From 26a9d7e3c37c20ef2ad23a84839ab07c794e1ab5 Mon Sep 17 00:00:00 2001
From: Lander Van den Bulcke <landervandenbulcke@gmail.com>
Date: Sun, 6 Jul 2025 20:05:58 +0200
Subject: [PATCH] feat: add lldap database

Signed-off-by: Lander Van den Bulcke <landervandenbulcke@gmail.com>
---
 hosts/db-01/default.nix | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/hosts/db-01/default.nix b/hosts/db-01/default.nix
index c149256..266d967 100644
--- a/hosts/db-01/default.nix
+++ b/hosts/db-01/default.nix
@@ -1,8 +1,4 @@
-{
-  inputs,
-  config,
-  ...
-}:
+{ pkgs, ... }:
 {
   imports = [
     ./disk-config.nix
@@ -20,6 +16,21 @@
 
   services.postgresql = {
     enable = true;
+    enableTCPIP = true;
+    authentication = pkgs.lib.mkOverride 10 ''
+      #type database dbuser origin-address auth-method
+      local all all trust
+      host all all 100.64.0.0/24 trust # trust tailnet
+    '';
+    ensureDatabases = [
+      "lldap"
+    ];
+    ensureUsers = [
+      {
+        name = "lldap";
+        ensureDBOwnership = true;
+      }
+    ];
   };
 
   system.stateVersion = "25.05";