DavIcal
From AleikoumWiki
Davical
=
Prerequis :
- installation d'Apache avec PHP5 et installation du serveur de BDD postgreSQL
debiantest-i386:~# apt-get install apache2 php5 postgrel
Installation de DavICal :
- ajout du repository pour installation de DavICal par package
debiantest-i386:~# apt-key advanced --keyserver pgp.net.nz --recv-keys F6E0FA5CF0307507BB23A512EAFCFEBF8FEB8EBF debiantest-i386:~# vim /etc/apt/sources.list
deb http://debian.mcmillan.net.nz/debian lenny awm
debiantest-i386:~# apt-get update && apt-get install davical
Configuration :
- configuration des accès à la base de données
debiantest-i386:~# vim /etc/postgresql/8.3/main/pg_hba.conf
local davical davical_app trust local davical davical_dba trust
debiantest-i386:~# /etc/init.d/postgresql-8.3 restart
- initialisation de la base de données
debiantest-i386:~# su postgres -c /usr/share/davical/dba/create-database.sh
- creation d'un certificat self-signed
debiantest-i386:~# mkdir /etc/apache2/certificats/ debiantest-i386:~# openssl req -x509 -nodes -days 3650 -newkey rsa:1024 -out /etc/apache2/certificats/debiantest-i386.antelink.net.crt -keyout /etc/apache2/certificats/debiantest-i386.antelink.net.key
- configuration d'Apache
debiantest-i386:~# vim /etc/apache2/sites-available/debiantest-i386
<VirtualHost *:443> DocumentRoot /usr/share/davical/htdocs DirectoryIndex index.php index.html ServerName debiantest-i386.antelink.net Alias /images/ /usr/share/davical/htdocs/images/ <Directory /usr/share/davical/htdocs/> AllowOverride None Order allow,deny Allow from all </Directory> php_value include_path /usr/share/awl/inc php_value magic_quotes_gpc 0 php_value register_globals 0 php_value error_reporting "E_ALL & ~E_NOTICE" php_value default_charset "utf-8"
ErrorLog /var/log/apache2/debiantest-i386_error.log CustomLog /var/log/apache2/debiantest-i386_access.log "%h %l %u %t \"%r\" %>s %b \"%{Cookie}i\" \"%{Referer}i\" \"%{User-Agent}i\""
SSLEngine on SSLCertificateFile /etc/apache2/certificats/debiantest-i386.antelink.net.crt SSLCertificateKeyFile /etc/apache2/certificats/debiantest-i386.antelink.net.key </VirtualHost>
debiantest-i386:~# a2ensite debiantest-i386 && a2dissite default && a2enmod ssl && /etc/init.d/apache2 restart
- configuration de DavICal
debiantest-i386:~# vim /etc/davical/debiantest-i386.antelink.net-conf.php # nota : le fichier doit avoir le nom /etc/davical/${virtual_host}-conf.php <?php
//$c->domain_name = "debiantest-i386.antelink.net"; //$c->sysabbr = 'DAViCal'; $c->admin_email = 'ebs@antelink.com'; $c->system_name = "Antelink DAViCal Server"; //$c->enable_row_linking = true;
// For performance reasons we use persistent connections $c->use_persistent = true;
// Connection to the DB $c->pg_connect[] = 'dbname=davical port=5432 user=davical_app';
// Default privileges $c->default_privileges = array('read-free-busy', 'schedule-query-free-busy');
// Only events marked as PRIVATE will be excluded from the report // Access to freebusy information via the scheduling extensions to CalDAV is not affected by this report. // URL format: // http://debiantest-i386.antelink.net/freebusy.php/erwan.bensouiden@antelink.net // or // http://debiantest-i386.antelink.net/freebusy.php/erwan.bensouiden/home/ $c->public_freebusy_url = false;
// This will create a default calendar called home for each new user $c->home_calendar_name = 'home';
// If true, then TODO requested from someone other than the admin or owner // of a calendar will not get any answer. Often these todo are only relevant // to the owner, but in some shared calendar situations they might not be in // which case you should set this to false. $c->hide_TODO = false;
// For debug $c->sysabbr = 'davical' //$c->dbg["ALL"] = 1; //$c->dbg["component"] = 1; $c->dbg['caldav'] = 1; //$c->dbg['querystring'] = 1; $c->dbg['icalendar'] = 1; $c->dbg['ics'] = 1; $c->dbg['login'] = 1; //$c->dbg['options'] = 1; //$c->dbg['get'] = 1; //$c->dbg['put'] = 1; //$c->dbg['propfind'] = 1; //$c->dbg['proppatch'] = 1; //$c->dbg['report'] = 1; //$c->dbg['principal'] = 1; //$c->dbg['user'] = 1; //$c->dbg['vevent'] = 1; //$c->dbg['rrule'] = 1;
Exploitation :
- Acces a l'interface d'Admin : https://debiantest-i386.antelink.net/ - format des URLs pour Thunderbird Lightning / Sunbird / iCal : https://debiantest-i386.antelink.net/caldav.php/$ressource/$nom_calendrier/ - format des URLs pour Evolution : caldav://debiantest-i386.antelink.net/caldav.php/$ressource/$nom_calendrier - Lightning et iCal sont capable de gérer le check des disponibilités des attendees, ce n'est pas le cas d'Evolution - nota pour un certificat self-signed j'ai ete oblige d'importer le certificat de l'autorite dans thunderbird sinon lightning ne fonctionne pas !
Backup : debiantest-i386:~# cat /etc/cron.daily/davical-backup.sh
- /bin/sh
POSTGRES_USER='postgres' BACKUP_DIRECTORY='/srv/backup/davical' DOD=`date +%Y%m%d` BACKUP_DIRECTORY_DOD="davical-${DOD}" BACKUP_RETENTION=10
echo "$0 - date - Backup Start"
- backup retention
echo "$0 - date - Backup Retention Processing..." find ${BACKUP_DIRECTORY} -maxdepth 1 -ctime +${BACKUP_RETENTION} -type d -exec rm -rvf {} \;
- backup action
echo "$0 - date - Backup Action Processing..." mkdir ${BACKUP_DIRECTORY}/${BACKUP_DIRECTORY_DOD} chmod 777 ${BACKUP_DIRECTORY}/${BACKUP_DIRECTORY_DOD} su - ${POSTGRES_USER} -c "pg_dump -U ${POSTGRES_USER} -FP -c davical | gzip> ${BACKUP_DIRECTORY}/${BACKUP_DIRECTORY_DOD}/davical-${DOD}.sql.gz" cp -r /usr/share/davical ${BACKUP_DIRECTORY}/${BACKUP_DIRECTORY_DOD}/usr-share-davical-${DOD} cp -r /etc/davical ${BACKUP_DIRECTORY}/${BACKUP_DIRECTORY_DOD}/etc-davical-${DOD}
echo "$0 - date - Backup Stop"
Links :
- installation de Thunderbird Lightning sur un linux 64bits : https://help.ubuntu.com/community/ThunderbirdLightning - site officiel de davical : http://www.davical.org