talexander/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Merge remote-tracking branch 'origin/staging-next' into staging

Browse Source
This commit is contained in:
K900 2025-06-27 21:07:44 +03:00
commit 5985f13b69
318 changed files with 1235 additions and 1019 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ci/check-cherry-picks.sh
View File

@ -66,9 +66,11 @@ while read -r new_commit_sha ; do
git rev-list --max-count=1 --format=medium "$new_commit_sha"
echo "-------------------------------------------------"
# Using the last line with "cherry" + hash, because a chained backport
# can result in multiple of those lines. Only the last one counts.
original_commit_sha=$(
git rev-list --max-count=1 --format=format:%B "$new_commit_sha" \
| grep -Ei -m1 "cherry.*[0-9a-f]{40}" \
| grep -Ei "cherry.*[0-9a-f]{40}" | tail -n1 \
| grep -Eoi -m1 '[0-9a-f]{40}' || true
)
if [ -z "$original_commit_sha" ] ; then

6
doc/languages-frameworks/beam.section.md
View File

@ -259,13 +259,13 @@ in
wantedBy = [ "multi-user.target" ];
after = [
"network.target"
"postgresql.service"
"postgresql.target"
];
# note that if you are connecting to a postgres instance on a different host
# postgresql.service should not be included in the requires.
# postgresql.target should not be included in the requires.
requires = [
"network-online.target"
"postgresql.service"
"postgresql.target"
];
description = "my app";
environment = {

10
maintainers/maintainer-list.nix
View File

@ -8160,6 +8160,16 @@
githubId = 26925347;
keys = [ { fingerprint = "0797 D238 9769 CA1E 57B7 2ED9 2BA7 8116 87C9 0DE4"; } ];
};
felipe-9 = {
name = "Felipe Pinto";
email = "felipealexandrepinto@icloud.com";
github = "Felipe-9";
githubId = 32753781;
keys = [
{ fingerprint = "1533 0D57 3312 0936 AB38 3C9B 7D36 1E4B 83CD AEFB"; }
{ fingerprint = "2BD0 AD01 F91D A0DC 47DF 0AEE 7AA1 649F 6B71 42F2"; }
];
};
felipeqq2 = {
name = "Felipe Silva";
email = "nixpkgs@felipeqq2.rocks";

18
nixos/doc/manual/redirects.json
View File

@ -1316,22 +1316,14 @@
"module-services-postgres-initializing-extra-permissions": [
"index.html#module-services-postgres-initializing-extra-permissions"
],
"module-services-postgres-initializing-extra-permissions-superuser": [
"index.html#module-services-postgres-initializing-extra-permissions-superuser"
],
"module-services-postgres-initializing-extra-permissions-superuser-post-start": [
"index.html#module-services-postgres-initializing-extra-permissions-superuser-post-start"
],
"module-services-postgres-initializing-extra-permissions-superuser-oneshot": [
"index.html#module-services-postgres-initializing-extra-permissions-superuser-oneshot"
],
"module-services-postgres-initializing-extra-permissions-service-user": [
"index.html#module-services-postgres-initializing-extra-permissions-superuser-post-start",
"index.html#module-services-postgres-initializing-extra-permissions-superuser",
"index.html#module-services-postgres-initializing-extra-permissions-service-user-pre-start",
"index.html#module-services-postgres-initializing-extra-permissions-service-user"
],
"module-services-postgres-initializing-extra-permissions-service-user-pre-start": [
"index.html#module-services-postgres-initializing-extra-permissions-service-user-pre-start"
],
"module-services-postgres-initializing-extra-permissions-service-user-oneshot": [
"module-services-postgres-initializing-extra-permissions-superuser-oneshot": [
"index.html#module-services-postgres-initializing-extra-permissions-superuser-oneshot",
"index.html#module-services-postgres-initializing-extra-permissions-service-user-oneshot"
],
"module-services-postgres-authentication": [

4
nixos/doc/manual/release-notes/rl-2511.section.md
View File

@ -66,8 +66,12 @@
- The `yeahwm` package and `services.xserver.windowManager.yeahwm` module were removed due to the package being broken and unmaintained upstream.
- The `services.postgresql` module now sets up a systemd unit `postgresql.target`. Depending on `postgresql.target` guarantees that postgres is in read-write mode and initial/ensure scripts were executed. Depending on `postgresql.service` only guarantees a read-only connection.
- The `services.siproxd` module has been removed as `siproxd` is unmaintained and broken with libosip 5.x.
- `netbox-manage` script created by the `netbox` module no longer uses `sudo -u netbox` internally. It can be run as root and will change it's user to `netbox` using `runuser`
- `services.dwm-status.extraConfig` was replaced by [RFC0042](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md)-compliant [](#opt-services.dwm-status.settings), which is used to generate the config file. `services.dwm-status.order` is now moved to [](#opt-services.dwm-status.settings.order), as it's a part of the config file.
- `gitversion` was updated to 6.3.0, which includes a number of breaking changes, old configurations may need updating or they will cause the tool to fail to run.

2
nixos/modules/services/admin/pgadmin.nix
View File

@ -182,7 +182,7 @@ in
requires = [ "network.target" ];
# we're adding this optionally so just in case there's any race it'll be caught
# in case postgres doesn't start, pgadmin will just start normally
wants = [ "postgresql.service" ];
wants = [ "postgresql.target" ];
path = [
config.services.postgresql.package

2
nixos/modules/services/backup/bacula.nix
View File

@ -720,7 +720,7 @@ in
systemd.services.bacula-dir = mkIf dir_cfg.enable {
after = [
"network.target"
"postgresql.service"
"postgresql.target"
];
description = "Bacula Director Daemon";
wantedBy = [ "multi-user.target" ];

2
nixos/modules/services/backup/postgresql-backup.nix
View File

@ -35,7 +35,7 @@ let
description = "Backup of ${db} database(s)";
requires = [ "postgresql.service" ];
requires = [ "postgresql.target" ];
path = [
pkgs.coreutils

4
nixos/modules/services/continuous-integration/hydra/default.nix
View File

@ -334,8 +334,8 @@ in
systemd.services.hydra-init = {
wantedBy = [ "multi-user.target" ];
requires = lib.optional haveLocalDB "postgresql.service";
after = lib.optional haveLocalDB "postgresql.service";
requires = lib.optional haveLocalDB "postgresql.target";
after = lib.optional haveLocalDB "postgresql.target";
environment = env // {
HYDRA_DBI = "${env.HYDRA_DBI};application_name=hydra-init";
};

4
nixos/modules/services/databases/pgmanage.nix
View File

@ -185,8 +185,8 @@ in
config = lib.mkIf cfg.enable {
systemd.services.pgmanage = {
description = "pgmanage - PostgreSQL Administration for the web";
wants = [ "postgresql.service" ];
after = [ "postgresql.service" ];
wants = [ "postgresql.target" ];
after = [ "postgresql.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = pgmanage;

2
nixos/modules/services/databases/postgres-websockets.nix
View File

@ -156,7 +156,7 @@ in
wants = [ "network-online.target" ];
after = [
"network-online.target"
"postgresql.service"
"postgresql.target"
];
environment =

