mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

databasus

Browse Source
This commit is contained in:
mjallen18
2026-04-01 18:05:39 -05:00
parent 166123e8fe
commit acc683bac3
4 changed files with 40 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
systems/x86_64-linux/jallen-nas/services.nix
View File

@@ -29,6 +29,13 @@ in
GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA public TO sparkyfitness;
GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA pg_catalog TO sparkyfitness;
"
psql -c "
ALTER ROLE databasus WITH PASSWORD 'databasus';
ALTER ROLE databasus BYPASSRLS;
GRANT CONNECT ON DATABASE nextcloud TO databasus;
GRANT pg_read_all_data TO databasus;
"
'';
};
};
@@ -99,6 +106,9 @@ in
name = "suggestarr";
ensureDBOwnership = true;
}
{
name = "databasus";
}
];
# pg_hba.conf — use lib.mkForce to replace the module defaults entirely.
#
@@ -124,6 +134,7 @@ in
# Podman container network suggestarr server connects via host LAN IP
host suggestarr suggestarr 10.88.0.0/16 scram-sha-256
host all databasus 10.88.0.0/16 scram-sha-256
'';
# identMap — maps OS usernames to PostgreSQL usernames for peer auth.