As I mentioned in my last post, I've been playing with the Darwin Calendar Server (DCS) on Linux... Today I was able to re-test my setup notes to see if they worked properly, so below I've written a tutorial on how to get your own DCS server going on Fedora 13 or 14.
Installing Dependencies
Since we will be installing CalendarServer directly from the 2.4 branch subversion repository, the first thing to do is to install subversion and the dependencies for DCS:
su -
# Required to check out the source code from the repository
yum install subversion
# Dependencies
yum install patch memcached krb5-devel python-zope-interface PyXML pyOpenSSL python-kerberos
# Requirements for compiling xattr
yum install python-setuptools gcc gcc-c++ python-devel
Enable extended file attributes (xattrs)
DCS requires user extended file attributes so the user_xattr
mount option must be enabled for the partition on which CalendarServer will be storing its documents and data (in this case, /srv
). If you have not already enabled this option (it is disabled by default), edit /etc/fstab
and add the user_xattr
mount option after defaults
, for example:
/dev/mapper/VolGroup-lv_root / ext4 defaults,user_xattr 1 1
Grab DCS from SVN and run auto-setup
Once these packages have been installed and extended file attributes have been enabled, we will begin setting up the CalendarServer as your regular, non-root user.
# Directory to hold CalendarServer checkout and its dependencies
mkdir CalendarServer
cd CalendarServer
# Checkout the code from the repo
svn checkout http://svn.calendarserver.org/repository/calendarserver/CalendarServer/tags/release/CalendarServer-2.4 CalendarServer-2.4
cd CalendarServer-2.4
# Start auto-setup
./run -s
Auto-setup will now attempt to grab any missing dependencies for CalendarServer an will unpack and patch them accordingly. You may find that the download for PyDirector stalls - if so, hit to abort setup and download it manually:
pushd ..
wget http://downloads.sourceforge.net/pythondirector/pydirector-1.0.0.tar.gz
tar xfz pydirector-1.0.0.tar.gz
popd
# Resume unpacking
./run -s
Prepare for installation
Since DCS bundles a modified version of Twisted as well as a few other projects (such as pydirector), we will now prepare an installation root folder to avoid conflicts with system libraries (i.e., Twisted if it has been installed from the Fedora repos). This code will be run as root.
su -
# setup data & document roots
mkdir -p /srv/CalendarServer/{Data,Documents}
chown -R daemon:daemon /srv/CalendarServer/
# setup installation root
mkdir -p /opt/CalendarServer/etc/caldavd
mkdir -p /opt/CalendarServer/var/run/caldavd
mkdir -p /opt/CalendarServer/var/log/caldavd
Install DCS and configure the server instance
The last step is to install DCS from the Subversion checkout we made earlier into the installation root. Replace /home/regularuser
with the actual path to the home directory of your regular user.
# install DCS to installation root
cd /home/regularuser/CalendarServer/CalendarServer-2.4
./run -i /opt/CalendarServer
rm -rf /opt/CalendarServer/usr/caldavd/caldavd.plist
# copy sample configuration files
cp conf/servertoserver-test.xml /opt/CalendarServer/etc/caldavd/servertoserver.xml
cp conf/auth/accounts.xml /opt/CalendarServer/etc/caldavd/accounts.xml
cp conf/caldavd-test.plist /opt/CalendarServer/etc/caldavd/caldavd.plist
cp conf/sudoers.plist /opt/CalendarServer/etc/caldavd/sudoers.plist
# change permissions; passwords are stored plaintext!
chmod 600 /opt/CalendarServer/etc/caldavd/*
I have reported bugs #390 and #391 about problems with the setup script on 64-bit machines as well as a problem if a custom destination installation directory is used (which we did). This bit of code works around both of the bugs:
# 64-bit fix - see https://trac.calendarserver.org/ticket/391
sitelib="$(python -c 'from distutils.sysconfig import get_python_lib; print(get_python_lib())')"
sitearch="$(python -c 'from distutils.sysconfig import get_python_lib; print(get_python_lib(1))')"
if [ "$sitelib" != "$sitearch" ];then
mv /opt/CalendarServer"${sitelib}"/twisted/plugins/caldav.py* /opt/CalendarServer"${sitearch}"/twisted/plugins
# PYTHONPATH fix for 64-bit - see https://trac.calendarserver.org/ticket/390
sed -i.orig 's|PYTHONPATH="'"${sitelib}"'|DESTDIR=/opt/CalendarServer\nPYTHONPATH="${DESTDIR}'"${sitelib}"':${DESTDIR}'"${sitearch}"':|' /opt/CalendarServer/usr/bin/caldavd
else
