about summary refs log tree commit diff
path: root/modules/nixos/postgresql.nix
blob: 79515e8bd0ea256330f02cf66a1dd7a8f17c993c (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
{
  config,
  lib,
  pkgs,
  this,
  ...
}:
with lib; let
  cfg = config.nixfiles.modules.postgresql;
in {
  options.nixfiles.modules.postgresql = {
    enable = mkEnableOption "PostgreSQL";

    package = mkOption {
      type = types.package;
      default = pkgs.postgresql_15;
      description = "PostgreSQL package to use.";
    };

    extraPostStart = mkOption {
      type = with types; listOf str;
      default = [];
      description = ''
        Additional post-startup commands.

        This could be used to provide a crude interface to grant permissions and
        such.
      '';
    };
  };

  config = mkIf cfg.enable {
    assertions = [
      {
        assertion = any (x: x == "en_GB.UTF-8/UTF-8") config.i18n.supportedLocales;
        message = "The locale must be available";
      }
    ];

    services = {
      postgresql = {
        enable = true;

        inherit (cfg) package;

        # In hindsight, it was a poor choice to use ICU as a locale provider.
        # Now each time ICU version is bumped, I need to carefully upgrade each
        # database to match the version.
        initdbArgs = [
          "--encoding=UTF8"
          "--locale-provider=icu"
          "--icu-locale=en_GB@collation=posix"
          "--locale=en_GB.UTF-8"
          "--lc-collate=C"
          "--lc-ctype=C"
        ];

        # This crutch is here because some services cannot work via a UNIX
        # socket connection and I can't be bothered to configure proper
        # authentication.
        authentication = ''
          local all all trust
        '';
      };

      prometheus.exporters.postgres = {
        enable = true;
        listenAddress = mkDefault this.wireguard.ipv4.address;
        port = mkDefault 9187;
      };
    };

    systemd.services.postgresql.postStart =
      optionalString (cfg.extraPostStart != [])
      concatStringsSep "\n"
      cfg.extraPostStart;

    environment.sessionVariables.PSQLRC = toString (pkgs.writeText "psqlrc" ''
      \set QUIET 1

      \timing
      \x auto
      \pset null '[NULL]'
      \set PROMPT1 '%[%033[1m%]%M %n@%/%R%[%033[0m%]% λ '
      \set PROMPT2 '    … > '
      \set VERBOSITY verbose
      \set HISTCONTROL ignoredups
      \set HISTFILE /dev/null

      \unset QUIET
    '');
  };
}

Consider giving Nix/NixOS a try! <3