      CREATE USER supabase_functions_admin NOINHERIT CREATEROLE LOGIN NOREPLICATION;
+      CREATE USER supabase_functions_admin NOINHERIT CREATEROLE LOGIN;
+      REVOKE rds_replication FROM supabase_functions_admin;
     END IF;
 
     GRANT USAGE ON SCHEMA net TO supabase_functions_admin, postgres, anon, authenticated, service_role;
