jeff/nixos-postgresql
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

add pgvecto.rs extension

Browse source
This commit is contained in:
Jeffrey C. Ollie 2023-12-16 14:51:38 -06:00
parent 960a8bac72
commit 86df433c30
Signed by: jeff
GPG key ID: 6F86035A6D97044E
2 changed files with 996 additions and 957 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
flake.lock
View file

@ -5,11 +5,11 @@
"systems": "systems" "systems": "systems"
}, },
"locked": { "locked": {
"lastModified": 1681202837, "lastModified": 1701680307,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401", "rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -20,11 +20,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1684215771, "lastModified": 1702312524,
"narHash": "sha256-fsum28z+g18yreNa1Y7MPo9dtps5h1VkHfZbYQ+YPbk=", "narHash": "sha256-gkZJRDBUCpTPBvQk25G0B7vfbpEYM5s5OZqghkjZsnE=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "963006aab35e3e8ebbf6052b6bf4ea712fdd3c28", "rev": "a9bf124c46ef298113270b1f84a164865987a91c",
"type": "github" "type": "github"
}, },
"original": { "original": {

279
flake.nix
View file

@ -9,19 +9,22 @@
url = "github:numtide/flake-utils"; url = "github:numtide/flake-utils";
}; };
}; };
outputs = { self, nixpkgs, flake-utils, ... }@inputs: outputs = {
self,
nixpkgs,
flake-utils,
...
} @ inputs:
( (
flake-utils.lib.eachDefaultSystem flake-utils.lib.eachDefaultSystem
(system: (
let system: let
pkgs = import nixpkgs { pkgs = import nixpkgs {
inherit system; inherit system;
}; };
in in {
{
packages = { packages = {
scram-sha-256 = scram-sha-256 = let
let
pname = "scram-sha-256"; pname = "scram-sha-256";
version = "1.0.1"; version = "1.0.1";
in in
@ -41,16 +44,58 @@
license = licenses.mit; license = licenses.mit;
}; };
}; };
pgvecto-rs = let
pname = "pgvecto.rs";
version = "0.1.11";
hashes = {
"15" = "sha256-IVx/LgRnGyvBRYvrrJatd7yboWEoSYSJogLaH5N/wPA=";
};
major = pkgs.lib.versions.major pkgs.postgresql_15.version;
in
pkgs.stdenv.mkDerivation {
inherit pname version;
buildInputs = [pkgs.dpkg];
src = pkgs.fetchurl {
url = "https://github.com/tensorchord/pgvecto.rs/releases/download/v${version}/vectors-pg${major}-v${version}-x86_64-unknown-linux-gnu.deb";
hash = hashes."${major}";
};
dontUnpack = true;
dontBuild = true;
dontStrip = true;
installPhase = ''
mkdir -p $out
dpkg -x $src $out
install -D -t $out/lib $out/usr/lib/postgresql/${major}/lib/*.so
install -D -t $out/share/postgresql/extension $out/usr/share/postgresql/${major}/extension/*.sql
install -D -t $out/share/postgresql/extension $out/usr/share/postgresql/${major}/extension/*.control
rm -rf $out/usr
'';
meta = {
description = "Scalable Vector database plugin for Postgres, written in Rust, specifically designed for LLM";
homepage = "https://github.com/tensorchord/pgvecto.rs";
license = pkgs.lib.licenses.asl20;
platforms = pkgs.postgresql.meta.platforms;
};
};
}; };
} }
) )
) // { )
// {
nixosModules = { nixosModules = {
postgresql = { config, lib, pkgs, ... }: postgresql = {
let config,
lib,
pkgs,
...
