2014-04-14 15:26:48 +01:00
|
|
|
|
{ config, lib, pkgs, ... }:
|
2009-12-03 12:20:24 +00:00
|
|
|
|
|
2014-04-14 15:26:48 +01:00
|
|
|
|
with lib;
|
2009-03-06 12:27:02 +00:00
|
|
|
|
|
2007-12-03 04:48:31 +00:00
|
|
|
|
let
|
|
|
|
|
|
|
2008-02-18 11:56:43 +00:00
|
|
|
|
cfg = config.services.postgresql;
|
|
|
|
|
|
|
2019-07-21 20:05:41 +01:00
|
|
|
|
postgresql =
|
|
|
|
|
|
if cfg.extraPlugins == []
|
|
|
|
|
|
then cfg.package
|
|
|
|
|
|
else cfg.package.withPackages (_: cfg.extraPlugins);
|
2008-02-18 11:56:43 +00:00
|
|
|
|
|
2009-12-02 17:18:25 +00:00
|
|
|
|
# The main PostgreSQL configuration file.
|
|
|
|
|
|
configFile = pkgs.writeText "postgresql.conf"
|
|
|
|
|
|
''
|
|
|
|
|
|
hba_file = '${pkgs.writeText "pg_hba.conf" cfg.authentication}'
|
|
|
|
|
|
ident_file = '${pkgs.writeText "pg_ident.conf" cfg.identMap}'
|
2013-07-14 03:57:50 +01:00
|
|
|
|
log_destination = 'stderr'
|
2017-05-12 19:54:13 +01:00
|
|
|
|
listen_addresses = '${if cfg.enableTCPIP then "*" else "localhost"}'
|
2013-11-27 11:36:32 +00:00
|
|
|
|
port = ${toString cfg.port}
|
2011-06-27 11:15:26 +01:00
|
|
|
|
${cfg.extraConfig}
|
2011-09-14 19:20:50 +01:00
|
|
|
|
'';
|
2009-12-02 17:18:25 +00:00
|
|
|
|
|
2007-12-03 04:48:31 +00:00
|
|
|
|
in
|
2008-02-18 11:56:43 +00:00
|
|
|
|
|
2009-07-15 12:19:11 +01:00
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
|
|
###### interface
|
2011-09-14 19:20:50 +01:00
|
|
|
|
|
2009-07-15 12:19:11 +01:00
|
|
|
|
options = {
|
2011-09-14 19:20:50 +01:00
|
|
|
|
|
2009-07-15 12:19:11 +01:00
|
|
|
|
services.postgresql = {
|
2011-09-14 19:20:50 +01:00
|
|
|
|
|
2009-07-15 12:19:11 +01:00
|
|
|
|
enable = mkOption {
|
2013-10-30 16:37:45 +00:00
|
|
|
|
type = types.bool;
|
2009-07-15 12:19:11 +01:00
|
|
|
|
default = false;
|
|
|
|
|
|
description = ''
|
|
|
|
|
|
Whether to run PostgreSQL.
|
|
|
|
|
|
'';
|
|
|
|
|
|
};
|
2011-09-14 19:20:50 +01:00
|
|
|
|
|
2012-08-15 22:01:19 +01:00
|
|
|
|
package = mkOption {
|
2014-02-27 12:22:04 +00:00
|
|
|
|
type = types.package;
|
2019-07-21 20:05:41 +01:00
|
|
|
|
example = literalExample "pkgs.postgresql_11";
|
2012-08-15 22:01:19 +01:00
|
|
|
|
description = ''
|
|
|
|
|
|
PostgreSQL package to use.
|
|
|
|
|
|
'';
|
|
|
|
|
|
};
|
|
|
|
|
|
|
2009-07-15 12:19:11 +01:00
|
|
|
|
port = mkOption {
|
2013-10-30 16:37:45 +00:00
|
|
|
|
type = types.int;
|
2013-11-27 11:36:32 +00:00
|
|
|
|
default = 5432;
|
2009-07-15 12:19:11 +01:00
|
|
|
|
description = ''
|
2013-11-27 11:36:32 +00:00
|
|
|
|
The port on which PostgreSQL listens.
