From 98c9424db58bf94b9f0ee60a22ed5ba19575d0e5 Mon Sep 17 00:00:00 2001
From: Chris Kruining <chris@kruining.eu>
Date: Sun, 7 Sep 2025 17:30:46 +0200
Subject: [PATCH] aaha, there is the code I forgot to commit...

---
 .../authentication/zitadel/default.nix        | 11 +++-----
 .../services/development/forgejo/default.nix  |  3 ++-
 .../persistance/postgesql/default.nix         | 26 +++++++++++++++++++
 3 files changed, 31 insertions(+), 9 deletions(-)
 create mode 100644 modules/nixos/services/persistance/postgesql/default.nix

diff --git a/modules/nixos/services/authentication/zitadel/default.nix b/modules/nixos/services/authentication/zitadel/default.nix
index a95d849..2f65f6f 100644
--- a/modules/nixos/services/authentication/zitadel/default.nix
+++ b/modules/nixos/services/authentication/zitadel/default.nix
@@ -1,6 +1,6 @@
 { config, lib, pkgs, namespace, ... }:
 let
-  inherit (lib) mkIf mkEnableOption mkForce;
+  inherit (lib) mkIf mkEnableOption;
 
   cfg = config.${namespace}.services.authentication.zitadel;
 
@@ -13,6 +13,8 @@ in
   };
 
   config = mkIf cfg.enable {
+    ${namespace}.services.persistance.postgresql.enable = true;
+
     environment.systemPackages = with pkgs; [
       zitadel
     ];
@@ -110,13 +112,6 @@ in
             ensureDBOwnership = true;
           }
         ];
-        authentication = mkForce ''
-          # Generated file, do not edit!
-          # TYPE  DATABASE  USER  ADDRESS       METHOD
-          local   all       all                 trust
-          host    all       all   127.0.0.1/32  trust
-          host    all       all   ::1/128       trust
-          '';
       };
 
       caddy = {
diff --git a/modules/nixos/services/development/forgejo/default.nix b/modules/nixos/services/development/forgejo/default.nix
index d7f170e..5c7d7aa 100644
--- a/modules/nixos/services/development/forgejo/default.nix
+++ b/modules/nixos/services/development/forgejo/default.nix
@@ -12,6 +12,7 @@ in
 
   config = mkIf cfg.enable {
     ${namespace}.services.virtualisation.podman.enable = true;
+    ${namespace}.services.persistance.postgresql.enable = true;
 
     environment.systemPackages = with pkgs; [ forgejo ];
 
@@ -154,7 +155,7 @@ in
 
             # stupid dumb way to prevent the login page and go to zitadel instead
             # be aware that this does not disable local login at all!
-            rewrite /user/login /user/oauth2/Zitadel
+            # rewrite /user/login /user/oauth2/Zitadel
 
             reverse_proxy http://127.0.0.1:5002
           '';
diff --git a/modules/nixos/services/persistance/postgesql/default.nix b/modules/nixos/services/persistance/postgesql/default.nix
new file mode 100644
index 0000000..ce198a8
--- /dev/null
+++ b/modules/nixos/services/persistance/postgesql/default.nix
@@ -0,0 +1,26 @@
+{ config, lib, pkgs, namespace, ... }:
+let
+  inherit (lib) mkIf mkEnableOption;
+
+  cfg = config.${namespace}.services.peristance.postgresql;
+in
+{
+  options.${namespace}.services.peristance.postgresql = {
+    enable = mkEnableOption "Postgresql";
+  };
+
+  config = mkIf cfg.enable {
+    services = {
+      postgresql = {
+        enable = true;
+        authentication = ''
+          # Generated file, do not edit!
+          # TYPE  DATABASE  USER  ADDRESS       METHOD
+          local   all       all                 trust
+          host    all       all   127.0.0.1/32  trust
+          host    all       all   ::1/128       trust
+        '';
+      };
+    };
+  };
+}