I have been a long-time user of the Zimbra collaborative software, appreciating its web interface with email access and shared calendar features. Initially, there was a free and open-source version that served its purpose well, even if it became somewhat challenging to use and to update, it remained overall a good solution. However, with recent developments (since version 8.5) and various changes in ownership, the free edition has been completely abandoned. I therefore found myself looking for alternative solutions for the various modules (calendar, webmail, etc.).
This article will focus on setting up a shared calendar server. I'll show how to set up a shared calendar on GNU/Linux using the Baïkal server, which supports both CalDAV and CardDAV. Its web interface makes it easy to manage users, address books, and calendars.
The sqlite3 database is the perfect choice for a small amount of users.
- Configuration:
- debian: 12 bookworm
- Baïkal: 0.9.5
- sqlite3: 3.40
- php: 8.2
And a big thank you to ByteHamster for making this product free and Open Source.
Baïkal Installation
- Install prerequisites:
root@host:~# apt update && apt install apache2 php-fpm php-sqlite3 php-sabre-dav git sqlite3 unzip php libapache2-mod-php
- Download the latest Baïkal release (check the official GitHub repository for the latest version https://github.com/sabre-io/Baikal/releases):
root@host:~# wget https://github.com/sabre-io/Baikal/releases/download/0.9.5/baikal-0.9.5.zip
- Unzip and move the folder to /var/www/baikal/:
root@host:~# unzip baikal-0.9.5.zip
root@host:~# mv baikal /var/www/baikal
- Set www-data as the owner of the folder:
root@host:~# chown -R www-data:www-data /var/www/baikal/
- We will secure our connections with HTTPS, to do so we will need Let's Encrypt certificates or autogenerate certificates. Let's see how to do the second option:
root@host:~# mkdir /etc/apache2/ssl/
root@host:~# openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout /etc/apache2/ssl/selfsigned.key -out /etc/apache2/ssl/selsigned.crt
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:FR
State or Province Name (full name) [Some-State]:The Elements Of A State
Locality Name (eg, city) []:City
Organization Name (eg, company) [Internet Widgits Pty Ltd]:STD Corp
Organizational Unit Name (eg, section) []:STD Department
Common Name (e.g. server FQDN or YOUR name) []:baikal.std.rocks
Email Address []:baikal@std.rocks
root@host:~# cat /etc/apache2/ssl/selfsigned.key /etc/apache2/ssl/selsigned.crt > /etc/apache2/ssl/cert.pem
- Enable apache2 rewrite and ssl modules:
root@host:~# a2enmod rewrite
root@host:~# a2enmod ssl
- Edit the /etc/apache2/sites-available/000-default.conf configuration file:
<VirtualHost *:443>
DocumentRoot /var/www/baikal/html
ServerName baikal.std.rocks
RewriteEngine On
# Generally already set by global Apache configuration
#RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteRule /.well-known/carddav /dav.php [R=308,L]
RewriteRule /.well-known/caldav /dav.php [R=308,L]
<Directory "/var/www/baikal/html">
Options None
# If you install cloning git repository, you may need the following
Options +FollowSymlinks
AllowOverride None
# Configuration for apache-2.4:
Require all granted
# Configuration for apache-2.2:
# Order allow,deny
# Allow from all
</Directory>
<IfModule mod_expires.c>
ExpiresActive Off
</IfModule>
SSLEngine On
#AUTOGENERATE CERTIFICATES
SSLCertificateFile /etc/apache2/ssl/cert.pem
SSLCertificateKeyFile /etc/apache2/ssl/selfsigned.key
#LETS ENCRYPT CERTIFICATES
#SSLCertificateFile /etc/letsencrypt/baikal.std.rocks/fullchain.pem
#SSLCertificateKeyFile /etc/letsencrypt/baikal.std.rocks/privkey.pem
#SSLCertificateChainFile /etc/letsencrypt/baikal.std.rocks/chain.pem
</VirtualHost>
- Restart the apache2 service:
root@host:~# systemctl restart apache2
We can now move on to the Baïkal configuration.
Baïkal Configuration
- Open a web browser and connect to the Baïkal web interface (https://IP_SERVER) to set the admin password:
- Keep the default configuration and click Save changes:
- Finally, click on Start using Baïkal:
- Use the previously configured password and click Authenticate:
- To add users, click Users and Resources from the dashboard:
- Then, click the Add User button:
- Enter information for the new account and click Save changes:
- The user is now created. Click on the Calendars button:
- From here, you can add a calendar and obtain the URI information (which can be useful depending on the calendar client):
Calendar Clients Configuration
At this point, we have a working shared calendar server. Now, let's connect our clients. I'll demonstrate how to do it with Thunderbird, which has an integrated calendar, and the DAVx5 Android application, allowing synchronization with calendars on Android devices.
Thunderbird
- Open Thunderbird and click the calendar button, then select New Calendar…:
- Select On the Network and click the Next button:
- Add the Username login and the URL https://IP_SERVER, then click Find Calendars:
- If you used a self-signed certificate, confirm the security exception:
- Enter the password of the user previously created:
- Finally, click on Subscribe to add the calendar:
- The shared calendar will appear:
DAVx5
- Open the DAVx5 app and click on the plus symbol to add an account:
- Select Connect with URL and enter the requested information:
- As with Thunderbird, we will receive a warning about the certificate if it is self-signed. Just click Accept:
- Finally, click on Create:
