From 9f00d8a38e5268b4799a32ce94f575e404021452 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 29 Jul 2021 12:05:51 +0200 Subject: [PATCH 1/5] modules: services: add postgresql Enable the service itself in other modules when needed, but pin the package in a single place. --- modules/services/default.nix | 1 + modules/services/drone.nix | 1 + modules/services/matrix.nix | 1 - modules/services/postgresql.nix | 18 ++++++++++++++++++ 4 files changed, 20 insertions(+), 1 deletion(-) create mode 100644 modules/services/postgresql.nix diff --git a/modules/services/default.nix b/modules/services/default.nix index a0f11fd..29ae034 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -20,6 +20,7 @@ ./pirate.nix ./podgrab.nix ./postgresql-backup.nix + ./postgresql.nix ./quassel.nix ./rss-bridge.nix ./sabnzbd.nix diff --git a/modules/services/drone.nix b/modules/services/drone.nix index 50119ac..b1e80ea 100644 --- a/modules/services/drone.nix +++ b/modules/services/drone.nix @@ -81,6 +81,7 @@ in users.groups.drone = { }; services.postgresql = { + enable = true; ensureDatabases = [ "drone" ]; ensureUsers = [{ name = "drone"; diff --git a/modules/services/matrix.nix b/modules/services/matrix.nix index 8f8c82e..5d81448 100644 --- a/modules/services/matrix.nix +++ b/modules/services/matrix.nix @@ -63,7 +63,6 @@ in config = lib.mkIf cfg.enable { services.postgresql = { enable = true; - package = pkgs.postgresql_12; initialScript = pkgs.writeText "synapse-init.sql" '' CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse'; CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" diff --git a/modules/services/postgresql.nix b/modules/services/postgresql.nix new file mode 100644 index 0000000..8da9ab7 --- /dev/null +++ b/modules/services/postgresql.nix @@ -0,0 +1,18 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.services.postgresql; +in +{ + options.my.services.postgresql = with lib; { + enable = my.mkDisableOption "postgres configuration"; + }; + + config = lib.mkMerge [ + # Let other services enable postgres when they need it + (lib.mkIf cfg.enable { + services.postgresql = { + package = pkgs.postgresql_12; + }; + }) + ]; +} From bbb1231ad30fb292e4958ebd00bc081496f056a7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 29 Jul 2021 12:44:42 +0200 Subject: [PATCH 2/5] modules: services: postgres: add migration script The process to upgrade is: * Make sure the version number of the script is one major version over the service version. * Activate the script, rebuild configuration. * Run `upgrade-pg-cluster` as `root`. One can give arguments like `--link` or `--jobs 4` to speedup the process. See documentation for some details. * Change package to new version once the upgrade is finished, rebuild configuration. * Optionally, `ANALYZE` the new database. --- modules/services/postgresql.nix | 43 +++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/modules/services/postgresql.nix b/modules/services/postgresql.nix index 8da9ab7..3c06098 100644 --- a/modules/services/postgresql.nix +++ b/modules/services/postgresql.nix @@ -5,6 +5,9 @@ in { options.my.services.postgresql = with lib; { enable = my.mkDisableOption "postgres configuration"; + + # Transient option to be enabled for migrations + upgradeScript = mkEnableOption "postgres upgrade script"; }; config = lib.mkMerge [ @@ -14,5 +17,45 @@ in package = pkgs.postgresql_12; }; }) + + # Taken from the manual + (lib.mkIf cfg.upgradeScript { + containers.temp-pg.config.services.postgresql = { + enable = true; + package = pkgs.postgresql_13; + }; + + environment.systemPackages = + let + newpg = config.containers.temp-pg.config.services.postgresql; + in + [ + (pkgs.writeScriptBin "upgrade-pg-cluster" '' + #!