From 9f4d0e470c9a25995a2454c957c3474a57035aa0 Mon Sep 17 00:00:00 2001
From: Gabriel Arazas <foodogsquared@foodogsquared.one>
Date: Sat, 17 Dec 2022 22:23:36 +0800
Subject: [PATCH] hosts/plover: update Keycloak config

---
 hosts/plover/default.nix | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/hosts/plover/default.nix b/hosts/plover/default.nix
index 12d6a66d..a0acf64d 100644
--- a/hosts/plover/default.nix
+++ b/hosts/plover/default.nix
@@ -17,6 +17,10 @@ let
   # However, this is set on our own.
   vaultwardenDbName = "vaultwarden";
 
+  # This is also set on our own.
+  keycloakUser = config.services.keycloak.database.username;
+  keycloakDbName = if config.services.keycloak.database.createLocally then keycloakUser else config.services.keycloak.database.username;
+
   # The head of the Borgbase hostname.
   borgbase-remote = "cr6pf13r";
 in
@@ -198,7 +202,7 @@ in
     };
 
     # There's no database and user checks for Vaultwarden service.
-    ensureDatabases = [ vaultwardenDbName ];
+    ensureDatabases = [ vaultwardenDbName keycloakDbName ];
     ensureUsers = [
       {
         name = vaultwardenUser;
@@ -213,6 +217,13 @@ in
           "SCHEMA ${config.services.gitea.user}" = "ALL PRIVILEGES";
         };
       }
+      {
+        name = keycloakUser;
+        ensurePermissions = {
+          "DATABASE ${keycloakDbName}" = "ALL PRIVILEGES";
+          "SCHEMA ${keycloakDbName}" = "ALL PRIVILEGES";
+        };
+      }
     ];
   };