Radicale - Cal and CardDav

1. Install Packages

apt update
apt dist-upgrade
apt install radicale apache2-utils

2. Authentication

In its default configuration Radicale doesn't check usernames or passwords. If the server is reachable over a network, you should change this.

First a users file with all usernames and passwords must be created. It can be stored in the same directory as the configuration file.

The users file can be created and managed with htpasswd:

# Create a new htpasswd file with the user "user1" using SHA-512 as hash method
$htpasswd -c /etc/radicale/users username
New password:
Re-type new password:
# Add another user
$ htpasswd -C /etc/radicale/users user2
New password:
Re-type new password:

3. Edit Configfile

vim /etc/radicale/config

[server]
hosts = 0.0.0.0:5232, [::]:5232

[auth]
type = htpasswd
htpasswd_filename = /etc/radicale/users

The default configuration binds the server to localhost. It can't be reached from other computers. This can be changed with the following configuration options (IPv4 and IPv6):

4. Fix permissions

chown radicale /etc/radicale/users
chown -R radicale:radicale /var/lib/radicale/collections

5. Running as a Service

systemctl enable --now radicale

6. Run behind reverseproxy

server {
    listen 443 ssl; # managed by Certbot
    server_name dav.url.tld;

    location / {
        proxy_pass http://10.10.10.7:5232;  # Radicale's default port
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

7. Enter GUI and create Calendar and Addressbook

Calendar

Addressbook