chore: add overlay

Author: staaldraad

ansible/tasks/setup-postgres.yml

@@ -139,6 +139,21 @@
     group: postgres
   when: debpkg_mode or nixpkg_mode
 
+- name: Check if psql_version is psql_15
+  set_fact:
+    is_psql_15: "{{ psql_version in ['psql_15'] }}"
+
+- name: create placeholder pam config
+  file:
+    path: '/etc/pam.d/{{ item }}'
+    state: touch
+    owner: postgres
+    group: postgres
+    mode: 0664
+  with_items:
+    - 'postgresql'
+  when: (debpkg_mode or nixpkg_mode) and not is_psql_15
+
 # Add pg_hba.conf
 - name: import pg_hba.conf
   template:

nix/overlays/default.nix

@@ -52,5 +52,14 @@
     buildPgrxExtension_0_14_3 = prev.buildPgrxExtension.override {
       cargo-pgrx = final.cargo-pgrx.cargo-pgrx_0_14_3;
     };
+
+    # place the gatekeeper module in the expected libpam location
+    gatekeeper = self.inputs.gatekeeper.packages.${final.system}.default;
+    linux-pam = prev.linux-pam.overrideAttrs (old: {
+      postInstall = (old.postInstall or "") + ''
+        mkdir -p $out/lib/security
+        cp ${final.gatekeeper}/lib/security/pam_jwt_pg.so $out/lib/security/
+      '';
+    });
   };
 }