LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Blogs > jere21
User Name
Password

Notices


Rate this Entry

Sync calendar and contacts (ownCloud): Server on laptop (Part 2)

Posted 07-14-2015 at 08:12 AM by jere21
Updated 07-14-2015 at 09:07 AM by jere21

This is the second of a series of blog posts with a complete guide to sync calendar and contacts between Debian Jessie laptop (as server and client) and Android (CyanogenMod) mobile:
  1. General
  2. Setup CalDAV/CardDAV server (on my laptop):
    ownCloud, Apache, self-signed certificate
  3. Setup calendar and contacts in Icedove (rebranded Thunderbird) and Iceowl (rebranded Lightning):
    export, transform and backup the data with a script (owncloud.export), SOGo connector, ThunderSync, print to paper
  4. Setup calendar and contacts on the Android mobile:
    F-Droid market, import certificate, DAVdroid
  5. Alternative Servers (NOT USED, NOT COMPLETE):
    Radicale, Calypso

  1. Set a working domainname on the server

    See Debian Wiki.

    The domainname must be set correctly, so you can set a "networkable" value in the certificate later. This is necessary, because some clients (rightfully) don't accept a server's certificate (with a common name (CN) that stores your hostname.domain) if an IP address is given as location. So you need to be able to specify a working address (hostname.domain) for your CardDAV/CalDAV server.

    My local home network is behind a FritzBox router which uses "fritz.box" as domain name. So I can simply use that domain without any further configuration.

    To find all files that mention DOMAINNAME and potentially need to be updated (output prefixed with ###):
    Code:
    sudo find /etc -type f -exec grep -l $DOMAINNAME '{}' ';'
    ###/etc/hosts
    ###/etc/exim4/update-exim4.conf.conf
    ###/etc/mailname
    ###/etc/ssl/certs/java/cacerts
    For me this means:
    • Edit /etc/hosts
    • Code:
      dpkg-reconfigure exim4-config
    • Recreate the automatically installed, self-signed snakeoil certificate (although it unfortunately doesn't work for our purposes):
      Code:
      make-ssl-cert generate-default-snakeoil --force-overwrite
    • TODO (or not, since this doesn't matter for me in practice): Update /etc/ssl/certs/java/cacerts with new snakeoil certificate. It still references the old snakeoil certificate, although the cacerts file gets updated. The following doesn't help:
      Code:
      #sudo aptitude reinstall ca-certificates-java
      #sudo update-ca-certificates
    • Restart the computer.

  2. Install a webserver: apache2

    Code:
    ii  apache2        2.4.10-11 Apache HTTP Server
    Go to http://localhost (which serves file:///var/www/html/index.html)
    --> apache2 is working out of the box.

  3. Create a self-signed certificate

    See Debian Wiki.

    The self-signed snakeoil certificate by the ssl-cert package (see e.g. /usr/share/doc/apache2/README.Debian.gz) has the CA-flag set to FALSE. Android refuses to accept it therefore. So we create a self-signed certificate completely on our own:

    Code:
    ii  openssl        1.0.2a-1  Secure Sockets Layer toolkit - cryptographic utility
    Code:
    sudo mkdir -p /etc/ssl/localcerts
    sudo openssl req -new -x509 -days 3650 -nodes \
      -out /etc/ssl/localcerts/apache.pem \
      -keyout /etc/ssl/localcerts/apache.key
    ###Country Name (2 letter code) [AU]:XX
    ###State or Province Name (full name) [Some-State]:XXXXX
    ###Locality Name (eg, city) []:XXXXX
    ###Organization Name (eg, company) [Internet Widgits Pty Ltd]:NONE       
    ###Organizational Unit Name (eg, section) []:
    ###Common Name (e.g. server FQDN or YOUR name) []:hope.fritz.box
    ###Email Address []:MYNAME@example.com
    sudo chmod 600 /etc/ssl/localcerts/apache*
    sudo a2enmod ssl
    cd /etc/apache2/sites-enabled
    sudo cp ../sites-available/default-ssl.conf .
    # Edit /etc/apache2/sites-enabled/default-ssl.conf:
    ###-SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
    ###-SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
    ###+SSLCertificateFile /etc/ssl/localcerts/apache.pem
    ###+SSLCertificateKeyFile /etc/ssl/localcerts/apache.key
    sudo service apache2 restart
    Go to https://localhost/ or https://hope.fritz.box/
    --> apache2 + SSL is working now.

