diff options
Diffstat (limited to 'modules/private/databases/postgresql.nix')
-rw-r--r-- | modules/private/databases/postgresql.nix | 15 |
1 files changed, 6 insertions, 9 deletions
diff --git a/modules/private/databases/postgresql.nix b/modules/private/databases/postgresql.nix index d0b1a75..c442a63 100644 --- a/modules/private/databases/postgresql.nix +++ b/modules/private/databases/postgresql.nix | |||
@@ -100,7 +100,6 @@ in { | |||
100 | security.acme.certs."postgresql" = config.myServices.databasesCerts // { | 100 | security.acme.certs."postgresql" = config.myServices.databasesCerts // { |
101 | user = "postgres"; | 101 | user = "postgres"; |
102 | group = "postgres"; | 102 | group = "postgres"; |
103 | plugins = [ "fullchain.pem" "key.pem" "account_key.json" "account_reg.json" ]; | ||
104 | domain = "db-1.immae.eu"; | 103 | domain = "db-1.immae.eu"; |
105 | postRun = '' | 104 | postRun = '' |
106 | systemctl reload postgresql.service | 105 | systemctl reload postgresql.service |
@@ -212,22 +211,20 @@ in { | |||
212 | 211 | ||
213 | security.pam.services = let | 212 | security.pam.services = let |
214 | pam_ldap = "${pkgs.pam_ldap}/lib/security/pam_ldap.so"; | 213 | pam_ldap = "${pkgs.pam_ldap}/lib/security/pam_ldap.so"; |
215 | in [ | 214 | in { |
216 | { | 215 | postgresql = { |
217 | name = "postgresql"; | ||
218 | text = '' | 216 | text = '' |
219 | auth required ${pam_ldap} config=${config.secrets.location}/postgresql/pam | 217 | auth required ${pam_ldap} config=${config.secrets.location}/postgresql/pam |
220 | account required ${pam_ldap} config=${config.secrets.location}/postgresql/pam | 218 | account required ${pam_ldap} config=${config.secrets.location}/postgresql/pam |
221 | ''; | 219 | ''; |
222 | } | 220 | }; |
223 | { | 221 | postgresql_replication = { |
224 | name = "postgresql_replication"; | ||
225 | text = '' | 222 | text = '' |
226 | auth required ${pam_ldap} config=${config.secrets.location}/postgresql/pam_replication | 223 | auth required ${pam_ldap} config=${config.secrets.location}/postgresql/pam_replication |
227 | account required ${pam_ldap} config=${config.secrets.location}/postgresql/pam_replication | 224 | account required ${pam_ldap} config=${config.secrets.location}/postgresql/pam_replication |
228 | ''; | 225 | ''; |
229 | } | 226 | }; |
230 | ]; | 227 | }; |
231 | }; | 228 | }; |
232 | } | 229 | } |
233 | 230 | ||