oss/Radicale
oss/Radicale
1
0
Fork 0
mirror of https://github.com/Kozea/Radicale.git synced 2025-08-01 18:18:31 +00:00
Code Wiki Activity

Generate documentation

Browse source
This commit is contained in:
Github Actions 2020-04-11 14:28:29 +00:00
parent fcb719e221
commit 5c4ff4f93f
1 changed files with 265 additions and 399 deletions
Download patch file Download diff file Expand all files Collapse all files

664
master.html
View file

@ -146,7 +146,6 @@
<li class="level4"><a href="#documentation/basic-setup/limits">Limits</a></li>
<li class="level4"><a href="#documentation/basic-setup/running-as-a-service">Running as a service</a></li>
<li class="level4"><a href="#documentation/basic-setup/macos-with-launchd">MacOS with launchd</a></li>
<li class="level4"><a href="#documentation/basic-setup/classic-daemonization">Classic daemonization</a></li>
<li class="level4"><a href="#documentation/basic-setup/windows-with-nssm---the-non-sucking-service-manager">Windows with "NSSM - the Non-Sucking Service Manager"</a></li>
</ul></li>
<li class="level3"><a href="#documentation/reverse-proxy">Reverse Proxy</a>
@ -184,10 +183,7 @@
<li class="level4"><a href="#documentation/storage/layout">Layout</a></li>
<li class="level4"><a href="#documentation/storage/locking">Locking</a></li>
</ul></li>
<li class="level3"><a href="#documentation/logging">Logging</a>
<ul>
<li class="level4"><a href="#documentation/logging/logging-to-a-file">Logging to a file</a></li>
</ul></li>
<li class="level3"><a href="#documentation/logging">Logging</a></li>
<li class="level3"><a href="#documentation/architecture">Architecture</a>
<ul>
<li class="level4"><a href="#documentation/architecture/general-architecture">General Architecture</a></li>
@ -248,7 +244,7 @@
<h4>Installation <a class="headerlink" href="#getting-started//installation">&para;</a></h4>
<p>Radicale is really easy to install and works out-of-the-box.</p>
<div class="sourceCode" id="cb1"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb1-1"><a href="#cb1-1"></a>$ <span class="ex">python3</span> -m pip install --upgrade radicale</span>
<span id="cb1-2"><a href="#cb1-2"></a>$ <span class="ex">python3</span> -m radicale --config <span class="st">""</span> --storage-filesystem-folder=~/.var/lib/radicale/collections</span></code></pre></div>
<span id="cb1-2"><a href="#cb1-2"></a>$ <span class="ex">python3</span> -m radicale --storage-filesystem-folder=~/.var/lib/radicale/collections</span></code></pre></div>
<p>When your server is launched, you can check that everything's OK by going to <a href="http://localhost:5232/">http://localhost:5232/</a> with your browser! You can login with any username and password.</p>
<p>Want more? Why don't you check our wonderful <a href="#documentation">documentation</a>?</p>
</section>
@ -284,7 +280,6 @@
<li><a href="#documentation/configuration">What can I configure?</a></li>
<li><a href="#documentation/authentication-and-rights">Authentication &amp; Rights.</a></li>
<li><a href="#documentation/storage">Storage.</a></li>
<li><a href="#documentation/logging">Logging.</a></li>
</ul>
</section>
<section class="level4" id="documentation//hack">
@ -308,7 +303,7 @@
<div class="sourceCode" id="cb2"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb2-1"><a href="#cb2-1"></a><span class="co"># Run the following command as root or</span></span>
<span id="cb2-2"><a href="#cb2-2"></a><span class="co"># add the --user argument to only install for the current user</span></span>
<span id="cb2-3"><a href="#cb2-3"></a>$ <span class="ex">python3</span> -m pip install --upgrade radicale</span>
<span id="cb2-4"><a href="#cb2-4"></a>$ <span class="ex">python3</span> -m radicale --config <span class="st">""</span> --storage-filesystem-folder=~/.var/lib/radicale/collections</span></code></pre></div>
<span id="cb2-4"><a href="#cb2-4"></a>$ <span class="ex">python3</span> -m radicale --storage-filesystem-folder=~/.var/lib/radicale/collections</span></code></pre></div>
<p>Victory! Open <a href="http://localhost:5232/">http://localhost:5232/</a> in your browser! You can login with any username and password.</p>
</section>
<section class="level4" id="documentation/tutorial/windows">
@ -316,8 +311,7 @@
<p>The first step is to install Python. Go to <a href="https://python.org">python.org</a> and download the latest version of Python 3. Then run the installer. On the first window of the installer, check the "Add Python to PATH" box and click on "Install now". Wait a couple of minutes, it's done!</p>
<p>Launch a command prompt and type:</p>
<div class="sourceCode" id="cb3"><pre class="sourceCode powershell"><code class="sourceCode powershell"><span id="cb3-1"><a href="#cb3-1"></a>C:\Users\User&gt; python -m pip install --upgrade radicale</span>
<span id="cb3-2"><a href="#cb3-2"></a>C:\Users\User&gt; python -m radicale --config <span class="st">""</span> --storage-filesystem-folder=~/radicale/collections</span></code></pre></div>
<p>If you are using PowerShell replace <code>--config ""</code> with <code>--config '""'</code>.</p>
<span id="cb3-2"><a href="#cb3-2"></a>C:\Users\User&gt; python -m radicale --storage-filesystem-folder=~/radicale/collections</span></code></pre></div>
<p>Victory! Open <a href="http://localhost:5232/">http://localhost:5232/</a> in your browser! You can login with any username and password.</p>
</section>
<section class="level4" id="documentation/tutorial/macos">
@ -330,7 +324,7 @@
<p>Installation instructions can be found on the <a href="#documentation/tutorial">Tutorial</a> page.</p>
<section class="level4" id="documentation/basic-setup/configuration">
<h4>Configuration <a class="headerlink" href="#documentation/basic-setup/configuration">&para;</a></h4>
<p>Radicale tries to load configuration files from <code>/etc/radicale/config</code>, <code>~/.config/radicale/config</code> and the <code>RADICALE_CONFIG</code> environment variable. A custom path can be specified with the <code>--config /path/to/config</code> command line argument.</p>
<p>Radicale tries to load configuration files from <code>/etc/radicale/config</code> and <code>~/.config/radicale/config</code>. Custom paths can be specified with the <code>--config /path/to/config</code> command line argument or the <code>RADICALE_CONFIG</code> environment variable. Multiple configuration files can be separated by <code>:</code> (resp. <code>;</code> on Windows). Paths that start with <code>?</code> are optional.</p>
<p>You should create a new configuration file at the desired location. (If the use of a configuration file is inconvenient, all options can be passed via command line arguments.)</p>
<p>All configuration options are described in detail on the <a href="#documentation/configuration">Configuration</a> page.</p>
</section>
@ -342,21 +336,19 @@
<h5>The secure way <a class="headerlink" href="#documentation/basic-setup/authentication/the-secure-way">&para;</a></h5>
<p>The <code>users</code> file can be created and managed with <a href="https://httpd.apache.org/docs/current/programs/htpasswd.html">htpasswd</a>:</p>
<div class="sourceCode" id="cb4"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb4-1"><a href="#cb4-1"></a><span class="co"># Create a new htpasswd file with the user "user1"</span></span>
<span id="cb4-2"><a href="#cb4-2"></a>$ <span class="ex">htpasswd</span> -B -c /path/to/users user1</span>
<span id="cb4-2"><a href="#cb4-2"></a>$ <span class="ex">htpasswd</span> -c /path/to/users user1</span>
<span id="cb4-3"><a href="#cb4-3"></a><span class="ex">New</span> password:</span>
<span id="cb4-4"><a href="#cb4-4"></a><span class="ex">Re-type</span> new password:</span>
<span id="cb4-5"><a href="#cb4-5"></a><span class="co"># Add another user</span></span>
<span id="cb4-6"><a href="#cb4-6"></a>$ <span class="ex">htpasswd</span> -B /path/to/users user2</span>
<span id="cb4-6"><a href="#cb4-6"></a>$ <span class="ex">htpasswd</span> /path/to/users user2</span>
<span id="cb4-7"><a href="#cb4-7"></a><span class="ex">New</span> password:</span>
<span id="cb4-8"><a href="#cb4-8"></a><span class="ex">Re-type</span> new password:</span></code></pre></div>
<p><strong>bcrypt</strong> is used to secure the passwords. Radicale requires additional dependencies for this encryption method:</p>
<div class="sourceCode" id="cb5"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb5-1"><a href="#cb5-1"></a>$ <span class="ex">python3</span> -m pip install --upgrade radicale[bcrypt]</span></code></pre></div>
<p>Authentication can be enabled with the following configuration:</p>
<div class="sourceCode" id="cb6"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb6-1"><a href="#cb6-1"></a><span class="kw">[auth]</span></span>
<span id="cb6-2"><a href="#cb6-2"></a><span class="dt">type </span><span class="ot">=</span><span class="st"> htpasswd</span></span>
<span id="cb6-3"><a href="#cb6-3"></a><span class="dt">htpasswd_filename </span><span class="ot">=</span><span class="st"> /path/to/users</span></span>
<span id="cb6-4"><a href="#cb6-4"></a><span class="co"># encryption method used in the htpasswd file</span></span>
<span id="cb6-5"><a href="#cb6-5"></a><span class="dt">htpasswd_encryption </span><span class="ot">=</span><span class="st"> bcrypt</span></span></code></pre></div>
<div class="sourceCode" id="cb5"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb5-1"><a href="#cb5-1"></a><span class="kw">[auth]</span></span>
<span id="cb5-2"><a href="#cb5-2"></a><span class="dt">type </span><span class="ot">=</span><span class="st"> htpasswd</span></span>
<span id="cb5-3"><a href="#cb5-3"></a><span class="dt">htpasswd_filename </span><span class="ot">=</span><span class="st"> /path/to/users</span></span>
<span id="cb5-4"><a href="#cb5-4"></a><span class="co"># encryption method used in the htpasswd file</span></span>
<span id="cb5-5"><a href="#cb5-5"></a><span class="dt">htpasswd_encryption </span><span class="ot">=</span><span class="st"> md5</span></span></code></pre></div>
</section>
<section class="level5" id="documentation/basic-setup/authentication/the-simple-but-insecure-way">
<h5>The simple but insecure way <a class="headerlink" href="#documentation/basic-setup/authentication/the-simple-but-insecure-way">&para;</a></h5>
@ -365,40 +357,39 @@
user2:password2
</code></pre>
<p>Authentication can be enabled with the following configuration:</p>
<div class="sourceCode" id="cb8"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb8-1"><a href="#cb8-1"></a><span class="kw">[auth]</span></span>
<span id="cb8-2"><a href="#cb8-2"></a><span class="dt">type </span><span class="ot">=</span><span class="st"> htpasswd</span></span>
<span id="cb8-3"><a href="#cb8-3"></a><span class="dt">htpasswd_filename </span><span class="ot">=</span><span class="st"> /path/to/users</span></span>
<span id="cb8-4"><a href="#cb8-4"></a><span class="co"># encryption method used in the htpasswd file</span></span>
<span id="cb8-5"><a href="#cb8-5"></a><span class="dt">htpasswd_encryption </span><span class="ot">=</span><span class="st"> plain</span></span></code></pre></div>
<div class="sourceCode" id="cb7"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb7-1"><a href="#cb7-1"></a><span class="kw">[auth]</span></span>
<span id="cb7-2"><a href="#cb7-2"></a><span class="dt">type </span><span class="ot">=</span><span class="st"> htpasswd</span></span>
<span id="cb7-3"><a href="#cb7-3"></a><span class="dt">htpasswd_filename </span><span class="ot">=</span><span class="st"> /path/to/users</span></span>
<span id="cb7-4"><a href="#cb7-4"></a><span class="co"># encryption method used in the htpasswd file</span></span>
<span id="cb7-5"><a href="#cb7-5"></a><span class="dt">htpasswd_encryption </span><span class="ot">=</span><span class="st"> plain</span></span></code></pre></div>
</section>
</section>
<section class="level4" id="documentation/basic-setup/addresses">
<h4>Addresses <a class="headerlink" href="#documentation/basic-setup/addresses">&para;</a></h4>
<p>The default configuration binds the server to localhost. It can't be reached from other computers. This can be changed with the following configuration options:</p>
<div class="sourceCode" id="cb9"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb9-1"><a href="#cb9-1"></a><span class="kw">[server]</span></span>
<span id="cb9-2"><a href="#cb9-2"></a><span class="dt">hosts </span><span class="ot">=</span><span class="st"> </span><span class="dv">0</span><span class="st">.</span><span class="dv">0</span><span class="st">.</span><span class="fl">0.0</span><span class="st">:</span><span class="dv">5232</span></span></code></pre></div>
<p>More addresses can be added (separated by commas).</p>
<p>The default configuration binds the server to localhost. It can't be reached from other computers. This can be changed with the following configuration options (IPv4 and IPv6):</p>
<div class="sourceCode" id="cb8"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb8-1"><a href="#cb8-1"></a><span class="kw">[server]</span></span>
<span id="cb8-2"><a href="#cb8-2"></a><span class="dt">hosts </span><span class="ot">=</span><span class="st"> </span><span class="dv">0</span><span class="st">.</span><span class="dv">0</span><span class="st">.</span><span class="fl">0.0</span><span class="st">:</span><span class="dv">5232</span><span class="st">, [::]:</span><span class="dv">5232</span></span></code></pre></div>
</section>
<section class="level4" id="documentation/basic-setup/storage">
<h4>Storage <a class="headerlink" href="#documentation/basic-setup/storage">&para;</a></h4>
<p>Data is stored in the folder <code>/var/lib/radicale/collections</code>. The path can be changed with the following configuration:</p>
<div class="sourceCode" id="cb10"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb10-1"><a href="#cb10-1"></a><span class="kw">[storage]</span></span>
<span id="cb10-2"><a href="#cb10-2"></a><span class="dt">filesystem_folder </span><span class="ot">=</span><span class="st"> /path/to/storage</span></span></code></pre></div>
<div class="sourceCode" id="cb9"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb9-1"><a href="#cb9-1"></a><span class="kw">[storage]</span></span>