}: let
cfg = config.jcollie.postgresql; cfg = config.jcollie.postgresql;
in in {
{
options = { options = {
jcollie.postgresql = lib.options.mkOption { jcollie.postgresql = lib.options.mkOption {
type = lib.types.submodule { type = lib.types.submodule {
@ -123,8 +168,7 @@
}; };
log = lib.options.mkOption { log = lib.options.mkOption {
type = lib.types.submodule { type = lib.types.submodule {
options = options = let
let
logLevelType = lib.types.enum [ logLevelType = lib.types.enum [
"off" "off"
"error" "error"
@ -134,8 +178,7 @@
"debug" "debug"
"trace" "trace"
]; ];
in in {
{
console = lib.options.mkOption { console = lib.options.mkOption {
type = logLevelType; type = logLevelType;
default = "detail"; default = "detail";
@ -310,12 +353,14 @@
}; };
}; };
config = config = let
let
toStr = value: toStr = value:
if true == value then "yes" if true == value
else if false == value then "no" then "yes"
else if lib.isString value then "'${lib.replaceStrings ["'"] ["''"] value}'" else if false == value
then "no"
else if lib.isString value
then "'${lib.replaceStrings ["'"] ["''"] value}'"
else toString value; else toString value;
escapeShell = value: lib.replaceStrings ["$"] ["\\$"] value; escapeShell = value: lib.replaceStrings ["$"] ["\\$"] value;
@ -344,9 +389,11 @@
# }.${cfg.backup.storage.type}; # }.${cfg.backup.storage.type};
# }; # };
rcloneEnvironment = { rcloneEnvironment =
{
RCLONE_CONFIG = "/dev/null"; RCLONE_CONFIG = "/dev/null";
} // ( }
// (
{ {
"azure" = { "azure" = {
RCLONE_CONFIG_AZURE_TYPE = "azureblob"; RCLONE_CONFIG_AZURE_TYPE = "azureblob";
@ -356,32 +403,33 @@
RCLONE_CONFIG_B2_TYPE = "b2"; RCLONE_CONFIG_B2_TYPE = "b2";
RCLONE_CONFIG_B2_ACCOUNT = cfg.backup.storage.b2.accountId; RCLONE_CONFIG_B2_ACCOUNT = cfg.backup.storage.b2.accountId;
}; };
}.${cfg.backup.storage.type} }
.${cfg.backup.storage.type}
); );
rcloneEnvironmentFiles = { rcloneEnvironmentFiles =
{
"azure" = { "azure" = {
RCLONE_CONFIG_AZURE_KEY = cfg.backup.storage.azure.accountKeyFile; RCLONE_CONFIG_AZURE_KEY = cfg.backup.storage.azure.accountKeyFile;
}; };
"b2" = { "b2" = {
RCLONE_CONFIG_B2_KEY = cfg.backup.storage.b2.accountKeyFile; RCLONE_CONFIG_B2_KEY = cfg.backup.storage.b2.accountKeyFile;
}; };
}.${cfg.backup.storage.type}; }
.${cfg.backup.storage.type};
rclone = lib.mkIf (cfg.backup.enable) ( rclone = lib.mkIf (cfg.backup.enable) (
let let
environment = lib.concatStringsSep "\n" ( environment = lib.concatStringsSep "\n" (
lib.mapAttrsToList lib.mapAttrsToList
( (
n: v: n: v: ''export ${n}="${builtins.toString v}"''
''export ${n}="${builtins.toString v}"''
) )
rcloneEnvironment rcloneEnvironment
); );
environmentFiles = lib.concatStringsSep "\n" ( environmentFiles = lib.concatStringsSep "\n" (
lib.mapAttrsToList lib.mapAttrsToList
( (
n: v: n: v: ''export ${n}=''$(<${v})''
''export ${n}=''$(<${v})''
) )
rcloneEnvironmentFiles rcloneEnvironmentFiles
); );
@ -396,7 +444,8 @@
rootDir = "/var/lib/postgresql"; rootDir = "/var/lib/postgresql";
dataDir = "${rootDir}/15"; dataDir = "${rootDir}/15";
pgbackrestEnvironment = { pgbackrestEnvironment =
{
PGBACKREST_LOG_LEVEL_CONSOLE = cfg.backup.log.console; PGBACKREST_LOG_LEVEL_CONSOLE = cfg.backup.log.console;
PGBACKREST_LOG_LEVEL_FILE = cfg.backup.log.file; PGBACKREST_LOG_LEVEL_FILE = cfg.backup.log.file;
