Dear nextcloud community,
(note: I cannot add more than two links, therefore all https are replaced by XXXXS)
With a fresh install of nextcloud (on ubuntu 16.04 server 64bit) and following the guide at XXXXS://nextcloud.com/collaboraonline/, I get a 404 Not Found error in the docker logs (opening the URL in my browser gives back “false”) and a “Well, this is embarrassing, we cannot connect to your document. Please try again.” in the nextcloud interface.
My configuration:
- Nextcloud + collabora on the same server with different subdomains (nc.domain.org
and co.domain.org) - valid wildcard certificate (*.domain.org) for both
- behind a firewall but server and testing-client have host entries (so nc.domain.org and co.domain.org resolve to internal IP)
apache nextcloud config:
<VirtualHost *:80>
ServerName nc.DOMAIN.org
DocumentRoot /var/www/nextcloud
RedirectPermanent / XXXXs://nc.DOMAIN.org
# ErrorLog logs/nextcloud/error_log
# TransferLog logs/nextcloud/access_log
</VirtualHost>
<VirtualHost *:443>
DocumentRoot "/var/www/nextcloud"
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/wildcard.DOMAIN.org.pem
SSLCertificateKeyFile /etc/apache2/ssl/wildcard.DOMAIN.org.key
SSLCACertificateFile /etc/apache2/ssl/alphassl-intermediate-sha256.crt
ServerName nc.DOMAIN.org
Header always add Strict-Transport-Security "max-age=15768000; includeSubdomains; preload"
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/nextcloud/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/nextcloud
SetEnv HTTP_HOME /var/www/nextcloud
Satisfy Any
</Directory>
</VirtualHost>
apache collabora config
<VirtualHost *:80>
ServerName co.DOMAIN.org
RedirectPermanent / XXXXS://co.DOMAIN.org
# ErrorLog logs/collabora/error_log
# TransferLog logs/collabora/access_log
</VirtualHost>
<VirtualHost *:443>
ServerName co.DOMAIN.org:443
# SSL configuration, you may want to take the easy route instead and use Lets Encrypt!
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/wildcard.DOMAIN.org.pem
SSLCertificateKeyFile /etc/apache2/ssl/wildcard.DOMAIN.org.key
SSLCertificateChainFile /etc/apache2/ssl/alphassl-intermediate-sha256.crt
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
SSLHonorCipherOrder on
# Encoded slashes need to be allowed
AllowEncodedSlashes On
# Container uses a unique non-signed certificate
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
# keep the host
ProxyPreserveHost On
# static html, js, images, etc. served from loolwsd
# loleaflet is the client part of LibreOffice Online
ProxyPass /loleaflet XXXXS://127.0.0.1:9980/loleaflet retry=0
ProxyPassReverse /loleaflet XXXXS://127.0.0.1:9980/loleaflet
# WOPI discovery URL
ProxyPass /hosting/discovery XXXXS://127.0.0.1:9980/hosting/discovery retry=0
ProxyPassReverse /hosting/discovery XXXXS://127.0.0.1:9980/hosting/discovery
# Main websocket
ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws
# Admin Console websocket
ProxyPass /lool/adminws wss://127.0.0.1:9980/lool/adminws
# Download as, Fullscreen presentation and Image upload operations
ProxyPass /lool XXXXS://127.0.0.1:9980/lool
ProxyPassReverse /lool XXXXS://127.0.0.1:9980/lool
</VirtualHost>
docker version:
Client:
Version: 1.12.1
API version: 1.24
Go version: go1.6.2
Git commit: 23cf638
Built: Tue, 27 Sep 2016 12:25:38 +1300
OS/Arch: linux/amd64
Server:
Version: 1.12.1
API version: 1.24
Go version: go1.6.2
Git commit: 23cf638
Built: Tue, 27 Sep 2016 12:25:38 +1300
OS/Arch: linux/amd64
docker output:
......
