services/{bitwarden,gitea}: Postgres

services/bitwarden.nix

@@ -1,14 +1,26 @@
 { config, pkgs, witch, ... }:
 
 {
+  services.postgresql = {
+    ensureDatabases = [ "bitwarden_rs" ];
+    ensureUsers = [{
+      name = "bitwarden_rs";
+      ensurePermissions = {
+        "DATABASE bitwarden_rs" = "ALL PRIVILEGES";
+      };
+    }];
+  };
+
   services.bitwarden_rs = {
     enable = true;
+    dbBackend = "postgresql";
     config = {
       rocketPort = 4000;
       websocketEnabled = true;
       signupsAllowed = false;
       adminToken = witch.secrets.hosts.athame.bitwarden_secret;
       domain = "https://vault.kittywit.ch";
+      databaseUrl = "postgresql://bitwarden_rs@/bitwarden_rs";
     };
   };
 

services/gitea/default.nix

@@ -1,6 +1,16 @@
 { config, pkgs, ... }:
 
 {
+  services.postgresql = {
+    enable = true;
+    ensureDatabases = [ "gitea" ];
+    ensureUsers = [
+      { name = "gitea";
+        ensurePermissions."DATABASE gitea" = "ALL PRIVILEGES";
+      }
+    ];
+  };
+
   services.gitea = {
     enable = true;
     disableRegistration = true;
@@ -11,6 +21,11 @@
     ssh = { clonePort = 62954; };
     settings = {
       security = { DISABLE_GIT_HOOKS = false; };
+      database = {
+        type = "postgres";
+        name = "gitea";
+        user = "gitea";
+      };
       mailer = {
         ENABLED = true;
         MAILER_TYPE = "sendmail";
@@ -19,7 +34,7 @@
       };
       ui = {
         THEMES = "gitea,arc-green,kittywitch";
-        DEFAULT_THEME = "kittywitch";
+        DEFAULT_THEME = "gitea";
         THEME_COLOR_META_TAG = "#222222";
       };
     };