Getting Nextcloud to work with Mac OS X adress book

lex · August 11, 2016, 7:26am

Hi folks,

sorry to open another topic again, but I could not finde anything here in the forums by searching for it:

since I got my nextcloud finally up and running, I ran into problems of linking an adress book to Mac OS X desktop adressbook.

I did try to search the web and extensively read through topics like this one here https://github.com/owncloudarchive/contacts/issues/1058 - but the case seems actually closed and it seems to be reported working with Mac OS X 10.11.4 and newer, I am running 10.11.6

I keep getting error 405 or CoreDAVError Domain-Fehler 1. when trying to go through https://MYNEXTCLOUDDOMAIN/remote.php/dav/principals/users/MYUSERNAME/ – same goes for iOS, dont get an error message here, but wont sync any contacts.

Any clues?

thanks!

Sugaroverdose · August 11, 2016, 2:11pm

I’ve tried to add nextcloud contacts on 10.11.6, and it didn’t require url from me. If you configured webserver which runs nextcloud as recommended, osx will resolve path to caldav and carddav automatically using well-known urls, just use username+password+servername.

lex · August 11, 2016, 2:20pm

No, unfortunately doesnt work for me.

My nextcloud is hosted at a webhoster, so it will be at subdomain.domain.tld/… - i did try several adresspaths like http:///owncloud/remote.php/dav/principals/users/
or /remote.php/carddav/principals/ or https://subdomain.domain.tld/nextcloud/remote.php/dav/addressbooks/users/NAME/default/ , but nothing really worked…

Sugaroverdose · August 11, 2016, 2:36pm

To clarify, did you tried to switch account type from ‘automatic’ to ‘manual’ and fill fields like that:
user name: username
password: password
server address: serverfqdn

also try to open https://serverfqdn/.well-known/carddav url in browser, it should respond with

This is the WebDAV interface. It can only be accessed by WebDAV clients such as the Nextcloud desktop sync client.

Sugaroverdose · August 11, 2016, 2:44pm

If it won’t, try to open https://serverfqdn/remote.php/dav directly, and if it will respond with error which i mentioned, try to pass settings in such way:
user name: username
password: password
server address: https://serverfqdn/remote.php/dav

lex · August 11, 2016, 5:08pm

Thanks for your advice. Results are in:

https://serverfqdn/.well-known/carddav (whilst using my domain-adress in place for serverfqdn) responded with a different text: File no found. The selected document has not been found on the server. Klick here to return to nextcloud (my translation)
https://serverfqdn/remote.php/dav will yield the error you mentioned “Web DAV interface…only accessible…”

Can you see what seems to be wrong?

Sugaroverdose · August 12, 2016, 8:05am

If after login to owncloud you see url which seems like https://serverfqdn/index.php?apps/files (main thing is index.php in url) it means that you don’t have rewrite rules in nginx config, or in case of apache you don’t have mod_rewrite module enabled.

lex · August 12, 2016, 9:31am

Yes, right, my url after login into my cloud is https://subdomain.domain.tld/index.php/apps/files/ - rewrite rules? Crazy, I get exhausted about how complicated the setup of owncloud/nextcloud on a webhoster is…

lex · August 12, 2016, 9:34am

I just checked, right now, my .htacess looks like this:

#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####
RewriteEngine On
RewriteBase /
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
ErrorDocument 403 //core/templates/403.php
ErrorDocument 404 //core/templates/404.php

Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"

But I have another .htacess from a former owncloud installation which did contain much more stuff.

Should I just copy that into the .htacess for the nextloud installation or do you see anything wierd or anything what doesnt work? Thanks

<IfModule mod_headers.c>

  <IfModule mod_env.c>
    Header always set X-Content-Type-Options "nosniff"
    Header always set X-XSS-Protection "1; mode=block"
    Header always set X-Robots-Tag "none"
    Header always set X-Frame-Options "SAMEORIGIN"
    Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"

    # Add security and privacy related headers
    #Header set X-Content-Type-Options "nosniff"
    #Header set X-XSS-Protection "1; mode=block"
    #Header set X-Robots-Tag "none"
    #Header set X-Frame-Options "SAMEORIGIN"
    #Header set X-Download-Options "noopen"
    #Header set X-Permitted-Cross-Domain-Policies "none"
    #SetEnv modHeadersAvailable true
  </IfModule>

  <IfModule mod_setenvif.c>
    <IfModule mod_fcgid.c>
       SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1
       RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION
    </IfModule>
    <IfModule mod_proxy_fcgi.c>
       SetEnvIfNoCase Authorization "(.+)" HTTP_AUTHORIZATION=$1
    </IfModule>
  </IfModule>

