Add synapse user and database

2024-09-20 03:40:29 +05:00 · 2023-08-19 09:39:02 +05:00 · 2023-08-19 09:39:02 +05:00 · 3b93b3006b
parent 8037006825
commit 3b93b3006b
2 changed files with 21 additions and 6 deletions
--- a/nixos/programs/postgres.nix
+++ b/nixos/programs/postgres.nix
@ -3,27 +3,35 @@
  config.services.postgresql = {
    enable = true;
    package = pkgs.postgresql_15;
-    ensureDatabases = [ "mastodon" "synapse" "nextcloud" ];
+    ensureDatabases = [ "mastodon" "matrix-synapse" "nextcloud" ];
    ensureUsers = [
      {
        name = "mastodon";
        ensurePermissions = {
          "DATABASE mastodon" = "ALL PRIVILEGES";
        };
-        ensureClauses = {
+        ensureClauses.login = true;
          login = true;
        };
      }
      {
        name = "nextcloud";
        ensurePermissions = {
          "DATABASE nextcloud" = "ALL PRIVILEGES";
        };
-        ensureClauses = {
+        ensureClauses.login = true;
-          login = true;
+      }
      {
        name = "matrix-synapse";
        ensurePermissions = {
          "DATABASE \"matrix-synapse\"" = "ALL PRIVILEGES";
        };
        ensureClauses.login = true;
      }
    ];
    initialScript = pkgs.writeText "pg-init.sql" ''
      ALTER DATABASE nextcloud OWNER TO nextcloud;
      ALTER DATABASE mastodon OWNER TO mastodon;
      ALTER DATABASE "matrix-synapse" OWNER TO "matrix-synapse";
    '';
    identMap = ''
       # ArbitraryMapName systemUser DBUser
       superuser_map      root       postgres
--- a/nixos/users.nix
+++ b/nixos/users.nix
@ -20,6 +20,10 @@
      isSystemUser = true;
      group = "photoprism";
    };
    matrix-synapse = {
      isSystemUser = true;
      group = "matrix-synapse";
    };
  };
  users.groups = {
@ -32,5 +36,8 @@
    photoprism = {
      members = [ "photoprism" config.services.nginx.user ];
    };
    matrix-synapse = {
      members = [ "matrix-synapse" config.services.nginx.user ];
    };
  };
 }