Collabora error setup


#1

Hello!
I setup collabora on my nextcloud 14.
My collabora server is reachable also from outside as I get a login promt if I call the adminpanel of collabora.
As soon as I enable it in the settings (add the url with my port (in my case https://myserver:444)) the nextcloud will not respond anymore and all is white.
In the logs I cannot find anything senseful only the error attached.
Can you help me out?
SSL-Cert

is valid as well.

As a tutorial I used this one:


Collabora Nextcloud APP cannot handle reverse apache proxies
#2

I run the collabora on my server https://mydomain:444 and my nextcloud on https://mydomain:443
Both I can reach from outside but when I configure it in nextcloud all become a blank white screen and the log above.


#3

How did you set up port 444? If it is set up for loolwsd port instead of 9980, then it will not work, because ports below 1024 need special privileges.


#4

Oh, I have a better idea. Can you please check your browser’s console log? Isn’t it CSP violation error? See also https://bugs.documentfoundation.org/show_bug.cgi?id=122451


#5

HI :wink:
I set this up with a apache reverse-proxy. internally (in docker) it runs on 9980.
best regards


#6

If I navigate directly to https://mydomain:444 I get no error only that i cannot access the page, cause its forbidden. SSL is valid…


#7

If I activate it by typing inside the url at the config I get no error either but all does not respond anymore.Even after 20 mins it does not stop to load.


#8

Also it does not respond if I open the url https://mydomain/nextcloud in another tab or browser


#9

Update:
After the new Version (Nextcloud 14 [3.1.1]) of the Collabora App today the nextcloud still respond but very slowly.
If I open a document it shows still whitescreen.
In the browsers console I get the error attached.

best regards


#10

I found out that the error has to be at the nextcloud app.
The collabora is accessable:


Also the suburls:
Does someone know how to resolve this issue?


#11

UPDATE:
I updated today to 15.02. Still the same issue. Can it be that collabora does not work if nextcloud runs on https://mydomain.com:443 and collabora on the same domain but with another port (e.g.: https://mydomain.com:444)?


#12

Todays (7th februar 2019) new version did not fix the problem


#13

update 27.2.2019: Problem still persists with latest plugin and collabora container


#14

I found the solution. If it is located on the same Server and its running on the same domain but for example with different ports only you need to add your external DNS to the /etc/hosts of your host.
You also need to add it to the /etc/hosts/ of the docker container.
Therefore follow these steps:

Get docker containers ID:
docker ps
docker exec -it IdOfContainer bash
echo 172.17.0.1 domainofyourcloudandoffice >>/etc/hosts

This setup allows you to run it on the same domain without any subdomain and only changing the tcp port for collabora on for example 444


#15

not a good idea. better start the image with

docker run -v /etc/hosts:/etc/hosts:ro ...

that insures that your entry in /etc/hosts is persistent to image updates.

p.s.: i didn’t need that in my setup. collabora is runing on https://server.name:8443/


#16

btw: would you mind to share your apache2 reverse proxy setting?
i would like to test it in my playbook.


#17

thx, that is nice
yes its with a apache reverse proxy


#18

Here is the apache reverse proxy file. I changed it already to your usecase:

    <VirtualHost *:8443>
ServerName yourdomain:8443

#ServerName yourdomain
# SSL configuration, you may want to take the easy route instead and use Lets #Encrypt!


# Encoded slashes need to be allowed
AllowEncodedSlashes NoDecode

# Container uses a unique non-signed certificate
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off


SSLCertificateFile /etc/letsencrypt/live/yourdomain/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLProtocol             all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
SSLHonorCipherOrder     on

ProxyPreserveHost On

# static html, js, images, etc. served from loolwsd
# loleaflet is the client part of LibreOffice Online
ProxyPass           /loleaflet https://127.0.0.1:9980/loleaflet retry=0
ProxyPassReverse    /loleaflet https://127.0.0.1:9980/loleaflet

# WOPI discovery URL
ProxyPass           /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
ProxyPassReverse    /hosting/discovery https://127.0.0.1:9980/hosting/discovery

# Main websocket
ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws nocanon

# Admin Console websocket
ProxyPass   /lool/adminws wss://127.0.0.1:9980/lool/adminws

# Download as, Fullscreen presentation and Image upload operations
ProxyPass           /lool https://127.0.0.1:9980/lool
ProxyPassReverse    /lool https://127.0.0.1:9980/lool

# Endpoint with information about availability of various features
ProxyPass           /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities retry=0
ProxyPassReverse    /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities

#custom : additional needed
#ProxyPass           / https://127.0.0.1:9980
#ProxyPassReverse    / https://127.0.0.1:9980



</VirtualHost>

#19

I suggest that you discard the buggy 3.2.1 Collabora app and go back to the nightly 3.0.0


#20

I use only the stable canal.
Current Version works fine for me: 3.2.3