e[37mwsd-00024-04 00:01:01.034374 [ client_ws_0002 ] WOPI::CheckFileInfo header for URI [XXXXS://nc.DOMAIN.org/index.php/apps/richdocuments/wopi/files/227?access_token=4TgYY4r6RGTVA8IVGY9RMQirI2dAVo9m]:
Date: Wed, 26 Oct 2016 17:29:09 GMT / Server: Apache/2.4.7 (Ubuntu) / Content-Length: 337 / Connection: close / Content-Type: text/html; charset=iso-8859-1 / e[0m
e[37mwsd-00024-04 00:01:01.034456 [ client_ws_0002 ] WOPI::CheckFileInfo returned: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /index.php/apps/richdocuments/wopi/files/227 was not found on this server.</p>
<hr>
<address>Apache/2.4.7 (Ubuntu) Server at nc.DOMAIN.org Port 443</address>
</body></html>
e[0m
e[1me[31mwsd-00024-04 00:01:01.034491 [ client_ws_0002 ] WOPI::CheckFileInfo is missing JSON payloade[0m
e[39mwsd-00024-04 00:01:01.034683 [ client_ws_0002 ] After checkfileinfo: e[0m
e[39mwsd-00024-04 00:01:01.034903 [ client_ws_0002 ] ~DocumentBroker [XXXXS://nc.DOMAIN.org/index.php/apps/richdocuments/wopi/files/227?access_token=4TgYY4r6RGTVA8IVGY9RMQirI2dAVo9m] destroyed with 0 sessions left.e[0m
e[39mwsd-00024-04 00:01:01.034950 [ client_ws_0002 ] ~ChildProcess dtor [42].e[0m
e[1me[33mkit-00042-00 00:01:01.009222 [ loolkit ] Connection closed.e[0m
e[39mkit-00042-00 00:01:01.009284 [ loolkit ] SocketProcessor finishing. TerminationFlag: 0, n: 2, payload size: 2, flags: 88e[0m
e[39mkit-00042-00 00:01:01.009316 [ loolkit ] SocketProcessor finished.e[0m
e[39mkit-00042-00 00:01:01.009339 [ loolkit ] Removing '/lo'e[0m
e[39mkit-00042-00 00:01:01.273096 [ loolkit ] Removing '/user/docs/'e[0m
e[1me[33mwsd-00024-00 00:01:01.299134 [ prison_ws ] Connection closed.e[0m
e[39mwsd-00024-00 00:01:01.299187 [ prison_ws ] SocketProcessor finishing. TerminationFlag: 0, n: 0, payload size: 0, flags: 0e[0m
e[39mwsd-00024-00 00:01:01.299232 [ prison_ws ] SocketProcessor finished.e[0m
e[39mwsd-00024-04 00:01:01.299341 [ client_ws_0002 ] Closing child [42].e[0m
e[1me[31mwsd-00024-04 00:01:01.299382 [ client_ws_0002 ] ClientRequestHandler::handleRequest: BadRequestException: Invalid URI or access denied.e[0m
e[37mwsd-00024-04 00:01:01.299405 [ client_ws_0002 ] Already sent response!?e[0m
e[37mwsd-00024-04 00:01:01.299421 [ client_ws_0002 ] Thread finished.e[0m
e[39mkit-00042-00 00:01:02.273870 [ loolkit ] Process finished.e[0m
e[39mfrk-00033-00 00:01:03.059539 [ loolforkit ] Child 42 has exited, removing its jail '/opt/lool/child-roots/42'e[0m
e[37mwsd-00024-10 00:01:05.149681 [ loolwsd ] Total memory used: 167060e[0m
e[39mwsd-00024-02 00:01:15.445543 [ client_req_hdl ] Request from 172.17.0.1:41466: GET /hosting/discovery HTTP/1.1 / Host: co.DOMAIN.org / User-Agent: ownCloud Server Crawler / X-Forwarded-For: 10.11.1.29 / X-Forwarded-Host: co.DOMAIN.org / X-Forwarded-Server: co.DOMAIN.org / Connection: closee[0m
e[37mwsd-00024-02 00:01:15.445653 [ client_req_hdl ] Handling GET: /hosting/discoverye[0m
e[37mwsd-00024-02 00:01:15.445717 [ client_ws_0003 ] Thread started.e[0m
e[37mwsd-00024-02 00:01:15.451501 [ client_ws_0003 ] Sent discovery.xml successfully.e[0m
e[37mwsd-00024-02 00:01:15.451894 [ client_ws_0003 ] Already sent response!?e[0m
e[37mwsd-00024-02 00:01:15.452259 [ client_ws_0003 ] Thread finished.e[0m
