Radicale/config

# -*- mode: conf -*-
# vim:ft=cfg

# Config file for Radicale - A simple calendar server
#
# Place it into /etc/radicale/config (global)
# or ~/.config/radicale/config (user)
#
# The current values are the default ones


[server]

# CalDAV server hostnames separated by a comma
# IPv4 syntax: address:port
# IPv6 syntax: [address]:port
# Hostname syntax (using "getaddrinfo" to resolve to IPv4/IPv6 adress(es)): hostname:port
# For example: 0.0.0.0:9999, [::]:9999, localhost:9999
#hosts = localhost:5232

# Max parallel connections
#max_connections = 8

# Max size of request body (bytes)
#max_content_length = 100000000

# Socket timeout (seconds)
#timeout = 30

# SSL flag, enable HTTPS protocol
#ssl = False

# SSL certificate path
#certificate = /etc/ssl/radicale.cert.pem

# SSL private key
#key = /etc/ssl/radicale.key.pem

# CA certificate for validating clients. This can be used to secure
# TCP traffic between Radicale and a reverse proxy
#certificate_authority =


[encoding]

# Encoding for responding requests
#request = utf-8

# Encoding for storing local collections
#stock = utf-8


[auth]

# Authentication method
# Value: none | htpasswd | remote_user | http_x_remote_user | ldap
#type = none

# URI to the LDAP server
#ldap_uri = ldap://localhost

# The base DN where the user accounts have to be searched
#ldap_base = ##BASE_DN##

# The reader DN of the LDAP server
#ldap_reader_dn = CN=ldapreader,CN=Users,##BASE_DN##

# Password of the reader DN
#ldap_secret = ldapreader-secret

# If the ldap groups of the user need to be loaded
#ldap_load_groups = True

# The filter to find the DN of the user. This filter must contain a python-style placeholder for the login
#ldap_filter = (&(objectClass=person)(uid={0}))

# Use ssl on the ldap connection
#ldap_use_ssl = False

# The certifikat verification mode. NONE, OPTIONAL, default is REQUIRED
#ldap_ssl_verify_mode = REQUIRED

# The path to the CA file in pem format which is used to certificate the server certificate
#ldap_ssl_ca_file =

# Htpasswd filename
#htpasswd_filename = /etc/radicale/users

# Htpasswd encryption method
# Value: plain | bcrypt | md5 | sha256 | sha512 | autodetect
# bcrypt requires the installation of 'bcrypt' module.
#htpasswd_encryption = autodetect

# Incorrect authentication delay (seconds)
#delay = 1

# Message displayed in the client when a password is needed
#realm = Radicale - Password Required

# Convert username to lowercase, must be true for case-insensitive auth providers
#lc_username = False

# Strip domain name from username
#strip_domain = False

[rights]

# Rights backend
# Value: none | authenticated | owner_only | owner_write | from_file
#type = owner_only

# File for rights management from_file
#file = /etc/radicale/rights

# Permit delete of a collection (global)
#permit_delete_collection = True


[storage]

# Storage backend
# Value: multifilesystem | multifilesystem_nolock
#type = multifilesystem

# Folder for storing local collections, created if not present
#filesystem_folder = /var/lib/radicale/collections

# Delete sync token that are older (seconds)
#max_sync_token_age = 2592000

# Skip broken item instead of triggering an exception
#skip_broken_item = True

# Command that is run after changes to storage
# Example: ([ -d .git ] || git init) && git add -A && (git diff --cached --quiet || git commit -m "Changes by \"%(user)s\"")
#hook =

# Create predefined user collections
#
# json format:
#
#  {
#    "def-addressbook": {
#       "D:displayname": "Personal Address Book",
#       "tag": "VADDRESSBOOK"
#    },
#    "def-calendar": {
#       "C:supported-calendar-component-set": "VEVENT,VJOURNAL,VTODO",
#       "D:displayname": "Personal Calendar",
#       "tag": "VCALENDAR"
#    }
#  }
#
#predefined_collections =


[web]

# Web interface backend
# Value: none | internal
#type = internal


[logging]

# Threshold for the logger
# Value: debug | info | warning | error | critical
#level = info

# Don't include passwords in logs
#mask_passwords = True

# Log bad PUT request content
#bad_put_request_content = False

# Log backtrace on level=debug
#backtrace_on_debug = False

# Log request header on level=debug
#request_header_on_debug = False

# Log request content on level=debug
#request_content_on_debug = False

# Log response content on level=debug
#response_content_on_debug = False

# Log rights rule which doesn't match on level=debug
#rights_rule_doesnt_match_on_debug = False

[headers]

# Additional HTTP headers
#Access-Control-Allow-Origin = *

[hook]

# Hook types
# Value: none | rabbitmq
#type = none
#rabbitmq_endpoint =
#rabbitmq_topic =
#rabbitmq_queue_type = classic

[reporting]

# When returning a free-busy report, limit the number of returned
# occurences per event to prevent DOS attacks.
#max_freebusy_occurrence = 10000
Add a default logging configuration file, and small typo fixes 2011-05-07 12:52:54 +02:00			`# -- mode: conf --`
			`# vim:ft=cfg`

Minor typo fixes 2010-08-04 01:27:40 +02:00			`# Config file for Radicale - A simple calendar server`
Add a default config. The content of the default config is taken from the documentation. Do not forget to modify it to reflect the current state. 2010-08-04 00:08:08 +02:00			`#`
making radicale support authenticated user from apache 2013-08-27 10:55:30 +02:00			`# Place it into /etc/radicale/config (global)`
Add a default config. The content of the default config is taken from the documentation. Do not forget to modify it to reflect the current state. 2010-08-04 00:08:08 +02:00			`# or ~/.config/radicale/config (user)`
			`#`
			`# The current values are the default ones`

Add a default logging configuration file, and small typo fixes 2011-05-07 12:52:54 +02:00
Add a default config. The content of the default config is taken from the documentation. Do not forget to modify it to reflect the current state. 2010-08-04 00:08:08 +02:00			`[server]`
Comment all out in sample config (fix #155) 2014-10-22 14:33:29 +02:00
Clean IPv6 support 2011-04-02 21:45:45 +02:00			`# CalDAV server hostnames separated by a comma`
Disable IPv6 in default configuration 2011-04-02 21:49:48 +02:00			`# IPv4 syntax: address:port`
			`# IPv6 syntax: [address]:port`
extend example 2024-03-14 05:55:12 +01:00			`# Hostname syntax (using "getaddrinfo" to resolve to IPv4/IPv6 adress(es)): hostname:port`
			`# For example: 0.0.0.0:9999, [::]:9999, localhost:9999`
Bind sockets for IPv4 and IPv6 2020-02-19 09:49:56 +01:00			`#hosts = localhost:5232`
Comment all out in sample config (fix #155) 2014-10-22 14:33:29 +02:00
Limit number of parallel connections 2016-06-10 14:36:44 +02:00			`# Max parallel connections`
reduce default parallel connections to 8 2018-08-28 16:19:48 +02:00			`#max_connections = 8`
Limit number of parallel connections 2016-06-10 14:36:44 +02:00
Limit size of request body 2016-06-10 14:34:52 +02:00			`# Max size of request body (bytes)`
Raise default limits 2018-04-29 21:20:23 +02:00			`#max_content_length = 100000000`
Limit size of request body 2016-06-10 14:34:52 +02:00
Add timeout to integrated sever 2016-06-10 14:33:25 +02:00			`# Socket timeout (seconds)`
Raise default limits 2018-04-29 21:20:23 +02:00			`#timeout = 30`
Add timeout to integrated sever 2016-06-10 14:33:25 +02:00
Add a default config. The content of the default config is taken from the documentation. Do not forget to modify it to reflect the current state. 2010-08-04 00:08:08 +02:00			`# SSL flag, enable HTTPS protocol`
Comment all out in sample config (fix #155) 2014-10-22 14:33:29 +02:00			`#ssl = False`

Clean LDAP support 2011-04-25 16:47:42 +02:00			`# SSL certificate path`
Change default values for the config Fix #346. 2017-03-04 14:06:09 +01:00			`#certificate = /etc/ssl/radicale.cert.pem`
Comment all out in sample config (fix #155) 2014-10-22 14:33:29 +02:00
Clean LDAP support 2011-04-25 16:47:42 +02:00			`# SSL private key`
Change default values for the config Fix #346. 2017-03-04 14:06:09 +01:00			`#key = /etc/ssl/radicale.key.pem`
Comment all out in sample config (fix #155) 2014-10-22 14:33:29 +02:00
Add option for CA certificate for validating clients This can be used to secure TCP traffic between Radicale and a reverse proxy 2017-06-02 12:41:03 +02:00			`# CA certificate for validating clients. This can be used to secure`
			`# TCP traffic between Radicale and a reverse proxy`
			`#certificate_authority =`

Clean the config file 2011-10-03 00:31:15 +02:00
Add a default config. The content of the default config is taken from the documentation. Do not forget to modify it to reflect the current state. 2010-08-04 00:08:08 +02:00			`[encoding]`
Comment all out in sample config (fix #155) 2014-10-22 14:33:29 +02:00
Add a default config. The content of the default config is taken from the documentation. Do not forget to modify it to reflect the current state. 2010-08-04 00:08:08 +02:00			`# Encoding for responding requests`
Comment all out in sample config (fix #155) 2014-10-22 14:33:29 +02:00			`#request = utf-8`