|
2009-07-15 12:19:11 +01:00
|
|
|
|
'';
|
|
|
|
|
|
};
|
2011-09-14 19:20:50 +01:00
|
|
|
|
|
2009-07-15 12:19:11 +01:00
|
|
|
|
dataDir = mkOption {
|
2013-10-30 16:37:45 +00:00
|
|
|
|
type = types.path;
|
2019-07-21 20:05:41 +01:00
|
|
|
|
example = "/var/lib/postgresql/11";
|
2009-07-15 12:19:11 +01:00
|
|
|
|
description = ''
|
|
|
|
|
|
Data directory for PostgreSQL.
|
|
|
|
|
|
'';
|
|
|
|
|
|
};
|
2011-09-14 19:20:50 +01:00
|
|
|
|
|
2009-07-15 12:19:11 +01:00
|
|
|
|
authentication = mkOption {
|
2013-10-30 16:37:45 +00:00
|
|
|
|
type = types.lines;
|
2012-03-19 16:49:13 +00:00
|
|
|
|
default = "";
|
2009-07-15 12:19:11 +01:00
|
|
|
|
description = ''
|
2014-01-11 22:01:21 +00:00
|
|
|
|
Defines how users authenticate themselves to the server. By
|
|
|
|
|
|
default, "trust" access to local users will always be granted
|
|
|
|
|
|
along with any other custom options. If you do not want this,
|
2014-05-05 19:58:51 +01:00
|
|
|
|
set this option using "lib.mkForce" to override this
|
2014-01-11 22:01:21 +00:00
|
|
|
|
behaviour.
|
2009-07-15 12:19:11 +01:00
|
|
|
|
'';
|
|
|
|
|
|
};
|
2011-09-14 19:20:50 +01:00
|
|
|
|
|
2009-12-02 17:18:25 +00:00
|
|
|
|
identMap = mkOption {
|
2013-10-30 16:37:45 +00:00
|
|
|
|
type = types.lines;
|
2009-12-02 17:18:25 +00:00
|
|
|
|
default = "";
|
2009-07-15 12:19:11 +01:00
|
|
|
|
description = ''
|
2009-12-02 17:18:25 +00:00
|
|
|
|
Defines the mapping from system users to database users.
|
2019-09-05 02:36:19 +01:00
|
|
|
|
|
|
|
|
|
|
The general form is:
|
|
|
|
|
|
|
|
|
|
|
|
map-name system-username database-username
|
2009-07-15 12:19:11 +01:00
|
|
|
|
'';
|
|
|
|
|
|
};
|
2011-09-14 19:20:50 +01:00
|
|
|
|
|
2013-07-14 04:01:48 +01:00
|
|
|
|
initialScript = mkOption {
|
|
|
|
|
|
type = types.nullOr types.path;
|
2013-10-30 16:37:45 +00:00
|
|
|
|
default = null;
|
2013-07-14 04:01:48 +01:00
|
|
|
|
description = ''
|
|
|
|
|
|
A file containing SQL statements to execute on first startup.
|
|
|
|
|
|
'';
|
|
|
|
|
|
};
|
|
|
|
|
|
|
2019-02-25 02:33:16 +00:00
|
|
|
|
ensureDatabases = mkOption {
|
|
|
|
|
|
type = types.listOf types.str;
|
|
|
|
|
|
default = [];
|
|
|
|
|
|
description = ''
|
|
|
|
|
|
Ensures that the specified databases exist.
|
|
|
|
|
|
This option will never delete existing databases, especially not when the value of this
|
|
|
|
|
|
option is changed. This means that databases created once through this option or
|
|
|
|
|
|
otherwise have to be removed manually.
