2024-04-13 03:34:53 +01:00
|
|
|
{
|
|
|
|
config,
|
|
|
|
pkgs,
|
|
|
|
...
|
|
|
|
}: {
|
2022-10-12 18:04:06 +01:00
|
|
|
services.postgresql = {
|
|
|
|
package = pkgs.postgresql_14;
|
|
|
|
enable = true;
|
|
|
|
|
|
|
|
# Only enable connections via the unix socket, and check with the
|
|
|
|
# OS to make sure the user matches the database name.
|
|
|
|
#
|
|
|
|
# See https://www.postgresql.org/docs/current/auth-pg-hba-conf.html
|
|
|
|
authentication = ''
|
|
|
|
local sameuser all peer
|
|
|
|
'';
|
|
|
|
|
|
|
|
# Note: The following options with ensure.* are set-only; i.e.,
|
|
|
|
# when permissions/users/databases are removed from these lists,
|
|
|
|
# that operation needs to be performed manually on the system as
|
|
|
|
# well.
|
|
|
|
ensureUsers = [
|
2023-10-07 21:14:43 +01:00
|
|
|
{
|
|
|
|
name = "grafana";
|
2023-12-29 15:11:46 +00:00
|
|
|
ensureDBOwnership = true;
|
2023-10-07 21:14:43 +01:00
|
|
|
}
|
2022-10-12 18:04:06 +01:00
|
|
|
{
|
|
|
|
name = "nextcloud";
|
2023-12-29 15:11:46 +00:00
|
|
|
ensureDBOwnership = true;
|
2022-10-12 18:04:06 +01:00
|
|
|
}
|
2024-04-13 03:34:53 +01:00
|
|
|
{
|
|
|
|
name = config.services.authelia.instances.main.user;
|
|
|
|
ensureDBOwnership = true;
|
|
|
|
}
|
2022-10-12 18:04:06 +01:00
|
|
|
];
|
|
|
|
|
|
|
|
ensureDatabases = [
|
2023-10-07 21:14:43 +01:00
|
|
|
"grafana"
|
2022-10-12 18:04:06 +01:00
|
|
|
"nextcloud"
|
2024-04-13 03:34:53 +01:00
|
|
|
config.services.authelia.instances.main.user
|
2022-10-12 18:04:06 +01:00
|
|
|
];
|
|
|
|
};
|
|
|
|
}
|