| { config, pkgs, lib, ... }: |
| |
| with builtins; |
| let postgresPkg = pkgs.postgresql_14; |
| in rec { |
| networking.hostName = "bc01n05"; |
| # TODO: undefine fqdn and define domain after big nix change |
| hscloud.base.fqdn = "${networking.hostName}.hswaw.net"; |
| #networking.domain = "hswaw.net"; |
| system.stateVersion = "22.05"; |
| nix.maxJobs = 16; |
| |
| ### zfs |
| # randomly generated |
| networking.hostId = "26dbfbcd"; |
| boot.supportedFilesystems = [ "zfs" ]; |
| boot.initrd.supportedFilesystems = [ "zfs" ]; |
| services.zfs.trim.enable = true; |
| |
| boot.loader.grub.device = "/dev/sda"; |
| fileSystems = { |
| "/" = { |
| device = "rpool/nixos/root"; |
| fsType = lib.mkForce "zfs"; |
| options = [ "X-mount.mkdir" ]; |
| }; |
| "/home" = { |
| device = "rpool/nixos/home"; |
| fsType = "zfs"; |
| options = [ "X-mount.mkdir" ]; |
| }; |
| "/var/lib/postgresql" = { |
| device = "rpool/postgres"; |
| fsType = "zfs"; |
| options = [ "X-mount.mkdir" ]; |
| }; |
| "/boot" = { |
| device = "/dev/disk/by-uuid/2a951c5d-0193-4ef3-9227-d8a5184cbd63"; |
| fsType = "ext4"; |
| }; |
| }; |
| |
| hscloud.base = { |
| mgmtIf = "eno1"; |
| ipAddr = "185.236.240.37"; |
| ipAddrBits = 28; |
| gw = "185.236.240.33"; |
| }; |
| |
| environment.systemPackages = [postgresPkg]; |
| services.postgresql = { |
| enable = true; |
| package = postgresPkg; |
| enableTCPIP = true; |
| initdbArgs = ["--encoding='UTF8'" "--lc-collate='C'" "--lc-ctype='C'"]; |
| ensureDatabases = ["synapse" "mediarepo"]; |
| ensureUsers = [ |
| { |
| name = "synapse"; |
| ensurePermissions = { |
| "DATABASE synapse" = "ALL PRIVILEGES"; |
| }; |
| } |
| { |
| name = "mediarepo"; |
| ensurePermissions = { |
| "DATABASE mediarepo" = "ALL PRIVILEGES"; |
| }; |
| } |
| ]; |
| # TODO actually allow synapse to talk to us |
| # also adjust firewall |
| authentication = pkgs.lib.mkOverride 10 '' |
| local all all trust |
| host all all 127.0.0.1/32 trust |
| host all all ::1/128 trust |
| ''; |
| }; |
| } |
| |