mirror of
https://github.com/dump-dvb/nix-config.git
synced 2024-06-15 04:16:57 +02:00
use diesel for database migrations
This commit is contained in:
parent
b793d9e40d
commit
ff8b2650bc
34
flake.lock
34
flake.lock
|
@ -152,6 +152,7 @@
|
|||
"data-accumulator": "data-accumulator",
|
||||
"decode-server": "decode-server",
|
||||
"docs": "docs",
|
||||
"dump-dvb-rs": "dump-dvb-rs",
|
||||
"dvb-api": "dvb-api",
|
||||
"funnel": "funnel",
|
||||
"naersk": "naersk",
|
||||
|
@ -166,11 +167,11 @@
|
|||
"windshield": "windshield"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1662156952,
|
||||
"narHash": "sha256-FTaW9cntSlM40WuY2mc9RNgV63VdSmJA8dvwvsiZjmM=",
|
||||
"lastModified": 1662220283,
|
||||
"narHash": "sha256-0yNA9KQNSnYAPTQ2Vg9oSOx4SVpLGb38swKp+xmiNwM=",
|
||||
"owner": "dump-dvb",
|
||||
"repo": "dump-dvb.nix",
|
||||
"rev": "3617139f10a90c16ca09b7d02ca3346356ce2741",
|
||||
"rev": "4263932413f0644eb7fe01386734c013a4587e94",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -179,6 +180,27 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"dump-dvb-rs": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"dump-dvb",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1662217018,
|
||||
"narHash": "sha256-ehuiNyp0Uc+zRaTVZG+Bo9rhn3px7uTEHh/6Qh9qY8s=",
|
||||
"owner": "dump-dvb",
|
||||
"repo": "dump-dvb.rs",
|
||||
"rev": "e25a510217122e924ca5b5b57b4518735d2ed580",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "dump-dvb",
|
||||
"repo": "dump-dvb.rs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"dump-dvb-rust": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
|
@ -332,11 +354,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1662025319,
|
||||
"narHash": "sha256-ZJlBQ7jXynq4+Jg9+DgOe8FJG8sDIeFFYP3V3K98KUs=",
|
||||
"lastModified": 1662099760,
|
||||
"narHash": "sha256-MdZLCTJPeHi/9fg6R9fiunyDwP3XHJqDd51zWWz9px0=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "b82ccafb54163ab9024e893e578d840577785fea",
|
||||
"rev": "67e45078141102f45eff1589a831aeaa3182b41e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
@ -63,7 +63,7 @@
|
|||
{
|
||||
"traffic-stop-box-${toString id}" = nixpkgs.lib.nixosSystem {
|
||||
system = arch;
|
||||
specialArgs = { inherit inputs; };
|
||||
specialArgs = inputs;
|
||||
modules = [
|
||||
sops-nix.nixosModules.sops
|
||||
dump-dvb.nixosModules.default
|
||||
|
@ -149,7 +149,7 @@
|
|||
nixosConfigurations = stop_boxes // {
|
||||
mobile-box = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
specialArgs = { inherit inputs; };
|
||||
specialArgs = inputs;
|
||||
modules = [
|
||||
diskModule
|
||||
dump-dvb.nixosModules.default
|
||||
|
@ -168,7 +168,7 @@
|
|||
};
|
||||
data-hoarder = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
specialArgs = { inherit inputs; };
|
||||
specialArgs = inputs;
|
||||
modules = [
|
||||
microvm.nixosModules.microvm
|
||||
./hosts/data-hoarder/configuration.nix
|
||||
|
@ -177,7 +177,7 @@
|
|||
};
|
||||
staging-data-hoarder = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
specialArgs = { inherit inputs; };
|
||||
specialArgs = inputs;
|
||||
modules = [
|
||||
./hosts/staging/configuration.nix
|
||||
microvm.nixosModules.microvm
|
||||
|
|
|
@ -1,99 +1,39 @@
|
|||
{ pkgs, config, ... }: {
|
||||
{ lib, pkgs, config, dump-dvb, ... }: {
|
||||
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
port = 5432;
|
||||
package = pkgs.postgresql_14;
|
||||
initialScript = pkgs.writeText "dvbdump-initScript" ''
|
||||
CREATE DATABASE dvbdump;
|
||||
CREATE USER dvbdump;
|
||||
GRANT ALL PRIVILEGES ON DATABASE dvbdump TO dvbdump;
|
||||
ALTER ROLE dvbdump WITH PASSWORD '$(cat ${config.sops.secrets.postgres_password.path})';
|
||||
|
||||
CREATE USER grafana;
|
||||
GRANT CONNECT ON DATABASE telegrams TO grafana;
|
||||
GRANT SELECT ON ALL TABLES IN SCHEMA public TO grafana;
|
||||
ALTER ROLE grafana WITH PASSWORD '$(cat ${config.sops.secrets.postgres_password_grafana.path})';
