Docker image for Radicale, the CalDAV/CardDAV server.
This container is for Radicale version 2.x, as of 2017.07.
Special points:
- Security: run as a normal user (not root!) with the help of su-exec (ie. gosu in C)
- Safe volume permissions:
/configand/datacan be mounted by your user or root and they will still be readable by theradicaleuser inside the container - Small size: run on python:3-alpine
- Git and Bcrypt included for versioning and authentication and InfCloud if you need an UI
This image aims to be tagged along Radicale.
For example, given Radicale releases version 2.1.8, we update the VERSION in the Dockerfile, then push a Git tag 2.1.8.0.
This will automatically produce a corresponding Docker image version on Docker HUB to be pulled, eg. docker pull tomsquest/docker-radicale:2.1.8.0.
The last number (x.y.z.LASTNUMBER) is our image revision. We increment it when we change something in the image without updating the version of Radicale.
At all time, the master branch is released as version latest on Docker HUB. You can pull latest with: docker pull tomsquest/docker-radicale:latest.
Minimal instruction:
docker run -d --name radicale \
-p 5232:5232 \
tomsquest/docker-radicale
Production-grade run:
docker run -d --name radicale \
-p 127.0.0.1:5232:5232 \
--read-only \
--init \
--pids-limit 50 \
--security-opt="no-new-privileges:true" \
--health-cmd="curl --fail http://localhost:5232 || exit 1" \
--health-interval=30s \
--health-retries=3 \
-v ~/radicale/data:/data \
-v ~/radicale/config:/config:ro \
tomsquest/docker-radicale
A Docker compose file is included. It can be extended.
Sharing files from the host and the container can be problematic:
the radicale user in the container does not match the user running the container on the host.
To solve this, this image offers three options:
- Use a user/group with id
2999on the host - Specify a custom user/group id on run
- Build the image with a custom user/group
The image creates a user and a group with Id 2999.
You can create an user/group on your host matching this Id.
Example:
sudo addgroup --gid 2999 radicale
sudo adduser --gid 2999 --uid 2999 --shell /bin/false --disabled-password --no-create-home radicaleThe user and group Ids used in the image can be overridden when the container is run.
This is done with the UID and GID env variables, eg. docker run -e UID=123 -e GID=456 tomsquest/docker-radicale.
Beware, the --read-only run flag cannot be used in this case. Using custom UID/GID at runtime modifies the filesystem and the modification is made impossible with the --read-only flag.
You can build the image with custom user and group Ids and still use the --read-only flag.
But, you will have to keep up-do-date with this image.
Usage: docker build --build-arg=UID=5000 --build-arg=GID=5001 .
To customize Radicale configuration, either:
- (recommended): use this repository preconfigured config file,
- Or, use a custom config file
- get the config file from Radicale repository
- Change
hoststo be accessible from the Docker host (thus, sethosts = 0.0.0.0:5232) - Mount the config in the container
-v /my_custom_config_directory:/config
Then puts these two files in a directory and use the config volume -v /my_custom_config_directory:/config when running the container.
- Robert Beal: fixed/configurable userId, versioning...
- Loader23: config volume idea
- Waja: less layers is more, InfCloud integration (UI for Radicale)
- Thomas Queste: initial image