Change "calendar" into "collection" when needed. WARNING: the default folders storing calendars/addressbooks have been changed 2012-01-25 14:53:46 +01:00			`# Encoding for storing local collections`
Comment all out in sample config (fix #155) 2014-10-22 14:33:29 +02:00			`#stock = utf-8`

Add a default config. The content of the default config is taken from the documentation. Do not forget to modify it to reflect the current state. 2010-08-04 00:08:08 +02:00
Code cleaned and modules renamed Radicale is probably broken now 2012-08-08 18:29:09 +02:00			`[auth]`
Comment all out in sample config (fix #155) 2014-10-22 14:33:29 +02:00
Code cleaned and modules renamed Radicale is probably broken now 2012-08-08 18:29:09 +02:00			`# Authentication method`
Rebase rights/from_file.py. Apply proposed/asked changes. 2024-08-26 11:21:53 +02:00			`# Value: none \| htpasswd \| remote_user \| http_x_remote_user \| ldap`
Adapt based on additional comments. 2024-08-27 17:04:15 +02:00			`#type = none`
Adapt base configuration to use with cranix-server. Only the certificate must be adapted 2022-02-22 11:35:46 +01:00
			`# URI to the LDAP server`
Rebase rights/from_file.py. Apply proposed/asked changes. 2024-08-26 11:21:53 +02:00			`#ldap_uri = ldap://localhost`
Adapt base configuration to use with cranix-server. Only the certificate must be adapted 2022-02-22 11:35:46 +01:00
Enhance comments. Remove duplicate entry 2024-09-21 18:37:04 +02:00			`# The base DN where the user accounts have to be searched`
Rebase rights/from_file.py. Apply proposed/asked changes. 2024-08-26 11:21:53 +02:00			`#ldap_base = ##BASE_DN##`
Adapt base configuration to use with cranix-server. Only the certificate must be adapted 2022-02-22 11:35:46 +01:00
			`# The reader DN of the LDAP server`
Rebase rights/from_file.py. Apply proposed/asked changes. 2024-08-26 11:21:53 +02:00			`#ldap_reader_dn = CN=ldapreader,CN=Users,##BASE_DN##`
Adapt base configuration to use with cranix-server. Only the certificate must be adapted 2022-02-22 11:35:46 +01:00
			`# Password of the reader DN`
Rebase rights/from_file.py. Apply proposed/asked changes. 2024-08-26 11:21:53 +02:00			`#ldap_secret = ldapreader-secret`
Adapt base configuration to use with cranix-server. Only the certificate must be adapted 2022-02-22 11:35:46 +01:00
			`# If the ldap groups of the user need to be loaded`
Rebase rights/from_file.py. Apply proposed/asked changes. 2024-08-26 11:21:53 +02:00			`#ldap_load_groups = True`
Clean the config file 2011-10-03 00:31:15 +02:00
Enhance comments. Remove duplicate entry 2024-09-21 18:37:04 +02:00			`# The filter to find the DN of the user. This filter must contain a python-style placeholder for the login`
Implementing ssl connection for ldap auth 2024-09-23 10:19:50 +02:00			`#ldap_filter = (&(objectClass=person)(uid={0}))`

			`# Use ssl on the ldap connection`
			`#ldap_use_ssl = False`

			`# The certifikat verification mode. NONE, OPTIONAL, default is REQUIRED`
			`#ldap_ssl_verify_mode = REQUIRED`

			`# The path to the CA file in pem format which is used to certificate the server certificate`
			`#ldap_ssl_ca_file =`
Clean the config file 2011-10-03 00:31:15 +02:00
Clean LDAP support 2011-04-25 16:47:42 +02:00			`# Htpasswd filename`
Comment all out in sample config (fix #155) 2014-10-22 14:33:29 +02:00			`#htpasswd_filename = /etc/radicale/users`

Clean LDAP support 2011-04-25 16:47:42 +02:00			`# Htpasswd encryption method`
extend htpasswd_encryption options with sha256/512/autodetect 2024-03-12 06:06:40 +01:00			`# Value: plain \| bcrypt \| md5 \| sha256 \| sha512 \| autodetect`
fix for https://github.com/Kozea/Radicale/issues/1350 replacing passlib[bcrypt] with direct call to bcrypt 2024-03-06 22:42:37 +01:00			`# bcrypt requires the installation of 'bcrypt' module.`
Adjustment: option [auth] htpasswd_encryption change default from "md5" to "autodetect" 2024-09-01 17:19:53 +02:00			`#htpasswd_encryption = autodetect`
Clean the config file 2011-10-03 00:31:15 +02:00
Move authentication delay into __init__.py and add config Use the delay for all backends (not only htpasswd). Add configuration option to configure the delay. 2017-05-23 03:11:41 +02:00			`# Incorrect authentication delay (seconds)`
			`#delay = 1`

