Here's a new patch, which supersedes the others I sent to this bug report. In this one, the upstream config file is not used at all. Instead, /etc/radicale/config is entirely generated in postinst.
Note: This patch is for radicale 2.1.x series. - There are many debconf questions added, with medium or low priority, covering nearly all of the available configs supported by radicale. I left out a few that aren't useful in Debian. - The 2001_debianize_config patch is no longer needed, but is taken into account for debconf template defaults. - awk is used to read current config from disk in radicale.config. - augeas-tools is used to modify the config in postinst. - Only one debconf question has high priority, which is to ask whether to automatically handle config upgrades. - If there is an existing /etc/radicale/config file, first, any settings will be read into debconf database by radicale.config. If automatic config upgrade is selected, then in postinst, the file is moved to /etc/radicale/config.orig, and a new /etc/radicale/config is generated. -- James
From 56c39daac1cd09f16899b60dee19bdffc37dac29 Mon Sep 17 00:00:00 2001 From: James Valleroy <jvalle...@mailbox.org> Date: Sat, 19 Aug 2017 16:17:24 -0400 Subject: [PATCH] Add option for automatic config upgrade --- debian/control | 5 +- debian/control.in | 4 +- debian/patches/2001_debianize_config.patch | 19 -- debian/patches/series | 1 - debian/po/POTFILES.in | 1 + debian/po/templates.pot | 480 +++++++++++++++++++++++++++++ debian/radicale.config | 106 +++++++ debian/radicale.install | 1 - debian/radicale.postinst | 120 +++++++- debian/radicale.postrm | 2 + debian/radicale.templates | 202 ++++++++++++ 11 files changed, 909 insertions(+), 32 deletions(-) delete mode 100644 debian/patches/2001_debianize_config.patch create mode 100644 debian/po/POTFILES.in create mode 100644 debian/po/templates.pot create mode 100644 debian/radicale.config create mode 100644 debian/radicale.templates diff --git a/debian/control b/debian/control index d1ff4a2..8b2f38d 100644 --- a/debian/control +++ b/debian/control @@ -8,6 +8,7 @@ Build-Depends: cdbs, python3, debhelper, dh-buildinfo, + po-debconf, python3-setuptools, python3-vobject (>= 0.9.5), python3-atomicwrites, @@ -25,7 +26,9 @@ Depends: ${misc:Depends}, ${python:Depends}, python3-radicale (= ${binary:Version}), python3, - adduser + adduser, + augeas-tools, + debconf, Recommends: ssl-cert Suggests: ${cdbs:Suggests} Provides: ${python:Provides} diff --git a/debian/control.in b/debian/control.in index 3fefba8..e0750d0 100644 --- a/debian/control.in +++ b/debian/control.in @@ -15,7 +15,9 @@ Depends: ${misc:Depends}, ${python:Depends}, python3-radicale (= ${binary:Version}), python3, - adduser + adduser, + augeas-tools, + debconf, Recommends: ssl-cert Suggests: ${cdbs:Suggests} Provides: ${python:Provides} diff --git a/debian/patches/2001_debianize_config.patch b/debian/patches/2001_debianize_config.patch deleted file mode 100644 index 3170fd5..0000000 --- a/debian/patches/2001_debianize_config.patch +++ /dev/null @@ -1,19 +0,0 @@ -Description: Adapt config to use snakeoil certificate. -Author: Jonas Smedegaard <d...@jones.dk> -Last-Update: 2017-06-27 - ---- a/config -+++ b/config -@@ -36,10 +36,10 @@ - #ssl = False - - # SSL certificate path --#certificate = /etc/ssl/radicale.cert.pem -+certificate = /etc/ssl/certs/ssl-cert-snakeoil.pem - - # SSL private key --#key = /etc/ssl/radicale.key.pem -+key = /etc/ssl/private/ssl-cert-snakeoil.key - - # CA certificate for validating clients. This can be used to secure - # TCP traffic between Radicale and a reverse proxy diff --git a/debian/patches/series b/debian/patches/series index 7483774..63bd2d7 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,2 +1 @@ -2001_debianize_config.patch 2002_avoid_missing_pytest_ext.patch diff --git a/debian/po/POTFILES.in b/debian/po/POTFILES.in new file mode 100644 index 0000000..6089075 --- /dev/null +++ b/debian/po/POTFILES.in @@ -0,0 +1 @@ +[type: gettext/rfc822deb] radicale.templates diff --git a/debian/po/templates.pot b/debian/po/templates.pot new file mode 100644 index 0000000..becc2d4 --- /dev/null +++ b/debian/po/templates.pot @@ -0,0 +1,480 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the radicale package. +# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: radicale\n" +"Report-Msgid-Bugs-To: radic...@packages.debian.org\n" +"POT-Creation-Date: 2017-08-12 21:27-0400\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" +"Language-Team: LANGUAGE <l...@li.org>\n" +"Language: \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=CHARSET\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../radicale.templates:1001 +msgid "Use automatic configuration upgrades?" +msgstr "" + +#. Type: boolean +#. Description +#: ../radicale.templates:1001 +msgid "" +"If enabled, the radicale package will handle upgrading the configuration in /" +"etc/radicale/config. Obsolete options will be removed, and any new mandatory " +"options will be added." +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:2001 +msgid "CalDAV server hostnames separated by a comma:" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:2001 +msgid "" +"IPv4 syntax: address:port IPv6 syntax: [address]:port For example: " +"0.0.0.0:9999, [::]:9999" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:3001 +msgid "Max parallel connections:" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:3001 +msgid "If left blank, the default value (20) is used." +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:4001 +msgid "Max size of request body (bytes):" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:4001 +msgid "If left blank, the default value (10000000) is used." +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:5001 +msgid "Socket timeout (seconds):" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:5001 +msgid "If left blank, the default value (10) is used." +msgstr "" + +#. Type: boolean +#. Description +#: ../radicale.templates:6001 +msgid "SSL flag, enable HTTPS protocol?" +msgstr "" + +#. Type: boolean +#. Description +#: ../radicale.templates:6001 +msgid "" +"This enables the SSL transport layer encryption feature built-in to " +"Radicale. It is not needed if SSL is provided by a reverse proxy web server " +"that runs in front of Radicale." +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:7001 +msgid "SSL certificate path:" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:8001 +msgid "SSL private key:" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:9001 +msgid "CA certificate for validating clients:" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:9001 +msgid "" +"This can be used to secure TCP traffic between Radicale and a reverse proxy." +msgstr "" + +#. Type: boolean +#. Description +#: ../radicale.templates:10001 +msgid "Reverse DNS to resolve client address in logs?" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:11001 +msgid "SSL Protocol used:" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:11001 +msgid "See python's ssl module for available values." +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:11001 +msgid "If left blank, the default value (PROTOCOL_TLSv1_2) is used." +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:12001 +msgid "Available ciphers:" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:12001 +msgid "See python's ssl module for available ciphers." +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:13001 +msgid "Message displayed in the client when a password is needed:" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:13001 +msgid "" +"If left blank, the default value (Radicale - Password Required) is used." +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:14001 +msgid "Encoding for responding requests:" +msgstr "" + +#. Type: string +#. Description +#. Type: string +#. Description +#: ../radicale.templates:14001 ../radicale.templates:15001 +msgid "If left blank, the default value (utf-8) is used." +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:15001 +msgid "Encoding for storing local collections:" +msgstr "" + +#. Type: select +#. Choices +#. Type: select +#. Choices +#. Type: select +#. Choices +#: ../radicale.templates:16001 ../radicale.templates:20001 +#: ../radicale.templates:28001 +msgid "None" +msgstr "" + +#. Type: select +#. Choices +#: ../radicale.templates:16001 +msgid "htpasswd" +msgstr "" + +#. Type: select +#. Choices +#: ../radicale.templates:16001 +msgid "remote_user" +msgstr "" + +#. Type: select +#. Choices +#: ../radicale.templates:16001 +msgid "http_x_remote_user" +msgstr "" + +#. Type: select +#. Description +#: ../radicale.templates:16002 +msgid "Authentication method:" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:17001 +msgid "Htpasswd filename:" +msgstr "" + +#. Type: select +#. Choices +#: ../radicale.templates:18001 +msgid "plain" +msgstr "" + +#. Type: select +#. Choices +#: ../radicale.templates:18001 +msgid "sha1" +msgstr "" + +#. Type: select +#. Choices +#: ../radicale.templates:18001 +msgid "ssha" +msgstr "" + +#. Type: select +#. Choices +#: ../radicale.templates:18001 +msgid "crypt" +msgstr "" + +#. Type: select +#. Choices +#: ../radicale.templates:18001 +msgid "bcrypt" +msgstr "" + +#. Type: select +#. Choices +#: ../radicale.templates:18001 +msgid "md5" +msgstr "" + +#. Type: select +#. Description +#: ../radicale.templates:18002 +msgid "Htpasswd encryption method:" +msgstr "" + +#. Type: select +#. Description +#: ../radicale.templates:18002 +msgid "bcrypt is recommended for security." +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:19001 +msgid "Incorrect authentication delay (seconds):" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:19001 +msgid "If left blank, the default value (1) is used." +msgstr "" + +#. Type: select +#. Choices +#: ../radicale.templates:20001 +msgid "authenticated" +msgstr "" + +#. Type: select +#. Choices +#: ../radicale.templates:20001 +msgid "owner_only" +msgstr "" + +#. Type: select +#. Choices +#: ../radicale.templates:20001 +msgid "owner_write" +msgstr "" + +#. Type: select +#. Choices +#: ../radicale.templates:20001 +msgid "from_file" +msgstr "" + +#. Type: select +#. Description +#: ../radicale.templates:20002 +msgid "Rights backend:" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:21001 +msgid "File for rights management from_file:" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:21001 +msgid "If left blank, the default value (/etc/radicale/rights) is used." +msgstr "" + +#. Type: select +#. Choices +#: ../radicale.templates:22001 +msgid "multifilesystem" +msgstr "" + +#. Type: select +#. Description +#: ../radicale.templates:22002 +msgid "Storage backend:" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:23001 +msgid "Folder for storing local collections:" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:23001 +msgid "The folder will be created if not present." +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:23001 +msgid "" +"If left blank, the default value (/var/lib/radicale/collections) is used." +msgstr "" + +#. Type: boolean +#. Description +#: ../radicale.templates:24001 +msgid "Lock the storage?" +msgstr "" + +#. Type: boolean +#. Description +#: ../radicale.templates:24001 +msgid "" +"Never start multiple instances of Radicale or edit the storage externally " +"while Radicale is running if locking is disabled." +msgstr "" + +#. Type: boolean +#. Description +#: ../radicale.templates:25001 +msgid "Sync all changes to disk during requests?" +msgstr "" + +#. Type: boolean +#. Description +#: ../radicale.templates:25001 +msgid "" +"This can impair performance. However, disabling it increases the risk of " +"data loss, when the system crashes or power fails!" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:26001 +msgid "Delete sync token that are older than (seconds):" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:26001 +msgid "If left blank, the default value (2592000) is used." +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:27001 +msgid "Command that is run after changes to storage:" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:27001 +#, no-c-format +msgid "" +"Example: ([ -d .git ] || git init) && git add -A && (git diff --cached --" +"quiet || git commit -m \"Changes by \"%(user)s)" +msgstr "" + +#. Type: select +#. Choices +#: ../radicale.templates:28001 +msgid "internal" +msgstr "" + +#. Type: select +#. Description +#: ../radicale.templates:28002 +msgid "Web interface backend:" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:29001 +msgid "Logging configuration file:" +msgstr "" + +#. Type: string +#. Description +#: ../radicale.templates:29001 +msgid "" +"If no config is given, simple information is printed on the standard output " +"For more information about the syntax of the configuration file, see: http://" +"docs.python.org/library/logging.config.html" +msgstr "" + +#. Type: boolean +#. Description +#: ../radicale.templates:30001 +msgid "Set the default logging level to debug?" +msgstr "" + +#. Type: boolean +#. Description +#: ../radicale.templates:31001 +msgid "Store all environment variables (including those set in the shell)?" +msgstr "" + +#. Type: boolean +#. Description +#: ../radicale.templates:32001 +msgid "Mask passwords in logs?" +msgstr "" + +#. Type: boolean +#. Description +#: ../radicale.templates:33001 +msgid "Ask clients to relax same-origin policy?" +msgstr "" + +#. Type: boolean +#. Description +#: ../radicale.templates:33001 +msgid "" +"If enabled, Radicale will send an additional HTTP header, \"Access-Control-" +"Allow-Origin: *\" to clients, to relax the same-origin policy." +msgstr "" diff --git a/debian/radicale.config b/debian/radicale.config new file mode 100644 index 0000000..8cc0dbe --- /dev/null +++ b/debian/radicale.config @@ -0,0 +1,106 @@ +#!/bin/sh +set -e + +. /usr/share/debconf/confmodule +db_version 2.0 + +get_config_option() { + # If "name" exists in "section", print its value to stdout. + awk -F'=' -v section="[$1]" -v name="$2" ' +$0==section{ flag=1; next } # Set flag when entering given section. +/^\[/{ flag=0; next } # Disable flag when entering another section. +flag && $1==name{ print $2 } # If flag is set and name matches, print value. +' /etc/radicale/config 2>/dev/null +} + +store_config_value() { + SECTION="$1" + KEY="$2" + + # Don't store configs missing from file. + if grep -q "^$KEY\s*=" /etc/radicale/config; then + # Store value from config file into debconf db. + VALUE=$(get_config_option "$SECTION" "$KEY") + db_set "radicale/${SECTION}_${KEY}" "$VALUE" + fi +} + +# Load config file, if it exists. +if [ -f /etc/radicale/config ]; then + store_config_value server hosts + store_config_value server max_connections + store_config_value server max_content_length + store_config_value server timeout + store_config_value server ssl + store_config_value server certificate + store_config_value server key + store_config_value server certificate_authority + store_config_value server dns_lookup + store_config_value server protocol + store_config_value server ciphers + store_config_value server realm + store_config_value encoding request + store_config_value encoding stock + store_config_value auth type + store_config_value auth htpasswd_filename + store_config_value auth htpasswd_encryption + store_config_value auth delay + store_config_value rights type + store_config_value rights file + store_config_value storage type + store_config_value storage filesystem_folder + store_config_value storage filesystem_locking + store_config_value storage filesystem_fsync + store_config_value storage max_sync_token_age + store_config_value storage hook + store_config_value web type + store_config_value logging config + store_config_value logging debug + store_config_value logging full_environment + store_config_value logging mask_passwords + + if grep -q "^Access-Control-Allow-Origin = *" /etc/radicale/config; then + db_set radicale/relax_same_origin_policy true + else + db_set radicale/relax_same_origin_policy false + fi +fi + +# Ask if we should manage the config file. +db_input high radicale/upgrade_config || true + +# Configuration questions (not shown with default debconf setting) +db_input medium radicale/server_hosts || true +db_input low radicale/server_max_connections || true +db_input low radicale/server_max_content_length || true +db_input low radicale/server_timeout || true +db_input medium radicale/server_ssl || true +db_input low radicale/server_certificate || true +db_input low radicale/server_key || true +db_input low radicale/server_certificate_authority || true +db_input low radicale/server_dns_lookup || true +db_input low radicale/server_protocol || true +db_input low radicale/server_ciphers || true +db_input low radicale/server_realm || true +db_input low radicale/encoding_request || true +db_input low radicale/encoding_stock || true +db_input medium radicale/auth_type || true +db_input low radicale/auth_htpasswd_filename || true +db_input low radicale/auth_htpasswd_encryption || true +db_input low radicale/auth_delay || true +db_input medium radicale/rights_type || true +db_input low radicale/rights_file || true +db_input low radicale/storage_type || true +db_input low radicale/storage_filesystem_folder || true +db_input low radicale/storage_filesystem_locking || true +db_input low radicale/storage_filesystem_fsync || true +db_input low radicale/storage_max_sync_token_age || true +db_input low radicale/storage_hook || true +db_input low radicale/web_type || true +db_input low radicale/logging_config || true +db_input low radicale/logging_debug || true +db_input low radicale/logging_full_environment || true +db_input low radicale/logging_mask_passwords || true +db_input low radicale/relax_same_origin_policy || true + +db_go || true diff --git a/debian/radicale.install b/debian/radicale.install index d164637..17dd275 100644 --- a/debian/radicale.install +++ b/debian/radicale.install @@ -1,5 +1,4 @@ usr/bin -config /etc/radicale/ logging /etc/radicale/ radicale.wsgi /usr/share/radicale/ radicale.fcgi /usr/share/radicale/ diff --git a/debian/radicale.postinst b/debian/radicale.postinst index 93d7596..9cc4f76 100644 --- a/debian/radicale.postinst +++ b/debian/radicale.postinst @@ -5,20 +5,122 @@ set -e NAME=radicale ACCOUNTNAME=$NAME -DAEMON_UID=$ACCOUNTNAME -DAEMON_GID=$ACCOUNTNAME CALDIR=/var/lib/$NAME ACCOUNTHOME=$CALDIR GECOS="Radicale CalDAV server" +. /usr/share/debconf/confmodule +db_version 2.0 + +augeas_get_config() { + KEY="$1" + + cat <<EOF | augtool -L -A +set /augeas/load/Puppet/lens Puppet.lns +set /augeas/load/Puppet/incl[last() + 1] /etc/radicale/config +load +get "/files/etc/radicale/config/$KEY" +save +EOF +} + +augeas_set_config() { + KEY="$1" + VALUE="$2" + + cat <<EOF | augtool -L -A +set /augeas/load/Puppet/lens Puppet.lns +set /augeas/load/Puppet/incl[last() + 1] /etc/radicale/config +load +set "/files/etc/radicale/config/$KEY" "$VALUE" +save +EOF +} + +augeas_rm_config() { + KEY="$1" + + cat <<EOF | augtool -L -A +set /augeas/load/Puppet/lens Puppet.lns +set /augeas/load/Puppet/incl[last() + 1] /etc/radicale/config +load +rm "/files/etc/radicale/config/$KEY" +save +EOF +} + +set_config_value() { + SECTION="$1" + KEY="$2" + DEFAULT="$3" + + # Write value from debconf db to config file, if not default value. + db_get "radicale/${SECTION}_${KEY}" || true + if [ -n "$RET" ] && [ "$RET" != "$DEFAULT" ]; then + augeas_set_config "$SECTION/$KEY" "$RET" + fi +} + case "$1" in - configure) - if ! getent passwd $ACCOUNTNAME >/dev/null 2>&1; then - adduser --system --home $ACCOUNTHOME --no-create-home \ - --gecos "$GECOS" --group --disabled-password \ - --quiet $ACCOUNTNAME - fi - ;; + configure) + if ! getent passwd $ACCOUNTNAME >/dev/null 2>&1; then + adduser --system --home $ACCOUNTHOME --no-create-home \ + --gecos "$GECOS" --group --disabled-password \ + --quiet $ACCOUNTNAME + fi + + db_get radicale/upgrade_config || true + if [ "$RET" = "true" ]; then + # Replace current file if it exists. Any valid settings + # will have been read in to debconf already. + if [ -f /etc/radicale/config ]; then + mv /etc/radicale/config /etc/radicale/config.orig + fi + fi + + # Write configuration selected by user (or loaded from disk). + set_config_value server hosts + set_config_value server max_connections + set_config_value server max_content_length + set_config_value server timeout + set_config_value server ssl false + set_config_value server certificate + set_config_value server key + set_config_value server certificate_authority + set_config_value server dns_lookup true + set_config_value server protocol + set_config_value server ciphers + set_config_value server realm + set_config_value encoding request + set_config_value encoding stock + set_config_value auth type None + set_config_value auth htpasswd_filename + set_config_value auth htpasswd_encryption bcrypt + set_config_value auth delay + set_config_value rights type owner_only + set_config_value rights file + set_config_value storage type multifilesystem + set_config_value storage filesystem_folder + set_config_value storage filesystem_locking true + set_config_value storage filesystem_fsync true + set_config_value storage max_sync_token_age + set_config_value storage hook + set_config_value web type internal + set_config_value logging config + set_config_value logging debug false + set_config_value logging full_environment false + set_config_value logging mask_passwords true + + db_get radicale/relax_same_origin_policy || true + if [ "$RET" = "true" ]; then + augeas_set_config headers/Access-Control-Allow-Origin "*" + else + if grep -q "^Access-Control-Allow-Origin\s*=\s*\*" \ + /etc/radicale/config; then + augeas_rm_config headers/Access-Control-Allow-Origin + fi + fi + ;; esac #DEBHELPER# diff --git a/debian/radicale.postrm b/debian/radicale.postrm index f01118a..b956520 100644 --- a/debian/radicale.postrm +++ b/debian/radicale.postrm @@ -13,6 +13,8 @@ case "$1" in ;; purge) + rm -f /etc/radicale/config + rm -f /etc/radicale/config.orig rm -rf $LOGDIR # We do NOT remove the system user. diff --git a/debian/radicale.templates b/debian/radicale.templates new file mode 100644 index 0000000..80f6258 --- /dev/null +++ b/debian/radicale.templates @@ -0,0 +1,202 @@ +Template: radicale/upgrade_config +Type: boolean +Default: true +_Description: Use automatic configuration upgrades? + If enabled, the radicale package will handle upgrading the + configuration in /etc/radicale/config. Obsolete options will be + removed, and any new mandatory options will be added. + +Template: radicale/server_hosts +Type: string +Default: 127.0.0.1:5232, [::1]:5232 +_Description: CalDAV server hostnames separated by a comma: + IPv4 syntax: address:port + IPv6 syntax: [address]:port + For example: 0.0.0.0:9999, [::]:9999 + +Template: radicale/server_max_connections +Type: string +_Description: Max parallel connections: + . + If left blank, the default value (20) is used. + +Template: radicale/server_max_content_length +Type: string +_Description: Max size of request body (bytes): + . + If left blank, the default value (10000000) is used. + +Template: radicale/server_timeout +Type: string +_Description: Socket timeout (seconds): + . + If left blank, the default value (10) is used. + +Template: radicale/server_ssl +Type: boolean +Default: false +_Description: SSL flag, enable HTTPS protocol? + This enables the SSL transport layer encryption feature built-in to + Radicale. It is not needed if SSL is provided by a reverse proxy web + server that runs in front of Radicale. + +Template: radicale/server_certificate +Type: string +Default: /etc/ssl/certs/ssl-cert-snakeoil.pem +_Description: SSL certificate path: + +Template: radicale/server_key +Type: string +Default: /etc/ssl/private/ssl-cert-snakeoil.key +_Description: SSL private key: + +Template: radicale/server_certificate_authority +Type: string +_Description: CA certificate for validating clients: + This can be used to secure TCP traffic between Radicale and a reverse + proxy. + +Template: radicale/server_dns_lookup +Type: boolean +Default: true +_Description: Reverse DNS to resolve client address in logs? + +Template: radicale/server_protocol +Type: string +_Description: SSL Protocol used: + See python's ssl module for available values. + . + If left blank, the default value (PROTOCOL_TLSv1_2) is