You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@trafficcontrol.apache.org by da...@apache.org on 2017/04/14 20:23:25 UTC

[01/13] incubator-trafficcontrol git commit: changed usage a bit for pgpass

Repository: incubator-trafficcontrol
Updated Branches:
  refs/heads/master 5f53c1c80 -> bcd375952


changed usage a bit for pgpass


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/bcd37595
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/bcd37595
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/bcd37595

Branch: refs/heads/master
Commit: bcd375952d5bd22d3006b10058009f2eca8bd6e1
Parents: 96dd7fe
Author: Dewayne Richardson <de...@apache.org>
Authored: Fri Apr 14 14:15:51 2017 -0600
Committer: Dan Kirkwood <da...@gmail.com>
Committed: Fri Apr 14 14:22:51 2017 -0600

----------------------------------------------------------------------
 traffic_ops/app/db/admin.pl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/bcd37595/traffic_ops/app/db/admin.pl
----------------------------------------------------------------------
diff --git a/traffic_ops/app/db/admin.pl b/traffic_ops/app/db/admin.pl
index e904880..baf9b9b 100755
--- a/traffic_ops/app/db/admin.pl
+++ b/traffic_ops/app/db/admin.pl
@@ -42,7 +42,7 @@ my $usage = "\n"
 	. "If the 'postgres' superuser has not been created or password has not been set then run the following commands accordingly. \n\n"
 	. "Create the 'postgres' user as a super user (if not created):\n\n"
 	. "     \$ createuser postgres --superuser --createrole --createdb --login --pwprompt\n\n"
-	. "Postgres Password: file allows for easy command line access by defaulting the user and password for the database\n"
+	. "Modify your $HOME/.pgpass file which allows for easy command line access by defaulting the user and password for the database\n"
 	. "without prompts.\n\n"
 	. " Postgres .pgpass file format:\n"
 	. " hostname:port:database:username:password\n\n"

[04/13] incubator-trafficcontrol git commit: switched the goose user to be postgres

Posted by da...@apache.org.

switched the goose user to be postgres


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/74d2baf4
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/74d2baf4
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/74d2baf4

Branch: refs/heads/master
Commit: 74d2baf45170da1bcb056e7b9bd5f42dba84d15e
Parents: 5f53c1c
Author: Dewayne Richardson <de...@apache.org>
Authored: Wed Apr 12 14:46:52 2017 -0600
Committer: Dan Kirkwood <da...@gmail.com>
Committed: Fri Apr 14 14:22:51 2017 -0600

----------------------------------------------------------------------
 traffic_ops/app/db/dbconf.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/74d2baf4/traffic_ops/app/db/dbconf.yml
----------------------------------------------------------------------
diff --git a/traffic_ops/app/db/dbconf.yml b/traffic_ops/app/db/dbconf.yml
index 6c79b95..3a7cdf3 100755
--- a/traffic_ops/app/db/dbconf.yml
+++ b/traffic_ops/app/db/dbconf.yml
@@ -19,17 +19,17 @@ name: dbconf.yml
 
 development:
   driver: postgres
-  open: host=127.0.0.1 port=5432 user=traffic_ops password=twelve dbname=to_development sslmode=disable
+  open: host=127.0.0.1 port=5432 user=postgres password=twelve dbname=to_development sslmode=disable
 
 test:
   driver: postgres
-  open: host=127.0.0.1 port=5432 user=traffic_ops password=twelve dbname=to_test sslmode=disable
+  open: host=127.0.0.1 port=5432 user=postgres password=twelve dbname=to_test sslmode=disable
 
 integration:
   driver: postgres
-  open: host=127.0.0.1 port=5432 user=traffic_ops password=twelve dbname=to_integration sslmode=disable
+  open: host=127.0.0.1 port=5432 user=postgres password=twelve dbname=to_integration sslmode=disable
 
 production:
   driver: postgres
-  open: host=127.0.0.1 port=5432 user=traffic_ops password=twelve dbname=traffic_ops sslmode=disable
+  open: host=127.0.0.1 port=5432 user=postgres password=twelve dbname=traffic_ops sslmode=disable

[09/13] incubator-trafficcontrol git commit: changed the createdb to use the newly created traffic_ops user

Posted by da...@apache.org.

changed the createdb to use the newly created traffic_ops user


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/9937a384
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/9937a384
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/9937a384

Branch: refs/heads/master
Commit: 9937a384044d090f184cc9175972e4de6e04db10
Parents: 3b53fbf
Author: Dewayne Richardson <de...@apache.org>
Authored: Thu Apr 13 13:59:39 2017 -0600
Committer: Dan Kirkwood <da...@gmail.com>
Committed: Fri Apr 14 14:22:51 2017 -0600

----------------------------------------------------------------------
 traffic_ops/app/db/admin.pl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/9937a384/traffic_ops/app/db/admin.pl
----------------------------------------------------------------------
diff --git a/traffic_ops/app/db/admin.pl b/traffic_ops/app/db/admin.pl
index c11fffb..e5a0e15 100755
--- a/traffic_ops/app/db/admin.pl
+++ b/traffic_ops/app/db/admin.pl
@@ -207,7 +207,7 @@ sub createdb {
 		print "Database $db_name already exists\n";
 		return;
 	}
-    my $cmd = "createdb -h $host_ip -p $host_port -U $db_super_user --owner $db_user $db_name;";
+    my $cmd = "createdb -h $host_ip -p $host_port -U $db_user --owner $db_user $db_name;";
 	if ( system($cmd) != 0 ) {
 		die "Can't create db $db_name\n";
 	}

[11/13] incubator-trafficcontrol git commit: create role because its not there to alter and also need a few more permissions on the postgres role

Posted by da...@apache.org.

create role because its not there to alter and also need a few more permissions on the postgres role


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/ed11e01e
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/ed11e01e
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/ed11e01e

Branch: refs/heads/master
Commit: ed11e01ef7a33f48cb1b4961c79ae724ea5e6592
Parents: 9937a38
Author: Jeremy Mitchell <mi...@gmail.com>
Authored: Thu Apr 13 14:28:55 2017 -0600
Committer: Dan Kirkwood <da...@gmail.com>
Committed: Fri Apr 14 14:22:51 2017 -0600

