surtr: ...

author: Gregor Kleen <gkleen@yggdrasil.li> 2022-05-19 22:05:02 +0200
committer: Gregor Kleen <gkleen@yggdrasil.li> 2022-05-19 22:05:02 +0200
commit: 84f2affd66a0ff3947b91a30308cb8e6a8ff7594 (patch)
tree: 4b05057b68ef6c9e8766b80927221b360d13d167 /hosts/surtr/postgresql.nix
parent: 8f0bf6945a24ea8dac4e8395461bb92f22ab71a0 (diff)
download: nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar
nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar.gz
nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar.bz2
nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar.xz
nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.zip
1 files changed, 48 insertions, 14 deletions
diff --git a/hosts/surtr/postgresql.nix b/hosts/surtr/postgresql.nix
index a5e93ecf..66ce60eb 100644
--- a/hosts/surtr/postgresql.nix
+++ b/hosts/surtr/postgresql.nix
@@ -6,20 +6,6 @@ in {
    services.postgresql = {
      enable = true;
      package = pkgs.postgresql_14;
-      initialScript = pkgs.writeText "schema.sql" ''
-        CREATE DATABASE "matrix-synapse" WITH TEMPLATE "template0" ENCODING "UTF8" LOCALE "C";
-        CREATE USER "matrix-synapse";
-        GRANT ALL PRIVILEGES ON DATABASE "matrix-synapse" TO "matrix-synapse";
-        GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "matrix-synapse";
-        CREATE DATABASE "email" WITH TEMPLATE "template0" ENCODING "UTF8" LOCALE "C";
-        CREATE USER "postfix";
-        GRANT CONNECT ON DATABASE "email" TO "postfix";
-        ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO "postfix";
-        CREATE USER "dovecot2";
-        GRANT CONNECT ON DATABASE "email" TO "dovecot2";
-        ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO "dovecot2";
-      '';
    };
    systemd.services.migrate-postgresql = {
@@ -35,10 +21,46 @@ in {
      path = [ config.services.postgresql.package ];
      script = ''
+        psql postgres postgres -eXf ${pkgs.writeText "schema.sql" ''
+          CREATE DATABASE "matrix-synapse" WITH TEMPLATE "template0" ENCODING "UTF8" LOCALE "C";
+          CREATE DATABASE "email" WITH TEMPLATE "template0" ENCODING "UTF8" LOCALE "C";
+        ''}
+        psql matrix-synapse postgres -eXf ${pkgs.writeText "matrix-synapse.sql" ''
+          \i ${versioning + "/install.versioning.sql"}
+          BEGIN;
+          SELECT _v.register_patch('000-matrix-users', null, null);
+          CREATE USER "matrix-synapse";
+          GRANT ALL PRIVILEGES ON DATABASE "matrix-synapse" TO "matrix-synapse";
+          GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "matrix-synapse";
+          COMMIT;
+        ''}
        psql email postgres -eXf ${pkgs.writeText "email.sql" ''
          \i ${versioning + "/install.versioning.sql"}
          BEGIN;
+          SELECT _v.register_patch('000-users', null, null);
+          CREATE USER "postfix";
+          GRANT CONNECT ON DATABASE "email" TO "postfix";
+          ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO "postfix";
+          CREATE USER "dovecot2";
+          GRANT CONNECT ON DATABASE "email" TO "dovecot2";
+          ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO "dovecot2";
+          COMMIT;
+          BEGIN;
+          SELECT _v.register_patch('001-spm', null, null);
+          CREATE USER "spm";
+          GRANT CONNECT ON DATABASE "email" TO "spm";
+          ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES to "spm";
+          COMMIT;
+          BEGIN;
          SELECT _v.register_patch('000-base', null, null);
          CREATE TABLE mailbox (
@@ -109,6 +131,18 @@ in {
          ALTER TABLE mailbox_mapping DROP CONSTRAINT mailbox_mapping_mailbox_fkey;
          ALTER TABLE mailbox_mapping ADD CONSTRAINT mailbox_mapping_mailbox_fkey FOREIGN KEY (mailbox) REFERENCES mailbox(id) ON DELETE CASCADE ON UPDATE RESTRICT;
          COMMIT;
+          BEGIN;
+          SELECT _v.register_patch('005-spm', ARRAY['000-base', '002-citext', '003-extensions'], null);
+          GRANT INSERT ON "mailbox_mapping" TO "spm";
+          COMMIT;
+          BEGIN;
+          SELECT _v.register_patch('006-spm-mailbox', ARRAY['000-base'], null);
+          GRANT SELECT ON ALL TABLES IN SCHEMA public TO "spm";
+          COMMIT;
        ''}
      '';
    };
author	Gregor Kleen <gkleen@yggdrasil.li>	2022-05-19 22:05:02 +0200
committer	Gregor Kleen <gkleen@yggdrasil.li>	2022-05-19 22:05:02 +0200
