Run radicale as non-root
This commit is contained in:
parent
21fce0e4f0
commit
00b8001635
10 changed files with 495 additions and 32 deletions
|
|
@ -1,16 +1,14 @@
|
|||
# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }}
|
||||
#
|
||||
|
||||
[server]
|
||||
ssl = True
|
||||
certificate = /etc/ssl/localcerts/radicale/server_cert.pem
|
||||
key = /etc/ssl/localcerts/radicale/server_key.pem
|
||||
certificate_authority = /etc/ssl/localcerts/radicale/client_cert.pem
|
||||
certificate = {{ radicale_certificate_path }}
|
||||
key = {{ radicale_key_path }}
|
||||
certificate_authority = {{ radicale_certificate_authority_path }}
|
||||
hosts = {{ radicale_listen_addres }}:{{ radicale_port }}
|
||||
|
||||
[storage]
|
||||
filesystem_folder = /etc/radicale/collections
|
||||
filesystem_folder = {{ radicale_storage_path }}
|
||||
|
||||
[auth]
|
||||
type = http_x_remote_user
|
||||
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ Requires=network.target
|
|||
|
||||
[Service]
|
||||
ExecStart=/usr/local/lib/radicale/env/bin/radicale
|
||||
User=radicale
|
||||
Restart=on-failure
|
||||
UMask=0027
|
||||
PrivateTmp=true
|
||||
|
|
|
|||
1
templates/radicale/sudoers.j2
Normal file
1
templates/radicale/sudoers.j2
Normal file
|
|
@ -0,0 +1 @@
|
|||
sonny ALL=(radicale) NOPASSWD: ALL
|
||||
Loading…
Add table
Add a link
Reference in a new issue