2025-09-16 16:17:17 -03:00
|
|
|
{
|
|
|
|
|
config,
|
|
|
|
|
lib,
|
|
|
|
|
...
|
|
|
|
|
}: let
|
|
|
|
|
cfg = config.services.postgresql;
|
|
|
|
|
in {
|
|
|
|
|
services.postgresql = {
|
2025-11-30 20:39:31 -03:00
|
|
|
enable = true;
|
|
|
|
|
enableTCPIP = true;
|
2025-09-16 16:17:17 -03:00
|
|
|
authentication = lib.mkForce ''
|
|
|
|
|
#type database DBuser origin-address auth-method
|
|
|
|
|
local all all trust
|
|
|
|
|
# ipv4
|
2025-11-30 20:39:31 -03:00
|
|
|
host all all 127.0.0.1/32 trust
|
2025-09-16 16:17:17 -03:00
|
|
|
# ipv6
|
|
|
|
|
host all all ::1/128 trust
|
|
|
|
|
'';
|
|
|
|
|
ensureDatabases = [
|
2025-09-17 22:26:29 -03:00
|
|
|
"forgejo"
|
2025-09-16 16:17:17 -03:00
|
|
|
"nextcloud"
|
|
|
|
|
];
|
|
|
|
|
ensureUsers = [
|
2025-09-17 22:26:29 -03:00
|
|
|
{
|
|
|
|
|
name = "forgejo";
|
|
|
|
|
ensureDBOwnership = true;
|
|
|
|
|
}
|
2025-09-16 16:17:17 -03:00
|
|
|
{
|
|
|
|
|
name = "nextcloud";
|
|
|
|
|
ensureDBOwnership = true;
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
settings = {
|
|
|
|
|
port = 3245;
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services.caddy.virtualHosts = {
|
|
|
|
|
"db.local".extraConfig = ''
|
|
|
|
|
reverse_proxy http://localhost:${toString cfg.settings.port}
|
|
|
|
|
tls internal
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
}
|
