Radicale

After starting Lightning, click on File and New Calendar. Upcoming window asks you about your calendar storage. Chose a calendar On the Network, otherwise Lightning will use its own file system storage instead of Radicale's one and your calendar won't be remotely accessible.

Next window asks you to provide information about remote calendar access. Protocol used by Radicale is CalDAV. A standard location for a basic use of a Radicale calendar is http://localhost:5232/user/calendar.ics/, where you can replace user and calendar.ics by some strings of your choice. Calendars are automatically created if needed. Please note that the trailing slash is important.

You can now customize your calendar by giving it a nickname and a color. This is only used by Lightning to identify calendars among others.

If no warning sign appears next to the calendar name, you can now add events and tasks to your calendar. All events and tasks are stored in the server, they can be accessed and modified from multiple clients by multiple users at the same time.

Lightning and Thunderbird cannot access CardDAV servers yet. Also, as of version 17.0.5 the SOGo Connector addon is not fully functionally and will create extra address book entries with every sync.

CalendarSync can be combined with any Android calendar app and can even store the calendars in existing Android calendars which are synced by other sync adapters. Of course it can also create its own calendars.

So, to sync using CalendarSync you will have to:

• start the app,
• press the Menu button,
• select Create WebiCal,
• choose to start with a guided configuration.

Then enter your URL, Username and Password. As URL please use http(s)://server:port/username/.

If you can use HTTPS depends on your setup. Please replace username with the name of your user account.

Press test connection button. If everything signaled as OK then press search calendars button, select the calendars which you want to sync, and press the configure calendar button at the top of the display. Your calendars are now configured.

You can then start the first sync by going back to the main screen of the app an pressing the Process Webicals button. Of course you can also configure the app at its preferences to sync automatically.

ContactSync is designed to sync contacts from and to various sources. It can also overtake contacts and push them to the server, also if they are only available on the device (local only contacts).

So to sync your contacts from the Radical server to your Android device:

• start the app
• press the Menu button,
• select Create WebContact,
• select guided configuration mode.

As URL please use http(s)://server:port/username/.

At the URL you will have to replace server:port and username so that it matches your specific setup. It also depends on your configuration if you can use HTTPS or if you have to use HTTP.

Press test connection button, if everything signaled as OK then press search address book button. Select the address books which you want to sync and press the configure address book button at the top of the display.

You can then start the first sync by going back to the main screen of the app and pressing the Handle WebContacts button. Of course you can also configure the app at its preferences to sync automatically.

CalDAV-Sync is implemented as sync adapter to integrate seamlessly with any calendar app and widget. Therefore you have to access it via Accounts & Sync settings after installing it from the Market.

So, to add new calendars to your phone open Accounts & Sync settings and tap on Add account, selecting CalDAV as type. In the next view, you have to switch to Manual Mode. Enter the full CalDAV URL of your Radicale account (e.g. http://example.com:5232/Username/) and corresponding login data. If you want to create a new calendar you have to specify its full URL e.g. http://example.com:5232/Username/Calendar.ics/. Please note that the trailing slash is important.

Tap on Next and the app checks for all available calendars on your account, listing them in the next view. (Note: CalDAV-Sync will not only check under the url you entered but also under http://example.com:5232/UsernameYouEnteredForLogin/. This might cause strange errors.) You can now select calendars you want to sync and set a local nickname and color for each. Hitting Next again brings up the last page. Enter your email address and uncheck Sync from server to phone only if you want to use two-way-sync.

Tap on Finish and you're done. You're now able to use the new calendars in the same way you were using Google calendars before.

Set up works like CalDAV-Sync, just use .vcf instead of .ics if you enter the URL, e.g. http://example.com:5232/Username/AddressBook.vcf/.

DAVdroid is a free and open-source CalDAV/CardDAV client that is available in Play Store for a small fee or in FDroid for free.

