CardDAV nginx problem

shterionyanev · February 1, 2017, 1:27pm

Hi guys,

I am trying to connect ownCloud with CardDAV but unsuccessfully... I have the following error

The operation couldn’t be completed. (CoreDAVHTTPStatusErrorDomain error 405.)

I read all issues before and tried to e rewrite and redirect CardDAV but as I said without success.
We are running ownCloud on ngnix server: nginx version: nginx/1.10.0 (Ubuntu)

Here is the configuration:

upstream php-handler {
    server 127.0.0.1:9000;
    #server unix:/var/run/php5-fpm.sock;
}

server {
    listen 80;
    server_name _;
#  server_name cloud.example.com;
#  enforce https

#    listen 443 ssl;
#    server_name cloud.example.com;

#    ssl_certificate /etc/ssl/nginx/cloud.example.com.crt;
#    ssl_certificate_key /etc/ssl/nginx/cloud.example.com.key;

    access_log /var/log/nginx/owncloud.access.log;
    error_log /var/log/nginx/owncloud.error.log;

#  Add headers to serve security related headers
#  Before enabling Strict-Transport-Security headers please read into this topic first.
#  add_header Strict-Transport-Security "max-age=15552000; includeSubDomains";
    add_header X-Content-Type-Options nosniff;
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;

# Path to the root of your installation
    root /XXXX/XXXX/XXXX;

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

#   The following 2 rules are only needed for the user_webfinger app.
#   Uncomment it if you're planning to use this app.
#   rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
#   rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;

    location = /.well-known/carddav {
        return 301 $scheme://$host/remote.php/dav;
    }
    location = /.well-known/caldav {
        return 301 $scheme://$host/remote.php/dav;
    }

    location /.well-known/acme-challenge { }

    #add_header Allow "GET, POST, HEAD PROPFIND" always;

#  set max upload size
    client_max_body_size 512M;
    fastcgi_buffers 64 4K;

# Disable gzip to avoid the removal of the ETag header
    gzip off;

#  Uncomment if your server is build with the ngx_pagespeed module
#  This module is currently not supported.
#  pagespeed off;

    error_page 403 /core/templates/403.php;
    error_page 404 /core/templates/404.php;

    location / {
       rewrite ^ /index.php$uri;
    }
 location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
        return 404;
    }
    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
        return 404;
    }

    location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
        fastcgi_split_path_info ^(.+\.php)(/.*)$;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
#      fastcgi_param HTTPS on;
        fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
        fastcgi_param front_controller_active true;
        fastcgi_pass php-handler;
        fastcgi_intercept_errors on;
        fastcgi_request_buffering off; #Available since nginx 1.7.11
    }

    location ~ ^/(?:updater|ocs-provider)(?:$|/) {
        try_files $uri $uri/ =404;
        index index.php;
    }

#    Adding the cache control header for js and css files
#    Make sure it is BELOW the PHP block
    location ~* \.(?:css|js)$ {
        try_files $uri /index.php$uri$is_args$args;
#        add_header Cache-Control "public, max-age=7200";
#     Add headers to serve security related headers (It is intended to have those duplicated to the ones above)
#        Before enabling Strict-Transport-Security headers please read into this topic first.
#        add_header Strict-Transport-Security "max-age=15552000; includeSubDomains";
#        add_header X-Content-Type-Options nosniff;
#        add_header X-Frame-Options "SAMEORIGIN";
#        add_header X-XSS-Protection "1; mode=block";
#        add_header X-Robots-Tag none;
#        add_header X-Download-Options noopen;
#        add_header X-Permitted-Cross-Domain-Policies none;
#        Optional: Don't log access to assets
#        access_log off;
    }

    location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
        try_files $uri /index.php$uri$is_args$args;
        # Optional: Don't log access to other assets
#        access_log off;
    }
}

anon81984126 · February 1, 2017, 1:52pm

Please move this thread into the https://central.owncloud.org/c/help/miscellaneous category as is not an issue of ownCloud itself but of your webservers configuration.

405 means "Method not allowed". Something in your webserver config or some other security module is blocking the WebDAV calls used by the client. There is a FAQ available here providing all known info about such webserver configuration issues: https://central.owncloud.org/t/how-to-fix-caldav-carddav-webdav-problems/852

Once the search is working again you might also want to use the search of the forums for the keyword "method not allowed".