Move `realm` config from `server` to `auth` 2018-08-16 08:00:01 +02:00			`# Message displayed in the client when a password is needed`
			`#realm = Radicale - Password Required`

remove unexpected unicode char 2024-06-08 21:50:00 +02:00			`# Convert username to lowercase, must be true for case-insensitive auth providers`
added compatibility with a case-insensitive authentication provider 2024-04-17 18:31:51 +03:00			`#lc_username = False`

add auth/strip_domain option 2024-07-18 06:50:29 +02:00			`# Strip domain name from username`
			`#strip_domain = False`
Adds the committer in the config + python3 support 2013-09-13 17:21:50 +02:00
Code cleaned and modules renamed Radicale is probably broken now 2012-08-08 18:29:09 +02:00			`[rights]`
Comment all out in sample config (fix #155) 2014-10-22 14:33:29 +02:00
Different rights management backends Initially only one backend - regular expressions based 2013-12-25 03:13:56 +04:00			`# Rights backend`
Rename backends from None to none All other backend names are lower case. 2017-05-31 12:01:39 +02:00			`# Value: none \| authenticated \| owner_only \| owner_write \| from_file`
Change default values for the config Fix #346. 2017-03-04 14:06:09 +01:00			`#type = owner_only`
Code cleaned and modules renamed Radicale is probably broken now 2012-08-08 18:29:09 +02:00
Use a more simple rights manager 2013-08-14 10:50:59 +02:00			`# File for rights management from_file`
Rebase rights/from_file.py. Apply proposed/asked changes. 2024-08-26 11:21:53 +02:00			`#file = /etc/radicale/rights`
Added file-based rights management 2012-08-11 00:56:45 +02:00
add option for global permit of delete of collection (default: True to avoid breaking change) 2024-03-09 06:43:39 +01:00			`# Permit delete of a collection (global)`
			`#permit_delete_collection = True`

Code cleaned and modules renamed Radicale is probably broken now 2012-08-08 18:29:09 +02:00
Add a default config. The content of the default config is taken from the documentation. Do not forget to modify it to reflect the current state. 2010-08-04 00:08:08 +02:00			`[storage]`
Comment all out in sample config (fix #155) 2014-10-22 14:33:29 +02:00
Split the storage filesystem backend into another file 2012-01-12 02:18:06 +01:00			`# Storage backend`
Add multifilesystem_nolock storage 2021-12-08 21:41:12 +01:00			`# Value: multifilesystem \| multifilesystem_nolock`
Update and fix some config values 2017-03-08 15:50:24 +01:00			`#type = multifilesystem`
Split the storage filesystem backend into another file 2012-01-12 02:18:06 +01:00
Change "calendar" into "collection" when needed. WARNING: the default folders storing calendars/addressbooks have been changed 2012-01-25 14:53:46 +01:00			`# Folder for storing local collections, created if not present`
Update and fix some config values 2017-03-08 15:50:24 +01:00			`#filesystem_folder = /var/lib/radicale/collections`
Split the storage filesystem backend into another file 2012-01-12 02:18:06 +01:00
Real sync-collection support for the multifilesystem backend 2017-06-02 12:44:39 +02:00			`# Delete sync token that are older (seconds)`
			`#max_sync_token_age = 2592000`

add option to skip broken item instead of triggering exception 2024-06-09 13:57:32 +02:00			`# Skip broken item instead of triggering an exception`
change default of "skip_broken_item" to more user-friendly experience 2024-06-18 17:42:49 +02:00			`#skip_broken_item = True`
add option to skip broken item instead of triggering exception 2024-06-09 13:57:32 +02:00
Add hook for storage changes 2016-06-11 10:34:18 +02:00			`# Command that is run after changes to storage`
fix buggy example for git, solving https://github.com/Kozea/Radicale/issues/876 2024-03-14 22:01:19 +01:00			`# Example: ([ -d .git ] \|\| git init) && git add -A && (git diff --cached --quiet \|\| git commit -m "Changes by \"%(user)s\"")`
Use argparse to parse command arguments This commit also allows users to specify all the config values through the command line. Fix #154. 2016-10-12 14:30:18 +02:00			`#hook =`
Add hook for storage changes 2016-06-11 10:34:18 +02:00
Ability to create predefined calendar or(and) addressbook for new user 2024-04-22 12:23:24 +03:00			`# Create predefined user collections`
			`#`
			`# json format:`
			`#`
			`# {`
			`# "def-addressbook": {`
			`# "D:displayname": "Personal Address Book",`
			`# "tag": "VADDRESSBOOK"`
			`# },`
			`# "def-calendar": {`
			`# "C:supported-calendar-component-set": "VEVENT,VJOURNAL,VTODO",`
			`# "D:displayname": "Personal Calendar",`
			`# "tag": "VCALENDAR"`
			`# }`
			`# }`
			`#`
			`#predefined_collections =`

