calendar-contacts-server (net/calendar-contacts-server) Add to my watchlist
Apple Calendar and Contacts Server configurationccs-calendarserver is a standards-compliant server implementing the CalDAV and CardDAV protocols, including iMIP. It provides a shared location on the network allowing multiple users to store and edit calendaring and contact information. This port provides a basic, working, easily modifiable configuration, previously used in macOS Server.app, and an nginx reverse proxy to handle modern crypto and isolate the backend server.
Version: 9.3.20200212 License: Apache-2
GitHub
| Maintainers | essandess |
| Categories | net mail |
| Homepage | https://www.calendarserver.org |
| Platforms | {darwin any} |
| Variants |
|
"calendar-contacts-server" depends on
lib (29)
run (3)
build (2)
Ports that depend on "calendar-contacts-server"
No ports
Port notes
Apple Calendar and Contacts Server is a standards-compliant server implementing the CalDAV and CardDAV protocols. Full deployment requires a working mail server, DNS configuration on both the LAN and the internet, including SPF and DKIM records, trusted TLS certificates, port forwarding, possibly a mail relay, and more.
Users must reconfigure this installation for their own system, network, and security model specifics by editing all necessary files and checking file permissions. A subset of these settings are visible in the files:
port contents calendar-contacts-server
port file calendar-contacts-server
These are the locations and network settings for the default configuration:
Calender and Contacts Server:
${prefix}/var/calendarserver/Library/CalendarServer/Config/calendarserver.plist
nginx Reverse Proxy:
${prefix}/var/calendarserver/Library/CalendarServer/etc/nginx.conf
ports: 8008, 8443, 8800, 8843
Personal data (note, outside ${prefix}):
/var/calendarserver/Library/CalendarServer/Data
Account and principal information is configurable in the file:
${prefix}/var/calendarserver/Library/CalendarServer/auth/accounts.xml
with baseline account records of the form:
<record>
<uid>7E1DE44E-F1E5-4656-93EF-1714B37877A5</uid>
<short-name>username</short-name>
<full-name>User Name</full-name>
<password>strong-password</password>
<email>username@example.com</email>
</record>
uid's can must be unique; on macOS two ways of generating uid's are the command `uuidgen`, or for local accounts and especially when migrating from an OpenDirectory-based server:
dscl . -read /Users/username GeneratedUID
A working Calendar and Contacts Server will allow local account authentication at these web pages (ports 8008 and 8800 are unencrypted):
http://host.example.com:8008
https://host.example.com:8443
http://host.example.com:8800
https://host.example.com:8843
TLS certificate updates must be included in calendar-contacts-server's proxy nginx.conf and, if installed, mail-server dovecot's conf.d/10-ssl.conf, and postfix's master.cf. Instructions are included as comments in:
sudo vi ${prefix}/var/calendarserver/Library/CalendarServer/etc/nginx.conf
sudo vi ${prefix}/etc/dovecot/conf.d/10-ssl.conf
sudo vi ${prefix}/etc/postfix/main.cf
Calendars and Contacts backup:
TS=$(date ''+%F'')
mkdir -p -m 0700 /tmp/caldav_$TS/calendars
mkdir -p -m 0700 /tmp/caldav_$TS/contacts
${prefix}/var/calendarserver/Library/CalendarServer/ccs-calendarserver/bin/calendarserver_export --config ${prefix}/var/calendarserver/Library/CalendarServer/Config/calendarserver.plist --all --calendars --directory=/tmp/caldav_$TS/calendars
${prefix}/var/calendarserver/Library/CalendarServer/ccs-calendarserver/bin/calendarserver_export --config ${prefix}/var/calendarserver/Library/CalendarServer/Config/calendarserver.plist --all --contacts --directory=/tmp/caldav_$TS/contacts
Known issues:
* All local accounts have access to calendarserver's password using
security find-generic-password -a calendarserver@host.example.com -g
If this Keychain item is missing, it must be added with a corresponding password for the calendarserver user:
sudo /usr/bin/security add-generic-password \
-a calendarserver@host.example.com \
-s org.calendarserver -T /usr/bin/security \
-w 'a-strong-passphrase' \
-A /Library/Keychains/System.keychain
sudo dscl . passwd /Users/calendarserver 'a-strong-passphrase'
This is a hack to provide twistedcaldav authentication access. See: https://github.com/apple/ccs-calendarserver/blob/master/twistedcaldav/util.py An alternate approach must be used if non-trusted local accounts exist on the Calendar and Contacts Server.
* The CalendarServer service does not reliably start after reboot,
presumably due to an issue with launchd. A workaround
after rebooting is to issue the commands:
sudo port unload calendar-contacts-server ; sleep 5 ;\
sudo port load calendar-contacts-server
* The package ccs-calendarserver is written in Python 2.7, which will reach the end of its life on January 1st, 2020. A future version of pip will drop support for Python 2.7. Migration of the caldav PostgreSQL database from postgresql96 to postgresql17 may be required.
