---
radicale_server_username: radicale
radicale_server_home_dir: "/mnt/diskstation/CardDav"
radicale_service_state: started

# See https://radicale.org/configuration/
radicale_config:
  server:
    hosts:
      - addr: 0.0.0.0
        port: 5232
    #daemon: true
    #pid: /var/run/radicale/radicale.pid
    #max_connections: 20
    #max_connections: 100000000
    #timeout: 30


    # Consider TLS directives carefully before activating them.
    #ssl: true
    #certificate: "/etc/ssl/radicale.cert.pem"
    #key: "/etc/ssl/radicale.key.pem"
    #certificate_authority:
    #protocol: PROTOCOL_TLSv1_2
    #ciphers:
  #encoding:
    #request: utf-8
    #stock: utf-8
  auth:
    type: htpasswd
    htpasswd_filename: "{{ radicale_server_home_dir }}/users.htpasswd"
    htpasswd_encryption: md5
    delay: 1
    #realm: Radicale Realm
  rights:
    type: from_file
    file: "{{ radicale_server_home_dir }}/rights.conf"
  storage:
    type: multifilesystem
    filesystem_folder: "{{ radicale_server_home_dir }}/collections"

    # For an example of the `hook` directive in use, see
    # http://radicale.org/versioning/
    #hook:
  #web:
    #type: internal
  #headers:
    #X-Extra-HTTP-Header: foo
    #X-Another-Header: bar
  #logging:
    #level: false
    #mask_passwords: true
    #full_environment: false
    #config: "/etc/radicale/log.conf"

# List of Radicale user information as a dictionary.
radicale_users:
  - name: admin     # The username.
    password: "{{vault_CardDav}}" # Their password. This should probably be vault-encrypted.
    # As an alternative to a password, you can specify a bcrypt hash.
    # Create this hash using the standard `htpasswd` utility, then
    # paste it here. This method allows a user to generate a password
    # for their account themselves, and then send you the hash rather
    # than the plaintext.
    #md5_hash: "$2y$05$t31SnKFWj9UcMr5Y96cl3uBFkdhelqkZn77TnquIeVb9sriEByUPK"