From c8a02dbb579d75389d245c667afc76b9b9bfc0cf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Motiejus=20Jak=C5=A1tys?= <motiejus@jakstys.lt>
Date: Wed, 27 Dec 2023 23:58:51 +0200
Subject: [PATCH] the service starts

---
 data.nix                         |  2 ++
 hosts/vno1-oh2/configuration.nix | 20 +++++++++++++++++---
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/data.nix b/data.nix
index 34b2fd6..0f01701 100644
--- a/data.nix
+++ b/data.nix
@@ -16,6 +16,8 @@ rec {
     jakstpub = 505;
 
     certget = 506;
+
+    photoprism = 507;
   };
 
   ports = {
diff --git a/hosts/vno1-oh2/configuration.nix b/hosts/vno1-oh2/configuration.nix
index 38b8f73..f4b98ed 100644
--- a/hosts/vno1-oh2/configuration.nix
+++ b/hosts/vno1-oh2/configuration.nix
@@ -1,6 +1,6 @@
 {
   config,
-  lib,
+  #lib,
   pkgs,
   myData,
   ...
@@ -649,8 +649,12 @@
     };
 
     photoprism.serviceConfig = {
-      ProtectHome = lib.mkForce "tmpfs";
-      BindReadOnlyPaths = ["/home/motiejus/Pictures"];
+      #ProtectHome = lib.mkForce "tmpfs";
+      #BindPaths = ["/home/motiejus/Pictures"];
+      #DynamicUser = lib.mkForce false;
+      #LockPersonality = lib.mkForce false;
+      #PrivateDevices = lib.mkForce false;
+      #PrivateUsers = lib.mkForce false;
     };
   };
 
@@ -668,6 +672,16 @@
     };
   };
 
+  users = let
+    uidgid = myData.uidgid.photoprism;
+  in {
+    groups.photoprism.gid = uidgid;
+    users.photoprism = {
+      group = "photoprism";
+      uid = uidgid;
+    };
+  };
+
   environment.systemPackages = with pkgs; [
     imapsync
     geoipWithDatabase