Merge remote-tracking branch 'origin/staging-next' into staging
This commit is contained in:
		
						commit
						5985f13b69
					
				| @ -66,9 +66,11 @@ while read -r new_commit_sha ; do | ||||
|   git rev-list --max-count=1 --format=medium "$new_commit_sha" | ||||
|   echo "-------------------------------------------------" | ||||
| 
 | ||||
|   # Using the last line with "cherry" + hash, because a chained backport | ||||
|   # can result in multiple of those lines. Only the last one counts. | ||||
|   original_commit_sha=$( | ||||
|     git rev-list --max-count=1 --format=format:%B "$new_commit_sha" \ | ||||
|     | grep -Ei -m1 "cherry.*[0-9a-f]{40}" \ | ||||
|     | grep -Ei "cherry.*[0-9a-f]{40}" | tail -n1 \ | ||||
|     | grep -Eoi -m1 '[0-9a-f]{40}' || true | ||||
|   ) | ||||
|   if [ -z "$original_commit_sha" ] ; then | ||||
|  | ||||
| @ -259,13 +259,13 @@ in | ||||
|     wantedBy = [ "multi-user.target" ]; | ||||
|     after = [ | ||||
|       "network.target" | ||||
|       "postgresql.service" | ||||
|       "postgresql.target" | ||||
|     ]; | ||||
|     # note that if you are connecting to a postgres instance on a different host | ||||
|     # postgresql.service should not be included in the requires. | ||||
|     # postgresql.target should not be included in the requires. | ||||
|     requires = [ | ||||
|       "network-online.target" | ||||
|       "postgresql.service" | ||||
|       "postgresql.target" | ||||
|     ]; | ||||
|     description = "my app"; | ||||
|     environment = { | ||||
|  | ||||
| @ -8160,6 +8160,16 @@ | ||||
|     githubId = 26925347; | ||||
|     keys = [ { fingerprint = "0797 D238 9769 CA1E 57B7 2ED9 2BA7 8116 87C9 0DE4"; } ]; | ||||
|   }; | ||||
|   felipe-9 = { | ||||
|     name = "Felipe Pinto"; | ||||
|     email = "felipealexandrepinto@icloud.com"; | ||||
|     github = "Felipe-9"; | ||||
|     githubId = 32753781; | ||||
|     keys = [ | ||||
|       { fingerprint = "1533 0D57 3312 0936 AB38  3C9B 7D36 1E4B 83CD AEFB"; } | ||||
|       { fingerprint = "2BD0 AD01 F91D A0DC 47DF  0AEE 7AA1 649F 6B71 42F2"; } | ||||
|     ]; | ||||
|   }; | ||||
|   felipeqq2 = { | ||||
|     name = "Felipe Silva"; | ||||
|     email = "nixpkgs@felipeqq2.rocks"; | ||||
|  | ||||
| @ -1316,22 +1316,14 @@ | ||||
|   "module-services-postgres-initializing-extra-permissions": [ | ||||
|     "index.html#module-services-postgres-initializing-extra-permissions" | ||||
|   ], | ||||
|   "module-services-postgres-initializing-extra-permissions-superuser": [ | ||||
|     "index.html#module-services-postgres-initializing-extra-permissions-superuser" | ||||
|   ], | ||||
|   "module-services-postgres-initializing-extra-permissions-superuser-post-start": [ | ||||
|     "index.html#module-services-postgres-initializing-extra-permissions-superuser-post-start" | ||||
|   ], | ||||
|   "module-services-postgres-initializing-extra-permissions-superuser-oneshot": [ | ||||
|     "index.html#module-services-postgres-initializing-extra-permissions-superuser-oneshot" | ||||
|   ], | ||||
|   "module-services-postgres-initializing-extra-permissions-service-user": [ | ||||
|     "index.html#module-services-postgres-initializing-extra-permissions-superuser-post-start", | ||||
|     "index.html#module-services-postgres-initializing-extra-permissions-superuser", | ||||
|     "index.html#module-services-postgres-initializing-extra-permissions-service-user-pre-start", | ||||
|     "index.html#module-services-postgres-initializing-extra-permissions-service-user" | ||||
|   ], | ||||
|   "module-services-postgres-initializing-extra-permissions-service-user-pre-start": [ | ||||
|     "index.html#module-services-postgres-initializing-extra-permissions-service-user-pre-start" | ||||
|   ], | ||||
|   "module-services-postgres-initializing-extra-permissions-service-user-oneshot": [ | ||||
|   "module-services-postgres-initializing-extra-permissions-superuser-oneshot": [ | ||||
|     "index.html#module-services-postgres-initializing-extra-permissions-superuser-oneshot", | ||||
|     "index.html#module-services-postgres-initializing-extra-permissions-service-user-oneshot" | ||||
|   ], | ||||
|   "module-services-postgres-authentication": [ | ||||
|  | ||||
| @ -66,8 +66,12 @@ | ||||
| 
 | ||||
| - The `yeahwm` package and `services.xserver.windowManager.yeahwm` module were removed due to the package being broken and unmaintained upstream. | ||||
| 
 | ||||
| - The `services.postgresql` module now sets up a systemd unit `postgresql.target`. Depending on `postgresql.target` guarantees that postgres is in read-write mode and initial/ensure scripts were executed. Depending on `postgresql.service` only guarantees a read-only connection. | ||||
| 
 | ||||
| - The `services.siproxd` module has been removed as `siproxd` is unmaintained and broken with libosip 5.x. | ||||
| 
 | ||||
| - `netbox-manage` script created by the `netbox` module no longer uses `sudo -u netbox` internally. It can be run as root and will change it's user to `netbox` using `runuser` | ||||
| 
 | ||||
| - `services.dwm-status.extraConfig` was replaced by [RFC0042](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md)-compliant [](#opt-services.dwm-status.settings), which is used to generate the config file. `services.dwm-status.order` is now moved to [](#opt-services.dwm-status.settings.order), as it's a part of the config file. | ||||
| 
 | ||||
| - `gitversion` was updated to 6.3.0, which includes a number of breaking changes, old configurations may need updating or they will cause the tool to fail to run. | ||||
|  | ||||
| @ -182,7 +182,7 @@ in | ||||
|       requires = [ "network.target" ]; | ||||
|       # we're adding this optionally so just in case there's any race it'll be caught | ||||
|       # in case postgres doesn't start, pgadmin will just start normally | ||||
|       wants = [ "postgresql.service" ]; | ||||
|       wants = [ "postgresql.target" ]; | ||||
| 
 | ||||
|       path = [ | ||||
|         config.services.postgresql.package | ||||
|  | ||||
| @ -720,7 +720,7 @@ in | ||||
|     systemd.services.bacula-dir = mkIf dir_cfg.enable { | ||||
|       after = [ | ||||
|         "network.target" | ||||
|         "postgresql.service" | ||||
|         "postgresql.target" | ||||
|       ]; | ||||
|       description = "Bacula Director Daemon"; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|  | ||||
| @ -35,7 +35,7 @@ let | ||||
| 
 | ||||
|       description = "Backup of ${db} database(s)"; | ||||
| 
 | ||||
|       requires = [ "postgresql.service" ]; | ||||
|       requires = [ "postgresql.target" ]; | ||||
| 
 | ||||
|       path = [ | ||||
|         pkgs.coreutils | ||||
|  | ||||
| @ -334,8 +334,8 @@ in | ||||
| 
 | ||||
|     systemd.services.hydra-init = { | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       requires = lib.optional haveLocalDB "postgresql.service"; | ||||
|       after = lib.optional haveLocalDB "postgresql.service"; | ||||
|       requires = lib.optional haveLocalDB "postgresql.target"; | ||||
|       after = lib.optional haveLocalDB "postgresql.target"; | ||||
|       environment = env // { | ||||
|         HYDRA_DBI = "${env.HYDRA_DBI};application_name=hydra-init"; | ||||
|       }; | ||||
|  | ||||
| @ -185,8 +185,8 @@ in | ||||
|   config = lib.mkIf cfg.enable { | ||||
|     systemd.services.pgmanage = { | ||||
|       description = "pgmanage - PostgreSQL Administration for the web"; | ||||
|       wants = [ "postgresql.service" ]; | ||||
|       after = [ "postgresql.service" ]; | ||||
|       wants = [ "postgresql.target" ]; | ||||
|       after = [ "postgresql.target" ]; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       serviceConfig = { | ||||
|         User = pgmanage; | ||||
|  | ||||
| @ -156,7 +156,7 @@ in | ||||
|       wants = [ "network-online.target" ]; | ||||
|       after = [ | ||||
|         "network-online.target" | ||||
|         "postgresql.service" | ||||
|         "postgresql.target" | ||||
|       ]; | ||||
| 
 | ||||
|       environment = | ||||
|  | ||||
| @ -89,29 +89,29 @@ database migrations. | ||||
| 
 | ||||
| **NOTE:** please make sure that any added migrations are idempotent (re-runnable). | ||||
| 
 | ||||
| #### as superuser {#module-services-postgres-initializing-extra-permissions-superuser} | ||||
| #### in database's setup `postStart` {#module-services-postgres-initializing-extra-permissions-superuser-post-start} | ||||
| 
 | ||||
| **Advantage:** compatible with postgres < 15, because it's run | ||||
| as the database superuser `postgres`. | ||||
| 
 | ||||
| ##### in database `postStart` {#module-services-postgres-initializing-extra-permissions-superuser-post-start} | ||||
| 
 | ||||
| **Disadvantage:** need to take care of ordering yourself. In this | ||||
| example, `mkAfter` ensures that permissions are assigned after any | ||||
| databases from `ensureDatabases` and `extraUser1` from `ensureUsers` | ||||
| are already created. | ||||
| `ensureUsers` is run in `postgresql-setup`, so this is where `postStart` must be added to: | ||||
| 
 | ||||
| ```nix | ||||
|   { | ||||
|     systemd.services.postgresql.postStart = lib.mkAfter '' | ||||
|       $PSQL service1 -c 'GRANT SELECT ON ALL TABLES IN SCHEMA public TO "extraUser1"' | ||||
|       $PSQL service1 -c 'GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO "extraUser1"' | ||||
|     systemd.services.postgresql-setup.postStart = '' | ||||
|       psql service1 -c 'GRANT SELECT ON ALL TABLES IN SCHEMA public TO "extraUser1"' | ||||
|       psql service1 -c 'GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO "extraUser1"' | ||||
|       # .... | ||||
|     ''; | ||||
|   } | ||||
| ``` | ||||
| 
 | ||||
| ##### in intermediate oneshot service {#module-services-postgres-initializing-extra-permissions-superuser-oneshot} | ||||
| #### in intermediate oneshot service {#module-services-postgres-initializing-extra-permissions-superuser-oneshot} | ||||
| 
 | ||||
| Make sure to run this service after `postgresql.target`, not `postgresql.service`. | ||||
| 
 | ||||
| They differ in two aspects: | ||||
| - `postgresql.target` includes `postgresql-setup`, so users managed via `ensureUsers` are already created. | ||||
| - `postgresql.target` will wait until PostgreSQL is in read-write mode after restoring from backup, while `postgresql.service` will already be ready when PostgreSQL is still recovering in read-only mode. | ||||
| 
 | ||||
| Both can lead to unexpected errors either during initial database creation or restore, when using `postgresql.service`. | ||||
| 
 | ||||
| ```nix | ||||
|   { | ||||
| @ -119,54 +119,13 @@ are already created. | ||||
|       serviceConfig.Type = "oneshot"; | ||||
|       requiredBy = "service1.service"; | ||||
|       before = "service1.service"; | ||||
|       after = "postgresql.service"; | ||||
|       after = "postgresql.target"; | ||||
|       serviceConfig.User = "postgres"; | ||||
|       environment.PSQL = "psql --port=${toString services.postgresql.settings.port}"; | ||||
|       environment.PGPORT = toString services.postgresql.settings.port; | ||||
|       path = [ postgresql ]; | ||||
|       script = '' | ||||
|         $PSQL service1 -c 'GRANT SELECT ON ALL TABLES IN SCHEMA public TO "extraUser1"' | ||||
|         $PSQL service1 -c 'GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO "extraUser1"' | ||||
|         # .... | ||||
|       ''; | ||||
|     }; | ||||
|   } | ||||
| ``` | ||||
| 
 | ||||
| #### as service user {#module-services-postgres-initializing-extra-permissions-service-user} | ||||
| 
 | ||||
