phfroidmont/self-hosting
1
0
Fork 0
mirror of https://github.com/phfroidmont/self-hosting.git synced 2025-12-25 05:36:59 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update PostgreSQL to 15

Browse source
This commit is contained in:
Paul-Henri Froidmont 2023-09-30 02:31:28 +02:00
parent 68369de7b7
commit c513a7a0f4
Signed by: phfroidmont
GPG key ID: BE948AFD7E7873BE
2 changed files with 44 additions and 48 deletions
Download patch file Download diff file Expand all files Collapse all files

84
modules/postgresql.nix
View file

@ -1,9 +1,8 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }: {
{
services.postgresql = { services.postgresql = {
enable = true; enable = true;
package = pkgs.postgresql_12; package = pkgs.postgresql_15;
enableTCPIP = true; enableTCPIP = true;
identMap = '' identMap = ''
root_as_others root postgres root_as_others root postgres
@ -42,50 +41,47 @@
}; };
}; };
systemd.services.postgresql-setup = let pgsql = config.services.postgresql; in systemd.services.postgresql-setup = let pgsql = config.services.postgresql;
{ in {
after = [ "postgresql.service" ]; after = [ "postgresql.service" ];
bindsTo = [ "postgresql.service" ]; bindsTo = [ "postgresql.service" ];
wantedBy = [ "postgresql.service" ]; wantedBy = [ "postgresql.service" ];
path = [ path = [ pgsql.package pkgs.util-linux ];
pgsql.package script = ''
pkgs.util-linux set -u
]; PSQL() {
script = '' psql --port=${toString pgsql.port} "$@"
set -u }
PSQL() {
psql --port=${toString pgsql.port} "$@"
}
PSQL -tAc "SELECT 1 FROM pg_roles WHERE rolname = 'synapse'" | grep -q 1 || PSQL -tAc 'CREATE ROLE "synapse"' PSQL -tAc "SELECT 1 FROM pg_roles WHERE rolname = 'synapse'" | grep -q 1 || PSQL -tAc 'CREATE ROLE "synapse"'
PSQL -tAc "SELECT 1 FROM pg_roles WHERE rolname = 'nextcloud'" | grep -q 1 || PSQL -tAc 'CREATE ROLE "nextcloud"' PSQL -tAc "SELECT 1 FROM pg_roles WHERE rolname = 'nextcloud'" | grep -q 1 || PSQL -tAc 'CREATE ROLE "nextcloud"'
PSQL -tAc "SELECT 1 FROM pg_roles WHERE rolname = 'roundcube'" | grep -q 1 || PSQL -tAc 'CREATE ROLE "roundcube"' PSQL -tAc "SELECT 1 FROM pg_roles WHERE rolname = 'roundcube'" | grep -q 1 || PSQL -tAc 'CREATE ROLE "roundcube"'
PSQL -tAc "SELECT 1 FROM pg_roles WHERE rolname = 'mastodon'" | grep -q 1 || PSQL -tAc 'CREATE ROLE "mastodon"' PSQL -tAc "SELECT 1 FROM pg_roles WHERE rolname = 'mastodon'" | grep -q 1 || PSQL -tAc 'CREATE ROLE "mastodon"'
PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = 'synapse'" | grep -q 1 || PSQL -tAc 'CREATE DATABASE "synapse" OWNER "synapse" TEMPLATE template0 LC_COLLATE = "C" LC_CTYPE = "C"'
PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = 'nextcloud'" | grep -q 1 || PSQL -tAc 'CREATE DATABASE "nextcloud" OWNER "nextcloud"'
PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = 'roundcube'" | grep -q 1 || PSQL -tAc 'CREATE DATABASE "roundcube" OWNER "roundcube"'
PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = 'mastodon'" | grep -q 1 || PSQL -tAc 'CREATE DATABASE "mastodon" OWNER "mastodon"'
PSQL -tAc "ALTER ROLE synapse LOGIN" PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = 'synapse'" | grep -q 1 || PSQL -tAc 'CREATE DATABASE "synapse" OWNER "synapse" TEMPLATE template0 LC_COLLATE = "C" LC_CTYPE = "C"'
PSQL -tAc "ALTER ROLE nextcloud LOGIN" PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = 'nextcloud'" | grep -q 1 || PSQL -tAc 'CREATE DATABASE "nextcloud" OWNER "nextcloud"'
PSQL -tAc "ALTER ROLE roundcube LOGIN" PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = 'roundcube'" | grep -q 1 || PSQL -tAc 'CREATE DATABASE "roundcube" OWNER "roundcube"'
PSQL -tAc "ALTER ROLE mastodon LOGIN" PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = 'mastodon'" | grep -q 1 || PSQL -tAc 'CREATE DATABASE "mastodon" OWNER "mastodon"'
synapse_password="$(<'${config.sops.secrets.synapseDbPassword.path}')" PSQL -tAc "ALTER ROLE synapse LOGIN"
PSQL -tAc "ALTER ROLE synapse WITH PASSWORD '$synapse_password'" PSQL -tAc "ALTER ROLE nextcloud LOGIN"
nextcloud_password="$(<'${config.sops.secrets.nextcloudDbPassword.path}')" PSQL -tAc "ALTER ROLE roundcube LOGIN"
PSQL -tAc "ALTER ROLE nextcloud WITH PASSWORD '$nextcloud_password'" PSQL -tAc "ALTER ROLE mastodon LOGIN"
roundcube_password="$(<'${config.sops.secrets.roundcubeDbPassword.path}')"
PSQL -tAc "ALTER ROLE roundcube WITH PASSWORD '$roundcube_password'"
mastodon_password="$(<'${config.sops.secrets.mastodonDbPassword.path}')"
PSQL -tAc "ALTER ROLE mastodon WITH PASSWORD '$mastodon_password'"
'';
serviceConfig = { synapse_password="$(<'${config.sops.secrets.synapseDbPassword.path}')"
User = pgsql.superUser; PSQL -tAc "ALTER ROLE synapse WITH PASSWORD '$synapse_password'"
Type = "oneshot"; nextcloud_password="$(<'${config.sops.secrets.nextcloudDbPassword.path}')"
RemainAfterExit = true; PSQL -tAc "ALTER ROLE nextcloud WITH PASSWORD '$nextcloud_password'"
}; roundcube_password="$(<'${config.sops.secrets.roundcubeDbPassword.path}')"
PSQL -tAc "ALTER ROLE roundcube WITH PASSWORD '$roundcube_password'"
mastodon_password="$(<'${config.sops.secrets.mastodonDbPassword.path}')"
PSQL -tAc "ALTER ROLE mastodon WITH PASSWORD '$mastodon_password'"
'';
serviceConfig = {
User = pgsql.superUser;
Type = "oneshot";
RemainAfterExit = true;
}; };
};
} }

