Debian shared: Difference between revisions

From Davical
Jump to navigationJump to search
No edit summary
No edit summary
Line 97: Line 97:
* Following are value examples for Apache virtualhost:
* Following are value examples for Apache virtualhost:
  <VirtualHost *:80 *:8008 *:8800>
  <VirtualHost *:80 *:8008 *:8800>
  ServerName caldav.example.net
  ServerName calendar.example.net
  DocumentRoot /usr/share/davical/htdocs
  DocumentRoot /usr/share/davical/htdocs
  DirectoryIndex index.php index.html
  DirectoryIndex index.php index.html
Line 151: Line 151:


* CMS configuration:
* CMS configuration:
  /etc/davical/caldav.example.net-conf.php
  /etc/davical/calendar.example.net-conf.php


* Apache site profile:
* Apache site profile:
  /etc/apache2/sites-available/caldav.example.net
  /etc/apache2/sites-available/calendar.example.net


== Pending to implement or fix = to do ==
== Pending to implement or fix = to do ==

Revision as of 15:59, 2 June 2021

References:

Base to proceed

  • Web server. This guide is intended to environments where there can be more than one DAViCal instance, and permissions are not open to other users in the system or in Apache websites.
  • Disk requirements (OS+software+data): Minimum?, Recommended?
  • Memory requirements: Minimum?, Recommended?
  • Example public URL is https://calendar.example.net/
  • Basic steps taken from https://www.davical.org/installation.php
  • Tested in Debian 10, with repositories DAViCal 1.1.8

If server lacks of web service

sudo apt update
sudo apt install task-web-server

Procedure

  • Install packages:
apt update
apt install davical
  • Prepare the DAViCal database values
DatabaseName=mycaldb
DBUsername_dba=mycaluser_dba
DBUsername_app=mycaluser_app
DBPassword=12345
AdminPassword=1234
  • Add open permissions temporarily for the installation scripts:
PgMainVersion="$(psql --version | grep -ie "sql" | tr -s " " "\n" | tail --lines=1 | cut -f 1 -d ".")"
PgConfig="$(ls /etc/postgresql/${PgMainVersion}*/main/pg_hba.conf)"
sudo cp -a "$PgConfig" "${PgConfig}.davical-bak"
echo "# Permissions for the DAViCal CMS" | sudo tee "$PgConfig"
echo "local $DatabaseName $DBUsername_dba trust" | sudo tee -a "$PgConfig"
echo "local $DatabaseName $DBUsername_app trust" | sudo tee -a "$PgConfig"
echo "" | sudo tee -a "$PgConfig"
sudo cat "${PgConfig}.davical-bak" | sudo tee -a "$PgConfig"
sudo systemctl reload postgresql
  • Apply a temporary patch to creation script:
CScript="$(ls /usr/share/davical/dba/create-database.sh)"
sudo dpkg-divert --local --rename --add "$CScript"
sudo cp -a "${CScript}.distrib" "$CScript"
sudo sed -i "s/DBNAME=.*/DBNAME=${DatabaseName}/g" "$CScript"
sudo sed -i "s/AWL_DBAUSER=.*/AWL_DBAUSER=${DBUsername_dba}/g" "$CScript"
sudo sed -i "s/AWL_APPUSER=.*/AWL_APPUSER=${DBUsername_app}/g" "$CScript"
  • Apply a temporary patch to update script:
UScript="$(ls /usr/share/davical/dba/update-davical-database)"
sudo dpkg-divert --local --rename --add "$UScript"
sudo cp -a "${UScript}.distrib" "$UScript"
sudo sed -i "s/\$dbname = .*/\$dbname = \"${DatabaseName}\";/g" "$UScript"
sudo sed -i "s/\$dbuser = .*/\$dbuser = \"${DBUsername_dba}\";/g" "$UScript"
sudo sed -i "s/\$appuser = .*/\$appuser = \"${DBUsername_app}\";/g" "$UScript"
sudo sed -i "s/\$dbpass = .*/\$dbpass = \"${DBPassword}\";/g" "$UScript"
  • (only fresh install) Run main installation script and take note of the shown password for the 'admin' user:
sudo su -l postgres -c "$CScript" "$DatabaseName" "$AdminPassword"
  • (only restoration of a backup) Restore data and run update script:
echo "DROP DATABASE IF EXISTS mycaldb;" | sudo su -l postgres -c psql
echo "DROP USER IF EXISTS mycaluser_dba;" | sudo su -l postgres -c psql
sudo su -l postgres -c "psql --quiet --file mycaluser_dba.pgdump"
echo "DROP USER IF EXISTS mycaluser_app;" | sudo su -l postgres -c psql
sudo su -l postgres -c "psql --quiet --file mycaluser_app.pgdump"
sudo su -l postgres -c "psql --quiet --file mycaldb.pgdump"
sudo su -l postgres -c "$UScript"
  • Restore installation scripts to original paths:
sudo rm "$UScript"
sudo dpkg-divert --local --rename --remove "$UScript"
sudo rm "$CScript"
sudo dpkg-divert --local --rename --remove "$CScript"

