diff options
author | Kjetil Orbekk <kj@orbekk.com> | 2022-11-25 08:57:27 -0500 |
---|---|---|
committer | Kjetil Orbekk <kj@orbekk.com> | 2022-11-25 08:57:27 -0500 |
commit | 5acaf488821d87b6d81f101145cdbeb8da47dad2 (patch) | |
tree | 414ee49475a134eed0a3c9535b22b9f81d7428b5 /machines/minideck.nix | |
parent | 3ab8fcaa7588f0c4c75940e43bfc094b55827154 (diff) |
Enable postgresql on minideck
Diffstat (limited to 'machines/minideck.nix')
-rw-r--r-- | machines/minideck.nix | 60 |
1 files changed, 38 insertions, 22 deletions
diff --git a/machines/minideck.nix b/machines/minideck.nix index 1c09585..b4bb8f6 100644 --- a/machines/minideck.nix +++ b/machines/minideck.nix @@ -11,12 +11,22 @@ with lib; services.xserver.enable = mkForce false; services.xserver.displayManager.lightdm.enable = mkForce false; + # For bridge development. + services.postgresql = { + enable = true; + ensureDatabases = [ "bridge_latest" ]; + ensureUsers = [{ + name = "orbekk"; + ensurePermissions."DATABASE bridge_latest" = "ALL PRIVILEGES"; + }]; + }; + # Fake pipewire socket activation. services.pipewire.socketActivation = false; systemd.user.services.pipewire-setup = { description = "Link pipewire socket"; - after = ["paths.target"]; - wantedBy = ["default.target"]; + after = [ "paths.target" ]; + wantedBy = [ "default.target" ]; serviceConfig = { ExecStart = "${pkgs.coreutils}/bin/ln -s /tmp/pipewire-0 %t/pipewire-0"; Type = "oneshot"; @@ -28,15 +38,14 @@ with lib; nix.gc.persistent = false; - boot.cleanTmpDir = mkForce false; # Don't delete bind mounts in /tmp. + boot.cleanTmpDir = mkForce false; # Don't delete bind mounts in /tmp. boot.isContainer = true; - boot.postBootCommands = - '' + boot.postBootCommands = '' # After booting, register the contents of the Nix store in the Nix # database. if [ -f /nix-path-registration ]; then - ${config.nix.package.out}/bin/nix-store --load-db < /nix-path-registration && - rm /nix-path-registration + ${config.nix.package.out}/bin/nix-store --load-db < /nix-path-registration && + rm /nix-path-registration fi # nixos-rebuild also requires a "system" profile ${config.nix.package.out}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system @@ -50,26 +59,33 @@ with lib; networking.hostName = "minideck"; networking.interfaces.host0 = { - ipv4.addresses = [ { address = "172.20.199.2"; prefixLength = 24; } ]; - ipv4.routes = [ { address = "0.0.0.0"; prefixLength = 0; via = "172.20.199.1"; } ]; + ipv4.addresses = [{ + address = "172.20.199.2"; + prefixLength = 24; + }]; + ipv4.routes = [{ + address = "0.0.0.0"; + prefixLength = 0; + via = "172.20.199.1"; + }]; }; users.users.root.initialHashedPassword = mkOverride 150 ""; - + system.activationScripts.installInitScript = mkForce '' - ln -fs $systemConfig/init /sbin/init - ''; - environment.shellInit = '' - source /.host-profile - ''; - services.openssh.enable = mkDefault true; - services.openssh.startWhenNeeded = mkDefault true; - system.stateVersion = "22.05"; + ln -fs $systemConfig/init /sbin/init + ''; + environment.shellInit = '' + source /.host-profile + ''; + services.openssh.enable = mkDefault true; + services.openssh.startWhenNeeded = mkDefault true; + system.stateVersion = "22.05"; - systemd.tmpfiles.rules = [ - # Don't remove the X11 socket. - "d /tmp/.X11-unix 1777 root root" - ]; + systemd.tmpfiles.rules = [ + # Don't remove the X11 socket. + "d /tmp/.X11-unix 1777 root root" + ]; systemd.suppressedSystemUnits = [ "systemd-udev-trigger.service" "systemd-udevd.service" |