# PYTHONPATH fix for 32-bit - see https://trac.calendarserver.org/ticket/390
sed -i.orig 's|PYTHONPATH="'"${sitelib}"'|DESTDIR=/opt/CalendarServer\nPYTHONPATH="${DESTDIR}'"${sitelib}"':|' /opt/CalendarServer/usr/bin/caldavd
fi
If you would like your server to use SSL (highly recommended), you will need to generate a certificate. If you have a certificate and key ready to install, place it in /opt/CalendarServer/etc/tls
. If not, you can easily generate a free self-signed one:
# Generate SSL keys
mkdir /opt/CalendarServer/etc/tls
openssl req -new -newkey rsa:1024 -days 365 -nodes -x509 -keyout www.example.com.key -out www.example.com.crt
Now, edit /opt/CalendarServer/etc/caldavd/caldavd.plist in your favorite editor and configure the server as follows:
<!-- Network host name [empty = system host name] -->
<key>ServerHostName</key>
<string>example.com</string> <!-- The hostname clients use when connecting -->
# Data roots
<!-- Data root -->
<key>DataRoot</key>
<string>/srv/CalendarServer/Data/</string>
<!-- Document root -->
<key>DocumentRoot</key>
<string>/srv/CalendarServer/Documents/</string>
# Test accounts configuration
<!-- XML File Directory Service -->
<key>DirectoryService</key>
<dict>
<key>type</key>
<string>twistedcaldav.directory.xmlfile.XMLDirectoryService</string>
<key>params</key>
<dict>
<key>xmlFile</key>
<string>/opt/CalendarServer/etc/caldavd/accounts.xml</string>
</dict>
</dict>
# Sudoers configuration
<!-- Principals that can pose as other principals -->
<key>SudoersFile</key>
<string>/opt/CalendarServer/etc/caldavd/sudoers.plist</string>
# Delete this section
<!-- Wikiserver authentication (Mac OS X) -->
<key>Wiki</key>
<dict>
<key>Enabled</key>
<true/>
<key>Cookie</key>
<string>sessionID</string>
<key>URL</key>
<string>http://127.0.0.1/RPC2</string>
<key>UserMethod</key>
<string>userForSession</string>
<key>WikiMethod</key>
<string>accessLevelForUserWikiCalendar</string>
</dict>
# logging
<!--
Logging
-->
<!-- Apache-style access log -->
<key>AccessLogFile</key>
<string>/opt/CalendarServer/var/log/caldavd/access.log</string>
<key>RotateAccessLog</key>
<false/>
<!-- Server activity log -->
<key>ErrorLogFile</key>
<string>/opt/CalendarServer/var/log/caldavd/error.log</string>
<!-- Log levels -->
<key>DefaultLogLevel</key>
<string>info</string> <!-- debug, info, warn, error -->
# a bit further down…
<!-- Global server stats -->
<key>GlobalStatsSocket</key>
<string>/opt/CalendarServer/var/run/caldavd/caldavd-stats.sock</string>
# <snip>
<!-- Server statistics file -->
<key>ServerStatsFile</key>
<string>/opt/CalendarServer/var/log/caldavd/stats.plist</string>
<!-- Server process ID file -->
<key>PIDFile</key>
<string>/opt/CalendarServer/var/run/caldavd/caldavd.pid</string>
# SSL
<!-- Public key -->
<key>SSLCertificate</key>
<string>/opt/CalendarServer/etc/tls/www.example.com.crt</string>
<!-- Private key -->
<key>SSLPrivateKey</key>
<string>/opt/CalendarServer/etc/tls/www.example.com.key</string>
# Privilege drop
<!--
Process management
-->
<key>UserName</key>
<string>daemon</string>
<key>GroupName</key>
<string>daemon</string>
<key>ProcessType</key>
<string>Combined</string>
# iSchedule server-to-server settings
<!-- iSchedule protocol options -->
<key>iSchedule</key>
<dict>
<key>Enabled</key>
<false/>
<key>AddressPatterns</key>
<array>
</array>
<key>Servers</key>
<string>/opt/CalendarServer/etc/caldavd/servertoserver.xml</string>
</dict>
# Communication socket
<!-- A unix socket used for communication between the child and master processes.
An empty value tells the server to use a tcp socket instead. -->
<key>ControlSocket</key>
<string>/opt/CalendarServer/var/run/caldavd/caldavd.sock</string>
# Twisted
<!--
Twisted
-->
<key>Twisted</key>
<dict>
<key>twistd</key>
<string>/opt/CalendarServer/usr/bin/twistd</string>
</dict>
# Load balancer
<!--
Python Director
-->
<key>PythonDirector</key>
<dict>
<key>pydir</key>
<string>/opt/CalendarServer/usr/bin/pydir.py</string>
<key>ConfigFile</key>
<string>/opt/CalendarServer/etc/pydir.xml</string>
<key>ControlSocket</key>
<string>/opt/CalendarServer/var/run/caldavd/caldavd-pydir.sock</string>
</dict>
...Profit!
Try starting the server!
/opt/CalendarServer/usr/bin/caldavd -T /opt/CalendarServer/usr/bin/twistd -f /opt/CalendarServer/etc/caldavd/caldavd.plist -X
If all goes well, press to kill the process and then daemonize it:
/opt/CalendarServer/usr/bin/caldavd -T /opt/CalendarServer/usr/bin/twistd -f /opt/CalendarServer/etc/caldavd/caldavd.plist