{ config, pkgs, lib, mkDomain, ... }:
{
# webdav
# Simple WebDAV server
# TODO: parametrize which webdav shares i have?
services.webdav = {
enable = true;
# the webdav user uid:gid is fixed
settings = {
address = "127.0.0.1";
port = 9568;
prefix = "/";
scope = "/mnt/reidun/pub";
modify = false;
auth = true;
users = [
{
username = "zotero";
password = "{bcrypt}$2y$10$9zzZuwd2AvNZXb8WCG/bM..ibOroNnX0sN94UTAV.Jco9LnZ8Whs2";
#prefix = "/zotero/";
scope = "/mnt/reidun/Various/Zotero";
modify = true;
}
];
#cors = {
# enabled = true;
# credentials = true;
# allowed_methods = [ "GET" ];
# exposed_headers = [
# "Content-Length"
# "Content-Range"
# ];
#};
};
};
services.nginx.virtualHosts.${mkDomain "webdav"} = lib.mkIf config.services.webdav.enable {
forceSSL = true; # addSSL = true;
enableACME = true; #useACMEHost = acmeDomain;
locations."/" = {
recommendedProxySettings = false; # lol we disable it and copy it back in, and it works /shrug
proxyPass = "http://127.0.0.1:${toString config.services.webdav.settings.port}";
#proxyWebsockets = true;
extraConfig = ''
proxy_redirect off;
proxy_connect_timeout ${config.services.nginx.proxyTimeout};
proxy_send_timeout ${config.services.nginx.proxyTimeout};
proxy_read_timeout ${config.services.nginx.proxyTimeout};
proxy_http_version 1.1;
# don't let clients close the keep-alive connection to upstream. See the nginx blog for details:
# https://www.nginx.com/blog/avoiding-top-10-nginx-configuration-mistakes/#no-keepalives
proxy_set_header "Connection" "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_request_buffering off;
client_max_body_size 2G;
'';
};
};
}