| **Advantage:** re-uses systemd's dependency ordering; | ||||
| 
 | ||||
| **Disadvantage:** relies on service user having grant permission. To be combined with `ensureDBOwnership`. | ||||
| 
 | ||||
| ##### in service `preStart` {#module-services-postgres-initializing-extra-permissions-service-user-pre-start} | ||||
| 
 | ||||
| ```nix | ||||
|   { | ||||
|     environment.PSQL = "psql --port=${toString services.postgresql.settings.port}"; | ||||
|     path = [ postgresql ]; | ||||
|     systemd.services."service1".preStart = '' | ||||
|       $PSQL -c 'GRANT SELECT ON ALL TABLES IN SCHEMA public TO "extraUser1"' | ||||
|       $PSQL -c 'GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO "extraUser1"' | ||||
|       # .... | ||||
|     ''; | ||||
|   } | ||||
| ``` | ||||
| 
 | ||||
| ##### in intermediate oneshot service {#module-services-postgres-initializing-extra-permissions-service-user-oneshot} | ||||
| 
 | ||||
| ```nix | ||||
|   { | ||||
|     systemd.services."migrate-service1-db1" = { | ||||
|       serviceConfig.Type = "oneshot"; | ||||
|       requiredBy = "service1.service"; | ||||
|       before = "service1.service"; | ||||
|       after = "postgresql.service"; | ||||
|       serviceConfig.User = "service1"; | ||||
|       environment.PSQL = "psql --port=${toString services.postgresql.settings.port}"; | ||||
|       path = [ postgresql ]; | ||||
|       script = '' | ||||
|         $PSQL -c 'GRANT SELECT ON ALL TABLES IN SCHEMA public TO "extraUser1"' | ||||
|         $PSQL -c 'GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO "extraUser1"' | ||||
|         psql service1 -c 'GRANT SELECT ON ALL TABLES IN SCHEMA public TO "extraUser1"' | ||||
|         psql service1 -c 'GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO "extraUser1"' | ||||
|         # .... | ||||
|       ''; | ||||
|     }; | ||||
|  | ||||
| @ -751,12 +751,23 @@ in | ||||
|       cfg.checkConfig && pkgs.stdenv.hostPlatform == pkgs.stdenv.buildPlatform | ||||
|     ) configFileCheck; | ||||
| 
 | ||||
|     systemd.targets.postgresql = { | ||||
|       description = "PostgreSQL"; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       bindsTo = [ | ||||
|         "postgresql.service" | ||||
|         "postgresql-setup.service" | ||||
|       ]; | ||||
|     }; | ||||
| 
 | ||||
|     systemd.services.postgresql = { | ||||
|       description = "PostgreSQL Server"; | ||||
| 
 | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       after = [ "network.target" ]; | ||||
| 
 | ||||
|       # To trigger the .target also on "systemctl start postgresql". | ||||
|       bindsTo = [ "postgresql.target" ]; | ||||
| 
 | ||||
|       environment.PGDATA = cfg.dataDir; | ||||
| 
 | ||||
|       path = [ cfg.finalPackage ]; | ||||
| @ -776,49 +787,6 @@ in | ||||
|         ln -sfn "${configFile}/postgresql.conf" "${cfg.dataDir}/postgresql.conf" | ||||
|       ''; | ||||
| 
 | ||||
|       # Wait for PostgreSQL to be ready to accept connections. | ||||
|       postStart = | ||||
|         '' | ||||
|           PSQL="psql --port=${builtins.toString cfg.settings.port}" | ||||
| 
 | ||||
|           while ! $PSQL -d postgres -c "" 2> /dev/null; do | ||||
|               if ! kill -0 "$MAINPID"; then exit 1; fi | ||||
|               sleep 0.1 | ||||
|           done | ||||
| 
 | ||||
|           if test -e "${cfg.dataDir}/.first_startup"; then | ||||
|             ${optionalString (cfg.initialScript != null) '' | ||||
|               $PSQL -f "${cfg.initialScript}" -d postgres | ||||
|             ''} | ||||
|             rm -f "${cfg.dataDir}/.first_startup" | ||||
|           fi | ||||
|         '' | ||||
|         + optionalString (cfg.ensureDatabases != [ ]) '' | ||||
|           ${concatMapStrings (database: '' | ||||
|             $PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = '${database}'" | grep -q 1 || $PSQL -tAc 'CREATE DATABASE "${database}"' | ||||
|           '') cfg.ensureDatabases} | ||||
|         '' | ||||
|         + '' | ||||
|           ${concatMapStrings ( | ||||
|             user: | ||||
|             let | ||||
|               dbOwnershipStmt = optionalString user.ensureDBOwnership ''$PSQL -tAc 'ALTER DATABASE "${user.name}" OWNER TO "${user.name}";' ''; | ||||
| 
 | ||||
|               filteredClauses = filterAttrs (name: value: value != null) user.ensureClauses; | ||||
| 
 | ||||
|               clauseSqlStatements = attrValues (mapAttrs (n: v: if v then n else "no${n}") filteredClauses); | ||||
| 
 | ||||
|               userClauses = ''$PSQL -tAc 'ALTER ROLE "${user.name}" ${concatStringsSep " " clauseSqlStatements}' ''; | ||||
|             in | ||||
|             '' | ||||
|               $PSQL -tAc "SELECT 1 FROM pg_roles WHERE rolname='${user.name}'" | grep -q 1 || $PSQL -tAc 'CREATE USER "${user.name}"' | ||||
|               ${userClauses} | ||||
| 
 | ||||
|               ${dbOwnershipStmt} | ||||
|             '' | ||||
|           ) cfg.ensureUsers} | ||||
|         ''; | ||||
| 
 | ||||
|       serviceConfig = mkMerge [ | ||||
|         { | ||||
|           ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; | ||||
| @ -891,11 +859,74 @@ in | ||||
| 
 | ||||
|       unitConfig.RequiresMountsFor = "${cfg.dataDir}"; | ||||
|     }; | ||||
| 
 | ||||
|     systemd.services.postgresql-setup = { | ||||
|       description = "PostgreSQL Setup Scripts"; | ||||
| 
 | ||||
|       requires = [ "postgresql.service" ]; | ||||
|       after = [ "postgresql.service" ]; | ||||
| 
 | ||||
|       serviceConfig = { | ||||
|         User = "postgres"; | ||||
|         Group = "postgres"; | ||||
|         Type = "oneshot"; | ||||
|         RemainAfterExit = true; | ||||
|       }; | ||||
| 
 | ||||
|       path = [ cfg.finalPackage ]; | ||||
|       environment.PGPORT = builtins.toString cfg.settings.port; | ||||
| 
 | ||||
|       # Wait for PostgreSQL to be ready to accept connections. | ||||
|       script = | ||||
|         '' | ||||
|           check-connection() { | ||||
|             psql -d postgres -v ON_ERROR_STOP=1 <<-'  EOF' | ||||
|               SELECT pg_is_in_recovery() \gset | ||||
|               \if :pg_is_in_recovery | ||||
|               \i still-recovering | ||||
|               \endif | ||||
|             EOF | ||||
|           } | ||||
|           while ! check-connection 2> /dev/null; do | ||||
|               if ! systemctl is-active --quiet postgresql.service; then exit 1; fi | ||||
|               sleep 0.1 | ||||
|           done | ||||
| 
 | ||||
|           if test -e "${cfg.dataDir}/.first_startup"; then | ||||
|             ${optionalString (cfg.initialScript != null) '' | ||||
|               psql -f "${cfg.initialScript}" -d postgres | ||||
|             ''} | ||||
|             rm -f "${cfg.dataDir}/.first_startup" | ||||
|           fi | ||||
|         '' | ||||
|         + optionalString (cfg.ensureDatabases != [ ]) '' | ||||
|           ${concatMapStrings (database: '' | ||||
|             psql -tAc "SELECT 1 FROM pg_database WHERE datname = '${database}'" | grep -q 1 || psql -tAc 'CREATE DATABASE "${database}"' | ||||
|           '') cfg.ensureDatabases} | ||||
|         '' | ||||
|         + '' | ||||
|           ${concatMapStrings ( | ||||
|             user: | ||||
|             let | ||||
|               dbOwnershipStmt = optionalString user.ensureDBOwnership ''psql -tAc 'ALTER DATABASE "${user.name}" OWNER TO "${user.name}";' ''; | ||||
| 
 | ||||
|               filteredClauses = filterAttrs (name: value: value != null) user.ensureClauses; | ||||
| 
 | ||||
|               clauseSqlStatements = attrValues (mapAttrs (n: v: if v then n else "no${n}") filteredClauses); | ||||
| 
 | ||||
|               userClauses = ''psql -tAc 'ALTER ROLE "${user.name}" ${concatStringsSep " " clauseSqlStatements}' ''; | ||||
|             in | ||||
|             '' | ||||
|               psql -tAc "SELECT 1 FROM pg_roles WHERE rolname='${user.name}'" | grep -q 1 || psql -tAc 'CREATE USER "${user.name}"' | ||||
|               ${userClauses} | ||||
| 
 | ||||
|               ${dbOwnershipStmt} | ||||
|             '' | ||||
|           ) cfg.ensureUsers} | ||||
|         ''; | ||||
|     }; | ||||
|   }; | ||||
| 
 | ||||
|   meta.doc = ./postgresql.md; | ||||
|   meta.maintainers = with lib.maintainers; [ | ||||
|     thoughtpolice | ||||
|     danbst | ||||
|   ]; | ||||
|   meta.maintainers = pkgs.postgresql.meta.maintainers; | ||||
| } | ||||
|  | ||||
| @ -256,7 +256,7 @@ in | ||||
|       wants = [ "network-online.target" ]; | ||||
|       after = [ | ||||
|         "network-online.target" | ||||
|         "postgresql.service" | ||||
|         "postgresql.target" | ||||
|       ]; | ||||
| 
 | ||||
|       serviceConfig = { | ||||
|  | ||||
| @ -275,13 +275,13 @@ in | ||||
|           "systemd-tmpfiles-setup.service" | ||||
|         ] | ||||
|         ++ lib.optionals (cfg.database.createLocally) [ | ||||
|           "postgresql.service" | ||||
|           "postgresql.target" | ||||
|         ] | ||||
|         ++ lib.optionals cfg.redis.createLocally [ | ||||
|           "redis-${cfg.redis.name}.service" | ||||
|         ]; | ||||
|       requires = lib.optionals (cfg.database.createLocally) [ | ||||
|         "postgresql.service" | ||||
|         "postgresql.target" | ||||
|       ]; | ||||
|       description = "Zammad web"; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|  | ||||
| @ -123,8 +123,8 @@ libeufinComponent: | ||||
|                   echo "Bank initialisation complete" | ||||
|                 fi | ||||
|               ''; | ||||
|             requires = lib.optionals cfg.createLocalDatabase [ "postgresql.service" ]; | ||||
|             after = [ "network.target" ] ++ lib.optionals cfg.createLocalDatabase [ "postgresql.service" ]; | ||||
|             requires = lib.optionals cfg.createLocalDatabase [ "postgresql.target" ]; | ||||
|             after = [ "network.target" ] ++ lib.optionals cfg.createLocalDatabase [ "postgresql.target" ]; | ||||
|           }; | ||||
|       }; | ||||
| 
 | ||||
|  | ||||
| @ -119,13 +119,13 @@ in | ||||
|         wantedBy = [ "multi-user.target" ]; | ||||
|         after = [ | ||||
|           "network.target" | ||||
|           "postgresql.service" | ||||
|           "postgresql.target" | ||||
|         ]; | ||||
| 
 | ||||
|         # pg_dump | ||||
|         path = [ config.services.postgresql.package ]; | ||||
| 
 | ||||
|         requires = [ "postgresql.service" ]; | ||||
|         requires = [ "postgresql.target" ]; | ||||
| 
 | ||||
|         serviceConfig = { | ||||
|           ExecStart = "${cfg.package}/bin/odoo"; | ||||
|  | ||||
| @ -89,8 +89,8 @@ in | ||||
|             Restart = "on-failure"; | ||||
|             RestartSec = "5s"; | ||||
|           }; | ||||
|           requires = [ "postgresql.service" ]; | ||||
|           after = [ "postgresql.service" ]; | ||||
|           requires = [ "postgresql.target" ]; | ||||
|           after = [ "postgresql.target" ]; | ||||
|         }; | ||||
|       } | ||||
|     ]; | ||||
|  | ||||
| @ -623,7 +623,7 @@ in | ||||
| 
 | ||||
|         # prevent races with database creation | ||||
|         "mysql.service" | ||||
|         "postgresql.service" | ||||
|         "postgresql.target" | ||||
|       ]; | ||||
|       reloadTriggers = | ||||
|         optionals (cfg.config != null) [ configFile ] | ||||
|  | ||||
| @ -107,7 +107,7 @@ in | ||||
|         systemd.services.dspam = { | ||||
|           description = "dspam spam filtering daemon"; | ||||
|           wantedBy = [ "multi-user.target" ]; | ||||
