Add username/database arguments to link/unlink

Author: kane-c

commands

@@ -122,15 +122,15 @@ case "$1" in
     $PLUGIN_COMMAND_PREFIX:expose <name> [port], Expose a $PLUGIN_SERVICE service on custom port if provided (random port otherwise)
     $PLUGIN_COMMAND_PREFIX:import <name> < <file>, Import a dump into the $PLUGIN_SERVICE service database
     $PLUGIN_COMMAND_PREFIX:info <name>, Print the connection information
-    $PLUGIN_COMMAND_PREFIX:link <name> <app>, Link the $PLUGIN_SERVICE service to the app
+    $PLUGIN_COMMAND_PREFIX:link <name> <app> [--user user] [--database database], Link the $PLUGIN_SERVICE service to the app
     $PLUGIN_COMMAND_PREFIX:list, List all $PLUGIN_SERVICE services
     $PLUGIN_COMMAND_PREFIX:logs <name> [-t], Print the most recent log(s) for this service
     $PLUGIN_COMMAND_PREFIX:promote <name> <app>, Promote service <name> as ${PLUGIN_DEFAULT_ALIAS}_URL in <app>
     $PLUGIN_COMMAND_PREFIX:restart <name>, Graceful shutdown and restart of the $PLUGIN_SERVICE service container
     $PLUGIN_COMMAND_PREFIX:start <name>, Start a previously stopped $PLUGIN_SERVICE service
     $PLUGIN_COMMAND_PREFIX:stop <name>, Stop a running $PLUGIN_SERVICE service
     $PLUGIN_COMMAND_PREFIX:unexpose <name>, Unexpose a previously exposed $PLUGIN_SERVICE service
-    $PLUGIN_COMMAND_PREFIX:unlink <name> <app>, Unlink the $PLUGIN_SERVICE service from the app
+    $PLUGIN_COMMAND_PREFIX:unlink <name> <app> [--user user] [--database database], Unlink the $PLUGIN_SERVICE service from the app
 help_content
     }
 

common-functions

@@ -196,7 +196,8 @@ service_info() {
   declare desc="Retrieves information about a given service"
   declare SERVICE="$1" INFO_FLAG="$2"
   local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE"
-  local SERVICE_URL=$(service_url "$SERVICE")
+  local PASSWORD=$(cat "$SERVICE_ROOT/auth/postgres")
+  local SERVICE_URL=$(service_url "$SERVICE" postgres "$PASSWORD" "$SERVICE")
   local PORT_FILE="$SERVICE_ROOT/PORT"
   local SERVICE_CONTAINER_ID="$(cat "$SERVICE_ROOT/ID")"
   local flag key valid_flags
@@ -235,9 +236,13 @@ service_link() {
   declare desc="Links a service to an application"
   declare SERVICE="$1" APP="$2"
   update_plugin_scheme_for_app "$APP"
-  local SERVICE_URL=$(service_url "$SERVICE")
-  local SERVICE_NAME="$(get_service_name "$SERVICE")"
   local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE"
+  check_auth_migration "$SERVICE"
+  local USER=${3:-postgres}
+  local DATABASE=${4:-$(get_database_name "$SERVICE")}
+  local PASSWORD=$(cat "$SERVICE_ROOT/auth/$USER")
+  local SERVICE_URL=$(service_url "$SERVICE" "$USER" "$PASSWORD" "$DATABASE")
+  local SERVICE_NAME="$(get_service_name "$SERVICE")"
   local EXISTING_CONFIG=$(config_all "$APP")
   local LINK=$(echo "$EXISTING_CONFIG" | grep "$SERVICE_URL" | cut -d: -f1) || true
   local DEFAULT_ALIAS=$(echo "$EXISTING_CONFIG" | grep "${PLUGIN_DEFAULT_ALIAS}_URL") || true
@@ -447,8 +452,12 @@ service_stop() {
 service_unlink() {
   declare desc="Unlinks an application from a service"
   declare SERVICE="$1" APP="$2"
+  local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE"
+  local USER=${3:-postgres}
+  local PASSWORD=$(cat "$SERVICE_ROOT/auth/$USER")
+  local DATABASE=${4:-$(get_database_name "$SERVICE")}
   update_plugin_scheme_for_app "$APP"
-  local SERVICE_URL=$(service_url "$SERVICE")
+  local SERVICE_URL=$(service_url "$SERVICE" "$USER" "$PASSWORD" "$DATABASE")
   local SERVICE_NAME="$(get_service_name "$SERVICE")"
   local EXISTING_CONFIG=$(config_all "$APP")
   local SERVICE_ALIAS=$(service_alias "$SERVICE")
@@ -490,3 +499,37 @@ verify_service_name() {
   [[ ! -d "$PLUGIN_DATA_ROOT/$SERVICE" ]] && dokku_log_fail "$PLUGIN_SERVICE service $SERVICE does not exist"
   return 0
 }
+
+verify_user_name() {
+  declare desc="Verifies that a user exists"
+  declare SERVICE="$1" USER="$2"
+  [[ ! -n "$SERVICE" ]] && dokku_log_fail "(verify_user_name) SERVICE must not be null"
+  [[ ! -n "$USER" ]] && dokku_log_fail "(verify_user_name) SERVICE must not be null"
+  [[ ! -f "$PLUGIN_DATA_ROOT/$SERVICE/auth/$USER" ]] && dokku_log_fail "$PLUGIN_SERVICE user $USER for service $SERVICE does not exist"
+  return 0
+}
+
+verify_database_name() {
+  declare desc="Verifies that a database exists"
+  declare SERVICE="$1"
+  declare DATABASE="$2"
+  [[ ! -n "$SERVICE" ]] && dokku_log_fail "(verify_service_name) SERVICE must not be null"
+  [[ ! -n "$DATABASE" ]] && dokku_log_fail "(verify_service_name) DATABASE must not be null"
+  [[ ! -f "$PLUGIN_DATA_ROOT/$SERVICE/databases/$DATABASE" ]] && dokku_log_fail "$PLUGIN_SERVICE database $DATABASE for service $SERVICE does not exist"
+  return 0
+}
+
+check_auth_migration() {
+  declare desc="Check whether root credentials need to be migrated into multi-user format and do so if needed"
+  declare SERVICE="$1"
+  [[ ! -n "$SERVICE" ]] && dokku_log_fail "(verify_service_name) SERVICE must not be null"
+  local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE"
+  if [ -f "$SERVICE_ROOT/PASSWORD" ]; then
+    dokku_log_verbose_quiet "Migrating root user to multi-user format"
+    local AUTH_DIR="$SERVICE_ROOT/auth"
+    mkdir -p "$AUTH_DIR"
+    chmod 750 "$AUTH_DIR"
+    mv "$SERVICE_ROOT/PASSWORD" "$AUTH_DIR/postgres"
+    touch "$SERVICE_ROOT/databases/$SERVICE"
+  fi
+}

