Hi James, Quoting James Valleroy (2018-12-23 21:42:05) > Currently, FreedomBox makes the following changes to > /etc/radicale/config:
Thanks for this bugreport. Very helpful!
> 1. Sets server/hosts to '127.0.0.1:5232, [::1]:5232'.
It is not recommended to use the built-in web service for production.
Debian package ships with uWSGI configuration ready to use, and
documentation for using that has recently been updated: Please check if
that is usable for FreedomBox.
> 2. Sets server/base_prefix to '/radicale/'.
with uWSGI, you can declare prefix in a Apache vhost snippet - see
example snippet shipped with Radicale in unstable.
Please test and tell if it works - I use Radicale only at the root of a
dedicated vhost.
> 3. Sets well-known/caldav to '/radicale/%(user)s/caldav/'.
> 4. Sets well-known/carddav to '/radicale/%(user)s/carddav/'.
I believe this is no longer needed with Radicale 2.x - please file bugs
if something like this is needed.
> 5. Sets rights/type to 'owner_only'.
Radicale in unstable use 'from_file' by default, with rights file
configured similar to owner_only.
Suggestions welcome for improved default setup of rights file.
> Note that rights/type can be further configured through plinth. It can
> be set to 'owner_only', 'owner_write', or 'authenticated'.
Don't have Plinth edit conffiles ever - it *CANNOT* work reliably!
All Radicale configfiles are currently (and previously too) conffiles.
Here is one way to have adaptable Radicale configuration without risking
questions during upgrade, for Buster:
1. Copy radicale files to somewhere under Plinth control:
* /etc/radicale/* → /etc/plinth/radicale/*
* /etc/uwsgi/*/radicale.conf → /etc/uwsgi/*/radicale_plinth.conf
2. Edit the copied files to use each other
3. Edit the copied files for the needed adaption
4. When Plinth is asked to change a setting, do steps 1-3.
5. When radicale package is updated, do steps 1-3.
I guess step 5 is done with a dpkg trigger, but I have no experience
with that.
If you want Radicale to offer debconf handling of auth type, then please
file a separate bugreport to discuss that specifically. Beware that in
my experience user-friendly CalDAV/CardDAV clients (read: Apple ical)
can only make use of "ower_only"-style auth types - only crude clients
(read: Lightning) can use more "creative" auth types. I am therefore
hesitant to spending time making that configurable. But if needed,
please file a bugreport and try convince me :-)
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
