#
# System notifications
#
{ config, lib, pkgs, ... }:
{
services.postgresql = {
enable = true;
package = pkgs.postgresql_14;
settings = {
max_connections = 200;
listen_addresses = "localhost";
password_encryption = "scram-sha-256";
shared_buffers = "512MB";
work_mem = "8MB";
autovacuum_work_mem = -1;
min_wal_size = "1GB";
max_wal_size = "4GB";
log_timezone = "Europe/Berlin";
timezone = "Europe/Berlin";
};
authentication = pkgs.lib.mkOverride 14 ''
local all postgres peer
host giteadb gitea samehost scram-sha-256
host nextclouddb nextcloud samehost scram-sha-256
host synapsedb synapse_user samehost scram-sha-256
host whatsappdb mautrixwa samehost scram-sha-256
host telegramdb mautrixtele samehost scram-sha-256
host signaldb mautrixsignal samehost scram-sha-256
#host facebookdb mautrixfacebook samehost scram-sha-256
#host xmppdb ejabberd samehost scram-sha-256
#host prosodydb prosody samehost scram-sha-256
host keycloakdb keycloak samehost scram-sha-256
'';
ensureDatabases = [
"giteadb"
"nextclouddb"
"synapsedb"
"whatsappdb"
"telegramdb"
"signaldb"
"keycloakdb"
];
ensureUsers = [
{
name = "gitea";
ensurePermissions = {
"DATABASE giteadb" = "ALL PRIVILEGES";
};
}
{
name = "nextcloud";
ensurePermissions = {
"DATABASE nextclouddb" = "ALL PRIVILEGES";
};
}
{
name = "synapse";
ensurePermissions = {
"DATABASE synapsedb" = "ALL PRIVILEGES";
};
}
{
name = "mautrixwa";
ensurePermissions = {
"DATABASE whatsappdb" = "ALL PRIVILEGES";
};
}
{
name = "mautrixtele";
ensurePermissions = {
"DATABASE telegramdb" = "ALL PRIVILEGES";
};
}
{
name = "mautrixsignal";
ensurePermissions = {
"DATABASE signaldb" = "ALL PRIVILEGES";
};
}
{
name = "keycloak";
ensurePermissions = {
"DATABASE keycloakdb" = "ALL PRIVILEGES";
};
}
];
};
services.postgresqlBackup.enable = true;
}