tlaternet-server/configuration/services/postgres.nix

44 lines
1,014 B
Nix
Raw Normal View History

2024-04-13 03:34:53 +01:00
{
config,
pkgs,
...
}: {
services.postgresql = {
package = pkgs.postgresql_14;
enable = true;
# Only enable connections via the unix socket, and check with the
# OS to make sure the user matches the database name.
#
# See https://www.postgresql.org/docs/current/auth-pg-hba-conf.html
authentication = ''
local sameuser all peer
'';
# Note: The following options with ensure.* are set-only; i.e.,
# when permissions/users/databases are removed from these lists,
# that operation needs to be performed manually on the system as
# well.
ensureUsers = [
{
name = "grafana";
2023-12-29 15:11:46 +00:00
ensureDBOwnership = true;
}
{
name = "nextcloud";
2023-12-29 15:11:46 +00:00
ensureDBOwnership = true;
}
2024-04-13 03:34:53 +01:00
{
name = config.services.authelia.instances.main.user;
ensureDBOwnership = true;
}
];
ensureDatabases = [
"grafana"
"nextcloud"
2024-04-13 03:34:53 +01:00
config.services.authelia.instances.main.user
];
};
}