Here's a new patch, which supersedes the others I sent to this bug report. In this one, the upstream config file is not used at all. Instead, /etc/radicale/config is entirely generated in postinst.
Note: This patch is for radicale 2.1.x series. - There are many debconf questions added, with medium or low priority, covering nearly all of the available configs supported by radicale. I left out a few that aren't useful in Debian. - The 2001_debianize_config patch is no longer needed, but is taken into account for debconf template defaults. - awk is used to read current config from disk in radicale.config. - augeas-tools is used to modify the config in postinst. - Only one debconf question has high priority, which is to ask whether to automatically handle config upgrades. - If there is an existing /etc/radicale/config file, first, any settings will be read into debconf database by radicale.config. If automatic config upgrade is selected, then in postinst, the file is moved to /etc/radicale/config.orig, and a new /etc/radicale/config is generated. -- James
From 56c39daac1cd09f16899b60dee19bdffc37dac29 Mon Sep 17 00:00:00 2001
From: James Valleroy <jvalle...@mailbox.org>
Date: Sat, 19 Aug 2017 16:17:24 -0400
Subject: [PATCH] Add option for automatic config upgrade
---
debian/control | 5 +-
debian/control.in | 4 +-
debian/patches/2001_debianize_config.patch | 19 --
debian/patches/series | 1 -
debian/po/POTFILES.in | 1 +
debian/po/templates.pot | 480 +++++++++++++++++++++++++++++
debian/radicale.config | 106 +++++++
debian/radicale.install | 1 -
debian/radicale.postinst | 120 +++++++-
debian/radicale.postrm | 2 +
debian/radicale.templates | 202 ++++++++++++
11 files changed, 909 insertions(+), 32 deletions(-)
delete mode 100644 debian/patches/2001_debianize_config.patch
create mode 100644 debian/po/POTFILES.in
create mode 100644 debian/po/templates.pot
create mode 100644 debian/radicale.config
create mode 100644 debian/radicale.templates
diff --git a/debian/control b/debian/control
index d1ff4a2..8b2f38d 100644
--- a/debian/control
+++ b/debian/control
@@ -8,6 +8,7 @@ Build-Depends: cdbs,
python3,
debhelper,
dh-buildinfo,
+ po-debconf,
python3-setuptools,
python3-vobject (>= 0.9.5),
python3-atomicwrites,
@@ -25,7 +26,9 @@ Depends: ${misc:Depends},
${python:Depends},
python3-radicale (= ${binary:Version}),
python3,
- adduser
+ adduser,
+ augeas-tools,
+ debconf,
Recommends: ssl-cert
Suggests: ${cdbs:Suggests}
Provides: ${python:Provides}
diff --git a/debian/control.in b/debian/control.in
index 3fefba8..e0750d0 100644
--- a/debian/control.in
+++ b/debian/control.in
@@ -15,7 +15,9 @@ Depends: ${misc:Depends},
${python:Depends},
python3-radicale (= ${binary:Version}),
python3,
- adduser
+ adduser,
+ augeas-tools,
+ debconf,
Recommends: ssl-cert
Suggests: ${cdbs:Suggests}
Provides: ${python:Provides}
diff --git a/debian/patches/2001_debianize_config.patch b/debian/patches/2001_debianize_config.patch
deleted file mode 100644
index 3170fd5..0000000
--- a/debian/patches/2001_debianize_config.patch
+++ /dev/null
@@ -1,19 +0,0 @@
-Description: Adapt config to use snakeoil certificate.
-Author: Jonas Smedegaard <d...@jones.dk>
-Last-Update: 2017-06-27
-
---- a/config
-+++ b/config
-@@ -36,10 +36,10 @@
- #ssl = False
-
- # SSL certificate path
--#certificate = /etc/ssl/radicale.cert.pem
-+certificate = /etc/ssl/certs/ssl-cert-snakeoil.pem
-
- # SSL private key
--#key = /etc/ssl/radicale.key.pem
-+key = /etc/ssl/private/ssl-cert-snakeoil.key
-
- # CA certificate for validating clients. This can be used to secure
- # TCP traffic between Radicale and a reverse proxy
diff --git a/debian/patches/series b/debian/patches/series
index 7483774..63bd2d7 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1 @@
-2001_debianize_config.patch
2002_avoid_missing_pytest_ext.patch
diff --git a/debian/po/POTFILES.in b/debian/po/POTFILES.in
new file mode 100644
index 0000000..6089075
--- /dev/null
+++ b/debian/po/POTFILES.in
@@ -0,0 +1 @@
+[type: gettext/rfc822deb] radicale.templates
diff --git a/debian/po/templates.pot b/debian/po/templates.pot
new file mode 100644
index 0000000..becc2d4
--- /dev/null
+++ b/debian/po/templates.pot
@@ -0,0 +1,480 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the radicale package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: radicale\n"
+"Report-Msgid-Bugs-To: radic...@packages.debian.org\n"
+"POT-Creation-Date: 2017-08-12 21:27-0400\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: LANGUAGE <l...@li.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=CHARSET\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: boolean
+#. Description
+#: ../radicale.templates:1001
+msgid "Use automatic configuration upgrades?"
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../radicale.templates:1001
+msgid ""
+"If enabled, the radicale package will handle upgrading the configuration in /"
+"etc/radicale/config. Obsolete options will be removed, and any new mandatory "
+"options will be added."
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:2001
+msgid "CalDAV server hostnames separated by a comma:"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:2001
+msgid ""
+"IPv4 syntax: address:port IPv6 syntax: [address]:port For example: "
+"0.0.0.0:9999, [::]:9999"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:3001
+msgid "Max parallel connections:"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:3001
+msgid "If left blank, the default value (20) is used."
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:4001
+msgid "Max size of request body (bytes):"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:4001
+msgid "If left blank, the default value (10000000) is used."
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:5001
+msgid "Socket timeout (seconds):"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:5001
+msgid "If left blank, the default value (10) is used."
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../radicale.templates:6001
+msgid "SSL flag, enable HTTPS protocol?"
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../radicale.templates:6001
+msgid ""
+"This enables the SSL transport layer encryption feature built-in to "
+"Radicale. It is not needed if SSL is provided by a reverse proxy web server "
+"that runs in front of Radicale."
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:7001
+msgid "SSL certificate path:"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:8001
+msgid "SSL private key:"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:9001
+msgid "CA certificate for validating clients:"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:9001
+msgid ""
+"This can be used to secure TCP traffic between Radicale and a reverse proxy."
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../radicale.templates:10001
+msgid "Reverse DNS to resolve client address in logs?"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:11001
+msgid "SSL Protocol used:"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:11001
+msgid "See python's ssl module for available values."
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:11001
+msgid "If left blank, the default value (PROTOCOL_TLSv1_2) is used."
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:12001
+msgid "Available ciphers:"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:12001
+msgid "See python's ssl module for available ciphers."
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:13001
+msgid "Message displayed in the client when a password is needed:"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:13001
+msgid ""
+"If left blank, the default value (Radicale - Password Required) is used."
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:14001
+msgid "Encoding for responding requests:"
+msgstr ""
+
+#. Type: string
+#. Description
+#. Type: string
+#. Description
+#: ../radicale.templates:14001 ../radicale.templates:15001
+msgid "If left blank, the default value (utf-8) is used."
