docker/davical/config.php

<?php
/**
 * DAViCal Configuration
 * This file is mounted as /etc/davical/config.php
 * Overrides the default config generated by the fintechstudios/davical image
 */

// Database connection - uses shared calendars database in public schema
// The image will set these from PGHOST, PGDATABASE, PGUSER, PGPASSWORD
$c->pg_connect[] = 'host=' . getenv('PGHOST') . ' port=' . (getenv('PGPORT') ?: '5432') . ' dbname=' . getenv('PGDATABASE') . ' user=' . getenv('PGUSER') . ' password=' . getenv('PGPASSWORD');

// System name
$c->system_name = 'Calendars DAViCal Server';

// Admin email
$c->admin_email = 'admin@example.com';

// Allow public access for CalDAV discovery
$c->public_freebusy_url = true;

// Default locale
$c->default_locale = 'en_US.UTF-8';

// Logging - enable for debugging authentication issues
$c->log_caldav_queries = true;

// Trust proxy headers for auth
$c->trust_x_forwarded = true;

// Configure base path when behind reverse proxy
// Override SCRIPT_NAME so DAViCal generates correct URLs
// DAViCal uses $_SERVER['SCRIPT_NAME'] to determine the base path for URLs
// We set it to the proxy path WITHOUT /caldav.php since DAViCal will add that itself
if (isset($_SERVER['HTTP_X_FORWARDED_PREFIX'])) {
    $_SERVER['SCRIPT_NAME'] = rtrim($_SERVER['HTTP_X_FORWARDED_PREFIX'], '/');
} elseif (isset($_SERVER['HTTP_X_SCRIPT_NAME'])) {
    $_SERVER['SCRIPT_NAME'] = rtrim($_SERVER['HTTP_X_SCRIPT_NAME'], '/');
}

// Custom authentication function to use X-Forwarded-User header
// This function is called by DAViCal's authentication system
function authenticate_via_forwarded_user( $username, $password ) {
    // Check if X-Forwarded-User header is present
    if (isset($_SERVER['HTTP_X_FORWARDED_USER'])) {
        $forwarded_user = trim($_SERVER['HTTP_X_FORWARDED_USER']);
        
        // If the username from Basic Auth matches X-Forwarded-User, authenticate
        // Users with password '*' are externally authenticated
        if (strtolower($username) === strtolower($forwarded_user)) {
            // Return the username to authenticate as this user
            // DAViCal will check if user exists and has password '*'
            return $forwarded_user;
        }
    }
    
    // Fall back to standard authentication
    return false;
}

// Use custom authentication hook
$c->authenticate_hook = array(
    'call' => 'authenticate_via_forwarded_user',
    'config' => array()
);
🎉(all) bootstrap the Calendars project This repository was forked from Drive in late December 2025 and boostraped as a minimal demo of backend+caldav server+frontend integration. There is much left to do and to fix! 2026-01-09 00:51:25 +01:00			`<?php`
			`/**`
			`* DAViCal Configuration`
			`* This file is mounted as /etc/davical/config.php`
			`* Overrides the default config generated by the fintechstudios/davical image`
			`*/`

			`// Database connection - uses shared calendars database in public schema`
			`// The image will set these from PGHOST, PGDATABASE, PGUSER, PGPASSWORD`
			`$c->pg_connect[] = 'host=' . getenv('PGHOST') . ' port=' . (getenv('PGPORT') ?: '5432') . ' dbname=' . getenv('PGDATABASE') . ' user=' . getenv('PGUSER') . ' password=' . getenv('PGPASSWORD');`

			`// System name`
			`$c->system_name = 'Calendars DAViCal Server';`

			`// Admin email`
			`$c->admin_email = 'admin@example.com';`

			`// Allow public access for CalDAV discovery`
			`$c->public_freebusy_url = true;`

			`// Default locale`
			`$c->default_locale = 'en_US.UTF-8';`

			`// Logging - enable for debugging authentication issues`
			`$c->log_caldav_queries = true;`

			`// Trust proxy headers for auth`
			`$c->trust_x_forwarded = true;`

			`// Configure base path when behind reverse proxy`
			`// Override SCRIPT_NAME so DAViCal generates correct URLs`
			`// DAViCal uses $_SERVER['SCRIPT_NAME'] to determine the base path for URLs`
			`// We set it to the proxy path WITHOUT /caldav.php since DAViCal will add that itself`
			`if (isset($_SERVER['HTTP_X_FORWARDED_PREFIX'])) {`
			`$_SERVER['SCRIPT_NAME'] = rtrim($_SERVER['HTTP_X_FORWARDED_PREFIX'], '/');`
			`} elseif (isset($_SERVER['HTTP_X_SCRIPT_NAME'])) {`
			`$_SERVER['SCRIPT_NAME'] = rtrim($_SERVER['HTTP_X_SCRIPT_NAME'], '/');`
			`}`

			`// Custom authentication function to use X-Forwarded-User header`
			`// This function is called by DAViCal's authentication system`
			`function authenticate_via_forwarded_user( $username, $password ) {`
			`// Check if X-Forwarded-User header is present`
			`if (isset($_SERVER['HTTP_X_FORWARDED_USER'])) {`
			`$forwarded_user = trim($_SERVER['HTTP_X_FORWARDED_USER']);`

			`// If the username from Basic Auth matches X-Forwarded-User, authenticate`
			`// Users with password '*' are externally authenticated`
			`if (strtolower($username) === strtolower($forwarded_user)) {`
			`// Return the username to authenticate as this user`
			`// DAViCal will check if user exists and has password '*'`
			`return $forwarded_user;`
			`}`
			`}`

			`// Fall back to standard authentication`
			`return false;`
			`}`

			`// Use custom authentication hook`
			`$c->authenticate_hook = array(`
			`'call' => 'authenticate_via_forwarded_user',`
			`'config' => array()`
			`);`