uid = config.ids.uids.peertube;
group = "peertube";
description = "Peertube user";
- home = peertube.webappDir;
+ home = peertube.varDir;
useDefaultShell = true;
};
systemd.services.peertube = {
description = "Peertube";
wantedBy = [ "multi-user.target" ];
- after = [ "network.target" "postgresql.service" ];
- wants = [ "postgresql.service" ];
+ after = [ "network.target" "postgresql.service" "tools-peertube-key.service" ];
+ wants = [ "postgresql.service" "tools-peertube-key.service" ];
environment.NODE_CONFIG_DIR = "${peertube.varDir}/config";
environment.NODE_ENV = "production";
unitConfig.RequiresMountsFor = peertube.varDir;
};
+ deployment.keys.tools-peertube = {
+ destDir = "/run/keys/webapps";
+ user = "peertube";
+ group = "peertube";
+ permissions = "0400";
+ text = peertube.config;
+ };
+
system.activationScripts.peertube = {
deps = [ "users" ];
text = ''
- install -m 0755 -o peertube -g peertube -d ${peertube.varDir}
- install -m 0755 -o peertube -g peertube -d ${peertube.varDir}/config
- install -m 0644 -o peertube -g peertube -T ${peertube.config} ${peertube.varDir}/config/production.yaml
+ install -m 0750 -o peertube -g peertube -d ${peertube.varDir}
+ install -m 0750 -o peertube -g peertube -d ${peertube.varDir}/config
+ install -m 0640 -o peertube -g peertube -T /run/keys/webapps/tools-peertube ${peertube.varDir}/config/production.yaml
'';
};