|           after = [ "postgresql.service" ]; | ||||
|           after = [ "postgresql.target" ]; | ||||
|           restartTriggers = [ cfgfile ]; | ||||
| 
 | ||||
|           serviceConfig = { | ||||
|  | ||||
| @ -193,7 +193,7 @@ in | ||||
| 
 | ||||
|     systemd.services.listmonk = { | ||||
|       description = "Listmonk - newsletter and mailing list manager"; | ||||
|       after = [ "network.target" ] ++ lib.optional cfg.database.createLocally "postgresql.service"; | ||||
|       after = [ "network.target" ] ++ lib.optional cfg.database.createLocally "postgresql.target"; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       serviceConfig = { | ||||
|         Type = "exec"; | ||||
|  | ||||
| @ -575,9 +575,9 @@ in | ||||
|           after = | ||||
|             [ "network.target" ] | ||||
|             ++ lib.optional cfg.enablePostfix "postfix-setup.service" | ||||
|             ++ lib.optional withPostgresql "postgresql.service"; | ||||
|             ++ lib.optional withPostgresql "postgresql.target"; | ||||
|           restartTriggers = [ mailmanCfgFile ]; | ||||
|           requires = lib.optional withPostgresql "postgresql.service"; | ||||
|           requires = lib.optional withPostgresql "postgresql.target"; | ||||
|           wantedBy = [ "multi-user.target" ]; | ||||
|           serviceConfig = { | ||||
|             ExecStart = "${mailmanEnv}/bin/mailman start"; | ||||
| @ -609,8 +609,8 @@ in | ||||
|             "hyperkitty.service" | ||||
|           ]; | ||||
|           path = with pkgs; [ jq ]; | ||||
|           after = lib.optional withPostgresql "postgresql.service"; | ||||
|           requires = lib.optional withPostgresql "postgresql.service"; | ||||
|           after = lib.optional withPostgresql "postgresql.target"; | ||||
|           requires = lib.optional withPostgresql "postgresql.target"; | ||||
|           serviceConfig.RemainAfterExit = true; | ||||
|           serviceConfig.Type = "oneshot"; | ||||
|           script = '' | ||||
| @ -709,11 +709,11 @@ in | ||||
|           in | ||||
|           { | ||||
|             wantedBy = [ "multi-user.target" ]; | ||||
|             after = lib.optional withPostgresql "postgresql.service"; | ||||
|             after = lib.optional withPostgresql "postgresql.target"; | ||||
|             requires = [ | ||||
|               "mailman-uwsgi.socket" | ||||
|               "mailman-web-setup.service" | ||||
|             ] ++ lib.optional withPostgresql "postgresql.service"; | ||||
|             ] ++ lib.optional withPostgresql "postgresql.target"; | ||||
|             restartTriggers = [ config.environment.etc."mailman3/settings.py".source ]; | ||||
|             serviceConfig = { | ||||
|               # Since the mailman-web settings.py obstinately creates a logs | ||||
|  | ||||
| @ -148,8 +148,8 @@ in | ||||
|     # objects owners and extensions; for now we tack on what's needed | ||||
|     # here. | ||||
|     systemd.services.postfixadmin-postgres = lib.mkIf localDB { | ||||
|       after = [ "postgresql.service" ]; | ||||
|       bindsTo = [ "postgresql.service" ]; | ||||
|       after = [ "postgresql.target" ]; | ||||
|       bindsTo = [ "postgresql.target" ]; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       path = [ | ||||
|         pgsql.package | ||||
|  | ||||
| @ -273,8 +273,8 @@ in | ||||
| 
 | ||||
|     systemd.services.roundcube-setup = lib.mkMerge [ | ||||
|       (lib.mkIf localDB { | ||||
|         requires = [ "postgresql.service" ]; | ||||
|         after = [ "postgresql.service" ]; | ||||
|         requires = [ "postgresql.target" ]; | ||||
|         after = [ "postgresql.target" ]; | ||||
|       }) | ||||
|       { | ||||
|         wants = [ "network-online.target" ]; | ||||
|  | ||||
| @ -196,7 +196,7 @@ in | ||||
|       description = "Matrix-IRC bridge"; | ||||
|       before = [ "matrix-synapse.service" ]; # So the registration can be used by Synapse | ||||
|       after = lib.optionals (cfg.settings.database.engine == "postgres") [ | ||||
|         "postgresql.service" | ||||
|         "postgresql.target" | ||||
|       ]; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
| 
 | ||||
|  | ||||
| @ -440,7 +440,7 @@ in | ||||
| 
 | ||||
|     systemd.services.maubot = rec { | ||||
|       description = "maubot - a plugin-based Matrix bot system written in Python"; | ||||
|       after = [ "network.target" ] ++ wants ++ lib.optional hasLocalPostgresDB "postgresql.service"; | ||||
|       after = [ "network.target" ] ++ wants ++ lib.optional hasLocalPostgresDB "postgresql.target"; | ||||
|       # all plugins get automatically disabled if maubot starts before synapse | ||||
|       wants = lib.optional config.services.matrix-synapse.enable config.services.matrix-synapse.serviceUnit; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|  | ||||
| @ -119,7 +119,7 @@ in | ||||
|     systemd.services.synapse-auto-compressor = { | ||||
|       description = "synapse-auto-compressor"; | ||||
|       requires = lib.optionals synapseUsesLocalPostgresql [ | ||||
|         "postgresql.service" | ||||
|         "postgresql.target" | ||||
|       ]; | ||||
|       inherit (cfg) startAt; | ||||
|       serviceConfig = { | ||||
|  | ||||
| @ -1439,7 +1439,7 @@ in | ||||
|     systemd.targets.matrix-synapse = lib.mkIf hasWorkers { | ||||
|       description = "Synapse Matrix parent target"; | ||||
|       wants = [ "network-online.target" ]; | ||||
|       after = [ "network-online.target" ] ++ optional hasLocalPostgresDB "postgresql.service"; | ||||
|       after = [ "network-online.target" ] ++ optional hasLocalPostgresDB "postgresql.target"; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|     }; | ||||
| 
 | ||||
| @ -1451,13 +1451,13 @@ in | ||||
|               partOf = [ "matrix-synapse.target" ]; | ||||
|               wantedBy = [ "matrix-synapse.target" ]; | ||||
|               unitConfig.ReloadPropagatedFrom = "matrix-synapse.target"; | ||||
|               requires = optional hasLocalPostgresDB "postgresql.service"; | ||||
|               requires = optional hasLocalPostgresDB "postgresql.target"; | ||||
|             } | ||||
|           else | ||||
|             { | ||||
|               wants = [ "network-online.target" ]; | ||||
|               after = [ "network-online.target" ] ++ optional hasLocalPostgresDB "postgresql.service"; | ||||
|               requires = optional hasLocalPostgresDB "postgresql.service"; | ||||
|               after = [ "network-online.target" ] ++ optional hasLocalPostgresDB "postgresql.target"; | ||||
|               requires = optional hasLocalPostgresDB "postgresql.target"; | ||||
|               wantedBy = [ "multi-user.target" ]; | ||||
|             }; | ||||
|         baseServiceConfig = { | ||||
|  | ||||
| @ -92,13 +92,13 @@ in | ||||
| 
 | ||||
|     systemd.services.atuin = { | ||||
|       description = "atuin server"; | ||||
|       requires = lib.optionals cfg.database.createLocally [ "postgresql.service" ]; | ||||
|       requires = lib.optionals cfg.database.createLocally [ "postgresql.target" ]; | ||||
|       after = [ | ||||
|         "network-online.target" | ||||
|       ] ++ lib.optionals cfg.database.createLocally [ "postgresql.service" ]; | ||||
|       ] ++ lib.optionals cfg.database.createLocally [ "postgresql.target" ]; | ||||
|       wants = [ | ||||
|         "network-online.target" | ||||
|       ] ++ lib.optionals cfg.database.createLocally [ "postgresql.service" ]; | ||||
|       ] ++ lib.optionals cfg.database.createLocally [ "postgresql.target" ]; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
| 
 | ||||
|       serviceConfig = { | ||||
|  | ||||
| @ -77,7 +77,7 @@ in | ||||
|           [ "dbus.service" ] | ||||
|           ++ lib.optional config.services.httpd.enable "httpd.service" | ||||
|           ++ lib.optional config.services.mysql.enable "mysql.service" | ||||
|           ++ lib.optional config.services.postgresql.enable "postgresql.service" | ||||
|           ++ lib.optional config.services.postgresql.enable "postgresql.target" | ||||
|           ++ lib.optional config.services.tomcat.enable "tomcat.service" | ||||
|           ++ lib.optional config.services.svnserve.enable "svnserve.service" | ||||
|           ++ lib.optional config.services.mongodb.enable "mongodb.service" | ||||
|  | ||||
| @ -663,7 +663,7 @@ in | ||||
|           "network.target" | ||||
|         ] | ||||
|         ++ optionals usePostgresql [ | ||||
|           "postgresql.service" | ||||
|           "postgresql.target" | ||||
|         ] | ||||
|         ++ optionals useMysql [ | ||||
|           "mysql.service" | ||||
| @ -673,7 +673,7 @@ in | ||||
|         ]; | ||||
|       requires = | ||||
|         optionals (cfg.database.createDatabase && usePostgresql) [ | ||||
|           "postgresql.service" | ||||
|           "postgresql.target" | ||||
|         ] | ||||
|         ++ optionals (cfg.database.createDatabase && useMysql) [ | ||||
|           "mysql.service" | ||||
|  | ||||
| @ -238,7 +238,7 @@ in | ||||
| 
 | ||||
|       wants = | ||||
|         with cfg.backend; | ||||
|         [ ] ++ lib.optionals (service == "sql" && sql.driver == "native_pgsql") [ "postgresql.service" ]; | ||||
|         [ ] ++ lib.optionals (service == "sql" && sql.driver == "native_pgsql") [ "postgresql.target" ]; | ||||
| 
 | ||||
|       preStart = | ||||
|         with cfg.backend; | ||||
|  | ||||
| @ -758,10 +758,10 @@ in | ||||
|       description = "gitea"; | ||||
|       after = | ||||
|         [ "network.target" ] | ||||
|         ++ optional usePostgresql "postgresql.service" | ||||
|         ++ optional usePostgresql "postgresql.target" | ||||
|         ++ optional useMysql "mysql.service"; | ||||
|       requires = | ||||
|         optional (cfg.database.createDatabase && usePostgresql) "postgresql.service" | ||||
|         optional (cfg.database.createDatabase && usePostgresql) "postgresql.target" | ||||
|         ++ optional (cfg.database.createDatabase && useMysql) "mysql.service"; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       path = [ | ||||
|  | ||||
| @ -1295,8 +1295,8 @@ in | ||||
|         pgsql = config.services.postgresql; | ||||
|       in | ||||
|       mkIf databaseActuallyCreateLocally { | ||||
|         after = [ "postgresql.service" ]; | ||||
|         bindsTo = [ "postgresql.service" ]; | ||||
|         after = [ "postgresql.target" ]; | ||||
|         bindsTo = [ "postgresql.target" ]; | ||||
|         wantedBy = [ "gitlab.target" ]; | ||||
|         partOf = [ "gitlab.target" ]; | ||||
|         path = [ | ||||
| @ -1561,12 +1561,12 @@ in | ||||
|     systemd.services.gitlab-db-config = { | ||||
|       after = [ | ||||
|         "gitlab-config.service" | ||||
|         "gitlab-postgresql.service" | ||||
|         "postgresql.service" | ||||
|         "gitlab-postgresql.target" | ||||
|         "postgresql.target" | ||||
|       ]; | ||||
|       wants = | ||||
|         optional (cfg.databaseHost == "") "postgresql.service" | ||||
|         ++ optional databaseActuallyCreateLocally "gitlab-postgresql.service"; | ||||
|         optional (cfg.databaseHost == "") "postgresql.target" | ||||
|         ++ optional databaseActuallyCreateLocally "gitlab-postgresql.target"; | ||||
|       bindsTo = [ "gitlab-config.service" ]; | ||||
|       wantedBy = [ "gitlab.target" ]; | ||||
|       partOf = [ "gitlab.target" ]; | ||||
| @ -1596,7 +1596,7 @@ in | ||||
|       after = [ | ||||
|         "network.target" | ||||
|         "redis-gitlab.service" | ||||
|         "postgresql.service" | ||||
|         "postgresql.target" | ||||