8
profiles/db.nix
View file

@ -25,10 +25,10 @@
repoName = "db1"; repoName = "db1";
readWritePaths = [ "/nix/var/data/postgresql" "/nix/var/data/backup/" ]; readWritePaths = [ "/nix/var/data/postgresql" "/nix/var/data/backup/" ];
preHook = '' preHook = ''
${pkgs.postgresql_12}/bin/pg_dump -U synapse synapse > /nix/var/data/postgresql/synapse.dmp ${config.services.postgresql.package}/bin/pg_dump -U synapse synapse > /nix/var/data/postgresql/synapse.dmp
${pkgs.postgresql_12}/bin/pg_dump -U nextcloud nextcloud > /nix/var/data/postgresql/nextcloud.dmp ${config.services.postgresql.package}/bin/pg_dump -U nextcloud nextcloud > /nix/var/data/postgresql/nextcloud.dmp
${pkgs.postgresql_12}/bin/pg_dump -U roundcube roundcube > /nix/var/data/postgresql/roundcube.dmp ${config.services.postgresql.package}/bin/pg_dump -U roundcube roundcube > /nix/var/data/postgresql/roundcube.dmp
${pkgs.postgresql_12}/bin/pg_dump -U mastodon mastodon > /nix/var/data/postgresql/mastodon.dmp ${config.services.postgresql.package}/bin/pg_dump -U mastodon mastodon > /nix/var/data/postgresql/mastodon.dmp
''; '';
startAt = "03:00"; startAt = "03:00";
sshKey = config.sops.secrets.borgSshKey.path; sshKey = config.sops.secrets.borgSshKey.path;