X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fdatabases%2Fdefault.nix;h=c4a023ae86d754a3ba85f165ba1c867c8593e6f4;hb=a1a4a72ea8cacd9edddc368626fb617989fa964d;hp=78d91dc5e03077f863b97b2a5ae75d65a9395d60;hpb=182ae57f53731be220075bc87aff4d47a35563b8;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/modules/private/databases/default.nix b/modules/private/databases/default.nix
index 78d91dc..c4a023a 100644
--- a/modules/private/databases/default.nix
+++ b/modules/private/databases/default.nix
@@ -1,4 +1,4 @@
-{ lib, config, ... }:
+{ lib, config, nodes, ... }:
 let
   cfg = config.myServices.databases;
 in
@@ -9,10 +9,53 @@ in
       description = "Default databases configurations for certificates as accepted by acme";
     };
   };
+
+  config.nixpkgs.overlays = lib.mkIf cfg.enable [ (self: super: {
+    postgresql = self.postgresql_11_custom;
+  }) ];
+
   config.myServices.databases = lib.mkIf cfg.enable {
-    mariadb.enable = true;
-    openldap.enable = true;
-    postgresql.enable = true;
+    mariadb = {
+      enable = true;
+      ldapConfig = {
+        inherit (config.myEnv.ldap) host base;
+        inherit (config.myEnv.databases.mysql.pam) dn filter password;
+      };
+      replicationLdapConfig = {
+        inherit (config.myEnv.ldap) host base;
+        inherit (config.myEnv.servers.eldiron.ldap) dn password;
+      };
+      credentials.root = config.myEnv.databases.mysql.systemUsers.root;
+    };
+
+    openldap = {
+      accessFile = "${config.myEnv.privateFiles}/ldap.conf";
+      baseDn = config.myEnv.ldap.base;
+      rootDn = config.myEnv.ldap.root_dn;
+      rootPw = config.myEnv.ldap.root_pw;
+      enable = true;
+    };
+
+    postgresql = {
+      ldapConfig = {
+        inherit (config.myEnv.ldap) host base;
+        inherit (config.myEnv.databases.postgresql.pam) dn filter password;
+      };
+      replicationLdapConfig = {
+        inherit (config.myEnv.ldap) host base;
+        inherit (config.myEnv.servers.eldiron.ldap) dn password;
+      };
+      authorizedHosts = {
+      };
+      replicationHosts = {
+        backup-2 = {
+          ip4 = [config.myEnv.servers.backup-2.ips.main.ip4];
+          ip6 = config.myEnv.servers.backup-2.ips.main.ip6;
+        };
+      };
+      enable = true;
+    };
+
     redis.enable = true;
   };
 }