uid = config.ids.uids.peertube;
group = "peertube";
description = "Peertube user";
- home = peertube.webappDir;
+ home = peertube.varDir;
useDefaultShell = true;
+ extraGroups = [ "keys" ];
};
users.groups.peertube.gid = config.ids.gids.peertube;
unitConfig.RequiresMountsFor = peertube.varDir;
};
+ mySecrets.keys = [{
+ dest = "webapps/tools-peertube";
+ user = "peertube";
+ group = "peertube";
+ permissions = "0640";
+ text = peertube.config;
+ }];
+
system.activationScripts.peertube = {
deps = [ "users" ];
text = ''
- install -m 0755 -o peertube -g peertube -d ${peertube.varDir}
- install -m 0755 -o peertube -g peertube -d ${peertube.varDir}/config
- install -m 0644 -o peertube -g peertube -T ${peertube.config} ${peertube.varDir}/config/production.yaml
+ install -m 0750 -o peertube -g peertube -d ${peertube.varDir}
+ install -m 0750 -o peertube -g peertube -d ${peertube.varDir}/config
+ ln -sf /var/secrets/webapps/tools-peertube ${peertube.varDir}/config/production.yaml
'';
};