Caldav carddav Bundles: Difference between revisions

From Open-Xchange
No edit summary
No edit summary
 
(30 intermediate revisions by 8 users not shown)
Line 1: Line 1:
= Installation and Configuration of the CalDAV- and CardDAV-bundles =
This article is valid until the version 7.10.2 of the Open Xchange Server. For newer versions please visit https://documentation.open-xchange.com/latest/middleware/miscellaneous/caldav_carddav.html


The Open-Xchange server can be accessed via it's CalDAV- and CardDAV-interfaces to allow the synchronization of Calendar- and Contact-data with external applications like the Mac OS X iCal and Address Book clients. The synchronization protocols are available starting with Version 6.20.1 Rev5.
<!-- = Installation and Configuration of the CalDAV- and CardDAV-bundles =
 
The Open-Xchange server can be accessed via it's CalDAV- and CardDAV-interfaces to allow the synchronization of Calendar- and Contact-data with external applications like the Mac OS Calendar and Address Book clients.


CalDAV and CardDAV are standard protocols for the exchange of calendar data and address data respectively. The CalDAV interface publishes all the user's calendar folders via CalDAV so the user can subscribe to them in a client application. Similarly, the CardDAV interface publishes the user's contact folders. Depending on the used client, the user can either subscribe one or more folders, or access all available data in an aggregated way.  
CalDAV and CardDAV are standard protocols for the exchange of calendar data and address data respectively. The CalDAV interface publishes all the user's calendar folders via CalDAV so the user can subscribe to them in a client application. Similarly, the CardDAV interface publishes the user's contact folders. Depending on the used client, the user can either subscribe one or more folders, or access all available data in an aggregated way.  
Line 9: Line 11:


== Webserver Configuration ==
== Webserver Configuration ==
In order to redirect DAV requests to the appropiate servlets, the webserver's configuration may need to be adjusted using one of the following alternatives. Please be aware that for a working Mavericks auto configuration setup you need to have SSL enabled on the server. The non-SSL variant described below only works if you use the advanced CalDav configuration in Mavericks and enter the path by hand. If you just want to enter the hostname SSL is required. The same applies to iOS7 where SSL is always required.
In order to redirect DAV requests to the appropiate servlets, the webserver's configuration may need to be adjusted using one of the following alternatives. Please be aware that for a working Mavericks auto configuration setup you need to have SSL enabled on the server. The non-SSL variant described below only works if you use the advanced CalDAV configuration in Mac OS X Mavericks and enter the path by hand. If you just want to enter the hostname, SSL is required. The same applies to iOS7 where SSL is always required.


=== Alternative 1: Apache vhost (recommended) ===
=== Alternative 1: Apache vhost (recommended) ===
Please edit your site configuration file for OX so that ''' the existing OX configuration as well as the CalDAV/CardDav configuration are placed inside their own virtual hosts sections.'''.
Please edit your site configuration file for OX so that ''' the existing OX configuration as well as the CalDAV/CardDAV configuration are placed inside their own virtual hosts sections.'''.


Please add the following entries before you existing VirtualHost entry. This is an <b>example</b> where MYSERVER.TLD is the domain-name of the ox-server:
Please add the following entries before your existing <code>VirtualHost</code> entry. This is an <b>example</b> where <code>MYSERVER.TLD</code> is the domain-name of the ox-server:


  NameVirtualHost *:80
  # NameVirtualHost directive no longer has any effect since Apache >=2.4
# uncomment only for Apache Versions <2.4
#NameVirtualHost *:80
  <VirtualHost *:80>
  <VirtualHost *:80>
         ServerName dav.<MYSERVER.TLD>
         ServerName dav.<MYSERVER.TLD>
Line 30: Line 34:
         # uncomment this entry if you have a clustered setup and want to use the other nodes too
         # uncomment this entry if you have a clustered setup and want to use the other nodes too
         #BalancerMember http://<ip-of-other-host>:8009 timeout=100 smax=0 ttl=60 retry=60 loadfactor=50 route=OX2
         #BalancerMember http://<ip-of-other-host>:8009 timeout=100 smax=0 ttl=60 retry=60 loadfactor=50 route=OX2
        # for ajp http service (on systems < 7.6.0
        # BalancerMember ajp://localhost:8009 timeout=100 smax=0 ttl=60 retry=60 loadfactor=50 route=OX1
         SetEnv proxy-initial-not-pooled
         SetEnv proxy-initial-not-pooled
         SetEnv proxy-sendchunked
         SetEnv proxy-sendchunked
       </Proxy>
       </Proxy>
   
