{ config, pkgs, ... }: let radicalePort = 8002; in { services.radicale = { enable = true; package = pkgs.radicale3.overrideDerivation (_: { #patches = [ ./radicale1249.patch ]; doCheck = false; pytestCheckPhase = "true"; }); settings = { server = { hosts = "127.0.0.1:${toString radicalePort}"; ssl = false; }; storage = { filesystem_folder = "/var/lib/radicale/collections"; }; auth = { type = "htpasswd"; htpasswd_filename = "/var/lib/radicale/htpasswd"; htpasswd_encryption = "bcrypt"; }; rights = { type = "owner_only"; }; }; }; security.acme.certs."gebner.org".extraDomainNames = [ "radicale.gebner.org" ]; services.nginx = { recommendedProxySettings = true; virtualHosts."radicale.gebner.org" = { forceSSL = true; useACMEHost = "gebner.org"; locations."/" = { proxyPass = "http://127.0.0.1:${toString radicalePort}"; }; # Fake nextcloud api: # https://gitlab.gnome.org/GNOME/gnome-online-accounts/-/issues/1#note_857357 extraConfig = '' rewrite ^/remote.php/carddav / redirect; rewrite ^/remote.php/caldav / redirect; location /remote.php/webdav { return 200; } ''; }; }; environment.systemPackages = with pkgs; [ apacheHttpd ]; }