-e ādomain=nextcloud.XXXX.comā is the double escape messed up by the forum? if not, i THINK its supposed to be -e "domain=nextcloud\\.XXXX\\.com"
did you add the self signed certificate of collabora to the certficate chain of NC, like this (adapt to your paths): docker exec [containerID] cat /etc/loolwsd/ca-chain.cert.pem >> /var/www/html/nextcloud/resources/config/ca-bundle.crt
edit: regarding 1. its the forum messing with the escaping
just for fellow nginx users (with working collaboras), i think this could be relevant:
Each new SSL connection requires a full SSL handshake between the client and server, which is quite CPU-intensive. To have NGINX proxy previously negotiated connection parameters and use a so-called abbreviated handshake, include the proxy_ssl_session_reuse directive:
Iām using nginx through the letsencrypt docker from linuxserver for all of the SSL, so my config is the following (10.0.3.1 is because I am on a QNAPā¦ itās the right IP)
btw. the upstream part is leftover from my attempts to get this running, you can just delete it, it is not used:
upstream collabora {
server 10.0.3.1:9980;
}
i must admit i have no idea whats the problem with your setup, personally i would try to get rid of the nginx docker, since nginx is really quite simple to setup, as is letsencrypt nowadays. generally i think its easier to debug stuff when not in a docker. its only that i didnt find a good explanation how to setup collabora itself without dockerā¦
dont know though if you can run stuff without dockers on a qnap. alternatively you could just run a VM with nextcloud, collabora and nginx, i think that exists (if qnap can run VMās)
Still getting the following error in the console though:
wsd-00025-00033 04:59:56.084523 [ websrv_poll ] ERR Socket #22 SSL BIO error: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request (errno: Succes
./net/SslSocket.hpp:273
Okay good to know, will just ignore for nowā¦ nextcloud redirects to https, so I am assuming there is no security issue since I am still reverse proxying the collabora subdomain as well?