allow non-ssl connections over tailscale

This commit is contained in:
Jeffrey C. Ollie 2024-09-16 11:44:13 -05:00
parent 9f7f8469a0
commit 89731130cd
Signed by: jeff
GPG key ID: 6F86035A6D97044E

View file

@ -3,7 +3,7 @@
inputs = {
nixpkgs = {
url = "github:NixOS/nixpkgs/nixos-23.11";
url = "github:NixOS/nixpkgs/nixos-24.05";
};
flake-utils = {
url = "github:numtide/flake-utils";
@ -569,12 +569,13 @@
systemd.services.postgresql = let
hbaFile = pkgs.writeTextDir "pg_hba.conf" ''
local all all ident map=default
hostnossl all all all reject
hostssl all all all scram-sha-256
local replication all ident map=default
hostnossl replication all all reject
hostssl replication all all scram-sha-256
local all all ident map=default
hostnossl all all 100.64.0.0/16 scram-sha-256
hostnossl all all all reject
hostssl all all all scram-sha-256
local replication all ident map=default
hostnossl replication all all reject
hostssl replication all all scram-sha-256
'';
identFile = pkgs.writeTextDir "pg_ident.conf" (
''