add database host

2022-10-01 14:43:26 +02:00 · 2022-10-01 14:43:26 +02:00 · 01e86c277b
commit 01e86c277b
parent b30161c739
5 changed files with 58 additions and 22 deletions
--- a/nixos/hosts/hades/database/configuration.nix
+++ b/nixos/hosts/hades/database/configuration.nix
@ -0,0 +1,35 @@
+{ config, pkgs, ... }:
+let vs = config.vault-secrets.secrets;
+in {
+  networking.interfaces.eth0.useDHCP = true;
+
+  networking.firewall.allowedTCPPorts = [ config.services.postgresql.port ];
+
+  vault-secrets.secrets.database = {
+    user = "postgres";
+    group = "postgres";
+  };
+
+  services.postgresql = {
+    enable = true;
+    package = pkgs.postgresql_13;
+    enableTCPIP = true;
+    extraPlugins = [ ];
+    initdbArgs = [
+      "--encoding 'UTF-8'"
+      "--lc-collate='en_US.UTF-8'"
+      "--lc-ctype='en_US.UTF-8'"
+    ];
+    authentication = ''
+      host all all 192.168.0.1/23 md5
+      host all all  10.10.10.0/24 md5
+    '';
+    initialScript = "${vs.database}/initialScript";
+    settings = {
+      shared_preload_libraries = "pg_stat_statements";
+      "pg_stat_statements.track" = "all";
+      "pg_stat_statements.max" = 10000;
+      track_activity_query_size = 2048;
+    };
+  };
+}