CalDAV/CardDAV URLs missing /caldav/ and /carddav/ suffix - GNOME Online-Accounts (Linux)

[cryinkfly]

Description
When accessing CalDAV or CardDAV through OpenCloud, the current documentation lists the base URL without the required /caldav/ or /carddav/ suffix. Users attempting to use the base URL directly receive a 403 Forbidden error from the Radicale server.

Steps to reproduce

1. Deploy OpenCloud with Radicale.
2. Access CalDAV via the URL: https://<your.opencloud.domain>/
3. Observe a 403 Forbidden response in the logs or via client access.

Expected behavior
Documentation should indicate the proper URLs:

• CalDAV: https://<your.opencloud.domain>/caldav/
• CardDAV: https://<your.opencloud.domain>/carddav/

Actual behavior
Without /caldav/ or /carddav/, access is forbidden even though users exist in Radicale.

• Tested under Podman (rootless) on Linux.
• Nginx Proxy Manager (NPM) handles standard ports: 443, 80, 81.
• Using /caldav/ and /carddav/ suffix works correctly.
• Reverse proxy properly forwards authenticated users via X-Remote-User.
• Radicale configuration and storage is standard multifilesystem (/var/lib/radicale/collections).
• Nginx Proxy Manager, OpenCloud, and Radicale must be in the same network for proper routing (as in the example radicale:5232 in proxy settings).
• After restarting OpenCloud or making changes in Nginx Proxy Manager (NPM), it may be necessary to temporarily disable and then re-enable the domains so that OIDC/token-based authentication works correctly.

NPM / Proxy Configuration for the opencloud container

# CalDAV
location /caldav/ {
    proxy_pass http://radicale:5232/;
    proxy_set_header X-Remote-User $remote_user;
    proxy_set_header X-Script-Name /caldav;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Forwarded-Proto $scheme;
}

location /.well-known/caldav {
    proxy_pass http://radicale:5232/;
    proxy_set_header X-Remote-User $remote_user;
    proxy_set_header X-Script-Name /caldav;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Forwarded-Proto $scheme;
}

# CardDAV
location /carddav/ {
    proxy_pass http://radicale:5232/;
    proxy_set_header X-Remote-User $remote_user;
    proxy_set_header X-Script-Name /carddav;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Forwarded-Proto $scheme;
}

location /.well-known/carddav {
    proxy_pass http://radicale:5232/;
    proxy_set_header X-Remote-User $remote_user;
    proxy_set_header X-Script-Name /carddav;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Forwarded-Proto $scheme;
}

GNOME Online Accounts – CalDAV & CardDAV Setup

1. Add CalDAV (Calendar) Account

• Open Settings → Online Accounts → Add Account → Custom
• URL: https://<your.opencloud.domain>/caldav/
• Enter username and password (create a self-generated App Token via your cloud’s web interface)
• In the account settings, enable only Calendar sync

2. Add CardDAV (Contacts) Account

• Open Settings → Online Accounts → Add Account → Custom
• URL: https://<your.opencloud.domain>/carddav/
• Enter username and password (create a self-generated App Token via your cloud’s web interface)
• In the account settings, enable only Contacts sync

---

Screenshots