X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fwebapps%2Fpeertube.nix;h=1d76e9b3b5f92862b7ac003fd98d7805756cd32e;hb=f831eb7e4b04fe788883c5f630c70020895ce7fe;hp=7c960764f98e8b674a24af34f3395609191dd5d4;hpb=d42bbbe6f510fce233ecb66d44d205761390b56e;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/modules/webapps/peertube.nix b/modules/webapps/peertube.nix
index 7c96076..1d76e9b 100644
--- a/modules/webapps/peertube.nix
+++ b/modules/webapps/peertube.nix
@@ -39,21 +39,34 @@ in
         Peertube package to use.
         '';
     };
+    # Output variables
+    systemdStateDirectory = lib.mkOption {
+      type = lib.types.str;
+      # Use ReadWritePaths= instead if varDir is outside of /var/lib
+      default = assert lib.strings.hasPrefix "/var/lib/" cfg.dataDir;
+        lib.strings.removePrefix "/var/lib/" cfg.dataDir;
+      description = ''
+      Adjusted Peertube data directory for systemd
+      '';
+      readOnly = true;
+    };
   };
 
   config = lib.mkIf cfg.enable {
-    users.users = lib.optionalAttrs (cfg.user == name) (lib.singleton {
-      inherit name;
-      inherit uid;
-      group = cfg.group;
-      description = "Peertube user";
-      home = cfg.dataDir;
-      useDefaultShell = true;
-    });
-    users.groups = lib.optionalAttrs (cfg.group == name) (lib.singleton {
-      inherit name;
-      inherit gid;
-    });
+    users.users = lib.optionalAttrs (cfg.user == name) {
+      "${name}" = {
+        inherit uid;
+        group = cfg.group;
+        description = "Peertube user";
+        home = cfg.dataDir;
+        useDefaultShell = true;
+      };
+    };
+    users.groups = lib.optionalAttrs (cfg.group == name) {
+      "${name}" = {
+        inherit gid;
+      };
+    };
 
     systemd.services.peertube = {
       description = "Peertube";
@@ -68,6 +81,9 @@ in
       path = [ pkgs.nodejs pkgs.bashInteractive pkgs.ffmpeg pkgs.openssl ];
 
       script = ''
+        install -m 0750 -d ${cfg.dataDir}/config
+        ln -sf ${cfg.configFile} ${cfg.dataDir}/config/production.yaml
+        ln -sf ${cfg.package}/config/default.yaml ${cfg.dataDir}/config/default.yaml
         exec npm run start
       '';
 
@@ -75,6 +91,8 @@ in
         User = cfg.user;
         Group = cfg.group;
         WorkingDirectory = cfg.package;
+        StateDirectory = cfg.systemdStateDirectory;
+        StateDirectoryMode = 0750;
         PrivateTmp = true;
         ProtectHome = true;
         ProtectControlGroups = true;
@@ -85,16 +103,6 @@ in
 
       unitConfig.RequiresMountsFor = cfg.dataDir;
     };
-
-    system.activationScripts.peertube = {
-      deps = [ "users" ];
-      text = ''
-      install -m 0750 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}
-      install -m 0750 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}/config
-      ln -sf ${cfg.configFile} ${cfg.dataDir}/config/production.yaml
-      '';
-    };
-
   };
 }