Synology DS211: Difference between revisions

From Davical
Jump to navigationJump to search
(Created page, still needs formatting)
 
(Add formatting)
Line 1: Line 1:
==Synology DS 211 with DSM 5.0==
=Synology DS 211 with DSM 5.0=


From Daniel via the DAViCal-General mailing list:
From Daniel via the [https://sourceforge.net/p/davical/mailman/message/32515648/ DAViCal-General mailing list]:


Experiences with installing DAViCal on a Synology DS211 with DSM 5.0. My starting point was a script previously published by CyberLine on GitHub Gist (https://gist.github.com/CyberLine/3755721/). Unfortunately, the script would not work out of the box, so here is what I had to do. Please note that the following is not meant to be run as a script. Rather, use it as copy-paste base for your terminal.
Experiences with installing DAViCal on a Synology DS211 with DSM 5.0. My starting point was a script previously published by CyberLine on GitHub Gist (https://gist.github.com/CyberLine/3755721/). Unfortunately, the script would not work out of the box, so here is what I had to do. Please note that the following is not meant to be run as a script. Rather, use it as copy-paste base for your terminal.


# Install bootstrap package first.
* Install bootstrap package first.
# See: http://forum.synology.com/wiki/index.php/How_to_Install_Bootstrap
** See: http://forum.synology.com/wiki/index.php/How_to_Install_Bootstrap


# The installation of optware-devel is buggy because of a conflict between wget-ssl and wget. It is not possible to just uninstall wget, because it is needed for ipkg. So, first fetch the new wget-ssl, then remove the old and install the new:
* The installation of optware-devel is buggy because of a conflict between wget-ssl and wget. It is not possible to just uninstall wget, because it is needed for ipkg. So, first fetch the new wget-ssl, then remove the old and install the new:
wget http://ipkg.nslu2-linux.org/feeds/optware/cs08q1armel/cross/unstable/wget-ssl_1.12-2_arm.ipk
wget http://ipkg.nslu2-linux.org/feeds/optware/cs08q1armel/cross/unstable/wget-ssl_1.12-2_arm.ipk
ipkg remove wget && ipkg install wget-ssl_1.12-2_arm.ipk
ipkg remove wget && ipkg install wget-ssl_1.12-2_arm.ipk


# Now, install system tools and second postgres
* Now, install system tools and second postgres
ipkg install perl perl-dbi make sed postgresql binutils busybox optware-devel
ipkg install perl perl-dbi make sed postgresql binutils busybox optware-devel


# patch postgres config for non conflicting if not exists
* Patch postgres config for non conflicting if not exists
if [ "0" == $(egrep '^port = 5433$' /opt/var/pgsql/data/postgresql.conf | wc -l) ]; then
if [ "0" == $(egrep '^port = 5433$' /opt/var/pgsql/data/postgresql.conf | wc -l) ]; then
    echo "port = 5433" >> /opt/var/pgsql/data/postgresql.conf
    echo "port = 5433" >> /opt/var/pgsql/data/postgresql.conf
fi;
fi;


# install needed host entries for davical
* Install needed host entries for DAViCal
if [ "0" == $(grep davical /opt/var/pgsql/data/pg_hba.conf | wc -l) ]; then
if [ "0" == $(grep davical /opt/var/pgsql/data/pg_hba.conf | wc -l) ]; then
    echo -a "local  davical    davical_app  trust\nlocal  davical    davical_dba  trust" >> /opt/var/pgsql/data/pg_hba.conf
    echo -a "local  davical    davical_app  trust\nlocal  davical    davical_dba  trust" >> /opt/var/pgsql/data/pg_hba.conf
fi;
fi;


# start the installed postgres cluster
* Start the installed postgres cluster
/opt/etc/init.d/S98postgresql start
/opt/etc/init.d/S98postgresql start


* Install needed perl packages.
Installation of CPAN does not work out of the box ("Can't locate CPAN/Meta/Requirements.pm"). I solved this by:
cpan CPAN::Meta
This will draw in a number of other dependencies, just confirm all dialogs. This step takes a looong time!
* Now, the following should work:
cpan -fi CPAN YAML


