[Nginx] /.well-known/caldav not properly set up

uri/nextcloud/.well-known/carddav
uri/nextcloud/.well-known/caldav

both return 502 in fisrt place at chrome, with trailing /dav/. If I erase last slash, it redirects fine and shows following:

This is the WebDAV interface. It can only be accessed by WebDAV clients such as the Nextcloud desktop sync client.

On HTML5 Edge, it just directly shows above message without hassle (If already logged in).

So… since server does redirect to url/nextcloud/remote.php/dav, I thought it now met condition of caldav / carddav configuration listed on manual. However, I still get message following:

Your web server is not properly set up to resolve “/.well-known/caldav”

Searched about 5 hours in straight but nothing fixed. I need your help fixing this.


My nextcloud is installed in /var/www/nextcloud/ and sits behind Nginx reverse-proxy with redis memcache.

Nginx config: reverse proxy / nextcloud

Nextcloud version: 18.0.4
Operating system: Lubuntu 20.04:
Nginx version: 1.17.10 (Ubuntu)
PHP version: 7.4


Due to nextcloud-side log spamming problem I’ve disabled error log level, so log file is empty for now.

Nginx log regarding caldav:

MYIP - - [17/May/2020:15:06:07 +0900] "PROPFIND /.well-known/caldav HTTP/2.0" 405 569 "-" "Moz
illa/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safar
i/537.36"                                                                                               
MYIP - - [17/May/2020:15:06:07 +0900] "PROPFIND /.well-known/carddav HTTP/2.0" 405 569 "-" "Mo
zilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safa
ri/537.36"                      

Nothing useful.

Posting the content of your server part of nginx could help.

I have a similiar configuration working good with the following redirects in the reverse proxy site.

    rewrite ^/\.well-known/carddav https://$server_name/remote.php/dav/ permanent;
    rewrite ^/\.well-known/caldav https://$server_name/remote.php/dav/ permanent;

If your site is accessible at http(s)://mydomain/nextcloud, you must add :

 rewrite ^/.well-known/host-meta /nextcloud/public.php?service=host-meta last;
    rewrite ^/.well-known/host-meta.json /nextcloud/public.php?service=host-meta-json last;
    location = /.well-known/carddav {
      return 301 $scheme://$host:$server_port/nextcloud/remote.php/dav;
    }
    location = /.well-known/caldav {
      return 301 $scheme://$host:$server_port/nextcloud/remote.php/dav;
    }

But, if your URL is http(s)://mydomain : you must add :

rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
    rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;

    location = /.well-known/carddav {
      return 301 $scheme://$host:$server_port/remote.php/dav;
    }
    location = /.well-known/caldav {
      return 301 $scheme://$host:$server_port/remote.php/dav;
    }

All in the documentation :
https://docs.nextcloud.com/server/latest/admin_manual/installation/nginx.html

Good luck

Read my question again. There is Nginx config linked via pastebin. Will try your solution soon.

Sorry. You’re right. So in your reverse proxy config there should be:

    location = /.well-known/carddav {
            return 301 $scheme://$host/nextcloud/remote.php/dav;
    }

    location = /.well-known/caldav {
            return 301 $scheme://$host/nextcloud/remote.php/dav;
    }

That’s fast respond, thanks!
As you might noticed, I’ve commented out those lines

location = /.well-known/carddav {                                                                  
    return 301 https://MY_DOMAIN/nextcloud/remote.php/dav;                              

    # return 301 $scheme://$host:$server_port/remote.php/dav;                                      
    # return 301 $scheme://127.0.0.1/remote.php/dav;                                                
}                                                                                                  
location = /.well-known/caldav {                                                                    
    return 301 https://MY_DOMAIN/nextcloud/remote.php/dav;                              

    # return 301 $scheme://$host:$server_port/remote.php/dav;                                      
    # return 301 $scheme://127.0.0.1/remote.php/dav;                                                
}

I’ve commented out those as they returned localhost like https://127.0.0.1/remote.php/dav due to the fact that it’s behind reverse proxy, $host return localhost.

Adding /nextcloud/ made no difference for this reason. This reverse-proxy part is giving me headache for weeks, sadly…

I might not be in touch for 2 days due to drills, sorry in advance for delay!

It almost feels like I didn’t even take a peek in documentation, saying “All in the documentation” - Which my nextcloud nginx config clearly shows that my config is based off from that exact source.

Plus, document clearly says I don’t have to uncomment those web-finger related rewrite section.

# The following 2 rules are only needed for the user_webfinger app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;

# The following rule is only needed for the Social app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/webfinger /public.php?service=webfinger last;

And I clearly mentioned server is BEHIND nginx reverse-proxy. $host and $server_port will not act as you expected…

I exactly know how you feel because I got through this same issue.
You have to remove this block from the nextcloud nginx config and move it to the reverse proxy part of your nginx config. Don’t give up. You’re close to it…

1 Like

I thought that block is dependent to Nextcloud, how foolish of me to spent weeks on that… Thanks for help! :smiley: