settings: Support arbitrary database user and dbname.

This adds basic support for `postgresql.database_user` and `postgresql.database_name` settings in `zulip.conf`; the defaults if unspecified are left as `zulip`. Co-authored-by: Adam Birds <adam.birds@adbwebdesigns.co.uk>
2021-05-24 20:46:09 -07:00 · 2021-05-24 20:46:09 -07:00 · 54c222d3f8
parent 02fc0d3e1d
commit 54c222d3f8
2 changed files with 16 additions and 3 deletions
--- a/scripts/setup/generate_secrets.py
+++ b/scripts/setup/generate_secrets.py
@ -7,6 +7,7 @@ from typing import Dict, List
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
 sys.path.append(BASE_DIR)
 from scripts.lib.setup_path import setup_path
+from scripts.lib.zulip_tools import get_config, get_config_file

 setup_path()

@ -101,6 +102,13 @@ def generate_secrets(development: bool = False) -> None:
    if development and need_secret("local_database_password"):
        add_secret("local_database_password", random_token())

+    # We only need a secret if the database username does not match
+    # the OS username, as identd auth works in that case.
+    if get_config(
+        get_config_file(), "postgresql", "database_user", "zulip"
+    ) != "zulip" and need_secret("postgres_password"):
+        add_secret("postgres_password", random_token())
+
    # The core Django SECRET_KEY setting, used by Django internally to
    # secure sessions.  If this gets changed, all users will be logged out.
    if need_secret("secret_key"):
--- a/zproject/computed_settings.py
+++ b/zproject/computed_settings.py
@ -281,8 +281,8 @@ SILENCED_SYSTEM_CHECKS = [
 DATABASES: Dict[str, Dict[str, Any]] = {
    "default": {
        "ENGINE": "django.db.backends.postgresql",
-        "NAME": "zulip",
-        "USER": "zulip",
+        "NAME": get_config("postgresql", "database_name", "zulip"),
+        "USER": get_config("postgresql", "database_user", "zulip"),
        # Password = '' => peer/certificate authentication (no password)
        "PASSWORD": "",
        # Host = '' => connect to localhost by default
@ -314,7 +314,12 @@ elif REMOTE_POSTGRES_HOST != "":
        DATABASES["default"]["OPTIONS"]["sslmode"] = REMOTE_POSTGRES_SSLMODE
    else:
        DATABASES["default"]["OPTIONS"]["sslmode"] = "verify-full"
-
+elif get_config("postgresql", "database_user") != "zulip":
+    if get_secret("postgres_password") is not None:
+        DATABASES["default"].update(
+            PASSWORD=get_secret("postgres_password"),
+            HOST="localhost",
+        )
 POSTGRESQL_MISSING_DICTIONARIES = bool(get_config("postgresql", "missing_dictionaries", None))

 DEFAULT_AUTO_FIELD = "django.db.models.AutoField"