From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp11.migadu.com ([2001:41d0:403:4789::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms9.migadu.com with LMTPS id 0LOrOYSbtWTDOgEASxT56A (envelope-from ) for ; Mon, 17 Jul 2023 21:50:29 +0200 Received: from aspmx1.migadu.com ([2001:41d0:403:4789::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp11.migadu.com with LMTPS id AA2HOYSbtWT27gAA9RJhRA (envelope-from ) for ; Mon, 17 Jul 2023 21:50:28 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 0D03B550E2 for ; Mon, 17 Jul 2023 21:50:28 +0200 (CEST) Authentication-Results: aspmx1.migadu.com; dkim=none; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1689623428; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post; bh=mQmtJ7C/VCXwELSK1IIyP6KNX++rSvCD5EyO25YJk2w=; b=OsxKmZGGQrGtb9R+XSwsRv8R/Bbo098Ub+nDP9ND+9fmbuxCQHk3cfPViO7b7rzuXXszQ/ StJ9PEly6dBZOHwlBvLNkNsj6SAE4S7evTlAAHa+pgzRAQjVD/LSXOjE3W8mfaUExygiYR /EykQmdBUHaVy7VuUHXinYZAtJvg7HKLHU2fMre4rJEZ+Y4MjRtiKlo6V2pMlkf23yFhu8 qOanZ3TEahzJM3PTW23Bku2lXrEbxlm3TSyQ3C/fXr7BoDZCgfIGLj8rW5qbPdLgs3LQnf SDw4RUQDqfsHCOlqcfo1E56cudMHvi0n03YgUgRRDFfquaHf+ylidY8r/RT9lg== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1689623428; a=rsa-sha256; cv=none; b=KpKP4FR5tNbbNFxyu3WpQkbTdD2B5OPjIhajtydKPzfhDQ4Q55SO6ymjIXIGEjqXC3pIYM WLOWo8f9LbiC+EEjsxL3bS66WjmkZo2v79/uaLANd0C0T1coGy+WVLlr/xgn/IE5UMcKvL qTqe8RkRBmY2ITby/LF8GaBqIHLFot9zCOXH7+Kogd2oy52a/eM42qtT5eWjAYqfmBqxH0 6CzBUcyiYbjlLiPTx+1GJ5A2WfMGFo4OfF4EDWyD+DHLX9G4ryhuZsCfmIS8u3G5+J0fms cO52aAvKfhc464RUxlEZRAkLFwwgVJ8KJC+0xTmPF2+6Y4kyqvEdObMbuvdTmg== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=none; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=none Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qLUEA-000879-Dd; Mon, 17 Jul 2023 15:49:50 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qLUE8-00086l-Ol for guix-devel@gnu.org; Mon, 17 Jul 2023 15:49:48 -0400 Received: from cyberdimension.org ([2001:910:1314:ffff::1] helo=gnutoo.cyberdimension.org) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_CHACHA20_POLY1305:256) (Exim 4.90_1) (envelope-from ) id 1qLUE6-0007XF-NZ for guix-devel@gnu.org; Mon, 17 Jul 2023 15:49:48 -0400 Received: from gnutoo.cyberdimension.org (localhost [127.0.0.1]) by cyberdimension.org (OpenSMTPD) with ESMTP id 8bfa9143; Mon, 17 Jul 2023 19:49:42 +0000 (UTC) Received: from primary_laptop (localhost [::1]) by gnutoo.cyberdimension.org (OpenSMTPD) with ESMTP id d8bd8e1c; Mon, 17 Jul 2023 19:49:42 +0000 (UTC) Date: Mon, 17 Jul 2023 21:49:31 +0200 From: Denis 'GNUtoo' Carikli To: Martin Baulig Cc: "guix-devel@gnu.org" Subject: Re: Postgres user UID and GID Message-ID: <20230717214920.32382c6b@primary_laptop> In-Reply-To: References: X-Mailer: Claws Mail 4.1.1 (GTK 3.24.37; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="Sig_/G4yOGGCsXcY2r+M=RJDoYKP"; protocol="application/pgp-signature"; micalg=pgp-sha256 Received-SPF: pass client-ip=2001:910:1314:ffff::1; envelope-from=GNUtoo@cyberdimension.org; helo=gnutoo.cyberdimension.org X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: guix-devel-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN X-Migadu-Spam-Score: -7.76 X-Spam-Score: -7.76 X-Migadu-Queue-Id: 0D03B550E2 