----------------------------------------------------------------------
 traffic_ops/app/db/admin.pl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/ed11e01e/traffic_ops/app/db/admin.pl
----------------------------------------------------------------------
diff --git a/traffic_ops/app/db/admin.pl b/traffic_ops/app/db/admin.pl
index e5a0e15..6f78f26 100755
--- a/traffic_ops/app/db/admin.pl
+++ b/traffic_ops/app/db/admin.pl
@@ -43,7 +43,7 @@ my $usage = "\n"
 	. "Create the 'postgres' user (if not created):\n"
 	. "     \$ createuser postgres\n\n"
 	. "Set the 'postgres' user password:\n"
-	. "     ALTER ROLE postgres WITH ENCRYPTED PASSWORD 'yourpassword'; \n\n"
+	. "     CREATE ROLE postgres WITH CREATEROLE LOGIN ENCRYPTED PASSWORD 'yourpassword'; \n\n"
 	. "Postgres Password: file allows for easy command line access by defaulting the user and password for the database\n"
 	. "without prompts.\n\n"
 	. " Postgres .pgpass file format:\n"

[02/13] incubator-trafficcontrol git commit: changed the usage to createuser postgres from the command line

Posted by da...@apache.org.

changed the usage to createuser postgres from the command line


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/1f4f9e50
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/1f4f9e50
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/1f4f9e50

Branch: refs/heads/master
Commit: 1f4f9e50b58e875ba1f1b2f18dfc46e8d8c1de06
Parents: 60e0dae
Author: Dewayne Richardson <de...@apache.org>
Authored: Fri Apr 14 08:35:53 2017 -0600
Committer: Dan Kirkwood <da...@gmail.com>
Committed: Fri Apr 14 14:22:51 2017 -0600

----------------------------------------------------------------------
 traffic_ops/app/db/admin.pl | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/1f4f9e50/traffic_ops/app/db/admin.pl
----------------------------------------------------------------------
diff --git a/traffic_ops/app/db/admin.pl b/traffic_ops/app/db/admin.pl
index b7dfcc7..95ac239 100755
--- a/traffic_ops/app/db/admin.pl
+++ b/traffic_ops/app/db/admin.pl
@@ -40,10 +40,8 @@ my $usage = "\n"
 	. "NOTE: \n"
 	. "Postgres Superuser: The 'postgres' superuser needs to be created to run $PROGRAM_NAME and setup databases.\n"
 	. "If the 'postgres' superuser has not been created or password has not been set then run the following commands accordingly. \n\n"
-	. "Create the 'postgres' user as a super user (if not created):\n"
-	. "     \$ createuser postgres -s -r -d\n\n"
-	. "Set the 'postgres' user password:\n"
-	. "     CREATE ROLE postgres WITH CREATEROLE CREATEDB LOGIN ENCRYPTED PASSWORD 'yourpassword'; \n\n"
+	. "Create the 'postgres' user as a super user (if not created):\n\n"
+	. "     \$ createuser postgres --superuser --createrole --createdb --login --pwprompt\n\n"
 	. "Postgres Password: file allows for easy command line access by defaulting the user and password for the database\n"
 	. "without prompts.\n\n"
 	. " Postgres .pgpass file format:\n"

[03/13] incubator-trafficcontrol git commit: added existence check on the create_user

Posted by da...@apache.org.

added existence check on the create_user


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/3b53fbfb
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/3b53fbfb
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/3b53fbfb

Branch: refs/heads/master
Commit: 3b53fbfb18f0a6557e7f93aeaeedf0905bcea40d
Parents: ce92d6f
Author: Dewayne Richardson <de...@apache.org>
Authored: Thu Apr 13 13:52:23 2017 -0600
Committer: Dan Kirkwood <da...@gmail.com>
Committed: Fri Apr 14 14:22:51 2017 -0600

----------------------------------------------------------------------
 traffic_ops/app/db/admin.pl | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/3b53fbfb/traffic_ops/app/db/admin.pl
----------------------------------------------------------------------
diff --git a/traffic_ops/app/db/admin.pl b/traffic_ops/app/db/admin.pl
index 4788a2a..c11fffb 100755
--- a/traffic_ops/app/db/admin.pl
+++ b/traffic_ops/app/db/admin.pl
@@ -202,7 +202,6 @@ sub dropdb {
 }
 
 sub createdb {
-	create_user();
 	my $db_exists = `psql -h $host_ip -U $db_user -p $host_port -tAc "SELECT 1 FROM pg_database WHERE datname='$db_name'"`;
 	if ($db_exists) {
 		print "Database $db_name already exists\n";
@@ -216,11 +215,14 @@ sub createdb {
 }
 
 sub create_user {
-	my $user_exists = `psql -h $host_ip -p $host_port -U $db_user -tAc "SELECT 1 FROM pg_roles WHERE rolname='$db_user'"`;
+	print "Creating user: $db_user\n";
+	my $user_exists = `psql -h $host_ip -p $host_port -U $db_super_user -tAc "SELECT 1 FROM pg_roles WHERE rolname='$db_user'"`;
 
-	my $cmd = "CREATE USER $db_user WITH LOGIN ENCRYPTED PASSWORD '$db_password'";
-	if ( system(qq{psql -h $host_ip -p $host_port -U $db_super_user -tAc "$cmd"}) != 0 ) {
-		die "Can't create user $db_user\n";
+	if (!$user_exists) {
+		my $cmd = "CREATE USER $db_user WITH CREATEDB CREATEROLE LOGIN ENCRYPTED PASSWORD '$db_password'";
+		if ( system(qq{psql -h $host_ip -p $host_port -U $db_super_user -tAc "$cmd"}) != 0 ) {
+			die "Can't create user $db_user\n";
+		}
 	}
 }

[12/13] incubator-trafficcontrol git commit: updated comments and output

Posted by da...@apache.org.

updated comments and output


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/96dd7fef
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/96dd7fef
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/96dd7fef

Branch: refs/heads/master
Commit: 96dd7fef1ed860e2b3f66287d555bf8768056d19
Parents: 1f4f9e5
Author: Dewayne Richardson <de...@apache.org>
Authored: Fri Apr 14 08:43:37 2017 -0600
Committer: Dan Kirkwood <da...@gmail.com>
Committed: Fri Apr 14 14:22:51 2017 -0600

