'\" t .\" Title: kopano-ical.cfg .\" Author: [see the "Author" section] .\" Generator: DocBook XSL Stylesheets v1.79.1 .\" Date: November 2016 .\" Manual: Kopano Core user reference .\" Source: Kopano 8 .\" Language: English .\" .TH "KOPANO\-ICAL.CFG" "5" "November 2016" "Kopano 8" "Kopano Core user reference" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .\" http://bugs.debian.org/507673 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" ----------------------------------------------------------------- .\" * set default formatting .\" ----------------------------------------------------------------- .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .\" ----------------------------------------------------------------- .\" * MAIN CONTENT STARTS HERE * .\" ----------------------------------------------------------------- .SH "NAME" kopano-ical.cfg \- The Kopano iCal/CalDAV gateway configuration file .SH "SYNOPSIS" .PP \fBical.cfg\fR .SH "DESCRIPTION" .PP The ical.cfg is a configuration file for the Kopano iCal/CalDAV Gateway. ical.cfg contains instructions for the software to set up the logging system and to enable or disable the normal or SSL part of the service. .SH "FILE FORMAT" .PP The file consists of one big section, but parameters can be grouped by functionality. .PP The parameters are written in the form: .PP \fBname\fR = \fIvalue\fR .PP The file is line\-based. Each newline\-terminated line represents either a comment, nothing, a parameter or a directive. A line beginning with `#\*(Aq is considered a comment, and will be ignored by Kopano. Parameter names are case sensitive. Lines beginning with `!\*(Aq are directives. .PP Directives are written in the form: .PP !\fBdirective\fR \fI[argument(s)] \fR .PP The following directives exist: .PP \fBinclude\fR .RS 4 Include and process \fIargument\fR .PP Example: !include common.cfg .RE .SH "EXPLANATION OF EACH PARAMETER" .SS server_bind .PP IP address to bind to. Leave empty to bind to all addresses. .PP Default: (empty) .SS ical_enable .PP Enable iCal/CalDAV service with value yes. All other values disable the service. .PP Default: \fIyes\fR .SS ical_port .PP The iCal/CalDAV service will listen on this port for incoming connections. .PP Default: \fI8080\fR .SS icals_enable .PP Enable SSL iCal/CalDAV service with value yes. All other values disable the service. .PP Default: \fIyes\fR .SS icals_port .PP The SSL iCal/CalDAV service will listen on this port for incoming connections. .PP Default: \fI8443\fR .SS server_socket .PP The http address of the storage server. .PP Default: \fIhttp://localhost:236/\fR .PP It is not advised to specify the UNIX socket here, but the http address instead. In default configuration the gateway will then be trusted by the storage server (as set in its local_admin_users configuration setting). Unless is run as an untrusted user, by specifying the \fBrun_as_user\fR, the gateway always authenticates users even if they provide no or wrong credentials! .SS run_as_user .PP After correctly starting, the iCal/CalDAV gateway process will become this user, dropping root privileges. Note that the log file needs to be writeable by this user, and the directory too to create new logfiles after logrotation. This can also be achieved by setting the correct group and permissions. .PP Default value is empty, not changing the user after starting. .SS run_as_group .PP After correctly starting, the iCal/CalDAV gateway process will become this group, dropping root privileges. .PP Default value is empty, not changing the group after starting. .SS pid_file .PP Write the process ID number to this file. This is used by the init.d script to correctly stop/restart the service. .PP Default: \fI/var/run/kopano/ical.pid\fR .SS running_path .PP Change directory to this path when running in daemonize mode. When using the \-F switch to run in the foreground the directory will not be changed. .PP Default: \fI/\fR .SS process_model .PP You can change the process model between \fIfork\fR and \fIthread\fR. The forked model uses somewhat more resources, but if a crash is triggered, this will only affect one user. In the threaded model, a crash means all users are affected, and will not be able to use the service. .PP Default: \fIthread\fR .SS ssl_private_key_file .PP The iCal/CalDAV gateway will use this file as private key for SSL TLS. This file can be created with: \fBopenssl genrsa \-out /etc/kopano/ical/privkey.pem 2048\fR. .PP Default: \fI/etc/kopano/ical/privkey.pem\fR .SS ssl_certificate_file .PP The iCal/CalDAV gateway will use this file as certificate for SSL TLS. A self\-signed certificate can be created with: \fBopenssl req \-new \-x509 \-key /etc/kopano/ical/privkey.pem \-out /etc/kopano/ical/cert.pem \-days 1095\fR. .PP Default: \fI/etc/kopano/ical/cert.pem\fR .SS ssl_verify_client .PP Enable client certificate verification with value yes. All other values disable the verification. .PP Default: \fIno\fR .SS ssl_verify_file .PP The file to verify the clients certificates with. .PP Default: value not set. .SS ssl_verify_path .PP The path with the files to verify the clients certificates with. .PP Default: value not set. .SS ssl_protocols .PP Disabled or enabled protocol names. Supported protocol names are \fISSLv3\fR and \fITLSv1\fR. If Kopano was linked against OpenSSL 1.0.1 or later there is additional support for the new protocols \fITLSv1.1\fR and \fITLSv1.2\fR. To exclude both SSLv3 and TLSv1, set \fBserver_ssl_protocols\fR to \fI!SSLv3 !TLSv1\fR. .PP Default: SSLv2 being disabled .SS ssl_ciphers .PP SSL ciphers to use, set to \fIALL\fR for backward compatibility. .PP Default: \fIALL:!LOW:!SSLv2:!EXP:!aNULL\fR .SS ssl_prefer_server_ciphers .PP Prefer the server\*(Aqs order of SSL ciphers over client\*(Aqs. .PP Default: \fIno\fR .SS log_method .PP The method which should be used for logging. Valid values are: .TP \fIsyslog\fR Use the Linux system log. All messages will be written to the mail facility. See also \fBsyslog.conf\fR(5). .TP \fIfile\fP Log to a file. The filename will be specified in \fBlog_file\fR. .PP Default: \fIfile\fR .SS log_file .PP When logging to a file, specify the filename in this parameter. Use \fI\-\fR (minus sign) for stderr output. .PP Default: \fI/var/log/kopano/ical.log\fR .SS log_level .PP The level of output for logging in the range from 0 to 5. 0=no logging, 5=full logging. .PP Default: \fI2\fR .SS log_timestamp .PP Specify whether to prefix each log line with a timestamp in \*(Aqfile\*(Aq logging mode. .PP Default: \fI1\fR .SS log_buffer_size .PP Buffer logging in what sized blocks. The special value 0 selects line buffering. .PP Default: \fI0\fR .SS enable_ical_get .PP Enable the ical GET method to download an entire calendar. When set to \*(Aqyes\*(Aq, the GET method is enabled and allowed. If not, then calendars can only be retrieved with the CalDAV PROPFIND method, which is much more efficient. This option allows you to force the use of CalDAV which lowers load on your server. .RE .SH "RELOADING" .PP The following options are reloadable by sending the kopano\-ical process a HUP signal: .PP log_level .SH "FILES" .PP /etc/kopano/ical.cfg .RS 4 The Kopano iCal/CalDAV gateway configuration file. .RE .SH "AUTHOR" .PP Written by Kopano. .SH "SEE ALSO" .PP \fBkopano-ical\fR(8)