dump-dvb/nix-config
dump-dvb/nix-config
3
0
Fork 0
mirror of https://github.com/dump-dvb/nix-config.git synced 2024-06-08 09:14:11 +02:00
Code Issues Projects Releases Wiki Activity

renaming database

Browse Source
This commit is contained in:
Tassilo - 2023-03-05 14:12:50 +01:00
parent 629ce42a0a
commit cdd21b6b27
Signed by: revol-xut
GPG Key ID: 4F56FF7759627D07
4 changed files with 16 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
modules/data-hoarder/data-accumulator.nix
View File

@ -8,8 +8,8 @@
host = "127.0.0.1";
port = config.services.postgresql.port;
passwordFile = config.sops.secrets.postgres_password.path;
user = "dvbdump";
database = "dvbdump";
user = "tlms";
database = "tlms";
};
GRPC = [
{

6
modules/data-hoarder/datacare.nix
View File

@ -6,13 +6,13 @@
database = {
host = "127.0.0.1";
port = config.services.postgresql.port;
user = "dvbdump";
database = "dvbdump";
user = "tlms";
database = "tlms";
passwordFile = config.sops.secrets.postgres_password.path;
};
saltFile = config.sops.secrets.postgres_password_hash_salt.path;
user = "datacare";
group = config.users.groups.postgres-dvbdump.name;
group = config.users.groups.postgres-tlms.name;
};
systemd.services."datacare" = {
after = [ "postgresql.service" ];

14
modules/data-hoarder/postgres.nix
View File

@ -4,15 +4,15 @@
enable = true;
port = 5432;
package = pkgs.postgresql_14;
ensureDatabases = [ "dvbdump" ];
ensureDatabases = [ "tlms" ];
ensureUsers = [
{
name = "grafana";
}
{
name = "dvbdump";
name = "tlms";
ensurePermissions = {
"DATABASE dvbdump" = "ALL PRIVILEGES";
"DATABASE tlms" = "ALL PRIVILEGES";
};
}
];
@ -29,13 +29,13 @@
};
postStart = lib.mkAfter ''
# TODO: make shure grafana can't read tokens...
$PSQL -c "GRANT CONNECT ON DATABASE dvbdump TO grafana;"
$PSQL -c "GRANT CONNECT ON DATABASE tlms TO grafana;"
$PSQL -c "GRANT SELECT ON ALL TABLES IN SCHEMA public TO grafana";
$PSQL -c "ALTER ROLE dvbdump WITH PASSWORD '$(cat ${config.sops.secrets.postgres_password.path})';"
$PSQL -c "ALTER ROLE tlms WITH PASSWORD '$(cat ${config.sops.secrets.postgres_password.path})';"
$PSQL -c "ALTER ROLE grafana WITH PASSWORD '$(cat ${config.sops.secrets.postgres_password_grafana.path})';"
export DATABASE_URL=postgres:///dvbdump
export DATABASE_URL=postgres:///tlms
${inputs.tlms-rs.packages.x86_64-linux.run-migration}/bin/run-migration
unset DATABASE_URL
'';
@ -51,7 +51,7 @@
OUT_FOLDER=/var/lib/pub-files/postgres-dumps/$(date -d"$(date) - 1 day" +"%Y-%m")
CSV_FILENAME=$(date -d"$(date) - 1 day" +"%Y-%m-%d").csv
psql -d dvbdump -c "COPY (SELECT id, to_char(time::timestamp at time zone 'UTC', 'YYYY-MM-DD"T"HH24:MI:SS') time, station, telegram_type, delay, reporting_point, junction, direction, request_status, priority, direction_request, line, run_number, destination_number, train_length, vehicle_number, operator, region FROM r09_telegrams WHERE time::date = current_date - 1 ORDER by time ASC) TO '$TMPFILE' DELIMITER ',' HEADER CSV;"
psql -d tlms -c "COPY (SELECT id, to_char(time::timestamp at time zone 'UTC', 'YYYY-MM-DD"T"HH24:MI:SS') time, station, telegram_type, delay, reporting_point, junction, direction, request_status, priority, direction_request, line, run_number, destination_number, train_length, vehicle_number, operator, region FROM r09_telegrams WHERE time::date = current_date - 1 ORDER by time ASC) TO '$TMPFILE' DELIMITER ',' HEADER CSV;"
mkdir -p $OUT_FOLDER
chmod a+xr $OUT_FOLDER

8
modules/data-hoarder/secrets.nix
View File

@ -8,8 +8,8 @@ in
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
users.groups = {
postgres-dvbdump = {
name = "postgres-dvbdump";
postgres-tlms = {
name = "postgres-tlms";
members = [ datacare-user data-accumulator-user trekkie-user "postgres" ];
};
@ -35,11 +35,11 @@ in
mode = "0440";
};
postgres_password = {
group = config.users.groups.postgres-dvbdump.name;
group = config.users.groups.postgres-tlms.name;
mode = "0440";
};
postgres_password_grafana = {
group = config.users.groups.postgres-dvbdump.name;
group = config.users.groups.postgres-tlms.name;
mode = "0440";
};