Martin Weinelt
cff7a27cfe
We now explain what Radicale even is and classify reusing the hashed passwords of login accounts as limitation because it requires using compatible password hashes. This is difficult because compatible password hashes need an overlap between libxcrypt and Radicales choice of libraries: libpass, argon2 and bcrypt. Extract the source code into a proper .nix file so we get source linting and formatting for free. Pruned from bad practices of the past, like global `with lib`.
30 lines
888 B
ReStructuredText
30 lines
888 B
ReStructuredText
Radicale
|
|
========
|
|
|
|
Radicale is a lightweight open-source CalDAV/CardDAV server that stores
|
|
calendars and contacts as plain files on the filesystem, enabling simple
|
|
self-hosted synchronization with standard clients.
|
|
|
|
Limitations
|
|
^^^^^^^^^^^
|
|
|
|
Radicale since the 3.x release (introduced in NixOS 20.09) does not support
|
|
traditional crypt() password hashes any longer. To establish access for
|
|
existing :option:`mailserver.loginAccounts`, the hashing method used
|
|
for ``hashedPassword`` needs to be compatible with one of the available
|
|
`htpasswd_encryption`_ methods. Such hashes can for example be created using
|
|
|
|
.. code-block:: console
|
|
|
|
nix-shell -p mkpasswd --command "mkpasswd -m bcrypt"
|
|
|
|
.. _htpasswd_encryption: https://radicale.org/v3.html#htpasswd_encryption
|
|
|
|
Code
|
|
^^^^
|
|
|
|
Configuration contributed by Robert Schütz (@dotlambda).
|
|
|
|
.. literalinclude:: ./radicale.nix
|
|
:language: nix
|