77
nixos/modules/services/databases/postgresql.md
View File

@ -89,29 +89,29 @@ database migrations.
**NOTE:** please make sure that any added migrations are idempotent (re-runnable).
#### as superuser {#module-services-postgres-initializing-extra-permissions-superuser}
#### in database's setup `postStart` {#module-services-postgres-initializing-extra-permissions-superuser-post-start}
**Advantage:** compatible with postgres < 15, because it's run
as the database superuser `postgres`.
##### in database `postStart` {#module-services-postgres-initializing-extra-permissions-superuser-post-start}
**Disadvantage:** need to take care of ordering yourself. In this
example, `mkAfter` ensures that permissions are assigned after any
databases from `ensureDatabases` and `extraUser1` from `ensureUsers`
are already created.
`ensureUsers` is run in `postgresql-setup`, so this is where `postStart` must be added to:
```nix
{
systemd.services.postgresql.postStart = lib.mkAfter ''
$PSQL service1 -c 'GRANT SELECT ON ALL TABLES IN SCHEMA public TO "extraUser1"'
$PSQL service1 -c 'GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO "extraUser1"'
systemd.services.postgresql-setup.postStart = ''
psql service1 -c 'GRANT SELECT ON ALL TABLES IN SCHEMA public TO "extraUser1"'
psql service1 -c 'GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO "extraUser1"'
# ....
'';
}
```
##### in intermediate oneshot service {#module-services-postgres-initializing-extra-permissions-superuser-oneshot}
#### in intermediate oneshot service {#module-services-postgres-initializing-extra-permissions-superuser-oneshot}
Make sure to run this service after `postgresql.target`, not `postgresql.service`.
They differ in two aspects:
- `postgresql.target` includes `postgresql-setup`, so users managed via `ensureUsers` are already created.
- `postgresql.target` will wait until PostgreSQL is in read-write mode after restoring from backup, while `postgresql.service` will already be ready when PostgreSQL is still recovering in read-only mode.
Both can lead to unexpected errors either during initial database creation or restore, when using `postgresql.service`.
```nix
{
@ -119,54 +119,13 @@ are already created.
serviceConfig.Type = "oneshot";
requiredBy = "service1.service";
before = "service1.service";
after = "postgresql.service";
after = "postgresql.target";
serviceConfig.User = "postgres";
environment.PSQL = "psql --port=${toString services.postgresql.settings.port}";
environment.PGPORT = toString services.postgresql.settings.port;
path = [ postgresql ];
script = ''
$PSQL service1 -c 'GRANT SELECT ON ALL TABLES IN SCHEMA public TO "extraUser1"'
$PSQL service1 -c 'GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO "extraUser1"'
# ....
'';
};
}
```
#### as service user {#module-services-postgres-initializing-extra-permissions-service-user}
**Advantage:** re-uses systemd's dependency ordering;
**Disadvantage:** relies on service user having grant permission. To be combined with `ensureDBOwnership`.
##### in service `preStart` {#module-services-postgres-initializing-extra-permissions-service-user-pre-start}
```nix
{
environment.PSQL = "psql --port=${toString services.postgresql.settings.port}";
path = [ postgresql ];
systemd.services."service1".preStart = ''
$PSQL -c 'GRANT SELECT ON ALL TABLES IN SCHEMA public TO "extraUser1"'
$PSQL -c 'GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO "extraUser1"'
# ....
'';
}
```
##### in intermediate oneshot service {#module-services-postgres-initializing-extra-permissions-service-user-oneshot}
```nix
{
systemd.services."migrate-service1-db1" = {
serviceConfig.Type = "oneshot";
requiredBy = "service1.service";
before = "service1.service";
after = "postgresql.service";
serviceConfig.User = "service1";
environment.PSQL = "psql --port=${toString services.postgresql.settings.port}";
path = [ postgresql ];
script = ''
$PSQL -c 'GRANT SELECT ON ALL TABLES IN SCHEMA public TO "extraUser1"'
$PSQL -c 'GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO "extraUser1"'
psql service1 -c 'GRANT SELECT ON ALL TABLES IN SCHEMA public TO "extraUser1"'
psql service1 -c 'GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO "extraUser1"'
# ....
'';
};

127
nixos/modules/services/databases/postgresql.nix
View File

@ -751,12 +751,23 @@ in
cfg.checkConfig && pkgs.stdenv.hostPlatform == pkgs.stdenv.buildPlatform
) configFileCheck;
systemd.targets.postgresql = {
description = "PostgreSQL";
wantedBy = [ "multi-user.target" ];
bindsTo = [
"postgresql.service"
"postgresql-setup.service"
];
};
systemd.services.postgresql = {
description = "PostgreSQL Server";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
# To trigger the .target also on "systemctl start postgresql".
bindsTo = [ "postgresql.target" ];
environment.PGDATA = cfg.dataDir;
path = [ cfg.finalPackage ];
@ -776,49 +787,6 @@ in
ln -sfn "${configFile}/postgresql.conf" "${cfg.dataDir}/postgresql.conf"
'';
# Wait for PostgreSQL to be ready to accept connections.
postStart =
''
PSQL="psql --port=${builtins.toString cfg.settings.port}"
while ! $PSQL -d postgres -c "" 2> /dev/null; do
if ! kill -0 "$MAINPID"; then exit 1; fi
sleep 0.1
done
if test -e "${cfg.dataDir}/.first_startup"; then
${optionalString (cfg.initialScript != null) ''
$PSQL -f "${cfg.initialScript}" -d postgres
''}
rm -f "${cfg.dataDir}/.first_startup"
fi
''
+ optionalString (cfg.ensureDatabases != [ ]) ''
${concatMapStrings (database: ''
$PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = '${database}'" | grep -q 1 || $PSQL -tAc 'CREATE DATABASE "${database}"'
'') cfg.ensureDatabases}
''
+ ''
${concatMapStrings (
user:
let
dbOwnershipStmt = optionalString user.ensureDBOwnership ''$PSQL -tAc 'ALTER DATABASE "${user.name}" OWNER TO "${user.name}";' '';
filteredClauses = filterAttrs (name: value: value != null) user.ensureClauses;
clauseSqlStatements = attrValues (mapAttrs (n: v: if v then n else "no${n}") filteredClauses);
userClauses = ''$PSQL -tAc 'ALTER ROLE "${user.name}" ${concatStringsSep " " clauseSqlStatements}' '';
in
''
$PSQL -tAc "SELECT 1 FROM pg_roles WHERE rolname='${user.name}'" | grep -q 1 || $PSQL -tAc 'CREATE USER "${user.name}"'
${userClauses}
${dbOwnershipStmt}
''
) cfg.ensureUsers}
'';
serviceConfig = mkMerge [
{
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
@ -891,11 +859,74 @@ in
unitConfig.RequiresMountsFor = "${cfg.dataDir}";
};
systemd.services.postgresql-setup = {
description = "PostgreSQL Setup Scripts";
requires = [ "postgresql.service" ];
after = [ "postgresql.service" ];
serviceConfig = {
User = "postgres";
Group = "postgres";
Type = "oneshot";
RemainAfterExit = true;
};
path = [ cfg.finalPackage ];
environment.PGPORT = builtins.toString cfg.settings.port;
# Wait for PostgreSQL to be ready to accept connections.
script =
''
check-connection() {
psql -d postgres -v ON_ERROR_STOP=1 <<-' EOF'
SELECT pg_is_in_recovery() \gset
\if :pg_is_in_recovery
\i still-recovering
\endif
EOF
}
while ! check-connection 2> /dev/null; do
if ! systemctl is-active --quiet postgresql.service; then exit 1; fi
sleep 0.1
done
if test -e "${cfg.dataDir}/.first_startup"; then
${optionalString (cfg.initialScript != null) ''
psql -f "${cfg.initialScript}" -d postgres
''}
rm -f "${cfg.dataDir}/.first_startup"
fi
''
+ optionalString (cfg.ensureDatabases != [ ]) ''
${concatMapStrings (database: ''
psql -tAc "SELECT 1 FROM pg_database WHERE datname = '${database}'" | grep -q 1 || psql -tAc 'CREATE DATABASE "${database}"'
'') cfg.ensureDatabases}
''
+ ''
${concatMapStrings (
user:
let
dbOwnershipStmt = optionalString user.ensureDBOwnership ''psql -tAc 'ALTER DATABASE "${user.name}" OWNER TO "${user.name}";' '';
filteredClauses = filterAttrs (name: value: value != null) user.ensureClauses;
clauseSqlStatements = attrValues (mapAttrs (n: v: if v then n else "no${n}") filteredClauses);
userClauses = ''psql -tAc 'ALTER ROLE "${user.name}" ${concatStringsSep " " clauseSqlStatements}' '';
in
''
psql -tAc "SELECT 1 FROM pg_roles WHERE rolname='${user.name}'" | grep -q 1 || psql -tAc 'CREATE USER "${user.name}"'
${userClauses}
${dbOwnershipStmt}
''
) cfg.ensureUsers}
'';
};
};
meta.doc = ./postgresql.md;
meta.maintainers = with lib.maintainers; [
thoughtpolice
danbst
];
meta.maintainers = pkgs.postgresql.meta.maintainers;
}

2
nixos/modules/services/databases/postgrest.nix
View File

@ -256,7 +256,7 @@ in
wants = [ "network-online.target" ];
after = [
"network-online.target"
"postgresql.service"
"postgresql.target"
];
serviceConfig = {

4
nixos/modules/services/development/zammad.nix
View File

@ -275,13 +275,13 @@ in
"systemd-tmpfiles-setup.service"
]
++ lib.optionals (cfg.database.createLocally) [
"postgresql.service"
