1 files changed, 56 insertions, 0 deletions
diff --git a/systems/eldiron/databases/default.nix b/systems/eldiron/databases/default.nix
new file mode 100644
index 0000000..d8d3048
--- /dev/null
+++ b/systems/eldiron/databases/default.nix
@@ -0,0 +1,56 @@
+{ lib, config, secrets, ... }:
+let
+  cfg = config.myServices.databases;
+in
+{
+  options.myServices = {
+    databases.enable = lib.mkEnableOption "my databases service";
+  };
+  config.myServices.dns.zones."immae.eu".subdomains.db-1 = lib.mkIf cfg.enable (with config.myServices.dns.helpers; ips servers.eldiron.ips.main);
+  config.myServices.databases = lib.mkIf cfg.enable {
+    mariadb = {
+      enable = true;
+      ldapConfig = {
+        inherit (config.myEnv.ldap) host base;
+        inherit (config.myEnv.databases.mysql.pam) dn filter password;
+      };
+      replicationLdapConfig = {
+        inherit (config.myEnv.ldap) host base;
+        inherit (config.myEnv.servers.eldiron.ldap) dn password;
+      };
+      credentials.root = config.myEnv.databases.mysql.systemUsers.root;
+    };
+    openldap = {
+      accessFile = secrets.ldap-conf;
+      baseDn = config.myEnv.ldap.base;
+      rootDn = config.myEnv.ldap.root_dn;
+      rootPw = config.myEnv.ldap.root_pw;
+      enable = true;
+    };
+    postgresql = {
+      ldapConfig = {
+        inherit (config.myEnv.ldap) host base;
+        inherit (config.myEnv.databases.postgresql.pam) dn filter password;
+      };
+      replicationLdapConfig = {
+        inherit (config.myEnv.ldap) host base;
+        inherit (config.myEnv.servers.eldiron.ldap) dn password;
+      };
+      authorizedHosts = {
+      };
+      replicationHosts = {
+        backup-2 = {
+          ip4 = config.myEnv.servers.backup-2.ips.main.ip4;
+          ip6 = config.myEnv.servers.backup-2.ips.main.ip6;
+        };
+      };
+      enable = true;
+    };
+    redis.enable = true;
+  };
+}

diff --git a/systems/eldiron/databases/default.nix b/systems/eldiron/databases/default.nix new file mode 100644 index 0000000..d8d3048 --- /dev/null +++ b/systems/eldiron/databases/default.nix
@@ -0,0 +1,56 @@
	1	{ lib, config, secrets, ... }:
	2	let
	3	cfg = config.myServices.databases;
	4	in
	5	{
	6	options.myServices = {
	7	databases.enable = lib.mkEnableOption "my databases service";
	8	};
	9
	10	config.myServices.dns.zones."immae.eu".subdomains.db-1 = lib.mkIf cfg.enable (with config.myServices.dns.helpers; ips servers.eldiron.ips.main);
	11	config.myServices.databases = lib.mkIf cfg.enable {
	12
	13	mariadb = {
	14	enable = true;
	15	ldapConfig = {
	16	inherit (config.myEnv.ldap) host base;
	17	inherit (config.myEnv.databases.mysql.pam) dn filter password;
	18	};
	19	replicationLdapConfig = {
	20	inherit (config.myEnv.ldap) host base;
	21	inherit (config.myEnv.servers.eldiron.ldap) dn password;
	22	};
	23	credentials.root = config.myEnv.databases.mysql.systemUsers.root;
	24	};
	25
	26	openldap = {
	27	accessFile = secrets.ldap-conf;
	28	baseDn = config.myEnv.ldap.base;
	29	rootDn = config.myEnv.ldap.root_dn;
	30	rootPw = config.myEnv.ldap.root_pw;
	31	enable = true;
	32	};
	33
	34	postgresql = {
	35	ldapConfig = {
	36	inherit (config.myEnv.ldap) host base;
	37	inherit (config.myEnv.databases.postgresql.pam) dn filter password;
	38	};
	39	replicationLdapConfig = {
	40	inherit (config.myEnv.ldap) host base;
	41	inherit (config.myEnv.servers.eldiron.ldap) dn password;
	42	};
	43	authorizedHosts = {
	44	};
	45	replicationHosts = {
	46	backup-2 = {
	47	ip4 = config.myEnv.servers.backup-2.ips.main.ip4;
	48	ip6 = config.myEnv.servers.backup-2.ips.main.ip6;
	49	};
	50	};
	51	enable = true;
	52	};
	53
	54	redis.enable = true;
	55	};
	56	}