infra/services/postgres/default.nix

53 lines
1.4 KiB
Nix

{ config, lib, pkgs, ... }:
let
cfg = config.bagel.services.postgres;
dataDir = "/var/db/postgresql/16";
in {
options.bagel.services.postgres = with lib; {
enable = mkEnableOption "PostgreSQL server";
};
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = [
"d /var/db 0755 root root - -"
"d /var/db/postgresql 0770 postgres postgres - -"
"d ${dataDir} 0770 postgres postgres - -"
];
services.postgresql = {
enable = true;
package = pkgs.postgresql_16;
dataDir = dataDir;
# TODO: Where to put this to properly couple things? It doesn't belong
# here, but using it in services/hydra would require running on
# localhost. Probably needs to be replaced with some different way of
# ensuring the DB/user exist.
ensureDatabases = [ "hydra" ];
ensureUsers = [
{
name = "hydra";
ensureDBOwnership = true;
}
];
identMap = ''
hydra-users hydra hydra
hydra-users hydra-queue-runner hydra
hydra-users hydra-www hydra
hydra-users root hydra
# The postgres user is used to create the pg_trgm extension for the hydra database
hydra-users postgres postgres
'';
authentication = ''
local hydra all ident map=hydra-users
'';
settings = {
max_connections = 500;
};
};
};
}