From a95671ead58b4f4fdc49234b41a621306ac92778 Mon Sep 17 00:00:00 2001 From: Marek Paśnikowski Date: Sun, 14 Jan 2024 09:51:16 +0100 Subject: feat(nginx): configure Radicale settings Set up the reverse proxy for radicale.marekpasnikowski.pl and listen for this subdomain. Configure the SSL certificates to include the subdomain. Fix a warning about wrong X-Script-name and include a link to .well-known folder in order to fix synchronization with Sailfish OS. --- izumi.org | 25 +++++++++++++++++++++++-- system-configuration.scm | 25 +++++++++++++++++++++++-- 2 files changed, 46 insertions(+), 4 deletions(-) diff --git a/izumi.org b/izumi.org index 28799e5..2faf761 100644 --- a/izumi.org +++ b/izumi.org @@ -553,7 +553,8 @@ ( domains ( list "marekpasnikowski.pl" - "git.marekpasnikowski.pl" ) ) ) ) ) + "git.marekpasnikowski.pl" + "radicale.marekpasnikowski.pl" ) ) ) ) ) ( email certbot-mail ) ( webroot "/srv/www/marek/marekpasnikowski.pl" ) ) ) ( service cgit-service-type @@ -598,6 +599,7 @@ ( nginx-configuration ( server-blocks ( list + ;; Top-Level ( nginx-server-configuration ( locations ( list @@ -611,7 +613,26 @@ ( ssl-certificate "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem" ) ( ssl-certificate-key - "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem" ) ) ) ) ) ) + "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem" ) ) + ;; Radicale + ( nginx-server-configuration + ( locations + ( list + ( nginx-location-configuration + ( body + ( list + "proxy_pass http://localhost:5232/ ;" + "proxy_set_header X-Script-Name \"\" ;" + "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;" + "proxy_set_header Host $http_host ;" + "proxy_pass_header Authorization ;" ) ) + ( uri "/" ) ) + ( nginx-location-configuration + ( body + ( list "root /srv/www/marek/marekpasnikowski.pl ;" ) ) + ( uri "/.well-known" ) ) ) ) + ( listen ( list "192.168.10.2:443 ssl" ) ) + ( server-name ( list "radicale.marekpasnikowski.pl" ) ) ) ) ) ) ) ( service openssh-service-type ) ( service radicale-service-type ( radicale-configuration diff --git a/system-configuration.scm b/system-configuration.scm index f5f1a7d..b30e48c 100644 --- a/system-configuration.scm +++ b/system-configuration.scm @@ -543,7 +543,8 @@ ( domains ( list "marekpasnikowski.pl" - "git.marekpasnikowski.pl" ) ) ) ) ) + "git.marekpasnikowski.pl" + "radicale.marekpasnikowski.pl" ) ) ) ) ) ( email certbot-mail ) ( webroot "/srv/www/marek/marekpasnikowski.pl" ) ) ) ( service cgit-service-type @@ -588,6 +589,7 @@ ( nginx-configuration ( server-blocks ( list + ;; Top-Level ( nginx-server-configuration ( locations ( list @@ -601,7 +603,26 @@ ( ssl-certificate "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem" ) ( ssl-certificate-key - "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem" ) ) ) ) ) ) + "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem" ) ) + ;; Radicale + ( nginx-server-configuration + ( locations + ( list + ( nginx-location-configuration + ( body + ( list + "proxy_pass http://localhost:5232/ ;" + "proxy_set_header X-Script-Name \"\" ;" + "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;" + "proxy_set_header Host $http_host ;" + "proxy_pass_header Authorization ;" ) ) + ( uri "/" ) ) + ( nginx-location-configuration + ( body + ( list "root /srv/www/marek/marekpasnikowski.pl ;" ) ) + ( uri "/.well-known" ) ) ) ) + ( listen ( list "192.168.10.2:443 ssl" ) ) + ( server-name ( list "radicale.marekpasnikowski.pl" ) ) ) ) ) ) ) ( service openssh-service-type ) ( service radicale-service-type ( radicale-configuration -- cgit v1.2.3