jeff/nixos-postgresql
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

allow non-ssl connections over tailscale

Browse source
This commit is contained in:
Jeffrey C. Ollie 2024-09-16 11:44:13 -05:00
parent 9f7f8469a0
commit 89731130cd
Signed by: jeff
GPG key ID: 6F86035A6D97044E
1 changed files with 8 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
flake.nix
View file

@ -3,7 +3,7 @@
inputs = { inputs = {
nixpkgs = { nixpkgs = {
url = "github:NixOS/nixpkgs/nixos-23.11"; url = "github:NixOS/nixpkgs/nixos-24.05";
}; };
flake-utils = { flake-utils = {
url = "github:numtide/flake-utils"; url = "github:numtide/flake-utils";
@ -569,12 +569,13 @@
systemd.services.postgresql = let systemd.services.postgresql = let
hbaFile = pkgs.writeTextDir "pg_hba.conf" '' hbaFile = pkgs.writeTextDir "pg_hba.conf" ''
local all all ident map=default local all all ident map=default
hostnossl all all all reject hostnossl all all 100.64.0.0/16 scram-sha-256
hostssl all all all scram-sha-256 hostnossl all all all reject
local replication all ident map=default hostssl all all all scram-sha-256
hostnossl replication all all reject local replication all ident map=default
hostssl replication all all scram-sha-256 hostnossl replication all all reject
hostssl replication all all scram-sha-256
''; '';
identFile = pkgs.writeTextDir "pg_ident.conf" ( identFile = pkgs.writeTextDir "pg_ident.conf" (
'' ''