To make it working with Radicale, just add a new DAVdroid account and enter https://example.com/radicale/user/ as base URL (assuming that your Radicale runs at https://example.com/radicale/; don't forget to set base_prefix correctly).

aCal is a CalDAV client for Android. It comes with its own calendar application and does not integrate in the Android calendar. It is a "CalDAV only" calendar, i.e. it only works in combination with a CalDAV server. It can connect to several calendars on the server and will display them all in one calendar. It works nice with Radicale.

To configure aCal, start aCal, go to the Settings screen, select Server, then Add server. Choose Manual Configuration and select Advanced (bottom of the screen). Then enter the host name of your server, check Active, enter your user name and password. The Simple Domain of your server is the domain part of your fully qualified host name (e.g. if your server is myserver.mydomain.org, choose mydomain.org).

As Simple Path you need to specify /<user> where user is the user you use to connect to Radicale. Server Name is the fully qualified name of your server machine (myserver.mydomain.org). The Server Path is /<user>/.

For Authentication Type you need to specify the method you chose for Radicale. Check Use SSL if your Radicale is configured to use SSL.

As the last thing you need to specify the port Radicale listens to. When your server is configured you can go back to the first Settings screen, and select Calendars and Addressbooks. You should find all the calendars that are available to your user on the Radicale server. You can then configure each of them (display colour, notifications, etc.).

To be written.

To be written.

You can find more information about syncEvolution and Radicale on the syncEvolution wiki page.

1. Go to "Settings" > "email+accounts"
2. Click "add an account" > "iCloud"
3. Enter random email address (e.g. "foo@bar" and "qwerty") > "sign in"
4. A new account "iCloud" with the given email address appears on the list. The status is "Not up to date". Click the account.
5. An error message is given. Click "close".
6. Enter new and "real" values to the account setting fields:
   • "Account name": This name appears on the calendar etc. Examples: "Home", "Word", "Sauna reservation"
   • "Email address": Not used
   • "Sync contacts and calendar": Select the sync interval
   • "Content to sync": Uncheck "Contacts", check "Calendar"
   • "Your name": Not used
   • "Username": Username to your Radicale server
   • "Password": Password to your Radicale server
   • Click "advanced settings"
   • "Calendar server (CalDAV)": Enter the full path to the calendar .ics file. Don't forget the trailing slash. Example: https://my.server.fi:5232/myusername/calendarname.ics/

Don't forget to add your CA to the phone if you're using a self-signed certificate on your Radicale. Make the CA downloadable to Internet Explorer. The correct certificate format is X509 (with .cer file extension).

The server configuration can be modified in /etc/radicale/config or in ~/.config/radicale/config. You can use the --config parameter in the command line to choose a specific path. You can also set the RADICALE_CONFIG environment variable to a path of your choice. Here is the default configuration file, with the main parameters:

[server]
# CalDAV server hostnames separated by a comma
# IPv4 syntax: address:port
# IPv6 syntax: [address]:port
# For example: 0.0.0.0:9999, [::]:9999
# IPv6 adresses are configured to only allow IPv6 connections
hosts = 0.0.0.0:5232
# Daemon flag
daemon = False
# File storing the PID in daemon mode
pid =
# SSL flag, enable HTTPS protocol
ssl = False
# SSL certificate path
certificate = /etc/apache2/ssl/server.crt
# SSL private key
key = /etc/apache2/ssl/server.key
# SSL Protocol used. See python's ssl module for available values
protocol = PROTOCOL_SSLv23
# Ciphers available. See python's ssl module for available ciphers
ciphers =
# Reverse DNS to resolve client address in logs
dns_lookup = True
# Root URL of Radicale (starting and ending with a slash)
base_prefix = /
# Possibility to allow URLs cleaned by a HTTP server, without the base_prefix
can_skip_base_prefix = False
# Message displayed in the client when a password is needed
realm = Radicale - Password Required


[encoding]
# Encoding for responding requests
request = utf-8
# Encoding for storing local collections
stock = utf-8


[auth]
# Authentication method
# Value: None | htpasswd | IMAP | LDAP | PAM | courier | http | remote_user | custom
type = None

