blob: 84819f6b97fb9dad3f276fd59ce55ab1d13d568b [file] [log] [blame]
{ config, pkgs, lib, ... }:
with builtins;
let postgresPkg = pkgs.postgresql_14;
in rec {
networking.hostName = "bc01n05";
# TODO: undefine fqdn and define domain after big nix change
hscloud.base.fqdn = "${networking.hostName}.hswaw.net";
#networking.domain = "hswaw.net";
system.stateVersion = "22.05";
nix.maxJobs = 16;
### zfs
# randomly generated
networking.hostId = "26dbfbcd";
boot.supportedFilesystems = [ "zfs" ];
boot.initrd.supportedFilesystems = [ "zfs" ];
services.zfs.trim.enable = true;
boot.loader.grub.device = "/dev/sda";
fileSystems = {
"/" = {
device = "rpool/nixos/root";
fsType = lib.mkForce "zfs";
options = [ "X-mount.mkdir" ];
};
"/home" = {
device = "rpool/nixos/home";
fsType = "zfs";
options = [ "X-mount.mkdir" ];
};
"/var/lib/postgresql" = {
device = "rpool/postgres";
fsType = "zfs";
options = [ "X-mount.mkdir" ];
};
"/boot" = {
device = "/dev/disk/by-uuid/2a951c5d-0193-4ef3-9227-d8a5184cbd63";
fsType = "ext4";
};
};
hscloud.base = {
mgmtIf = "eno1";
ipAddr = "185.236.240.37";
ipAddrBits = 28;
gw = "185.236.240.33";
};
environment.systemPackages = [postgresPkg];
services.postgresql = {
enable = true;
package = postgresPkg;
enableTCPIP = true;
initdbArgs = ["--encoding='UTF8'" "--lc-collate='C'" "--lc-ctype='C'"];
ensureDatabases = ["synapse" "mediarepo"];
ensureUsers = [
{
name = "synapse";
ensurePermissions = {
"DATABASE synapse" = "ALL PRIVILEGES";
};
}
{
name = "mediarepo";
ensurePermissions = {
"DATABASE mediarepo" = "ALL PRIVILEGES";
};
}
];
# TODO actually allow synapse to talk to us
# also adjust firewall
authentication = pkgs.lib.mkOverride 10 ''
local all all trust
host all all 127.0.0.1/32 trust
host all all ::1/128 trust
'';
};
}