snowflake/hosts/arashi/services/postgresql.nix

70 lines
1.4 KiB
Nix
Raw Normal View History

2023-06-18 17:35:07 -04:00
{
pkgs,
lib,
...
}: {
networking.firewall.allowedTCPPorts = [5432];
services.postgresql = {
enable = true;
enableTCPIP = true;
package = pkgs.postgresql_14;
port = 5432;
settings = {
listen_addresses = lib.mkForce "*";
2023-10-19 02:46:43 -04:00
max_connections = "300";
shared_buffers = "80MB";
2023-06-18 17:35:07 -04:00
};
authentication = ''
local all all trust
host replication all 127.0.0.1/32 trust
host all all all trust
'';
ensureUsers = [
{
name = "hedgedoc";
2023-11-24 10:31:22 -05:00
ensureDBOwnership = true;
2023-06-18 17:35:07 -04:00
}
{
name = "forgejo";
2023-11-24 10:31:22 -05:00
ensureDBOwnership = true;
2023-06-18 17:35:07 -04:00
}
2023-06-19 08:18:30 -04:00
{
name = "grafana";
2023-11-24 10:31:22 -05:00
ensureDBOwnership = true;
2023-06-19 08:18:30 -04:00
}
2023-06-19 19:04:38 -04:00
{
name = "authelia";
2023-11-24 10:31:22 -05:00
ensureDBOwnership = true;
2023-06-19 19:04:38 -04:00
}
2023-09-09 13:12:47 -04:00
{
name = "vaultwarden";
2023-11-24 10:31:22 -05:00
ensureDBOwnership = true;
2023-09-09 13:12:47 -04:00
}
2024-01-04 14:41:50 -05:00
{
name = "attic";
ensureDBOwnership = true;
}
2024-01-25 22:59:08 -05:00
{
name = "miniflux";
ensureDBOwnership = true;
}
2023-06-18 17:35:07 -04:00
];
ensureDatabases = [
"forgejo"
"hedgedoc"
2023-06-19 08:18:30 -04:00
"grafana"
2023-06-19 19:04:38 -04:00
"authelia"
2023-09-09 13:12:47 -04:00
"vaultwarden"
2024-01-04 14:41:50 -05:00
"attic"
2024-01-25 22:59:08 -05:00
"miniflux"
2023-06-18 17:35:07 -04:00
];
};
2023-12-31 12:51:49 -05:00
services.postgresqlBackup = {
enable = true;
databases = ["forgejo" "hedgedoc" "grafana" "authelia" "vaultwarden"];
compression = "zstd";
compressionLevel = 4;
startAt = "*-*-* 23:00:00";
2023-12-31 12:51:49 -05:00
};
2023-06-18 17:35:07 -04:00
}