pg_connect[] = 'host=' . getenv('PGHOST') . ' port=' . (getenv('PGPORT') ?: '5432') . ' dbname=' . getenv('PGDATABASE') . ' user=' . getenv('PGUSER') . ' password=' . getenv('PGPASSWORD'); // System name $c->system_name = 'Calendars DAViCal Server'; // Admin email $c->admin_email = 'admin@example.com'; // Allow public access for CalDAV discovery $c->public_freebusy_url = true; // Default locale $c->default_locale = 'en_US.UTF-8'; // Logging - enable for debugging authentication issues $c->log_caldav_queries = true; // Trust proxy headers for auth $c->trust_x_forwarded = true; // Configure base path when behind reverse proxy // Override SCRIPT_NAME so DAViCal generates correct URLs // DAViCal uses $_SERVER['SCRIPT_NAME'] to determine the base path for URLs // We set it to the proxy path WITHOUT /caldav.php since DAViCal will add that itself if (isset($_SERVER['HTTP_X_FORWARDED_PREFIX'])) { $_SERVER['SCRIPT_NAME'] = rtrim($_SERVER['HTTP_X_FORWARDED_PREFIX'], '/'); } elseif (isset($_SERVER['HTTP_X_SCRIPT_NAME'])) { $_SERVER['SCRIPT_NAME'] = rtrim($_SERVER['HTTP_X_SCRIPT_NAME'], '/'); } // Custom authentication function to use X-Forwarded-User header // This function is called by DAViCal's authentication system function authenticate_via_forwarded_user( $username, $password ) { // Check if X-Forwarded-User header is present if (isset($_SERVER['HTTP_X_FORWARDED_USER'])) { $forwarded_user = trim($_SERVER['HTTP_X_FORWARDED_USER']); // If the username from Basic Auth matches X-Forwarded-User, authenticate // Users with password '*' are externally authenticated if (strtolower($username) === strtolower($forwarded_user)) { // Return the username to authenticate as this user // DAViCal will check if user exists and has password '*' return $forwarded_user; } } // Fall back to standard authentication return false; } // Use custom authentication hook $c->authenticate_hook = array( 'call' => 'authenticate_via_forwarded_user', 'config' => array() );