radicale

Posted on Tue 12 January 2016 in linux

The value of calendar and addressbook information

Starting with the emerging of mobile technologies it became reasonable to manage appointments and addresses with such devices. However, when dealing with multiple computers and mobile devices the question arises how can this information be synchronized? You will of course answer that the big players such as Google, Microsoft or Apple have already solved this problem for you by syncing data with the "cloud" ... but wait ... what does this mean? Well, you are sending confidential information as plain text to some servers outside of Germany and you have no idea who else has access to this data - apart from the NSA - and how this information is analysed and used. So let us think about an alternative...

What is radicale?

radicale is a python-based lightweight calendar server that implements CalDAV and CardDAV, two well-documented specifications for the exchange of calendar and address book information. Since both protocols are standardized they can be easily used with various applications including Mozilla Thunderbird (Lightning) and Apple Calendar/Contacts, but also mobile devices via DAVdroid or the default iPhone applications. A complete list of supported applications and their configurations can be obtained from the official radicale documentation. Of course there are similar products such as the Darwin Calendar Server, DAViCal or ownCloud, but what is nice about radicale is that it is not a big software suite, but rather one tool for one job approach.

How to install radicale?

Warning: radicale in Debian Jessie

The current version of radicale in debian jessie seems to be a little bit buggy, so there may be problems when multiple calendars should be used from the same user account. However, since radicale is under continuous development you can try to install a newer version e.g. radicale_1.1.1-1 from sid that does not have these problems.

Installing radicale

First the radicale package must be installed:

apt-get install radicale

After that the basic configuration can be set by adapting the /etc/radicale/config file. Since apache2 should be used for delivering the data, only a small subset of options must be set: this is, on the one hand, the use of the filesystem storage (each calendar will be put into a separate file) and on the other hand, the activation of logging. Hence, the important parts are:

[storage]
type = filesystem
filesystem_folder = /var/lib/radicale/collections

[logging]
config = /var/log/logging

Since the storage folder is not created automatically, it should be done in the next step:

mkdir -p /var/lib/radicale/collections
chown radicale.radicale /var/lib/radicale/collections

Additionally, the logging directory must be created so that it can be used for the log files:

mkdir /var/log/radicale/
chown radicale.radicale /var/log/radicale

git support (optional)

To keep track of calendar changes, git support can be activated. As a result, every calendar change is automatically committed to the git repository. To activate this feature do:

apt-get install python-dulwich
cd /var/lib/radicale/collections
git init
chown radicale.radicale -R /var/lib/radicale/collections/.git

Apache2 configuration

Instead of using the built-in server component, apache2 will be used for delivering the data. Apache2 is more mature and has a better support for different authentication mechanisms.

wsgi

Since radicale is a python-based webapplication, a wsgi file must be prepared that can be linked to the apache2 server. Thus, create the /var/www/radicale directory and add the /var/www/radicale/radicale.wsgi file with the following content:

import radicale
radicale.log.start()
application = radicale.Application()

Adapt the owner and permissions of the wsgi file:

chown radicale.radicale /var/www/radicale/radicale.wsgi
chmod 0755 /var/www/radicale/radicale.wsgi

If the apache2 wsgi module is not installed yet, install and enable it:

apt-get install libapache2-mod-wsgi
a2enmod wsgi

radicale site config

To register the wsgi file with the apache2 server, create a new apache2 site configuration in /etc/apache2/sites-available/radicale.conf with the following content:

<IfModule mod_ssl.c>
    <VirtualHost *:5232>
        ServerName yourdomain.de

        WSGIDaemonProcess radicale user=radicale group=radicale threads=1
        WSGIScriptAlias / /var/www/radicale/radicale.wsgi

        <Directory /var/www/radicale>
            WSGIProcessGroup radicale
            WSGIApplicationGroup %{GLOBAL}
            AllowOverride None
            Require all granted
            Options -Indexes
        </Directory>

        <Location />
            AuthType Basic
            AuthName "Calendar Auth"
            AuthBasicProvider file
            AuthUserFile /var/www/radicale/.htpasswd
            Require valid-user
        </Location>

        # ssl stuff
        SSLEngine on
        SSLCertificateFile    /etc/ssl/certs/cal.pem
        SSLCertificateKeyFile /etc/ssl/private/cal.key
    </VirtualHost>
</IfModule>

The configuration provides the link to the wsgi file, a basic authentication mechanism and the use of SSL for protecting the data transmission.

For the authentication mechanism, the corresponding user(s) can be created as follows:

htpasswd -c /var/www/radicale/.htpasswd username

Edit /etc/apache2/ports.conf file and make apache2 listen on the defined port:

<IfModule ssl_module>
    Listen 5232
</IfModule>

Finally, enable the radicale site configuration and reload apache2:

a2ensite radicale
service apache2 reload

Testing

To test the installed radicale server open the following domain in your browser: https://yourdomain.de:5232/

Setting up clients

The configuration of the various clients is not topic of this post. Please consult the official radicale documentation for more information.

linux debian jessie calendar CalDAV CardDav