i take back what i said, it should be relevant now, though

2024-11-26 15:30:26 +02:00 · 2024-11-26 15:30:26 +02:00 · abd6c558a2
commit abd6c558a2
parent 321f72f070
43 changed files with 929 additions and 978 deletions
--- a/services/postgres/postgres.mod.nix
+++ b/services/postgres/postgres.mod.nix
@ -1,82 +1,82 @@
 {
  fructose.modules = [
    /*
-      (
-        { config, pkgs, lib, ... }:
-        {
-          systemd.services.postgresql.serviceConfig.TimeoutSec = lib.mkForce "infinity";
-          services.postgresql = {
-            enable = true;
-            checkConfig = true;
-            package = pkgs.postgresql_17;
-            dataDir = "/var/services/postgres/";
+    (
+      { config, pkgs, lib, ... }:
+      {
+        systemd.services.postgresql.serviceConfig.TimeoutSec = lib.mkForce "infinity";
+        services.postgresql = {
+          enable = true;
+          checkConfig = true;
+          package = pkgs.postgresql_17;
+          dataDir = "/var/services/postgres/";

-            ensureDatabases = [
-              "forgejo"
-              "gts"
-            ];
-            ensureUsers = [
-              {
-                name = "forgejo";
-                ensureDBOwnership = true;
-                ensureClauses = {
-                  login = true;
-                };
-              }
-              {
-                name = "gts";
-                ensureDBOwnership = true;
-                ensureClauses = {
-                  login = true;
-                };
-              }
-            ];
-            settings = {
-              # connection
-              listen_addresses = lib.mkForce "127.0.0.1";
-              port = 5432;
-              unix_socket_directories = "/var/services/postgres/postgres.sock";
+          ensureDatabases = [
+            "forgejo"
+            "gts"
+          ];
+          ensureUsers = [
+            {
+              name = "forgejo";
+              ensureDBOwnership = true;
+              ensureClauses = {
+                login = true;
+              };
+            }
+            {
+              name = "gts";
+              ensureDBOwnership = true;
+              ensureClauses = {
+                login = true;
+              };
+            }
+          ];
+          settings = {
+            # connection
+            listen_addresses = lib.mkForce "127.0.0.1";
+            port = 5432;
+            unix_socket_directories = "/var/services/postgres/postgres.sock";

-              # auth
-              password_encryption = "scram-sha-256";
+            # auth
+            password_encryption = "scram-sha-256";

-              # ssl
-              ssl = false;
+            # ssl
+            ssl = false;

-              #log
-              log_connections = true;
-              log_directory = "/var/services/postgres/log";
-              logging_collector = true;
-              log_disconnections = true;
-            };
+            #log
+            log_connections = true;
+            log_directory = "/var/services/postgres/log";
+            logging_collector = true;
+            log_disconnections = true;
          };
+        };

-          services.postgresqlBackup = {
-            enable = true;
-            location = "/var/services/postgresbackup/";
-            compression = "gzip";
-            backupAll = true;
-            startAt = "*-*-* 3:20:00";
-          };
+        services.postgresqlBackup = {
+          enable = true;
+          location = "/var/services/postgresbackup/";
+          compression = "gzip";
+          backupAll = true;
+          startAt = "*-*-* 3:20:00";
+        };

-        #  services.pgadmin = {
-        #    enable = true;
-        #    initialEmail = "pgadmin@collective-conciousness.monster";
-        #    initialPasswordFile = "${config.sops.secrets.pgadmin_pass.path}";
-        #    openFirewall = true;
-        #    port = 5050;
+      #  services.pgadmin = {
+      #    enable = true;
+      #    initialEmail = "pgadmin@collective-conciousness.monster";
+      #    initialPasswordFile = "${config.sops.secrets.pgadmin_pass.path}";
+      #    openFirewall = true;
+      #    port = 5050;

-        #    settings = {
-        #      STRICT_TRANSPORT_SECURITY_ENABLED = true;
-        #      ALLOWED_HOSTS = [
-        #        "127.0.0.1"
-        #        "10.24.1.225"
-        #        "10.24.1.196"
-        #      ];
-        #    };
-        #  };
-        }
-      )
+      #    settings = {
+      #      STRICT_TRANSPORT_SECURITY_ENABLED = true;
+      #      ALLOWED_HOSTS = [
+      #        "127.0.0.1"
+      #        "10.24.1.225"
+      #        "10.24.1.196"
+      #      ];
+      #    };
+      #  };
+      }
+    )
    */
    #doesn't seem to work so i'm just gonna make a container for it at the moment.
    (
@ -85,8 +85,7 @@
        pkgs,
        lib,
        ...
-      }:
-      {
+      }: {
        virtualisation.oci-containers = {
          containers.postgres = {
            image = "postgres:17";
@ -106,11 +105,10 @@
              "5433:8080"
              "5434:53"
            ];
-            dependsOn = [ "postgres" ];
+            dependsOn = ["postgres"];
          };
        };
      }
    )
-
  ];
 }