summaryrefslogtreecommitdiff
path: root/os
diff options
context:
space:
mode:
Diffstat (limited to 'os')
-rw-r--r--os/kay/configuration.nix1
-rw-r--r--os/kay/modules/mail.nix15
-rw-r--r--os/kay/modules/matrix/dendrite.nix9
-rw-r--r--os/kay/modules/postgresql.nix17
4 files changed, 29 insertions, 13 deletions
diff --git a/os/kay/configuration.nix b/os/kay/configuration.nix
index cbcd6a7..d51d24f 100644
--- a/os/kay/configuration.nix
+++ b/os/kay/configuration.nix
@@ -14,6 +14,7 @@
./modules/dns
./modules/sshfwd.nix
./modules/home-assistant.nix
+ ./modules/postgresql.nix
];
boot.consoleLogLevel = 3;
diff --git a/os/kay/modules/mail.nix b/os/kay/modules/mail.nix
index 5c8cb96..bd2681a 100644
--- a/os/kay/modules/mail.nix
+++ b/os/kay/modules/mail.nix
@@ -19,7 +19,7 @@ in {
"mail.${domain}/password" = {};
};
- systemd.services.stalwart-mail.serviceConfig.loadCredential = [
+ systemd.services.stalwart-mail.serviceConfig.LoadCredential = [
"password:${config.sops.secrets."mail.${domain}/password".path}"
"dkim_rsa:${config.sops.secrets."mail.${domain}/dkim_rsa".path}"
@@ -101,10 +101,15 @@ in {
lookup = "rocksdb";
directory = "in-memory";
};
- store.rocksdb = {
- type = "rocksdb";
- path = "rocksdb";
- compression = "lz4";
+ store.postgresql = {
+ type = "postgresql";
+ host = "localhost";
+ database = "stalwart";
+ user = "stalwart";
+ password = "ass";
+ timeout = "15s";
+ tls.enable = false;
+ pool.max-connections = 10;
};
directory."in-memory" = {
diff --git a/os/kay/modules/matrix/dendrite.nix b/os/kay/modules/matrix/dendrite.nix
index 71266a5..2cf7d11 100644
--- a/os/kay/modules/matrix/dendrite.nix
+++ b/os/kay/modules/matrix/dendrite.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ config, ... }:
let
domain = config.global.userdata.domain;
@@ -14,18 +14,11 @@ in
services = {
postgresql = {
- enable = true;
- package = with pkgs; postgresql_15;
- settings = {
- log_timezone = config.time.timeZone;
- listen_addresses = lib.mkForce "";
- };
ensureDatabases = [ "dendrite" ];
ensureUsers = [{
name = "dendrite";
ensureDBOwnership = true;
}];
- authentication = lib.mkForce "local all all trust";
};
dendrite = {
diff --git a/os/kay/modules/postgresql.nix b/os/kay/modules/postgresql.nix
new file mode 100644
index 0000000..6f4d126
--- /dev/null
+++ b/os/kay/modules/postgresql.nix
@@ -0,0 +1,17 @@
+{ config, lib, pkgs, ... }: {
+ services.postgresql = {
+ enable = true;
+ package = with pkgs; postgresql_15;
+ authentication = lib.mkForce ''
+ #type database DBuser origin-address auth-method
+ # unix socket
+ local all all trust
+ # ipv4
+ host all all 127.0.0.1/32 trust
+ # ipv6
+ host all all ::1/128 trust
+ '';
+
+ settings.log_timezone = config.time.timeZone;
+ };
+}