Ready for Review, I think

2025-06-26 16:45:52 +00:00 · 2017-07-27 13:50:10 +00:00 · 2017-07-27 13:50:10 +00:00 · 3e2fcad514
commit 3e2fcad514
parent 5ba89a3904
1 changed files with 259 additions and 55 deletions
--- a/Simple-installation.md
+++ b/Simple-installation.md
@ -3,11 +3,17 @@ This page should explain how to set up a small installation for personal use, wi
 - an example of plain htpasswd authentication,
 - an example of SSL certificate.
 # Contents
 - [Setup and Verify Test CalDAV Server on Localhost:5232](https://github.com/Kozea/Radicale/wiki/Simple-installation/_edit#setup-and-verify-test-server-on-localhost5232)
    - If you want to become familiar with Radicale before attempting a setup
 - [Setup Real CalDAV Server on LocalNetwork:5232](https://github.com/Kozea/Radicale/wiki/Simple-installation/_edit#setup-real-caldav-server-on-localnetwork5232)
    - If you want to immediately begin work
    - Assumes you have OpenSSH server already up and can use "scp" command
 - Setup Real CalDAV Server on PublicIPAddress:5232
 # Setup and Verify Test CalDAV Server on Localhost:5232
-# Setup and Verify Test Server on Localhost:5232
+> This is a small installation on Ubuntu Desktop 16.04. All credit to [Radicale Documentation](http://radicale.org/documentation/)
 > This is a small installation on Ubuntu Desktop 16.04 [once this works, will write up necessary edits for small installation on Ubuntu Server 16.04]. All credit to [Radicale Documentation](http://radicale.org/documentation/)
 ## Install and Run Radicale
@ -15,6 +21,7 @@ This page should explain how to set up a small installation for personal use, wi
 Open a terminal and enter these commands:
 ```
 ##### Install dependencies for Radicale
 sudo apt-get install python3-pip
 ```
@ -40,12 +47,12 @@ sudo -H python3 -m radicale --config "" --storage-filesystem-folder=~/.var/lib/r
    - Username: fake
 - Click "Create new addressbook or calendar"
 - Enter a Calendar Title, Description, Type, and Color and click "Save"
-    - Title: fakecal01
+    - Title: fakecalDAV01
    - Description: fakecalendar01
    - Type: calendar, journal and tasks [default]
    - Color: [default]
 - You are now returned to the Radicale "Collections" page in your browser
-    - Note that collection (Calendar) "fakecal01" has a URL, we will use this in our Calendar Client
+    - Note that collection (Calendar) "fakecalDAV01" has a URL, we will use this in our Calendar Client
        - URL: http://localhost:5232/fake/234e38a1-32eg-9e0x-e3tn-eut92930etae/
 ## Modify first Calendar in Thunderbird Calendar Client
@ -57,81 +64,83 @@ sudo -H python3 -m radicale --config "" --storage-filesystem-folder=~/.var/lib/r
 - Select "On the Network" in the dialog box and click "Next"
 - Select a Format and Location and click "Next"
    - Format: CalDAV
-    - Location: Copy and paste fakecal01's URL (all of it) and add any "USERNAME@" before "localhost"
+    - Location: Copy and paste fakecalDAV01's URL (all of it) and add any "USERNAME@" before "localhost"
        - e.g., http://fake@localhost:5232/fake/234e38a1-32eg-9e0x-e3tn-eut92930etae/
        - e.g., http://myusername@localhost:5232/fake/234e38a1-32eg-9e0x-e3tn-eut92930etae/
 - Enter a Name, Color, and Thunderbird email account and click "Next"
-    - Name: First Radicale Test Calendar (FRTC)
+    - Name: TB Radicale Test Calendar (TBRTC)
-    - Color: [color you would like to indicate an event on FRTC]
+    - Color: [color you would like to indicate an event on TBRTC]
    - Email: [default]
 - Click "Finish"
-### Modify First Radicale Test Calendar
+### Modify Radicale Test Calendar
 - Click "Events and Tasks > New Event"
    - Select Title, Location, Start and End Time, and Calendar and click "Save and Close"
        - Title: First New Event
        - Location: 123 Main Street
        - Start and End Time: 01 Jan 2000 15:00 to 01 Jan 2000 18:00
-        - Calendar: First Radicale Test Calendar
+        - Calendar: TB Radicale Test Calendar
-Hopefully, you do not see a yellow triangle with black "!" in "Calendar Pane > Calendar List" next to First Radicale Test Calendar. Hopefully, "First Radicale Test Calendar" text is not greyed out. Hopefully, no error message upon "Save and Close."
