CardDAV Sync
Rondo Club includes a built-in CardDAV server that allows you to sync your contacts with apps like Apple Contacts, Android Contacts (via DAVx5), Thunderbird, and other CardDAV-compatible applications.
Overview
Section titled “Overview”CardDAV is an address book client/server protocol designed to allow users to access and share contact data on a server. It’s supported natively by Apple devices and can be added to Android and other platforms using third-party apps.
Setting Up CardDAV Sync
Section titled “Setting Up CardDAV Sync”Step 1: Create an App Password
Section titled “Step 1: Create an App Password”For security reasons, CardDAV uses WordPress Application Passwords instead of your main account password.
- Log in to Rondo Club
- Go to Settings
- Find the CardDAV Sync section
- Enter a name for your app password (e.g., “iPhone Contacts”)
- Click Create Password
- Copy the generated password immediately - it will only be shown once
Step 2: Get Your Connection Details
Section titled “Step 2: Get Your Connection Details”In the CardDAV Sync section of Settings, you’ll find:
- Server URL: The CardDAV server address
- Username: Your Rondo Club username
Step 3: Configure Your Device
Section titled “Step 3: Configure Your Device”Apple Contacts (macOS)
Section titled “Apple Contacts (macOS)”- Open System Preferences → Internet Accounts
- Click Add Other Account → CardDAV account
- Enter:
- Account Type: Manual
- Username: Your Rondo Club username
- Password: Your app password
- Server Address: The server URL from Settings
- Click Sign In
Apple Contacts (iOS/iPadOS)
Section titled “Apple Contacts (iOS/iPadOS)”- Open Settings → Contacts → Accounts
- Tap Add Account → Other → Add CardDAV Account
- Enter:
- Server: The server URL from Settings
- Username: Your Rondo Club username
- Password: Your app password
- Tap Next
Android (using DAVx5)
Section titled “Android (using DAVx5)”- Install DAVx5 from Google Play or F-Droid
- Open DAVx5 and tap + to add a new account
- Select Login with URL and user name
- Enter:
- Base URL: The server URL from Settings
- User name: Your Rondo Club username
- Password: Your app password
- Tap Login
- Select your address book to sync
Thunderbird
Section titled “Thunderbird”- Install the TbSync add-on
- Install the Provider for CalDAV & CardDAV add-on
- Open Tools → TbSync (or Extras → TbSync on some systems)
- Click Account actions → Add new account → CalDAV & CardDAV
- Select Manual configuration
- Enter:
- Account name: Rondo Club (or any name you prefer)
- User name: Your Rondo Club username
- CardDAV server address: The server URL from Settings
- Click Add account
- Enter your app password when prompted
- Select the address book to sync
Technical Details
Section titled “Technical Details”URL Structure
Section titled “URL Structure”| Endpoint | URL |
|---|---|
| Server root | https://your-site.com/carddav/ |
| Principal | https://your-site.com/carddav/principals/{username}/ |
| Address book | https://your-site.com/carddav/addressbooks/{username}/contacts/ |
Authentication
Section titled “Authentication”- Method: HTTP Basic Authentication
- Username: Your Rondo Club username
- Password: A WordPress Application Password (not your main account password)
Sync Features
Section titled “Sync Features”- Bidirectional sync: Changes made in Rondo Club appear in your devices, and vice versa
- Sync tokens: Efficient incremental sync - only changed contacts are transferred
- Conflict resolution: Most recent change wins
Supported Data
Section titled “Supported Data”The following contact fields are synced:
- First name, infix (tussenvoegsel), last name, nickname
- Email addresses
- Phone numbers (mobile, work, home)
- Physical addresses (street, city, state/province, postal code, country)
- Team and job title (from current work history)
- Birthday (from person record)
- Profile photo
- URLs (website, LinkedIn, Twitter, etc.)
Data Access
Section titled “Data Access”- Each user only sees their own contacts
- CardDAV access respects the same permissions as the Rondo Club web interface
- Admins cannot access other users’ contacts via CardDAV
Security Best Practices
Section titled “Security Best Practices”- Use unique app passwords: Create a separate app password for each device
- Revoke unused passwords: Remove app passwords for devices you no longer use
- Use HTTPS: CardDAV connections should always use HTTPS (enforced by default)
- Monitor usage: Check the “Last used” date to identify inactive app passwords
Troubleshooting
Section titled “Troubleshooting””Authentication failed”
Section titled “”Authentication failed””- Verify you’re using an app password from Settings, not your main account password
- Check that the username matches your Rondo Club username exactly (case-sensitive)
- Ensure the server URL is correct and includes the full path
- WordPress 6.8+ uses BLAKE2b hashing for app passwords - ensure your site is updated
”Connection refused” or “Server not found”
Section titled “”Connection refused” or “Server not found””- Verify the server URL is correct
- Check that your site is accessible and HTTPS is working
- Ensure no firewall is blocking the connection
Contacts not appearing
Section titled “Contacts not appearing”- Wait a few minutes for the initial sync to complete
- Check that you have contacts in Rondo Club
- Try forcing a sync in your CardDAV app
Sync conflicts
Section titled “Sync conflicts”- The most recently modified version of a contact is kept
- If you edit the same contact on multiple devices simultaneously, changes from one device may be overwritten
Backend Implementation
Section titled “Backend Implementation”The CardDAV server uses sabre/dav, a popular open-source WebDAV/CardDAV/CalDAV library. Key components:
- Authentication: WordPress Application Passwords verified via
wp_verify_fast_hash()(WordPress 6.8+ BLAKE2b) with fallback towp_check_password()for older versions - Principal Backend: Maps WordPress users to DAV principals
- CardDAV Backend: CRUD operations on Person custom post type
- Sync Support: Change tracking with sync tokens for efficient updates
For more details, see the source code in includes/carddav/.