36 lines
935 B
Nix
36 lines
935 B
Nix
|
{
|
||
|
|
self,
|
||
|
|
hostPath,
|
||
|
|
...
|
||
|
|
}: let
|
||
|
|
wireguardData = import "${self}/data/wireguard/chaosInternalWireGuard.nix";
|
||
|
|
wireguardHosts = wireguardData.hosts;
|
||
|
|
|
||
|
|
localContainersAddresses = import "${hostPath}/data/containerAddresses.nix";
|
||
|
|
in {
|
||
|
|
services.postgresql = {
|
||
|
|
enable = true;
|
||
|
|
enableTCPIP = true;
|
||
|
|
ensureDatabases = [
|
||
|
|
"gotosocial"
|
||
|
|
"quassel"
|
||
|
|
];
|
||
|
|
ensureUsers = [
|
||
|
|
{
|
||
|
|
name = "gotosocial";
|
||
|
|
ensurePermissions."DATABASE gotosocial" = "ALL PRIVILEGES";
|
||
|
|
}
|
||
|
|
{
|
||
|
|
name = "quassel";
|
||
|
|
ensurePermissions."DATABASE quassel" = "ALL PRIVILEGES";
|
||
|
|
}
|
||
|
|
];
|
||
|
|
# If the host is a local container then use the container's IP
|
||
|
|
# otherwise use the host's IP
|
||
|
|
authentication = ''
|
||
|
|
host gotosocial gotosocial ${localContainersAddresses.containers."social"}/32 trust
|
||
|
|
host quassel quassel ${localContainersAddresses.containers."quassel"}/32 trust
|
||
|
|
'';
|
||
|
|
};
|
||
|
|
}
|