From 482619dac70c36b0876223d95daf5a8ef616c0fb Mon Sep 17 00:00:00 2001 From: Matthieu Coudron <886074+teto@users.noreply.github.com> Date: Thu, 17 Aug 2023 19:19:54 +0200 Subject: [PATCH 1/3] services.postgres: move the generated statement at the top of the file --- nixos/modules/services/databases/postgresql.nix | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/nixos/modules/services/databases/postgresql.nix b/nixos/modules/services/databases/postgresql.nix index 0acaf0fd00a6..50d0709bcd8f 100644 --- a/nixos/modules/services/databases/postgresql.nix +++ b/nixos/modules/services/databases/postgresql.nix @@ -464,13 +464,16 @@ in services.postgresql.dataDir = mkDefault "/var/lib/postgresql/${cfg.package.psqlSchema}"; - services.postgresql.authentication = mkAfter + services.postgresql.authentication = mkMerge [ + (mkBefore "# Generated file; do not edit!") + (mkAfter '' - # Generated file; do not edit! + # default value of services.postgresql.authentication local all all peer host all all 127.0.0.1/32 md5 host all all ::1/128 md5 - ''; + '') + ]; users.users.postgres = { name = "postgres"; From 956a1876aa635227807bc7c620e46933a06a5ef6 Mon Sep 17 00:00:00 2001 From: Matthieu Coudron <886074+teto@users.noreply.github.com> Date: Thu, 17 Aug 2023 19:21:16 +0200 Subject: [PATCH 2/3] services.postgresql: add identMap example to make things clearer --- nixos/modules/services/databases/postgresql.nix | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/nixos/modules/services/databases/postgresql.nix b/nixos/modules/services/databases/postgresql.nix index 50d0709bcd8f..9e12227fc753 100644 --- a/nixos/modules/services/databases/postgresql.nix +++ b/nixos/modules/services/databases/postgresql.nix @@ -106,12 +106,14 @@ in identMap = mkOption { type = types.lines; default = ""; + example = literalExample '' + map-name-0 system-username-0 database-username-0 + map-name-1 system-username-1 database-username-1 + ''; description = lib.mdDoc '' Defines the mapping from system users to database users. - The general form is: - - map-name system-username database-username + See the [auth doc](https://postgresql.org/docs/current/auth-username-maps.html). ''; }; From b53c715e504fa1a2a3c2f252a0d714170b03f92d Mon Sep 17 00:00:00 2001 From: Matthieu Coudron <886074+teto@users.noreply.github.com> Date: Thu, 17 Aug 2023 20:18:45 +0200 Subject: [PATCH 3/3] services.postgres: add initialScript example --- nixos/modules/services/databases/postgresql.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/nixos/modules/services/databases/postgresql.nix b/nixos/modules/services/databases/postgresql.nix index 9e12227fc753..7b30360590ec 100644 --- a/nixos/modules/services/databases/postgresql.nix +++ b/nixos/modules/services/databases/postgresql.nix @@ -130,6 +130,11 @@ in initialScript = mkOption { type = types.nullOr types.path; default = null; + example = literalExpression '' + pkgs.writeText "init-sql-script" ''' + alter user postgres with password 'myPassword'; + ''';''; + description = lib.mdDoc '' A file containing SQL statements to execute on first startup. '';