From 24b44264d2d57341877fbd3d436daed427cf2651 Mon Sep 17 00:00:00 2001 From: kat witch Date: Fri, 30 Apr 2021 20:35:43 +0100 Subject: [PATCH] services/calendar: init w/ radicale --- hosts/athame/nixos/default.nix | 1 + services/calendar.nix | 44 ++++++++++++++++++++++++++++++++++ 2 files changed, 45 insertions(+) create mode 100644 services/calendar.nix diff --git a/hosts/athame/nixos/default.nix b/hosts/athame/nixos/default.nix index 2334854f..f7341c56 100644 --- a/hosts/athame/nixos/default.nix +++ b/hosts/athame/nixos/default.nix @@ -14,6 +14,7 @@ with lib; ../../../services/postgres.nix ../../../services/nginx.nix ../../../services/mail.nix + ../../../services/calendar.nix ../../../services/gitea ../../../services/syncplay.nix ../../../services/weechat.nix diff --git a/services/calendar.nix b/services/calendar.nix new file mode 100644 index 00000000..57420fa3 --- /dev/null +++ b/services/calendar.nix @@ -0,0 +1,44 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let + mailAccounts = config.mailserver.loginAccounts; + htpasswd = pkgs.writeText "radicale.users" (concatStrings + (flip mapAttrsToList mailAccounts (mail: user: + mail + ":" + user.hashedPassword + "\n" + )) + ); + +in { + services.radicale = { + enable = true; + config = '' + [auth] + type = htpasswd + htpasswd_filename = ${htpasswd} + htpasswd_encryption = bcrypt + ''; + }; + + services.nginx.virtualHosts = { + "cal.kittywit.ch" = { + forceSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://localhost:5232/"; + extraConfig = '' + proxy_set_header X-Script-Name /; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Authorization; + ''; + }; + }; + }; + + deploy.tf.dns.records.kittywitch_cal = { + tld = "kittywit.ch."; + domain = "cal"; + cname.target = "athame.kittywit.ch."; + }; +}