Debian shared
From Davical
References:
Base to proceed
- Web server. This guide is intended to environments where there can be more than one DAViCal instance, and permissions are not open to other users in the system or in Apache websites.
- Disk requirements (OS+software+data): Minimum?, Recommended?
- Memory requirements: Minimum?, Recommended?
- Example public URL is https://calendar.example.net/
- Basic steps taken from https://www.davical.org/installation.php
- Tested in Debian 10, with repositories DAViCal 1.1.8
If server lacks of web service
sudo apt update sudo apt install task-web-server
Procedure
Installation
- Install packages:
apt update apt install davical
- Prepare the DAViCal database values
DatabaseName=mycaldb DBUsername_dba=mycaluser_dba DBUsername_app=mycaluser_app DBPassword=12345 AdminPassword=1234
- Add open permissions temporarily for the installation scripts:
PgMainVersion="$(psql --version | grep -ie "sql" | tr -s " " "\n" | tail --lines=1 | cut -f 1 -d ".")" PgConfig="$(ls /etc/postgresql/${PgMainVersion}*/main/pg_hba.conf)" sudo cp -a "$PgConfig" "${PgConfig}.davical-bak" echo "# Permissions for the DAViCal CMS" | sudo tee "$PgConfig" echo "local $DatabaseName $DBUsername_dba trust" | sudo tee -a "$PgConfig" echo "local $DatabaseName $DBUsername_app trust" | sudo tee -a "$PgConfig" echo "" | sudo tee -a "$PgConfig" sudo cat "${PgConfig}.davical-bak" | sudo tee -a "$PgConfig" sudo systemctl reload postgresql
- Apply a temporary patch to creation script:
CScript="$(ls /usr/share/davical/dba/create-database.sh)" sudo dpkg-divert --local --rename --add "$CScript" sudo cp -a "${CScript}.distrib" "$CScript" sudo sed -i "s/DBNAME=.*/DBNAME=${DatabaseName}/g" "$CScript" sudo sed -i "s/AWL_DBAUSER=.*/AWL_DBAUSER=${DBUsername_dba}/g" "$CScript" sudo sed -i "s/AWL_APPUSER=.*/AWL_APPUSER=${DBUsername_app}/g" "$CScript"
- Apply a temporary patch to update script:
UScript="$(ls /usr/share/davical/dba/update-davical-database)" sudo dpkg-divert --local --rename --add "$UScript" sudo cp -a "${UScript}.distrib" "$UScript" sudo sed -i "s/\$dbname = .*/\$dbname = \"${DatabaseName}\";/g" "$UScript" sudo sed -i "s/\$dbuser = .*/\$dbuser = \"${DBUsername_dba}\";/g" "$UScript" sudo sed -i "s/\$appuser = .*/\$appuser = \"${DBUsername_app}\";/g" "$UScript" sudo sed -i "s/\$dbpass = .*/\$dbpass = \"${DBPassword}\";/g" "$UScript"
- (only fresh install) Run main installation script and take note of the shown password for the 'admin' user:
sudo su -l postgres -c "$CScript" "$DatabaseName" "$AdminPassword"
- (only restoration of a backup) Restore data and run update script:
echo "DROP DATABASE IF EXISTS mycaldb;" | sudo su -l postgres -c psql echo "DROP USER IF EXISTS mycaluser_dba;" | sudo su -l postgres -c psql sudo su -l postgres -c "psql --quiet --file mycaluser_dba.pgdump" echo "DROP USER IF EXISTS mycaluser_app;" | sudo su -l postgres -c psql sudo su -l postgres -c "psql --quiet --file mycaluser_app.pgdump" sudo su -l postgres -c "psql --quiet --file mycaldb.pgdump" sudo su -l postgres -c "$UScript"
- Restore installation scripts to original paths:
sudo rm "$UScript" sudo dpkg-divert --local --rename --remove "$UScript" sudo rm "$CScript" sudo dpkg-divert --local --rename --remove "$CScript"
(only fresh install) Set password authentication for the database:
echo "ALTER USER $DBUsername_dba WITH PASSWORD '${DBPassword}';" | sudo su -l postgres -c psql echo "ALTER USER $DBUsername_app WITH PASSWORD '${DBPassword}';" | sudo su -l postgres -c psql
- Create local configuration file to not be overwritten on package updates (FQDN calendar.example.net assumed here):
sudo cp -a /etc/davical/config.php /etc/davical/calendar.example.net.org-conf.php
Site configuration
- Reconfigure local CMS parameters at /etc/davical/config.php
$c->pg_connect[] = "dbname=DatabaseName user=DBUsername_app password=DBPassword";
And at least:
system_name admin_email restrict_setup_to_admin default_privileges template_usr http_auth_mode default_locale enable_scheduling trust_x_forwarded
- Following are value examples for Apache virtualhost:
<VirtualHost ...> DocumentRoot /usr/share/davical/htdocs RewriteEngine On # Filter all files that do not exist RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d # and redirect them to our caldav.php RewriteRule ^(.*)$ /caldav.php/$1 [NC,L] php_value include_path /usr/share/awl/inc php_value magic_quotes_gpc 0 php_value magic_quotes_runtime 0 php_value register_globals 0 php_value default_charset "utf-8" php_admin_value open_basedir /usr/share/davical/:/usr/share/awl/inc/:/etc/davical/ </VirtualHost>
(Apache may need to be configured in ports.conf to listen also ports 8008 and 8800)
- Enable Apache website if it wasn't:
sudo a2ensite calendar.example.net sudo apachectl graceful
- Admin email address will be shown in clear on some public pages. If you waht to filter this, you can enable "substitute" module on apache:
sudo a2enmod substitute systemctl restart apache2
And add a directive like this to Apache's virtualhost:
<Location "/"> AddOutputFilterByType SUBSTITUTE text/html Substitute "s/admin@example.net/admin AT example.net/ni" </Location>
Login to DAViCAL Admin
If all is going well you should now be able to browse to the site pages and log in as 'admin' with the password set during installation.
Usual administration tasks
Reset the admin password
Useful after an installation, when we want to be sure of our wanted password (example for database name "MyCalendars" and password "1234")
echo "UPDATE usr SET password = '**1234' WHERE user_no=1;" | sudo su -l postgres -c "psql --dbname MyCalendars"
Backup all data
- Database (example for accessing mycaldb with user "mycaluser" and password "12345")
env PGPASSWORD=12345 pg_dump --create --inserts --attribute-inserts --disable-dollar-quoting --username=mycaluser -f "mycaldb.pgdump" mycaldb
- PostgreSql users/roles (example for mycaluser_dba + mycaluser_app)
cat /dev/null > mycaluser_dba.pgdump sudo su -l postgres -c "pg_dumpall --roles-only" | grep -e " ROLE mycaluser_dba;" >> mycaluser_dba.pgdump sudo su -l postgres -c "pg_dumpall --roles-only" | grep -e " ROLE mycaluser_dba " >> mycaluser_dba.pgdump cat /dev/null > mycaluser_app.pgdump sudo su -l postgres -c "pg_dumpall --roles-only" | grep -e " ROLE mycaluser_app;" >> mycaluser_app.pgdump sudo su -l postgres -c "pg_dumpall --roles-only" | grep -e " ROLE mycaluser_app " >> mycaluser_app.pgdump
- CMS configuration:
/etc/davical/calendar.example.net-conf.php
- Apache site profile:
/etc/apache2/sites-available/calendar.example.net