{ config, lib, pkgs, ... }: let cfg = config.bagel.services.postgres; dataDir = "/var/db/postgresql/16"; in { options.bagel.services.postgres = with lib; { enable = mkEnableOption "PostgreSQL server"; }; config = lib.mkIf cfg.enable { systemd.tmpfiles.rules = [ "d /var/db 0755 root root - -" "d /var/db/postgresql 0750 postgres postgres - -" "d ${dataDir} 0750 postgres postgres - -" ]; services.postgresql = { enable = true; package = pkgs.postgresql_16; dataDir = dataDir; # TODO: Where to put this to properly couple things? It doesn't belong # here, but using it in services/hydra would require running on # localhost. Probably needs to be replaced with some different way of # ensuring the DB/user exist. ensureDatabases = [ "hydra" ]; ensureUsers = [ { name = "hydra"; ensureDBOwnership = true; } ]; identMap = '' hydra-users hydra hydra hydra-users hydra-queue-runner hydra hydra-users hydra-www hydra hydra-users root hydra # The postgres user is used to create the pg_trgm extension for the hydra database hydra-users postgres postgres ''; authentication = '' local hydra all ident map=hydra-users ''; settings = { max_connections = 500; }; }; }; }