From 7cd63bff21f67d13810f547fb02165131f9942b1 Mon Sep 17 00:00:00 2001
From: Raito Bezarius <masterancpp@gmail.com>
Date: Fri, 17 Nov 2023 15:03:19 +0100
Subject: nixos/sourcehut: do not use `ensureDBOwnership`

Given that SourceHut uses unfortunate defaults for database name, it will not
be realistic to fix this in time for 23.11.

We will leave the workaround and leave it to SourceHut maintainers to pick up the work
to clean this up after 23.11.
---
 nixos/modules/services/misc/sourcehut/service.nix | 19 +++++++------------
 1 file changed, 7 insertions(+), 12 deletions(-)

diff --git a/nixos/modules/services/misc/sourcehut/service.nix b/nixos/modules/services/misc/sourcehut/service.nix
index d2cd599d3fe..f08d5eb4687 100644
--- a/nixos/modules/services/misc/sourcehut/service.nix
+++ b/nixos/modules/services/misc/sourcehut/service.nix
@@ -242,15 +242,6 @@ in
       } cfg.nginx.virtualHost ];
     };
 
-    assertions = [
-      {
-        assertion = srvCfg.user == srvCfg.postgresql.database;
-        message = ''
-          When creating a database via NixOS, the db user and db name must be equal!
-        '';
-      }
-    ];
-
     services.postgresql = mkIf cfg.postgresql.enable {
       authentication = ''
         local ${srvCfg.postgresql.database} ${srvCfg.user} trust
@@ -258,10 +249,13 @@ in
       ensureDatabases = [ srvCfg.postgresql.database ];
       ensureUsers = map (name: {
           inherit name;
-          ensureDBOwnership = true;
+          # We don't use it because we have a special default database name with dots.
+          # TODO(for maintainers of sourcehut): migrate away from custom preStart script.
+          ensureDBOwnership = false;
         }) [srvCfg.user];
     };
 
+
     services.sourcehut.settings = mkMerge [
       {
         "${srv}.sr.ht".origin = mkDefault "https://${srv}.${cfg.settings."sr.ht".global-domain}";
@@ -387,10 +381,11 @@ in
         extraService
       ])) extraServices)
 
-      # Work around 'pq: permission denied for schema public' with postgres v15, until a
-      # solution for `services.postgresql.ensureUsers` is found.
+      # Work around 'pq: permission denied for schema public' with postgres v15.
       # See https://github.com/NixOS/nixpkgs/issues/216989
       # Workaround taken from nixos/forgejo: https://github.com/NixOS/nixpkgs/pull/262741
+      # TODO(to maintainers of sourcehut): please migrate away from this workaround
+      # by migrating away from database name defaults with dots.
       (lib.mkIf (
           cfg.postgresql.enable
           && lib.strings.versionAtLeast config.services.postgresql.package.version "15.0"
-- 
cgit 1.4.1