feat(whitby): Create a Postgres database for Panettone r/1494

Create a running Postgres database server along with a user and database for Panettone, and pass configuration for it to the panettone module Change-Id: I333994288131be328e62069382d6d40f8034c400 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1466 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
author: Griffin Smith <grfn@gws.fyi> 2020-07-26T19·41-0400
committer: glittershark <grfn@gws.fyi> 2020-07-27T21·04+0000
commit: 69f402563a14d4b668980e4228d033d80e3bb05d (patch)
tree: 856d583b84062fb37035e47b5bd873ca91b08916 /ops/nixos/whitby/default.nix
parent: 80ff83e6986f9c569f1f55b02337ab29fb97e7ca (diff)
1 files changed, 27 insertions, 1 deletions
diff --git a/ops/nixos/whitby/default.nix b/ops/nixos/whitby/default.nix
index a56f43786f..075e9505dc 100644
--- a/ops/nixos/whitby/default.nix
+++ b/ops/nixos/whitby/default.nix
@@ -217,9 +217,35 @@ in lib.fix(self: {
     sourcegraph.enable = true;
 
     # Run the Panettone issue tracker
-    panettone.enable = true;
+    panettone = {
+      enable = true;
+      dbUser = "panettone";
+      dbName = "panettone";
+    };
+  };
+
+  services.postgresql = {
+    enable = true;
+    enableTCPIP = true;
+
+    authentication = lib.mkOverride 10 ''
+      local all all trust
+      host all all ::1/128 trust
+    '';
+
+    ensureDatabases = [
+      "panettone"
+    ];
+
+    ensureUsers = [{
+      name = "panettone";
+      ensurePermissions = {
+        "DATABASE panettone" = "ALL PRIVILEGES";
+      };
+    }];
   };
 
+
   environment.systemPackages = with nixpkgs; [
     bb
     curl
author	Griffin Smith <grfn@gws.fyi>	2020-07-26T19·41-0400
committer	glittershark <grfn@gws.fyi>	2020-07-27T21·04+0000
commit	69f402563a14d4b668980e4228d033d80e3bb05d (patch)
tree	856d583b84062fb37035e47b5bd873ca91b08916 /ops/nixos/whitby/default.nix
parent	80ff83e6986f9c569f1f55b02337ab29fb97e7ca (diff)