{ kubernetes.resources = { configMaps.radicale.data = { users = "pim:$apr1$GUiTihkS$dDCkaUxFx/O86m6NCy/yQ."; # TODO: Can this be generated with nix? config = '' [server] hosts = 0.0.0.0:5232, [::]:5232 ssl = False [encoding] request = utf-8 stock = utf-8 [auth] realm = Radicale - Password Required type = htpasswd htpasswd_filename = /config/users htpasswd_encryption = md5 [rights] type = owner_only [storage] type = multifilesystem filesystem_folder = /data [logging] [headers] ''; }; deployments.radicale = { metadata.labels.app = "radicale"; spec = { selector.matchLabels.app = "radicale"; template = { metadata.labels.app = "radicale"; spec = { containers.radicale = { image = "tomsquest/docker-radicale"; ports = [{ containerPort = 5232; protocol = "TCP"; }]; volumeMounts = [ { name = "data"; mountPath = "/data"; } { name = "config"; mountPath = "/config/config"; subPath = "config"; } { name = "config"; mountPath = "/config/users"; subPath = "users"; } ]; }; volumes = [ { name = "data"; persistentVolumeClaim.claimName = "radicale"; } { name = "config"; configMap.name = "radicale"; } ]; }; }; }; }; persistentVolumes.radicale.spec = { capacity.storage = "1Mi"; accessModes = [ "ReadWriteMany" ]; nfs = { server = "lewis.hyp"; path = "/mnt/data/nfs/radicale"; }; }; persistentVolumeClaims.radicale.spec = { accessModes = [ "ReadWriteMany" ]; storageClassName = ""; resources.requests.storage = "1Mi"; volumeName = "radicale"; }; services.radicale.spec = { selector.app = "radicale"; ports = [{ protocol = "TCP"; port = 80; targetPort = 5232; }]; }; ingresses.radicale.spec = { ingressClassName = "traefik"; rules = [{ host = "dav.kun.is"; http.paths = [{ path = "/"; pathType = "Prefix"; backend.service = { name = "radicale"; port.number = 80; }; }]; }]; }; }; }