# Custom authentication handler
custom_handler =

# Htpasswd filename
htpasswd_filename = /etc/radicale/users
# Htpasswd encryption method
# Value: plain | sha1 | crypt
htpasswd_encryption = crypt

# LDAP server URL, with protocol and port
ldap_url = ldap://localhost:389/
# LDAP base path
ldap_base = ou=users,dc=example,dc=com
# LDAP login attribute
ldap_attribute = uid
# LDAP filter string
# placed as X in a query of the form (&(...)X)
# example: (objectCategory=Person)(objectClass=User)(memberOf=cn=calenderusers,ou=users,dc=example,dc=org)
# leave empty if no additional filter is needed
ldap_filter =
# LDAP dn for initial login, used if LDAP server does not allow anonymous searches
# Leave empty if searches are anonymous
ldap_binddn =
# LDAP password for initial login, used with ldap_binddn
ldap_password =
# LDAP scope of the search
ldap_scope = OneLevel

# IMAP Configuration
imap_hostname = localhost
imap_port = 143
imap_ssl = False

# PAM group user should be member of
pam_group_membership =

# Path to the Courier Authdaemon socket
courier_socket =

# HTTP authentication request URL endpoint
http_url =
# POST parameter to use for username
http_user_parameter =
# POST parameter to use for password
http_password_parameter =


[git]
# Git default options
committer = Radicale <radicale@example.com>


[rights]
# Rights backend
# Value: None | authenticated | owner_only | owner_write | from_file | custom
type = None

# Custom rights handler
custom_handler =

# File for rights management from_file
file = ~/.config/radicale/rights


[storage]
# Storage backend
# Value: filesystem | multifilesystem | database | custom
type = filesystem

# Custom storage handler
custom_handler =

# Folder for storing local collections, created if not present
filesystem_folder = ~/.config/radicale/collections

# Database URL for SQLAlchemy
# dialect+driver://user:password@host/dbname[?key=value..]
# For example: sqlite:///var/db/radicale.db, postgresql://user:password@localhost/radicale
# See http://docs.sqlalchemy.org/en/rel_0_8/core/engines.html#sqlalchemy.create_engine
database_url =


[logging]
# Logging configuration file
# If no config is given, simple information is printed on the standard output
# For more information about the syntax of the configuration file, see:
# http://docs.python.org/library/logging.config.html
config = /etc/radicale/logging
# Set the default logging level to debug
debug = False
# Store all environment variables (including those set in the shell)
full_environment = False


# Additional HTTP headers
#[headers]
#Access-Control-Allow-Origin = *

This configuration file is read each time the server is launched. If some values are not given, the default ones are used. If no configuration file is available, all the default values are used.

Radicale uses the default logging facility for Python. The default configuration prints the information messages to the standard output. It is possible to print debug messages thanks to:

radicale --debug

Radicale can also be configured to send the messages to the console, logging files, syslog, etc. For more information about the syntax of the configuration file, see: http://docs.python.org/library/logging.config.html. Here is an example of logging configuration file:

# Loggers, handlers and formatters keys

[loggers]
# Loggers names, main configuration slots
keys = root

[handlers]
# Logging handlers, defining logging output methods
keys = console,file

[formatters]
# Logging formatters
keys = simple,full


# Loggers

[logger_root]
# Root logger
level = DEBUG
handlers = console,file


# Handlers

[handler_console]
# Console handler
class = StreamHandler
level = INFO
args = (sys.stdout,)
formatter = simple

[handler_file]
# File handler
class = FileHandler
args = ('/var/log/radicale',)
formatter = full


# Formatters

[formatter_simple]
# Simple output format
format = %(message)s

[formatter_full]
# Full output format
format = %(asctime)s - %(levelname)s: %(message)s

All the options of the server part can be changed with command line options. These options are available by typing:

radicale --help

To use Radicale with Apache's mod_wsgi, you first have to install the Radicale module in your Python path and write your .wsgi file (in /var/www for example):

import radicale
radicale.log.start()
application = radicale.Application()

