iām a bit frustrated at the moment. Iāve restarted the server because of maintanence and collabora within nextcloud doesnāt work anymore. The container runs and apache2 proxy is working as usual but the nextcloud doesnāt connect to it. Here is the log. Do you find the cause of it? I couldnāt
Error richdocuments GuzzleHttp\Exception\ConnectException: cURL error 7: Failed to connect to office.steingaesser.net port 443: Connection timed out
/var/www/owncloud/3rdparty/guzzlehttp/guzzle/src/RequestFsm.php - line 103: GuzzleHttp\Exception\RequestException wrapException(Object(GuzzleHttp\Message\Request), Object(GuzzleHttp\Ring\Exception\ConnectException))
/var/www/owncloud/3rdparty/guzzlehttp/guzzle/src/RequestFsm.php - line 132: GuzzleHttp\RequestFsm->__invoke(Object(GuzzleHttp\Transaction))
/var/www/owncloud/3rdparty/react/promise/src/FulfilledPromise.php - line 25: GuzzleHttp\RequestFsm->GuzzleHttp\{closure}(Array)
/var/www/owncloud/3rdparty/guzzlehttp/ringphp/src/Future/CompletedFutureValue.php - line 55: React\Promise\FulfilledPromise->then(Object(Closure), NULL, NULL)
/var/www/owncloud/3rdparty/guzzlehttp/guzzle/src/Message/FutureResponse.php - line 43: GuzzleHttp\Ring\Future\CompletedFutureValue->then(Object(Closure), NULL, NULL)
/var/www/owncloud/3rdparty/guzzlehttp/guzzle/src/RequestFsm.php - line 134: GuzzleHttp\Message\FutureResponse proxy(Object(GuzzleHttp\Ring\Future\CompletedFutureArray), Object(Closure))
/var/www/owncloud/3rdparty/guzzlehttp/guzzle/src/Client.php - line 165: GuzzleHttp\RequestFsm->__invoke(Object(GuzzleHttp\Transaction))
/var/www/owncloud/3rdparty/guzzlehttp/guzzle/src/Client.php - line 125: GuzzleHttp\Client->send(Object(GuzzleHttp\Message\Request))
/var/www/owncloud/lib/private/Http/Client/Client.php - line 138: GuzzleHttp\Client->get('https //office....', Array)
/var/www/owncloud/apps/richdocuments/lib/WOPI/DiscoveryManager.php - line 84: OC\Http\Client\Client->get('https //office....')
/var/www/owncloud/apps/richdocuments/lib/WOPI/Parser.php - line 41: OCA\Richdocuments\WOPI\DiscoveryManager->get()
/var/www/owncloud/apps/richdocuments/lib/TokenManager.php - line 122: OCA\Richdocuments\WOPI\Parser->getUrlSrc('application/vnd...')
/var/www/owncloud/apps/richdocuments/lib/Controller/DocumentController.php - line 168: OCA\Richdocuments\TokenManager->getToken(*** sensitive parameters replaced ***)
[internal function] OCA\Richdocuments\Controller\DocumentController->index('108669')
/var/www/owncloud/lib/private/AppFramework/Http/Dispatcher.php - line 160: call_user_func_array(Array, Array)
/var/www/owncloud/lib/private/AppFramework/Http/Dispatcher.php - line 90: OC\AppFramework\Http\Dispatcher->executeController(Object(OCA\Richdocuments\Controller\DocumentController), 'index')
/var/www/owncloud/lib/private/AppFramework/App.php - line 114: OC\AppFramework\Http\Dispatcher->dispatch(Object(OCA\Richdocuments\Controller\DocumentController), 'index')
/var/www/owncloud/lib/private/AppFramework/Routing/RouteActionHandler.php - line 47: OC\AppFramework\App main('OCA\\Richdocumen...', 'index', Object(OC\AppFramework\DependencyInjection\DIContainer), Array)
[internal function] OC\AppFramework\Routing\RouteActionHandler->__invoke(Array)
/var/www/owncloud/lib/private/Route/Router.php - line 299: call_user_func(Object(OC\AppFramework\Routing\RouteActionHandler), Array)
/var/www/owncloud/lib/base.php - line 1004: OC\Route\Router->match('/apps/richdocum...')
/var/www/owncloud/index.php - line 48: OC handleRequest()
{main}
Could you please provide some more information? What setup are you running, what are your server configs and so on. The apache config would be interesting to see and how the apache forwards the requests to the docker image.
On which port does your Collabora docker listen? Could you check that it is listening there right now?
What kind of maintenance was it, that lead to the reboot? What have you changed on the server and what have you tried to solve the problem?
Do you have a firewall running (or iptables defined) which might block the ports required for Collabora?
I donāt have Collabora running in my environment, so I donāt know how everything should look like. When I access your domain I only see the āApache2 Debian Default Pageā. Donāt know if this is usually the case with a Collabora docker image or if there should be some other content, maybe like āCollabora is runningā.
Maybe someone else with more Collabora experience can spread some light on this.
As it was working i also had the Apache2 Default Page by accessing the domain directly. So since the collabora does not directly provide a webservice it seems to be right.
I also see similar problems actually. It used to work in the past (several months ago by now). Iām using Nextcloud 14.0.3 and Collabora Online app v3.0.1.
And I use Collabora Docker (often called Collabora CODE) from:
upstream office {
server 127.0.0.1:9980;
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
server_name office.melroy.org;
server_tokens off;
return 301 https://$host$request_uri; # managed by Certbot
}
server {
listen 443 ssl http2;
server_name office.melroy.org;
server_tokens off;
ssl on;
# Certificate & key
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem; # managed by Certbot
# Increase security (using the Diffie-Hellman Group file)
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES265-SHA:!aNULL;
ssl_prefer_server_ciphers on;
ssl_ecdh_curve secp521r1:secp384r1:secp256k1;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:10m;
ssl_stapling on;
ssl_stapling_verify on;
# Feature to support on your site and strengthens your implementation of TLS by getting the User Agent to enforce the use of HTTPS
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
# Don't allow the browser to render the page inside an frame or iframe and avoid clickjacking
add_header X-Frame-Options SAMEORIGIN;
# When serving user-supplied content, include a X-Content-Type-Options: nosniff header along with the Content-Type: header,
# to disable content-type sniffing on some browsers.
add_header X-Content-Type-Options nosniff;
# Enable the Cross-site scripting (XSS) filter built into most recent web browsers.
add_header X-XSS-Protection "1; mode=block";
# With CSP tell the browser that it can only download content from the domains you explicitly allow (without 'unsafe-inline' 'unsafe-eval')
# No CSP too complicated
# Referrer Policy will allow a site to control the value of the referer header in links away from their pages.
add_header Referrer-Policy "no-referrer";
location / {
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass https://office;
}
# static files
location ^~ /loleaflet {
proxy_pass https://localhost:9980;
proxy_set_header Host $http_host;
}
# WOPI discovery URL
location ^~ /hosting/discovery {
proxy_pass https://localhost:9980;
proxy_set_header Host $http_host;
}
# main websocket
location ~ ^/lool/(.*)/ws$ {
proxy_pass https://localhost:9980;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $http_host;
proxy_read_timeout 36000s;
}
# download, presentation and image upload
location ~ ^/lool {
proxy_pass https://localhost:9980;
proxy_set_header Host $http_host;
}
# Admin Console websocket
location ^~ /lool/adminws {
proxy_pass https://localhost:9980;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $http_host;
proxy_read_timeout 36000s;
}
}