<span id="cb9-2"><a href="#cb9-2"></a><span class="dt">filesystem_folder </span><span class="ot">=</span><span class="st"> /path/to/storage</span></span></code></pre></div>
<p><strong>Security:</strong> The storage folder should not be readable by unauthorized users. Otherwise, they can read the calendar data and lock the storage. You can find OS dependent instructions in the <strong>Running as a service</strong> section.</p>
</section>
<section class="level4" id="documentation/basic-setup/limits">
<h4>Limits <a class="headerlink" href="#documentation/basic-setup/limits">&para;</a></h4>
<p>Radicale enforces limits on the maximum number of parallel connections, the maximum file size (important for contacts with big photos) and the rate of incorrect authentication attempts. Connections are terminated after a timeout. The default values should be fine for most scenarios.</p>
<div class="sourceCode" id="cb11"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb11-1"><a href="#cb11-1"></a><span class="kw">[server]</span></span>
<span id="cb11-2"><a href="#cb11-2"></a><span class="dt">max_connections </span><span class="ot">=</span><span class="st"> </span><span class="dv">20</span></span>
<span id="cb11-3"><a href="#cb11-3"></a><span class="co"># 100 Megabyte</span></span>
<span id="cb11-4"><a href="#cb11-4"></a><span class="dt">max_content_length </span><span class="ot">=</span><span class="st"> </span><span class="dv">100000000</span></span>
<span id="cb11-5"><a href="#cb11-5"></a><span class="co"># 30 seconds</span></span>
<span id="cb11-6"><a href="#cb11-6"></a><span class="dt">timeout </span><span class="ot">=</span><span class="st"> </span><span class="dv">30</span></span>
<span id="cb11-7"><a href="#cb11-7"></a></span>
<span id="cb11-8"><a href="#cb11-8"></a><span class="kw">[auth]</span></span>
<span id="cb11-9"><a href="#cb11-9"></a><span class="co"># Average delay after failed login attempts in seconds</span></span>
<span id="cb11-10"><a href="#cb11-10"></a><span class="dt">delay </span><span class="ot">=</span><span class="st"> </span><span class="dv">1</span></span></code></pre></div>
<div class="sourceCode" id="cb10"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb10-1"><a href="#cb10-1"></a><span class="kw">[server]</span></span>
<span id="cb10-2"><a href="#cb10-2"></a><span class="dt">max_connections </span><span class="ot">=</span><span class="st"> </span><span class="dv">20</span></span>
<span id="cb10-3"><a href="#cb10-3"></a><span class="co"># 100 Megabyte</span></span>
<span id="cb10-4"><a href="#cb10-4"></a><span class="dt">max_content_length </span><span class="ot">=</span><span class="st"> </span><span class="dv">100000000</span></span>
<span id="cb10-5"><a href="#cb10-5"></a><span class="co"># 30 seconds</span></span>
<span id="cb10-6"><a href="#cb10-6"></a><span class="dt">timeout </span><span class="ot">=</span><span class="st"> </span><span class="dv">30</span></span>
<span id="cb10-7"><a href="#cb10-7"></a></span>
<span id="cb10-8"><a href="#cb10-8"></a><span class="kw">[auth]</span></span>
<span id="cb10-9"><a href="#cb10-9"></a><span class="co"># Average delay after failed login attempts in seconds</span></span>
<span id="cb10-10"><a href="#cb10-10"></a><span class="dt">delay </span><span class="ot">=</span><span class="st"> </span><span class="dv">1</span></span></code></pre></div>
</section>
<section class="level4" id="documentation/basic-setup/running-as-a-service">
<h4>Running as a service <a class="headerlink" href="#documentation/basic-setup/running-as-a-service">&para;</a></h4>
@ -406,78 +397,71 @@ user2:password2
<section class="level5" id="documentation/basic-setup/running-as-a-service/linux-with-systemd-as-a-user">
<h5>Linux with systemd as a user <a class="headerlink" href="#documentation/basic-setup/running-as-a-service/linux-with-systemd-as-a-user">&para;</a></h5>
<p>Create the file <code>~/.config/systemd/user/radicale.service</code>:</p>
<div class="sourceCode" id="cb12"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb12-1"><a href="#cb12-1"></a><span class="kw">[Unit]</span></span>
<span id="cb12-2"><a href="#cb12-2"></a><span class="dt">Description</span><span class="ot">=</span><span class="st">A simple CalDAV (calendar) and CardDAV (contact) server</span></span>
<span id="cb12-3"><a href="#cb12-3"></a></span>
<span id="cb12-4"><a href="#cb12-4"></a><span class="kw">[Service]</span></span>
<span id="cb12-5"><a href="#cb12-5"></a><span class="dt">ExecStart</span><span class="ot">=</span><span class="st">/usr/bin/env python3 -m radicale</span></span>
<span id="cb12-6"><a href="#cb12-6"></a><span class="dt">Restart</span><span class="ot">=</span><span class="kw">on</span><span class="st">-failure</span></span>
<span id="cb12-7"><a href="#cb12-7"></a></span>
<span id="cb12-8"><a href="#cb12-8"></a><span class="kw">[Install]</span></span>
<span id="cb12-9"><a href="#cb12-9"></a><span class="dt">WantedBy</span><span class="ot">=</span><span class="kw">default</span><span class="st">.target</span></span></code></pre></div>
<div class="sourceCode" id="cb11"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb11-1"><a href="#cb11-1"></a><span class="kw">[Unit]</span></span>
<span id="cb11-2"><a href="#cb11-2"></a><span class="dt">Description</span><span class="ot">=</span><span class="st">A simple CalDAV (calendar) and CardDAV (contact) server</span></span>
<span id="cb11-3"><a href="#cb11-3"></a></span>
<span id="cb11-4"><a href="#cb11-4"></a><span class="kw">[Service]</span></span>
<span id="cb11-5"><a href="#cb11-5"></a><span class="dt">ExecStart</span><span class="ot">=</span><span class="st">/usr/bin/env python3 -m radicale</span></span>
<span id="cb11-6"><a href="#cb11-6"></a><span class="dt">Restart</span><span class="ot">=</span><span class="kw">on</span><span class="st">-failure</span></span>
<span id="cb11-7"><a href="#cb11-7"></a></span>
<span id="cb11-8"><a href="#cb11-8"></a><span class="kw">[Install]</span></span>
<span id="cb11-9"><a href="#cb11-9"></a><span class="dt">WantedBy</span><span class="ot">=</span><span class="kw">default</span><span class="st">.target</span></span></code></pre></div>
<p>Radicale will load the configuration file from <code>~/.config/radicale/config</code>. You should set the configuration option <code>filesystem_folder</code> in the <code>storage</code> section to something like <code>~/.var/lib/radicale/collections</code>.</p>
<p>To enable and manage the service run:</p>
<div class="sourceCode" id="cb13"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb13-1"><a href="#cb13-1"></a><span class="co"># Enable the service</span></span>
<span id="cb13-2"><a href="#cb13-2"></a>$ <span class="ex">systemctl</span> --user enable radicale</span>
<span id="cb13-3"><a href="#cb13-3"></a><span class="co"># Start the service</span></span>
<span id="cb13-4"><a href="#cb13-4"></a>$ <span class="ex">systemctl</span> --user start radicale</span>
<span id="cb13-5"><a href="#cb13-5"></a><span class="co"># Check the status of the service</span></span>
<span id="cb13-6"><a href="#cb13-6"></a>$ <span class="ex">systemctl</span> --user status radicale</span>
<span id="cb13-7"><a href="#cb13-7"></a><span class="co"># View all log messages</span></span>
<span id="cb13-8"><a href="#cb13-8"></a>$ <span class="ex">journalctl</span> --user --unit radicale.service</span></code></pre></div>
<div class="sourceCode" id="cb12"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb12-1"><a href="#cb12-1"></a><span class="co"># Enable the service</span></span>
<span id="cb12-2"><a href="#cb12-2"></a>$ <span class="ex">systemctl</span> --user enable radicale</span>
<span id="cb12-3"><a href="#cb12-3"></a><span class="co"># Start the service</span></span>
<span id="cb12-4"><a href="#cb12-4"></a>$ <span class="ex">systemctl</span> --user start radicale</span>
<span id="cb12-5"><a href="#cb12-5"></a><span class="co"># Check the status of the service</span></span>
<span id="cb12-6"><a href="#cb12-6"></a>$ <span class="ex">systemctl</span> --user status radicale</span>
<span id="cb12-7"><a href="#cb12-7"></a><span class="co"># View all log messages</span></span>
<span id="cb12-8"><a href="#cb12-8"></a>$ <span class="ex">journalctl</span> --user --unit radicale.service</span></code></pre></div>
</section>
<section class="level5" id="documentation/basic-setup/running-as-a-service/linux-with-systemd-system-wide">
<h5>Linux with systemd system-wide <a class="headerlink" href="#documentation/basic-setup/running-as-a-service/linux-with-systemd-system-wide">&para;</a></h5>
<p>Create the <strong>radicale</strong> user and group for the Radicale service. (Run <code>useradd --system --home-dir / --shell /sbin/nologin radicale</code> as root.) The storage folder must be writable by <strong>radicale</strong>. (Run <code>mkdir -p /var/lib/radicale/collections &amp;&amp; chown -R radicale:radicale /var/lib/radicale/collections</code> as root.)</p>
<p><strong>Security:</strong> The storage should not be readable by others. (Run <code>chmod -R o= /var/lib/radicale/collections</code> as root.)</p>
<p>Create the file <code>/etc/systemd/system/radicale.service</code>:</p>
<div class="sourceCode" id="cb14"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb14-1"><a href="#cb14-1"></a><span class="kw">[Unit]</span></span>
<span id="cb14-2"><a href="#cb14-2"></a><span class="dt">Description</span><span class="ot">=</span><span class="st">A simple CalDAV (calendar) and CardDAV (contact) server</span></span>
<span id="cb14-3"><a href="#cb14-3"></a><span class="dt">After</span><span class="ot">=</span><span class="st">network.target</span></span>
<span id="cb14-4"><a href="#cb14-4"></a><span class="dt">Requires</span><span class="ot">=</span><span class="st">network.target</span></span>
<span id="cb14-5"><a href="#cb14-5"></a></span>
<span id="cb14-6"><a href="#cb14-6"></a><span class="kw">[Service]</span></span>
<span id="cb14-7"><a href="#cb14-7"></a><span class="dt">ExecStart</span><span class="ot">=</span><span class="st">/usr/bin/env python3 -m radicale</span></span>
<span id="cb14-8"><a href="#cb14-8"></a><span class="dt">Restart</span><span class="ot">=</span><span class="kw">on</span><span class="st">-failure</span></span>
<span id="cb14-9"><a href="#cb14-9"></a><span class="dt">User</span><span class="ot">=</span><span class="st">radicale</span></span>
<span id="cb14-10"><a href="#cb14-10"></a><span class="co"># Deny other users access to the calendar data</span></span>
<span id="cb14-11"><a href="#cb14-11"></a><span class="dt">UMask</span><span class="ot">=</span><span class="dv">0027</span></span>
<span id="cb14-12"><a href="#cb14-12"></a><span class="co"># Optional security settings</span></span>
<span id="cb14-13"><a href="#cb14-13"></a><span class="dt">PrivateTmp</span><span class="ot">=</span><span class="kw">true</span></span>
<span id="cb14-14"><a href="#cb14-14"></a><span class="dt">ProtectSystem</span><span class="ot">=</span><span class="st">strict</span></span>
<span id="cb14-15"><a href="#cb14-15"></a><span class="dt">ProtectHome</span><span class="ot">=</span><span class="kw">true</span></span>
<span id="cb14-16"><a href="#cb14-16"></a><span class="dt">PrivateDevices</span><span class="ot">=</span><span class="kw">true</span></span>
<span id="cb14-17"><a href="#cb14-17"></a><span class="dt">ProtectKernelTunables</span><span class="ot">=</span><span class="kw">true</span></span>
<span id="cb14-18"><a href="#cb14-18"></a><span class="dt">ProtectKernelModules</span><span class="ot">=</span><span class="kw">true</span></span>
<span id="cb14-19"><a href="#cb14-19"></a><span class="dt">ProtectControlGroups</span><span class="ot">=</span><span class="kw">true</span></span>
<span id="cb14-20"><a href="#cb14-20"></a><span class="dt">NoNewPrivileges</span><span class="ot">=</span><span class="kw">true</span></span>
<span id="cb14-21"><a href="#cb14-21"></a><span class="dt">ReadWritePaths</span><span class="ot">=</span><span class="st">/var/lib/radicale/collections</span></span>
<span id="cb14-22"><a href="#cb14-22"></a></span>
<span id="cb14-23"><a href="#cb14-23"></a><span class="kw">[Install]</span></span>
<span id="cb14-24"><a href="#cb14-24"></a><span class="dt">WantedBy</span><span class="ot">=</span><span class="st">multi-user.target</span></span></code></pre></div>
<div class="sourceCode" id="cb13"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb13-1"><a href="#cb13-1"></a><span class="kw">[Unit]</span></span>
<span id="cb13-2"><a href="#cb13-2"></a><span class="dt">Description</span><span class="ot">=</span><span class="st">A simple CalDAV (calendar) and CardDAV (contact) server</span></span>
<span id="cb13-3"><a href="#cb13-3"></a><span class="dt">After</span><span class="ot">=</span><span class="st">network.target</span></span>
<span id="cb13-4"><a href="#cb13-4"></a><span class="dt">Requires</span><span class="ot">=</span><span class="st">network.target</span></span>
<span id="cb13-5"><a href="#cb13-5"></a></span>
<span id="cb13-6"><a href="#cb13-6"></a><span class="kw">[Service]</span></span>
<span id="cb13-7"><a href="#cb13-7"></a><span class="dt">ExecStart</span><span class="ot">=</span><span class="st">/usr/bin/env python3 -m radicale</span></span>
<span id="cb13-8"><a href="#cb13-8"></a><span class="dt">Restart</span><span class="ot">=</span><span class="kw">on</span><span class="st">-failure</span></span>
<span id="cb13-9"><a href="#cb13-9"></a><span class="dt">User</span><span class="ot">=</span><span class="st">radicale</span></span>
<span id="cb13-10"><a href="#cb13-10"></a><span class="co"># Deny other users access to the calendar data</span></span>
<span id="cb13-11"><a href="#cb13-11"></a><span class="dt">UMask</span><span class="ot">=</span><span class="dv">0027</span></span>
<span id="cb13-12"><a href="#cb13-12"></a><span class="co"># Optional security settings</span></span>
<span id="cb13-13"><a href="#cb13-13"></a><span class="dt">PrivateTmp</span><span class="ot">=</span><span class="kw">true</span></span>