X-Migadu-Scanner: mx1.migadu.com X-TUID: znyzrGFdtoSB --Sig_/G4yOGGCsXcY2r+M=RJDoYKP Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Mon, 17 Jul 2023 18:06:04 +0000 Martin Baulig wrote: > Hello, Hi, > I have a bit of an unusual setup, as I am running GNU Guix in a VM on > a Synology NAS. Unfortunately, their DSM software sucks quite badly, > but I am currently stuck with this hardware as I don't have the > budget to replace it. But I don't want to make any long-term > commitment to their software either. One of the awesome features of > GNU Guix is that it can nicely and easily be deployed elsewhere. > However, for this to work, I need to be able to extract my data > easily, so storing anything inside that VM that's not on GitLab isn't > an option. I have decided to NFS-mount an encrypted shared folder > from the NAS and store all data there. I've also a setup where I share a postgresql data folder between various distributions. In my case it's shared between Parabola i686, Parabola x86_64, Guix i686 and Guix x86_64. And I often need to chroot inside Parabola so this is why I need to use the same IDs (than Parabola). So for keeping the same id across different distributions, I hardcoded it in the users and groups like that in my system.scm: > (users (cons* [...] > (user-account > (name "postgres") > (uid 88) > (group "postgres") > (comment "PostgreSQL user") > (home-directory > "/path/to/shared-dir/var/lib/postgres") (shell (file-append bash > "/bin/bash")) (system? #t)) %base-user-accounts)) And in the groups too: > (groups (cons* [...] > (user-group > (name "postgres") > (id 88) > (system? #t)) > [...] > %base-groups)) And for the record here's how I use a different architecture: I define a package: > (define postgresql-14-i686-linux > (package =20 > (inherit postgresql-14) =20 > (name "postgresql-14-i686-linux") > (arguments > (ensure-keyword-arguments > (package-arguments postgresql-14) > '(#:system "i686-linux"))))) And then use it in the PostgreSQL service: > (service > postgresql-service-type > (postgresql-configuration > (postgresql > (if (target-x86-64?) > postgresql-14-i686-linux > postgresql-14)) > [...])) The downside is that it prints a warning during boot if I recall well but it works fine. I'm unsure if that helps the conversation or not though as you might want something cleaner. Denis. --Sig_/G4yOGGCsXcY2r+M=RJDoYKP Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEeC+d2+Nrp/PU3kkGX138wUF34mMFAmS1m0sACgkQX138wUF3 4mNHTg//VEK2JS8ucW16hhMM+7lvnIzl6YV0r7EeanR3cEahgB42GUegOE8xgA1K dpcpBb+kaAmCU+Mvv9jKkwAKqdsT81DFnfs8Qky0BsvWFUeUeEembhpt/H1FbZ9g Io+wJ1O6TnHfBuKTSU+pDqc60wEvMF4QOSBUNQ6juBbckxbju1RmFGnBbSMFqFSo Oa1rtfe9YvGQ9rHXQ4/SsEJHHeSjPWsdW+NS28p1OakrCpJLMaz3a0yEiMcd+EXK 6znIB1LdS5AAO5Mxa4MMS/FGVFeX0/bOKuJl7oyRjAC8bm/rYGEhZ1toSieA9CQB BH0LC9Ic8Dkyn6fLlG3/NHwXV65dNpwuHsG8JImAxctDqeuMGssT2IPpOmK3vMag c5goeZHNPI/Sig97fMTcAo2EJUXxv9sDgdM0wtzqAdjEjhnVfVG1hBUGv8OTXFaI UMuF9ZpO+9oFlCY6dIglmqjRGbt8luyeYdTxMf4bD8gEzzD867OgUPUUM1/4mtgb zbp/q80EtssVoGkoysxFLkSr0BcSE6BBWNUoJrm4uqx3WaDfhv4QCxShjG/JUOKz KixIFTqVI6FXXfWDyK25EAsaHjO8JmqzlDqQyZgpEUBLft5swd6oJdItSk+DD7At yw++huRcRpioGj7tjB4ggQLb+Kf/IQA31Aq1mWkrw/1w3m2KqEQ= =9F7x -----END PGP SIGNATURE----- --Sig_/G4yOGGCsXcY2r+M=RJDoYKP--