aaha, there is the code I forgot to commit...

2025-09-07 17:30:46 +02:00 · 2025-09-07 17:30:46 +02:00 · 98c9424db5
commit 98c9424db5
parent d3e7de5f5a
3 changed files with 31 additions and 9 deletions
--- a/modules/nixos/services/authentication/zitadel/default.nix
+++ b/modules/nixos/services/authentication/zitadel/default.nix
@ -1,6 +1,6 @@
 { config, lib, pkgs, namespace, ... }:
 let
-  inherit (lib) mkIf mkEnableOption mkForce;
+  inherit (lib) mkIf mkEnableOption;

  cfg = config.${namespace}.services.authentication.zitadel;

@ -13,6 +13,8 @@ in
  };

  config = mkIf cfg.enable {
+    ${namespace}.services.persistance.postgresql.enable = true;
+
    environment.systemPackages = with pkgs; [
      zitadel
    ];
@ -110,13 +112,6 @@ in
            ensureDBOwnership = true;
          }
        ];
-        authentication = mkForce ''
-          # Generated file, do not edit!
-          # TYPE  DATABASE  USER  ADDRESS       METHOD
-          local   all       all                 trust
-          host    all       all   127.0.0.1/32  trust
-          host    all       all   ::1/128       trust
-          '';
      };

      caddy = {
--- a/modules/nixos/services/development/forgejo/default.nix
+++ b/modules/nixos/services/development/forgejo/default.nix
@ -12,6 +12,7 @@ in

  config = mkIf cfg.enable {
    ${namespace}.services.virtualisation.podman.enable = true;
+    ${namespace}.services.persistance.postgresql.enable = true;

    environment.systemPackages = with pkgs; [ forgejo ];

@ -154,7 +155,7 @@ in

            # stupid dumb way to prevent the login page and go to zitadel instead
            # be aware that this does not disable local login at all!
-            rewrite /user/login /user/oauth2/Zitadel
+            # rewrite /user/login /user/oauth2/Zitadel

            reverse_proxy http://127.0.0.1:5002
          '';
--- a/modules/nixos/services/persistance/postgesql/default.nix
+++ b/modules/nixos/services/persistance/postgesql/default.nix
@ -0,0 +1,26 @@
+{ config, lib, pkgs, namespace, ... }:
+let
+  inherit (lib) mkIf mkEnableOption;
+
+  cfg = config.${namespace}.services.peristance.postgresql;
+in
+{
+  options.${namespace}.services.peristance.postgresql = {
+    enable = mkEnableOption "Postgresql";
+  };
+
+  config = mkIf cfg.enable {
+    services = {
+      postgresql = {
+        enable = true;
+        authentication = ''
+          # Generated file, do not edit!
+          # TYPE  DATABASE  USER  ADDRESS       METHOD
+          local   all       all                 trust
+          host    all       all   127.0.0.1/32  trust
+          host    all       all   ::1/128       trust
+        '';
+      };
+    };
+  };
+}