diff --git a/modules/nixos/bundles/server.nix b/modules/nixos/bundles/server.nix index 271c07b..8e0841f 100644 --- a/modules/nixos/bundles/server.nix +++ b/modules/nixos/bundles/server.nix @@ -19,6 +19,7 @@ "prowlarr" "qbittorrent" "radarr" + "radicale" "sonarr" "syncthing" "vaultwarden" diff --git a/modules/nixos/features/homepage-dashboard.nix b/modules/nixos/features/homepage-dashboard.nix index f171efe..c1eb3d1 100644 --- a/modules/nixos/features/homepage-dashboard.nix +++ b/modules/nixos/features/homepage-dashboard.nix @@ -65,6 +65,13 @@ in "href" = "https://ntfy-sh.fi33.buzz/"; }; } + { + "Radicale" = { + "description" = "CalDAV/CardDAV service"; + "icon" = "radicale.svg"; + "href" = "https://radicale.fi33.buzz"; + }; + } { "Syncthing" = { "description" = "Decentralised file synchronisation"; diff --git a/modules/nixos/features/radicale.nix b/modules/nixos/features/radicale.nix new file mode 100644 index 0000000..1e0b722 --- /dev/null +++ b/modules/nixos/features/radicale.nix @@ -0,0 +1,42 @@ +{ + config, + ... +}: +let + port = "5003"; +in +{ + services = { + radicale = { + enable = true; + settings = { + server = { + hosts = [ + "0.0.0.0:${port}" + "[::]:${port}" + ]; + }; + auth = { + type = "htpasswd"; + htpasswd_filename = config.age.secrets.radicale.path; + htpasswd_encryption = "plain"; + }; + storage = { + filesystem_folder = "/srv/radicale"; + }; + }; + }; + + nginx.virtualHosts."radicale.fi33.buzz" = { + forceSSL = true; + useACMEHost = "fi33.buzz"; + locations."/".proxyPass = "http://localhost:${port}"; + }; + }; + + # secrets + age.secrets."radicale" = { + file = ../../../secrets/radicale.age; + owner = "radicale"; + }; +}