config/profiles/web/services/webdav-zotero.nix

{ config, pkgs, lib, mkDomain, ... }:
{

  # webdav
  # Simple WebDAV server

  # TODO: parametrize which webdav shares i have?

  services.webdav = {
    enable = true;
    # the webdav user uid:gid is fixed
    settings = {
      address = "127.0.0.1";
      port = 9568;
      prefix = "/";
      scope = "/mnt/reidun/pub";
      modify = false;
      auth = true;
      users = [
        {
          username = "zotero";
          password = "{bcrypt}$2y$10$9zzZuwd2AvNZXb8WCG/bM..ibOroNnX0sN94UTAV.Jco9LnZ8Whs2";
          #prefix = "/zotero/";
          scope = "/mnt/reidun/Various/Zotero";
          modify = true;
        }
        /** /
        {
          username = "guest";
          password = "hunter2";
        }
        /**/
      ];
    };
  };
  services.nginx.virtualHosts.${mkDomain "webdav"} = lib.mkIf config.services.webdav.enable {
    forceSSL = true; # addSSL = true;
    enableACME = true; #useACMEHost = acmeDomain;
    locations."/" = {
      proxyPass = "http://127.0.0.1:${toString config.services.webdav.settings.port}";
      #proxyWebsockets = true;
      extraConfig = ''
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header REMOTE-HOST $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $host;
        proxy_redirect off;

        client_max_body_size 2G;
      '';
    };
  };

}