mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

databasus

Browse Source
This commit is contained in:
mjallen18
2026-04-01 18:05:39 -05:00
parent 166123e8fe
commit acc683bac3
4 changed files with 40 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
modules/nixos/services/databasus/default.nix Normal file
View File

@@ -0,0 +1,23 @@
{
lib,
config,
namespace,
...
}:
let
cfg = config.${namespace}.services."databasus";
in
{
imports = [
(lib.${namespace}.mkContainerService {
inherit config;
name = "databasus";
image = "databasus/databasus";
internalPort = 4005;
volumes = [
"${cfg.configDir}/databasus:/databasus-data"
];
environmentFiles = [ ];
})
];
}

5
systems/x86_64-linux/jallen-nas/apps.nix
View File

@@ -103,6 +103,11 @@ in
envFile = config.sops.templates."ntfy.env".path; envFile = config.sops.templates."ntfy.env".path;
}; };
}; };
databasus = {
enable = true;
port = 4005;
reverseProxy = enabled;
};
dispatcharr = { dispatcharr = {
enable = false; enable = false;
port = 9191; port = 9191;

1
systems/x86_64-linux/jallen-nas/nas-defaults.nix
View File

@@ -46,6 +46,7 @@ in
"collabora" "collabora"
"coturn" "coturn"
"crowdsec" "crowdsec"
"databasus"
"dispatcharr" "dispatcharr"
"free-games-claimer" "free-games-claimer"
"gitea" "gitea"

11
systems/x86_64-linux/jallen-nas/services.nix
View File

@@ -29,6 +29,13 @@ in
GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA public TO sparkyfitness; GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA public TO sparkyfitness;
GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA pg_catalog TO sparkyfitness; GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA pg_catalog TO sparkyfitness;
" "
psql -c "
ALTER ROLE databasus WITH PASSWORD 'databasus';
ALTER ROLE databasus BYPASSRLS;
GRANT CONNECT ON DATABASE nextcloud TO databasus;
GRANT pg_read_all_data TO databasus;
"
''; '';
}; };
}; };
@@ -99,6 +106,9 @@ in
name = "suggestarr"; name = "suggestarr";
ensureDBOwnership = true; ensureDBOwnership = true;
} }
{
name = "databasus";
}
]; ];
# pg_hba.conf — use lib.mkForce to replace the module defaults entirely. # pg_hba.conf — use lib.mkForce to replace the module defaults entirely.
# #
@@ -124,6 +134,7 @@ in
# Podman container network suggestarr server connects via host LAN IP # Podman container network suggestarr server connects via host LAN IP
host suggestarr suggestarr 10.88.0.0/16 scram-sha-256 host suggestarr suggestarr 10.88.0.0/16 scram-sha-256
host all databasus 10.88.0.0/16 scram-sha-256
''; '';
# identMap — maps OS usernames to PostgreSQL usernames for peer auth. # identMap — maps OS usernames to PostgreSQL usernames for peer auth.