diff options
| author | Martin Baulig <martin@baulig.is> | 2023-07-17 18:13:42 -0400 |
|---|---|---|
| committer | Ludovic Courtès <ludo@gnu.org> | 2023-08-16 22:37:52 +0200 |
| commit | 9dda7479755ba709bb9bb96614ea09ded566b6d3 (patch) | |
| tree | beccb04856990cbbe79be72288a18d169b74a97d /gnu/services | |
| parent | fce924708c31c09a1b438ae7e8b83d39c492be9a (diff) | |
| download | guix-9dda7479755ba709bb9bb96614ea09ded566b6d3.tar.gz | |
services: posgresql: Add option to specify UID/GID for postgres user.
Add 'createAccount?', 'uid' and 'gid' to <postgresql-configuation>. Unlike other system daemons, the PostgreSQL data directory is typically meant to persist across 'guix system reconfigure' and once created, you don't want it's UID or GID to change anymore. Furthermore, if you want to place the data directory on a network share and use NFSv4 with idmap, then the 'postgres' user must exist when the 'rpc.idmapd' daemon is launched; prior to mounting the share. And it needs to be possible to mount the share without configuring PostgreSQL. With NFSv3, the UID and GID typically needs to match those on the server. The added options allow for both of these scenarios: You can either create the user in (operating-system (users)) completely independently of the 'postgresql-service-type' (for instance to get your NFS setup working first prior to configuring your databases) - or "pin" it's UID / GID values. * gnu/services/databases.scm (<postgresql-configuration>)[create-account?] [uid, gid]: New fields. (%postgresql-accounts): Remove. (create-postgresql-account): New procedure. (postgresql-service-type)[extensions]: Use it. * doc/guix.texi (Database Services): Update accordingly. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Diffstat (limited to 'gnu/services')
| -rw-r--r-- | gnu/services/databases.scm | 37 |
1 files changed, 25 insertions, 12 deletions
diff --git a/gnu/services/databases.scm b/gnu/services/databases.scm index 7148971c1d..d3fee2a8ef 100644 --- a/gnu/services/databases.scm +++ b/gnu/services/databases.scm @@ -180,17 +180,30 @@ host all all ::1/128 md5")) (data-directory postgresql-configuration-data-directory (default "/var/lib/postgresql/data")) (extension-packages postgresql-configuration-extension-packages - (default '()))) - -(define %postgresql-accounts - (list (user-group (name "postgres") (system? #t)) - (user-account - (name "postgres") - (group "postgres") - (system? #t) - (comment "PostgreSQL server user") - (home-directory "/var/empty") - (shell (file-append shadow "/sbin/nologin"))))) + (default '())) + (create-account? postgresql-configuration-create-account? + (default #t)) + (uid postgresql-configuration-uid + (default #f)) + (gid postgresql-configuration-gid + (default #f))) + +(define (create-postgresql-account config) + (match-record config <postgresql-configuration> + (create-account? uid gid) + (if (not create-account?) '() + (list (user-group + (name "postgres") + (id gid) + (system? #t)) + (user-account + (name "postgres") + (group "postgres") + (system? #t) + (uid uid) + (comment "PostgreSQL server user") + (home-directory "/var/empty") + (shell (file-append shadow "/sbin/nologin"))))))) (define (final-postgresql postgresql extension-packages) (if (null? extension-packages) @@ -327,7 +340,7 @@ host all all ::1/128 md5")) (service-extension activation-service-type postgresql-activation) (service-extension account-service-type - (const %postgresql-accounts)) + create-postgresql-account) (service-extension profile-service-type (compose list postgresql-configuration-postgresql)))) |