Some time back I made a blog post about Nextcloud and Cloudflare tunnels
I never got around to make carddav and caldav work.. it slipped my mind at the time. Today, I got annoyed with my self. Local Thunderbird simply did not have my contacts! By Odin's sweaty teats, something had to be done!
First, I must assume that you have followed the previous blog post to the letter and are running Nextcloud in a fancy podman pod.
$ ls -F
containers/ other/ stuff/ thats/ yours/ and/ yours/ alone.mp3
$ cd containers/nextcloud/data/html
$ vim .htaccess
vim is not the important part here. Use the editor of your choice.
In .htaccess, navigate to the first(!!) section that starts with
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} DavClnt
.
.
</IfModule>
Replace the entire section with the following
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} DavClnt
RewriteRule ^$ /remote.php/webdav/ [L,R=302]
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
RewriteRule ^\.well-known/webfinger /index.php/.well-known/webfinger [R=301,L]
RewriteRule ^\.well-known/nodeinfo /index.php/.well-known/nodeinfo [R=301,L]
RewriteRule ^remote/(.*) remote.php [QSA,L]
RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
RewriteRule ^\.well-known/(?!acme-challenge|pki-validation) /index.php [QSA,L]
RewriteRule ^ocm-provider/?$ index.php [QSA,L]
RewriteRule ^(?:\.(?!well-known)|autotest|occ|issue|indie|db_|console).* - [R=404,L]
</IfModule>
Remember to blatantly ignore the rather stern warning found under this structure that states: "DO NOT CHANGE ANYTHING ABOVE THIS LINE"
What has been done? We've added two lines to handle carddav and caldav, and we removed the paths from webfinger and nodeinfo. What's left is to restart the pods - this is really important, and we need to add the redirects to our Cloudflare instance.
They say a image says more than a thousand words.. so here goes
I haven't included webfinger and nodeinfo to the redirects, if you feel you need them just add them to the config, and remember to deploy your changes.
That's about it. 'till next time!