  # Add cache control for CSS and JS files
  <FilesMatch "\.(css|js)$">
    Header set Cache-Control "max-age=7200, public"
  </FilesMatch>
</IfModule>
<IfModule mod_php5.c>
  php_value upload_max_filesize 2G
  php_value post_max_size 2G
  php_value memory_limit 512M
  php_value mbstring.func_overload 0
  php_value always_populate_raw_post_data -1
  php_value default_charset 'UTF-8'
  php_value output_buffering 0
  <IfModule mod_env.c>
    SetEnv htaccessWorking true
  </IfModule>
</IfModule>
<IfModule mod_php7.c>
  php_value upload_max_filesize 2G
  php_value post_max_size 2G
  php_value memory_limit 512M
  php_value mbstring.func_overload 0
  php_value default_charset 'UTF-8'
  php_value output_buffering 0
  <IfModule mod_env.c>
    SetEnv htaccessWorking true
  </IfModule>
</IfModule>
<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  RewriteRule ^\.well-known/host-meta /public.php?service=host-meta [QSA,L]
  RewriteRule ^\.well-known/host-meta\.json /public.php?service=host-meta-json [QSA,L]
  RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
  RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
  RewriteRule ^remote/(.*) remote.php [QSA,L]
  RewriteRule ^(build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
  RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/.*
  RewriteRule ^(\.|autotest|occ|issue|indie|db_|console).* - [R=404,L]

  # Rewrite rules for `front_controller_active`
  Options -MultiViews
  RewriteRule ^core/js/oc.js$ index.php [PT,E=PATH_INFO:$1]
  RewriteRule ^core/preview.png$ index.php [PT,E=PATH_INFO:$1]
  RewriteCond %{REQUEST_FILENAME} !\.(css|js|svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$
  RewriteCond %{REQUEST_FILENAME} !core/img/favicon.ico$
  RewriteCond %{REQUEST_FILENAME} !/remote.php
  RewriteCond %{REQUEST_FILENAME} !/public.php
  RewriteCond %{REQUEST_FILENAME} !/cron.php
  RewriteCond %{REQUEST_FILENAME} !/core/ajax/update.php
  RewriteCond %{REQUEST_FILENAME} !/status.php
  RewriteCond %{REQUEST_FILENAME} !/ocs/v1.php
  RewriteCond %{REQUEST_FILENAME} !/ocs/v2.php
  RewriteCond %{REQUEST_FILENAME} !/updater/
  RewriteCond %{REQUEST_FILENAME} !/ocs-provider/
  RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/.*
</IfModule>
<IfModule mod_mime.c>
  AddType image/svg+xml svg svgz
  AddEncoding gzip svgz
</IfModule>
<IfModule mod_dir.c>
  DirectoryIndex index.php index.html
</IfModule>
AddDefaultCharset utf-8
Options -Indexes
<IfModule pagespeed_module>
  ModPagespeed Off
</IfModule>
#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####

ErrorDocument 403 /core/templates/403.php
ErrorDocument 404 /core/templates/404.php
<IfModule mod_rewrite.c>
  RewriteRule . index.php [PT,E=PATH_INFO:$1]
  RewriteBase /
  <IfModule mod_env.c>
    SetEnv front_controller_active true
    <IfModule mod_dir.c>
      DirectorySlash off
    </IfModule>
  </IfModule>
</IfModule>

Summary

This text will be hidden

joergschulz · August 12, 2016, 10:18am

At least, the .well-known rewrite rules will be worth a try. These helped some year ago for my apple usage.

Sugaroverdose · August 12, 2016, 10:31am

Here’s .htaccess which goes with nextcloud for manual installation:

<IfModule mod_headers.c>
  <IfModule mod_setenvif.c>
    <IfModule mod_fcgid.c>
       SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1
       RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION
    </IfModule>
    <IfModule mod_proxy_fcgi.c>
       SetEnvIfNoCase Authorization "(.+)" HTTP_AUTHORIZATION=$1
    </IfModule>
  </IfModule>

  <IfModule mod_env.c>
    # Add security and privacy related headers
    Header set X-Content-Type-Options "nosniff"
    Header set X-XSS-Protection "1; mode=block"
    Header set X-Robots-Tag "none"
    Header set X-Frame-Options "SAMEORIGIN"
    Header set X-Download-Options "noopen"
    Header set X-Permitted-Cross-Domain-Policies "none"
    SetEnv modHeadersAvailable true
  </IfModule>

  # Add cache control for CSS and JS files
  <FilesMatch "\.(css|js)$">
    Header set Cache-Control "max-age=7200, public"
  </FilesMatch>
</IfModule>
<IfModule mod_php5.c>
  php_value upload_max_filesize 20G
  php_value post_max_size 20G
  php_value memory_limit 512M
  php_value mbstring.func_overload 0
  php_value always_populate_raw_post_data -1
  php_value default_charset 'UTF-8'
  php_value output_buffering 0
  <IfModule mod_env.c>
    SetEnv htaccessWorking true
  </IfModule>
</IfModule>
<IfModule mod_php7.c>
  php_value upload_max_filesize 20G
  php_value post_max_size 20G
  php_value memory_limit 512M
  php_value mbstring.func_overload 0
  php_value default_charset 'UTF-8'
  php_value output_buffering 0
  <IfModule mod_env.c>
    SetEnv htaccessWorking true
  </IfModule>
</IfModule>
<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  RewriteRule ^\.well-known/host-meta /public.php?service=host-meta [QSA,L]
  RewriteRule ^\.well-known/host-meta\.json /public.php?service=host-meta-json [QSA,L]
  RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
  RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
  RewriteRule ^remote/(.*) remote.php [QSA,L]
  RewriteRule ^(build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
  RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/.*
  RewriteRule ^(\.|autotest|occ|issue|indie|db_|console).* - [R=404,L]
</IfModule>
<IfModule mod_mime.c>
  AddType image/svg+xml svg svgz
  AddEncoding gzip svgz
</IfModule>
<IfModule mod_dir.c>
  DirectoryIndex index.php index.html
</IfModule>
AddDefaultCharset utf-8
Options -Indexes
<IfModule pagespeed_module>
  ModPagespeed Off
</IfModule>
#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####

ErrorDocument 403 /core/templates/403.php
ErrorDocument 404 /core/templates/404.php

lex · August 12, 2016, 11:12am

That seems to be identical to the one i found on an old installation above.

And it seems to be working! crazy!

Only thing left: now i get some error warnings about integrity check:

Results
=======
- core
	- INVALID_HASH
		- .htaccess
	- EXTRA_FILE
		- tmp/oc_tmp_nnmupN-folder/.htaccess
- files_external
	- INVALID_HASH
		- l10n/nl.js

Raw output
==========
Array
(
    [core] => Array
        (
            [INVALID_HASH] => Array
                (
                    [.htaccess] => Array
                        (
                            [expected] => 4a97aae4d05df89a28bf2e63fe2a31cdf2afe74d3c9f622a81d6b0f1f4e001639c7c3a31d7aaa793c00d5f355e0bfaad62ec45507245de44...etc.....
                            [current] => bcc50fb677192508c389d0425addf7e11289a17f39943......etc.....

Sugaroverdose · August 12, 2016, 11:46am

try to change max upload size on nextcloud admin page, it will overwrite .htaccess file, and maybe will save it’s hash as valid(don’t really know how integrity check works)

lex · August 12, 2016, 6:46pm

Well… strange things…

1st: changing the max upload size lead to a temporary dissappearance of the integrity warning - strangely enough after a few moments the warning came back. And i dont succed to get from a 1 GB limit back to a 2 GB limit…

2nd: whilst logging into the adress book account with Mac OS X went fine after the implementing the rewrite rules, i cant explain why but some adresses will just not sync? i got two machines, the first machine got two of my 4 test-adresses, the second machine doesnt get any adress, although it seems to be logged in the nextcloud-adressbook without any error message.

lex · August 13, 2016, 8:24am

by the way, i found out i have a .htacess not only in my clouds root folder, but also one in my config folder. is it supposed to be there or could it be a source of trouble? it reads as follows:

# line below if for Apache 2.4
<ifModule mod_authz_core.c>
Require all denied
</ifModule>

# line below if for Apache 2.2
<ifModule !mod_authz_core.c>
deny from all
</ifModule>

# section for Apache 2.2 and 2.4
IndexIgnore *

Sugaroverdose · August 13, 2016, 12:44pm

it should be there, it denies access to config folder from web.
try to force update contacts on second machine, maybe it doesn’t trust to server cert, on reload it should show connection error.

lex · August 13, 2016, 1:07pm

Ok ,thanks!

Now gotta figure out why i can not change the upload limit from 1GB to 2 GB anymore, tried it several times, will not change…

Sugaroverdose · August 13, 2016, 1:08pm

If you replaced .htaccess, it have permissions of user who placed it, change it by chown to user which runs apache.

Nemskiller · August 14, 2016, 1:21pm

Having a working .htaccess is really important.

1- it makes disappeared the index.php in the URL

2- it integrates some quick conf for php max upload etc… Quite usefull

3- it have embedded the rewrite rules for caldav and webdav
When i started to use Owncloud this rules wasn’t there,
I have to type this on every client
Login : user
Password : password
Server : https://myserver.com/remote.php/dav/addressbooks/users/username/

Now the server is just : https://myserver.com/
As simple as adding an iCal server.

alichakery · May 4, 2017, 8:53pm

no one of these helped.

I managed to add Caldav using advanced option in macOS sierra however… CardDav and none of these (Cal or CardDav) worked.

I would really appreciate your help.

EDIT…

Ok Solved the problem.