Nextcloud version: 22.2.0
Operating system and version: Debian 10.10
Nginx version: 1.14.2
PHP version: from docker
I setup Nextcloud on Docker with Nginx as a proxy. The webdav is working well (in other app) but I can’t sync the events of calendars in DAVx5. When I try I get HTTP 403 from the app. I can sync calendars, though, which means I can delete calendar from the app and it will be reflected in the web view.
My entire setup below.
I get no related logs in Nextcloud, but I get some logs from Nginx.
Is this the first time you’ve seen this error? Y
Steps to replicate it:
- Configure DAVx5 app
- Run sync
- Public calendar will show up on the list, but no events will be synced - HTTP 403
Nextcloud config.php:
<?php
$CONFIG = array (
'maintenance' => false,
'htaccess.RewriteBase' => '/',
'memcache.local' => '\\OC\\Memcache\\APCu',
'apps_paths' =>
array (
0 =>
array (
'path' => '/var/www/html/apps',
'url' => '/apps',
'writable' => false,
),
1 =>
array (
'path' => '/var/www/html/custom_apps',
'url' => '/custom_apps',
'writable' => true,
),
),
'instanceid' => 'instanceId',
'passwordsalt' => 'salt',
'secret' => 'secret',
'trusted_domains' =>
array (
0 => 'cloud.mycloud.com',
),
'datadirectory' => '/srv/nextcloud/data',
'dbtype' => 'mysql',
'version' => '22.2.0.2',
'overwrite.cli.url' => 'http://cloud.mycloud.com,
'overwriteprotocol' => 'https',
'dbname' => 'nextcloud',
'dbhost' => 'nextcloud-mariadb',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'nextcloud',
'dbpassword' => 'pass',
'installed' => true,
'twofactor_enforced' => 'false',
'twofactor_enforced_groups' =>
array (
0 => 'admin',
),
'twofactor_enforced_excluded_groups' =>
array (
),
);
Nginx proxy config:
upstream cloud-backend {
server 10.8.0.1:8082;
}
server {
listen 443 ssl http2;
server_name cloud.mycloud.com;
server_tokens off;
ssl_ecdh_curve secp384r1;
ssl_session_tickets off;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Strict-Transport-Security "max-age=63072000";
access_log /var/log/nginx/cloud-access.log;
error_log /var/log/nginx/cloud-error.log;
index index.html;
client_max_body_size 20G;
location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ {
deny all;
}
location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass_request_headers on;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
client_max_body_size 0;
proxy_pass http://cloud-backend/$request_uri;
}
location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass_request_headers on;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
client_max_body_size 0;
proxy_pass http://cloud-backend/$request_uri;
}
location ^~ /.well-known {
location = /.well-known/caldav {
proxy_set_header Host $http_host;
proxy_pass $scheme://$host/remote.php/dav;
}
location = /.well-known/carddav {
proxy_set_header Host $http_host;
proxy_pass $scheme://$host/remote.php/dav;
}
location ^~ /.well-known {
proxy_set_header Host $http_host;
proxy_pass $scheme://$host/index.php$uri;
}
try_files $uri $uri/ =404;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; }
}
server {
listen 80;
server_name cloud.mycloud.com;
if ($host = cloud.mycloud.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
return 404; # managed by Certbot
docker-compose:
version: '3.7'
networks:
nextcloud:
services:
nextcloud:
image: nextcloud:${NEXTCLOUD_VERSION}
container_name: nextcloud
restart: always
ports:
- "10.8.0.1:8082:80"
volumes:
- ${NEXTCLOUD_ROOT}/html:/var/www/html
- ${NEXTCLOUD_ROOT}/data:/srv/nextcloud/data
- /etc/localtime:/etc/localtime:ro
extra_hosts:
- "${NEXTCLOUD_FQDN}:${NEXTCLOUD_IPADDRESS}"
depends_on:
- mariadb
environment:
- NEXTCLOUD_TRUSTED_DOMAINS='${NEXTCLOUD_FQDN}'
- NEXTCLOUD_DATA_DIR=/srv/nextcloud/data
- MYSQL_DATABASE=${MYSQL_DATABASE}
- MYSQL_USER=${MYSQL_USER}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_HOST=nextcloud-mariadb
networks:
- nextcloud
mariadb:
image: mariadb:${MYSQL_VERSION}
container_name: nextcloud-mariadb
restart: always
volumes:
- ${NEXTCLOUD_ROOT}/mariadb:/var/lib/mysql
- /etc/localtime:/etc/localtime:ro
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
- MYSQL_DATABASE=${MYSQL_DATABASE}
- MYSQL_USER=${MYSQL_USER}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
networks:
- nextcloud
The output of your nginx log in /var/log/____:
10.8.0.6 - login [31/Dec/2021:22:24:13 +0000] "PROPFIND /remote.php/dav/calendars/login/personal/ HTTP/2.0" 207 415 "-" "DAVx5/4.0-ose (2021/10/13; dav4jvm;
okhttp/4.9.1) Android/12"
10.8.0.6 - login [31/Dec/2021:22:24:14 +0000] "REPORT /remote.php/dav/calendars/login/personal/ HTTP/2.0" 207 4334 "-" "DAVx5/4.0-ose (2021/10/13; dav4jvm;
okhttp/4.9.1) Android/12"
10.8.0.6 - login [31/Dec/2021:22:24:15 +0000] "REPORT /remote.php/dav/calendars/login/personal/ HTTP/2.0" 403 260 "-" "DAVx5/4.0-ose (2021/10/13; dav4jvm; o
khttp/4.9.1) Android/12"