| blob | 7eafa502eb0c317530ed6df39ce47fbd907f27dd |
1 { config, lib, utils, pkgs, ... }:
2 let
3 cfg = config.services.pgbouncer;
5 settingsFormat = pkgs.formats.ini { };
6 configFile = settingsFormat.generate "pgbouncer.ini" cfg.settings;
7 configPath = "pgbouncer/pgbouncer.ini";
8 in
9 {
10 imports = [
11 (lib.mkRenamedOptionModule
12 [ "services" "pgbouncer" "logFile" ]
13 [ "services" "pgbouncer" "settings" "pgbouncer" "log_file" ])
14 (lib.mkRenamedOptionModule
15 [ "services" "pgbouncer" "listenAddress" ]
16 [ "services" "pgbouncer" "settings" "pgbouncer" "listen_addr" ])
17 (lib.mkRenamedOptionModule
18 [ "services" "pgbouncer" "listenPort" ]
19 [ "services" "pgbouncer" "settings" "pgbouncer" "listen_port" ])
20 (lib.mkRenamedOptionModule
21 [ "services" "pgbouncer" "poolMode" ]
22 [ "services" "pgbouncer" "settings" "pgbouncer" "pool_mode" ])
23 (lib.mkRenamedOptionModule
24 [ "services" "pgbouncer" "maxClientConn" ]
25 [ "services" "pgbouncer" "settings" "pgbouncer" "max_client_conn" ])
26 (lib.mkRenamedOptionModule
27 [ "services" "pgbouncer" "defaultPoolSize" ]
28 [ "services" "pgbouncer" "settings" "pgbouncer" "default_pool_size" ])
29 (lib.mkRenamedOptionModule
30 [ "services" "pgbouncer" "maxDbConnections" ]
31 [ "services" "pgbouncer" "settings" "pgbouncer" "max_db_connections" ])
32 (lib.mkRenamedOptionModule
33 [ "services" "pgbouncer" "maxUserConnections" ]
34 [ "services" "pgbouncer" "settings" "pgbouncer" "max_user_connections" ])
35 (lib.mkRenamedOptionModule
36 [ "services" "pgbouncer" "ignoreStartupParameters" ]
37 [ "services" "pgbouncer" "settings" "pgbouncer" "ignore_startup_parameters" ])
38 (lib.mkRenamedOptionModule
39 [ "services" "pgbouncer" "databases" ]
40 [ "services" "pgbouncer" "settings" "databases" ])
41 (lib.mkRenamedOptionModule
42 [ "services" "pgbouncer" "users" ]
43 [ "services" "pgbouncer" "settings" "users" ])
44 (lib.mkRenamedOptionModule
45 [ "services" "pgbouncer" "peers" ]
46 [ "services" "pgbouncer" "settings" "peers" ])
47 (lib.mkRenamedOptionModule
48 [ "services" "pgbouncer" "authType" ]
49 [ "services" "pgbouncer" "settings" "pgbouncer" "auth_type" ])
50 (lib.mkRenamedOptionModule
51 [ "services" "pgbouncer" "authHbaFile" ]
52 [ "services" "pgbouncer" "settings" "pgbouncer" "auth_hba_file" ])
53 (lib.mkRenamedOptionModule
54 [ "services" "pgbouncer" "authFile" ]
55 [ "services" "pgbouncer" "settings" "pgbouncer" "auth_file" ])
56 (lib.mkRenamedOptionModule
57 [ "services" "pgbouncer" "authUser" ]
58 [ "services" "pgbouncer" "settings" "pgbouncer" "auth_user" ])
59 (lib.mkRenamedOptionModule
60 [ "services" "pgbouncer" "authQuery" ]
61 [ "services" "pgbouncer" "settings" "pgbouncer" "auth_query" ])
62 (lib.mkRenamedOptionModule
63 [ "services" "pgbouncer" "authDbname" ]
64 [ "services" "pgbouncer" "settings" "pgbouncer" "auth_dbname" ])
65 (lib.mkRenamedOptionModule
66 [ "services" "pgbouncer" "adminUsers" ]
67 [ "services" "pgbouncer" "settings" "pgbouncer" "admin_users" ])
68 (lib.mkRenamedOptionModule
69 [ "services" "pgbouncer" "statsUsers" ]
70 [ "services" "pgbouncer" "settings" "pgbouncer" "stats_users" ])
71 (lib.mkRenamedOptionModule
72 [ "services" "pgbouncer" "verbose" ]
73 [ "services" "pgbouncer" "settings" "pgbouncer" "verbose" ])
74 (lib.mkChangedOptionModule
75 [ "services" "pgbouncer" "syslog" "enable" ]
76 [ "services" "pgbouncer" "settings" "pgbouncer" "syslog" ]
77 (config:
78 let
79 enable = lib.getAttrFromPath
80 [ "services" "pgbouncer" "syslog" "enable" ]
81 config;
82 in
83 if enable then 1 else 0))
84 (lib.mkRenamedOptionModule
85 [ "services" "pgbouncer" "syslog" "syslogIdent" ]
86 [ "services" "pgbouncer" "settings" "pgbouncer" "syslog_ident" ])
87 (lib.mkRenamedOptionModule
88 [ "services" "pgbouncer" "syslog" "syslogFacility" ]
89 [ "services" "pgbouncer" "settings" "pgbouncer" "syslog_facility" ])
