RogerBW's Blog

Xandikos Calendar Server on Debian 10 20 July 2019

Why have a calendar server in the first place? Because I want to check my schedule from multiple devices, and because I don't want to sell out to Google. (Which of course just means that when Google takes over I won't have been paid.)

I've been running calypso for a while, but it doesn't seem terribly responsive; generally when I load multiple calendars at least one of them doesn't come back fast enough to satisfy the client (Lightning), and I was never able to get it to work with LineageOS at all. I'd tried Xandikos before, which started as a fork of Calypso but has now been completely rewritten, but never managed to get it working; but the recent release of Debian 10, which includes it as a package, inspired me to give it another go.

The documentation is fragmentary, but here's how I got it set up in a "full" configuration, i.e. with Apache and UWSGI rather than direct unauthenticated connection. I was poking radicale and calypso at the same time, and even briefly flirting with Apple's calendar-server (caldavd), so there may be more here than is strictly needed.

Packages needed seem to be xandikos, apache2 (which I was already using), libapache2-mod-proxy-uwsgi, uwsgi and uwsgi-plugin-python3. I needed to set up a xandikos user and group (adduser/addgroup).

Apache gets a virtual server (plain text redirects to SSL, and of course I have a LetsEncrypt certificate, validated by DNS). This handles the authentication.

<VirtualHost *:443>
SSLEngine on # [etc., see best practices]

ServerName calendar.homenet.firedrake.org
ServerAdmin [REDACTED]
DocumentRoot /var/www/nowhere

ProxyPass / uwsgi://127.0.0.1:8001/
<Proxy "*">
    AuthType Basic
    AuthName "Xandikos: Authentication Required"
    AuthBasicProvider file
    AuthUserFile /etc/apache2/passwd/xandikos
    AllowOverride None
    Require valid-user
</Proxy>

ErrorLog ${APACHE_LOG_DIR}/calendar.homenet.firedrake.org-error.log
CustomLog ${APACHE_LOG_DIR}/calendar.homenet.firedrake.org-access.log \
combined
</VirtualHost>

<VirtualHost *:80>
ServerName calendar.homenet.firedrake.org
ServerAdmin webmaster@${_DOMAIN}
DocumentRoot /var/www/nowhere

RedirectMatch permanent ^(?!/.well-known/acme-challenge)(.*) \
https://calendar.homenet.firedrake.org/$1

CustomLog ${APACHE_LOG_DIR}/redirect.log vhost_combined
</VirtualHost>

Xandikos doesn't have multi-user support, so this isn't something to throw open to the world, or even to all local users.

UWSGI gets the other half of this localhost connection in /etc/uwsgi/apps-enabled/xandikos.ini:

[uwsgi]
socket = 127.0.0.1:8001
uid = xandikos
gid = xandikos
umask = 022
master = true
cheaper = 0
processes = 1
plugin = python3
module = xandikos.wsgi:app
env = XANDIKOSPATH=/var/lib/xandikos/collections
env = CURRENT_USER_PRINCIPAL=/user/
env = AUTOCREATE=defaults

I think the default collections got created by the first authenticated connection, or it might have been on uwsgi restart.

New calendars created (MKCALENDAR works as it should), I then copied across the data from the old set - using vdirsyncer, which is a bit odd but seems to get the job done.

I then found that the CalDAV code I'd been using (for example to send me reminders of upcoming events) was taking an illicit short-cut. Calypso allows the user simply to GET a calendar, and receive all the events in it, but that's not the One True Way. I poked around CPAN for a bit, not finding any modules that did the right thing (even Cal::DAV, by the same author whose ICal code I'm already using, has this flaw), but was eventually pointed to a page on CalDAV in practice which goes into enough detail for me to get the job done. (And yes, I suppose there will eventually be a module for this.)

Hint to protocol designers: if you find yourself thinking "this is really complicated, I bet adding five-layers-deep XML structures will make it simpler" you are wrong. (At least JSON doesn't have namespaces. Though it does have schemas.) In particular, if you are thinking "round trips are expensive, I'll allow a bunch of simultaneous requests in a single XML stream, each of which will return its own status information, all packed together in another XML stream" I may have to find you and hurt you.

But I do now have my calendar syncing with LineageOS (across the home network or a VPN, using DAVx5 off F-Droid), without having to rely on any third-party servers.

Note: nothing ever tells you what URL you should feed a client. For Lightning I load up individual remote calendars with the full path ( .../user/calendars/roger-public etc.); for DAVx5 it's higher up (I think it was .../user/calendars) and it syncs all of them.

Colouring calendars imported via DAVx5 requires you to set the Calendar Colour property (which Lightning doesn't use), which is its own special fun…


  1. Posted by Asdap, G at 08:33pm on 25 September 2019

    Were you able to have xandikos set android calendar colour via davx5?

  2. Posted by RogerBW at 11:45pm on 25 September 2019

    Yes.

    Well, what I do is set the calendar colour on the server, and DAVx5 then correctly reads it and sets it in the client. Lightning does not read this, so you have to set it manually there.

    The server colour setting basically consists of sending a PROPPATCH command to the specific calendar URL, with application/xml payload:

    <propertyupdate xmlns="DAV:"><set><prop><calendar-color xmlns="http://apple.com/ns/ical/">#0000ff</calendar-color></prop></set></propertyupdate>

    replacing the 0000ff with your preferred hex triplet colour.

Comments on this post are now closed. If you have particular grounds for adding a late comment, comment on a more recent post quoting the URL of this one.

Search
Archive
Tags 1920s 1930s 1940s 1950s 1960s 1970s 1980s 1990s 2000s 2010s 3d printing action aeronautics aikakirja anecdote animation anime army astronomy audio audio tech base commerce battletech beer boardgaming book of the week bookmonth chain of command children chronicle church of no redeeming virtues cold war comedy computing contemporary cornish smuggler cosmic encounter coup cycling dead of winter doctor who documentary drama driving drone ecchi economics espionage essen 2015 essen 2016 essen 2017 essen 2018 existential risk falklands war fandom fantasy film firefly first world war flash point food garmin drive gazebo geodata gin gurps gurps 101 harpoon historical history horror hugo 2014 hugo 2015 hugo 2016 hugo 2017 hugo 2018 hugo 2019 hugo-nebula reread humour in brief avoid instrumented life kickstarter learn to play leaving earth linux mecha men with beards museum mystery naval non-fiction one for the brow opera perl perl weekly challenge photography podcast politics powers prediction privacy project woolsack pyracantha quantum rail ranting raspberry pi reading reading boardgames social real life restaurant reviews romance rpg a day rpgs science fiction scythe second world war security shipwreck simutrans smartphone south atlantic war squaddies stationery steampunk stuarts suburbia superheroes suspense television the resistance thirsty meeples thriller tin soldier torg toys trailers travel type 26 type 31 type 45 vietnam war war wargaming weather wives and sweethearts writing about writing x-wing young adult
Special All book reviews, All film reviews
Produced by aikakirja v0.1