39 lines
964 B
Nix
39 lines
964 B
Nix
{ config, pkgs, ... }:
|
|
let vs = config.vault-secrets.secrets;
|
|
in {
|
|
|
|
system.stateVersion = "21.05";
|
|
networking.interfaces.eth0.useDHCP = true;
|
|
|
|
networking.firewall.allowedTCPPorts = [ config.services.postgresql.port ];
|
|
|
|
vault-secrets.secrets.database = {
|
|
user = "postgres";
|
|
group = "postgres";
|
|
services = [ "postgresql" ];
|
|
};
|
|
|
|
services.postgresql = {
|
|
enable = true;
|
|
package = pkgs.postgresql_13;
|
|
enableTCPIP = true;
|
|
extraPlugins = [ ];
|
|
initdbArgs = [
|
|
"--encoding 'UTF-8'"
|
|
"--lc-collate='en_US.UTF-8'"
|
|
"--lc-ctype='en_US.UTF-8'"
|
|
];
|
|
authentication = ''
|
|
host all all 192.168.0.1/23 md5
|
|
host all all 10.10.10.0/24 md5
|
|
'';
|
|
initialScript = "${vs.database}/initialScript";
|
|
settings = {
|
|
shared_preload_libraries = "pg_stat_statements";
|
|
"pg_stat_statements.track" = "all";
|
|
"pg_stat_statements.max" = 10000;
|
|
track_activity_query_size = 2048;
|
|
};
|
|
};
|
|
}
|