From 67dd56ab0d520abf01cdbdbe10b68f6289b6ecc7 Mon Sep 17 00:00:00 2001 From: Aaron LI Date: Mon, 9 Apr 2018 15:03:39 +0800 Subject: Add radicale role: lightweight {Card,Cal}DAV server WARNING: py36-radicale2 needs manual installation at the moment. --- roles/radicale/templates/config.j2 | 90 +++++++++++++++++++++++++++++ roles/radicale/templates/radicale.passwd.j2 | 15 +++++ 2 files changed, 105 insertions(+) create mode 100644 roles/radicale/templates/config.j2 create mode 100644 roles/radicale/templates/radicale.passwd.j2 (limited to 'roles/radicale/templates') diff --git a/roles/radicale/templates/config.j2 b/roles/radicale/templates/config.j2 new file mode 100644 index 0000000..ca5e251 --- /dev/null +++ b/roles/radicale/templates/config.j2 @@ -0,0 +1,90 @@ +# +# /usr/local/etc/radicale/config +# Radicale - A simple calendar and contact server +# +# http://radicale.org/ +# https://github.com/Kozea/Radicale +# +# Aaron LI +# Created: 2017-04-27 +# + + +# Not needed when using uWSGI +[server] +hosts = 127.0.0.1:5232 +daemon = True + +[auth] + +# Authentication method +# Value: none | htpasswd | remote_user | http_x_remote_user +# +# * None +# Allows all usernames and passwords. It also disables rights checking. +# * htpasswd +# Use an Apache htpasswd file to store usernames and passwords. +# * remote_user +# Takes the user name from the REMOTE_USER environment variable and +# disables HTTP authentication. This can be used to provide the user +# name from a WSGI server. +# * http_x_remote_user +# Takes the user name from the "X-Remote-User" HTTP header and disables +# HTTP authentication. This can be used to provide the user name from +# a reverse proxy. +# +#type = http_x_remote_user +type = remote_user + + +# Rights backend +[rights] + +# Value: none | authenticated | owner_only | owner_write | from_file +# +# * None : Everybody (including anonymous users) has read and +# write access to all collections; +# * authenticated : An authenticated users has read and write access +# to all collections, anonymous users have no access +# to these collections; +# * owner_only : Only owners have read and write access to their +# own collections. The other users, authenticated or +# anonymous, have no access to these collections; +# * owner_write : Authenticated users have read access to all collections, +# but only owners have write access to their own +# collections. And anonymous users have no access; +# * from_file : Rights are based on a regex-based file whose name +# is specified in this config file: [right]/file +# +type = owner_only + + +# Storage backend +[storage] + +type = multifilesystem +filesystem_folder = {{ radicale.home }} + +# Command that is run after changes to storage +# See: http://radicale.org/versioning/ +hook = ([ -d .git ] || git init) && git add -A && (git diff --cached --quiet || git commit -m "Changes by "%(user)s) + + +# Web interface backend +[web] + +# Value: none | internal +# +# * none : Just shows the message "Radicale works!". +# * internal : Allows creation and management of address books and calendars. +# +#type = internal +type = none + + +[logging] +config = {{ radicale.etcdir }}/logging +# The logging config file just specified will provide finer controls, so +# just set the default logging level to DEBUG. +debug = True + diff --git a/roles/radicale/templates/radicale.passwd.j2 b/roles/radicale/templates/radicale.passwd.j2 new file mode 100644 index 0000000..8c59c79 --- /dev/null +++ b/roles/radicale/templates/radicale.passwd.j2 @@ -0,0 +1,15 @@ +# +# Password for Nginx auth for Radicale. +# +# Aaron LI +# + +# name:pass +{% for user in radicale.users %} +# user: {{ user.name }} +{{ user.name }}:{{ user.pass | cryptpass }} +{% for dev in user.devices|default([]) %} +{{ user.name }}@{{ dev.name }}:{{ dev.pass | cryptpass }} +{% endfor %}{# devices #} +{% endfor %}{# user #} +# EOF -- cgit v1.2.2