<span id="cb13-14"><a href="#cb13-14"></a><span class="dt">ProtectSystem</span><span class="ot">=</span><span class="st">strict</span></span>
<span id="cb13-15"><a href="#cb13-15"></a><span class="dt">ProtectHome</span><span class="ot">=</span><span class="kw">true</span></span>
<span id="cb13-16"><a href="#cb13-16"></a><span class="dt">PrivateDevices</span><span class="ot">=</span><span class="kw">true</span></span>
<span id="cb13-17"><a href="#cb13-17"></a><span class="dt">ProtectKernelTunables</span><span class="ot">=</span><span class="kw">true</span></span>
<span id="cb13-18"><a href="#cb13-18"></a><span class="dt">ProtectKernelModules</span><span class="ot">=</span><span class="kw">true</span></span>
<span id="cb13-19"><a href="#cb13-19"></a><span class="dt">ProtectControlGroups</span><span class="ot">=</span><span class="kw">true</span></span>
<span id="cb13-20"><a href="#cb13-20"></a><span class="dt">NoNewPrivileges</span><span class="ot">=</span><span class="kw">true</span></span>
<span id="cb13-21"><a href="#cb13-21"></a><span class="dt">ReadWritePaths</span><span class="ot">=</span><span class="st">/var/lib/radicale/collections</span></span>
<span id="cb13-22"><a href="#cb13-22"></a></span>
<span id="cb13-23"><a href="#cb13-23"></a><span class="kw">[Install]</span></span>
<span id="cb13-24"><a href="#cb13-24"></a><span class="dt">WantedBy</span><span class="ot">=</span><span class="st">multi-user.target</span></span></code></pre></div>
<p>Radicale will load the configuration file from <code>/etc/radicale/config</code>.</p>
<p>To enable and manage the service run:</p>
<div class="sourceCode" id="cb15"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb15-1"><a href="#cb15-1"></a><span class="co"># Enable the service</span></span>
<span id="cb15-2"><a href="#cb15-2"></a>$ <span class="ex">systemctl</span> enable radicale</span>
<span id="cb15-3"><a href="#cb15-3"></a><span class="co"># Start the service</span></span>
<span id="cb15-4"><a href="#cb15-4"></a>$ <span class="ex">systemctl</span> start radicale</span>
<span id="cb15-5"><a href="#cb15-5"></a><span class="co"># Check the status of the service</span></span>
<span id="cb15-6"><a href="#cb15-6"></a>$ <span class="ex">systemctl</span> status radicale</span>
<span id="cb15-7"><a href="#cb15-7"></a><span class="co"># View all log messages</span></span>
<span id="cb15-8"><a href="#cb15-8"></a>$ <span class="ex">journalctl</span> --unit radicale.service</span></code></pre></div>
<div class="sourceCode" id="cb14"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb14-1"><a href="#cb14-1"></a><span class="co"># Enable the service</span></span>
<span id="cb14-2"><a href="#cb14-2"></a>$ <span class="ex">systemctl</span> enable radicale</span>
<span id="cb14-3"><a href="#cb14-3"></a><span class="co"># Start the service</span></span>
<span id="cb14-4"><a href="#cb14-4"></a>$ <span class="ex">systemctl</span> start radicale</span>
<span id="cb14-5"><a href="#cb14-5"></a><span class="co"># Check the status of the service</span></span>
<span id="cb14-6"><a href="#cb14-6"></a>$ <span class="ex">systemctl</span> status radicale</span>
<span id="cb14-7"><a href="#cb14-7"></a><span class="co"># View all log messages</span></span>
<span id="cb14-8"><a href="#cb14-8"></a>$ <span class="ex">journalctl</span> --unit radicale.service</span></code></pre></div>
</section>
</section>
<section class="level4" id="documentation/basic-setup/macos-with-launchd">
<h4>MacOS with launchd <a class="headerlink" href="#documentation/basic-setup/macos-with-launchd">&para;</a></h4>
<p><em>To be written.</em></p>
</section>
<section class="level4" id="documentation/basic-setup/classic-daemonization">
<h4>Classic daemonization <a class="headerlink" href="#documentation/basic-setup/classic-daemonization">&para;</a></h4>
<p>Set the configuration option <code>daemon</code> in the section <code>server</code> to <code>True</code>. You may want to set the option <code>pid</code> to the path of a PID file.</p>
<p>After daemonization the server will not log anything. You have to configure <a href="#documentation/logging">Logging</a>.</p>
<p>If you start Radicale now, it will initialize and fork into the background. The main process exits, after the PID file is written.</p>
<p><strong>Security:</strong> You can set the <strong>umask</strong> with <code>umask 0027</code> before you start the daemon, to protect your calendar data and log files from other users. Don't forget to set permissions of files that are already created!</p>
</section>
<section class="level4" id="documentation/basic-setup/windows-with-nssm---the-non-sucking-service-manager">
<h4>Windows with "NSSM - the Non-Sucking Service Manager" <a class="headerlink" href="#documentation/basic-setup/windows-with-nssm---the-non-sucking-service-manager">&para;</a></h4>
<p>First install <a href="https://nssm.cc/">NSSM</a> and start <code>nssm install</code> in a command prompt. Apply the following configuration:</p>
@ -510,14 +494,14 @@ user2:password2
}
</code></pre>
<p>Example <strong>Apache</strong> configuration:</p>
<div class="sourceCode" id="cb17"><pre class="sourceCode apache"><code class="sourceCode apache"><span id="cb17-1"><a href="#cb17-1"></a><span class="ex">RewriteEngine</span><span class="ch"> </span><span class="kw">On</span></span>
<span id="cb17-2"><a href="#cb17-2"></a>RewriteRule<span class="st"> ^/radicale$ /radicale/ [R,L]</span></span>
<span id="cb17-3"><a href="#cb17-3"></a></span>
<span id="cb17-4"><a href="#cb17-4"></a><span class="fu">&lt;Location</span><span class="at"> "/radicale/"</span><span class="fu">&gt;</span></span>
<span id="cb17-5"><a href="#cb17-5"></a> ProxyPass<span class="st"> http://localhost:5232/ retry=0</span></span>
<span id="cb17-6"><a href="#cb17-6"></a> ProxyPassReverse<span class="st"> http://localhost:5232/</span></span>
<span id="cb17-7"><a href="#cb17-7"></a> RequestHeader<span class="st"> set X-Script-Name /radicale/</span></span>
<span id="cb17-8"><a href="#cb17-8"></a><span class="fu">&lt;/Location&gt;</span></span></code></pre></div>
<div class="sourceCode" id="cb16"><pre class="sourceCode apache"><code class="sourceCode apache"><span id="cb16-1"><a href="#cb16-1"></a><span class="ex">RewriteEngine</span><span class="ch"> </span><span class="kw">On</span></span>
<span id="cb16-2"><a href="#cb16-2"></a>RewriteRule<span class="st"> ^/radicale$ /radicale/ [R,L]</span></span>
<span id="cb16-3"><a href="#cb16-3"></a></span>
<span id="cb16-4"><a href="#cb16-4"></a><span class="fu">&lt;Location</span><span class="at"> "/radicale/"</span><span class="fu">&gt;</span></span>
<span id="cb16-5"><a href="#cb16-5"></a> ProxyPass<span class="st"> http://localhost:5232/ retry=0</span></span>
<span id="cb16-6"><a href="#cb16-6"></a> ProxyPassReverse<span class="st"> http://localhost:5232/</span></span>
<span id="cb16-7"><a href="#cb16-7"></a> RequestHeader<span class="st"> set X-Script-Name /radicale/</span></span>
<span id="cb16-8"><a href="#cb16-8"></a><span class="fu">&lt;/Location&gt;</span></span></code></pre></div>
<p>Be reminded that Radicale's default configuration enforces limits on the maximum number of parallel connections, the maximum file size and the rate of incorrect authentication attempts. Connections are terminated after a timeout.</p>
<section class="level4" id="documentation/reverse-proxy/manage-user-accounts-with-the-reverse-proxy">
<h4>Manage user accounts with the reverse proxy <a class="headerlink" href="#documentation/reverse-proxy/manage-user-accounts-with-the-reverse-proxy">&para;</a></h4>
@ -533,33 +517,33 @@ user2:password2
}
</code></pre>
<p>Example <strong>Apache</strong> configuration:</p>
<div class="sourceCode" id="cb19"><pre class="sourceCode apache"><code class="sourceCode apache"><span id="cb19-1"><a href="#cb19-1"></a><span class="ex">RewriteEngine</span><span class="ch"> </span><span class="kw">On</span></span>
<span id="cb19-2"><a href="#cb19-2"></a>RewriteRule<span class="st"> ^/radicale$ /radicale/ [R,L]</span></span>
<span id="cb19-3"><a href="#cb19-3"></a></span>
<span id="cb19-4"><a href="#cb19-4"></a><span class="fu">&lt;Location</span><span class="at"> "/radicale/"</span><span class="fu">&gt;</span></span>
<span id="cb19-5"><a href="#cb19-5"></a> <span class="ex">AuthType</span><span class="ch"> </span><span class="kw">Basic</span></span>
<span id="cb19-6"><a href="#cb19-6"></a> AuthName<span class="st"> "Radicale - Password Required"</span></span>
<span id="cb19-7"><a href="#cb19-7"></a> AuthUserFile<span class="st"> "/etc/radicale/htpasswd"</span></span>
<span id="cb19-8"><a href="#cb19-8"></a> Require<span class="st"> valid-user</span></span>
<span id="cb19-9"><a href="#cb19-9"></a></span>
<span id="cb19-10"><a href="#cb19-10"></a> ProxyPass<span class="st"> http://localhost:5232/ retry=0</span></span>
<span id="cb19-11"><a href="#cb19-11"></a> ProxyPassReverse<span class="st"> http://localhost:5232/</span></span>
<span id="cb19-12"><a href="#cb19-12"></a> RequestHeader<span class="st"> set X-Script-Name /radicale/</span></span>
<span id="cb19-13"><a href="#cb19-13"></a> RequestHeader<span class="st"> set X-Remote-User expr=%{REMOTE_USER}</span></span>
<span id="cb19-14"><a href="#cb19-14"></a><span class="fu">&lt;/Location&gt;</span></span></code></pre></div>
<div class="sourceCode" id="cb18"><pre class="sourceCode apache"><code class="sourceCode apache"><span id="cb18-1"><a href="#cb18-1"></a><span class="ex">RewriteEngine</span><span class="ch"> </span><span class="kw">On</span></span>
<span id="cb18-2"><a href="#cb18-2"></a>RewriteRule<span class="st"> ^/radicale$ /radicale/ [R,L]</span></span>
<span id="cb18-3"><a href="#cb18-3"></a></span>
<span id="cb18-4"><a href="#cb18-4"></a><span class="fu">&lt;Location</span><span class="at"> "/radicale/"</span><span class="fu">&gt;</span></span>
<span id="cb18-5"><a href="#cb18-5"></a> <span class="ex">AuthType</span><span class="ch"> </span><span class="kw">Basic</span></span>
<span id="cb18-6"><a href="#cb18-6"></a> AuthName<span class="st"> "Radicale - Password Required"</span></span>
<span id="cb18-7"><a href="#cb18-7"></a> AuthUserFile<span class="st"> "/etc/radicale/htpasswd"</span></span>
<span id="cb18-8"><a href="#cb18-8"></a> Require<span class="st"> valid-user</span></span>
<span id="cb18-9"><a href="#cb18-9"></a></span>
<span id="cb18-10"><a href="#cb18-10"></a> ProxyPass<span class="st"> http://localhost:5232/ retry=0</span></span>
<span id="cb18-11"><a href="#cb18-11"></a> ProxyPassReverse<span class="st"> http://localhost:5232/</span></span>
<span id="cb18-12"><a href="#cb18-12"></a> RequestHeader<span class="st"> set X-Script-Name /radicale/</span></span>
<span id="cb18-13"><a href="#cb18-13"></a> RequestHeader<span class="st"> set X-Remote-User expr=%{REMOTE_USER}</span></span>
<span id="cb18-14"><a href="#cb18-14"></a><span class="fu">&lt;/Location&gt;</span></span></code></pre></div>
<p><strong>Security:</strong> Untrusted clients should not be able to access the Radicale server directly. Otherwise, they can authenticate as any user.</p>
</section>
<section class="level4" id="documentation/reverse-proxy/secure-connection-between-radicale-and-the-reverse-proxy">
<h4>Secure connection between Radicale and the reverse proxy <a class="headerlink" href="#documentation/reverse-proxy/secure-connection-between-radicale-and-the-reverse-proxy">&para;</a></h4>
<p>SSL certificates can be used to encrypt and authenticate the connection between Radicale and the reverse proxy. First you have to generate a certificate for Radicale and a certificate for the reverse proxy. The following commands generate self-signed certificates. You will be asked to enter additional information about the certificate, the values don't matter and you can keep the defaults.</p>
<div class="sourceCode" id="cb20"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb20-1"><a href="#cb20-1"></a>$ <span class="ex">openssl</span> req -x509 -newkey rsa:4096 -keyout server_key.pem -out server_cert.pem -nodes -days 9999</span>
<span id="cb20-2"><a href="#cb20-2"></a>$ <span class="ex">openssl</span> req -x509 -newkey rsa:4096 -keyout client_key.pem -out client_cert.pem -nodes -days 9999</span></code></pre></div>
<div class="sourceCode" id="cb19"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb19-1"><a href="#cb19-1"></a>$ <span class="ex">openssl</span> req -x509 -newkey rsa:4096 -keyout server_key.pem -out server_cert.pem -nodes -days 9999</span>
<span id="cb19-2"><a href="#cb19-2"></a>$ <span class="ex">openssl</span> req -x509 -newkey rsa:4096 -keyout client_key.pem -out client_cert.pem -nodes -days 9999</span></code></pre></div>
<p>Use the following configuration for Radicale:</p>
<div class="sourceCode" id="cb21"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb21-1"><a href="#cb21-1"></a><span class="kw">[server]</span></span>
<span id="cb21-2"><a href="#cb21-2"></a><span class="dt">ssl </span><span class="ot">=</span><span class="st"> </span><span class="kw">True</span></span>
<span id="cb21-3"><a href="#cb21-3"></a><span class="dt">certificate </span><span class="ot">=</span><span class="st"> /path/to/server_cert.pem</span></span>
<span id="cb21-4"><a href="#cb21-4"></a><span class="dt">key </span><span class="ot">=</span><span class="st"> /path/to/server_key.pem</span></span>
<span id="cb21-5"><a href="#cb21-5"></a><span class="dt">certificate_authority </span><span class="ot">=</span><span class="st"> /path/to/client_cert.pem</span></span></code></pre></div>
<div class="sourceCode" id="cb20"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb20-1"><a href="#cb20-1"></a><span class="kw">[server]</span></span>
<span id="cb20-2"><a href="#cb20-2"></a><span class="dt">ssl </span><span class="ot">=</span><span class="st"> </span><span class="kw">True</span></span>
<span id="cb20-3"><a href="#cb20-3"></a><span class="dt">certificate </span><span class="ot">=</span><span class="st"> /path/to/server_cert.pem</span></span>
<span id="cb20-4"><a href="#cb20-4"></a><span class="dt">key </span><span class="ot">=</span><span class="st"> /path/to/server_key.pem</span></span>
<span id="cb20-5"><a href="#cb20-5"></a><span class="dt">certificate_authority </span><span class="ot">=</span><span class="st"> /path/to/client_cert.pem</span></span></code></pre></div>
<p>Example <strong>nginx</strong> configuration:</p>
<pre class="nginx"><code>location /radicale/ {
proxy_pass https://localhost:5232/;
@ -579,14 +563,14 @@ user2:password2
<p>Be reminded that Radicale's default configuration enforces limits on the maximum upload file size.</p>
<p><strong>Security:</strong> The <code>None</code> authentication type disables all rights checking. Don't use it with <code>REMOTE_USER</code>. Use <code>remote_user</code> instead.</p>
<p>Example <strong>uWSGI</strong> configuration:</p>
<div class="sourceCode" id="cb23"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb23-1"><a href="#cb23-1"></a><span class="kw">[uwsgi]</span></span>
<span id="cb23-2"><a href="#cb23-2"></a><span class="dt">http-socket </span><span class="ot">=</span><span class="st"> </span><span class="dv">127</span><span class="st">.</span><span class="dv">0</span><span class="st">.</span><span class="fl">0.1</span><span class="st">:</span><span class="dv">5232</span></span>
<span id="cb23-3"><a href="#cb23-3"></a><span class="dt">processes </span><span class="ot">=</span><span class="st"> </span><span class="dv">8</span></span>
<span id="cb23-4"><a href="#cb23-4"></a><span class="dt">plugin </span><span class="ot">=</span><span class="st"> python3</span></span>
<span id="cb23-5"><a href="#cb23-5"></a><span class="dt">module </span><span class="ot">=</span><span class="st"> radicale</span></span>
<span id="cb23-6"><a href="#cb23-6"></a><span class="dt">env </span><span class="ot">=</span><span class="st"> RADICALE_CONFIG=/etc/radicale/config</span></span></code></pre></div>
<div class="sourceCode" id="cb22"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb22-1"><a href="#cb22-1"></a><span class="kw">[uwsgi]</span></span>
<span id="cb22-2"><a href="#cb22-2"></a><span class="dt">http-socket </span><span class="ot">=</span><span class="st"> </span><span class="dv">127</span><span class="st">.</span><span class="dv">0</span><span class="st">.</span><span class="fl">0.1</span><span class="st">:</span><span class="dv">5232</span></span>
<span id="cb22-3"><a href="#cb22-3"></a><span class="dt">processes </span><span class="ot">=</span><span class="st"> </span><span class="dv">8</span></span>
<span id="cb22-4"><a href="#cb22-4"></a><span class="dt">plugin </span><span class="ot">=</span><span class="st"> python3</span></span>
<span id="cb22-5"><a href="#cb22-5"></a><span class="dt">module </span><span class="ot">=</span><span class="st"> radicale</span></span>
<span id="cb22-6"><a href="#cb22-6"></a><span class="dt">env </span><span class="ot">=</span><span class="st"> RADICALE_CONFIG=/etc/radicale/config</span></span></code></pre></div>
<p>Example <strong>Gunicorn</strong> configuration:</p>
<div class="sourceCode" id="cb24"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb24-1"><a href="#cb24-1"></a><span class="ex">gunicorn</span> --bind <span class="st">'127.0.0.1:5232'</span> --workers 8 --env <span class="st">'RADICALE_CONFIG=/etc/radicale/config'</span> radicale</span></code></pre></div>
<div class="sourceCode" id="cb23"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb23-1"><a href="#cb23-1"></a><span class="ex">gunicorn</span> --bind <span class="st">'127.0.0.1:5232'</span> --workers 8 --env <span class="st">'RADICALE_CONFIG=/etc/radicale/config'</span> radicale</span></code></pre></div>
<section class="level4" id="documentation/wsgi/manage-user-accounts-with-the-wsgi-server">
<h4>Manage user accounts with the WSGI server <a class="headerlink" href="#documentation/wsgi/manage-user-accounts-with-the-wsgi-server">&para;</a></h4>
<p>Set the configuration option <code>type</code> in the <code>auth</code> section to <code>remote_user</code>. Radicale uses the user name provided by the WSGI server and disables authentication over HTTP.</p>
@ -601,7 +585,7 @@ user2:password2
.Radicale.tmp-*
</code></pre>
<p>The configuration option <code>hook</code> in the <code>storage</code> section must be set to the following command:</p>
<div class="sourceCode" id="cb26"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb26-1"><a href="#cb26-1"></a><span class="fu">git</span> add -A <span class="kw">&amp;&amp;</span> <span class="kw">(</span><span class="fu">git</span> diff --cached --quiet <span class="kw">||</span> <span class="fu">git</span> commit -m <span class="st">"Changes by "</span>%(user<span class="kw">)</span><span class="ex">s</span>)</span></code></pre></div>
<div class="sourceCode" id="cb25"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb25-1"><a href="#cb25-1"></a><span class="fu">git</span> add -A <span class="kw">&amp;&amp;</span> <span class="kw">(</span><span class="fu">git</span> diff --cached --quiet <span class="kw">||</span> <span class="fu">git</span> commit -m <span class="st">"Changes by "</span>%(user<span class="kw">)</span><span class="ex">s</span>)</span></code></pre></div>
<p>The command gets executed after every change to the storage and commits the changes into the <strong>git</strong> repository.</p>
</section>
<section class="level3" id="documentation/clients">
@ -613,7 +597,7 @@ user2:password2
<li><a href="https://www.mozilla.org/thunderbird/">Mozilla Thunderbird</a> with <a href="https://addons.mozilla.org/thunderbird/addon/cardbook/">CardBook</a> and <a href="https://www.mozilla.org/projects/calendar/">Lightning</a></li>
<li><a href="https://www.inf-it.com/open-source/clients/infcloud/">InfCloud</a>, <a href="https://www.inf-it.com/open-source/clients/caldavzap/">CalDavZAP</a> and <a href="https://www.inf-it.com/open-source/clients/carddavmate/">CardDavMATE</a></li>
</ul>
<p>Many clients do not support the creation of new calendars and address books. You can use Radicale's web interface (e.g. <a href="http://localhost:5232">http://localhost:5232</a>) to create and manage collections.</p>
<p>Many clients do not support the creation of new calendars and address books. You can use Radicale's web interface (e.g. <a href="http://localhost:5232">http://localhost:5232</a>) to create and manage address books and calendars.</p>
<p>In some clients you can just enter the URL of the Radicale server (e.g. <code>http://localhost:5232</code>) and your user name. In others, you have to enter the URL of the collection directly (e.g. <code>http://localhost:5232/user/calendar</code>).</p>
<section class="level4" id="documentation/clients/davx⁵">
<h4>DAVx⁵ <a class="headerlink" href="#documentation/clients/davx⁵">&para;</a></h4>
@ -646,53 +630,53 @@ user2:password2
<section class="level5" id="documentation/clients/manual-creation-of-calendars-and-address-books/direct-editing-of-the-storage">
<h5>Direct editing of the storage <a class="headerlink" href="#documentation/clients/manual-creation-of-calendars-and-address-books/direct-editing-of-the-storage">&para;</a></h5>
<p>To create a new collection, you have to create the corresponding folder in the file system storage (e.g. <code>collection-root/user/calendar</code>). To tell Radicale and clients that the collection is a calendar, you have to create the file <code>.Radicale.props</code> with the following content in the folder:</p>
<div class="sourceCode" id="cb27"><pre class="sourceCode json"><code class="sourceCode json"><span id="cb27-1"><a href="#cb27-1"></a><span class="fu">{</span><span class="dt">"tag"</span><span class="fu">:</span> <span class="st">"VCALENDAR"</span><span class="fu">}</span></span></code></pre></div>
<div class="sourceCode" id="cb26"><pre class="sourceCode json"><code class="sourceCode json"><span id="cb26-1"><a href="#cb26-1"></a><span class="fu">{</span><span class="dt">"tag"</span><span class="fu">:</span> <span class="st">"VCALENDAR"</span><span class="fu">}</span></span></code></pre></div>
<p>The calendar is now available at the URL path <code>/user/calendar</code>. For address books the file must contain:</p>
<div class="sourceCode" id="cb28"><pre class="sourceCode json"><code class="sourceCode json"><span id="cb28-1"><a href="#cb28-1"></a><span class="fu">{</span><span class="dt">"tag"</span><span class="fu">:</span> <span class="st">"VADDRESSBOOK"</span><span class="fu">}</span></span></code></pre></div>
<div class="sourceCode" id="cb27"><pre class="sourceCode json"><code class="sourceCode json"><span id="cb27-1"><a href="#cb27-1"></a><span class="fu">{</span><span class="dt">"tag"</span><span class="fu">:</span> <span class="st">"VADDRESSBOOK"</span><span class="fu">}</span></span></code></pre></div>
<p>Calendar and address book collections must not have any child collections. Clients with automatic discovery of collections will only show calendars and addressbooks that are direct children of the path <code>/USERNAME/</code>.</p>
<p>Delete collections by deleting the corresponding folders.</p>
</section>
<section class="level5" id="documentation/clients/manual-creation-of-calendars-and-address-books/http-requests-with-curl">
<h5>HTTP requests with curl <a class="headerlink" href="#documentation/clients/manual-creation-of-calendars-and-address-books/http-requests-with-curl">&para;</a></h5>
<p>To create a new calendar run something like:</p>
<div class="sourceCode" id="cb29"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb29-1"><a href="#cb29-1"></a>$ <span class="ex">curl</span> -u user -X MKCOL <span class="st">'http://localhost:5232/user/calendar'</span> --data \</span>
<div class="sourceCode" id="cb28"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb28-1"><a href="#cb28-1"></a>$ <span class="ex">curl</span> -u user -X MKCOL <span class="st">'http://localhost:5232/user/calendar'</span> --data \</span>
<span id="cb28-2"><a href="#cb28-2"></a><span class="st">'&lt;?xml version="1.0" encoding="UTF-8" ?&gt;</span></span>
<span id="cb28-3"><a href="#cb28-3"></a><span class="st">&lt;create xmlns="DAV:" xmlns:C="urn:ietf:params:xml:ns:caldav" xmlns:I="http://apple.com/ns/ical/"&gt;</span></span>
<span id="cb28-4"><a href="#cb28-4"></a><span class="st"> &lt;set&gt;</span></span>
<span id="cb28-5"><a href="#cb28-5"></a><span class="st"> &lt;prop&gt;</span></span>
<span id="cb28-6"><a href="#cb28-6"></a><span class="st"> &lt;resourcetype&gt;</span></span>
<span id="cb28-7"><a href="#cb28-7"></a><span class="st"> &lt;collection /&gt;</span></span>
<span id="cb28-8"><a href="#cb28-8"></a><span class="st"> &lt;C:calendar /&gt;</span></span>
<span id="cb28-9"><a href="#cb28-9"></a><span class="st"> &lt;/resourcetype&gt;</span></span>
<span id="cb28-10"><a href="#cb28-10"></a><span class="st"> &lt;C:supported-calendar-component-set&gt;</span></span>
<span id="cb28-11"><a href="#cb28-11"></a><span class="st"> &lt;C:comp name="VEVENT" /&gt;</span></span>
<span id="cb28-12"><a href="#cb28-12"></a><span class="st"> &lt;C:comp name="VJOURNAL" /&gt;</span></span>
<span id="cb28-13"><a href="#cb28-13"></a><span class="st"> &lt;C:comp name="VTODO" /&gt;</span></span>
<span id="cb28-14"><a href="#cb28-14"></a><span class="st"> &lt;/C:supported-calendar-component-set&gt;</span></span>
<span id="cb28-15"><a href="#cb28-15"></a><span class="st"> &lt;displayname&gt;Calendar&lt;/displayname&gt;</span></span>
<span id="cb28-16"><a href="#cb28-16"></a><span class="st"> &lt;C:calendar-description&gt;Example calendar&lt;/C:calendar-description&gt;</span></span>
<span id="cb28-17"><a href="#cb28-17"></a><span class="st"> &lt;I:calendar-color&gt;#ff0000ff&lt;/I:calendar-color&gt;</span></span>
<span id="cb28-18"><a href="#cb28-18"></a><span class="st"> &lt;/prop&gt;</span></span>
<span id="cb28-19"><a href="#cb28-19"></a><span class="st"> &lt;/set&gt;</span></span>
<span id="cb28-20"><a href="#cb28-20"></a><span class="st">&lt;/create&gt;'</span></span></code></pre></div>
<p>To create a new address book run something like:</p>
<div class="sourceCode" id="cb29"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb29-1"><a href="#cb29-1"></a>$ <span class="ex">curl</span> -u user -X MKCOL <span class="st">'http://localhost:5232/user/addressbook'</span> --data \</span>
<span id="cb29-2"><a href="#cb29-2"></a><span class="st">'&lt;?xml version="1.0" encoding="UTF-8" ?&gt;</span></span>
<span id="cb29-3"><a href="#cb29-3"></a><span class="st">&lt;create xmlns="DAV:" xmlns:C="urn:ietf:params:xml:ns:caldav" xmlns:I="http://apple.com/ns/ical/"&gt;</span></span>
<span id="cb29-3"><a href="#cb29-3"></a><span class="st">&lt;create xmlns="DAV:" xmlns:CR="urn:ietf:params:xml:ns:carddav"&gt;</span></span>
<span id="cb29-4"><a href="#cb29-4"></a><span class="st"> &lt;set&gt;</span></span>
<span id="cb29-5"><a href="#cb29-5"></a><span class="st"> &lt;prop&gt;</span></span>
<span id="cb29-6"><a href="#cb29-6"></a><span class="st"> &lt;resourcetype&gt;</span></span>
<span id="cb29-7"><a href="#cb29-7"></a><span class="st"> &lt;collection /&gt;</span></span>
<span id="cb29-8"><a href="#cb29-8"></a><span class="st"> &lt;C:calendar /&gt;</span></span>
<span id="cb29-8"><a href="#cb29-8"></a><span class="st"> &lt;CR:addressbook /&gt;</span></span>
<span id="cb29-9"><a href="#cb29-9"></a><span class="st"> &lt;/resourcetype&gt;</span></span>
<span id="cb29-10"><a href="#cb29-10"></a><span class="st"> &lt;C:supported-calendar-component-set&gt;</span></span>
<span id="cb29-11"><a href="#cb29-11"></a><span class="st"> &lt;C:comp name="VEVENT" /&gt;</span></span>
<span id="cb29-12"><a href="#cb29-12"></a><span class="st"> &lt;C:comp name="VJOURNAL" /&gt;</span></span>
<span id="cb29-13"><a href="#cb29-13"></a><span class="st"> &lt;C:comp name="VTODO" /&gt;</span></span>
<span id="cb29-14"><a href="#cb29-14"></a><span class="st"> &lt;/C:supported-calendar-component-set&gt;</span></span>
<span id="cb29-15"><a href="#cb29-15"></a><span class="st"> &lt;displayname&gt;Calendar&lt;/displayname&gt;</span></span>
<span id="cb29-16"><a href="#cb29-16"></a><span class="st"> &lt;C:calendar-description&gt;Example calendar&lt;/C:calendar-description&gt;</span></span>
<span id="cb29-17"><a href="#cb29-17"></a><span class="st"> &lt;I:calendar-color&gt;#ff0000ff&lt;/I:calendar-color&gt;</span></span>
<span id="cb29-18"><a href="#cb29-18"></a><span class="st"> &lt;/prop&gt;</span></span>
<span id="cb29-19"><a href="#cb29-19"></a><span class="st"> &lt;/set&gt;</span></span>
<span id="cb29-20"><a href="#cb29-20"></a><span class="st">&lt;/create&gt;'</span></span></code></pre></div>
<p>To create a new address book run something like:</p>
<div class="sourceCode" id="cb30"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb30-1"><a href="#cb30-1"></a>$ <span class="ex">curl</span> -u user -X MKCOL <span class="st">'http://localhost:5232/user/addressbook'</span> --data \</span>
<span id="cb30-2"><a href="#cb30-2"></a><span class="st">'&lt;?xml version="1.0" encoding="UTF-8" ?&gt;</span></span>
<span id="cb30-3"><a href="#cb30-3"></a><span class="st">&lt;create xmlns="DAV:" xmlns:CR="urn:ietf:params:xml:ns:carddav"&gt;</span></span>
<span id="cb30-4"><a href="#cb30-4"></a><span class="st"> &lt;set&gt;</span></span>
<span id="cb30-5"><a href="#cb30-5"></a><span class="st"> &lt;prop&gt;</span></span>
<span id="cb30-6"><a href="#cb30-6"></a><span class="st"> &lt;resourcetype&gt;</span></span>
<span id="cb30-7"><a href="#cb30-7"></a><span class="st"> &lt;collection /&gt;</span></span>
<span id="cb30-8"><a href="#cb30-8"></a><span class="st"> &lt;CR:addressbook /&gt;</span></span>
<span id="cb30-9"><a href="#cb30-9"></a><span class="st"> &lt;/resourcetype&gt;</span></span>
<span id="cb30-10"><a href="#cb30-10"></a><span class="st"> &lt;displayname&gt;Address book&lt;/displayname&gt;</span></span>
<span id="cb30-11"><a href="#cb30-11"></a><span class="st"> &lt;CR:addressbook-description&gt;Example address book&lt;/CR:addressbook-description&gt;</span></span>
<span id="cb30-12"><a href="#cb30-12"></a><span class="st"> &lt;/prop&gt;</span></span>
<span id="cb30-13"><a href="#cb30-13"></a><span class="st"> &lt;/set&gt;</span></span>
<span id="cb30-14"><a href="#cb30-14"></a><span class="st">&lt;/create&gt;'</span></span></code></pre></div>
<span id="cb29-10"><a href="#cb29-10"></a><span class="st"> &lt;displayname&gt;Address book&lt;/displayname&gt;</span></span>
<span id="cb29-11"><a href="#cb29-11"></a><span class="st"> &lt;CR:addressbook-description&gt;Example address book&lt;/CR:addressbook-description&gt;</span></span>
<span id="cb29-12"><a href="#cb29-12"></a><span class="st"> &lt;/prop&gt;</span></span>
<span id="cb29-13"><a href="#cb29-13"></a><span class="st"> &lt;/set&gt;</span></span>
<span id="cb29-14"><a href="#cb29-14"></a><span class="st">&lt;/create&gt;'</span></span></code></pre></div>
<p>The collection <code>/USERNAME</code> will be created automatically, when the user authenticates to Radicale for the first time. Clients with automatic discovery of collections will only show calendars and address books that are direct children of the path <code>/USERNAME/</code>.</p>
<p>Delete the collections by running something like:</p>
<div class="sourceCode" id="cb31"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb31-1"><a href="#cb31-1"></a>$ <span class="ex">curl</span> -u user -X DELETE <span class="st">'http://localhost:5232/user/calendar'</span></span></code></pre></div>
<div class="sourceCode" id="cb30"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb30-1"><a href="#cb30-1"></a>$ <span class="ex">curl</span> -u user -X DELETE <span class="st">'http://localhost:5232/user/calendar'</span></span></code></pre></div>
</section>
</section>
</section>
@ -700,43 +684,33 @@ user2:password2
<h3>Configuration <a class="headerlink" href="#documentation/configuration">&para;</a></h3>
<p>Radicale can be configured with a configuration file or with command line arguments.</p>
<p>An example configuration file looks like:</p>
<div class="sourceCode" id="cb32"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb32-1"><a href="#cb32-1"></a><span class="kw">[server]</span></span>
<span id="cb32-2"><a href="#cb32-2"></a><span class="co"># Bind all addresses</span></span>
<span id="cb32-3"><a href="#cb32-3"></a><span class="dt">hosts </span><span class="ot">=</span><span class="st"> </span><span class="dv">0</span><span class="st">.</span><span class="dv">0</span><span class="st">.</span><span class="fl">0.0</span><span class="st">:</span><span class="dv">5232</span></span>
<span id="cb32-4"><a href="#cb32-4"></a></span>
<span id="cb32-5"><a href="#cb32-5"></a><span class="kw">[auth]</span></span>
<span id="cb32-6"><a href="#cb32-6"></a><span class="dt">type </span><span class="ot">=</span><span class="st"> htpasswd</span></span>
<span id="cb32-7"><a href="#cb32-7"></a><span class="dt">htpasswd_filename </span><span class="ot">=</span><span class="st"> /path/to/users</span></span>
<span id="cb32-8"><a href="#cb32-8"></a><span class="dt">htpasswd_encryption </span><span class="ot">=</span><span class="st"> bcrypt</span></span>
<span id="cb32-9"><a href="#cb32-9"></a><span class="kw">[storage]</span></span>
<span id="cb32-10"><a href="#cb32-10"></a><span class="dt">filesystem_folder </span><span class="ot">=</span><span class="st"> ~/.var/lib/radicale/collections</span></span></code></pre></div>
<p>Radicale tries to load configuration files from <code>/etc/radicale/config</code>, <code>~/.config/radicale/config</code> and the <code>RADICALE_CONFIG</code> environment variable. This behaviour can be overwritten by specifying a path with the <code>--config /path/to/config</code> command line argument.</p>
<div class="sourceCode" id="cb31"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb31-1"><a href="#cb31-1"></a><span class="kw">[server]</span></span>
<span id="cb31-2"><a href="#cb31-2"></a><span class="co"># Bind all addresses</span></span>
<span id="cb31-3"><a href="#cb31-3"></a><span class="dt">hosts </span><span class="ot">=</span><span class="st"> </span><span class="dv">0</span><span class="st">.</span><span class="dv">0</span><span class="st">.</span><span class="fl">0.0</span><span class="st">:</span><span class="dv">5232</span><span class="st">, [::]:</span><span class="dv">5232</span></span>
<span id="cb31-4"><a href="#cb31-4"></a></span>
<span id="cb31-5"><a href="#cb31-5"></a><span class="kw">[auth]</span></span>
<span id="cb31-6"><a href="#cb31-6"></a><span class="dt">type </span><span class="ot">=</span><span class="st"> htpasswd</span></span>
<span id="cb31-7"><a href="#cb31-7"></a><span class="dt">htpasswd_filename </span><span class="ot">=</span><span class="st"> /path/to/users</span></span>
<span id="cb31-8"><a href="#cb31-8"></a><span class="dt">htpasswd_encryption </span><span class="ot">=</span><span class="st"> md5</span></span>
<span id="cb31-9"><a href="#cb31-9"></a><span class="kw">[storage]</span></span>
<span id="cb31-10"><a href="#cb31-10"></a><span class="dt">filesystem_folder </span><span class="ot">=</span><span class="st"> ~/.var/lib/radicale/collections</span></span></code></pre></div>
<p>Radicale tries to load configuration files from <code>/etc/radicale/config</code> and <code>~/.config/radicale/config</code>. Custom paths can be specified with the <code>--config /path/to/config</code> command line argument or the <code>RADICALE_CONFIG</code> environment variable. Multiple configuration files can be separated by <code>:</code> (resp. <code>;</code> on Windows). Paths that start with <code>?</code> are optional.</p>
<p>The same example configuration via command line arguments looks like:</p>
<div class="sourceCode" id="cb33"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb33-1"><a href="#cb33-1"></a><span class="ex">python3</span> -m radicale --config <span class="st">""</span> --server-hosts 0.0.0.0:5232 --auth-type htpasswd --htpasswd-filename /path/to/htpasswd --htpasswd-encryption bcrypt</span></code></pre></div>
<p>The <code>--config ""</code> argument is required to stop Radicale from trying to load configuration files. Run <code>python3 -m radicale --help</code> for more information.</p>
<div class="sourceCode" id="cb32"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb32-1"><a href="#cb32-1"></a><span class="ex">python3</span> -m radicale --server-hosts 0.0.0.0:5232,[::]:5232 --auth-type htpasswd --htpasswd-filename /path/to/htpasswd --htpasswd-encryption md5</span></code></pre></div>
<p>Add the argument <code>--config ""</code> to stop Radicale from loading the default configuration files. Run <code>python3 -m radicale --help</code> for more information.</p>
<p>In the following, all configuration categories and options are described.</p>
<section class="level4" id="documentation/configuration/server">
<h4>server <a class="headerlink" href="#documentation/configuration/server">&para;</a></h4>
<p>Most configuration options in this category are only relevant in standalone mode. All options beside <code>max_content_length</code> and <code>realm</code> are ignored, when Radicale runs via WSGI.</p>
<p>The configuration options in this category are only relevant in standalone mode. All options are ignored, when Radicale runs via WSGI.</p>
<section class="level5" id="documentation/configuration/server/hosts">
<h5>hosts <a class="headerlink" href="#documentation/configuration/server/hosts">&para;</a></h5>
<p>A comma separated list of addresses that the server will bind to.</p>
<p>Default: <code>127.0.0.1:5232</code></p>
</section>
<section class="level5" id="documentation/configuration/server/daemon">
<h5>daemon <a class="headerlink" href="#documentation/configuration/server/daemon">&para;</a></h5>
<p>Daemonize the Radicale process. It does not reset the umask.</p>
<p>Default: <code>False</code></p>
</section>
<section class="level5" id="documentation/configuration/server/pid">
<h5>pid <a class="headerlink" href="#documentation/configuration/server/pid">&para;</a></h5>
<p>If daemon mode is enabled, Radicale will write its PID to this file.</p>
<p>Default:</p>
<p>Default: <code>localhost:5232</code></p>
</section>
<section class="level5" id="documentation/configuration/server/max_connections">
<h5>max_connections <a class="headerlink" href="#documentation/configuration/server/max_connections">&para;</a></h5>
<p>The maximum number of parallel connections. Set to <code>0</code> to disable the limit.</p>
<p>Default: <code>20</code></p>
<p>Default: <code>8</code></p>
</section>
<section class="level5" id="documentation/configuration/server/max_content_length">
<h5>max_content_length <a class="headerlink" href="#documentation/configuration/server/max_content_length">&para;</a></h5>
@ -768,26 +742,6 @@ user2:password2
<p>Path to the CA certificate for validating client certificates. This can be used to secure TCP traffic between Radicale and a reverse proxy. If you want to authenticate users with client-side certificates, you also have to write an authentication plugin that extracts the user name from the certifcate.</p>
<p>Default:</p>
</section>
<section class="level5" id="documentation/configuration/server/protocol">
<h5>protocol <a class="headerlink" href="#documentation/configuration/server/protocol">&para;</a></h5>
<p>SSL protocol used. See python's ssl module for available values.</p>
<p>Default: <code>PROTOCOL_TLSv1_2</code></p>
</section>
<section class="level5" id="documentation/configuration/server/ciphers">
<h5>ciphers <a class="headerlink" href="#documentation/configuration/server/ciphers">&para;</a></h5>
<p>Available ciphers for SSL. See python's ssl module for available ciphers.</p>
<p>Default:</p>
</section>
<section class="level5" id="documentation/configuration/server/dns_lookup">
<h5>dns_lookup <a class="headerlink" href="#documentation/configuration/server/dns_lookup">&para;</a></h5>
<p>Reverse DNS to resolve client address in logs.</p>
<p>Default: <code>True</code></p>
</section>
<section class="level5" id="documentation/configuration/server/realm">
<h5>realm <a class="headerlink" href="#documentation/configuration/server/realm">&para;</a></h5>
<p>Message displayed in the client when a password is needed.</p>
<p>Default: <code>Radicale - Password Required</code></p>
</section>
</section>
<section class="level4" id="documentation/configuration/encoding">
<h4>encoding <a class="headerlink" href="#documentation/configuration/encoding">&para;</a></h4>
@ -827,18 +781,20 @@ user2:password2
<pre class="htpasswd"><code>user1:password1
user2:password2
</code></pre>
<p><code>bcrypt</code> : This uses a modified version of the Blowfish stream cipher. It's very secure. The <strong>passlib</strong> python module is required for this. Additionally you may need one of the following python modules: <strong>bcrypt</strong>, <strong>py-bcrypt</strong> or <strong>bcryptor</strong>.</p>
<p><code>md5</code> : This uses an iterated md5 digest of the password with a salt. The <strong>passlib</strong> python module is required for this.</p>
<p><code>sha1</code> : Passwords are stored as SHA1 hashes. It's insecure!</p>
<p><code>ssha</code> : Passwords are stored as salted SHA1 hashes. It's insecure!</p>
<p><code>crypt</code> : This uses UNIX <a href="https://manpages.debian.org/unstable/manpages-dev/crypt.3.en.html">crypt(3)</a>. It's insecure!</p>
<p>Default: <code>bcrypt</code></p>
<p><code>bcrypt</code> : This uses a modified version of the Blowfish stream cipher. It's very secure. The installation of <strong>radicale[bcrypt]</strong> is required for this.</p>
<p><code>md5</code> : This uses an iterated md5 digest of the password with a salt.</p>
<p>Default: <code>md5</code></p>
</section>
<section class="level5" id="documentation/configuration/auth/delay">
<h5>delay <a class="headerlink" href="#documentation/configuration/auth/delay">&para;</a></h5>
<p>Average delay after failed login attempts in seconds.</p>
<p>Default: <code>1</code></p>
</section>
<section class="level5" id="documentation/configuration/auth/realm">
<h5>realm <a class="headerlink" href="#documentation/configuration/auth/realm">&para;</a></h5>
<p>Message displayed in the client when a password is needed.</p>
<p>Default: <code>Radicale - Password Required</code></p>
</section>
</section>
<section class="level4" id="documentation/configuration/rights">
<h4>rights <a class="headerlink" href="#documentation/configuration/rights">&para;</a></h4>
@ -873,21 +829,11 @@ user2:password2
<p>Folder for storing local collections, created if not present.</p>
<p>Default: <code>/var/lib/radicale/collections</code></p>
</section>
<section class="level5" id="documentation/configuration/storage/filesystem_locking">
<h5>filesystem_locking <a class="headerlink" href="#documentation/configuration/storage/filesystem_locking">&para;</a></h5>
<p>Lock the storage. This must be disabled if locking is not supported by the underlying file system. Never start multiple instances of Radicale or edit the storage externally while Radicale is running if disabled.</p>
<p>Default: <code>True</code></p>
</section>
<section class="level5" id="documentation/configuration/storage/max_sync_token_age">
<h5>max_sync_token_age <a class="headerlink" href="#documentation/configuration/storage/max_sync_token_age">&para;</a></h5>
<p>Delete sync-token that are older than the specified time. (seconds)</p>
<p>Default: <code>2592000</code></p>
</section>
<section class="level5" id="documentation/configuration/storage/filesystem_fsync">
<h5>filesystem_fsync <a class="headerlink" href="#documentation/configuration/storage/filesystem_fsync">&para;</a></h5>
<p>Sync all changes to disk during requests. (This can impair performance.) Disabling it increases the risk of data loss, when the system crashes or power fails!</p>
<p>Default: <code>True</code></p>
</section>
<section class="level5" id="documentation/configuration/storage/hook">
<h5>hook <a class="headerlink" href="#documentation/configuration/storage/hook">&para;</a></h5>
<p>Command that is run after changes to storage. Take a look at the <a href="#documentation/versioning">Versioning</a> page for an example.</p>
@ -907,32 +853,23 @@ user2:password2
</section>
<section class="level4" id="documentation/configuration/logging">
<h4>logging <a class="headerlink" href="#documentation/configuration/logging">&para;</a></h4>
<section class="level5" id="documentation/configuration/logging/debug">
<h5>debug <a class="headerlink" href="#documentation/configuration/logging/debug">&para;</a></h5>
<p>Set the default logging level to debug.</p>
<p>Default: <code>False</code></p>
</section>
<section class="level5" id="documentation/configuration/logging/full_environment">
<h5>full_environment <a class="headerlink" href="#documentation/configuration/logging/full_environment">&para;</a></h5>
<p>Log all environment variables (including those set in the shell).</p>
<p>Default: <code>False</code></p>
<section class="level5" id="documentation/configuration/logging/level">
<h5>level <a class="headerlink" href="#documentation/configuration/logging/level">&para;</a></h5>
<p>Set the logging level.</p>
<p>Available levels: <strong>debug</strong>, <strong>info</strong>, <strong>warning</strong>, <strong>error</strong>, <strong>critical</strong></p>
<p>Default: <code>warning</code></p>
</section>
<section class="level5" id="documentation/configuration/logging/mask_passwords">
<h5>mask_passwords <a class="headerlink" href="#documentation/configuration/logging/mask_passwords">&para;</a></h5>
<p>Don't include passwords in logs.</p>
<p>Default: <code>True</code></p>
</section>
<section class="level5" id="documentation/configuration/logging/config">
<h5>config <a class="headerlink" href="#documentation/configuration/logging/config">&para;</a></h5>
<p>Logging configuration file. See the <a href="#documentation/logging">Logging</a> page.</p>
<p>Default:</p>
</section>
</section>
<section class="level4" id="documentation/configuration/headers">
<h4>headers <a class="headerlink" href="#documentation/configuration/headers">&para;</a></h4>
<p>In this section additional HTTP headers that are sent to clients can be specified.</p>
<p>An example to relax the same-origin policy:</p>
<div class="sourceCode" id="cb35"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb35-1"><a href="#cb35-1"></a><span class="dt">Access-Control-Allow-Origin </span><span class="ot">=</span><span class="st"> *</span></span></code></pre></div>
<div class="sourceCode" id="cb34"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb34-1"><a href="#cb34-1"></a><span class="dt">Access-Control-Allow-Origin </span><span class="ot">=</span><span class="st"> *</span></span></code></pre></div>
</section>
</section>
<section class="level3" id="documentation/authentication-and-rights">
@ -940,33 +877,33 @@ user2:password2
<p>This page describes the format of the rights file for the <code>from_file</code> authentication backend. The configuration option <code>file</code> in the <code>rights</code> section must point to the rights file.</p>
<p>The recommended rights method is <code>owner_only</code>. If access to calendars and address books outside of the home directory of users (that's <code>/USERNAME/</code>) is granted, clients won't detect these collections and will not show them to the user. This is only useful if you access calendars and address books directly via URL.</p>
<p>An example rights file:</p>
<div class="sourceCode" id="cb36"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb36-1"><a href="#cb36-1"></a><span class="co"># The user "admin" can read and write any collection.</span></span>
<span id="cb36-2"><a href="#cb36-2"></a><span class="kw">[admin]</span></span>
<span id="cb36-3"><a href="#cb36-3"></a><span class="dt">user </span><span class="ot">=</span><span class="st"> admin</span></span>
<span id="cb36-4"><a href="#cb36-4"></a><span class="dt">collection </span><span class="ot">=</span><span class="st"> .*</span></span>
<span id="cb36-5"><a href="#cb36-5"></a><span class="dt">permission </span><span class="ot">=</span><span class="st"> rw</span></span>
<span id="cb36-6"><a href="#cb36-6"></a></span>
<span id="cb36-7"><a href="#cb36-7"></a><span class="co"># Block access for the user "user" to everything.</span></span>
<span id="cb36-8"><a href="#cb36-8"></a><span class="kw">[block]</span></span>
<span id="cb36-9"><a href="#cb36-9"></a><span class="dt">user </span><span class="ot">=</span><span class="st"> user</span></span>
<span id="cb36-10"><a href="#cb36-10"></a><span class="dt">collection </span><span class="ot">=</span><span class="st"> .*</span></span>
<span id="cb36-11"><a href="#cb36-11"></a><span class="dt">permission </span><span class="ot">=</span></span>
<span id="cb36-12"><a href="#cb36-12"></a></span>
<span id="cb36-13"><a href="#cb36-13"></a><span class="co"># Authenticated users can read and write their own collections.</span></span>
<span id="cb36-14"><a href="#cb36-14"></a><span class="kw">[owner-write]</span></span>
<span id="cb36-15"><a href="#cb36-15"></a><span class="dt">user </span><span class="ot">=</span><span class="st"> .+</span></span>
<span id="cb36-16"><a href="#cb36-16"></a><span class="dt">collection </span><span class="ot">=</span><span class="st"> %(login)s(/.*)?</span></span>
<span id="cb36-17"><a href="#cb36-17"></a><span class="dt">permission </span><span class="ot">=</span><span class="st"> rw</span></span>
<span id="cb36-18"><a href="#cb36-18"></a></span>
<span id="cb36-19"><a href="#cb36-19"></a><span class="co"># Everyone can read the root collection</span></span>
<span id="cb36-20"><a href="#cb36-20"></a><span class="kw">[read]</span></span>
<span id="cb36-21"><a href="#cb36-21"></a><span class="dt">user </span><span class="ot">=</span><span class="st"> .*</span></span>
<span id="cb36-22"><a href="#cb36-22"></a><span class="dt">collection </span><span class="ot">=</span></span>
<span id="cb36-23"><a href="#cb36-23"></a><span class="dt">permission </span><span class="ot">=</span><span class="st"> r</span></span></code></pre></div>
<div class="sourceCode" id="cb35"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb35-1"><a href="#cb35-1"></a><span class="co"># The user "admin" can read and write any collection.</span></span>
<span id="cb35-2"><a href="#cb35-2"></a><span class="kw">[admin]</span></span>
<span id="cb35-3"><a href="#cb35-3"></a><span class="dt">user </span><span class="ot">=</span><span class="st"> admin</span></span>
<span id="cb35-4"><a href="#cb35-4"></a><span class="dt">collection </span><span class="ot">=</span><span class="st"> .*</span></span>
<span id="cb35-5"><a href="#cb35-5"></a><span class="dt">permission </span><span class="ot">=</span><span class="st"> rw</span></span>
<span id="cb35-6"><a href="#cb35-6"></a></span>
<span id="cb35-7"><a href="#cb35-7"></a><span class="co"># Block access for the user "user" to everything.</span></span>
<span id="cb35-8"><a href="#cb35-8"></a><span class="kw">[block]</span></span>
<span id="cb35-9"><a href="#cb35-9"></a><span class="dt">user </span><span class="ot">=</span><span class="st"> user</span></span>
<span id="cb35-10"><a href="#cb35-10"></a><span class="dt">collection </span><span class="ot">=</span><span class="st"> .*</span></span>
<span id="cb35-11"><a href="#cb35-11"></a><span class="dt">permission </span><span class="ot">=</span></span>
<span id="cb35-12"><a href="#cb35-12"></a></span>
<span id="cb35-13"><a href="#cb35-13"></a><span class="co"># Authenticated users can read and write their own collections.</span></span>
<span id="cb35-14"><a href="#cb35-14"></a><span class="kw">[owner-write]</span></span>
<span id="cb35-15"><a href="#cb35-15"></a><span class="dt">user </span><span class="ot">=</span><span class="st"> .+</span></span>
<span id="cb35-16"><a href="#cb35-16"></a><span class="dt">collection </span><span class="ot">=</span><span class="st"> %(login)s(/.*)?</span></span>
<span id="cb35-17"><a href="#cb35-17"></a><span class="dt">permission </span><span class="ot">=</span><span class="st"> rw</span></span>
<span id="cb35-18"><a href="#cb35-18"></a></span>
<span id="cb35-19"><a href="#cb35-19"></a><span class="co"># Everyone can read the root collection</span></span>
<span id="cb35-20"><a href="#cb35-20"></a><span class="kw">[read]</span></span>
<span id="cb35-21"><a href="#cb35-21"></a><span class="dt">user </span><span class="ot">=</span><span class="st"> .*</span></span>
<span id="cb35-22"><a href="#cb35-22"></a><span class="dt">collection </span><span class="ot">=</span></span>
<span id="cb35-23"><a href="#cb35-23"></a><span class="dt">permission </span><span class="ot">=</span><span class="st"> r</span></span></code></pre></div>
<p>The titles of the sections are ignored (but must be unique). The keys <code>user</code> and <code>collection</code> contain regular expressions, that are matched against the user name and the path of the collection. Permissions from the first matching section are used. If no section matches, access gets denied.</p>
<p>The user name is empty for anonymous users. Therefore, the regex <code>.+</code> only matches authenticated users and <code>.*</code> matches everyone (including anonymous users).</p>
<p>The path of the collection is separated by <code>/</code> and has no leading or trailing <code>/</code>. Therefore, the path of the root collection is empty.</p>
<p><code>%(login)s</code> gets replaced by the user name and <code>%(path)s</code> by the path of the collection. You can also get groups from the <code>user</code> regex in the <code>collection</code> regex with <code>{0}</code>, <code>{1}</code>, etc.</p>
<p><code>%(login)s</code> gets replaced by the user name and <code>%(path)s</code> by the path of the collection. You can also get groups from the <code>user</code> regex in the <code>collection</code> regex with <code>{1}</code>, <code>{2}</code>, etc.</p>
</section>
<section class="level3" id="documentation/storage">
<h3>Storage <a class="headerlink" href="#documentation/storage">&para;</a></h3>
@ -992,10 +929,10 @@ user2:password2
<section class="level5" id="documentation/storage/locking/linux-shell-scripts">
<h5>Linux shell scripts <a class="headerlink" href="#documentation/storage/locking/linux-shell-scripts">&para;</a></h5>
<p>Use the <a href="https://manpages.debian.org/unstable/util-linux/flock.1.en.html">flock</a> utility.</p>
<div class="sourceCode" id="cb37"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb37-1"><a href="#cb37-1"></a><span class="co"># Exclusive</span></span>
<span id="cb37-2"><a href="#cb37-2"></a>$ <span class="ex">flock</span> --exclusive /path/to/storage/.Radicale.lock COMMAND</span>
<span id="cb37-3"><a href="#cb37-3"></a><span class="co"># Shared</span></span>
<span id="cb37-4"><a href="#cb37-4"></a>$ <span class="ex">flock</span> --shared /path/to/storage/.Radicale.lock COMMAND</span></code></pre></div>
<div class="sourceCode" id="cb36"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb36-1"><a href="#cb36-1"></a><span class="co"># Exclusive</span></span>
<span id="cb36-2"><a href="#cb36-2"></a>$ <span class="ex">flock</span> --exclusive /path/to/storage/.Radicale.lock COMMAND</span>
<span id="cb36-3"><a href="#cb36-3"></a><span class="co"># Shared</span></span>
<span id="cb36-4"><a href="#cb36-4"></a>$ <span class="ex">flock</span> --shared /path/to/storage/.Radicale.lock COMMAND</span></code></pre></div>
</section>
<section class="level5" id="documentation/storage/locking/linux-and-macos">
<h5>Linux and MacOS <a class="headerlink" href="#documentation/storage/locking/linux-and-macos">&para;</a></h5>
@ -1009,61 +946,7 @@ user2:password2
</section>
<section class="level3" id="documentation/logging">
<h3>Logging <a class="headerlink" href="#documentation/logging">&para;</a></h3>
<p>Radicale logs to <code>stderr</code>. The verbosity of the log output can be controlled with <code>--debug</code> command line argument or the <code>debug</code> configuration option in the <code>logging</code> section.</p>
<p>This is the recommended configuration for use with modern init systems (like <strong>systemd</strong>) or if you just test Radicale in a terminal.</p>
<p>You can configure Radicale to write its logging output to files (and even rotate them). This is useful if the process daemonizes or if your chosen method of running Radicale doesn't handle logging output.</p>
