nixos/postgresql: improve the assertions for equality of DB user and DB name

It is hard to figure out which one is offending without the database name.
2024-09-11 07:15:54 +03:00 · 2023-11-13 17:11:06 +01:00 · 2023-11-13 17:11:06 +01:00 · d57926c0b6
commit d57926c0b6
parent 12797a6a39
1 changed files with 9 additions and 12 deletions
--- a/nixos/modules/services/databases/postgresql.nix
+++ b/nixos/modules/services/databases/postgresql.nix
@ -455,19 +455,16 @@ in

  config = mkIf cfg.enable {

-    assertions = [
-      {
-        assertion = all
-          ({ name, ensureDBOwnership, ... }: ensureDBOwnership -> builtins.elem name cfg.ensureDatabases)
-          cfg.ensureUsers;
-        message = ''
-          For each database user defined with `services.postgresql.ensureUsers` and
-          `ensureDBOwnership = true;`, a database with the same name must be defined
-          in `services.postgresql.ensureDatabases`.
-        '';
-      }
-    ];
+    assertions = map ({ name, ensureDBOwnership, ... }: {
+      assertion = ensureDBOwnership -> builtins.elem name cfg.ensureDatabases;
+      message = ''
+        For each database user defined with `services.postgresql.ensureUsers` and
+        `ensureDBOwnership = true;`, a database with the same name must be defined
+        in `services.postgresql.ensureDatabases`.

+        Offender: ${name} has not been found among databases.
+      '';
+    }) cfg.ensureUsers;
    # `ensurePermissions` is now deprecated, let's avoid it.
    warnings = lib.optional (any ({ ensurePermissions, ... }: ensurePermissions != {}) cfg.ensureUsers) "
      `services.postgresql.*.ensurePermissions` is used in your expressions,