"postgresql.target"
]
++ lib.optionals cfg.redis.createLocally [
"redis-${cfg.redis.name}.service"
];
requires = lib.optionals (cfg.database.createLocally) [
"postgresql.service"
"postgresql.target"
];
description = "Zammad web";
wantedBy = [ "multi-user.target" ];

4
nixos/modules/services/finance/libeufin/common.nix
View File

@ -123,8 +123,8 @@ libeufinComponent:
echo "Bank initialisation complete"
fi
'';
requires = lib.optionals cfg.createLocalDatabase [ "postgresql.service" ];
after = [ "network.target" ] ++ lib.optionals cfg.createLocalDatabase [ "postgresql.service" ];
requires = lib.optionals cfg.createLocalDatabase [ "postgresql.target" ];
after = [ "network.target" ] ++ lib.optionals cfg.createLocalDatabase [ "postgresql.target" ];
};
};

4
nixos/modules/services/finance/odoo.nix
View File

@ -119,13 +119,13 @@ in
wantedBy = [ "multi-user.target" ];
after = [
"network.target"
"postgresql.service"
"postgresql.target"
];
# pg_dump
path = [ config.services.postgresql.package ];
requires = [ "postgresql.service" ];
requires = [ "postgresql.target" ];
serviceConfig = {
ExecStart = "${cfg.package}/bin/odoo";

4
nixos/modules/services/finance/taler/common.nix
View File

@ -89,8 +89,8 @@ in
Restart = "on-failure";
RestartSec = "5s";
};
requires = [ "postgresql.service" ];
after = [ "postgresql.service" ];
requires = [ "postgresql.target" ];
after = [ "postgresql.target" ];
};
}
];

2
nixos/modules/services/home-automation/home-assistant.nix
View File

@ -623,7 +623,7 @@ in
# prevent races with database creation
"mysql.service"
"postgresql.service"
"postgresql.target"
];
reloadTriggers =
optionals (cfg.config != null) [ configFile ]

2
nixos/modules/services/mail/dspam.nix
View File

@ -107,7 +107,7 @@ in
systemd.services.dspam = {
description = "dspam spam filtering daemon";
wantedBy = [ "multi-user.target" ];
after = [ "postgresql.service" ];
after = [ "postgresql.target" ];
restartTriggers = [ cfgfile ];
serviceConfig = {

2
nixos/modules/services/mail/listmonk.nix
View File

@ -193,7 +193,7 @@ in
systemd.services.listmonk = {
description = "Listmonk - newsletter and mailing list manager";
after = [ "network.target" ] ++ lib.optional cfg.database.createLocally "postgresql.service";
after = [ "network.target" ] ++ lib.optional cfg.database.createLocally "postgresql.target";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "exec";

12
nixos/modules/services/mail/mailman.nix
View File

@ -575,9 +575,9 @@ in
after =
[ "network.target" ]
++ lib.optional cfg.enablePostfix "postfix-setup.service"
++ lib.optional withPostgresql "postgresql.service";
++ lib.optional withPostgresql "postgresql.target";
restartTriggers = [ mailmanCfgFile ];
requires = lib.optional withPostgresql "postgresql.service";
requires = lib.optional withPostgresql "postgresql.target";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${mailmanEnv}/bin/mailman start";
@ -609,8 +609,8 @@ in
"hyperkitty.service"
];
path = with pkgs; [ jq ];
after = lib.optional withPostgresql "postgresql.service";
requires = lib.optional withPostgresql "postgresql.service";
after = lib.optional withPostgresql "postgresql.target";
requires = lib.optional withPostgresql "postgresql.target";
serviceConfig.RemainAfterExit = true;
serviceConfig.Type = "oneshot";
script = ''
@ -709,11 +709,11 @@ in
in
{
wantedBy = [ "multi-user.target" ];
after = lib.optional withPostgresql "postgresql.service";
after = lib.optional withPostgresql "postgresql.target";
requires = [
"mailman-uwsgi.socket"
"mailman-web-setup.service"
] ++ lib.optional withPostgresql "postgresql.service";
] ++ lib.optional withPostgresql "postgresql.target";
restartTriggers = [ config.environment.etc."mailman3/settings.py".source ];
serviceConfig = {
# Since the mailman-web settings.py obstinately creates a logs

4
nixos/modules/services/mail/postfixadmin.nix
View File

@ -148,8 +148,8 @@ in
# objects owners and extensions; for now we tack on what's needed
# here.
systemd.services.postfixadmin-postgres = lib.mkIf localDB {
after = [ "postgresql.service" ];
bindsTo = [ "postgresql.service" ];
after = [ "postgresql.target" ];
bindsTo = [ "postgresql.target" ];
wantedBy = [ "multi-user.target" ];
path = [
pgsql.package

4
nixos/modules/services/mail/roundcube.nix
View File

@ -273,8 +273,8 @@ in
systemd.services.roundcube-setup = lib.mkMerge [
(lib.mkIf localDB {
requires = [ "postgresql.service" ];
after = [ "postgresql.service" ];
requires = [ "postgresql.target" ];
after = [ "postgresql.target" ];
})
{
wants = [ "network-online.target" ];

2
nixos/modules/services/matrix/appservice-irc.nix
View File

@ -196,7 +196,7 @@ in
description = "Matrix-IRC bridge";
before = [ "matrix-synapse.service" ]; # So the registration can be used by Synapse
after = lib.optionals (cfg.settings.database.engine == "postgres") [
"postgresql.service"
"postgresql.target"
];
wantedBy = [ "multi-user.target" ];

2
nixos/modules/services/matrix/maubot.nix
View File

@ -440,7 +440,7 @@ in
systemd.services.maubot = rec {
description = "maubot - a plugin-based Matrix bot system written in Python";
after = [ "network.target" ] ++ wants ++ lib.optional hasLocalPostgresDB "postgresql.service";
after = [ "network.target" ] ++ wants ++ lib.optional hasLocalPostgresDB "postgresql.target";
# all plugins get automatically disabled if maubot starts before synapse
wants = lib.optional config.services.matrix-synapse.enable config.services.matrix-synapse.serviceUnit;
wantedBy = [ "multi-user.target" ];

2
nixos/modules/services/matrix/synapse-auto-compressor.nix
View File

@ -119,7 +119,7 @@ in
systemd.services.synapse-auto-compressor = {
description = "synapse-auto-compressor";
requires = lib.optionals synapseUsesLocalPostgresql [
"postgresql.service"
"postgresql.target"
];
inherit (cfg) startAt;
serviceConfig = {

8
nixos/modules/services/matrix/synapse.nix
View File

@ -1439,7 +1439,7 @@ in
systemd.targets.matrix-synapse = lib.mkIf hasWorkers {
description = "Synapse Matrix parent target";
wants = [ "network-online.target" ];
after = [ "network-online.target" ] ++ optional hasLocalPostgresDB "postgresql.service";
after = [ "network-online.target" ] ++ optional hasLocalPostgresDB "postgresql.target";
wantedBy = [ "multi-user.target" ];
};
@ -1451,13 +1451,13 @@ in
partOf = [ "matrix-synapse.target" ];
wantedBy = [ "matrix-synapse.target" ];
unitConfig.ReloadPropagatedFrom = "matrix-synapse.target";
requires = optional hasLocalPostgresDB "postgresql.service";
requires = optional hasLocalPostgresDB "postgresql.target";
}
else
{
wants = [ "network-online.target" ];
after = [ "network-online.target" ] ++ optional hasLocalPostgresDB "postgresql.service";
requires = optional hasLocalPostgresDB "postgresql.service";
after = [ "network-online.target" ] ++ optional hasLocalPostgresDB "postgresql.target";
requires = optional hasLocalPostgresDB "postgresql.target";
wantedBy = [ "multi-user.target" ];
};
baseServiceConfig = {

6
nixos/modules/services/misc/atuin.nix
View File

@ -92,13 +92,13 @@ in
systemd.services.atuin = {
description = "atuin server";
requires = lib.optionals cfg.database.createLocally [ "postgresql.service" ];
requires = lib.optionals cfg.database.createLocally [ "postgresql.target" ];
after = [
"network-online.target"
] ++ lib.optionals cfg.database.createLocally [ "postgresql.service" ];
] ++ lib.optionals cfg.database.createLocally [ "postgresql.target" ];
wants = [
"network-online.target"
] ++ lib.optionals cfg.database.createLocally [ "postgresql.service" ];
] ++ lib.optionals cfg.database.createLocally [ "postgresql.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {

2
nixos/modules/services/misc/disnix.nix
View File

@ -77,7 +77,7 @@ in
[ "dbus.service" ]
++ lib.optional config.services.httpd.enable "httpd.service"
++ lib.optional config.services.mysql.enable "mysql.service"
++ lib.optional config.services.postgresql.enable "postgresql.service"
++ lib.optional config.services.postgresql.enable "postgresql.target"
++ lib.optional config.services.tomcat.enable "tomcat.service"
++ lib.optional config.services.svnserve.enable "svnserve.service"
++ lib.optional config.services.mongodb.enable "mongodb.service"

4
nixos/modules/services/misc/forgejo.nix
View File

@ -663,7 +663,7 @@ in
"network.target"
]
++ optionals usePostgresql [
"postgresql.service"
"postgresql.target"
]
++ optionals useMysql [
"mysql.service"
@ -673,7 +673,7 @@ in
];
requires =
optionals (cfg.database.createDatabase && usePostgresql) [
"postgresql.service"
"postgresql.target"
]
++ optionals (cfg.database.createDatabase && useMysql) [
"mysql.service"

2
nixos/modules/services/misc/gammu-smsd.nix
View File

@ -238,7 +238,7 @@ in
wants =
with cfg.backend;
