diff --git a/.gitignore b/.gitignore index 433b195..1196e6e 100644 --- a/.gitignore +++ b/.gitignore @@ -3,6 +3,7 @@ pkg/ .rootbld-repositories secret/alpinepkg-httpauth/secret +secret/radicale-httpauth/secret secret/letsencrypt/private.key config/telegraf/secret diff --git a/PORT-ALLOCATION b/PORT-ALLOCATION index ce9901a..e1907af 100644 --- a/PORT-ALLOCATION +++ b/PORT-ALLOCATION @@ -30,7 +30,9 @@ Internal ports: 7500-7600 Packages: 7574 Homepage: 7575 Seedbox: 7576 + Radicale: 7578 Grafana: 7577 + Radicale: 7591 Monerod: RPC: 7579 Prometheus: diff --git a/config/haproxy/APKBUILD b/config/haproxy/APKBUILD index e3d73cd..03a76c3 100644 --- a/config/haproxy/APKBUILD +++ b/config/haproxy/APKBUILD @@ -3,7 +3,7 @@ . ../APKBUILD-config.template -pkgver=2022.02.19.01 +pkgver=2022.03.25.02 pkgrel=0 depends="redxen-secret-letsencrypt-full redxen-data-haproxy-errorpages" checkdepends="haproxy" @@ -15,5 +15,5 @@ check() { } sha512sums=" -fd02b1735e6a3dbc931209e73d25a754f8ba9431024dfeb787a57dfb0384b92fff0127f948ddb49ac99f0065d9fd6843f33fe783fc3caef23371b2775e941cd0 main.cfg +5fe08e3ba3317fe09e8408141d567758f5fddb1c67233042a5eb02d4a0f2fd96e8945588c22ef371da31f7b0c88e580bb398083c85a939a313ea1f88422d8cac main.cfg " diff --git a/config/haproxy/main.cfg b/config/haproxy/main.cfg index f8de01e..7161dce 100644 --- a/config/haproxy/main.cfg +++ b/config/haproxy/main.cfg @@ -83,6 +83,7 @@ frontend http acl btdown hdr_beg(host) -i sd.redxen acl btdaemon hdr_beg(host) -i seed.redxen acl packs hdr_beg(host) -i packages.redxen + acl cal hdr_beg(host) -i cal.redxen acl monerod hdr_beg(host) -i monerod.redxen redirect location https://en.uncyclopedia.co/wiki/South_Africa code 302 if fedi @@ -95,6 +96,7 @@ frontend http use_backend backend-btdown if btdown use_backend backend-btdaemon if btdaemon use_backend backend-packages if packs + use_backend backend-radicale if cal #use_backend backend-monerod if monerod backend backend-home @@ -130,6 +132,12 @@ backend backend-packages option httpchk HEAD / HTTP/1.1 http-check send hdr Host packages.redxen.eu +backend backend-radicale + server-template radicale 1 _radicale._tcp.routinginfo.internal + option httpchk HEAD / HTTP/1.1 + http-check send hdr Host cal.redxen.eu + http-check expect status 401 + #backend backend-monerod # server-template monerod 1 _monerod._tcp.routinginfo.internal # option httpchk POST /json_rpc HTTP/1.1 diff --git a/config/nginx/APKBUILD b/config/nginx/APKBUILD index de3c97d..8349e42 100644 --- a/config/nginx/APKBUILD +++ b/config/nginx/APKBUILD @@ -3,16 +3,17 @@ . ../APKBUILD-config.template -pkgver=2022.03.24.02 +pkgver=2022.03.25.01 pkgrel=0 depends="nginx-mod-http-zip" checkdepends="nginx" -subpackages="$pkgname-seedbox $pkgname-alpine $pkgname-homepage" +subpackages="$pkgname-seedbox $pkgname-alpine $pkgname-homepage $pkgname-radicale" source=" main.conf module/seedbox.conf module/alpine.conf module/homepage.conf + module/radicale.conf " package() { @@ -34,6 +35,12 @@ homepage() { _rx_installdir="$_rx_installdir/module" rx_install homepage.conf } +radicale() { + depends="$depends redxen-secret-radicale-httpauth" + install_if="redxen-config-radicale" + _rx_installdir="$_rx_installdir/module" rx_install radicale.conf +} + check() { nginx -p / -c main.conf -t } @@ -43,4 +50,5 @@ sha512sums=" 1a330386c6119487a338d78a23a4e116983c333f82373faaa527e22518d71959a0f330968da764ca884dd4dea227c3cf4d2f6252b1dd7f3488ef08543712788d seedbox.conf 5ae68165edab56f41e51ad5b608a29121db878aed0309882927207d4ea9ec5e505a78b194bc8df8f943259130300edd4aa49b2e23a4ee705fa9ea761533fd133 alpine.conf 2657b0bdfc001f94159a8cddc928e666cb20055b3df42dd0ec48146c6952c3c7b3957af52612d35d38199fde76ee0c96cb0ea39ed38e13bcc608088c88dc3a88 homepage.conf +d4b07e07e320e79497d12764d3b122686236f58a51d8b419e84966628705b5471b0442ae0de0409e9f0ca5d42396b9b36d8c618a77aea33e6c502cdeb0d37f69 radicale.conf " diff --git a/config/nginx/module/radicale.conf b/config/nginx/module/radicale.conf new file mode 100644 index 0000000..cbffa28 --- /dev/null +++ b/config/nginx/module/radicale.conf @@ -0,0 +1,12 @@ +server { + listen *:7578 so_keepalive=on; + listen [::]:7578 so_keepalive=on; + + location / { + proxy_pass http://localhost:7591/; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Remote-User $remote_user; + auth_basic "RedXen CalDAV system"; + auth_basic_user_file /etc/redxen/radicale-httpauth/passwdfile; + } +} diff --git a/config/radicale/APKBUILD b/config/radicale/APKBUILD new file mode 100644 index 0000000..9a1ffcf --- /dev/null +++ b/config/radicale/APKBUILD @@ -0,0 +1,19 @@ +# Contributor: Alex Denes +# Maintainer: Alex Denes + +. ../APKBUILD-config.template + +pkgver=2022.03.24.02 +pkgrel=0 +source=" + main.conf +" + +package() { + rx_source_installall + install -dm700 "$(rx_cpkgdir)"/var/lib/radicale +} + +sha512sums=" +eb007c00bb7c518083144daaa8987b595b5dc7e92b4c7253086118f909d030c0f0ea6597cef42e42206ff52fd8cde672f7e757bdcb8076b20ee697476899df92 main.conf +" diff --git a/config/radicale/main.conf b/config/radicale/main.conf new file mode 100644 index 0000000..e711dab --- /dev/null +++ b/config/radicale/main.conf @@ -0,0 +1,24 @@ +# -*- mode: conf -*- +# vim:ft=cfg + +# Config file for Radicale - A simple calendar server + +[server] +hosts = 127.0.0.1:7591, [::1]:7591 +ssl = False + +[auth] +type = http_x_remote_user + +[rights] +type = owner_only + +[storage] +type = multifilesystem +filesystem_folder = /var/lib/radicale + +[web] +type = none + +[logging] +#level = warning diff --git a/data/bindzone/APKBUILD b/data/bindzone/APKBUILD index eb4ce89..792fb2e 100644 --- a/data/bindzone/APKBUILD +++ b/data/bindzone/APKBUILD @@ -3,7 +3,7 @@ . ../APKBUILD-data.template -pkgver=2022.03.24.04 +pkgver=2022.03.25.01 pkgrel=0 checkdepends="bind-tools" makedepends=" @@ -69,6 +69,6 @@ internal() { } sha512sums=" -5896efb5ed59e5d8569922d5a3bba7ba9ef7d47abf30cc0a3eed57c33774531845d4dfa961110a2b7e3954f159968c04896e2733b877e678807880eee16ad3bd redxen.eu -eb0d6b94294b681961038a735bb3a0227476050c440e7bf88f707e3826936c766328ef7505262cdd1b35e2cda2119407fc0d6656e47e9b45b4fa2e5c410f904a internal +23f72394a1508eeb9a828451da79b9c5a6daffe59a2966c1507eb0e98aff17cbb4db838d0357135108bc926b24f132b629c64f1b487c84fa222106baaba486a5 