tamipes/authentik-nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

module: wait for postgresql.target

Browse source 
This is needed since 25.11 because the target is what makes sure that
PostgreSQL is not only up, but also in rw-mode (and ensure* being
applied).

Also adding this to `authentik-worker` to prevent situations where
postgresql.service stops before the worker on reboot and the worker
blocks shutdown while trying to reconnect to the database[1].

[1] https://github.com/nix-community/authentik-nix/pull/86#issuecomment-3794325343
This commit is contained in:
Maximilian Bosch 2026-01-25 14:49:58 +01:00
parent 1cab906a5c
commit eee255ff2f
No known key found for this signature in database
1 changed files with 5 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

9
module.nix
View file

@ -353,9 +353,9 @@ in
systemd.services = { systemd.services = {
authentik-migrate = { authentik-migrate = {
requires = lib.optionals cfg.createDatabase [ "postgresql.service" ]; requires = lib.optionals cfg.createDatabase [ "postgresql.target" ];
wants = [ "network-online.target" ]; wants = [ "network-online.target" ];
after = [ "network-online.target" ] ++ lib.optionals cfg.createDatabase [ "postgresql.service" ]; after = [ "network-online.target" ] ++ lib.optionals cfg.createDatabase [ "postgresql.target" ];
before = [ "authentik.service" "authentik-migrate.service" ]; before = [ "authentik.service" "authentik-migrate.service" ];
restartTriggers = [ config.environment.etc."authentik/config.yml".source ]; restartTriggers = [ config.environment.etc."authentik/config.yml".source ];
environment = mkMerge [ environment = mkMerge [
@ -381,8 +381,9 @@ in
]; ];
}; };
authentik-worker = { authentik-worker = {
requires = lib.optionals cfg.createDatabase [ "postgresql.target" ];
wants = [ "network-online.target" ]; wants = [ "network-online.target" ];
after = [ "network-online.target" ]; after = [ "network-online.target" ] ++ lib.optionals cfg.createDatabase [ "postgresql.target" ];
before = [ "authentik.service" ]; before = [ "authentik.service" ];
restartTriggers = [ config.environment.etc."authentik/config.yml".source ]; restartTriggers = [ config.environment.etc."authentik/config.yml".source ];
preStart = '' preStart = ''
@ -423,7 +424,7 @@ in
after = [ after = [
"network-online.target" "network-online.target"
] ]
++ (lib.optionals cfg.createDatabase [ "postgresql.service" ]); ++ (lib.optionals cfg.createDatabase [ "postgresql.target" ]);
restartTriggers = [ config.environment.etc."authentik/config.yml".source ]; restartTriggers = [ config.environment.etc."authentik/config.yml".source ];
preStart = '' preStart = ''
ln -svf ${cfg.authentikComponents.staticWorkdirDeps}/* /var/lib/authentik/ ln -svf ${cfg.authentikComponents.staticWorkdirDeps}/* /var/lib/authentik/