[ ] ++ lib.optionals (service == "sql" && sql.driver == "native_pgsql") [ "postgresql.service" ];
[ ] ++ lib.optionals (service == "sql" && sql.driver == "native_pgsql") [ "postgresql.target" ];
preStart =
with cfg.backend;

4
nixos/modules/services/misc/gitea.nix
View File

@ -758,10 +758,10 @@ in
description = "gitea";
after =
[ "network.target" ]
++ optional usePostgresql "postgresql.service"
++ optional usePostgresql "postgresql.target"
++ optional useMysql "mysql.service";
requires =
optional (cfg.database.createDatabase && usePostgresql) "postgresql.service"
optional (cfg.database.createDatabase && usePostgresql) "postgresql.target"
++ optional (cfg.database.createDatabase && useMysql) "mysql.service";
wantedBy = [ "multi-user.target" ];
path = [

18
nixos/modules/services/misc/gitlab.nix
View File

@ -1295,8 +1295,8 @@ in
pgsql = config.services.postgresql;
in
mkIf databaseActuallyCreateLocally {
after = [ "postgresql.service" ];
bindsTo = [ "postgresql.service" ];
after = [ "postgresql.target" ];
bindsTo = [ "postgresql.target" ];
wantedBy = [ "gitlab.target" ];
partOf = [ "gitlab.target" ];
path = [
@ -1561,12 +1561,12 @@ in
systemd.services.gitlab-db-config = {
after = [
"gitlab-config.service"
"gitlab-postgresql.service"
"postgresql.service"
"gitlab-postgresql.target"
"postgresql.target"
];
wants =
optional (cfg.databaseHost == "") "postgresql.service"
++ optional databaseActuallyCreateLocally "gitlab-postgresql.service";
optional (cfg.databaseHost == "") "postgresql.target"
++ optional databaseActuallyCreateLocally "gitlab-postgresql.target";
bindsTo = [ "gitlab-config.service" ];
wantedBy = [ "gitlab.target" ];
partOf = [ "gitlab.target" ];
@ -1596,7 +1596,7 @@ in
after = [
"network.target"
"redis-gitlab.service"
"postgresql.service"
"postgresql.target"
"gitlab-config.service"
"gitlab-db-config.service"
];
@ -1604,7 +1604,7 @@ in
"gitlab-config.service"
"gitlab-db-config.service"
];
wants = [ "redis-gitlab.service" ] ++ optional (cfg.databaseHost == "") "postgresql.service";
wants = [ "redis-gitlab.service" ] ++ optional (cfg.databaseHost == "") "postgresql.target";
wantedBy = [ "gitlab.target" ];
partOf = [ "gitlab.target" ];
environment =
@ -1847,7 +1847,7 @@ in
"gitlab-config.service"
"gitlab-db-config.service"
];
wants = [ "redis-gitlab.service" ] ++ optional (cfg.databaseHost == "") "postgresql.service";
wants = [ "redis-gitlab.service" ] ++ optional (cfg.databaseHost == "") "postgresql.target";
requiredBy = [ "gitlab.target" ];
partOf = [ "gitlab.target" ];
environment = gitlabEnv;

16
nixos/modules/services/misc/paperless.nix
View File

@ -491,18 +491,18 @@ in
fi
fi
'';
requires = lib.optional cfg.database.createLocally "postgresql.service";
requires = lib.optional cfg.database.createLocally "postgresql.target";
after =
lib.optional enableRedis "redis-paperless.service"
++ lib.optional cfg.database.createLocally "postgresql.service";
++ lib.optional cfg.database.createLocally "postgresql.target";
};
systemd.services.paperless-task-queue = {
description = "Paperless Celery Workers";
requires = lib.optional cfg.database.createLocally "postgresql.service";
requires = lib.optional cfg.database.createLocally "postgresql.target";
after = [
"paperless-scheduler.service"
] ++ lib.optional cfg.database.createLocally "postgresql.service";
] ++ lib.optional cfg.database.createLocally "postgresql.target";
serviceConfig = defaultServiceConfig // {
User = cfg.user;
ExecStart = "${cfg.package}/bin/celery --app paperless worker --loglevel INFO";
@ -520,10 +520,10 @@ in
# Bind to `paperless-scheduler` so that the consumer never runs
# during migrations
bindsTo = [ "paperless-scheduler.service" ];
requires = lib.optional cfg.database.createLocally "postgresql.service";
requires = lib.optional cfg.database.createLocally "postgresql.target";
after = [
"paperless-scheduler.service"
] ++ lib.optional cfg.database.createLocally "postgresql.service";
] ++ lib.optional cfg.database.createLocally "postgresql.target";
serviceConfig = defaultServiceConfig // {
User = cfg.user;
ExecStart = "${cfg.package}/bin/paperless-ngx document_consumer";
@ -541,10 +541,10 @@ in
# Bind to `paperless-scheduler` so that the web server never runs
# during migrations
bindsTo = [ "paperless-scheduler.service" ];
requires = lib.optional cfg.database.createLocally "postgresql.service";
requires = lib.optional cfg.database.createLocally "postgresql.target";
after = [
"paperless-scheduler.service"
] ++ lib.optional cfg.database.createLocally "postgresql.service";
] ++ lib.optional cfg.database.createLocally "postgresql.target";
# Setup PAPERLESS_SECRET_KEY.
# If this environment variable is left unset, paperless-ngx defaults
# to a well-known value, which is insecure.

2
nixos/modules/services/misc/redmine.nix
View File

@ -374,7 +374,7 @@ in
after =
[ "network.target" ]
++ lib.optional mysqlLocal "mysql.service"
++ lib.optional pgsqlLocal "postgresql.service";
++ lib.optional pgsqlLocal "postgresql.target";
wantedBy = [ "multi-user.target" ];
environment.RAILS_ENV = "production";
environment.RAILS_CACHE = "${cfg.stateDir}/cache";

12
nixos/modules/services/misc/sourcehut/service.nix
View File

@ -52,10 +52,10 @@ let
{
after =
[ "network.target" ]
++ optional cfg.postgresql.enable "postgresql.service"
++ optional cfg.postgresql.enable "postgresql.target"
++ optional cfg.redis.enable "redis-sourcehut-${srvsrht}.service";
requires =
optional cfg.postgresql.enable "postgresql.service"
optional cfg.postgresql.enable "postgresql.target"
++ optional cfg.redis.enable "redis-sourcehut-${srvsrht}.service";
path = [ pkgs.gawk ];
environment.HOME = runDir;
@ -482,11 +482,9 @@ in
&& lib.strings.versionAtLeast config.services.postgresql.package.version "15.0"
)
{
postgresql.postStart = (
lib.mkAfter ''
$PSQL -tAc 'ALTER DATABASE "${srvCfg.postgresql.database}" OWNER TO "${srvCfg.user}";'
''
);
postgresql-setup.postStart = ''
psql -tAc 'ALTER DATABASE "${srvCfg.postgresql.database}" OWNER TO "${srvCfg.user}";'
'';
}
)
];

2
nixos/modules/services/monitoring/grafana.nix
View File

@ -2020,7 +2020,7 @@ in
wantedBy = [ "multi-user.target" ];
after =
[ "networking.target" ]
++ lib.optional usePostgresql "postgresql.service"
++ lib.optional usePostgresql "postgresql.target"
++ lib.optional useMysql "mysql.service";
script = ''
set -o errexit -o pipefail -o nounset -o errtrace

2
nixos/modules/services/monitoring/zabbix-proxy.nix
View File

@ -337,7 +337,7 @@ in
description = "Zabbix Proxy";
wantedBy = [ "multi-user.target" ];
after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.service";
after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.target";
path = [ "/run/wrappers" ] ++ cfg.extraPackages;
preStart =

4
nixos/modules/services/monitoring/zabbix-server.nix
View File

@ -328,7 +328,7 @@ in
description = "Zabbix Server";
wantedBy = [ "multi-user.target" ];
after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.service";
after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.target";
path = [ "/run/wrappers" ] ++ cfg.extraPackages;
preStart =
@ -374,7 +374,7 @@ in
systemd.services.httpd.after =
optional (config.services.zabbixWeb.enable && mysqlLocal) "mysql.service"
++ optional (config.services.zabbixWeb.enable && pgsqlLocal) "postgresql.service";
++ optional (config.services.zabbixWeb.enable && pgsqlLocal) "postgresql.target";
};

4
nixos/modules/services/networking/atticd.nix
View File

@ -169,8 +169,8 @@ in
systemd.services.atticd = {
wantedBy = [ "multi-user.target" ];
after = [ "network-online.target" ] ++ lib.optionals hasLocalPostgresDB [ "postgresql.service" ];
requires = lib.optionals hasLocalPostgresDB [ "postgresql.service" ];
after = [ "network-online.target" ] ++ lib.optionals hasLocalPostgresDB [ "postgresql.target" ];
requires = lib.optionals hasLocalPostgresDB [ "postgresql.target" ];
wants = [ "network-online.target" ];
serviceConfig = {

4
nixos/modules/services/networking/firezone/server.nix
View File

@ -1105,8 +1105,8 @@ in
systemd.services.firezone-initialize = {
description = "Backend initialization service for the Firezone zero-trust access platform";
after = mkIf cfg.enableLocalDB [ "postgresql.service" ];
requires = mkIf cfg.enableLocalDB [ "postgresql.service" ];
after = mkIf cfg.enableLocalDB [ "postgresql.target" ];
requires = mkIf cfg.enableLocalDB [ "postgresql.target" ];
wantedBy = [ "firezone.target" ];
partOf = [ "firezone.target" ];

2
nixos/modules/services/networking/pleroma.nix
View File

@ -122,7 +122,7 @@ in
wants = [ "network-online.target" ];
after = [
"network-online.target"
"postgresql.service"
"postgresql.target"
];
wantedBy = [ "pleroma.service" ];
environment.RELEASE_COOKIE = "/var/lib/pleroma/.cookie";

