From 36c3f778c89d2449df7edb0901b0dbddd18e69c2 Mon Sep 17 00:00:00 2001
From: Bun <bun@nixfox.ca>
Date: Fri, 14 Mar 2025 18:23:32 -0400
Subject: [PATCH] Lots of user changes and also Spacebar

---
 hosts/midas/firewall/default.nix              |   3 +--
 modules/system/accounts/default.nix           |   3 ++-
 .../system/accounts/users/custom/default.nix  |   7 -----
 modules/system/accounts/users/default.nix     |   8 +++---
 .../users/{custom => }/main/default.nix       |  14 +++++-----
 .../system/accounts/users/system/default.nix  |   9 -------
 modules/system/secrets/default.nix            | Bin 2066 -> 2033 bytes
 .../server/fileserver/jellyfin/default.nix    |   5 +++-
 .../fileserver/jellyfin/nginx/default.nix     |   2 +-
 .../fileserver/jellyfin/user}/default.nix     |   4 +--
 .../server/fileserver/nextcloud/default.nix   |   5 +++-
 .../fileserver/nextcloud/user}/default.nix    |   4 +--
 .../server/icecast/liquidsoap/default.nix     |   1 +
 .../icecast/liquidsoap/user}/default.nix      |   4 +--
 .../services/server/socialserver/default.nix  |   2 +-
 .../server/socialserver/spacebar/default.nix  |  25 ++++++++++++++++++
 .../socialserver/spacebar/user/default.nix    |  11 ++++++++
 .../server/webserver/nginx/default.nix        |   1 +
 .../server/webserver/nginx/user}/default.nix  |   4 +--
 19 files changed, 69 insertions(+), 43 deletions(-)
 delete mode 100644 modules/system/accounts/users/custom/default.nix
 rename modules/system/accounts/users/{custom => }/main/default.nix (72%)
 delete mode 100644 modules/system/accounts/users/system/default.nix
 rename modules/system/{accounts/users/system/jellyfin => services/server/fileserver/jellyfin/user}/default.nix (69%)
 rename modules/system/{accounts/users/system/nextcloud => services/server/fileserver/nextcloud/user}/default.nix (69%)
 rename modules/system/{accounts/users/system/liquidsoap => services/server/icecast/liquidsoap/user}/default.nix (70%)
 create mode 100644 modules/system/services/server/socialserver/spacebar/default.nix
 create mode 100644 modules/system/services/server/socialserver/spacebar/user/default.nix
 rename modules/system/{accounts/users/system/nginx => services/server/webserver/nginx/user}/default.nix (73%)

diff --git a/hosts/midas/firewall/default.nix b/hosts/midas/firewall/default.nix
index 73967e34..8875b2e1 100644
--- a/hosts/midas/firewall/default.nix
+++ b/hosts/midas/firewall/default.nix
@@ -13,7 +13,6 @@
         chain PREROUTING {
           type nat hook prerouting priority dstnat; policy accept;
           tcp dport 2211 dnat to ${config.ips.pc}:22 comment "SSH to PC"
-          tcp dport 2222 dnat to 10.100.0.19:22 comment "SSH to Oracle VM"
           
           udp dport { 27005, 27015, 7777 } dnat to ${config.ips.pc} comment "PC Hosted Games"
           
