[SOLVED] .htaccess DAV redirects lose https reverse proxy

Hi everyone,

I’ve got a long standing issue with my dockerized Nextcloud set up, which I’m currently working around, but it would be great to solve it “properly”:

Basically, the standard .htaccess rewrite rules for the dav endpoints lose https. So if I do:

$ wget https://<my domain>/.well-known/carddav 2>&1 | grep Location:

I’ll get:

Location: http://<my domain>/remote.php/dav/ [following]

This will then fail.

In order to work around this, I’m manually editing the rules to be:

  RewriteRule ^$ https://%{SERVER_NAME}/remote.php/webdav/ [L,R=302]
  RewriteRule ^\.well-known/carddav https://%{SERVER_NAME}/remote.php/dav/ [R=301,L]
  RewriteRule ^\.well-known/caldav https://%{SERVER_NAME}/remote.php/dav/ [R=301,L]
  RewriteRule ^remote/(.*) https://%{SERVER_NAME}/remote.php [QSA,L]

Then everything works fine. However this is a hack, so there must be something else that’s wrong.

In my case, I’m using Cloudflare tunnels to provide the SSL, but I had this problem previously when I just had my own Apache reverse proxy.

Can anyone help?

Thanks!

I’ve now seen: https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/reverse_proxy_configuration.html#apache2.

Seems I’ll try re-implementing that using a page rule in Cloudflare, and remove my customisation

I have the same problem with using Traefik/Docker and the stock standard .htaccess from Nextcloud.

Traefik labels from docker-compose.yml

- "traefik.http.middlewares.nextcloud_redirectregex.redirectregex.permanent=true"
- "traefik.http.middlewares.nextcloud_redirectregex.redirectregex.regex='https:\\(.*)/.well-known/(card|cal)dav'"
- "traefik.http.middlewares.nextcloud_redirectregex.redirectregex.replacement=https://$${1}/remote.php/dav/"

Using if I run

wget https://<my domain>/.well-known/carddav 2>&1 | grep Location:

I still get

Location: http://<my domain>/remote.php/dav/ [following]

which means that caldav clients can not connect.