Use attrs for secrets instead of lists

[perso/Immae/Config/Nix.git] / modules / private / databases / postgresql_replication.nix

diff --git a/modules/private/databases/postgresql_replication.nix b/modules/private/databases/postgresql_replication.nix
index 7172c5e6e31f9c2046574a80b81e15571c5742c7..135bbed0d90bfbc9cd239727ab3ddbfc5a88e649 100644 (file)
--- a/modules/private/databases/postgresql_replication.nix
+++ b/modules/private/databases/postgresql_replication.nix
@@ -11,6 +11,13 @@ in
         Base path to put the replications
         '';
     };
+    mainPackage = lib.mkOption {
+      type = lib.types.package;
+      default = pkgs.postgresql;
+      description = ''
+        Postgresql package available in shell
+      '';
+    };
     hosts = lib.mkOption {
       default = {};
       description = ''
@@ -43,10 +50,6 @@ in
   };
 
   config = lib.mkIf cfg.enable {
-    nixpkgs.overlays = [ (self: super: {
-      postgresql = self.postgresql_11_custom;
-    }) ];
-
     users.users.postgres = {
       name = "postgres";
       uid = config.ids.uids.postgres;
@@ -57,11 +60,10 @@ in
       extraGroups = [ "keys" ];
     };
     users.groups.postgres.gid = config.ids.gids.postgres;
-    environment.systemPackages = [ pkgs.postgresql ];
+    environment.systemPackages = [ cfg.mainPackage ];
 
-    secrets.keys = lib.flatten (lib.mapAttrsToList (name: hcfg: [
-      {
-        dest = "postgresql_replication/${name}/recovery.conf";
+    secrets.keys = lib.listToAttrs (lib.flatten (lib.mapAttrsToList (name: hcfg: [
+      (lib.nameValuePair "postgresql_replication/${name}/recovery.conf" {
         user = "postgres";
         group = "postgres";
         permissions = "0400";
@@ -70,16 +72,14 @@ in
           primary_conninfo = '${hcfg.connection}?sslmode=require'
           primary_slot_name = '${hcfg.slot}'
           '';
-      }
-      {
-        dest = "postgresql_replication/${name}/connection_string";
+      })
+      (lib.nameValuePair "postgresql_replication/${name}/connection_string" {
         user = "postgres";
         group = "postgres";
         permissions = "0400";
         text = hcfg.connection;
-      }
-      {
-        dest = "postgresql_replication/${name}/postgresql.conf";
+      })
+      (lib.nameValuePair "postgresql_replication/${name}/postgresql.conf" {
         user = "postgres";
         group = "postgres";
         permissions = "0400";
@@ -91,8 +91,8 @@ in
           data_directory = '${dataDir}'
           wal_level = logical
           '';
-      }
-    ]) cfg.hosts);
+      })
+    ]) cfg.hosts));
 
     services.cron = {
       enable = true;
@@ -116,7 +116,7 @@ in
               ${hcfg.package}/bin/pg_dumpall -h ${dataDir} -f ${backupDir}/$(${pkgs.coreutils}/bin/date -Iminutes).sql
             '';
           u = pkgs.callPackage ./utils.nix {};
-          cleanup_script = pkgs.writeScript "cleanup_postgresql_${name}" (u.keepLastNDumps "sql" backupDir 12);
+          cleanup_script = pkgs.writeScript "cleanup_postgresql_${name}" (u.keepLastNDumps "sql" backupDir 6);
         in [
           "0 22,4,10,16 * * * postgres ${backup_script}"
           "0 3 * * * postgres ${cleanup_script}"