From 0fd416429e0b0ef450b94aee2b781314f9ead2d0 Mon Sep 17 00:00:00 2001
From: Lillian-Violet <git@lillianviolet.dev>
Date: Tue, 14 Jan 2025 14:31:52 +0100
Subject: [PATCH] set the mollysocket user to fix permissions

---
 .../server/package-configs/mollysocket/default.nix  | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/nixos/server/package-configs/mollysocket/default.nix b/nixos/server/package-configs/mollysocket/default.nix
index 3baf77d..2a1bb35 100644
--- a/nixos/server/package-configs/mollysocket/default.nix
+++ b/nixos/server/package-configs/mollysocket/default.nix
@@ -1,6 +1,11 @@
-{config, ...}: {
+{config, ...}: let
+  mollySocketUser = "mollysocket";
+in {
   sops.secrets."mollysocket-vapid-key".mode = "0440";
-  sops.secrets."mollysocket-vapid-key".owner = config.users.users.root.name;
+  sops.secrets."mollysocket-vapid-key" = {
+    owner = mollySocketUser;
+    group = mollySocketUser;
+  };
 
   services.mollysocket = {
     enable = true;
@@ -12,6 +17,10 @@
       webserver = true;
     };
   };
+  systemd.services.mollysocket.serviceConfig = {
+    User = mollySocketUser;
+    Group = mollySocketUser;
+  };
   services.nginx = {
     virtualHosts = {
       "molly.gladtherescake.eu" = {