<p>A logging configuration file can be specified in the <code>config</code> configuration option in the <code>logging</code> section. The file format is explained in the <a href="https://docs.python.org/3/library/logging.config.html#configuration-file-format">Python Logging Module</a>.</p>
<section class="level4" id="documentation/logging/logging-to-a-file">
<h4>Logging to a file <a class="headerlink" href="#documentation/logging/logging-to-a-file">&para;</a></h4>
<p>An example configuration to write the log output to the file <code>/var/log/radicale/log</code>:</p>
<div class="sourceCode" id="cb38"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb38-1"><a href="#cb38-1"></a><span class="kw">[loggers]</span></span>
<span id="cb38-2"><a href="#cb38-2"></a><span class="dt">keys </span><span class="ot">=</span><span class="st"> root</span></span>
<span id="cb38-3"><a href="#cb38-3"></a></span>
<span id="cb38-4"><a href="#cb38-4"></a><span class="kw">[handlers]</span></span>
<span id="cb38-5"><a href="#cb38-5"></a><span class="dt">keys </span><span class="ot">=</span><span class="st"> file</span></span>
<span id="cb38-6"><a href="#cb38-6"></a></span>
<span id="cb38-7"><a href="#cb38-7"></a><span class="kw">[formatters]</span></span>
<span id="cb38-8"><a href="#cb38-8"></a><span class="dt">keys </span><span class="ot">=</span><span class="st"> full</span></span>
<span id="cb38-9"><a href="#cb38-9"></a></span>
<span id="cb38-10"><a href="#cb38-10"></a><span class="kw">[logger_root]</span></span>
<span id="cb38-11"><a href="#cb38-11"></a><span class="co"># Change this to DEBUG or INFO for higher verbosity.</span></span>
<span id="cb38-12"><a href="#cb38-12"></a><span class="dt">level </span><span class="ot">=</span><span class="st"> WARNING</span></span>
<span id="cb38-13"><a href="#cb38-13"></a><span class="dt">handlers </span><span class="ot">=</span><span class="st"> file</span></span>
<span id="cb38-14"><a href="#cb38-14"></a></span>
<span id="cb38-15"><a href="#cb38-15"></a><span class="kw">[handler_file]</span></span>
<span id="cb38-16"><a href="#cb38-16"></a><span class="dt">class </span><span class="ot">=</span><span class="st"> FileHandler</span></span>
<span id="cb38-17"><a href="#cb38-17"></a><span class="co"># Specify the output file here.</span></span>
<span id="cb38-18"><a href="#cb38-18"></a><span class="dt">args </span><span class="ot">=</span><span class="st"> ('/var/log/radicale/log',)</span></span>
<span id="cb38-19"><a href="#cb38-19"></a><span class="dt">formatter </span><span class="ot">=</span><span class="st"> full</span></span>
<span id="cb38-20"><a href="#cb38-20"></a></span>
<span id="cb38-21"><a href="#cb38-21"></a><span class="kw">[formatter_full]</span></span>
<span id="cb38-22"><a href="#cb38-22"></a><span class="dt">format </span><span class="ot">=</span><span class="st"> %(asctime)s - [%(thread)x] %(levelname)s: %(message)s</span></span></code></pre></div>
<p>You can specify multiple <strong>logger</strong>, <strong>handler</strong> and <strong>formatter</strong> if you want to have multiple simultaneous log outputs.</p>
<p>The parent folder of the log files must exist and must be writable by Radicale.</p>
<p><strong>Security:</strong> The log files should not be readable by unauthorized users. Set permissions accordingly.</p>
<section class="level5" id="documentation/logging/logging-to-a-file/timed-rotation-of-disk-log-files">
<h5>Timed rotation of disk log files <a class="headerlink" href="#documentation/logging/logging-to-a-file/timed-rotation-of-disk-log-files">&para;</a></h5>
<p>An example <strong>handler</strong> configuration to write the log output to the file <code>/var/log/radicale/log</code> and rotate it. Replace the section <code>handler_file</code> from the file logging example:</p>
<div class="sourceCode" id="cb39"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb39-1"><a href="#cb39-1"></a><span class="kw">[handler_file]</span></span>
<span id="cb39-2"><a href="#cb39-2"></a><span class="dt">class </span><span class="ot">=</span><span class="st"> handlers.TimedRotatingFileHandler</span></span>
<span id="cb39-3"><a href="#cb39-3"></a><span class="co"># Specify the output file and parameter for rotation here.</span></span>
<span id="cb39-4"><a href="#cb39-4"></a><span class="co"># See https://docs.python.org/3/library/logging.handlers.html#logging.handlers.TimedRotatingFileHandler</span></span>
<span id="cb39-5"><a href="#cb39-5"></a><span class="co"># Example: rollover at midnight and keep 7 files (means one week)</span></span>
<span id="cb39-6"><a href="#cb39-6"></a><span class="dt">args </span><span class="ot">=</span><span class="st"> ('/var/log/radicale/log', 'midnight', </span><span class="dv">1</span><span class="st">, </span><span class="dv">7</span><span class="st">)</span></span>
<span id="cb39-7"><a href="#cb39-7"></a><span class="dt">formatter </span><span class="ot">=</span><span class="st"> full</span></span></code></pre></div>
</section>
<section class="level5" id="documentation/logging/logging-to-a-file/rotation-of-disk-log-files-based-on-size">
<h5>Rotation of disk log files based on size <a class="headerlink" href="#documentation/logging/logging-to-a-file/rotation-of-disk-log-files-based-on-size">&para;</a></h5>
<p>An example <strong>handler</strong> configuration to write the log output to the file <code>/var/log/radicale/log</code> and rotate it . Replace the section <code>handle_file</code> from the file logging example:</p>
<div class="sourceCode" id="cb40"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb40-1"><a href="#cb40-1"></a><span class="kw">[handler_file]</span></span>
<span id="cb40-2"><a href="#cb40-2"></a><span class="dt">class </span><span class="ot">=</span><span class="st"> handlers.RotatingFileHandler</span></span>
<span id="cb40-3"><a href="#cb40-3"></a><span class="co"># Specify the output file and parameter for rotation here.</span></span>
<span id="cb40-4"><a href="#cb40-4"></a><span class="co"># See https://docs.python.org/3/library/logging.handlers.html#logging.handlers.RotatingFileHandler</span></span>
<span id="cb40-5"><a href="#cb40-5"></a><span class="co"># Example: rollover at 100000 kB and keep 10 files (means 1 MB)</span></span>
<span id="cb40-6"><a href="#cb40-6"></a><span class="dt">args </span><span class="ot">=</span><span class="st"> ('/var/log/radicale/log', 'a', </span><span class="dv">100000</span><span class="st">, </span><span class="dv">10</span><span class="st">)</span></span>
<span id="cb40-7"><a href="#cb40-7"></a><span class="dt">formatter </span><span class="ot">=</span><span class="st"> full</span></span></code></pre></div>
</section>
</section>
<p>Radicale logs to <code>stderr</code>. The verbosity of the log output can be controlled with <code>--debug</code> command line argument or the <code>level</code> configuration option in the <code>logging</code> section.</p>
</section>
<section class="level3" id="documentation/architecture">
<h3>Architecture <a class="headerlink" href="#documentation/architecture">&para;</a></h3>
@ -1117,16 +1000,22 @@ user2:password2
</section>
<section class="level4" id="documentation/architecture/code-architecture">
<h4>Code Architecture <a class="headerlink" href="#documentation/architecture/code-architecture">&para;</a></h4>
<p>The <code>radicale</code> package offers 9 modules.</p>
<p><code>__main__</code> : The main module provides a simple function called run. Its main work is to read the configuration from the configuration file and from the options given in the command line; then it creates a server, according to the configuration.</p>
<p><code>__init__</code> : This is the core part of the module, with the code for the CalDAV/CardDAV server. The server inherits from a WSGIServer server class, which relies on the default HTTP server class given by Python. The code managing the different HTTP requests according to the CalDAV/CardDAV normalization is written here.</p>
<p><code>config</code> : This part gives a dict-like access to the server configuration, read from the configuration file. The configuration can be altered when launching the executable with some command line options.</p>
<p><code>xmlutils</code> : The functions defined in this module are mainly called by the CalDAV/CardDAV server class to read the XML part of the request, read or alter the calendars, and create the XML part of the response. The main part of this code relies on ElementTree.</p>
<p><code>log</code> : The start function provided by this module starts a logging mechanism based on the default Python logging module. Logging options can be stored in a logging configuration file.</p>
<p><code>auth</code> : This module provides a default authentication manager equivalent to Apache's htpasswd. Login&nbsp;+&nbsp;password couples are stored in a file and used to authenticate users. Passwords can be encrypted using various methods. Other authentication methods can inherit from the base class in this file and be provided as plugins.</p>
<p><code>rights</code> : This module is a set of Access Control Lists, a set of methods used by Radicale to manage rights to access the calendars. When the CalDAV/CardDAV server is launched, an Access Control List is chosen in the set, according to the configuration. The HTTP requests are then filtered to restrict the access depending on who is authenticated. Other configurations can be written using regex-based rules. Other rights managers can also inherit from the base class in this file and be provided as plugins.</p>
<p><code>storage</code> : In this module are written the classes representing collections and items in Radicale, and the class storing these collections and items in your filesystem. Other storage classes can inherit from the base class in this file and be provided as plugins.</p>
<p>The <code>radicale</code> package offers the following modules.</p>
<p><code>__init__</code> : Contains the entry point for WSGI.</p>
<p><code>__main__</code> : Provides the entry point for the <code>radicale</code> executable and includes the command line parser. It loads configuration files from the default (or specified) paths and starts the internal server.</p>
<p><code>app</code> : This is the core part of Radicale, with the code for the CalDAV/CardDAV server. The code managing the different HTTP requests according to the CalDAV/CardDAV specification can be found here.</p>
<p><code>auth</code> : Used for authenticating users based on username and password, mapping usernames to internal users and optionally retrieving credentials from the environment.</p>
<p><code>config</code> : Contains the code for managing configuration and loading settings from files.</p>
<p><code>&igrave;tem</code> : Internal represenation of address book and calendar entries. Based on <a href="https://eventable.github.io/vobject/">VObject</a>.</p>
<p><code>log</code> : The logger for Radicale based on the default Python logging module.</p>
<p><code>rights</code> : This module is used by Radicale to manage access rights to collections, address books and calendars.</p>
<p><code>server</code> : The integrated HTTP server for standalone use.</p>
<p><code>storage</code> : This module contains the classes representing collections in Radicale and the code for storing and loading them in the filesystem.</p>
<p><code>web</code> : This module contains the web interface.</p>
<p><code>utils</code> : Contains general helper functions.</p>
<p><code>httputils</code> : Contains helper functions for working with HTTP.</p>
<p><code>pathutils</code> : Helper functions for working with paths and the filesystem.</p>
<p><code>xmlutils</code> : Helper functions for working with the XML part of CalDAV/CardDAV requests and responses. It's based on the ElementTree XML API.</p>
</section>
</section>
<section class="level3" id="documentation/plugins">
@ -1134,54 +1023,59 @@ user2:password2
<p>Radicale can be extended by plugins for authentication, rights management and storage. Plugins are <strong>python</strong> modules.</p>
<section class="level4" id="documentation/plugins/getting-started">
<h4>Getting started <a class="headerlink" href="#documentation/plugins/getting-started">&para;</a></h4>
<p>To get started we walk through the creation of a simple authentication plugin, that accepts login attempts if the username and password are equal.</p>
<p>To get started we walk through the creation of a simple authentication plugin, that accepts login attempts with a static password.</p>
<p>The easiest way to develop and install <strong>python</strong> modules is <a href="https://docs.python.org/3/distutils/setupscript.html">Distutils</a>. For a minimal setup create the file <code>setup.py</code> with the following content in an empty folder:</p>
<div class="sourceCode" id="cb41"><pre class="sourceCode python"><code class="sourceCode python"><span id="cb41-1"><a href="#cb41-1"></a><span class="co">#!/usr/bin/env python3</span></span>
<span id="cb41-2"><a href="#cb41-2"></a></span>
<span id="cb41-3"><a href="#cb41-3"></a><span class="im">from</span> distutils.core <span class="im">import</span> setup</span>
<span id="cb41-4"><a href="#cb41-4"></a></span>
<span id="cb41-5"><a href="#cb41-5"></a>setup(name<span class="op">=</span><span class="st">"radicale_silly_auth"</span>, packages<span class="op">=</span>[<span class="st">"radicale_silly_auth"</span>])</span></code></pre></div>
<p>In the same folder create the sub-folder <code>radicale_silly_auth</code>. The folder must have the same name as specified in <code>packages</code> above.</p>
<p>Create the file <code>__init__.py</code> in the <code>radicale_silly_auth</code> folder with the following content:</p>
<div class="sourceCode" id="cb42"><pre class="sourceCode python"><code class="sourceCode python"><span id="cb42-1"><a href="#cb42-1"></a><span class="im">from</span> radicale.auth <span class="im">import</span> BaseAuth</span>
<span id="cb42-2"><a href="#cb42-2"></a></span>
<span id="cb42-3"><a href="#cb42-3"></a></span>
<span id="cb42-4"><a href="#cb42-4"></a><span class="kw">class</span> Auth(BaseAuth):</span>
<span id="cb42-5"><a href="#cb42-5"></a> <span class="kw">def</span> is_authenticated(<span class="va">self</span>, user, password):</span>