# install needed perl packaged
* Build the perl package for davical installation
# Installation of CPAN does not work out of the box ("Can't locate CPAN/Meta/Requirements.pm"). I solved this by:
mkdir -p /usr/local/etc/davical
cpan CPAN::Meta
wget http://search.cpan.org/CPAN/authors/id/T/TU/TURNSTEP/DBD-Pg-2.19.3.tar.gz -O - | tar -xz -C /usr/local
# This will draw in a number of other dependencies, just confirm all dialogs. This step takes a looong time!
cd /usr/local/DBD-Pg-2.19.3 && perl Makefile.PL LD=/opt/bin/ld && make && make install
# Now, the following should work:
cpan -fi CPAN YAML


# build the perl package for davical installation
* Edit vhost file /opt/etc/apache2/conf.d/davical.vhost
mkdir -p /usr/local/etc/davical
        Alias /cal /opt/share/davical/htdocs
wget http://search.cpan.org/CPAN/authors/id/T/TU/TURNSTEP/DBD-Pg-2.19.3.tar.gz -O - | tar -xz -C /usr/local
        <Directory /opt/share/davical/htdocs/>
cd /usr/local/DBD-Pg-2.19.3 && perl Makefile.PL LD=/opt/bin/ld && make && make install
                AllowOverride None
        </Directory>
(i.e., no php directives, no virtual host!)


# Edit vhost file /opt/etc/apache2/conf.d/davical.vhost
* If you prefer a virtual host, create one in the DSM web interface linking to the sub directory "cal".
        Alias /cal /opt/share/davical/htdocs
        <Directory /opt/share/davical/htdocs/>
                AllowOverride None
        </Directory>
# (i.e., no php directives, no virtual host!)


# If you prefer a virtual host, create one in the DSM web interface linking to the sub directory "cal".
* Check for needed open_basedir modification.
I did this manually in DSM web interface, adding this to the open_basedir directive:
/opt/share/davical:/opt/share/awl/inc:/usr/local/etc/davical/
This will then be in /etc/php/conf.d/user-settings.ini


# check for needed open_basedir modification
* Append davical.vhost to the user apache if not exists
# I did this manually in DSM web interface, adding this to the open_basedir directive:
if [ "0" == $(egrep '^Include /opt/etc/apache2/conf.d/davical.vhost' /etc/httpd/conf/httpd.conf-user | wc -l) ]; then
/opt/share/davical:/opt/share/awl/inc:/usr/local/etc/davical/
    echo "Include /opt/etc/apache2/conf.d/davical.vhost" >> /etc/httpd/conf/httpd.conf-user
# This will then be in /etc/php/conf.d/user-settings.ini
fi;


# append davical.vhost to the user apache if not exists
* Restart the user apache
if [ "0" == $(egrep '^Include /opt/etc/apache2/conf.d/davical.vhost' /etc/httpd/conf/httpd.conf-user | wc -l) ]; then
/usr/syno/sbin/synoservicecfg --restart httpd-user
    echo "Include /opt/etc/apache2/conf.d/davical.vhost" >> /etc/httpd/conf/httpd.conf-user
fi;


#restart the user apache
* Install davical if not exists
/usr/syno/sbin/synoservicecfg --restart httpd-user
if [ ! -e "/opt/share/davical" ]; then
    wget http://debian.mcmillan.net.nz/packages/davical/davical-1.1.1.tar.gz -O - | tar -xz -C /opt/share/
    mv /opt/share/davical-1.1.1/ /opt/share/davical/
else
    echo "davical installation exists. nothing to do."
fi;


# install davical if not exists
* Install needed "awl" if not exists
if [ ! -e "/opt/share/davical" ]; then
if [ ! -e "/opt/share/awl/" ]; then
    wget http://debian.mcmillan.net.nz/packages/davical/davical-1.1.1.tar.gz -O - | tar -xz -C /opt/share/
    wget http://debian.mcmillan.net.nz/packages/awl/awl-0.53.tar.gz -O - | tar -xz -C /opt/share/
    mv /opt/share/davical-1.1.1/ /opt/share/davical/
    mv /opt/share/awl-0.53/ /opt/share/awl/
else
else
    echo "davical installation exists. nothing to do."
    echo "awl installation exists. nothing to do.";
fi;
fi;


# install needed "awl" if not exists
* Install davical database if not exists
if [ ! -e "/opt/share/awl/" ]; then
if [ "0" == $(psql -p 5433 -l template1 postgres | grep davical | wc -l) ]; then
    wget http://debian.mcmillan.net.nz/packages/awl/awl-0.53.tar.gz -O - | tar -xz -C /opt/share/
    PGPORT=5433 PGUSER=postgres /opt/share/davical/dba/create-database.sh
    mv /opt/share/awl-0.53/ /opt/share/awl/
fi;
else
    echo "awl installation exists. nothing to do.";
fi;