----------------------------------------------------------------------
 traffic_ops/app/db/admin.pl | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/96dd7fef/traffic_ops/app/db/admin.pl
----------------------------------------------------------------------
diff --git a/traffic_ops/app/db/admin.pl b/traffic_ops/app/db/admin.pl
index 95ac239..e904880 100755
--- a/traffic_ops/app/db/admin.pl
+++ b/traffic_ops/app/db/admin.pl
@@ -49,8 +49,8 @@ my $usage = "\n"
 	. " ----------------------\n"
 	. " Example Contents\n"
 	. " ----------------------\n"
-	. " *:*:*:postgres:yourpassword \n"
-	. " *:*:*:traffic_ops:yourpassword \n"
+	. " *:*:*:postgres:your-postgres-password \n"
+	. " *:*:*:traffic_ops:the-password-in-dbconf.yml \n"
 	. " ----------------------\n\n"
 	. " Save the following example into this file $HOME/.pgpass with the permissions of this file\n"
 	. " so only $USER can read and write.\n\n"
@@ -58,15 +58,15 @@ my $usage = "\n"
 	. "===================================================================================================================\n"
 	. "$PROGRAM_NAME arguments:   \n\n"
 	. "createdb  - Execute db 'createdb' the database for the current environment.\n"
+	. "create_user  - Execute 'create_user' the user for the current environment (traffic_ops).\n"
 	. "dropdb  - Execute db 'dropdb' on the database for the current environment.\n"
 	. "down  - Roll back a single migration from the current version.\n"
-	. "create_user  - Execute 'create_user' the user for the current environment (traffic_ops).\n"
 	. "drop_user  - Execute 'drop_user' the user for the current environment (traffic_ops).\n"
-	. "show_users  - Execute sql to show all of the user for the current environment.\n"
 	. "redo  - Roll back the most recently applied migration, then run it again.\n"
 	. "reset  - Execute db 'dropdb', 'createdb', load_schema, migrate on the database for the current environment.\n"
 	. "reverse_schema  - Reverse engineer the lib/Schema/Result files from the environment database.\n"
 	. "seed  - Execute sql from db/seeds.sql for loading static data.\n"
+	. "show_users  - Execute sql to show all of the user for the current environment.\n"
 	. "status  - Print the status of all migrations.\n"
 	. "upgrade  - Execute migrate then seed on the database for the current environment.\n";

[10/13] incubator-trafficcontrol git commit: removed the replication user variable

Posted by da...@apache.org.

removed the replication user variable


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/ce92d6fc
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/ce92d6fc
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/ce92d6fc

Branch: refs/heads/master
Commit: ce92d6fcdd0f4babc7dcb975a4f0e6372670b759
Parents: 35e549b
Author: Dewayne Richardson <de...@apache.org>
Authored: Thu Apr 13 13:06:53 2017 -0600
Committer: Dan Kirkwood <da...@gmail.com>
Committed: Fri Apr 14 14:22:51 2017 -0600

----------------------------------------------------------------------
 traffic_ops/app/db/admin.pl | 1 -
 1 file changed, 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/ce92d6fc/traffic_ops/app/db/admin.pl
----------------------------------------------------------------------
diff --git a/traffic_ops/app/db/admin.pl b/traffic_ops/app/db/admin.pl
index 383832c..4788a2a 100755
--- a/traffic_ops/app/db/admin.pl
+++ b/traffic_ops/app/db/admin.pl
@@ -78,7 +78,6 @@ my $db_protocol;
 # you don't have to specify --env=development for dev workstations
 my $db_name     = 'to_development';
 my $db_super_user = 'postgres';
-my $db_replication_user = 'to_replication';
 my $db_user = 'traffic_ops';
 my $db_password = '';
 my $host_ip     = '';

[08/13] incubator-trafficcontrol git commit: fixed usage and removed the update_pgpass subroutine

Posted by da...@apache.org.

fixed usage and removed the update_pgpass subroutine


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/35e549b9
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/35e549b9
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/35e549b9

Branch: refs/heads/master
Commit: 35e549b9bb031e9fee7d0ec511b54b99d4eec506
Parents: a6bf558
Author: Dewayne Richardson <de...@apache.org>
Authored: Thu Apr 13 13:05:53 2017 -0600
Committer: Dan Kirkwood <da...@gmail.com>
Committed: Fri Apr 14 14:22:51 2017 -0600

----------------------------------------------------------------------
 traffic_ops/app/db/admin.pl | 26 +-------------------------
 1 file changed, 1 insertion(+), 25 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/35e549b9/traffic_ops/app/db/admin.pl
----------------------------------------------------------------------
diff --git a/traffic_ops/app/db/admin.pl b/traffic_ops/app/db/admin.pl
index e8391b8..383832c 100755
--- a/traffic_ops/app/db/admin.pl
+++ b/traffic_ops/app/db/admin.pl
@@ -39,7 +39,7 @@ my $usage = "\n"
 	. "          defined in the dbconf.yml, as well as the database names.\n\n"
 	. "NOTE: \n"
 	. "Postgres Superuser: The 'postgres' superuser needs to be created to run $PROGRAM_NAME and setup databases.\n"
-	. "If the 'postgres' superuser hasn't been created or password has been set then run the following commands accordingly. \n\n"
+	. "If the 'postgres' superuser has not been created or password has not been set then run the following commands accordingly. \n\n"
 	. "Create the 'postgres' user (if not created):\n"
 	. "     \$ createuser postgres\n\n"
 	. "Set the 'postgres' user password:\n"
@@ -223,7 +223,6 @@ sub create_user {
 	if ( system(qq{psql -h $host_ip -p $host_port -U $db_super_user -tAc "$cmd"}) != 0 ) {
 		die "Can't create user $db_user\n";
 	}
-	update_pgpass($db_user, $db_password);
 }
 
 sub drop_user {
@@ -254,26 +253,3 @@ sub reverse_schema {
 	);
 }
 
-sub update_pgpass {
-
-	my ($username, $password) = @_;
-
-	my $rfh;  # read file handle
-	my $pgpass = "$HOME/.pgpass";
-	my $wfh;  # write file handle
-	open($wfh, '>>', $pgpass) or die "Could not open file '$pgpass' $!";
-	open($rfh, '<', $pgpass) or die "Could not open file '$pgpass' $!";
-	my $user_plus_password = "$username:$password";
-	my $foo = sprintf("%s:%s\n", $username, $password);
-	if (! grep{/$user_plus_password/} <$rfh>){
-	  print $wfh "*:*:*:$user_plus_password\n";
-	  print "Updated $HOME/.pgpass\n";
-	}
-
-	# tighten the permission for security and Postgres
-	chmod 0600, $wfh or die "Couldn't chmod $wfh $!";
-
-	close $wfh;
-	close $rfh;
-}
-

