Hey, I'm currently trying to figure out if it's possible to use Caddy as a reverse proxy and to handle the secure connection and certificate from Let's Encrypt.

I already have Caddy running as part of a different project and find it a bit easier to use than Nginx, especially in regards to automatic certificates. I haven't worked with Traefik yet but could, of course, just use this docker-compose file to handle the job.

Do be more exact, I wonder if the labels from said docker-compose file can be used to configure Caddy correctly.

As a full disclaimer: I'm fairly new to docker, caddy, and things like self-hosting, networking, reverse-proxies,...

Hi,

Do you have plans to update the images to the latest baikal release 0.7.0?
https://github.com/sabre-io/Baikal/releases

Looking forward to it

Hi ckulka,

I try to use the stable release 0.4.6 but I face a problem when I want to access "http://127.0.0.1/cal.php/calendars/testuser/default".

The following error occurs:
Error: Class 'DOMDocument' not found in /var/www/baikal/vendor/sabre/dav/lib/DAV/Server.php:256
Stack trace:
#0 /var/www/baikal/Core/Frameworks/Baikal/Core/Server.php(123): Sabre\DAV\Server->exec()
#1 /var/www/baikal/html/cal.php(65): Baikal\Core\Server->start()
#2 {main}

After searching for a solution I found that:
sabre-io/Baikal#701

Honestly, I don't know if this could fix it? Does someone can repeat my error?

The following error appears during the setup assistant

 The FOLDER containing the DB file is not writable, and it has to.
 Please give write permissions on folder '/var/www/baikal/Specific/db' 

Pretty similar to #62 but it seems, that the error occurs because the db folder is missing.
I executed the following command in the container to create the folder and was able to finish the setup assistant:

mkdir /var/www/baikal/Specific/db

The folder is now owned by root. Does it have to be changed to nginx?

# ls -la /var/www/baikal/Specific
total 4
drwxrwxrwx 1 nginx nginx 57 Apr  8 12:13 .
drwxr-xr-x 1 nginx nginx 88 Apr  6 23:37 ..
-rw-r--r-- 1 nginx nginx 31 Apr  8 09:28 .htaccess
-rw-r--r-- 1 nginx nginx  0 Apr  8 12:13 INSTALL_DISABLED
drwxr-xr-x 1 root  root  23 Apr  8 12:13 db

Database is owned by nginx

# ls -la /var/www/baikal/Specific/db 
total 108
drwxr-xr-x 1 root  root      23 Apr  8 12:13 .
drwxrwxrwx 1 nginx nginx     57 Apr  8 12:13 ..
-rw-r--r-- 1 nginx nginx 110592 Apr  8 12:13 db.sqlite

How to share a calendar. where can i make configs?
Thanks for help

Since about two days or so, I'm getting the following error which causes syncing my calendars with Thunderbird to fail:

2022/03/24 11:46:48 [error] 21#21: *1112 FastCGI sent in stderr: "PHP message: Sabre\DAV\Exception\PreconditionFailed: An If-None-Match header was specified, but the ETag matched (or * was specified). in /var/www/baikal/vendor/sabre/dav/lib/DAV/Server.php:1377
Stack trace:
#0 /var/www/baikal/vendor/sabre/dav/lib/DAV/Server.php(466): Sabre\DAV\Server->checkPreconditions()
#1 /var/www/baikal/vendor/sabre/dav/lib/DAV/Server.php(253): Sabre\DAV\Server->invokeMethod()
#2 /var/www/baikal/vendor/sabre/dav/lib/DAV/Server.php(321): Sabre\DAV\Server->start()
#3 /var/www/baikal/Core/Frameworks/Baikal/Core/Server.php(119): Sabre\DAV\Server->exec()
#4 /var/www/baikal/html/dav.php(69): Baikal\Core\Server->start()
#5 {main}" while reading response header from upstream, client: 172.18.0.3, server: _, request: "PUT /dav.php/calendars/<user>/default/87379da1-df01-4152-9008-6f16c1f5d2de.ics HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.sock:", host: "my.domain.com"
172.18.0.3 - - [24/Mar/2022:11:46:48 +0000] "PUT /dav.php/calendars/<user>/default/87379da1-df01-4152-9008-6f16c1f5d2de.ics HTTP/1.1" 412 381 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0" "<my-ip>"
172.18.0.3 - - [24/Mar/2022:11:46:48 +0000] "OPTIONS /dav.php/calendars/<user>/default/ HTTP/1.1" 200 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0" "<my-ip>"
172.18.0.3 - - [24/Mar/2022:11:46:48 +0000] "REPORT /dav.php/calendars/<user>/default/ HTTP/1.1" 207 300 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0" "<my-ip>"

I'm neither sure what this means nor why it's happening. Prehaps something changed internally with Thunderbird or Baikal? I'm not sure which of the two it is.
Syncing my calendar with my phone via DAVx5 seems to work fine though.

