ROOH/openclaw-caldav
1
0
Fork 1
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

policies: add standard docs policy files #1

Open
sol wants to merge 1 commits from sol/openclaw-caldav:policies/add-standard-files into main
pull from: sol/openclaw-caldav:policies/add-standard-files
merge into: ROOH:main
Conversation 0 Commits 1 Files Changed 9 +161 -13
9 changed files with 161 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
.editorconfig Normal file
View File

@ -0,0 +1,9 @@
root = true
[*]
indent_style = space
indent_size = 2
end_of_line = lf
charset = utf-8
trim_trailing_whitespace = true
insert_final_newline = true

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
node_modules/

3
.prettierignore Normal file
View File

@ -0,0 +1,3 @@
node_modules/
*.sh
package-lock.json

6
.prettierrc Normal file
View File

@ -0,0 +1,6 @@
{
"singleQuote": true,
"trailingComma": "all",
"printWidth": 100,
"tabWidth": 2
}

17
Makefile Normal file
View File

@ -0,0 +1,17 @@
export NODE_ENV := development
.PHONY: check install fmt fmt-check secret-scan
check: install fmt-check secret-scan
install:
npm install
fmt:
npx prettier --write .
fmt-check:
npx prettier --check .
secret-scan:
bash tools/secret-scan.sh .

29
README.md
View File

@ -12,13 +12,13 @@ One-command deployment of **Radicale CalDAV/CardDAV** on Ubuntu/Debian, pre-conf
## Prerequisites
| Requirement | Details |
|---|---|
| **OS** | Ubuntu 20.04+ / Debian 11+ |
| **Access** | Root (sudo) |
| **Ports** | 80 and 443 open to the internet |
| **DNS** | A record pointing your domain to this server's IP |
| **RAM** | 512 MB minimum |
| Requirement | Details |
| ----------- | ------------------------------------------------- |
| **OS** | Ubuntu 20.04+ / Debian 11+ |
| **Access** | Root (sudo) |
| **Ports** | 80 and 443 open to the internet |
| **DNS** | A record pointing your domain to this server's IP |
| **RAM** | 512 MB minimum |
## Quick Start
@ -32,6 +32,7 @@ sudo bash install.sh
```
The wizard will ask you for:
1. **Domain name** (e.g. `cal.example.com`)
2. **Email** (for Let's Encrypt SSL)
3. **CalDAV username & password**
@ -41,11 +42,13 @@ The wizard will ask you for:
## Client Setup
### Apple Calendar (macOS / iOS)
1. Settings → Accounts → Add Account → Other → CalDAV
2. Server: `https://YOUR_DOMAIN`
3. Username & password as configured
### Thunderbird / GNOME Calendar
- URL: `https://YOUR_DOMAIN/USERNAME/calendar.ics/`
## OpenClaw Integration
@ -90,12 +93,12 @@ docker compose ps
## Troubleshooting
| Issue | Fix |
|---|---|
| SSL cert failed | Verify DNS A record; check ports 80/443 are open |
| 401 Unauthorized | Check `config/users` file has the correct user entry |
| Container won't start | Check logs: `docker compose logs radicale` |
| Can't sync calendar | Ensure client URL ends with `/username/calendar.ics/` |
| Issue | Fix |
| --------------------- | ----------------------------------------------------- |
| SSL cert failed | Verify DNS A record; check ports 80/443 are open |
| 401 Unauthorized | Check `config/users` file has the correct user entry |
| Container won't start | Check logs: `docker compose logs radicale` |
| Can't sync calendar | Ensure client URL ends with `/username/calendar.ics/` |
## License

31
package-lock.json generated Normal file
View File

@ -0,0 +1,31 @@
{
"name": "openclaw-caldav",
"version": "1.0.0",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "openclaw-caldav",
"version": "1.0.0",
"devDependencies": {
"prettier": "^3.2.0"
}
},
"node_modules/prettier": {
"version": "3.8.1",
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.8.1.tgz",
"integrity": "sha512-UOnG6LftzbdaHZcKoPFtOcCKztrQ57WkHDeRD9t/PTQtmT0NHSeWWepj6pS0z/N7+08BHFDQVUrfmfMRcZwbMg==",
"dev": true,
"license": "MIT",
"bin": {
"prettier": "bin/prettier.cjs"
},
"engines": {
"node": ">=14"
},
"funding": {
"url": "https://github.com/prettier/prettier?sponsor=1"
}
}
}
}

9
package.json Normal file
View File

@ -0,0 +1,9 @@
{
"name": "openclaw-caldav",
"version": "1.0.0",
"private": true,
"description": "OpenClaw CalDAV Integration",
"devDependencies": {
"prettier": "^3.2.0"
}
}

69
tools/secret-scan.sh Executable file
View File

@ -0,0 +1,69 @@
#!/usr/bin/env bash
# secret-scan.sh — Scans for private keys and high-entropy secrets
# Usage: bash tools/secret-scan.sh [directory]
# Uses .secret-scan-allowlist for false positives (one file path per line)
set -e
SCAN_DIR="${1:-.}"
ALLOWLIST=".secret-scan-allowlist"
FINDINGS=0
# Build find exclusions
EXCLUDES=(-not -path "*/node_modules/*" -not -path "*/.git/*" -not -path "*/coverage/*" -not -path "*/dist/*")
# Load allowlist
ALLOWLIST_PATHS=()
if [ -f "$ALLOWLIST" ]; then
while IFS= read -r line || [ -n "$line" ]; do
[[ "$line" =~ ^#.*$ || -z "$line" ]] && continue
ALLOWLIST_PATHS+=("$line")
done < "$ALLOWLIST"
fi
is_allowed() {
local file="$1"
for allowed in "${ALLOWLIST_PATHS[@]}"; do
if [[ "$file" == *"$allowed"* ]]; then
return 0
fi
done
return 1
}
echo "Scanning $SCAN_DIR for secrets..."
# Scan for private keys
while IFS= read -r file; do
[ -f "$file" ] || continue
is_allowed "$file" && continue
if grep -qE '-----BEGIN (RSA |EC |OPENSSH |DSA )?PRIVATE KEY-----' "$file" 2>/dev/null; then
echo "FINDING [private-key]: $file"
FINDINGS=$((FINDINGS + 1))
fi
done < <(find "$SCAN_DIR" "${EXCLUDES[@]}" -type f)
# Scan for high-entropy hex strings (40+ chars)
while IFS= read -r file; do
[ -f "$file" ] || continue
is_allowed "$file" && continue
if grep -qE '[0-9a-f]{40,}' "$file" 2>/dev/null; then
# Filter out common false positives (git SHAs in lock files, etc.)
BASENAME=$(basename "$file")
if [[ "$BASENAME" != "package-lock.json" && "$BASENAME" != "*.lock" ]]; then
MATCHES=$(grep -oE '[0-9a-f]{40,}' "$file" 2>/dev/null || true)
if [ -n "$MATCHES" ]; then
echo "FINDING [high-entropy-hex]: $file"
FINDINGS=$((FINDINGS + 1))
fi
fi
fi
done < <(find "$SCAN_DIR" "${EXCLUDES[@]}" -type f -not -name "package-lock.json" -not -name "*.lock")
if [ "$FINDINGS" -gt 0 ]; then
echo "secret-scan: $FINDINGS finding(s) — FAIL"
exit 1
else
echo "secret-scan: clean — PASS"
exit 0
fi