I just ﬁxed an issue that kept the OS X Contacts.app from synchronising with OwnCloud when running behind a reverse proxy. For those who wonder, a reverse proxy is useful if you have a gateway http server that forwards http requests for web servers in a private network.
First some details on my issue: I have several web servers running in (FreeBSD) jails that listen on loopback network devices. The request coming into the host are forwarded by an nginx instance on the host to the speciﬁc jail (identiﬁed by the hostname).
For OS X Contacts, there are some redirects stated in the
.htaccess ﬁle shipped with OwnCloud.
However, a redirect in the jail somehow inserts the loopback address into the HTTP request and since it’s not a public accessible URL, the request failed.
The only viable solution for me was to move the redirects into the reverse proxy (nginx) so I ended up adding these statements to the site’s reverse proxy conﬁguration:
# rewrite rules are not working in the jail rewrite ^/test$ /index.php last; rewrite ^/\.well-known/host-meta$ /public.php?service=host-meta last; rewrite ^/\.well-known/host-meta\.json$ /public.php?service=host-meta-json last; rewrite ^/\.well-known/carddav$ /remote.php/carddav/ last; rewrite ^/\.well-known/caldav$ /remote.php/caldav/ last; rewrite ^/apps/calendar/caldav\.php$ remote.php/caldav/ last; rewrite ^/apps/contacts/carddav\.php$ remote.php/carddav/ last; rewrite ^/remote/(.*)$ remote.php last; rewrite ^/(build|tests|config|lib|3rdparty|templates)/.*$ - last; rewrite ^/(\.|autotest|occ|issue|indie|db_|console).*$ - last;
Note that you might have the proxy listening to both port
443 and port
8443 so you have to make sure it’s active in both sections.
That’s it again and cheers,