From 23b11fcaf1810643fce031d68c4281d1e6403e68 Mon Sep 17 00:00:00 2001
From: Xe <me@christine.website>
Date: Sun, 26 Dec 2021 13:31:06 -0500
Subject: [PATCH] it works!!!

Signed-off-by: Xe <me@christine.website>
---
 flake.nix | 50 +++++++++++++++++++++++++++++---------------------
 1 file changed, 29 insertions(+), 21 deletions(-)

diff --git a/flake.nix b/flake.nix
index 8e2fe6f..9c06b65 100644
--- a/flake.nix
+++ b/flake.nix
@@ -10,16 +10,13 @@
       let
         pkgs = nixpkgs.legacyPackages."${system}";
         naersk-lib = naersk.lib."${system}";
-        srcNoTarget = dir:
-          builtins.filterSource (path: type:
-            type != "directory" || builtins.baseNameOf path != "target") dir;
-        src = srcNoTarget ./.;
+        src = ./.;
       in rec {
         # `nix build`
         packages = rec {
           printerfacts-bin = naersk-lib.buildPackage {
             pname = "printerfacts";
-            root = srcNoTarget ./.;
+            root = ./.;
           };
           printerfacts = pkgs.stdenv.mkDerivation {
             inherit (printerfacts-bin) name;
@@ -66,7 +63,7 @@
             nodes.server = { ... }: {
               imports = [ self.nixosModules."${system}".printerfacts ];
               users.groups.within = { };
-              systemd.services.within-homedir-setup = {
+              systemd.services."within.homedir-setup" = {
                 description = "Creates homedirs for /srv/within services";
                 wantedBy = [ "multi-user.target" ];
 
@@ -118,25 +115,36 @@
             };
 
             config = mkIf cfg.enable {
+              users.users.printerfacts = {
+                createHome = true;
+                description = "tulpa.dev/cadey/printerfacts";
+                isSystemUser = true;
+                group = "within";
+                home = "/srv/within/printerfacts";
+                extraGroups = [ "keys" ];
+              };
+
               systemd.services."within.printerfacts" = {
                 wantedBy = [ "multi-user.target" ];
+                path = [ self.packages."${system}".printerfacts ];
+                after = [ "within.homedir-setup.service" ];
 
-                serviceConfig = {
-                  DynamicUser = "yes";
-                  Restart = "on-failure";
-                  WorkingDirectory = "/srv/within/printerfacts";
-                  RestartSec = "5s";
+                serviceConfig =
+                  let site = self.packages."${system}".printerfacts;
+                  in {
+                    User = "printerfacts";
+                    Group = "within";
+                    Restart = "on-failure";
+                    WorkingDirectory = site;
+                    ExecStart = "${site}/bin/printerfacts";
+                    RestartSec = "5s";
+                  };
+
+                environment = {
+                  RUST_LOG = "info";
+                  DOMAIN = cfg.domain;
+                  SOCKPATH = cfg.sockPath;
                 };
-
-                script = let site = self.packages."${system}".printerfacts;
-                in ''
-                  set -x
-                  export SOCKPATH=${cfg.sockPath}
-                  export DOMAIN=${toString cfg.domain}
-                  export RUST_LOG=info
-                  cd ${site}
-                  exec ${site}/bin/printerfacts
-                '';
               };
 
               services.cfdyndns =