diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-05-19 22:05:02 +0200 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-05-19 22:05:02 +0200 |
commit | 84f2affd66a0ff3947b91a30308cb8e6a8ff7594 (patch) | |
tree | 4b05057b68ef6c9e8766b80927221b360d13d167 /hosts/surtr/postgresql.nix | |
parent | 8f0bf6945a24ea8dac4e8395461bb92f22ab71a0 (diff) | |
download | nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar.gz nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar.bz2 nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar.xz nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.zip |
surtr: ...
Diffstat (limited to 'hosts/surtr/postgresql.nix')
-rw-r--r-- | hosts/surtr/postgresql.nix | 62 |
1 files changed, 48 insertions, 14 deletions
diff --git a/hosts/surtr/postgresql.nix b/hosts/surtr/postgresql.nix index a5e93ecf..66ce60eb 100644 --- a/hosts/surtr/postgresql.nix +++ b/hosts/surtr/postgresql.nix | |||
@@ -6,20 +6,6 @@ in { | |||
6 | services.postgresql = { | 6 | services.postgresql = { |
7 | enable = true; | 7 | enable = true; |
8 | package = pkgs.postgresql_14; | 8 | package = pkgs.postgresql_14; |
9 | initialScript = pkgs.writeText "schema.sql" '' | ||
10 | CREATE DATABASE "matrix-synapse" WITH TEMPLATE "template0" ENCODING "UTF8" LOCALE "C"; | ||
11 | CREATE USER "matrix-synapse"; | ||
12 | GRANT ALL PRIVILEGES ON DATABASE "matrix-synapse" TO "matrix-synapse"; | ||
13 | GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "matrix-synapse"; | ||
14 | |||
15 | CREATE DATABASE "email" WITH TEMPLATE "template0" ENCODING "UTF8" LOCALE "C"; | ||
16 | CREATE USER "postfix"; | ||
17 | GRANT CONNECT ON DATABASE "email" TO "postfix"; | ||
18 | ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO "postfix"; | ||
19 | CREATE USER "dovecot2"; | ||
20 | GRANT CONNECT ON DATABASE "email" TO "dovecot2"; | ||
21 | ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO "dovecot2"; | ||
22 | ''; | ||
23 | }; | 9 | }; |
24 | 10 | ||
25 | systemd.services.migrate-postgresql = { | 11 | systemd.services.migrate-postgresql = { |
@@ -35,10 +21,46 @@ in { | |||
35 | 21 | ||
36 | path = [ config.services.postgresql.package ]; | 22 | path = [ config.services.postgresql.package ]; |
37 | script = '' | 23 | script = '' |
24 | psql postgres postgres -eXf ${pkgs.writeText "schema.sql" '' | ||
25 | CREATE DATABASE "matrix-synapse" WITH TEMPLATE "template0" ENCODING "UTF8" LOCALE "C"; | ||
26 | CREATE DATABASE "email" WITH TEMPLATE "template0" ENCODING "UTF8" LOCALE "C"; | ||
27 | ''} | ||
28 | |||
29 | psql matrix-synapse postgres -eXf ${pkgs.writeText "matrix-synapse.sql" '' | ||
30 | \i ${versioning + "/install.versioning.sql"} | ||
31 | |||
32 | BEGIN; | ||
33 | SELECT _v.register_patch('000-matrix-users', null, null); | ||
34 | |||
35 | CREATE USER "matrix-synapse"; | ||
36 | GRANT ALL PRIVILEGES ON DATABASE "matrix-synapse" TO "matrix-synapse"; | ||
37 | GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "matrix-synapse"; | ||
38 | COMMIT; | ||
39 | ''} | ||
40 | |||
38 | psql email postgres -eXf ${pkgs.writeText "email.sql" '' | 41 | psql email postgres -eXf ${pkgs.writeText "email.sql" '' |
39 | \i ${versioning + "/install.versioning.sql"} | 42 | \i ${versioning + "/install.versioning.sql"} |
40 | 43 | ||
41 | BEGIN; | 44 | BEGIN; |
45 | SELECT _v.register_patch('000-users', null, null); | ||
46 | |||
47 | CREATE USER "postfix"; | ||
48 | GRANT CONNECT ON DATABASE "email" TO "postfix"; | ||
49 | ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO "postfix"; | ||
50 | CREATE USER "dovecot2"; | ||
51 | GRANT CONNECT ON DATABASE "email" TO "dovecot2"; | ||
52 | ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO "dovecot2"; | ||
53 | COMMIT; | ||
54 | |||
55 | BEGIN; | ||
56 | SELECT _v.register_patch('001-spm', null, null); | ||
57 | |||
58 | CREATE USER "spm"; | ||
59 | GRANT CONNECT ON DATABASE "email" TO "spm"; | ||
60 | ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES to "spm"; | ||
61 | COMMIT; | ||
62 | |||
63 | BEGIN; | ||
42 | SELECT _v.register_patch('000-base', null, null); | 64 | SELECT _v.register_patch('000-base', null, null); |
43 | 65 | ||
44 | CREATE TABLE mailbox ( | 66 | CREATE TABLE mailbox ( |
@@ -109,6 +131,18 @@ in { | |||
109 | ALTER TABLE mailbox_mapping DROP CONSTRAINT mailbox_mapping_mailbox_fkey; | 131 | ALTER TABLE mailbox_mapping DROP CONSTRAINT mailbox_mapping_mailbox_fkey; |
110 | ALTER TABLE mailbox_mapping ADD CONSTRAINT mailbox_mapping_mailbox_fkey FOREIGN KEY (mailbox) REFERENCES mailbox(id) ON DELETE CASCADE ON UPDATE RESTRICT; | 132 | ALTER TABLE mailbox_mapping ADD CONSTRAINT mailbox_mapping_mailbox_fkey FOREIGN KEY (mailbox) REFERENCES mailbox(id) ON DELETE CASCADE ON UPDATE RESTRICT; |
111 | COMMIT; | 133 | COMMIT; |
134 | |||
135 | BEGIN; | ||
136 | SELECT _v.register_patch('005-spm', ARRAY['000-base', '002-citext', '003-extensions'], null); | ||
137 | |||
138 | GRANT INSERT ON "mailbox_mapping" TO "spm"; | ||
139 | COMMIT; | ||
140 | |||
141 | BEGIN; | ||
142 | SELECT _v.register_patch('006-spm-mailbox', ARRAY['000-base'], null); | ||
143 | |||
144 | GRANT SELECT ON ALL TABLES IN SCHEMA public TO "spm"; | ||
145 | COMMIT; | ||
112 | ''} | 146 | ''} |
113 | ''; | 147 | ''; |
114 | }; | 148 | }; |