Multiple problems : Mails, WebDav, caldav & cardav

šŸš§ Installation
, , ,
1

Hey,

First, I want to express my gratitude to the Nextcloud team and the entire community. Youā€™re all doing a great job !

Iā€™ve recently followed the fork owncloud -> nextcloud when I received my new server hardware. Iā€™ve successfully installed Nextcloud for Debian 10 Buster. But Iā€™m still facing some problemsā€¦ Iā€™m convinced most of them are relating to the server configuration. Before exposing you my troubles, letā€™s talk about my environment :
ā€¢ Debian 10 Buster
ā€¢ Apache2 server
ā€¢ Nextcloud installation outside of web root
ā€¢ Data folder outside of Nextcloud root
ā€¢ Data are on a ZFS drive
ā€¢ Workstation on Windows 10

Iā€™m not understanding everything relating to apache2 configuration. Iā€™m facing difficulties with the server configuration files, cause I have 2 differents files in sites-available folder : nextcloud.conf & nexcloud-le-ssl.conf. If I well understand, these configurations are overwrited by .htaccess inside the Nextcloud folder. Can you explain me in which way some of these 2 files in my web directory are useless ? Precision : both of these files has the directive ā€œDav Onā€.

Well, letā€™s talk about problemsā€¦

Mails
Iā€™m trying to send mails on Nextcloud settings through an OVH account, but itā€™s not working. Here is the message I receive in admin panel :

mails
mails.png1578Ɨ620 122 KB

WebDav
I cannot connect through WebDav, Iā€™m receiving a 401 authentication error. Itā€™s the same error with windows shell, explorer, and CyberDuck.

Caldav & Cardav
I also have the traditional error ā€œYour Web server is not set up properly to resolve /.well-known/caldav/ or /.well-known/carddav/ā€

Investigations
Iā€™m quite sure all these problems can be solved with a good configuration of my .htaccess. Iā€™ve read a lot of topics on this forum and on Internet but I cannot find a good example matching to my configuration, and I was not able to solve this problem by myself. It looks like WebDav and mail problems are both relating to this ******* .htaccess file. In particular, I think these troubles are relating to mod_headers and mod_rewrite. Here is the content of my .htaccess :

.htaccess SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1 RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION SetEnvIfNoCase Authorization "(.+)" HTTP_AUTHORIZATION=$1 # Add security and privacy related headers Header set X-Content-Type-Options "nosniff" Header set X-XSS-Protection "1; mode=block" Header set X-Robots-Tag "none" Header set X-Download-Options "noopen" Header set X-Permitted-Cross-Domain-Policies "none" Header set Referrer-Policy "no-referrer" SetEnv modHeadersAvailable true

Add cache control for static resources

<FilesMatch ā€œ.(css|js|svg|gif)$ā€>
Header set Cache-Control ā€œmax-age=15778463ā€

Let browsers cache WOFF files for a week

<FilesMatch ā€œ.woff2?$ā€>
Header set Cache-Control ā€œmax-age=604800ā€



php_value mbstring.func_overload 0
php_value default_charset ā€˜UTF-8ā€™
php_value output_buffering 0

SetEnv htaccessWorking true



RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} DavClnt
RewriteRule ^$ /remote.php/webdav/ [L,R=302]
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteRule ^.well-known/host-meta /public.php?service=host-meta [QSA,L]
RewriteRule ^.well-known/host-meta.json /public.php?service=host-meta-json [QSA,L]
RewriteRule ^.well-known/webfinger /public.php?service=webfinger [QSA,L]
RewriteRule ^.well-known/carddav /remote.php/dav/ [R=301,L]
RewriteRule ^.well-known/caldav /remote.php/dav/ [R=301,L]
RewriteRule ^remote/(.) remote.php [QSA,L]
RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/. - [R=404,L]
RewriteCond %{REQUEST_URI} !^/.well-known/(acme-challenge|pki-validation)/.*
RewriteRule ^(?:.|autotest|occ|issue|indie|db_|console).* - [R=404,L]


AddType image/svg+xml svg svgz
AddEncoding gzip svgz


DirectoryIndex index.php index.html

AddDefaultCharset utf-8
Options -Indexes

ModPagespeed Off

DO NOT CHANGE ANYTHING ABOVE THIS LINE

ErrorDocument 403 /nextcloud/
ErrorDocument 404 /nextcloud/

Options -MultiViews
RewriteRule ^core/js/oc.js$ index.php [PT,E=PATH_INFO:$1]
RewriteRule ^core/preview.png$ index.php [PT,E=PATH_INFO:$1]
RewriteCond %{REQUEST_FILENAME} !.(css|js|svg|gif|png|html|ttf|woff2?|ico|jpg|jpeg)$
RewriteCond %{REQUEST_FILENAME} !core/img/favicon.ico$
RewriteCond %{REQUEST_FILENAME} !core/img/manifest.json$
RewriteCond %{REQUEST_FILENAME} !/remote.php
RewriteCond %{REQUEST_FILENAME} !/public.php
RewriteCond %{REQUEST_FILENAME} !/cron.php
RewriteCond %{REQUEST_FILENAME} !/core/ajax/update.php
RewriteCond %{REQUEST_FILENAME} !/status.php
RewriteCond %{REQUEST_FILENAME} !/ocs/v1.php
RewriteCond %{REQUEST_FILENAME} !/ocs/v2.php
RewriteCond %{REQUEST_FILENAME} !/robots.txt
RewriteCond %{REQUEST_FILENAME} !/updater/
RewriteCond %{REQUEST_FILENAME} !/ocs-provider/
RewriteCond %{REQUEST_FILENAME} !/ocm-provider/
RewriteCond %{REQUEST_URI} !^/.well-known/(acme-challenge|pki-validation)/.*
RewriteRule . index.php [PT,E=PATH_INFO:$1]

SetEnv front_controller_active true DirectorySlash off

In addition, there is my nextcloud.conf inside apache directory :

nextcloud.conf

<VirtualHost *:443>
ServerAdmin photo@.fr
DocumentRoot /Nextcloud/
ServerName nc..fr
ServerAlias www.nc.*****.fr
Alias /nextcloud ā€œ/Nextcloud/ā€

<Directory /Nextcloud/>
Options FollowSymlinks Multiviews
AllowOverride All
Require all granted

Dav on

Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"

SetEnv HOME /Nextcloud
SetEnv HTTP_HOME /Nextcloud

RewriteEngine on RewriteCond %{SERVER_NAME} =nc.*****.fr [OR] RewriteCond %{SERVER_NAME} =www.nc.*****.fr RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

Any help will be much appreciated ! Thankā€™s in advance for your advice :slight_smile:

XetYr

2

Up ? :slight_smile:

3

Nextcloud should be in the web root, and the data folder outside it.

These are your site configs. Iā€™m not sure what you mean by saying they are useless?

On your mail issue, you are failing SMTP authentication. The error is 5.7.1 client was not authenticated. This error is returned from the MTA, so itā€™s not taking your credentials.

4

Hey Karl,

Sorry for my late answer, I was working hard these daysā€¦

Iā€™ve totally uninstall and re-install a fresh version of Nextcloud 17 on my system. Now Iā€™ve the Nextcloud folder inside the web root, and maybe Iā€™ve understood something concerning the apache configs files. Today Iā€™ve only 1 of them, with the good configuration according to Mozzila advices. SSLLabs is now providing me a A+ rate ! :smile:

I can not explain why, but the WebDav protocol is now working. I felt it was slow, so I added a Redis cache in addition of the APCu and itā€™s increasing considerably the response time of WebDav service. In that way, do you think I must take a look on OPcache ?

In another way, SMTP authentication is still disturbed, returning the 5.7.1 error. Have you any idea I can investigate on ?