diff options
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/programs/sway.nix | 1 | ||||
| -rw-r--r-- | nixos/modules/services/web-apps/lemmy.nix | 39 | ||||
| -rw-r--r-- | nixos/tests/docker-tools.nix | 7 |
3 files changed, 17 insertions, 30 deletions
diff --git a/nixos/modules/programs/sway.nix b/nixos/modules/programs/sway.nix index 971527e1e61..b0a766dd055 100644 --- a/nixos/modules/programs/sway.nix +++ b/nixos/modules/programs/sway.nix @@ -79,7 +79,6 @@ in { "--verbose" "--debug" "--unsupported-gpu" - "--my-next-gpu-wont-be-nvidia" ]; description = lib.mdDoc '' Command line arguments passed to launch Sway. Please DO NOT report diff --git a/nixos/modules/services/web-apps/lemmy.nix b/nixos/modules/services/web-apps/lemmy.nix index 925156e7c4a..267584dd0ca 100644 --- a/nixos/modules/services/web-apps/lemmy.nix +++ b/nixos/modules/services/web-apps/lemmy.nix @@ -71,9 +71,6 @@ in }; config = - let - localPostgres = (cfg.settings.database.host == "localhost" || cfg.settings.database.host == "/run/postgresql"); - in lib.mkIf cfg.enable { services.lemmy.settings = (mapAttrs (name: mkDefault) { @@ -100,8 +97,13 @@ in }; }); - services.postgresql = mkIf localPostgres { - enable = mkDefault true; + services.postgresql = mkIf cfg.database.createLocally { + enable = true; + ensureDatabases = [ cfg.settings.database.database ]; + ensureUsers = [{ + name = cfg.settings.database.user; + ensurePermissions."DATABASE ${cfg.settings.database.database}" = "ALL PRIVILEGES"; + }]; }; services.pict-rs.enable = true; @@ -141,7 +143,7 @@ in }; assertions = [{ - assertion = cfg.database.createLocally -> localPostgres; + assertion = cfg.database.createLocally -> cfg.settings.database.host == "localhost" || cfg.settings.database.host == "/run/postgresql"; message = "if you want to create the database locally, you need to use a local database"; }]; @@ -162,9 +164,9 @@ in wantedBy = [ "multi-user.target" ]; - after = [ "pict-rs.service" ] ++ lib.optionals cfg.database.createLocally [ "lemmy-postgresql.service" ]; + after = [ "pict-rs.service" ] ++ lib.optionals cfg.database.createLocally [ "postgresql.service" ]; - requires = lib.optionals cfg.database.createLocally [ "lemmy-postgresql.service" ]; + requires = lib.optionals cfg.database.createLocally [ "postgresql.service" ]; serviceConfig = { DynamicUser = true; @@ -201,27 +203,6 @@ in ExecStart = "${pkgs.nodejs}/bin/node ${pkgs.lemmy-ui}/dist/js/server.js"; }; }; - - systemd.services.lemmy-postgresql = mkIf cfg.database.createLocally { - description = "Lemmy postgresql db"; - after = [ "postgresql.service" ]; - partOf = [ "lemmy.service" ]; - script = with cfg.settings.database; '' - PSQL() { - ${config.services.postgresql.package}/bin/psql --port=${toString cfg.settings.database.port} "$@" - } - # check if the database already exists - if ! PSQL -lqt | ${pkgs.coreutils}/bin/cut -d \| -f 1 | ${pkgs.gnugrep}/bin/grep -qw ${database} ; then - PSQL -tAc "CREATE ROLE ${user} WITH LOGIN;" - PSQL -tAc "CREATE DATABASE ${database} WITH OWNER ${user};" - fi - ''; - serviceConfig = { - User = config.services.postgresql.superUser; - Type = "oneshot"; - RemainAfterExit = true; - }; - }; }; } diff --git a/nixos/tests/docker-tools.nix b/nixos/tests/docker-tools.nix index d76f70b791c..21a727dbd97 100644 --- a/nixos/tests/docker-tools.nix +++ b/nixos/tests/docker-tools.nix @@ -424,5 +424,12 @@ import ./make-test-python.nix ({ pkgs, ... }: { docker.succeed("docker run --rm etc | grep localhost") docker.succeed("docker image rm etc:latest") + with subtest("image-with-certs"): + docker.succeed("<${examples.image-with-certs} docker load") + docker.succeed("docker run --rm image-with-certs:latest test -r /etc/ssl/certs/ca-bundle.crt") + docker.succeed("docker run --rm image-with-certs:latest test -r /etc/ssl/certs/ca-certificates.crt") + docker.succeed("docker run --rm image-with-certs:latest test -r /etc/pki/tls/certs/ca-bundle.crt") + docker.succeed("docker image rm image-with-certs:latest") + ''; }) |