diff options
author | Alyssa Ross <hi@alyssa.is> | 2023-11-19 17:14:52 +0100 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2023-11-19 17:14:52 +0100 |
commit | f4d4283e3992c3f559831b1c030cd1fda6d45f98 (patch) | |
tree | c2cc63060849298d9a8e7a329010bb0fc4abb219 /nixpkgs/nixos/modules/services/web-apps/invidious.nix | |
parent | dac53cd746c10feddd48d4a1981235a653d7d32a (diff) | |
parent | 0ace63bed8f561e4cc5b1c8fa5fee6be61fbcf8b (diff) | |
download | nixlib-f4d4283e3992c3f559831b1c030cd1fda6d45f98.tar nixlib-f4d4283e3992c3f559831b1c030cd1fda6d45f98.tar.gz nixlib-f4d4283e3992c3f559831b1c030cd1fda6d45f98.tar.bz2 nixlib-f4d4283e3992c3f559831b1c030cd1fda6d45f98.tar.lz nixlib-f4d4283e3992c3f559831b1c030cd1fda6d45f98.tar.xz nixlib-f4d4283e3992c3f559831b1c030cd1fda6d45f98.tar.zst nixlib-f4d4283e3992c3f559831b1c030cd1fda6d45f98.zip |
Merge branch 'nixos-unstable-small' of https://github.com/NixOS/nixpkgs into HEAD
Diffstat (limited to 'nixpkgs/nixos/modules/services/web-apps/invidious.nix')
-rw-r--r-- | nixpkgs/nixos/modules/services/web-apps/invidious.nix | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/nixpkgs/nixos/modules/services/web-apps/invidious.nix b/nixpkgs/nixos/modules/services/web-apps/invidious.nix index 5603ef7392e8..e4fbc6fd9368 100644 --- a/nixpkgs/nixos/modules/services/web-apps/invidious.nix +++ b/nixpkgs/nixos/modules/services/web-apps/invidious.nix @@ -109,15 +109,17 @@ let # Default to using the local database if we create it services.invidious.database.host = lib.mkDefault null; + + # TODO(raitobezarius to maintainers of invidious): I strongly advise to clean up the kemal specific + # thing for 24.05 and use `ensureDBOwnership`. + # See https://github.com/NixOS/nixpkgs/issues/216989 + systemd.services.postgresql.postStart = lib.mkAfter '' + $PSQL -tAc 'ALTER DATABASE "${cfg.settings.db.dbname}" OWNER TO "${cfg.settings.db.user}";' + ''; services.postgresql = { enable = true; + ensureUsers = lib.singleton { name = cfg.settings.db.user; ensureDBOwnership = false; }; ensureDatabases = lib.singleton cfg.settings.db.dbname; - ensureUsers = lib.singleton { - name = cfg.settings.db.user; - ensurePermissions = { - "DATABASE ${cfg.settings.db.dbname}" = "ALL PRIVILEGES"; - }; - }; # This is only needed because the unix user invidious isn't the same as # the database user. This tells postgres to map one to the other. identMap = '' @@ -136,6 +138,7 @@ let documentation = [ "https://docs.invidious.io/Database-Information-and-Maintenance.md" ]; startAt = lib.mkDefault "weekly"; path = [ config.services.postgresql.package ]; + after = [ "postgresql.service" ]; script = '' psql ${cfg.settings.db.dbname} ${cfg.settings.db.user} -c "DELETE FROM nonces * WHERE expire < current_timestamp" psql ${cfg.settings.db.dbname} ${cfg.settings.db.user} -c "TRUNCATE TABLE videos" |