From 01e8a4dd21c98dadc2ddc698412c2ea51566b43e Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Sat, 17 Aug 2024 15:24:06 +0200
Subject: ...

---
 hosts/surtr/http/webdav/default.nix | 11 +----------
 1 file changed, 1 insertion(+), 10 deletions(-)

(limited to 'hosts/surtr/http/webdav/default.nix')

diff --git a/hosts/surtr/http/webdav/default.nix b/hosts/surtr/http/webdav/default.nix
index f94935ee..24bc5866 100644
--- a/hosts/surtr/http/webdav/default.nix
+++ b/hosts/surtr/http/webdav/default.nix
@@ -20,13 +20,6 @@ let
   };
 in {
   config = {
-    security.pam.services."webdav".text = ''
-      auth requisite  pam_succeed_if.so user ingroup webdav quiet_success
-      auth required   pam_unix.so likeauth nullok nodelay quiet
-      account sufficient pam_unix.so quiet
-    '';
-    users.groups."webdav" = {};
-
     services.nginx = {
       # upstreams."py-webdav" = {
       #   servers = {
@@ -44,9 +37,6 @@ in {
         locations = {
           "/".extraConfig = ''
             root /srv/files/$remote_user;
-
-            auth_pam "WebDAV";
-            auth_pam_service_name "webdav";
           '';
 
           # "/py/".extraConfig = ''
@@ -68,6 +58,7 @@ in {
 
           add_header Strict-Transport-Security "max-age=63072000" always;
         '';
+        basicAuthFile = pkgs.writeText "htpasswd" (concatMapStringsSep "\n" (user: "${user}:${config.users.users.${user}.hashedPassword}") ["gkleen"]);
       };
     };
     security.acme.rfc2136Domains."webdav.141.li" = {
-- 
cgit v1.2.3