|         "gitlab-config.service" | ||||
|         "gitlab-db-config.service" | ||||
|       ]; | ||||
| @ -1604,7 +1604,7 @@ in | ||||
|         "gitlab-config.service" | ||||
|         "gitlab-db-config.service" | ||||
|       ]; | ||||
|       wants = [ "redis-gitlab.service" ] ++ optional (cfg.databaseHost == "") "postgresql.service"; | ||||
|       wants = [ "redis-gitlab.service" ] ++ optional (cfg.databaseHost == "") "postgresql.target"; | ||||
|       wantedBy = [ "gitlab.target" ]; | ||||
|       partOf = [ "gitlab.target" ]; | ||||
|       environment = | ||||
| @ -1847,7 +1847,7 @@ in | ||||
|         "gitlab-config.service" | ||||
|         "gitlab-db-config.service" | ||||
|       ]; | ||||
|       wants = [ "redis-gitlab.service" ] ++ optional (cfg.databaseHost == "") "postgresql.service"; | ||||
|       wants = [ "redis-gitlab.service" ] ++ optional (cfg.databaseHost == "") "postgresql.target"; | ||||
|       requiredBy = [ "gitlab.target" ]; | ||||
|       partOf = [ "gitlab.target" ]; | ||||
|       environment = gitlabEnv; | ||||
|  | ||||
| @ -491,18 +491,18 @@ in | ||||
|               fi | ||||
|             fi | ||||
|           ''; | ||||
|           requires = lib.optional cfg.database.createLocally "postgresql.service"; | ||||
|           requires = lib.optional cfg.database.createLocally "postgresql.target"; | ||||
|           after = | ||||
|             lib.optional enableRedis "redis-paperless.service" | ||||
|             ++ lib.optional cfg.database.createLocally "postgresql.service"; | ||||
|             ++ lib.optional cfg.database.createLocally "postgresql.target"; | ||||
|         }; | ||||
| 
 | ||||
|         systemd.services.paperless-task-queue = { | ||||
|           description = "Paperless Celery Workers"; | ||||
|           requires = lib.optional cfg.database.createLocally "postgresql.service"; | ||||
|           requires = lib.optional cfg.database.createLocally "postgresql.target"; | ||||
|           after = [ | ||||
|             "paperless-scheduler.service" | ||||
|           ] ++ lib.optional cfg.database.createLocally "postgresql.service"; | ||||
|           ] ++ lib.optional cfg.database.createLocally "postgresql.target"; | ||||
|           serviceConfig = defaultServiceConfig // { | ||||
|             User = cfg.user; | ||||
|             ExecStart = "${cfg.package}/bin/celery --app paperless worker --loglevel INFO"; | ||||
| @ -520,10 +520,10 @@ in | ||||
|           # Bind to `paperless-scheduler` so that the consumer never runs | ||||
|           # during migrations | ||||
|           bindsTo = [ "paperless-scheduler.service" ]; | ||||
|           requires = lib.optional cfg.database.createLocally "postgresql.service"; | ||||
|           requires = lib.optional cfg.database.createLocally "postgresql.target"; | ||||
|           after = [ | ||||
|             "paperless-scheduler.service" | ||||
|           ] ++ lib.optional cfg.database.createLocally "postgresql.service"; | ||||
|           ] ++ lib.optional cfg.database.createLocally "postgresql.target"; | ||||
|           serviceConfig = defaultServiceConfig // { | ||||
|             User = cfg.user; | ||||
|             ExecStart = "${cfg.package}/bin/paperless-ngx document_consumer"; | ||||
| @ -541,10 +541,10 @@ in | ||||
|           # Bind to `paperless-scheduler` so that the web server never runs | ||||
|           # during migrations | ||||
|           bindsTo = [ "paperless-scheduler.service" ]; | ||||
|           requires = lib.optional cfg.database.createLocally "postgresql.service"; | ||||
|           requires = lib.optional cfg.database.createLocally "postgresql.target"; | ||||
|           after = [ | ||||
|             "paperless-scheduler.service" | ||||
|           ] ++ lib.optional cfg.database.createLocally "postgresql.service"; | ||||
|           ] ++ lib.optional cfg.database.createLocally "postgresql.target"; | ||||
|           # Setup PAPERLESS_SECRET_KEY. | ||||
|           # If this environment variable is left unset, paperless-ngx defaults | ||||
|           # to a well-known value, which is insecure. | ||||
|  | ||||
| @ -374,7 +374,7 @@ in | ||||
|       after = | ||||
|         [ "network.target" ] | ||||
|         ++ lib.optional mysqlLocal "mysql.service" | ||||
|         ++ lib.optional pgsqlLocal "postgresql.service"; | ||||
|         ++ lib.optional pgsqlLocal "postgresql.target"; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       environment.RAILS_ENV = "production"; | ||||
|       environment.RAILS_CACHE = "${cfg.stateDir}/cache"; | ||||
|  | ||||
| @ -52,10 +52,10 @@ let | ||||
|       { | ||||
|         after = | ||||
|           [ "network.target" ] | ||||
|           ++ optional cfg.postgresql.enable "postgresql.service" | ||||
|           ++ optional cfg.postgresql.enable "postgresql.target" | ||||
|           ++ optional cfg.redis.enable "redis-sourcehut-${srvsrht}.service"; | ||||
|         requires = | ||||
|           optional cfg.postgresql.enable "postgresql.service" | ||||
|           optional cfg.postgresql.enable "postgresql.target" | ||||
|           ++ optional cfg.redis.enable "redis-sourcehut-${srvsrht}.service"; | ||||
|         path = [ pkgs.gawk ]; | ||||
|         environment.HOME = runDir; | ||||
| @ -482,11 +482,9 @@ in | ||||
|             && lib.strings.versionAtLeast config.services.postgresql.package.version "15.0" | ||||
|           ) | ||||
|           { | ||||
|             postgresql.postStart = ( | ||||
|               lib.mkAfter '' | ||||
|                 $PSQL -tAc 'ALTER DATABASE "${srvCfg.postgresql.database}" OWNER TO "${srvCfg.user}";' | ||||
|               '' | ||||
|             ); | ||||
|             postgresql-setup.postStart = '' | ||||
|               psql -tAc 'ALTER DATABASE "${srvCfg.postgresql.database}" OWNER TO "${srvCfg.user}";' | ||||
|             ''; | ||||
|           } | ||||
|         ) | ||||
|       ]; | ||||
|  | ||||
| @ -2020,7 +2020,7 @@ in | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       after = | ||||
|         [ "networking.target" ] | ||||
|         ++ lib.optional usePostgresql "postgresql.service" | ||||
|         ++ lib.optional usePostgresql "postgresql.target" | ||||
|         ++ lib.optional useMysql "mysql.service"; | ||||
|       script = '' | ||||
|         set -o errexit -o pipefail -o nounset -o errtrace | ||||
|  | ||||
| @ -337,7 +337,7 @@ in | ||||
|       description = "Zabbix Proxy"; | ||||
| 
 | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.service"; | ||||
|       after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.target"; | ||||
| 
 | ||||
|       path = [ "/run/wrappers" ] ++ cfg.extraPackages; | ||||
|       preStart = | ||||
|  | ||||
| @ -328,7 +328,7 @@ in | ||||
|       description = "Zabbix Server"; | ||||
| 
 | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.service"; | ||||
|       after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.target"; | ||||
| 
 | ||||
|       path = [ "/run/wrappers" ] ++ cfg.extraPackages; | ||||
|       preStart = | ||||
| @ -374,7 +374,7 @@ in | ||||
| 
 | ||||
|     systemd.services.httpd.after = | ||||
|       optional (config.services.zabbixWeb.enable && mysqlLocal) "mysql.service" | ||||
|       ++ optional (config.services.zabbixWeb.enable && pgsqlLocal) "postgresql.service"; | ||||
|       ++ optional (config.services.zabbixWeb.enable && pgsqlLocal) "postgresql.target"; | ||||
| 
 | ||||
|   }; | ||||
| 
 | ||||
|  | ||||
| @ -169,8 +169,8 @@ in | ||||
| 
 | ||||
|     systemd.services.atticd = { | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       after = [ "network-online.target" ] ++ lib.optionals hasLocalPostgresDB [ "postgresql.service" ]; | ||||
|       requires = lib.optionals hasLocalPostgresDB [ "postgresql.service" ]; | ||||
|       after = [ "network-online.target" ] ++ lib.optionals hasLocalPostgresDB [ "postgresql.target" ]; | ||||
|       requires = lib.optionals hasLocalPostgresDB [ "postgresql.target" ]; | ||||
|       wants = [ "network-online.target" ]; | ||||
| 
 | ||||
|       serviceConfig = { | ||||
|  | ||||
| @ -1105,8 +1105,8 @@ in | ||||
|       systemd.services.firezone-initialize = { | ||||
|         description = "Backend initialization service for the Firezone zero-trust access platform"; | ||||
| 
 | ||||
|         after = mkIf cfg.enableLocalDB [ "postgresql.service" ]; | ||||
|         requires = mkIf cfg.enableLocalDB [ "postgresql.service" ]; | ||||
|         after = mkIf cfg.enableLocalDB [ "postgresql.target" ]; | ||||
|         requires = mkIf cfg.enableLocalDB [ "postgresql.target" ]; | ||||
|         wantedBy = [ "firezone.target" ]; | ||||
|         partOf = [ "firezone.target" ]; | ||||
| 
 | ||||
|  | ||||
| @ -122,7 +122,7 @@ in | ||||
|           wants = [ "network-online.target" ]; | ||||
|           after = [ | ||||
|             "network-online.target" | ||||
|             "postgresql.service" | ||||
|             "postgresql.target" | ||||
|           ]; | ||||
|           wantedBy = [ "pleroma.service" ]; | ||||
|           environment.RELEASE_COOKIE = "/var/lib/pleroma/.cookie"; | ||||
|  | ||||
| @ -53,7 +53,7 @@ in | ||||
|       after = [ | ||||
|         "network.target" | ||||
|         "mysql.service" | ||||
|         "postgresql.service" | ||||
|         "postgresql.target" | ||||
|         "openldap.service" | ||||
|       ]; | ||||
| 
 | ||||
|  | ||||
| @ -120,7 +120,7 @@ in | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       after = | ||||
|         [ "network.target" ] | ||||
|         ++ optional config.services.postgresql.enable "postgresql.service" | ||||
|         ++ optional config.services.postgresql.enable "postgresql.target" | ||||
|         ++ optional config.services.mysql.enable "mysql.service"; | ||||
| 
 | ||||
|       serviceConfig = { | ||||
|  | ||||
| @ -283,7 +283,7 @@ in | ||||
|     systemd.services.canaille-install = { | ||||
|       # We want this on boot, not on socket activation | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       after = optional createLocalPostgresqlDb "postgresql.service"; | ||||
|       after = optional createLocalPostgresqlDb "postgresql.target"; | ||||
|       serviceConfig = commonServiceConfig // { | ||||
|         Type = "oneshot"; | ||||
|         ExecStart = "${getExe finalPackage} install"; | ||||
| @ -296,7 +296,7 @@ in | ||||
|       after = [ | ||||
|         "network.target" | ||||
|         "canaille-install.service" | ||||
|       ] ++ optional createLocalPostgresqlDb "postgresql.service"; | ||||
|       ] ++ optional createLocalPostgresqlDb "postgresql.target"; | ||||
|       requires = [ | ||||
|         "canaille-install.service" | ||||
|         "canaille.socket" | ||||
|  | ||||
| @ -127,8 +127,8 @@ in | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       after = [ | ||||
|         "network.target" | ||||
|       ] ++ optional cfg.useLocalPostgresDB "postgresql.service"; | ||||
|       requires = optional cfg.useLocalPostgresDB "postgresql.service"; | ||||
|       ] ++ optional cfg.useLocalPostgresDB "postgresql.target"; | ||||
|       requires = optional cfg.useLocalPostgresDB "postgresql.target"; | ||||
|       serviceConfig = { | ||||
|         Type = "simple"; | ||||
|         DynamicUser = true; | ||||
|  | ||||
| @ -1231,7 +1231,7 @@ in | ||||
|       requiredBy = [ "akkoma.service" ]; | ||||
|       after = [ | ||||
|         "akkoma-config.service" | ||||
|         "postgresql.service" | ||||
|         "postgresql.target" | ||||
|       ]; | ||||
|       before = [ "akkoma.service" ]; | ||||
| 
