fort-nix/nix-bitcoin
1
1
Fork 0
mirror of https://github.com/fort-nix/nix-bitcoin.git synced 2024-11-22 13:14:15 +03:00
Code Issues Packages Projects Releases Wiki Activity

btcpayserver: fix PostgreSQL 15 user permissions

Browse Source 
Since PostgreSQL 15, DB users need to be DB owners to be able to create tables.

We can't use the new `ensureDBOwnerhip` NixOS option [1] to set this up,
because it requires the PostgreSQL user name and the database name to be
identical, which is not the case for btcpayserver.

Instead, we manually issue a PostgreSQL admin statement similar to the one
used by `ensureDBOwnerhip`.

This method of setting up the user is also compatible with older
PostgreSQL versions that come with older NixOS `system.stateVersion`s.

[1] https://github.com/NixOS/nixpkgs/pull/266270
This commit is contained in:
Erik Arvstedt 2023-12-02 23:26:51 +01:00
parent 9efcdaf8bb
commit 770a4354b4
No known key found for this signature in database
GPG Key ID: 33312B944DD97846
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
modules/btcpayserver.nix
View File

@ -138,16 +138,16 @@ in {
enable = true;
ensureDatabases = [ "btcpaydb" "nbxplorer" ];
ensureUsers = [
{
name = cfg.btcpayserver.user;
ensurePermissions."DATABASE btcpaydb" = "ALL PRIVILEGES";
}
{
name = cfg.nbxplorer.user;
ensurePermissions."DATABASE nbxplorer" = "ALL PRIVILEGES";
}
{ name = cfg.btcpayserver.user; }
{ name = cfg.nbxplorer.user; }
];
};
systemd.services.postgresql.postStart = lib.mkAfter ''
$PSQL -tAc '
ALTER DATABASE "btcpaydb" OWNER TO "${cfg.btcpayserver.user}";
ALTER DATABASE "nbxplorer" OWNER TO "${cfg.nbxplorer.user}";
'
'';
systemd.tmpfiles.rules = [
"d '${cfg.nbxplorer.dataDir}' 0770 ${cfg.nbxplorer.user} ${cfg.nbxplorer.group} - -"