{ self, hostPath, ... }: let wireguardData = import "${self}/data/wireguard/chaosInternalWireGuard.nix"; wireguardHosts = wireguardData.hosts; localContainersAddresses = import "${hostPath}/data/containerAddresses.nix"; in { services.postgresql = { enable = true; enableTCPIP = true; ensureDatabases = [ "piped" "gotosocial" "quassel" "roundcube" ]; ensureUsers = [ { name = "piped"; ensurePermissions."DATABASE piped" = "ALL PRIVILEGES"; } { name = "gotosocial"; ensurePermissions."DATABASE gotosocial" = "ALL PRIVILEGES"; } { name = "quassel"; ensurePermissions."DATABASE quassel" = "ALL PRIVILEGES"; } { name = "roundcube"; ensurePermissions."DATABASE roundcube" = "ALL PRIVILEGES"; } ]; # If the host is a local container then use the container's IP # otherwise use the host's IP authentication = '' host piped piped ${localContainersAddresses.containers."piped-fi"}/32 trust host piped piped ${wireguardHosts."raspberry".ip}/32 trust host gotosocial gotosocial ${localContainersAddresses.containers."social"}/32 trust host quassel quassel ${localContainersAddresses.containers."quassel"}/32 trust host roundcube roundcube ${localContainersAddresses.containers."roundcube"}/32 trust ''; }; }