functions

@@ -27,8 +27,8 @@ service_create() {
   chmod 750 "$SERVICE_ROOT/auth"
   touch "$LINKS_FILE"
   password=$(openssl rand -hex 16)
-  echo "$password" > "$SERVICE_ROOT/auth/PASSWORD"
-  chmod 640 "$SERVICE_ROOT/PASSWORD"
+  echo "$password" > "$SERVICE_ROOT/auth/postgres"
+  chmod 640 "$SERVICE_ROOT/auth/postgres"
 
   if [[ -n $POSTGRES_CUSTOM_ENV ]]; then
     echo "$POSTGRES_CUSTOM_ENV" | tr ';' "\n" > "$SERVICE_ROOT/ENV"
@@ -44,12 +44,14 @@ database_create() {
   [[ -z "$SERVICE" ]] && dokku_log_fail "Please specify a name for the service"
   [[ -z "$NAME" ]] && dokku_log_fail "Please specify a name for the database"
 
+  check_auth_migration "$SERVICE"
+
   local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE"
   local SERVICE_NAME="$(get_service_name "$SERVICE")"
 
   dokku_log_verbose_quiet "Creating user"
   password=$(openssl rand -hex 16)
-  if docker exec "$SERVICE_NAME" su - postgres -c "psql -c \"CREATE USER $NAME WITH PASSWORD '$password';\"" 2> /dev/null; then
+  if docker exec "$SERVICE_NAME" su - postgres -c "psql -c \"CREATE USER $NAME WITH PASSWORD '$password';\"" > /dev/null 2>&1; then
     echo "$password" > "$SERVICE_ROOT/auth/$NAME"
     chmod 640 "$SERVICE_ROOT/auth/$NAME"
   else
@@ -69,7 +71,7 @@ service_create_container() {
   local SERVICE="$1"
   local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE"
   local SERVICE_NAME="$(get_service_name "$SERVICE")"
-  local PASSWORD="$(cat "$SERVICE_ROOT/PASSWORD")"
+  local PASSWORD="$(cat "$SERVICE_ROOT/auth/postgres")"
   local PREVIOUS_ID
 
   ID=$(docker run --name "$SERVICE_NAME" -v "$SERVICE_ROOT/data:/var/lib/postgresql/data" -e "POSTGRES_PASSWORD=$PASSWORD" --env-file="$SERVICE_ROOT/ENV" -d --restart always --label dokku=service --label dokku.service=postgres "$PLUGIN_IMAGE:$PLUGIN_IMAGE_VERSION")
@@ -99,7 +101,7 @@ service_export() {
   local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE"
   local SERVICE_NAME="$(get_service_name "$SERVICE")"
   local DATABASE_NAME="$(get_database_name "$SERVICE")"
-  local PASSWORD="$(cat "$SERVICE_ROOT/PASSWORD")"
+  local PASSWORD="$(cat "$SERVICE_ROOT/auth/postgres")"
 
