2022-02-14 12:29:36 +01:00
|
|
|
{ pkgs, config, ... }:
|
2021-09-23 16:45:06 +02:00
|
|
|
{
|
|
|
|
|
services.postgresql = {
|
|
|
|
|
enable = true;
|
|
|
|
|
package = pkgs.postgresql_13;
|
2022-02-14 12:29:36 +01:00
|
|
|
extraPlugins = with config.services.postgresql.package.pkgs; [
|
|
|
|
|
postgis
|
|
|
|
|
];
|
|
|
|
|
ensureDatabases = [
|
|
|
|
|
"matrix-synapse"
|
|
|
|
|
"mobilizon"
|
|
|
|
|
"authentik"
|
|
|
|
|
];
|
|
|
|
|
ensureUsers = [
|
|
|
|
|
{
|
|
|
|
|
name = "matrix-synapse";
|
|
|
|
|
ensurePermissions."DATABASE \"matrix-synapse\"" = "ALL PRIVILEGES";
|
|
|
|
|
}
|
|
|
|
|
{
|
|
|
|
|
name = "mobilizon";
|
|
|
|
|
ensurePermissions."DATABASE mobilizon" = "ALL PRIVILEGES";
|
|
|
|
|
}
|
|
|
|
|
{
|
|
|
|
|
name = "authentik";
|
|
|
|
|
ensurePermissions."DATABASE authentik" = "ALL PRIVILEGES";
|
|
|
|
|
}
|
|
|
|
|
];
|
2021-09-23 16:45:06 +02:00
|
|
|
initialScript = pkgs.writeText "synapse-init.sql" ''
|
2022-02-14 12:29:36 +01:00
|
|
|
CREATE ROLE matrix-synapse;
|
|
|
|
|
CREATE DATABASE matrix-synapse WITH OWNER matrix-synapse
|
2021-09-23 16:45:06 +02:00
|
|
|
TEMPLATE template0
|
|
|
|
|
LC_COLLATE = "C"
|
|
|
|
|
LC_CTYPE = "C"
|
|
|
|
|
ENCODING = "UTF8";
|
|
|
|
|
'';
|
2022-02-14 12:29:36 +01:00
|
|
|
settings = { password_encryption = "scram-sha-256"; };
|
|
|
|
|
authentication = pkgs.lib.mkForce ''
|
|
|
|
|
local all postgres peer
|
|
|
|
|
local all matrix-synapse peer
|
|
|
|
|
local all mobilizon scram-sha-256
|
|
|
|
|
local all authentik scram-sha-256
|
|
|
|
|
'';
|
2021-09-23 16:45:06 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services.postgresqlBackup = {
|
|
|
|
|
enable = true;
|
|
|
|
|
location = "/var/lib/postgresql/backup";
|
2022-02-14 12:29:36 +01:00
|
|
|
databases = [
|
|
|
|
|
"matrix-synapse"
|
|
|
|
|
"mobilizon"
|
|
|
|
|
"authentik"
|
|
|
|
|
];
|
2021-09-23 16:45:06 +02:00
|
|
|
startAt = "02:30";
|
|
|
|
|
compression = "none";
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
