Collabora errors out - Well, this is embarrassing, we cannot connect to your document. Please try again

latebeat · March 11, 2017, 7:09am

Hi,

I’m on NC v11.0.2 and everything works fine apart from Collabora. Once you try to open any document it gives the error message

Well, this is embarrassing, we cannot connect to your document. Please try again.

Here is docker info:

Containers: 1
 Running: 1
 Paused: 0
 Stopped: 0
Images: 1
Server Version: 1.12.6
Storage Driver: aufs
 Root Dir: /var/lib/docker/aufs
 Backing Filesystem: extfs
 Dirs: 10
 Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: host bridge null overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Security Options: apparmor seccomp
Kernel Version: 4.4.0-66-generic
Operating System: Ubuntu 16.04.2 LTS
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 1.945 GiB
Name: cloud.domain.com
ID: Y6CO:MG6Y:L4YP:PSU6:FILY:BTJW:CKXB:T4DQ:BYG3:B6NT:IRYK:MQSY
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: No swap limit support
Insecure Registries:
 127.0.0.0/8

Here is the log:

https://hastebin.com/ugokoyerar.vbs

Discovery works:

https://hastebin.com/weyazuxuku.xml

Here is my sites-enabled for the collabora domain:

 # Main websocket
  ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws nocanon

Full file here:

https://hastebin.com/uzubacecez.apache

Any ideas?

I’ve seen some people suggesting to switch to devicemapper. Is that 100% what my problem is? Is there any way to make it work with aufs?

Thank you!

Ark74 · March 11, 2017, 8:54am

If you have aufs support there is no reason to change to devicemapper.
Most of the time, the issue is that the server has no aufs support on the current kernel.

It seems that you have support, but to make sure please try,
grep aufs /proc/aufs

For the rest of what you sent, seems fine.
Cheers.

latebeat · March 11, 2017, 8:21pm

Thanks for the reply.

It says there’s no such file or dir. Are you sure that’s the right path to check for aufs support?

➜  ~ grep aufs /proc/aufs                                                        
grep: /proc/aufs: No such file or directory

I have all the extras installed

➜  ~ sudo apt-get install linux-image-extra-$(uname -r) linux-image-extra-virtual
Reading package lists... Done
Building dependency tree       
Reading state information... Done
linux-image-extra-4.4.0-66-generic is already the newest version (4.4.0-66.87).
linux-image-extra-virtual is already the newest version (4.4.0.66.70).
The following packages were automatically installed and are no longer required:
  libblas-common libblas3 liblinear3 liblua5.2-0 lua-lpeg ndiff python-bs4 python-html5lib python-lxml
Use 'sudo apt autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 7 not upgraded.
➜  ~

also

➜  ~ grep aufs /proc/filesystems
nodev	aufs

Ark74 · March 11, 2017, 8:58pm

sorry, it was grep aufs /proc/filesystems as you mention.
xD

Are you running the latest release?
It would need closer look since from this far, it looks fine.

Could it be a network issue?

latebeat · March 11, 2017, 9:29pm

For sure not a network issue. Discovery works fine as I mentioned

Ark74 · March 11, 2017, 9:51pm

Is it a VM? VPS?
Have you try the VM script from GitHub?
We got it right, so now CODE installs flawlesly

Do you have enough space to use the whole LOOL?

latebeat · March 12, 2017, 7:33pm

Nexcloud is a VM and callabora is installed in the same VM as a docker container.
I used the script from techandme.se

Here’s the script

https://github.com/nextcloud/vm/blob/master/static/collabora.sh

More info here:

I feel this has to be something simple because NC works flawlessly, the discovery URL for Collabora works fine

Some more screenshots:

Ark74 · March 14, 2017, 9:41pm

Please what is the outpu for :
/etc/apache2/sites-available/office.domain.com

Thinking that office.domain.com is your proxy docker domain.
Cheers

Specially the VirtualHost lines

latebeat · March 17, 2017, 6:58pm

Here it is:

cat /etc/apache2/sites-available/office.domain.com.conf 
<VirtualHost *:443>
  ServerName office.domain.com:443

  # SSL configuration, you may want to take the easy route instead and use Lets Encrypt!
  SSLEngine on
  SSLCertificateChainFile /etc/letsencrypt/live/office.domain.com/chain.pem
  SSLCertificateFile /etc/letsencrypt/live/office.domain.com/cert.pem
  SSLCertificateKeyFile /etc/letsencrypt/live/office.domain.com/privkey.pem
  SSLProtocol             all -SSLv2 -SSLv3
  SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
  SSLHonorCipherOrder     on

  # Encoded slashes need to be allowed
  AllowEncodedSlashes NoDecode

  # Container uses a unique non-signed certificate
  SSLProxyEngine On
  SSLProxyVerify None
  SSLProxyCheckPeerCN Off
  SSLProxyCheckPeerName Off

  # keep the host
  ProxyPreserveHost On

  # static html, js, images, etc. served from loolwsd
  # loleaflet is the client part of LibreOffice Online
  ProxyPass           /loleaflet https://127.0.0.1:9980/loleaflet retry=0
  ProxyPassReverse    /loleaflet https://127.0.0.1:9980/loleaflet

  # WOPI discovery URL
  ProxyPass           /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
  ProxyPassReverse    /hosting/discovery https://127.0.0.1:9980/hosting/discovery

  # Main websocket
  ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws nocanon

  # Admin Console websocket
  ProxyPass   /lool/adminws wss://127.0.0.1:9980/lool/adminws

  # Download as, Fullscreen presentation and Image upload operations
  ProxyPass           /lool https://127.0.0.1:9980/lool
  ProxyPassReverse    /lool https://127.0.0.1:9980/lool
</VirtualHost>
➜  ~

I had some issues before but resolved it. See thread

Ark74 · March 17, 2017, 9:25pm

Send me a PM with your nextcloud domain, i’ll allow it to run my instance and we can check from there.

Your configuration seems fine.
The only things i’m guessing is that you have old ssl certs on one side office or nextcloud domain, or maybe docker was run with errors, the part with

docker run -t -d -p 127.0.0.1:9980:9980 -e "domain=nextcloud\\.domain\\.com" -e "username=admin-user" -e "password=random" --restart always --cap-add MKNOD collabora/code