|
||||
|
||||
\c telegrams
|
||||
create table r09_telegrams (
|
||||
id serial8 primary key not null,
|
||||
time timestamp not null,
|
||||
station UUID not null,
|
||||
region integer not null,
|
||||
telegram_type int8 not null,
|
||||
delay int,
|
||||
reporting_point int not null,
|
||||
junction int not null,
|
||||
direction int2 not null,
|
||||
request_status int2 not null,
|
||||
priority int2,
|
||||
direction_request int2,
|
||||
line int,
|
||||
run_number int,
|
||||
destination_number int,
|
||||
train_length int2,
|
||||
vehicle_number int,
|
||||
operator int2
|
||||
);
|
||||
ALTER TABLE r09_telegrams OWNER TO telegrams;
|
||||
|
||||
create table raw_telegrams (
|
||||
id serial8 primary key not null,
|
||||
time timestamp not null,
|
||||
station UUID not null,
|
||||
region integer not null,
|
||||
telegram_type int8 not null,
|
||||
data bytea not null
|
||||
);
|
||||
ALTER TABLE raw_telegrams OWNER TO telegrams;
|
||||
|
||||
\c dvbdump
|
||||
|
||||
CREATE TABLE users (
|
||||
id UUID PRIMARY KEY,
|
||||
name TEXT NOT NULL,
|
||||
email TEXT NOT NULL,
|
||||
password VARCHAR(100) NOT NULL,
|
||||
role INT NOT NULL,
|
||||
email_setting INT NOT NULL,
|
||||
deactivated BOOL NOT NULL
|
||||
);
|
||||
ALTER TABLE users OWNER TO dvbdump;
|
||||
|
||||
CREATE TABLE regions (
|
||||
id SERIAL PRIMARY KEY,
|
||||
name TEXT NOT NULL,
|
||||
transport_company TEXT NOT NULL,
|
||||
regional_company TEXT,
|
||||
frequency BIGINT,
|
||||
r09_type INT,
|
||||
encoding INT
|
||||
);
|
||||
ALTER TABLE regions OWNER TO dvbdump;
|
||||
|
||||
CREATE TABLE stations (
|
||||
id UUID PRIMARY KEY,
|
||||
token VARCHAR(36),
|
||||
name TEXT NOT NULL,
|
||||
lat DOUBLE PRECISION NOT NULL,
|
||||
lon DOUBLE PRECISION NOT NULL,
|
||||
region SERIAL REFERENCES regions(id) NOT NULL,
|
||||
owner UUID REFERENCES users(id) NOT NULL,
|
||||
approved BOOL NOT NULL,
|
||||
deactivated BOOL NOT NULL,
|
||||
public BOOL NOT NULL,
|
||||
radio INT,
|
||||
architecture INT,
|
||||
device INT,
|
||||
elevation DOUBLE PRECISION,
|
||||
telegram_decoder_version INT[],
|
||||
antenna Int
|
||||
);
|
||||
ALTER TABLE stations OWNER TO dvbdump;
|
||||
'';
|
||||
ensureDatabases = [ "dvbdump" ];
|
||||
ensureUsers = [
|
||||
{
|
||||
name = "grafana";
|
||||
ensurePermissions = {
|
||||
# TODO: make shure grafana can't read tokens...
|
||||
"DATABASE dvbdump" = "CONNECT";
|
||||
"ALL TABLES IN SCHEMA public" = "SELECT";
|
||||
};
|
||||
}
|
||||
{
|
||||
name = "dvbdump";
|
||||
ensurePermissions = {
|
||||
"DATABASE dvbdump" = "ALL PRIVILEGES";
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
environment.systemPackages = [ dump-dvb.packages.x86_64-linux.run-database-migration ];
|
||||
|
||||
systemd.services.postgresql.postStart = lib.mkAfter ''
|
||||
$PSQL -c "ALTER ROLE dvbdump WITH PASSWORD '$(cat ${config.sops.secrets.postgres_password.path})';"
|
||||
$PSQL -c "ALTER ROLE grafana WITH PASSWORD '$(cat ${config.sops.secrets.postgres_password_grafana.path})';"
|
||||
|
||||
export DATABASE_URL=postgres://dvbdump:$(cat ${config.sops.secrets.postgres_password.path})@localhost/dvbdump
|
||||
${dump-dvb.packages.x86_64-linux.run-database-migration}/bin/run-migration
|
||||
unset DATABASE_URL
|
||||
'';
|
||||
|
||||
systemd.services.dump-csv = {
|
||||
path = [ config.services.postgresql.package ];
|
||||
serviceConfig = {
|
||||
|
|
|
@ -9,11 +9,11 @@ in
|
|||
users.groups = {
|
||||
postgres-dvbdump = {
|
||||
name = "postgres-dvbdump";
|
||||
members = [ clicky-bunty-user data-accumulator-user ];
|
||||
members = [ clicky-bunty-user data-accumulator-user "postgres" ];
|
||||
};
|
||||
postgres-telegrams = {
|
||||
name = "postgres-telegrams";
|
||||
members = [ clicky-bunty-user data-accumulator-user ];
|
||||
members = [ clicky-bunty-user data-accumulator-user "postgres" ];
|
||||
};
|
||||
|
||||
};
|
||||
|
|
Loading…
Reference in New Issue
Block a user