{ lib, ... }: { kubernetes.resources = { configMaps.radicale.data = { users = "pim:$apr1$GUiTihkS$dDCkaUxFx/O86m6NCy/yQ."; config = lib.generators.toINI { } { server = { hosts = "0.0.0.0:5232, [::]:5232"; ssl = false; }; encoding = { request = "utf-8"; stock = "utf-8"; }; auth = { realm = "Radicale - Password Required"; type = "htpasswd"; htpasswd_filename = "/config/users"; htpasswd_encryption = "md5"; }; rights.type = "owner_only"; storage = { type = "multifilesystem"; filesystem_folder = "/data"; }; logging = { }; headers = { }; }; }; deployments.radicale = { metadata.labels.app = "radicale"; spec = { selector.matchLabels.app = "radicale"; template = { metadata.labels.app = "radicale"; spec = { containers.radicale = { image = "tomsquest/docker-radicale:3.2.0.0"; ports.web.containerPort = 5232; volumeMounts = [ { name = "data"; mountPath = "/data"; } { name = "config"; mountPath = "/config/config"; subPath = "config"; } { name = "config"; mountPath = "/config/users"; subPath = "users"; } ]; }; volumes = { data.persistentVolumeClaim.claimName = "radicale"; config.configMap.name = "radicale"; }; securityContext = { fsGroup = 2999; fsGroupChangePolicy = "OnRootMismatch"; }; }; }; }; }; services.radicale.spec = { selector.app = "radicale"; ports.web = { port = 80; targetPort = "web"; }; }; }; lab = { ingresses.radicale = { host = "dav.kun.is"; service = { name = "radicale"; portName = "web"; }; }; }; }