@@ -28,7 +27,7 @@
 
         chain POSTROUTING {
           type nat hook postrouting priority 100; policy accept;
-          oifname "eno1" masquerade
+          oifname "enp0s31f6" masquerade
         }
       '';
     };
diff --git a/modules/system/accounts/default.nix b/modules/system/accounts/default.nix
index 5c525ddb..dfbc9b12 100644
--- a/modules/system/accounts/default.nix
+++ b/modules/system/accounts/default.nix
@@ -1,4 +1,5 @@
-{ ... }: {
+{ ... }:
+{
   imports = [
     ./users
     ./groups
diff --git a/modules/system/accounts/users/custom/default.nix b/modules/system/accounts/users/custom/default.nix
deleted file mode 100644
index d2600a9b..00000000
--- a/modules/system/accounts/users/custom/default.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-{ home-manager, ... }:
-{
-  imports = [
-    ./main
-    home-manager.nixosModules.home-manager
-  ];
-}
diff --git a/modules/system/accounts/users/default.nix b/modules/system/accounts/users/default.nix
index 59e35550..d2600a9b 100644
--- a/modules/system/accounts/users/default.nix
+++ b/modules/system/accounts/users/default.nix
@@ -1,9 +1,7 @@
-{ ... }:
+{ home-manager, ... }:
 {
   imports = [
-    ./custom
-    ./system
+    ./main
+    home-manager.nixosModules.home-manager
   ];
-
-  users.mutableUsers = false;
 }
diff --git a/modules/system/accounts/users/custom/main/default.nix b/modules/system/accounts/users/main/default.nix
similarity index 72%
rename from modules/system/accounts/users/custom/main/default.nix
rename to modules/system/accounts/users/main/default.nix
index 00fc0a08..350f0824 100644
--- a/modules/system/accounts/users/custom/main/default.nix
+++ b/modules/system/accounts/users/main/default.nix
@@ -12,14 +12,14 @@
       isNormalUser = true;
       createHome = true;
       openssh.authorizedKeys.keyFiles = [
-        ../../../../../../hosts/tower/id_ed25519.pub
+        ../../../../../hosts/tower/id_ed25519.pub
 
-        ../../../../../../hosts/envy/id_ed25519.pub
-        ../../../../../../hosts/pear/id_ed25519.pub
-        ../../../../../../hosts/redmond/id_ed25519.pub
+        ../../../../../hosts/envy/id_ed25519.pub
+        ../../../../../hosts/pear/id_ed25519.pub
+        ../../../../../hosts/redmond/id_ed25519.pub
 
-        ../../../../../../hosts/midas/id_ed25519.pub
-        ../../../../../../hosts/prophet/id_ed25519.pub
+        ../../../../../hosts/midas/id_ed25519.pub
+        ../../../../../hosts/prophet/id_ed25519.pub
       ];
       openssh.authorizedKeys.keys = [
         "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 Pixel9"
@@ -43,6 +43,6 @@
       shell = pkgs.zsh;
     };
 
-    home-manager.users."${config.sysusers.main}" = import ../../../../../home;
+    home-manager.users."${config.sysusers.main}" = import ../../../../home;
   };
 }
diff --git a/modules/system/accounts/users/system/default.nix b/modules/system/accounts/users/system/default.nix
deleted file mode 100644
index ffbaa7aa..00000000
--- a/modules/system/accounts/users/system/default.nix
+++ /dev/null
@@ -1,9 +0,0 @@
-{ ... }:
-{
-  imports = [
-    ./jellyfin
-    ./liquidsoap
-    ./nextcloud
-    ./nginx
-  ];
-}
diff --git a/modules/system/secrets/default.nix b/modules/system/secrets/default.nix
index 77483769b1653698c50906705e1af02c97aea64c..3eec42f89b681059858223efb8b421910ddf5a71 100644
GIT binary patch
literal 2033
zcmZQ@_Y83kiVO&0&@xC+Px`{mdzF9k#rLPr$}>GyN!VKds_RnIrqve>10$TzJWF=e
z{F1cwDVOWFrR)D*OUqW)+8)2d=uCW3g_g3|ZnfNmU#iR=oNKvwQmaBmb-RpLEI2p8
z?6R;0!>hW`1FPS7Di>`u+HqBn-}1)0_r>Rpb}J}N-T%VZt$o?fqCTH<lhR~Oeg?69
z_bdtBVO_bA<7B>=&AgmlRyP@LRK<vd+sbiO1<3dD9q_El`R5j}{_E8KUDp<h<!{{-
za?RY}mO795-3gaYvAlnLZIycX@_RY)SF3a0IUIHNIhhw5va8zck?3@*4O-mm{u_(-
z&H3?hR#e4K^-b4eCW_=b?F|x~Srn)LErCDz<FYfi?kK1`J!+AboAUCN`|*n}*IZZk
z-xl+{p?uAGp+a+G1z*;a0-+n{#~yrk>`nh39mgrRYNsqPm-Ev(@T5mtBG|EA>+f^3
zY(Irdn^H?2X7FE6x|?#yDkL{$=fkTPQ#!uc`p<PcbnveKX@gDtb84?Kc}DM<c}+jo
zi0#NE6@8;;GNOLgm(S@~etDDUF3KEt`^&ZrOTqbRUDr;_9hbPad1=@Ffc{@^j@V{i
z+_CuCk<aQko4nK~{s=x>^djRfLsoM7hYJB(vHQ}Pk6+XLd1}|X-8mm7E!`(Qq2NX7
z7ZtsL?r$P2x))RVN?fKL_ja0K{BwrLlS^{zmnKE=&3(Mfzjj?o?C+FYhFh5SXx@sR
zG2d_{$K2B3D|)7p!WS|Uy%JVu#qgiHEA^V4KlnoZ-!0sVwV#EX%rYi_N<Z<(ddB@{
zSL?3{&fi^dCVjflS`&rNXC({Pt(cs(apLUMPm-Rk@&8TvE~hr8xh$Kp;fT4^D-roJ
zcFiijRk}>RCzfd5zPW1CLfdujo@pn~Z`?bv)4;GSBl^~zS0C3a9$5N%+OhbsDYIuy
z)G@ykulQ1b&gbdreR-0qs}j!V*o$4bvyU&}uF%piosR<l^{%gcx<qof{nH-l7YS^a
