118 lines
3.7 KiB
Nix
118 lines
3.7 KiB
Nix
{ pkgs, ... }@all: with all; let
|
|
x = rec { version = "0.0.11";
|
|
user = "nxcaldav";
|
|
nxcsrc = pkgs.fetchFromGitea {
|
|
domain = "git.${hyper.domain}";
|
|
owner = "nx2";
|
|
repo = "NxCalDav";
|
|
rev = version;
|
|
hash = "sha256-Hk27BQCBtdRQ1aSHVEQ1EVjPrsC2jOUPDT4yuU9OCXQ=";
|
|
};
|
|
nxc = pkgs.buildGoModule {
|
|
pname = "NxCalDav";
|
|
inherit version;
|
|
src = nxcsrc;
|
|
vendorHash = "sha256-prstYDJuwS5E5uRwUkX0M+QdnIaQ0QewKe8HaoZ0Db4=";
|
|
};
|
|
nxc_helpers = pkgs.python3Packages.buildPythonApplication {
|
|
inherit version;
|
|
format = "other";
|
|
pname = "nxc_helpers";
|
|
src = nxcsrc;
|
|
propagatedBuildInputs = with pkgs.python313Packages; [ pyyaml psycopg2 ];
|
|
installPhase = ''
|
|
sed -i "15s|.*| parser.add_argument('--config', default='${cfg}', help='Path to config.yaml')|" ./export_events.py
|
|
sed -i "17s|.*| parser.add_argument('--config', default='${cfg}', help='Path to config.yaml')|" ./import_events.py
|
|
install -Dm755 "./export_events.py" "$out/bin/nxc_export"
|
|
install -Dm755 "./import_events.py" "$out/bin/nxc_import"
|
|
'';
|
|
};
|
|
cfg = (pkgs.formats.yaml { }).generate "nxcaldav-config.yaml" {
|
|
server = {
|
|
bind_address = "0.0.0.0:14243";
|
|
public_url = "http://nxc.${hyper.domain}/";
|
|
redaction_text = "[-]";
|
|
default_class = "CONFIDENTIAL";
|
|
};
|
|
database.url = "postgres://nxcaldav@localhost:5432/nxcaldav?sslmode=disable";
|
|
users = let dfu = name: {
|
|
name = name;
|
|
password_cmd = ''cat ${config.sops.secrets."nx2site/nxcaldav/${name}_password".path}'';
|
|
groups = [ "family" ];
|
|
}; in [
|
|
(dfu "lennart")
|
|
(dfu "daniel")
|
|
(dfu "diane")
|
|
(dfu "georg")
|
|
(dfu "tessa")
|
|
(dfu "shared")
|
|
];
|
|
calendars = [
|
|
{ owner = "lennart"; color = "#dddddd"; id = "preservation"; }
|
|
{ owner = "lennart"; color = "#dd2222"; id = "effort"; }
|
|
{ owner = "lennart"; color = "#2222dd"; id = "experience"; }
|
|
{ owner = "lennart"; color = "#22aa22"; id = "leisure"; }
|
|
{ id = "family";
|
|
owner = "shared";
|
|
color = "#dddd22";
|
|
access = [
|
|
{ group = "family"; mode = "read-write"; }
|
|
];
|
|
}
|
|
];
|
|
address_books = [
|
|
{ owner = "lennart"; id = "Others"; }
|
|
{ owner = "lennart"; id = "TUDa"; }
|
|
{ owner = "lennart"; id = "HSMW"; }
|
|
{ owner = "lennart"; id = "CWG"; }
|
|
{ owner = "lennart"; id = "Handball"; }
|
|
{ id = "Family & Freinds";
|
|
owner = "shared";
|
|
access = [
|
|
{ group = "family"; mode = "read-write"; }
|
|
];
|
|
}
|
|
];
|
|
aggregates = [
|
|
{ id = "lennart-aggregate";
|
|
owner = "shared";
|
|
sources = [ "preservation" "effort" "experience" "leisure" ];
|
|
access = [
|
|
{ group = "family" ; mode = "read-only"; }
|
|
{ ics = "future-only"; }
|
|
];
|
|
}
|
|
];
|
|
};
|
|
}; in with x; {
|
|
sops.secrets = let ss = { owner = user; group = user; mode = "600"; }; in {
|
|
"nx2site/nxcaldav/lennart_password" = ss;
|
|
"nx2site/nxcaldav/daniel_password" = ss;
|
|
"nx2site/nxcaldav/diane_password" = ss;
|
|
"nx2site/nxcaldav/georg_password" = ss;
|
|
"nx2site/nxcaldav/tessa_password" = ss;
|
|
"nx2site/nxcaldav/shared_password" = ss;
|
|
};
|
|
users = {
|
|
groups."${user}" = {};
|
|
users = {
|
|
"${hyper.user}".extraGroups = [ user ];
|
|
"${user}" = {
|
|
isSystemUser = true;
|
|
isNormalUser = false;
|
|
group = user;
|
|
};
|
|
};
|
|
};
|
|
environment.systemPackages = [ nxc_helpers ];
|
|
systemd.services."nxcaldav" = {
|
|
enable = true;
|
|
path = [ pkgs.bash pkgs.coreutils ];
|
|
serviceConfig = {
|
|
User = user;
|
|
Group = user;
|
|
ExecStart = ''${nxc}/bin/nxcaldav -c ${cfg}'';
|
|
};
|
|
};
|
|
}
|