Merge pull request #13 from tlm-solutions/fuck-database

2024-06-28 09:42:26 +02:00 · 2023-03-05 15:06:25 +01:00 · 2023-03-05 15:06:25 +01:00 · b11b0153f9
commit b11b0153f9
parent 629ce42a0a 2d1b5e731b
5 changed files with 22 additions and 22 deletions
--- a/flake.lock
+++ b/flake.lock
@ -11,11 +11,11 @@
        "utils": "utils"
      },
      "locked": {
-        "lastModified": 1677980571,
-        "narHash": "sha256-hVZQgRAJKFPmQFEUqq2n74olh2yQTge1+DhrvMk/4MY=",
+        "lastModified": 1678022411,
+        "narHash": "sha256-k+Ib2Srt8XwspHgs1lfZsswv8cARdUOzE1xjTWUxvtI=",
        "owner": "tlm-solutions",
        "repo": "data-accumulator",
-        "rev": "693d000b4011c7d90f51893b76afd803706aa6ba",
+        "rev": "5a9917004286ef7b6b3f8af0b515311901ae1b62",
        "type": "github"
      },
      "original": {
@ -38,11 +38,11 @@
        "utils": "utils_2"
      },
      "locked": {
-        "lastModified": 1677986236,
-        "narHash": "sha256-R5dGTNNVPvh4W+oFzLqE03OfSRziuzFVhT+uZzJ575Q=",
+        "lastModified": 1678024875,
+        "narHash": "sha256-35bsl5PdR6R8y4A7N5DDOqk5CCdH4wMBaf7nTvBx6FE=",
        "owner": "tlm-solutions",
        "repo": "datacare",
-        "rev": "b0d750553514ab1e56717a6ac8314ef65e46cc6f",
+        "rev": "0acf987a56f99f79d82e5a15458d6cbd720d0e25",
        "type": "github"
      },
      "original": {
--- a/modules/data-hoarder/data-accumulator.nix
+++ b/modules/data-hoarder/data-accumulator.nix
@ -8,8 +8,8 @@
      host = "127.0.0.1";
      port = config.services.postgresql.port;
      passwordFile = config.sops.secrets.postgres_password.path;
-      user = "dvbdump";
-      database = "dvbdump";
+      user = "tlms";
+      database = "tlms";
    };
    GRPC = [
      {
--- a/modules/data-hoarder/datacare.nix
+++ b/modules/data-hoarder/datacare.nix
@ -6,13 +6,13 @@
    database = {
      host = "127.0.0.1";
      port = config.services.postgresql.port;
-      user = "dvbdump";
-      database = "dvbdump";
+      user = "tlms";
+      database = "tlms";
      passwordFile = config.sops.secrets.postgres_password.path;
    };
    saltFile = config.sops.secrets.postgres_password_hash_salt.path;
    user = "datacare";
-    group = config.users.groups.postgres-dvbdump.name;
+    group = config.users.groups.postgres-tlms.name;
  };
  systemd.services."datacare" = {
    after = [ "postgresql.service" ];
--- a/modules/data-hoarder/postgres.nix
+++ b/modules/data-hoarder/postgres.nix
@ -4,15 +4,15 @@
    enable = true;
    port = 5432;
    package = pkgs.postgresql_14;
-    ensureDatabases = [ "dvbdump" ];
+    ensureDatabases = [ "tlms" ];
    ensureUsers = [
      {
        name = "grafana";
      }
      {
-        name = "dvbdump";
+        name = "tlms";
        ensurePermissions = {
-          "DATABASE dvbdump" = "ALL PRIVILEGES";
+          "DATABASE tlms" = "ALL PRIVILEGES";
        };
      }
    ];
@ -29,13 +29,13 @@
    };
    postStart = lib.mkAfter ''
      # TODO: make shure grafana can't read tokens...
-      $PSQL -c "GRANT CONNECT ON DATABASE dvbdump TO grafana;"
+      $PSQL -c "GRANT CONNECT ON DATABASE tlms TO grafana;"
      $PSQL -c "GRANT SELECT ON ALL TABLES IN SCHEMA public TO grafana";

-      $PSQL -c "ALTER ROLE dvbdump WITH PASSWORD '$(cat ${config.sops.secrets.postgres_password.path})';"
+      $PSQL -c "ALTER ROLE tlms WITH PASSWORD '$(cat ${config.sops.secrets.postgres_password.path})';"
      $PSQL -c "ALTER ROLE grafana WITH PASSWORD '$(cat ${config.sops.secrets.postgres_password_grafana.path})';"

-      export DATABASE_URL=postgres:///dvbdump
+      export DATABASE_URL=postgres:///tlms
      ${inputs.tlms-rs.packages.x86_64-linux.run-migration}/bin/run-migration
      unset DATABASE_URL
    '';
@ -51,7 +51,7 @@
      OUT_FOLDER=/var/lib/pub-files/postgres-dumps/$(date -d"$(date) - 1 day" +"%Y-%m")
      CSV_FILENAME=$(date -d"$(date) - 1 day" +"%Y-%m-%d").csv

-      psql -d dvbdump -c "COPY (SELECT id, to_char(time::timestamp at time zone 'UTC', 'YYYY-MM-DD"T"HH24:MI:SS') time, station, telegram_type, delay, reporting_point, junction, direction, request_status, priority, direction_request, line, run_number, destination_number, train_length, vehicle_number, operator, region FROM r09_telegrams WHERE time::date = current_date - 1 ORDER by time ASC) TO '$TMPFILE' DELIMITER ',' HEADER CSV;"
+      psql -d tlms -c "COPY (SELECT id, to_char(time::timestamp at time zone 'UTC', 'YYYY-MM-DD"T"HH24:MI:SS') time, station, telegram_type, delay, reporting_point, junction, direction, request_status, priority, direction_request, line, run_number, destination_number, train_length, vehicle_number, operator, region FROM r09_telegrams WHERE time::date = current_date - 1 ORDER by time ASC) TO '$TMPFILE' DELIMITER ',' HEADER CSV;"

      mkdir -p $OUT_FOLDER
      chmod a+xr $OUT_FOLDER
--- a/modules/data-hoarder/secrets.nix
+++ b/modules/data-hoarder/secrets.nix
@ -8,8 +8,8 @@ in
  sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];

  users.groups = {
-    postgres-dvbdump = {
-      name = "postgres-dvbdump";
+    postgres-tlms  = {
+      name = "postgres-tlms";
      members = [ datacare-user data-accumulator-user trekkie-user "postgres" ];
    };

@ -35,11 +35,11 @@ in
      mode = "0440";
    };
    postgres_password = {
-      group = config.users.groups.postgres-dvbdump.name;
+      group = config.users.groups.postgres-tlms.name;
      mode = "0440";
    };
    postgres_password_grafana = {
-      group = config.users.groups.postgres-dvbdump.name;
+      group = config.users.groups.postgres-tlms.name;
      mode = "0440";
    };