   
       <Proxy />
       ProxyPass / balancer://oxserver-sync/servlet/dav/
              Order allow,deny
              Allow from all
              ProxyPass balancer://oxserver-sync/servlet/dav/
      </Proxy>
  </VirtualHost>
  </VirtualHost>


If you use this method, you have to make sure that dav.<MYSERVER.TLD> is reachable, your dns configuration need an entry for this name. Take care of the the dav.* logfiles, the example writes them without logrotation to /tmp.
If you use this method, you have to make sure that <code>dav.<MYSERVER.TLD></code> is reachable, your DNS configuration needs an entry for this name. Take care of the the dav.* logfiles, the example writes them without logrotation to <code>/tmp</code>.


Please note the <code>NameVirtualHost</code> directive is needed to be able to specify multiple virtual hosts for the same IP. The differentiation is only done by the given <code>ServerName</code>. This implies that you need two server names, so the virtual host entry for the existing ox site configuration needs to be also enriched by a <code>ServerName</code> if not already present. If you access the system without one of the given <code>ServerName</code>s so e.g. via the IP the system will pick the corresponding one by order (in this case the DAV part first. If you want it to work differently please change the order accordingly.
Please note the <code>NameVirtualHost</code> directive is needed to be able to specify multiple virtual hosts for the same IP. The differentiation is only done by the given <code>ServerName</code>. This implies that you need two server names, so the virtual host entry for the existing ox site configuration needs to be also enriched by a <code>ServerName</code> if not already present. If you access the system without one of the given <code>ServerName</code>s so e.g. via the IP the system will pick the corresponding one by order (in this case the DAV part first. If you want it to work differently please change the order accordingly.
Line 54: Line 53:
   RewriteEngine On
   RewriteEngine On
   RewriteCond %{HTTP_USER_AGENT}      Calendar          [OR]
   RewriteCond %{HTTP_USER_AGENT}      Calendar          [OR]
  RewriteCond %{HTTP_USER_AGENT}      Reminders          [OR]
   RewriteCond %{HTTP_USER_AGENT}      DataAccess        [OR]
   RewriteCond %{HTTP_USER_AGENT}      DataAccess        [OR]
   RewriteCond %{HTTP_USER_AGENT}      DAVKit            [OR]
   RewriteCond %{HTTP_USER_AGENT}      DAVKit            [OR]
  RewriteCond %{HTTP_USER_AGENT}      DAVx5              [OR]
  RewriteCond %{HTTP_USER_AGENT}      OpenSync          [OR]
  RewriteCond %{HTTP_USER_AGENT}      "DAVdroid"        [OR]
   RewriteCond %{HTTP_USER_AGENT}      Lightning          [OR]
   RewriteCond %{HTTP_USER_AGENT}      Lightning          [OR]
  RewriteCond %{HTTP_USER_AGENT}      Thunderbird        [OR]
   RewriteCond %{HTTP_USER_AGENT}      Adresboek          [OR]
   RewriteCond %{HTTP_USER_AGENT}      Adresboek          [OR]
   RewriteCond %{HTTP_USER_AGENT}      dataaccessd        [OR]
   RewriteCond %{HTTP_USER_AGENT}      dataaccessd        [OR]
Line 62: Line 66:
   RewriteCond %{HTTP_USER_AGENT}      Adressbuch        [OR]
   RewriteCond %{HTTP_USER_AGENT}      Adressbuch        [OR]
   RewriteCond %{HTTP_USER_AGENT}      AddressBook        [OR]
   RewriteCond %{HTTP_USER_AGENT}      AddressBook        [OR]
   RewriteCond %{HTTP_USER_AGENT}      Address%20Book    [OR]
   RewriteCond %{HTTP_USER_AGENT}      Address\ Book      [OR]
   RewriteCond %{HTTP_USER_AGENT}      CalendarStore      [OR]
   RewriteCond %{HTTP_USER_AGENT}      CalendarStore      [OR]
   RewriteCond %{HTTP_USER_AGENT}      CoreDAV
   RewriteCond %{HTTP_USER_AGENT}      CalendarAgent      [OR]
   # select if you run ajp (proxy_ajp.conf) or grizzly (proxy_http.conf), here grizzly is used:
  RewriteCond %{HTTP_USER_AGENT}      CalDAV%20Sync%20Adapter [OR]
   #RewriteRule (.*)                  ajp://localhost:8009/servlet/dav$1    [P] # for ajp http service
  RewriteCond %{HTTP_USER_AGENT}      CalDavSynchronizer [OR]
  RewriteCond %{HTTP_USER_AGENT}      accountsd          [OR]
  RewriteCond %{HTTP_USER_AGENT}      "eM Client"        [OR]
   RewriteCond %{HTTP_USER_AGENT}      "OX Sync"          [OR]
   RewriteCond %{HTTP_USER_AGENT}      CalDav            [OR]
  RewriteCond %{HTTP_USER_AGENT}      CoreDAV            [OR]
  RewriteCond %{HTTP_USER_AGENT}      remindd
  RewriteCond %{HTTP_USER_AGENT}      "!Open-Xchange Calendar Feed Client"
   RewriteRule (.*)                  http://localhost:8009/servlet/dav$1    [P] # for grizzly http service
   RewriteRule (.*)                  http://localhost:8009/servlet/dav$1    [P] # for grizzly http service


