Skip to content

Commit 18e45a5

Browse files
SalaryTheftSalaryTheft
authored
doc: add authentication config example (#144)
1 parent b8d4d7a commit 18e45a5

File tree

1 file changed

+40
-0
lines changed

1 file changed

+40
-0
lines changed

README.md

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@ Enhanced Docker image for <a href="http://radicale.org">Radicale</a>, the CalDAV
2626
- [Option 1: **Basic** instruction](#option-1-basic-instruction)
2727
- [Option 2: **Recommended, Production-grade** instruction (secured, safe...) :rocket:](#option-2-recommended-production-grade-instruction-secured-safe-rocket)
2828
- [Custom configuration](#custom-configuration)
29+
- [Authentication configuration](#authentication-configuration)
2930
- [Volumes versus Bind-Mounts](#volumes-versus-bind-mounts)
3031
- [Running with Docker compose](#running-with-docker-compose)
3132
- [Multi-architecture](#multi-architecture)
@@ -117,6 +118,45 @@ Then:
117118
3. mount your custom config volume when running the container: `-v /my_custom_config_directory:/config:ro`.
118119
The `:ro` at the end make the volume read-only, and is more secured.
119120

121+
## Authentication configuration
122+
123+
This section shows a basic example of configuring authentication for Radicale using htpasswd with bcrypt algorithm.
124+
To learn more, refer to [the offical Radicale document](https://radicale.org/v3.html#auth).
125+
126+
First, we need to configure Radicale to use htpasswd authentication and specify htpasswd file's location.
127+
Create a `config` file inside `config` directory. It will be located at `./config/config`.
128+
129+
```
130+
[server]
131+
hosts = 0.0.0.0:5232
132+
133+
[auth]
134+
type = htpasswd
135+
htpasswd_filename = /config/users
136+
htpasswd_encryption = bcrypt
137+
138+
[storage]
139+
filesystem_folder = /data/collections
140+
```
141+
142+
Next, create a `user` file inside `config` directory. It will be located at `./config/users`).
143+
Each line contains the username and bcrypt-hashed password, separated by a colon (`:`).
144+
145+
```
146+
john:$2a$10$l1Se4qIaRlfOnaC1pGt32uNe/Dr61r4JrZQCNnY.kTx2KgJ70GPSm
147+
sarah:$2a$10$lKEHYHjrZ.QHpWQeB/feWe/0m4ZtckLI.cYkVOITW8/0xoLCp1/Wy
148+
```
149+
150+
Finally, create and run the container using the appropriate volume mount.
151+
In this example, both files are stored in the same directory (`./config`).
152+
153+
```bash
154+
docker run -d --name radicale tomsquest/docker-radicale \
155+
-p 5232:5232 \
156+
-v ./data:/data \
157+
-v ./config:/config \
158+
```
159+
120160
## Volumes versus Bind-Mounts
121161

122162
This section is related to the error message `chown: /data: Permission denied`.

0 commit comments

Comments
 (0)