|
|
|
|
|
|
'';
|
|
|
|
|
|
example = [
|
|
|
|
|
|
"gitea"
|
|
|
|
|
|
"nextcloud"
|
|
|
|
|
|
];
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
ensureUsers = mkOption {
|
|
|
|
|
|
type = types.listOf (types.submodule {
|
|
|
|
|
|
options = {
|
|
|
|
|
|
name = mkOption {
|
|
|
|
|
|
type = types.str;
|
|
|
|
|
|
description = ''
|
|
|
|
|
|
Name of the user to ensure.
|
|
|
|
|
|
'';
|
|
|
|
|
|
};
|
|
|
|
|
|
ensurePermissions = mkOption {
|
|
|
|
|
|
type = types.attrsOf types.str;
|
|
|
|
|
|
default = {};
|
|
|
|
|
|
description = ''
|
|
|
|
|
|
Permissions to ensure for the user, specified as an attribute set.
|
|
|
|
|
|
The attribute names specify the database and tables to grant the permissions for.
|
|
|
|
|
|
The attribute values specify the permissions to grant. You may specify one or
|
|
|
|
|
|
multiple comma-separated SQL privileges here.
|
|
|
|
|
|
|
|
|
|
|
|
For more information on how to specify the target
|
|
|
|
|
|
and on which privileges exist, see the
|
|
|
|
|
|
<link xlink:href="https://www.postgresql.org/docs/current/sql-grant.html">GRANT syntax</link>.
|
|
|
|
|
|
The attributes are used as <code>GRANT ''${attrName} ON ''${attrValue}</code>.
|
|
|
|
|
|
'';
|
|
|
|
|
|
example = literalExample ''
|
|
|
|
|
|
{
|
|
|
|
|
|
"DATABASE nextcloud" = "ALL PRIVILEGES";
|
|
|
|
|
|
"ALL TABLES IN SCHEMA public" = "ALL PRIVILEGES";
|
|
|
|
|
|
}
|
|
|
|
|
|
'';
|
|
|
|
|
|
};
|
|
|
|
|
|
};
|
|
|
|
|
|
});
|
|
|
|
|
|
default = [];
|
|
|
|
|
|
description = ''
|
|
|
|
|
|
Ensures that the specified users exist and have at least the ensured permissions.
|
|
|
|
|
|
The PostgreSQL users will be identified using peer authentication. This authenticates the Unix user with the
|
|
|
|
|
|
same name only, and that without the need for a password.
|
|
|
|
|
|
This option will never delete existing users or remove permissions, especially not when the value of this
|
|
|
|
|
|
option is changed. This means that users created and permissions assigned once through this option or
|
|
|
|
|
|
otherwise have to be removed manually.
|
|
|
|
|
|
'';
|
|
|
|
|
|
example = literalExample ''
|
|
|
|
|
|
[
|
|
|
|
|
|
{
|
|
|
|
|
|
name = "nextcloud";
|
|
|
|
|
|
ensurePermissions = {
|
|
|
|
|
|
"DATABASE nextcloud" = "ALL PRIVILEGES";
|
|
|
|
|
|
};
|
|
|
|
|
|
}
|
|
|
|
|
|
{
|
|
|
|
|
|
name = "superuser";
|
|
|
|
|
|
ensurePermissions = {
|
|
|
|
|
|
"ALL TABLES IN SCHEMA public" = "ALL PRIVILEGES";
|
|
|
|
|
|
};
|
|
|
|
|
|
}
|
|
|
|
|
|
]
|
|
|
|
|
|
'';
|
|
|
|
|
|
};
|
|
|
|
|
|
|
2009-07-15 12:19:11 +01:00
|
|
|
|
enableTCPIP = mkOption {
|
2013-10-30 16:37:45 +00:00
|
|
|
|
type = types.bool;
|
2009-07-15 12:19:11 +01:00
|
|
|
|
default = false;
|
|
|
|
|
|
description = ''
|
2013-11-27 11:36:32 +00:00
|
|
|
|
Whether PostgreSQL should listen on all network interfaces.
