2023-02-25 00:03:29 +01:00
|
|
|
{ config, pkgs, lib, mkDomain, ... }:
|
|
|
|
{
|
|
|
|
|
|
|
|
# webdav
|
|
|
|
# Simple WebDAV server
|
|
|
|
|
|
|
|
# TODO: parametrize which webdav shares i have?
|
|
|
|
|
|
|
|
services.webdav = {
|
|
|
|
enable = true;
|
|
|
|
# the webdav user uid:gid is fixed
|
|
|
|
settings = {
|
|
|
|
address = "127.0.0.1";
|
|
|
|
port = 9568;
|
|
|
|
prefix = "/";
|
|
|
|
scope = "/mnt/reidun/pub";
|
|
|
|
modify = false;
|
|
|
|
auth = true;
|
|
|
|
users = [
|
|
|
|
{
|
|
|
|
username = "zotero";
|
|
|
|
password = "{bcrypt}$2y$10$9zzZuwd2AvNZXb8WCG/bM..ibOroNnX0sN94UTAV.Jco9LnZ8Whs2";
|
|
|
|
#prefix = "/zotero/";
|
|
|
|
scope = "/mnt/reidun/Various/Zotero";
|
|
|
|
modify = true;
|
|
|
|
}
|
|
|
|
];
|
2024-09-22 00:09:11 +02:00
|
|
|
#cors = {
|
|
|
|
# enabled = true;
|
|
|
|
# credentials = true;
|
|
|
|
# allowed_methods = [ "GET" ];
|
|
|
|
# exposed_headers = [
|
|
|
|
# "Content-Length"
|
|
|
|
# "Content-Range"
|
|
|
|
# ];
|
|
|
|
#};
|
2023-02-25 00:03:29 +01:00
|
|
|
};
|
|
|
|
};
|
|
|
|
services.nginx.virtualHosts.${mkDomain "webdav"} = lib.mkIf config.services.webdav.enable {
|
|
|
|
forceSSL = true; # addSSL = true;
|
|
|
|
enableACME = true; #useACMEHost = acmeDomain;
|
|
|
|
locations."/" = {
|
2024-09-22 00:09:11 +02:00
|
|
|
recommendedProxySettings = false; # lol we disable it and copy it back in, and it works /shrug
|
2023-02-25 00:03:29 +01:00
|
|
|
proxyPass = "http://127.0.0.1:${toString config.services.webdav.settings.port}";
|
|
|
|
#proxyWebsockets = true;
|
|
|
|
extraConfig = ''
|
2024-09-22 00:09:11 +02:00
|
|
|
proxy_redirect off;
|
|
|
|
|
|
|
|
proxy_connect_timeout ${config.services.nginx.proxyTimeout};
|
|
|
|
proxy_send_timeout ${config.services.nginx.proxyTimeout};
|
|
|
|
proxy_read_timeout ${config.services.nginx.proxyTimeout};
|
|
|
|
proxy_http_version 1.1;
|
|
|
|
# don't let clients close the keep-alive connection to upstream. See the nginx blog for details:
|
|
|
|
# https://www.nginx.com/blog/avoiding-top-10-nginx-configuration-mistakes/#no-keepalives
|
|
|
|
proxy_set_header "Connection" "";
|
|
|
|
|
|
|
|
proxy_set_header Host $host;
|
2023-02-25 00:03:29 +01:00
|
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
2024-09-22 00:09:11 +02:00
|
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
proxy_set_header X-Forwarded-Host $host;
|
|
|
|
proxy_set_header X-Forwarded-Server $host;
|
2023-02-25 00:03:29 +01:00
|
|
|
|
2024-09-22 00:09:11 +02:00
|
|
|
proxy_request_buffering off;
|
2023-02-25 00:03:29 +01:00
|
|
|
client_max_body_size 2G;
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
}
|