+Hopefully, you do not see a yellow triangle with black "!" in "Calendar Pane > Calendar List" next to TB Radicale Test Calendar. Hopefully, "TB Radicale Test Calendar" text is not greyed out. Hopefully, no error message upon "Save and Close."
 ### Verify Modification of CalDAV backend
 - Return to browser, http://localhost:5232/
- Click URL for "fakecal01" and save .ics file
+- Click URL for "fakecalDAV01" and save .ics file
 - Go to folder with .ics file and open .ics file _with a text editor_
- Enjoy ~50 lines that represent your "First New Event" in your "First Radicale Test Calendar"
+- Enjoy ~50 lines that represent your "First New Event" in your "TB Radicale Test Calendar"
-# Setup Real Server on PublicIPaddress:5232
+# Setup Real CalDAV Server on LocalNetwork:5232
-> This is a small installation on Ubuntu Desktop 16.04 [once this works, will write up necessary edits for small installation on Ubuntu Server 16.04]. All credit to [Radicale Documentation](http://radicale.org/documentation/)
+> This is a small installation on Ubuntu Server 16.04. All credit to [Radicale Documentation](http://radicale.org/documentation/)
-## Shut down Test Server
+## Shut down Test Server on Desktop Client
 ### Logging off
- Return to browser, http://localhost:5232/
+- Return to browser on Desktop Client, http://localhost:5232/
    - Click "Logout[fake]"
 - Return to Terminal where you launched Radicale in the background (still running) and type Ctrl+C
 ```
 ##### Cursor will simply blink in Terminal
-sudo -H python3 -m radicale --config "" --storage-filesystem-folder=~/.var/lib/radicale/collections
+ClientUSER@CLIENT:~$ sudo -H python3 -m radicale --config "" --storage-filesystem-folder=~/.var/lib/radicale/collections
 [BLINKING CURSOR]
 ^C
 ##### Radicale command finished, Terminal ready for next command
 ClientUSER@CLIENT:~$ 
 ```
-## Configure Server with Real Configuration File
+## Configure Real Configuration File on Desktop Client
 ### Configure Secure Users
- Create some users and passwords
+- Create some users and passwords (the CalDAV username does not need to match your login USERNAME on either Desktop Client or Server but you should pick a name and password you actually want to use for the real calendar)
 ```
 ##### Install dependencies for htpasswd command (if needed)
-sudo apt-get install apache2-utils
+ClientUSER@CLIENT:~$ sudo apt-get install apache2-utils
-##### Put user "fake" in a new "users" file
+##### Put user "fakeuser" in a new "users" file
-sudo htpasswd -B -c /etc/radicale/users fakeuser
+ClientUSER@CLIENT:~$ sudo htpasswd -B -c /etc/radicale/users fakeuser
 New password:
 Re-type new password:
 ##### Add another user
-sudo htpasswd -B /etc/radicale/users user2
+ClientUSER@CLIENT:~$ sudo htpasswd -B /etc/radicale/users user2
 New password:
 Re-type new password:
 ##### Install dependencies for bcrypt encryption method
-sudo python3 -m pip install --upgrade passlib bcrypt
+ClientUSER@CLIENT:~$ sudo python3 -m pip install --upgrade passlib bcrypt
 ```
- Tell Radicale where to find users by editing the /etc/radicale/config file [remember, you installed Radicale as root with "sudo -H" above] in your Terminal
+- Tell Radicale where to find users by editing the /etc/radicale/config file in your Terminal [assuming you installed Radicale as root with "sudo -H" above. If you installed as USER, edit ~/.config/radicale/config]
    - Add lines to [auth] section of config file
        - Note that your config file should already look finished (~200 lines), not empty
 ```
-sudo nano /etc/radicale/config
+ClientUSER@CLIENT:~$ sudo nano /etc/radicale/config
 ##### Add these lines under relevant portions of [auth] section
 type = htpasswd
-htpasswd_filename = /path/to/users
+htpasswd_filename = /etc/radicale/users
 # encryption method used in the htpasswd file
 htpasswd_encryption = bcrypt
