#! /bin/sh #------------------------------------------------------------------------------ # /var/install/config.d/postgresql18-update.sh - parameter update script # # Creation : 2017-05-28 daniel # Last Update: 2025-12-16 18:06:47 # # Copyright (c) 2025 the eisfair team, team(at)eisfair(dot)org # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. #------------------------------------------------------------------------------ package='postgresql18' #------------------------------------------------------------------------------ # include eisfair script library #------------------------------------------------------------------------------ . /var/install/include/eislib . /var/install/include/configlib #------------------------------------------------------------------------------ # list of default values #------------------------------------------------------------------------------ START_POSTGRESQL18='no' # Shall postgresql deamon be started POSTGRESQL18_DATADIR='/srv/pgsql/18' # location of database cluster POSTGRESQL18_ENCODING='UTF8' # default database encoding POSTGRESQL18_NETWORKING='yes' # Enable network access to PostgreSQL POSTGRESQL18_CONNECT_PORT='5432' # TCP/IP port for network access POSTGRESQL18_CONNECTIONS='10' # max concurrent connects POSTGRESQL18_ENABLE_SSL='no' # enable SSL connections POSTGRESQL18_SSL_CERT_FILE='server.pem' # name of server public key POSTGRESQL18_SSL_KEY_FILE='server.key' # name of server private key POSTGRESQL18_SSL_CLIENT_VERIFY='no' # enable client certificate verification POSTGRESQL18_SSL_CA_FILE='trusted_ca.pem' # name of a file containing trusted root CAs POSTGRESQL18_HOST_N='2' # number of host entries POSTGRESQL18_HOST_1_TYPE='local' # Local or network(host) access? POSTGRESQL18_HOST_1_NETWORK='' # IP-Address of host (or network) 1 POSTGRESQL18_HOST_1_USERAUTH='trust' # Authentication POSTGRESQL18_HOST_1_DATABASE='all' # affected databases POSTGRESQL18_HOST_1_USER='all' # affected users POSTGRESQL18_HOST_1_CLIENTCERT='none' # verification of client certificate POSTGRESQL18_HOST_2_TYPE='host' # Local or network(host) access? POSTGRESQL18_HOST_2_NETWORK='127.0.0.1/32' # IP-Address of host (or network) 1 POSTGRESQL18_HOST_2_USERAUTH='trust' # Authentication POSTGRESQL18_HOST_2_DATABASE='all' # affected databases POSTGRESQL18_HOST_2_USER='all' # affected users POSTGRESQL18_HOST_2_CLIENTCERT='none' # verification of client certificate POSTGRESQL18_AUTOVACUUM='yes' # Start autovacuum process # preformance options POSTGRESQL18_MEMORY_LAYOUT='medium' # layout: small, medium, large, huge POSTGRESQL18_WRITE_MODE='normal' # mode: secure, normal, fast, nosync # advanced options (log options) POSTGRESQL18_LOG_SETTINGS='no' POSTGRESQL18_CLIENT_LOG_LEVEL='notice' # log level for client programs POSTGRESQL18_SERVER_LOG_LEVEL='notice' # log level for server log POSTGRESQL18_LOG_VERBOSE='no' # verbose log messages POSTGRESQL18_LOG_STATEMENTS='no' # writes SQL statements to log POSTGRESQL18_BACKUP_TIMER='*-*-10 01:00:00' # schedule for autom. backup POSTGRESQL18_BACKUP_TARGET='/srv/pgsql_backup' # target directory for backups POSTGRESQL18_BACKUP_MOUNT='' # Command