PGBACKREST_LOG_LEVEL_STDERR = cfg.backup.log.stderr; PGBACKREST_LOG_LEVEL_STDERR = cfg.backup.log.stderr;
@ -406,7 +455,8 @@
PGBACKREST_REPO1_RETENTION_FULL = "14"; PGBACKREST_REPO1_RETENTION_FULL = "14";
PGBACKREST_REPO1_RETENTION_FULL_TYPE = "time"; PGBACKREST_REPO1_RETENTION_FULL_TYPE = "time";
PGBACKREST_STANZA = "${config.networking.hostName}.${config.networking.domain}"; PGBACKREST_STANZA = "${config.networking.hostName}.${config.networking.domain}";
} // ( }
// (
{ {
"azure" = { "azure" = {
PGBACKREST_REPO1_AZURE_ACCOUNT = cfg.backup.storage.azure.accountName; PGBACKREST_REPO1_AZURE_ACCOUNT = cfg.backup.storage.azure.accountName;
@ -422,19 +472,23 @@
PGBACKREST_REPO1_S3_REGION = cfg.backup.storage.b2.region; PGBACKREST_REPO1_S3_REGION = cfg.backup.storage.b2.region;
PGBACKREST_REPO1_TYPE = "s3"; PGBACKREST_REPO1_TYPE = "s3";
}; };
}.${cfg.backup.storage.type} }
.${cfg.backup.storage.type}
); );
pgbackrestEnvironmentFiles = { pgbackrestEnvironmentFiles =
{
PGBACKREST_REPO1_CIPHER_PASS = cfg.backup.cipher.passwordFile; PGBACKREST_REPO1_CIPHER_PASS = cfg.backup.cipher.passwordFile;
} // { }
// {
"azure" = { "azure" = {
PGBACKREST_REPO1_AZURE_KEY = cfg.backup.storage.azure.accountKeyFile; PGBACKREST_REPO1_AZURE_KEY = cfg.backup.storage.azure.accountKeyFile;
}; };
"b2" = { "b2" = {
PGBACKREST_REPO1_S3_KEY_SECRET = cfg.backup.storage.b2.accountKeyFile; PGBACKREST_REPO1_S3_KEY_SECRET = cfg.backup.storage.b2.accountKeyFile;
}; };
}.${cfg.backup.storage.type}; }
.${cfg.backup.storage.type};
pgbackrest = pgbackrest =
if (cfg.backup.enable) if (cfg.backup.enable)
@ -444,16 +498,14 @@
environment = lib.concatStringsSep "\n" ( environment = lib.concatStringsSep "\n" (
lib.mapAttrsToList lib.mapAttrsToList
( (
n: v: n: v: ''export ${n}="${builtins.toString v}"''
''export ${n}="${builtins.toString v}"''
) )
pgbackrestEnvironment pgbackrestEnvironment
); );
environmentFiles = lib.concatStringsSep "\n" ( environmentFiles = lib.concatStringsSep "\n" (
lib.mapAttrsToList lib.mapAttrsToList
( (
n: v: n: v: ''export ${n}=''$(<${v})''
''export ${n}=''$(<${v})''
) )
pgbackrestEnvironmentFiles pgbackrestEnvironmentFiles
); );
@ -464,8 +516,7 @@
exec ${pkgs.pgbackrest}/bin/pgbackrest "''$@" exec ${pkgs.pgbackrest}/bin/pgbackrest "''$@"
'' ''
) )
else else {};
{ };
# pgbackrestnu = lib.mkIf (cfg.backup.enable) ( # pgbackrestnu = lib.mkIf (cfg.backup.enable) (
# let # let
# environment = writeText "pgbackrest-environment.json" (builtins.toJSON pgbackrestEnvironment); # environment = writeText "pgbackrest-environment.json" (builtins.toJSON pgbackrestEnvironment);
@ -490,18 +541,18 @@
# } # }
]; ];
environment.systemPackages = [ environment.systemPackages =
[
postgresql postgresql
self.packages.${pkgs.system}.scram-sha-256 self.packages.${pkgs.system}.scram-sha-256
] ++ ( ]
++ (
if cfg.backup.enable && (!cfg.replication.enable || cfg.replication.role == "primary") if cfg.backup.enable && (!cfg.replication.enable || cfg.replication.role == "primary")
then then [
[
pgbackrest pgbackrest
rclone rclone
] ]
else else []
[ ]
); );
# networking.firewall.allowedTCPPorts = [ cfg.port ]; # networking.firewall.allowedTCPPorts = [ cfg.port ];
@ -527,8 +578,7 @@