[07/13] incubator-trafficcontrol git commit: added better usage and removed the create_user function

Posted by da...@apache.org.

added better usage and removed the create_user function


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/a6bf5588
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/a6bf5588
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/a6bf5588

Branch: refs/heads/master
Commit: a6bf558867ef8688c453567e103e9e2f706d9e4d
Parents: d7494ad
Author: Dewayne Richardson <de...@apache.org>
Authored: Thu Apr 13 10:47:09 2017 -0600
Committer: Dan Kirkwood <da...@gmail.com>
Committed: Fri Apr 14 14:22:51 2017 -0600

----------------------------------------------------------------------
 traffic_ops/app/db/admin.pl | 53 +++++++++++++++++-----------------------
 1 file changed, 23 insertions(+), 30 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/a6bf5588/traffic_ops/app/db/admin.pl
----------------------------------------------------------------------
diff --git a/traffic_ops/app/db/admin.pl b/traffic_ops/app/db/admin.pl
index 3e9488d..e8391b8 100755
--- a/traffic_ops/app/db/admin.pl
+++ b/traffic_ops/app/db/admin.pl
@@ -37,11 +37,30 @@ my $usage = "\n"
 	. "Example:  $PROGRAM_NAME --env=test reset\n\n"
 	. "Purpose:  This script is used to manage database. The environments are\n"
 	. "          defined in the dbconf.yml, as well as the database names.\n\n"
-	. "arguments:   \n\n"
+	. "NOTE: \n"
+	. "Postgres Superuser: The 'postgres' superuser needs to be created to run $PROGRAM_NAME and setup databases.\n"
+	. "If the 'postgres' superuser hasn't been created or password has been set then run the following commands accordingly. \n\n"
+	. "Create the 'postgres' user (if not created):\n"
+	. "     \$ createuser postgres\n\n"
+	. "Set the 'postgres' user password:\n"
+	. "     ALTER ROLE postgres WITH ENCRYPTED PASSWORD 'yourpassword'; \n\n"
+	. "Postgres Password: file allows for easy command line access by defaulting the user and password for the database\n"
+	. "without prompts.\n\n"
+	. " Postgres .pgpass file format:\n"
+	. " hostname:port:database:username:password\n\n"
+	. " ----------------------\n"
+	. " Example Contents\n"
+	. " ----------------------\n"
+	. " *:*:*:postgres:yourpassword \n"
+	. " ----------------------\n\n"
+	. " Save the following example into this file $HOME/.pgpass with the permissions of this file\n"
+	. " so only $USER can read and write.\n\n"
+	. "     \$ chmod 0600 $HOME/.pgpass\n\n"
+	. "===================================================================================================================\n"
+	. "$PROGRAM_NAME arguments:   \n\n"
 	. "createdb  - Execute db 'createdb' the database for the current environment.\n"
 	. "dropdb  - Execute db 'dropdb' on the database for the current environment.\n"
 	. "down  - Roll back a single migration from the current version.\n"
-	. "create_superuser  - Execute 'create_superuser' the user for the current environment (postgres).\n"
 	. "create_user  - Execute 'create_user' the user for the current environment (traffic_ops).\n"
 	. "drop_user  - Execute 'drop_user' the user for the current environment (traffic_ops).\n"
 	. "show_users  - Execute sql to show all of the user for the current environment.\n"
@@ -59,6 +78,7 @@ my $db_protocol;
 # you don't have to specify --env=development for dev workstations
 my $db_name     = 'to_development';
 my $db_super_user = 'postgres';
+my $db_replication_user = 'to_replication';
 my $db_user = 'traffic_ops';
 my $db_password = '';
 my $host_ip     = '';
@@ -77,9 +97,6 @@ if ( defined($argument) ) {
 	elsif ( $argument eq 'dropdb' ) {
 		dropdb();
 	}
-	elsif ( $argument eq 'create_superuser' ) {
-		create_superuser();
-	}
 	elsif ( $argument eq 'create_user' ) {
 		create_user();
 	}
@@ -202,37 +219,13 @@ sub createdb {
 sub create_user {
 	my $user_exists = `psql -h $host_ip -p $host_port -U $db_user -tAc "SELECT 1 FROM pg_roles WHERE rolname='$db_user'"`;
 
-	my $cmd = "CREATE USER $db_user WITH CREATEDB ENCRYPTED PASSWORD '$db_password'";
+	my $cmd = "CREATE USER $db_user WITH LOGIN ENCRYPTED PASSWORD '$db_password'";
 	if ( system(qq{psql -h $host_ip -p $host_port -U $db_super_user -tAc "$cmd"}) != 0 ) {
 		die "Can't create user $db_user\n";
 	}
 	update_pgpass($db_user, $db_password);
 }
 
