1 files changed, 21 insertions, 0 deletions
diff --git a/hosts/surtr/postgresql/default.nix b/hosts/surtr/postgresql/default.nix
index 3786ea7c..c43d5983 100644
--- a/hosts/surtr/postgresql/default.nix
+++ b/hosts/surtr/postgresql/default.nix
@@ -338,6 +338,27 @@ in {
          );
          COMMIT;
+          BEGIN;
+          SELECT _v.register_patch('017-password_admin', ARRAY['000-base'], null);
+          CREATE TABLE password_admin (
+            id uuid PRIMARY KEY NOT NULL DEFAULT gen_random_uuid(),
+            mailbox uuid REFERENCES mailbox(id)
+          );
+          CREATE USER "email-password-server";
+          GRANT CONNECT ON DATABASE "email" TO "email-password-server";
+          ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO "email-password-server";
+          GRANT SELECT ON ALL TABLES IN SCHEMA public TO "email-password-server";
+          COMMIT;
+          BEGIN;
+          SELECT _v.register_patch('018-password_admin', ARRAY['000-base', '017-password_admin'], null);
+          GRANT UPDATE ON mailbox TO "email-password-server";
+          COMMIT;
        ''}
        psql etebase postgres -eXf ${pkgs.writeText "etebase.sql" ''

diff --git a/hosts/surtr/postgresql/default.nix b/hosts/surtr/postgresql/default.nix index 3786ea7c..c43d5983 100644 --- a/hosts/surtr/postgresql/default.nix +++ b/hosts/surtr/postgresql/default.nix
@@ -338,6 +338,27 @@ in {
338	);	338	);
339		339
340	COMMIT;	340	COMMIT;
		341
		342	BEGIN;
		343	SELECT _v.register_patch('017-password_admin', ARRAY['000-base'], null);
		344
		345	CREATE TABLE password_admin (
		346	id uuid PRIMARY KEY NOT NULL DEFAULT gen_random_uuid(),
		347	mailbox uuid REFERENCES mailbox(id)
		348	);
		349	CREATE USER "email-password-server";
		350	GRANT CONNECT ON DATABASE "email" TO "email-password-server";
		351	ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO "email-password-server";
		352	GRANT SELECT ON ALL TABLES IN SCHEMA public TO "email-password-server";
		353
		354	COMMIT;
		355
		356	BEGIN;
		357	SELECT _v.register_patch('018-password_admin', ARRAY['000-base', '017-password_admin'], null);
		358
		359	GRANT UPDATE ON mailbox TO "email-password-server";
		360
		361	COMMIT;
341	''}	362	''}
342		363
343	psql etebase postgres -eXf ${pkgs.writeText "etebase.sql" ''	364	psql etebase postgres -eXf ${pkgs.writeText "etebase.sql" ''