 ```
@ -151,37 +160,40 @@ timeout = 10
 delay = 1
 ```
-## Test Configuration
+## Test Configuration on Desktop Client
- Run Radicale with our /etc/radicale/config file (rather than blank configuration file for Test Server)
+- Run Radicale with our /etc/radicale/config file (rather than blank configuration file used above for Test Server)
 ```
-##### Note that you may need to comment out some sections in /etc/radicale/config if this does not work first by adding a "#" before "[well-known]" and "[git]" if you see similar errors
+##### Note that you may need to comment out some sections in /etc/radicale/config if this does not work
 ##### by adding a "#" before "[well-known]" and "[git]" if you see similar errors
 ##### ERROR: Invalid configuration: Invalid section 'well-known' in config
-sudo -H python3 -m radicale --storage-filesystem-folder=~/.var/lib/radicale/collections
+ClientUSER@CLIENT:~$ sudo -H python3 -m radicale
 ```
- Return to browser, http://localhost:5232/
+- Return to browser on Desktop Client, http://localhost:5232/
    - Authentication Required for localhost:5232, enter Username and Password and click "OK"
        - Username: fakeuser
        - Password: [password you gave to htpasswd]
            - Try to login as FAKE, or wrongUser--this should now fail!
-## Create second Calendar
+## Create real Calendar
-### Create calendar
+### Create real calendar
- Click "Create new addressbook or calendar"
+- Still in Desktop Client browser, click "Create new addressbook or calendar"
 - Enter a Calendar Title, Description, Type, and Color and click "Save"
-    - Title: fakeusercal01
+    - Title: fakeusercalDAV01
    - Description: fakeuser's /etc/radicale/config calendar
    - Type: calendar, journal and tasks [default]
    - Color: [default]
        - You can edit these variables later
 - You are now returned to the Radicale "Collections" page in your browser
-    - Note that collection (Calendar) "fakeusercal01" has a URL, we will use this in our Calendar Client
+    - Note that collection (Calendar) "fakeusercalDAV01" has a URL, we will use this in our Calendar Client
        - URL: http://localhost:5232/fakeuser/775e38a1-32eg-9e0x-e3tn-fax92930uskl/
-        - Note this URL is different from "First Radicale Test Calendar" (i.e., fakecal01)
+        - Note that this URL is different from "TB Radicale Test Calendar" (i.e., fakecalDAV01)
-## Modify second Calendar in Thunderbird Calendar Client
+## Modify real Calendar in Thunderbird Calendar Client
-### Create New Calendar in Thunderbird
+### Create New Calendar in Thunderbird (localhost)
 - Open Thunderbird
    - Authentication Required for localhost:5232, enter Username and Password
        - Username: fakeuser
@ -191,32 +203,224 @@ sudo -H python3 -m radicale --storage-filesystem-folder=~/.var/lib/radicale/coll
 - Select "On the Network" in the dialog box and click "Next"
 - Select a Format and Location and click "Next"
    - Format: CalDAV
-    - Location: Copy and paste fakeusercal01's URL (all of it) and add any "USERNAME@" before "localhost"
+    - Location: Copy and paste fakeusercalDAV01's URL (all of it)
-        - e.g., http://fake@localhost:5232/fake/234e38a1-32eg-9e0x-e3tn-eut92930etae/
+        - i.e., http://localhost:5232/fakeuser/775e38a1-32eg-9e0x-e3tn-fax92930uskl/
-        - e.g., http://myusername@localhost:5232/fake/234e38a1-32eg-9e0x-e3tn-eut92930etae/
+        - At this stage, you could also add ***the username given to htpasswd*** as "USERNAME@" before "localhost"
            - i.e., http://fakeuser@localhost:5232/fakeuser/775e38a1-32eg-9e0x-e3tn-fax92930uskl/
 - Enter a Name, Color, and Thunderbird email account and click "Next"
-    - Name: Second Radicale Test Calendar (SRTC)
+    - Name: TB Real Radicale Calendar (TBRRTC)
-    - Color: [color you would like to indicate an event on SRTC]
