Commit bfb9d182 authored by Ivan Trubach's avatar Ivan Trubach
Browse files

nixos/pgbouncer: add services.pgbouncer.settings option 

This change adds services.pgbouncer.settings option as per [RFC 0042]
and deprecates other options that were previously used to generate
configuration file.

In addition to that, we also place the configuration file under
environment.etc to allow reloading configuration without service
restart.

[RFC 0042]: https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md
parent 7012353d

nixos/doc/manual/release-notes/rl-2411.section.md

+2 −0
Original line number Diff line number Diff line
@@ -156,6 +156,8 @@ 


- `services.ddclient.use` has been deprecated: `ddclient` now supports separate IPv4 and IPv6 configuration. Use `services.ddclient.usev4` and `services.ddclient.usev6` instead.



- `services.pgbouncer` systemd service is configured with `Type=notify-reload` and allows reloading configuration without process restart. PgBouncer configuration options were moved to the free-form type option named [`services.pgbouncer.settings`](#opt-services.pgbouncer.settings) according to the NixOS RFC 0042.



- `teleport` has been upgraded from major version 15 to major version 16.

  Refer to upstream [upgrade instructions](https://goteleport.com/docs/management/operations/upgrading/)

  and [release notes for v16](https://goteleport.com/docs/changelog/#1600-061324).

nixos/modules/services/databases/pgbouncer.nix

+147 −552

File changed.

Preview size limit exceeded, changes collapsed.

nixos/tests/pgbouncer.nix

+19 −21
Original line number Diff line number Diff line 
import ./make-test-python.nix ({ pkgs, ... } :

let

  testAuthFile = pkgs.writeTextFile {

    name = "authFile";

    text = ''

      "testuser" "testpass"

    '';

  };

in

{

import ./make-test-python.nix ({ lib, pkgs, ... }: {

  name = "pgbouncer";

  meta = with pkgs.lib.maintainers; {



  meta = with lib.maintainers; {

    maintainers = [ _1000101 ];

  };

  nodes = {

    one = { config, pkgs, ... }: {



  nodes = {

    one = { pkgs, ... }: {

      systemd.services.postgresql = {

        postStart = ''

          ${pkgs.postgresql}/bin/psql -U postgres -c "ALTER ROLE testuser WITH LOGIN PASSWORD 'testpass'";
@@ -26,10 +18,7 @@ in 
        postgresql = {

          enable = true;

          ensureDatabases = [ "testdb" ];

          ensureUsers = [

          {

            name = "testuser";

          }];

          ensureUsers = [{ name = "testuser"; }];

          authentication = ''

            local testdb testuser scram-sha-256

          '';
@@ -37,10 +26,19 @@ in 


        pgbouncer = {

          enable = true;

          listenAddress = "localhost";

          databases = { test = "host=/run/postgresql/ port=5432 auth_user=testuser dbname=testdb"; };

          authType = "scram-sha-256";

          authFile = testAuthFile;

          openFirewall = true;

          settings = {

            pgbouncer = {

              listen_addr = "localhost";

              auth_type = "scram-sha-256";

              auth_file = builtins.toFile "pgbouncer-users.txt" ''

                "testuser" "testpass"

              '';

            };

            databases = {

              test = "host=/run/postgresql port=5432 auth_user=testuser dbname=testdb";

            };

          };

        };

      };

    };