2024-06-19 11:35:49 -04:00
|
|
|
{ config, ... }:
|
|
|
|
|
{
|
|
|
|
|
users = {
|
|
|
|
|
users.postgres = {
|
|
|
|
|
isSystemUser = true;
|
|
|
|
|
group = "postgres";
|
|
|
|
|
uid = 999;
|
|
|
|
|
};
|
|
|
|
|
groups.postgres = {
|
|
|
|
|
gid = 999;
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
virtualisation.oci-containers.containers = {
|
|
|
|
|
postgres = {
|
|
|
|
|
image = "postgres:16";
|
|
|
|
|
ports = [ "5432:5432" ];
|
2024-06-19 17:54:17 -04:00
|
|
|
volumes = [ "/ZFS/media/databases/postgres:/var/lib/postgresql/data" ];
|
2024-06-19 11:35:49 -04:00
|
|
|
environment = {
|
|
|
|
|
POSTGRES_USER = "admin";
|
|
|
|
|
POSTGRES_DB = "archive";
|
|
|
|
|
POSTGRES_INITDB_ARGS = "--auth-host=scram-sha-256";
|
|
|
|
|
};
|
|
|
|
|
environmentFiles = [ config.sops.secrets."postgres".path ];
|
|
|
|
|
autoStart = true;
|
|
|
|
|
user = "postgres:postgres";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
sops = {
|
|
|
|
|
defaultSopsFile = ../secrets.yaml;
|
|
|
|
|
secrets."postgres".owner = "postgres";
|
|
|
|
|
};
|
|
|
|
|
}
|
