Fix url redirection when a remote nextcloud is used so that .well-known/caldav and carddav work properly, as well as the redirecting /cloud to the remote Nextcloud. Since the nginx config is replaced by the management daemon whenever a new domain is added, this change adds a hooking mechanism for setup mods.Fix url redirection when a remote nextcloud is in use. This corrects redirection for /.well-known/caldav, /.well-known/carddav and /cloud to send the client to the remote nextcloud. This requires an nginx configuration change, and since the nginx config is replaced by the management daemon whenever a new domain is added, this change adds a hooking mechanism for setup mods allowing them to intercept and modify the resultant nginx config.

2026-03-12 17:07:23 +01:00 · 2022-09-21 15:52:47 -04:00
parent dae697e6af
commit 53cbabac75
13 changed files with 282 additions and 5 deletions
--- a/tests/bin/m-debug.sh
+++ b/tests/bin/m-debug.sh
@@ -17,5 +17,6 @@ export FLASK_DEBUG=1
 if ! systemctl is-active --quiet miabldap-capture; then
    export CAPTURE_STORAGE_ROOT=/mailinabox/management/reporting/capture/tests
 fi
+export PYTHONPATH=${LOCAL_MODS_DIR:-/local}
 python3 --version
 python3 ./daemon.py
--- a/tests/lib/rest.sh
+++ b/tests/lib/rest.sh
@@ -57,6 +57,10 @@ rest_urlencoded() {
    
 	local data=()
 	local item output onlydata="false"
+
+	if [ ! -z "$auth_user" ]; then
+		data+=("--user" "${auth_user}:${auth_pass}")
+	fi
 	
 	for item; do
        case "$item" in
@@ -86,9 +90,9 @@ rest_urlencoded() {
        esac
    done

-	echo "spawn: curl -w \"%{http_code}\" -X $verb --user \"${auth_user}:xxx\" ${data[@]} $url" 1>&2
+	echo "spawn: curl -w \"%{http_code}\" -X $verb ${data[@]} $url" 1>&2
 	# pipe through 'tr' to avoid bash "warning: command substitution: ignored null byte in input" where curl places a \0 between output and http_code
-	output=$(curl -s -S -w "%{http_code}" -X $verb --user "${auth_user}:${auth_pass}" "${data[@]}" $url | tr -d '\0')
+	output=$(curl -s -S -w "%{http_code}" -X $verb "${data[@]}" $url | tr -d '\0')
 	local code=$?

 	# http status is last 3 characters of output, extract it
--- a/tests/suites/remote-nextcloud.sh
+++ b/tests/suites/remote-nextcloud.sh
@@ -140,10 +140,66 @@ test_nextcloud_contacts() {
    test_end
 }

+test_web_config() {
+    test_start "web-config"
+
+	if ! assert_is_configured; then
+		test_end
+		return
+	fi
+
+	local code
+	
+	# nginx should be configured to redirect .well-known/caldav and
+	# .well-known/carddav to the remote nextcloud
+	if grep '\.well-known/carddav[\t ]*/cloud/' /etc/nginx/conf.d/local.conf >/dev/null; then
+		test_failure "/.well-known/carddav redirects to the local nextcloud, but should redirect to $NC_HOST:$NC_PORT"
+	else
+		# ensure the url works
+		record "[test /.well-known/carddav url]"
+		rest_urlencoded GET "/.well-known/carddav" "" "" --location 2>>$TEST_OF
+		code=$?
+		record "code=$code"
+		record "status=$REST_HTTP_CODE"
+		record "output=$REST_OUTPUT"
+		if [ $code -eq 0 ]; then
+			test_failure "carddav url works, but expecting 401/NotAuthenticated from server"
+		elif [ $code -eq 1 -o $REST_HTTP_CODE -ne 401 ] || ! grep "NotAuthenticated" <<<"$REST_OUTPUT" >/dev/null; then
+			test_failure "carddav url doesn't work: $REST_ERROR"
+		fi
+	fi
+	
+	if grep '\.well-known/caldav[\t ]*/cloud/' /etc/nginx/conf.d/local.conf >/dev/null; then
+		test_failure "/.well-known/caldav redirects to the local nextcloud, but should redirect to $NC_HOST:$NC_PORT"
+	else
+		# ensure the url works
+		record "[test /.well-known/caldav url]"
+		rest_urlencoded GET "/.well-known/caldav" "" "" --location 2>>$TEST_OF
+		code=$?
+		record "code=$code"
+		record "status=$REST_HTTP_CODE"
+		record "output=$REST_OUTPUT"
+		if [ $code -eq 0 ]; then
+			test_failure "caldav url works, but expecting 401/NotAuthenticated from server"
+		elif [ $code -eq 1 -o $REST_HTTP_CODE -ne 401 ] || ! grep "NotAuthenticated" <<<"$REST_OUTPUT" >/dev/null; then
+			test_failure "caldav url doesn't work: $REST_ERROR"
+		fi
+	fi
+
+	# ios/osx mobileconfig should be configured to redirect carddav to the
+	# remote nectcloud
+	if grep -A 1 CardDAVPrincipalURL /var/lib/mailinabox/mobileconfig.xml | tail -1 | grep -F "<string>/cloud/remote.php" >/dev/null; then
+		test_failure "ios mobileconfig redirects to the local nextcloud, but should redirect to $NC_HOST:$NC_PORT"
+	fi
+	
+    test_end    
+}
+

 suite_start "remote-nextcloud" mgmt_start

 #test_mail_from_nextcloud
+test_web_config
 test_nextcloud_contacts

 suite_end mgmt_end
--- a/tests/system-setup/setup-defaults.sh
+++ b/tests/system-setup/setup-defaults.sh
@@ -33,6 +33,7 @@ else
 fi
 export DOWNLOAD_CACHE_DIR="${DOWNLOAD_CACHE_DIR:-$(pwd)/downloads}"
 export DOWNLOAD_NEXTCLOUD_FROM_GITHUB="${DOWNLOAD_NEXTCLOUD_FROM_GITHUB:-false}"
+export MGMT_LOG_LEVEL=${MGMT_LOG_LEVEL:-debug}


 # Used by ehdd/start-encrypted.sh
--- a/tests/vagrant/Vagrantfile
+++ b/tests/vagrant/Vagrantfile
@@ -25,7 +25,7 @@ export FEATURE_MUNIN=false
 export EHDD_KEYFILE=$HOME/keyfile
 echo -n "boo" >$EHDD_KEYFILE
 tests/system-setup/remote-nextcloud-docker.sh || exit 1
-tests/runner.sh ehdd remote-nextcloud default || exit 2
+tests/runner.sh remote-nextcloud ehdd default || exit 2
 SH
    end
  end