2024-06-19 11:35:49 -04:00
|
|
|
{ config, ... }:
|
2024-06-27 21:38:29 -04:00
|
|
|
let
|
|
|
|
|
vars = import ../vars.nix;
|
|
|
|
|
in
|
2024-06-19 11:35:49 -04:00
|
|
|
{
|
|
|
|
|
users = {
|
|
|
|
|
users.postgres = {
|
|
|
|
|
isSystemUser = true;
|
|
|
|
|
group = "postgres";
|
|
|
|
|
uid = 999;
|
|
|
|
|
};
|
|
|
|
|
groups.postgres = {
|
|
|
|
|
gid = 999;
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
virtualisation.oci-containers.containers = {
|
|
|
|
|
postgres = {
|
|
|
|
|
image = "postgres:16";
|
|
|
|
|
ports = [ "5432:5432" ];
|
2024-06-27 21:38:29 -04:00
|
|
|
volumes = [ "${vars.media_database}/postgres:/var/lib/postgresql/data" ];
|
2024-06-19 11:35:49 -04:00
|
|
|
environment = {
|
|
|
|
|
POSTGRES_USER = "admin";
|
|
|
|
|
POSTGRES_DB = "archive";
|
|
|
|
|
POSTGRES_INITDB_ARGS = "--auth-host=scram-sha-256";
|
|
|
|
|
};
|
2024-06-21 21:27:22 -04:00
|
|
|
environmentFiles = [ config.sops.secrets."docker/postgres".path ];
|
2024-06-19 11:35:49 -04:00
|
|
|
autoStart = true;
|
|
|
|
|
user = "postgres:postgres";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
sops = {
|
|
|
|
|
defaultSopsFile = ../secrets.yaml;
|
2024-06-21 21:27:22 -04:00
|
|
|
secrets."docker/postgres".owner = "postgres";
|
2024-06-19 11:35:49 -04:00
|
|
|
};
|
|
|
|
|
}
|