commit	84f2affd66a0ff3947b91a30308cb8e6a8ff7594 (patch)
tree	4b05057b68ef6c9e8766b80927221b360d13d167 /hosts/surtr/postgresql.nix
parent	8f0bf6945a24ea8dac4e8395461bb92f22ab71a0 (diff)
download	nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar.gz nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar.bz2 nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar.xz nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.zip

diff --git a/hosts/surtr/postgresql.nix b/hosts/surtr/postgresql.nix index a5e93ecf..66ce60eb 100644 --- a/hosts/surtr/postgresql.nix +++ b/hosts/surtr/postgresql.nix
@@ -6,20 +6,6 @@ in {
6	services.postgresql = {	6	services.postgresql = {
7	enable = true;	7	enable = true;
8	package = pkgs.postgresql_14;	8	package = pkgs.postgresql_14;
9	initialScript = pkgs.writeText "schema.sql" ''
10	CREATE DATABASE "matrix-synapse" WITH TEMPLATE "template0" ENCODING "UTF8" LOCALE "C";
11	CREATE USER "matrix-synapse";
12	GRANT ALL PRIVILEGES ON DATABASE "matrix-synapse" TO "matrix-synapse";
13	GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "matrix-synapse";
14
15	CREATE DATABASE "email" WITH TEMPLATE "template0" ENCODING "UTF8" LOCALE "C";
16	CREATE USER "postfix";
17	GRANT CONNECT ON DATABASE "email" TO "postfix";
18	ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO "postfix";
19	CREATE USER "dovecot2";
20	GRANT CONNECT ON DATABASE "email" TO "dovecot2";
21	ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO "dovecot2";
22	'';
23	};	9	};
24		10
25	systemd.services.migrate-postgresql = {	11	systemd.services.migrate-postgresql = {
@@ -35,10 +21,46 @@ in {
35		21
36	path = [ config.services.postgresql.package ];	22	path = [ config.services.postgresql.package ];
37	script = ''	23	script = ''
		24	psql postgres postgres -eXf ${pkgs.writeText "schema.sql" ''
		25	CREATE DATABASE "matrix-synapse" WITH TEMPLATE "template0" ENCODING "UTF8" LOCALE "C";
		26	CREATE DATABASE "email" WITH TEMPLATE "template0" ENCODING "UTF8" LOCALE "C";
		27	''}
		28
		29	psql matrix-synapse postgres -eXf ${pkgs.writeText "matrix-synapse.sql" ''
		30	\i ${versioning + "/install.versioning.sql"}
		31
		32	BEGIN;
		33	SELECT _v.register_patch('000-matrix-users', null, null);
		34
		35	CREATE USER "matrix-synapse";
		36	GRANT ALL PRIVILEGES ON DATABASE "matrix-synapse" TO "matrix-synapse";
		37	GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "matrix-synapse";
		38	COMMIT;
		39	''}
		40
38	psql email postgres -eXf ${pkgs.writeText "email.sql" ''	41	psql email postgres -eXf ${pkgs.writeText "email.sql" ''
39	\i ${versioning + "/install.versioning.sql"}	42	\i ${versioning + "/install.versioning.sql"}
40		43
41	BEGIN;	44	BEGIN;
		45	SELECT _v.register_patch('000-users', null, null);
		46
		47	CREATE USER "postfix";
		48	GRANT CONNECT ON DATABASE "email" TO "postfix";
		49	ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO "postfix";
		50	CREATE USER "dovecot2";
		51	GRANT CONNECT ON DATABASE "email" TO "dovecot2";
		52	ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO "dovecot2";
		53	COMMIT;
		54
		55	BEGIN;
		56	SELECT _v.register_patch('001-spm', null, null);
		57
		58	CREATE USER "spm";
		59	GRANT CONNECT ON DATABASE "email" TO "spm";
		60	ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES to "spm";
		61	COMMIT;
		62
		63	BEGIN;
42	SELECT _v.register_patch('000-base', null, null);	64	SELECT _v.register_patch('000-base', null, null);
43		65
44	CREATE TABLE mailbox (	66	CREATE TABLE mailbox (
@@ -109,6 +131,18 @@ in {
109	ALTER TABLE mailbox_mapping DROP CONSTRAINT mailbox_mapping_mailbox_fkey;	131	ALTER TABLE mailbox_mapping DROP CONSTRAINT mailbox_mapping_mailbox_fkey;
110	ALTER TABLE mailbox_mapping ADD CONSTRAINT mailbox_mapping_mailbox_fkey FOREIGN KEY (mailbox) REFERENCES mailbox(id) ON DELETE CASCADE ON UPDATE RESTRICT;	132	ALTER TABLE mailbox_mapping ADD CONSTRAINT mailbox_mapping_mailbox_fkey FOREIGN KEY (mailbox) REFERENCES mailbox(id) ON DELETE CASCADE ON UPDATE RESTRICT;
111	COMMIT;	133	COMMIT;
		134
		135	BEGIN;
		136	SELECT _v.register_patch('005-spm', ARRAY['000-base', '002-citext', '003-extensions'], null);
		137
		138	GRANT INSERT ON "mailbox_mapping" TO "spm";
		139	COMMIT;
		140
		141	BEGIN;
		142	SELECT _v.register_patch('006-spm-mailbox', ARRAY['000-base'], null);
		143
		144	GRANT SELECT ON ALL TABLES IN SCHEMA public TO "spm";
		145	COMMIT;
112	''}	146	''}
113	'';	147	'';
114	};	148	};