From 933835448c437d0d235563cc76cc2150ab3431ec Mon Sep 17 00:00:00 2001 From: Github Actions <> Date: Sat, 18 Apr 2020 14:59:12 +0000 Subject: [PATCH] Generate documentation --- master.html | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/master.html b/master.html index 4c718c4a..a06bcc95 100644 --- a/master.html +++ b/master.html @@ -333,7 +333,9 @@ user2:password2

Data is stored in the folder /var/lib/radicale/collections. The path can be changed with the following configuration:

[storage]
 filesystem_folder = /path/to/storage
-

Security: The storage folder should not be readable by unauthorized users. Otherwise, they can read the calendar data and lock the storage. You can find OS dependent instructions in the Running as a service section.

+
+

Security: The storage folder should not be readable by unauthorized users. Otherwise, they can read the calendar data and lock the storage. You can find OS dependent instructions in the Running as a service section.

+

Limits

@@ -356,7 +358,9 @@ user2:password2

Linux with systemd system-wide

Create the radicale user and group for the Radicale service. (Run useradd --system --home-dir / --shell /sbin/nologin radicale as root.) The storage folder must be writable by radicale. (Run mkdir -p /var/lib/radicale/collections && chown -R radicale:radicale /var/lib/radicale/collections as root.)

+

Security: The storage should not be readable by others. (Run chmod -R o= /var/lib/radicale/collections as root.)

+

Create the file /etc/systemd/system/radicale.service:

[Unit]
 Description=A simple CalDAV (calendar) and CardDAV (contact) server
@@ -431,7 +435,9 @@ user2:password2
 
  • Error: C:\Path\To\Radicale.log
    • 
 
 
+
    
 
    Security: Be aware that the service runs in the local system account, you might want to change this. Managing user accounts is beyond the scope of this manual. Also make sure that the storage folder and log file is not readable by unauthorized users.
    
+
    
 
    The log file might grow very big over time, you can configure file rotation in NSSM to prevent this.
    
 
    The service is configured to start automatically when the computer starts. To start the service manually open Services in Computer Management and start the Radicale service.
    @@ -485,7 +491,9 @@ user2:password2 RequestHeader set X-Script-Name /radicale/ RequestHeader set X-Remote-User expr=%{REMOTE_USER} </Location> +

    Security: Untrusted clients should not be able to access the Radicale server directly. Otherwise, they can authenticate as any user.

    +

    Secure connection between Radicale and the reverse proxy

    @@ -515,7 +523,9 @@ user2:password2

    Radicale is compatible with the WSGI specification.

    A configuration file can be set with the RADICALE_CONFIG environment variable, otherwise no configuration file is loaded and the default configuration is used.

    Be reminded that Radicale's default configuration enforces limits on the maximum upload file size.

    +

    Security: The None authentication type disables all rights checking. Don't use it with REMOTE_USER. Use remote_user instead.

    +

    Example uWSGI configuration:

    [uwsgi]
 http-socket = 127.0.0.1:5232