M Makefile => Makefile +1 -0
@@ 1,4 1,5 @@
install:
+ +@cd carl && make HTPASSWD="$(HTPASSWD_CARL)" install
+@cd check && make install
+@cd files && make HTPASSWD="$(HTPASSWD_FILES)" install
+@cd main && make install
M README.md => README.md +1 -0
@@ 2,6 2,7 @@
Personal websites
+- carl: CardDAV/CalDAV server (reverse proxy)
- check: checklists
- files: files sharing
- main: general website
A carl/Makefile => carl/Makefile +7 -0
@@ 0,0 1,7 @@
+install:
+ mkdir -p $(DESTDIR)/srv/http/carl
+ mkdir -p $(DESTDIR)/etc/nginx/http.d
+ cp nginx.conf $(DESTDIR)/etc/nginx/http.d/carl.conf
+ @printf 'damien:%s\n' `openssl passwd -apr1 "$(HTPASSWD)"` > $(DESTDIR)/etc/nginx/htpasswd_carl
+
+.PHONY: install
A carl/nginx.conf => carl/nginx.conf +32 -0
@@ 0,0 1,32 @@
+server {
+ listen 80;
+ server_name carl.tardypad.me;
+
+ access_log off;
+
+ location / {
+ return 301 https://$host$request_uri;
+ }
+}
+server {
+ listen 443 ssl;
+ server_name carl.tardypad.me;
+ root /srv/http/carl/;
+
+ access_log /var/log/nginx/carl_access.log;
+ error_log /var/log/nginx/carl_error.log;
+
+ auth_basic "Restricted area";
+ auth_basic_user_file /etc/nginx/htpasswd_carl;
+
+ ssl_certificate /etc/letsencrypt/live/tardypad.me/fullchain.pem;
+ ssl_certificate_key /etc/letsencrypt/live/tardypad.me/privkey.pem;
+
+ location / {
+ proxy_pass http://localhost:5232/;
+ proxy_set_header X-Script-Name /;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Remote-User $remote_user;
+ proxy_set_header Host $http_host;
+ }
+}