'''Note:''' The address book app on OSX 10.6 uses a localized user-agent string. If you're expecting clients with non-english language settings, you need to add the translated user-agent string to these rewrite rules. For example: "Adressbuch" for german OSX clients.
'''Note:''' The address book app on OSX 10.6 uses a localized user-agent string. If you're expecting clients with non-english language settings, you need to add the translated user-agent string to these rewrite rules. For example: "Adressbuch" for german OSX clients.
'''Note:''' Depending on the specific configuration, such a global definition of the rewrite rules might not be appropriate. However, the rules may also be defined inside a <code>Directory</code> context. More details are available at http://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewriterule.


== Autodiscovery ==
== Autodiscovery ==
Line 82: Line 95:
  _carddav._tcp.MYSERVER.TLD.      10800 IN SRV      10 1  80 dav.MYSERVER.TLD.
  _carddav._tcp.MYSERVER.TLD.      10800 IN SRV      10 1  80 dav.MYSERVER.TLD.


Additionally, a rewrite-rule similar to the following example should be added to the webserver configuration of the virtual host to enable the bootstrapping process:
Additionally, a rewrite-rule similar to the following example should be added to the webserver configuration of the virtual host to enable the bootstrapping process. The rewrite target must be the root of your DAV server.
The well-known aliases should be added for your DAV vhost and on the vhost serving the host matching the mail domain:


  RewriteEngine On
  RewriteEngine On
Line 89: Line 103:
  RewriteRule (.*) / [L,R]
  RewriteRule (.*) / [L,R]


== Which packages do I need? ==
In the case of not serving the DAV service on the vhost root additionally some DNS TXT records are recommended:
To get CalDAV and CardDAV up and running you need the following packages:
 
_caldavs._tcp.MYSERVER.TLD.      10800 IN TXT  path=/servlet/dav
_caldav._tcp.MYSERVER.TLD.      10800 IN TXT  path=/servlet/dav
_carddavs._tcp.MYSERVER.TLD.    10800 IN TXT  path=/servlet/dav
_carddav._tcp.MYSERVER.TLD.      10800 IN TXT  path=/servlet/dav
 
 
== Installation on OX App Suite ==
 
=== Debian GNU/Linux 9.0 ===
 
Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:
 
deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianStretch/ /
 
# if you have a valid maintenance subscription, please uncomment the
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianStretch/ /
 
and run
 
$ apt-get update
$ apt-get install open-xchange-dav
 
=== Debian GNU/Linux 10.0 ===
 
Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:
 
deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBuster/ /
 
# if you have a valid maintenance subscription, please uncomment the
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBuster/ /
 
and run
 
$ apt-get update
$ apt-get install open-xchange-dav
 
=== SUSE Linux Enterprise Server 12 (valid until 7.10.3)===
 
Add the package repository using zypper if not already present:
 
