From ArchWiki
Jump to: navigation, search

Tango-view-refresh-red.pngThis article or section is out of date.Tango-view-refresh-red.png

Reason: please use the first argument of the template to provide a brief explanation. (Discuss in Talk:CardDavMATE#)

CardDavMATE is a CardDAV web interface that requires JavaScript.

This guide shows you how to install CardDavMATE to use with DAViCal.


Install the carddavmateAUR package.

After that, config.js needs to be configured, as well as httpd-carddavmate.conf. Then, httpd-carddavmate.conf needs to be included in the Apache configuration, and Apache needs to be restarted.


Password Protection

Password protection is implemented using apache's htpasswd facility. The relevant file that includes the authentification credentials is at /srv/http/carddavmate/htpasswd.

You may delete the file or remove the "test" account by deleting the line from the file.

To add your own user, run:

# htpasswd /srv/http/carddavmate/htpasswd

add -c after htpasswd if you deleted the htpasswd file.

Carddav server

Add the carddav server to your config by editing /srv/http/carddavmate/config.js, for example:

var globalSettings=[{href: '', userAuth: {userName: 'joe', userPassword: 'secret', serverPassword: false}, timeOut: 14000}];

A better example, without insecure user clear passwords:

var globalSettings=[{href: ''}];


To "serve" the /srv/http/carddavmate directory properly, include /etc/httpd/conf/extra/httpd-carddavmate.conf in your apache configuration. To do this, add the following line to /etc/httpd/conf/httpd.conf:

Include conf/extra/httpd-carddavmate.conf

Also, edit httpd-carddavmate.conf to reflect the url where carddavmate is installed, for example:

Header always set Access-Control-Allow-Origin ""

Save this file and restart Apache with httpd.service.


To test your installation, browse to and see if your carddav data shows up.


Since the client is a javascript program that runs in your browser, the username/password that is configured in config.js on the server is also in the browser and can be easily seen. To avoid issues, clear your browser cache to delete the compromising files after you are done.


Troubleshooting is best done using chrome's built-in javascript console.