 | ||||
| @ -1269,7 +1269,7 @@ in | ||||
|           "akkoma-config.target" | ||||
|           "network.target" | ||||
|           "network-online.target" | ||||
|           "postgresql.service" | ||||
|           "postgresql.target" | ||||
|         ]; | ||||
| 
 | ||||
|         confinement.packages = mkIf isConfined runtimeInputs; | ||||
|  | ||||
| @ -109,7 +109,7 @@ in | ||||
|         description = "The API for Crab Fit."; | ||||
| 
 | ||||
|         wantedBy = [ "multi-user.target" ]; | ||||
|         after = [ "postgresql.service" ]; | ||||
|         after = [ "postgresql.target" ]; | ||||
| 
 | ||||
|         serviceConfig = { | ||||
|           # TODO: harden | ||||
|  | ||||
| @ -444,11 +444,11 @@ in | ||||
|         before = [ "phpfpm-davis.service" ]; | ||||
|         after = | ||||
|           lib.optional mysqlLocal "mysql.service" | ||||
|           ++ lib.optional pgsqlLocal "postgresql.service" | ||||
|           ++ lib.optional pgsqlLocal "postgresql.target" | ||||
|           ++ [ "davis-env-setup.service" ]; | ||||
|         requires = | ||||
|           lib.optional mysqlLocal "mysql.service" | ||||
|           ++ lib.optional pgsqlLocal "postgresql.service" | ||||
|           ++ lib.optional pgsqlLocal "postgresql.target" | ||||
|           ++ [ "davis-env-setup.service" ]; | ||||
|         wantedBy = [ "multi-user.target" ]; | ||||
|         serviceConfig = defaultServiceConfig // { | ||||
| @ -483,7 +483,7 @@ in | ||||
|           "davis-db-migrate.service" | ||||
|         ] | ||||
|         ++ lib.optional mysqlLocal "mysql.service" | ||||
|         ++ lib.optional pgsqlLocal "postgresql.service"; | ||||
|         ++ lib.optional pgsqlLocal "postgresql.target"; | ||||
|       systemd.services.phpfpm-davis.serviceConfig.ReadWritePaths = [ cfg.dataDir ]; | ||||
| 
 | ||||
|       services.nginx = lib.mkIf (cfg.nginx != null) { | ||||
|  | ||||
| @ -535,9 +535,9 @@ in | ||||
|     }; | ||||
| 
 | ||||
|     systemd.services.dependency-track-postgresql-init = lib.mkIf cfg.database.createLocally { | ||||
|       after = [ "postgresql.service" ]; | ||||
|       after = [ "postgresql.target" ]; | ||||
|       before = [ "dependency-track.service" ]; | ||||
|       bindsTo = [ "postgresql.service" ]; | ||||
|       bindsTo = [ "postgresql.target" ]; | ||||
|       path = [ config.services.postgresql.package ]; | ||||
|       serviceConfig = { | ||||
|         Type = "oneshot"; | ||||
| @ -572,7 +572,7 @@ in | ||||
|           if cfg.database.createLocally then | ||||
|             [ | ||||
|               "dependency-track-postgresql-init.service" | ||||
|               "postgresql.service" | ||||
|               "postgresql.target" | ||||
|             ] | ||||
|           else | ||||
|             [ ]; | ||||
|  | ||||
| @ -100,7 +100,7 @@ in | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       after = [ | ||||
|         "networking.target" | ||||
|       ] ++ (optional (cfg.settings.storage.type == "postgres") "postgresql.service"); | ||||
|       ] ++ (optional (cfg.settings.storage.type == "postgres") "postgresql.target"); | ||||
|       path = with pkgs; [ replace-secret ]; | ||||
|       restartTriggers = restartTriggers; | ||||
|       serviceConfig = | ||||
|  | ||||
| @ -705,8 +705,8 @@ in | ||||
|         pgsql = config.services.postgresql; | ||||
|       in | ||||
|       lib.mkIf databaseActuallyCreateLocally { | ||||
|         after = [ "postgresql.service" ]; | ||||
|         bindsTo = [ "postgresql.service" ]; | ||||
|         after = [ "postgresql.target" ]; | ||||
|         bindsTo = [ "postgresql.target" ]; | ||||
|         wantedBy = [ "discourse.service" ]; | ||||
|         partOf = [ "discourse.service" ]; | ||||
|         path = [ | ||||
| @ -732,16 +732,16 @@ in | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       after = [ | ||||
|         "redis-discourse.service" | ||||
|         "postgresql.service" | ||||
|         "discourse-postgresql.service" | ||||
|         "postgresql.target" | ||||
|         "discourse-postgresql.target" | ||||
|       ]; | ||||
|       bindsTo = | ||||
|         [ | ||||
|           "redis-discourse.service" | ||||
|         ] | ||||
|         ++ lib.optionals (cfg.database.host == null) [ | ||||
|           "postgresql.service" | ||||
|           "discourse-postgresql.service" | ||||
|           "postgresql.target" | ||||
|           "discourse-postgresql.target" | ||||
|         ]; | ||||
|       path = cfg.package.runtimeDeps ++ [ | ||||
|         postgresqlPackage | ||||
|  | ||||
| @ -87,8 +87,8 @@ in | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       after = [ | ||||
|         "network.target" | ||||
|       ] ++ lib.optionals (cfg.database.url == "local") [ "postgresql.service" ]; | ||||
|       requires = lib.optionals (cfg.database.url == "local") [ "postgresql.service" ]; | ||||
|       ] ++ lib.optionals (cfg.database.url == "local") [ "postgresql.target" ]; | ||||
|       requires = lib.optionals (cfg.database.url == "local") [ "postgresql.target" ]; | ||||
|       environment = | ||||
|         let | ||||
|           localPostgresqlUrl = "postgres:///fider?host=/run/postgresql"; | ||||
|  | ||||
| @ -227,7 +227,7 @@ in | ||||
|         "multi-user.target" | ||||
|         "phpfpm-filesender.service" | ||||
|       ]; | ||||
|       after = [ "postgresql.service" ]; | ||||
|       after = [ "postgresql.target" ]; | ||||
| 
 | ||||
|       restartIfChanged = true; | ||||
| 
 | ||||
|  | ||||
| @ -308,7 +308,7 @@ in | ||||
| 
 | ||||
|     systemd.services.firefly-iii-setup = { | ||||
|       after = [ | ||||
|         "postgresql.service" | ||||
|         "postgresql.target" | ||||
|         "mysql.service" | ||||
|       ]; | ||||
|       requiredBy = [ "phpfpm-firefly-iii.service" ]; | ||||
| @ -325,7 +325,7 @@ in | ||||
|     systemd.services.firefly-iii-cron = { | ||||
|       after = [ | ||||
|         "firefly-iii-setup.service" | ||||
|         "postgresql.service" | ||||
|         "postgresql.target" | ||||
|         "mysql.service" | ||||
|       ]; | ||||
|       wants = [ "firefly-iii-setup.service" ]; | ||||
|  | ||||
| @ -163,9 +163,9 @@ in | ||||
|     systemd = { | ||||
|       services = { | ||||
| 
 | ||||
|         postgresql.serviceConfig.ExecStartPost = | ||||
|         postgresql-setup.serviceConfig.ExecStartPost = | ||||
|           let | ||||
|             sqlFile = pkgs.writeText "immich-pgvectors-setup.sql" '' | ||||
|             sqlFile = pkgs.writeText "froide-govplan-postgis-setup.sql" '' | ||||
|               CREATE EXTENSION IF NOT EXISTS postgis; | ||||
|             ''; | ||||
|           in | ||||
| @ -184,7 +184,7 @@ in | ||||
|             Group = "govplan"; | ||||
|           }; | ||||
|           after = [ | ||||
|             "postgresql.service" | ||||
|             "postgresql.target" | ||||
|             "network.target" | ||||
|             "systemd-tmpfiles-setup.service" | ||||
|           ]; | ||||
|  | ||||
| @ -211,7 +211,7 @@ in | ||||
|         wantedBy = [ "multi-user.target" ]; | ||||
|         after = [ | ||||
|           "network.target" | ||||
|         ] ++ optional (cfg.settings.db.dialect == "postgres") "postgresql.service"; | ||||
|         ] ++ optional (cfg.settings.db.dialect == "postgres") "postgresql.target"; | ||||
| 
 | ||||
|         environment = { | ||||
|           NODE_ENV = "production"; | ||||
|  | ||||
| @ -171,11 +171,11 @@ in | ||||
| 
 | ||||
|           wants = [ "network-online.target" ]; | ||||
|           requires = | ||||
|             lib.optional cfg.database.createLocally "postgresql.service" | ||||
|             lib.optional cfg.database.createLocally "postgresql.target" | ||||
|             ++ lib.optional cfg.redis.createLocally "redis-glitchtip.service"; | ||||
|           after = | ||||
|             [ "network-online.target" ] | ||||
|             ++ lib.optional cfg.database.createLocally "postgresql.service" | ||||
|             ++ lib.optional cfg.database.createLocally "postgresql.target" | ||||
|             ++ lib.optional cfg.redis.createLocally "redis-glitchtip.service"; | ||||
| 
 | ||||
|           inherit environment; | ||||
|  | ||||
| @ -144,8 +144,8 @@ in | ||||
|     systemd.services.gotosocial = { | ||||
|       description = "ActivityPub social network server"; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       after = [ "network.target" ] ++ lib.optional cfg.setupPostgresqlDB "postgresql.service"; | ||||
|       requires = lib.optional cfg.setupPostgresqlDB "postgresql.service"; | ||||
|       after = [ "network.target" ] ++ lib.optional cfg.setupPostgresqlDB "postgresql.target"; | ||||
|       requires = lib.optional cfg.setupPostgresqlDB "postgresql.target"; | ||||
|       restartTriggers = [ configFile ]; | ||||
| 
 | ||||
|       serviceConfig = { | ||||
|  | ||||
| @ -81,8 +81,8 @@ in | ||||
|       ]; | ||||
|     }; | ||||
|     systemd.services.homebox = { | ||||
|       requires = lib.optional cfg.database.createLocally "postgresql.service"; | ||||
|       after = lib.optional cfg.database.createLocally "postgresql.service"; | ||||
|       requires = lib.optional cfg.database.createLocally "postgresql.target"; | ||||
|       after = lib.optional cfg.database.createLocally "postgresql.target"; | ||||
|       environment = cfg.settings; | ||||
|       serviceConfig = { | ||||
|         User = "homebox"; | ||||
|  | ||||
| @ -254,7 +254,7 @@ in | ||||
|         search_path = "\"$user\", public, vectors"; | ||||
|       }; | ||||
|     }; | ||||
|     systemd.services.postgresql.serviceConfig.ExecStartPost = | ||||
|     systemd.services.postgresql-setup.serviceConfig.ExecStartPost = | ||||
|       let | ||||
|         sqlFile = pkgs.writeText "immich-pgvectors-setup.sql" '' | ||||
|           CREATE EXTENSION IF NOT EXISTS unaccent; | ||||
|  | ||||
| @ -19,8 +19,8 @@ let | ||||
|   commonInvidousServiceConfig = { | ||||
|     description = "Invidious (An alternative YouTube front-end)"; | ||||
|     wants = [ "network-online.target" ]; | ||||
|     after = [ "network-online.target" ] ++ lib.optional cfg.database.createLocally "postgresql.service"; | ||||
|     requires = lib.optional cfg.database.createLocally "postgresql.service"; | ||||
|     after = [ "network-online.target" ] ++ lib.optional cfg.database.createLocally "postgresql.target"; | ||||
|     requires = lib.optional cfg.database.createLocally "postgresql.target"; | ||||
|     wantedBy = [ "multi-user.target" ]; | ||||
| 
 | ||||
|     serviceConfig = { | ||||
|  | ||||
| @ -602,9 +602,9 @@ in | ||||
|         ]; | ||||
| 
 | ||||
|       systemd.services.keycloakPostgreSQLInit = mkIf createLocalPostgreSQL { | ||||
|         after = [ "postgresql.service" ]; | ||||
|         after = [ "postgresql.target" ]; | ||||
|         before = [ "keycloak.service" ]; | ||||
|         bindsTo = [ "postgresql.service" ]; | ||||
|         bindsTo = [ "postgresql.target" ]; | ||||
|         path = [ config.services.postgresql.package ]; | ||||
|         serviceConfig = { | ||||
|           Type = "oneshot"; | ||||
| @ -690,7 +690,7 @@ in | ||||
|             if createLocalPostgreSQL then | ||||
|               [ | ||||
|                 "keycloakPostgreSQLInit.service" | ||||
|                 "postgresql.service" | ||||
|                 "postgresql.target" | ||||
|               ] | ||||
|             else if createLocalMySQL then | ||||
|               [ | ||||
|  | ||||
| @ -350,10 +350,10 @@ in | ||||
|       description = "Docs from SuiteNumérique"; | ||||
|       after = | ||||
|         [ "network.target" ] | ||||
