Requests Using Internet URL fail on LAN Access
scoobybri
nginx-forum at forum.nginx.org
Sun Jan 1 16:36:34 UTC 2017
Greetings everyone! Happy New Year. I am a new Nginx user with a curious
problem that I can not seem to fix. Here is my environment.
(URLs and IPs have been changed to protect the innocent) ;-)
I have a Debian/Nginx/MariaDB/PHP7/Nextcloud server running on my LAN on IP
192.168.1.20. I'm running https and the server is up and running properly. I
can connect my secure Nextcloud website without a problem from my LAN. From
the Internet, I have a registered URL that points at the WAN port of my
router: server.blah.com.
On the router, I have forwarded port 6767 to port 443 on my server. I can
connect to the Nextcloud website on the server from both the LAN and
Internet using the URL https://server.blah.com:6767. So far so good, right?
Here is the problem. I use the caldav features of the Nextcloud server to
sync calendar and contact data to my phone. I use the Davdroid client to
connect to the caldav features of the server. The URL that is used to
connect to the server for caldav discovery is:
https://server.blah.com:6767/remote.php/dav/.
Following the instructions from Nextcloud, I have two entries in my Nginx
config file addressing caldav:
location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/reemote.php/dav;mote.php/dav;
}
When I try to connect Davdroid to the Nextcloud website from my LAN using
the URL ( https://server.blah.com:6767/remote.php/dav/), it fails. Here is
the access log entries when I try to connect: (There are no entries in the
error log.)
192.168.1.1 - bongo [01/Jan/2017:09:55:27 -0500] "PROPFIND /remote.php/dav/
HTTP/1.1" 207 854 "-" "DAVdroid/1.3.5-gplay (2016/12/23; dav4android;
okhttp3) Android/7.0"
192.168.1.1 - bongo [01/Jan/2017:09:55:58 -0500] "OPTIONS
/remote.php/dav/principals/users/bongo/ HTTP/1.1" 200 0 "-"
"DAVdroid/1.3.5-gplay (2016/12/23; dav4android; okhttp3) Android/7.0"
BUT when I connect Davdroid to the Nextcloud website from the Internet, it
works properly. Here are the access logs from when it works properly:
172.58.84.223 - bongo [01/Jan/2017:10:13:18 -0500] "PROPFIND
/remote.php/dav/ HTTP/1.1" 207 854 "-" "DAVdroid/1.3.5-gplay (2016/12/23;
dav4android; okhttp3) Android/7.0"
172.58.84.223 - bongo [01/Jan/2017:10:13:18 -0500] "OPTIONS
/remote.php/dav/principals/users/bongo/ HTTP/1.1" 200 0 "-"
"DAVdroid/1.3.5-gplay (2016/12/23; dav4android; okhttp3) Android/7.0"
172.58.84.223 - bongo [01/Jan/2017:10:13:19 -0500] "PROPFIND
/remote.php/dav/ HTTP/1.1" 207 1658 "-" "DAVdroid/1.3.5-gplay (2016/12/23;
dav4android; okhttp3) Android/7.0"
172.58.84.223 - bongo [01/Jan/2017:10:13:20 -0500] "OPTIONS
/remote.php/dav/principals/users/bongo/ HTTP/1.1" 200 0 "-"
"DAVdroid/1.3.5-gplay (2016/12/23; dav4android; okhttp3) Android/7.0"
172.58.84.223 - bongo [01/Jan/2017:10:13:20 -0500] "PROPFIND
/remote.php/dav/principals/users/bongo/ HTTP/1.1" 207 630 "-"
"DAVdroid/1.3.5-gplay (2016/12/23; dav4android; okhttp3) Android/7.0"
172.58.84.223 - bongo [01/Jan/2017:10:13:27 -0500] "PROPFIND
/remote.php/dav/principals/users/bongo/ HTTP/1.1" 207 738 "-"
"DAVdroid/1.3.5-gplay (2016/12/23; dav4android; okhttp3) Android/7.0"
172.58.84.223 - bongo [01/Jan/2017:10:13:27 -0500] "PROPFIND
/remote.php/dav/principals/users/bongo/ HTTP/1.1" 207 790 "-"
"DAVdroid/1.3.5-gplay (2016/12/23; dav4android; okhttp3) Android/7.0"
