Solaris

Introduction
DAViCal is confirmed operational on Solaris 10 using the OpenCSW version of Apache2, PHP5 and PostgreSQL. The following PHP5 additional package modules are required php5_pgsql, php5_pdopgsql, php5_pdo, php5_iconv and php5_gettext.

The DAViCAL code is kept out of the /opt/csw/ directory tree by default. It is more appropriate to create a /opt/DAViCal directory and then place awl and davical as sub-directories (without a version suffix), ensuring that /opt/csw is not polluted.

Apache
The resultant Apache2 configuration at this position is is created in a file called DAViCal.conf (shown below) located in the apache2/etc directory. The file is included in the file http.conf with a statement Include etc/DAViCal.conf.


 * 1) -*- Apache -*- ##############################################################
 * 2) DAViCal Configuration for Apache - www.davical.org
 * 3) Log:      2011-02-11    Jon
 * 4)           Broke DAViCal into separate config file for Apache2
 * 5)           Enable CardDav services
 * 6)           2011-02-04    Jon
 * 7)           Initial configuration test
 * 8)           CalDAV services only.
 * 9) Assumes:
 * 10)           DAViCal installed in /opt/DAViCal/davical
 * 11)                                /opt/DAViCal/awl
 * 12)           Apache2:  Enable mod_rewrite
 * 13)                     Enable mod_ssl2
 * 14)                     Enable mod_php5
 * 15) Serices:
 * 16)           Follow Apple conventions for Enterprise deployment.
 * 17)           Port 8008 - CalDAV + CardDAV service no SSL (Domain local only)
 * 18)           Port 8443 - CalDAV + CardDAV service with SSL (Internal/External no admin)
 * 19) Apache2:
 * 20)           Quick reminder on stop/start of apache2 following config change
 * 21)           Restart:    % svcadm restart network/cswapache2
 * 22)           Disable:    % svcadm disable network/cswapache2
 * 23)           Enable:     % svcadm enable network/cswapache2
 * 24)           Status:     % svcs -xv
 * 25) IP Filter:
 * 26)           External service access is controlled and needs to be configured.
 * 27)           /etc/ipf/ipf.conf [Global zone configuration]
 * 28)           To Reload rules:            ipf -Fa -f /etc/ipf/ipf.conf
 * 29)           To Monitor log:             ipmon -a
 * 30)           Summary of IPSec rules:     ipfstat -h -i
 * 31)           # DAViCAL services
 * 32)           # Allow access to the DAViCal server
 * 33)           # Port 8443 - CalDAV + CardDAV service with SSL (Internal/External no admin)
 * 34)           pass in quick on bge0 proto tcp from any to 192.168.1.x port = 8443 keep state
 * 35)           # Port 8008 - CalDAV + CardDAV service no SSL (Domain local only)
 * 36)           pass in quick on bge0 proto tcp from 192.168.1.0/24 to 192.168.1.x port = 8008 keep state
 * 37) Config:
 * 38)           Configure DAViCal PHP
 * 39)           File:       /opt/DAViCal/davical/config/config.php
 * 40)           Content:    domainname = "www.myaddress.com";
 * 42)                       $c->sysabbr     = 'www';
 * 43)                       $c->admin_email = 'admin@myaddress.com';
 * 44)                       $c->system_name = "CalDAV Server";
 * 45)                       // Our locale
 * 46)                       $c->default_locale = "en_GB.UTF-8";
 * 47)                       // Connect to a remote PostgreSQL server
 * 48)                       $c->pg_connect[] = 'hostaddr=192.168.1.y port=5432 dbname=davical user=davical_app';
 * 49)                       // Admin access restriction
 * 50)                       $c->restrict_admin_port = '8008';
 * 51) Server Admin Notes:
 * 52)           Addressbook
 * 53)           Unlike with calendars, DAViCal does not (yet) create a default addressbook
 * 54)           resource for each new user, so you will have to do this manually for now.
 * 55)           From http://wiki.davical.org/w/CardDAV/Creating_addressbooks
 * 56)           * Go into the Admin UI in your browser
 * 57)             http://www.myaddress.com:8008/index.php
 * 58)             Login: admin + password
 * 59)           * Click on "List Principals" and find the principal you want to add a
 * 60)             calendar to.
 * 61)           * Down the bottom of the page click on "Create Collection"
 * 62)           * Give the collection a URL part such as "contacts" or "addressbook" in the
 * 63)             DAV Path field.
 * 64)           * Give the collection a friendly name such as "Andrew's Contacts" in the
 * 65)             Displayname field.
 * 66)           * Turn off "Is a Calendar" and turn on "Is an Addressbook".
 * 67)           * Click on "Create"
 * 68)           * Then grant permissions.
 * 69) Client Config Notes:
 * 70)           Note in all configurations then we use Apache2 re-write rules and this
 * 71)           changes the configuration of the client connections.
 * 72)           iPad Configuration:
 * 73)               Set through "iPhone Configuration Untility" (Enterprise)
 * 74)               - "CalDAV" is principle account.
 * 75)               - "Subscribed Calendars" are read only
 * 76)               - "CardDAV" is our address book
 * 77)               Server:             my.address.com
 * 78)               User Name:          me
 * 79)               Password:           secret
 * 80)               Description:        My Calendar
 * 81)               Advanced Settings: (Calendar no SSL)
 * 82)                   Use SSL:        Off
 * 83)                   Port:           8008
 * 84)                   Account URL:    http://my.address.com:8008/me/home
 * 85)               Advanced Setting: (Calendar with SSL)
 * 86)                   Use SSL:        On
 * 87)                   Port:           8443
 * 88)                   Account URL:    https://my.address.com:8443/me/home
 * 89)               CardDAV Settings:  (Card with SSL)
 * 90)                   Use SSL:        On
 * 91)                   Port:           8443
 * 92)                   Server:         my.address.com
 * 93)                   User Name:      me
 * 94)                   Password:       secret
 * 95)                   ** Do not configure explicit client connection allow to default **
 * 96)           Mozilla Lightening Config:
 * 97)               On the Network:     yes
 * 98)               Format:             CalDAV
 * 99)               Location:           https://my.address.com:8443/me/home
 * 100)               etc.
 * 1)               Server:             my.address.com
 * 2)               User Name:          me
 * 3)               Password:           secret
 * 4)               Description:        My Calendar
 * 5)               Advanced Settings: (Calendar no SSL)
 * 6)                   Use SSL:        Off
 * 7)                   Port:           8008
 * 8)                   Account URL:    http://my.address.com:8008/me/home
 * 9)               Advanced Setting: (Calendar with SSL)
 * 10)                   Use SSL:        On
 * 11)                   Port:           8443
 * 12)                   Account URL:    https://my.address.com:8443/me/home
 * 13)               CardDAV Settings:  (Card with SSL)
 * 14)                   Use SSL:        On
 * 15)                   Port:           8443
 * 16)                   Server:         my.address.com
 * 17)                   User Name:      me
 * 18)                   Password:       secret
 * 19)                   ** Do not configure explicit client connection allow to default **
 * 20)           Mozilla Lightening Config:
 * 21)               On the Network:     yes
 * 22)               Format:             CalDAV
 * 23)               Location:           https://my.address.com:8443/me/home
 * 24)               etc.
 * 1)               Format:             CalDAV
 * 2)               Location:           https://my.address.com:8443/me/home
 * 3)               etc.

Listen 8008 NameVirtualHost 192.168.1.x:8008  # General setup of the virtual host DocumentRoot "/opt/DAViCal/davical/htdocs" Alias /images/ /opt/DAViCal/davical/htdocs/images/
 * 1) Port 8008 - CalDAV + CardDAV port without SSL
 * 2) DAViCal - CalDAV + CardDAV port without SSL
 * 3) Used for local hosts and adminstration access
 * 1) DAViCal - CalDAV + CardDAV port without SSL
 * 2) Used for local hosts and adminstration access

ServerName "www.myaddress.com:8008" ServerAdmin "admin@myaddress.com" # Virtual server logging ErrorLog "/opt/csw/apache2/var/log/error_8008.log" TransferLog "/opt/csw/apache2/var/log/access_8008.log"

# Define the directory access  AllowOverride None Order allow,deny Allow from all

# Default directory index. DirectoryIndex index.php 

# Allow trailing names AcceptPathInfo On

# Define the PHP5 configuration. php_value include_path "/opt/DAViCal/davical/inc:/opt/DAViCal/awl/inc" php_value magic_quotes_gpc 0 php_value register_globals 0 php_value error_reporting "E_ALL & ~E_NOTICE" php_value default_charset "utf-8"

# Get rid of caldav.php in the path RewriteEngine On   # Not if it's the root URL. RewriteCond %{REQUEST_URI} !^/$ # Not if it explicitly specifies a .php program, stylesheet or image RewriteCond %{REQUEST_URI} !\.(php|css|js|png|gif|jpg) # Everything else gets rewritten to /caldav.php/... RewriteRule ^(.*)$ /caldav.php/$1 [NC,L]



Listen 8443 NameVirtualHost 192.168.1.x:8443  # General setup of the virtual host DocumentRoot "/opt/DAViCal/davical/htdocs" ServerName "www.myaddress.com:8443" ServerAdmin "admin@myaddress.com" # Virtual server logging ErrorLog "/opt/csw/apache2/var/log/error_8443.log" TransferLog "/opt/csw/apache2/var/log/access_8443.log"
 * 1) Port 8443 - CalDAV + CardDAV port with SSL
 * 2) DAViCal - CalDAV + CardDAV port with SSL
 * 3) Used for internal and external access
 * 1) DAViCal - CalDAV + CardDAV port with SSL
 * 2) Used for internal and external access

# Turn on SSL for this port SSLEngine on   SSLProtocol -all +SSLv3 +TLSv1 SSLCipherSuite HIGH:!MEDIUM:!SSLv2:!EXP:!ADH:!aNULL:!eNULL:!NULL

# Server Certificate SSLCertificateFile "/certs/3yr_cert.crt" SSLCertificateKeyFile "/certs/3yr_cert.key" SSLCertificateChainFile "/certs/3yr_ca-bundle.crt"

# SSL Protocol Adjustments: BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0

# Per-Server Logging: CustomLog "/opt/csw/apache2/var/log/ssl_request_8443.log" \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

# Define the directory access  AllowOverride None Order allow,deny Allow from all

# Default directory index. DirectoryIndex index.php 

# Allow trailing names AcceptPathInfo On

# Define the PHP5 configuration. php_value include_path "/opt/DAViCal/davical/inc:/opt/DAViCal/awl/inc" php_value magic_quotes_gpc 0 php_value register_globals 0 php_value error_reporting "E_ALL & ~E_NOTICE" php_value default_charset "utf-8"

# Get rid of caldav.php in the path RewriteEngine On   # Not if it's the root URL. RewriteCond %{REQUEST_URI} !^/$ # Not if it explicitly specifies a .php program, stylesheet or image RewriteCond %{REQUEST_URI} !\.(php|css|js|png|gif|jpg) # Filter all files that do not exist # Everything else gets rewritten to /caldav.php/... RewriteRule ^(.*)$ /caldav.php/$1 [NC,L] 

The DAViCal.conf uses the rewrite rules and mod_rewrite should be loaded. The rewrite rules allow iCal and cardDAV to work with iPad on SSL port 8443. cardDAV on iPad did not seem to work on port 8843 which was expected.

PostgreSQL
When creating the PostgreSQL database then DAViCal needs to operate in UTF-8, if your Locale is set to something different to UTF-8 then you need to make sure that the database is set to UTF-8 and matches a Sun Locale e.g. en_GB.UTF-8. After initialising the database then this can be changed by editing postgresql.conf before creating the davical database with bash dba/create-database.sh otherwise the creation fails; su to the postgres user before running the script. (I am not an expert, ususlly use MySQL, maybe somebody else can advise). Note the davical shell scripts are Bash and are not fully compatible with the Solaris Borne shell.

config.php
The file config.php file may stay in directory /opt/DAViCal/davical/config. If the SSL port is external facing then you can disable adminstrator access on port 8443 with $c->restrict_admin_port = '8008';. If Apache2 is running in a zone and the SQL server is on another host/zone then change the connection to access the remote database with $c->pg_connect[] = 'hostaddr=192.168.1.y port=5432 dbname=davical user=davical_app';. Set the Locale to the same value as the PostgreSQL database with $c->default_locale = "en_GB.UTF-8";.

Clients
DAViCal is confirmed operating correctly with iPad and Lightning via SSL connection. It is useful to have the 8008 port for local adminstration tasks and obviously to set up the users.