ctucx.git: nixfiles

machines/lollo/websites/wiki: use bind-mount

diff --git a/machines/lollo/websites/music.home.ctu.cx.nix b/machines/lollo/websites/music.home.ctu.cx.nix
@@ -9,8 +9,6 @@ let
 
 in {
 
-  systemd.services.nginx.serviceConfig.ProtectHome = lib.mkForce false;
-
   environment.systemPackages = [ pkgs.bindfs ];
 
   fileSystems."/mnt/music_originals" = {

diff --git a/machines/lollo/websites/wiki.home.ctu.cx.nix b/machines/lollo/websites/wiki.home.ctu.cx.nix
@@ -3,7 +3,7 @@
 let
   PineDocsConfig = {
     title                = "ctucx.wiki";
-    content_dir          = "/home/leah/syncthing/Wiki";
+    content_dir          = "/mnt/wiki";
     index                = "index.md";
     layout               = "wiki";
     color_scheme         = "pinedocs";

@@ -79,9 +79,17 @@ let
 
 in {
 
+  environment.systemPackages = [ pkgs.bindfs ];
+
+  fileSystems."/mnt/wiki" = {
+    device = "/home/leah/syncthing/Wiki";
+    fsType = "fuse.bindfs";
+    options = [ "ro" "perms=0000:a+rX" ];
+  };
+
   services.phpfpm.pools.pinedocs  = {
-    user  = "leah";
-    group = "users";
+    user  = config.services.nginx.user;
+    group = config.services.nginx.group;
     settings = {
       pm                     = "dynamic";
       "listen.owner"         = config.services.nginx.user;