|         ++ (optional cfg.postgresql.createLocally "postgresql.service") | ||||
|         ++ (optional cfg.postgresql.createLocally "postgresql.target") | ||||
|         ++ (optional cfg.redis.createLocally "redis-lasuite-docs.service"); | ||||
|       wants = | ||||
|         (optional cfg.postgresql.createLocally "postgresql.service") | ||||
|         (optional cfg.postgresql.createLocally "postgresql.target") | ||||
|         ++ (optional cfg.redis.createLocally "redis-lasuite-docs.service"); | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
| 
 | ||||
| @ -398,10 +398,10 @@ in | ||||
|       description = "Docs Celery broker from SuiteNumérique"; | ||||
|       after = | ||||
|         [ "network.target" ] | ||||
|         ++ (optional cfg.postgresql.createLocally "postgresql.service") | ||||
|         ++ (optional cfg.postgresql.createLocally "postgresql.target") | ||||
|         ++ (optional cfg.redis.createLocally "redis-lasuite-docs.service"); | ||||
|       wants = | ||||
|         (optional cfg.postgresql.createLocally "postgresql.service") | ||||
|         (optional cfg.postgresql.createLocally "postgresql.target") | ||||
|         ++ (optional cfg.redis.createLocally "redis-lasuite-docs.service"); | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
| 
 | ||||
|  | ||||
| @ -325,9 +325,9 @@ in | ||||
| 
 | ||||
|           wantedBy = [ "multi-user.target" ]; | ||||
| 
 | ||||
|           after = [ "pict-rs.service" ] ++ lib.optionals cfg.database.createLocally [ "postgresql.service" ]; | ||||
|           after = [ "pict-rs.service" ] ++ lib.optionals cfg.database.createLocally [ "postgresql.target" ]; | ||||
| 
 | ||||
|           requires = lib.optionals cfg.database.createLocally [ "postgresql.service" ]; | ||||
|           requires = lib.optionals cfg.database.createLocally [ "postgresql.target" ]; | ||||
| 
 | ||||
|           # substitute secrets and prevent others from reading the result | ||||
|           # if somehow $CREDENTIALS_DIRECTORY is not set we fail | ||||
|  | ||||
| @ -413,7 +413,7 @@ in | ||||
|     systemd.services.limesurvey-init = { | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       before = [ "phpfpm-limesurvey.service" ]; | ||||
|       after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.service"; | ||||
|       after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.target"; | ||||
|       environment.DBENGINE = "${cfg.database.dbEngine}"; | ||||
|       environment.LIMESURVEY_CONFIG = limesurveyConfig; | ||||
|       script = '' | ||||
| @ -444,7 +444,7 @@ in | ||||
| 
 | ||||
|     systemd.services.httpd.after = | ||||
|       optional mysqlLocal "mysql.service" | ||||
|       ++ optional pgsqlLocal "postgresql.service"; | ||||
|       ++ optional pgsqlLocal "postgresql.target"; | ||||
| 
 | ||||
|     users.users.${user} = { | ||||
|       group = group; | ||||
|  | ||||
| @ -126,10 +126,10 @@ let | ||||
|     SystemCallArchitectures = "native"; | ||||
|   }; | ||||
| 
 | ||||
|   # Services that all Mastodon units After= and Requires= on | ||||
|   commonServices = | ||||
|   # Units that all Mastodon units After= and Requires= on | ||||
|   commonUnits = | ||||
|     lib.optional redisActuallyCreateLocally "redis-mastodon.service" | ||||
|     ++ lib.optional databaseActuallyCreateLocally "postgresql.service" | ||||
|     ++ lib.optional databaseActuallyCreateLocally "postgresql.target" | ||||
|     ++ lib.optional cfg.automaticMigrations "mastodon-init-db.service"; | ||||
| 
 | ||||
|   envFile = pkgs.writeText "mastodon.env" ( | ||||
| @ -170,8 +170,8 @@ let | ||||
|         after = [ | ||||
|           "network.target" | ||||
|           "mastodon-init-dirs.service" | ||||
|         ] ++ commonServices; | ||||
|         requires = [ "mastodon-init-dirs.service" ] ++ commonServices; | ||||
|         ] ++ commonUnits; | ||||
|         requires = [ "mastodon-init-dirs.service" ] ++ commonUnits; | ||||
|         description = "Mastodon sidekiq${jobClassLabel}"; | ||||
|         wantedBy = [ "mastodon.target" ]; | ||||
|         environment = env // { | ||||
| @ -209,8 +209,8 @@ let | ||||
|         after = [ | ||||
|           "network.target" | ||||
|           "mastodon-init-dirs.service" | ||||
|         ] ++ commonServices; | ||||
|         requires = [ "mastodon-init-dirs.service" ] ++ commonServices; | ||||
|         ] ++ commonUnits; | ||||
|         requires = [ "mastodon-init-dirs.service" ] ++ commonUnits; | ||||
|         wantedBy = [ | ||||
|           "mastodon.target" | ||||
|           "mastodon-streaming.target" | ||||
| @ -998,18 +998,18 @@ in | ||||
|           after = [ | ||||
|             "network.target" | ||||
|             "mastodon-init-dirs.service" | ||||
|           ] ++ lib.optional databaseActuallyCreateLocally "postgresql.service"; | ||||
|           ] ++ lib.optional databaseActuallyCreateLocally "postgresql.target"; | ||||
|           requires = [ | ||||
|             "mastodon-init-dirs.service" | ||||
|           ] ++ lib.optional databaseActuallyCreateLocally "postgresql.service"; | ||||
|           ] ++ lib.optional databaseActuallyCreateLocally "postgresql.target"; | ||||
|         }; | ||||
| 
 | ||||
|         systemd.services.mastodon-web = { | ||||
|           after = [ | ||||
|             "network.target" | ||||
|             "mastodon-init-dirs.service" | ||||
|           ] ++ commonServices; | ||||
|           requires = [ "mastodon-init-dirs.service" ] ++ commonServices; | ||||
|           ] ++ commonUnits; | ||||
|           requires = [ "mastodon-init-dirs.service" ] ++ commonUnits; | ||||
|           wantedBy = [ "mastodon.target" ]; | ||||
|           description = "Mastodon web"; | ||||
|           environment = | ||||
|  | ||||
| @ -840,7 +840,7 @@ in | ||||
|         wantedBy = [ "multi-user.target" ]; | ||||
|         after = mkMerge [ | ||||
|           [ "network.target" ] | ||||
|           (mkIf (cfg.database.driver == "postgres" && cfg.database.create) [ "postgresql.service" ]) | ||||
|           (mkIf (cfg.database.driver == "postgres" && cfg.database.create) [ "postgresql.target" ]) | ||||
|           (mkIf (cfg.database.driver == "mysql" && cfg.database.create) [ "mysql.service" ]) | ||||
|         ]; | ||||
|         requires = after; | ||||
| @ -946,7 +946,7 @@ in | ||||
|         ]; | ||||
| 
 | ||||
|         unitConfig.JoinsNamespaceOf = mkMerge [ | ||||
|           (mkIf (cfg.database.driver == "postgres" && cfg.database.create) [ "postgresql.service" ]) | ||||
|           (mkIf (cfg.database.driver == "postgres" && cfg.database.create) [ "postgresql.target" ]) | ||||
|           (mkIf (cfg.database.driver == "mysql" && cfg.database.create) [ "mysql.service" ]) | ||||
|         ]; | ||||
|       }; | ||||
|  | ||||
| @ -66,8 +66,8 @@ in | ||||
|     systemd.services.mealie = { | ||||
|       description = "Mealie, a self hosted recipe manager and meal planner"; | ||||
| 
 | ||||
|       after = [ "network-online.target" ] ++ lib.optional cfg.database.createLocally "postgresql.service"; | ||||
|       requires = lib.optional cfg.database.createLocally "postgresql.service"; | ||||
|       after = [ "network-online.target" ] ++ lib.optional cfg.database.createLocally "postgresql.target"; | ||||
|       requires = lib.optional cfg.database.createLocally "postgresql.target"; | ||||
|       wants = [ "network-online.target" ]; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
| 
 | ||||
|  | ||||
| @ -339,11 +339,11 @@ in | ||||
|         mediagoblin-paster = lib.recursiveUpdate serviceDefaults { | ||||
|           after = [ | ||||
|             "mediagoblin-celeryd.service" | ||||
|             "postgresql.service" | ||||
|             "postgresql.target" | ||||
|           ]; | ||||
|           requires = [ | ||||
|             "mediagoblin-celeryd.service" | ||||
|             "postgresql.service" | ||||
|             "postgresql.target" | ||||
|           ]; | ||||
|           preStart = '' | ||||
|             cp --remove-destination ${pasteConfig} /var/lib/mediagoblin/paste.ini | ||||
|  | ||||
| @ -707,7 +707,7 @@ in | ||||
|       before = [ "phpfpm-mediawiki.service" ]; | ||||
|       after = | ||||
|         optional (cfg.database.type == "mysql" && cfg.database.createLocally) "mysql.service" | ||||
|         ++ optional (cfg.database.type == "postgres" && cfg.database.createLocally) "postgresql.service"; | ||||
|         ++ optional (cfg.database.type == "postgres" && cfg.database.createLocally) "postgresql.target"; | ||||
|       script = '' | ||||
|         if ! test -e "${stateDir}/secret.key"; then | ||||
|           tr -dc A-Za-z0-9 </dev/urandom 2>/dev/null | head -c 64 > ${stateDir}/secret.key | ||||
| @ -754,7 +754,7 @@ in | ||||
|       ) "mysql.service" | ||||
|       ++ optional ( | ||||
|         cfg.webserver == "apache" && cfg.database.createLocally && cfg.database.type == "postgres" | ||||
|       ) "postgresql.service"; | ||||
|       ) "postgresql.target"; | ||||
| 
 | ||||
|     users.users.${user} = { | ||||
|       inherit group; | ||||
|  | ||||
| @ -107,10 +107,10 @@ in | ||||
| 
 | ||||
|     systemd.services.miniflux-dbsetup = lib.mkIf cfg.createDatabaseLocally { | ||||
|       description = "Miniflux database setup"; | ||||
|       requires = [ "postgresql.service" ]; | ||||
|       requires = [ "postgresql.target" ]; | ||||
|       after = [ | ||||
|         "network.target" | ||||
|         "postgresql.service" | ||||
|         "postgresql.target" | ||||
|       ]; | ||||
|       serviceConfig = { | ||||
|         Type = "oneshot"; | ||||
| @ -126,7 +126,7 @@ in | ||||
|       after = | ||||
|         [ "network.target" ] | ||||
|         ++ lib.optionals cfg.createDatabaseLocally [ | ||||
|           "postgresql.service" | ||||
|           "postgresql.target" | ||||
|           "miniflux-dbsetup.service" | ||||
|         ]; | ||||
| 
 | ||||
|  | ||||
| @ -319,7 +319,7 @@ in | ||||
|     systemd.services.misskey = { | ||||
|       after = [ | ||||
|         "network-online.target" | ||||
|         "postgresql.service" | ||||
|         "postgresql.target" | ||||
|       ]; | ||||
|       wants = [ "network-online.target" ]; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|  | ||||
| @ -366,7 +366,7 @@ in | ||||
|     systemd.services.mobilizon-postgresql = mkIf isLocalPostgres { | ||||
|       description = "Mobilizon PostgreSQL setup"; | ||||
| 
 | ||||
|       after = [ "postgresql.service" ]; | ||||
|       after = [ "postgresql.target" ]; | ||||
|       before = [ | ||||
|         "mobilizon.service" | ||||
|         "mobilizon-setup-secrets.service" | ||||
|  | ||||
| @ -351,7 +351,7 @@ in | ||||
|     systemd.services.moodle-init = { | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       before = [ "phpfpm-moodle.service" ]; | ||||
|       after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.service"; | ||||
|       after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.target"; | ||||
|       environment.MOODLE_CONFIG = moodleConfig; | ||||
|       script = '' | ||||
|         ${phpExt}/bin/php ${cfg.package}/share/moodle/admin/cli/check_database_schema.php && rc=$? || rc=$? | ||||
| @ -394,7 +394,7 @@ in | ||||
| 
 | ||||
|     systemd.services.httpd.after = | ||||
|       optional mysqlLocal "mysql.service" | ||||
|       ++ optional pgsqlLocal "postgresql.service"; | ||||
|       ++ optional pgsqlLocal "postgresql.target"; | ||||
| 
 | ||||
|     users.users.${user} = { | ||||
|       group = group; | ||||
|  | ||||
| @ -165,9 +165,9 @@ let | ||||
