···
{ config, lib, pkgs, ... }:
3
-
let cfg = config.services.hydron;
4
+
cfg = config.services.hydron;
5
+
postgres = config.services.postgresql;
options.services.hydron = {
enable = mkEnableOption "hydron";
···
30
+
password = mkOption {
33
+
example = "dumbpass";
34
+
description = "Password for the hydron database.";
37
+
passwordFile = mkOption {
39
+
default = "/run/keys/hydron-password-file";
40
+
example = "/home/okina/hydron/keys/pass";
41
+
description = "Password file for the hydron database.";
44
+
postgresArgs = mkOption {
46
+
description = "Postgresql connection arguments.";
49
+
"driver": "postgres",
50
+
"connection": "user=hydron password=dumbpass dbname=hydron sslmode=disable"
55
+
postgresArgsFile = mkOption {
57
+
default = "/run/keys/hydron-postgres-args";
58
+
example = "/home/okina/hydron/keys/postgres";
59
+
description = "Postgresql connection arguments file.";
listenAddress = mkOption {
type = types.nullOr types.str;
···
config = mkIf cfg.enable {
84
+
security.sudo.enable = cfg.enable;
85
+
services.postgresql.enable = cfg.enable;
86
+
services.hydron.passwordFile = mkDefault (pkgs.writeText "hydron-password-file" cfg.password);
87
+
services.hydron.postgresArgsFile = mkDefault (pkgs.writeText "hydron-postgres-args" cfg.postgresArgs);
88
+
services.hydron.postgresArgs = mkDefault ''
90
+
"driver": "postgres",
91
+
"connection": "user=hydron password=${cfg.password} dbname=hydron sslmode=disable"
systemd.services.hydron = {
52
-
after = [ "network.target" ];
97
+
after = [ "network.target" "postgresql.service" ];
wantedBy = [ "multi-user.target" ];
56
-
# Ensure folder exists and permissions are correct
57
-
mkdir -p ${escapeShellArg cfg.dataDir}/images
101
+
# Ensure folder exists or create it and permissions are correct
102
+
mkdir -p ${escapeShellArg cfg.dataDir}/{.hydron,images}
103
+
ln -sf ${escapeShellArg cfg.postgresArgsFile} ${escapeShellArg cfg.dataDir}/.hydron/db_conf.json
chmod 750 ${escapeShellArg cfg.dataDir}
chown -R hydron:hydron ${escapeShellArg cfg.dataDir}
107
+
# Ensure the database is correct or create it
108
+
${pkgs.sudo}/bin/sudo -u ${postgres.superUser} ${postgres.package}/bin/createuser \
109
+
-SDR hydron || true
110
+
${pkgs.sudo}/bin/sudo -u ${postgres.superUser} ${postgres.package}/bin/createdb \
111
+
-T template0 -E UTF8 -O hydron hydron || true
112
+
${pkgs.sudo}/bin/sudo -u hydron ${postgres.package}/bin/psql \
113
+
-c "ALTER ROLE hydron WITH PASSWORD '$(cat ${escapeShellArg cfg.passwordFile})';" || true
···
159
+
(mkRenamedOptionModule [ "services" "hydron" "baseDir" ] [ "services" "hydron" "dataDir" ])
meta.maintainers = with maintainers; [ chiiruno ];
pyrox.dev