mirrors
/
Radicale
kopia lustrzana https://github.com/Kozea/Radicale


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259
							# This file is part of Radicale Server - Calendar Server
# Copyright © 2008-2017 Guillaume Ayoub
# Copyright © 2008 Nicolas Kandel
# Copyright © 2008 Pascal Halter
#
# This library is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Radicale.  If not, see <http://www.gnu.org/licenses/>.

"""
Radicale configuration module.

Give a configparser-like interface to read and write configuration.

"""

import math
import os
from collections import OrderedDict
from configparser import RawConfigParser as ConfigParser

from . import auth, rights, storage, web


def positive_int(value):
    value = int(value)
    if value < 0:
        raise ValueError("value is negative: %d" % value)
    return value


def positive_float(value):
    value = float(value)
    if not math.isfinite(value):
        raise ValueError("value is infinite")
    if math.isnan(value):
        raise ValueError("value is not a number")
    if value < 0:
        raise ValueError("value is negative: %f" % value)
    return value


# Default configuration
INITIAL_CONFIG = OrderedDict([
    ("server", OrderedDict([
        ("hosts", {
            "value": "127.0.0.1:5232",
            "help": "set server hostnames including ports",
            "aliases": ["-H", "--hosts"],
            "type": str}),
        ("daemon", {
            "value": "False",
            "help": "launch as daemon",
            "aliases": ["-d", "--daemon"],
            "opposite": ["-f", "--foreground"],
            "type": bool}),
        ("pid", {
            "value": "",
            "help": "set PID filename for daemon mode",
            "aliases": ["-p", "--pid"],
            "type": str}),
        ("max_connections", {
            "value": "20",
            "help": "maximum number of parallel connections",
            "type": positive_int}),
        ("max_content_length", {
            "value": "10000000",
            "help": "maximum size of request body in bytes",
            "type": positive_int}),
        ("timeout", {
            "value": "10",
            "help": "socket timeout",
            "type": positive_int}),
        ("ssl", {
            "value": "False",
            "help": "use SSL connection",
            "aliases": ["-s", "--ssl"],
            "opposite": ["-S", "--no-ssl"],
            "type": bool}),
        ("certificate", {
            "value": "/etc/ssl/radicale.cert.pem",
            "help": "set certificate file",
            "aliases": ["-c", "--certificate"],
            "type": str}),
        ("key", {
            "value": "/etc/ssl/radicale.key.pem",
            "help": "set private key file",
            "aliases": ["-k", "--key"],
            "type": str}),
        ("certificate_authority", {
            "value": "",
            "help": "set CA certificate for validating clients",
            "aliases": ["--certificate-authority"],
            "type": str}),
        ("protocol", {
            "value": "PROTOCOL_TLSv1_2",
            "help": "SSL protocol used",
            "type": str}),
        ("ciphers", {
            "value": "",
            "help": "available ciphers",
            "type": str}),
        ("dns_lookup", {
            "value": "True",
            "help": "use reverse DNS to resolve client address in logs",
            "type": bool}),
        ("realm", {
            "value": "Radicale - Password Required",
            "help": "message displayed when a password is needed",
            "type": str})])),
    ("encoding", OrderedDict([
        ("request", {
            "value": "utf-8",
            "help": "encoding for responding requests",
            "type": str}),
        ("stock", {
            "value": "utf-8",
            "help": "encoding for storing local collections",
            "type": str})])),
    ("auth", OrderedDict([
        ("type", {
            "value": "none",
            "help": "authentication method",
            "type": str,
            "internal": auth.INTERNAL_TYPES}),
        ("htpasswd_filename", {
            "value": "/etc/radicale/users",
            "help": "htpasswd filename",
            "type": str}),
        ("htpasswd_encryption", {
            "value": "bcrypt",
            "help": "htpasswd encryption method",
            "type": str}),
        ("delay", {
            "value": "1",
            "help": "incorrect authentication delay",
            "type": positive_float})])),
    ("rights", OrderedDict([
        ("type", {
            "value": "owner_only",
            "help": "rights backend",
            "type": str,
            "internal": rights.INTERNAL_TYPES}),
        ("file", {
            "value": "/etc/radicale/rights",
            "help": "file for rights management from_file",
            "type": str})])),
    ("storage", OrderedDict([
        ("type", {
            "value": "multifilesystem",
            "help": "storage backend",
            "type": str,
            "internal": storage.INTERNAL_TYPES}),
        ("filesystem_folder", {
            "value": os.path.expanduser(
                "/var/lib/radicale/collections"),
            "help": "path where collections are stored",
            "type": str}),
        ("max_sync_token_age", {
            "value": 2592000,  # 30 days
            "help": "delete sync token that are older",
            "type": int}),
        ("filesystem_fsync", {
            "value": "True",
            "help": "sync all changes to filesystem during requests",
            "type": bool}),
        ("filesystem_locking", {
            "value": "True",
            "help": "lock the storage while accessing it",
            "type": bool}),
        ("filesystem_close_lock_file", {
            "value": "False",
            "help": "close the lock file when no more clients are waiting",
            "type": bool}),
        ("hook", {
            "value": "",
            "help": "command that is run after changes to storage",
            "type": str})])),
    ("web", OrderedDict([
        ("type", {
            "value": "internal",
            "help": "web interface backend",
            "type": str,
            "internal": web.INTERNAL_TYPES})])),
    ("logging", OrderedDict([
        ("config", {
            "value": "",
            "help": "logging configuration file",
            "type": str}),
        ("debug", {
            "value": "False",
            "help": "print debug information",
            "aliases": ["-D", "--debug"],
            "type": bool}),
        ("full_environment", {
            "value": "False",
            "help": "store all environment variables",
            "type": bool}),
        ("mask_passwords", {
            "value": "True",
            "help": "mask passwords in logs",
            "type": bool})]))])


def load(paths=(), extra_config=None, ignore_missing_paths=True):
    config = ConfigParser()
    for section, values in INITIAL_CONFIG.items():
        config.add_section(section)
        for key, data in values.items():
            config.set(section, key, data["value"])
    if extra_config:
        for section, values in extra_config.items():
            for key, value in values.items():
                config.set(section, key, value)
    for path in paths:
        if path or not ignore_missing_paths:
            try:
                if not config.read(path) and not ignore_missing_paths:
                    raise RuntimeError("No such file: %r" % path)
            except Exception as e:
                raise RuntimeError(
                    "Failed to load config file %r: %s" % (path, e)) from e
    # Check the configuration
    for section in config.sections():
        if section == "headers":
            continue
        if section not in INITIAL_CONFIG:
            raise RuntimeError("Invalid section %r in config" % section)
        allow_extra_options = ("type" in INITIAL_CONFIG[section] and
                               config.get(section, "type") not in
                               INITIAL_CONFIG[section]["type"].get("internal",
                                                                   ()))
        for option in config[section]:
            if option not in INITIAL_CONFIG[section]:
                if allow_extra_options:
                    continue
                raise RuntimeError("Invalid option %r in section %r in "
                                   "config" % (option, section))
            type_ = INITIAL_CONFIG[section][option]["type"]
            try:
                if type_ == bool:
                    config.getboolean(section, option)
                else:
                    type_(config.get(section, option))
            except Exception as e:
                raise RuntimeError(
                    "Invalid %s value for option %r in section %r in config: "
                    "%r" % (type_.__name__, option, section,
                            config.get(section, option))) from e
    return config