[Nginx] /.well-known/caldav not properly set up

uri/nextcloud/.well-known/carddav
uri/nextcloud/.well-known/caldav

both return 502 in fisrt place at chrome, with trailing /dav/. If I erase last slash, it redirects fine and shows following:

This is the WebDAV interface. It can only be accessed by WebDAV clients such as the Nextcloud desktop sync client.

On HTML5 Edge, it just directly shows above message without hassle (If already logged in).

So… since server does redirect to url/nextcloud/remote.php/dav, I thought it now met condition of caldav / carddav configuration listed on manual. However, I still get message following:

Your web server is not properly set up to resolve “/.well-known/caldav”

Searched about 5 hours in straight but nothing fixed. I need your help fixing this.


My nextcloud is installed in /var/www/nextcloud/ and sits behind Nginx reverse-proxy with redis memcache.

Nginx config: reverse proxy / nextcloud

Nextcloud version: 18.0.4
Operating system: Lubuntu 20.04:
Nginx version: 1.17.10 (Ubuntu)
PHP version: 7.4


Due to nextcloud-side log spamming problem I’ve disabled error log level, so log file is empty for now.

Nginx log regarding caldav:

MYIP - - [17/May/2020:15:06:07 +0900] "PROPFIND /.well-known/caldav HTTP/2.0" 405 569 "-" "Moz
illa/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safar
i/537.36"                                                                                               
MYIP - - [17/May/2020:15:06:07 +0900] "PROPFIND /.well-known/carddav HTTP/2.0" 405 569 "-" "Mo
zilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safa
ri/537.36"                      

Nothing useful.

Posting the content of your server part of nginx could help.

I have a similiar configuration working good with the following redirects in the reverse proxy site.

    rewrite ^/\.well-known/carddav https://$server_name/remote.php/dav/ permanent;
    rewrite ^/\.well-known/caldav https://$server_name/remote.php/dav/ permanent;
3 Likes

If your site is accessible at http(s)://mydomain/nextcloud, you must add :

 rewrite ^/.well-known/host-meta /nextcloud/public.php?service=host-meta last;
    rewrite ^/.well-known/host-meta.json /nextcloud/public.php?service=host-meta-json last;
    location = /.well-known/carddav {
      return 301 $scheme://$host:$server_port/nextcloud/remote.php/dav;
    }
    location = /.well-known/caldav {
      return 301 $scheme://$host:$server_port/nextcloud/remote.php/dav;
    }

But, if your URL is http(s)://mydomain : you must add :

rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
    rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;

    location = /.well-known/carddav {
      return 301 $scheme://$host:$server_port/remote.php/dav;
    }
    location = /.well-known/caldav {
      return 301 $scheme://$host:$server_port/remote.php/dav;
    }

All in the documentation :
https://docs.nextcloud.com/server/latest/admin_manual/installation/nginx.html

EDIT : The configuration is updated for each new version of NC, so its better to check the doc ( the configuration above works for NC18 but not for NC19 and higher). The link is by default the latest configuration available.

Good luck

1 Like

Read my question again. There is Nginx config linked via pastebin. Will try your solution soon.

Sorry. You’re right. So in your reverse proxy config there should be:

    location = /.well-known/carddav {
            return 301 $scheme://$host/nextcloud/remote.php/dav;
    }

    location = /.well-known/caldav {
            return 301 $scheme://$host/nextcloud/remote.php/dav;
    }
1 Like

That’s fast respond, thanks!
As you might noticed, I’ve commented out those lines

location = /.well-known/carddav {                                                                  
    return 301 https://MY_DOMAIN/nextcloud/remote.php/dav;                              

    # return 301 $scheme://$host:$server_port/remote.php/dav;                                      
    # return 301 $scheme://127.0.0.1/remote.php/dav;                                                
}                                                                                                  
location = /.well-known/caldav {                                                                    
    return 301 https://MY_DOMAIN/nextcloud/remote.php/dav;                              

    # return 301 $scheme://$host:$server_port/remote.php/dav;                                      
    # return 301 $scheme://127.0.0.1/remote.php/dav;                                                
}

I’ve commented out those as they returned localhost like https://127.0.0.1/remote.php/dav due to the fact that it’s behind reverse proxy, $host return localhost.

Adding /nextcloud/ made no difference for this reason. This reverse-proxy part is giving me headache for weeks, sadly…

I might not be in touch for 2 days due to drills, sorry in advance for delay!

It almost feels like I didn’t even take a peek in documentation, saying “All in the documentation” - Which my nextcloud nginx config clearly shows that my config is based off from that exact source.

Plus, document clearly says I don’t have to uncomment those web-finger related rewrite section.

# The following 2 rules are only needed for the user_webfinger app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;

# The following rule is only needed for the Social app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/webfinger /public.php?service=webfinger last;

And I clearly mentioned server is BEHIND nginx reverse-proxy. $host and $server_port will not act as you expected…

I exactly know how you feel because I got through this same issue.
You have to remove this block from the nextcloud nginx config and move it to the reverse proxy part of your nginx config. Don’t give up. You’re close to it…

1 Like

I thought that block is dependent to Nextcloud, how foolish of me to spent weeks on that… Thanks for help! :smiley:

Thank you! This worked for me and it’s more compact than the location directive.
To make it even more compact, do you think it’s possible to use regular expressions to reference both carddav and caldav in a single line?

I had the exact same issue.

But what I noticed after trial and error and a lot of frustration. Is that when you create a new Nextcloud installation and you do the configuration from your external address (example: nextcloud.bla.com) it does not have these errors. Not when you connect to Nextcloud over your NGINX or local.

Sorry to bring this up again. I’m kinda new at all this.
I have a Nextcloud install using Ubuntu 20.04. Using apache2.
It sits behind NginxProxy Manager. It’s working fine but following errors:
Your web server is not properly set up to resolve “/.well-known/caldav”.
Your web server is not properly set up to resolve “/.well-known/carddav”.

I think what you guys are talking about here is the solution. but I’m not sure where and how to implement.

In the NginxReverseProxy config window (In the GUI) can i siomply add the lines?

location = /.well-known/carddav {
return 301 $scheme://$10.0.0.25/remote.php/dav;
}

location = /.well-known/caldav {
return 301 $scheme://$10.0.0.25/remote.php/dav;
}

Where 10.0.0.25 is the host?
Webserver is not running in /nextcloud/ sub-directory

Hi tmkis,
ahh, i know, i am pretty close. just moved that part from nginx default file (NC docker) to nginx proxy manager proxy host config for NC, restarted both containers but now NC settings showing 4 errors rather than 2, i.e some webfinger & node info as well :slight_smile:

any ideas?
Quick question: do i actually need to create a directory ‘well-known’ somewhere?? feeling stupid (btw)…

It never ceases to amaze me how many people respond to a simple, and clear question with “RTFM” … but never themselves bothered to read the question.

I’m having similar issues, my nginx reverse proxy is on opnsense, so its all managed by a gui that’ll overwrite my config files if I manually edit - so I get to figure out how to put “this solution” “in there” - fun times.