Move etherpad mastodon mediagoblin task and peertube to new secrets

[perso/Immae/Config/Nix.git] / nixops / modules / websites / tools / mediagoblin / default.nix

diff --git a/nixops/modules/websites/tools/mediagoblin/default.nix b/nixops/modules/websites/tools/mediagoblin/default.nix
index 54c0478d022cc6779466134f615f134d7fb6a70d..36329d9fd91653613ef701fbe908efc09a8d4a2d 100644 (file)
--- a/nixops/modules/websites/tools/mediagoblin/default.nix
+++ b/nixops/modules/websites/tools/mediagoblin/default.nix
@@ -12,6 +12,7 @@ in {
   };
 
   config = lib.mkIf cfg.enable {
+    mySecrets.keys = mediagoblin.keys;
     ids.uids.mediagoblin = myconfig.env.tools.mediagoblin.user.uid;
     ids.gids.mediagoblin = myconfig.env.tools.mediagoblin.user.gid;
 
@@ -22,6 +23,7 @@ in {
       description = "Mediagoblin user";
       home = mediagoblin.varDir;
       useDefaultShell = true;
+      extraGroups = [ "keys" ];
     };
 
     users.groups.mediagoblin.gid = config.ids.gids.mediagoblin;
@@ -30,6 +32,7 @@ in {
       description = "Mediagoblin service";
       wantedBy = [ "multi-user.target" ];
       after = [ "network.target" ];
+      wants = [ "postgresql.service" "redis.service" ];
 
       environment.SCRIPT_NAME = "/mediagoblin/";