"d ${dataDir} 0700 postgres postgres -" "d ${dataDir} 0700 postgres postgres -"
]; ];
systemd.services.postgresql = systemd.services.postgresql = let
let
hbaFile = pkgs.writeTextDir "pg_hba.conf" '' hbaFile = pkgs.writeTextDir "pg_hba.conf" ''
local all all ident map=default local all all ident map=default
hostnossl all all all reject hostnossl all all all reject
@ -541,16 +591,20 @@
'' ''
default root postgres default root postgres
default postgres postgres default postgres postgres
'' + (lib.strings.concatStringsSep "\n" ''
+ (
lib.strings.concatStringsSep "\n"
( (
map map
(user: "default root ${user.username}") (user: "default root ${user.username}")
cfg.users cfg.users
) )
) + "\n" )
+ "\n"
); );
archiveCommand = "${pgbackrest}/bin/pgbackrest archive-push %p"; archiveCommand = "${pgbackrest}/bin/pgbackrest archive-push %p";
settings = { settings =
{
bgwriter_flush_after = "512kB"; bgwriter_flush_after = "512kB";
checkpoint_flush_after = "256kB"; checkpoint_flush_after = "256kB";
data_directory = dataDir; data_directory = dataDir;
@ -585,29 +639,27 @@
unix_socket_directories = "/run/postgresql"; unix_socket_directories = "/run/postgresql";
wal_level = "replica"; wal_level = "replica";
wal_log_hints = "on"; wal_log_hints = "on";
} // ( }
// (
if (cfg.backup.enable) if (cfg.backup.enable)
then { then {
archive_command = archiveCommand; archive_command = archiveCommand;
archive_mode = "on"; archive_mode = "on";
} }
else else {}
{ }
); );
configFile = pkgs.writeTextDir "postgresql.conf" ( configFile = pkgs.writeTextDir "postgresql.conf" (
lib.concatStrings ( lib.concatStrings (
lib.mapAttrsToList lib.mapAttrsToList
( (
n: v: n: v: "${n} = ${toStr v}\n"
"${n} = ${toStr v}\n"
) )
settings settings
) )
); );
backupSetup = backupSetup =
if (cfg.backup.enable) if (cfg.backup.enable)
then then ''
''
init=''$(${pgbackrest}/bin/pgbackrest info --output=json | ${pkgs.jq}/bin/jq '.[0].status.code == 0') init=''$(${pgbackrest}/bin/pgbackrest info --output=json | ${pkgs.jq}/bin/jq '.[0].status.code == 0')
if [ "$init" != "true" ] if [ "$init" != "true" ]
then then
@ -616,8 +668,7 @@
${postgresql}/bin/pg_ctl -m fast -w stop ${postgresql}/bin/pg_ctl -m fast -w stop
fi fi
'' ''
else else "";
"";
pgpass = pgpass =
if (cfg.replication.enable && cfg.replication.role == "replica") if (cfg.replication.enable && cfg.replication.role == "replica")
then then
@ -628,39 +679,37 @@
cfg.replication.username cfg.replication.username
''''$(<${cfg.replication.passwordFile})'' ''''$(<${cfg.replication.passwordFile})''
] ]
else else "";
""; in {
in
{
description = "PostgreSQL Server"; description = "PostgreSQL Server";
wantedBy = ["multi-user.target"]; wantedBy = ["multi-user.target"];
after = ["network.target"]; after = ["network.target"];
environment = { environment =
{
PGDATA = dataDir; PGDATA = dataDir;
} // ( }
// (
if (cfg.replication.enable && cfg.replication.role == "replica") if (cfg.replication.enable && cfg.replication.role == "replica")
then { then {
PGPASSFILE = "${rootDir}/.pgpass"; PGPASSFILE = "${rootDir}/.pgpass";
} }
else {} else {}
); );
path = [ path =
postgresql
] ++ (
if cfg.backup.enable && (!cfg.replication.enable || cfg.replication.role == "primary")
then
[ [
postgresql
]
++ (
