The comfy chair

Nextcloud on Cloudflare Part 2

Nextcloud on Cloudflare Part 2

Rune Hansén Steinnes's photo
Rune Hansén Steinnes
·

2 min read

Some time back I made a blog post about Nextcloud and Cloudflare tunnels

I never got around to make carddav and caldav work.. it slipped my mind at the time. Today, I got annoyed with my self. Local Thunderbird simply did not have my contacts! By Odin's sweaty teats, something had to be done!

First, I must assume that you have followed the previous blog post to the letter and are running Nextcloud in a fancy podman pod.

$ ls -F
containers/ other/ stuff/ thats/ yours/ and/ yours/ alone.mp3
$ cd containers/nextcloud/data/html
$ vim .htaccess

vim is not the important part here. Use the editor of your choice.

In .htaccess, navigate to the first(!!) section that starts with

<IfModule mod_rewrite.c>
  RewriteEngine on                                                                                                                                                           
  RewriteCond %{HTTP_USER_AGENT} DavClnt
  .
  .
</IfModule>

Replace the entire section with the following

<IfModule mod_rewrite.c>                                                                                                                                                     
  RewriteEngine on                                                                                                                                                           
  RewriteCond %{HTTP_USER_AGENT} DavClnt                                                                                                                                     
  RewriteRule ^$ /remote.php/webdav/ [L,R=302]
  RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
  RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
  RewriteRule ^\.well-known/webfinger /index.php/.well-known/webfinger [R=301,L]
  RewriteRule ^\.well-known/nodeinfo /index.php/.well-known/nodeinfo [R=301,L]
  RewriteRule ^remote/(.*) remote.php [QSA,L]
  RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
  RewriteRule ^\.well-known/(?!acme-challenge|pki-validation) /index.php [QSA,L]
  RewriteRule ^ocm-provider/?$ index.php [QSA,L]
  RewriteRule ^(?:\.(?!well-known)|autotest|occ|issue|indie|db_|console).* - [R=404,L]
</IfModule>

Remember to blatantly ignore the rather stern warning found under this structure that states: "DO NOT CHANGE ANYTHING ABOVE THIS LINE"

👹
life on the edge is good!

What has been done? We've added two lines to handle carddav and caldav, and we removed the paths from webfinger and nodeinfo. What's left is to restart the pods - this is really important, and we need to add the redirects to our Cloudflare instance.

They say a image says more than a thousand words.. so here goes

I haven't included webfinger and nodeinfo to the redirects, if you feel you need them just add them to the config, and remember to deploy your changes.

That's about it. 'till next time!

carddavcaldavNextcloudcloudflare