update radicale

This commit is contained in:
vincent 2020-06-04 22:24:05 +02:00
parent 8732cc471b
commit 9615d2381f
4 changed files with 31 additions and 51 deletions

View File

@ -14,8 +14,8 @@ radicale_config:
#max_connections: 20
#max_connections: 100000000
#timeout: 30
dns_lookup: false
#realm: Radicale Realm
# Consider TLS directives carefully before activating them.
#ssl: true
#certificate: "/etc/ssl/radicale.cert.pem"
@ -29,16 +29,16 @@ radicale_config:
auth:
type: htpasswd
htpasswd_filename: "{{ radicale_server_home_dir }}/users.htpasswd"
htpasswd_encryption: bcrypt
htpasswd_encryption: md5
delay: 1
#realm: Radicale Realm
rights:
type: from_file
file: "{{ radicale_server_home_dir }}/rights.conf"
storage:
type: multifilesystem
filesystem_folder: "{{ radicale_server_home_dir }}/collections"
filesystem_locking: false
filesystem_fsync: true
# For an example of the `hook` directive in use, see
# http://radicale.org/versioning/
#hook:
@ -48,7 +48,7 @@ radicale_config:
#X-Extra-HTTP-Header: foo
#X-Another-Header: bar
#logging:
#debug: false
#level: false
#mask_passwords: true
#full_environment: false
#config: "/etc/radicale/log.conf"
@ -62,4 +62,4 @@ radicale_users:
# paste it here. This method allows a user to generate a password
# for their account themselves, and then send you the hash rather
# than the plaintext.
#bcrypt_hash: "$2y$05$t31SnKFWj9UcMr5Y96cl3uBFkdhelqkZn77TnquIeVb9sriEByUPK"
#md5_hash: "$2y$05$t31SnKFWj9UcMr5Y96cl3uBFkdhelqkZn77TnquIeVb9sriEByUPK"

View File

@ -1,29 +1,18 @@
################################################
# Radicale user rights configuration file. #
# #
# See http://radicale.org/rights/ for details. #
################################################
# Allow reading root collection for authenticated users
[root]
user: .+
collection:
permissions: R
## The user "admin" can read and write any collection.
#[admin]
#user = admin
#collection = .*
#permission = rw
# Allow reading and writing principal collection (same as user name)
[principal]
user: .+
collection: {user}
permissions: RW
# Authenticated users can list (discover) their own collections.
[owner-discover]
user = .+
collection = ^%(login)s$
permission = rw
# Authenticated users can read and write their own collections.
[owner-write]
user = .+
collection = ^%(login)s/.*
permission = rw
# Everyone can read the root collection
[read]
user = .*
collection =
permission = r
# Allow reading and writing calendars and address books that are direct
# children of the principal collection
[calendars]
user: .+
collection: {user}/[^/]+
permissions: rw

View File

@ -40,15 +40,15 @@
name: "{{ item.name }}"
password: "{{ item.password }}"
state: "{{ item.state | default('present') }}"
crypt_scheme: "bcrypt"
crypt_scheme: "apr_md5_crypt "
loop: "{{ radicale_users }}"
- name: Set Radicale user with password hash.
when: item.bcrypt_hash is defined
when: item.md5_hash is defined
no_log: true
lineinfile:
path: "{{ radicale_config.auth.htpasswd_filename | default('/var/lib/radicale/users.htpasswd') }}"
line: "{{ item.name }}:{{ item.bcrypt_hash }}"
line: "{{ item.name }}:{{ item.md5_hash }}"
state: "{{ item.state | default('present') }}"
loop: "{{ radicale_users }}"

View File

@ -26,12 +26,6 @@ max_content_length = {{ radicale_config.server.max_content_length | default(1000
{% if radicale_config.server.timeout is defined %}
timeout = {{ radicale_config.server.timeout | default(30) | int }}
{% endif %}
{% if radicale_config.server.dns_lookup is defined %}
dns_lookup = {{ radicale_config.server.dns_lookup | default(true) }}
{% endif %}
{% if radicale_config.server.realm is defined %}
realm = {{ radicale_config.server.realm | default('Radicale - Password Required') }}
{% endif %}
{% if radicale_config.server.ssl is defined %}
ssl = {{ radicale_config.server.ssl | default('false') }}
{% endif %}
@ -78,6 +72,9 @@ delay = {{ radicale_config.auth.delay | default('1') }}
{% endif %}
{% endif %}{# END if radicale_config.auth is defined #}
{% if radicale_config.rights is defined %}
{% if radicale_config.auth.realm is defined %}
realm = {{ radicale_config.auth.realm | default('Radicale - Password Required') }}
{% endif %}
[rights]
{% if radicale_config.rights.type is defined %}
@ -96,15 +93,9 @@ type = {{ radicale_config.storage.type | default('multifilesystem') }}
{% if radicale_config.storage.filesystem_folder is defined %}
filesystem_folder = {{ radicale_config.storage.filesystem_folder | default('/var/lib/radicale/collections') }}
{% endif %}
{% if radicale_config.storage.filesystem_locking is defined %}
filesystem_locking = {{ radicale_config.storage.filesystem_locking | default(true) }}
{% endif %}
{% if radicale_config.storage.max_sync_token_age is defined %}
max_sync_token_age = {{ radicale_config.storage.max_sync_token_age | default(2592000) | int }}
{% endif %}
{% if radicale_config.storage.filesystem_fsync is defined %}
filesystem_fsync = {{ radicale_config.storage.filesystem_fsync | default(true) }}
{% endif %}
{% if radicale_config.storage.hook is defined %}
hook = {{ radicale_config.storage.hook }}
{% endif %}
@ -126,8 +117,8 @@ type = {{ radicale_config.web.type | default('internal') }}
{% if radicale_config.logging is defined %}
[logging]
{% if radicale_config.logging.debug is defined %}
debug = {{ radicale_config.logging.debug | default(false) }}
{% if radicale_config.logging.level is defined %}
level = {{ radicale_config.logging.level | default(false) }}
{% endif %}
{% if radicale_config.logging.mask_passwords is defined %}
mask_passwords = {{ radicale_config.logging.mask_passwords | default(true) }}