# install davical database if not exists
* Adjust connect string in DAViCal config (/opt/share/davical/config/example-config.php):
if [ "0" == $(psql -p 5433 -l template1 postgres | grep davical | wc -l) ]; then
$c->pg_connect[] = "dbname=davical port=5433 user=davical_app host=localhost";
    PGPORT=5433 PGUSER=postgres /opt/share/davical/dba/create-database.sh
fi;


# adjust connect string in DAViCal config (/opt/share/davical/config/example-config.php):
* Soft link sample config files for each interface if not exists
$c->pg_connect[] = "dbname=davical port=5433 user=davical_app host=localhost";
for ADDR in $(ip -4  addr list | grep inet | awk '{print $2}' | awk -F '/' '{print $1}'); do
 
    if [ ! -e "/usr/local/etc/davical/$ADDR-conf.php" ]; then
# soft link sample config files for each interface if not exists
        ln -s /opt/share/davical/config/example-config.php /usr/local/etc/davical/$ADDR-conf.php
for ADDR in $(ip -4  addr list | grep inet | awk '{print $2}' | awk -F '/' '{print $1}'); do
    fi;
    if [ ! -e "/usr/local/etc/davical/$ADDR-conf.php" ]; then
done;
        ln -s /opt/share/davical/config/example-config.php /usr/local/etc/davical/$ADDR-conf.php
* Make also a softlink for possible DNS entries you want to use (.../your.domain.tld-conf.php).
    fi;
done;
# Make also a softlink for possible DNS entries you want to use (.../your.domain.tld-conf.php).


Now, the installation should work. Point your browser to your diskstation IP/cal and complete DAViCal setup.
Now, the installation should work. Point your browser to your diskstation IP/cal and complete DAViCal setup.




# Using the DSM LDAP server for user management:
==Using the DSM LDAP server for user management==
# Add the following to your config /opt/share/davical/config/example-config.php:
Add the following to your config /opt/share/davical/config/example-config.php:
$c->authenticate_hook['call'] = 'LDAP_check';
$c->authenticate_hook['call'] = 'LDAP_check';
$c->authenticate_hook['config'] = array(
$c->authenticate_hook['config'] = array(
    'host' => 'localhost', //host name of your LDAP Server
    'host' => 'localhost', //host name of your LDAP Server
    'port' => '389',              //port
    'port' => '389',              //port
    'protocolVersion' => '3', //Version of LDAP protocol to use
    'protocolVersion' => '3', //Version of LDAP protocol to use
    'baseDNUsers'=> 'cn=users,dc=xxx,dc=xxx', //where to look at valid user
    'baseDNUsers'=> 'cn=users,dc=xxx,dc=xxx', //where to look at valid user
    'filterUsers' => 'objectClass=inetOrgPerson', //filter which must validate a user according to RFC4515, i.e. surrounded by brackets
    'filterUsers' => 'objectClass=inetOrgPerson', //filter which must validate a user according to RFC4515, i.e. surrounded by brackets
    'baseDNGroups' => 'cn=groups,dc=xxx,dc=xxx', //where to look for groups
    'baseDNGroups' => 'cn=groups,dc=xxx,dc=xxx', //where to look for groups
    'filterGroups' => 'objectClass=posixGroup', //filter with same rules as filterUsers
    'filterGroups' => 'objectClass=posixGroup', //filter with same rules as filterUsers
    'mapping_field' => array("username" => "cn",
    'mapping_field' => array("username" => "cn",
                            "modified" => "modifyTimestamp",
                              "modified" => "modifyTimestamp",
                            "fullname" => "gecos" ,
                              "fullname" => "gecos" ,
                            "email" =>"mail"
                              "email" =>"mail"
                            ), //used to create the user based on his ldap properties
                              ), //used to create the user based on his ldap properties
    'group_mapping_field' => array("username" => "cn",
    'group_mapping_field' => array("username" => "cn",
                            "updated" => "modifyTimestamp",
                              "updated" => "modifyTimestamp",
                            "fullname" => "description" ,
                              "fullname" => "description" ,
                            "members" =>"memberUid"
                              "members" =>"memberUid"
                            ), //used to create the group based on the ldap properties
                              ), //used to create the group based on the ldap properties
    'format_updated'=> array('Y' => array(0,4),'m' => array(4,2),'d'=> array(6,2),'H' => array(8,2),'M'=>array(10,2),'S' => array(12,2)),
    'format_updated'=> array('Y' => array(0,4),'m' => array(4,2),'d'=> array(6,2),'H' => array(8,2),'M'=>array(10,2),'S' => array(12,2)),
    );
    );
  $c->do_not_sync_from_ldap = array( 'admin' => true ); // do not affect admin account on ldap sync
  $c->do_not_sync_from_ldap = array( 'admin' => true ); // do not affect admin account on ldap sync
include('drivers_ldap.php');
include('drivers_ldap.php');




