37 lines
629 B
Nix
37 lines
629 B
Nix
{ pkgs, ... }:
|
|
|
|
{
|
|
services.postgresql = {
|
|
enable = true;
|
|
package = pkgs.postgresql_15;
|
|
|
|
enableTCPIP = true;
|
|
|
|
settings = {
|
|
full_page_writes = "off";
|
|
wal_init_zero = "off";
|
|
wal_recycle = "off";
|
|
};
|
|
|
|
ensureDatabases = [
|
|
"attic"
|
|
];
|
|
|
|
ensureUsers = [
|
|
{
|
|
name = "attic";
|
|
ensurePermissions = {
|
|
"DATABASE attic" = "ALL PRIVILEGES";
|
|
};
|
|
}
|
|
];
|
|
|
|
authentication = ''
|
|
host all all 100.113.242.85/32 md5
|
|
host all all 10.88.0.0/16 md5
|
|
'';
|
|
};
|
|
|
|
networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ 5432 ];
|
|
}
|