-sub create_superuser {
-
-	system('stty', '-echo');  # Disable echoing
-	print "Set a password for the 'postgres' superuser: ";
-	my $db_super_user_password = <STDIN>; 
-	chomp $db_super_user_password; 
-	exit 0 if ($db_super_user_password eq ""); # If empty string, exit.
-
-    my $cmd;
-	my $user_exists = `psql -h $host_ip -p $host_port -U $db_super_user -tAc "SELECT 1 FROM pg_roles WHERE rolname='$db_super_user'"`;
-    if  ( $user_exists ) {
-   	   $cmd = "ALTER ROLE $db_super_user WITH ENCRYPTED PASSWORD '$db_super_user_password'";
-	   if ( system(qq{psql -h $host_ip -p $host_port -U $db_super_user -tAc "$cmd"}) != 0 ) {
-		 die "Can't alter user $db_super_user\n";
-	   }
-    } else {
-   	   $cmd = "CREATE USER $db_super_user WITH CREATEDB ENCRYPTED PASSWORD '$db_super_user_password'";
-	   if ( system(qq{psql -h $host_ip -p $host_port -U $db_super_user -tAc "$cmd"}) != 0 ) {
-		 die "Can't create user $db_super_user\n";
-	   }
-    }
-	update_pgpass($db_super_user, $db_super_user_password);
-}
-
 sub drop_user {
 	if ( system("dropuser -h $host_ip -p $host_port -i -e $db_user;") != 0 ) {
 		die "Can't drop user $db_user\n";

[06/13] incubator-trafficcontrol git commit: added the ability to do a create_super_user

Posted by da...@apache.org.

added the ability to do a create_super_user


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/d7494adf
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/d7494adf
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/d7494adf

Branch: refs/heads/master
Commit: d7494adf3e697c52f12b77561ed4b9661a764dd3
Parents: 9d91e98
Author: Dewayne Richardson <de...@apache.org>
Authored: Thu Apr 13 09:01:18 2017 -0600
Committer: Dan Kirkwood <da...@gmail.com>
Committed: Fri Apr 14 14:22:51 2017 -0600

----------------------------------------------------------------------
 traffic_ops/app/db/admin.pl | 120 ++++++++++++++++++++++-----------------
 1 file changed, 68 insertions(+), 52 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/d7494adf/traffic_ops/app/db/admin.pl
----------------------------------------------------------------------
diff --git a/traffic_ops/app/db/admin.pl b/traffic_ops/app/db/admin.pl
index 25d7082..3e9488d 100755
--- a/traffic_ops/app/db/admin.pl
+++ b/traffic_ops/app/db/admin.pl
@@ -41,14 +41,14 @@ my $usage = "\n"
 	. "createdb  - Execute db 'createdb' the database for the current environment.\n"
 	. "dropdb  - Execute db 'dropdb' on the database for the current environment.\n"
 	. "down  - Roll back a single migration from the current version.\n"
-	. "createuser  - Execute 'createuser' the user for the current environment.\n"
-	. "dropuser  - Execute 'dropuser' the user for the current environment.\n"
-	. "showusers  - Execute sql to show all of the user for the current environment.\n"
+	. "create_superuser  - Execute 'create_superuser' the user for the current environment (postgres).\n"
+	. "create_user  - Execute 'create_user' the user for the current environment (traffic_ops).\n"
+	. "drop_user  - Execute 'drop_user' the user for the current environment (traffic_ops).\n"
+	. "show_users  - Execute sql to show all of the user for the current environment.\n"
 	. "redo  - Roll back the most recently applied migration, then run it again.\n"
 	. "reset  - Execute db 'dropdb', 'createdb', load_schema, migrate on the database for the current environment.\n"
 	. "reverse_schema  - Reverse engineer the lib/Schema/Result files from the environment database.\n"
 	. "seed  - Execute sql from db/seeds.sql for loading static data.\n"
-	. "setup  - Execute db dropdb, createdb, load_schema, migrate, seed on the database for the current environment.\n"
 	. "status  - Print the status of all migrations.\n"
 	. "upgrade  - Execute migrate then seed on the database for the current environment.\n";
 
@@ -67,8 +67,6 @@ GetOptions( "env=s" => \$environment );
 $ENV{'MOJO_MODE'} = $environment;
 
 parse_dbconf_yml_pg_driver();
-update_pgpass($db_super_user, $db_password);
-update_pgpass($db_user, $db_password);
 
 STDERR->autoflush(1);
 my $argument = shift(@ARGV);
@@ -79,20 +77,20 @@ if ( defined($argument) ) {
 	elsif ( $argument eq 'dropdb' ) {
 		dropdb();
 	}
-	elsif ( $argument eq 'createuser' ) {
-		createuser();
+	elsif ( $argument eq 'create_superuser' ) {
+		create_superuser();
 	}
-	elsif ( $argument eq 'dropuser' ) {
-		dropuser();
+	elsif ( $argument eq 'create_user' ) {
+		create_user();
 	}
-	elsif ( $argument eq 'showusers' ) {
-		showusers();
+	elsif ( $argument eq 'drop_user' ) {
+		drop_user();
+	}
+	elsif ( $argument eq 'show_users' ) {
+		show_users();
 	}
 	elsif ( $argument eq 'reset' ) {
-        print "db_name: $db_name\n";
-        print "db_user $db_user\n";
-        print "db_super_user $db_super_user\n";
-		createuser();
+		create_user();
 		dropdb();
 		createdb();
 		load_schema();
@@ -102,14 +100,6 @@ if ( defined($argument) ) {
 		migrate('up');
 		seed();
 	}
-	elsif ( $argument eq 'setup' ) {
-		createuser();
-		dropdb();
-		createdb();
-		load_schema();
-		migrate('up');
-		seed();
-	}
 	elsif ( $argument eq 'migrate' ) {
 		migrate('up');
 	}
@@ -165,29 +155,6 @@ sub parse_dbconf_yml_pg_driver {
 	$db_name     = $hash->{dbname};
 }
 
-sub update_pgpass {
-
-	my ($username, $password) = @_;
-
-	my $rfh;  # read file handle
-	my $pgpass = "$HOME/.pgpass";
-	my $wfh;  # write file handle
-	open($wfh, '>>', $pgpass) or die "Could not open file '$pgpass' $!";
-	open($rfh, '<', $pgpass) or die "Could not open file '$pgpass' $!";
-	my $user_plus_password = "$username:$password";
-	my $foo = sprintf("%s:%s\n", $username, $password);
-	if (! grep{/$user_plus_password/} <$rfh>){
-	  print $wfh "*:*:*:$user_plus_password\n";
-	  print "Updated $HOME/.pgpass\n";
-	}
-
-	# tighten the permission for security and Postgres
-	chmod 0600, $wfh or die "Couldn't chmod $wfh $!";
-
-	close $wfh;
-	close $rfh;
-}
-
 sub migrate {
 	my ($command) = @_;
 
