From dd28dcf3d620a4ac7d0a1532b812213cf094cd3c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hugo=20H=C3=B6rnquist?= <hugo@lysator.liu.se>
Date: Wed, 12 Jan 2022 02:26:25 +0100
Subject: Revert "Move webdav into profiles."

It actually reverts the non-need for the nginx module webdav_ext. Since
Omnifocus requires PROPFIND.

This reverts commit edf6ffe8b399679ba28cc5e558a6838919dd1ee8.
---
 manifests/init.pp | 73 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 73 insertions(+)
 create mode 100644 manifests/init.pp

(limited to 'manifests')

diff --git a/manifests/init.pp b/manifests/init.pp
new file mode 100644
index 0000000..f1a836c
--- /dev/null
+++ b/manifests/init.pp
@@ -0,0 +1,73 @@
+define webdav_server (
+  String $nginx_server,
+  String $file_path,
+  String $location = $name,
+  String $passwd_file = "${file_path}/.htpasswd",
+  String $owner  = 'http',
+  String $group = 'share',
+  Array[Array[String,2,2]] $users = [],
+  Array[String] $dav_methods = ['PUT', 'DELETE', 'MKCOL', 'COPY', 'MOVE'],
+  Array[String] $dav_ext_methods = ['PROPFIND', 'OPTIONS'],
+  Hash[String,String] $dav_access = {
+    'user'  => 'rw',
+    'group' => 'rw',
+  }
+) {
+
+  # TODO install this module somehow
+  # AUR: nginx-mainline-mod-dav-ext
+
+  require ::nginx
+
+  $modname = 'ngx_http_dav_ext_module'
+  # This assumes that the directory exists, and that
+  # nginx::include_modules_enabled => true
+  file { "/etc/nginx/modules-enabled/${modname}.conf":
+    ensure  => file,
+    content => @("EOF")
+    load_module /usr/lib/nginx/modules/${modname}.so;
+    | EOF
+  }
+
+  $lines = $users.map |$pair| { $pair.join(':') }.join("\n")
+
+  file {
+    default:
+      owner   => $owner,
+      group   => $group,
+      ;
+    $file_path:
+      ensure  => 'directory',
+      mode    => '0770',
+      recurse => 'false',
+      ;
+    $passwd_file:
+      ensure  => 'file',
+      mode    => '0660',
+      content => @("EOF")
+        # File managed by puppet
+        ${lines}
+        | EOF
+      ;
+  }
+
+  nginx::resource::location { $location:
+    server         => $nginx_server,
+    location_alias => $file_path,
+    ssl            => true,
+    ssl_only       => true,
+
+    auth_basic           => 'Enter password for dav access',
+    auth_basic_user_file => $passwd_file,
+
+    location_cfg_append       => {
+      'dav_methods'           => $dav_methods.join(' '),
+      'dav_ext_methods'       => $dav_ext_methods.join(' '),
+      'dav_access'            => $dav_access.map |$k, $v| { "${k}:${v}" }.join(' '),
+      'client_body_temp_path' => "${file_path}/tmp",
+      'create_full_put_path'  => 'on',
+      'autoindex'             => 'on',
+      'allow'                 => 'all',
+    }
+  }
+}
-- 
cgit v1.2.3