executed before backup POSTGRESQL18_BACKUP_UMOUNT='' # Command executed after backup POSTGRESQL18_BACKUP_NOTIFY='root@localhost' # E-mail address for error notification POSTGRESQL18_BACKUP_CLUSTER='yes' # backup complete database cluster POSTGRESQL18_BACKUP_CLUSTER_USER='postgres' # User to connect to db server POSTGRESQL18_BACKUP_CLUSTER_MAX='7' # number of db-cluster backup copies to keep POSTGRESQL18_BACKUP_DATABASES='no' # backup individual databases POSTGRESQL18_BACKUP_N='0' # Number of databases to backup POSTGRESQL18_BACKUP_1_DBNAME='template1' # Name of database to backup POSTGRESQL18_BACKUP_1_USER='postgres' # User to connect to db server POSTGRESQL18_BACKUP_1_MAX='7' # Number of backup files to maintain # ----------------------------------------------------------------------------- # rename old variables # ----------------------------------------------------------------------------- rename_old_variables() { # read old values if [ -f /etc/config.d/${package} ] then . /etc/config.d/${package} fi } # ----------------------------------------------------------------------------- # add new variables # ----------------------------------------------------------------------------- add_new_variables() { # no variables added at this time echo "" > /dev/null idx=1 while [ "$idx" -le "$POSTGRESQL18_HOST_N" ] do eval clientcert='${POSTGRESQL18_HOST_'${idx}'_CLIENTCERT}' if [ -z "${clientcert}" ] then eval 'POSTGRESQL18_HOST_'${idx}'_CLIENTCERT'="none" fi idx=$(($idx + 1)) done } # ----------------------------------------------------------------------------- # Write config and default files # ----------------------------------------------------------------------------- write_config_file() { local internal_conf_file=${1} ( printgpl -conf "${package}" "2006-12-16" "dv" \ "2025 the eisfair team, team(at)eisfair(dot)org" printgroup "PostgreSQL server settings" printvar "START_POSTGRESQL18" "Shall PostgreSQL be started" printgroup "PostgreSQL storage location" printvar "POSTGRESQL18_DATADIR" "location of database cluster" printvar "POSTGRESQL18_ENCODING" "default database encoding" printgroup "PostgreSQL network (TCP/IP) access" printvar "POSTGRESQL18_NETWORKING" "Enable network access to PostgreSQL" printvar "POSTGRESQL18_CONNECT_PORT" "TCP/IP port for network access" printvar "POSTGRESQL18_CONNECTIONS" "Max concurrent connects" printvar "POSTGRESQL18_ENABLE_SSL" "Enable SSL connections" printvar "POSTGRESQL18_SSL_CERT_FILE" "Name of server public key" printvar "POSTGRESQL18_SSL_KEY_FILE" "Name of server private key" printvar "POSTGRESQL18_SSL_CLIENT_VERIFY" "Enable client certificate verification" printvar "POSTGRESQL18_SSL_CA_FILE" "Name of file containing trusted CAs" printgroup "Host access table" printvar "POSTGRESQL18_HOST_N" "Number of host entries" echo "" printvar "POSTGRESQL18_HOST_1_TYPE" "Local or network access?" printvar "POSTGRESQL18_HOST_1_NETWORK" "IP-Address of host or network" printvar "POSTGRESQL18_HOST_1_USERAUTH" "Authentication" printvar "POSTGRESQL18_HOST_1_DATABASE" "Affected databases or 'all' for all" printvar "POSTGRESQL18_HOST_1_USER" "Affected users or 'all' for all" printvar "POSTGRESQL18_HOST_1_CLIENTCERT" "Verification of client certificate" echo "" printvar "POSTGRESQL18_HOST_2_TYPE" "Local or network access?" printvar "POSTGRESQL18_HOST_2_NETWORK" "IP-Address of host or network" printvar "POSTGRESQL18_HOST_2_USERAUTH" "Authentication" printvar "POSTGRESQL18_HOST_2_DATABASE" "Affected databases or 'all' for all" printvar "POSTGRESQL18_HOST_2_USER" "Affected users or 'all' for all" printvar "POSTGRESQL18_HOST_2_CLIENTCERT" "Verification of client certificate" idx=3 while [ "$idx" -le "$POSTGRESQL18_HOST_N" ] do echo "" printvar "POSTGRESQL18_HOST_${idx}_TYPE" "Local or network access?" printvar "POSTGRESQL18_HOST_${idx}_NETWORK" "IP-Address of host or network" printvar "POSTGRESQL18_HOST_${idx}_USERAUTH" "Authentication" printvar "POSTGRESQL18_HOST_${idx}_DATABASE" "Affected databases or 'all' for all" printvar "POSTGRESQL18_HOST_${idx}_USER" "Affected users or 'all' for all" printvar "POSTGRESQL18_HOST_${idx}_CLIENTCERT" "Verification of client certificate" idx=$(($idx + 1)) done printgroup "Performance options" printvar "POSTGRESQL18_AUTOVACUUM" "Start autovacuum process" printvar "POSTGRESQL18_MEMORY_LAYOUT" "Memory layout: small, medium, large, huge" printvar "POSTGRESQL18_WRITE_MODE" "Write mode: secure, normal, fast, nosync" printgroup "Log options (advanced)" printvar "POSTGRESQL18_LOG_SETTINGS" "manually overwrite default settings?" printvar "POSTGRESQL18_CLIENT_LOG_LEVEL" "Log level for client programs" printvar "POSTGRESQL18_SERVER_LOG_LEVEL" "log level for server log" printvar "POSTGRESQL18_LOG_VERBOSE" "Verbose log messages" printvar "POSTGRESQL18_LOG_STATEMENTS" "write SQL statements to log" printgroup "Database backup" printvar "POSTGRESQL18_BACKUP_TIMER" "Schedule for autom. backup" printvar "POSTGRESQL18_BACKUP_TARGET" "Target directory for backups" printvar "POSTGRESQL18_BACKUP_MOUNT" "Command executed before backup" printvar "POSTGRESQL18_BACKUP_UMOUNT" "Command executed after backup" printvar "POSTGRESQL18_BACKUP_NOTIFY" "E-mail address for error notification" echo "" printvar "POSTGRESQL18_BACKUP_CLUSTER" "Backup complete database cluster" printvar "POSTGRESQL18_BACKUP_CLUSTER_USER" "User to connect to db server" printvar "POSTGRESQL18_BACKUP_CLUSTER_MAX" "Number of db-cluster backup copies to keep" printvar "POSTGRESQL18_BACKUP_DATABASES" "backup individual databases" printvar "POSTGRESQL18_BACKUP_N" "Number of databases to backup" printvar "POSTGRESQL18_BACKUP_1_DBNAME" "Name of database to backup" printvar "POSTGRESQL18_BACKUP_1_USER" "User to connect to db server" printvar "POSTGRESQL18_BACKUP_1_MAX" "Number of backup files to maintain" idx=2 while [ "$idx" -le "$POSTGRESQL18_BACKUP_N" ] do echo "" printvar "POSTGRESQL18_BACKUP_${idx}_DBNAME" "Name of database to backup" printvar "POSTGRESQL18_BACKUP_${idx}_USER" "User to connect to db server" printvar "POSTGRESQL18_BACKUP_${idx}_MAX" "Number of backup files to maintain" idx=$(($idx + 1)) done echo "" printend ) > ${internal_conf_file} # Set rights chmod 0644 ${internal_conf_file} chown root ${internal_conf_file} } # --------------------------------------------------------------------------- # Create