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:15001
+msgid "Encoding for storing local collections:"
+msgstr ""
+
+#. Type: select
+#. Choices
+#. Type: select
+#. Choices
+#. Type: select
+#. Choices
+#: ../radicale.templates:16001 ../radicale.templates:20001
+#: ../radicale.templates:28001
+msgid "None"
+msgstr ""
+
+#. Type: select
+#. Choices
+#: ../radicale.templates:16001
+msgid "htpasswd"
+msgstr ""
+
+#. Type: select
+#. Choices
+#: ../radicale.templates:16001
+msgid "remote_user"
+msgstr ""
+
+#. Type: select
+#. Choices
+#: ../radicale.templates:16001
+msgid "http_x_remote_user"
+msgstr ""
+
+#. Type: select
+#. Description
+#: ../radicale.templates:16002
+msgid "Authentication method:"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:17001
+msgid "Htpasswd filename:"
+msgstr ""
+
+#. Type: select
+#. Choices
+#: ../radicale.templates:18001
+msgid "plain"
+msgstr ""
+
+#. Type: select
+#. Choices
+#: ../radicale.templates:18001
+msgid "sha1"
+msgstr ""
+
+#. Type: select
+#. Choices
+#: ../radicale.templates:18001
+msgid "ssha"
+msgstr ""
+
+#. Type: select
+#. Choices
+#: ../radicale.templates:18001
+msgid "crypt"
+msgstr ""
+
+#. Type: select
+#. Choices
+#: ../radicale.templates:18001
+msgid "bcrypt"
+msgstr ""
+
+#. Type: select
+#. Choices
+#: ../radicale.templates:18001
+msgid "md5"
+msgstr ""
+
+#. Type: select
+#. Description
+#: ../radicale.templates:18002
+msgid "Htpasswd encryption method:"
+msgstr ""
+
+#. Type: select
+#. Description
+#: ../radicale.templates:18002
+msgid "bcrypt is recommended for security."
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:19001
+msgid "Incorrect authentication delay (seconds):"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:19001
+msgid "If left blank, the default value (1) is used."
+msgstr ""
+
+#. Type: select
+#. Choices
+#: ../radicale.templates:20001
+msgid "authenticated"
+msgstr ""
+
+#. Type: select
+#. Choices
+#: ../radicale.templates:20001
+msgid "owner_only"
+msgstr ""
+
+#. Type: select
+#. Choices
+#: ../radicale.templates:20001
+msgid "owner_write"
+msgstr ""
+
+#. Type: select
+#. Choices
+#: ../radicale.templates:20001
+msgid "from_file"
+msgstr ""
+
+#. Type: select
+#. Description
+#: ../radicale.templates:20002
+msgid "Rights backend:"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:21001
+msgid "File for rights management from_file:"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:21001
+msgid "If left blank, the default value (/etc/radicale/rights) is used."
+msgstr ""
+
+#. Type: select
+#. Choices
+#: ../radicale.templates:22001
+msgid "multifilesystem"
+msgstr ""
+
+#. Type: select
+#. Description
+#: ../radicale.templates:22002
+msgid "Storage backend:"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:23001
+msgid "Folder for storing local collections:"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:23001
+msgid "The folder will be created if not present."
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:23001
+msgid ""
+"If left blank, the default value (/var/lib/radicale/collections) is used."
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../radicale.templates:24001
+msgid "Lock the storage?"
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../radicale.templates:24001
+msgid ""
+"Never start multiple instances of Radicale or edit the storage externally "
+"while Radicale is running if locking is disabled."
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../radicale.templates:25001
+msgid "Sync all changes to disk during requests?"
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../radicale.templates:25001
+msgid ""
+"This can impair performance. However, disabling it increases the risk of "
+"data loss, when the system crashes or power fails!"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:26001
+msgid "Delete sync token that are older than (seconds):"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:26001
+msgid "If left blank, the default value (2592000) is used."
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:27001
+msgid "Command that is run after changes to storage:"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:27001
+#, no-c-format
+msgid ""
+"Example: ([ -d .git ] || git init) && git add -A && (git diff --cached --"
+"quiet || git commit -m \"Changes by \"%(user)s)"
+msgstr ""
+
+#. Type: select
+#. Choices
+#: ../radicale.templates:28001
+msgid "internal"
+msgstr ""
+
+#. Type: select
+#. Description
+#: ../radicale.templates:28002
+msgid "Web interface backend:"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:29001
+msgid "Logging configuration file:"
+msgstr ""
+
+#. Type: string
+#. Description
+#: ../radicale.templates:29001
+msgid ""
+"If no config is given, simple information is printed on the standard output "
+"For more information about the syntax of the configuration file, see: http://";
+"docs.python.org/library/logging.config.html"
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../radicale.templates:30001
+msgid "Set the default logging level to debug?"
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../radicale.templates:31001
+msgid "Store all environment variables (including those set in the shell)?"
