78 lines
2.2 KiB
Nix
78 lines
2.2 KiB
Nix
{ config, pkgs, lib, ... }:
|
|
|
|
let
|
|
internalPort = 5232;
|
|
|
|
radicale_infcloud = pkgs.python3.pkgs.radicale_infcloud.overrideAttrs (old: {
|
|
src = pkgs.fetchFromGitHub {
|
|
owner = "Unrud";
|
|
repo = "RadicaleInfCloud";
|
|
rev = "40f88a5dc0003120d62533ea635f0d94d77f1aca";
|
|
sha256 = "h6t8LlXAWErVlVq88fGFGrVEvZeJ7HJsr61/fiKRIGY=";
|
|
};
|
|
# Remove depend on radicale to fix infinite recursion
|
|
# and set some of my own settings
|
|
patches = (old.patches or [ ]) ++ [ ../patches/radicale_infcloud.patch ];
|
|
});
|
|
|
|
overlay = self: super: {
|
|
radicale = super.radicale.overrideAttrs (old: {
|
|
propagatedBuildInputs = old.propagatedBuildInputs
|
|
++ [ radicale_infcloud ];
|
|
});
|
|
};
|
|
|
|
htpasswd_filename = "/etc/radicale/users";
|
|
|
|
in {
|
|
nixpkgs.overlays = [ overlay ];
|
|
|
|
services.radicale = {
|
|
enable = true;
|
|
settings = {
|
|
server = {
|
|
hosts = [ "[::1]:${builtins.toString internalPort}" ];
|
|
max_connections = 8;
|
|
max_content_length = 100000000;
|
|
timeout = 30;
|
|
};
|
|
auth = {
|
|
inherit htpasswd_filename;
|
|
type = "htpasswd";
|
|
htpasswd_encryption = "bcrypt";
|
|
delay = 1;
|
|
};
|
|
encoding = {
|
|
request = "utf-8";
|
|
stock = "utf-8";
|
|
};
|
|
storage = { filesystem_folder = "/var/lib/radicale/collections"; };
|
|
web = { type = "radicale_infcloud"; };
|
|
logging = { mask_passwords = true; };
|
|
};
|
|
};
|
|
|
|
services.nginx.virtualHosts."cal.tammena.rocks" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
locations."/" = {
|
|
proxyPass = "http://[::1]:${builtins.toString internalPort}";
|
|
#proxyWebsockets = true; # needed if you need to use WebSocket
|
|
#extraConfig =
|
|
# required when the target is also TLS server with multiple hosts
|
|
#"proxy_ssl_server_name on;" +
|
|
# required when the server wants to use HTTP Authentication
|
|
#"proxy_pass_header Authorization;";
|
|
};
|
|
};
|
|
|
|
environment.systemPackages = [
|
|
# Add a script to easily add users
|
|
(pkgs.writeScriptBin "radicale-set-user" ''
|
|
#!${pkgs.stdenv.shell}
|
|
mkdir -p $(dirname "${htpasswd_filename}")
|
|
${pkgs.apacheHttpd}/bin/htpasswd -Bc "${htpasswd_filename}" $1
|
|
'')
|
|
];
|
|
}
|