2025-10-01 19:51:55 -05:00
|
|
|
{ flake, ... }:
|
|
|
|
|
let
|
|
|
|
|
inherit (flake.config.machines.devices)
|
|
|
|
|
ceres
|
|
|
|
|
;
|
2025-10-09 22:58:38 -05:00
|
|
|
inherit (flake.config.services)
|
|
|
|
|
instances
|
2025-10-01 19:51:55 -05:00
|
|
|
;
|
|
|
|
|
|
2025-10-09 22:58:38 -05:00
|
|
|
service = instances.postgresql;
|
2025-10-01 19:51:55 -05:00
|
|
|
in
|
|
|
|
|
{
|
|
|
|
|
services = {
|
|
|
|
|
postgresqlBackup = {
|
|
|
|
|
enable = true;
|
2025-10-09 23:20:51 -05:00
|
|
|
location = "${service.paths.path0}/backups";
|
|
|
|
|
compression = "zstd";
|
|
|
|
|
startAt = "*-*-* 07:00:00";
|
2025-10-01 19:51:55 -05:00
|
|
|
databases = [
|
2025-10-09 22:58:38 -05:00
|
|
|
instances.mastodon.name
|
|
|
|
|
instances.forgejo.name
|
|
|
|
|
instances.firefly-iii.name
|
2025-10-01 19:51:55 -05:00
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
postgresql = {
|
|
|
|
|
enable = true;
|
2025-10-09 05:30:23 -05:00
|
|
|
# ensureDatabases = [ firefly-iii.name ];
|
|
|
|
|
# ensureUsers = [
|
|
|
|
|
# {
|
|
|
|
|
# name = firefly-iii.name;
|
|
|
|
|
# ensureDBOwnership = true;
|
|
|
|
|
# }
|
|
|
|
|
# ];
|
2025-10-01 19:51:55 -05:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
networking = {
|
|
|
|
|
firewall = {
|
|
|
|
|
allowedTCPPorts = [
|
|
|
|
|
service.ports.port0
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
fileSystems."/var/lib/postgresql" = {
|
|
|
|
|
device = service.paths.path0;
|
|
|
|
|
fsType = "none";
|
|
|
|
|
options = [
|
|
|
|
|
"bind"
|
|
|
|
|
];
|
|
|
|
|
depends = [
|
|
|
|
|
ceres.storage0.mount
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
systemd.tmpfiles.rules = [
|
|
|
|
|
"Z ${service.paths.path0} 700 ${service.name} ${service.name} -"
|
2025-10-09 23:20:51 -05:00
|
|
|
"Z ${service.paths.path0}/backups 700 ${service.name} ${service.name} -"
|
2025-10-01 19:51:55 -05:00
|
|
|
];
|
|
|
|
|
|
|
|
|
|
users.users.${service.name}.extraGroups = [
|
2025-10-09 22:58:38 -05:00
|
|
|
instances.nextcloud.name
|
|
|
|
|
instances.mastodon.name
|
|
|
|
|
instances.forgejo.name
|
2025-10-01 19:51:55 -05:00
|
|
|
];
|
|
|
|
|
|
|
|
|
|
system.activationScripts.postgresCommands = ''
|
|
|
|
|
chown -R ${service.name}:${service.name} ${service.paths.path0}
|
|
|
|
|
'';
|
|
|
|
|
}
|
