nix-dotfiles/systems/jeeves/docker/postgresql.nix

{ config, ... }:
{
  users = {
    users.postgres = {
      isSystemUser = true;
      group = "postgres";
      uid = 999;
    };
    groups.postgres = {
      gid = 999;
    };
  };

  virtualisation.oci-containers.containers = {
    postgres = {
      image = "postgres:16";
      ports = [ "5432:5432" ];
      volumes = [ "/zfs/media/databases/postgres:/var/lib/postgresql/data" ];
      environment = {
        POSTGRES_USER = "admin";
        POSTGRES_DB = "archive";
        POSTGRES_INITDB_ARGS = "--auth-host=scram-sha-256";
      };
      environmentFiles = [ config.sops.secrets."docker/postgres".path ];
      autoStart = true;
      user = "postgres:postgres";
    };
  };

  sops = {
    defaultSopsFile = ../secrets.yaml;
    secrets."docker/postgres".owner = "postgres";
  };
}
setting up postgres 2024-06-19 11:35:49 -04:00			`{ config, ... }:`
			`{`
			`users = {`
			`users.postgres = {`
			`isSystemUser = true;`
			`group = "postgres";`
			`uid = 999;`
			`};`
			`groups.postgres = {`
			`gid = 999;`
			`};`
			`};`

			`virtualisation.oci-containers.containers = {`
			`postgres = {`
			`image = "postgres:16";`
			`ports = [ "5432:5432" ];`
Moved media and torrenting to zfs dir 2024-06-20 21:53:44 -04:00			`volumes = [ "/zfs/media/databases/postgres:/var/lib/postgresql/data" ];`
setting up postgres 2024-06-19 11:35:49 -04:00			`environment = {`
			`POSTGRES_USER = "admin";`
			`POSTGRES_DB = "archive";`
			`POSTGRES_INITDB_ARGS = "--auth-host=scram-sha-256";`
			`};`
moving docker secrets to sops 2024-06-21 21:27:22 -04:00			`environmentFiles = [ config.sops.secrets."docker/postgres".path ];`
setting up postgres 2024-06-19 11:35:49 -04:00			`autoStart = true;`
			`user = "postgres:postgres";`
			`};`
			`};`

			`sops = {`
			`defaultSopsFile = ../secrets.yaml;`
moving docker secrets to sops 2024-06-21 21:27:22 -04:00			`secrets."docker/postgres".owner = "postgres";`
setting up postgres 2024-06-19 11:35:49 -04:00			`};`
			`}`