I have NextCloud and Collabora hosted in Docker under cloud.example.local and office.example.local respectively. It’s on the same machine as Pi-hole, so I’ve been using Lighttpd to reverse-proxy to these containers.
When I open a *.docx file on NextCloud via Firefox, Windows, I get a blank page. The console says there’s a 400 Bad Request error:
Fair enough. When I check the logs on Collabora, I get:
wsd-00001-00024 2023-04-20 03:15:26.544182 +0000 [ websrv_poll ] ERR #29: #29 Exception while processing incoming request: [GET /cool/https:/cloud.example.local/index.php/apps/richdocuments/wopi/files/8_ocdwdb8wqut3%3Faccess_token=nnse3i6s2Nnz8Iv9Ol8qVvmwMpAlziEz&access_token_ttl=1681996524000/ws?WOPISrc=https://cloud.example.local/index.php/apps/richdocuments/wopi/files/8_ocdwdb8wqut3&compat=/ws HTTP/1.1
...]: Bad URI syntax| wsd/COOLWSD.cpp:3969
wsd-00001-00024 2023-04-20 03:15:28.846545 +0000 [ websrv_poll ] ERR #29: #29 Exception while processing incoming request: [GET /cool/https:/cloud.example.local/index.php/apps/richdocuments/wopi/files/8_ocdwdb8wqut3%3Faccess_token=nnse3i6s2Nnz8Iv9Ol8qVvmwMpAlziEz&access_token_ttl=1681996524000&permission=edit/ws?WOPISrc=https://cloud.example.local/index.php/apps/richdocuments/wopi/files/8_ocdwdb8wqut3&compat=/ws HTTP/1.1
...]: Bad URI syntax| wsd/COOLWSD.cpp:3969
Which, well, that’s strange. Is the https:/ part of GET /cool/https:/cloud.example.local/index.php only supposed to have one /? I’m also reading online that https:// shouldn’t be part of the URI’s request from the first place. If true, how would I go about fixing that on Lighttpd?
My current Lighttpd configuration reads as follows:
$HTTP["host"] == "cloud.example.local" {
url.redirect += (
"^/\.well-known/carddav" => "/remote.php/dav",
"^/\.well-known/caldav" => "/remote.php/dav",
"^/\.well-known/webfinger" => "/index.php/.well-known/webfinger",
"^/\.well-known/nodeinfo" => "/index.php/.well-known/nodeinfo"
)
proxy.server = ( "" => ( ( "host" => "127.0.0.1", "port" => "8383" ) ) )
setenv.add-response-header = ( "Strict-Transport-Security" => "max-age=15552000" )
}
$HTTP["host"] == "office.example.local" {
proxy.server = (
"" => ( ( "host" => "127.0.0.1", "port" => "9980" ) )
)
setenv.add-response-header = ( "Strict-Transport-Security" => "max-age=15552000" )
# Enable websockets
proxy.header = ( "upgrade" => "enable" )
}
And docker-compose.yml reads:
version: '3.8'
volumes:
nextcloud:
db:
office:
services:
db:
image: mariadb:10.6
restart: always
ports:
- 3306:3306
command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW
volumes:
- db:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=pass1
- MYSQL_PASSWORD=pass2
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
app:
image: nextcloud
restart: always
ports:
- 8383:80
depends_on:
- db
volumes:
- /media/www/nextcloud/data:/var/www/html/data
- /media/www/nextcloud/config/example.config.php:/var/www/html/config/example.config.php:ro
- nextcloud:/var/www/html
environment:
- MYSQL_PASSWORD=pass2
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_HOST=192.168.0.55:3306
cron:
image: nextcloud:apache
restart: always
volumes:
- /media/www/nextcloud/data:/var/www/html/data
- /media/www/nextcloud/config/example.config.php:/var/www/html/config/example.config.php:ro
- nextcloud:/var/www/html:z
entrypoint: /cron.sh
depends_on:
- db
office:
image: collabora/code
restart: always
ports:
- 9980:9980
depends_on:
- app
cap_add:
- MKNOD
volumes:
- office:/etc/coolwsd
environment:
- username=admin
- password=pass3
- dictionaries="en_US jp"
- aliasgroup1=https://office\.example\.local:443
- DONT_GEN_SSL_CERT=true
- "extra_params=--o:ssl.enable=false --o:ssl.termination=true"
Aside: Not an immediate problem, but it looks like the Nextcloud container can only access the Collabora via URL http://office:9980. What’s up with that?