2
nixos/modules/services/networking/powerdns.nix
View File

@ -53,7 +53,7 @@ in
after = [
"network.target"
"mysql.service"
"postgresql.service"
"postgresql.target"
"openldap.service"
];

2
nixos/modules/services/networking/quassel.nix
View File

@ -120,7 +120,7 @@ in
wantedBy = [ "multi-user.target" ];
after =
[ "network.target" ]
++ optional config.services.postgresql.enable "postgresql.service"
++ optional config.services.postgresql.enable "postgresql.target"
++ optional config.services.mysql.enable "mysql.service";
serviceConfig = {

4
nixos/modules/services/security/canaille.nix
View File

@ -283,7 +283,7 @@ in
systemd.services.canaille-install = {
# We want this on boot, not on socket activation
wantedBy = [ "multi-user.target" ];
after = optional createLocalPostgresqlDb "postgresql.service";
after = optional createLocalPostgresqlDb "postgresql.target";
serviceConfig = commonServiceConfig // {
Type = "oneshot";
ExecStart = "${getExe finalPackage} install";
@ -296,7 +296,7 @@ in
after = [
"network.target"
"canaille-install.service"
] ++ optional createLocalPostgresqlDb "postgresql.service";
] ++ optional createLocalPostgresqlDb "postgresql.target";
requires = [
"canaille-install.service"
"canaille.socket"

4
nixos/modules/services/torrent/bitmagnet.nix
View File

@ -127,8 +127,8 @@ in
wantedBy = [ "multi-user.target" ];
after = [
"network.target"
] ++ optional cfg.useLocalPostgresDB "postgresql.service";
requires = optional cfg.useLocalPostgresDB "postgresql.service";
] ++ optional cfg.useLocalPostgresDB "postgresql.target";
requires = optional cfg.useLocalPostgresDB "postgresql.target";
serviceConfig = {
Type = "simple";
DynamicUser = true;

4
nixos/modules/services/web-apps/akkoma.nix
View File

@ -1231,7 +1231,7 @@ in
requiredBy = [ "akkoma.service" ];
after = [
"akkoma-config.service"
"postgresql.service"
"postgresql.target"
];
before = [ "akkoma.service" ];
@ -1269,7 +1269,7 @@ in
"akkoma-config.target"
"network.target"
"network-online.target"
"postgresql.service"
"postgresql.target"
];
confinement.packages = mkIf isConfined runtimeInputs;

2
nixos/modules/services/web-apps/crabfit.nix
View File

@ -109,7 +109,7 @@ in
description = "The API for Crab Fit.";
wantedBy = [ "multi-user.target" ];
after = [ "postgresql.service" ];
after = [ "postgresql.target" ];
serviceConfig = {
# TODO: harden

6
nixos/modules/services/web-apps/davis.nix
View File

@ -444,11 +444,11 @@ in
before = [ "phpfpm-davis.service" ];
after =
lib.optional mysqlLocal "mysql.service"
++ lib.optional pgsqlLocal "postgresql.service"
++ lib.optional pgsqlLocal "postgresql.target"
++ [ "davis-env-setup.service" ];
requires =
lib.optional mysqlLocal "mysql.service"
++ lib.optional pgsqlLocal "postgresql.service"
++ lib.optional pgsqlLocal "postgresql.target"
++ [ "davis-env-setup.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = defaultServiceConfig // {
@ -483,7 +483,7 @@ in
"davis-db-migrate.service"
]
++ lib.optional mysqlLocal "mysql.service"
++ lib.optional pgsqlLocal "postgresql.service";
++ lib.optional pgsqlLocal "postgresql.target";
systemd.services.phpfpm-davis.serviceConfig.ReadWritePaths = [ cfg.dataDir ];
services.nginx = lib.mkIf (cfg.nginx != null) {

6
nixos/modules/services/web-apps/dependency-track.nix
View File

@ -535,9 +535,9 @@ in
};
systemd.services.dependency-track-postgresql-init = lib.mkIf cfg.database.createLocally {
after = [ "postgresql.service" ];
after = [ "postgresql.target" ];
before = [ "dependency-track.service" ];
bindsTo = [ "postgresql.service" ];
bindsTo = [ "postgresql.target" ];
path = [ config.services.postgresql.package ];
serviceConfig = {
Type = "oneshot";
@ -572,7 +572,7 @@ in
if cfg.database.createLocally then
[
"dependency-track-postgresql-init.service"
"postgresql.service"
"postgresql.target"
]
else
[ ];

2
nixos/modules/services/web-apps/dex.nix
View File

@ -100,7 +100,7 @@ in
wantedBy = [ "multi-user.target" ];
after = [
"networking.target"
] ++ (optional (cfg.settings.storage.type == "postgres") "postgresql.service");
] ++ (optional (cfg.settings.storage.type == "postgres") "postgresql.target");
path = with pkgs; [ replace-secret ];
restartTriggers = restartTriggers;
serviceConfig =

12
nixos/modules/services/web-apps/discourse.nix
View File

@ -705,8 +705,8 @@ in
pgsql = config.services.postgresql;
in
lib.mkIf databaseActuallyCreateLocally {
after = [ "postgresql.service" ];
bindsTo = [ "postgresql.service" ];
after = [ "postgresql.target" ];
bindsTo = [ "postgresql.target" ];
wantedBy = [ "discourse.service" ];
partOf = [ "discourse.service" ];
path = [
@ -732,16 +732,16 @@ in
wantedBy = [ "multi-user.target" ];
after = [
"redis-discourse.service"
"postgresql.service"
"discourse-postgresql.service"
"postgresql.target"
"discourse-postgresql.target"
];
bindsTo =
[
"redis-discourse.service"
]
++ lib.optionals (cfg.database.host == null) [
"postgresql.service"
"discourse-postgresql.service"
"postgresql.target"
"discourse-postgresql.target"
];
path = cfg.package.runtimeDeps ++ [
postgresqlPackage

4
nixos/modules/services/web-apps/fider.nix
View File

@ -87,8 +87,8 @@ in
wantedBy = [ "multi-user.target" ];
after = [
"network.target"
] ++ lib.optionals (cfg.database.url == "local") [ "postgresql.service" ];
requires = lib.optionals (cfg.database.url == "local") [ "postgresql.service" ];
] ++ lib.optionals (cfg.database.url == "local") [ "postgresql.target" ];
requires = lib.optionals (cfg.database.url == "local") [ "postgresql.target" ];
environment =
let
localPostgresqlUrl = "postgres:///fider?host=/run/postgresql";

2
nixos/modules/services/web-apps/filesender.nix
View File

@ -227,7 +227,7 @@ in
"multi-user.target"
"phpfpm-filesender.service"
];
after = [ "postgresql.service" ];
after = [ "postgresql.target" ];
restartIfChanged = true;

4
nixos/modules/services/web-apps/firefly-iii.nix
View File

@ -308,7 +308,7 @@ in
systemd.services.firefly-iii-setup = {
after = [
"postgresql.service"
"postgresql.target"
"mysql.service"
];
requiredBy = [ "phpfpm-firefly-iii.service" ];
@ -325,7 +325,7 @@ in
systemd.services.firefly-iii-cron = {
after = [
"firefly-iii-setup.service"
"postgresql.service"
"postgresql.target"
"mysql.service"
];
wants = [ "firefly-iii-setup.service" ];

6
nixos/modules/services/web-apps/froide-govplan.nix
View File

@ -163,9 +163,9 @@ in
systemd = {
services = {
postgresql.serviceConfig.ExecStartPost =
postgresql-setup.serviceConfig.ExecStartPost =
let
sqlFile = pkgs.writeText "immich-pgvectors-setup.sql" ''
sqlFile = pkgs.writeText "froide-govplan-postgis-setup.sql" ''
CREATE EXTENSION IF NOT EXISTS postgis;
'';
in
@ -184,7 +184,7 @@ in
Group = "govplan";
};
after = [
"postgresql.service"
"postgresql.target"
"network.target"
"systemd-tmpfiles-setup.service"
];

2
nixos/modules/services/web-apps/gancio.nix
View File

@ -211,7 +211,7 @@ in
wantedBy = [ "multi-user.target" ];
after = [
"network.target"
] ++ optional (cfg.settings.db.dialect == "postgres") "postgresql.service";
] ++ optional (cfg.settings.db.dialect == "postgres") "postgresql.target";
environment = {
NODE_ENV = "production";

4
nixos/modules/services/web-apps/glitchtip.nix
View File

@ -171,11 +171,11 @@ in
wants = [ "network-online.target" ];
requires =
lib.optional cfg.database.createLocally "postgresql.service"
lib.optional cfg.database.createLocally "postgresql.target"
++ lib.optional cfg.redis.createLocally "redis-glitchtip.service";
after =
[ "network-online.target" ]
++ lib.optional cfg.database.createLocally "postgresql.service"
++ lib.optional cfg.database.createLocally "postgresql.target"
++ lib.optional cfg.redis.createLocally "redis-glitchtip.service";
inherit environment;

4
nixos/modules/services/web-apps/gotosocial.nix
View File

@ -144,8 +144,8 @@ in
systemd.services.gotosocial = {
description = "ActivityPub social network server";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ] ++ lib.optional cfg.setupPostgresqlDB "postgresql.service";
requires = lib.optional cfg.setupPostgresqlDB "postgresql.service";
after = [ "network.target" ] ++ lib.optional cfg.setupPostgresqlDB "postgresql.target";
requires = lib.optional cfg.setupPostgresqlDB "postgresql.target";
restartTriggers = [ configFile ];
serviceConfig = {

4
nixos/modules/services/web-apps/homebox.nix
View File

@ -81,8 +81,8 @@ in
];
};
systemd.services.homebox = {
requires = lib.optional cfg.database.createLocally "postgresql.service";
after = lib.optional cfg.database.createLocally "postgresql.service";
requires = lib.optional cfg.database.createLocally "postgresql.target";
after = lib.optional cfg.database.createLocally "postgresql.target";
environment = cfg.settings;
serviceConfig = {
User = "homebox";

2
