updated the van_inventory user and db

2026-04-17 04:58:19 -04:00 · 2026-03-08 22:44:03 -04:00
parent 82851eb287
commit 568bf8dd38
2 changed files with 20 additions and 13 deletions
--- a/systems/brain/services/postgress.nix
+++ b/systems/brain/services/postgress.nix
@@ -11,16 +11,21 @@
    authentication = pkgs.lib.mkOverride 10 ''

      # admins
-      local all  richie   peer
+      # These are required for the nixos postgresql setup
+      local all  postgres   trust
+      host  all  postgres   127.0.0.1/32    trust
+      host  all  postgres   ::1/128         trust
+
+      local all  richie   trust
      host  all  richie   127.0.0.1/32    trust
      host  all  richie   ::1/128         trust
      host  all  richie   192.168.90.1/24 trust
      host  all  richie   192.168.99.1/24 trust

-      local van_inventory van_inventory peer
+      local vaninventory vaninventory trust

      #type database DBuser origin-address auth-method
-      local hass     hass     peer
+      local hass     hass     trust

      # ipv4
      host  hass     hass     192.168.90.1/24 trust
@@ -61,7 +66,7 @@
        };
      }
      {
-        name = "van_inventory";
+        name = "vaninventory";
        ensureDBOwnership = true;
        ensureClauses = {
          login = true;
@@ -81,7 +86,7 @@
    ensureDatabases = [
      "hass"
      "richie"
-      "van_inventory"
+      "vaninventory"
    ];
    # Thank you NotAShelf
    # https://github.com/NotAShelf/nyx/blob/d407b4d6e5ab7f60350af61a3d73a62a5e9ac660/modules/core/roles/server/system/services/databases/postgresql.nix#L74
--- a/systems/brain/services/van_inventory.nix
+++ b/systems/brain/services/van_inventory.nix
@@ -6,11 +6,11 @@
 {
  networking.firewall.allowedTCPPorts = [ 8001 ];

-  users.users.van_inventory = {
-    isSystemAccount = true;
-    group = "van_inventory";
+  users.users.vaninventory = {
+    isSystemUser = true;
+    group = "vaninventory";
  };
-  users.groups.van_inventory = { };
+  users.groups.vaninventory = { };

  systemd.services.van_inventory = {
    description = "Van Inventory API";
@@ -23,14 +23,16 @@

    environment = {
      PYTHONPATH = "${inputs.self}/";
-      VAN_INVENTORY_DB = "van_inventory";
-      VAN_INVENTORY_USER = "van_inventory";
+      VAN_INVENTORY_DB = "vaninventory";
+      VAN_INVENTORY_USER = "vaninventory";
+      VAN_INVENTORY_HOST = "/run/postgresql";
+      VAN_INVENTORY_PORT = "5432";
    };

    serviceConfig = {
      Type = "simple";
-      User = "van_inventory";
-      Group = "van_inventory";
+      User = "van-inventory";
+      Group = "van-inventory";
      ExecStart = "${pkgs.my_python}/bin/python -m python.van_inventory.main --host 0.0.0.0 --port 8001";
      Restart = "on-failure";
      RestartSec = "5s";