From 4dec0d25ae667233bbb5a31f131b8db0135a2169 Mon Sep 17 00:00:00 2001 From: "Jeffrey C. Ollie" Date: Tue, 23 May 2023 16:03:29 -0500 Subject: [PATCH] update --- flake.nix | 87 ++++++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 64 insertions(+), 23 deletions(-) diff --git a/flake.nix b/flake.nix index a9e48eb..5791bd1 100644 --- a/flake.nix +++ b/flake.nix @@ -278,6 +278,26 @@ owner = lib.options.mkOption { type = lib.types.str; }; + extensions = lib.options.mkOption { + type = lib.types.listOf lib.types.str; + default = [ ]; + }; + template = lib.options.mkOption { + type = lib.types.enum [ "template0" "template1" ]; + default = "template1"; + }; + encoding = lib.options.mkOption { + type = lib.types.str; + default = "UTF8"; + }; + lc_collate = lib.options.mkOption { + type = lib.types.str; + default = "en_US.utf8"; + }; + lc_ctype = lib.options.mkOption { + type = lib.types.str; + default = "en_US.utf8"; + }; }; } ); @@ -388,7 +408,7 @@ self.packages.${pkgs.system}.scram-sha-256 ]; - networking.firewall.allowedTCPPorts = [ cfg.port ]; + # networking.firewall.allowedTCPPorts = [ cfg.port ]; security.acme.certs."${config.networking.hostName}.${config.networking.domain}" = { reloadServices = [ @@ -609,40 +629,56 @@ if $PSQL --command "SELECT 1 FROM pg_roles WHERE rolname='${user.username}';" | grep -q 1 then echo "alter user ${user.username}" - $PSQL --command "ALTER ROLE ${user.username} WITH LOGIN PASSWORD '${escapeShell user.password}';" + echo "ALTER ROLE :username WITH LOGIN PASSWORD :'password';" | $PSQL --variable username="${user.username}" --variable password="${escapeShell user.password}" else echo "create user ${user.username}" - $PSQL --command "CREATE ROLE ${user.username} WITH LOGIN PASSWORD '${escapeShell user.password}';" + echo "CREATE ROLE :username WITH LOGIN PASSWORD :'password';" | $PSQL --variable username="${user.username}" --variable password="${escapeShell user.password}" fi '' ) cfg.users ); - databaseSetup = lib.strings.concatStringsSep "\n" - ( - map - ( - database: - '' - if ! ( $PSQL --command "SELECT 1 FROM pg_database WHERE datname='${database.name}';" | grep -q 1 ) - then - echo "create database ${database.name}" - $PSQL --command "CREATE DATABASE ${database.name} WITH OWNER ${database.owner};" - fi + nuShellDatabaseSetup = '' - echo "grant public schema priviliges to user ${database.owner}" - $PSQL --dbname ${database.name} --command "GRANT ALL PRIVILEGES ON SCHEMA public to ${database.owner};" - echo "grant priviliges on database ${database.name} to user ${database.owner}" - $PSQL --dbname ${database.name} --command "GRANT ALL PRIVILEGES ON DATABASE ${database.name} to ${database.owner};" - '' + ''; + databaseSetup = lib.strings.concatStringsSep "\n" ( + map + ( + database: '' + if ! ( echo "SELECT 1 FROM pg_database WHERE datname=:'name';" | $PSQL --variable name="${database.name}" | grep -q 1 ) + then + echo "create database ${database.name}" + echo "CREATE DATABASE :name WITH OWNER = :'owner' TEMPLATE = :'template' ENCODING = :'encoding' LC_COLLATE = :'lc_collate' LC_CTYPE = :'lc_ctype';" | $PSQL --variable name="${database.name}" --variable owner="${database.owner}" --variable encoding="${database.encoding}" --variable lc_collate="${database.lc_collate}" --variable lc_ctype="${database.lc_ctype}" --variable template="${database.template}" + fi + + echo "grant public schema priviliges to user ${database.owner}" + echo "GRANT ALL PRIVILEGES ON SCHEMA public TO :owner;" | $PSQL --dbname "${database.name}" --variable name="${database.name}" --variable owner="${database.owner}" + echo "grant priviliges on database ${database.name} to user ${database.owner}" + echo "GRANT ALL PRIVILEGES ON DATABASE :name TO :owner;" | $PSQL --dbname "${database.name}" --variable name="${database.name}" --variable owner="${database.owner}" + '' + + ( + lib.strings.concatStringsSep "\n" ( + map + ( + extension: '' + if ! ( $PSQL --dbname ${database.name} --command "SELECT 1 FROM pg_extension WHERE extname='${extension}';" | grep -q 1 ) + then + echo "adding extention ${extension} to ${database.name}" + $PSQL --dbname ${database.name} --command "CREATE EXTENSION ${extension};" + fi + '' + ) + database.extensions + ) ) - cfg.databases - ); + ) + cfg.databases + ); in { description = "PostgreSQL User/Database Setup"; - requiredBy = [ "postgresql.service" ]; - bindsTo = [ "postgresql.service" ]; + after = [ "postgresql.service" ]; + # bindsTo = [ "postgresql.service" ]; script = '' while ! ${postgresql}/bin/psql -d postgres -c "" 2> /dev/null do @@ -756,6 +792,11 @@ }; wantedBy = [ "multi-user.target" ]; }; + + services.prometheus.exporters.postgres = { + enable = true; + runAsLocalSuperUser = true; + }; }; }; };