Collabora install - Reverse Proxy not working

Hello everyone,

Iā€™m a fairly new Linux user and I have managed to get Nextcloud running on a Ubuntu 18.04.2 system.

I am running Apache2.

I have been working on getting collabora up and running for months and I cannot figure out my problems.

I have been using the official guidelines with docker. The docker container seems to be running fine. If I teamviewer into my server and open ā€œlocalhost:9980ā€ in a browser, I get the collabora ā€œOKā€ screen.

I have two dyndns domains: nextcloud.SERVER.tdl and collabora.SERVER.tdl.

I am guessing that my problem originates from my ssl configuration. I am using letsencrypt. Here are the contents of my config folder:

/etc/apache2/sites-available$ ls
000-default.conf 002-collabora.server.tdl.conf 002- collabora.server.tdl.conf.save default-ssl.conf
000-default-le-ssl.conf 002-collabora.server.tdl.conf.10062019.bak 002-collabora.server.tdl-le-ssl.conf

I can see that there are default configuration files and config. files for the collabora.server.tdl domain, both are for encrypted and non-encrypted traffic.

Here is my 002-collabora.server.tdl-le-ssl.conf:

> # 10.06.2019<IfModule mod_ssl.c>
> <VirtualHost *:443>
> # 11.06.2019 ServerName collabora.server.tdl:443
> ServerName collabora.server.tdl
> # 10.06.2019 ServerAdmin mail@gmail.com
> DocumentRoot /var/www/html/collabora
> 
> # SSL configuration, you may want to take the easy route instead and use Lets Encrypt!
> SSLEngine on
> SSLCertificateFile /etc/letsencrypt/live/collabora.server.tdl/fullchain.pem
> SSLCertificateKeyFile /etc/letsencrypt/live/collabora.server.tdl/privkey.pem
> Include /etc/letsencrypt/options-ssl-apache.conf
> SSLProtocol             all -SSLv2 -SSLv3
> SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256$SSLHonorCipherOrder     on
> 
> # Encoded slashes need to be allowed
> AllowEncodedSlashes NoDecode
> 
> # Container uses a unique non-signed certificate
> SSLProxyEngine On
> SSLProxyVerify None
> SSLProxyCheckPeerCN Off
> SSLProxyCheckPeerName Off
> 
> # keep the host
> ProxyPreserveHost On
> 
> # static html, js, images, etc. served from loolwsd
> # loleaflet is the client part of LibreOffice Online
> ProxyPass           /loleaflet https://127.0.0.1:9980/loleaflet retry=0
> ProxyPassReverse    /loleaflet https://127.0.0.1:9980/loleaflet
> 
> # WOPI discovery URL
> ProxyPass           /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
> ProxyPassReverse    /hosting/discovery https://127.0.0.1:9980/hosting/discovery
> 
> # Main websocket
> ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws nocanon
> 
> # Admin Console websocket
> ProxyPass   /lool/adminws wss://127.0.0.1:9980/lool/adminws
> 
> # Download as, Fullscreen presentation and Image upload operations
> ProxyPass           /lool https://127.0.0.1:9980/lool
> ProxyPassReverse    /lool https://127.0.0.1:9980/lool
> # Endpoint with information about availability of various features
> ProxyPass           /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities retry=0
> ProxyPassReverse    /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities
> <VirtualHost>
> </IfModule>

I cannot access collabora remotely at all.

Is there anyone who could guide me into a direction here? I would really appreciate the help.

YƶTi

Hi, YƶTi,

okay, you have two docker container and also two apache sub domains, well? Both https sub-domains works well from outside your LAN, of course without connection to nexctloud / lool access?

If this so you have exactly the same config as me and i think we should get a solution.

Does your request https://collabora.server.tld/hosting/discovery answer correct values?

ā€œcannot establish a secure Connectionā€

SOMEHOW ITS WORKING. I reinstalled collabora, reran letsencrypt. Apache restart. Now its working. I cant believe it. This project took me months! Wheeheew.