/ocm-provider/ issue

srdan · August 8, 2024, 7:32am

[details=“Support intro”]
As many others, I am getting
“Your web server is not properly set up to resolve “/ocm-provider/”.”
message in security & setup warnings.
I have scourged so many threads both on Nextcloud Community as well as on Google, and for the life of me, I can’t fix it.

I have installed Nextcloud completely fresh on Ubuntu 24.04. The outside connection is routed through the NGINX reverse proxy, while Nextcloud Webserver is Apache2.

Software-Versions:
Nextcloud version: 29.0.4
Operating system and version: Ubuntu 24.04
Apache Version: 2.4.58
NGINX Version: 1.18.0
PHP version: 8.3.6

Here are some of the configurations I have:

Nginx Conf:

upstream nextcloud {
        server 10.10.10.10;
        keepalive 15;
}

server {
        listen 80;
        server_name nextcloud.domain.com;

        include snippets/log.conf;

        location ^~ /.well-known/acme-challenge/ {
                default_type "text/plain";
                root /var/www/letsencrypt;
        }

        location / {
                return 301 https://nextcloud.domain.com$request_uri;
        }
}


server {
        listen 443 ssl http2;
        server_name nextcloud.domain.com;

        include snippets/letsencrypt.nextcloud.conf;
        include snippets/log.nextcloud.conf;
        include snippets/settings.nextcloud-secure.conf;

        location / {
            proxy_pass http://nextcloud;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }

}

Nextcloud configuration (NC is in /var/www/html):

<?php $CONFIG = array ( 'instanceid' => 'xxxxxxx', 'passwordsalt' => 'xxxxxxxxxxxxx', 'secret' => 'xxxxxxxxxxxxxxx', 'trusted_domains' => array ( 0 => 'nextcloud_server', 1 => 'proxy_server', 2 => 'nextcloud. domain.com', ), 'datadirectory' => 'mounted nextcloud data dir', 'overwriteprotocol' => 'https', 'overwrite.cli.url' => 'https://nextcloud.domain.com', 'dbtype' => 'mysql', 'version' => '29.0.4.1', 'dbname' => 'nextcloud', 'dbhost' => 'localhost', 'dbport' => '', 'dbtableprefix' => 'oc_', 'mysql.utf8mb4' => true, 'dbuser' => 'nextcloud', 'dbpassword' => 'xxxxxxxxxxxxxxxx', 'installed' => true, ); ```` .htaccess file in /var/www/html (the part with the rewrite): ```` RewriteEngine on RewriteCond %{HTTP_USER_AGENT} DavClnt RewriteRule ^$ /remote.php/webdav/ [L,R=302] RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L] RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L] RewriteRule ^remote/(.*) remote.php [QSA,L] RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L] RewriteRule ^\.well-known/(?!acme-challenge|pki-validation) /index.php [QSA,L] RewriteRule ^ocm-provider/?$ index.php [QSA,L] RewriteRule ^(?:\.(?!well-known)|autotest|occ|issue|indie|db_|console).* - [R=404,L] ```` Is this the first time you've seen this error?: Y To replicate, just open the security and warnings. Logs contain nothing about this, nothing that I can find. The output of your Apache/nginx/system log in `/var/log/____`: ``` PASTE HERE ``` Apache Log: ```` - - [08/Aug/2024:09:13:37 +0200] "GET /index.php/settings/admin/overview HTTP/1.0" 200 13556 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Edg/127.0.0.0" - - [08/Aug/2024:09:13:38 +0200] "GET /ocs/v2.php/search/providers?from=%2Fsettings%2Fadmin%2Foverview HTTP/1.0" 200 1156 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Edg/127.0.0.0" - - [08/Aug/2024:09:13:38 +0200] "POST /index.php/contactsmenu/contacts HTTP/1.0" 200 760 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Edg/127.0.0.0" - - [08/Aug/2024:09:13:38 +0200] "GET /ocs/v2.php/apps/user_status/api/v1/user_status HTTP/1.0" 200 857 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Edg/127.0.0.0" - - [08/Aug/2024:09:13:38 +0200] "PUT /ocs/v2.php/apps/user_status/api/v1/heartbeat?format=json HTTP/1.0" 200 857 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Edg/127.0.0.0" - - [08/Aug/2024:09:13:38 +0200] "GET /cron.php HTTP/1.0" 200 744 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Edg/127.0.0.0" - - [08/Aug/2024:09:13:38 +0200] "PROPFIND /remote.php/webdav HTTP/1.1" 401 1626 "-" "Nextcloud Server Crawler" - - [08/Aug/2024:09:13:38 +0200] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.0" 200 1515 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Edg/127.0.0.0" - - [08/Aug/2024:09:13:38 +0200] "HEAD //mnt/nextcloud_data/.ocdata HTTP/1.1" 404 140 "-" "Nextcloud Server Crawler" - [08/Aug/2024:09:13:38 +0200] "HEAD //mnt/nextcloud_data/.ocdata HTTP/1.1" 404 140 "-" "Nextcloud Server Crawler" - - [08/Aug/2024:09:13:38 +0200] "GET /ocs/v2.php/cloud/groups/details HTTP/1.0" 200 855 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Edg/127.0.0.0" - - [08/Aug/2024:09:13:38 +0200] "HEAD /apps/settings/js/map-test.js.map HTTP/1.1" 200 286 "-" "Nextcloud Server Crawler" - - [08/Aug/2024:09:13:38 +0200] "HEAD /apps/settings/js/esm-test.mjs HTTP/1.1" 200 286 "-" "Nextcloud Server Crawler" - - [08/Aug/2024:09:13:38 +0200] "HEAD /ocm-provider/ HTTP/1.1" 404 140 "-" "Nextcloud Server Crawler" - [08/Aug/2024:09:13:38 +0200] "HEAD /ocm-provider/ HTTP/1.1" 404 140 "-" "Nextcloud Server Crawler" - - [08/Aug/2024:09:13:38 +0200] "HEAD /ocs-provider/ HTTP/1.1" 200 1418 "-" "Nextcloud Server Crawler" - - [08/Aug/2024:09:13:38 +0200] "GET /index.php/heartbeat HTTP/1.1" 200 1443 "-" "Nextcloud Server Crawler" - - [08/Aug/2024:09:13:38 +0200] "GET /.well-known/webfinger HTTP/1.1" 404 434 "-" "Nextcloud Server Crawler" - [08/Aug/2024:09:13:38 +0200] "GET /.well-known/webfinger HTTP/1.1" 404 451 "-" "Nextcloud Server Crawler" - - [08/Aug/2024:09:13:38 +0200] "HEAD /core/fonts/NotoSans-Regular-latin.woff2 HTTP/1.1" 200 233 "-" "Nextcloud Server Crawler" - - [08/Aug/2024:09:13:38 +0200] "GET /index.php/settings/ajax/checksetup HTTP/1.0" 200 3662 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Edg/127.0.0.0" - - [08/Aug/2024:09:13:39 +0200] "GET /index.php/apps/files/preview-service-worker.js HTTP/1.0" 200 6509 "https://nextcloud.domain.com/index.php/apps/files/preview-service-worker.js" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Edg/127.0.0.0" ```` Nothing happens in both syslog and nextcloud.log when refreshing the site. Can you help please?

