diff options
| author | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2025-04-24 17:41:52 +0200 |
|---|---|---|
| committer | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2025-04-24 17:41:52 +0200 |
| commit | 94122fb4880d1fbbc09af1d0beb166e19948585b (patch) | |
| tree | df186cfc6c3dea9c155ac2e8383f10d1ff698782 /modules/by-name | |
| parent | modules/matrix: Group `vhack` attr keys together (diff) | |
| download | nixos-server-94122fb4880d1fbbc09af1d0beb166e19948585b.zip | |
modules/matrix: Use the typed NixOS for user and db creation
Note, that I have no way to test if this is actually going to work (no tests for matrix).
But, I assume that it is not going to pose problems, as we are not
migrating the db and these options won't remove state.
Diffstat (limited to '')
| -rw-r--r-- | modules/by-name/ma/matrix/module.nix | 42 |
1 files changed, 23 insertions, 19 deletions
diff --git a/modules/by-name/ma/matrix/module.nix b/modules/by-name/ma/matrix/module.nix index aa67276..f34ecf4 100644 --- a/modules/by-name/ma/matrix/module.nix +++ b/modules/by-name/ma/matrix/module.nix @@ -1,6 +1,5 @@ { config, - pkgs, lib, ... }: let @@ -59,28 +58,33 @@ in { nginx.enable = true; }; - systemd.tmpfiles.rules = [ - "d /etc/matrix 0755 matrix-synapse matrix-synapse" - ]; + systemd = { + tmpfiles.rules = [ + "d /etc/matrix 0755 matrix-synapse matrix-synapse" + ]; + services.postgresql.postStart = '' + $PSQL -tAc "ALTER ROLE matrix-synapse WITH ENCRYPTED PASSWORD 'synapse';" + $PSQL -tAc "ALTER ROLE mautrix-whatsapp WITH ENCRYPTED PASSWORD 'whatsapp';" + ''; + }; services = { postgresql = { enable = true; - initialScript = pkgs.writeText "synapse-init.sql" '' - --Matrix: - CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse'; - CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" - TEMPLATE template0 - LC_COLLATE = "C" - LC_CTYPE = "C"; - - --Whatsapp-bridge: - CREATE ROLE "mautrix-whatsapp" WITH LOGIN PASSWORD 'whatsapp'; - CREATE DATABASE "mautrix-whatsapp" WITH OWNER "mautrix-whatsapp" - TEMPLATE template0 - LC_COLLATE = "C" - LC_CTYPE = "C"; - ''; + ensureUsers = [ + { + name = "matrix-synapse"; + ensureDBOwnership = true; + } + { + name = "mautrix-whatsapp"; + ensureDBOwnership = true; + } + ]; + ensureDatabases = [ + "matrix-synapse" + "mautrix-whatsapp" + ]; }; nginx = { |