Sun 11 January 2015
So I wanted a quick and easy (and private/secure!) calendar for personal stuff, like vacations, doctor appointments, etc. Because I wanted
something private, this meant (to me) that 'public' calendar providers - like GMail and Yahoo - were out. So, that meant hosting my own! Cool!
My first choice was
Davical. Unfortunately, it recommands Apache; I don't run Apache on my server, nor did I feel
like figuring out how to get it working without Apache.
SO, next choice was
Radicale, which is a nice, simple Python based CalDAV project. So I took 30 minutes and got it
all setup, with TLS and everything (on Debian 7).
To get started easily, just clone the project like so:
git clone git : //github.com/Kozea/Radicale.git
Then install it:
sudo python setup . py install
At this point, you can run it from the command line with
radicale. Then you can connect to it via your favorite CalDAV supporting calendar system
(I use Lightning). The default URI is
<USER> can be anything you want.
Of course, security isn't setup here. To get basic encryption and authentication working, you'll need to setup some configuration stuff for Radicale.
sudo su -
mkdir / etc / radicale
vim / etc / radicale / config
Your config will need to look something like this:
# CalDAV server hostnames separated by a comma
# IPv4 syntax: address:port
# IPv6 syntax: [address]:port
# For example: 0.0.0.0:9999, [::]:9999
# IPv6 adresses are configured to only allow IPv6 connections
hosts = 0.0.0.0:5232
# Daemon flag
daemon = True
# SSL flag, enable HTTPS protocol
ssl = True
# SSL certificate path
certificate = /etc/ssl/certs/ssl-bundle.crt
# SSL private key
key = /etc/ssl/private/myserver.key
# SSL Protocol used. See python's ssl module for available values
protocol = PROTOCOL_TLSv1
# Ciphers available. See python's ssl module for available ciphers
# Authentication method
# Value: None | htpasswd | IMAP | LDAP | PAM | courier | http | remote_user | custom
type = htpasswd
htpasswd_filename = /etc/radicale/users
# Htpasswd encryption method
# Value: plain | sha1 | crypt
htpasswd_encryption = crypt
# Rights backend
# Value: None | authenticated | owner_only | owner_write | from_file | custom
type = owner_only
daemon = True will make Radicale run in the background as a daemon process.
certificate = /etc/ssl/certs/ssl-bundle.crt and
key = /etc/ssl/private/myserver.key should point to your servers
certificate and private key, respectively.
For authentication, I use
htpasswd. To create your credentials, type this from the command line:
htpasswd -cd / etc / radicale / users < USER >
<USER> is the username you used above. You will be prompted to enter a password for this user as well.
type = owner_only will make it so that only your user (once authenticated) has access to your calendar.
Now start Radicale again:
It should start in the background.
Now, you will need to change your CalDAV supported calendar to use SSL. In Lightning, you'll need to create a new calendar (you can't edit, as
far as I know). The URI will now be:
You may have to accept your certificate if it isn't signed/setup properly.
It is worth noting that the Radicale folks suggest putting Radicale behind a proper server if you want the best security (the security modules
used by Radicale have 'not been verified by security experts'). You can find more information on this
That's it! Now you have a private calendar!