radicale

radicale/Dockerfile

@@ -0,0 +1,43 @@
+FROM alpine:3.15
+
+ENV TZ=Europe/Madrid
+LABEL maintainer="Lorenzo Carbonell <a.k.a. atareao> lorenzo.carbonell.cerezo@gmail.com"
+
+ARG UID=${EB_UID:-1000}
+ARG GID=${EB_GID:-1000}
+
+ENV VIRTUAL_ENV=/opt/venv
+ENV PATH="$VIRTUAL_ENV/bin:$PATH"
+ENV PYTHONIOENCODING=utf-8
+ENV PYTHONUNBUFFERED=1
+
+RUN echo "**** install Python ****" && \
+    apk add --update --no-cache \
+            apache2-utils==2.4.53-r0 \
+            git==2.34.2-r0 \
+            tini==0.19.0-r0 \
+            tzdata==2022a-r0 \
+            python3==3.9.7-r4 && \
+    rm -rf /var/lib/apt/lists/* && \
+    echo "**** create user ****" && \
+    addgroup radicale && \
+    adduser -h /app -G radicale -D radicale && \
+    mkdir -p ${VIRTUAL_ENV} && \
+    chown -R radicale:radicale ${VIRTUAL_ENV} && \
+    mkdir -p /app/config /app/data && \
+    chown -R radicale:radicale /app
+
+COPY entrypoint.sh requirements.txt /
+USER radicale
+RUN echo "**** install Python dependencies **** " && \
+    python3 -m venv ${VIRTUAL_ENV} && \
+    ${VIRTUAL_ENV}/bin/pip install --upgrade pip && \
+    ${VIRTUAL_ENV}/bin/pip install --no-cache-dir -r /requirements.txt
+
+COPY --chown=radicale:radicale ./config /app/config/config
+
+WORKDIR /app
+
+ENTRYPOINT ["tini", "--"]
+CMD ["/bin/sh", "/entrypoint.sh"]
+

radicale/README.md

@@ -0,0 +1,36 @@
+# Installation
+
+```
+git clone https://github.com/atareao/self-hosted.git
+cd self-hosted/radicale
+mv sample.env .env
+sed -i "s/radicale.tuservidor.es/el_fqdn_que_quieras/g" .env
+mkdir data
+touch .htpasswd-users
+docker run --rm -it --name radicale -v ${PWD}/.htpasswd-users:/app/.htpasswd-users atareao/radicale:v1.0 htpasswd -c .htpasswd-users usuario
+```
+
+Recuerda cambiar `usuario` por el nombre del usuario que tu quieras.
+
+Si quieres añadir mas usuarios, para cada uno de ellos, tienes que ejecutar la siguiente instrucción.
+
+```
+docker run --rm -it --name radicale -v ${PWD}/.htpasswd-users:/app/.htpasswd-users atareao/radicale:v1.0 htpasswd .htpasswd-users nuevo_usuario
+```
+
+Recuerda nuevamente que tendrás que cambiar `nuevo_usuario` por el nombre del usuario que consideres.
+
+A la hora de levantar el servicio dependerá del proxy inverso que hayas seleccionado. Si has elegido Caddy, simplemente,
+
+```
+docker-compose -f docker-compose.yml -f docker-compose.caddy.yml up -d
+docker-compose logs -f
+```
+
+Mientras que si has elegido Traefik,
+
+```
+docker-compose -f docker-compose.yml -f docker-compose.traefik.yml up -d
+docker-compose logs -f
+```
+

