1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
class profiles::xandikos (
String $sock,
String $server_name = "xandikos.${::fqdn}",
String $user_file = '/etc/xandikos/htpasswd',
String $user = 'xandikos',
String $group = 'www-data',
) {
ensure_packages(['xandikos'])
user { $user:
system => true,
}
systemd::unit_file { 'xandikos.service':
content => @("EOF")
[Unit]
Description=Xandikos CalDAV/CardDAV server
After=network.target
[Service]
ExecStart=/usr/bin/xandikos -d /var/lib/xandikos --route-prefix=/dav --current-user-principal=/jelmer -l /run/sock
User=${user}
Group=${group}
Restart=on-failure
KillSignal=SIGQUIT
Type=simple
NotifyAccess=all
| EOF
}
$certname = lookup('certname')
$cert_dir = $facts['letsencrypt_directory'][$certname]
nginx::resource::server { $server_name:
ipv6_enable => true,
ipv6_listen_options => '',
ssl => true,
ssl_redirect => true,
use_default_location => false,
ssl_cert => "${cert_dir}/fullchain.pem",
ssl_key => "${cert_dir}/privkey.pem",
}
nginx::resource::location {
default:
server => $server_name,
ssl => true,
ssl_only => true,
;
'/.well-known/caldav':
location_cfg_append => { 'return' =>'307 $scheme://$host/users/calendars' },
;
'/.well-known/cardav':
location_cfg_append => { 'return' => '307 $scheme://$host/user/contacts' },
;
'xandikos /':
location => '/',
proxy => "http://unix:${sock}",
auth_basic => 'Login Required',
auth_basic_user_file => $user_file,
;
}
}
|