@@ -219,7 +186,7 @@ sub dropdb {
 }
 
 sub createdb {
-	createuser();
+	create_user();
 	my $db_exists = `psql -h $host_ip -U $db_user -p $host_port -tAc "SELECT 1 FROM pg_database WHERE datname='$db_name'"`;
 	if ($db_exists) {
 		print "Database $db_name already exists\n";
@@ -232,22 +199,47 @@ sub createdb {
 
 }
 
-sub createuser {
+sub create_user {
 	my $user_exists = `psql -h $host_ip -p $host_port -U $db_user -tAc "SELECT 1 FROM pg_roles WHERE rolname='$db_user'"`;
 
 	my $cmd = "CREATE USER $db_user WITH CREATEDB ENCRYPTED PASSWORD '$db_password'";
 	if ( system(qq{psql -h $host_ip -p $host_port -U $db_super_user -tAc "$cmd"}) != 0 ) {
-		#die "Can't create user $db_user\n";
+		die "Can't create user $db_user\n";
 	}
+	update_pgpass($db_user, $db_password);
+}
+
+sub create_superuser {
+
+	system('stty', '-echo');  # Disable echoing
+	print "Set a password for the 'postgres' superuser: ";
+	my $db_super_user_password = <STDIN>; 
+	chomp $db_super_user_password; 
+	exit 0 if ($db_super_user_password eq ""); # If empty string, exit.
+
+    my $cmd;
+	my $user_exists = `psql -h $host_ip -p $host_port -U $db_super_user -tAc "SELECT 1 FROM pg_roles WHERE rolname='$db_super_user'"`;
+    if  ( $user_exists ) {
+   	   $cmd = "ALTER ROLE $db_super_user WITH ENCRYPTED PASSWORD '$db_super_user_password'";
+	   if ( system(qq{psql -h $host_ip -p $host_port -U $db_super_user -tAc "$cmd"}) != 0 ) {
+		 die "Can't alter user $db_super_user\n";
+	   }
+    } else {
+   	   $cmd = "CREATE USER $db_super_user WITH CREATEDB ENCRYPTED PASSWORD '$db_super_user_password'";
+	   if ( system(qq{psql -h $host_ip -p $host_port -U $db_super_user -tAc "$cmd"}) != 0 ) {
+		 die "Can't create user $db_super_user\n";
+	   }
+    }
+	update_pgpass($db_super_user, $db_super_user_password);
 }
 
-sub dropuser {
+sub drop_user {
 	if ( system("dropuser -h $host_ip -p $host_port -i -e $db_user;") != 0 ) {
 		die "Can't drop user $db_user\n";
 	}
 }
 
-sub showusers {
+sub show_users {
 	if ( system("psql -h $host_ip -p $host_port -ec '\\du';") != 0 ) {
 		die "Can't show users";
 	}
@@ -268,3 +260,27 @@ sub reverse_schema {
 		[ $dsn, $user, $pass ],
 	);
 }
+
+sub update_pgpass {
+
+	my ($username, $password) = @_;
+
+	my $rfh;  # read file handle
+	my $pgpass = "$HOME/.pgpass";
+	my $wfh;  # write file handle
+	open($wfh, '>>', $pgpass) or die "Could not open file '$pgpass' $!";
+	open($rfh, '<', $pgpass) or die "Could not open file '$pgpass' $!";
+	my $user_plus_password = "$username:$password";
+	my $foo = sprintf("%s:%s\n", $username, $password);
+	if (! grep{/$user_plus_password/} <$rfh>){
+	  print $wfh "*:*:*:$user_plus_password\n";
+	  print "Updated $HOME/.pgpass\n";
+	}
+
+	# tighten the permission for security and Postgres
+	chmod 0600, $wfh or die "Couldn't chmod $wfh $!";
+
+	close $wfh;
+	close $rfh;
+}
+

[13/13] incubator-trafficcontrol git commit: superuser only creates the 'db_user' and creates databases (and assigns ownership to the db_user) and then db_user takes it from there...drop table, loadschema, migrate, seed...

Posted by da...@apache.org.

superuser only creates the 'db_user' and creates databases (and assigns ownership to the db_user) and then db_user takes it from there...drop table, loadschema, migrate, seed...


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/60e0dae5
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/60e0dae5
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/60e0dae5

Branch: refs/heads/master
Commit: 60e0dae5d4e4db9b497dcf90f4d1ef96dc7c2aa7
Parents: ed11e01
Author: Jeremy Mitchell <mi...@gmail.com>
Authored: Thu Apr 13 15:55:11 2017 -0600
Committer: Dan Kirkwood <da...@gmail.com>
Committed: Fri Apr 14 14:22:51 2017 -0600

----------------------------------------------------------------------
 traffic_ops/app/db/admin.pl   | 19 ++++++++++---------
 traffic_ops/app/db/dbconf.yml |  8 ++++----
 2 files changed, 14 insertions(+), 13 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/60e0dae5/traffic_ops/app/db/admin.pl
----------------------------------------------------------------------
diff --git a/traffic_ops/app/db/admin.pl b/traffic_ops/app/db/admin.pl
index 6f78f26..b7dfcc7 100755
--- a/traffic_ops/app/db/admin.pl
+++ b/traffic_ops/app/db/admin.pl
@@ -40,10 +40,10 @@ my $usage = "\n"
 	. "NOTE: \n"
 	. "Postgres Superuser: The 'postgres' superuser needs to be created to run $PROGRAM_NAME and setup databases.\n"
 	. "If the 'postgres' superuser has not been created or password has not been set then run the following commands accordingly. \n\n"
-	. "Create the 'postgres' user (if not created):\n"
-	. "     \$ createuser postgres\n\n"
+	. "Create the 'postgres' user as a super user (if not created):\n"
+	. "     \$ createuser postgres -s -r -d\n\n"
 	. "Set the 'postgres' user password:\n"
-	. "     CREATE ROLE postgres WITH CREATEROLE LOGIN ENCRYPTED PASSWORD 'yourpassword'; \n\n"
+	. "     CREATE ROLE postgres WITH CREATEROLE CREATEDB LOGIN ENCRYPTED PASSWORD 'yourpassword'; \n\n"
 	. "Postgres Password: file allows for easy command line access by defaulting the user and password for the database\n"
 	. "without prompts.\n\n"
 	. " Postgres .pgpass file format:\n"
@@ -52,6 +52,7 @@ my $usage = "\n"
 	. " Example Contents\n"
 	. " ----------------------\n"
 	. " *:*:*:postgres:yourpassword \n"
+	. " *:*:*:traffic_ops:yourpassword \n"
 	. " ----------------------\n\n"
 	. " Save the following example into this file $HOME/.pgpass with the permissions of this file\n"
 	. " so only $USER can read and write.\n\n"
@@ -78,7 +79,7 @@ my $db_protocol;
 # you don't have to specify --env=development for dev workstations
 my $db_name     = 'to_development';
 my $db_super_user = 'postgres';
-my $db_user = 'traffic_ops';
+my $db_user = '';
 my $db_password = '';
 my $host_ip     = '';
 my $host_port   = '';
@@ -166,7 +167,7 @@ sub parse_dbconf_yml_pg_driver {
 