redxen.eu +3f441f898f605366c0e411c13c5357000d4fbc1ef8e3d7c0aad51b5723df224fa413491e6cd741381fcb384697f1f37ca55bea64f8978fd47a30fec511faf72d internal " diff --git a/data/bindzone/internal b/data/bindzone/internal index c04281d..f3fec4e 100644 --- a/data/bindzone/internal +++ b/data/bindzone/internal @@ -44,6 +44,7 @@ _transmission._tcp.routinginfo SRV 0 5 7572 12180710 _root._tcp.routinginfo SRV 0 5 7575 12180710.fsn1-dc14.hetzner _packages._tcp.routinginfo SRV 0 5 7574 12180710.fsn1-dc14.hetzner _seedown._tcp.routinginfo SRV 0 5 7576 12180710.fsn1-dc14.hetzner +_radicale._tcp.routinginfo SRV 0 5 7578 12180710.fsn1-dc14.hetzner postgresql.routinginfo CNAME 12180625.nbg1-dc3.hetzner redis.routinginfo CNAME 12180625.nbg1-dc3.hetzner diff --git a/data/bindzone/redxen.eu b/data/bindzone/redxen.eu index 195dc2e..bf2664a 100644 --- a/data/bindzone/redxen.eu +++ b/data/bindzone/redxen.eu @@ -63,6 +63,7 @@ stats CNAME @ sd CNAME @ packages CNAME @ seed CNAME @ +cal CNAME @ ; Wireguard wireguard CNAME 12180621.nbg1-dc3.hetzner diff --git a/openrc/radicale/APKBUILD b/openrc/radicale/APKBUILD new file mode 100644 index 0000000..bbe47a2 --- /dev/null +++ b/openrc/radicale/APKBUILD @@ -0,0 +1,12 @@ +# Contributor: Alex Denes +# Maintainer: Alex Denes + +. ../APKBUILD-openrc.template + +pkgver=2022.03.25.01 +pkgrel=0 + +sha512sums=" +74a9ff376beedf76cb99f4e1f424a8596ecdddb8ab18040ee6f01663f9c95b3c42a60ac6d3ab067b8fe6f6490e9f43bb9b7d9611656d9a081cecb2f64702a35b runfile +13d1b0384101fc495ae15e0fd4f4348ef6f935fe6a32be7789a5bb03f1f840e3936934aa1aae152b3ff987e7430ab5c159edfa08defdbc104ed68f0f306bb32d conffile +" diff --git a/openrc/radicale/conffile b/openrc/radicale/conffile new file mode 100644 index 0000000..41cb9ac --- /dev/null +++ b/openrc/radicale/conffile @@ -0,0 +1,2 @@ +datadir="/var/lib/radicale" +command_args="--storage-filesystem-folder $datadir -C /etc/redxen/radicale/main.conf" diff --git a/openrc/radicale/runfile b/openrc/radicale/runfile new file mode 100644 index 0000000..7a4a944 --- /dev/null +++ b/openrc/radicale/runfile @@ -0,0 +1,17 @@ +#!/sbin/openrc-run +supervisor=supervise-daemon + +name=radicale +description="Free and open-source CalDAV and CardDAV server" + +command=/usr/bin/radicale +command_user=radicale:radicale + +depend() { + use net + need localmount +} + +start_pre() { + checkpath -d -o radicale "$datadir" +} diff --git a/secret/radicale-httpauth/APKBUILD b/secret/radicale-httpauth/APKBUILD new file mode 100644 index 0000000..4d650e1 --- /dev/null +++ b/secret/radicale-httpauth/APKBUILD @@ -0,0 +1,23 @@ +# Contributor: Alex Denes +# Maintainer: Alex Denes + +. ../APKBUILD-secret.template + +pkgver=2022.03.24.01 +pkgrel=0 +makedepends="apache2-utils" +source="secret" + +build() { + . secret + htpasswd -m -n -b "caskd" "$PASSWD_caskd" >> passwdfile +} + +package() { + mkdir -p "$(rx_cpkgdir)" + rx_install passwdfile +} + +sha512sums=" +ea378d405e7e74fdefff1b65dd0705fa4f6f2c4583332ae6114881732cfc4c5b2a0b6c3d22f3757af378f642767e27ef89df9b389364cab49284fb7f1911a494 secret +"