25.0.2: ready to pull my hair out with ".well-known" links

hi - nothing I try seems to be able to make these work right, and I am constantly getting the “your server is not set up to resolve these correctly” error on the NC config page. 25.0.2 on stock Apache from Ubuntu 22.04.

mod_rewrite from the /var/www/html/nextcloud/.htaccess file (the rules are duplicated with and without the leading forward slashes because I can’t tell which one is right, and if it’s wrong, it doesn’t match so who cares):

<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteCond %{HTTP_USER_AGENT} DavClnt
  RewriteRule ^$ /remote.php/webdav/ [L,R=302]
  RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  RewriteRule ^/\.well-known/carddav /remote.php/dav/ [R=301,L]
  RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
  RewriteRule ^/\.well-known/caldav /remote.php/dav/ [R=301,L]
  RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
  RewriteRule ^/\.well-known/webfinger /index.php/.well-known/webfinger [R=301,L]
  RewriteRule ^\.well-known/webfinger /index.php/.well-known/webfinger [R=301,L]
  RewriteRule ^/\.well-known/nodeinfo /index.php/.well-known/nodeinfo [R=301,L]
  RewriteRule ^\.well-known/nodeinfo /index.php/.well-known/nodeinfo [R=301,L]
  RewriteRule ^remote/(.*) remote.php [QSA,L]
  RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
  RewriteRule ^\.well-known/(?!acme-challenge|pki-validation) /index.php [QSA,L]
  RewriteRule ^(?:\.(?!well-known)|autotest|occ|issue|indie|db_|console).* - [R=404,L]
</IfModule>

my Apache nextcloud.conf (TLS is terminated on my Caddy reverse proxy):

<VirtualHost *:80>
    DocumentRoot "/var/www/html/nextcloud"
    ServerName checkwithscience.com

    <Directory "/var/www/html/nextcloud/">
        Require all granted
        Options MultiViews FollowSymlinks
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>

    TransferLog /var/log/apache2/nextcloud_access.log
    ErrorLog /var/log/apache2/nextcloud_error.log

</VirtualHost>

Redirect 301 /.well-known/carddav /remote.php/dav
Redirect 301 /.well-known/caldav /remote.php/dav

Does anyone know where to start here? TIA.

This problem usually needs a change on the reverse proxy, not the Nextcloud system. Those rewrite lines you posted would be put on an Apache reverse proxy.

Try this:

https://docs.nextcloud.com/server/stable/admin_manual/configuration_server/reverse_proxy_configuration.html#caddy

Shouldn’t the rewrite rules work regardless of what the reverse proxy is doing? ETA: also, adding that to the Caddyfile didn’t help)

I’m not sure, but my understanding was those rules are specifically needed for the reverse proxy. If you look a few paragraphs above that link, that’s what it says.

The redirects for CalDAV or CardDAV does not work if Nextcloud is running behind a reverse proxy. The recommended solution is that your reverse proxy does the redirects.

I don’t use caddy so I can’t help there, but putting that in an Apache reverse proxy definitely resolves it. I’ve done it numerous times.

does anyone else have some ideas w/r/t how to troubleshoot this?

To get rid of the error messages I inserted the following lines at the top level in my /etc/httpd/conf/httpd.conf:

#
# Asked for by NextCloud
#
<IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteRule ^/\.well-known/carddav /nextcloud/remote.php/dav [R=301,L]
    RewriteRule ^/\.well-known/caldav /nextcloud/remote.php/dav [R=301,L]
    RewriteRule ^/\.well-known/webfinger /nextcloud/index.php/.well-known/webfinger [R=301,L]
    RewriteRule ^/\.well-known/nodeinfo /nextcloud/index.php/.well-known/nodeinfo [R=301,L]
</IfModule>

HTH

this appears not to have done anything.

TBH, this thing is a nightmare. I’ve tried hours and it’s still not working. To the point where I think the test is kinda buggy.

In my case (Apache), webfinger and nodeinfo are correctly resolved but I still have an error message for carddav and caldav. What you could try is requesting the URL using CURL or HTTPie and see what it looks like:

In my case:

http https://mydomain.org/.well-known/carddav
HTTP/1.1 301 Moved Permanently
[…]

It looks fine even if I have the error message on the administration UI

Hi, can you post your caddyfile here?

Fun fact: Caddy directives only work when you apply them to the domain you are actually trying to make a change to. :smiley::gun:

Sorry. I’m an idiot.

1 Like