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../radicale.templates:32001
+msgid "Mask passwords in logs?"
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../radicale.templates:33001
+msgid "Ask clients to relax same-origin policy?"
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../radicale.templates:33001
+msgid ""
+"If enabled, Radicale will send an additional HTTP header, \"Access-Control-"
+"Allow-Origin: *\" to clients, to relax the same-origin policy."
+msgstr ""
diff --git a/debian/radicale.config b/debian/radicale.config
new file mode 100644
index 0000000..8cc0dbe
--- /dev/null
+++ b/debian/radicale.config
@@ -0,0 +1,106 @@
+#!/bin/sh
+set -e
+
+. /usr/share/debconf/confmodule
+db_version 2.0
+
+get_config_option() {
+ # If "name" exists in "section", print its value to stdout.
+ awk -F'=' -v section="[$1]" -v name="$2" '
+$0==section{ flag=1; next } # Set flag when entering given section.
+/^\[/{ flag=0; next } # Disable flag when entering another section.
+flag && $1==name{ print $2 } # If flag is set and name matches, print value.
+' /etc/radicale/config 2>/dev/null
+}
+
+store_config_value() {
+ SECTION="$1"
+ KEY="$2"
+
+ # Don't store configs missing from file.
+ if grep -q "^$KEY\s*=" /etc/radicale/config; then
+ # Store value from config file into debconf db.
+ VALUE=$(get_config_option "$SECTION" "$KEY")
+ db_set "radicale/${SECTION}_${KEY}" "$VALUE"
+ fi
+}
+
+# Load config file, if it exists.
+if [ -f /etc/radicale/config ]; then
+ store_config_value server hosts
+ store_config_value server max_connections
+ store_config_value server max_content_length
+ store_config_value server timeout
+ store_config_value server ssl
+ store_config_value server certificate
+ store_config_value server key
+ store_config_value server certificate_authority
+ store_config_value server dns_lookup
+ store_config_value server protocol
+ store_config_value server ciphers
+ store_config_value server realm
+ store_config_value encoding request
+ store_config_value encoding stock
+ store_config_value auth type
+ store_config_value auth htpasswd_filename
+ store_config_value auth htpasswd_encryption
+ store_config_value auth delay
+ store_config_value rights type
+ store_config_value rights file
+ store_config_value storage type
+ store_config_value storage filesystem_folder
+ store_config_value storage filesystem_locking
+ store_config_value storage filesystem_fsync
+ store_config_value storage max_sync_token_age
+ store_config_value storage hook
+ store_config_value web type
+ store_config_value logging config
+ store_config_value logging debug
+ store_config_value logging full_environment
+ store_config_value logging mask_passwords
+
+ if grep -q "^Access-Control-Allow-Origin = *" /etc/radicale/config; then
+ db_set radicale/relax_same_origin_policy true
+ else
+ db_set radicale/relax_same_origin_policy false
+ fi
+fi
+
+# Ask if we should manage the config file.
