Move postgresql into options

modules/default.nix

@@ -35,6 +35,7 @@
     ./services/nginx-proxy
     ./services/pipewire
     ./services/plex
+    ./postgresql
     ./services/rclone-webdav
     ./services/rdp
     ./services/restic-client-desktop

modules/postgresql/default.nix

@@ -1,9 +1,18 @@
-{ pkgs, ... }:
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.services.az-postgresql;
+in
 {
-  services.postgresql = {
-    enable = true;
-    enableTCPIP = true;
-    settings.listen_addresses = pkgs.lib.mkForce "127.0.0.1,172.17.0.1";
+  options = {
+    services.az-postgresql.enable = lib.mkEnableOption "Enable PostgreSQL with settings for container clients.";
+  };
+
+  config = lib.mkIf cfg.enable {
+    services.postgresql = {
+      enable = true;
+      enableTCPIP = true;
+      settings.listen_addresses = pkgs.lib.mkForce "127.0.0.1,172.17.0.1";
+    };
+    networking.firewall.extraCommands = "iptables -A INPUT -p tcp --destination-port 5432 -s 172.16.0.0/12 -j ACCEPT";
   };
-  networking.firewall.extraCommands = "iptables -A INPUT -p tcp --destination-port 5432 -s 172.16.0.0/12 -j ACCEPT";
 }

modules/ttrss-postgres/default.nix

@@ -14,9 +14,6 @@ let
   ttrssService = "${config.virtualisation.oci-containers.backend}-ttrss";
 in
 {
-  imports = [
-    "${inputs.self}/modules/postgresql"
-  ];
   age.secrets.ttrssEnv.file = "${inputs.self}/scrts/ttrss_env.age";
 
   services = {
@@ -26,6 +23,7 @@ in
       dataDir = "/var/lib/ttrss/html";
       domain = domain;
     };
+    az-postgresql.enable = true;
     nginx.virtualHosts."${domain}".locations = {
       "/".extraConfig = ''
         try_files $uri $uri/ = 404;