Add "export grade" cleaning to srht-replicate-db
This commit is contained in:
parent
a87828f606
commit
0dfa56fba7
|
@ -5,15 +5,23 @@
|
|||
# Usage:
|
||||
#
|
||||
# ssh prod.database pg_dump database-name \
|
||||
# | ./srht-replicate-db [-e <email-domain>] database-name
|
||||
# | ./srht-replicate-db [-e <email-domain>] [-x] database-name
|
||||
#
|
||||
# -x will delete extra data for a database dump which is suitable to give to
|
||||
# third parties by removing all non-public information. This is only supported
|
||||
# for git.sr.ht and hg.sr.ht.
|
||||
|
||||
email_domain=example.org
|
||||
export_grade=0
|
||||
while getopts e: name
|
||||
do
|
||||
case $name in
|
||||
e)
|
||||
email_domain="$OPTARG"
|
||||
;;
|
||||
x)
|
||||
export_grade=1
|
||||
;;
|
||||
?)
|
||||
echo "Invalid usage" >&2
|
||||
exit 1
|
||||
|
@ -30,22 +38,49 @@ fi
|
|||
|
||||
database="$1"
|
||||
|
||||
dropdb "$1" </dev/null
|
||||
createdb "$1" </dev/null
|
||||
psql -d "$1"
|
||||
dropdb "$database" </dev/null
|
||||
createdb "$database" </dev/null
|
||||
psql -d "$database"
|
||||
|
||||
# Change emails so we don't accidentally send test emails to prod users
|
||||
psql -d "$1" <<EOF
|
||||
psql -d "$database" <<EOF
|
||||
UPDATE "user" SET email = CONCAT("user".username, '@', '$email_domain');
|
||||
EOF
|
||||
|
||||
if [ "$database" = "meta.sr.ht" ]
|
||||
then
|
||||
# Sets all passwords to "password" and clears sensitive info
|
||||
psql -d "$1" <<-"EOF"
|
||||
psql -d "$database" <<-"EOF"
|
||||
UPDATE "user" SET password = '$2b$12$nujoTspVHan1mWeZp.Fs3egKXRnWKS3nRkh3alKrpTTDYmvJNH2Gq';
|
||||
UPDATE "user" SET reset_hash = null;
|
||||
UPDATE "user" SET stripe_customer = null;
|
||||
DELETE FROM user_auth_factor;
|
||||
EOF
|
||||
else
|
||||
psql -d "$database" <<-"EOF"
|
||||
UPDATE "user" SET oauth_token = null;
|
||||
UPDATE "user" SET oauth_revocation_token = null;
|
||||
EOF
|
||||
fi
|
||||
|
||||
if [ $export_grade -eq 1 ]
|
||||
then
|
||||
if [ "$database" = "git.sr.ht" ] || [ "$database" = "hg.sr.ht" ]
|
||||
then
|
||||
psql -d "$1" <<-EOF
|
||||
DELETE FROM repo_webhook_delivery;
|
||||
DELETE FROM repo_webhook_subscription;
|
||||
DELETE FROM user_webhook_delivery;
|
||||
DELETE FROM user_webhook_subscription;
|
||||
DELETE FROM oauthtoken;
|
||||
DELETE FROM access;
|
||||
|
||||
DELETE FROM redirect rd
|
||||
JOIN repository rp
|
||||
ON rd.repo_id = rd.id
|
||||
WHERE rp.visibility != 'public';
|
||||
|
||||
DELETE FROM "repository" WHERE visibility != 'public';
|
||||
EOF
|
||||
fi
|
||||
fi
|
||||
|
|
Loading…
Reference in New Issue