diff --git a/Backend/main.go b/Backend/main.go index e0817dd..335d2cb 100644 --- a/Backend/main.go +++ b/Backend/main.go @@ -50,10 +50,12 @@ func main() { defer models.DB.(*sql.DB).Close() - err = Migrate() - if err != nil { - slog.Error("Failed to migrate the database to newest version", "Error", err) - return + if helper.GetEnv("GO_ENV", "production") != "debug" { + err = Migrate() + if err != nil { + slog.Error("Failed to migrate the database to newest version", "Error", err) + return + } } fs := http.FileServer(http.Dir("./static")) diff --git a/DBB/initdb/01_create_user.sh b/DBB/initdb/01_create_user.sh new file mode 100755 index 0000000..91c3259 --- /dev/null +++ b/DBB/initdb/01_create_user.sh @@ -0,0 +1,56 @@ +#!/bin/bash +set -e # Exit on error + +echo "Creating PostgreSQL user and setting permissions... $POSTGRES_USER for API user $POSTGRES_API_USER" + + + +psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL + CREATE ROLE migrate LOGIN ENCRYPTED PASSWORD '$POSTGRES_PASSWORD'; + GRANT USAGE, CREATE ON SCHEMA public TO migrate; + GRANT CONNECT ON DATABASE arbeitszeitmessung TO migrate; +EOSQL + +# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL + +# GRANT SELECT, INSERT, UPDATE ON anwesenheit, abwesenheit, user_password, wochen_report, s_feiertage TO $POSTGRES_API_USER; +# GRANT DELETE ON abwesenheit TO $POSTGRES_API_USER; +# GRANT SELECT ON s_personal_daten, s_abwesenheit_typen, s_anwesenheit_typen, s_feiertage TO $POSTGRES_API_USER; +# GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO $POSTGRES_API_USER; +# EOSQL + +echo "User creation and permissions setup complete!" + + +psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL + +-- privilege roles +DO \$\$ +BEGIN + IF NOT EXISTS (SELECT FROM pg_roles WHERE rolname = 'app_base') THEN + CREATE ROLE app_base NOLOGIN; + END IF; +END +\$\$; + +-- dynamic login role +DO \$\$ +BEGIN + IF NOT EXISTS (SELECT FROM pg_roles WHERE rolname = '$POSTGRES_API_USER') THEN + CREATE ROLE $POSTGRES_API_USER + LOGIN + ENCRYPTED PASSWORD '$POSTGRES_API_PASS'; + END IF; +END +\$\$; + +-- grant base privileges +GRANT app_base TO $POSTGRES_API_USER; +GRANT CONNECT ON DATABASE $POSTGRES_DB TO $POSTGRES_API_USER; +GRANT USAGE ON SCHEMA public TO $POSTGRES_API_USER; + +CREATE EXTENSION IF NOT EXISTS pgcrypto; + +EOSQL + +# psql -v ON_ERROR_STOP=1 --username root --dbname arbeitszeitmessung diff --git a/Readme.md b/Readme.md index 2f4bbdd..c058ab8 100644 --- a/Readme.md +++ b/Readme.md @@ -120,3 +120,29 @@ Antwort `202` Akzeptiert und eingefügt Antwort `409` Konflikt Die vorherige Buchung am selben Tag hat den gleichen Buchungstyp + +# Filestrukture + +``` +├── Backend (Webserver) +│   ├── doc (Templates for Document Creator --> typst used to create PDF Reports) +│   │   ├── static +│   │   └── templates +│   ├── endpoints (HTML Server endpoints (see main.go for Routes)) +│   ├── helper (Helper classes) +│   │   ├── logs +│   │   └── paramParser +│   ├── logs (Log Folder, no sourcecode) +│   ├── migrations (DB Migrations Folder, no direct sourcecode) +│   ├── models (DB Models and their function) +│   ├── src (Tailwind src --> used to config css formatter) +│   ├── static (Webserver static, used to server static content, e.g. JS and CSS files) +│   │   └── css +│   └── templates (HTML Templates for every page written in templ and compiled to go) +├── Cron (all Cron Scripts) +├── DB (local Database mount Point) +│   └── initdb (initialization scripts for DB) +├── Docker (Docker Files, only docker-compose.yaml used) +├── docs +└── └── images +```