172.58.84.223 - bongo [01/Jan/2017:10:13:27 -0500] "PROPFIND
/remote.php/dav/principals/groups/admin/ HTTP/1.1" 207 652 "-"
"DAVdroid/1.3.5-gplay (2016/12/23; dav4android; okhttp3) Android/7.0"
172.58.84.223 - bongo [01/Jan/2017:10:13:27 -0500] "PROPFIND
/remote.php/dav/principals/groups/admin/ HTTP/1.1" 207 723 "-"
"DAVdroid/1.3.5-gplay (2016/12/23; dav4android; okhttp3) Android/7.0"
172.58.84.223 - bongo [01/Jan/2017:10:13:28 -0500] "PROPFIND
/remote.php/dav/addressbooks/users/bongo/ HTTP/1.1" 207 3220 "-"
"DAVdroid/1.3.5-gplay (2016/12/23; dav4android; okhttp3) Android/7.0"
172.58.84.223 - bongo [01/Jan/2017:10:13:28 -0500] "PROPFIND
/remote.php/dav/calendars/bongo/ HTTP/1.1" 207 14245 "-"
"DAVdroid/1.3.5-gplay (2016/12/23; dav4android; okhttp3) Android/7.0"
172.58.84.223 - bongo [01/Jan/2017:10:13:28 -0500] "PROPFIND
/remote.php/dav/addressbooks/groups/admin/ HTTP/1.1" 404 11837 "-"
"DAVdroid/1.3.5-gplay (2016/12/23; dav4android; okhttp3) Android/7.0"
So I'm sure you are asking "Are caldav services working at all?" I can
answer with a resounding "Yes!" How do I know? Well, I am using the
Thunderbird email client on my LAN and connect to the caldav services for
calendar sync and caldav is working fine. But here is another clue that
might help. While Davdroid uses this URL to connect:
https://server.blah.com:6767/remote.php/dav/
and then uses propfind to see available services, Thunderbird uses this URL
to get to directly to specific calendars:
https://server.blah.com:6767/remote.php/dav/calendars/bongo/recurring/
where "recurring" is the calendar name. Here is an example access log entry
where Thunderbird connects successfully to sync via caldav:
192.168.1.1 - - [01/Jan/2017:10:31:30 -0500] "PROPFIND
/remote.php/dav/calendars/bongo/main/ HTTP/1.1" 401 567 "-" "Mozilla/5.0
(X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1
Lightning/4.7.4"
192.168.1.1 - - [01/Jan/2017:10:31:30 -0500] "PROPFIND
/remote.php/dav/calendars/bongo/birthdays/ HTTP/1.1" 401 567 "-"
"Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1
Lightning/4.7.4
192.168.1.1 - bongo [01/Jan/2017:10:31:59 -0500] "PROPFIND
/remote.php/dav/calendars/bongo/main/ HTTP/1.1" 499 0 "-" "Mozilla/5.0 (X11;
Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1 Lightning/4.7.4"
192.168.1.1 - bongo [01/Jan/2017:10:31:59 -0500] "PROPFIND /remote.phate to
say it, but when I ran the same exact setup but with
Apachep/dav/calendars/bongo/birthdays/ HTTP/1.1" 499 0 "-" "Mozilla/5.0
(X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1
Lightning/4.7.4"
I really think that this has something to do with the caldav directives in
the Nginx config file since using
https://server.blah.com:6767/remote.php/dav/calendars/bongo/recurring/
works on my LAN but
https://server.blah.com:6767/remote.php/dav/
does not. I tried removing the caldav directives and restarting Nginx, but
it did not fix the problem. I hate to say it, but when I ran the same exact
setup but with Apache, caldav worked fine regardless of LAN, WAN, or client.
I just rebuilt the server this week and decided to use Nginex this time
since it is faster. It is indeed faster than Apache but if I can not get
this problem fixed, I will have to go back to Apache. Please help me avoid
that! ;-)
Brian
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,271791,271791#msg-271791
More information about the nginx
mailing list