Update the database configuration to the current architecture.

2026-02-07 21:49:49 +01:00 · 2026-02-07 21:49:49 +01:00 · a1a579662e
commit a1a579662e
parent 2981721727
8 changed files with 208 additions and 3 deletions
--- a/nix-system-configs/modules/system/compose-songsheet.nix
+++ b/nix-system-configs/modules/system/compose-songsheet.nix
@ -38,7 +38,7 @@
    #
    ## Compose modules for Portainer service
    ./modules/songsheet/wavelog/docker-compose.nix
-    ./modules/secrets-config/sops-nix.nix
+    ./modules/secrets-config/sops-composesongsheet.nix
  ];

  config = {
--- a/nix-system-configs/modules/system/database.nix
+++ b/nix-system-configs/modules/system/database.nix
@ -0,0 +1,100 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}: {
+  options.local = {
+    hostname = lib.mkOption {
+      type = lib.types.str;
+      default = "nixos-default";
+      description = "System hostname";
+    };
+    username = lib.mkOption {
+      type = lib.types.str;
+      default = "user";
+      description = "Primary user username";
+    };
+    userDescription = lib.mkOption {
+      type = lib.types.str;
+      default = "NixOS User";
+      description = "Primary user description";
+    };
+    address = lib.mkOption {
+      type = lib.types.str;
+      default = "10.1.1.100";
+      description = "Static IP address";
+    };
+  };
+
+  imports = [
+    ./modules/desktop-manager/gnome.nix
+    ./modules/local/hostname_username.nix
+    ./modules/local/networking_local.nix
+    ./modules/lix-default.nix
+    ./modules/secrets-config/sops-database.nix
+    ./hardware-configuration.nix
+  ];
+
+  # Bootloader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  config = {
+    local.hostname = "nixosdd";
+    local.username = "nixosdd";
+    local.userDescription = "NixOS Dedicated Database";
+    local.address = "10.1.1.251";
+
+    networking.firewall.allowedTCPPorts = [
+      5432 # PostgreSQL
+      3306 # MariaDB/MySQL
+    ];
+    networking.firewall.allowedUDPPorts = [
+      5432 # PostgreSQL
+      3306 # MariaDB/MySQL
+    ];
+
+    # List services that you want to enable:
+
+    # Enable PostgreSQL
+    services.postgresql = {
+      enable = true;
+      enableTCPIP = true;
+      ensureDatabases = ["forgejo" "part_db_database"];
+      settings = {
+        listen_addresses = "*";
+      };
+      authentication = pkgs.lib.mkOverride 10 ''
+        local   all             all                                 trust
+        host    all             all             10.1.1.4/32         scram-sha-256
+        host    all             all             10.1.1.249/32       scram-sha-256
+        host    all             all             127.0.0.1/32        trust
+        host    all             all             ::1/128             trust
+      '';
+    };
+
+    # Enable MariaDB
+    services.mysql = {
+      enable = true;
+      package = pkgs.mariadb;
+    };
+
+    # Enable Tailscale
+    services.tailscale.enable = true;
+
+    # List packages installed in system profile. To search, run:
+    # $ nix search wget
+    environment.systemPackages = with pkgs; [
+      #  vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
+      wget
+      helix
+      fastfetch
+      hyfetch
+      pgadmin4
+      google-cloud-sdk
+    ];
+
+    system.stateVersion = "25.11";
+  };
+}