This commit is contained in:
commit
7d364cdfac
69 changed files with 5268 additions and 0 deletions
86
hosts/rx4/services/webdav.nix
Normal file
86
hosts/rx4/services/webdav.nix
Normal file
|
|
@ -0,0 +1,86 @@
|
|||
{ constants, config, ... }:
|
||||
|
||||
# FIXME: floccus throws error: NetworkError when attempting to fetch resource.
|
||||
|
||||
let
|
||||
cfg = config.services.webdav;
|
||||
|
||||
inherit (constants.services.webdav) fqdn port;
|
||||
in
|
||||
{
|
||||
services.webdav = {
|
||||
enable = true;
|
||||
environmentFile = config.sops.templates."webdav/env-file".path;
|
||||
|
||||
settings = {
|
||||
inherit port;
|
||||
address = "127.0.0.1";
|
||||
prefix = "/";
|
||||
directory = "/srv/webdav";
|
||||
users = [
|
||||
{
|
||||
username = "{env}WEBDAV_USER";
|
||||
password = "{env}WEBDAV_PASS";
|
||||
permissions = "CRUD";
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d ${cfg.settings.directory} 0750 ${cfg.user} ${cfg.group} -"
|
||||
];
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ port ];
|
||||
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts."${fqdn}" = {
|
||||
listen = [
|
||||
{
|
||||
addr = "0.0.0.0";
|
||||
inherit port;
|
||||
}
|
||||
];
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:${toString port}";
|
||||
extraConfig = ''
|
||||
add_header 'Access-Control-Allow-Origin' '*' always;
|
||||
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, PROPFIND, OPTIONS' always;
|
||||
add_header 'Access-Control-Allow-Headers' 'Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Depth' always;
|
||||
|
||||
if ($request_method = 'OPTIONS') {
|
||||
add_header 'Access-Control-Allow-Origin' '*';
|
||||
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, PROPFIND, OPTIONS';
|
||||
add_header 'Access-Control-Allow-Headers' 'Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Depth';
|
||||
return 204;
|
||||
}
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
sops =
|
||||
let
|
||||
owner = cfg.user;
|
||||
group = cfg.group;
|
||||
mode = "0400";
|
||||
in
|
||||
{
|
||||
secrets = {
|
||||
"webdav/user" = {
|
||||
inherit owner group mode;
|
||||
};
|
||||
"webdav/pass" = {
|
||||
inherit owner group mode;
|
||||
};
|
||||
};
|
||||
templates."webdav/env-file" = {
|
||||
inherit owner group mode;
|
||||
content = ''
|
||||
WEBDAV_USER=${config.sops.placeholder."webdav/user"}
|
||||
WEBDAV_PASS=${config.sops.placeholder."webdav/pass"}
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue