summary refs log tree commit diff
path: root/nixos
diff options
context:
space:
mode:
authorRaito Bezarius <masterancpp@gmail.com>2023-11-17 15:19:14 +0100
committerRaito Bezarius <masterancpp@gmail.com>2023-11-17 15:52:51 +0100
commitf653734c4dabbc041e7fcc72149f93567b10137c (patch)
tree234004cbeb17636a8bbcaea58b365a2c6ce4394c /nixos
parent7cd63bff21f67d13810f547fb02165131f9942b1 (diff)
downloadnixpkgs-f653734c4dabbc041e7fcc72149f93567b10137c.tar
nixpkgs-f653734c4dabbc041e7fcc72149f93567b10137c.tar.gz
nixpkgs-f653734c4dabbc041e7fcc72149f93567b10137c.tar.bz2
nixpkgs-f653734c4dabbc041e7fcc72149f93567b10137c.tar.lz
nixpkgs-f653734c4dabbc041e7fcc72149f93567b10137c.tar.xz
nixpkgs-f653734c4dabbc041e7fcc72149f93567b10137c.tar.zst
nixpkgs-f653734c4dabbc041e7fcc72149f93567b10137c.zip
nixos/mobilizon: do not use `ensureDBOwnership`
Mobilizon can have a custom database username and it is not trivial to sort out how to remove this.

In the meantime, for the upcoming 23.11 release, I apply the classical workaround
and defer to Mobilizon's maintainers.
Diffstat (limited to 'nixos')
-rw-r--r--nixos/modules/services/web-apps/mobilizon.nix17
1 files changed, 10 insertions, 7 deletions
diff --git a/nixos/modules/services/web-apps/mobilizon.nix b/nixos/modules/services/web-apps/mobilizon.nix
index 601c2830e0e..bb4319b51a2 100644
--- a/nixos/modules/services/web-apps/mobilizon.nix
+++ b/nixos/modules/services/web-apps/mobilizon.nix
@@ -212,12 +212,6 @@ in
         assertion = cfg.nginx.enable -> (cfg.settings.":mobilizon"."Mobilizon.Web.Endpoint".http.ip == settingsFormat.lib.mkTuple [ 0 0 0 0 0 0 0 1 ]);
         message = "Setting the IP mobilizon listens on is only possible when the nginx config is not used, as it is hardcoded there.";
       }
-      {
-        assertion = isLocalPostgres -> repoSettings.database == repoSettings.username;
-        message = ''
-          When creating a database via NixOS, the db user and db name must be equal!
-        '';
-      }
     ];
 
     services.mobilizon.settings = {
@@ -353,12 +347,18 @@ in
 
       # Taken from here:
       # https://framagit.org/framasoft/mobilizon/-/blob/1.1.0/priv/templates/setup_db.eex
+      # TODO(to maintainers of mobilizon): the owner database alteration is necessary
+      # as PostgreSQL 15 changed their behaviors w.r.t. to privileges.
+      # See https://github.com/NixOS/nixpkgs/issues/216989 to get rid
+      # of that workaround.
       script =
         ''
           psql "${repoSettings.database}" -c "\
             CREATE EXTENSION IF NOT EXISTS postgis; \
             CREATE EXTENSION IF NOT EXISTS pg_trgm; \
             CREATE EXTENSION IF NOT EXISTS unaccent;"
+          psql -tAc 'ALTER DATABASE "${repoSettings.database}" OWNER TO "${dbUser}";'
+
         '';
 
       serviceConfig = {
@@ -378,7 +378,10 @@ in
       ensureUsers = [
         {
           name = dbUser;
-          ensureDBOwnership = true;
+          # Given that `dbUser` is potentially arbitrarily custom, we will perform
+          # manual fixups in mobilizon-postgres.
+          # TODO(to maintainers of mobilizon): Feel free to simplify your setup by using `ensureDBOwnership`.
+          ensureDBOwnership = false;
         }
       ];
       extraPlugins = with postgresql.pkgs; [ postgis ];
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-03 04:25:46 +0000