21 lines
601 B
Nix
21 lines
601 B
Nix
|
{ config, pkgs, ... }: {
|
||
|
imports = [ ../../common ../../common/lxc.nix ];
|
||
|
networking.hostName = "postgres";
|
||
|
system.stateVersion = "21.11";
|
||
|
|
||
|
networking.firewall.enable = true;
|
||
|
networking.firewall.allowedTCPPorts = [ 5432 ];
|
||
|
|
||
|
services.postgresql = {
|
||
|
enable = true;
|
||
|
# yes scuffed, but technically lxd can do whatever with the ip's it gives
|
||
|
authentication = "host all all 10.0.0.0/24 trust";
|
||
|
ensureDatabases = [ "gitea" ];
|
||
|
ensureUsers = [{
|
||
|
name = "gitea";
|
||
|
ensurePermissions = { "DATABASE \"gitea\"" = "ALL PRIVILEGES"; };
|
||
|
}];
|
||
|
enableTCPIP = true;
|
||
|
};
|
||
|
}
|