openbsd-ports/productivity/radicale/pkg
2012-05-23 18:02:09 +00:00
..
DESCR
PLIST update to radicale 0.7, from maintainer Sergey Bronnikov 2012-05-23 18:02:09 +00:00
radicale.rc update to radicale 0.6.4, including significant performance improvement 2012-01-12 00:19:54 +00:00
README htpasswd -c isn't so great as a general-purpose option, it truncates an 2011-08-22 08:43:54 +00:00

$OpenBSD: README,v 1.4 2011/08/22 08:43:54 sthen Exp $

+-----------------------------------------------------------------------
| Running ${FULLPKGNAME} on OpenBSD
+-----------------------------------------------------------------------

Radicale will run out of the box but with NO SECURITY.
There are two things you should do to enable security:
enable passwords and enable encryption.

Authentication
==============
To enable passwords, edit ${SYSCONFDIR}/radicale/config and change
"type = None" (i.e. passwords are not requested or checked) to
"type = htpasswd".

User password(s) may be created with htpasswd(1); e.g.
"htpasswd -s ${SYSCONFDIR}/radicale/users username".
If the 'users' file does not already exist, use the '-c' option to create it.

By default all calendars may be accessed by any authenticated user.
To restrict calendars so that "/user1/calendar_name" can ONLY be
accessed by user1, also change "personal = False" to "personal = True".

Encryption
==========
To enable encryption, you need both to change "ssl = False" to
"ssl = True" in file "config", and install a certificate and key in
the files named in "certificate" and "key".
Note that it does not suffice to change these variables to point
at a certificate installed in /etc/ssl because the key
file will be unreadable (/etc/ssl/private has restricted
directory permissions).
Either copy your existing key and certificate to the locations
in ${SYSCONFDIR} and owned by (and only readable by) the user _radicale,
or, generate a self-signed RSA server certificate as described
in ssl(8) (but changing /etc/ssl to ${SYSCONFDIR}/radicale).