(only fresh install) Set password authentication for the database:

echo "ALTER USER $DBUsername_dba WITH PASSWORD '${DBPassword}';" | sudo su -l postgres -c psql
echo "ALTER USER $DBUsername_app WITH PASSWORD '${DBPassword}';" | sudo su -l postgres -c psql
  • Create local configuration file to not be overwritten on package updates (FQDN calendar.example.net assumed here):
sudo cp -a /etc/davical/config.php /etc/davical/calendar.example.net.org-conf.php
  • Reconfigure local CMS parameters at /etc/davical/config.php
$c->pg_connect[] = "dbname=DatabaseName user=DBUsername_app password=DBPassword";

And at least:

system_name
admin_email
restrict_setup_to_admin
default_privileges
template_usr
http_auth_mode
default_locale
enable_scheduling
trust_x_forwarded
  • Following are value examples for Apache virtualhost:
<VirtualHost *:80 *:8008 *:8800>
	ServerName	calendar.example.net
	DocumentRoot	/usr/share/davical/htdocs
	DirectoryIndex	index.php index.html
	Alias	/images/ /usr/share/davical/htdocs/images/
	<Directory /usr/share/davical/htdocs/>
		AllowOverride None
		Order allow,deny
		Allow from all
	</Directory>
	php_value include_path	/usr/share/awl/inc
	php_value magic_quotes_gpc	0
	php_value magic_quotes_runtime	0
	php_value register_globals	0
	php_value error_reporting	"E_ALL & ~E_NOTICE"
	php_value default_charset	"utf-8"
	php_admin_value open_basedir    /usr/share/davical/:/usr/share/awl/inc/:/etc/davical/
</VirtualHost>

(Apache may need to be configured in ports.conf to listen also ports 8008 and 8800)

  • Enable Apache website if it wasn't:
sudo a2ensite calendar.example.net
sudo apachectl graceful
  • Admin email address will be shown in clear on some public pages. If you waht to filter this, you can enable "substitute" module on apache:
sudo a2enmod substitute
systemctl restart apache2

And add a directive like this to Apache's virtualhost:

<Location "/">
	AddOutputFilterByType SUBSTITUTE text/html
	Substitute "s/admin@example.net/admin AT example.net/ni"
</Location>

Login to DAViCAL Admin

If all is going well you should now be able to browse to the site pages and log in as 'admin' with the password set during installation.

Usual administration tasks

Reset the admin password

Useful after an installation, when we want to be sure of our wanted password (example for database name "MyCalendars" and password "1234")

echo "UPDATE usr SET password = '**1234' WHERE user_no=1;" | sudo su -l postgres -c "psql --dbname MyCalendars"

Backup all data

  • Database (example for accessing mycaldb with user "mycaluser" and password "12345")
env PGPASSWORD=12345 pg_dump --create --inserts --attribute-inserts --disable-dollar-quoting --username=mycaluser -f "mycaldb.pgdump" mycaldb
  • PostgreSql users/roles (example for mycaluser_dba + mycaluser_app)
cat /dev/null > mycaluser_dba.pgdump
sudo su -l postgres -c "pg_dumpall --roles-only" | grep -e " ROLE mycaluser_dba;" >> mycaluser_dba.pgdump
sudo su -l postgres -c "pg_dumpall --roles-only" | grep -e " ROLE mycaluser_dba " >> mycaluser_dba.pgdump
cat /dev/null > mycaluser_app.pgdump
sudo su -l postgres -c "pg_dumpall --roles-only" | grep -e " ROLE mycaluser_app;" >> mycaluser_app.pgdump
sudo su -l postgres -c "pg_dumpall --roles-only" | grep -e " ROLE mycaluser_app " >> mycaluser_app.pgdump
  • CMS configuration:
/etc/davical/calendar.example.net-conf.php
  • Apache site profile:
/etc/apache2/sites-available/calendar.example.net

Pending to implement or fix = to do

TroubleShooting

See Problems and Solutions and Frequently Asked Questions