 	$host_ip     = $hash->{host};
 	$host_port   = $hash->{port};
-	$db_super_user = $hash->{user};
+	$db_user = $hash->{user};
 	$db_password = $hash->{password};
 	$db_name     = $hash->{dbname};
 }
@@ -196,18 +197,18 @@ sub load_schema {
 
 sub dropdb {
 	print "Dropping database: $db_name\n";
-	if ( system("dropdb -h $host_ip -p $host_port -U $db_super_user -e --if-exists $db_name;") != 0 ) {
+	if ( system("dropdb -h $host_ip -p $host_port -U $db_user -e --if-exists $db_name;") != 0 ) {
 		die "Can't drop db $db_name\n";
 	}
 }
 
 sub createdb {
-	my $db_exists = `psql -h $host_ip -U $db_user -p $host_port -tAc "SELECT 1 FROM pg_database WHERE datname='$db_name'"`;
+	my $db_exists = `psql -h $host_ip -U $db_super_user -p $host_port -tAc "SELECT 1 FROM pg_database WHERE datname='$db_name'"`;
 	if ($db_exists) {
 		print "Database $db_name already exists\n";
 		return;
 	}
-    my $cmd = "createdb -h $host_ip -p $host_port -U $db_user --owner $db_user $db_name;";
+    my $cmd = "createdb -h $host_ip -p $host_port -U $db_super_user --owner $db_user $db_name;";
 	if ( system($cmd) != 0 ) {
 		die "Can't create db $db_name\n";
 	}
@@ -219,7 +220,7 @@ sub create_user {
 	my $user_exists = `psql -h $host_ip -p $host_port -U $db_super_user -tAc "SELECT 1 FROM pg_roles WHERE rolname='$db_user'"`;
 
 	if (!$user_exists) {
-		my $cmd = "CREATE USER $db_user WITH CREATEDB CREATEROLE LOGIN ENCRYPTED PASSWORD '$db_password'";
+		my $cmd = "CREATE USER $db_user WITH LOGIN ENCRYPTED PASSWORD '$db_password'";
 		if ( system(qq{psql -h $host_ip -p $host_port -U $db_super_user -tAc "$cmd"}) != 0 ) {
 			die "Can't create user $db_user\n";
 		}

http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/60e0dae5/traffic_ops/app/db/dbconf.yml
----------------------------------------------------------------------
diff --git a/traffic_ops/app/db/dbconf.yml b/traffic_ops/app/db/dbconf.yml
index 3a7cdf3..6c79b95 100755
--- a/traffic_ops/app/db/dbconf.yml
+++ b/traffic_ops/app/db/dbconf.yml
@@ -19,17 +19,17 @@ name: dbconf.yml
 
 development:
   driver: postgres
-  open: host=127.0.0.1 port=5432 user=postgres password=twelve dbname=to_development sslmode=disable
+  open: host=127.0.0.1 port=5432 user=traffic_ops password=twelve dbname=to_development sslmode=disable
 
 test:
   driver: postgres
-  open: host=127.0.0.1 port=5432 user=postgres password=twelve dbname=to_test sslmode=disable
+  open: host=127.0.0.1 port=5432 user=traffic_ops password=twelve dbname=to_test sslmode=disable
 
 integration:
   driver: postgres
-  open: host=127.0.0.1 port=5432 user=postgres password=twelve dbname=to_integration sslmode=disable
+  open: host=127.0.0.1 port=5432 user=traffic_ops password=twelve dbname=to_integration sslmode=disable
 
 production:
   driver: postgres
-  open: host=127.0.0.1 port=5432 user=postgres password=twelve dbname=traffic_ops sslmode=disable
+  open: host=127.0.0.1 port=5432 user=traffic_ops password=twelve dbname=traffic_ops sslmode=disable

[05/13] incubator-trafficcontrol git commit: switched the postgres user to be the driver of the admin.pl user

Posted by da...@apache.org.

switched the postgres user to be the driver of the admin.pl user


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/9d91e983
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/9d91e983
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/9d91e983

Branch: refs/heads/master
Commit: 9d91e9835c7745ddb8049e168ae3e4df7d4d9834
Parents: 74d2baf
Author: Dewayne Richardson <de...@apache.org>
Authored: Wed Apr 12 14:47:19 2017 -0600
Committer: Dan Kirkwood <da...@gmail.com>
Committed: Fri Apr 14 14:22:51 2017 -0600

----------------------------------------------------------------------
 traffic_ops/app/db/admin.pl | 69 +++++++++++++++++++++++++++++-----------
 1 file changed, 50 insertions(+), 19 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/9d91e983/traffic_ops/app/db/admin.pl
----------------------------------------------------------------------
diff --git a/traffic_ops/app/db/admin.pl b/traffic_ops/app/db/admin.pl
index b07ad25..25d7082 100755
--- a/traffic_ops/app/db/admin.pl
+++ b/traffic_ops/app/db/admin.pl
@@ -29,6 +29,9 @@ use YAML;
 use YAML qw(LoadFile);
 use DBIx::Class::Schema::Loader qw/make_schema_at/;
 