Thunderbird itself gives me the following message:

An error occurred when writing to the calendar Default! Please see below for more information.
Error:
MODIFICATION_FAILED
Description:
If you're seeing this message after snoozing or dismissing a reminder and this is for a calendar you do not want to add or edit events for, you can mark this calendar as read-only to avoid such experience in future. To do so, get to the calendar properties by right-clicking on this calendar in the list in the calendar or task view.

This just occurs during syncing, not when I'm interacting with events.

In the example for using Traefik on iOS, the regex replacement uses double dollar signs. This works when using labels in the compose file, but not when using a YAML configuration file for Traefik. In the compose file, the dollar sign needs to be escaped, but in the YAML file, this isn't the case.

Adding info to the compose example in the form of the following, would be beneficial:

# Docker Compose file for a Baikal server with Let's Encrypt using Traefik (https://docs.traefik.io/)
#
.......
# 3. Start the stack: docker-compose -f docker-compose.ssl.yaml up
# 
# If using a traefik provider file in YAML or TOML, you do not need to escape characters. The regex should therefore be:
# redirectRegex:
#   replacement: "https://$1/dav/php/
# 

As the title says, I've tried mapping ./www to /var/www and creaeting all the directories manually, and applying the same permissions that are in the example docker-compose.yml file to all the folders, but when I spin the container up it doesn't work.

The reason I need to do this is I need to edit the .htaaccess file (for remapping the default iPhone CardDAV value) within the html directory, but my container doesn't have vim, vi, nano, or any other text editor installed, installing them is on face value a PITA, and I would much rather map everything to a local directory for future config changes if required.

I installed a docker with baikal on a raspberry pi. I used Baikal server as a rest api. When querying the baikal server, disk space began to decrease. After a more detailed examination, I found that the files from the session php remain in the docker container - directory: /var/lib/docker/overlay2/3cd91b16159dc6baa381e6963f3f0e9fb5c45d69314afa5b592f8335579e04d3/merged/var/lib/php/sessions
I solved this by regularly deleting these files:
path=$(/usr/bin/docker inspect $(/usr/bin/docker ps -qa) | /usr/bin/jq -r 'map([.Name, .GraphDriver.Data.MergedDir]) | .[] | "(.[0]) (.[1])"' | /usr/bin/grep baikal | /usr/bin/cut -d' ' -f2)
/usr/bin/find $path/var/lib/php/sessions -type f -delete

But I don't think that's an ok solution.

Can you please point me in de right direction, I have installed you image on a synology nas docker variant. I configured a reverse proxy for my domain on the nas. This is working when using the browser to browse to the admin page. But when trying to at caldav to iOS/macOS calendar I get a warning that the ssl cert is self sign and not my own SSL.

How can I link my own ssl cert to the container?

Since the new version 0.9.1, @Lithimlin regularly gets gateway timeouts when querying my calendars or any admin page:

baikal  | 172.30.0.3 - - [07/Apr/1982:12:45:52 +0000] "GET /res/core/BaikalAdmin/main.js HTTP/1.1" 304 0 "https://<mydomain>/admin/" "Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0" "77.181.218.126"
baikal  | 1982/04/07 12:45:52 [error] 21#21: *128 upstream timed out (110: Connection timed out) while reading response header from upstream, client: 172.30.0.3, server: _, request: "GET /admin/?/users/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.sock", host: "<mydomain>", referrer: "https://<mydomain>/admin/"
baikal  | 172.30.0.3 - - [07/Apr/1982:12:45:52 +0000] "GET /admin/?/users/ HTTP/1.1" 504 167 "https://<mydomain>/admin/" "Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0" "77.181.218.126"

@mstilkerich found that the timestamps were all wrong and further tests showed that the time inside the containers worked in 0.8.0, but was all over the place in 0.9.1:

~ $ docker run --rm -it ckulka/baikal:0.9.1 date
Thu Jan  1 00:00:00 UTC 1970
~ $ docker run --rm -it ckulka/baikal:0.9.1-nginx date
Thu Jan  1 00:00:00 UTC 1970
~ $ docker run --rm -it ckulka/baikal:0.8.0 date
Wed Jan 26 10:10:14 UTC 2022
~ $ docker run --rm -it ckulka/baikal:0.8.0-nginx date
Wed Jan 26 10:10:18 UTC 2022

A very similar sounding issue at Date is wrong in container (linuxserver.io) pointed to this solution: https://docs.linuxserver.io/faq#my-host-is-incompatible-with-images-based-on-ubuntu-focal.

Originally raised by @Lithimlin in #52 (comment) , #52 (comment) , #52 (comment)

Ah, it seems that my current Raspbian is not supported anymore then.
I'm currently in the process of setting everything up so I can raze the Pi and install everything again. I'll let you know if an update helps.

I just double-checked and interestingly enough I'm already on Bullseye.
Just to make sure I updated everything but I still get the wrong date.
So I will wait until I updated the Pi and everything and let you know again whether things are working.

