From 0d070589effe6f4fe8db6e7dde02a49d2fa320e1 Mon Sep 17 00:00:00 2001
From: Stefan Junker <mail@stefanjunker.de>
Date: Mon, 22 Jan 2024 19:02:32 +0100
Subject: [PATCH] fmt

---
 nix/home-manager/profiles/wayland-desktop.nix |  23 ++--
 nix/os/devices/steveej-t14/secrets.nix        |   7 --
 nix/os/snippets/radicale.nix                  | 101 ++++++++++++++++++
 .../radicale_htpasswd                         |   0
 4 files changed, 113 insertions(+), 18 deletions(-)
 delete mode 100644 nix/os/devices/steveej-t14/secrets.nix
 create mode 100644 nix/os/snippets/radicale.nix
 rename secrets/{steveej-t14 => desktop}/radicale_htpasswd (100%)

diff --git a/nix/home-manager/profiles/wayland-desktop.nix b/nix/home-manager/profiles/wayland-desktop.nix
index 6c4d820..ffab825 100644
--- a/nix/home-manager/profiles/wayland-desktop.nix
+++ b/nix/home-manager/profiles/wayland-desktop.nix
@@ -1,19 +1,20 @@
-{
-  pkgs,
-  config,
-  lib,
-  repoFlake,
-  nodeFlake,
-  ...
-}: let
-  inherit (import ../lib.nix {}) mkSimpleTrayService;
+{ pkgs
+, config
+, lib
+, repoFlake
+, nodeFlake
+, ...
+}:
+let
+  inherit (import ../lib.nix { }) mkSimpleTrayService;
 
   nixpkgs-2211 = nodeFlake.inputs.nixpkgs-2211.legacyPackages.${pkgs.system};
   nixpkgs-unstable-small = nodeFlake.inputs.nixpkgs-unstable-small.legacyPackages.${pkgs.system};
   nixpkgs-wayland' = repoFlake.inputs.nixpkgs-wayland.packages.${pkgs.system};
 
   wayprompt = nixpkgs-wayland'.wayprompt;
-in {
+in
+{
   fonts.fontconfig.enable = true;
 
   # services.gpg-agent.pinentryFlavor = lib.mkForce null;
@@ -29,7 +30,7 @@ in {
   systemd.user.targets.tray = {
     Unit = {
       Description = "Home Manager System Tray";
-      Requires = ["graphical-session-pre.target"];
+      Requires = [ "graphical-session-pre.target" ];
     };
   };
 
diff --git a/nix/os/devices/steveej-t14/secrets.nix b/nix/os/devices/steveej-t14/secrets.nix
deleted file mode 100644
index a97d67d..0000000
--- a/nix/os/devices/steveej-t14/secrets.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-{config, ...}: {
-  sops.secrets.radicale_htpasswd = {
-    sopsFile = ../../../../secrets/steveej-t14/radicale_htpasswd;
-    format = "binary";
-    owner = config.users.users.steveej.name;
-  };
-}
diff --git a/nix/os/snippets/radicale.nix b/nix/os/snippets/radicale.nix
new file mode 100644
index 0000000..97f4fdc
--- /dev/null
+++ b/nix/os/snippets/radicale.nix
@@ -0,0 +1,101 @@
+{ config
+, lib
+, pkgs
+, repoFlake
+  # TODO: make configurable
+, homeUser ? "steveej"
+, ...
+}:
+
+let
+  radicalePkgs = repoFlake.inputs.radicale-nixpkgs.legacyPackages.${pkgs.system};
+
+  libdecsync = pkgs.python3Packages.buildPythonPackage rec {
+    pname = "libdecsync";
+    version = "2.2.1";
+
+    src = pkgs.python3Packages.fetchPypi {
+      inherit pname version;
+      hash = "sha256-Mukjzjumv9VL+A0maU0K/SliWrgeRjAeiEdN5a83G0I=";
+    };
+
+    propagatedBuildInputs = [
+      # pkgs.libxcrypt-legacy
+    ];
+  };
+  radicale-storage-decsync = pkgs.python3Packages.buildPythonPackage rec {
+    pname = "radicale_storage_decsync";
+    version = "2.1.0";
+
+    src = pkgs.python3Packages.fetchPypi {
+      inherit pname version;
+      hash = "sha256-X+0MT5o2PjsKxca5EDI+rYyQDmUtbRoELDr6e4YXKCg=";
+    };
+
+    buildInputs = [
+      pkgs.radicale
+      # pkgs.libxcrypt-legacy
+      # pkgs.libxcrypt
+    ];
+
+    nativeCheckInputs = [
+      # pkgs.libxcrypt-legacy
+      # pkgs.libxcrypt
+    ];
+
+    propagatedBuildInputs = [ libdecsync pkgs.python3Packages.setuptools ];
+  };
+  radicale-decsync = pkgs.radicale.overrideAttrs (old: {
+    propagatedBuildInputs =
+      old.propagatedBuildInputs
+      ++ [ radicale-storage-decsync ];
+  });
+
+  mkRadicaleService =
+    { suffix
+    , port
+    ,
+    }:
+    let
+      radicale-config = pkgs.writeText "radicale-config-${suffix}" ''
+        [server]
+        hosts = localhost:${builtins.toString port}
+
+        [auth]
+        type = htpasswd
+        htpasswd_filename = ${config.sops.secrets.radicale_htpasswd.path}
+        htpasswd_encryption = bcrypt
+
+        [storage]
+        type = radicale_storage_decsync
+        filesystem_folder = ${config.xdg.dataHome}/radicale-${suffix}
+        decsync_dir = ${config.xdg.dataHome}/decsync-${suffix}
+      '';
+    in
+    {
+      home-manager.users.${homeUser}.systemd.user.services."radicale-${suffix}" = {
+        Unit.Description = "Radicale with DecSync (${suffix})";
+        Service = {
+          ExecStart = "${radicale-decsync}/bin/radicale -C ${radicale-config}";
+          Restart = "on-failure";
+        };
+        Install.WantedBy = [ "default.target" ];
+      };
+    };
+in
+{
+  sops.secrets.radicale_htpasswd = {
+    sopsFile = ../../../../secrets/desktop/radicale_htpasswd;
+    format = "binary";
+    owner = config.users.users.${homeUser}.name;
+  };
+} // (builtins.foldl' (sum: cur: lib.recursiveUpdate sum (mkRadicaleService cur)) { } [
+  {
+    suffix = "personal";
+    port = 5232;
+  }
+  {
+    suffix = "family";
+    port = 5233;
+  }
+])
diff --git a/secrets/steveej-t14/radicale_htpasswd b/secrets/desktop/radicale_htpasswd
similarity index 100%
rename from secrets/steveej-t14/radicale_htpasswd
rename to secrets/desktop/radicale_htpasswd