configuration
flake
hosts
_iso
aluminium
astatine
backup-4
beryllium
carbon
clerie-backup
dn42-il-gw1
dn42-il-gw5
dn42-il-gw6
dn42-ildix-clerie
dn42-ildix-service
gatekeeper
hydra-1
hydra-2
krypton
mail-2
monitoring-3
nonat
osmium
palladium
porter
storage-2
tungsten
web-2
blog.nix
bula22.nix
chaosevents.nix
clerie.nix
configuration.nix
drop.nix
etebase.nix
feeds.nix
fieldpoc.nix
gitea.nix
hardware-configuration.nix
ip.nix
legal.nix
meow.nix
milchinsel.nix
mitel-ommclient2.nix
nix-install.nix
nurausstieg.nix
ping.nix
public.nix
radicale.nix
reichartstrasse.nix
secrets.json
ssh.pub
uptimestatus.nix
wetter.nix
zinc
lib
modules
pkgs
profiles
users
.gitignore
README.md
flake.lock
flake.nix
42 lines
906 B
Nix
42 lines
906 B
Nix
{ config, ... }:
|
|
|
|
{
|
|
sops.secrets.radicale-htpasswd = {
|
|
owner = "radicale";
|
|
group = "radicale";
|
|
};
|
|
|
|
services.radicale = {
|
|
enable = true;
|
|
settings = {
|
|
server = {
|
|
hosts = [ "127.0.0.1:61865" ];
|
|
};
|
|
auth = {
|
|
type = "htpasswd";
|
|
htpasswd_filename = config.sops.secrets.radicale-htpasswd.path;
|
|
htpasswd_encryption = "bcrypt";
|
|
};
|
|
storage = {
|
|
filesystem_folder = "/var/lib/radicale/collections";
|
|
};
|
|
};
|
|
};
|
|
|
|
services.nginx.virtualHosts."dav.clerie.de" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:61865";
|
|
extraConfig = ''
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header Host $host;
|
|
proxy_pass_header Authorization;
|
|
'';
|
|
};
|
|
extraConfig = ''
|
|
access_log off;
|
|
'';
|
|
};
|
|
}
|