diff --git a/hosts/common/optional/nixos-containers/semitamaps.nix b/hosts/common/optional/nixos-containers/semitamaps.nix
index fd6dc50..7113dfe 100644
--- a/hosts/common/optional/nixos-containers/semitamaps.nix
+++ b/hosts/common/optional/nixos-containers/semitamaps.nix
@@ -8,9 +8,10 @@
   pubKeys = lib.filesystem.listFilesRecursive ../../users/keys;
   hostAddress = configVars.networking.addresses.semitamaps.hostAddress;
   localAddress = configVars.networking.addresses.semitamaps.localAddress;
+  workingDirectory = "/var/www/semitamaps";
 in {
   systemd.tmpfiles.rules = [
-    "d /var/run/sockets 0770 root root -"
+    "d /var/run/sockets 0660 www-data www-data -"
   ];
 
   networking = {
@@ -62,6 +63,12 @@ in {
         useHostResolvConf = lib.mkForce false;
       };
 
+      systemd.tmpfiles.rules = [
+        "d ${workingDirectory} 0750 www-data www-data"
+        "d ${workingDirectory}/.venv 0750 www-data www-data"
+        "d ${workingDirectory}/public/uploads 0775 www-data www-data"
+      ];
+
       services.resolved.enable = true;
 
       imports = [
@@ -77,28 +84,26 @@ in {
         settings.PasswordAuthentication = false;
       };
 
-      systemd.services.semitamaps-api = {
+      systemd.services.semitamaps = {
         wantedBy = ["multi-user.target"];
         after = ["network.target"];
-        description = "Deploys and serves semitamaps api";
+        description = "Deploys and serves semitamaps";
         environment = {
         };
         serviceConfig = {
-          ExecStartPre = pkgs.writeShellScript "semitamaps-api-prestart" ''
+          WorkingDirectory = "${workingDirectory}";
+          ExecStartPre = pkgs.writeShellScript "semitamaps-prestart" ''
             set -e
 
             GITCMD="${pkgs.openssh}/bin/ssh -i /etc/ssh/ssh_host_ed25519_key"
-            if [ ! -d "/srv/semitamaps" ]; then
+            if [ ! -d ${workingDirectory}/.git ]; then
               export GIT_SSH_COMMAND=$GITCMD
-              ${pkgs.git}/bin/git clone git@git.bitlab21.com:sam/semitamaps.com.git /srv/semitamaps
-              mkdir /srv/semitamaps/.venv
+              ${pkgs.git}/bin/git clone git@git.bitlab21.com:sam/semitamaps.com.git ${workingDirectory}
             fi
-            cd /srv/semitamaps
             ${pkgs.poetry}/bin/poetry install
           '';
-          ExecStart = pkgs.writeShellScript "semitamaps-api-start" ''
-            cd /srv/semitamaps
-            .venv/bin/python .venv/bin/uvicorn --workers 4 --uds /var/run/sockets/baseddata.sock backend.app:app
+          ExecStart = pkgs.writeShellScript "semitamaps-start" ''
+            .venv/bin/python .venv/bin/uvicorn --workers 4 --uds /var/run/sockets/semitamaps.sock app:app
           '';
           Restart = "on-failure";
         };