|
|
|
|
|
|
If disabled, the database can only be accessed via its Unix
|
|
|
|
|
|
domain socket or via TCP connections to localhost.
|
2009-07-15 12:19:11 +01:00
|
|
|
|
'';
|
|
|
|
|
|
};
|
2010-05-09 21:42:00 +01:00
|
|
|
|
|
|
|
|
|
|
extraPlugins = mkOption {
|
2013-10-30 16:37:45 +00:00
|
|
|
|
type = types.listOf types.path;
|
2010-05-09 21:42:00 +01:00
|
|
|
|
default = [];
|
2019-07-21 20:05:41 +01:00
|
|
|
|
example = literalExample "with pkgs.postgresql_11.pkgs; [ postgis pg_repack ]";
|
2010-05-09 21:42:00 +01:00
|
|
|
|
description = ''
|
2019-07-21 20:05:41 +01:00
|
|
|
|
List of PostgreSQL plugins. PostgreSQL version for each plugin should
|
|
|
|
|
|
match version for <literal>services.postgresql.package</literal> value.
|
2010-05-09 21:42:00 +01:00
|
|
|
|
'';
|
|
|
|
|
|
};
|
2011-09-14 19:20:50 +01:00
|
|
|
|
|
2011-06-27 11:15:26 +01:00
|
|
|
|
extraConfig = mkOption {
|
2013-10-30 16:37:45 +00:00
|
|
|
|
type = types.lines;
|
2011-06-27 11:15:26 +01:00
|
|
|
|
default = "";
|
|
|
|
|
|
description = "Additional text to be appended to <filename>postgresql.conf</filename>.";
|
|
|
|
|
|
};
|
2013-07-14 04:04:10 +01:00
|
|
|
|
|
|
|
|
|
|
recoveryConfig = mkOption {
|
2013-10-30 16:37:45 +00:00
|
|
|
|
type = types.nullOr types.lines;
|
2013-07-14 04:04:10 +01:00
|
|
|
|
default = null;
|
|
|
|
|
|
description = ''
|
2013-10-30 16:37:45 +00:00
|
|
|
|
Contents of the <filename>recovery.conf</filename> file.
|
2013-07-14 04:04:10 +01:00
|
|
|
|
'';
|
|
|
|
|
|
};
|
2017-09-02 20:23:56 +01:00
|
|
|
|
superUser = mkOption {
|
|
|
|
|
|
type = types.str;
|
2018-07-25 21:22:54 +01:00
|
|
|
|
default= if versionAtLeast config.system.stateVersion "17.09" then "postgres" else "root";
|
2017-09-02 20:23:56 +01:00
|
|
|
|
internal = true;
|
|
|
|
|
|
description = ''
|
2017-11-13 21:22:35 +00:00
|
|
|
|
NixOS traditionally used 'root' as superuser, most other distros use 'postgres'.
|
2017-09-02 20:23:56 +01:00
|
|
|
|
From 17.09 we also try to follow this standard. Internal since changing this value
|
|
|
|
|
|
would lead to breakage while setting up databases.
|
|
|
|
|
|
'';
|
|
|
|
|
|
};
|
2009-07-15 12:19:11 +01:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
};
