From 854dace74e992bd86d8e9575581e47982809d5e9 Mon Sep 17 00:00:00 2001 From: "Ricardo (XenGi) Band" Date: Fri, 6 Feb 2026 23:14:37 +0100 Subject: [PATCH] psql things --- flake.nix | 10 ++++++++-- hosts/sql/postgres.nix | 4 ++-- services/postgres.nix | 1 + 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/flake.nix b/flake.nix index c2bacd3..6d6c0f4 100644 --- a/flake.nix +++ b/flake.nix @@ -112,8 +112,14 @@ { environment.systemPackages = [ (agenix.packages.${system}.default) ]; } { age.secrets = { - postgres-user-password-pda = { - file = ./secrets/postgres-user-password-pda.age; + postgres-matrix-synapse = { + file = ./secrets/postgres-matrix-synapse.age; + owner = "postgres"; + group = "postgres"; + mode = "0400"; + }; + postgres-hedgedoc = { + file = ./secrets/postgres-hedgedoc.age; owner = "postgres"; group = "postgres"; mode = "0400"; diff --git a/hosts/sql/postgres.nix b/hosts/sql/postgres.nix index a807609..61f3af8 100644 --- a/hosts/sql/postgres.nix +++ b/hosts/sql/postgres.nix @@ -29,7 +29,7 @@ let EXECUTE format( 'ALTER ROLE %I WITH PASSWORD %L', '${e.user.name}', - trim(both E'\n' from pg_read_file('${config.age.secrets.postgres-${entry.user.name}.path}')) + trim(both E'\n' from pg_read_file('${config.age.secrets."postgres-${e.user.name}".path}')) ); END IF; END @@ -60,7 +60,7 @@ in }; }; systemd.services.postgresql.postStart = '' - ${pkgs.postgresql}/bin/psql \ + ${config.services.postgresql.package}/bin/psql \ --dbname=postgres \ --no-password \ --file=${passwordScript} diff --git a/services/postgres.nix b/services/postgres.nix index 75eb281..e50f232 100644 --- a/services/postgres.nix +++ b/services/postgres.nix @@ -10,6 +10,7 @@ "--locale=C" "--encoding=UTF8" ]; + settings.listen_addresses = "*"; }; postgresqlBackup = { enable = true;