{ config, pkgs, lib, ... }:

{
  systemd.tmpfiles.rules = [  "d /mnt/postgres/data 0750 postgres postgres" ];

  services.postgresql = {
    enable = true;
    package = pkgs.postgresql_14;
    enableTCPIP = true;
    authentication = pkgs.lib.mkOverride 10 ''
      # TYPE, DATABASE, USER, ADDRESS, METHOD
      local all all trust
      host all all 127.0.0.1/32 trust
      host all all ::1/128 trust
      host discordbots discordbots 192.168.1.2/32 trust
      host matrix-synapse-rory-gay matrix-synapse-rory-gay 192.168.1.5/32 trust
      host all all 0.0.0.0/0 md5
    '';
    # initialScript = pkgs.writeText "backend-initScript" ''
    #   CREATE ROLE nixcloud WITH LOGIN PASSWORD 'nixcloud' CREATEDB;
    #   CREATE DATABASE nixcloud;
    #   GRANT ALL PRIVILEGES ON DATABASE nixcloud TO nixcloud;
    # '';
    dataDir = "/mnt/postgres/data";
    settings = {
      "max_connections" = "100";
      "shared_buffers" = "512MB";
      "effective_cache_size" = "8192MB";
      "max_wal_size" = "1GB";
      "min_wal_size" = "80MB";
      "work_mem" = "16MB";
      "maintenance_work_mem" = "256MB";
      "checkpoint_segments" = "64";
      "default_statistics_target" = "250";

      # can use this to view stats: SELECT query, total_time, calls, rows FROM pg_stat_statements ORDER BY total_time DESC LIMIT 10;
      "shared_preload_libraries" = "pg_stat_statements";
      "pg_stat_statements.max" = "10000";
      "pg_stat_statements.track" = "all";

      #we're on virtualised HDDs... 
      "random_page_cost" = "2.0";
      "synchronous_commit" = "off";

    };
  };

}