|   fpm = config.services.phpfpm.pools.${pool}; | ||||
|   phpExecutionUnit = "phpfpm-${pool}"; | ||||
| 
 | ||||
|   dbService = | ||||
|   dbUnit = | ||||
|     { | ||||
|       "postgresql" = "postgresql.service"; | ||||
|       "postgresql" = "postgresql.target"; | ||||
|       "mariadb" = "mysql.service"; | ||||
|     } | ||||
|     .${cfg.database.type}; | ||||
| @ -843,8 +843,8 @@ in | ||||
|         requiredBy = [ "${phpExecutionUnit}.service" ]; | ||||
|         before = [ "${phpExecutionUnit}.service" ]; | ||||
|         wants = [ "local-fs.target" ]; | ||||
|         requires = lib.optional cfg.database.createLocally dbService; | ||||
|         after = lib.optional cfg.database.createLocally dbService; | ||||
|         requires = lib.optional cfg.database.createLocally dbUnit; | ||||
|         after = lib.optional cfg.database.createLocally dbUnit; | ||||
| 
 | ||||
|         serviceConfig = | ||||
|           { | ||||
| @ -899,8 +899,8 @@ in | ||||
|         requiredBy = [ "movim.service" ]; | ||||
|         before = [ "movim.service" ] ++ lib.optional (webServerService != null) webServerService; | ||||
|         wants = [ "network.target" ]; | ||||
|         requires = [ "movim-data-setup.service" ] ++ lib.optional cfg.database.createLocally dbService; | ||||
|         after = [ "movim-data-setup.service" ] ++ lib.optional cfg.database.createLocally dbService; | ||||
|         requires = [ "movim-data-setup.service" ] ++ lib.optional cfg.database.createLocally dbUnit; | ||||
|         after = [ "movim-data-setup.service" ] ++ lib.optional cfg.database.createLocally dbUnit; | ||||
|       }; | ||||
| 
 | ||||
|       services.movim = { | ||||
| @ -915,14 +915,14 @@ in | ||||
|             "movim-data-setup.service" | ||||
|             "${phpExecutionUnit}.service" | ||||
|           ] | ||||
|           ++ lib.optional cfg.database.createLocally dbService | ||||
|           ++ lib.optional cfg.database.createLocally dbUnit | ||||
|           ++ lib.optional (webServerService != null) webServerService; | ||||
|         after = | ||||
|           [ | ||||
|             "movim-data-setup.service" | ||||
|             "${phpExecutionUnit}.service" | ||||
|           ] | ||||
|           ++ lib.optional cfg.database.createLocally dbService | ||||
|           ++ lib.optional cfg.database.createLocally dbUnit | ||||
|           ++ lib.optional (webServerService != null) webServerService; | ||||
|         environment = { | ||||
|           PUBLIC_URL = "//${cfg.domain}"; | ||||
|  | ||||
| @ -39,7 +39,14 @@ let | ||||
|     (writeScriptBin "netbox-manage" '' | ||||
|       #!${stdenv.shell} | ||||
|       export PYTHONPATH=${pkg.pythonPath} | ||||
|       sudo -u netbox ${pkg}/bin/netbox "$@" | ||||
|       case "$(whoami)" in | ||||
|       "root") | ||||
|         ${util-linux}/bin/runuser -u netbox -- ${pkg}/bin/netbox "$@";; | ||||
|       "netbox") | ||||
|         ${pkg}/bin/netbox "$@";; | ||||
|       *) | ||||
|         echo "This must be run by either by root 'netbox' user" | ||||
|       esac | ||||
|     ''); | ||||
| 
 | ||||
| in | ||||
|  | ||||
| @ -1167,8 +1167,8 @@ in | ||||
|             wantedBy = [ "multi-user.target" ]; | ||||
|             wants = [ "nextcloud-update-db.service" ]; | ||||
|             before = [ "phpfpm-nextcloud.service" ]; | ||||
|             after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.service"; | ||||
|             requires = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.service"; | ||||
|             after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.target"; | ||||
|             requires = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.target"; | ||||
|             path = [ occ ]; | ||||
|             restartTriggers = [ overrideConfig ]; | ||||
|             script = '' | ||||
|  | ||||
| @ -234,8 +234,8 @@ in | ||||
|             after = [ | ||||
|               "network.target" | ||||
|               "systemd-tmpfiles-setup.service" | ||||
|             ] ++ lib.optional (cfg.settings.nipapd.db_host == "") "postgresql.service"; | ||||
|             requires = lib.optional (cfg.settings.nipapd.db_host == "") "postgresql.service"; | ||||
|             ] ++ lib.optional (cfg.settings.nipapd.db_host == "") "postgresql.target"; | ||||
|             requires = lib.optional (cfg.settings.nipapd.db_host == "") "postgresql.target"; | ||||
|             wantedBy = [ "multi-user.target" ]; | ||||
|             preStart = lib.optionalString (cfg.settings.auth.default_backend == defaultAuthBackend) '' | ||||
|               # Create/upgrade local auth database | ||||
|  | ||||
| @ -235,12 +235,12 @@ in | ||||
|         after = [ | ||||
|           "network.target" | ||||
|           "onlyoffice-docservice.service" | ||||
|           "postgresql.service" | ||||
|           "postgresql.target" | ||||
|         ]; | ||||
|         requires = [ | ||||
|           "network.target" | ||||
|           "onlyoffice-docservice.service" | ||||
|           "postgresql.service" | ||||
|           "postgresql.target" | ||||
|         ]; | ||||
|         wantedBy = [ "multi-user.target" ]; | ||||
|         serviceConfig = { | ||||
| @ -314,9 +314,9 @@ in | ||||
|           description = "onlyoffice documentserver"; | ||||
|           after = [ | ||||
|             "network.target" | ||||
|             "postgresql.service" | ||||
|             "postgresql.target" | ||||
|           ]; | ||||
|           requires = [ "postgresql.service" ]; | ||||
|           requires = [ "postgresql.target" ]; | ||||
|           wantedBy = [ "multi-user.target" ]; | ||||
|           serviceConfig = { | ||||
|             ExecStart = "${cfg.package.fhs}/bin/onlyoffice-wrapper DocService/docservice /run/onlyoffice/config"; | ||||
|  | ||||
| @ -634,10 +634,10 @@ in | ||||
|         wantedBy = [ "multi-user.target" ]; | ||||
|         after = | ||||
|           [ "networking.target" ] | ||||
|           ++ lib.optional (cfg.databaseUrl == "local") "postgresql.service" | ||||
|           ++ lib.optional (cfg.databaseUrl == "local") "postgresql.target" | ||||
|           ++ lib.optional (cfg.redisUrl == "local") "redis-outline.service"; | ||||
|         requires = | ||||
|           lib.optional (cfg.databaseUrl == "local") "postgresql.service" | ||||
|           lib.optional (cfg.databaseUrl == "local") "postgresql.target" | ||||
|           ++ lib.optional (cfg.redisUrl == "local") "redis-outline.service"; | ||||
|         path = [ | ||||
|           pkgs.openssl # Required by the preStart script | ||||
|  | ||||
| @ -195,8 +195,8 @@ in | ||||
|       services = { | ||||
|         part-db-migrate = { | ||||
|           before = [ "phpfpm-part-db.service" ]; | ||||
|           after = [ "postgresql.service" ]; | ||||
|           requires = [ "postgresql.service" ]; | ||||
|           after = [ "postgresql.target" ]; | ||||
|           requires = [ "postgresql.target" ]; | ||||
|           wantedBy = [ "multi-user.target" ]; | ||||
|           serviceConfig = { | ||||
|             Type = "oneshot"; | ||||
| @ -216,7 +216,7 @@ in | ||||
|           after = [ "part-db-migrate.service" ]; | ||||
|           requires = [ | ||||
|             "part-db-migrate.service" | ||||
|             "postgresql.service" | ||||
|             "postgresql.target" | ||||
|           ]; | ||||
|           # ensure nginx can access the php-fpm socket | ||||
|           postStart = '' | ||||
|  | ||||
| @ -439,9 +439,9 @@ in | ||||
|       description = "Initialization database for PeerTube daemon"; | ||||
|       after = [ | ||||
|         "network.target" | ||||
|         "postgresql.service" | ||||
|         "postgresql.target" | ||||
|       ]; | ||||
|       requires = [ "postgresql.service" ]; | ||||
|       requires = [ "postgresql.target" ]; | ||||
| 
 | ||||
|       script = | ||||
|         let | ||||
| @ -475,13 +475,13 @@ in | ||||
|         [ "network.target" ] | ||||
|         ++ lib.optional cfg.redis.createLocally "redis-peertube.service" | ||||
|         ++ lib.optionals cfg.database.createLocally [ | ||||
|           "postgresql.service" | ||||
|           "postgresql.target" | ||||
|           "peertube-init-db.service" | ||||
|         ]; | ||||
|       requires = | ||||
|         lib.optional cfg.redis.createLocally "redis-peertube.service" | ||||
|         ++ lib.optionals cfg.database.createLocally [ | ||||
|           "postgresql.service" | ||||
|           "postgresql.target" | ||||
|           "peertube-init-db.service" | ||||
|         ]; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|  | ||||
| @ -53,9 +53,9 @@ let | ||||
|       "mysql" = "/run/mysqld/mysqld.sock"; | ||||
|     } | ||||
|     .${cfg.database.type}; | ||||
|   dbService = | ||||
|   dbUnit = | ||||
|     { | ||||
|       "pgsql" = "postgresql.service"; | ||||
|       "pgsql" = "postgresql.target"; | ||||
|       "mysql" = "mysql.service"; | ||||
|     } | ||||
|     .${cfg.database.type}; | ||||
| @ -355,7 +355,7 @@ in | ||||
|         "pixelfed-horizon.service" | ||||
|         "pixelfed-data-setup.service" | ||||
|       ] | ||||
|       ++ lib.optional cfg.database.createLocally dbService | ||||
|       ++ lib.optional cfg.database.createLocally dbUnit | ||||
|       ++ lib.optional cfg.redis.createLocally redisService; | ||||
|     # Ensure image optimizations programs are available. | ||||
|     systemd.services.phpfpm-pixelfed.path = extraPrograms; | ||||
| @ -368,7 +368,7 @@ in | ||||
|       ]; | ||||
|       requires = | ||||
|         [ "pixelfed-data-setup.service" ] | ||||
|         ++ (lib.optional cfg.database.createLocally dbService) | ||||
|         ++ (lib.optional cfg.database.createLocally dbUnit) | ||||
|         ++ (lib.optional cfg.redis.createLocally redisService); | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       # Ensure image optimizations programs are available. | ||||
| @ -412,8 +412,8 @@ in | ||||
|     systemd.services.pixelfed-data-setup = { | ||||
|       description = "Pixelfed setup: migrations, environment file update, cache reload, data changes"; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       after = lib.optional cfg.database.createLocally dbService; | ||||
|       requires = lib.optional cfg.database.createLocally dbService; | ||||
|       after = lib.optional cfg.database.createLocally dbUnit; | ||||
|       requires = lib.optional cfg.database.createLocally dbUnit; | ||||
|       path = | ||||
|         with pkgs; | ||||
|         [ | ||||
|  | ||||
| @ -196,13 +196,13 @@ in | ||||
|           after = | ||||
|             optional cfg.database.clickhouse.setup "clickhouse.service" | ||||
|             ++ optionals cfg.database.postgres.setup [ | ||||
|               "postgresql.service" | ||||
|               "postgresql.target" | ||||
|               "plausible-postgres.service" | ||||
|             ]; | ||||
|           requires = | ||||
|             optional cfg.database.clickhouse.setup "clickhouse.service" | ||||
|             ++ optionals cfg.database.postgres.setup [ | ||||
|               "postgresql.service" | ||||
|               "postgresql.target" | ||||
|               "plausible-postgres.service" | ||||
|             ]; | ||||
| 
 | ||||
| @ -309,7 +309,7 @@ in | ||||
|       (mkIf cfg.database.postgres.setup { | ||||
|         # `plausible' requires the `citext'-extension. | ||||
|         plausible-postgres = { | ||||
|           after = [ "postgresql.service" ]; | ||||
|           after = [ "postgresql.target" ]; | ||||
|           partOf = [ "plausible.service" ]; | ||||
|           serviceConfig = { | ||||
