dataDir = cfg.dataDir;
extraOptions = ''
ssl_ca = ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt
- ssl_key = ${config.security.acme.directory}/mysql/key.pem
- ssl_cert = ${config.security.acme.directory}/mysql/fullchain.pem
+ ssl_key = ${config.security.acme2.certs.mysql.directory}/key.pem
+ ssl_cert = ${config.security.acme2.certs.mysql.directory}/fullchain.pem
# for replication
log-bin=mariadb-bin
server-id=1
+
+ # this introduces a small delay before storing on disk, but
+ # makes it order of magnitudes quicker
+ innodb_flush_log_at_trx_commit = 0
'';
};
users.users.mysql.extraGroups = [ "keys" ];
- security.acme.certs."mysql" = config.myServices.databasesCerts // {
+ security.acme2.certs."mysql" = config.myServices.databasesCerts // {
user = "mysql";
group = "mysql";
- plugins = [ "fullchain.pem" "key.pem" "account_key.json" ];
+ plugins = [ "fullchain.pem" "key.pem" "account_key.json" "account_reg.json" ];
domain = "db-1.immae.eu";
postRun = ''
systemctl restart mysql.service