taskd is a lightweight, secure server providing multi-user, multi-client access to task data. This allows true syncing between desktop and mobile clients.
taskd is available in the AUR asAUR and AUR.
SetupOnce taskd is installed, you need to set it up. The first step is to
export TASKDDATA=/var/lib/taskd(otherwise you need to append
--data /var/lib/taskdto every taskd command).
Next, edit the
/usr/share/doc/taskd/pki/vars file. The
CN= line must either match the server's hostname or IP address, depending on how you connect. Once the file is edited to your heart's content, change to the directory
/usr/share/doc/taskd/pki/ and run
./generate. This will create selfsigned certificates for your server. Copy all generated *.pem-files to
/var/lib/taskd. Note that at least the ca.cert.pem must remain in the pki folder for the user-certificate generation later on.
Now you need to configure the taskd config. This can be done by either using
taskd config or editing
taskd config --force client.cert $TASKDDATA/client.cert.pem taskd config --force client.key $TASKDDATA/client.key.pem taskd config --force server.cert $TASKDDATA/server.cert.pem taskd config --force server.key $TASKDDATA/server.key.pem taskd config --force server.crl $TASKDDATA/server.crl.pem taskd config --force ca.cert $TASKDDATA/ca.cert.pem
Additionally you should change where taskd logs to, since the default is /tmp/log. This can be done by running
touch /var/log/taskd.log chown taskd:taskd /var/log/taskd.log taskd config --force log /var/log/taskd.log
The last step is to set taskd's server name, which must be the same as the one used in the certificates:
taskd config --force server servername:port. Note that taskd has no default port and it must be set manually.
Adding a user in taskd
taskd knows about groups and users, and each user must be in a group. The group- and usernames can be whatever you want.
taskd add org group taskd add user group username
Note the key the last command returns, the user will need it to synchronize.
Make sure new group and user are readable by user taskd.
chown -R taskd:taskd /var/lib/taskd/orgsReturn to
./generate.client usernameThis will return username.cert.pem and username.key.pem.
The username.key.pem, username.cert.pem and ca.cert.pem must be added to the user's
Once the *.pem files are added to
~/.task, they must be added to the task config, along with the servername and unique ID.
task config taskd.certificate ~/.task/username.cert.pem task config taskd.key ~/.task/username.key.pem task config taskd.ca ~/.task/ca.cert.pem task config taskd.server servername:port task config taskd.credentials group/username/key
After you're done, check the config file. task likes to escape slashes.
After running a
task sync init, the user is able to synchronize taskwarrior whereever pleased.
Using the Android Taskwarrior app
Before you even download the android app, you need to create a folder. On your external storage (or if you only have an internal one, then there) create the folder
Android/data/kvj.taskw/files/key where "key" is the same as the key given when creating the user in taskd. Then add the username.key.pem, username.cert.pem and ca.cert.pem files to that folder. Create a new file in that folder called
.taskrc.android. It should look like this:
taskd.server=servername:port taskd.credentials=group/username/key taskd.certificate=username.cert.pem taskd.key=username.key.pem taskd.ca=ca.cert.pem
Ensure that the config file
.taskrc.android has a newline at the end. Otherwise, it will not be parsed correctly.
Now download the app and start it. When adding a profile, choose the datafolder you just created. Taskwarrior should now sync and work as expected.
Should the server be unreachable but running, it bound itself to an IPv6 address. You can force IPv4 by adding
/var/lib/taskd/config. Restart taskd afterwards.
If the server responds with a "Bad Key" error even though you just generated them, check the permissions of the created folders (everything in
/var/lib/taskd/ and subfolders). taskd doesn't set it's own uid / gid, so those folders must be manually chowned to taskd.