Collabora install - Reverse Proxy not working

Hello everyone,

I’m a fairly new Linux user and I have managed to get Nextcloud running on a Ubuntu 18.04.2 system.

I am running Apache2.

I have been working on getting collabora up and running for months and I cannot figure out my problems.

I have been using the official guidelines with docker. The docker container seems to be running fine. If I teamviewer into my server and open “localhost:9980” in a browser, I get the collabora “OK” screen.

I have two dyndns domains: nextcloud.SERVER.tdl and collabora.SERVER.tdl.

I am guessing that my problem originates from my ssl configuration. I am using letsencrypt. Here are the contents of my config folder:

/etc/apache2/sites-available$ ls
000-default.conf 002-collabora.server.tdl.conf 002- default-ssl.conf
000-default-le-ssl.conf 002-collabora.server.tdl.conf.10062019.bak 002-collabora.server.tdl-le-ssl.conf

I can see that there are default configuration files and config. files for the collabora.server.tdl domain, both are for encrypted and non-encrypted traffic.

Here is my 002-collabora.server.tdl-le-ssl.conf:

> # 10.06.2019<IfModule mod_ssl.c>
> <VirtualHost *:443>
> # 11.06.2019 ServerName collabora.server.tdl:443
> ServerName collabora.server.tdl
> # 10.06.2019 ServerAdmin
> DocumentRoot /var/www/html/collabora
> # SSL configuration, you may want to take the easy route instead and use Lets Encrypt!
> SSLEngine on
> SSLCertificateFile /etc/letsencrypt/live/collabora.server.tdl/fullchain.pem
> SSLCertificateKeyFile /etc/letsencrypt/live/collabora.server.tdl/privkey.pem
> Include /etc/letsencrypt/options-ssl-apache.conf
> SSLProtocol             all -SSLv2 -SSLv3
> # Encoded slashes need to be allowed
> AllowEncodedSlashes NoDecode
> # Container uses a unique non-signed certificate
> SSLProxyEngine On
> SSLProxyVerify None
> SSLProxyCheckPeerCN Off
> SSLProxyCheckPeerName Off
> # keep the host
> ProxyPreserveHost On
> # static html, js, images, etc. served from loolwsd
> # loleaflet is the client part of LibreOffice Online
> ProxyPass           /loleaflet retry=0
> ProxyPassReverse    /loleaflet
> # WOPI discovery URL
> ProxyPass           /hosting/discovery retry=0
> ProxyPassReverse    /hosting/discovery
> # Main websocket
> ProxyPassMatch "/lool/(.*)/ws$" wss://$1/ws nocanon
> # Admin Console websocket
> ProxyPass   /lool/adminws wss://
> # Download as, Fullscreen presentation and Image upload operations
> ProxyPass           /lool
> ProxyPassReverse    /lool
> # Endpoint with information about availability of various features
> ProxyPass           /hosting/capabilities retry=0
> ProxyPassReverse    /hosting/capabilities
> <VirtualHost>
> </IfModule>

I cannot access collabora remotely at all.

Is there anyone who could guide me into a direction here? I would really appreciate the help.


Hi, YöTi,

okay, you have two docker container and also two apache sub domains, well? Both https sub-domains works well from outside your LAN, of course without connection to nexctloud / lool access?

If this so you have exactly the same config as me and i think we should get a solution.

Does your request https://collabora.server.tld/hosting/discovery answer correct values?

“cannot establish a secure Connection”

SOMEHOW ITS WORKING. I reinstalled collabora, reran letsencrypt. Apache restart. Now its working. I cant believe it. This project took me months! Wheeheew.