knot

hosts/server/configuration.nix

@@ -4,6 +4,7 @@
 	imports = [
 		./modules/atproto-pds.nix
 		./modules/cloudflare.nix
+		./modules/knot.nix
 		../../modules/force.nix
 	];
 
@@ -16,16 +17,21 @@
 		after = [ "network.target" ];
 		wantedBy = [ "multi-user.target" ];
 		serviceConfig = {
-			Type = "oneshot";
-			ExecStart = "${pkgs.pm2}/bin/pm2 ping";
+			Type = "forking";
 			User = "ocbwoy3";
-			Group = "wheel";
+			LimitNOFILE = "infinity";
+			LimitNPROC = "infinity";
+			LimitCORE = "infinity";
+			Environment = "PM2_HOME=/home/ocbwoy3/.pm2";
+			PIDFile = "/home/ocbwoy3/.pm2/pm2.pid";
 			Restart = "on-failure";
-			RestartSec = "5s";
+
+			ExecStart = "${pkgs.pm2}/bin/pm2 resurrect";
+			ExecReload = "${pkgs.pm2}/bin/pm2 reload all";
+			ExecStop = "${pkgs.pm2}/bin/pm2 kill";
 		};
 	};
 
-
 	services.openssh.settings = {
 		PubkeyAuthentication = "yes";
 		TrustedUserCAKeys = "/etc/ssh/ca.pub";

hosts/server/modules/knot.nix

@@ -0,0 +1,15 @@
+{ config, pkgs, lib, ... }:
+
+{
+	imports = [
+		inputs.tangled.nixosModules.knot
+	];
+
+	services.tangled-knot = {
+		enable = true;
+		listenAddr = "0.0.0.0:3003";
+		dataDir = "/var/lib/knot";
+		secretFile = "/private/tangled.env";
+		hostname = "knot.ocbwoy3.dev";
+	};
+}