sam
/
nixos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

small modification to postgres container

This commit is contained in:
Sam 2024-10-12 00:19:24 +01:00
parent 2005bc293f
commit 2793c3cfe0
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
hosts/common/optional/nixos-containers/postgres.nix
View File

@ -10,6 +10,7 @@
pubKeys = lib.filesystem.listFilesRecursive ../../users/keys; pubKeys = lib.filesystem.listFilesRecursive ../../users/keys;
containerName = "postgres"; containerName = "postgres";
containerIp = configVars.networking.addresses.postgres.ip; containerIp = configVars.networking.addresses.postgres.ip;
subnetIp = configVars.networking.addresses.subnet.ip;
gatewayIp = configVars.networking.addresses.gateway.ip; gatewayIp = configVars.networking.addresses.gateway.ip;
in { in {
sops.secrets = { sops.secrets = {
@ -73,6 +74,7 @@ in {
enableJIT = true; enableJIT = true;
package = pkgs.postgresql_16; package = pkgs.postgresql_16;
extraPlugins = with pkgs.postgresql_16.pkgs; [ postgis ]; extraPlugins = with pkgs.postgresql_16.pkgs; [ postgis ];
enableTCPIP = true;
settings = { settings = {
max_worker_processes = "12"; max_worker_processes = "12";
max_parallel_workers = "8"; max_parallel_workers = "8";
@ -84,8 +86,11 @@ in {
maintenance_work_mem = "64MB"; maintenance_work_mem = "64MB";
}; };
authentication = pkgs.lib.mkOverride 10 '' authentication = pkgs.lib.mkOverride 10 ''
#type database DBuser auth-method #type database DBuser origin-address auth-method
local all all trust local all postgres peer
host all all ${subnetIp}/24 scram-sha-256
local replication all peer
host replication all 127.0.0.1/32 scram-sha-256
''; '';
}; };