refactor: centralize host and user metadata

2026-04-21 12:12:43 +02:00
parent 5cfd4d01c8
commit 6332c96d3e
33 changed files with 805 additions and 479 deletions
@@ -1,27 +1,45 @@
+{ config, ... }:
+let
+  metaLib = config.meta.lib;
+in
 {
  flake.modules.nixos.radicale =
-    { ... }:
-    {
-      services.radicale = {
-        enable = true;
-        settings = {
-          server.hosts = [ "127.0.0.1:5232" ];
+    { lib, ... }:
+    lib.mkMerge [
+      {
+        services.radicale = {
+          enable = true;
+          settings = {
+            server.hosts = [ "127.0.0.1:5232" ];

-          auth = {
-            type = "htpasswd";
-            htpasswd_filename = "/var/lib/radicale/users";
-            htpasswd_encryption = "bcrypt";
+            auth = {
+              type = "htpasswd";
+              htpasswd_filename = "/var/lib/radicale/users";
+              htpasswd_encryption = "bcrypt";
+            };
+
+            storage.filesystem_folder = "/var/lib/radicale/collections";
          };
-
-          storage.filesystem_folder = "/var/lib/radicale/collections";
        };
-      };
+      }

-      services.caddy.virtualHosts."radicale.jelles.net".extraConfig = ''
-        reverse_proxy :5232 {
-           header_up X-Script-Name /
-           header_up X-Forwarded-For {remote}
-           header_up X-Remote-User {http.auth.user.id}
-        }'';
-    };
+      (metaLib.mkCaddyReverseProxy {
+        domain = "radicale.jelles.net";
+        port = 5232;
+        extraHeaders = [
+          {
+            name = "X-Script-Name";
+            value = "/";
+          }
+          {
+            name = "X-Forwarded-For";
+            value = "{remote}";
+          }
+          {
+            name = "X-Remote-User";
+            value = "{http.auth.user.id}";
+          }
+        ];
+      })
+    ];
 }