Synology DS211: Difference between revisions
(Add formatting) |
(#704069) |
||
Line 114: | Line 114: | ||
), //used to create the user based on his ldap properties | ), //used to create the user based on his ldap properties | ||
'group_mapping_field' => array("username" => "cn", | 'group_mapping_field' => array("username" => "cn", | ||
" | "modified" => "modifyTimestamp", | ||
"fullname" => "description" , | "fullname" => "description" , | ||
"members" =>"memberUid" | "members" =>"memberUid" |
Latest revision as of 16:47, 5 May 2017
Synology DS 211 with DSM 5.0
From Daniel via the DAViCal-General mailing list:
Experiences with installing DAViCal on a Synology DS211 with DSM 5.0. My starting point was a script previously published by CyberLine on GitHub Gist (https://gist.github.com/CyberLine/3755721/). Unfortunately, the script would not work out of the box, so here is what I had to do. Please note that the following is not meant to be run as a script. Rather, use it as copy-paste base for your terminal.
- Install bootstrap package first.
- The installation of optware-devel is buggy because of a conflict between wget-ssl and wget. It is not possible to just uninstall wget, because it is needed for ipkg. So, first fetch the new wget-ssl, then remove the old and install the new:
wget http://ipkg.nslu2-linux.org/feeds/optware/cs08q1armel/cross/unstable/wget-ssl_1.12-2_arm.ipk ipkg remove wget && ipkg install wget-ssl_1.12-2_arm.ipk
- Now, install system tools and second postgres
ipkg install perl perl-dbi make sed postgresql binutils busybox optware-devel
- Patch postgres config for non conflicting if not exists
if [ "0" == $(egrep '^port = 5433$' /opt/var/pgsql/data/postgresql.conf | wc -l) ]; then echo "port = 5433" >> /opt/var/pgsql/data/postgresql.conf fi;
- Install needed host entries for DAViCal
if [ "0" == $(grep davical /opt/var/pgsql/data/pg_hba.conf | wc -l) ]; then echo -a "local davical davical_app trust\nlocal davical davical_dba trust" >> /opt/var/pgsql/data/pg_hba.conf fi;
- Start the installed postgres cluster
/opt/etc/init.d/S98postgresql start
- Install needed perl packages.
Installation of CPAN does not work out of the box ("Can't locate CPAN/Meta/Requirements.pm"). I solved this by:
cpan CPAN::Meta
This will draw in a number of other dependencies, just confirm all dialogs. This step takes a looong time!
- Now, the following should work:
cpan -fi CPAN YAML
- Build the perl package for davical installation
mkdir -p /usr/local/etc/davical wget http://search.cpan.org/CPAN/authors/id/T/TU/TURNSTEP/DBD-Pg-2.19.3.tar.gz -O - | tar -xz -C /usr/local cd /usr/local/DBD-Pg-2.19.3 && perl Makefile.PL LD=/opt/bin/ld && make && make install
- Edit vhost file /opt/etc/apache2/conf.d/davical.vhost
Alias /cal /opt/share/davical/htdocs <Directory /opt/share/davical/htdocs/> AllowOverride None </Directory>
(i.e., no php directives, no virtual host!)
- If you prefer a virtual host, create one in the DSM web interface linking to the sub directory "cal".
- Check for needed open_basedir modification.
I did this manually in DSM web interface, adding this to the open_basedir directive:
/opt/share/davical:/opt/share/awl/inc:/usr/local/etc/davical/
This will then be in /etc/php/conf.d/user-settings.ini
- Append davical.vhost to the user apache if not exists
if [ "0" == $(egrep '^Include /opt/etc/apache2/conf.d/davical.vhost' /etc/httpd/conf/httpd.conf-user | wc -l) ]; then echo "Include /opt/etc/apache2/conf.d/davical.vhost" >> /etc/httpd/conf/httpd.conf-user fi;
- Restart the user apache
/usr/syno/sbin/synoservicecfg --restart httpd-user
- Install davical if not exists
if [ ! -e "/opt/share/davical" ]; then wget http://debian.mcmillan.net.nz/packages/davical/davical-1.1.1.tar.gz -O - | tar -xz -C /opt/share/ mv /opt/share/davical-1.1.1/ /opt/share/davical/ else echo "davical installation exists. nothing to do." fi;
- Install needed "awl" if not exists
if [ ! -e "/opt/share/awl/" ]; then wget http://debian.mcmillan.net.nz/packages/awl/awl-0.53.tar.gz -O - | tar -xz -C /opt/share/ mv /opt/share/awl-0.53/ /opt/share/awl/ else echo "awl installation exists. nothing to do."; fi;
- Install davical database if not exists
if [ "0" == $(psql -p 5433 -l template1 postgres | grep davical | wc -l) ]; then PGPORT=5433 PGUSER=postgres /opt/share/davical/dba/create-database.sh fi;
- Adjust connect string in DAViCal config (/opt/share/davical/config/example-config.php):
$c->pg_connect[] = "dbname=davical port=5433 user=davical_app host=localhost";
- Soft link sample config files for each interface if not exists
for ADDR in $(ip -4 addr list | grep inet | awk '{print $2}' | awk -F '/' '{print $1}'); do if [ ! -e "/usr/local/etc/davical/$ADDR-conf.php" ]; then ln -s /opt/share/davical/config/example-config.php /usr/local/etc/davical/$ADDR-conf.php fi; done;
- Make also a softlink for possible DNS entries you want to use (.../your.domain.tld-conf.php).
Now, the installation should work. Point your browser to your diskstation IP/cal and complete DAViCal setup.
Using the DSM LDAP server for user management
Add the following to your config /opt/share/davical/config/example-config.php:
$c->authenticate_hook['call'] = 'LDAP_check'; $c->authenticate_hook['config'] = array( 'host' => 'localhost', //host name of your LDAP Server 'port' => '389', //port 'protocolVersion' => '3', //Version of LDAP protocol to use 'baseDNUsers'=> 'cn=users,dc=xxx,dc=xxx', //where to look at valid user 'filterUsers' => 'objectClass=inetOrgPerson', //filter which must validate a user according to RFC4515, i.e. surrounded by brackets 'baseDNGroups' => 'cn=groups,dc=xxx,dc=xxx', //where to look for groups 'filterGroups' => 'objectClass=posixGroup', //filter with same rules as filterUsers 'mapping_field' => array("username" => "cn", "modified" => "modifyTimestamp", "fullname" => "gecos" , "email" =>"mail" ), //used to create the user based on his ldap properties 'group_mapping_field' => array("username" => "cn", "modified" => "modifyTimestamp", "fullname" => "description" , "members" =>"memberUid" ), //used to create the group based on the ldap properties 'format_updated'=> array('Y' => array(0,4),'m' => array(4,2),'d'=> array(6,2),'H' => array(8,2),'M'=>array(10,2),'S' => array(12,2)), ); $c->do_not_sync_from_ldap = array( 'admin' => true ); // do not affect admin account on ldap sync include('drivers_ldap.php');
Finally, in order to get LDAP to work, I had to edit the file /opt/share/davical/inc/Principal.php.
The reason is that Postgres on my DiskStation is really old (v 8.2.13) and does not seem to support some type casting used on LDAP sync.
Otherwise, on importing LDAP users, I get plenty of errors in the style "cannot write to database".
So what I did was to simply comment out line 540:
// $param_name = 'cast('.$param_name.' as text)::BIT(24)';
I know this is really ugly but seemed to solve my issues.