21 lines
601 B
Nix
21 lines
601 B
Nix
{ config, pkgs, ... }: {
|
|
imports = [ ../../common ../../common/lxc.nix ];
|
|
networking.hostName = "postgres";
|
|
system.stateVersion = "21.11";
|
|
|
|
networking.firewall.enable = true;
|
|
networking.firewall.allowedTCPPorts = [ 5432 ];
|
|
|
|
services.postgresql = {
|
|
enable = true;
|
|
# yes scuffed, but technically lxd can do whatever with the ip's it gives
|
|
authentication = "host all all 10.0.0.0/24 trust";
|
|
ensureDatabases = [ "gitea" ];
|
|
ensureUsers = [{
|
|
name = "gitea";
|
|
ensurePermissions = { "DATABASE \"gitea\"" = "ALL PRIVILEGES"; };
|
|
}];
|
|
enableTCPIP = true;
|
|
};
|
|
}
|