Git integration with systemd service

[jsosulski]

I had some issues getting the git version control running as a systemd unit.
After some looking through the issues, especially #876 (comment), i.e. that we need to init git config for user radicale to allow commits I fixed most issues.

After adding --debug to the systemd service execstart command, the following line / error was getting my attention:

fatal: Unable to create '/var/lib/radicale/.git/index.lock': Read-only file system

I noticed that in the default systemd configuration there is an optional line for security purposes:

ReadWritePaths=/var/lib/radicale/collections

This prevents radicale from acquiring a writable lock on /var/lib/radicale/.git/index (I guess). I fixed it for now by changing the line to:

ReadWritePaths=/var/lib/radicale

By doing this, are there serious security implications I am not aware of? If not, I could submit a PR to note this peculiarity when using systemd with git in the documentation.

[tyll]

ReadWritePaths=/var/lib/radicale

looks safe to me since there is nothing else in that path - I am not a Radicale developer, though.