  4. Disable apache's http on port 80

    Edit /etc/apache2/ports.conf:
    Code:
    -Listen 80
    +#Listen 80
    Go to http://localhost. This connection fails now, https is now required.

  5. Install ownCloud

    Code:
    ii  owncloud       7.0.6+dfsg-1  cloud storage for files, music, contacts, calendars and many more
    un  php5-mysql     <none>       
    ii  php5-sqlite    5.6.9+dfsg-1  SQLite module for php5
    ii  owncloud-tasks 0.5-1         task management with CalDAV support - ownCloud application
    There are alternatives in ownCloud's dependencies for the webserver and database. As indicated above I chose:
    • Webserver: apache2 (default)
      You'll get /etc/apache2/conf-enabled/owncloud.conf from the owncloud package, so ownCloud works out of the box with Apache on Debian (contrary to e.g. nginx).
    • Database: sqlite (non-default)
      I chose SQLite as self-contained database engine, eliminating the need for a full SQL server installation (so e.g. no package mysql-server installed). I use it with only one user, so this should work good. But I got some smaller performance (?) issues, see first post. I don't know if this is related to SQLite.

    Calendar and Contacts are part of the main owncloud package, only owncloud-tasks has to be installed additionally if you want to have a task app in the webinterface (syncing tasks from external apps works just fine without that package being installed though).

    You should see the inital setup page of ownCloud at https://localhost/owncloud/ now.

  6. Configure ownCloud

    • Initial setup:

      Go to https://localhost/owncloud/:

      Admin: admin
      Password: <choose a password>

      Automatically detected:
      Data folder /usr/share/owncloud/data (link to /var/lib/owncloud/data)
      Database: SQLite
    • Basic configuration
      • Click on "admin" in the top right of the ownCloud website: Personal:
        Configure your (local) E-Mail address. Check if it is working, e.g. by giving a wrong password on login.
      • Click on "admin" in the top right of the ownCloud website: Users:
        Add your user.
      • Click on "admin" in the top right of the ownCloud website: Admin:
        Security - Enforce HTTPS
      • Switch to "Apps" in the top left of the ownCloud website and disable everything you don't need. (You only need Calendar, Contacts and optionally Tasks.)
    • Add hope.fritz.box as trusted domain:

      Go to https://hope.fritz.box/owncloud/.
      Follow the link and login as admin to add hope.fritz.box as trusted website. Otherwise you can't connect from a remote client.
    • Login on https://localhost/owncloud/ as your user, here "jens".
      • Click on "jens" in the top right of the ownCloud website: Personal:
        Configure your (local) E-Mail address. Check if it is working, e.g. by giving a wrong password on login.
      • Switch to "Calendar" in the top left of the ownCloud website.
        • Click on the chain symbol to show the "Primary CalDAV address" and other addresses. Refer to them later on.
        • Click on the configure button (wheel icon) in the bottom left.
          Configure the timezone.
      • Switch to Contacts in the top left of the ownCloud website.
        • Click on the configure button (wheel icon) in the bottom left, then click on the chain symbol to show the CardDAV link and write it down for later use:
          https://localhost/owncloud/remote.ph.../jens/contacts

          Actually I use the following link, and can't reproduce how and when I came up with it:
          https://localhost/owncloud/remote.php/carddav/

          Note that this is the localhost link which will only work for local clients. For remotes (your mobile) replace "localhost" with "hope.fritz.box".
        • Import your old calendar and contacts, e.g. from a Google Takeout.

  7. Further reading and logfiles

    https://doc.owncloud.org/server/7.0/...ion/index.html
    /var/log/owncloud.log
    /var/log/apache2/access.log
    /var/log/apache2/error.log
    php logfiles need to be enabled first
Posted in Uncategorized
Views 1092 Comments 0
« Prev     Main     Next »
Total Comments 0

Comments

 

  



All times are GMT -5. The time now is 10:35 PM.

Main Menu
Advertisement
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration