I want to install a server for CalDAV and CardDAV on my headless RaspberryPi and will use my answer below to make a guide which I will update as I go along. I had troubles installing pip for python3, using the browser to access a headless localhost and finding out the default login credentials.
Asked
Active
Viewed 8,405 times
1 Answers
8
Most of this is from the Radicale installation instruction, but I had some troubles getting it right.
Also, this is a good practice for setting up a systemd service and using htpasswd. First, ssh into RPi, then
sudo apt update
sudo apt upgrade
sudo apt install python3-pip
sudo python3 -m pip install --upgrade radicale
sudo python3 -m radicale --config "" --storage-filesystem-folder=~/.var/lib/radicale/collections
(Use sudo for installing radicale although this is not mentioned in the installation advice, because otherwise the program won't work as a service with systemctl. Also, sudo pip3 install --upgrade radicale[bcrypt] might work.)
For encryption of the password-file use
sudo python3 -m pip install --upgrade radicale[bcrypt]
Install htpasswd via
sudo apt install apache2-utils
Bind the server to the IP of the Pi, making the WebGUI accessible from outside the Pi with
sudo mkdir /etc/radicale
sudo mkdir /home/radicale
sudo nano /etc/radicale/config
with content beeing (don't forget to forward the port on the router):
[server]
hosts = YOURIP:5232
[auth]
type = htpasswd
htpasswd_filename = /home/radicale/.radicalepasswords
htpasswd_encryption = bcrypt
Create a new htpasswd file with credentials for "user1"
htpasswd -B -c /home/radicale/.radicalepasswords user1
To add another user
htpasswd -B /home/radicale/.radicalepasswords user2
Start radicale using a (manually created) configuration file:
sudo python3 -m radicale --storage-filesystem-folder=~/.var/lib/radicale/collections
Connect to the WebGUI with http://IP:5232. Default username and password both is admin. However, since we created a user and set the config up with auth this is not going to work anymore. Instead we have to log in as the user we created and then create a calendar in the WebGUI.
The WebGUI provides the calendar with IP including the username. This can be used to set up in a client (I tested with macOS).
To run it as a system-wide service with systemd:
sudo useradd --system --home-dir / --shell /sbin/nologin radicale
sudo mkdir -p /var/lib/radicale/collections
sudo chown -R radicale:radicale /var/lib/radicale/collections
sudo chmod -R o= /var/lib/radicale/collections
Create the radicale.service:
sudo nano /etc/systemd/system/radicale.service
with content beeing:
[Unit]
Description=A simple CalDAV (calendar) and CardDAV (contact) server
After=network.target
Requires=network.target
[Service]
ExecStart=/usr/bin/env python3 -m radicale
Restart=on-failure
User=radicale
Deny other users access to the calendar data
UMask=0027
Optional security settings
PrivateTmp=true
ProtectSystem=strict
ProtectHome=true
PrivateDevices=true
ProtectKernelTunables=true
ProtectKernelModules=true
ProtectControlGroups=true
NoNewPrivileges=true
ReadWritePaths=/var/lib/radicale/collections
[Install]
WantedBy=multi-user.target
Enable the service:
sudo systemctl enable radicale
sudo systemctl start radicale
sudo systemctl status radicale
Logs for errors are in sudo journalctl --unit radicale.service.
Credits and information:
Use -D for debugging:
python3 -m radicale -D --verify-storage --storage-filesystem-folder=~/.var/lib/radicale/collections
bomben
- 319
- 1
- 3
- 13