diff options
| -rw-r--r-- | README.org | 11 | ||||
| -rw-r--r-- | home/profiles/darwin.nix | 1 | ||||
| -rw-r--r-- | machines/rivendell.nix | 2 | ||||
| -rw-r--r-- | profiles/postgresql.nix | 20 |
4 files changed, 33 insertions, 1 deletions
@@ -126,6 +126,15 @@ Backups are done with =restic= and are stored on the local machine, and they are ** Remote builders *** Clients On the clients, you can run =nix config show builders= to see the list of the remote builders. -If a client is failing to run builds remotely due to some ssh errors, you can run the following command: =sudo ssh -o 'IdentityAgent none' -i PRIVATE_KEY USER@HOST true=. We need to use =sudo= since the nix daemon runs as root. +If a client is failing to run builds remotely due to some ssh errors, you can run the following command: =sudo ssh -o 'IdentityAgent none' -i /run/agenix/ssh-remote-builder builder@builder true=. We need to use =sudo= since the nix daemon runs as root. *** Builders On the builders, you can run =nix config show allowed-users= to see the list of users who can trigger nix builds. +** PostgreSQL +To connect from my local machine remotely: +#+begin_src shell +ssh framebox -L 35432:/var/run/postgresql/.s.PGSQL.5432 +#+end_src +Then: +#+begin_src shell +psql -U postgres -h localhost -p 35432 +#+end_src diff --git a/home/profiles/darwin.nix b/home/profiles/darwin.nix index d8942c8..ded6086 100644 --- a/home/profiles/darwin.nix +++ b/home/profiles/darwin.nix @@ -21,6 +21,7 @@ nil # nix lsp nix-direnv # integration with direnv nixfmt-rfc-style # new formatter + postgresql shellcheck tree wget diff --git a/machines/rivendell.nix b/machines/rivendell.nix index 0c4ac28..32ec964 100644 --- a/machines/rivendell.nix +++ b/machines/rivendell.nix @@ -43,6 +43,7 @@ ../profiles/home-manager.nix ../profiles/miniflux.nix ../profiles/monitoring.nix + ../profiles/postgresql.nix ../profiles/remote-unlock.nix ../profiles/restic-backup.nix ../profiles/server.nix @@ -69,6 +70,7 @@ "/data/archives" "/data/media/music" "/var/lib/gitolite/repositories" + "/var/backup/postgresql" ]; }; diff --git a/profiles/postgresql.nix b/profiles/postgresql.nix new file mode 100644 index 0000000..6e473ad --- /dev/null +++ b/profiles/postgresql.nix @@ -0,0 +1,20 @@ +{ ... }: +{ + services.postgresql = { + enable = true; + authentication = '' + local all all peer map=mapping + ''; + identMap = '' + mapping fcuny postgres + mapping root postgres + mapping postgres postgres + mapping /^(.*)$ \1 + ''; + }; + + services.postgresqlBackup = { + enable = true; + compression = "zstd"; + }; +} |