51 lines
1.8 KiB
Nix
51 lines
1.8 KiB
Nix
{ lib, pkgs, ... }:
|
|
|
|
{
|
|
services.postgresql = {
|
|
enable = true;
|
|
settings = {
|
|
# Set hashing algorithm
|
|
password_encryption = "scram-sha-256";
|
|
|
|
# Replication conf
|
|
wal_level = "logical";
|
|
max_wal_senders = "5";
|
|
max_replication_slots = "5";
|
|
};
|
|
|
|
# Allow root to log in as postgres in the DB (for the PowerDNS container)
|
|
# identMap = ''
|
|
# postgres root postgres
|
|
# '';
|
|
|
|
# authentication = lib.mkForce ''
|
|
# # TYPE DATABASE USER ADDRESS AUTH-METHOD [auth-options]
|
|
# # host hexname-backend hexname-backend 127.0.0.1/24 scram-sha-256
|
|
# # host postgres postgres 127.0.0.1/24 scram-sha-256
|
|
# host all all 127.0.0.1/24 scram-sha-256
|
|
# # host all powerdns-user 127.0.0.1/24 scram-sha-256
|
|
# # local all root trust
|
|
# '';
|
|
|
|
# This password is only the initial one - don't get too excited
|
|
initialScript = "/etc/env/hexname/init-db-dns.sql";
|
|
# initialScript = pkgs.writeText "set-initial-password-script" ''
|
|
# CREATE USER powerdns WITH PASSWORD 'shuaze-gagyof';
|
|
# CREATE USER hexname_backend WITH PASSWORD 'shuaze-gagyof2' CREATEDB;
|
|
# CREATE USER replication_user SUPERUSER WITH PASSWORD 'shuaze-gagyof3';
|
|
|
|
# CREATE DATABASE powerdns OWNER "powerdns";
|
|
# CREATE DATABASE hexname_backend OWNER "hexname-backend";
|
|
# CREATE DATABASE hexname_backend OWNER "hexname-backend";
|
|
|
|
# \c powerdns;
|
|
# CREATE PUBLICATION powerdns_pub FOR ALL TABLES;
|
|
|
|
# CREATE SUBSCRIPTION hexname_ns2
|
|
# CONNECTION 'host=publisher_ip_address port=5432 user=replication_user password=' ' dbname=powerdns'
|
|
# PUBLICATION powerdns_pub;
|
|
# '';
|
|
# ALTER USER "postgres" WITH PASSWORD 'shuaze-gagyof';
|
|
};
|
|
}
|
|
|