Upgrade nixos

1 files changed, 3 insertions, 14 deletions

diff --git a/modules/private/databases/postgresql.nix b/modules/private/databases/postgresql.nix
index 27ea59c..d0b1a75 100644
--- a/modules/private/databases/postgresql.nix
+++ b/modules/private/databases/postgresql.nix
@@ -91,23 +91,13 @@ in {
           '';
         readOnly = true;
       };
-      systemdRuntimeDirectory = lib.mkOption {
-        type = lib.types.str;
-        # Use ReadWritePaths= instead if socketsDir is outside of /run
-        default = assert lib.strings.hasPrefix "/run/" cfg.socketsDir;
-          lib.strings.removePrefix "/run/" cfg.socketsDir;
-        description = ''
-        Adjusted Postgresql sockets directory for systemd
-        '';
-        readOnly = true;
-      };
     };
   };
 
   config = lib.mkIf cfg.enable {
     networking.firewall.allowedTCPPorts = [ 5432 ];
 
-    security.acme2.certs."postgresql" = config.myServices.databasesCerts // {
+    security.acme.certs."postgresql" = config.myServices.databasesCerts // {
       user = "postgres";
       group = "postgres";
       plugins = [ "fullchain.pem" "key.pem" "account_key.json" "account_reg.json" ];
@@ -119,7 +109,6 @@ in {
 
     systemd.services.postgresql.serviceConfig = {
       SupplementaryGroups = "keys";
-      RuntimeDirectory = cfg.systemdRuntimeDirectory;
     };
     systemd.services.postgresql.postStart = lib.mkAfter ''
       # This line is already defined in 19.09
@@ -165,8 +154,8 @@ in {
         # makes it order of magnitudes quicker
         synchronous_commit = off
         ssl = on
-        ssl_cert_file = '${config.security.acme2.certs.postgresql.directory}/fullchain.pem'
-        ssl_key_file = '${config.security.acme2.certs.postgresql.directory}/key.pem'
+        ssl_cert_file = '${config.security.acme.certs.postgresql.directory}/fullchain.pem'
+        ssl_key_file = '${config.security.acme.certs.postgresql.directory}/key.pem'
         '';
       authentication = let
         hosts = builtins.concatStringsSep "\n" (