radicale fcgid cardav caldav sync with davdroid and thunderbird


First get your radicale version an unpack it to your webspace:


I’m using at this time 0.9

Just unpack your radicale tarball in your DocumentRoot:
My .htaccess looks like this (for url rewriting and basic-auth):

AuthType Basic
AuthName "Radicale Authentication"
AuthBasicProvider file
AuthUserFile /var/www/bla/web/.htpasswd
Require valid-user

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ radicale.fcgi/$1 [QSA,L]

Now we have to create some directories in the homefolder of your webspace if your hoster is running suexec and mod_fcgi

mkdir -p /var/www/bla/.config/radicale

I moved the config examples from DocumentRoot to the newly created folder like this:

mv /var/www/bla/web/config /var/www/bla/.config/radicale/
mv /var/www/bla/web/logging /var/www/bla/.config/radicale/

My files are looking like this:

cat /var/www/bla/.config/radicale/config
# -*- mode: conf -*-
# vim:ft=cfg

# Config file for Radicale - A simple calendar server
# Place it into /etc/radicale/config (global)
# or ~/.config/radicale/config (user)
# The current values are the default ones

# CalDAV server hostnames separated by a comma
# IPv4 syntax: address:port
# IPv6 syntax: [address]:port
# For example:, [::]:9999
# IPv6 adresses are configured to only allow IPv6 connections
hosts =
# Daemon flag
daemon = False
# File storing the PID in daemon mode
pid =
# SSL flag, enable HTTPS protocol
ssl = False
# SSL certificate path
certificate = /etc/apache2/ssl/server.crt
# SSL private key
key = /etc/apache2/ssl/server.key
# SSL Protocol used. See python's ssl module for available values
protocol = PROTOCOL_SSLv23
# Ciphers available. See python's ssl module for available ciphers
ciphers =
# Reverse DNS to resolve client address in logs
dns_lookup = True
# Root URL of Radicale (starting and ending with a slash)
base_prefix = /
# Possibility to allow URLs cleaned by a HTTP server, without the base_prefix
can_skip_base_prefix = False
# Message displayed in the client when a password is needed
realm = Radicale - Password Required

# Encoding for responding requests
request = utf-8
# Encoding for storing local collections
stock = utf-8

# Authentication method
# Value: None | htpasswd | IMAP | LDAP | PAM | courier | http | remote_user | custom
type = None

# Custom authentication handler
custom_handler =

# Htpasswd filename
htpasswd_filename = /etc/radicale/users
# Htpasswd encryption method
# Value: plain | sha1 | crypt
htpasswd_encryption = crypt

# LDAP server URL, with protocol and port
ldap_url = ldap://localhost:389/
# LDAP base path
ldap_base = ou=users,dc=example,dc=com
# LDAP login attribute
ldap_attribute = uid
# LDAP filter string
# placed as X in a query of the form (&(...)X)
# example: (objectCategory=Person)(objectClass=User)(memberOf=cn=calenderusers,ou=users,dc=example,dc=org)
# leave empty if no additional filter is needed
ldap_filter =
# LDAP dn for initial login, used if LDAP server does not allow anonymous searches
# Leave empty if searches are anonymous
ldap_binddn =
# LDAP password for initial login, used with ldap_binddn
ldap_password =
# LDAP scope of the search
ldap_scope = OneLevel

# IMAP Configuration
imap_hostname = localhost
imap_port = 143
imap_ssl = False

# PAM group user should be member of
pam_group_membership =

# Path to the Courier Authdaemon socket
courier_socket =

# HTTP authentication request URL endpoint
http_url =
# POST parameter to use for username
http_user_parameter =
# POST parameter to use for password
http_password_parameter =

