# Nextcloud on Cloudflare Part 2

Some time back I made a blog post about [Nextcloud and Cloudflare tunnels](https://roderik.no/nextcloud-and-cloudflare-tunnels)

I never got around to make carddav and caldav work.. it slipped my mind at the time. Today, I got annoyed with my self. Local Thunderbird simply did not have my contacts! By Odin's sweaty teats, something had to be done!

First, I must assume that you have followed the previous blog post to the letter and are running Nextcloud in a fancy podman pod.

```bash
$ ls -F
containers/ other/ stuff/ thats/ yours/ and/ yours/ alone.mp3
$ cd containers/nextcloud/data/html
$ vim .htaccess
```

[vim](https://www.vim.org/) is not the important part here. Use the editor of your choice.

In .htaccess, navigate to the first(!!) section that starts with

```apache
<IfModule mod_rewrite.c>
  RewriteEngine on                                                                                                                                                           
  RewriteCond %{HTTP_USER_AGENT} DavClnt
  .
  .
</IfModule>
```

Replace the entire section with the following

```apache
<IfModule mod_rewrite.c>                                                                                                                                                     
  RewriteEngine on                                                                                                                                                           
  RewriteCond %{HTTP_USER_AGENT} DavClnt                                                                                                                                     
  RewriteRule ^$ /remote.php/webdav/ [L,R=302]
  RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
  RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
  RewriteRule ^\.well-known/webfinger /index.php/.well-known/webfinger [R=301,L]
  RewriteRule ^\.well-known/nodeinfo /index.php/.well-known/nodeinfo [R=301,L]
  RewriteRule ^remote/(.*) remote.php [QSA,L]
  RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
  RewriteRule ^\.well-known/(?!acme-challenge|pki-validation) /index.php [QSA,L]
  RewriteRule ^ocm-provider/?$ index.php [QSA,L]
  RewriteRule ^(?:\.(?!well-known)|autotest|occ|issue|indie|db_|console).* - [R=404,L]
</IfModule>
```

Remember to blatantly ignore the rather stern warning found under this structure that states: "**DO NOT CHANGE ANYTHING ABOVE THIS LINE**"

<div data-node-type="callout">
<div data-node-type="callout-emoji">👹</div>
<div data-node-type="callout-text">life on the edge is good!</div>
</div>

What has been done? We've added two lines to handle **carddav** and **caldav**, and we removed the paths from **webfinger** and **nodeinfo**. What's left is to restart the pods - this is really important, and we need to add the redirects to our Cloudflare instance.

They say a image says more than a thousand words.. so here goes

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1712830499077/1b6e2628-e468-4825-a8c2-28665eb65efb.png align="center")

I haven't included **webfinger** and **nodeinfo** to the redirects, if you feel you need them just add them to the config, and remember to deploy your changes.

That's about it. 'till next time!
