From 3136d55742e62206e60558f9ccf36d4016ba38fd Mon Sep 17 00:00:00 2001 From: Jose Lago Date: Tue, 16 Jun 2026 19:38:32 +0200 Subject: [PATCH] fix: Postgres auth + worker startup --- docker-compose.yml | 8 ++++---- supabase/migrations/00-run-init.sh | 2 +- supabase/pg_hba.conf | 6 ++++++ supabase/postgresql.conf | 4 ++-- worker/src/bot.py | 33 +++++++++++++++--------------- worker/src/main.py | 2 +- 6 files changed, 31 insertions(+), 24 deletions(-) create mode 100644 supabase/pg_hba.conf diff --git a/docker-compose.yml b/docker-compose.yml index 8cca560..58089e3 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -8,20 +8,20 @@ services: POSTGRES_USER: ${POSTGRES_USER:-postgres} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} POSTGRES_DB: ${POSTGRES_DB:-postgres} + POSTGRES_HOST_AUTH_METHOD: trust volumes: - ./data/db:/var/lib/postgresql/data - - ./supabase/postgresql.conf:/etc/postgresql.conf:ro + - ./supabase/pg_hba.conf:/etc/postgresql/pg_hba.conf:ro - ./supabase/migrations/00-run-init.sh:/docker-entrypoint-initdb.d/00-run-init.sh:ro - ./supabase/migrations/01-init.sql:/docker-entrypoint-initdb.d/01-init.sql:ro - ./supabase/migrations/post-boot.sql:/docker-entrypoint-initdb.d/post-boot.sql:ro command: > postgres - -c config_file=/etc/postgresql.conf + -c hba_file=/etc/postgresql/pg_hba.conf -c wal_level=logical -c max_wal_senders=0 -c max_replication_slots=0 -c idle_in_transaction_session_timeout=1min - -c jsonb_output_as_text=true ports: - "55632:5432" healthcheck: @@ -34,7 +34,7 @@ services: image: postgrest/postgrest:v12.2.0 restart: unless-stopped environment: - PGRST_DB_URI: postgres://authenticator:${POSTGRES_PASSWORD}@db:5432/${POSTGRES_DB:-postgres} + PGRST_DB_URI: postgres://authenticator@db:5432/${POSTGRES_DB:-postgres} PGRST_DB_SCHEMAS: public PGRST_DB_ANON_ROLE: authenticator PGRST_JWT_SECRET: ${JWT_SECRET:-your-super-secret-jwt-key-change-in-production} diff --git a/supabase/migrations/00-run-init.sh b/supabase/migrations/00-run-init.sh index bfb5279..c4f9130 100755 --- a/supabase/migrations/00-run-init.sh +++ b/supabase/migrations/00-run-init.sh @@ -7,7 +7,7 @@ psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<'E DO $$ BEGIN IF NOT EXISTS (SELECT FROM pg_catalog.pg_roles WHERE rolname = 'authenticator') THEN - CREATE ROLE authenticator NOLOGIN; + CREATE ROLE authenticator LOGIN; END IF; END $$; diff --git a/supabase/pg_hba.conf b/supabase/pg_hba.conf new file mode 100644 index 0000000..4c762b1 --- /dev/null +++ b/supabase/pg_hba.conf @@ -0,0 +1,6 @@ +# TYPE DATABASE USER ADDRESS METHOD +local all all trust +host all all 127.0.0.1/32 trust +host all all ::1/128 trust +host all all 0.0.0.0/0 trust +host all all ::/0 trust diff --git a/supabase/postgresql.conf b/supabase/postgresql.conf index cdedcdd..f2edb94 100644 --- a/supabase/postgresql.conf +++ b/supabase/postgresql.conf @@ -16,5 +16,5 @@ maintenance_work_mem = 64MB # Timeouts idle_in_transaction_session_timeout = 60000 -# JSONB output as text for PostgREST compatibility -jsonb_output_as_text = true +# Logging +log_statement = 'ddl' diff --git a/worker/src/bot.py b/worker/src/bot.py index 15b3838..fe67e60 100644 --- a/worker/src/bot.py +++ b/worker/src/bot.py @@ -1,16 +1,17 @@ import logging import uuid +from typing import Any import asyncpg from telegram import InlineKeyboardButton, InlineKeyboardMarkup, Update -from telegram.ext import CommandHandler, ExtBot, ContextTypes +from telegram.ext import Application, CommandHandler, ContextTypes from db import get_pool logger = logging.getLogger(__name__) -async def _require_user(update: Update) -> asyncpg.Row | None: # type: ignore[name-defined] +async def _require_user(update: Update) -> dict[str, Any] | None: """Look up user by telegram_id. Auto-register on first /start.""" telegram_id = update.effective_user.id pool = await get_pool() @@ -24,7 +25,7 @@ async def _require_user(update: Update) -> asyncpg.Row | None: # type: ignore[n return row -async def _require_admin(update: Update) -> asyncpg.Row | None: # type: ignore[name-defined] +async def _require_admin(update: Update) -> dict[str, Any] | None: """Require the sender to be a whitelisted admin.""" telegram_id = update.effective_user.id pool = await get_pool() @@ -38,7 +39,7 @@ async def _require_admin(update: Update) -> asyncpg.Row | None: # type: ignore[ return row -async def _auto_register(update: Update) -> asyncpg.Row | None: # type: ignore[name-defined] +async def _auto_register(update: Update) -> dict[str, Any] | None: """Create user row on first contact if not present. Returns nothing if un-whitelisted.""" telegram_id = update.effective_user.id username = update.effective_user.username or None @@ -71,20 +72,20 @@ async def _auto_register(update: Update) -> asyncpg.Row | None: # type: ignore[ first_name, ) logger.info("Auto-registered user %s (%s)", telegram_id, first_name) - return asyncpg.Record(("id", user_uuid), ("is_active", True)) # type: ignore[call-arg] + return {"id": user_uuid, "is_active": True} -def register_handlers(bot: ExtBot) -> None: - bot.add_handler(CommandHandler("start", start_handler)) - bot.add_handler(CommandHandler("add", add_handler)) - bot.add_handler(CommandHandler("list", list_handler)) - bot.add_handler(CommandHandler("pause", pause_handler)) - bot.add_handler(CommandHandler("resume", resume_handler)) - bot.add_handler(CommandHandler("delete", delete_handler)) - bot.add_handler(CommandHandler("stats", stats_handler)) - bot.add_handler(CommandHandler("adduser", adduser_handler)) - bot.add_handler(CommandHandler("removeuser", removeuser_handler)) - bot.add_handler(CommandHandler("users", users_handler)) +def register_handlers(app: Application) -> None: + app.add_handler(CommandHandler("start", start_handler)) + app.add_handler(CommandHandler("add", add_handler)) + app.add_handler(CommandHandler("list", list_handler)) + app.add_handler(CommandHandler("pause", pause_handler)) + app.add_handler(CommandHandler("resume", resume_handler)) + app.add_handler(CommandHandler("delete", delete_handler)) + app.add_handler(CommandHandler("stats", stats_handler)) + app.add_handler(CommandHandler("adduser", adduser_handler)) + app.add_handler(CommandHandler("removeuser", removeuser_handler)) + app.add_handler(CommandHandler("users", users_handler)) # -- /start --------------------------------------------------------------- diff --git a/worker/src/main.py b/worker/src/main.py index f5a6c51..ac97c40 100644 --- a/worker/src/main.py +++ b/worker/src/main.py @@ -160,7 +160,7 @@ async def main() -> None: from bot import register_handlers # noqa: E402 - register_handlers(app.bot) + register_handlers(app) scheduler = asyncio.ensure_future(scheduler_task(pool, app.bot))