jtr · August 8, 2024, 1:30pm

EDIT: Sorry re-read and missed this part the first time through:

Are you using the default .htaccess file as distributed? I guess you are since you tried to include it above (it’s very hard to read since it’s not set in preformatted text and blends into your log excerpt. Any chance you can edit and clean-up your post so that rest of it is more readable?

Original reply:

Summary

The Nginx config you posted appears to be from your Nginx reverse proxy not your web server, but the gist of the error is that you’re Nginx web server config is out-of-date.

The ocm-provider config change was rolled out in… I believe ~v26. And we try to highlight whenever web server config changes are needed in the Critical Changes section of the Release Notes chapter of the Admin Manual: https://docs.nextcloud.com/server/latest/admin_manual/release_notes/index.html

The updated config should address your situation: NGINX configuration — Nextcloud latest Administration Manual latest documentation

srdan · August 8, 2024, 2:31pm

Really, I could clean up, but it doesn’t matter at this point:
Through trial and error, and two days of troubleshooting, I was able to fix it.

I merely had to enter following into:
/etc/apache2/sites-available/000-default.conf

<Directory /var/www/html/>
     Require all granted
     AllowOverride All
     Options FollowSymLinks MultiViews

     <IfModule mod_dav.c>
       Dav off
     </IfModule>
   </Directory>

    <IfModule mod_headers.c>
      Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
    </IfModule>

The line with HSTS fixes another message, so it’s not directly part of ocm-provider issue.

jtr · August 8, 2024, 4:47pm

Glad to hear you got it resolved!

If you have any suggestions that would make this step clearer in the Admin Manual, don’t hesitate to suggest or propose a change: Installation on Linux — Nextcloud latest Administration Manual latest documentation

system · August 16, 2024, 4:47pm

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.