Add users for groups

mastodon-container.nix

@@ -58,7 +58,7 @@ let
           try_files $uri @proxy;
         }
 
-        location ~ ^/(emoji|packs|system/accounts/avatars|system/media_attachments/files) {
+        location ~ /(emoji|packs|system/accounts/avatars|system/media_attachments/files) {
           add_header Cache-Control "public, max-age=31536000, immutable";
           add_header Strict-Transport-Security "max-age=31536000" always;
           try_files $uri @proxy;
@@ -201,7 +201,8 @@ in {
   };
 
   config = mkIf cfg.enable {
-    users.users = {
+    users = {
+      users = {
         mastodon = {
           isSystemUser = true;
           group = "mastodon";
@@ -218,6 +219,10 @@ in {
           uid = cfg.uids.redis;
         };
       };
+      groups.mastodon = {
+        members = [ "mastodon" "mastodon-postgres" "mastodon-redis" ];
+      };
+    };
 
     fudo.secrets.host-secrets."${config.instance.hostname}" = let
     in {
@@ -290,7 +295,6 @@ in {
             volumes =
               [ "${cfg.state-directory}/postgres:/var/lib/postgresql/data" ];
             healthcheck.test = [ "CMD" "pg_isready" "-U" "mastodon" ];
-            # environment.POSTGRES_HOST_AUTH_METHOD = "trust";
             user = mkUserMap cfg.uids.postgres;
             env_file = [
               hostSecrets.mastodonCommonEnv.target-file