Issue the following commands, possibly modified for your own specific database location and previous version:
# shutdown calendar-contacts-server and associated database
sudo port unload calendar-contacts-server
# move original db cluster.pg directory
sudo ls -l \
${prefix}/var/calendarserver/Library/calendarserver/Data/Database
sudo mv \
${prefix}/var/calendarserver/Library/calendarserver/Data/Database/cluster.pg \
${prefix}/var/calendarserver/Library/calendarserver/Data/Database/cluster_postgresql96.pg
# create socket to original db and dump the db
sudo -u calendarserver -g _calendar \
install -o calendarserver -g _calendar -m 0700 \
-d /tmp/ccs-migration
sudo -u calendarserver -g _calendar \
install -o calendarserver -g _calendar -m 0700 \
-d /tmp/ccs-migration/PostgresSocket-96
sudo -u calendarserver -g _calendar \
${prefix}/lib/postgresql96/bin/pg_ctl \
-U caldav -D \
${prefix}/var/calendarserver/Library/calendarserver/Data/Database/cluster_postgresql96.pg \
-o "-k /tmp/ccs-migration/PostgresSocket-96" \
-l /tmp/ccs-migration/postgresql96_logfile.txt start
sudo -u calendarserver -g _calendar \
${prefix}/lib/postgresql96/bin/pg_dumpall \
--username=caldav --host=/tmp/ccs-migration/PostgresSocket-96 \
--file=/tmp/ccs-migration/caldav96.dump
sudo chmod 0600 /tmp/ccs-migration/caldav96.dump
sudo -u calendarserver -g _calendar \
${prefix}/lib/postgresql96/bin/pg_ctl \
-U caldav -D \
${prefix}/var/calendarserver/Library/calendarserver/Data/Database/cluster_postgresql96.pg \
-o "-k /tmp/ccs-migration/PostgresSocket-96" \
-l /tmp/ccs-migration/postgresql96_logfile.txt stop
# import the data into a new database
sudo -u calendarserver -g _calendar \
install -o calendarserver -g _calendar -m 0700 -d \
${prefix}/var/calendarserver/Library/calendarserver/Data/Database/cluster_postgresql17.pg
sudo -u calendarserver -g _calendar \
install -o calendarserver -g _calendar -m 0700 -d \
/tmp/ccs-migration/PostgresSocket-17
sudo -u calendarserver -g _calendar \
${prefix}/lib/postgresql17/bin/initdb -E UTF8 -U caldav \
${prefix}/var/calendarserver/Library/calendarserver/Data/Database/cluster_postgresql17.pg
sudo -u calendarserver -g _calendar \
${prefix}/lib/postgresql17/bin/pg_ctl -U caldav -D \
${prefix}/var/calendarserver/Library/calendarserver/Data/Database/cluster_postgresql17.pg \
-o "-k /tmp/ccs-migration/PostgresSocket-17" \
-l /tmp/ccs-migration/postgresql17_logfile.txt start
sudo -u calendarserver -g _calendar \
${prefix}/lib/postgresql17/bin/createdb -U caldav \
-h /tmp/ccs-migration/PostgresSocket-17 caldav
sudo -u calendarserver -g _calendar bash -c \
'${prefix}/lib/postgresql17/bin/psql -U caldav \
-h /tmp/ccs-migration/PostgresSocket-17 \
< /tmp/ccs-migration/caldav96.dump'
# dump the new db to compare
sudo -u calendarserver -g _calendar \
${prefix}/lib/postgresql17/bin/pg_dumpall --username=caldav \
-h /tmp/ccs-migration/PostgresSocket-17 \
--file=/tmp/ccs-migration/caldav17.dump
sudo chmod 0600 /tmp/ccs-migration/caldav17.dump
sudo -u calendarserver -g _calendar \
${prefix}/lib/postgresql17/bin/pg_ctl -U caldav -D \
${prefix}/var/calendarserver/Library/calendarserver/Data/Database/cluster_postgresql17.pg \
-o "-k /tmp/ccs-migration/PostgresSocket-17" \
-l /tmp/ccs-migration/postgresql17_logfile.txt stop
sudo -u calendarserver -g _calendar \
ls -l /tmp/ccs-migration
# symlink `cluster.pg` to new db data
sudo -u calendarserver -g _calendar ln -s \
./cluster_postgresql17.pg \
${prefix}/var/calendarserver/Library/calendarserver/Data/Database/cluster.pg
# port select the new PostgreSQL version
sudo port select --set postgresql postgresql17
# edit by hand previously installed configuration file
sudo -u calendarserver -g _calendar sed -i "" \
's|postgresql96|postgresql17|g' \
${prefix}/var/calendarserver/Library/calendarserver/Config/calendarserver.plist
# clean up
sudo -u calendarserver -g _calendar rm -fr \
/tmp/ccs-migration
sudo port load calendar-contacts-server Startup items (named 'calendarserver, calendarserver_proxy') have been generated that will aid in starting calendar-contacts-server with launchd. They are disabled by default. Execute the following command to start them, and to cause them to launch at startup:
sudo port load calendar-contacts-server
Port Health:
Loading Port Health