   [[ -n $SSH_TTY ]] && stty -opost
   docker exec "$SERVICE_NAME" env PGPASSWORD="$PASSWORD" pg_dump -Fc --no-acl --no-owner -h localhost -U postgres -w "$DATABASE_NAME"
@@ -113,7 +115,7 @@ service_import() {
   SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE"
   SERVICE_NAME="$(get_service_name "$SERVICE")"
   DATABASE_NAME="$(get_database_name "$SERVICE")"
-  PASSWORD="$(cat "$SERVICE_ROOT/PASSWORD")"
+  PASSWORD="$(cat "$SERVICE_ROOT/auth/postgres")"
 
   if [[ -t 0 ]]; then
     dokku_log_fail "No data provided on stdin."
@@ -135,7 +137,7 @@ service_start() {
   dokku_log_info1_quiet "Starting container"
   local PREVIOUS_ID=$(docker ps -f status=exited | grep -e "$SERVICE_NAME$" | awk '{print $1}') || true
   local IMAGE_EXISTS=$(docker images | grep -e "^$PLUGIN_IMAGE " | grep -q " $PLUGIN_IMAGE_VERSION " && true)
-  local PASSWORD="$(cat "$SERVICE_ROOT/PASSWORD")"
+  local PASSWORD="$(cat "$SERVICE_ROOT/auth/postgres")"
 
   if [[ -n $PREVIOUS_ID ]]; then
     docker start "$PREVIOUS_ID" > /dev/null
@@ -152,8 +154,9 @@ service_url() {
   local SERVICE="$1"
   local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE"
 
-  local PASSWORD="$(cat "$SERVICE_ROOT/PASSWORD")"
-  local DATABASE_NAME="$(get_database_name "$SERVICE")"
+  local USER="$2"  # postgres
+  local PASSWORD="$3"
+  local DATABASE_NAME="$4"
   local SERVICE_ALIAS="$(service_alias "$SERVICE")"
-  echo "$PLUGIN_SCHEME://postgres:$PASSWORD@$SERVICE_ALIAS:${PLUGIN_DATASTORE_PORTS[0]}/$DATABASE_NAME"
+  echo "$PLUGIN_SCHEME://$USER:$PASSWORD@$SERVICE_ALIAS:${PLUGIN_DATASTORE_PORTS[0]}/$DATABASE_NAME"
 }

subcommands/link

@@ -7,14 +7,35 @@ source "$(dirname "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)")/functions"
 postgres-link-cmd() {
   declare desc="link the $PLUGIN_SERVICE service to the app"
   local cmd="$PLUGIN_COMMAND_PREFIX:link" argv=("$@"); [[ ${argv[0]} == "$cmd" ]] && shift 1
-  declare SERVICE="$1" APP="$2"
+
+  local USER=''
+
+  local next_index=1; local skip=false; local args=("$@"); local positional=()
+  for arg in "$@"; do
+    $skip && skip=false && local next_index=$(( next_index + 1 )) && continue
+    case "$arg" in
+      --user)
+        USER=${args[$next_index]}; skip=true
+        ;;
+      --database)
+        DATABASE=${args[$next_index]}; skip=true
+        ;;
+      *)
+        positional+=("$arg")
+    esac
+    local next_index=$(( next_index + 1 ))
+  done
+
+  declare SERVICE="${positional[0]}" APP="${positional[1]}"
   APP=${APP:="$DOKKU_APP_NAME"}
 
   [[ -z "$SERVICE" ]] && dokku_log_fail "Please specify a name for the service"
   [[ -z "$APP" ]] && dokku_log_fail "Please specify an app to run the command on"
   verify_app_name "$APP"
   verify_service_name "$SERVICE"
-  service_link "$SERVICE" "$APP"
+  [[ -z "$USER" ]] || verify_user_name "$SERVICE" "$USER"
+  [[ -z "$DATABASE" ]] || verify_database_name "$SERVICE" "$DATABASE"
+  service_link "$SERVICE" "$APP" "$USER" "$DATABASE"
 }
 
 postgres-link-cmd "$@"

subcommands/unlink

@@ -10,11 +10,33 @@ postgres-unlink-cmd() {
   declare SERVICE="$1" APP="$2"
   APP=${APP:="$DOKKU_APP_NAME"}
 
+  local USER=''
+
+  local next_index=1; local skip=false; local args=("$@"); local positional=()
+  for arg in "$@"; do
+    $skip && skip=false && local next_index=$(( next_index + 1 )) && continue
+    case "$arg" in
+      --user)
+        USER=${args[$next_index]}; skip=true
+        ;;
+      --database)
+        DATABASE=${args[$next_index]}; skip=true
+        ;;
+      *)
+        positional+=("$arg")
+    esac
+    local next_index=$(( next_index + 1 ))
+  done
+
+  declare SERVICE="${positional[0]}" APP="${positional[1]}"
+
   [[ -z "$SERVICE" ]] && dokku_log_fail "Please specify a name for the service"
   [[ -z "$APP" ]] && dokku_log_fail "Please specify an app to run the command on"
   verify_app_name "$APP"
   verify_service_name "$SERVICE"
-  service_unlink "$SERVICE" "$APP"
+  [[ -z "$DATABASE" ]] || verify_database_name "$SERVICE" "$DATABASE"
+  [[ -z "$USER" ]] || verify_user_name "$SERVICE" "$USER"
+  service_unlink "$SERVICE" "$APP" "$USER" "$DATABASE"
 }
 
 postgres-unlink-cmd "$@"