From e749d673e667f5e404784ca9b61d73c933d0e895 Mon Sep 17 00:00:00 2001 From: Marek Paśnikowski Date: Sun, 14 Jan 2024 09:51:16 +0100 Subject: feat(service): install Radicale server Add Radicale service in order to serve CardDAV. --- izumi.org | 14 +++++++++++++- system-configuration.scm | 14 +++++++++++++- 2 files changed, 26 insertions(+), 2 deletions(-) diff --git a/izumi.org b/izumi.org index 43be347..28799e5 100644 --- a/izumi.org +++ b/izumi.org @@ -8,7 +8,7 @@ #+NAME: OPERATING-SYSTEM #+BEGIN_SRC scheme :tangle system-configuration.scm - ( add-to-load-path "/home/marek/Dokumenty/secrets" ) + ( add-to-load-path "/home/marek/Dokumenty/secrets/" ) ( use-modules ( marek ) @@ -613,6 +613,18 @@ ( ssl-certificate-key "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem" ) ) ) ) ) ) ( service openssh-service-type ) + ( service radicale-service-type + ( radicale-configuration + ( config-file + ( mixed-text-file + "radicale.conf" + "[auth]\n" + "type = htpasswd\n" + "htpasswd_filename = " radicale-keys "\n" + "htpasswd_encryption = plain\n" + "\n" + "[server]\n" + "hosts = localhost:5232\n" ) ) ) ) ( simple-service 'base-profile profile-service-type ( append %base-packages ( list diff --git a/system-configuration.scm b/system-configuration.scm index 19b35ff..f5f1a7d 100644 --- a/system-configuration.scm +++ b/system-configuration.scm @@ -1,4 +1,4 @@ -( add-to-load-path "/home/marek/Dokumenty/secrets" ) +( add-to-load-path "/home/marek/Dokumenty/secrets/" ) ( use-modules ( marek ) @@ -603,6 +603,18 @@ ( ssl-certificate-key "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem" ) ) ) ) ) ) ( service openssh-service-type ) + ( service radicale-service-type + ( radicale-configuration + ( config-file + ( mixed-text-file + "radicale.conf" + "[auth]\n" + "type = htpasswd\n" + "htpasswd_filename = " radicale-keys "\n" + "htpasswd_encryption = plain\n" + "\n" + "[server]\n" + "hosts = localhost:5232\n" ) ) ) ) ( simple-service 'base-profile profile-service-type ( append %base-packages ( list -- cgit v1.2.3 From a95671ead58b4f4fdc49234b41a621306ac92778 Mon Sep 17 00:00:00 2001 From: Marek Paśnikowski Date: Sun, 14 Jan 2024 09:51:16 +0100 Subject: feat(nginx): configure Radicale settings Set up the reverse proxy for radicale.marekpasnikowski.pl and listen for this subdomain. Configure the SSL certificates to include the subdomain. Fix a warning about wrong X-Script-name and include a link to .well-known folder in order to fix synchronization with Sailfish OS. --- izumi.org | 25 +++++++++++++++++++++++-- system-configuration.scm | 25 +++++++++++++++++++++++-- 2 files changed, 46 insertions(+), 4 deletions(-) diff --git a/izumi.org b/izumi.org index 28799e5..2faf761 100644 --- a/izumi.org +++ b/izumi.org @@ -553,7 +553,8 @@ ( domains ( list "marekpasnikowski.pl" - "git.marekpasnikowski.pl" ) ) ) ) ) + "git.marekpasnikowski.pl" + "radicale.marekpasnikowski.pl" ) ) ) ) ) ( email certbot-mail ) ( webroot "/srv/www/marek/marekpasnikowski.pl" ) ) ) ( service cgit-service-type @@ -598,6 +599,7 @@ ( nginx-configuration ( server-blocks ( list + ;; Top-Level ( nginx-server-configuration ( locations ( list @@ -611,7 +613,26 @@ ( ssl-certificate "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem" ) ( ssl-certificate-key - "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem" ) ) ) ) ) ) + "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem" ) ) + ;; Radicale + ( nginx-server-configuration + ( locations + ( list + ( nginx-location-configuration + ( body + ( list + "proxy_pass http://localhost:5232/ ;" + "proxy_set_header X-Script-Name \"\" ;" + "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;" + "proxy_set_header Host $http_host ;" + "proxy_pass_header Authorization ;" ) ) + ( uri "/" ) ) + ( nginx-location-configuration + ( body + ( list "root /srv/www/marek/marekpasnikowski.pl ;" ) ) + ( uri "/.well-known" ) ) ) ) + ( listen ( list "192.168.10.2:443 ssl" ) ) + ( server-name ( list "radicale.marekpasnikowski.pl" ) ) ) ) ) ) ) ( service openssh-service-type ) ( service radicale-service-type ( radicale-configuration diff --git a/system-configuration.scm b/system-configuration.scm index f5f1a7d..b30e48c 100644 --- a/system-configuration.scm +++ b/system-configuration.scm @@ -543,7 +543,8 @@ ( domains ( list "marekpasnikowski.pl" - "git.marekpasnikowski.pl" ) ) ) ) ) + "git.marekpasnikowski.pl" + "radicale.marekpasnikowski.pl" ) ) ) ) ) ( email certbot-mail ) ( webroot "/srv/www/marek/marekpasnikowski.pl" ) ) ) ( service cgit-service-type @@ -588,6 +589,7 @@ ( nginx-configuration ( server-blocks ( list + ;; Top-Level ( nginx-server-configuration ( locations ( list @@ -601,7 +603,26 @@ ( ssl-certificate "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem" ) ( ssl-certificate-key - "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem" ) ) ) ) ) ) + "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem" ) ) + ;; Radicale + ( nginx-server-configuration + ( locations + ( list + ( nginx-location-configuration + ( body + ( list + "proxy_pass http://localhost:5232/ ;" + "proxy_set_header X-Script-Name \"\" ;" + "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;" + "proxy_set_header Host $http_host ;" + "proxy_pass_header Authorization ;" ) ) + ( uri "/" ) ) + ( nginx-location-configuration + ( body + ( list "root /srv/www/marek/marekpasnikowski.pl ;" ) ) + ( uri "/.well-known" ) ) ) ) + ( listen ( list "192.168.10.2:443 ssl" ) ) + ( server-name ( list "radicale.marekpasnikowski.pl" ) ) ) ) ) ) ) ( service openssh-service-type ) ( service radicale-service-type ( radicale-configuration -- cgit v1.2.3