used. + +Template: radicale/server_ciphers +Type: string +_Description: Available ciphers: + See python's ssl module for available ciphers. + +Template: radicale/server_realm +Type: string +_Description: Message displayed in the client when a password is needed: + . + If left blank, the default value (Radicale - Password Required) is used. + +Template: radicale/encoding_request +Type: string +_Description: Encoding for responding requests: + . + If left blank, the default value (utf-8) is used. + +Template: radicale/encoding_stock +Type: string +_Description: Encoding for storing local collections: + . + If left blank, the default value (utf-8) is used. + +Template: radicale/auth_type +Type: select +__Choices: None, htpasswd, remote_user, http_x_remote_user +Default: None +_Description: Authentication method: + +Template: radicale/auth_htpasswd_filename +Type: string +_Description: Htpasswd filename: + +Template: radicale/auth_htpasswd_encryption +Type: select +__Choices: plain, sha1, ssha, crypt, bcrypt, md5 +Default: bcrypt +_Description: Htpasswd encryption method: + bcrypt is recommended for security. + +Template: radicale/auth_delay +Type: string +_Description: Incorrect authentication delay (seconds): + . + If left blank, the default value (1) is used. + +Template: radicale/rights_type +Type: select +__Choices: None, authenticated, owner_only, owner_write, from_file +Default: owner_only +_Description: Rights backend: + +Template: radicale/rights_file +Type: string +_Description: File for rights management from_file: + . + If left blank, the default value (/etc/radicale/rights) is used. + +Template: radicale/storage_type +Type: select +__Choices: multifilesystem +Default: multifilesystem +_Description: Storage backend: + +Template: radicale/storage_filesystem_folder +Type: string +_Description: Folder for storing local collections: + The folder will be created if not present. + . + If left blank, the default value (/var/lib/radicale/collections) is used. + +Template: radicale/storage_filesystem_locking +Type: boolean +Default: true +_Description: Lock the storage? + Never start multiple instances of Radicale or edit the storage + externally while Radicale is running if locking is disabled. + +Template: radicale/storage_filesystem_fsync +Type: boolean +Default: true +_Description: Sync all changes to disk during requests? + This can impair performance. However, disabling it increases the risk + of data loss, when the system crashes or power fails! + +Template: radicale/storage_max_sync_token_age +Type: string +_Description: Delete sync token that are older than (seconds): + . + If left blank, the default value (2592000) is used. + +Template: radicale/storage_hook +Type: string +_Description: Command that is run after changes to storage: + Example: ([ -d .git ] || git init) && git add -A && (git diff --cached + --quiet || git commit -m "Changes by "%(user)s) + +Template: radicale/web_type +Type: select +__Choices: None, internal +Default: internal +_Description: Web interface backend: + +Template: radicale/logging_config +Type: string +_Description: Logging configuration file: + If no config is given, simple information is printed on the standard + output For more information about the syntax of the configuration + file, see: http://docs.python.org/library/logging.config.html + +Template: radicale/logging_debug +Type: boolean +Default: false +_Description: Set the default logging level to debug? + +Template: radicale/logging_full_environment +Type: boolean +Default: false +_Description: Store all environment variables (including those set in the shell)? + +Template: radicale/logging_mask_passwords +Type: boolean +Default: true +_Description: Mask passwords in logs? + +Template: radicale/relax_same_origin_policy +Type: boolean +Default: false +_Description: Ask clients to relax same-origin policy? + If enabled, Radicale will send an additional HTTP header, + "Access-Control-Allow-Origin: *" to clients, to relax the same-origin + policy. -- 2.11.0
signature.asc
Description: OpenPGP digital signature