z?<f9fUf{Np&rZ_dW&2ky-6eAab1ywG`gHajt4PA%B)ys3n|S^<iLxG>v}d31;-o3k
zJU=DX8<&L|U9Y!&yKLd1T@RckC*Ju~)o;2&+3PU(#Hl_nIt=BQUOv1&IY}hoR`?e$
z<0$RbdUKwvQ)pCw{$}ZsgZn0%Oo{L~eMe@|Nht>tvv&DObr}~vmZylXu<=&8{(Je3
z12cnconKyf!LRw{$M(tnEVCzuN3D}tASf;Wz9@p}mB743JIgkS-zaoE-#bO<wqdv}
zE7K~g$#v6=H$Qyvwf*`#XRGjMat=y%wcprIZ8}%wqJL*;`#fJx$vM6$_MiFwyxRNW
zt!7|8!&M#u%}i%+^-EPB9=J+h`DE~z&Fpq%^n|R#&rO~^Dp;&|qrz7B=h7@!=ALWE
zvQ`{p-`sof<GGX3j#)P*{4uyL_~zww-j*!kW3!rk?`suBtaw|PeSGi7uN<3wI8$|<
z+^;FjQb~Q5xVW}SQ=eZpU!j#X{QkrPMSt=vy#ig-y}nzdbZ%Eu`zQDBrE&8_Bjwoz
zRk!wRxFo&ymGsONhfhVz%}-jsfX$?9n!$>{I|3$@9DKu6_Tzw*^?QBsEjNz{bcGkI
z-+7bV!9GvH+g-xjEM7o!>inynTR%sJb+yht<UA|#d$x#3>h`RrKhtIedRgvTc7ic}
zox=5LmHICxZ}vX4<!J7X%?AUYZkQ<5d{;~7%5#}g8CM0)$6G1_ZO*%!?lW@PvGns4
zE7tv7YY&HH2P`j$x@5PnK9zH7c7?i}BTqr>+WBWfR{y*3TFBPUa^~@x<5nVK?q7RO
zJh@o8^TqFydGfYA^DnjEKPb5D?Pa0xxFF4zX%mazDgV?jy481GApg(9eG~t_Id>%C
z-L4D4(R1czYkX|btGFHe<>;(4d+)@>ezR2AG`o%WO@NS+gZqQ7ekF1J``l-})}Md9
zt%ETp?#>}i=h-20We*IFRF*fdIVv7KQ<vee{h56peJ-5aHqCFyaBV9;cA$4>MDpI9
z%e5}u+<RbU4~u#05Bm@EY^C>@W!<bU^N(97x^~uC!<gjy!%feAJ;^HCz`i)vaQ^C-
zL0P>k)z=oB2!EB+8?uV$_=jm+p(00)+Jx>1_ucZc@`3$=i*t9bJa*?!P|rP<wbMFO
zC-|#qmd|ec=puJCyvNw&*a3<4lF2`#7I3fO+OYqw?wN*`%rI#`Ua8=F97l~h=Tx~)
zoq747n(U`wk>xfF?Ocp~Ulzt>Dr^t;56zQ4?sOw$aw?O^C&f$)iP_g5i5uBUKDL;#
z$@pzz>lvo37g9H7`+S_$k`m$JbLr2zv$ytTS)RC(IlcC8w3ytcH$@xHx5$5-^8dlq
z{=i~W{^Jub&fC7QPR?rGW=FN_O-*xG#mUJ%V&-Exb#%7RoU5-_b@T7=a83Rl{<TzR
z2Kz2gjybX}y7F5!r>s2?aP^U4{kcC^=X|`VxwCRE%hZg{`F2x{U0zp9?wx${T4siL
z`<g77@}3=SLAHl>U2}gZUK_cvWz~#4@3kvtd~`k78@}Mm_k@y%*CMX}JFxbM-39kP
zTmFzL^RMefrCcOh!e-o_(R<%adAss5IS=0KLkc&~?-#G@n!Vcc#Kwm+Hu4Fcbi4d)
zyV-_Ig3O-UVwZ2E71Ze-Idz$@?P*k;HOqS|rc{fM>eZ@G53m2$Vruhb^4V8<`-Fm9
zC%t}m&BoLzt^12@V&jd>H`i`UTQ6O)ul%(04w=mdn>KeV6q%J?V9~#ydnvxGv!$nF
Wo77=(!OmIA2ZENIjXSOE8V>++weslz

