Changes on postgresql role
This commit is contained in:
parent
3ad6e78b74
commit
a45482532d
1 changed files with 20 additions and 10 deletions
|
@ -9,9 +9,16 @@ in
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
services.postgresql = {
|
services.postgresql = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
package = postgresql_17;
|
||||||
enableTCPIP = true;
|
enableTCPIP = true;
|
||||||
settings.port = 5432;
|
settings.port = 5432;
|
||||||
ensureDatabases = [ "gitea" "nextcloud" ];
|
ensureDatabases = [
|
||||||
|
"gitea"
|
||||||
|
"nextcloud"
|
||||||
|
"netbox"
|
||||||
|
"authentik"
|
||||||
|
"grafana"
|
||||||
|
];
|
||||||
ensureUsers = [
|
ensureUsers = [
|
||||||
{
|
{
|
||||||
name = "gitea";
|
name = "gitea";
|
||||||
|
@ -22,16 +29,19 @@ in
|
||||||
ensureDBOwnership = true;
|
ensureDBOwnership = true;
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
authentication = pkgs.lib.mkOverride 10 ''
|
authentication = "
|
||||||
#type database user origin-address auth-method
|
host nextcloud nextcloud 192.168.1.44/32 md5
|
||||||
# IPv4 local connections:
|
host gitea gitea 192.168.1.14/32 md5
|
||||||
local all all trust
|
host netbox netbox 192.168.1.45/32 md5
|
||||||
host gitea gitea 192.168.122.3/24 trust
|
host authentik authentik 192.168.1.125/32 md5
|
||||||
host nextcloud nextcloud 192.168.122.7/24 trust
|
host grafana grafana 192.168.1.27/32 md5
|
||||||
'';
|
";
|
||||||
|
# Not great, not in prod, cleartext pass
|
||||||
|
# waiting for ensureUsers.*.passwordFile option
|
||||||
|
# https://github.com/NixOS/nixpkgs/pull/326306
|
||||||
initialScript = pkgs.writeText "init-sql-script" ''
|
initialScript = pkgs.writeText "init-sql-script" ''
|
||||||
alter user gitea with password 'gitea';
|
alter user gitea with password 'password';
|
||||||
alter user nextcloud with password 'nextcloud';
|
alter user nextcloud with password 'password';
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
networking.firewall.allowedTCPPorts = [ 5432 ];
|
networking.firewall.allowedTCPPorts = [ 5432 ];
|
||||||
|
|
Loading…
Reference in a new issue