<span id="cb42-6"><a href="#cb42-6"></a> <span class="co"># Example custom configuration option</span></span>
<span id="cb42-7"><a href="#cb42-7"></a> foo <span class="op">=</span> <span class="st">""</span></span>
<span id="cb42-8"><a href="#cb42-8"></a> <span class="cf">if</span> <span class="va">self</span>.configuration.has_option(<span class="st">"auth"</span>, <span class="st">"foo"</span>):</span>
<span id="cb42-9"><a href="#cb42-9"></a> foo <span class="op">=</span> <span class="va">self</span>.configuration.get(<span class="st">"auth"</span>, <span class="st">"foo"</span>)</span>
<span id="cb42-10"><a href="#cb42-10"></a> <span class="va">self</span>.logger.info(<span class="st">"Configuration option </span><span class="sc">%r</span><span class="st"> is </span><span class="sc">%r</span><span class="st">"</span>, <span class="st">"foo"</span>, foo)</span>
<span id="cb42-11"><a href="#cb42-11"></a></span>
<span id="cb42-12"><a href="#cb42-12"></a> <span class="co"># Check authentication</span></span>
<span id="cb42-13"><a href="#cb42-13"></a> <span class="va">self</span>.logger.info(<span class="st">"Login attempt by </span><span class="sc">%r</span><span class="st"> with password </span><span class="sc">%r</span><span class="st">"</span>,</span>
<span id="cb42-14"><a href="#cb42-14"></a> user, password)</span>
<span id="cb42-15"><a href="#cb42-15"></a> <span class="cf">return</span> user <span class="op">==</span> password</span></code></pre></div>
<div class="sourceCode" id="cb37"><pre class="sourceCode python"><code class="sourceCode python"><span id="cb37-1"><a href="#cb37-1"></a><span class="co">#!/usr/bin/env python3</span></span>
<span id="cb37-2"><a href="#cb37-2"></a></span>
<span id="cb37-3"><a href="#cb37-3"></a><span class="im">from</span> distutils.core <span class="im">import</span> setup</span>
<span id="cb37-4"><a href="#cb37-4"></a></span>
<span id="cb37-5"><a href="#cb37-5"></a>setup(name<span class="op">=</span><span class="st">"radicale_static_password_auth"</span>, packages<span class="op">=</span>[<span class="st">"radicale_static_password_auth"</span>])</span></code></pre></div>
<p>In the same folder create the sub-folder <code>radicale_static_password_auth</code>. The folder must have the same name as specified in <code>packages</code> above.</p>
<p>Create the file <code>__init__.py</code> in the <code>radicale_static_password_auth</code> folder with the following content:</p>
<div class="sourceCode" id="cb38"><pre class="sourceCode python"><code class="sourceCode python"><span id="cb38-1"><a href="#cb38-1"></a><span class="im">from</span> radicale.auth <span class="im">import</span> BaseAuth</span>
<span id="cb38-2"><a href="#cb38-2"></a><span class="im">from</span> radicale.log <span class="im">import</span> logger</span>
<span id="cb38-3"><a href="#cb38-3"></a></span>
<span id="cb38-4"><a href="#cb38-4"></a>PLUGIN_CONFIG_SCHEMA <span class="op">=</span> {<span class="st">"auth"</span>: {</span>
<span id="cb38-5"><a href="#cb38-5"></a> <span class="st">"password"</span>: {<span class="st">"value"</span>: <span class="st">""</span>, <span class="st">"type"</span>: <span class="bu">str</span>}}}</span>
<span id="cb38-6"><a href="#cb38-6"></a></span>
<span id="cb38-7"><a href="#cb38-7"></a></span>
<span id="cb38-8"><a href="#cb38-8"></a><span class="kw">class</span> Auth(BaseAuth):</span>
<span id="cb38-9"><a href="#cb38-9"></a> <span class="kw">def</span> <span class="fu">__init__</span>(<span class="va">self</span>, configuration):</span>
<span id="cb38-10"><a href="#cb38-10"></a> <span class="bu">super</span>().<span class="fu">__init__</span>(configuration.copy(PLUGIN_CONFIG_SCHEMA))</span>
<span id="cb38-11"><a href="#cb38-11"></a></span>
<span id="cb38-12"><a href="#cb38-12"></a> <span class="kw">def</span> login(<span class="va">self</span>, user, password):</span>
<span id="cb38-13"><a href="#cb38-13"></a> <span class="co"># Get password from configuration option</span></span>
<span id="cb38-14"><a href="#cb38-14"></a> static_password <span class="op">=</span> <span class="va">self</span>.configuration.get(<span class="st">"auth"</span>, <span class="st">"password"</span>)</span>
<span id="cb38-15"><a href="#cb38-15"></a> <span class="co"># Check authentication</span></span>
<span id="cb38-16"><a href="#cb38-16"></a> logger.info(<span class="st">"Login attempt by </span><span class="sc">%r</span><span class="st"> with password </span><span class="sc">%r</span><span class="st">"</span>,</span>
<span id="cb38-17"><a href="#cb38-17"></a> user, password)</span>
<span id="cb38-18"><a href="#cb38-18"></a> <span class="cf">if</span> password <span class="op">==</span> static_password:</span>
<span id="cb38-19"><a href="#cb38-19"></a> <span class="cf">return</span> user</span>
<span id="cb38-20"><a href="#cb38-20"></a> <span class="cf">return</span> <span class="st">""</span></span></code></pre></div>
<p>Install the python module by running the following command in the same folder as <code>setup.py</code>:</p>
<div class="sourceCode" id="cb43"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb43-1"><a href="#cb43-1"></a><span class="ex">python3</span> -m pip install --upgrade .</span></code></pre></div>
<p>To make use this great creation in Radicale, set the configuration option <code>type</code> in the <code>auth</code> section to <code>radicale_silly_auth</code>:</p>
<div class="sourceCode" id="cb44"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb44-1"><a href="#cb44-1"></a><span class="kw">[auth]</span></span>
<span id="cb44-2"><a href="#cb44-2"></a><span class="dt">type </span><span class="ot">=</span><span class="st"> radicale_silly_auth</span></span>
<span id="cb44-3"><a href="#cb44-3"></a><span class="dt">foo </span><span class="ot">=</span><span class="st"> bar</span></span></code></pre></div>
<div class="sourceCode" id="cb39"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb39-1"><a href="#cb39-1"></a><span class="ex">python3</span> -m pip install --upgrade .</span></code></pre></div>
<p>To make use this great creation in Radicale, set the configuration option <code>type</code> in the <code>auth</code> section to <code>radicale_static_password_auth</code>:</p>
<div class="sourceCode" id="cb40"><pre class="sourceCode ini"><code class="sourceCode ini"><span id="cb40-1"><a href="#cb40-1"></a><span class="kw">[auth]</span></span>
<span id="cb40-2"><a href="#cb40-2"></a><span class="dt">type </span><span class="ot">=</span><span class="st"> radicale_static_password_auth</span></span>
<span id="cb40-3"><a href="#cb40-3"></a><span class="dt">password </span><span class="ot">=</span><span class="st"> secret</span></span></code></pre></div>
<p>You can uninstall the module with:</p>
<div class="sourceCode" id="cb45"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb45-1"><a href="#cb45-1"></a><span class="ex">python3</span> -m pip uninstall radicale_silly_auth</span></code></pre></div>
<div class="sourceCode" id="cb41"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb41-1"><a href="#cb41-1"></a><span class="ex">python3</span> -m pip uninstall radicale_static_password_auth</span></code></pre></div>
</section>
<section class="level4" id="documentation/plugins/authentication-plugins">
<h4>Authentication plugins <a class="headerlink" href="#documentation/plugins/authentication-plugins">&para;</a></h4>
<p>This plugin type is used to check login credentials. The module must contain a class <code>Auth</code> that extends <code>radicale.auth.BaseAuth</code>. Take a look at the file <code>radicale/auth.py</code> in Radicale's source code for more information.</p>
<p>This plugin type is used to check login credentials. The module must contain a class <code>Auth</code> that extends <code>radicale.auth.BaseAuth</code>. Take a look at the file <code>radicale/auth/__init__.py</code> in Radicale's source code for more information.</p>
</section>
<section class="level4" id="documentation/plugins/rights-management-plugins">
<h4>Rights management plugins <a class="headerlink" href="#documentation/plugins/rights-management-plugins">&para;</a></h4>
<p>This plugin type is used to check if a user has access to a path. The module must contain a class <code>Rights</code> that extends <code>radicale.rights.BaseRights</code>. Take a look at the file <code>radicale/rights.py</code> in Radicale's source code for more information.</p>
<p>This plugin type is used to check if a user has access to a path. The module must contain a class <code>Rights</code> that extends <code>radicale.rights.BaseRights</code>. Take a look at the file <code>radicale/rights/__init__.py</code> in Radicale's source code for more information.</p>
</section>
<section class="level4" id="documentation/plugins/web-plugins">
<h4>Web plugins <a class="headerlink" href="#documentation/plugins/web-plugins">&para;</a></h4>
<p>This plugin type is used to provide the web interface for Radicale. The module must contain a class <code>Web</code> that extends <code>radicale.web.BaseWeb</code>. Take a look at the file <code>radicale/web.py</code> in Radicale's source code for more information.</p>
<p>This plugin type is used to provide the web interface for Radicale. The module must contain a class <code>Web</code> that extends <code>radicale.web.BaseWeb</code>. Take a look at the file <code>radicale/web/__init__.py</code> in Radicale's source code for more information.</p>
</section>
<section class="level4" id="documentation/plugins/storage-plugins">
<h4>Storage plugins <a class="headerlink" href="#documentation/plugins/storage-plugins">&para;</a></h4>
<p>This plugin is used to store collections and items. The module must contain a class <code>Collection</code> that extends <code>radicale.storage.BaseCollection</code>. Take a look at the file <code>radicale/storage.py</code> in Radicale's source code for more information.</p>
<p>This plugin is used to store collections and items. The module must contain a class <code>Storage</code> that extends <code>radicale.storage.BaseStorage</code>. Take a look at the file <code>radicale/storage/__init__.py</code> in Radicale's source code for more information.</p>
</section>
</section>
</section>
@ -1197,7 +1091,7 @@ user2:password2
</section>
<section class="level4" id="contribute//hack">
<h4>Hack <a class="headerlink" href="#contribute//hack">&para;</a></h4>
<p>Interested in hacking? Feel free to clone the <a href="https://github.com/Kozea/Radicale">git repository on Github</a> if you want to add new features, fix bugs or update the documentation.</p>
<p>Interested in hacking? Feel free to clone the <a href="https://github.com/Kozea/Radicale">git repository on GitHub</a> if you want to add new features, fix bugs or update the documentation.</p>
</section>
<section class="level4" id="contribute//documentation">
<h4>Documentation <a class="headerlink" href="#contribute//documentation">&para;</a></h4>
@ -1221,35 +1115,7 @@ user2:password2
</section>
<section class="level4" id="download//source-packages">
<h4>Source Packages <a class="headerlink" href="#download//source-packages">&para;</a></h4>
<p>You can download the Radicale package for each release:</p>
<ul>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/2.1.11"><strong>2.1.11 - Wild Radish</strong></a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/2.1.10"><strong>2.1.10 - Wild Radish</strong></a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/2.1.9"><strong>2.1.9 - Wild Radish</strong></a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/2.1.8"><strong>2.1.8 - Wild Radish</strong></a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/2.1.7"><strong>2.1.7 - Wild Radish</strong></a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/2.1.6"><strong>2.1.6 - Wild Radish</strong></a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/2.1.5"><strong>2.1.5 - Wild Radish</strong></a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/2.1.4"><strong>2.1.4 - Wild Radish</strong></a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/2.1.3"><strong>2.1.3 - Wild Radish</strong></a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/2.1.2"><strong>2.1.2 - Wild Radish</strong></a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/1.1.6"><strong>1.1.6 - Sixth Law of Nature</strong></a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/2.1.1"><strong>2.1.1 - Wild Radish Again</strong></a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/2.1.0"><strong>2.1.0 - Wild Radish</strong></a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/1.1.4"><strong>1.1.4 - Fifth Law of Nature</strong></a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/2.1.0rc3">2.1.0rc3</a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/2.1.0rc2">2.1.0rc2</a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/2.1.0rc1">2.1.0rc1</a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/2.0.0"><strong>2.0.0 - Little Big Radish</strong></a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/1.1.3"><strong>1.1.3 - Fourth Law of Nature</strong></a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/2.0.0rc2">2.0.0rc2</a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/1.1.2"><strong>1.1.2 - Third Law of Nature</strong></a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/2.0.0rc1">2.0.0rc1</a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/1.1.1"><strong>1.1.1 - Second Law of Nature</strong></a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/1.1"><strong>1.1 - Law of Nature</strong></a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/1.0.1"><strong>1.0.1 - Sunflower Again</strong></a></li>
<li><a href="https://api.github.com/repos/Kozea/Radicale/tarball/1.0"><strong>1.0 - Sunflower</strong></a></li>
</ul>
<p>You can find the source packages of all releases on <a href="https://github.com/Kozea/Radicale/releases">GitHub</a>.</p>
</section>
<section class="level4" id="download//linux-distribution-packages">
<h4>Linux Distribution Packages <a class="headerlink" href="#download//linux-distribution-packages">&para;</a></h4>