Official NixOS Wiki

OpenCloud

Revision as of 16:42, 27 January 2026 by O5-J (talk | contribs) (Correct duplicates of 'CalDAV' when it should be 'CardDav')

Installation and Configuration

OpenCloud

The snippet below enables the OpenCloud service and disables TLS between the proxy and OpenCloud (only recommended when using together with a reverse proxy, see below)

  services.opencloud = {
    enable = true;
    url = "https://cloud.your.domain";
    address = "127.0.0.1";
    port = port;
    environment = {
      PROXY_TLS = "false"; # disable https when behind reverse-proxy
      INITIAL_ADMIN_PASSWORD = "secure-password";
    };
  };

Nginx

This snippet enables the Nginx endpoint for OpenCloud and a Radicale service.

OpenCloud itself does not have support for CalDAV/CardDAV but it integrates well with Radicale.

  services.nginx.virtualHosts = {
    "cloud.your.domain" = {
      enableACME = true;
      forceSSL = true;
      locations = {
        # Endpoint for OpenCloud
        "/" = {
          proxyPass = "http://127.0.0.1:9200";
          proxyWebsockets = true;
        };
        # Radicale endpoints for CalDAV and CardDAV
        "/caldav/" = {
          proxyPass = "http://127.0.0.1:5232";
          extraConfig = "
            proxy_set_header X-Remote-User $remote_user; # provide username to CalDAV
            proxy_set_header X-Script-Name /caldav;
          ";
        }
        "/.well-known/caldav" = {
          proxyPass = "http://127.0.0.1:5232";
          extraConfig = "
            proxy_set_header X-Remote-User $remote_user; # provide username to CalDAV
            proxy_set_header X-Script-Name /caldav;
          ";
        }
        "/carddav/" = {
          proxyPass = "http://127.0.0.1:5232";
          extraConfig = "
            proxy_set_header X-Remote-User $remote_user; # provide username to CardDAV
            proxy_set_header X-Script-Name /carddav;
          ";
        }
        "/.well-known/carddav/" = {
          proxyPass = "http://127.0.0.1:5232";
          extraConfig = "
            proxy_set_header X-Remote-User $remote_user; # provide username to CardDAV
            proxy_set_header X-Script-Name /carddav;
          ";
        }
      };
    };
  };

Radicale

To use OpenCloud with CalDAV we need to enable the Radicale service.

  services.radicale = {
    enable = true;
    settings = {
      server = {
        hosts = [ "127.0.0.1:5232" ];
        ssl = false; # disable SSL, only use when behind reverse proxy
      };
      auth = {
        type = "http_x_remote_user"; # disable authentication, and use the username that OpenCloud provides is
      };
      web = {
        type = "none";
      };
      storage = {
        filesystem_folder = "/var/lib/radicale/collections";
      };
      logging = {
        level = "debug"; # optional, enable debug logging
        bad_put_request_content = true; # only if level=debug
        request_header_on_debug = true; # only if level=debug
        request_content_on_debug = true; # only if level=debug
        response_content_on_debug = true; # only if level=debug
      };
    };
  };
Retrieved from "https://wiki.nixos.org/w/index.php?title=OpenCloud&oldid=29588"