$ zypper ar https://software.open-xchange.com/products/appsuite/7.10.3/backend/SLE_12 ox
 
If you have a valid maintenance subscription, please run the following command and add the ldb account data to the url so that the most recent packages get installed:
 
$ zypper ar https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/7.10.3/backend/updates/SLES11 ox-updates
 
and run
 
$ zypper ref
$ zypper in open-xchange-dav
 
=== RedHat Enterprise Linux 6 (valid until 7.10.3)===
 
Start a console and create a software repository file if not already present:
 
$ vim /etc/yum.repos.d/ox.repo
 
[ox]
name=Open-Xchange
baseurl=https://software.open-xchange.com/products/appsuite/7.10.3/backend/RHEL6/
gpgkey=https://software.open-xchange.com/oxbuildkey.pub
enabled=1
gpgcheck=1
metadata_expire=0m
 
# if you have a valid maintenance subscription, please uncomment the  
# following and add the ldb account data to the url so that the most recent
# packages get installed
# [ox-updates]
# name=Open-Xchange Updates
# baseurl=https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/7.10.3/backend/updates/RHEL6/
# gpgkey=https://software.open-xchange.com/oxbuildkey.pub
# enabled=1
# gpgcheck=1
# metadata_expire=0m
 
and run
 
$ yum update
$ yum install open-xchange-dav
 
===RedHat Enterprise Linux 7 ===
 
Start a console and create a software repository file if not already present:
 
$ vim /etc/yum.repos.d/ox.repo
 
[ox]
name=Open-Xchange
baseurl=https://software.open-xchange.com/products/appsuite/stable/backend/RHEL7/
gpgkey=https://software.open-xchange.com/oxbuildkey.pub
enabled=1
gpgcheck=1
metadata_expire=0m
 
# if you have a valid maintenance subscription, please uncomment the
# following and add the ldb account data to the url so that the most recent
# packages get installed
# [ox-updates]
# name=Open-Xchange Updates
# baseurl=https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/RHEL7/
# gpgkey=https://software.open-xchange.com/oxbuildkey.pub
# enabled=1
# gpgcheck=1
# metadata_expire=0m
 
and run
 
$ yum update
$ yum install open-xchange-dav
 
===CentOS 6 (valid until 7.10.3)===
 
Start a console and create a software repository file if not already present:
 
$ vim /etc/yum.repos.d/ox.repo
 
[ox]
name=Open-Xchange
baseurl=https://software.open-xchange.com/products/appsuite/7.10.3/backend/RHEL6/
gpgkey=https://software.open-xchange.com/oxbuildkey.pub
enabled=1
gpgcheck=1
metadata_expire=0m


In v6.20 and earlier:
# if you have a valid maintenance subscription, please uncomment the
* open-xchange-webdav-directory - Assembles the *DAV interfaces into a common tree. This is needed for publishing certain properties so clients accept the OX is a WebDAV Server.
# following and add the ldb account data to the url so that the most recent
* open-xchange-webdav-acl - The WebDAV equivalent of the /ajax/user interface. Allows clients to discover the current and other users and their addressbooks and calendars.
# packages get installed
* open-xchange-carddav - The CardDAV interface exposing the users addressbook via carddav
# [ox-updates]
* open-xchange-caldav - The CalDAV inteface exposing the users calendars via caldav
# name=Open-Xchange Updates
# baseurl=https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/7.10.3/backend/updates/RHEL6/
# gpgkey=https://software.open-xchange.com/oxbuildkey.pub
# enabled=1
# gpgcheck=1
# metadata_expire=0m


and run


With v6.22 we have significantly reduced the number of packages necessary to install Open-Xchange Server.
$ yum update
In v6.22 and later only one package is needed:
$ yum install open-xchange-dav
* open-xchange-dav  


== Installation on OX App Suite ==
===CentOS 7===
If there are any differences from for the Open-Xchange App Suite product family from version 6.22 they will be listed here
 


{{InstallPlugin|pluginname=open-xchange-caldav open-xchange-carddav open-xchange-webdav-acl open-xchange-webdav-directory |sopath=updates}}
Start a console and create a software repository file if not already present:


{{InstallPlugin|pluginname=open-xchange-dav|sopath=6.22/updates/backend|version=v6.22.x}}
$ vim /etc/yum.repos.d/ox.repo


