cdodev
cdodev•12mo ago

What permissions does the database user require?

I'm nearly there with my nix/oci-contaner based windmill deployment. But I'm getting:
Nov 22 12:57:12 mc-nix windmill_server[1378228]: Error: Migrating database: while executing migrations: error returned from database: role "windmill_user" does not exist
Nov 22 12:57:12 mc-nix windmill_server[1378228]:
Nov 22 12:57:12 mc-nix windmill_server[1378228]: Caused by:
Nov 22 12:57:12 mc-nix windmill_server[1378228]: 0: while executing migrations: error returned from database: role "windmill_user" does not exist
Nov 22 12:57:12 mc-nix windmill_server[1378228]: 1: error returned from database: role "windmill_user" does not exist
Nov 22 12:57:12 mc-nix windmill_server[1378228]: 2: role "windmill_user" does not exist
Nov 22 12:57:12 mc-nix windmill_server[1378228]: Error: Migrating database: while executing migrations: error returned from database: role "windmill_user" does not exist
Nov 22 12:57:12 mc-nix windmill_server[1378228]:
Nov 22 12:57:12 mc-nix windmill_server[1378228]: Caused by:
Nov 22 12:57:12 mc-nix windmill_server[1378228]: 0: while executing migrations: error returned from database: role "windmill_user" does not exist
Nov 22 12:57:12 mc-nix windmill_server[1378228]: 1: error returned from database: role "windmill_user" does not exist
Nov 22 12:57:12 mc-nix windmill_server[1378228]: 2: role "windmill_user" does not exist
I'm connecting with the postgres user to a database running natively on the host machine. Any thoughts on what I might need to tweak?
9 Replies
rubenf
rubenf•12mo ago
GitHub
windmill/init-db-as-superuser.sql at main · windmill-labs/windmill
Open-source developer platform to turn scripts into workflows and UIs. Open-source alternative to Airplane and Retool. - windmill-labs/windmill
rubenf
rubenf•12mo ago
those users are needed for our permissioning that is based on RLS
cdodev
cdodev•12mo ago
Ah I see - is this taken care of by the docker compose process anywhere? I'll run it my self and see it it help 🙂
rubenf
rubenf•12mo ago
yes! well you actually wouldn't need to run this if you are a superuser, it's run by one of the migration so I suppose you were running the containers as a non superuser which is somewhat fine but you then need to create those users beforehand
cdodev
cdodev•12mo ago
So I was connecting with the postgres user. I was able to run the sql file as that user, but the migrations still didn't run..
rubenf
rubenf•12mo ago
then the postgres user isn't a superadmin
rubenf
rubenf•12mo ago
GitHub
windmill/docker-compose.yml at main · windmill-labs/windmill
Open-source developer platform to turn scripts into workflows and UIs. Open-source alternative to Airplane and Retool. - windmill-labs/windmill
rubenf
rubenf•12mo ago
it's run as part of the migrations if your user you connect to for first time has sufficient permissions
cdodev
cdodev•12mo ago
Hmmm... This is what I get in psql from \du: postgres | Superuser, Create role, Create DB, Replication, Bypass RLS | {} | It could be that I was using an different user when I first started the service so there may have been some partially run migrations confusing things. Next time I set it up with nix it should be obvious 🙂