the check.d file # --------------------------------------------------------------------------- write_check_file() { ( printgpl -check "${package}" "2007-03-03" "dv" \ "2025 the eisfair team, team(at)eisfair(dot)org" echo "START_POSTGRESQL18 - - YESNO" echo "POSTGRESQL18_NETWORKING START_POSTGRESQL18 - YESNO" echo "POSTGRESQL18_DATADIR START_POSTGRESQL18 - ABS_PATH" echo "POSTGRESQL18_ENCODING START_POSTGRESQL18 - PG18_ENCODING" echo "POSTGRESQL18_CONNECT_PORT START_POSTGRESQL18 - PORT" echo "POSTGRESQL18_CONNECT_PORT START_POSTGRESQL18 - PGSQL_COMMON_PORT_CUI" echo "POSTGRESQL18_CONNECTIONS START_POSTGRESQL18 - NUMERIC" echo "POSTGRESQL18_CONNECTIONS START_POSTGRESQL18 - PG18_MAXCONN" echo "POSTGRESQL18_ENABLE_SSL START_POSTGRESQL18 - YESNO" echo "POSTGRESQL18_SSL_CERT_FILE POSTGRESQL18_ENABLE_SSL - PG18_SSL_CERTS_CUI" echo "POSTGRESQL18_SSL_KEY_FILE POSTGRESQL18_ENABLE_SSL - PG18_SSL_KEYS_CUI" echo "POSTGRESQL18_SSL_CLIENT_VERIFY POSTGRESQL18_ENABLE_SSL - YESNO" echo "POSTGRESQL18_SSL_CA_FILE POSTGRESQL18_SSL_CLIENT_VERIFY - PG18_SSL_CERTS_CUI" echo "POSTGRESQL18_HOST_N START_POSTGRESQL18 - NUMERIC" echo "POSTGRESQL18_HOST_%_TYPE START_POSTGRESQL18 POSTGRESQL18_HOST_N PG18_ACCESSTYPE" echo "POSTGRESQL18_HOST_%_NETWORK START_POSTGRESQL18 POSTGRESQL18_HOST_N PG18_NETWORK" echo "POSTGRESQL18_HOST_%_USERAUTH START_POSTGRESQL18 POSTGRESQL18_HOST_N PG18_AUTHENTICATION" echo "POSTGRESQL18_HOST_%_DATABASE START_POSTGRESQL18 POSTGRESQL18_HOST_N NOTEMPTY" echo "POSTGRESQL18_HOST_%_USER START_POSTGRESQL18 POSTGRESQL18_HOST_N NOTEMPTY" echo "POSTGRESQL18_HOST_%_CLIENTCERT START_POSTGRESQL18 POSTGRESQL18_HOST_N PG18_CLIENTCERT" echo "POSTGRESQL18_AUTOVACUUM START_POSTGRESQL18 - YESNO" echo "POSTGRESQL18_MEMORY_LAYOUT START_POSTGRESQL18 - PG18_MEM_LAYOUT" echo "POSTGRESQL18_WRITE_MODE START_POSTGRESQL18 - PG18_WRITE_MODE" echo "POSTGRESQL18_LOG_SETTINGS START_POSTGRESQL18 - YESNO" echo "POSTGRESQL18_CLIENT_LOG_LEVEL POSTGRESQL18_LOG_SETTINGS - PG18_LOGLEVEL" echo "POSTGRESQL18_SERVER_LOG_LEVEL POSTGRESQL18_LOG_SETTINGS - PG18_LOGLEVEL" echo "POSTGRESQL18_LOG_VERBOSE POSTGRESQL18_LOG_SETTINGS - YESNO" echo "POSTGRESQL18_LOG_STATEMENTS POSTGRESQL18_LOG_SETTINGS - YESNO" echo "POSTGRESQL18_BACKUP_TIMER START_POSTGRESQL18 - ON_CALENDAR" echo "POSTGRESQL18_BACKUP_TARGET START_POSTGRESQL18 - ABS_PATH" echo "POSTGRESQL18_BACKUP_MOUNT START_POSTGRESQL18 - NONE" echo "POSTGRESQL18_BACKUP_UMOUNT START_POSTGRESQL18 - NONE" echo "POSTGRESQL18_BACKUP_NOTIFY START_POSTGRESQL18 - EMAILADDR" echo "POSTGRESQL18_BACKUP_CLUSTER START_POSTGRESQL18 - YESNO" echo "POSTGRESQL18_BACKUP_CLUSTER_USER POSTGRESQL18_BACKUP_CLUSTER - NOTEMPTY" echo "POSTGRESQL18_BACKUP_CLUSTER_MAX POSTGRESQL18_BACKUP_CLUSTER - NUMERIC" echo "POSTGRESQL18_BACKUP_DATABASES START_POSTGRESQL18 - YESNO" echo "POSTGRESQL18_BACKUP_N POSTGRESQL18_BACKUP_DATABASES - NUMERIC" echo "POSTGRESQL18_BACKUP_%_DBNAME POSTGRESQL18_BACKUP_DATABASES POSTGRESQL18_BACKUP_N NOTEMPTY" echo "POSTGRESQL18_BACKUP_%_USER POSTGRESQL18_BACKUP_DATABASES POSTGRESQL18_BACKUP_N NOTEMPTY" echo "POSTGRESQL18_BACKUP_%_MAX