Added: Swagger; Split Services into Units

hosts/cyper-pi-1/postgres.nix

@@ -12,6 +12,23 @@
     # Initial database setup
     initialScript = pkgs.writeText "backend-init-script" ''
       CREATE USER postgres WITH SUPERUSER PASSWORD 'postgres';
+
+      -- Create web_anon role for PostgREST
+      CREATE ROLE web_anon NOLOGIN;
+      GRANT USAGE ON SCHEMA public TO web_anon;
+      GRANT SELECT ON ALL TABLES IN SCHEMA public TO web_anon;
+
+      -- Create example users table
+      CREATE TABLE IF NOT EXISTS users (
+        id SERIAL PRIMARY KEY,
+        name VARCHAR(255),
+        email VARCHAR(255),
+        created_at TIMESTAMP DEFAULT NOW()
+      );
+
+      -- Grant permissions
+      GRANT SELECT, INSERT, UPDATE, DELETE ON users TO web_anon;
+      GRANT USAGE, SELECT ON SEQUENCE users_id_seq TO web_anon;
     '';
 
     # Raspberry Pi 4 optimized settings (2GB RAM assumed)
@@ -61,60 +78,8 @@
   };
 
   # Enable the PostgreSQL service to start on boot
-  systemd.services = {
-    postgresql.wantedBy = [ "multi-user.target" ];
+  systemd.services.postgresql.wantedBy = [ "multi-user.target" ];
 
-    postgrest = {
-      description = "PostgREST - PostgreSQL REST API";
-      after = [
-        "postgresql.service"
-        "network.target"
-      ];
-      wantedBy = [ "multi-user.target" ];
-
-      serviceConfig = {
-        Type = "simple";
-        ExecStart = "${pkgs.postgrest}/bin/postgrest /etc/postgrest/postgrest.conf";
-        User = "postgrest";
-        Restart = "on-failure";
-        RestartSec = 5;
-      };
-    };
-  };
-
-  users = {
-    users.postgrest = {
-      isSystemUser = true;
-      group = "postgrest";
-    };
-    groups.postgrest = { };
-  };
-
-  # PostgREST configuration file
-  environment = {
-    etc."postgrest/postgrest.conf".text = ''
-      db-uri = "postgres://postgres:postgres@localhost:5432/postgres"
-      db-schema = "public"
-      db-anon-role = "web_anon"
-      server-host = "0.0.0.0"
-      server-port = 3000
-      jwt-secret = "no7WwM0xJa/Yzn5o4IZHG4oBNSShl4JRPZOcmhvnqFw="
-    '';
-
-    systemPackages = with pkgs; [ postgrest ];
-  };
-  networking.firewall.allowedTCPPorts = [
-    5432
-    3000
-  ];
-
-  # Create mount point for external USB storage (optional, for better performance)
-  # Uncomment if using the USB 3 storage we configured earlier
-  # systemd.tmpfiles.rules = [
-  #   "d /mnt/nix-storage/postgresql 0700 postgres postgres"
-  # ];
-
-  # environment.etc."postgresql/postgresql.conf".text = ''
-  #   data_directory = '/mnt/nix-storage/postgresql'
-  # '';
+  # Open firewall port for PostgreSQL
+  networking.firewall.allowedTCPPorts = [ 5432 ];
 }