/usr/bin/env bash + + set -x + export OLDDATA="${config.services.postgresql.dataDir}" + export NEWDATA="${newpg.dataDir}" + export OLDBIN="${config.services.postgresql.package}/bin" + export NEWBIN="${newpg.package}/bin" + + if [ "$OLDDATA" -ef "$NEWDATA" ]; then + echo "Cannot migrate to same data directory" >&2 + exit 1 + fi + + install -d -m 0700 -o postgres -g postgres "$NEWDATA" + cd "$NEWDATA" + sudo -u postgres $NEWBIN/initdb -D "$NEWDATA" + + systemctl stop postgresql # old one + + sudo -u postgres $NEWBIN/pg_upgrade \ + --old-datadir "$OLDDATA" --new-datadir "$NEWDATA" \ + --old-bindir $OLDBIN --new-bindir $NEWBIN \ + "$@" + '') + ]; + }) ]; } From c3203877464eb80f3514e412acc934bd67eeb3d2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 29 Jul 2021 13:03:10 +0200 Subject: [PATCH 3/5] modules: services: postgres: upgrade version --- modules/services/postgresql.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/services/postgresql.nix b/modules/services/postgresql.nix index 3c06098..6f51f3e 100644 --- a/modules/services/postgresql.nix +++ b/modules/services/postgresql.nix @@ -14,7 +14,7 @@ in # Let other services enable postgres when they need it (lib.mkIf cfg.enable { services.postgresql = { - package = pkgs.postgresql_12; + package = pkgs.postgresql_13; }; }) From afb683f1cf644c408cc3cd6554991cc15c875bf6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 29 Jul 2021 13:17:42 +0200 Subject: [PATCH 4/5] flake: bump inputs And update package names for grafana dashboards to avoid breaking the config. --- flake.lock | 18 +++++++++--------- modules/services/monitoring.nix | 2 +- modules/services/nginx.nix | 2 +- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/flake.lock b/flake.lock index 075d5a4..92fe63d 100644 --- a/flake.lock +++ b/flake.lock @@ -23,11 +23,11 @@ ] }, "locked": { - "lastModified": 1626073055, - "narHash": "sha256-vocByfpVu6m9zvtJugDvmd6/9iT2HJuG4tmDICKd0lI=", + "lastModified": 1627501942, + "narHash": "sha256-rG2PUTgzmXvf/fSDCWKhlRwZjZs1/0TySC5eYHVJrmg=", "owner": "nix-community", "repo": "home-manager", - "rev": "775cb20bd4af7781fbf336fb201df02ee3d544bb", + "rev": "2272fc312d5dc477e70816d94e550d08729b307b", "type": "github" }, "original": { @@ -39,11 +39,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1626046891, - "narHash": "sha256-Zt8saH+hAehXskW0iFAzk+iMillYoFBxvLReYNqGT9E=", + "lastModified": 1627391865, + "narHash": "sha256-tPoWBO9Nzu3wuX37WcnctzL6LoDCErJLnfLGqqmXCm4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d8f8f31af9d77a48220e4e8a301d1e79774cb7d2", + "rev": "8ecc61c91a596df7d3293603a9c2384190c1b89a", "type": "github" }, "original": { @@ -55,11 +55,11 @@ }, "nur": { "locked": { - "lastModified": 1626192709, - "narHash": "sha256-REQ9ByMk4crAX37e8YDZOBl9Kxn+nTfnnLwwxczcoP0=", + "lastModified": 1627534577, + "narHash": "sha256-cGVIlBkZZA9VvhXRRrWsTpkesJ/bSlGSPYPxafQVjSU=", "owner": "nix-community", "repo": "NUR", - "rev": "564ec91b61dab796f1af44502ff3a9c124f4d6da", + "rev": "0e1a91ef1d0460adfb5c669a9c0114f46e67956c", "type": "github" }, "original": { diff --git a/modules/services/monitoring.nix b/modules/services/monitoring.nix index f76337a..a86e2ce 100644 --- a/modules/services/monitoring.nix +++ b/modules/services/monitoring.nix @@ -78,7 +78,7 @@ in dashboards = [ { name = "Node Exporter"; - options.path = pkgs.nur.repos.alarsyo.grafana-dashboards.node-exporter; + options.path = pkgs.nur.repos.alarsyo.grafanaDashboards.node-exporter; disableDeletion = true; } ]; diff --git a/modules/services/nginx.nix b/modules/services/nginx.nix index b5d49c1..ac70c48 100644 --- a/modules/services/nginx.nix +++ b/modules/services/nginx.nix @@ -44,7 +44,7 @@ services.grafana.provision.dashboards = [ { name = "NGINX"; - options.path = pkgs.nur.repos.alarsyo.grafana-dashboards.nginx; + options.path = pkgs.nur.repos.alarsyo.grafanaDashboards.nginx; disableDeletion = true; } ]; From e215f7aa1d5b8ebc79a2bdcbafe5b55b33aa00d1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 29 Jul 2021 13:14:55 +0200 Subject: [PATCH 5/5] modules: services: nextcloud: upgrade version --- modules/services/nextcloud.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/services/nextcloud.nix b/modules/services/nextcloud.nix index d52e32a..eb2e14e 100644 --- a/modules/services/nextcloud.nix +++ b/modules/services/nextcloud.nix @@ -30,7 +30,7 @@ in config = lib.mkIf cfg.enable { services.nextcloud = { enable = true; - package = pkgs.nextcloud21; + package = pkgs.nextcloud22; hostName = nextcloudDomain; home = "/var/lib/nextcloud"; maxUploadSize = cfg.maxSize;