Have you thought about solutions for enabling email invitations?

When I try that, I get the following error:

sh: 1: /usr/sbin/sendmail: not found

I've installed Baikal Nginx on my docker instance.

It runs alongside a Nginx Proxy Managear container. It forwards http to port baikals port 80.

I've tried synchronizing Joplin and Thunderbird. I get more or less the same error : "PHP message: Sabre\DAV\Exception\Forbidden: Permission denied to create directory in /var/www/baikal/vendor/sabre/dav/lib/DAV/Collection.php:104"

Why is it trying to create a directory in a php file ?

#0 /var/www/baikal/vendor/sabre/dav/lib/DAV/Server.php(1210): Sabre\DAV\Collection->createDirectory()
#1 /var/www/baikal/vendor/sabre/dav/lib/DAV/CorePlugin.php(560): Sabre\DAV\Server->createCollection()
#2 /var/www/baikal/vendor/sabre/event/lib/WildcardEmitterTrait.php(89): Sabre\DAV\CorePlugin->httpMkcol()
#3 /var/www/baikal/vendor/sabre/dav/lib/DAV/Server.php(472): Sabre\DAV\Server->emit()
#4 /var/www/baikal/vendor/sabre/dav/lib/DAV/Server.php(253): Sabre\DAV\Server->invokeMethod()
#5 /var/www/baikal/vendor/sabre/dav/lib/DAV/Server.php(321): Sabre\DAV\Server->start()
#6 /var/www/baikal/Core/Frameworks/Baikal/Core/Server.php(119): Sabre\DAV\Server->exec()
#7 /var/www/baikal/html/dav.php(69): Baikal\Core\Server->start()
#8 {main}" while reading response header from upstream, client: 172.17.0.1, server: _, request: "MKCOL /dav.php/locks/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/php/php8.0-fpm.sock:", host: "baikal.MYDOMAIN.com"
172.17.0.1 - test3 [29/Mar/2021:21:19:41 +0000] "MKCOL /dav.php/locks/ HTTP/1.1" 403 291 "-" "Joplin/1.0" "192.168.1.1"
2021/03/29 21:19:51 [error] 21#21: *346 FastCGI sent in stderr: "PHP message: Sabre\DAV\Exception\Forbidden: Permission denied to create directory in /var/www/baikal/vendor/sabre/dav/lib/DAV/Collection.php:104

#0 /var/www/baikal/vendor/sabre/dav/lib/DAV/Server.php(1210): Sabre\DAV\Collection->createDirectory()
#1 /var/www/baikal/vendor/sabre/dav/lib/DAV/CorePlugin.php(560): Sabre\DAV\Server->createCollection()
#2 /var/www/baikal/vendor/sabre/event/lib/WildcardEmitterTrait.php(89): Sabre\DAV\CorePlugin->httpMkcol()
#3 /var/www/baikal/vendor/sabre/dav/lib/DAV/Server.php(472): Sabre\DAV\Server->emit()
#4 /var/www/baikal/vendor/sabre/dav/lib/DAV/Server.php(253): Sabre\DAV\Server->invokeMethod()
#5 /var/www/baikal/vendor/sabre/dav/lib/DAV/Server.php(321): Sabre\DAV\Server->start()
#6 /var/www/baikal/Core/Frameworks/Baikal/Core/Server.php(119): Sabre\DAV\Server->exec()
#7 /var/www/baikal/html/dav.php(69): Baikal\Core\Server->start()
#8 {main}" while reading response header from upstream, client: 172.17.0.1, server: _, request: "MKCOL /dav.php/locks/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/php/php8.0-fpm.sock:", host: "baikal.MYDOMAIN.com"
172.17.0.1 - test3 [29/Mar/2021:21:19:51 +0000] "MKCOL /dav.php/locks/ HTTP/1.1" 403 291 "-" "Joplin/1.0" "192.168.1.1"

When the current Docker image ckulka/baikal:nginx ist started on Ubuntu 20.04 (focal) system, users accounts and calendars can be created, but no events can be written.
It seems to work without problems on Mac OS X.
I tried on a remote Ubuntu server Ubuntu 20.04.2 LTS and on my notebook running a Ubuntu derivative (Linux Mint 20.1).

On the Ubuntu server the Docker container is started with:

/usr/bin/docker run --rm -p 8800:80 -v /var/lib/baikal-calendar/Specific:/var/www/baikal/Specific -v /var/lib/baikal-calendar/config:/var/www/baikal/config --name calendar ckulka/baikal:nginx

On the notebook it is started exactly like on the Github page written (but with an unprivileged port):

docker run --rm -it -p 8800:80 ckulka/baikal:nginx

On both I get:

2021/06/18 13:38:56 [error] 19#19: *243 FastCGI sent in stderr: "PHP message: LogicException: Requested uri (/dav.php?sabreAction=plugins) is out of base uri (/dav.php/) in /var/www/baikal/vendor/sabre/http/lib/Request.php:184
Stack trace:
#0 /var/www/baikal/vendor/sabre/dav/lib/DAVACL/Plugin.php(832): Sabre\HTTP\Request->getPath()
#1 /var/www/baikal/vendor/sabre/event/lib/WildcardEmitterTrait.php(89): Sabre\DAVACL\Plugin->beforeMethod()
#2 /var/www/baikal/vendor/sabre/dav/lib/DAV/Server.php(456): Sabre\DAV\Server->emit()
#3 /var/www/baikal/vendor/sabre/dav/lib/DAV/Server.php(253): Sabre\DAV\Server->invokeMethod()
#4 /var/www/baikal/vendor/sabre/dav/lib/DAV/Server.php(321): Sabre\DAV\Server->start()
#5 /var/www/baikal/Core/Frameworks/Baikal/Core/Server.php(119): Sabre\DAV\Server->exec()
#6 /var/www/baikal/html/dav.php(69): Baikal\Core\Server->start()
#7 {main}" while reading response header from upstream, client: 172.17.0.1, server: _, request: "GET /dav.php?sabreAction=plugins HTTP/1.0", upstream: "fastcgi://unix:/var/run/php/php8.0-fpm.sock:", host: "my.fq.dn", referrer: "https://my.fq.dn/dav.php"

Platform infos:

# docker --version
Docker version 20.10.7, build f0df350

# uname -a
Linux my.fq.dn 5.4.0-74-generic #83-Ubuntu SMP Sat May 8 02:35:39 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

# docker --version
Docker version 20.10.2, build 20.10.2-0ubuntu1~20.04.2

# uname -a
Linux sommar 5.4.0-74-generic #83-Ubuntu SMP Sat May 8 02:35:39 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

# docker inspect ckulka/baikal:nginx
[
    {
        "Id": "sha256:b6f8f7ad6d4e615138baa26747b3239625147cd51b6182c60b0cedb70db9464f",
        "RepoTags": [
            "ckulka/baikal:nginx"
        ],
        "RepoDigests": [
            "ckulka/baikal@sha256:58a25d769ed4a044d7ed4a2c776f0d969d2491725626a21ccbfd49afdd68df3f"
        ],
        "Parent": "",
        "Comment": "",
        "Created": "2021-01-26T23:15:49.392153549Z",
        "Container": "71f645c93ea715c3972911751eb420aa4a0b3c275f10435600cab280d8293127",
....

I'd appreciate help setting this up on an Ubuntu or Debian server.
I can edit code if adding debug statements is of help to find the problem cause.

When trying to setup caldav sync on IOS 14.5.1 I get the following log output:

192.168.208.9 - - [13/May/2021:19:49:50 +0000] "PROPFIND /.well-known/caldav HTTP/1.1" 302 145 "-" "iOS/14.5.1 (18E212) dataaccessd/1.0" "192.168.1.117"

192.168.208.9 - - [13/May/2021:19:49:50 +0000] "PROPFIND / HTTP/1.1" 405 157 "-" "iOS/14.5.1 (18E212) dataaccessd/1.0" "192.168.1.117"

192.168.208.9 - - [13/May/2021:19:49:50 +0000] "PROPFIND /principals/ HTTP/1.1" 405 157 "-" "iOS/14.5.1 (18E212) dataaccessd/1.0" "192.168.1.117"

192.168.208.9 - - [13/May/2021:19:49:50 +0000] "PROPFIND /calendar/dav/username/user/ HTTP/1.1" 405 157 "-" "iOS/14.5.1 (18E212) dataaccessd/1.0" "192.168.1.117"

Container (0.8.0 nginx) runs behind traefik with self-signed cert and card dav is working fine. Also the CA that issued the cert is trusted by IOS.

Baikal is maintained again can you please update you baikal-image to the latest version?
https://github.com/sabre-io/Baikal/releases

Thanks

The apache ssl config is not secure enough. The ssl test at https://ssllabs.com/ssltest only gives an overall rating of "B".

Please check https://bettercrypto.org/#_apache for better apache configuration.

The "header" parameters are not necessary for a better rating, but the parameters SSLProtocol and SSLCipherSuite are important.

