nixos/postgresql: allow specifying multiple databases in ensureDBOwnership

[icewind1991]

Description of changes

Allow settings services.postgresql.ensureUsers.*.ensureDBOwnership to a list of database names instead of only booleans.

This allows using it for setups where the database name doesn't match the user name or there are multiple databases accessed by a single db user.

This should make ensureDBOwnership able to cover more use cases from the deprecated ensurePermissions option.

Things done

• Built on platform(s)
  • x86_64-linux
  • aarch64-linux
  • x86_64-darwin
  • aarch64-darwin
• For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
  • sandbox = relaxed
  • sandbox = true
• Tested, as applicable:
  • NixOS test(s) (look inside nixos/tests)
  • and/or package tests
  • or, for functions and "core" functionality, tests in lib/tests or pkgs/test
  • made sure NixOS tests are linked to the relevant packages
• Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
• Tested basic functionality of all binary files (usually in ./result/bin/)
• 24.05 Release Notes (or backporting 23.05 and 23.11 Release notes)
  • (Package updates) Added a release notes entry if the change is major or breaking
  • (Module updates) Added a release notes entry if the change is significant
  • (Module addition) Added a release notes entry if adding a new NixOS module
• Fits CONTRIBUTING.md.

---

Add a 👍 reaction to pull requests you find important.

[jian-lin]

FYI, there are related discussions in #266270 and you can request people interested to review this PR.

[ambroisie]

This is what I had in mind, so let me approve the PR :-).

Tiny nit to DRY it up.

[ambroisie]

Rather than repeat this multiple time, you can use apply in the option definition to tranform a true into a singleton list [ name ].

[icewind1991]

I tried that but couldn't figure out how to use the value of name within the apply function

[ambroisie]

types.submodule can use an argument list which would allow you to get at the name IIRC.

Currently on my phone so it's difficult to check.

[Ma27]

I still don't think we should expand the features that pretend to be declarative, but in fact aren't.
Instead I'd prefer to see a solution as described in #206467 / #252071 instead of another ad-hoc mechanism like this.

👎 from me.

[cmm]

So I happen to have a database owned by a differently-named user and the database has data in it.
I'm not a Postgres expert by any stretch and find the ensurePermissions migration instructions in the manual pretty scary.

Now I understand that I can just comment out the whole bit and the existing database will not be impacted, but I'd rather modernize the config properly, so: what's up with this PR? It's been quiet for a month, how do the prospects look?

[Tom-Hubrecht]

Suggested change

	in concatStringsSep "\n"
	(builtins.map (db: ''$PSQL -tAc 'ALTER DATABASE "${db}" OWNER TO "${user.name}";' '') dbOwnershipList);
	in concatMapStringsSep "\n"
	(db: ''$PSQL -tAc 'ALTER DATABASE "${db}" OWNER TO "${user.name}";' '') dbOwnershipList;