From 86abbc1fb3f1768749cb63676d68da4f51daf46a Mon Sep 17 00:00:00 2001
From: Alex Denes <caskd@redxen.eu>
Date: Thu, 17 Oct 2024 19:41:18 +0000
Subject: [PATCH] Change to using group roles and dbowner roles

---
 main.go | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/main.go b/main.go
index 88fac91..5e5fe59 100644
--- a/main.go
+++ b/main.go
@@ -45,8 +45,11 @@ func main() {
 			v    []string
 		)
 
-		v, _ = pairs[user]
-		pairs[user] = append(v, db)
+		// Groups
+		if user != db {
+			v, _ = pairs[user]
+			pairs[user] = append(v, db)
+		}
 
 		databases[db] = nil
 	}
@@ -54,13 +57,15 @@ func main() {
 	hbabuf.WriteString("local\tall\tpostgres\ttrust\n")
 
 	for d := range databases {
-		initbuf.WriteString(fmt.Sprintf("CREATE DATABASE %s;\n", d))
+		initbuf.WriteString(fmt.Sprintf("CREATE ROLE %s LOGIN;\n", d))
+		initbuf.WriteString(fmt.Sprintf("CREATE DATABASE %s OWNER %s;\n", d, d))
+		hbabuf.WriteString(fmt.Sprintf("hostssl\t%s\t%s\tall\tcert\tclientcert=verify-full\n", d, d))
 	}
 
 	for u, v := range pairs {
-		initbuf.WriteString(fmt.Sprintf("CREATE USER %s LOGIN;\n", u))
+		initbuf.WriteString(fmt.Sprintf("CREATE ROLE %s LOGIN;\n", u))
 		for _, d := range v {
-			initbuf.WriteString(fmt.Sprintf("GRANT ALL PRIVILEGES ON DATABASE %s TO %s;\n", d, u))
+			initbuf.WriteString(fmt.Sprintf("GRANT %s TO %s;\n", d, u))
 			hbabuf.WriteString(fmt.Sprintf("hostssl\t%s\t%s\tall\tcert\tclientcert=verify-full\n", u, d))
 		}
 	}