From ccd3744d0c67773917f65e72964fe09b88ccebd2 Mon Sep 17 00:00:00 2001
From: coolneng <akasroua@gmail.com>
Date: Sun, 15 Dec 2019 22:37:37 +0100
Subject: [PATCH] Disable PostgreSQL TCP/IP connection

---
 modules/devops.nix   | 1 +
 modules/webstack.nix | 5 ++---
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/modules/devops.nix b/modules/devops.nix
index 949ecda..aea6ad8 100644
--- a/modules/devops.nix
+++ b/modules/devops.nix
@@ -13,6 +13,7 @@
     database = {
       type = "postgres";
       passwordFile = "/var/keys/gitea/db";
+      socket = "/run/postgresql/.s.PGSQL.5432";
     };
     cookieSecure = true;
     disableRegistration = true;
diff --git a/modules/webstack.nix b/modules/webstack.nix
index fe6a7ca..8c518bb 100644
--- a/modules/webstack.nix
+++ b/modules/webstack.nix
@@ -108,12 +108,11 @@
     # Generated file; do not edit!
     # TYPE  DATABASE        USER            ADDRESS                 METHOD
     local   all             all                                     trust
-    host    all             all             127.0.0.1/32            trust
-    host    all             all             ::1/128                 trust
     '';
     identMap = ''
             gitea-users gitea gitea
     '';
+    extraConfig = "listen_addresses = ''";
   };
 
   # PostgreSQL daily backups
@@ -124,12 +123,12 @@
       startAt = "*-*-* 05:15:00";
   };
 
-
   # Miniflux configuration
   services.miniflux = {
     enable = true;
     adminCredentialsFile = "/var/keys/miniflux/admin";
     config = {
+      LISTEN_ADDR = "/run/postgresql/.s.PGSQL.5432";
       BASE_URL = "https://coolneng.duckdns.org/miniflux/";
     };
   };