Commit f26d9ed8896d
Changed files (1)
systems
aion
systems/aion/extra.nix
@@ -15,8 +15,39 @@
endpoint = "${globals.net.vpn.endpoint}";
endpointPublicKey = "${globals.machines.kerkouane.net.vpn.pubkey}";
};
+
+ immich = {
+ enable = true;
+ user = "vincent";
+ group = "users";
+ mediaLocation = "/neo/pictures/photos";
+ };
+
+ postgresql = {
+ ensureDatabases = [ "immich" ];
+ ensureUsers = [
+ {
+ name = "vincent";
+ }
+ ];
+ };
};
+ # Grant vincent ownership of the immich database and schemas
+ systemd.services.postgresql.postStart = lib.mkAfter ''
+ $PSQL -tAc "SELECT 1 FROM pg_roles WHERE rolname = 'vincent'" | grep -q 1 || $PSQL -tAc "CREATE ROLE vincent WITH LOGIN"
+ $PSQL -tAc "ALTER DATABASE immich OWNER TO vincent"
+ $PSQL immich -tAc "ALTER SCHEMA public OWNER TO vincent"
+ $PSQL immich -tAc "ALTER SCHEMA vectors OWNER TO vincent" || true
+ $PSQL immich -tAc "GRANT ALL PRIVILEGES ON SCHEMA public TO vincent"
+ $PSQL immich -tAc "GRANT ALL PRIVILEGES ON SCHEMA vectors TO vincent" || true
+ $PSQL immich -tAc "GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO vincent"
+ $PSQL immich -tAc "GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO vincent"
+ $PSQL immich -tAc "GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA vectors TO vincent" || true
+ $PSQL immich -tAc "ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO vincent"
+ $PSQL immich -tAc "ALTER DEFAULT PRIVILEGES IN SCHEMA vectors GRANT ALL ON TABLES TO vincent" || true
+ '';
+
networking.useDHCP = lib.mkDefault true;
environment.systemPackages = with pkgs; [