X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;ds=sidebyside;f=nixops%2Fmodules%2Fwebsites%2Ftools%2Fmediagoblin%2Fdefault.nix;h=9b058beae04fa7f7c20b28837f850d66b9c3e8d6;hb=51900e3488284b0711083819a5ecb1b0f280a913;hp=54c0478d022cc6779466134f615f134d7fb6a70d;hpb=3b45d5f2afc3a48809d0353a3133025525247331;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/nixops/modules/websites/tools/mediagoblin/default.nix b/nixops/modules/websites/tools/mediagoblin/default.nix
index 54c0478..9b058be 100644
--- a/nixops/modules/websites/tools/mediagoblin/default.nix
+++ b/nixops/modules/websites/tools/mediagoblin/default.nix
@@ -12,6 +12,7 @@ in {
   };
 
   config = lib.mkIf cfg.enable {
+    deployment.keys = mediagoblin.keys;
     ids.uids.mediagoblin = myconfig.env.tools.mediagoblin.user.uid;
     ids.gids.mediagoblin = myconfig.env.tools.mediagoblin.user.gid;
 
@@ -22,6 +23,7 @@ in {
       description = "Mediagoblin user";
       home = mediagoblin.varDir;
       useDefaultShell = true;
+      extraGroups = [ "keys" ];
     };
 
     users.groups.mediagoblin.gid = config.ids.gids.mediagoblin;
@@ -29,7 +31,8 @@ in {
     systemd.services.mediagoblin-web = {
       description = "Mediagoblin service";
       wantedBy = [ "multi-user.target" ];
-      after = [ "network.target" ];
+      after = [ "network.target" "tools-mediagoblin-key.service" ];
+      wants = [ "postgresql.service" "redis.service" "tools-mediagoblin-key.service" ];
 
       environment.SCRIPT_NAME = "/mediagoblin/";