+db_input high radicale/upgrade_config || true
+
+# Configuration questions (not shown with default debconf setting)
+db_input medium radicale/server_hosts || true
+db_input low radicale/server_max_connections || true
+db_input low radicale/server_max_content_length || true
+db_input low radicale/server_timeout || true
+db_input medium radicale/server_ssl || true
+db_input low radicale/server_certificate || true
+db_input low radicale/server_key || true
+db_input low radicale/server_certificate_authority || true
+db_input low radicale/server_dns_lookup || true
+db_input low radicale/server_protocol || true
+db_input low radicale/server_ciphers || true
+db_input low radicale/server_realm || true
+db_input low radicale/encoding_request || true
+db_input low radicale/encoding_stock || true
+db_input medium radicale/auth_type || true
+db_input low radicale/auth_htpasswd_filename || true
+db_input low radicale/auth_htpasswd_encryption || true
+db_input low radicale/auth_delay || true
+db_input medium radicale/rights_type || true
+db_input low radicale/rights_file || true
+db_input low radicale/storage_type || true
+db_input low radicale/storage_filesystem_folder || true
+db_input low radicale/storage_filesystem_locking || true
+db_input low radicale/storage_filesystem_fsync || true
+db_input low radicale/storage_max_sync_token_age || true
+db_input low radicale/storage_hook || true
+db_input low radicale/web_type || true
+db_input low radicale/logging_config || true
+db_input low radicale/logging_debug || true
+db_input low radicale/logging_full_environment || true
+db_input low radicale/logging_mask_passwords || true
+db_input low radicale/relax_same_origin_policy || true
+
+db_go || true
diff --git a/debian/radicale.install b/debian/radicale.install
index d164637..17dd275 100644
--- a/debian/radicale.install
+++ b/debian/radicale.install
@@ -1,5 +1,4 @@
usr/bin
-config /etc/radicale/
logging /etc/radicale/
radicale.wsgi /usr/share/radicale/
radicale.fcgi /usr/share/radicale/
diff --git a/debian/radicale.postinst b/debian/radicale.postinst
index 93d7596..9cc4f76 100644
--- a/debian/radicale.postinst
+++ b/debian/radicale.postinst
@@ -5,20 +5,122 @@ set -e
NAME=radicale
ACCOUNTNAME=$NAME
-DAEMON_UID=$ACCOUNTNAME
-DAEMON_GID=$ACCOUNTNAME
CALDIR=/var/lib/$NAME
ACCOUNTHOME=$CALDIR
GECOS="Radicale CalDAV server"
+. /usr/share/debconf/confmodule
+db_version 2.0
+
+augeas_get_config() {
+ KEY="$1"
+
+ cat <<EOF | augtool -L -A
+set /augeas/load/Puppet/lens Puppet.lns
+set /augeas/load/Puppet/incl[last() + 1] /etc/radicale/config
+load
+get "/files/etc/radicale/config/$KEY"
+save
+EOF
+}
+
+augeas_set_config() {
+ KEY="$1"
+ VALUE="$2"
+
+ cat <<EOF | augtool -L -A
+set /augeas/load/Puppet/lens Puppet.lns
+set /augeas/load/Puppet/incl[last() + 1] /etc/radicale/config
+load
+set "/files/etc/radicale/config/$KEY" "$VALUE"
+save
+EOF
+}
+
+augeas_rm_config() {
+ KEY="$1"
+
+ cat <<EOF | augtool -L -A
+set /augeas/load/Puppet/lens Puppet.lns
+set /augeas/load/Puppet/incl[last() + 1] /etc/radicale/config
+load
+rm "/files/etc/radicale/config/$KEY"
+save
+EOF
+}
+
+set_config_value() {
+ SECTION="$1"
+ KEY="$2"
+ DEFAULT="$3"
+
+ # Write value from debconf db to config file, if not default value.
+ db_get "radicale/${SECTION}_${KEY}" || true
+ if [ -n "$RET" ] && [ "$RET" != "$DEFAULT" ]; then
+ augeas_set_config "$SECTION/$KEY" "$RET"
+ fi
+}
+
case "$1" in
- configure)
- if ! getent passwd $ACCOUNTNAME >/dev/null 2>&1; then
- adduser --system --home $ACCOUNTHOME --no-create-home \
- --gecos "$GECOS" --group --disabled-password \
- --quiet $ACCOUNTNAME
- fi
- ;;
+ configure)
+ if ! getent passwd $ACCOUNTNAME >/dev/null 2>&1; then
+ adduser --system --home $ACCOUNTHOME --no-create-home \
+ --gecos "$GECOS" --group --disabled-password \
+ --quiet $ACCOUNTNAME
+ fi
+
+ db_get radicale/upgrade_config || true
+ if [ "$RET" = "true" ]; then
+ # Replace current file if it exists. Any valid settings
+ # will have been read in to debconf already.
+ if [ -f /etc/radicale/config ]; then
+ mv /etc/radicale/config /etc/radicale/config.orig
+ fi
+ fi
+
+ # Write configuration selected by user (or loaded from disk).
