Qnap Radicale en HTTPS et autres applis tierces [Résolu]

Chon

Maître Jedi
7 Février 2018
506
54
58
Salut à tous,

Ayant NextCloud installé sur mon NAS (encore merci Cœur51 pour la config ;) ) et n'utilisant que CalDAV et CardDAV, je cherche une solution beaucoup plus légère parce que NextCloud est très gourmand en RAM et que je n'ai que 2Go sur mon NAS.

Je me tourne donc vers Radicale qui semble répondre à mon attente.
Je l'ai installée et je me trouve confronté à la non prise en charge du HTTPS de l'appli comme QApache pour laquelle j'ai tenté de suivre le tuto de Mikiya mais qui ne veut pas s'ouvrir non plus pour les mêmes raisons. J'avoue avoir du mal à y faire le tri entre modifs nécessaires et options. Forcément, je dois faire des erreurs vu que mon QApache ne s'ouvre toujours pas en HTTPS malgré redémarrage de l'appli et même du NAS.

J'ai donc des questions... :geek:

1. Pourquoi les applis tierces (QApache, NextCloud, Radicale...) ne prennent-elles pas en charge de base le HTTPS qui est, semble-t-il, une évidence en terme de sécurité ?
2. Si QApache est nécessaire pour faire fonctionner Radicale, quelles sont les modifs minimales obligatoires de QApache pour prendre en compte le HTTPS ?
3. Quelles seraient si besoin les modifs de config à apporter à Radicale ?

Voili, voilou, je vous remercie par avance pour votre aide. ;)
 
Salut à tous,
Chon a dit:
3. Quelles seraient si besoin les modifs de config à apporter à Radicale ?
... Et avec le fichier config de Radicale en espérant qu'il n'y ait rien d'autre à configurer ? :geek:
Code:
# -*- mode: conf -*-
# vim:ft=cfg

# Config file for Radicale - A simple calendar server
#
# Place it into /etc/radicale/config (global)
# or ~/.config/radicale/config (user)
#
# The current values are the default ones


[server]

# CalDAV server hostnames separated by a comma
# IPv4 syntax: address:port
# IPv6 syntax: [address]:port
# For example: 0.0.0.0:9999, [::]:9999
hosts = 0.0.0.0:5232

# Daemon flag
#daemon = False

# File storing the PID in daemon mode
#pid =

# Max parallel connections
#max_connections = 20

# Max size of request body (bytes)
#max_content_length = 10000000

# Socket timeout (seconds)
#timeout = 10

# SSL flag, enable HTTPS protocol
#ssl = False

# SSL certificate path
#certificate = /etc/ssl/radicale.cert.pem

# SSL private key
#key = /etc/ssl/radicale.key.pem

# CA certificate for validating clients. This can be used to secure
# TCP traffic between Radicale and a reverse proxy
#certificate_authority =

# SSL Protocol used. See python's ssl module for available values
#protocol = PROTOCOL_TLSv1_2

# Available ciphers. See python's ssl module for available ciphers
#ciphers =

# Reverse DNS to resolve client address in logs
#dns_lookup = True

# Message displayed in the client when a password is needed
#realm = Radicale - Password Required


[encoding]

# Encoding for responding requests
#request = utf-8

# Encoding for storing local collections
#stock = utf-8


[auth]

# Authentication method
# Value: none | htpasswd | remote_user | http_x_remote_user
#type = none

# Htpasswd filename
#htpasswd_filename = /etc/radicale/users

# Htpasswd encryption method
# Value: plain | sha1 | ssha | crypt | bcrypt | md5
# Only bcrypt can be considered secure.
# bcrypt and md5 require the passlib library to be installed.
#htpasswd_encryption = bcrypt

# Incorrect authentication delay (seconds)
#delay = 1


[rights]

# Rights backend
# Value: none | authenticated | owner_only | owner_write | from_file
#type = owner_only

# File for rights management from_file
#file = /etc/radicale/rights


[storage]

# Storage backend
# Value: multifilesystem
#type = multifilesystem

# Folder for storing local collections, created if not present
#filesystem_folder = /var/lib/radicale/collections

# Lock the storage. Never start multiple instances of Radicale or edit the
# storage externally while Radicale is running if disabled.
#filesystem_locking = True

# Sync all changes to disk during requests. (This can impair performance.)
# Disabling it increases the risk of data loss, when the system crashes or
# power fails!
#filesystem_fsync = True

# Delete sync token that are older (seconds)
#max_sync_token_age = 2592000

# Close the lock file when no more clients are waiting.
# This option is not very useful in general, but on Windows files that are
# opened cannot be deleted.
#filesystem_close_lock_file = False

# Command that is run after changes to storage
# Example: ([ -d .git ] || git init) && git add -A && (git diff --cached --quiet || git commit -m "Changes by "%(user)s)
#hook =


[web]

# Web interface backend
# Value: none | internal
#type = internal


[logging]

# Logging configuration file
# If no config is given, simple information is printed on the standard output
# For more information about the syntax of the configuration file, see:
# http://docs.python.org/library/logging.config.html
#config =

# Set the default logging level to debug
#debug = False

# Store all environment variables (including those set in the shell)
#full_environment = False

# Don't include passwords in logs
#mask_passwords = True


[headers]

# Additional HTTP headers
#Access-Control-Allow-Origin = *