xengi/infra
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/hosts/sql/postgres.nix

43 lines
1.2 KiB
Nix
Raw Blame History

{ config, ... }:
let
fqdn = "sql.${config.networking.domain}";
mkEntry = "fancy function that takes a name and IP octed and creates a user, db and auth lines";
in
{
services = {
#nginx = {
# enable = true;
# virtualHosts."${fqdn}" = {
# enableACME = true;
# locations."/".return = "418";
# };
#};
postgresql = {
#enableTCPIP = true;
#settings = {
# ssl = "on";
# ssl_cert_file = "${config.security.acme.certs."${fqdn}".directory}/server.crt";
# ssl_key_file = "${config.security.acme.certs."${fqdn}".directory}/server.key";
# ssl_ca_file = "${config.security.acme.certs."${fqdn}".directory}/ca.crt";
#};
ensureUsers = [
{
name = "pda";
ensureDBOwnership = true;
}
];
ensureDatabases = [
"pda"
];
authentication = ''
# TYPE DATABASE USER ADDRESS METHOD
#hostssl pda pda 195.160.173.15/32 scram-sha-256
#hostssl pda pda 2001:678:760:cccb::15/128 scram-sha-256
host pda pda 195.160.173.15/32 scram-sha-256
host pda pda 2001:678:760:cccb::15/128 scram-sha-256
'';
};
};
}
Reference in a new issue View git blame Copy permalink