{ fructose.modules = [ /* ( { config, pkgs, lib, ... }: { systemd.services.postgresql.serviceConfig.TimeoutSec = lib.mkForce "infinity"; services.postgresql = { enable = true; checkConfig = true; package = pkgs.postgresql_17; dataDir = "/var/services/postgres/"; ensureDatabases = [ "forgejo" "gts" ]; ensureUsers = [ { name = "forgejo"; ensureDBOwnership = true; ensureClauses = { login = true; }; } { name = "gts"; ensureDBOwnership = true; ensureClauses = { login = true; }; } ]; settings = { # connection listen_addresses = lib.mkForce "127.0.0.1"; port = 5432; unix_socket_directories = "/var/services/postgres/postgres.sock"; # auth password_encryption = "scram-sha-256"; # ssl ssl = false; #log log_connections = true; log_directory = "/var/services/postgres/log"; logging_collector = true; log_disconnections = true; }; }; services.postgresqlBackup = { enable = true; location = "/var/services/postgresbackup/"; compression = "gzip"; backupAll = true; startAt = "*-*-* 3:20:00"; }; # services.pgadmin = { # enable = true; # initialEmail = "pgadmin@collective-conciousness.monster"; # initialPasswordFile = "${config.sops.secrets.pgadmin_pass.path}"; # openFirewall = true; # port = 5050; # settings = { # STRICT_TRANSPORT_SECURITY_ENABLED = true; # ALLOWED_HOSTS = [ # "127.0.0.1" # "10.24.1.225" # "10.24.1.196" # ]; # }; # }; } ) */ #doesn't seem to work so i'm just gonna make a container for it at the moment. ( { config, pkgs, lib, ... }: { virtualisation.oci-containers = { containers.postgres = { image = "postgres:17"; ports = [ "5432:5432" ]; environmentFiles = [ "${config.sops.templates."postgresdb.env.secrets.yaml".path}" ]; volumes = [ "/var/services/postgresdb/data:/var/lib/postgresql/data/" ]; }; containers.adminer = { image = "adminer:latest"; ports = [ "5433:8080" "5434:53" ]; dependsOn = ["postgres"]; }; }; } ) ]; }