Scroll to navigation

RADICALE(1) User Commands RADICALE(1)

NAME

radicale - a simple calendar server

DESCRIPTION

usage: radicale [OPTIONS]

options:

show this help message and exit
show program's version number and exit
check the storage for errors and exit
use specific configuration files
print debug information

server:

set server hostnames including ports
maximum number of parallel connections
maximum size of request body in bytes
socket timeout
use SSL connection
do not use SSL connection (opposite of --server-ssl)
SSL/TLS protocol (Apache SSLProtocol format)
SSL/TLS Cipher Suite (OpenSSL cipher list format)
set certificate file
set private key file
set CA certificate for validating clients
script name to strip from URI if called by reverse proxy (default taken from HTTP_X_SCRIPT_NAME or SCRIPT_NAME)

encoding:

encoding for responding requests
encoding for storing local collections

auth:

backend specific options omitted
authentication method (none|remote_user|http_x_remote_ user|denyall|htpasswd|ldap|imap|oauth2|pam|dovecot)
cache successful/failed logins for until expiration time
do not cache successful/failed logins for until expiration time (opposite of --auth-cache-logins)
expiration time for caching successful logins in seconds
expiration time for caching failed logins in seconds
htpasswd filename
htpasswd encryption method
enable caching of htpasswd file
do not enable caching of htpasswd file (opposite of --auth-htpasswd-cache)
Connection type for dovecot authentication
dovecot auth AF_UNIX socket
dovecot auth AF_INET or AF_INET6 host
dovecot auth port
message displayed when a password is needed
incorrect authentication delay
Ignore modifyTimestamp and createTimestamp attributes. Need if Authentik LDAP server is used.
do not Ignore modifyTimestamp and createTimestamp attributes. Need if Authentik LDAP server is used. (opposite of --auth-ldap-ignore-attribute-createmodify-timestamp)
URI to the ldap server
LDAP base DN of the ldap server
the DN of a ldap user with read access to get the user accounts
the password of the ldap_reader_dn
path of the file containing the password of the ldap_reader_dn
the search filter to find the user DN to authenticate by the username
the attribute to be used as username after authentication
attribute to read the group memberships from
Use ssl on the ldap connection. Soon to be deprecated, use ldap_security instead
do not Use ssl on the ldap connection. Soon to be deprecated, use ldap_security instead (opposite of --auth-ldap-use-ssl)
the encryption mode to be used: *none*|tls|starttls
The certificate verification mode. Works for tls and starttls. NONE, OPTIONAL, default is REQUIRED
The path to the CA file in pem format which is used to certificate the server certificate
IMAP server hostname: address|address:port|[address]:port|*localhost*
Secure the IMAP connection: *tls*|starttls|none
OAuth2 token endpoint URL
PAM group user should be member of
PAM service
strip domain from username
do not strip domain from username (opposite of --authstrip-domain)
convert username to uppercase, must be true for caseinsensitive auth providers
do not convert username to uppercase, must be true for case-insensitive auth providers (opposite of --authuc-username)
convert username to lowercase, must be true for caseinsensitive auth providers
do not convert username to lowercase, must be true for case-insensitive auth providers (opposite of --authlc-username)
url-decode the username, set to True when clients send url-encoded email address as username
do not url-decode the username, set to True when clients send url-encoded email address as username (opposite of --auth-urldecode-username)

rights:

backend specific options omitted
rights backend
permit delete of a collection
do not permit delete of a collection (opposite of --rights-permit-delete-collection)
permit overwrite of a collection
do not permit overwrite of a collection (opposite of --rights-permit-overwrite-collection)
file for rights management from_file

storage:

backend specific options omitted
storage backend
path where collections are stored
path where cache of collections is stored in case of use_cache_subfolder_* options are active
use subfolder 'collection-cache' for 'item' cache file structure instead of inside collection folder
do not use subfolder 'collection-cache' for 'item' cache file structure instead of inside collection folder (opposite of --storage-use-cache-subfolder-foritem)
use subfolder 'collection-cache' for 'history' cache file structure instead of inside collection folder
do not use subfolder 'collection-cache' for 'history' cache file structure instead of inside collection folder (opposite of --storage-use-cache-subfolder-forhistory)
use subfolder 'collection-cache' for 'sync-token' cache file structure instead of inside collection folder
do not use subfolder 'collection-cache' for 'synctoken' cache file structure instead of inside collection folder (opposite of --storage-use-cachesubfolder-for-synctoken)
use mtime and file size instead of SHA256 for 'item' cache (improves speed)
do not use mtime and file size instead of SHA256 for 'item' cache (improves speed) (opposite of --storageuse-mtime-and-size-for-item-cache)
umask for folder creation (empty: system default)
delete sync token that are older
skip broken item instead of triggering exception
do not skip broken item instead of triggering exception (opposite of --storage-skip-broken-item)
command that is run after changes to storage
predefined user collections

hook:

backend specific options omitted
hook backend
dry-run (do not really trigger hook action)
do not dry-run (do not really trigger hook action) (opposite of --hook-dryrun)
endpoint where rabbitmq server is running
topic to declare queue
queue type for topic declaration
SMTP server to send emails
SMTP server port
SMTP security mode: *none*|tls|starttls
The certificate verification mode. Works for tls and starttls: NONE, OPTIONAL, default is REQUIRED
SMTP server username
SMTP server password
SMTP server password
Send one email to all attendees, versus one email per attendee
do not Send one email to all attendees, versus one email per attendee (opposite of --hook-mass-email)
Template for the email sent when an event is created or attendee is added. Select placeholder words prefixed with $ will be replaced
Template for the email sent when an event is deleted or attendee is removed. Select placeholder words prefixed with $ will be replaced
Template for the email sent when an event is updated. Select placeholder words prefixed with $ will be replaced

web:

backend specific options omitted
web interface backend

logging:

threshold for the logger
do not filter debug messages starting with 'TRACE'
do not do not filter debug messages starting with 'TRACE' (opposite of --logging-trace-on-debug)
filter debug messages starting with 'TRACE/<TOKEN>'
log bad PUT request content
do not log bad PUT request content (opposite of --logging-bad-put-request-content)
log backtrace on level=debug
do not log backtrace on level=debug (opposite of --logging-backtrace-on-debug)
log request header on level=debug
do not log request header on level=debug (opposite of --logging-request-header-on-debug)
log request content on level=debug
do not log request content on level=debug (opposite of --logging-request-content-on-debug)
log response content on level=debug
do not log response content on level=debug (opposite of --logging-response-content-on-debug)
log rights rules which doesn't match on level=debug
do not log rights rules which doesn't match on level=debug (opposite of --logging-rights-rule-doesntmatch-on-debug)
log storage cache action on level=debug
do not log storage cache action on level=debug (opposite of --logging-storage-cache-actions-on-debug)
mask passwords in logs
do not mask passwords in logs (opposite of --loggingmask-passwords)

headers:

additional options allowed (e.g. --headers-Pragma=no-cache)

reporting:

number of occurrences per event when reporting
August 2025 radicale 3.5.5-1