# # System notifications # { config, lib, pkgs, ... }: { services.postgresql = { enable = true; package = pkgs.postgresql_14; settings = { max_connections = 200; listen_addresses = 'localhost'; password_encryption = scram-sha-256; shared_buffers = 512MB; work_mem = 8MB; autovacuum_work_mem = -1; min_wal_size = 1GB; max_wal_size = 4GB; log_timezone = 'Europe/Berlin'; timezone = 'Europe/Berlin'; datestyle = 'iso, dmy'; }; authentication = pkgs.lib.mkOverride 14 '' local all postgres peer host giteadb gitea samehost scram-sha-256 host nextclouddb nextcloud samehost scram-sha-256 host synapsedb synapse_user samehost scram-sha-256 host whatsappdb mautrixwa samehost scram-sha-256 host telegramdb mautrixtele samehost scram-sha-256 host signaldb mautrixsignal samehost scram-sha-256 #host facebookdb mautrixfacebook samehost scram-sha-256 #host xmppdb ejabberd samehost scram-sha-256 #host prosodydb prosody samehost scram-sha-256 host keycloakdb keycloak samehost scram-sha-256 '' ensureDatabases = [ "giteadb" "nextclouddb" "synapsedb" "whatsappdb" "telegramdb" "signaldb" "keycloakdb" ] ensureUsers = [ { name = "gitea"; ensurePermissions = { "DATABASE giteadb" = "ALL PRIVILEGES"; }; }; { name = "nextcloud"; ensurePermissions = { "DATABASE nextclouddb" = "ALL PRIVILEGES"; }; }; { name = "synapse"; ensurePermissions = { "DATABASE synapsedb" = "ALL PRIVILEGES"; }; }; { name = "mautrixwa"; ensurePermissions = { "DATABASE whatsappdb" = "ALL PRIVILEGES"; }; }; { name = "mautrixtele"; ensurePermissions = { "DATABASE telegramdb" = "ALL PRIVILEGES"; }; }; { name = "mautrixsignal"; ensurePermissions = { "DATABASE signaldb" = "ALL PRIVILEGES"; }; }; { name = "keycloak"; ensurePermissions = { "DATABASE keycloakdb" = "ALL PRIVILEGES"; }; }; ] }; services.postgreqlBackup.enable = true; }