From 711ed58dc62e7b3a8f20edd60d388db390da5381 Mon Sep 17 00:00:00 2001
From: Max <max@privatevoid.net>
Date: Sat, 27 Nov 2021 00:10:36 +0100
Subject: [PATCH] VEGAS/database: use proper authentication

---
 hosts/VEGAS/modules/database/default.nix   | 4 ----
 hosts/VEGAS/services/nextcloud/default.nix | 4 ++++
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/hosts/VEGAS/modules/database/default.nix b/hosts/VEGAS/modules/database/default.nix
index 9e4eba7..5120b52 100644
--- a/hosts/VEGAS/modules/database/default.nix
+++ b/hosts/VEGAS/modules/database/default.nix
@@ -6,9 +6,5 @@
     checkConfig = true;
     package = pkgs.postgresql_12;
     dataDir = "/srv/storage/database/postgres-12/data";
-    authentication = lib.mkForce ''
-      local all all trust
-      host all all 127.0.0.1/32 trust
-    '';
   };
 }
diff --git a/hosts/VEGAS/services/nextcloud/default.nix b/hosts/VEGAS/services/nextcloud/default.nix
index a7042df..b83afb6 100644
--- a/hosts/VEGAS/services/nextcloud/default.nix
+++ b/hosts/VEGAS/services/nextcloud/default.nix
@@ -1,4 +1,7 @@
 { config, lib, pkgs, tools, ... }:
+let
+  cfg = config.services.nextcloud.config;
+in
 {
   age.secrets = {
     nextcloud-adminpass = {
@@ -44,6 +47,7 @@
       adminpassFile = config.age.secrets.nextcloud-dbpass.path;
     };
   };
+  services.postgresql.authentication = "local ${cfg.dbname} ${cfg.dbuser} md5";
   services.nginx.virtualHosts."${config.services.nextcloud.hostName}" = {
     addSSL = true;
     enableACME = true;