Advertisement
Guest User

Untitled

a guest
Aug 1st, 2017
73
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.57 KB | None | 0 0
  1. ##### Install dependencies for Radicale
  2. ServerUSER@Server:~$ sudo apt-get install python3-pip
  3. ##### Install dependencies for bcrypt encryption method
  4. ServerUSER@Server:~$ sudo python3 -m pip install --upgrade passlib bcrypt
  5. ##### -H flag uses root's home rather than USER's home
  6. ServerUSER@Server:~$ sudo -H python3 -m pip install --upgrade radicale
  7.  
  8. ##### Put user "fakeuser" in a new "users" file
  9. ServerUSER@SERVER:~$ sudo htpasswd -B -c /etc/radicale/users fakeuser
  10. New password:
  11. Re-type new password:
  12. ##### Add another user
  13. ServerUSER@SERVER:~$ sudo htpasswd -B /etc/radicale/users user2
  14. New password:
  15. Re-type new password:
  16. ##### Install dependencies for bcrypt encryption method
  17. ServerUSER@SERVER:~$ sudo python3 -m pip install --upgrade passlib bcrypt
  18.  
  19. ServerUSER@SERVER:~$ sudo nano /etc/radicale/config
  20.  
  21. ##### Add these lines under relevant portions of [auth] section
  22. type = htpasswd
  23. htpasswd_filename = /etc/radicale/users
  24. # encryption method used in the htpasswd file
  25. htpasswd_encryption = bcrypt
  26.  
  27. ##### Add these lines under relevant portions of [server] section
  28. max_connections = 20
  29. # 1 Megabyte
  30. max_content_length = 10000000
  31. # 10 seconds
  32. timeout = 10
  33.  
  34. ##### Add these lines under relevant portions of [auth] section
  35. # Average delay after failed login attempts in seconds
  36. delay = 1
  37.  
  38. ##### Add these lines under relevant portions of [server] section
  39. hosts = 0.0.0.0:5232
  40. ##### By setting ssl = True, Radicale no longer responds to HTTP requests.
  41. ssl = True
  42. certificate = /etc/ssl/radicale.cert.pem
  43. key = /etc/ssl/radicale.key.pem
  44.  
  45. ##### You can hit enter as an answer to all the questions to set the default except this one:
  46. ##### "Common Name (eg, YOUR name) []:" where you will enter your domain name or dns record
  47. ##### used for your development server, or in case of wildcard certificates,
  48. ##### use an astrisk, like this: *.mycompany.com
  49. ##### By using a self-signed certificate, your browser should warn you of this fact.
  50. ##### Confirm exception as you wish, but this exception is necessary to visit page.
  51. ServerUSER@Server:~$ openssl req -nodes -newkey rsa:2048 -keyout /etc/ssl/radicale.key.pem -out /etc/ssl/radicale.cert.pem -x509 -days 365
  52.  
  53. Common Name (eg, YOUR name) []: developmentserver12345
  54.  
  55. ##### Create "radicale" user and group for Radicale service
  56. ServerUSER@Server:~$ sudo useradd --system --home-dir / --shell /sbin/nologin radicale
  57. ##### Make storage folder writable by user "radicale"
  58. ServerUSER@Server:~$ sudo mkdir -p /var/lib/radicale/collections
  59. ServerUSER@Server:~$ sudo chown -R radicale:radicale /var/lib/radicale/collections
  60. ##### Make storage folder non-readable by others
  61. ServerUSER@Server:~$ sudo chmod -R o= /var/lib/radicale/collections
  62.  
  63. ServerUSER@Server:~$ sudo nano /etc/systemd/system/radicale.service
  64.  
  65. [Unit]
  66. Description=A simple CalDAV (calendar) and CardDAV (contact) server
  67. After=network.target
  68. Requires=network.target
  69.  
  70. [Service]
  71. ExecStart=/usr/bin/env python3 -m radicale
  72. Restart=on-failure
  73. User=radicale
  74. # Deny other users access to the calendar data
  75. UMask=0027
  76. # Optional security settings
  77. PrivateTmp=true
  78. ProtectSystem=strict
  79. ProtectHome=true
  80. PrivateDevices=true
  81. ProtectKernelTunables=true
  82. ProtectKernelModules=true
  83. ProtectControlGroups=true
  84. NoNewPrivileges=true
  85. ReadWritePaths=/var/lib/radicale/collections
  86.  
  87. [Install]
  88. WantedBy=multi-user.target
  89.  
  90. # Enable the service
  91. ServerUSER@Server:~$ sudo systemctl enable radicale
  92. # Start the service
  93. ServerUSER@Server:~$ sudo systemctl start radicale
  94. # Check the status of the service
  95. ServerUSER@Server:~$ sudo systemctl status radicale
  96. # View all log messages
  97. ServerUSER@Server:~$ sudo journalctl --unit radicale.service
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement