summaryrefslogtreecommitdiff
path: root/modules/nixosModules/server/radicale.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/nixosModules/server/radicale.nix')
-rw-r--r--modules/nixosModules/server/radicale.nix45
1 files changed, 45 insertions, 0 deletions
diff --git a/modules/nixosModules/server/radicale.nix b/modules/nixosModules/server/radicale.nix
new file mode 100644
index 0000000..7f62b70
--- /dev/null
+++ b/modules/nixosModules/server/radicale.nix
@@ -0,0 +1,45 @@
+{
+ self,
+ lib,
+ ...
+}: {
+ flake.nixosModules.radicale = {config, ...}: let
+ cfg = config.hostOptions.server;
+ in {
+ imports = [
+ self.nixosModules.hostOptions
+ self.nixosModules.nginx
+ ];
+
+ services.radicale = {
+ enable = true;
+ settings = {
+ server.hosts = ["127.0.0.1:5232"];
+ auth = {
+ type = "htpasswd";
+ htpasswd_filename = "${cfg.dataPath}/radicale/users";
+ htpasswd_encryption = "autodetect";
+ };
+ storage.filesystem_folder = "${cfg.dataPath}/radicale/calendars/";
+ };
+ };
+
+ users.users.radicale = {
+ isSystemUser = true;
+ group = "radicale";
+ };
+ users.groups.radicale = {};
+ systemd.services.radicale.serviceConfig = {
+ DynamicUser = lib.mkForce false;
+ User = lib.mkForce "radicale";
+ Group = lib.mkForce "radicale";
+ ReadWritePaths = ["${cfg.dataPath}/arr/radicale/"];
+ };
+
+ services.nginx.virtualHosts."radicale.${cfg.domain}" = {
+ enableACME = true;
+ forceSSL = true;
+ locations."/".proxyPass = "http://127.0.0.1:5232";
+ };
+ };
+}
generated by cgit v1.3 (git 2.53.0) at 2026-04-26 21:12:39 +0000