Add this in /etc/apache2/sites-available/000-default.conf before line "</VirtualHost>":

SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder On
SSLCompression off

SSLCipherSuite EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA'

When trying this docker with an QNAP NAS (Containerstation), it will work.
But due to the fact, that apache shut down when receiving a SIGWINCH signal (made by design of apache if apache runs in foreground) it would be better to let apache run in background.
Each time you look to your container status, the "tty windows is changed" with the effect, that "apache gracefully shutdown" :-(

I'm currently recreating my baikal setup because I did a fresh setup of my home server. Before taking the old one down, I made a backup of the calendar data and config. I've now copied the data into the new volumes/directories but the webpage tells me the following:

DB file is not writable. Please give write permissions on file '/var/www/baikal/Specific/db/db.sqlite'

From my perspective, I can't find anything wrong with the permissions in- or outside of the container:

$ ls -la baikal/data/
total 12
drwxr-xr-x 3 pi pi 4096 Mar 13 17:51 .
drwxr-xr-x 4 pi pi 4096 Mar 13 17:52 ..
drwxr-xr-x 2 pi pi 4096 Mar 13 17:51 db
-rw-r--r-- 1 pi pi    0 Mar 13 17:51 INSTALL_DISABLED

$ ls -la baikal/data/db/
total 264
drwxr-xr-x 2 pi pi   4096 Mar 13 17:51 .
drwxr-xr-x 3 pi pi   4096 Mar 13 17:51 ..
-rw-r--r-- 1 pi pi 262144 Mar 13 17:51 db.sqlite
-rw-r--r-- 1 pi pi      0 Mar 13 17:51 .empty

$ docker exec -it baikal /bin/bash
root@238a5b48ecf0:/# ls -la /var/www/baikal/Specific/
total 12
drwxr-xr-x 3  1000  1000 4096 Mar 13 17:51 .
drwxr-xr-x 1 nginx nginx 4096 Jan 26 22:57 ..
-rw-r--r-- 1  1000  1000    0 Mar 13 17:51 INSTALL_DISABLED
drwxr-xr-x 2  1000  1000 4096 Mar 13 17:51 db

root@238a5b48ecf0:/# ls -la /var/www/baikal/Specific/db
total 264
drwxr-xr-x 2 1000 1000   4096 Mar 13 17:51 .
drwxr-xr-x 3 1000 1000   4096 Mar 13 17:51 ..
-rw-r--r-- 1 1000 1000      0 Mar 13 17:51 .empty
-rw-r--r-- 1 1000 1000 262144 Mar 13 17:51 db.sqlite

Any ideas what could be going wrong here?

Hi,
Your Tags are showing you updated to version 0.7.1 but I cannot find the image in docker hub.
Are you still building the images?

Is it possible to specify a custom log file location? I'd like to put baikal under the eye of fail2ban, so I need a log to scan and apply some rules to avoid brute force attacks.

Thanks for this great container, can I check something as I suspect this might be a bug but could also be user-error as I'm new to docker, bear with me please.

When I expose a single volume as part of my docker run by adding -v /var/lib/baikal-data/data:/var/www/baikal/Specific \ the config folder isnt saved to the persistent storage so each time i start the container I have to go back through configuration.

I solved this by mounting the two folders to my peristent storage, ie.

            docker run blah blah network stuff here...
            -v /var/lib/baikal-data/data:/var/www/baikal/Specific \
            -v /var/lib/baikal-data/config:/var/www/baikal/config \
            ckulka/baikal:0.7.2-nginx-amd64

This solved the storage f the cnfig.yaml file, but the config folder is mounted as root, not as user 101 so throw an error when running.

drwxr-xr-x 2 root root 4096 Nov  6 22:12 config
drwxr-xr-x 2  101  101 4096 Nov  6 22:14 data

Chown 101:101 config solved it (so far) but wondered if this is a bug, or if Ive made a newb error.

thanks again

Trying to load latest container:
Digest: sha256:3a571f324835b9804fb8a234033dee3778b4b28a146f7b2b6a56fffac963446d
Status: Downloaded newer image for ckulka/baikal:latest

I get this message:
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
[Wed Apr 04 15:05:46.099473 2018] [ssl:warn] [pid 1] AH01906: 172.17.0.3:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Apr 04 15:05:46.099609 2018] [ssl:warn] [pid 1] AH01909: 172.17.0.3:443:0 server certificate does NOT include an ID which matches the server name
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
[Wed Apr 04 15:05:46.134492 2018] [ssl:warn] [pid 1] AH01906: 172.17.0.3:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Apr 04 15:05:46.134525 2018] [ssl:warn] [pid 1] AH01909: 172.17.0.3:443:0 server certificate does NOT include an ID which matches the server name
[Wed Apr 04 15:05:46.137362 2018] [mpm_prefork:notice] [pid 1] AH00163: Apache/2.4.25 (Debian) PHP/7.2.3 OpenSSL/1.0.2l configured -- resuming normal operations
[Wed Apr 04 15:05:46.137395 2018] [core:notice] [pid 1] AH00094: Command line: 'apache2 -D FOREGROUND'
[Wed Apr 04 15:05:47.202687 2018] [mpm_prefork:notice] [pid 1] AH00170: caught SIGWINCH, shutting down gracefully

Just for your information. There is a new version of Baikal. Could you also update your image? Many thanks!

i have been using the baikal server for many years.
i use this on a diskstation with intel processor.
unfortunately, your docler package does not work, you receive the error message "Function not implemented: AH00141: Could not initialize random number generator"
could it be because the i386 (x86) is currently not supported?

could you offer the support, because I use several dockerfiles and the administration would be easier.