Next you have to create the Apache virtual host (adapt the configuration to your environment):

<VirtualHost *:80>
    ServerName cal.yourdomain.org

    WSGIDaemonProcess radicale user=www-data group=www-data threads=1
    WSGIScriptAlias / /var/www/radicale.wsgi

    <Directory /var/www>
        WSGIProcessGroup radicale
        WSGIApplicationGroup %{GLOBAL}
        AllowOverride None
        Order allow,deny
        allow from all
    </Directory>
</VirtualHost>

If you want to use authentication with Apache, you really should use one of the Apache authentication modules, instead of the ones from Radicale: they're just better.

Deactivate any rights and module in Radicale and use your favourite Apache authentication backend. You can then restrict the access: allow the alice user to access /alice/* URLs, and everything should work as expected.

Here is one example of Apache configuration file:

<VirtualHost *:80>
    ServerName radicale.local

    WSGIDaemonProcess radicale user=radicale group=radicale threads=1
    WSGIScriptAlias / /usr/share/radicale/radicale.wsgi

    <Directory /usr/share/radicale/>
        WSGIProcessGroup radicale
        WSGIApplicationGroup %{GLOBAL}

        AuthType Basic
        AuthName "Radicale Authentication"
        AuthBasicProvider file
        AuthUserFile /usr/share/radicale/radicale.passwd
        Require valid-user

        AllowOverride None
        Order allow,deny
        allow from all

        RewriteEngine On
        RewriteCond %{REMOTE_USER}%{PATH_INFO} !^([^/]+/)\1
        RewriteRule .* - [Forbidden]
    </Directory>
</VirtualHost>

If you're still convinced that access control is better with Radicale, you have to add WSGIPassAuthorization On in your Apache configuration files, as explained in the mod_wsgi documentation.

Everybody (including anonymous users) has read and write access to all collections.

An authenticated users has read and write access to all collections, anonymous users have no access to these collections.

Only owners have read and write access to their own collections. The other users, authenticated or anonymous, have no access to these collections.

Authenticated users have read access to all collections, but only owners have write access to their own collections. Anonymous users have no access to collections.

Rights are based on a regex-based file whose name is specified in the config (section "right", key "file").

Authentication login is matched against the "user" key, and collection's path is matched against the "collection" key. You can use Python's ConfigParser interpolation values %(login)s and %(path)s. You can also get groups from the user regex in the collection with {0}, {1}, etc.

For example, for the "user" key, ".+" means "authenticated user" and ".*" means "anybody" (including anonymous users).

Section names are only used for naming the rule.

Leading or ending slashes are trimmed from collection's path.

Example:

# This means all users starting with "admin" may read any collection
[admin]
user: ^admin.*$
collection: .*
permission: r

# This means all users may read and write any collection starting with public.
# We do so by just not testing against the user string.
[public]
user: .*
collection: ^public(/.+)?$
permission: rw

# A little more complex: give read access to users from a domain for all
# collections of all the users (ie. user@domain.tld can read domain/\*).
[domain-wide-access]
user: ^.+@(.+)\..+$
collection: ^{0}/.+$
permission: r

# Allow authenticated user to read all collections
[allow-everyone-read]
user: .+
collection: .*
permission: r

# Give write access to owners
[owner-write]
user: .+
collection: ^%(login)s/.+$
permission: w

Radicale automatically detects the .git folder in the path you configured for the filesystem_folder variable in the [storage] section of your configuration file. Make sure a repository is created at this location or create one (using git init . for instance) else it won't work.

To summarize :

• Configure your Git installation
• Get Radicale and dulwich
• Create the repository where your collections are stored
• Run Radicale and it should work

Radicale will automatically commit any changes on your collections. It will use your git config to find parameters such as the committer and that's all.

A dulwich project ported on Python 3 exists but it seems that it doesn't follow the current api (committer is mandatory and not retrieved from the git config by default). Until this problem isn't fixed, the Git support for Radicale on Python 3 will not be ensured.