90 (lib.mkRenamedOptionModule
91 [ "services" "pgbouncer" "tls" "client" "sslmode" ]
92 [ "services" "pgbouncer" "settings" "pgbouncer" "client_tls_sslmode" ])
93 (lib.mkRenamedOptionModule
94 [ "services" "pgbouncer" "tls" "client" "keyFile" ]
95 [ "services" "pgbouncer" "settings" "pgbouncer" "client_tls_key_file" ])
96 (lib.mkRenamedOptionModule
97 [ "services" "pgbouncer" "tls" "client" "certFile" ]
98 [ "services" "pgbouncer" "settings" "pgbouncer" "client_tls_cert_file" ])
99 (lib.mkRenamedOptionModule
100 [ "services" "pgbouncer" "tls" "client" "caFile" ]
101 [ "services" "pgbouncer" "settings" "pgbouncer" "client_tls_ca_file" ])
102 (lib.mkRenamedOptionModule
103 [ "services" "pgbouncer" "tls" "server" "sslmode" ]
104 [ "services" "pgbouncer" "settings" "pgbouncer" "server_tls_sslmode" ])
105 (lib.mkRenamedOptionModule
106 [ "services" "pgbouncer" "tls" "server" "keyFile" ]
107 [ "services" "pgbouncer" "settings" "pgbouncer" "server_tls_key_file" ])
108 (lib.mkRenamedOptionModule
109 [ "services" "pgbouncer" "tls" "server" "certFile" ]
110 [ "services" "pgbouncer" "settings" "pgbouncer" "server_tls_cert_file" ])
111 (lib.mkRenamedOptionModule
112 [ "services" "pgbouncer" "tls" "server" "caFile" ]
113 [ "services" "pgbouncer" "settings" "pgbouncer" "server_tls_ca_file" ])
114 (lib.mkRemovedOptionModule [ "services" "pgbouncer" "extraConfig" ] "Use services.pgbouncer.settings instead.")
115 ];
117 options.services.pgbouncer = {
118 enable = lib.mkEnableOption "PostgreSQL connection pooler";
120 package = lib.mkPackageOption pkgs "pgbouncer" { };
122 openFirewall = lib.mkOption {
123 type = lib.types.bool;
124 default = false;
125 description = ''
126 Whether to automatically open the specified TCP port in the firewall.
127 '';
128 };
130 settings = lib.mkOption {
131 type = settingsFormat.type;
132 default = { };
133 description = ''
134 Configuration for PgBouncer, see <https://www.pgbouncer.org/config.html>
135 for supported values.
136 '';
137 };
139 # Linux settings
140 openFilesLimit = lib.mkOption {
141 type = lib.types.int;
142 default = 65536;
143 description = ''
144 Maximum number of open files.
145 '';
146 };
148 user = lib.mkOption {
149 type = lib.types.str;
150 default = "pgbouncer";
151 description = ''
152 The user pgbouncer is run as.
153 '';
154 };
156 group = lib.mkOption {
157 type = lib.types.str;
158 default = "pgbouncer";
159 description = ''
160 The group pgbouncer is run as.
161 '';
162 };
164 homeDir = lib.mkOption {
165 type = lib.types.path;
166 default = "/var/lib/pgbouncer";
167 description = ''
168 Specifies the home directory.
169 '';
170 };
171 };
173 config = lib.mkIf cfg.enable {
174 users.groups.${cfg.group} = { };
175 users.users.${cfg.user} = {
176 description = "PgBouncer service user";
177 group = cfg.group;
178 home = cfg.homeDir;
179 createHome = true;
180 isSystemUser = true;
181 };
183 environment.etc.${configPath}.source = configFile;
185 # Default to RuntimeDirectory instead of /tmp.
186 services.pgbouncer.settings.pgbouncer.unix_socket_dir = lib.mkDefault "/run/pgbouncer";
188 systemd.services.pgbouncer = {
189 description = "PgBouncer - PostgreSQL connection pooler";
190 wants = [ "network-online.target" ];
191 after = [ "network-online.target" ];
192 wantedBy = [ "multi-user.target" ];
193 reloadTriggers = [ configFile ];
194 serviceConfig = {
195 Type = "notify-reload";
196 User = cfg.user;
197 Group = cfg.group;
198 ExecStart = utils.escapeSystemdExecArgs [
199 (lib.getExe pkgs.pgbouncer)
200 "/etc/${configPath}"
201 ];
202 RuntimeDirectory = "pgbouncer";
203 LimitNOFILE = cfg.openFilesLimit;
204 };
205 };
207 networking.firewall = lib.mkIf cfg.openFirewall {
208 allowedTCPPorts = [
209 (cfg.settings.pgbouncer.listen_port or 6432)
210 ];
211 };
212 };
214 meta.maintainers = [ lib.maintainers._1000101 ];
215 }