nixos/modules/services/web-apps/immich.nix
View File

@ -254,7 +254,7 @@ in
search_path = "\"$user\", public, vectors";
};
};
systemd.services.postgresql.serviceConfig.ExecStartPost =
systemd.services.postgresql-setup.serviceConfig.ExecStartPost =
let
sqlFile = pkgs.writeText "immich-pgvectors-setup.sql" ''
CREATE EXTENSION IF NOT EXISTS unaccent;

4
nixos/modules/services/web-apps/invidious.nix
View File

@ -19,8 +19,8 @@ let
commonInvidousServiceConfig = {
description = "Invidious (An alternative YouTube front-end)";
wants = [ "network-online.target" ];
after = [ "network-online.target" ] ++ lib.optional cfg.database.createLocally "postgresql.service";
requires = lib.optional cfg.database.createLocally "postgresql.service";
after = [ "network-online.target" ] ++ lib.optional cfg.database.createLocally "postgresql.target";
requires = lib.optional cfg.database.createLocally "postgresql.target";
wantedBy = [ "multi-user.target" ];
serviceConfig = {

6
nixos/modules/services/web-apps/keycloak.nix
View File

@ -602,9 +602,9 @@ in
];
systemd.services.keycloakPostgreSQLInit = mkIf createLocalPostgreSQL {
after = [ "postgresql.service" ];
after = [ "postgresql.target" ];
before = [ "keycloak.service" ];
bindsTo = [ "postgresql.service" ];
bindsTo = [ "postgresql.target" ];
path = [ config.services.postgresql.package ];
serviceConfig = {
Type = "oneshot";
@ -690,7 +690,7 @@ in
if createLocalPostgreSQL then
[
"keycloakPostgreSQLInit.service"
"postgresql.service"
"postgresql.target"
]
else if createLocalMySQL then
[

8
nixos/modules/services/web-apps/lasuite-docs.nix
View File

@ -350,10 +350,10 @@ in
description = "Docs from SuiteNumérique";
after =
[ "network.target" ]
++ (optional cfg.postgresql.createLocally "postgresql.service")
++ (optional cfg.postgresql.createLocally "postgresql.target")
++ (optional cfg.redis.createLocally "redis-lasuite-docs.service");
wants =
(optional cfg.postgresql.createLocally "postgresql.service")
(optional cfg.postgresql.createLocally "postgresql.target")
++ (optional cfg.redis.createLocally "redis-lasuite-docs.service");
wantedBy = [ "multi-user.target" ];
@ -398,10 +398,10 @@ in
description = "Docs Celery broker from SuiteNumérique";
after =
[ "network.target" ]
++ (optional cfg.postgresql.createLocally "postgresql.service")
++ (optional cfg.postgresql.createLocally "postgresql.target")
++ (optional cfg.redis.createLocally "redis-lasuite-docs.service");
wants =
(optional cfg.postgresql.createLocally "postgresql.service")
(optional cfg.postgresql.createLocally "postgresql.target")
++ (optional cfg.redis.createLocally "redis-lasuite-docs.service");
wantedBy = [ "multi-user.target" ];

4
nixos/modules/services/web-apps/lemmy.nix
View File

@ -325,9 +325,9 @@ in
wantedBy = [ "multi-user.target" ];
after = [ "pict-rs.service" ] ++ lib.optionals cfg.database.createLocally [ "postgresql.service" ];
after = [ "pict-rs.service" ] ++ lib.optionals cfg.database.createLocally [ "postgresql.target" ];
requires = lib.optionals cfg.database.createLocally [ "postgresql.service" ];
requires = lib.optionals cfg.database.createLocally [ "postgresql.target" ];
# substitute secrets and prevent others from reading the result
# if somehow $CREDENTIALS_DIRECTORY is not set we fail

4
nixos/modules/services/web-apps/limesurvey.nix
View File

@ -413,7 +413,7 @@ in
systemd.services.limesurvey-init = {
wantedBy = [ "multi-user.target" ];
before = [ "phpfpm-limesurvey.service" ];
after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.service";
after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.target";
environment.DBENGINE = "${cfg.database.dbEngine}";
environment.LIMESURVEY_CONFIG = limesurveyConfig;
script = ''
@ -444,7 +444,7 @@ in
systemd.services.httpd.after =
optional mysqlLocal "mysql.service"
++ optional pgsqlLocal "postgresql.service";
++ optional pgsqlLocal "postgresql.target";
users.users.${user} = {
group = group;

22
nixos/modules/services/web-apps/mastodon.nix
View File

@ -126,10 +126,10 @@ let
SystemCallArchitectures = "native";
};
# Services that all Mastodon units After= and Requires= on
commonServices =
# Units that all Mastodon units After= and Requires= on
commonUnits =
lib.optional redisActuallyCreateLocally "redis-mastodon.service"
++ lib.optional databaseActuallyCreateLocally "postgresql.service"
++ lib.optional databaseActuallyCreateLocally "postgresql.target"
++ lib.optional cfg.automaticMigrations "mastodon-init-db.service";
envFile = pkgs.writeText "mastodon.env" (
@ -170,8 +170,8 @@ let
after = [
"network.target"
"mastodon-init-dirs.service"
] ++ commonServices;
requires = [ "mastodon-init-dirs.service" ] ++ commonServices;
] ++ commonUnits;
requires = [ "mastodon-init-dirs.service" ] ++ commonUnits;
description = "Mastodon sidekiq${jobClassLabel}";
wantedBy = [ "mastodon.target" ];
environment = env // {
@ -209,8 +209,8 @@ let
after = [
"network.target"
"mastodon-init-dirs.service"
] ++ commonServices;
requires = [ "mastodon-init-dirs.service" ] ++ commonServices;
] ++ commonUnits;
requires = [ "mastodon-init-dirs.service" ] ++ commonUnits;
wantedBy = [
"mastodon.target"
"mastodon-streaming.target"
@ -998,18 +998,18 @@ in
after = [
"network.target"
"mastodon-init-dirs.service"
] ++ lib.optional databaseActuallyCreateLocally "postgresql.service";
] ++ lib.optional databaseActuallyCreateLocally "postgresql.target";
requires = [
"mastodon-init-dirs.service"
] ++ lib.optional databaseActuallyCreateLocally "postgresql.service";
] ++ lib.optional databaseActuallyCreateLocally "postgresql.target";
};
systemd.services.mastodon-web = {
after = [
"network.target"
"mastodon-init-dirs.service"
] ++ commonServices;
requires = [ "mastodon-init-dirs.service" ] ++ commonServices;
] ++ commonUnits;
requires = [ "mastodon-init-dirs.service" ] ++ commonUnits;
wantedBy = [ "mastodon.target" ];
description = "Mastodon web";
environment =

4
nixos/modules/services/web-apps/mattermost.nix
View File

@ -840,7 +840,7 @@ in
wantedBy = [ "multi-user.target" ];
after = mkMerge [
[ "network.target" ]
(mkIf (cfg.database.driver == "postgres" && cfg.database.create) [ "postgresql.service" ])
(mkIf (cfg.database.driver == "postgres" && cfg.database.create) [ "postgresql.target" ])
(mkIf (cfg.database.driver == "mysql" && cfg.database.create) [ "mysql.service" ])
];
requires = after;
@ -946,7 +946,7 @@ in
];
unitConfig.JoinsNamespaceOf = mkMerge [
(mkIf (cfg.database.driver == "postgres" && cfg.database.create) [ "postgresql.service" ])
(mkIf (cfg.database.driver == "postgres" && cfg.database.create) [ "postgresql.target" ])
(mkIf (cfg.database.driver == "mysql" && cfg.database.create) [ "mysql.service" ])
];
};

4
nixos/modules/services/web-apps/mealie.nix
View File

@ -66,8 +66,8 @@ in
systemd.services.mealie = {
description = "Mealie, a self hosted recipe manager and meal planner";
after = [ "network-online.target" ] ++ lib.optional cfg.database.createLocally "postgresql.service";
requires = lib.optional cfg.database.createLocally "postgresql.service";
after = [ "network-online.target" ] ++ lib.optional cfg.database.createLocally "postgresql.target";
requires = lib.optional cfg.database.createLocally "postgresql.target";
wants = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];

4
nixos/modules/services/web-apps/mediagoblin.nix
View File

@ -339,11 +339,11 @@ in
mediagoblin-paster = lib.recursiveUpdate serviceDefaults {
after = [
"mediagoblin-celeryd.service"
"postgresql.service"
"postgresql.target"
];
requires = [
"mediagoblin-celeryd.service"
"postgresql.service"
"postgresql.target"
];
preStart = ''
cp --remove-destination ${pasteConfig} /var/lib/mediagoblin/paste.ini

4
nixos/modules/services/web-apps/mediawiki.nix
View File

@ -707,7 +707,7 @@ in
before = [ "phpfpm-mediawiki.service" ];
after =
optional (cfg.database.type == "mysql" && cfg.database.createLocally) "mysql.service"
++ optional (cfg.database.type == "postgres" && cfg.database.createLocally) "postgresql.service";
++ optional (cfg.database.type == "postgres" && cfg.database.createLocally) "postgresql.target";
script = ''
if ! test -e "${stateDir}/secret.key"; then
tr -dc A-Za-z0-9 </dev/urandom 2>/dev/null | head -c 64 > ${stateDir}/secret.key
@ -754,7 +754,7 @@ in
) "mysql.service"
++ optional (
cfg.webserver == "apache" && cfg.database.createLocally && cfg.database.type == "postgres"
) "postgresql.service";
) "postgresql.target";
users.users.${user} = {
inherit group;

6
nixos/modules/services/web-apps/miniflux.nix
View File

@ -107,10 +107,10 @@ in
systemd.services.miniflux-dbsetup = lib.mkIf cfg.createDatabaseLocally {
description = "Miniflux database setup";
requires = [ "postgresql.service" ];
requires = [ "postgresql.target" ];
after = [
"network.target"
"postgresql.service"
"postgresql.target"
];
serviceConfig = {
Type = "oneshot";
@ -126,7 +126,7 @@ in
after =
[ "network.target" ]
++ lib.optionals cfg.createDatabaseLocally [
"postgresql.service"
"postgresql.target"
"miniflux-dbsetup.service"
];

2
nixos/modules/services/web-apps/misskey.nix
View File

@ -319,7 +319,7 @@ in
systemd.services.misskey = {
after = [
"network-online.target"
"postgresql.service"
"postgresql.target"
];
wants = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];

2
nixos/modules/services/web-apps/mobilizon.nix
View File

@ -366,7 +366,7 @@ in
systemd.services.mobilizon-postgresql = mkIf isLocalPostgres {
description = "Mobilizon PostgreSQL setup";
after = [ "postgresql.service" ];
after = [ "postgresql.target" ];
before = [
"mobilizon.service"
"mobilizon-setup-secrets.service"

4
nixos/modules/services/web-apps/moodle.nix
View File

@ -351,7 +351,7 @@ in
systemd.services.moodle-init = {
wantedBy = [ "multi-user.target" ];
before = [ "phpfpm-moodle.service" ];
after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.service";
after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.target";
environment.MOODLE_CONFIG = moodleConfig;
script = ''
${phpExt}/bin/php ${cfg.package}/share/moodle/admin/cli/check_database_schema.php && rc=$? || rc=$?
@ -394,7 +394,7 @@ in
systemd.services.httpd.after =
optional mysqlLocal "mysql.service"
++ optional pgsqlLocal "postgresql.service";
++ optional pgsqlLocal "postgresql.target";
users.users.${user} = {
group = group;

16
nixos/modules/services/web-apps/movim.nix
View File

@ -165,9 +165,9 @@ let
fpm = config.services.phpfpm.pools.${pool};
phpExecutionUnit = "phpfpm-${pool}";
dbService =
dbUnit =
{
"postgresql" = "postgresql.service";
"postgresql" = "postgresql.target";
"mariadb" = "mysql.service";
}
.${cfg.database.type};
@ -843,8 +843,8 @@ in
requiredBy = [ "${phpExecutionUnit}.service" ];
before = [ "${phpExecutionUnit}.service" ];
wants = [ "local-fs.target" ];
requires = lib.optional cfg.database.createLocally dbService;
after = lib.optional cfg.database.createLocally dbService;
requires = lib.optional cfg.database.createLocally dbUnit;
after = lib.optional cfg.database.createLocally dbUnit;
serviceConfig =
{
@ -899,8 +899,8 @@ in
requiredBy = [ "movim.service" ];
before = [ "movim.service" ] ++ lib.optional (webServerService != null) webServerService;
wants = [ "network.target" ];
requires = [ "movim-data-setup.service" ] ++ lib.optional cfg.database.createLocally dbService;
after = [ "movim-data-setup.service" ] ++ lib.optional cfg.database.createLocally dbService;
requires = [ "movim-data-setup.service" ] ++ lib.optional cfg.database.createLocally dbUnit;
after = [ "movim-data-setup.service" ] ++ lib.optional cfg.database.createLocally dbUnit;
};
services.movim = {
@ -915,14 +915,14 @@ in
"movim-data-setup.service"
"${phpExecutionUnit}.service"
]
++ lib.optional cfg.database.createLocally dbService
++ lib.optional cfg.database.createLocally dbUnit
++ lib.optional (webServerService != null) webServerService;
after =
[
"movim-data-setup.service"
"${phpExecutionUnit}.service"
]
++ lib.optional cfg.database.createLocally dbService
++ lib.optional cfg.database.createLocally dbUnit
++ lib.optional (webServerService != null) webServerService;
environment = {
PUBLIC_URL = "//${cfg.domain}";

9
nixos/modules/services/web-apps/netbox.nix
View File

@ -39,7 +39,14 @@ let
(writeScriptBin "netbox-manage" ''
#!${stdenv.shell}
export PYTHONPATH=${pkg.pythonPath}
sudo -u netbox ${pkg}/bin/netbox "$@"
case "$(whoami)" in
"root")
${util-linux}/bin/runuser -u netbox -- ${pkg}/bin/netbox "$@";;
"netbox")
${pkg}/bin/netbox "$@";;
*)
echo "This must be run by either by root 'netbox' user"
esac
'');
in

4
nixos/modules/services/web-apps/nextcloud.nix
View File

@ -1167,8 +1167,8 @@ in
wantedBy = [ "multi-user.target" ];
wants = [ "nextcloud-update-db.service" ];
before = [ "phpfpm-nextcloud.service" ];
after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.service";
requires = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.service";
after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.target";
requires = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.target";
path = [ occ ];
restartTriggers = [ overrideConfig ];
script = ''

4
nixos/modules/services/web-apps/nipap.nix
View File

@ -234,8 +234,8 @@ in
after = [
"network.target"
"systemd-tmpfiles-setup.service"
] ++ lib.optional (cfg.settings.nipapd.db_host == "") "postgresql.service";
requires = lib.optional (cfg.settings.nipapd.db_host == "") "postgresql.service";
] ++ lib.optional (cfg.settings.nipapd.db_host == "") "postgresql.target";
requires = lib.optional (cfg.settings.nipapd.db_host == "") "postgresql.target";
wantedBy = [ "multi-user.target" ];
preStart = lib.optionalString (cfg.settings.auth.default_backend == defaultAuthBackend) ''
# Create/upgrade local auth database

8
nixos/modules/services/web-apps/onlyoffice.nix
View File

@ -235,12 +235,12 @@ in
after = [
"network.target"
"onlyoffice-docservice.service"
"postgresql.service"
"postgresql.target"
];
requires = [
"network.target"
"onlyoffice-docservice.service"
"postgresql.service"
"postgresql.target"
];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
@ -314,9 +314,9 @@ in
description = "onlyoffice documentserver";
after = [
"network.target"
"postgresql.service"
"postgresql.target"
];
requires = [ "postgresql.service" ];
requires = [ "postgresql.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${cfg.package.fhs}/bin/onlyoffice-wrapper DocService/docservice /run/onlyoffice/config";

4
nixos/modules/services/web-apps/outline.nix
View File

@ -634,10 +634,10 @@ in
wantedBy = [ "multi-user.target" ];
after =
[ "networking.target" ]
++ lib.optional (cfg.databaseUrl == "local") "postgresql.service"
++ lib.optional (cfg.databaseUrl == "local") "postgresql.target"
++ lib.optional (cfg.redisUrl == "local") "redis-outline.service";
requires =
lib.optional (cfg.databaseUrl == "local") "postgresql.service"
lib.optional (cfg.databaseUrl == "local") "postgresql.target"
++ lib.optional (cfg.redisUrl == "local") "redis-outline.service";
path = [
pkgs.openssl # Required by the preStart script

6
nixos/modules/services/web-apps/part-db.nix
View File

@ -195,8 +195,8 @@ in
services = {
part-db-migrate = {
before = [ "phpfpm-part-db.service" ];
after = [ "postgresql.service" ];
requires = [ "postgresql.service" ];
after = [ "postgresql.target" ];
requires = [ "postgresql.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
@ -216,7 +216,7 @@ in
after = [ "part-db-migrate.service" ];
requires = [
"part-db-migrate.service"
"postgresql.service"
"postgresql.target"
];
# ensure nginx can access the php-fpm socket
postStart = ''

8
nixos/modules/services/web-apps/peertube.nix
View File

@ -439,9 +439,9 @@ in
description = "Initialization database for PeerTube daemon";
after = [
"network.target"
"postgresql.service"
"postgresql.target"
];
requires = [ "postgresql.service" ];
requires = [ "postgresql.target" ];
script =
let
@ -475,13 +475,13 @@ in
[ "network.target" ]
++ lib.optional cfg.redis.createLocally "redis-peertube.service"
++ lib.optionals cfg.database.createLocally [
"postgresql.service"
"postgresql.target"
"peertube-init-db.service"
];
requires =
lib.optional cfg.redis.createLocally "redis-peertube.service"
++ lib.optionals cfg.database.createLocally [
"postgresql.service"
"postgresql.target"
"peertube-init-db.service"
];
wantedBy = [ "multi-user.target" ];

12
nixos/modules/services/web-apps/pixelfed.nix
View File

@ -53,9 +53,9 @@ let
"mysql" = "/run/mysqld/mysqld.sock";
}
.${cfg.database.type};
dbService =
dbUnit =
{
"pgsql" = "postgresql.service";
"pgsql" = "postgresql.target";
"mysql" = "mysql.service";
}
.${cfg.database.type};
@ -355,7 +355,7 @@ in
"pixelfed-horizon.service"
"pixelfed-data-setup.service"
]
++ lib.optional cfg.database.createLocally dbService
++ lib.optional cfg.database.createLocally dbUnit
++ lib.optional cfg.redis.createLocally redisService;
# Ensure image optimizations programs are available.
systemd.services.phpfpm-pixelfed.path = extraPrograms;
@ -368,7 +368,7 @@ in
];
requires =
[ "pixelfed-data-setup.service" ]
++ (lib.optional cfg.database.createLocally dbService)
++ (lib.optional cfg.database.createLocally dbUnit)
++ (lib.optional cfg.redis.createLocally redisService);
wantedBy = [ "multi-user.target" ];
# Ensure image optimizations programs are available.
@ -412,8 +412,8 @@ in
systemd.services.pixelfed-data-setup = {
description = "Pixelfed setup: migrations, environment file update, cache reload, data changes";
wantedBy = [ "multi-user.target" ];
after = lib.optional cfg.database.createLocally dbService;