if cfg.backup.enable && (!cfg.replication.enable || cfg.replication.role == "primary")
then [
pgbackrest pgbackrest
] ]
else else []
[ ]
); );
preStart = preStart =
if (!cfg.replication.enable || cfg.replication.role == "primary") if (!cfg.replication.enable || cfg.replication.role == "primary")
then then ''
''
if [ ! -s "${dataDir}/PG_VERSION" ] if [ ! -s "${dataDir}/PG_VERSION" ]
then then
${postgresql}/bin/initdb \ ${postgresql}/bin/initdb \
@ -678,8 +727,7 @@
${backupSetup} ${backupSetup}
'' ''
else else ''
''
(umask 077; echo "${pgpass}" > ${rootDir}/.pgpass) (umask 077; echo "${pgpass}" > ${rootDir}/.pgpass)
chmod 0600 ${rootDir}/.pgpass chmod 0600 ${rootDir}/.pgpass
@ -727,8 +775,8 @@
systemd.services.postgresql-setup = lib.mkIf (!cfg.replication.enable || cfg.replication.role == "primary") ( systemd.services.postgresql-setup = lib.mkIf (!cfg.replication.enable || cfg.replication.role == "primary") (
let let
replicationSetup = replicationSetup =
if (cfg.replication.enable && cfg.replication.role == "primary") then if (cfg.replication.enable && cfg.replication.role == "primary")
'' then ''
if $PSQL --command "SELECT 1 FROM pg_roles WHERE rolname='${cfg.replication.username}';" | grep -q 1 if $PSQL --command "SELECT 1 FROM pg_roles WHERE rolname='${cfg.replication.username}';" | grep -q 1
then then
echo "alter replication user ${cfg.replication.username}" echo "alter replication user ${cfg.replication.username}"
@ -741,12 +789,12 @@
fi fi
'' ''
else ""; else "";
userSetup = lib.strings.concatStringsSep "\n" userSetup =
lib.strings.concatStringsSep "\n"
( (
map map
( (
user: user: ''
''
if $PSQL --command "SELECT 1 FROM pg_roles WHERE rolname='${user.username}';" | grep -q 1 if $PSQL --command "SELECT 1 FROM pg_roles WHERE rolname='${user.username}';" | grep -q 1
then then
echo "alter user ${user.username}" echo "alter user ${user.username}"
@ -765,7 +813,8 @@
databaseSetup = lib.strings.concatStringsSep "\n" ( databaseSetup = lib.strings.concatStringsSep "\n" (
map map
( (
database: '' database:
''
if ! ( echo "SELECT 1 FROM pg_database WHERE datname=:'name';" | $PSQL --variable name="${database.name}" | grep -q 1 ) if ! ( echo "SELECT 1 FROM pg_database WHERE datname=:'name';" | $PSQL --variable name="${database.name}" | grep -q 1 )
then then
echo "create database ${database.name}" echo "create database ${database.name}"
@ -776,8 +825,8 @@
echo "GRANT ALL PRIVILEGES ON SCHEMA public TO :owner;" | $PSQL --dbname "${database.name}" --variable name="${database.name}" --variable owner="${database.owner}" echo "GRANT ALL PRIVILEGES ON SCHEMA public TO :owner;" | $PSQL --dbname "${database.name}" --variable name="${database.name}" --variable owner="${database.owner}"
echo "grant priviliges on database ${database.name} to user ${database.owner}" echo "grant priviliges on database ${database.name} to user ${database.owner}"
echo "GRANT ALL PRIVILEGES ON DATABASE :name TO :owner;" | $PSQL --dbname "${database.name}" --variable name="${database.name}" --variable owner="${database.owner}" echo "GRANT ALL PRIVILEGES ON DATABASE :name TO :owner;" | $PSQL --dbname "${database.name}" --variable name="${database.name}" --variable owner="${database.owner}"
'' + ''
( + (
lib.strings.concatStringsSep "\n" ( lib.strings.concatStringsSep "\n" (