When I use reverse proxy to access the web page through https://my.domain:port/dav/, the "/dav/" makes the resource unable to load, i.e., it can only be accessed through "/". Which configuration file should I modify to solve this problem?

Another small question: Are there any measures such as login frequency restrictions to prevent brute-force cracking of admin's password?

there is still a bug in the apache:apache and apache:latest tags. The driver problem when using mariadb. The only apache version which is working at the moment is 0.4.6-apache

How do I enable IPv6 support?
I'm trying with the nginx variant.
Thanks

Hi,
I've updated my docker container to the latest image, but I have noticed this in portainer. Is this a typo?
When login to Baikal Web Admin it shows the latest version 8.0 so my container is updated just fine.

Do you have a tutorial how to setup baikal docker with MariaDB 5 on Synology docker?
I'm getting this error:
Validation error
Baïkal was not able to establish a connexion to the MySQL database as configured.
MySQL says: could not find driver

Hi,

After installing Baikal following your provided instructions, when trying to load the WebUI I get:

 The FOLDER containing the DB file is not writable, and it has to.
 Please give write permissions on folder '/var/www/baikal/Specific/db' 

I have the Specific folder mapped to my appdata directory, have run the UnRAID New Permissions tool, and (to test) have given 0777 permissions to the Specific folder within the appdata directory.

After install, there was no "db" folder in the Specific folder, so I went ahead and added one, which replaced the permissions error with:

 Exception: Fatal error: no connection to a database is available. in 
 /var/www/baikal/Core/Frameworks/Baikal/Core/Tools.php:71
 Stack trace:
 #0 /var/www/baikal/Core/Frameworks/Baikal/Framework.php(72): 
 Baikal\Core\Tools::assertBaikalIsOk()
 #1 /var/www/baikal/Core/Frameworks/BaikalAdmin/Framework.php(34): 
 Baikal\Framework::bootstrap()
 #2 /var/www/baikal/html/index.php(52): BaikalAdmin\Framework::bootstrap()
 #3 {main}

Wondering if it can be set up to use a mysql/mariadb database, and what the variables in the docker template would be.

Thanks!

Hi,

First of all thanks for your effort for updating the images to the latest baikal.

I tried to update my 0.4.6-apache baikal server to the latest version, but I think there is some kind of bug in the calendar section. After updating my baikal server to baikal:latest everything went okay, without an error. But when I logged in the Admin page I noticed that my Calendars disappeared only the calendars entries where showing (see screen-print)
Addressbook was showing up fine.

After seeing this I tried other apache-images (0.6.0 and 0.5.3) both had the same problem.
To test my theory of the bug. I decided to do a clean install of the new images. First I did a clean install of apache:0.6.0 with a clean database and than imported my mysqldump into the new database. But the problem was still there. To make sure everything was imported correctly in the new database, I then revert back to the old image apache-0.4.6 which was working fine before. And the result was as I suspected the calendars and entries where present as before. (see print)

So now I'm a bit confused as I can't seem to find the problem when updating the baikal server to the latest apache version.

Can you help sorting this out?

NginX should not listen on IPv6 address by default as IPv6 can be disabled in docker settings globally or per container.

baikal_1  | 2022/01/30 10:25:53 [emerg] 18#18: socket() [::]:80 failed (97: Address family not supported by protocol)
baikal_1  | nginx: [emerg] socket() [::]:80 failed (97: Address family not supported by protocol)

Container does not start and there is no way to configure it as NginX is not set to react to any environment variable and NginX config is not exposed to host for edits.

PHP was obviously automatically upgraded to 7.2 in latest builds but Baikal is not compatible with that version anymore due to the use of deprecated functions.

Pinning the used php container to 7.0 for instance works until the Baikal project decides to address sabre-io/Baikal#711 . I'd be happy to submit a PR for this but it's probably faster to simply add 3 characters to the Dockerfile. ;)

It is good practice to explicitly define a user to run the container as on start, for example like this:
docker run -e USER_ID=997 -e GROUP_ID=997 ckulka/baikal:nginx
This leads to conflicts because of php-fpm can't access /run/php and chown -R nginx:nginx /var/www/baikal/Specific needs root permissions.

Do you see a way to follow good practice with your image?

Hello.
I came across your program while initially searching for a lightweight caldav to replace nextcloud.

I have setup your Baikal docker to run within unraid and utilising a separate mysql database (not that the external database was necessary).
I utilise Unraid as my main server PC as many others do out there.
If you have not heard of Unraid before - https://unraid.net/
Unraid community apps - https://unraid.net/community/apps

At present I have written a bit of a guide for others out there who wish to give this a whirl. I will post it here as you dont have a wiki setup where I can post it in there. I was potentially going to submit a community apps version compatible to make the process a bit easier for others but may leave mine to run for a while longer before I jump to that.

