Hi,
after setting up Nextcloud on Apache with an nginx reverse proxy (on the same maschine), i wanted to connect my Client via WebDav and it obviously doesnt work… If i want to login i get a 401 Error (see in the Access Logs). Same procedure with Card/Caldav.
Nextcloud version (eg, 18.0.2): 18.0.4
Operating system and version (eg, Ubuntu 20.04): Ubuntu 18.04
Apache or nginx version (eg, Apache 2.4.25): Apache 2.4.29 & nginx 1.14.0 (reverse proxy)
PHP version (eg, 7.1): 7.2-fpm
The output of your config.php file:
<?php
$CONFIG = array (
'instanceid' => '',
'passwordsalt' => '',
'secret' => '',
'trusted_domains' =>
array (
0 => 'IP',
1 => 'DOMAIN',
),
'overwritehost' => 'DOMAIN',
'overwriteprotocol' => 'https',
'overwritewebroot' => '/',
'trusted_proxies' =>
array (
0 => 'IP of Proxy ',
),
'datadirectory' => '/var/www/nextcloud/data',
'dbtype' => 'mysql',
'version' => '18.0.4.2',
'overwrite.cli.url' => '',
'dbname' => 'nextcloud',
'dbhost' => 'localhost',
'dbport' => '',
'dbtableprefix' => 'oc_', 'mysql.utf8mb4' => true, 'dbuser' => '', 'dbpassword' => 'password',
'installed' => true,
'memcache.local' => '\\OC\\Memcache\\Redis',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'filelocking.enabled' => 'true',
'redis' =>
array (
'host' => '/var/run/redis/redis.sock',
'port' => 0,
'timeout' => 0.0,
'password' => 'password',
),
'twofactor_enforced' => 'true',
'twofactor_enforced_groups' =>
array (
),
'twofactor_enforced_excluded_groups' =>
array (
),
'mail_smtpmode' => 'smtp',
'mail_sendmailmode' => 'smtp',
);
Apache Access Log:
[30/May/2020:00:00:17 +0200] "PROPFIND /remote.php/dav/files/ HTTP/1.0" 401 1449
[30/May/2020:00:00:17 +0200] "PROPFIND /remote.php/dav/files/ HTTP/1.0" 401 859
[30/May/2020:00:00:17 +0200] "PROPFIND /remote.php/dav/files/ HTTP/1.0" 401 859
[30/May/2020:00:00:17 +0200] "PROPFIND /remote.php/dav/files/ HTTP/1.0" 401 859
[30/May/2020:00:00:18 +0200] "PROPFIND /remote.php/dav/files/ HTTP/1.0" 401 859
[30/May/2020:00:00:18 +0200] "PROPFIND /remote.php/dav/files/ HTTP/1.0" 401 859
[30/May/2020:00:00:18 +0200] "PROPFIND /remote.php/dav/files/ HTTP/1.0" 401 859
nginx Access Log:
[30/May/2020:00:00:17 +0200] "PROPFIND /remote.php/dav/files/ HTTP/2.0" 401 299 "-" "Microsoft-WebDAV-MiniRedir/10.0.18363"
[30/May/2020:00:00:17 +0200] "PROPFIND /remote.php/dav/files/ HTTP/2.0" 401 299 "-" "Microsoft-WebDAV-MiniRedir/10.0.18363"
[30/May/2020:00:00:17 +0200] "PROPFIND /remote.php/dav/files/ HTTP/2.0" 401 299 "-" "Microsoft-WebDAV-MiniRedir/10.0.18363"
[30/May/2020:00:00:18 +0200] "PROPFIND /remote.php/dav/files/ HTTP/2.0" 401 299 "-" "Microsoft-WebDAV-MiniRedir/10.0.18363"
[30/May/2020:00:00:18 +0200] "PROPFIND /remote.php/dav/files/ HTTP/2.0" 401 299 "-" "Microsoft-WebDAV-MiniRedir/10.0.18363"
[30/May/2020:00:00:18 +0200] "PROPFIND /remote.php/dav/files/ HTTP/2.0" 401 299 "-" "Microsoft-WebDAV-MiniRedir/10.0.18363"
[30/May/2020:00:00:18 +0200] "PROPFIND /remote.php/dav/files/ HTTP/2.0" 401 299 "-" "Microsoft-WebDAV-MiniRedir/10.0.18363"
Apache vHost Config:
<VirtualHost domain:8080>
DocumentRoot /var/www/nextcloud
<Directory /var/www/nextcloud/>
Options +FollowSymlinks
AllowOverride All
Require all granted
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/nextcloud
SetEnv HTTP_HOME /var/www/nextcloud
</Directory>
ErrorLog /var/log/apache2/nextcloud-error_log
CustomLog /var/log/apache2/nextcloud-access_log common
</VirtualHost>
nginx vHost Config:
server {
server_name DOMAIN;
client_max_body_size 0;
underscores_in_headers on;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
add_header Front-End-Https on;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
proxy_headers_hash_max_size 512;
proxy_headers_hash_bucket_size 64;
proxy_buffering off;
proxy_redirect off;
proxy_max_temp_file_size 0;
proxy_pass http://DOMAIN:8080;
auth_basic off;
}
location = /.well-known/carddav {
return 301 $scheme://$host:/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host:/remote.php/dav;
}
listen 443 ssl http2; # managed by Certbot
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/live/DOMAIN/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/DOMAIN/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = DOMAIN) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name DOMAIN;
return 404; # managed by Certbot
}