From 45b9c8b74bf4929c1376b43b4e35b8eb02b4d661 Mon Sep 17 00:00:00 2001
From: Jack O'Sullivan <jackos1998@gmail.com>
Date: Mon, 13 Jun 2022 02:14:18 +0100
Subject: [PATCH] nixos/colony-psql: Add Netdata

---
 .../vms/shill/containers/colony-psql.nix      | 32 +++++++++++++------
 .../vms/shill/containers/middleman/vhosts.nix |  6 +++-
 2 files changed, 28 insertions(+), 10 deletions(-)

diff --git a/nixos/boxes/colony/vms/shill/containers/colony-psql.nix b/nixos/boxes/colony/vms/shill/containers/colony-psql.nix
index 50b9869..246ad01 100644
--- a/nixos/boxes/colony/vms/shill/containers/colony-psql.nix
+++ b/nixos/boxes/colony/vms/shill/containers/colony-psql.nix
@@ -33,7 +33,7 @@
             };
 
             firewall = {
-              tcp.allowed = [ 5432 ];
+              tcp.allowed = [ 19999 5432 ];
             };
           };
 
@@ -42,23 +42,37 @@
           };
 
           services = {
+            netdata = {
+              enable = true;
+              python = {
+                enable = true;
+                extraPackages = ps: with ps; [ psycopg2 ];
+              };
+              configDir = {
+                "python.d/postgres.conf" = pkgs.writeText "netdata-postgres.conf" ''
+                  local:
+                    user: postgres
+                '';
+              };
+            };
+
             postgresql = {
               package = pkgs.postgresql_14;
               enable = true;
               enableTCPIP = true;
 
               authentication = with lib.my.colony.prefixes; ''
+                local all postgres peer map=local
+
                 host all all ${all.v4} md5
                 host all all ${all.v6} md5
               '';
-              ensureUsers = [
-                {
-                  name = "root";
-                  ensurePermissions = {
-                    "ALL TABLES IN SCHEMA public" = "ALL PRIVILEGES";
-                  };
-                }
-              ];
+              identMap = ''
+                local postgres postgres
+                local root     postgres
+                local netdata  postgres
+                local dev      postgres
+              '';
             };
           };
         }
diff --git a/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix b/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix
index d2c9f64..a9f9439 100644
--- a/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix
+++ b/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix
@@ -86,7 +86,11 @@ in
 
       "netdata-colony.${lib.my.pubDomain}" =
       let
-        hosts = [ "vm" "fw" "ctr" "http" "jackflix-ctr" "chatterbox-ctr" ];
+        hosts = [
+          "vm"
+          "fw" "ctr"
+          "http" "jackflix-ctr" "chatterbox-ctr" "colony-psql-ctr"
+        ];
         matchHosts = concatStringsSep "|" hosts;
       in
       mkMerge [