mirror of
https://github.com/dump-dvb/nix-config.git
synced 2024-06-28 09:42:26 +02:00
Merge pull request #13 from tlm-solutions/fuck-database
This commit is contained in:
commit
b11b0153f9
12
flake.lock
12
flake.lock
|
@ -11,11 +11,11 @@
|
|||
"utils": "utils"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1677980571,
|
||||
"narHash": "sha256-hVZQgRAJKFPmQFEUqq2n74olh2yQTge1+DhrvMk/4MY=",
|
||||
"lastModified": 1678022411,
|
||||
"narHash": "sha256-k+Ib2Srt8XwspHgs1lfZsswv8cARdUOzE1xjTWUxvtI=",
|
||||
"owner": "tlm-solutions",
|
||||
"repo": "data-accumulator",
|
||||
"rev": "693d000b4011c7d90f51893b76afd803706aa6ba",
|
||||
"rev": "5a9917004286ef7b6b3f8af0b515311901ae1b62",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -38,11 +38,11 @@
|
|||
"utils": "utils_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1677986236,
|
||||
"narHash": "sha256-R5dGTNNVPvh4W+oFzLqE03OfSRziuzFVhT+uZzJ575Q=",
|
||||
"lastModified": 1678024875,
|
||||
"narHash": "sha256-35bsl5PdR6R8y4A7N5DDOqk5CCdH4wMBaf7nTvBx6FE=",
|
||||
"owner": "tlm-solutions",
|
||||
"repo": "datacare",
|
||||
"rev": "b0d750553514ab1e56717a6ac8314ef65e46cc6f",
|
||||
"rev": "0acf987a56f99f79d82e5a15458d6cbd720d0e25",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
@ -8,8 +8,8 @@
|
|||
host = "127.0.0.1";
|
||||
port = config.services.postgresql.port;
|
||||
passwordFile = config.sops.secrets.postgres_password.path;
|
||||
user = "dvbdump";
|
||||
database = "dvbdump";
|
||||
user = "tlms";
|
||||
database = "tlms";
|
||||
};
|
||||
GRPC = [
|
||||
{
|
||||
|
|
|
@ -6,13 +6,13 @@
|
|||
database = {
|
||||
host = "127.0.0.1";
|
||||
port = config.services.postgresql.port;
|
||||
user = "dvbdump";
|
||||
database = "dvbdump";
|
||||
user = "tlms";
|
||||
database = "tlms";
|
||||
passwordFile = config.sops.secrets.postgres_password.path;
|
||||
};
|
||||
saltFile = config.sops.secrets.postgres_password_hash_salt.path;
|
||||
user = "datacare";
|
||||
group = config.users.groups.postgres-dvbdump.name;
|
||||
group = config.users.groups.postgres-tlms.name;
|
||||
};
|
||||
systemd.services."datacare" = {
|
||||
after = [ "postgresql.service" ];
|
||||
|
|
|
@ -4,15 +4,15 @@
|
|||
enable = true;
|
||||
port = 5432;
|
||||
package = pkgs.postgresql_14;
|
||||
ensureDatabases = [ "dvbdump" ];
|
||||
ensureDatabases = [ "tlms" ];
|
||||
ensureUsers = [
|
||||
{
|
||||
name = "grafana";
|
||||
}
|
||||
{
|
||||
name = "dvbdump";
|
||||
name = "tlms";
|
||||
ensurePermissions = {
|
||||
"DATABASE dvbdump" = "ALL PRIVILEGES";
|
||||
"DATABASE tlms" = "ALL PRIVILEGES";
|
||||
};
|
||||
}
|
||||
];
|
||||
|
@ -29,13 +29,13 @@
|
|||
};
|
||||
postStart = lib.mkAfter ''
|
||||
# TODO: make shure grafana can't read tokens...
|
||||
$PSQL -c "GRANT CONNECT ON DATABASE dvbdump TO grafana;"
|
||||
$PSQL -c "GRANT CONNECT ON DATABASE tlms TO grafana;"
|
||||
$PSQL -c "GRANT SELECT ON ALL TABLES IN SCHEMA public TO grafana";
|
||||
|
||||
$PSQL -c "ALTER ROLE dvbdump WITH PASSWORD '$(cat ${config.sops.secrets.postgres_password.path})';"
|
||||
$PSQL -c "ALTER ROLE tlms WITH PASSWORD '$(cat ${config.sops.secrets.postgres_password.path})';"
|
||||
$PSQL -c "ALTER ROLE grafana WITH PASSWORD '$(cat ${config.sops.secrets.postgres_password_grafana.path})';"
|
||||
|
||||
export DATABASE_URL=postgres:///dvbdump
|
||||
export DATABASE_URL=postgres:///tlms
|
||||
${inputs.tlms-rs.packages.x86_64-linux.run-migration}/bin/run-migration
|
||||
unset DATABASE_URL
|
||||
'';
|
||||
|
@ -51,7 +51,7 @@
|
|||
OUT_FOLDER=/var/lib/pub-files/postgres-dumps/$(date -d"$(date) - 1 day" +"%Y-%m")
|
||||
CSV_FILENAME=$(date -d"$(date) - 1 day" +"%Y-%m-%d").csv
|
||||
|
||||
psql -d dvbdump -c "COPY (SELECT id, to_char(time::timestamp at time zone 'UTC', 'YYYY-MM-DD"T"HH24:MI:SS') time, station, telegram_type, delay, reporting_point, junction, direction, request_status, priority, direction_request, line, run_number, destination_number, train_length, vehicle_number, operator, region FROM r09_telegrams WHERE time::date = current_date - 1 ORDER by time ASC) TO '$TMPFILE' DELIMITER ',' HEADER CSV;"
|
||||
psql -d tlms -c "COPY (SELECT id, to_char(time::timestamp at time zone 'UTC', 'YYYY-MM-DD"T"HH24:MI:SS') time, station, telegram_type, delay, reporting_point, junction, direction, request_status, priority, direction_request, line, run_number, destination_number, train_length, vehicle_number, operator, region FROM r09_telegrams WHERE time::date = current_date - 1 ORDER by time ASC) TO '$TMPFILE' DELIMITER ',' HEADER CSV;"
|
||||
|
||||
mkdir -p $OUT_FOLDER
|
||||
chmod a+xr $OUT_FOLDER
|
||||
|
|
|
@ -8,8 +8,8 @@ in
|
|||
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
||||
|
||||
users.groups = {
|
||||
postgres-dvbdump = {
|
||||
name = "postgres-dvbdump";
|
||||
postgres-tlms = {
|
||||
name = "postgres-tlms";
|
||||
members = [ datacare-user data-accumulator-user trekkie-user "postgres" ];
|
||||
};
|
||||
|
||||
|
@ -35,11 +35,11 @@ in
|
|||
mode = "0440";
|
||||
};
|
||||
postgres_password = {
|
||||
group = config.users.groups.postgres-dvbdump.name;
|
||||
group = config.users.groups.postgres-tlms.name;
|
||||
mode = "0440";
|
||||
};
|
||||
postgres_password_grafana = {
|
||||
group = config.users.groups.postgres-dvbdump.name;
|
||||
group = config.users.groups.postgres-tlms.name;
|
||||
mode = "0440";
|
||||
};
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user