diff --git a/config/globals.nix b/config/globals.nix
index c2ccdcb..8a0f54d 100644
--- a/config/globals.nix
+++ b/config/globals.nix
@@ -35,6 +35,7 @@
       home = "/var/lib/services/levr";
       build = "/var/lib/www/levr";
       url = "levr.porzh.me";
+      user = "levr";
     };
     outline = {
       url = "notes.porzh.me";
diff --git a/modules/sites/levr.porzh.me.nix b/modules/sites/levr.porzh.me.nix
index ee0b1ac..24cffca 100644
--- a/modules/sites/levr.porzh.me.nix
+++ b/modules/sites/levr.porzh.me.nix
@@ -11,7 +11,7 @@ in {
       Type = "oneshot";
       WorkingDirectory = globals.services.levr.home ;
       ExecStart = ''${pkgs.hugo}/bin/hugo --minify build -d ${globals.services.levr.build}'';
-      User = "lomig";
+      User = "levr";
     };
   };
   systemd.timers.hugo-build = {
@@ -28,7 +28,7 @@ in {
       Type = "oneshot";
       WorkingDirectory = globals.services.levr.home;
       ExecStart = "${pkgs.git}/bin/git pull origin master";
-      User = "lomig";
+      User = "levr";
     };
     environment = {
       PATH = lib.mkForce "${pkgs.openssh}/bin";
@@ -60,4 +60,21 @@ in {
       };
     };
   };
-                   }
+  users = {
+    users = {
+      "${globals.services.levr.user}" = {
+        isSystemUser = true ;
+        group = globals.services.levr.user ;
+        home = globals.services.levr.home ;
+        createHome = true ;
+        description = "User for hugo-blog builds and deployments";
+      };
+    };
+    groups.${globals.services.levr.user} = {};
+  };
+
+  systemd.tmpfiles.rules = [
+    "d ${globals.services.levr.home} 0755 levr levr -"
+    "d ${globals.services.levr.build} 0755 levr levr -"
+  ];
+}