requires = lib.optional cfg.database.createLocally dbService;
after = lib.optional cfg.database.createLocally dbUnit;
requires = lib.optional cfg.database.createLocally dbUnit;
path =
with pkgs;
[

6
nixos/modules/services/web-apps/plausible.nix
View File

@ -196,13 +196,13 @@ in
after =
optional cfg.database.clickhouse.setup "clickhouse.service"
++ optionals cfg.database.postgres.setup [
"postgresql.service"
"postgresql.target"
"plausible-postgres.service"
];
requires =
optional cfg.database.clickhouse.setup "clickhouse.service"
++ optionals cfg.database.postgres.setup [
"postgresql.service"
"postgresql.target"
"plausible-postgres.service"
];
@ -309,7 +309,7 @@ in
(mkIf cfg.database.postgres.setup {
# `plausible' requires the `citext'-extension.
plausible-postgres = {
after = [ "postgresql.service" ];
after = [ "postgresql.target" ];
partOf = [ "plausible.service" ];
serviceConfig = {
Type = "oneshot";

4
nixos/modules/services/web-apps/pretalx.nix
View File

@ -434,7 +434,7 @@ in
"redis-pretalx.service"
]
++ lib.optionals (cfg.settings.database.backend == "postgresql") [
"postgresql.service"
"postgresql.target"
]
++ lib.optionals (cfg.settings.database.backend == "mysql") [
"mysql.service"
@ -484,7 +484,7 @@ in
"redis-pretalx.service"
]
++ lib.optionals (cfg.settings.database.backend == "postgresql") [
"postgresql.service"
"postgresql.target"
]
++ lib.optionals (cfg.settings.database.backend == "mysql") [
"mysql.service"

4
nixos/modules/services/web-apps/pretix.nix
View File

@ -533,7 +533,7 @@ in
after = [
"network.target"
"redis-pretix.service"
"postgresql.service"
"postgresql.target"
];
wantedBy = [ "multi-user.target" ];
preStart = ''
@ -574,7 +574,7 @@ in
after = [
"network.target"
"redis-pretix.service"
"postgresql.service"
"postgresql.target"
];
wantedBy = [ "multi-user.target" ];
serviceConfig = {

2
nixos/modules/services/web-apps/reposilite.nix
View File

@ -398,7 +398,7 @@ in
after =
[ "network.target" ]
++ (lib.optional useMySQL "mysql.service")
++ (lib.optional usePostgres "postgresql.service");
++ (lib.optional usePostgres "postgresql.target");
script =
lib.optionalString (cfg.keyPasswordFile != null && cfg.settings.keyPassword == null) ''

2
nixos/modules/services/web-apps/shiori.nix
View File

@ -62,7 +62,7 @@ in
description = "Shiori simple bookmarks manager";
wantedBy = [ "multi-user.target" ];
after = [
"postgresql.service"
"postgresql.target"
"mysql.service"
];
environment =

4
nixos/modules/services/web-apps/sogo.nix
View File

@ -104,7 +104,7 @@ in
systemd.services.sogo = {
description = "SOGo groupware";
after = [
"postgresql.service"
"postgresql.target"
"mysql.service"
"memcached.service"
"openldap.service"
@ -191,7 +191,7 @@ in
description = "SOGo email alarms";
after = [
"postgresql.service"
"postgresql.target"
"mysqld.service"
"memcached.service"
"openldap.service"

4
nixos/modules/services/web-apps/tt-rss.nix
View File

@ -667,11 +667,11 @@ in
};
wantedBy = [ "multi-user.target" ];
requires = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.service";
requires = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.target";
after =
[ "network.target" ]
++ optional mysqlLocal "mysql.service"
++ optional pgsqlLocal "postgresql.service";
++ optional pgsqlLocal "postgresql.target";
};
};

2
nixos/modules/services/web-apps/vikunja.nix
View File

@ -117,7 +117,7 @@ in
description = "vikunja";
after =
[ "network.target" ]
++ lib.optional usePostgresql "postgresql.service"
++ lib.optional usePostgresql "postgresql.target"
++ lib.optional useMysql "mysql.service";
wantedBy = [ "multi-user.target" ];
path = [ cfg.package ];

4
nixos/modules/services/web-apps/wakapi.nix
View File

@ -135,10 +135,10 @@ in
description = "Wakapi (self-hosted WakaTime-compatible backend)";
wants = [
"network-online.target"
] ++ optional (cfg.database.dialect == "postgres") "postgresql.service";
] ++ optional (cfg.database.dialect == "postgres") "postgresql.target";
after = [
"network-online.target"
] ++ optional (cfg.database.dialect == "postgres") "postgresql.service";
] ++ optional (cfg.database.dialect == "postgres") "postgresql.target";
wantedBy = [ "multi-user.target" ];
script = ''

4
nixos/modules/services/web-apps/weblate.nix
View File

@ -251,7 +251,7 @@ in
systemd.services.weblate-postgresql-setup = {
description = "Weblate PostgreSQL setup";
after = [ "postgresql.service" ];
after = [ "postgresql.target" ];
serviceConfig = {
Type = "oneshot";
User = "postgres";
@ -290,7 +290,7 @@ in
after = [
"network.target"
"redis-weblate.service"
"postgresql.service"
"postgresql.target"
];
# We want this to be active on boot, not just on socket activation
wantedBy = [ "multi-user.target" ];

62
nixos/modules/services/web-apps/windmill.nix
View File

@ -134,39 +134,37 @@ in
# coming from https://github.com/windmill-labs/windmill/blob/main/init-db-as-superuser.sql
# modified to not grant privileges on all tables
# create role windmill_user and windmill_admin only if they don't exist
postgresql.postStart = lib.mkIf cfg.database.createLocally (
lib.mkAfter ''
$PSQL -tA <<"EOF"
DO $$
BEGIN
IF NOT EXISTS (
SELECT FROM pg_catalog.pg_roles
WHERE rolname = 'windmill_user'
) THEN
CREATE ROLE windmill_user;
GRANT ALL PRIVILEGES ON DATABASE ${cfg.database.name} TO windmill_user;
ELSE
RAISE NOTICE 'Role "windmill_user" already exists. Skipping.';
END IF;
IF NOT EXISTS (
SELECT FROM pg_catalog.pg_roles
WHERE rolname = 'windmill_admin'
) THEN
CREATE ROLE windmill_admin WITH BYPASSRLS;
GRANT windmill_user TO windmill_admin;
ELSE
RAISE NOTICE 'Role "windmill_admin" already exists. Skipping.';
END IF;
GRANT windmill_admin TO windmill;
END
$$;
EOF
''
);
postgresql.postStart = lib.mkIf cfg.database.createLocally ''
psql -tA <<"EOF"
DO $$
BEGIN
IF NOT EXISTS (
SELECT FROM pg_catalog.pg_roles
WHERE rolname = 'windmill_user'
) THEN
CREATE ROLE windmill_user;
GRANT ALL PRIVILEGES ON DATABASE ${cfg.database.name} TO windmill_user;
ELSE
RAISE NOTICE 'Role "windmill_user" already exists. Skipping.';
END IF;
IF NOT EXISTS (
SELECT FROM pg_catalog.pg_roles
WHERE rolname = 'windmill_admin'
) THEN
CREATE ROLE windmill_admin WITH BYPASSRLS;
GRANT windmill_user TO windmill_admin;
ELSE
RAISE NOTICE 'Role "windmill_admin" already exists. Skipping.';
END IF;
GRANT windmill_admin TO windmill;
END
$$;
EOF
'';
windmill-server = {
description = "Windmill server";
after = [ "network.target" ] ++ lib.optional cfg.database.createLocally "postgresql.service";
after = [ "network.target" ] ++ lib.optional cfg.database.createLocally "postgresql.target";
wantedBy = [ "multi-user.target" ];
serviceConfig = serviceConfig // {
@ -183,7 +181,7 @@ in
windmill-worker = {
description = "Windmill worker";
after = [ "network.target" ] ++ lib.optional cfg.database.createLocally "postgresql.service";
after = [ "network.target" ] ++ lib.optional cfg.database.createLocally "postgresql.target";
wantedBy = [ "multi-user.target" ];
serviceConfig = serviceConfig // {
@ -201,7 +199,7 @@ in
windmill-worker-native = {
description = "Windmill worker native";
after = [ "network.target" ] ++ lib.optional cfg.database.createLocally "postgresql.service";
after = [ "network.target" ] ++ lib.optional cfg.database.createLocally "postgresql.target";
wantedBy = [ "multi-user.target" ];
serviceConfig = serviceConfig // {

4
nixos/modules/services/web-apps/zipline.nix
View File

@ -93,8 +93,8 @@ in
wantedBy = [ "multi-user.target" ];
wants = [ "network-online.target" ];
after = [ "network-online.target" ] ++ lib.optional cfg.database.createLocally "postgresql.service";
requires = lib.optional cfg.database.createLocally "postgresql.service";
after = [ "network-online.target" ] ++ lib.optional cfg.database.createLocally "postgresql.target";
requires = lib.optional cfg.database.createLocally "postgresql.target";
environment = lib.mapAttrs (_: value: toString value) cfg.settings;

2
nixos/modules/services/web-servers/keter/default.nix
View File

@ -182,7 +182,7 @@ in
after = [
"network.target"
"local-fs.target"
"postgresql.service"
"postgresql.target"
];
};

2
nixos/tests/coder.nix
View File

@ -14,7 +14,7 @@
testScript = ''
machine.start()
machine.wait_for_unit("postgresql.service")
machine.wait_for_unit("postgresql.target")
machine.wait_for_unit("coder.service")
machine.wait_for_open_port(3000)

2
nixos/tests/davis.nix
View File

@ -55,7 +55,7 @@
testScript = ''
start_all()
machine1.wait_for_unit("postgresql.service")
machine1.wait_for_unit("postgresql.target")
machine1.wait_for_unit("davis-env-setup.service")
machine1.wait_for_unit("davis-db-migrate.service")
machine1.wait_for_unit("phpfpm-davis.service")

Some files were not shown because too many files have changed in this diff Show More