+use Env;
+use Env qw(HOME);
+
 my $usage = "\n"
 	. "Usage:  $PROGRAM_NAME [--env (development|test|production|integration)] [arguments]\t\n\n"
 	. "Example:  $PROGRAM_NAME --env=test reset\n\n"
@@ -55,7 +58,8 @@ my $db_protocol;
 # This is defaulted to 'to_development' so
 # you don't have to specify --env=development for dev workstations
 my $db_name     = 'to_development';
-my $db_username = 'to_development';
+my $db_super_user = 'postgres';
+my $db_user = 'traffic_ops';
 my $db_password = '';
 my $host_ip     = '';
 my $host_port   = '';
@@ -63,6 +67,8 @@ GetOptions( "env=s" => \$environment );
 $ENV{'MOJO_MODE'} = $environment;
 
 parse_dbconf_yml_pg_driver();
+update_pgpass($db_super_user, $db_password);
+update_pgpass($db_user, $db_password);
 
 STDERR->autoflush(1);
 my $argument = shift(@ARGV);
@@ -83,6 +89,10 @@ if ( defined($argument) ) {
 		showusers();
 	}
 	elsif ( $argument eq 'reset' ) {
+        print "db_name: $db_name\n";
+        print "db_user $db_user\n";
+        print "db_super_user $db_super_user\n";
+		createuser();
 		dropdb();
 		createdb();
 		load_schema();
@@ -150,9 +160,32 @@ sub parse_dbconf_yml_pg_driver {
 
 	$host_ip     = $hash->{host};
 	$host_port   = $hash->{port};
-	$db_name     = $hash->{dbname};
-	$db_username = $hash->{user};
+	$db_super_user = $hash->{user};
 	$db_password = $hash->{password};
+	$db_name     = $hash->{dbname};
+}
+
+sub update_pgpass {
+
+	my ($username, $password) = @_;
+
+	my $rfh;  # read file handle
+	my $pgpass = "$HOME/.pgpass";
+	my $wfh;  # write file handle
+	open($wfh, '>>', $pgpass) or die "Could not open file '$pgpass' $!";
+	open($rfh, '<', $pgpass) or die "Could not open file '$pgpass' $!";
+	my $user_plus_password = "$username:$password";
+	my $foo = sprintf("%s:%s\n", $username, $password);
+	if (! grep{/$user_plus_password/} <$rfh>){
+	  print $wfh "*:*:*:$user_plus_password\n";
+	  print "Updated $HOME/.pgpass\n";
+	}
+
+	# tighten the permission for security and Postgres
+	chmod 0600, $wfh or die "Couldn't chmod $wfh $!";
+
+	close $wfh;
+	close $rfh;
 }
 
 sub migrate {
@@ -166,53 +199,51 @@ sub migrate {
 
 sub seed {
 	print "Seeding database.\n";
-	if ( system("psql -h $host_ip -p $host_port -d $db_name -U $db_username -e < db/seeds.sql") != 0 ) {
+	if ( system("psql -h $host_ip -p $host_port -d $db_name -U $db_user -e < db/seeds.sql") != 0 ) {
 		die "Can't seed database\n";
 	}
 }
 
 sub load_schema {
 	print "Creating database tables.\n";
-	if ( system("psql -h $host_ip -p $host_port -d $db_name -U $db_username -e < db/create_tables.sql") != 0 ) {
+	if ( system("psql -h $host_ip -p $host_port -d $db_name -U $db_user -e < db/create_tables.sql") != 0 ) {
 		die "Can't create database tables\n";
 	}
 }
 
 sub dropdb {
-	if ( system("dropdb -h $host_ip -p $host_port -U $db_username -e --if-exists $db_name;") != 0 ) {
+	print "Dropping database: $db_name\n";
+	if ( system("dropdb -h $host_ip -p $host_port -U $db_super_user -e --if-exists $db_name;") != 0 ) {
 		die "Can't drop db $db_name\n";
 	}
 }
 
 sub createdb {
 	createuser();
-	my $db_exists = `psql -h $host_ip -p $host_port -tAc "SELECT 1 FROM pg_database WHERE datname='$db_name'"`;
+	my $db_exists = `psql -h $host_ip -U $db_user -p $host_port -tAc "SELECT 1 FROM pg_database WHERE datname='$db_name'"`;
 	if ($db_exists) {
 		print "Database $db_name already exists\n";
 		return;
 	}
-
-	if ( system("createdb -h $host_ip -p $host_port -U $db_username -e $db_name;") != 0 ) {
+    my $cmd = "createdb -h $host_ip -p $host_port -U $db_super_user --owner $db_user $db_name;";
+	if ( system($cmd) != 0 ) {
 		die "Can't create db $db_name\n";
 	}
+
 }
 
 sub createuser {
-	my $user_exists = `psql -h $host_ip -p $host_port postgres -tAc "SELECT 1 FROM pg_roles WHERE rolname='$db_username'"`;
-	if ($user_exists) {
-		print "Role $db_username already exists\n";
-		return;
-	}
+	my $user_exists = `psql -h $host_ip -p $host_port -U $db_user -tAc "SELECT 1 FROM pg_roles WHERE rolname='$db_user'"`;
 
-	my $cmd = "CREATE USER $db_username WITH SUPERUSER CREATEROLE CREATEDB ENCRYPTED PASSWORD '$db_password'";
-	if ( system(qq{psql -h $host_ip -p $host_port -tAc "$cmd"}) != 0 ) {
-		die "Can't create user $db_username\n";
+	my $cmd = "CREATE USER $db_user WITH CREATEDB ENCRYPTED PASSWORD '$db_password'";
+	if ( system(qq{psql -h $host_ip -p $host_port -U $db_super_user -tAc "$cmd"}) != 0 ) {
+		#die "Can't create user $db_user\n";
 	}
 }
 
 sub dropuser {
-	if ( system("dropuser -h $host_ip -p $host_port -i -e $db_username;") != 0 ) {
-		die "Can't drop user $db_username\n";
+	if ( system("dropuser -h $host_ip -p $host_port -i -e $db_user;") != 0 ) {
+		die "Can't drop user $db_user\n";
 	}
 }