New blogpost:
"Testing Radicale, a self-hosted FOSS CalDAV and CardDAV Server"
Setting it up was easy.
Importing my calendar appointments history was not.
It doesn't have calendar sharing, and I'm on the fence as to whether this will be a deal breaker.
https://neilzone.co.uk/2026/01/testing-radicale-a-self-hosted-foss-caldav-and-carddav-server/
@neil If calendar sharing is a dealbreaker I can greatly recommend Baikal (https://github.com/sabre-io/Baikal). We use it in our family, and we have multiple calendars shared with each other.
My biggest gripe with it is that the procedure to share a calendar requires someone tech-savvy.
@neil I wrote my own authorisation module for Radicale. Authentication is done against IMAP which in turn uses LDAP against AD. Once authenticated, calendars can be set to no-access/read-only/read-write to owner, users, groups, anonymous, etc. Shared access works great with #Thunderbird, @davx5app, a general read-only web view (operating on raw .ics files so you can see what is really synced) and a caldav system I glued together for Roundcube.
@neil i'm using the symlink fudge and it works well enough for us…
@neil My husband and I have a shared calendar with radicale. I also shared a calendar with a bunch of people we went on vacation with two years back.
However, we are using Radicale by doing all auth at the reverse proxy (https client certificates), so basically any access control besides that comes from knowing the calendar url (with the uuid, so it should be unguessable).
Given that we both have sudo rights on that server, that didn't violate our threat model.
Yes, I am content with it from a security point of view; I am more concerned about accidentally adding or (worse) removing stuff from the wrong calendar!
@neil Hmm, yes. I don't know any way of write protection in that case.