If possible, could you start a wiki that I could post the guide to and potentially allow it to be linked to to the installation section of your readme?

Here is what I have working within my setup thus far;

Baikal – Unraid Docker Installation

This Unraid Docker Installation guide will mostly assume a few things;

1. You have docker enabled within Unraid
2. You have enabled community apps within Unraid
3. You have enabled within settings the ability to utilize dockerhub for search results (see settings within apps tab)
4. OPTIONAL - You have a reverse proxy container and network to allow for certificate handling & SSL connections
   Installation Note – You can change the tag within the repo in the later steps to one that is suitable for your setup. See here for further https://github.com/ckulka/baikal-docker
   Further installation Note – If you’re choosing to utilise an external database such as mariadb, please ensure that you set this up correctly in that a database and user are all created as well as the network both Baikal and the mysql database are on in order for Baikal to connect and function correctly.
   With that in mind, the installation of Baikal is rather simple once you have the above setup.
5. Head over to apps and search for Baikal
6. Click to begin the installation of Baikal within the search result. (The repo is ckulka/baikal)
7. Set the toggle on the right in the template as ‘advanced view’ (It defaults to basic view)
8. Check that your satified with the tag that is being placed within your docker repo line to ensure your pulling the right version that you want. See here for further tags and their update history https://hub.docker.com/r/ckulka/baikal/tags?page=1&ordering=last_updated
9. Set your ‘Icon URL’ as https://github.com/sabre-io/sabre.io/blob/master/source/img/baikal.png?raw=true (This will provide you with the Baikal logo)
10. Set your ‘WebUI’ as http://[IP]:[PORT:80]/ (This could be changed to whatever suits your local server port requirements - see below)
11. Set ‘Extra Parameters’ as --restart=always
12. Set your network type as needed (OPTIONAL - Set network type as your network that you utilize for your SSL certs (for me its proxnetwork).)
13. Add in your static IP address that you will utilize for Baikal. (It makes it easier to get to your hosted instance)
14. Add in a ‘path’ as;
    • Name – Config
    • Container Path - /var/www/baikal/config
    • Host Path - /mnt/user/appdata/baikal/config (this could be changed to whatever suits your local server path requirements if your appdata path is different)
    • Default Value - /mnt/user/appdata/baikal/config (see above)
    • Acccess Mode – Read/Write
    • Description – Container Path: /var/www/baikal/config
15. Add in a ‘path’ as;
    • Name – Specific
    • Container Path - /var/www/baikal/Specific
    • Host Path - /mnt/user/appdata/baikal/specific (this could be changed to whatever suits your local server path requirements if your appdata path is different)
    • Default Value - /mnt/user/appdata/baikal/specific (see above)
    • Acccess Mode – Read/Write
    • Description – Container Path: /var/www/baikal/Specific
16. Now add in a ‘port’ as;
    • Name – Port
    • Container Port – 80
    • Host Port – 80 (this could be changed to whatever suits your local server port requirements if your 80 is already in use)
    • Default Value – 80 (this could be changed to whatever suits your local server port requirements - as above)
    • Connection Type – TCP
    • Description – Container Port: 80
17. Click apply to download/install the container.
18. Start your Baikal docker container
19. OPTIONAL – Head over to your SSL cert provider container of choice and set-up as necessary to server certs to your Baikal instance for your domain.
20. Head over to your webUI or domain and start the admin creation process.
21. You have the choice within the steps to utilise the sqlite database or an external mysql (such as mariadb). Just make sure your mysql database is on the same network as your Baikal server so you can easily access it. If your choosing to go the mysql method like I did you will need to conduct further setup within the mysql docker/installation in order for Baikal to function correctly.

Hi,

when I try to start up the containers for baikal and traefik, docker-compose throws the following error message:
traefik_1 | time="2020-11-05T14:50:06Z" level=error msg="Unable to obtain ACME certificate for domains \"traefik.baikal.\" detected thanks to rule \"Host:traefik.baikal.\" : cannot obtain certificates: acme: Error 400 - urn:ietf:params:acme:error:rejectedIdentifier - Error creating new order :: Cannot issue for \"traefik.baikal.\": Domain name ends in a dot"

My compose file looks exactly like the docker-compose.ssl.yaml example with the traefik.frontend.rule adjusted to my host and the acme.json created in a folder.

Any ideas what's wrong here?
Thank you very much!

BR
Samuel Blickle

Is there any way to hide the webadmin page from acces from the internet?

I want the Admin page to be accessible only within my LAN. For the calendars, access from outside is allowed though.

Currently I have Baikal behind a Reverse Proxy, and I see no way to allow only the caldav.mydoemein.com access from the internet and not the Admin page.
I have already tried to add an htacces file in the admin folder /docker/baikal/html/admin with this:

# Confiugration for apache-2.4:
Require all denied
Require ip 127.0.0.1/8 192.168.0.0/24

But it doesn't work, I still have access from the internet.

