Open zilexa opened 3 years ago
Hi Zilexa!
Maybe I can help a little bit.. Your setup differs a little from mine because of your docker-caddy-proxy. I have not experience with it, but it seems to do something similar like nignx-proxy.
Your data directory and files are probably accessible from the Internet. The .htaccess file is not working. It is strongly recommended that you configure your web server so that the data directory is no longer accessible, or move the data directory outside the web server document root.
The data directory is configures by the NEXTCLOUD_DATADIR variable, it defaults to "/var/www/html/data", just [see](https://hub.docker.com//nextcloud). This is usually in the document root of your web server.
You are defining this as a volume:
$DOCKERDIR/nextcloud/var/nextdata:/var/nextdata
This doesn't have to be automatically your data dir. Either you configure:
NEXTCLOUD_DATA_DIR=/var/nextdata
in the environment file or as in the environment section of the docker-compose file.
I don't know what you are doing with the volumes in the caddy container..
Your web server is not properly set up to resolve “/.well-known/caldav”. Further information can be found in the documentation. Your web server is not properly set up to resolve “/.well-known/carddav”. Further information can be found in the documentation.
Why I think the webdav/carddav redirects are working:
- When I check (outside of my home network) https://next.mydomain.com/remote.php/dav I get the message
This is the WebDAV interface. It can only be accessed by WebDAV clients such as the Nextcloud desktop sync client.
I guess this this is not the well known address. You just made a successful test to the Nextcloud caldav/carddav interface. I guess the well known address is the redirect from “/.well-known/caldav” => "/remote.php/dav". When I configure caldav / carddav from my mac I just have to set the server no "../remote.php/dav". I can just assume that the redirect is not working as expected. In my nginx.conf I also set a redirect. It looks similar. You could check by curl If you get a redirect:
curl https://next.mydoamin.de/.well-known/carddav
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.19.7</center>
</body>
</html>
I hope I could help out. :-)
PS: I didn't test with Nextcloud 21 so far, because I see the Nextcloud code quality as a little "limited". I usually wait for version .04 or so to be sure that the most obvious bugs are closed.
Thanks so much for the feedback! I will look into it this weekend and report back! Caddy is great, it allows me to expose most webUIs with just 2-4 readable Compose labels. Only things like Nextcloud are a bit more complicated. I only discovered it a few wks ago.
Perhaps also of interest for you: FileRun. Now that I have played a few days with NextCloud, it definitely is king of apps and all sorts of collaboration features. But purely as Drive/Dropbox etc alternative, FileRun is definitely a better choice. But I like to have Nextcloud ready to spin up if I want to switch for Contacts & Calendar (& unlimited users, FR only allows 10 free users).
I am using your docker-compose, with docker-caddy-proxy for https/reverse proxy and for webserver. No need for nginx. The public Nextcloud security scan gives me an A+ rating and as far as I can test, everything works! (After 3 nights of trial & error since I am no expert). But in Settings> Overview I get a few warnings and hope you maybe can shed some light here, as most solutions online focus on Apache instead of PHP-FPM:
Why I think the webdav/carddav redirects are working:
This is the WebDAV interface. It can only be accessed by WebDAV clients such as the Nextcloud desktop sync client.
Why I think the data directory is not exposed: in your example here: https://github.com/vstoppe/mycloud/blob/master/nextcloud/dockercompose-files/docker-compose_05-fpm-redis-postgres-CODE.yml is the data dir not nextdata? In my example I use the same:
$DOCKERDIR/nextcloud/var/nextdata:/var/nextdata
In my Caddy container, I added thevar/www/html
folder from Nextcloud. Not the nextdata folder.Would you mind having a look?