wip: postgres

2024-03-25 13:57:07 +01:00 · 2024-03-25 13:57:07 +01:00 · 9ea61adb45
commit 9ea61adb45
parent eea276d643
2 changed files with 57 additions and 0 deletions
--- a/checks/postgres/default.nix
+++ b/checks/postgres/default.nix
@ -0,0 +1,17 @@
+(import ../lib/container-test.nix) (
+  { pkgs, ... }:
+  {
+    name = "secrets";
+
+    nodes.machine =
+      { self, ... }:
+      {
+        imports = [ self.clanModules.postgres ];
+      };
+    testScript = ''
+      start_all()
+      machine.wait_for_unit("postgres")
+      machine.succeed("${pkgs.netcat}/bin/nc -z -v ::1 5432")
+    '';
+  }
+)
--- a/clanModules/postgresql.nix
+++ b/clanModules/postgresql.nix
@ -0,0 +1,40 @@
+{
+  lib,
+  config,
+  pkgs,
+  ...
+}:
+{
+  services.postgresql.enable = true;
+  services.postgresqlBackup = {
+    enable = lib.mkDefault true;
+    startAt = lib.mkDefault [ ]; # we will start this as part of the backup
+    compression = "zstd";
+  };
+  clanCore.state.postgres.folders = [ "/var/backup/postgresql" ];
+
+  assertions = [
+    ({
+      assertion = config.postgresqlBackup.databases == [ ];
+      message = "We currently do not support backing up specific databases. Please set postgresqlBackup.databases to an empty list. Or disable services.postgresqlBackup.enable";
+    })
+  ];
+
+  clanCore.state.postgres.postRestoreScript = ''
+    for dump in /var/backup/postgresql/all*; do
+      case "$dump" in
+        *.gz) decompressionCmd="${pkgs.gzip}/bin/gzip -d -${toString config.services.postgresqlBackup.compressionLevel}" ;;
+        *.zst) decompressionCmd="${pkgs.zstd}/bin/zstd -d -${toString config.services.postgresqlBackup.compressionLevel}" ;;
+        *) decompressionCmd="cat" ;;
+      esac
+      $decompressionCmd $dump | psql template1
+      break
+    done
+  '';
+
+  services.borgbackup.jobs.${config.networking.hostName} = {
+    preHook = ''
+      ${pkgs.systemd}/bin/systemctl start postgresqlBackup
+    '';
+  };
+}