map map
( (
@ -795,8 +844,7 @@
) )
cfg.databases cfg.databases
); );
in in {
{
description = "PostgreSQL User/Database Setup"; description = "PostgreSQL User/Database Setup";
after = ["postgresql.service"]; after = ["postgresql.service"];
# bindsTo = [ "postgresql.service" ]; # bindsTo = [ "postgresql.service" ];
@ -830,17 +878,14 @@
systemd.services.postgresql-backup-full = lib.mkIf (cfg.backup.enable && (!cfg.replication.enable || cfg.replication.role == "primary")) ( systemd.services.postgresql-backup-full = lib.mkIf (cfg.backup.enable && (!cfg.replication.enable || cfg.replication.role == "primary")) (
let let
hcStart = hcStart =
if cfg.backup.healthcheck.enable then if cfg.backup.healthcheck.enable
"${curl} ${cfg.backup.healthcheck.fullBackupPingURL}/start" then "${curl} ${cfg.backup.healthcheck.fullBackupPingURL}/start"
else else "";
"";
hcStop = hcStop =
if cfg.backup.healthcheck.enable then if cfg.backup.healthcheck.enable
"${curl} ${cfg.backup.healthcheck.fullBackupPingURL}" then "${curl} ${cfg.backup.healthcheck.fullBackupPingURL}"
else else "";
""; in {
in
{
description = "PostgreSQL Full Backup"; description = "PostgreSQL Full Backup";
requires = ["postgresql.service"]; requires = ["postgresql.service"];
script = '' script = ''
@ -877,17 +922,14 @@
systemd.services.postgresql-backup-diff = lib.mkIf (cfg.backup.enable && (!cfg.replication.enable || cfg.replication.role == "primary")) ( systemd.services.postgresql-backup-diff = lib.mkIf (cfg.backup.enable && (!cfg.replication.enable || cfg.replication.role == "primary")) (
let let
hcStart = hcStart =
if cfg.backup.healthcheck.enable then if cfg.backup.healthcheck.enable
"${curl} ${cfg.backup.healthcheck.differentialBackupPingURL}/start" then "${curl} ${cfg.backup.healthcheck.differentialBackupPingURL}/start"
else else "";
"";
hcStop = hcStop =
if cfg.backup.healthcheck.enable then if cfg.backup.healthcheck.enable
"${curl} ${cfg.backup.healthcheck.differentialBackupPingURL}" then "${curl} ${cfg.backup.healthcheck.differentialBackupPingURL}"
else else "";
""; in {
in
{
description = "PostgreSQL Differential Backup"; description = "PostgreSQL Differential Backup";
requires = ["postgresql.service"]; requires = ["postgresql.service"];
script = '' script = ''
@ -924,17 +966,14 @@
systemd.services.postgresql-backup-incr = lib.mkIf (cfg.backup.enable && (!cfg.replication.enable || cfg.replication.role == "primary")) ( systemd.services.postgresql-backup-incr = lib.mkIf (cfg.backup.enable && (!cfg.replication.enable || cfg.replication.role == "primary")) (
let let
hcStart = hcStart =
if cfg.backup.healthcheck.enable then if cfg.backup.healthcheck.enable
"${curl} ${cfg.backup.healthcheck.incrementalBackupPingURL}/start" then "${curl} ${cfg.backup.healthcheck.incrementalBackupPingURL}/start"
else else "";
"";
hcStop = hcStop =
if cfg.backup.healthcheck.enable then if cfg.backup.healthcheck.enable
"${curl} ${cfg.backup.healthcheck.incrementalBackupPingURL}" then "${curl} ${cfg.backup.healthcheck.incrementalBackupPingURL}"
else else "";
""; in {
in
{
description = "PostgreSQL Incremental Backup"; description = "PostgreSQL Incremental Backup";
requires = ["postgresql.service"]; requires = ["postgresql.service"];
script = '' script = ''