Avoid using possibly non-existent file in activation script for peertube

diff --git a/nixops/modules/websites/tools/peertube/default.nix b/nixops/modules/websites/tools/peertube/default.nix
index 1f88a1563a40abceff8f942ced3ae3f48cd35577..bb601af6176bb3070e20aa27fa09f5645359c68b 100644 (file)
--- a/nixops/modules/websites/tools/peertube/default.nix
+++ b/nixops/modules/websites/tools/peertube/default.nix
@@ -22,6 +22,7 @@ in {
       description = "Peertube user";
       home = peertube.varDir;
       useDefaultShell = true;
+      extraGroups = [ "keys" ];
     };
 
     users.groups.peertube.gid = config.ids.gids.peertube;
@@ -61,7 +62,7 @@ in {
       destDir = "/run/keys/webapps";
       user = "peertube";
       group = "peertube";
-      permissions = "0400";
+      permissions = "0640";
       text = peertube.config;
     };
 
@@ -70,7 +71,7 @@ in {
       text = ''
         install -m 0750 -o peertube -g peertube -d ${peertube.varDir}
         install -m 0750 -o peertube -g peertube -d ${peertube.varDir}/config
-        install -m 0640 -o peertube -g peertube -T /run/keys/webapps/tools-peertube ${peertube.varDir}/config/production.yaml
+        ln -sf /run/keys/webapps/tools-peertube ${peertube.varDir}/config/production.yaml
         '';
     };