== CalDAV Configuration ==
[ox]
name=Open-Xchange
baseurl=https://software.open-xchange.com/products/appsuite/stable/backend/RHEL7/
gpgkey=https://software.open-xchange.com/oxbuildkey.pub
enabled=1
gpgcheck=1
metadata_expire=0m


The following configuration options are available in the configuration files caldav.properties and caldav.yml:
# if you have a valid maintenance subscription, please uncomment the
# following and add the ldb account data to the url so that the most recent
# packages get installed
# [ox-updates]
# name=Open-Xchange Updates
# baseurl=https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/RHEL7/
# gpgkey=https://software.open-xchange.com/oxbuildkey.pub
# enabled=1
# gpgcheck=1
# metadata_expire=0m


===com.openexchange.caldav.enabled===
and run
The property '''com.openexchange.caldav.enabled''' governs whether a user has access to the CalDAV interface. This can be configured along the config cascade, in the default setting, everyone that has access to the infostore also has access to caldav. This is achieved in the following way:


In v6.20 and earlier:
$ yum update
$ yum install open-xchange-dav


/opt/open-xchange/etc/groupware/caldav.properties:
== CalDAV Configuration ==
  com.openexchange.caldav.enabled=false


/opt/open-xchange/etc/groupware/contextSets/caldav.yml
The following configuration options are available in the configuration files <code>caldav.properties</code> and <code>caldav.yml</code>:
  premium:
      com.openexchange.caldav.enabled: true
      withTags: ucInfostore


With v6.22 and up:
===com.openexchange.caldav.enabled===
The property '''com.openexchange.caldav.enabled''' governs whether a user has access to the CalDAV interface. This can be configured along the config cascade, in the default setting, everyone that has access to the infostore also has access to caldav. This is achieved in the following way:


/opt/open-xchange/etc/caldav.properties:
/opt/open-xchange/etc/caldav.properties:
Line 139: Line 296:




This means: In general CalDAV is turned off, but using the contextSets feature of the config cascade it is turned on for everyone that has infostore access.
This means: In general CalDAV is turned off, but using the <code>contextSets</code> feature of the config cascade it is turned on for everyone that has infostore access.


===com.openexchange.caldav.tree===
===com.openexchange.caldav.tree===
Line 161: Line 318:
Similarly to CalDAV, the property '''com.openexchange.carddav.enabled''' governs whether CardDAV is available for a certain user. This is configured exactly like CalDAV with the config cascade only enabling this for users that have access to the infostore:
Similarly to CalDAV, the property '''com.openexchange.carddav.enabled''' governs whether CardDAV is available for a certain user. This is configured exactly like CalDAV with the config cascade only enabling this for users that have access to the infostore:


/opt/open-xchange/etc/groupware/carddav.properties:
/opt/open-xchange/etc/carddav.properties:
   com.openexchange.carddav.enabled=false
   com.openexchange.carddav.enabled=false


/opt/open-xchange/etc/groupware/contextSets/carddav.yml
/opt/open-xchange/etc/contextSets/carddav.yml
   premium:
   premium:
       com.openexchange.carddav.enabled: true
       com.openexchange.carddav.enabled: true
Line 182: Line 339:


===com.openexchange.carddav.reducedAggregatedCollection===
===com.openexchange.carddav.reducedAggregatedCollection===
Specifies if all visible folders are used to create the aggregated collection, or if a reduced set of folders only containing the global addressbook and the personal contacts folders should be used. This setting only influences the aggregated collection that is used for clients that don't support multiple collections. Possible values are 'true' and 'false.
Specifies if all visible folders are used to create the aggregated collection, or if a reduced set of folders only containing the global addressbook and the personal contacts folders should be used. This setting only influences the aggregated collection that is used for clients that don't support multiple collections. Possible values are 'true' and 'false. -->


[[Category: Clients]]
[[Category: Clients]]
[[Category: Administrator]]
[[Category: Administrator]]
[[Category: AppSuite]]
[[Category: AppSuite]]

Latest revision as of 10:50, 8 December 2021

This article is valid until the version 7.10.2 of the Open Xchange Server. For newer versions please visit https://documentation.open-xchange.com/latest/middleware/miscellaneous/caldav_carddav.html