Hi!

I've just installed ckulka / baikal-docker.
If I create a new calendar and save it, everything works fine and I can connect to it and make entries,
but when I edit the calendar for example to edit the description.
This page is shown in the browser:

ErrorException: PDO::quote(): Passing null to parameter #1 ($string) of type string is deprecated in /var/www/baikal/Core/Frameworks/Flake/Core/Database.php:204
Stack trace:
#0 [internal function]: Baikal\Framework::exception_error_handler()
#1 /var/www/baikal/Core/Frameworks/Flake/Core/Database.php(204): PDO->quote()
#2 /var/www/baikal/Core/Frameworks/Flake/Core/Database.php(169): Flake\Core\Database->quote()
#3 /var/www/baikal/Core/Frameworks/Flake/Core/Database.php(181): Flake\Core\Database->fullQuote()
#4 /var/www/baikal/Core/Frameworks/Flake/Core/Database.php(81): Flake\Core\Database->fullQuoteArray()
#5 /var/www/baikal/Core/Frameworks/Flake/Core/Database.php(73): Flake\Core\Database->UPDATEquery()
#6 /var/www/baikal/Core/Frameworks/Flake/Core/Model/Db.php(101): Flake\Core\Database->exec_UPDATEquery()
#7 /var/www/baikal/Core/Frameworks/Baikal/Model/Calendar.php(72): Flake\Core\Model\Db->persist()
#8 /var/www/baikal/Core/Frameworks/Formal/Form.php(226): Baikal\Model\Calendar->persist()
#9 /var/www/baikal/Core/Frameworks/BaikalAdmin/Controller/User/Calendars.php(194): Formal\Form->execute()
#10 /var/www/baikal/Core/Frameworks/BaikalAdmin/Controller/User/Calendars.php(46): BaikalAdmin\Controller\User\Calendars->actionEdit()
#11 /var/www/baikal/Core/Frameworks/Flake/Core/Render/Container.php(62): BaikalAdmin\Controller\User\Calendars->execute()
#12 /var/www/baikal/Core/Frameworks/Flake/Controller/Page.php(88): Flake\Core\Render\Container->execute()
#13 /var/www/baikal/html/admin/index.php(90): Flake\Controller\Page->render()
#14 {main}

It looks like everything else works as expected I created users, adressbooks etc. and afterwards I was able to edit and save the settings.
I've installed ckulka/baikal:nginx via compose.

Nice regards

It looks like a user named www-data user needs to interact with the persistent data directory which create permission issues if the folder is mounted to the host system.

As I reported here and here, the baikal:nginx image seems to have troubles with responding to OPTIONS requests from DAVx5.

Hi
i have just installed baikal on raspberry pi and it works fine in browser, evolution mail on desktop and even under blackberry os10. thx for that! If i am trying to sync my baikal calendar with my iphone (ios 13.5.1) the sync will not be sucessfull. I have found some informations that ios is not properly working because there are some rewriting rules inside the webserver are missing.

thanks for help in advance!
stoi2000

When trying to add to calendar task with a large attachment, I'm getting error "Request entity too large". Running baikal:nginx image.
How to fix it?

no update for:

• latest
• apache
• apache+php8.0
• nginx
• nginx-php8.0

Update only for all experimental-Images
is it´s right?

Hello !

In a first time let me thank you for this wonderful piece of software, I'm using your image for some years now and it's really effective.
Recently, I was thinking that doing a regular export of my vcf cards on my Android smartphone was probably not the smart way to backup my addressbook.
I fall upon this : https://sabre.io/dav/vcf-export-plugin/

It seems like Baikal got a feature to export all my contacts in a single vcf file.
I tried to use the same URL to see if this plugin is implemented in your image, but as a result I stumbled upon an error page :

Any thoughts on this ? @ckulka

In my docker compose I'm trying to specify a local directory to mount into the container's Specific directory so I can backup it more easily. However, it does not work. Instead, docker creates a volume for me.

Here's my docker-compose:

  baikal:
    image: ckulka/baikal:nginx
    container_name: baikal
    restart: always
    volumes:
     - ./volumes/baikal/config:/var/www/baikal/config
     - ./volumes/baikal/data:/var/www/baikal/Specific

Mounting the config directory works just fine.
Has anyone encountered a similar issue?

Could you implement https://www.inf-it.com/open-source/clients/infcloud/ with your baikal image.
I've found this image: https://hub.docker.com/r/plaguedr/baikal/ but it isn't working for me. The calendar kept giving me an error.

It would be nice If you could do this with your image as it is a very stable container.

Another popular thing is providing Alpine-based images. This ticket will track my progress to provide one for Nginx and possibly Apache.

Hi,
Do you have plans to update the images to the latest baikal release 0.6.1?
https://github.com/sabre-io/Baikal/releases

Looking forward to it