|
2008-02-18 11:56:43 +00:00
|
|
|
|
|
|
|
|
|
|
|
2009-07-15 12:19:11 +01:00
|
|
|
|
###### implementation
|
2011-09-14 19:20:50 +01:00
|
|
|
|
|
2009-07-15 12:19:11 +01:00
|
|
|
|
config = mkIf config.services.postgresql.enable {
|
|
|
|
|
|
|
2015-07-27 19:26:19 +01:00
|
|
|
|
services.postgresql.package =
|
|
|
|
|
|
# Note: when changing the default, make it conditional on
|
2018-07-25 21:22:54 +01:00
|
|
|
|
# ‘system.stateVersion’ to maintain compatibility with existing
|
2015-07-27 19:26:19 +01:00
|
|
|
|
# systems!
|
2018-10-23 17:22:14 +01:00
|
|
|
|
mkDefault (if versionAtLeast config.system.stateVersion "17.09" then pkgs.postgresql_9_6
|
|
|
|
|
|
else if versionAtLeast config.system.stateVersion "16.03" then pkgs.postgresql_9_5
|
2019-09-07 15:31:27 +01:00
|
|
|
|
else throw "postgresql_9_4 was removed, please upgrade your postgresql version.");
|
2017-05-30 21:05:39 +01:00
|
|
|
|
|
|
|
|
|
|
services.postgresql.dataDir =
|
2018-07-25 21:22:54 +01:00
|
|
|
|
mkDefault (if versionAtLeast config.system.stateVersion "17.09" then "/var/lib/postgresql/${config.services.postgresql.package.psqlSchema}"
|
2017-05-30 21:05:39 +01:00
|
|
|
|
else "/var/db/postgresql");
|
2015-07-27 19:26:19 +01:00
|
|
|
|
|
2015-07-01 12:46:38 +01:00
|
|
|
|
services.postgresql.authentication = mkAfter
|
2012-03-19 16:49:13 +00:00
|
|
|
|
''
|
|
|
|
|
|
# Generated file; do not edit!
|
2018-04-09 06:31:29 +01:00
|
|
|
|
local all all ident
|
2012-03-19 16:49:13 +00:00
|
|
|
|
host all all 127.0.0.1/32 md5
|
|
|
|
|
|
host all all ::1/128 md5
|
|
|
|
|
|
'';
|
2012-08-06 16:45:59 +01:00
|
|
|
|
|
2018-06-30 00:58:35 +01:00
|
|
|
|
users.users.postgres =
|
2009-03-06 12:27:02 +00:00
|
|
|
|
{ name = "postgres";
|
2013-08-23 10:33:24 +01:00
|
|
|
|
uid = config.ids.uids.postgres;
|
|
|
|
|
|
group = "postgres";
|
2009-03-06 12:27:02 +00:00
|
|
|
|
description = "PostgreSQL server user";
|
2018-09-26 12:11:28 +01:00
|
|
|
|
home = "${cfg.dataDir}";
|
|
|
|
|
|
useDefaultShell = true;
|
2009-07-15 12:19:11 +01:00
|
|
|
|
};
|
2009-03-06 12:27:02 +00:00
|
|
|
|
|
2018-06-30 00:58:35 +01:00
|
|
|
|
users.groups.postgres.gid = config.ids.gids.postgres;
|
2009-03-06 12:27:02 +00:00
|
|
|
|
|
2016-02-09 00:07:23 +00:00
|
|
|
|
environment.systemPackages = [ postgresql ];
|
2009-03-06 12:27:02 +00:00
|
|
|
|
|
2019-08-07 12:17:36 +01:00
|
|
|
|
environment.pathsToLink = [
|
|
|
|
|
|
"/share/postgresql"
|
|
|
|
|
|
];
|
|
|
|
|
|
|
2013-01-16 11:33:18 +00:00
|
|
|
|
systemd.services.postgresql =
|
2012-12-18 12:40:04 +00:00
|
|
|
|
{ description = "PostgreSQL Server";
|
2009-03-06 12:27:02 +00:00
|
|
|
|
|
2012-08-14 23:15:37 +01:00
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
2012-12-18 12:40:04 +00:00
|
|
|
|
after = [ "network.target" ];
|
2009-03-06 12:27:02 +00:00
|
|
|
|
|
2013-04-22 17:56:19 +01:00
|
|
|
|
environment.PGDATA = cfg.dataDir;
|
2009-11-06 22:56:47 +00:00
|
|
|
|
|
2016-02-09 00:07:23 +00:00
|
|
|
|
path = [ postgresql ];
|
2012-03-19 16:49:13 +00:00
|
|
|
|
|
2009-10-12 18:09:38 +01:00
|
|
|
|
preStart =
|
|
|
|
|
|
''
