supabase · samrose · Jul 23, 2024 · Aug 14, 2024
@@ -7,6 +7,6 @@ supautils.privileged_extensions = 'address_standardizer, address_standardizer_da
 supautils.privileged_extensions_custom_scripts_path = '/etc/postgresql-custom/extension-custom-scripts'
 supautils.privileged_extensions_superuser = 'supabase_admin'
 supautils.privileged_role = 'postgres'
-supautils.privileged_role_allowed_configs = 'auto_explain.log_min_duration, auto_explain.log_nested_statements, log_min_messages, pgaudit.log, pgaudit.log_catalog, pgaudit.log_client, pgaudit.log_level, pgaudit.log_relation, pgaudit.log_rows, pgaudit.log_statement, pgaudit.log_statement_once, pgaudit.role, pgrst.*, plan_filter.*, safeupdate.enabled, session_replication_role, track_io_timing'
+supautils.privileged_role_allowed_configs = 'auto_explain.log_min_duration, auto_explain.log_nested_statements, log_min_messages, pgaudit.log, pgaudit.log_catalog, pgaudit.log_client, pgaudit.log_level, pgaudit.log_relation, pgaudit.log_rows, pgaudit.log_statement, pgaudit.log_statement_once, pgaudit.role, pgrst.*, plan_filter.*, safeupdate.enabled, session_replication_role, track_io_timing, pg_net.batch_size, pg_net.ttl, log_lock_waits'
 supautils.reserved_memberships = 'pg_read_server_files, pg_write_server_files, pg_execute_server_program, authenticator'
 supautils.reserved_roles = 'supabase_admin, supabase_auth_admin, supabase_storage_admin, supabase_read_only_user, supabase_replication_admin, dashboard_user, pgbouncer, service_role*, authenticator*, authenticated*, anon*'
@@ -407,18 +407,29 @@
           # Start a version of the server.
           start-server =
             let
-              configFile = ./nix/tests/postgresql.conf.in;
+              pgconfigFile = ./nix/tests/postgresql.conf.in;
+              supautilsConfigFile = builtins.path {
+                name = "supautils.conf";
+                path = ./ansible/files/postgresql_config/supautils.conf.j2;
+              };
               getkeyScript = ./nix/tests/util/pgsodium_getkey.sh;
             in
             pkgs.runCommand "start-postgres-server" { } ''
-              mkdir -p $out/bin
+              mkdir -p $out/bin $out/etc/postgresql-custom
+              echo "Copying from: ${supautilsConfigFile}"
+              echo "Copying to: $out/etc/postgresql-custom/supautils.conf"
+              cp ${supautilsConfigFile} $out/etc/postgresql-custom/supautils.conf || { echo "Failed to copy supautils.conf"; exit 1; }
+              echo "Copy operation completed"
+              chmod 644 $out/etc/postgresql-custom/supautils.conf
+              cat $out/etc/postgresql-custom/supautils.conf
               substitute ${./nix/tools/run-server.sh.in} $out/bin/start-postgres-server \
                 --subst-var-by 'PGSQL_DEFAULT_PORT' '${pgsqlDefaultPort}' \
                 --subst-var-by 'PGSQL_SUPERUSER' '${pgsqlSuperuser}' \
                 --subst-var-by 'PSQL15_BINDIR' '${basePackages.psql_15.bin}' \
-                --subst-var-by 'PSQL_CONF_FILE' '${configFile}' \
-                --subst-var-by 'PGSODIUM_GETKEY' '${getkeyScript}'
-
+                --subst-var-by 'PSQL_CONF_FILE' '${pgconfigFile}' \
+                --subst-var-by 'PGSODIUM_GETKEY' '${getkeyScript}' \
+                --subst-var-by 'SUPAUTILS_CONF_FILE' "$out/etc/postgresql-custom/supautils.conf"
+
               chmod +x $out/bin/start-postgres-server
             '';
 

@@ -717,7 +717,7 @@ default_text_search_config = 'pg_catalog.english'
 
 #local_preload_libraries = ''
 #session_preload_libraries = ''
-shared_preload_libraries = 'auto_explain,pgsodium'
+shared_preload_libraries = 'pg_stat_statements, pg_stat_monitor, pgaudit, plpgsql, plpgsql_check, pg_cron, pg_net, pgsodium, timescaledb, auto_explain, pg_tle, plan_filter'
 #jit_provider = 'llvmjit'		# JIT library to use
 
 # - Other Defaults -
@@ -791,5 +791,5 @@ shared_preload_libraries = 'auto_explain,pgsodium'
 #------------------------------------------------------------------------------
 
 # Add settings for extensions here
-
+include = '@SUPAUTILS_CONFIG_FILE@'
 pgsodium.getkey_script = '@PGSODIUM_GETKEY_SCRIPT@'
@@ -28,6 +28,7 @@ PSQL_CONF_FILE=@PSQL_CONF_FILE@
 PGSODIUM_GETKEY_SCRIPT=@PGSODIUM_GETKEY@
 PORTNO="${2:-@PGSQL_DEFAULT_PORT@}"
 PLJAVA_LIBJVM_LOCATION=@LIBJVM_LOCATION@
+SUPAUTILS_CONFIG_FILE=@SUPAUTILS_CONF_FILE@
 DATDIR=$(mktemp -d)
 mkdir -p "$DATDIR"
 
@@ -42,6 +43,7 @@ echo "NOTE: patching postgresql.conf files"
 echo "pljava libjvm location: $PLJAVA_LIBJVM_LOCATION"
 sed -e "s#@PGSODIUM_GETKEY_SCRIPT@#$PGSODIUM_GETKEY_SCRIPT#g" \
     -e "s#@PLJAVA_LIBJVM_LOCATION@#$PLJAVA_LIBJVM_LOCATION#g" \
+    -e "s#@SUPAUTILS_CONFIG_FILE@#$SUPAUTILS_CONFIG_FILE#g" \
     $PSQL_CONF_FILE > "$DATDIR/postgresql.conf"
-
+cat $DATDIR/postgresql.conf 
 exec postgres -p "$PORTNO" -D "$DATDIR" -k /tmp