dotfiles/nixos/modules/services/postgresql/default.nix

{ flake, ... }:
let
  inherit (flake.config.machines.devices)
    server
    ;
  inherit (flake.config.services.instances)
    postgresql
    ;

  service = postgresql;
in
{
  services = {
    postgresqlBackup = {
      enable = true;
      location = service.paths.path0;
      databases = [
        "mastodon"
        "nextcloud"
        "peertube"
        "forgejo"
      ];
    };
    postgresql = {
      enable = true;
    };
  };
  networking = {
    firewall = {
      allowedTCPPorts = [
        service.ports.port0
      ];
    };
  };

  fileSystems."/var/lib/postgresql" = {
    device = service.paths.path0;
    fsType = "none";
    options = [
      "bind"
    ];
    depends = [
      server.storage0.mount
    ];
  };

  systemd.tmpfiles.rules = [
    "Z ${service.paths.path0} 700 ${service.name} ${service.name} -"
  ];

  users.users.${service.name}.extraGroups = [
    "nextcloud"
    "mastodon"
    "forgejo"
  ];

  system.activationScripts.postgresCommands = ''
    chown -R ${service.name}:${service.name} ${service.paths.path0}
  '';
}
feat: forgejo test 2025-01-18 22:15:25 -06:00			`{ flake, ... }:`
			`let`
			`inherit (flake.config.machines.devices)`
feat: expanded all lists 2025-01-08 19:06:14 -06:00			`server`
			`;`
feat: forgejo test 2025-01-18 22:15:25 -06:00			`inherit (flake.config.services.instances)`
feat: expanded all lists 2025-01-08 19:06:14 -06:00			`postgresql`
			`;`
feat: refactored abstractions 2024-10-19 18:22:29 -05:00
			`service = postgresql;`
feat: forgejo test 2025-01-18 22:15:25 -06:00			`in`
			`{`
feat: init 2024-10-06 15:25:05 -05:00			`services = {`
			`postgresqlBackup = {`
			`enable = true;`
feat: refactored abstractions 2024-10-19 18:22:29 -05:00			`location = service.paths.path0;`
feat: expanded all lists 2025-01-08 19:06:14 -06:00			`databases = [`
			`"mastodon"`
			`"nextcloud"`
			`"peertube"`
			`"forgejo"`
			`];`
feat: init 2024-10-06 15:25:05 -05:00			`};`
			`postgresql = {`
			`enable = true;`
			`};`
			`};`
			`networking = {`
			`firewall = {`
			`allowedTCPPorts = [`
feat: refactored abstractions 2024-10-19 18:22:29 -05:00			`service.ports.port0`
feat: init 2024-10-06 15:25:05 -05:00			`];`
			`};`
			`};`

			`fileSystems."/var/lib/postgresql" = {`
feat: refactored abstractions 2024-10-19 18:22:29 -05:00			`device = service.paths.path0;`
feat: init 2024-10-06 15:25:05 -05:00			`fsType = "none";`
feat: expanded all lists 2025-01-08 19:06:14 -06:00			`options = [`
			`"bind"`
			`];`
			`depends = [`
			`server.storage0.mount`
			`];`
feat: init 2024-10-06 15:25:05 -05:00			`};`

feat: expanded all lists 2025-01-08 19:06:14 -06:00			`systemd.tmpfiles.rules = [`
			`"Z ${service.paths.path0} 700 ${service.name} ${service.name} -"`
			`];`
feat: init 2024-10-06 15:25:05 -05:00
feat: expanded all lists 2025-01-08 19:06:14 -06:00			`users.users.${service.name}.extraGroups = [`
			`"nextcloud"`
			`"mastodon"`
			`"forgejo"`
			`];`
feat: init 2024-10-06 15:25:05 -05:00
			`system.activationScripts.postgresCommands = ''`
feat: refactored abstractions 2024-10-19 18:22:29 -05:00			`chown -R ${service.name}:${service.name} ${service.paths.path0}`
feat: init 2024-10-06 15:25:05 -05:00			`'';`
			`}`