|
2016-02-09 00:07:23 +00:00
|
|
|
|
# Create data directory.
|
2015-07-02 08:08:02 +01:00
|
|
|
|
if ! test -e ${cfg.dataDir}/PG_VERSION; then
|
2016-02-09 00:07:23 +00:00
|
|
|
|
mkdir -m 0700 -p ${cfg.dataDir}
|
|
|
|
|
|
rm -f ${cfg.dataDir}/*.conf
|
|
|
|
|
|
chown -R postgres:postgres ${cfg.dataDir}
|
2009-03-06 12:27:02 +00:00
|
|
|
|
fi
|
2016-02-09 00:07:23 +00:00
|
|
|
|
''; # */
|
2009-12-02 17:18:25 +00:00
|
|
|
|
|
2016-02-09 00:07:23 +00:00
|
|
|
|
script =
|
|
|
|
|
|
''
|
|
|
|
|
|
# Initialise the database.
|
|
|
|
|
|
if ! test -e ${cfg.dataDir}/PG_VERSION; then
|
2017-09-02 20:23:56 +01:00
|
|
|
|
initdb -U ${cfg.superUser}
|
2016-02-09 00:07:23 +00:00
|
|
|
|
# See postStart!
|
|
|
|
|
|
touch "${cfg.dataDir}/.first_startup"
|
|
|
|
|
|
fi
|
2013-07-14 04:04:10 +01:00
|
|
|
|
ln -sfn "${configFile}" "${cfg.dataDir}/postgresql.conf"
|
|
|
|
|
|
${optionalString (cfg.recoveryConfig != null) ''
|
|
|
|
|
|
ln -sfn "${pkgs.writeText "recovery.conf" cfg.recoveryConfig}" \
|
|
|
|
|
|
"${cfg.dataDir}/recovery.conf"
|
|
|
|
|
|
''}
|
2016-02-09 00:07:23 +00:00
|
|
|
|
|
2017-05-12 19:54:13 +01:00
|
|
|
|
exec postgres
|
2016-02-09 00:07:23 +00:00
|
|
|
|
'';
|
2009-11-06 23:37:31 +00:00
|
|
|
|
|
2012-08-06 16:45:59 +01:00
|
|
|
|
serviceConfig =
|
2016-02-09 00:07:23 +00:00
|
|
|
|
{ ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
2012-10-01 21:47:54 +01:00
|
|
|
|
User = "postgres";
|
|
|
|
|
|
Group = "postgres";
|
|
|
|
|
|
PermissionsStartOnly = true;
|
2019-03-15 03:52:35 +00:00
|
|
|
|
RuntimeDirectory = "postgresql";
|
2018-11-27 19:16:21 +00:00
|
|
|
|
Type = if lib.versionAtLeast cfg.package.version "9.6"
|
|
|
|
|
|
then "notify"
|
|
|
|
|
|
else "simple";
|
2012-10-01 21:47:54 +01:00
|
|
|
|
|
|
|
|
|
|
# Shut down Postgres using SIGINT ("Fast Shutdown mode"). See
|
2012-04-30 19:15:32 +01:00
|
|
|
|
# http://www.postgresql.org/docs/current/static/server-shutdown.html
|
2012-10-01 21:27:42 +01:00
|
|
|
|
KillSignal = "SIGINT";
|
2014-04-18 16:32:24 +01:00
|
|
|
|
KillMode = "mixed";
