tlaternet-server/configuration/services/postgres.nix

35 lines
838 B
Nix

{ pkgs, ... }: {
services.postgresql = {
package = pkgs.postgresql_14;
enable = true;
# Only enable connections via the unix socket, and check with the
# OS to make sure the user matches the database name.
#
# See https://www.postgresql.org/docs/current/auth-pg-hba-conf.html
authentication = ''
local sameuser all peer
'';
# Note: The following options with ensure.* are set-only; i.e.,
# when permissions/users/databases are removed from these lists,
# that operation needs to be performed manually on the system as
# well.
ensureUsers = [
{
name = "grafana";
ensureDBOwnership = true;
}
{
name = "nextcloud";
ensureDBOwnership = true;
}
];
ensureDatabases = [
"grafana"
"nextcloud"
];
};
}