remove terraform database

closes #50
2024-02-08 23:59:12 +01:00 · 2024-02-08 23:59:12 +01:00 · d0e02adcec
commit d0e02adcec
parent a3ace01a6d
6 changed files with 0 additions and 55 deletions
--- a/nixos/modules/default.nix
+++ b/nixos/modules/default.nix
@ -1,7 +1,6 @@
 {
  imports = [
    ./storage.nix
-    ./terraform-database
    ./ssh-certificates.nix
    ./k3s
    ./backups.nix
--- a/nixos/modules/terraform-database/default.nix
+++ b/nixos/modules/terraform-database/default.nix
@ -1,49 +0,0 @@
-{ pkgs, lib, config, ... }:
-let cfg = config.lab.terraformDatabase;
-in {
-  options.lab.terraformDatabase.enable = lib.mkOption {
-    default = false;
-    type = lib.types.bool;
-    description = ''
-      Whether to start a postgreSQL database for Terraform states
-    '';
-  };
-
-  config = lib.mkIf cfg.enable {
-    networking.firewall.interfaces.${config.lab.networking.mainNicNamePattern}.allowedTCPPorts = [ 5432 ];
-
-    services.postgresql = {
-      enable = true;
-      ensureDatabases = [ "terraformstates" ];
-      package = pkgs.postgresql_15;
-      enableTCPIP = true;
-
-      dataDir = "${config.lab.storage.dataMountPoint}/postgresql/${config.services.postgresql.package.psqlSchema}";
-
-      authentication = ''
-        hostssl terraformstates terraform all cert
-      '';
-
-      settings =
-        let
-          serverCert = builtins.toFile "postgresql_server.crt"
-            (builtins.readFile ./postgresql_server.crt);
-        in
-        {
-          ssl = true;
-          ssl_cert_file = serverCert;
-          ssl_key_file = config.age.secrets."postgresql_server.key".path;
-          ssl_ca_file = serverCert;
-        };
-
-      ensureUsers = [{ name = "terraform"; }];
-    };
-
-    age.secrets."postgresql_server.key" = {
-      file = ../../secrets/postgresql_server.key.age;
-      mode = "400";
-      owner = builtins.toString config.ids.uids.postgres;
-      group = builtins.toString config.ids.gids.postgres;
-    };
-  };
-}