literal 2066
zcmZQ@_Y83kiVO&0kVxop*4*;zVo%+or(K5D*J7eoVlHYP4=_HU{r!?>da{s$$;JPH
zXN=!5E%<DySvhg<_xxkFvh%+!>`h+LWx4g<ji8D80a^O*^1Jh1X1A0t4xRi^%ec33
zx_;l2f6|UqKDvM1rx~Di;0IgJk2TliWS%@*slyx6{aH^g=n79N^OTw^DXV^Oy`5&!
z{%-Zs1sz{xjxT+6Nji5c8w=loHT7AZOBd~5#FMGJ)4z4`o}v(?c}EV+zw;#3{qT&m
zW_IJS_74GKR%@30IZ$KZc-d#Nf@7h%)DgwKGhN(Q{g`BXBDw#w;FD_{TO3k<n`s}O
z9`#{S*n-DgM^9h>9=YiI+Pd0k568u}PP3Q%`y`-VJf$Hr{;2O7y`F;a1=${=^S^s<
zaeF4#y;ZT<a-REP*PUx`U)Z(b*TJ6~a%aEX6Z2c!JZ7=}(@8~Xu?mW-+%^eXFsqkT
zWqWbdJMQ*f6V13e>EJ?+1*dMMIFwYb|5bA8Vg8<7vA2yP7jO8kT%ND_$*`K!I$Qdx
z!i1`TPNVdvb&<W>wX!68&;Iyxv37Alep0djYaf~QEc?6obeL@)CZ&6y)LUjD8fgEq
z(K0drw$oxQxsAtvZfjh{CVZcH{qC~rrJtufygKW^;%`>x*Mv8$^zUu?@cF;_^~JU;
zX9XH6Ha*&M{BQo#4^zKxiB*1=xOR46_<O#bW%~oF^=s5pA4QitRJ&zO;|u<JTz36J
z&A#g`JZj-JTp5#ha&G!Hg;DzB=E=Vm51eAY^KD<QLhd&$z038NFX$IcNiCdqv`xKu
zi~Joot#=7WOKX%XG;YM@G^Mad`FqT}WZ2nd9?S4w>o5CrGtGZX?4<j6?{!Y$H`{#T
zt$i7vnQv;>gUtyo@7LYR-rZW>CmD1(KEgKLS1(>?Wwng`yAx&YaonpvowU0ZH*52q
zS2J=8o26o(R$o?FRHOax+scq@*Vsiaohahi<ox-GWk7<|!sp%Arb~nBY+`HgznOaM
z+391?9+kEjO}j7Kw0XfY{(I301!-Fs6dqI!<Ub=Avhv;DfAiHj7s<Jo{rK9sJ<q%=
zZrSTQvonhSF|bWfJ2j!=*$U5>wzK@Fo)^na3tu;>YxhTAtEP+Md(Y~L=+BtH<fQ$<
zNg8LI{Q0ImJ7rn-l<&ZlKWko;hGhQD$}#seWq9Vts=$;VbLP&!m7JG8bluxnJ^c*N
z?FJQ}>x!QO-tMh=f2)^4M!MX|ujcFPsI^)Cg*ESFy5r@SzU5GNYrCe@VRkv&OT6<)
z|AiHz&zDN|pXH8!@3hGEetv~w;Xj`xyAHBXXPCu4DgMGl(<x5chxg{(I;`k8U8K(9
zm;GPC@22;qCW_VlzyB=pN%22PPhlTc-IkXjeXIxT+s!8g)+MAL<&0_jztlf1d+U;d
zS7|dDY<B9}e)hZRS=$=)qGkTK>iHk9e&_x_ukf%<;dQ}vi5Z>&A9U4z<XY9+O}Egx
z<||@)X2Llx*NxYmt5TyG^Ve~;=9|}f?7lqF-R{QKgtW;vR+E1n_~d=#{~F1*qi%v{
zKb-ZOYV^}@QR<zohkYkb%ix^XP-bSbYr(ni;@{3>Fc&?V_*rVFR%ggf5%Hp`#*8;d
zJyol=?aAnT!8_^b<Fx*Rd28cajnY0{7kDE2RC?J&(bE@ira#Ec`?YngWkSWqK-O+I
zshlj!b`yb!lb3&7VtAV+^(gMkycxp$2d#>N>VsdO=YM<T!~;K-)Bjgal>VpgGhbLG
zu`23$Tby!-R?}DJ({}lLI^`@j{BF8(ZpOh^t!w6so%Q_A!nNVLal7`1O(%GCAK$wy
zR_zls*?(n-?czyi&G!7}`n&cBZ*sk&Uz%G%byD=}I~qqgrJ02~8S+~~JYrus8@l{n
zyp`X=*eH93kj%^O;@CACHww71GVfY+`B(B&Q_r^?R&##tJ!5Bl$-Tj8vX!vZ&#J%!
zA}I<%JT7Hiffucg_J8O&^Y-Q%m9Nvqmi;L)En9p&S<sU+>dC4@-ZHEF)i*ut7UDO3
zF!jcMm8Xvj9WSbV{P<ebXT8I#Tl=)9?siVvJVp9&SfA;fgKm?3+T+{WUH3*k^1Swa
z!Q3<X5lvIA>U=hM$ywysEUjW%d1uS|*l%YyJe~3|mv6s__uo(Xk}l!T4Q?r`_%trs
zcP-;dq|)c}oorvP8W`|>PWe@_eYZnEwc?G3IYQs-`Eu%dm&8^GDql0bxc29+0w0Y<
zPj}b+x{_O<+3_apvhBy;dIFg~{i~BUv@dPbk?Z>1v*~5C`m_AmyP9?{+#e@nk!<uV
zp)d4T?txvdhrdW0*mf<^TKFMs+0A{=qke6b-*QNo&x~VUD9`K<$%=w{zkEVUEzfI5
zv0O5n;PU*r((R8?k0$#slz7gf_9El}U#i;etV<H-HfXu5;QOuoxcZ4=(UQcy^1;>i
zyO++a`SB%#D_)ANWoi4=f+e@Y%^Hf#jveP<ycN=K`%#tgms*$OrPR4i-Vfhx`gZ1L
z%E_s<^Pk$vf8u+7q4@@<XYH?l`)1B?`4?!m_PE-Mc|q0@=4a+b&j~;Al4n<w#5#G+
zyA11(KHu^4{*K3s&F+3W!}@#U=7&aJ^R^YnavWUb>d|sse8#r!eHNwH-+0XR(YiRN
zub6S+x2}~d6uzvrJZje;-<+K4_;=<K4QYV}HRDA7(<cH}Zg*jww&8!syq&K*qk?-f
zHJU0mekzM>Zb)(Rf1W0ick1vJ>#5V8>iHx;ShiQgg`xEL>ys{jzU_I_Txh|+aa!a0
z-iJ$9%a*-8fAS({-UB`XnM{d;Gj7%If2tjr=ca%B*3o+Ho9lL5R%G?hk;__n_%{F-
C-V^8m

