diff --git a/modules/services/caldav.nix b/modules/services/caldav.nix new file mode 100644 index 0000000..2eebf6f --- /dev/null +++ b/modules/services/caldav.nix @@ -0,0 +1,27 @@ +{ config, pkgs, lib, inputs, ... }: +with lib; +let cfg = config.custom.services.caldav; +in { + options.custom.services.caldav = { + enable = mkEnableOption "Enables caldav server"; + }; + config = lib.mkIf cfg.enable { + age.secrets.radicale-users = { + file = ../../secrets/radicale.age; + owner = "radicale"; + }; + services.radicale = { + enable = true; + settings = { + server = { hosts = [ "192.168.2.1:5232" "192.168.0.10:5232" ]; }; + #server = { hosts = [ "192.168.0.11:5232" ]; }; + auth = { + type = "htpasswd"; + htpasswd_filename = config.age.secrets.radicale-users.path; + htpasswd_encryption = "bcrypt"; + }; + storage = { filesystem_folder = "/var/lib/radicale/collections"; }; + }; + }; + }; +} diff --git a/modules/services/default.nix b/modules/services/default.nix index 1bbe12d..d8718cb 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -2,6 +2,7 @@ { imports = [ ./acme.nix + ./caldav.nix ./opensnitch.nix ./adguard.nix ./dnsmasq.nix diff --git a/secrets/radicale.age b/secrets/radicale.age new file mode 100644 index 0000000..d2872f4 Binary files /dev/null and b/secrets/radicale.age differ diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 49f4ae7..25d8c57 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -31,4 +31,5 @@ in "stash-auth.age".publicKeys = [ mini-pc server kop ]; "plausible-admin.age".publicKeys = [ adam-site kop ]; "plausible-keybase.age".publicKeys = [ adam-site kop ]; + "radicale.age".publicKeys = [ mini-pc kop ]; } diff --git a/systems/mini-pc/configuration.nix b/systems/mini-pc/configuration.nix index 252cae2..64adb8b 100644 --- a/systems/mini-pc/configuration.nix +++ b/systems/mini-pc/configuration.nix @@ -5,16 +5,15 @@ { config, pkgs, ... }: { - imports = - [ # Include the results of the hardware scan. - ./hardware-configuration.nix - ../../modules/services/ssh.nix - ../../modules/services/step-ca.nix - ../../modules/services/syncthing.nix - ../../modules/fail2ban.nix - ../../modules/logging.nix - ../../modules/motd.nix - ]; + imports = [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ../../modules/services/ssh.nix + ../../modules/services/step-ca.nix + ../../modules/services/syncthing.nix + ../../modules/fail2ban.nix + ../../modules/logging.nix + ../../modules/motd.nix + ]; networking.firewall.allowedTCPPorts = [ 25565 ]; @@ -39,7 +38,7 @@ misc = { btrfs.enable = true; docker.enable = true; - backup = let + backup = let kavita = "/data/kavita"; gitolite = "/var/lib/gitolite"; syncthing = [ "/synced/default/" "/synced/work_drive/" ]; @@ -47,8 +46,7 @@ backupPathsSmall = [ "/home" gitolite ] ++ syncthing; backupPathsMedium = [ "/home" gitolite ] ++ syncthing; backupPathsFull = [ "/home" kavita gitolite ] ++ syncthingFull; - in - { + in { enable = true; small = backupPathsSmall; # goes to backblaze medium = backupPathsMedium; # goes to gdrive @@ -58,8 +56,9 @@ services = { acme.enable = true; gitolite.enable = true; + caldav.enable = true; kop-monitor.enable = true; - kop-fileshare = { + kop-fileshare = { basePath = "/stash"; dataDir = "/1tbssd/kop-fileshare"; enable = true; diff --git a/systems/pc/configuration.nix b/systems/pc/configuration.nix index 9dbcb99..8ca0e60 100644 --- a/systems/pc/configuration.nix +++ b/systems/pc/configuration.nix @@ -45,7 +45,7 @@ tpm.enable = true; tablet.enable = true; }; - services = { opensnitch.enable = true; }; + services = { caldav.enable = true; }; graphical = { audio.enable = true; code = {