|
2012-04-30 19:15:32 +01:00
|
|
|
|
|
2012-03-19 16:49:13 +00:00
|
|
|
|
# Give Postgres a decent amount of time to clean up after
|
2012-08-06 16:45:59 +01:00
|
|
|
|
# receiving systemd's SIGINT.
|
2013-05-07 13:59:08 +01:00
|
|
|
|
TimeoutSec = 120;
|
2012-10-01 21:27:42 +01:00
|
|
|
|
};
|
2012-10-01 21:47:54 +01:00
|
|
|
|
|
|
|
|
|
|
# Wait for PostgreSQL to be ready to accept connections.
|
|
|
|
|
|
postStart =
|
|
|
|
|
|
''
|
2019-02-25 02:33:16 +00:00
|
|
|
|
PSQL="${pkgs.sudo}/bin/sudo -u ${cfg.superUser} psql --port=${toString cfg.port}"
|
|
|
|
|
|
|
|
|
|
|
|
while ! $PSQL -d postgres -c "" 2> /dev/null; do
|
2012-12-19 11:59:28 +00:00
|
|
|
|
if ! kill -0 "$MAINPID"; then exit 1; fi
|
2012-10-01 22:32:03 +01:00
|
|
|
|
sleep 0.1
|
2012-10-01 21:47:54 +01:00
|
|
|
|
done
|
2013-07-14 04:01:48 +01:00
|
|
|
|
|
|
|
|
|
|
if test -e "${cfg.dataDir}/.first_startup"; then
|
|
|
|
|
|
${optionalString (cfg.initialScript != null) ''
|
2019-02-25 02:33:16 +00:00
|
|
|
|
$PSQL -f "${cfg.initialScript}" -d postgres
|
2013-07-14 04:01:48 +01:00
|
|
|
|
''}
|
|
|
|
|
|
rm -f "${cfg.dataDir}/.first_startup"
|
|
|
|
|
|
fi
|
2019-02-25 02:33:16 +00:00
|
|
|
|
'' + optionalString (cfg.ensureDatabases != []) ''
|
|
|
|
|
|
${concatMapStrings (database: ''
|
2019-08-09 20:08:42 +01:00
|
|
|
|
$PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = '${database}'" | grep -q 1 || $PSQL -tAc 'CREATE DATABASE "${database}"'
|
2019-02-25 02:33:16 +00:00
|
|
|
|
'') cfg.ensureDatabases}
|
|
|
|
|
|
'' + ''
|
|
|
|
|
|
${concatMapStrings (user: ''
|
|
|
|
|
|
$PSQL -tAc "SELECT 1 FROM pg_roles WHERE rolname='${user.name}'" | grep -q 1 || $PSQL -tAc "CREATE USER ${user.name}"
|
|
|
|
|
|
${concatStringsSep "\n" (mapAttrsToList (database: permission: ''
|
2019-08-09 20:08:42 +01:00
|
|
|
|
$PSQL -tAc 'GRANT ${permission} ON ${database} TO ${user.name}'
|
2019-02-25 02:33:16 +00:00
|
|
|
|
'') user.ensurePermissions)}
|
|
|
|
|
|
'') cfg.ensureUsers}
|
2012-10-01 21:47:54 +01:00
|
|
|
|
'';
|
2012-10-01 21:53:13 +01:00
|
|
|
|
|
|
|
|
|
|
unitConfig.RequiresMountsFor = "${cfg.dataDir}";
|
2009-10-12 18:09:38 +01:00
|
|
|
|
};
|
2009-07-15 12:19:11 +01:00
|
|
|
|
|
2009-03-06 12:27:02 +00:00
|
|
|
|
};
|
2011-09-14 19:20:50 +01:00
|
|
|
|
|
2016-05-09 06:53:27 +01:00
|
|
|
|
meta.doc = ./postgresql.xml;
|
2018-11-02 18:31:20 +00:00
|
|
|
|
meta.maintainers = with lib.maintainers; [ thoughtpolice ];
|
2007-12-03 04:48:31 +00:00
|
|
|
|
}
|