diff --git a/modules/system/services/server/fileserver/jellyfin/default.nix b/modules/system/services/server/fileserver/jellyfin/default.nix
index c0ad6afe..b50ec1f5 100644
--- a/modules/system/services/server/fileserver/jellyfin/default.nix
+++ b/modules/system/services/server/fileserver/jellyfin/default.nix
@@ -1,6 +1,9 @@
 { config, lib, ... }:
 {
-  imports = [ ./nginx ];
+  imports = [
+    ./nginx
+    ./user
+  ];
 
   config = lib.mkIf config.system.fileserver.enable {
     services.jellyfin.enable = true;
diff --git a/modules/system/services/server/fileserver/jellyfin/nginx/default.nix b/modules/system/services/server/fileserver/jellyfin/nginx/default.nix
index bc9db65c..26d20ab9 100644
--- a/modules/system/services/server/fileserver/jellyfin/nginx/default.nix
+++ b/modules/system/services/server/fileserver/jellyfin/nginx/default.nix
@@ -1,6 +1,6 @@
 { config, lib, ... }:
 {
-  services.nginx.virtualHosts."jelly.nixfox.ca" = lib.mkIf config.services.forgejo.enable {
+  services.nginx.virtualHosts."jelly.nixfox.ca" = lib.mkIf config.services.jellyfin.enable {
     enableACME = true;
     forceSSL = true;
     locations."/" = {
diff --git a/modules/system/accounts/users/system/jellyfin/default.nix b/modules/system/services/server/fileserver/jellyfin/user/default.nix
similarity index 69%
rename from modules/system/accounts/users/system/jellyfin/default.nix
rename to modules/system/services/server/fileserver/jellyfin/user/default.nix
index ed8cc7b2..a168eedd 100644
--- a/modules/system/accounts/users/system/jellyfin/default.nix
+++ b/modules/system/services/server/fileserver/jellyfin/user/default.nix
@@ -1,6 +1,6 @@
-{ ... }:
+{ config, lib, ... }:
 {
-  users = {
+  users = lib.mkIf config.services.jellyfin.enable {
     users.jellyfin = {
       group = "jellyfin";
       extraGroups = [ "nfsShare" ];
diff --git a/modules/system/services/server/fileserver/nextcloud/default.nix b/modules/system/services/server/fileserver/nextcloud/default.nix
index 831bedd3..0dbb2ef5 100644
--- a/modules/system/services/server/fileserver/nextcloud/default.nix
+++ b/modules/system/services/server/fileserver/nextcloud/default.nix
@@ -1,6 +1,9 @@
 { config, lib, pkgs, ... }:
 {
-  imports = [ ./nginx ];
+  imports = [
+    ./nginx
+    ./user
+  ];
 
   config = lib.mkIf config.system.fileserver.enable {
     services.nextcloud = {
diff --git a/modules/system/accounts/users/system/nextcloud/default.nix b/modules/system/services/server/fileserver/nextcloud/user/default.nix
similarity index 69%
rename from modules/system/accounts/users/system/nextcloud/default.nix
rename to modules/system/services/server/fileserver/nextcloud/user/default.nix
index 0722276a..49a6ff0e 100644
--- a/modules/system/accounts/users/system/nextcloud/default.nix
+++ b/modules/system/services/server/fileserver/nextcloud/user/default.nix
@@ -1,6 +1,6 @@
-{ ... }:
+{ config, lib, ... }:
 {
-  users = {
+  users = lib.mkIf config.services.nextcloud.enable {
     users.nextcloud = {
       group = "nextcloud";
       extraGroups = [ "nfsShare" ];
diff --git a/modules/system/services/server/icecast/liquidsoap/default.nix b/modules/system/services/server/icecast/liquidsoap/default.nix
index 3693261a..78024e4a 100644
--- a/modules/system/services/server/icecast/liquidsoap/default.nix
+++ b/modules/system/services/server/icecast/liquidsoap/default.nix
@@ -3,5 +3,6 @@
   imports = [
     ./nixbops
     ./nixscrap
+    ./user
   ];
 }
diff --git a/modules/system/accounts/users/system/liquidsoap/default.nix b/modules/system/services/server/icecast/liquidsoap/user/default.nix
similarity index 70%
rename from modules/system/accounts/users/system/liquidsoap/default.nix
rename to modules/system/services/server/icecast/liquidsoap/user/default.nix
index f83e9cc3..3f2f6984 100644
--- a/modules/system/accounts/users/system/liquidsoap/default.nix
+++ b/modules/system/services/server/icecast/liquidsoap/user/default.nix
@@ -1,6 +1,6 @@
-{ ... }:
+{ config, lib, ... }:
 {
-  users = {
+  users = lib.mkIf config.services.icecast.enable {
     users.liquidsoap = {
       group = "liquidsoap";
       extraGroups = [ "nginx" ];
diff --git a/modules/system/services/server/socialserver/default.nix b/modules/system/services/server/socialserver/default.nix
index c49e35f6..eadde800 100644
--- a/modules/system/services/server/socialserver/default.nix
+++ b/modules/system/services/server/socialserver/default.nix
@@ -3,7 +3,7 @@
   imports = [
     ./mastodon
     ./owncast
-    #./spacebar
+    ./spacebar
   ];
 
