Hi,
I recently reinstalled nc from scratch because of a serverchange. Now it installs the Collabora - Built in Code Server by default, what’s pretty cool i think.
My Problem:
I sadly i can’t use it because in the Nextcloud Office configuration it says:
translation:
Saved with failure: Collabora Online should use the same Protocol as the serverinsallation. Please take a look at the “ssl.enable” and “ssl.termination” settings of your Collabora Online Server.
And now the weird thing:
if i activate the cloudflare proxy it works just fine and there is no Error message anymore, even after disabling it again… after clearing my browsers cache it doesn’t work and the Error message is back… So it has to be my reverseproxy. Im using apache2 with these settings i got from Proxy settings — SDK https://sdk.collaboraonline.com/ documentation
(i can only post 4 urls so i had to adjust it a bit to be able to post it):
(MYDOMAIN)=my.cool.domain
(LIKE_DOCU)=127.0.0.1
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName (MYDOMAIN)
ProxyPreserveHost On
DocumentRoot /var/www/html
ProxyPass /.well-known !
ProxyPass / http://(NEXTCLOUD_IP):80/ flushpackets=on
ProxyPassReverse / http://(NEXTCLOUD_IP):80/
LimitRequestBody 0
########################################
# Reverse proxy for Collabora Online #
########################################
AllowEncodedSlashes NoDecode
SSLProxyEngine On
ProxyPreserveHost On
# cert is issued for collaboraonline.example.com and we proxy to localhost
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
# static html, js, images, etc. served from coolwsd
# browser is the client part of Collabora Online
ProxyPass /browser https://(LIKE_DOCU):9980/browser retry=0
ProxyPassReverse /browser https://(LIKE_DOCU):9980/browser
# WOPI discovery URL
ProxyPass /hosting/discovery https://(LIKE_DOCU):9980/hosting/discovery retry=0
ProxyPassReverse /hosting/discovery https://(LIKE_DOCU):9980/hosting/discovery
# Capabilities
ProxyPass /hosting/capabilities https://(LIKE_DOCU):9980/hosting/capabilities retry=0
ProxyPassReverse /hosting/capabilities https://(LIKE_DOCU):9980/hosting/capabilities
# Main websocket
ProxyPassMatch "/cool/(.*)/ws$" wss://(LIKE_DOCU):9980/cool/$1/ws nocanon
# Admin Console websocket
ProxyPass /cool/adminws wss://(LIKE_DOCU):9980/cool/adminws
# Download as, Fullscreen presentation and Image upload operations
ProxyPass /cool https://(LIKE_DOCU):9980/cool
ProxyPassReverse /cool https://(LIKE_DOCU):9980/cool
# Compatibility with integrations that use the /lool/convert-to endpoint
ProxyPass /lool https://(LIKE_DOCU):9980/cool
ProxyPassReverse /lool https://(LIKE_DOCU):9980/cool
<IfModule mod_headers.c>
RewriteEngine On
Header always set Strict-Transport-Security "max-age=15768000; preload"
"some redirects"
</IfModule>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/cool.domain-0003/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/cool.domain-0003/privkey.pem
</VirtualHost>
</IfModule>
i know it’s of to think localhost passes do the right thing… that’s why i was confused that it worked (i discovered later that it was working because of the cache…)
it looks like integrated CODE installation doesn’t take into account Nextcloud config.php overwrite* settings and heavily relies on proxy headers like proxy_set_header - unfortunately no solution has been documented there but definitely good progress and also good ways to troubleshoot.
I’m glad you managed to fix it. I’m struggling with 2 configs in your post
isn’t built-in CODE running on /custom_apps/richdocumentscode/proxy.php
why do you ProxyPassReverse CODE things to https://(NC-SERVER-IP):9980 did you assign certificate to your CODE instance?
would be great you can comment so we can rely on this example of working reverse proxy config for built-in CODE… can you post the output of /hosting/discovery endpoint as well?