At some point in the past Nextcloud office could open documents. But now I get the error:
Failed to establish socket connection or socket connection closed unexpectedly. The reverse proxy might be misconfigured, please contact the administrator. For more info on proxy configuration please checkout https://sdk.collaboraonline.com/docs/installation/Proxy_settings.html
I have used Nextcloud AIO, with AIO running behind a reverse proxy on an Apache server. I have followed the instructions for troubleshooting collabora. I verified that my etc/hosts/ file doesn’t map 127.0.0.1 or 127.0.1.1 to my domain. I tried adding ,0.0.0.0/0 to the allow list for WOPI requests, but this didn’t fix the problem.
I have also checked that my reverse proxy consideration supports the websocket.
Here is the output of curl -vvv https://$NC_DOMAIN:443/hosting/discovery in the nextcloud-aio-nextcloud docker container.
I’m using AIO. Proxy of websockets is enabled in the host server. The line is in the /etc/apache2/conf-available/coolwsd.conf file in the collabora docker container. But I’m having trouble following how the container is set up compared to collabora documentation. So I would appreciate some more detailed instructions about how to check if the container is setup correct.
<VirtualHost *:80>
ServerName http://cloud.mydomain.site:80
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
RewriteCond %{SERVER_NAME} =cloud.mydomain.site
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
ServerName https://cloud.mydomain.site:8080
# Reverse proxy based on https://httpd.apache.org/docs/current/mod/mod_proxy_wstunnel.html
RewriteEngine On
ProxyPreserveHost On
RequestHeader set X-Real-IP %{REMOTE_ADDR}s
AllowEncodedSlashes NoDecode
ProxyPass / http://localhost:11000/ nocanon
ProxyPassReverse / http://localhost:11000/
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteCond %{HTTP:Connection} upgrade [NC]
RewriteCond %{THE_REQUEST} "^[a-zA-Z]+ /(.*) HTTP/\d+(\.\d+)?$"
RewriteRule .? "ws://localhost:11000/%1" [P,L]
# Enable h2, h2c and http1.1
Protocols h2 h2c http/1.1
# Solves slow upload speeds caused by http2
H2WindowSize 5242880
# TLS
SSLEngine on
SSLProtocol -all +TLSv1.2 +TLSv1.3
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
SSLHonorCipherOrder off
SSLSessionTickets off
## END ReCOMENT
# If running apache on a subdomain (eg. nextcloud.example.com) of a domain that already has an wildcard ssl certificate from certbot on this machine,
# the <your-nc-domain> in the below lines should be replaced with just the domain (eg. example.com), not the subdomain.
# In this case the subdomain should already be secured without additional actions
# SSLCertificateFile /etc/letsencrypt/live/mydomain.site/fullchain.pem
# SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.site/privkey.pem
# Disable HTTP TRACE method.
TraceEnable on
<Files ".ht*">
Require all denied
</Files>
# Support big file uploads
LimitRequestBody 0
</VirtualHost>