+    - Color: [color you would like to indicate an event on TBRRTC]
    - Email: [default]
 - Click "Finish"
-### Modify Second Radicale Test Calendar
+### Modify TB Real Radicale Calendar
 - Click "Events and Tasks > New Event"
    - Select Title, Location, Start and End Time, and Calendar and click "Save and Close"
        - Title: Second New Event
        - Location: 123 Main Street
        - Start and End Time: 01 Jan 2000 15:00 to 01 Jan 2000 18:00
-        - Calendar: Second Radicale Test Calendar
+        - Calendar: TB Real Radicale Calendar
-Hopefully, you do not see a yellow triangle with black "!" in "Calendar Pane > Calendar List" next to Second Radicale Test Calendar. Hopefully, "Second Radicale Test Calendar" text is not greyed out. Hopefully, no error message upon "Save and Close."
+Hopefully, you do not see a yellow triangle with black "!" in "Calendar Pane > Calendar List" next to TB Real Radicale Calendar. Hopefully, "TB Real Radicale Calendar" text is not greyed out. Hopefully, no error message upon "Save and Close."
 ### Verify Modification of CalDAV backend
 - Return to browser, http://localhost:5232/
- Click URL for "fakeusercal01" and save .ics file
+- Click URL for "fakeusercalDAV01" and save .ics file
 - Go to folder with .ics file and open .ics file _with a text editor_
- Enjoy ~50 lines that represent your "Second New Event" in your "Second Radicale Test Calendar"
+- Enjoy ~50 lines that represent your "Second New Event" in your "TB Real Radicale Calendar"
-## Set Up Service
+## Set Up Radicale on Server
-[Something confuses me here???]
+Your configuration files and authentication worked! Now let's install Radicale on the Server and push these config files to the Server.
-## Serve Calendar to Public WWW (e.g., your computer outside home, your phone via cellular)
+## Install Radicale on Server
 SSH from your Desktop Client to Server by opening a terminal and enter these commands:
 ```
 ClientUSER@Client:~$ ssh ServerUSER@server.local.ip.address
 ```
 ### Install Dependencies
 ```
 ##### Install dependencies for Radicale
 ServerUSER@Server:~$ sudo apt-get install python3-pip
 ##### Install dependencies for bcrypt encryption method
 ServerUSER@Server:~$ sudo python3 -m pip install --upgrade passlib bcrypt
 ```
 ### Install Radicale
 ```
 ##### -H flag uses root's home rather than USER's home
 ServerUSER@Server:~$ sudo -H python3 -m pip install --upgrade radicale
 ```
 ## Configure Server
 ### Transfer files from Desktop Client to Server
 Make /etc/radicale directory
 ```
 ServerUSER@Server:~$ sudo mkdir /etc/radicale
 ```
 Return to Terminal attached to Desktop Client
 ```
 ClientUSER@Client:~$ sudo scp /etc/radicale/config ServerUSER@server.local.ip.address:/home/ServerUSER/radicale-config
 ClientUSER@Client:~$ sudo scp /etc/radicale/config ServerUSER@server.local.ip.address:/home/ServerUSER/radicale-users
 ClientUSER@Client:~$ sudo scp /var/lib/radicale/collections/collections-root ServerUSER@server.local.ip.address:/home/ServerUSER/radicale-collections-root
 ```
 Return to SSH Terminal attached to Server, move the config and storage files to proper locations and change owner
 ```
 ServerUSER@Server:~$ sudo mv /home/ServerUSER/radicale-config /etc/radicale/config
 ServerUSER@Server:~$ sudo mv /home/ServerUSER/radicale-users /etc/radicale/users
 ServerUSER@Server:~$ sudo mv /home/ServerUSER/radicale-collection-root /var/lib/radicale/collections/collection-root
 ServerUSER@Server:~$ sudo chown root:root /etc/radicale/config
 ServerUSER@Server:~$ sudo chown root:root /etc/radicale/users
 ServerUSER@Server:~$ sudo chown -R radicale:radicale /var/lib/radicale/collections
 ```
 ### Edit files to allow SSL/TLS connections from other machines
 - HELP: I cannot make "hosts = 192.168.1.0:5232" or something restricted to local network! ???
 ```
 ##### Open config file for editing
 ServerUSER@Server:~$ sudo nano /etc/radicale/config
 ```
 ```
 ##### Add these lines under relevant portions of [server] section where your router is 192.168.1.1
 hosts = 0.0.0.0:5232
 ##### By setting ssl = True, Radicale no longer responds to HTTP requests.
 ssl = True
 certificate = /etc/ssl/radicale.cert.pem
 key = /etc/ssl/radicale.key.pem
 ```
 ### Make a Self-Signed SSL/TLS Certificate to allow HTTPS connection to your Radical Service on Server
 ```
 ##### You can hit enter as an answer to all the questions to set the default except this one: 
 ##### "Common Name (eg, YOUR name) []:" where you will enter your domain name or dns record 
 ##### used for your development server, or in case of wildcard certificates, 
 ##### use an astrisk, like this: *.mycompany.com 
 ##### By using a self-signed certificate, your browser should warn you of this fact.
 ##### Confirm exception as you wish, but this exception is necessary to visit page.
 ServerUSER@Server:~$ openssl req -nodes -newkey rsa:2048 -keyout /etc/ssl/radicale.key.pem -out /etc/ssl/radicale.cert.pem -x509 -days 365
 Common Name (eg, YOUR name) []: developmentserver12345
 ```
 ### Set Up Service on Server to allow Radicale to run in background all the time
 ```
 ##### Create "radicale" user and group for Radicale service
 ServerUSER@Server:~$ sudo useradd --system --home-dir / --shell /sbin/nologin radicale
 ##### Make storage folder writable by user "radicale"
 ServerUSER@Server:~$ sudo mkdir -p /var/lib/radicale/collections
 ServerUSER@Server:~$ sudo chown -R radicale:radicale /var/lib/radicale/collections
 ##### Make storage folder non-readable by others
 ServerUSER@Server:~$ sudo chmod -R o= /var/lib/radicale/collections
 ```
 Create the file /etc/systemd/system/radicale.service
 ```
 ServerUSER@Server:~$ sudo nano /etc/systemd/system/radicale.service
 ```
 Cut and paste and save the following into the /etc/systemd/system/radicale.service blank nano screen
 ```
 [Unit]
 Description=A simple CalDAV (calendar) and CardDAV (contact) server
 After=network.target
 Requires=network.target
 [Service]
 ExecStart=/usr/bin/env python3 -m radicale
 Restart=on-failure
 User=radicale
 # Deny other users access to the calendar data
 UMask=0027
 # Optional security settings
 PrivateTmp=true
 ProtectSystem=strict
 ProtectHome=true
 PrivateDevices=true
 ProtectKernelTunables=true
 ProtectKernelModules=true
 ProtectControlGroups=true
 NoNewPrivileges=true
 ReadWritePaths=/var/lib/radicale/collections
 [Install]
 WantedBy=multi-user.target
 ```
 Start the Service Manually (Service will start automatically on failure and/or Server restart)
 ```
 # Enable the service
 ServerUSER@Server:~$ sudo systemctl enable radicale
 # Start the service
 ServerUSER@Server:~$ sudo systemctl start radicale
 # Check the status of the service
 ServerUSER@Server:~$ sudo systemctl status radicale
 # View all log messages
 ServerUSER@Server:~$ sudo journalctl --unit radicale.service
 ```
 ## Modify real Calendar on Server from Thunderbird Calendar Client on Desktop Client
 ### Create New Calendar in Thunderbird (192.168.1.20 Server)
 - Return to Thunderbird
    - Click "Events and Tasks > Calendar"
    - Click "File > New > Calendar" [or right-click "Calendar Pane > Calendar List" area and select "New Calendar"]
 - Select "On the Network" in the dialog box and click "Next"
 - Select a Format and Location and click "Next"
    - Format: CalDAV
    - Location: Copy and paste fakeusercalDAV01's URL (all of it)
        - i.e., https://192.168.1.20:5232/fakeuser/775e38a1-32eg-9e0x-e3tn-fax92930uskl/
        - Note that this URL is different from "TB Radicale Test Calendar" (i.e., fakecalDAV01) but identical to the "TB Real Radicale Calendar" (i.e., fakeusercalDAV01)
        - At this stage, you could also add ***the username given to htpasswd*** "USERNAME@" before "localhost"
            - i.e., https://fakeuser@localhost:5232/fakeuser/775e38a1-32eg-9e0x-e3tn-fax92930uskl/
 - Enter a Name, Color, and Thunderbird email account and click "Next"
    - Name: TB to Server Real Radicale Calendar (TSRRC)
    - Color: [color you would like to indicate an event on TSRRC]
    - Email: [default]
 - Click "Finish"
 ### Modify TB to Server Real Radicale Calendar
 - Click "Events and Tasks > New Event"
    - Select Title, Location, Start and End Time, and Calendar and click "Save and Close"
        - Title: Third New Event
        - Location: 123 Main Street
        - Start and End Time: 01 Jan 2000 15:00 to 01 Jan 2000 18:00
        - Calendar: TB to Server Real Radicale Calendar
 Hopefully, you do not see a yellow triangle with black "!" in "Calendar Pane > Calendar List" next to TB to Server Real Radicale Calendar. Hopefully, "TB to Server Real Radicale Calendar" text is not greyed out. Hopefully, no error message upon "Save and Close."
 ### Verify Modification of CalDAV backend
 - Return to browser, https://192.168.1.20:5232/ (assuming Server is 192.168.1.20)
    - Authentication Required for 192.168.1.20:5232, enter Username and Password and click "OK"
        - Username: fakeuser
        - Password: [password you gave to htpasswd]
            - Try to login as FAKE, or wrongUser--this should now fail!
 - Click URL for "fakeusercalDAV01" and save .ics file
 - Go to folder with .ics file and open .ics file _with a text editor_
 - Enjoy another ~50 lines that represent your "Third New Event" in your "TB to Server Real Radicale Calendar"
 # Serve Calendar to Public WWW (e.g., your computer outside home, your phone via cellular)
 Caveats:
 - You need to properly configure port forwarding from your home router to your Server such that incoming requests on port 5232 are forwarded to port 5232 of your Server (192.168.1.20)
 - You will need to know your public IP address
 - You will not be able to test that your calendar at public IP address is accessible from ***INSIDE*** your local network unless your router allows NAT Loopback
    - This also means that if you successfully access your CalDAV Server collection "fakeusercalDAV01" from ***inside*** your local network from your laptop (192.168.1.10) via a calendar client pointed at https://192.168.1.20:5232/fakeuser/775e38a1-32eg-9e0x-e3tn-fax92930uskl/ on Monday, this calendar client will not work ***outside*** your local network on Tuesday as the path to your calendar is different, e.g., https://your.public.IP.address:5232/fakeuser/775e38a1-32eg-9e0x-e3tn-fax92930uskl/