In my previous post, I laid out a basic strategy for provisioning a PostgreSQL server with the databases and users to support a deployment which respects the principle of least privilege. The big takeaway is that any given web app should likely have two extremely distinct users – one to actually set up the database (think deployment and upgrades) and one to be used once your app is running. Neither of these users should be a superuser – e.g. the default postgres user.
It was an interesting challenge for me, and almost completely useless as it stands, but I think it would actually be useful if I were to finish it off to the point where it could be installed as a global NPM module and invoked from the command line. Perhaps some day, but for right now I’m sick and tired of it and want to move on…