pimsync(1) General Commands Manual pimsync(1)

pimsync - synchronise caldav, carddav, webcal and local directories

pimsync [options] command [arguments]

pimsync synchronizes calendars and contacts between two storages. The most popular usage is to synchronize a CalDAV/CardDAV server with a local directory. The local data can then be accessed by a variety of programs, none of which have to know or worry about synchronisation, network connectivity, or remote servers.

Supported calendar storages are vdir, caldav and webcal. With the exception of webcal to webcal, all permutations of these are supported. The webcal storage is read-only, and two read-only storages cannot be synchronised with each other.

Supported contacts storages are vdir and carddav. Any permutation of these is supported.

-c configfile

Read the configuration file from the specified path, instead of the default. See FILES below.

-v loglevel

Set logger to loglevel, which must be one of trace, debug, info, warn or error. The default is warn. When specifying trace, logs may contain sensitive data, see SECURITY CONSIDERATIONS below.

-p pair

Only operate on the pair named pair.

check

Check configuration and exit. Validates the configuration itself and ensures that the storage is valid. E.g.: a vdir must be an existing directory, and caldav server must report CalDav capabilities, etc.

daemon

Continuously keep storages in sync. The -r READY_FD argument may be used to provide a readiness notification file descriptor.

Once it has reached its ready state, the demon will monitor storages for changes and synchronise them. In case of non-fatal errors, pimsync will continue running the background and try again later.

discover

Discover and print collections. This command merely provides information, and does in any way alter pimsync's internal state.

resolve-conflicts

Manually resolve conflicts between storages.

When synchronising two storages, if a single item has been modified on both sides, that item is said to be in conflict. This conflict needs to be resolved by an some external program, specified in the configuration file. This command executes the conflict resolution program for each conflicting item.

sync

Synchronise storages once and exit.

version

Print version information and exit. The -p option has no effect when using this command.

If $XDG_CONFIG_HOME is defined, the configuration shall be read from:

$XDG_CONFIG_HOME/pimsync/pimsync.conf

If the above is not defined, the configuration file shall be read from:

~/.config/pimsync/pimsync.conf

See pimsync.conf(5) for details on the configuration file format.

XDG_CONFIG_HOME

If defined, search for the configuration file relative to this directory. See FILES above.

Readiness notification allows a service manager to monitor when pimsync has successfully started. It is considered to have successfully started when the configuration file has been parsed and all credentials have been resolved. At this point, no further human interaction is required.

Once the service is ready, it will write READY=1 followed by a newline character to the file descriptor READY_FD, and then close it. This is compatible with the readiness notification mechanism implemented by s6, dinit and systemd.

See: https://skarnet.org/software/s6/notifywhenup.html

The only network communications shall be with the servers for configured storages, and the locally configured DNS resolver.

The status database file contains metadata of configured storages, their collections and items.

Data synchronised is not validated. This is an intentional design choice: if your calendar application produces events that are technically invalid, pimsync will synchronise, and you will be able to access the exact same data on other hosts. You may also need to synchronise invalid data in order to fix the invalidity.

In order to map items between storage, pimsync does some minor parsing of items to extract their UID. Items must be syntactically valid components, even if semantically invalid.

In order to interact with CalDav/CardDav resources where a UID cannot be extracted, consider using davcli(1). In future, a repair command shall be included to address this scenario.

When service discovery is enabled, the real hostname and port of the Dav server is resolved using DNS records. The system's DNS resolver is used. It is expected that the system resolver performs DNSSEC validation and will not return invalid results. Pimsync does not perform DNSSEC validation itself.

Pimsync will follow symlinks when reading items. Care should be taken when a user has write permission to a storage, but another user runs pimsync on that same storage. This may change at a future date.

Items across storages are considered the same if they share the same UID. An actor who can write a single item into a storage on either side can potentially trigger an overwrite of another item on the other storage. An actor who can write to a single entry should be considered to have access to manipulate the entire storage.

Pimsync will retain credentials in memory during its entire lifetime. Any actor with read access to pimsync's memory space may extract secret credentials from it. Likewise, core dumps from pimsync should not be shared with untrusted parties.

When logging with -v trace, logs MAY contain credentials, secrets, data inside of storage items and other sensitive information.

After pimsync synchronises two storages, it will store metadata from the items that it has synchronised into its internal status database. During future synchronisation processes, if the items on both storages don't match, the status database is used to determine which side has changed and which side remains the same. This information is then used to plan which of the item should be kept. If both items have changed, they are said to be in conflict, and the conflict must be resolved manually (See CONFLICT RESOLUTION above).

The storage database associates item metadata with the pair of collections that were being synchronised (called a "mapping"). If the configuration changes, and different collections are being synchronised with each other, then the status data for their items no longer applies and is ignored. This prevents using accidentally using the wrong data when mappings have been reconfigured.

The algorithm is closely based on the original one for vdirsyncer(1). Further details are available at https://unterwaditzer.net/2016/sync-algorithm.html.

For vdir storages, checking the etag is subject to race conditions. Pimsync will first check that an item has not been modified, and then update it. If an external program updates the same item between the check and the modification, those changes will be lost. It is unlikely that this issue can be resolved with existing filesystem primitives.

Run daemon with verbose logging:

pimsync -v info daemon

Interactive conflict resolution for pair named contacts:

pimsync -p contacts resolve-conflicts

Show version and exit:

pimsync version

pimsync.conf(5), pimsync-migration(7), khal(1), todo(1)

For issues and general development inquiries, see the project home currently hosted at SourceHut:

Calendaring Extensions to WebDAV (CalDAV) is implemented as specified in IETF RFC 4791.

vCard Extensions to WebDAV (CardDAV) is implemented as specified in IETF RFC 4791.

Service discovery is implemented as specified in IETF RFC 6764.

Development of this project is possible thanks to funding and support from the NLnet foundation and the NGI Zero Entrust program of the European Commission. See:

A security audit was completed by Radically Open Security:

https://www.radicallyopensecurity.com/

The vdirsyncer command was first implemented by Markus Unterwaditzer in 2014.

Work on the pimsync command, strongly inspired by vdirsyncer, was started by Hugo Barrera in 2023.

The acronym pim refers to personal information manager.

This implementation was developed by Hugo O. Barrera <hugo@whynothugo.nl>.

pimsync is an open source project, developed for anyone to use freely. If you would like to sponsor this project, see:

2024-12-07