On 3/21/25 07:03, Petter Reinholdtsen wrote: [...]
Switching back to auth.type=remote_user in the file do not seem to be enough. I also tried auth.type=http_x_remote_user, but this did not solve the issue either. It seem to me Apache is the rejecting part, the http request do not reach radicale, at least radicale -D do not show any activity. Any clues to spare to get my calendar server back in action?
I have submitted a patch to fix the auth/type configuration with radicale 3.5. This ensures that new installs on trixie will not face any issues. Both James and I have confirmed that just changing auth/type in sufficient to make it work properly. However, there is more to this issue:
1) Both unattended upgrade and FreedomBox's configuration upgrade logic are unable to detect that 3.1.x to 3.5.x have a configuration file upgrade conflict. What is expected is that unattended-upgrade should refuse to make this upgrade and FreedomBox will then detect the configuration file upgrade conflict and preform a special upgrade while keeping the old preferences. The patch I have created also addresses this scenario to create the proper auth/type setting. What is observed is that unattended-upgrades is silently upgrading radicale package to newer version. There is no configuration file prompt shown during this silent upgrade.
2) Another problem is the authentication issues that you are experiencing. Even when auth/type is configured correctly in radicale LDAP authentication to view the web interface fails repeatedly (and then fail2ban complained). I have briefly experienced this. However, during repeated testing later, I could not reproduce the issue. Could you please try the following debugging:
Set "LogLevel debug" or "LogLevel trace5" in <Location /radicale> section in /etc/apache2/conf-available/radicale2-freedombox.conf. Restart Apache and watch journalctl -f when trying to login into radicale interface.
Links: 1) https://salsa.debian.org/freedombox-team/freedombox/-/merge_requests/2638 Thanks, -- Sunil
OpenPGP_0x36C361440C9BC971.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
