xengi/infra
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add postgres specifics

Browse source
This commit is contained in:
XenGi 2026-02-03 23:14:30 +01:00
parent 82819b9a38
commit 782ab24661
Signed by: xengi
SSH key fingerprint: SHA256:dM+fLZGsDvyv6kunjE8bGduL24VsCFB4LEOSdmRHdG0
1 changed files with 43 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

43
hosts/sql/postgres.nix Normal file
View file

@ -0,0 +1,43 @@
{ config, ... }:
let
fqdn = "sql.${config.networking.domain}";
mkEntry = "fancy function that takes a name and IP octed and creates a user, db and auth lines";
in
{
services = {
#nginx = {
# enable = true;
# virtualHosts."${fqdn}" = {
# enableACME = true;
# locations."/".return = "418";
# };
#};
postgresql = {
#enableTCPIP = true;
#settings = {
# ssl = "on";
# ssl_cert_file = "${config.security.acme.certs."${fqdn}".directory}/server.crt";
# ssl_key_file = "${config.security.acme.certs."${fqdn}".directory}/server.key";
# ssl_ca_file = "${config.security.acme.certs."${fqdn}".directory}/ca.crt";
#};
ensureUsers = [
{
name = "pda";
ensureDBOwnership = true;
}
];
ensureDatabases = [
"pda"
];
authentication = ''
# TYPE DATABASE USER ADDRESS METHOD
#hostssl pda pda 195.160.173.15/32 scram-sha-256
#hostssl pda pda 2001:678:760:cccb::15/128 scram-sha-256
host pda pda 195.160.173.15/32 scram-sha-256
host pda pda 2001:678:760:cccb::15/128 scram-sha-256
'';
};
};
}