radicale/config

@@ -0,0 +1,124 @@
+# -*- mode: conf -*-
+# vim:ft=cfg
+
+# Config file for Radicale - A simple calendar server
+#
+# Place it into /etc/radicale/config (global)
+# or ~/.config/radicale/config (user)
+#
+# The current values are the default ones
+
+
+[server]
+
+# CalDAV server hostnames separated by a comma
+# IPv4 syntax: address:port
+# IPv6 syntax: [address]:port
+# For example: 0.0.0.0:9999, [::]:9999
+#hosts = localhost:5232
+hosts = 0.0.0.0:5232
+
+# Max parallel connections
+#max_connections = 8
+
+# Max size of request body (bytes)
+#max_content_length = 100000000
+
+# Socket timeout (seconds)
+#timeout = 30
+
+# SSL flag, enable HTTPS protocol
+#ssl = False
+
+# SSL certificate path
+#certificate = /etc/ssl/radicale.cert.pem
+
+# SSL private key
+#key = /etc/ssl/radicale.key.pem
+
+# CA certificate for validating clients. This can be used to secure
+# TCP traffic between Radicale and a reverse proxy
+#certificate_authority =
+
+
+[encoding]
+
+# Encoding for responding requests
+#request = utf-8
+
+# Encoding for storing local collections
+#stock = utf-8
+
+
+[auth]
+
+# Authentication method
+# Value: none | htpasswd | remote_user | http_x_remote_user
+type = htpasswd
+
+# Htpasswd filename
+htpasswd_filename = /app/.htpasswd-users
+
+# Htpasswd encryption method
+# Value: plain | bcrypt | md5
+# bcrypt requires the installation of radicale[bcrypt].
+#htpasswd_encryption = md5
+
+# Incorrect authentication delay (seconds)
+#delay = 1
+
+# Message displayed in the client when a password is needed
+#realm = Radicale - Password Required
+
+
+[rights]
+
+# Rights backend
+# Value: none | authenticated | owner_only | owner_write | from_file
+#type = owner_only
+
+# File for rights management from_file
+#file = /etc/radicale/rights
+
+
+[storage]
+
+# Storage backend
+# Value: multifilesystem | multifilesystem_nolock
+#type = multifilesystem
+
+# Folder for storing local collections, created if not present
+#filesystem_folder = /var/lib/radicale/collections
+filesystem_folder = /app/data/collections
+
+# Delete sync token that are older (seconds)
+#max_sync_token_age = 2592000
+
+# Command that is run after changes to storage
+# Example: ([ -d .git ] || git init) && git add -A && (git diff --cached --quiet || git commit -m "Changes by "%(user)s)
+#hook =
+
+
+[web]
+
+# Web interface backend
+# Value: none | internal
+#type = internal
+type = radicale_infcloud
+
+
+[logging]
+
+# Threshold for the logger
+# Value: debug | info | warning | error | critical
+#level = warning
+
+# Don't include passwords in logs
+#mask_passwords = True
+
+
+[headers]
+
+# Additional HTTP headers
+#Access-Control-Allow-Origin = *
+

radicale/docker-compose.caddy.yml

@@ -0,0 +1,14 @@
+version: '3'
+
+services:
+  radicale:
+    networks:
+      - proxy
+    labels:
+      - caddy="${FQDN}"
+      - caddy.reverse_proxy="{{upstreams 5232}}"
+
+networks:
+  proxy:
+    external: true
+

radicale/docker-compose.default.yml

@@ -0,0 +1,6 @@
+version: '3'
+
+services:
+  radicale:
+    ports:
+      - 5232:5232

radicale/docker-compose.traefik.yml

@@ -0,0 +1,22 @@
+version: '3'
+
+services:
+  radicale:
+    networks:
+      - proxy
+    labels:
+      - traefik.enable=true
+      - traefik.http.services.dnote.loadbalancer.server.port=5232
+      - traefik.http.routers.expulsabot.entrypoints=http
+      - traefik.http.routers.expulsabot.rule=Host(`${FQDN}`)
+      - traefik.http.middlewares.expulsabot-https-redirect.redirectscheme.scheme=https
+      - traefik.http.routers.expulsabot.middlewares=expulsabot-https-redirect
+      - traefik.http.routers.expulsabot-secure.entrypoints=https
+      - traefik.http.routers.expulsabot-secure.rule=Host(`${FQDN}`)
+      - traefik.http.routers.expulsabot-secure.tls=true
+      - traefik.http.routers.expulsabot-secure.tls.certresolver=letsencrypt
+
+networks:
+  proxy:
+    external: true
+

radicale/docker-compose.yml

@@ -0,0 +1,11 @@
+version: '3'
+
+services:
+  radicale:
+    build: ./
+    image: atareao/radicale:v1.0
+    container_name: radicale
+    restart: unless-stopped
+    volumes:
+      - ./.htpasswd-users:/app/.htpasswd-users
+      - ./data:/app/data

radicale/entrypoint.sh

@@ -0,0 +1,26 @@
+#!/usr/bin/env bash
+# -*- coding: utf-8 -*-
+
+# Copyright (c) 2022 Lorenzo Carbonell <a.k.a. atareao>
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+
+source /opt/venv/bin/activate
+python /opt/venv/bin/radicale --config /app/config/config
+

radicale/requirements.txt

@@ -0,0 +1,3 @@
+radicale==3.1.7
+radicale-imap
+git+https://github.com/Unrud/RadicaleInfCloud

radicale/sample.env

@@ -0,0 +1 @@
+FQDN=https://radicale.tuservidor.es