+ set_config_value server hosts
+ set_config_value server max_connections
+ set_config_value server max_content_length
+ set_config_value server timeout
+ set_config_value server ssl false
+ set_config_value server certificate
+ set_config_value server key
+ set_config_value server certificate_authority
+ set_config_value server dns_lookup true
+ set_config_value server protocol
+ set_config_value server ciphers
+ set_config_value server realm
+ set_config_value encoding request
+ set_config_value encoding stock
+ set_config_value auth type None
+ set_config_value auth htpasswd_filename
+ set_config_value auth htpasswd_encryption bcrypt
+ set_config_value auth delay
+ set_config_value rights type owner_only
+ set_config_value rights file
+ set_config_value storage type multifilesystem
+ set_config_value storage filesystem_folder
+ set_config_value storage filesystem_locking true
+ set_config_value storage filesystem_fsync true
+ set_config_value storage max_sync_token_age
+ set_config_value storage hook
+ set_config_value web type internal
+ set_config_value logging config
+ set_config_value logging debug false
+ set_config_value logging full_environment false
+ set_config_value logging mask_passwords true
+
+ db_get radicale/relax_same_origin_policy || true
+ if [ "$RET" = "true" ]; then
+ augeas_set_config headers/Access-Control-Allow-Origin "*"
+ else
+ if grep -q "^Access-Control-Allow-Origin\s*=\s*\*" \
+ /etc/radicale/config; then
+ augeas_rm_config headers/Access-Control-Allow-Origin
+ fi
+ fi
+ ;;
esac
#DEBHELPER#
diff --git a/debian/radicale.postrm b/debian/radicale.postrm
index f01118a..b956520 100644
--- a/debian/radicale.postrm
+++ b/debian/radicale.postrm
@@ -13,6 +13,8 @@ case "$1" in
;;
purge)
+ rm -f /etc/radicale/config
+ rm -f /etc/radicale/config.orig
rm -rf $LOGDIR
# We do NOT remove the system user.
diff --git a/debian/radicale.templates b/debian/radicale.templates
new file mode 100644
index 0000000..80f6258
--- /dev/null
+++ b/debian/radicale.templates
@@ -0,0 +1,202 @@
+Template: radicale/upgrade_config
+Type: boolean
+Default: true
+_Description: Use automatic configuration upgrades?
+ If enabled, the radicale package will handle upgrading the
+ configuration in /etc/radicale/config. Obsolete options will be
+ removed, and any new mandatory options will be added.
+
+Template: radicale/server_hosts
+Type: string
+Default: 127.0.0.1:5232, [::1]:5232
+_Description: CalDAV server hostnames separated by a comma:
+ IPv4 syntax: address:port
+ IPv6 syntax: [address]:port
+ For example: 0.0.0.0:9999, [::]:9999
+
+Template: radicale/server_max_connections
+Type: string
+_Description: Max parallel connections:
+ .
+ If left blank, the default value (20) is used.
+
+Template: radicale/server_max_content_length
+Type: string
+_Description: Max size of request body (bytes):
+ .
+ If left blank, the default value (10000000) is used.
+
+Template: radicale/server_timeout
+Type: string
+_Description: Socket timeout (seconds):
+ .
+ If left blank, the default value (10) is used.
+
+Template: radicale/server_ssl
+Type: boolean
+Default: false
+_Description: SSL flag, enable HTTPS protocol?
+ This enables the SSL transport layer encryption feature built-in to
+ Radicale. It is not needed if SSL is provided by a reverse proxy web
+ server that runs in front of Radicale.
+
+Template: radicale/server_certificate
+Type: string
+Default: /etc/ssl/certs/ssl-cert-snakeoil.pem
+_Description: SSL certificate path:
+
+Template: radicale/server_key
+Type: string
+Default: /etc/ssl/private/ssl-cert-snakeoil.key
+_Description: SSL private key:
+
+Template: radicale/server_certificate_authority
+Type: string
+_Description: CA certificate for validating clients:
+ This can be used to secure TCP traffic between Radicale and a reverse
+ proxy.
+
+Template: radicale/server_dns_lookup
+Type: boolean
+Default: true
+_Description: Reverse DNS to resolve client address in logs?
+
+Template: radicale/server_protocol
+Type: string
+_Description: SSL Protocol used:
+ See python's ssl module for available values.
+ .
+ If left blank, the default value (PROTOCOL_TLSv1_2) is used.
+
+Template: radicale/server_ciphers
+Type: string
+_Description: Available ciphers:
+ See python's ssl module for available ciphers.
+
+Template: radicale/server_realm
+Type: string
+_Description: Message displayed in the client when a password is needed:
+ .
+ If left blank, the default value (Radicale - Password Required) is used.
+
+Template: radicale/encoding_request
+Type: string
+_Description: Encoding for responding requests:
+ .
+ If left blank, the default value (utf-8) is used.
+
+Template: radicale/encoding_stock
+Type: string
+_Description: Encoding for storing local collections:
+ .
+ If left blank, the default value (utf-8) is used.
+
+Template: radicale/auth_type
+Type: select
+__Choices: None, htpasswd, remote_user, http_x_remote_user
+Default: None
+_Description: Authentication method:
+
+Template: radicale/auth_htpasswd_filename
+Type: string
+_Description: Htpasswd filename:
+
+Template: radicale/auth_htpasswd_encryption
+Type: select
+__Choices: plain, sha1, ssha, crypt, bcrypt, md5
+Default: bcrypt
+_Description: Htpasswd encryption method:
+ bcrypt is recommended for security.
+
+Template: radicale/auth_delay
+Type: string
+_Description: Incorrect authentication delay (seconds):
+ .
+ If left blank, the default value (1) is used.
+
+Template: radicale/rights_type
+Type: select
+__Choices: None, authenticated, owner_only, owner_write, from_file
+Default: owner_only
+_Description: Rights backend:
+
+Template: radicale/rights_file
+Type: string
+_Description: File for rights management from_file:
+ .
+ If left blank, the default value (/etc/radicale/rights) is used.
+
+Template: radicale/storage_type
+Type: select
+__Choices: multifilesystem
+Default: multifilesystem
+_Description: Storage backend:
+
+Template: radicale/storage_filesystem_folder
+Type: string
+_Description: Folder for storing local collections:
+ The folder will be created if not present.
+ .
+ If left blank, the default value (/var/lib/radicale/collections) is used.
+
+Template: radicale/storage_filesystem_locking
+Type: boolean
+Default: true
+_Description: Lock the storage?
+ Never start multiple instances of Radicale or edit the storage
+ externally while Radicale is running if locking is disabled.
+
+Template: radicale/storage_filesystem_fsync
+Type: boolean
+Default: true
+_Description: Sync all changes to disk during requests?
+ This can impair performance. However, disabling it increases the risk
+ of data loss, when the system crashes or power fails!
+
+Template: radicale/storage_max_sync_token_age
+Type: string
+_Description: Delete sync token that are older than (seconds):
+ .
+ If left blank, the default value (2592000) is used.
+
+Template: radicale/storage_hook
+Type: string
+_Description: Command that is run after changes to storage:
+ Example: ([ -d .git ] || git init) && git add -A && (git diff --cached
+ --quiet || git commit -m "Changes by "%(user)s)
+
+Template: radicale/web_type
+Type: select
+__Choices: None, internal
+Default: internal
+_Description: Web interface backend:
+
+Template: radicale/logging_config
+Type: string
+_Description: Logging configuration file:
+ If no config is given, simple information is printed on the standard
+ output For more information about the syntax of the configuration
+ file, see: http://docs.python.org/library/logging.config.html
+
+Template: radicale/logging_debug
+Type: boolean
+Default: false
+_Description: Set the default logging level to debug?
+
+Template: radicale/logging_full_environment
+Type: boolean
+Default: false
+_Description: Store all environment variables (including those set in the shell)?
+
+Template: radicale/logging_mask_passwords
+Type: boolean
+Default: true
+_Description: Mask passwords in logs?
+
+Template: radicale/relax_same_origin_policy
+Type: boolean
+Default: false
+_Description: Ask clients to relax same-origin policy?
+ If enabled, Radicale will send an additional HTTP header,
+ "Access-Control-Allow-Origin: *" to clients, to relax the same-origin
+ policy.
--
2.11.0
signature.asc
Description: OpenPGP digital signature
