From 784e9c43958701dc64ae8d31df3ced15c6580a68 Mon Sep 17 00:00:00 2001
From: RGBCube <git@rgbcu.be>
Date: Mon, 15 Jan 2024 16:45:30 +0300
Subject: [PATCH] Fine-tune postgresql

---
 hosts/cube/postgresql.nix | 84 +++++++++++++++++++++++++++++++++++----
 1 file changed, 77 insertions(+), 7 deletions(-)

diff --git a/hosts/cube/postgresql.nix b/hosts/cube/postgresql.nix
index c9b5d2e..4c5dcf4 100644
--- a/hosts/cube/postgresql.nix
+++ b/hosts/cube/postgresql.nix
@@ -16,6 +16,8 @@
   }];
 
   services.postgresql = enabled {
+    package = pkgs.postgresql_14;
+
     enableTCPIP    = true;
 
     authentication = lib.mkOverride 10 ''
@@ -32,15 +34,83 @@
 
     ensureDatabases = [ "grafana" "nextcloud" ];
 
-    initialScript = pkgs.writeText "postgresql-initial-script" ''
-      CREATE ROLE root WITH LOGIN PASSWORD NULL CREATEDB;
+    ensureUsers = [
+      {
+        name = "postgres";
+        ensureClauses = {
+          createdb    = true;
+          createrole  = true;
+          login       = true;
+          replication = true;
+          superuser   = true;
+        };
+      }
+      {
+        name = "grafana";
+        ensureDBOwnership = true;
+      }
+      {
+        name = "nextcloud";
+        ensureDBOwnership = true;
+      }
+    ];
 
-      CREATE ROLE grafana WITH LOGIN PASSWORD NULL CREATEDB;
-      GRANT ALL PRIVILEGES ON DATABASE grafana TO grafana;
+    # https://pgconfigurator.cybertec.at/
+    settings = {
+      max_connections                = 100;
+      superuser_reserved_connections = 3;
 
-      CREATE ROLE nextcloud WITH LOGIN PASSWORD NULL CREATEDB;
-      GRANT ALL PRIVILEGES ON DATABASE nextcloud TO nextcloud;
-    '';
+      # Memory Settings
+      shared_buffers           = "1024 MB";
+      work_mem                 = "32 MB";
+      maintenance_work_mem     = "320 MB";
+      huge_pages               = "off";
+      effective_cache_size     = "3 GB";
+      effective_io_concurrency = 1; # Concurrent IO only really activated if OS supports posix_fadvise function.
+      random_page_cost         = 4; # Speed of random disk access relative to sequential access (1.0).
+
+      # Monitoring
+      shared_preload_libraries = "pg_stat_statements"; # Per statement resource usage stats.
+      track_io_timing          = "on";                 # Measure exact block IO times.
+      track_functions          = "pl";                 # Track execution times of pl-language procedures if any.
+
+      # Replication
+      wal_level          = "replica";
+      max_wal_senders    = 0;
+      synchronous_commit = "on";
+
+      # Checkpointing
+      checkpoint_timeout           = "15 min";
+      checkpoint_completion_target = 0.9;
+      max_wal_size                 = "1024 MB";
+      min_wal_size                 = "512 MB";
+
+      # WAL writing
+      wal_compression        = "on";
+      wal_buffers            = -1;    # auto-tuned by Postgres till maximum of segment size (16MB by default).
+      wal_writer_delay       = "200ms";
+      wal_writer_flush_after = "1MB";
+
+      # Background writer
+      bgwriter_delay          = "200ms";
+      bgwriter_lru_maxpages   = 100;
+      bgwriter_lru_multiplier = 2.0;
+      bgwriter_flush_after    = 0;
+
+      # Parallel queries
+      max_worker_processes             = 2;
+      max_parallel_workers_per_gather  = 1;
+      max_parallel_maintenance_workers = 1;
+      max_parallel_workers             = 2;
+      parallel_leader_participation    = "on";
+
+      # Advanced features
+      enable_partitionwise_join      = "on";
+      enable_partitionwise_aggregate = "on";
+      jit                            = "on";
+      max_slot_wal_keep_size         = "1000 MB";
+      track_wal_io_timing            = "on";
+    };
   };
 })