# Finally, in order to get LDAP to work, I had to edit the file /opt/share/davical/inc/Principal.php.
Finally, in order to get LDAP to work, I had to edit the file /opt/share/davical/inc/Principal.php.
# The reason is that Postgres on my DiskStation is really old (v 8.2.13) and does not seem to support some type casting used on LDAP sync.
The reason is that Postgres on my DiskStation is really old (v 8.2.13) and does not seem to support some type casting used on LDAP sync.
# Otherwise, on importing LDAP users, I get plenty of errors in the style "cannot write to database".
Otherwise, on importing LDAP users, I get plenty of errors in the style "cannot write to database".
# So what I did was to simply comment out line 540:
So what I did was to simply comment out line 540:
// $param_name = 'cast('.$param_name.' as text)::BIT(24)';
// $param_name = 'cast('.$param_name.' as text)::BIT(24)';
# I know this is really ugly but seemed to solve my issues.
I know this is really ugly but seemed to solve my issues.

Revision as of 02:17, 1 July 2014

Synology DS 211 with DSM 5.0

From Daniel via the DAViCal-General mailing list:

Experiences with installing DAViCal on a Synology DS211 with DSM 5.0. My starting point was a script previously published by CyberLine on GitHub Gist (https://gist.github.com/CyberLine/3755721/). Unfortunately, the script would not work out of the box, so here is what I had to do. Please note that the following is not meant to be run as a script. Rather, use it as copy-paste base for your terminal.

  • The installation of optware-devel is buggy because of a conflict between wget-ssl and wget. It is not possible to just uninstall wget, because it is needed for ipkg. So, first fetch the new wget-ssl, then remove the old and install the new:
wget http://ipkg.nslu2-linux.org/feeds/optware/cs08q1armel/cross/unstable/wget-ssl_1.12-2_arm.ipk
ipkg remove wget && ipkg install wget-ssl_1.12-2_arm.ipk
  • Now, install system tools and second postgres
ipkg install perl perl-dbi make sed postgresql binutils busybox optware-devel
  • Patch postgres config for non conflicting if not exists
if [ "0" == $(egrep '^port = 5433$' /opt/var/pgsql/data/postgresql.conf | wc -l) ]; then
    echo "port = 5433" >> /opt/var/pgsql/data/postgresql.conf
fi;
  • Install needed host entries for DAViCal
if [ "0" == $(grep davical /opt/var/pgsql/data/pg_hba.conf | wc -l) ]; then
    echo -a "local   davical    davical_app   trust\nlocal   davical    davical_dba   trust" >> /opt/var/pgsql/data/pg_hba.conf
fi;
  • Start the installed postgres cluster
/opt/etc/init.d/S98postgresql start
  • Install needed perl packages.

Installation of CPAN does not work out of the box ("Can't locate CPAN/Meta/Requirements.pm"). I solved this by:

cpan CPAN::Meta

This will draw in a number of other dependencies, just confirm all dialogs. This step takes a looong time!

  • Now, the following should work:
cpan -fi CPAN YAML
  • Build the perl package for davical installation
mkdir -p /usr/local/etc/davical
wget http://search.cpan.org/CPAN/authors/id/T/TU/TURNSTEP/DBD-Pg-2.19.3.tar.gz -O - | tar -xz -C /usr/local
cd /usr/local/DBD-Pg-2.19.3 && perl Makefile.PL LD=/opt/bin/ld && make && make install
  • Edit vhost file /opt/etc/apache2/conf.d/davical.vhost
        Alias /cal /opt/share/davical/htdocs
        <Directory /opt/share/davical/htdocs/>
                AllowOverride None
        </Directory>

(i.e., no php directives, no virtual host!)

  • If you prefer a virtual host, create one in the DSM web interface linking to the sub directory "cal".
  • Check for needed open_basedir modification.

