Consolidate documentation and update backend services
- Reorganize docs into 'Core deployment guides' and 'Setup and configuration' subdirectories - Consolidate redundant documentation files (ACR, pipelines, deployment guides) - Add documentation consolidation plan - Update backend database factory and logger services - Update migration script and docker-compose configurations - Add PostgreSQL setup script
This commit is contained in:
130
scripts/setup-postgresql.sh
Executable file
130
scripts/setup-postgresql.sh
Executable file
@@ -0,0 +1,130 @@
|
||||
#!/bin/bash
|
||||
# Azure PostgreSQL Setup Script for CMDB Insight
|
||||
# Creates PostgreSQL Flexible Server and configures it for production
|
||||
|
||||
set -e
|
||||
|
||||
# Configuration
|
||||
RESOURCE_GROUP="zdl-cmdb-insight-prd-euwe-rg"
|
||||
SERVER_NAME="zdl-cmdb-insight-prd-psql"
|
||||
ADMIN_USER="cmdbadmin"
|
||||
LOCATION="westeurope"
|
||||
KEY_VAULT="zdl-cmdb-insight-prd-kv"
|
||||
BACKEND_APP_NAME="zdl-cmdb-insight-prd-backend-webapp"
|
||||
|
||||
echo "🐘 Setting up Azure PostgreSQL for CMDB Insight..."
|
||||
echo ""
|
||||
|
||||
# Step 1: Generate secure password
|
||||
echo "🔐 Step 1: Generating secure password..."
|
||||
ADMIN_PASSWORD=$(openssl rand -base64 32)
|
||||
echo "✅ Password generated (will be stored in Key Vault)"
|
||||
echo ""
|
||||
|
||||
# Step 2: Create PostgreSQL Flexible Server
|
||||
echo "📦 Step 2: Creating PostgreSQL Flexible Server..."
|
||||
az postgres flexible-server create \
|
||||
--resource-group $RESOURCE_GROUP \
|
||||
--name $SERVER_NAME \
|
||||
--location $LOCATION \
|
||||
--admin-user $ADMIN_USER \
|
||||
--admin-password $ADMIN_PASSWORD \
|
||||
--sku-name Standard_B1ms \
|
||||
--tier Burstable \
|
||||
--storage-size 32 \
|
||||
--version 15 \
|
||||
--public-access 0.0.0.0 \
|
||||
--high-availability Disabled \
|
||||
--output none
|
||||
|
||||
if [ $? -eq 0 ]; then
|
||||
echo "✅ PostgreSQL server created: ${SERVER_NAME}.postgres.database.azure.com"
|
||||
else
|
||||
echo "❌ Failed to create PostgreSQL server"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Step 3: Create database
|
||||
echo ""
|
||||
echo "📊 Step 3: Creating database..."
|
||||
echo " Note: Single database is used by default (contains all tables)"
|
||||
az postgres flexible-server db create \
|
||||
--resource-group $RESOURCE_GROUP \
|
||||
--server-name $SERVER_NAME \
|
||||
--database-name cmdb_insight \
|
||||
--output none
|
||||
|
||||
echo "✅ Database created: cmdb_insight"
|
||||
|
||||
# Step 4: Configure firewall (allow Azure services)
|
||||
echo ""
|
||||
echo "🔥 Step 4: Configuring firewall rules..."
|
||||
az postgres flexible-server firewall-rule create \
|
||||
--resource-group $RESOURCE_GROUP \
|
||||
--name $SERVER_NAME \
|
||||
--rule-name AllowAzureServices \
|
||||
--start-ip-address 0.0.0.0 \
|
||||
--end-ip-address 0.0.0.0 \
|
||||
--output none
|
||||
|
||||
echo "✅ Firewall rule created (allows Azure services)"
|
||||
|
||||
# Step 5: Store credentials in Key Vault
|
||||
echo ""
|
||||
echo "🔐 Step 5: Storing credentials in Key Vault..."
|
||||
az keyvault secret set \
|
||||
--vault-name $KEY_VAULT \
|
||||
--name DatabasePassword \
|
||||
--value "$ADMIN_PASSWORD" \
|
||||
--output none
|
||||
|
||||
# Create connection string
|
||||
CONNECTION_STRING="postgresql://${ADMIN_USER}:${ADMIN_PASSWORD}@${SERVER_NAME}.postgres.database.azure.com:5432/cmdb_insight?sslmode=require"
|
||||
az keyvault secret set \
|
||||
--vault-name $KEY_VAULT \
|
||||
--name DatabaseUrl \
|
||||
--value "$CONNECTION_STRING" \
|
||||
--output none
|
||||
|
||||
echo "✅ Credentials stored in Key Vault"
|
||||
|
||||
# Step 6: Configure App Service app settings
|
||||
echo ""
|
||||
echo "⚙️ Step 6: Configuring App Service app settings..."
|
||||
|
||||
# Get Key Vault URL
|
||||
KV_URL=$(az keyvault show --name $KEY_VAULT --query properties.vaultUri -o tsv)
|
||||
|
||||
# Configure database settings
|
||||
az webapp config appsettings set \
|
||||
--name $BACKEND_APP_NAME \
|
||||
--resource-group $RESOURCE_GROUP \
|
||||
--settings \
|
||||
DATABASE_TYPE=postgres \
|
||||
DATABASE_HOST="${SERVER_NAME}.postgres.database.azure.com" \
|
||||
DATABASE_PORT=5432 \
|
||||
DATABASE_NAME=cmdb_insight \
|
||||
DATABASE_USER=$ADMIN_USER \
|
||||
DATABASE_PASSWORD="@Microsoft.KeyVault(SecretUri=${KV_URL}secrets/DatabasePassword/)" \
|
||||
DATABASE_SSL=true \
|
||||
--output none
|
||||
|
||||
echo "✅ App settings configured"
|
||||
|
||||
# Summary
|
||||
echo ""
|
||||
echo "✅ PostgreSQL setup completed successfully!"
|
||||
echo ""
|
||||
echo "📋 Summary:"
|
||||
echo " Server: ${SERVER_NAME}.postgres.database.azure.com"
|
||||
echo " Admin User: $ADMIN_USER"
|
||||
echo " Database: cmdb_insight (single database for all data)"
|
||||
echo " Password: Stored in Key Vault ($KEY_VAULT)"
|
||||
echo ""
|
||||
echo "⚠️ Next Steps:"
|
||||
echo " 1. Grant Key Vault access to App Service (if not done yet)"
|
||||
echo " 2. Restart the backend app to connect to PostgreSQL:"
|
||||
echo " az webapp restart --name $BACKEND_APP_NAME --resource-group $RESOURCE_GROUP"
|
||||
echo " 3. Check logs to verify connection:"
|
||||
echo " az webapp log tail --name $BACKEND_APP_NAME --resource-group $RESOURCE_GROUP"
|
||||
echo ""
|
||||
Reference in New Issue
Block a user