|             Type = "oneshot"; | ||||
|  | ||||
| @ -434,7 +434,7 @@ in | ||||
|               "redis-pretalx.service" | ||||
|             ] | ||||
|             ++ lib.optionals (cfg.settings.database.backend == "postgresql") [ | ||||
|               "postgresql.service" | ||||
|               "postgresql.target" | ||||
|             ] | ||||
|             ++ lib.optionals (cfg.settings.database.backend == "mysql") [ | ||||
|               "mysql.service" | ||||
| @ -484,7 +484,7 @@ in | ||||
|                 "redis-pretalx.service" | ||||
|               ] | ||||
|               ++ lib.optionals (cfg.settings.database.backend == "postgresql") [ | ||||
|                 "postgresql.service" | ||||
|                 "postgresql.target" | ||||
|               ] | ||||
|               ++ lib.optionals (cfg.settings.database.backend == "mysql") [ | ||||
|                 "mysql.service" | ||||
|  | ||||
| @ -533,7 +533,7 @@ in | ||||
|           after = [ | ||||
|             "network.target" | ||||
|             "redis-pretix.service" | ||||
|             "postgresql.service" | ||||
|             "postgresql.target" | ||||
|           ]; | ||||
|           wantedBy = [ "multi-user.target" ]; | ||||
|           preStart = '' | ||||
| @ -574,7 +574,7 @@ in | ||||
|           after = [ | ||||
|             "network.target" | ||||
|             "redis-pretix.service" | ||||
|             "postgresql.service" | ||||
|             "postgresql.target" | ||||
|           ]; | ||||
|           wantedBy = [ "multi-user.target" ]; | ||||
|           serviceConfig = { | ||||
|  | ||||
| @ -398,7 +398,7 @@ in | ||||
|       after = | ||||
|         [ "network.target" ] | ||||
|         ++ (lib.optional useMySQL "mysql.service") | ||||
|         ++ (lib.optional usePostgres "postgresql.service"); | ||||
|         ++ (lib.optional usePostgres "postgresql.target"); | ||||
| 
 | ||||
|       script = | ||||
|         lib.optionalString (cfg.keyPasswordFile != null && cfg.settings.keyPassword == null) '' | ||||
|  | ||||
| @ -62,7 +62,7 @@ in | ||||
|       description = "Shiori simple bookmarks manager"; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       after = [ | ||||
|         "postgresql.service" | ||||
|         "postgresql.target" | ||||
|         "mysql.service" | ||||
|       ]; | ||||
|       environment = | ||||
|  | ||||
| @ -104,7 +104,7 @@ in | ||||
|     systemd.services.sogo = { | ||||
|       description = "SOGo groupware"; | ||||
|       after = [ | ||||
|         "postgresql.service" | ||||
|         "postgresql.target" | ||||
|         "mysql.service" | ||||
|         "memcached.service" | ||||
|         "openldap.service" | ||||
| @ -191,7 +191,7 @@ in | ||||
|       description = "SOGo email alarms"; | ||||
| 
 | ||||
|       after = [ | ||||
|         "postgresql.service" | ||||
|         "postgresql.target" | ||||
|         "mysqld.service" | ||||
|         "memcached.service" | ||||
|         "openldap.service" | ||||
|  | ||||
| @ -667,11 +667,11 @@ in | ||||
|         }; | ||||
| 
 | ||||
|         wantedBy = [ "multi-user.target" ]; | ||||
|         requires = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.service"; | ||||
|         requires = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.target"; | ||||
|         after = | ||||
|           [ "network.target" ] | ||||
|           ++ optional mysqlLocal "mysql.service" | ||||
|           ++ optional pgsqlLocal "postgresql.service"; | ||||
|           ++ optional pgsqlLocal "postgresql.target"; | ||||
|       }; | ||||
|     }; | ||||
| 
 | ||||
|  | ||||
| @ -117,7 +117,7 @@ in | ||||
|       description = "vikunja"; | ||||
|       after = | ||||
|         [ "network.target" ] | ||||
|         ++ lib.optional usePostgresql "postgresql.service" | ||||
|         ++ lib.optional usePostgresql "postgresql.target" | ||||
|         ++ lib.optional useMysql "mysql.service"; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|       path = [ cfg.package ]; | ||||
|  | ||||
| @ -135,10 +135,10 @@ in | ||||
|       description = "Wakapi (self-hosted WakaTime-compatible backend)"; | ||||
|       wants = [ | ||||
|         "network-online.target" | ||||
|       ] ++ optional (cfg.database.dialect == "postgres") "postgresql.service"; | ||||
|       ] ++ optional (cfg.database.dialect == "postgres") "postgresql.target"; | ||||
|       after = [ | ||||
|         "network-online.target" | ||||
|       ] ++ optional (cfg.database.dialect == "postgres") "postgresql.service"; | ||||
|       ] ++ optional (cfg.database.dialect == "postgres") "postgresql.target"; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
| 
 | ||||
|       script = '' | ||||
|  | ||||
| @ -251,7 +251,7 @@ in | ||||
| 
 | ||||
|     systemd.services.weblate-postgresql-setup = { | ||||
|       description = "Weblate PostgreSQL setup"; | ||||
|       after = [ "postgresql.service" ]; | ||||
|       after = [ "postgresql.target" ]; | ||||
|       serviceConfig = { | ||||
|         Type = "oneshot"; | ||||
|         User = "postgres"; | ||||
| @ -290,7 +290,7 @@ in | ||||
|       after = [ | ||||
|         "network.target" | ||||
|         "redis-weblate.service" | ||||
|         "postgresql.service" | ||||
|         "postgresql.target" | ||||
|       ]; | ||||
|       # We want this to be active on boot, not just on socket activation | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
|  | ||||
| @ -134,39 +134,37 @@ in | ||||
|         # coming from https://github.com/windmill-labs/windmill/blob/main/init-db-as-superuser.sql | ||||
|         # modified to not grant privileges on all tables | ||||
|         # create role windmill_user and windmill_admin only if they don't exist | ||||
|         postgresql.postStart = lib.mkIf cfg.database.createLocally ( | ||||
|           lib.mkAfter '' | ||||
|                   $PSQL -tA <<"EOF" | ||||
|             DO $$ | ||||
|             BEGIN | ||||
|                 IF NOT EXISTS ( | ||||
|                     SELECT FROM pg_catalog.pg_roles | ||||
|                     WHERE rolname = 'windmill_user' | ||||
|                 ) THEN | ||||
|                     CREATE ROLE windmill_user; | ||||
|                     GRANT ALL PRIVILEGES ON DATABASE ${cfg.database.name} TO windmill_user; | ||||
|                 ELSE | ||||
|                   RAISE NOTICE 'Role "windmill_user" already exists. Skipping.'; | ||||
|                 END IF; | ||||
|                 IF NOT EXISTS ( | ||||
|                     SELECT FROM pg_catalog.pg_roles | ||||
|                     WHERE rolname = 'windmill_admin' | ||||
|                 ) THEN | ||||
|                   CREATE ROLE windmill_admin WITH BYPASSRLS; | ||||
|                   GRANT windmill_user TO windmill_admin; | ||||
|                 ELSE | ||||
|                   RAISE NOTICE 'Role "windmill_admin" already exists. Skipping.'; | ||||
|                 END IF; | ||||
|                 GRANT windmill_admin TO windmill; | ||||
|             END | ||||
|             $$; | ||||
|             EOF | ||||
|           '' | ||||
|         ); | ||||
|         postgresql.postStart = lib.mkIf cfg.database.createLocally '' | ||||
|           psql -tA <<"EOF" | ||||
|           DO $$ | ||||
|           BEGIN | ||||
|               IF NOT EXISTS ( | ||||
|                   SELECT FROM pg_catalog.pg_roles | ||||
|                   WHERE rolname = 'windmill_user' | ||||
|               ) THEN | ||||
|                   CREATE ROLE windmill_user; | ||||
|                   GRANT ALL PRIVILEGES ON DATABASE ${cfg.database.name} TO windmill_user; | ||||
|               ELSE | ||||
|                 RAISE NOTICE 'Role "windmill_user" already exists. Skipping.'; | ||||
|               END IF; | ||||
|               IF NOT EXISTS ( | ||||
|                   SELECT FROM pg_catalog.pg_roles | ||||
|                   WHERE rolname = 'windmill_admin' | ||||
|               ) THEN | ||||
|                 CREATE ROLE windmill_admin WITH BYPASSRLS; | ||||
|                 GRANT windmill_user TO windmill_admin; | ||||
|               ELSE | ||||
|                 RAISE NOTICE 'Role "windmill_admin" already exists. Skipping.'; | ||||
|               END IF; | ||||
|               GRANT windmill_admin TO windmill; | ||||
|           END | ||||
|           $$; | ||||
|           EOF | ||||
|         ''; | ||||
| 
 | ||||
|         windmill-server = { | ||||
|           description = "Windmill server"; | ||||
|           after = [ "network.target" ] ++ lib.optional cfg.database.createLocally "postgresql.service"; | ||||
|           after = [ "network.target" ] ++ lib.optional cfg.database.createLocally "postgresql.target"; | ||||
|           wantedBy = [ "multi-user.target" ]; | ||||
| 
 | ||||
|           serviceConfig = serviceConfig // { | ||||
| @ -183,7 +181,7 @@ in | ||||
| 
 | ||||
|         windmill-worker = { | ||||
|           description = "Windmill worker"; | ||||
|           after = [ "network.target" ] ++ lib.optional cfg.database.createLocally "postgresql.service"; | ||||
|           after = [ "network.target" ] ++ lib.optional cfg.database.createLocally "postgresql.target"; | ||||
|           wantedBy = [ "multi-user.target" ]; | ||||
| 
 | ||||
|           serviceConfig = serviceConfig // { | ||||
| @ -201,7 +199,7 @@ in | ||||
| 
 | ||||
|         windmill-worker-native = { | ||||
|           description = "Windmill worker native"; | ||||
|           after = [ "network.target" ] ++ lib.optional cfg.database.createLocally "postgresql.service"; | ||||
|           after = [ "network.target" ] ++ lib.optional cfg.database.createLocally "postgresql.target"; | ||||
|           wantedBy = [ "multi-user.target" ]; | ||||
| 
 | ||||
|           serviceConfig = serviceConfig // { | ||||
|  | ||||
| @ -93,8 +93,8 @@ in | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
| 
 | ||||
|       wants = [ "network-online.target" ]; | ||||
|       after = [ "network-online.target" ] ++ lib.optional cfg.database.createLocally "postgresql.service"; | ||||
|       requires = lib.optional cfg.database.createLocally "postgresql.service"; | ||||
|       after = [ "network-online.target" ] ++ lib.optional cfg.database.createLocally "postgresql.target"; | ||||
|       requires = lib.optional cfg.database.createLocally "postgresql.target"; | ||||
| 
 | ||||
|       environment = lib.mapAttrs (_: value: toString value) cfg.settings; | ||||
| 
 | ||||
|  | ||||
| @ -182,7 +182,7 @@ in | ||||
|         after = [ | ||||
|           "network.target" | ||||
|           "local-fs.target" | ||||
|           "postgresql.service" | ||||
|           "postgresql.target" | ||||
|         ]; | ||||
|       }; | ||||
| 
 | ||||
|  | ||||
| @ -14,7 +14,7 @@ | ||||
| 
 | ||||
|   testScript = '' | ||||
|     machine.start() | ||||
|     machine.wait_for_unit("postgresql.service") | ||||
|     machine.wait_for_unit("postgresql.target") | ||||
|     machine.wait_for_unit("coder.service") | ||||
|     machine.wait_for_open_port(3000) | ||||
| 
 | ||||
|  | ||||
| @ -55,7 +55,7 @@ | ||||
|   testScript = '' | ||||
|     start_all() | ||||
| 
 | ||||
|     machine1.wait_for_unit("postgresql.service") | ||||
|     machine1.wait_for_unit("postgresql.target") | ||||
|     machine1.wait_for_unit("davis-env-setup.service") | ||||
|     machine1.wait_for_unit("davis-db-migrate.service") | ||||
|     machine1.wait_for_unit("phpfpm-davis.service") | ||||
|  | ||||
Some files were not shown because too many files have changed in this diff Show More
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user
	 K900
						K900