From faa4251d3d088f606ec8a38c36b70aa229ddb916 Mon Sep 17 00:00:00 2001 From: clerie Date: Tue, 5 Jan 2021 20:25:16 +0100 Subject: [PATCH] Install dav server on web-2 --- hosts/web-2/configuration.nix | 2 +- hosts/web-2/radicale.nix | 32 ++++++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 hosts/web-2/radicale.nix diff --git a/hosts/web-2/configuration.nix b/hosts/web-2/configuration.nix index af57e20..04a1be3 100644 --- a/hosts/web-2/configuration.nix +++ b/hosts/web-2/configuration.nix @@ -8,6 +8,7 @@ ./bubblesort.nix ./ip.nix ./meow.nix + ./radicale.nix ./znc.nix ]; @@ -32,7 +33,6 @@ recommendedOptimisation = true; recommendedProxySettings = true; recommendedTlsSettings = true; - }; networking.firewall.allowedTCPPorts = [ 80 443 ]; diff --git a/hosts/web-2/radicale.nix b/hosts/web-2/radicale.nix new file mode 100644 index 0000000..0a9f01e --- /dev/null +++ b/hosts/web-2/radicale.nix @@ -0,0 +1,32 @@ +{ ... }: + +{ + services.radicale = { + enable = true; + config = '' + [server] + hosts = 127.0.0.1:61865 + + [auth] + type = htpasswd + htpasswd_filename = /var/src/secrets/radicale/htpasswd + htpasswd_encryption = bcrypt + + [storage] + filesystem_folder = /var/lib/radicale/collections + ''; + }; + + services.nginx.virtualHosts."dav.clerie.de" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:61865"; + extraConfig = '' + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $host; + proxy_pass_header Authorization; + ''; + }; + }; +}