POSTGRESQL18_BACKUP_DATABASES POSTGRESQL18_BACKUP_N NUMERIC" echo "" ) > /etc/check.d/${package} # Set rights for check.d file chmod 0644 /etc/check.d/${package} chown root /etc/check.d/${package} ( printgpl -check_exp "${package}" "2017-04-26" "dv" \ "2025 the eisfair team, team(at)eisfair(dot)org" echo "PG18_ENCODING = 'BIG5|EUC_CN|EUC_JP|EUC_JIS_2004|EUC_KR|EUC_TW|GB18030|GBK|ISO_8859_5|ISO_8859_6|ISO_8859_7|ISO_8859_8|JOHAB|KOI8R|KOI8U|LATIN1|LATIN2|LATIN3|LATIN4|LATIN5|LATIN6|LATIN7|LATIN8|LATIN9|LATIN10|MULE_INTERNAL|SJIS|SHIFT_JIS_2004|SQL_ASCII|UHC|UTF8|WIN866|WIN874|WIN1250|WIN1251|WIN1252|WIN1253|WIN1254|WIN1255|WIN1256|WIN1257|WIN1258'" echo " : 'Wrong encoding. Read documentation!'" echo "PG18_ACCESSTYPE = 'local|host|hostssl|hostnossl'" echo " : 'Wrong access type! Only \"local\", \"host\", \"hostssl\" or" echo " \"hostnossl\" are allowed'" echo "PG18_NETWORK = '()|(RE:NETWORK)'" echo " : 'no valid network specification, should be a network" echo " address followed by a netmask, for instance 192.168.6.0/24'" echo "PG18_SSL_CERTS_CUI = '()|(RE:NOTEMPTY)'" echo " : 'SSL certificate name expected'" echo "PG18_SSL_KEYS_CUI = '()|(RE:NOTEMPTY)'" echo " : 'SSL private key name expected'" echo "PG18_AUTHENTICATION = 'trust|reject|md5|scram-sha-256|password|krb4|krb5|ident|peer|pam'" echo " : 'Wrong authentication method! Only \"trust\", \"reject\"," echo " \"md5\", \"scram-sha-256\", \"password\", \"krb4\", \"krb5\"," echo " \"ident\", \"peer\" or \"pam\" are allowed.'" echo "PG18_CLIENTCERT = 'none|verify-ca|verify-full'" echo " : 'Wrong certificate verification! Only \"none\", \"verify-ca\" or" echo " \"verify-full\" are allowed.'" echo "PG18_MEM_LAYOUT = 'small|medium|large|huge'" echo " : 'Wrong memory layout! Only \"small\", \"medium\", \"large\" or \"huge\".'" echo "PG18_WRITE_MODE = 'secure|normal|fast|nosync'" echo " : 'Wrong write mode! Only \"secure\", \"normal\", \"fast\" or \"nosync\".'" echo "PG18_LOGLEVEL = 'debug5|debug4|debug3|debug2|debug1|log|notice|warning|error|fatal|panic'" echo " : 'Wrong loglevel! Only \"debug5\", \"debug4\", \"debug3\"," echo " \"debug2\",\"debug1\", \"log\", \"notice\", \"warning\"," echo " \"error\", \"fatal\", \"panic\" are allowed.'" echo "PG18_BYTENUM = '(RE:NUMERIC)(GB|MB|kB|())'" echo " : 'Wrong memory size given! Use number with optional postfix " echo " \"GB\", \"MB\" or \"kB\".'" echo "PG18_MAXCONN = '[1-9][0-9]{0,2}|[1][0-9]{3}|2000'" echo " : 'value must be in range 1..2000'" echo "PGSQL_COMMON_PORT_CUI = '(RE:PORT)'" echo " : 'enter a valid network port in the range between 1 and 65535'" echo "" ) > /etc/check.d/${package}.exp # Set rights for check.exp file chmod 0644 /etc/check.d/${package}.exp chown root /etc/check.d/${package}.exp } # ----------------------------------------------------------------------------- # Main # ----------------------------------------------------------------------------- # write default config file write_config_file /etc/default.d/${package} # update from old version rename_old_variables add_new_variables # write new config file write_config_file /etc/config.d/${package} # write check.d file write_check_file