I just tried to define the script with system.services.mysql.postStart, but it doesn’t work as expected.
systemd.services.mysql.postStart = ''
( echo "CREATE USER IF NOT EXISTS '${hostName}'@'localhost' IDENTIFIED BY '$(cat ${pwd})';"
echo "GRANT ALL PRIVILEGES ON *.* TO '${hostName}'@'localhost';"
echo "FLUSH PRIVILEGES;"
) | ${config.services.mysql.package}/bin/mysql -N
'';
the user is created but there’s no password.
Resulting script after build on the server is
( echo "CREATE USER IF NOT EXISTS 'hydrogen'@'localhost' IDENTIFIED BY '$(cat /run/agenix/hydrogen.mysql.pwd)';"
echo "GRANT ALL PRIVILEGES ON *.* TO 'hydrogen'@'localhost';"
echo "FLUSH PRIVILEGES;"
) | /nix/store/92i38gv0fl2ri98ih9avy4pynspk7r33-mariadb-server-10.11.6/bin/mysql -N
If I launch this resulting script in the terminal it works fine, the user is created with a password.