Clean the config file 2011-10-03 00:31:15 +02:00
Add web interface module 2017-05-31 13:18:40 +02:00			`[web]`

			`# Web interface backend`
Web interface for managing calendars and addressbooks 2017-05-31 13:18:42 +02:00			`# Value: none \| internal`
			`#type = internal`
Add web interface module 2017-05-31 13:18:40 +02:00

Add logs (fixes #162) 2011-04-10 18:17:06 +02:00			`[logging]`
Comment all out in sample config (fix #155) 2014-10-22 14:33:29 +02:00
Replace option "debug" with "level" in "logging" 2018-08-16 08:00:02 +02:00			`# Threshold for the logger`
			`# Value: debug \| info \| warning \| error \| critical`
adjust default loglevel to "info" 2024-03-22 07:14:59 +01:00			`#level = info`
Use argparse to parse command arguments This commit also allows users to specify all the config values through the command line. Fix #154. 2016-10-12 14:30:18 +02:00
Don't include passwords in logs 2016-06-11 12:53:58 +02:00			`# Don't include passwords in logs`
			`#mask_passwords = True`

add option to log bad PUT request content 2024-05-29 06:07:36 +02:00			`# Log bad PUT request content`
			`#bad_put_request_content = False`

add support for conditional logging of backtrace_on_debug 2024-06-09 13:42:08 +02:00			`# Log backtrace on level=debug`
disable extra content by default on debug log level 2024-06-18 17:43:35 +02:00			`#backtrace_on_debug = False`
add support for conditional logging of backtrace_on_debug 2024-06-09 13:42:08 +02:00
add options for conditional debug log of request header+content / response content 2024-06-11 13:23:03 +02:00			`# Log request header on level=debug`
disable extra content by default on debug log level 2024-06-18 17:43:35 +02:00			`#request_header_on_debug = False`
add options for conditional debug log of request header+content / response content 2024-06-11 13:23:03 +02:00
			`# Log request content on level=debug`
disable extra content by default on debug log level 2024-06-18 17:43:35 +02:00			`#request_content_on_debug = False`
add options for conditional debug log of request header+content / response content 2024-06-11 13:23:03 +02:00
			`# Log response content on level=debug`
disable extra content by default on debug log level 2024-06-18 17:43:35 +02:00			`#response_content_on_debug = False`
add options for conditional debug log of request header+content / response content 2024-06-11 13:23:03 +02:00
align option name 2024-08-28 08:59:32 +02:00			`# Log rights rule which doesn't match on level=debug`
			`#rights_rule_doesnt_match_on_debug = False`
Allow additional HTTP headers in configuration file Best ratio coolness/sloc ever! 2013-05-13 18:15:08 +02:00
Comment all out in sample config (fix #155) 2014-10-22 14:33:29 +02:00			`[headers]`
Allow additional HTTP headers in configuration file Best ratio coolness/sloc ever! 2013-05-13 18:15:08 +02:00
			`# Additional HTTP headers`
			`#Access-Control-Allow-Origin = *`
Updated config file 2020-08-17 02:47:55 +02:00
			`[hook]`

Fixed couple of points after origin sync 2023-02-10 22:52:49 +01:00			`# Hook types`
			`# Value: none \| rabbitmq`
			`#type = none`
			`#rabbitmq_endpoint =`
Added queue type config for topic, values are classic and quorum 2024-03-02 13:38:42 +01:00			`#rabbitmq_topic =`
fix missing newline 2024-06-09 14:45:32 +02:00			`#rabbitmq_queue_type = classic`
Better freebusy occurrence limit handling and added documentation 2024-08-16 14:57:30 -06:00
			`[reporting]`

			`# When returning a free-busy report, limit the number of returned`
			`# occurences per event to prevent DOS attacks.`
Fix merge conflicts. 2024-08-25 14:11:48 +02:00			`#max_freebusy_occurrence = 10000`