RGBCube/ncc
1
Fork 0
mirror of https://github.com/RGBCube/ncc synced 2025-07-28 10:37:44 +00:00
Code Issues Activity

fix: fix postgresql ensure declarations and add a helper

Browse source
This commit is contained in:
RGBCube 2025-02-23 15:02:47 +03:00
parent d8bcbab825
commit 377d93df78
5 changed files with 17 additions and 50 deletions
Download patch file Download diff file Expand all files Collapse all files

11
hosts/cube/forgejo/default.nix
View file

@ -17,16 +17,7 @@ in {
owner = "forgejo";
};
services.postgresql = let
users = [ "forgejo" ];
in {
ensureDatabases = users;
ensureUsers = map users (name: {
inherit name;
ensureDBOwnership = true;
});
};
services.postgresql.ensure = [ "forgejo" ];
services.restic.backups = genAttrs config.services.restic.hosts <| const {
paths = [ "/var/lib/gitea-runner" "/var/lib/forgejo" ];

11
hosts/cube/grafana/default.nix
View file

@ -17,16 +17,7 @@ in {
owner = "grafana";
};
services.postgresql = let
users = [ "grafana" ];
in {
ensureDatabases = users;
ensureUsers = map users (name: {
inherit name;
ensureDBOwnership = true;
});
};
services.postgresql.ensure = [ "grafana" ];
services.restic.backups = genAttrs config.services.restic.hosts <| const {
paths = [ "/var/lib/grafana" ];

11
hosts/cube/matrix/default.nix
View file

@ -46,16 +46,7 @@ in {
owner = "matrix-synapse";
};
services.postgresql = let
users = [ "matrix-synapse" "matrix-sliding-sync" ];
in {
ensureDatabases = users;
ensureUsers = map users (name: {
inherit name;
ensureDBOwnership = true;
});
};
services.postgresql.ensure = [ "matrix-synapse" "matrix-sliding-sync" ];
services.restic.backups = genAttrs config.services.restic.hosts <| const {
paths = [ "/var/lib/matrix-synapse" "/var/lib/matrix-sliding-sync" ];

11
hosts/cube/nextcloud/default.nix
View file

@ -25,16 +25,7 @@ in {
passwordFile = config.secrets.nextcloudPasswordExporter.path;
};
services.postgresql = let
users = [ "nextcloud" ];
in {
ensureDatabases = users;
ensureUsers = map users (name: {
inherit name;
ensureDBOwnership = true;
});
};
services.postgresql.ensure = [ "nextcloud" ];
services.restic.backups = genAttrs config.services.restic.hosts <| const {
paths = [ "/var/lib/nextcloud" ];

23
hosts/cube/postgresql.nix
View file

@ -1,16 +1,16 @@
{ config, lib, pkgs, ... }: let
inherit (lib) const enabled genAttrs mkForce mkOverride;
inherit (lib) const enabled flip genAttrs mkForce mkOverride mkValue;
in {
environment.systemPackages = [
config.environment.systemPackages = [
config.services.postgresql.package
];
services.prometheus.exporters.postgres = enabled {
config.services.prometheus.exporters.postgres = enabled {
listenAddress = "[::]";
runAsLocalSuperUser = true;
};
services.restic.backups = genAttrs config.services.restic.hosts <| const {
config.services.restic.backups = genAttrs config.services.restic.hosts <| const {
paths = [ "/tmp/postgresql-dump.sql.gz" ];
backupPrepareCommand = ''
@ -24,7 +24,9 @@ in {
'';
};
services.postgresql = enabled {
options.services.postgresql.ensure = mkValue [ "postgres" "root" ];
config.services.postgresql = enabled {
package = pkgs.postgresql_14;
enableJIT = true;
@ -40,15 +42,16 @@ in {
local all all peer
'';
ensureUsers = map [ "postgres" "root" ] (name: {
ensureDatabases = config.services.postgres.ensure;
ensureUsers = flip map config.services.postgres.ensure (name: {
inherit name;
ensureDBOwnership = true;
ensureClauses = {
createdb = true;
createrole = true;
login = true;
replication = true;
superuser = true;
superuser = name == "postgres" || name == "root";
};
});