79 lines
1.5 KiB
Nix
79 lines
1.5 KiB
Nix
{ pkgs, ... }:
|
|
{
|
|
services.postgresql = rec {
|
|
package = pkgs.postgresql_15;
|
|
enable = true;
|
|
enableTCPIP = true;
|
|
authentication = pkgs.lib.mkOverride 10 ''
|
|
# allow local logins
|
|
local all all trust
|
|
|
|
# loopback (v4/v6)
|
|
host all all 127.0.0.1/32 trust
|
|
host all all ::1/128 trust
|
|
|
|
# and from podman
|
|
host all all 10.88.0.0/16 trust
|
|
|
|
# and from vms
|
|
host all all 10.0.0.0/24 trust
|
|
|
|
# and the local network
|
|
host all all 192.168.0.0/24 trust
|
|
'';
|
|
settings = {
|
|
listen_addresses = "*";
|
|
};
|
|
|
|
ensureUsers = [
|
|
{
|
|
name = "matrix";
|
|
ensureDBOwnership = true;
|
|
}
|
|
{
|
|
name = "recipes";
|
|
ensureDBOwnership = true;
|
|
}
|
|
{
|
|
name = "sleep";
|
|
ensureDBOwnership = true;
|
|
}
|
|
{
|
|
name = "houses";
|
|
ensureDBOwnership = true;
|
|
}
|
|
{
|
|
name = "dnote";
|
|
ensureDBOwnership = true;
|
|
}
|
|
{
|
|
name = "forgejo";
|
|
ensureDBOwnership = true;
|
|
}
|
|
{
|
|
name = "pocketid";
|
|
ensureDBOwnership = true;
|
|
}
|
|
];
|
|
ensureDatabases = map (i: i.name) ensureUsers;
|
|
};
|
|
|
|
services.mysql = {
|
|
enable = true;
|
|
package = pkgs.mariadb;
|
|
settings = {
|
|
mysqld = {
|
|
bind-address = "0.0.0.0";
|
|
};
|
|
};
|
|
};
|
|
|
|
networking = {
|
|
firewall.allowedTCPPorts = [
|
|
# postgres
|
|
5432
|
|
# mariadb
|
|
3306
|
|
];
|
|
};
|
|
}
|