# Git default options
committer = Radicale <radicale@example.com>

# Rights backend
# Value: None | authenticated | owner_only | owner_write | from_file | custom
type = owner_write

# Custom rights handler
custom_handler =

# File for rights management from_file
file = ~/.config/radicale/rights

# Storage backend
# Value: filesystem | multifilesystem | database | custom
type = filesystem

# Custom storage handler
custom_handler =

# Folder for storing local collections, created if not present
filesystem_folder = ~/.config/radicale/collections

# Database URL for SQLAlchemy
# dialect+driver://user:password@host/dbname[?key=value..]
# For example: sqlite:///var/db/radicale.db, postgresql://user:password@localhost/radicale
# See http://docs.sqlalchemy.org/en/rel_0_8/core/engines.html#sqlalchemy.create_engine
database_url =

# Logging configuration file
# If no config is given, simple information is printed on the standard output
# For more information about the syntax of the configuration file, see:
# http://docs.python.org/library/logging.config.html
#config = ~/.config/radicale/logging
config = /var/log/radicale
# Set the default logging level to debug
debug = False
# Store all environment variables (including those set in the shell)
full_environment = False

# Additional HTTP headers
#Access-Control-Allow-Origin = *
cat /var/www/bla/.config/radicale/logging
# -*- mode: conf -*-
# vim:ft=cfg

# Logging config file for Radicale - A simple calendar server
# The default path for this file is /etc/radicale/logging
# This can be changed in the configuration file
# Other handlers are available. For more information, see:
# http://docs.python.org/library/logging.config.html

# Loggers, handlers and formatters keys

# Loggers names, main configuration slots
keys = root

# Logging handlers, defining logging output methods
#keys = console,file
keys = file

# Logging formatters
keys = simple,full

# Loggers

# Root logger
level = DEBUG
#handlers = console,file
handlers = file

# Handlers

# Console handler
class = StreamHandler
level = INFO
args = (sys.stdout,)
formatter = simple

# File handler
class = FileHandler
args = ('/var/www/bla/log/radicale.log',)
formatter = full

# Formatters

# Simple output format
format = %(message)s

# Full output format
format = %(asctime)s - %(levelname)s: %(message)s


Before we can fire up davdroid, your calender and your addressbook needs to be created. I’ve done this with thunderbird.
Davdroid only detect’s your calendar and your addressbook only if  it is in special url schema (end of line slashes mandatory). Here my url schema:


After successfully creation of our addressbook we can locate them via:

# ls /var/www/bla/.config/radicale/collections/htpasswdusername/addressbook.vcf/
Default.vcf Default.vcf.props
# ls /var/www/bla/.config/radicale/collections/htpasswdusername/calendar.ics/
Default.ics Default.ics.props

Now fire up your davdroid app and use as url (end of line slash mandatory)


Hope this will help someone, I had to invest some time to get this done.

ubuntu cgroup howto


Need to limit php-cgi procs?
Here some nice howto:

aptitude install cgroup-bin
service cgconfig stop

here the content of my /etc/cgconfig.conf

#mounts the cgroupfilesystems
mount {
   cpu = /sys/fs/cgroup/cpu;
   cpuset = /sys/fs/cgroup/cpuset;
   memory = /sys/fs/cgroup/memory;

#defines a group trasuser which is pinned to cpu 3 of the quadcore system
group trashuser {
   cpuset {
      cpuset.mems = 0;
      cpuset.cpus = 3;

#defines the group defaultphp where all php-cgi processes get 75% of the quadcore cpu and 3GB Ram
group defaultphp {
   cpu {
      cpu.shares = 750;
   memory {
      memory.limit_in_bytes = 3G;

here the content of my cgrules.conf

#the unix user webuser01 gets pinned in group trashuser
webuser01        cpuset        trashuser/
#pinnes all php-cgi procs to group defaultphp
*:php-cgi    cpu,memory    defaultphp/
#pinnes all other procs to the default profile
*        *        default/
service cgconfig start

Here a nice link with resources

If “service cgconfig restart” not works try to unmount all mounted cgroupfilesystems. You will find them under “cat /proc/mounts”
After that it should start.

Have Fun!