I did this manually in DSM web interface, adding this to the open_basedir directive:

/opt/share/davical:/opt/share/awl/inc:/usr/local/etc/davical/

This will then be in /etc/php/conf.d/user-settings.ini

  • Append davical.vhost to the user apache if not exists
if [ "0" == $(egrep '^Include /opt/etc/apache2/conf.d/davical.vhost' /etc/httpd/conf/httpd.conf-user | wc -l) ]; then
    echo "Include /opt/etc/apache2/conf.d/davical.vhost" >> /etc/httpd/conf/httpd.conf-user
fi;
  • Restart the user apache
/usr/syno/sbin/synoservicecfg --restart httpd-user
  • Install davical if not exists
if [ ! -e "/opt/share/davical" ]; then
    wget http://debian.mcmillan.net.nz/packages/davical/davical-1.1.1.tar.gz -O - | tar -xz -C /opt/share/
    mv /opt/share/davical-1.1.1/ /opt/share/davical/
else
    echo "davical installation exists. nothing to do."
fi;
  • Install needed "awl" if not exists
if [ ! -e "/opt/share/awl/" ]; then
    wget http://debian.mcmillan.net.nz/packages/awl/awl-0.53.tar.gz -O - | tar -xz -C /opt/share/
    mv /opt/share/awl-0.53/ /opt/share/awl/
else
    echo "awl installation exists. nothing to do.";
fi;
  • Install davical database if not exists
if [ "0" == $(psql -p 5433 -l template1 postgres | grep davical | wc -l) ]; then
    PGPORT=5433 PGUSER=postgres /opt/share/davical/dba/create-database.sh
fi;
  • Adjust connect string in DAViCal config (/opt/share/davical/config/example-config.php):
$c->pg_connect[] = "dbname=davical port=5433 user=davical_app host=localhost";
  • Soft link sample config files for each interface if not exists
for ADDR in $(ip -4  addr list | grep inet | awk '{print $2}' | awk -F '/' '{print $1}'); do
    if [ ! -e "/usr/local/etc/davical/$ADDR-conf.php" ]; then
        ln -s /opt/share/davical/config/example-config.php /usr/local/etc/davical/$ADDR-conf.php
    fi;
done;
  • Make also a softlink for possible DNS entries you want to use (.../your.domain.tld-conf.php).

Now, the installation should work. Point your browser to your diskstation IP/cal and complete DAViCal setup.


Using the DSM LDAP server for user management

Add the following to your config /opt/share/davical/config/example-config.php:

$c->authenticate_hook['call'] = 'LDAP_check';
$c->authenticate_hook['config'] = array(
    'host' => 'localhost', //host name of your LDAP Server
    'port' => '389',              //port
    'protocolVersion' => '3', //Version of LDAP protocol to use
    'baseDNUsers'=> 'cn=users,dc=xxx,dc=xxx', //where to look at valid user
    'filterUsers' => 'objectClass=inetOrgPerson', //filter which must validate a user according to RFC4515, i.e. surrounded by brackets
    'baseDNGroups' => 'cn=groups,dc=xxx,dc=xxx', //where to look for groups
    'filterGroups' => 'objectClass=posixGroup', //filter with same rules as filterUsers
    'mapping_field' => array("username" => "cn",
                             "modified" => "modifyTimestamp",
                             "fullname" => "gecos" ,
                             "email" =>"mail"
                             ), //used to create the user based on his ldap properties
    'group_mapping_field' => array("username" => "cn",
                             "updated" => "modifyTimestamp",
                             "fullname" => "description" ,
                             "members" =>"memberUid"
                             ), //used to create the group based on the ldap properties
    'format_updated'=> array('Y' => array(0,4),'m' => array(4,2),'d'=> array(6,2),'H' => array(8,2),'M'=>array(10,2),'S' => array(12,2)),
    );
  $c->do_not_sync_from_ldap = array( 'admin' => true ); // do not affect admin account on ldap sync
include('drivers_ldap.php');


Finally, in order to get LDAP to work, I had to edit the file /opt/share/davical/inc/Principal.php. The reason is that Postgres on my DiskStation is really old (v 8.2.13) and does not seem to support some type casting used on LDAP sync. Otherwise, on importing LDAP users, I get plenty of errors in the style "cannot write to database". So what I did was to simply comment out line 540:

// $param_name = 'cast('.$param_name.' as text)::BIT(24)';

I know this is really ugly but seemed to solve my issues.