Radicale 权限

Radicale 权限

我创建了一个 Radicale 实例,使用 Nginx 进行基本身份验证,但每次登录时,它都说我没有权限访问该集合。有人能帮我找出问题所在吗?

激进配置

# -*- mode: conf -*-
# vim:ft=cfg

# Config file for Radicale - A simple calendar server
#

# Place it into /etc/radicale/config (global)
# or ~/.config/radicale/config (user)
#
# The current values are the default ones


[server]

# CalDAV server hostnames separated by a comma
# IPv4 syntax: address:port
# IPv6 syntax: [address]:port
# For example: 0.0.0.0:9999, [::]:9999
# IPv6 adresses are configured to only allow IPv6 connections
#hosts = 0.0.0.0:5232
hosts = 127.0.0.1:5232

# Daemon flag
#daemon = False
daemon = True

# File storing the PID in daemon mode
#pid =

# SSL flag, enable HTTPS protocol
#ssl = False

# SSL certificate path
#certificate = /etc/apache2/ssl/server.crt
certificate = /etc/pki/tls/certs/localhost.crt

# SSL private key
#key = /etc/apache2/ssl/server.key

# SSL Protocol used. See python's ssl module for available values
#protocol = PROTOCOL_SSLv23

# Ciphers available. See python's ssl module for available ciphers
#ciphers =

# Reverse DNS to resolve client address in logs
#dns_lookup = True

# Root URL of Radicale (starting and ending with a slash)
#custom_handler =

# File for rights management from_file
#file = ~/.config/radicale/rights
file = /etc/radicale/rights


[storage]

# Storage backend
# -------
# WARNING: ONLY "filesystem" IS DOCUMENTED AND TESTED,
#          OTHER BACKENDS ARE NOT READY FOR PRODUCTION.
# -------
# Value: filesystem | multifilesystem | database | custom
#type = filesystem

# Custom storage handler
#custom_handler =

# Folder for storing local collections, created if not present
#filesystem_folder = ~/.config/radicale/collections
filesystem_folder = /var/lib/radicale/collections

# Database URL for SQLAlchemy
# dialect+driver://user:password@host/dbname[?key=value..]
# For example: sqlite:///var/db/radicale.db, postgresql://user:password@localhost/radicale
# See http://docs.sqlalchemy.org/en/rel_0_8/core/engines.html#sqlalchemy.create_engine
#database_url =


[logging]

# Logging configuration file
# If no config is given, simple information is printed on the standard output

# For more information about the syntax of the configuration file, see:
# http://docs.python.org/library/logging.config.html
#config = /etc/radicale/logging
# Set the default logging level to debug
#debug = False
# Store all environment variables (including those set in the shell)
#full_environment = False


[headers]

# Additional HTTP headers
#Access-Control-Allow-Origin = *

权利文件

[owner-write]
user: .+
collection: ^%(login)s(/.+)?$
permission: rw

Nginx

server {
        listen 80 default;

        location / {
                return 301 https://$host$request_uri;
        }

        include /etc/nginx/servers.conf.d/*.conf;
}

server {
        listen 443 ssl default http2;

        ssl_certificate /etc/nginx/ssl/fullchain.pem;
        ssl_certificate_key /etc/nginx/ssl/privkey.pem;

        location / {
                try_files $uri @radicale;
        }

        location @radicale {
                auth_basic "Login";
                auth_basic_user_file /etc/nginx/auth/radicale;
                proxy_pass http://127.0.0.1:5232;
                proxy_buffering off;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
        }
}

答案1

我遇到了同样的问题,并通过从 nginx 配置中删除proxy_set_header Host $host;和解决了该问题。proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

相关内容