nixos/postgresql: improve local peer authentication with default map

This allows to easily map allowed database roles to system users.
2025-06-10 03:23:29 +03:00 · 2025-05-05 10:31:21 +02:00 · 2025-05-05 10:31:21 +02:00 · 3d29b7d3a2
commit 3d29b7d3a2
parent f934044282
4 changed files with 58 additions and 1 deletions
--- a/nixos/tests/postgresql/postgresql.nix
+++ b/nixos/tests/postgresql/postgresql.nix
@ -54,6 +54,9 @@ let
          services.postgresql = {
            inherit package;
            enable = true;
+            identMap = ''
+              postgres root postgres
+            '';
            # TODO(@Ma27) split this off into its own VM test and move a few other
            # extension tests to use postgresqlTestExtension.
            extensions = ps: with ps; [ plv8 ];
@ -73,7 +76,7 @@ let
        in
        ''
          def check_count(statement, lines):
-              return 'test $(sudo -u postgres psql postgres -tAc "{}"|wc -l) -eq {}'.format(
+              return 'test $(psql -U postgres postgres -tAc "{}"|wc -l) -eq {}'.format(
                  statement, lines
              )