From 69aac159fa460c9a2517832b842fd0288aa9c90c Mon Sep 17 00:00:00 2001
From: Raito Bezarius <masterancpp@gmail.com>
Date: Tue, 22 Aug 2023 18:42:50 +0200
Subject: [PATCH 1/2] epyc: open postgresql publicly

---
 hosts/epyc.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/hosts/epyc.nix b/hosts/epyc.nix
index 67025ab..0b94506 100644
--- a/hosts/epyc.nix
+++ b/hosts/epyc.nix
@@ -17,6 +17,10 @@ in
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
 
+  # Open public access to our PostgreSQL.
+  services.postgresql.enableTCPIP = true;
+  networking.firewall.allowedTCPPorts = [ 5432 ];
+
   virtualisation.nvisor.vms = {
     vm01 = {
       config = { pkgs, ... }: {

From 6eec25d2bbe47fbf81d6c02bcc0f1ba8192e4d7c Mon Sep 17 00:00:00 2001
From: Raito Bezarius <masterancpp@gmail.com>
Date: Tue, 22 Aug 2023 21:17:31 +0200
Subject: [PATCH 2/2] epyc: let authentication remote

---
 hosts/epyc.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/hosts/epyc.nix b/hosts/epyc.nix
index 0b94506..4d9dbbf 100644
--- a/hosts/epyc.nix
+++ b/hosts/epyc.nix
@@ -19,6 +19,9 @@ in
 
   # Open public access to our PostgreSQL.
   services.postgresql.enableTCPIP = true;
+  services.postgresql.authentication = ''
+  host  hydra-nixos-org hydra_ro  ::/0  trust
+  '';
   networking.firewall.allowedTCPPorts = [ 5432 ];
 
   virtualisation.nvisor.vms = {