2024-10-11 23:27:07 +03:00
|
|
|
{
|
|
|
|
container,
|
|
|
|
lib,
|
|
|
|
pkgs,
|
|
|
|
config,
|
|
|
|
...
|
|
|
|
}:
|
|
|
|
with lib;
|
|
|
|
let
|
|
|
|
cfg = config.container.module.postgres;
|
|
|
|
in
|
|
|
|
{
|
|
|
|
options = {
|
|
|
|
container.module.postgres = {
|
|
|
|
enable = mkEnableOption "Postgresql server.";
|
|
|
|
address = mkOption {
|
|
|
|
default = "10.1.0.3";
|
|
|
|
type = types.str;
|
|
|
|
};
|
|
|
|
port = mkOption {
|
|
|
|
default = 5432;
|
|
|
|
type = types.int;
|
|
|
|
};
|
|
|
|
storage = mkOption {
|
|
|
|
default = "${config.container.storage}/postgres";
|
|
|
|
type = types.str;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
2024-06-01 10:37:49 +03:00
|
|
|
|
2024-10-11 23:27:07 +03:00
|
|
|
config = mkIf cfg.enable {
|
2024-10-14 04:51:19 +03:00
|
|
|
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
|
2024-06-09 23:35:53 +03:00
|
|
|
|
2024-10-11 23:27:07 +03:00
|
|
|
containers.postgres = container.mkContainer cfg {
|
|
|
|
bindMounts = {
|
|
|
|
"/var/lib/postgresql/data" = {
|
|
|
|
hostPath = "${cfg.storage}/data";
|
|
|
|
isReadOnly = false;
|
|
|
|
};
|
|
|
|
};
|
2024-06-25 04:04:39 +03:00
|
|
|
|
2024-10-11 23:27:07 +03:00
|
|
|
config =
|
|
|
|
{ ... }:
|
|
|
|
container.mkContainerConfig cfg {
|
|
|
|
services.postgresql =
|
|
|
|
let
|
|
|
|
# Populate with services here.
|
|
|
|
configurations = with config.container.module; {
|
|
|
|
forgejo = git;
|
|
|
|
invidious = yt;
|
2024-10-19 04:23:28 +03:00
|
|
|
mattermost = chat;
|
2024-10-11 23:27:07 +03:00
|
|
|
nextcloud = cloud;
|
|
|
|
onlyoffice = office;
|
|
|
|
paperless = paper;
|
|
|
|
privatebin = paste;
|
|
|
|
};
|
2024-06-09 23:35:53 +03:00
|
|
|
|
2024-10-11 23:27:07 +03:00
|
|
|
access = configurations // {
|
|
|
|
all = {
|
|
|
|
address = config.container.host;
|
|
|
|
};
|
|
|
|
};
|
2024-06-25 04:04:39 +03:00
|
|
|
|
2024-10-11 23:27:07 +03:00
|
|
|
authentication = builtins.foldl' (acc: item: acc + "${item}\n") "" (
|
|
|
|
mapAttrsToList (db: cfg: "host ${db} ${db} ${cfg.address}/32 trust") access
|
|
|
|
);
|
2024-06-25 04:04:39 +03:00
|
|
|
|
2024-10-11 23:27:07 +03:00
|
|
|
ensureDatabases = [ "root" ] ++ mapAttrsToList (name: _: name) configurations;
|
2024-06-25 04:04:39 +03:00
|
|
|
|
2024-10-11 23:27:07 +03:00
|
|
|
ensureUsers = map (name: {
|
|
|
|
inherit name;
|
|
|
|
ensureClauses =
|
|
|
|
if name == "root" then
|
|
|
|
{
|
|
|
|
superuser = true;
|
|
|
|
createrole = true;
|
|
|
|
createdb = true;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{ };
|
|
|
|
ensureDBOwnership = true;
|
|
|
|
}) ensureDatabases;
|
|
|
|
in
|
|
|
|
{
|
|
|
|
inherit authentication ensureDatabases ensureUsers;
|
2024-06-25 04:04:39 +03:00
|
|
|
|
2024-10-11 23:27:07 +03:00
|
|
|
enable = true;
|
|
|
|
package = pkgs.postgresql_14;
|
|
|
|
dataDir = "/var/lib/postgresql/data/14";
|
|
|
|
enableTCPIP = true;
|
2024-06-26 20:56:44 +03:00
|
|
|
|
2024-10-11 23:27:07 +03:00
|
|
|
# NOTE: Debug mode.
|
|
|
|
# settings = {
|
|
|
|
# log_connections = true;
|
|
|
|
# log_destination = lib.mkForce "syslog";
|
|
|
|
# log_disconnections = true;
|
|
|
|
# log_statement = "all";
|
|
|
|
# logging_collector = true;
|
|
|
|
# };
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
2024-06-01 10:37:49 +03:00
|
|
|
}
|