{{/* Define the configmap */}}
{{- define "radicale.configmaps" -}}
{{- $fullname := (include "tc.v1.common.lib.chart.names.fullname" $) -}}

{{- $mainPort := .Values.service.main.ports.main.port }}
{{- $maxContentLength := .Values.radicale.server.max_content_length }}
{{- $maxConnections := .Values.radicale.server.max_connections }}
{{- $request := .Values.radicale.encoding.request }}
{{- $authType := .Values.radicale.auth.type }}
{{- $authDelay := .Values.radicale.auth.delay }}
{{- $authRealm := .Values.radicale.auth.realm }}
{{- $rightsType := .Values.radicale.rights.type }}
{{- $storageType := .Values.radicale.storage.type }}
{{- $webType := .Values.radicale.web.type }}
{{- $maxSyncTokenAge := .Values.radicale.storage.max_sync_token_age }}

{{- $stock := .Values.radicale.encoding.stock }}
{{- $loggingLevel := .Values.radicale.logging.level }}
{{- $authUsers := .Values.radicale.auth.users }}
{{- $maskPasswords := .Values.radicale.logging.mask_passwords }}

{{- $timeout := .Values.radicale.server.timeout }}

radicale-config:
  enabled: true
  data:
    config: |-
      # -*- mode: conf -*-
      # vim:ft=cfg

      # Config file for Radicale - A simple calendar server
      #
      # Place it into /etc/radicale/config (global)
      # or ~/.config/radicale/config (user)
      #
      # The current values are the default ones


      [server]

      # CalDAV server hostnames separated by a comma
      # IPv4 syntax: address:port
      # IPv6 syntax: [address]:port
      # For example: 0.0.0.0:9999, [::]:9999
      #hosts = localhost:5232
      hosts = 0.0.0.0:{{ $mainPort }}

      # Max parallel connections
      #max_connections = 8
      max_connections = {{ $maxConnections }}

      # Max size of request body (bytes)
      #max_content_length = 100000000
      {{- /*
        Multiply by 1, so large integers aren't rendered in scientific notation
        See: https://github.com/helm/helm/issues/1707#issuecomment-1167860346
      */}}
      max_content_length = {{ mul $maxContentLength 1 }}

      # Socket timeout (seconds)
      #timeout = 30
      timeout = {{ $timeout }}

      # SSL flag, enable HTTPS protocol
      #ssl = False

      # SSL certificate path
      #certificate = /etc/ssl/radicale.cert.pem

      # SSL private key
      #key = /etc/ssl/radicale.key.pem

      # CA certificate for validating clients. This can be used to secure
      # TCP traffic between Radicale and a reverse proxy
      #certificate_authority =


      [encoding]

      # Encoding for responding requests
      #request = utf-8
      request = {{ $request }}

      # Encoding for storing local collections
      #stock = utf-8
      stock = {{ $stock }}


      [auth]

      # Authentication method
      # Value: none | htpasswd | remote_user | http_x_remote_user
      #type = none
      type = {{ $authType }}

      # Htpasswd filename
      htpasswd_filename = /config/users

      # Htpasswd encryption method
      # Value: plain | bcrypt | md5
      # bcrypt requires the installation of radicale[bcrypt].
      #htpasswd_encryption = md5
      htpasswd_encryption = bcrypt

      # Incorrect authentication delay (seconds)
      #delay = 1
      delay = {{ $authDelay }}

      # Message displayed in the client when a password is needed
      #realm = Radicale - Password Required
      realm = {{ $authRealm }}

      [rights]

      # Rights backend
      # Value: none | authenticated | owner_only | owner_write | from_file
      #type = owner_only
      type = {{ $rightsType }}

      # File for rights management from_file
      #file = /etc/radicale/rights


      [storage]

      # Storage backend
      # Value: multifilesystem | multifilesystem_nolock
      #type = multifilesystem
      type = {{ $storageType }}

      # Folder for storing local collections, created if not present
      #filesystem_folder = /var/lib/radicale/collections
      filesystem_folder = /data/collections

      # Delete sync token that are older (seconds)
      #max_sync_token_age = 2592000
      {{- /*
        Multiply by 1, so large integers aren't rendered in scientific notation
        See: https://github.com/helm/helm/issues/1707#issuecomment-1167860346
      */}}
      max_sync_token_age = {{ mul $maxSyncTokenAge 1 }}

      # Command that is run after changes to storage
      # Example: ([ -d .git ] || git init) && git add -A && (git diff --cached --quiet || git commit -m "Changes by "%(user)s)
      #hook =


      [web]

      # Web interface backend
      # Value: none | internal
      #type = internal
      type = {{ $webType }}


      [logging]

      # Threshold for the logger
      # Value: debug | info | warning | error | critical
      #level = warning
      level = {{ $loggingLevel }}

      # Don't include passwords in logs
      #mask_passwords = True
      mask_passwords = {{ $maskPasswords | ternary "True" "False" }}


      [headers]

      # Additional HTTP headers
      #Access-Control-Allow-Origin = *

radicale-users:
  enabled: true
  data:
    users: |-
      {{- range $authUsers }}
      {{ htpasswd .username .password }}
      {{- end }}
{{- end }}