diff --git a/nixos/modules/services/finance/taler/exchange.nix b/nixos/modules/services/finance/taler/exchange.nix index 16428a43d78d..4a940cddb104 100644 --- a/nixos/modules/services/finance/taler/exchange.nix +++ b/nixos/modules/services/finance/taler/exchange.nix @@ -25,6 +25,8 @@ let "secmod-eddsa" "secmod-rsa" ]; + + configFile = config.environment.etc."taler/taler.conf".source; in { @@ -140,14 +142,14 @@ in lib.pipe servicesDB [ (map (name: '' GRANT SELECT,INSERT,UPDATE${deletePerm name} ON ALL TABLES IN SCHEMA exchange TO "taler-exchange-${name}"; - GRANT USAGE ON SCHEMA exchange TO "taler-exchange-${name}"; + GRANT USAGE ON ALL SEQUENCES IN SCHEMA exchange TO "taler-exchange-${name}"; '')) lib.concatStrings ] ); in '' - ${lib.getExe' cfg.package "taler-exchange-dbinit"} + ${lib.getExe' cfg.package "taler-exchange-dbinit"} -c ${configFile} psql -U taler-exchange-httpd -f ${dbScript} ''; }; diff --git a/nixos/modules/services/finance/taler/merchant.nix b/nixos/modules/services/finance/taler/merchant.nix index e5a2f2ce5d10..1426882ac050 100644 --- a/nixos/modules/services/finance/taler/merchant.nix +++ b/nixos/modules/services/finance/taler/merchant.nix @@ -19,6 +19,8 @@ let "depositcheck" "exchange" ]; + + configFile = config.environment.etc."taler/taler.conf".source; in { imports = [ @@ -95,13 +97,13 @@ in lib.concatStrings ( map (name: '' GRANT SELECT,INSERT,UPDATE,DELETE ON ALL TABLES IN SCHEMA merchant TO "taler-merchant-${name}"; - GRANT USAGE ON SCHEMA merchant TO "taler-merchant-${name}"; + GRANT USAGE ON ALL SEQUENCES IN SCHEMA merchant TO "taler-merchant-${name}"; '') servicesDB ) ); in '' - ${lib.getExe' cfg.package "taler-merchant-dbinit"} + ${lib.getExe' cfg.package "taler-merchant-dbinit"} -c ${configFile} psql -U taler-${talerComponent}-httpd -f ${dbScript} ''; };