   options.system.socialserver.enable = lib.mkEnableOption "Enable social media like services";
diff --git a/modules/system/services/server/socialserver/spacebar/default.nix b/modules/system/services/server/socialserver/spacebar/default.nix
new file mode 100644
index 00000000..95a8d71e
--- /dev/null
+++ b/modules/system/services/server/socialserver/spacebar/default.nix
@@ -0,0 +1,25 @@
+{ config, lib, pkgs, spacebar, ... }:
+{
+  imports = [
+    #./nginx
+    ./user
+  ];
+
+  config = lib.mkIf config.system.socialserver.enable {
+    systemd.services.spacebar-server = {
+      enable = true;
+      description = "Spacebar Chat Server";
+      documentation = [ "https://docs.spacebar.chat/" ];
+      path = [ spacebar.packages.${pkgs.system}.default ];
+      wantedBy = [ "multi-user.target" ];
+      after = [ "network.target" ];
+      serviceConfig = {
+        WorkingDirectory = "/var/lib/spacebar";
+        ExecStart = "start-bundle";
+        Restart = "always";
+        User = "spacebar";
+      };
+    };
+    environment.persistence."/persist".directories = [ config.systemd.services.spacebar-server.serviceConfig.WorkingDirectory ];
+  };
+}
diff --git a/modules/system/services/server/socialserver/spacebar/user/default.nix b/modules/system/services/server/socialserver/spacebar/user/default.nix
new file mode 100644
index 00000000..16c28a06
--- /dev/null
+++ b/modules/system/services/server/socialserver/spacebar/user/default.nix
@@ -0,0 +1,11 @@
+{ config, lib, ... }:
+{
+  users = lib.mkIf config.system.socialserver.enable {
+    users.spacebar = {
+      group = "spacebar";
+      isSystemUser = true;
+      uid = 138;
+    };
+    groups.spacebar = {};
+  };
+}
diff --git a/modules/system/services/server/webserver/nginx/default.nix b/modules/system/services/server/webserver/nginx/default.nix
index 516a8fee..88349188 100644
--- a/modules/system/services/server/webserver/nginx/default.nix
+++ b/modules/system/services/server/webserver/nginx/default.nix
@@ -2,6 +2,7 @@
 {
   imports = [
     ./rtmp
+    ./user
     ./virtualhosts
   ];
 
diff --git a/modules/system/accounts/users/system/nginx/default.nix b/modules/system/services/server/webserver/nginx/user/default.nix
similarity index 73%
rename from modules/system/accounts/users/system/nginx/default.nix
rename to modules/system/services/server/webserver/nginx/user/default.nix
index 2c5fa8ab..ff6b51b6 100644
--- a/modules/system/accounts/users/system/nginx/default.nix
+++ b/modules/system/services/server/webserver/nginx/user/default.nix
@@ -1,6 +1,6 @@
-{ ... }:
+{ config, lib, ... }:
 {
-  users = {
+  users = lib.mkIf config.services.nginx.enable {
     users.nginx = {
       group = "nginx";
       extraGroups = [