Debian 9 shared

From Davical
Revision as of 13:23, 2 June 2021 by Narcisgarcia (talk | contribs) (Debian 9 deprecation)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

This guide is intended to systems where can be more than one DAViCal installation, and permissions are not open to other users in the system or in Apache websites.

Systems tested:

  • Debian 9
  • See for other Debian versions

Software versions tested:

  • DAViCal 1.1.7
  • PostgreSql 9.6

Install guide

Install HTTP service:

sudo apt update
sudo apt install task-web-server

Install DAViCal (includes postgresql and php by dependencies):

sudo apt --install-recommends install davical davical-doc
# You can need to specify version if you want latest DAViCal:
sudo apt --install-recommends install davical=1.1.7-1~bpo9+1 libawl-php=0.59-1~bpo9+1 davical-doc

Prepare the DAViCal database values

DatabaseName=mycaldb
DBUsername_dba=mycaluser_dba
DBUsername_app=mycaluser_app
DBPassword=12345
AdminPassword=1234

Add open permissions temporarily for the installation scripts:

MediumPgVersion="$(psql --version | grep -ie "sql" | tr -s " " "\n" | tail --lines=1 | cut -f 1,2 -d ".")"
PgConfig="/etc/postgresql/${MediumPgVersion}/main/pg_hba.conf"
sudo mv "$PgConfig" "${PgConfig}.davical-bak"
sudo cp -a "${PgConfig}.davical-bak" "$PgConfig"
echo "# Permissions for the DAViCal CMS" | sudo tee "$PgConfig"
echo "local $DatabaseName $DBUsername_dba trust" | sudo tee -a "$PgConfig"
echo "local $DatabaseName $DBUsername_app trust" | sudo tee -a "$PgConfig"
echo "" | sudo tee -a "$PgConfig"
sudo cat "${PgConfig}.davical-bak" | sudo tee -a "$PgConfig"
# Service name can be only "postgresql" or more:
sudo systemctl reload postgresql

Apply a temporary patch to creation script:

CScript="/usr/share/davical/dba/create-database.sh"
sudo mv "$CScript" "${CScript}.davical-bak"
sudo cp -a "${CScript}.davical-bak" "$CScript"
cat "${CScript}.davical-bak" | sed -e "s/DBNAME=.*/DBNAME=${DatabaseName}/g" | sed -e "s/AWL_DBAUSER=.*/AWL_DBAUSER=${DBUsername_dba}/g" | sed -e "s/AWL_APPUSER=.*/AWL_APPUSER=${DBUsername_app}/g" | sudo tee "$CScript"

Apply a temporary patch to update script:

UScript="/usr/share/davical/dba/update-davical-database"
sudo mv "$UScript" "${UScript}.davical-bak"
sudo cp -a "${UScript}.davical-bak" "$UScript"
cat "${UScript}.davical-bak" | sed -e "s/\$dbname = .*/\$dbname = \"${DatabaseName}\";/g" | sed -e "s/\$dbuser = .*/\$dbuser = \"${DBUsername_dba}\";/g" | sed -e "s/\$appuser = .*/\$appuser = \"${DBUsername_app}\";/g" | sed -e "s/\$dbpass = .*/\$dbpass = \"${DBPassword}\";/g" | sudo tee "$UScript"

(only fresh install) Run main installation script and take note of the shown password for the 'admin' user:

sudo su -l postgres -c "$CScript" "$DatabaseName" "$AdminPassword"

(only restoration of a backup) Restore data and run update script:

echo "DROP DATABASE IF EXISTS mycaldb;" | sudo su -l postgres -c psql
echo "DROP USER IF EXISTS mycaluser_dba;" | sudo su -l postgres -c psql
sudo su -l postgres -c "psql --quiet --file mycaluser_dba.pgdump"
echo "DROP USER IF EXISTS mycaluser_app;" | sudo su -l postgres -c psql
sudo su -l postgres -c "psql --quiet --file mycaluser_app.pgdump"
sudo su -l postgres -c "psql --quiet --file mycaldb.pgdump"
sudo su -l postgres -c "$UScript"

Restore installation scripts to original:

sudo mv "${UScript}.davical-bak" "$UScript"
sudo mv "${CScript}.davical-bak" "$CScript"

(only fresh install) Set password authentication for the database:

echo "ALTER USER $DBUsername_dba WITH PASSWORD '${DBPassword}';" | sudo su -l postgres -c psql
echo "ALTER USER $DBUsername_app WITH PASSWORD '${DBPassword}';" | sudo su -l postgres -c psql

Allow these authenticated access to PostgreSql:

echo "# Permissions for the DAViCal CMS" | sudo tee "$PgConfig"
echo "local $DatabaseName $DBUsername_dba password" | sudo tee -a "$PgConfig"
echo "local $DatabaseName $DBUsername_app password" | sudo tee -a "$PgConfig"
echo "" | sudo tee -a "$PgConfig"
sudo cat "${PgConfig}.davical-bak" | sudo tee -a "$PgConfig"
# Service name can be only "postgresql" or more:
sudo systemctl reload postgresql

Setup CMS parameters at /etc/davical/config.php

  • Pending to check if package updates overwrite config.php

Create or restore Apache virtualhost with its profile content as in this example:

<VirtualHost *:80 *:8008 *:8800>
	ServerName	caldav.example.net
	DocumentRoot	/usr/share/davical/htdocs
	DirectoryIndex	index.php index.html
	Alias	/images/ /usr/share/davical/htdocs/images/
	<Directory /usr/share/davical/htdocs/>
		AllowOverride None
		Order allow,deny
		Allow from all
	</Directory>
	php_value include_path	/usr/share/awl/inc
	php_value magic_quotes_gpc	0
	php_value magic_quotes_runtime	0
	php_value register_globals	0
	php_value error_reporting	"E_ALL & ~E_NOTICE"
	php_value default_charset	"utf-8"
	php_admin_value open_basedir    /usr/share/davical/:/usr/share/awl/inc/:/etc/davical/
</VirtualHost>

(Apache may need to be configured in ports.conf to listen also ports 8008 and 8800)

Enable Apache website:

sudo a2ensite caldav.example.net

Login to DAViCAL Admin

If all is going well you should now be able to browse to the site pages and log in as 'admin' with the password set during installation.

Backup all data

  • Database (example for accessing mycaldb with user "mycaluser" and password "12345")
env PGPASSWORD=12345 pg_dump --create --inserts --attribute-inserts --disable-dollar-quoting --username=mycaluser -f "mycaldb.pgdump" mycaldb
  • PostgreSql users/roles (example for mycaluser_dba + mycaluser_app)
cat /dev/null > mycaluser_dba.pgdump
sudo su -l postgres -c "pg_dumpall --roles-only" | grep -e " ROLE mycaluser_dba;" >> mycaluser_dba.pgdump
sudo su -l postgres -c "pg_dumpall --roles-only" | grep -e " ROLE mycaluser_dba " >> mycaluser_dba.pgdump
cat /dev/null > mycaluser_app.pgdump
sudo su -l postgres -c "pg_dumpall --roles-only" | grep -e " ROLE mycaluser_app;" >> mycaluser_app.pgdump
sudo su -l postgres -c "pg_dumpall --roles-only" | grep -e " ROLE mycaluser_app " >> mycaluser_app.pgdump
  • CMS configuration:
/etc/davical/caldav.example.net-conf.php
  • Apache site profile:
/etc/apache2/sites-available/caldav.example.net

Additional tips

Reset the admin password

Useful after an installation, when we want to be sure of our wanted password (example for database name "mycaldb" and password "1234")

echo "UPDATE usr SET password = '**1234' WHERE user_no=1;" | sudo su -l postgres -c "psql --dbname mycaldb"

TroubleShooting

See Problems and Solutions and Frequently Asked Questions