about summary refs log tree commit diff
path: root/modules/postgresql.nix
blob: f88831ba20f89c97fc5435f487fd1f6787971f7a (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
{
  config,
  inputs,
  lib,
  pkgs,
  this,
  ...
}:
with lib;
let
  cfg = config.nixfiles.modules.postgresql;
in
{
  options.nixfiles.modules.postgresql = {
    enable = mkEnableOption "PostgreSQL";

    package = mkOption {
      type = types.package;
      default = pkgs.postgresql_15;
      description = "PostgreSQL package to use.";
    };

    extraPostStart = mkOption {
      type = with types; listOf str;
      default = [ ];
      description = ''
        Additional post-startup commands.

        This could be used to provide a crude interface to grant permissions and
        such.
      '';
    };
  };

  config = mkIf cfg.enable {
    assertions = [
      {
        assertion = any (x: x == "en_GB.UTF-8/UTF-8") config.i18n.supportedLocales;
        message = "The locale must be available";
      }
    ];

    ark.directories = [ config.services.postgresql.dataDir ];

    services = {
      postgresql = {
        enable = true;

        inherit (cfg) package;

        # In hindsight, it was a poor choice to use ICU as a locale provider.
        # Now each time ICU version is bumped, I need to carefully upgrade each
        # database to match the version.
        initdbArgs = [
          "--encoding=UTF8"
          "--locale-provider=icu"
          "--icu-locale=en_GB@collation=posix"
          "--locale=en_GB.UTF-8"
          "--lc-collate=C"
          "--lc-ctype=C"
        ];

        # This crutch is here because some services cannot work via a UNIX
        # socket connection and I can't be bothered to configure proper
        # authentication.
        authentication = ''
          local all all trust
        '';
      };

      prometheus.exporters.postgres = {
        enable = true;
        listenAddress = mkDefault this.wireguard.ipv4.address;
        port = mkDefault 9187;
      };
    };

    systemd.services.postgresql.postStart = optionalString (
      cfg.extraPostStart != [ ]
    ) concatLines cfg.extraPostStart;

    environment.variables.PSQLRC = toString (
      pkgs.writeText "psqlrc" ''
        \set QUIET 1

        \timing
        \x auto
        \pset null '[NULL]'
        \set PROMPT1 '%[%033[1m%]%M %n@%/%R%[%033[0m%]% λ '
        \set PROMPT2 '    … > '
        \set VERBOSITY verbose
        \set HISTCONTROL ignoredups
        \set HISTFILE /dev/null

        \unset QUIET
      ''
    );

    topology = {
      nodes.${this.hostname}.services.postgresql = {
        name = "PostgreSQL";
        icon = "${inputs.homelab-svg-assets}/assets/postgresql.svg";
        details.listen.text = "127.0.0.1:5432";
      };
    };
  };
}

Consider giving Nix/NixOS a try! <3