e[39mwsd-00024-04 00:01:15.820141 [ client_req_hdl ] Request from 172.17.0.1:41470: POST /loleaflet/1.8.5/loleaflet.html?WOPISrc=XXXXS%3A%2F%2Fnc.DOMAIN.org%2Findex.php%2Fapps%2Frichdocuments%2Fwopi%2Ffiles%2F4&title=About.odt&lang=en&closebutton=1&revisionhistory=1 HTTP/1.1 / Host: co.DOMAIN.org / Cache-Control: max-age=0 / Origin: null / Upgrade-Insecure-Requests: 1 / User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/53.0.2785.143 Chrome/53.0.2785.143 Safari/537.36 / Content-Type: application/x-www-form-urlencoded / Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 / Accept-Encoding: gzip, deflate, br / Accept-Language: en-US,en;q=0.8 / Cookie: __utma=67340112.1145797696.1470734957.1470734957.1470734957.1; __utmz=67340112.1470734957.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) / X-Forwarded-For: 10.11.1.30 / X-Forwarded-Host: co.DOMAIN.org / X-Forwarded-Server: co.DOMAIN.org / Connection: close / Content-Length: 45e[0m
e[37mwsd-00024-04 00:01:15.820397 [ client_req_hdl ] Preprocessing file: /usr/share/loolwsd//loleaflet/dist/loleaflet.htmle[0m
e[39mwsd-00024-02 00:01:16.371985 [ client_req_hdl ] Request from 172.17.0.1:41474: GET /lool/XXXXS%253A%252F%252Fnc.DOMAIN.org%252Findex.php%252Fapps%252Frichdocuments%252Fwopi%252Ffiles%252F4%3Faccess_token=6lybwD4G8KJplVvCbkhAru6JX0XMtPV4/ws HTTP/1.1 / Host: co.DOMAIN.org / Pragma: no-cache / Cache-Control: no-cache / Origin: XXXXS://co.DOMAIN.org / Sec-WebSocket-Version: 13 / User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/53.0.2785.143 Chrome/53.0.2785.143 Safari/537.36 / Accept-Encoding: gzip, deflate, sdch, br / Accept-Language: en-US,en;q=0.8 / Cookie: __utma=67340112.1145797696.1470734957.1470734957.1470734957.1; __utmz=67340112.1470734957.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) / Sec-WebSocket-Key: Ku3rAnOzlkEizyFblK/85g== / Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits / X-Forwarded-For: 10.11.1.30 / X-Forwarded-Host: co.DOMAIN.org / X-Forwarded-Server: co.DOMAIN.org / Upgrade: WebSocket / Connection: Upgradee[0m
e[37mwsd-00024-02 00:01:16.372402 [ client_req_hdl ] Handling GET: /lool/XXXXS%253A%252F%252Fnc.DOMAIN.org%252Findex.php%252Fapps%252Frichdocuments%252Fwopi%252Ffiles%252F4%3Faccess_token=6lybwD4G8KJplVvCbkhAru6JX0XMtPV4/wse[0m
e[37mwsd-00024-02 00:01:16.372449 [ client_ws_0004 ] Thread started.e[0m
e[39mwsd-00024-02 00:01:16.372777 [ client_ws_0004 ] Starting GET request handler for session [0004].e[0m
e[37mwsd-00024-02 00:01:16.372812 [ client_ws_0004 ] Sending to Client [statusindicator: find].e[0m
e[37mwsd-00024-02 00:01:16.372960 [ client_ws_0004 ] getNewChild: Have 3 children, forking 0e[0m
e[37mwsd-00024-02 00:01:16.373026 [ client_ws_0004 ] getNewChild: Returning new child [43].e[0m
e[37mwsd-00024-02 00:01:16.373052 [ client_ws_0004 ] New DocumentBroker for docKey [nc.DOMAIN.org/index.php/apps/richdocuments/wopi/files/4].e[0m
e[39mwsd-00024-02 00:01:16.373087 [ client_ws_0004 ] DocumentBroker [XXXXS://nc.DOMAIN.org/index.php/apps/richdocuments/wopi/files/4?access_token=6lybwD4G8KJplVvCbkhAru6JX0XMtPV4] created. DocKey: [nc.DOMAIN.org/index.php/apps/richdocuments/wopi/files/4]e[0m
e[39mwsd-00024-02 00:01:16.373151 [ client_ws_0004 ] Validating: XXXXS://nc.DOMAIN.org/index.php/apps/richdocuments/wopi/files/4?access_token=6lybwD4G8KJplVvCbkhAru6JX0XMtPV4e[0m
e[39mwsd-00024-02 00:01:16.373175 [ client_ws_0004 ] Public URI [XXXXS://nc.DOMAIN.org/index.php/apps/richdocuments/wopi/files/4?access_token=6lybwD4G8KJplVvCbkhAru6JX0XMtPV4] considered WOPI.e[0m
e[37mwsd-00024-02 00:01:16.373260 [ client_ws_0004 ] Storage ctor: XXXXS://nc.DOMAIN.org/index.php/apps/richdocuments/wopi/files/4?access_token=6lybwD4G8KJplVvCbkhAru6JX0XMtPV4e[0m
e[39mwsd-00024-02 00:01:16.373286 [ client_ws_0004 ] WopiStorage ctor with localStorePath: [], jailPath: [], uri: [XXXXS://nc.DOMAIN.org/index.php/apps/richdocuments/wopi/files/4?access_token=6lybwD4G8KJplVvCbkhAru6JX0XMtPV4].e[0m
e[37mwsd-00024-02 00:01:16.373309 [ client_ws_0004 ] Getting info for wopi uri [XXXXS://nc.DOMAIN.org/index.php/apps/richdocuments/wopi/files/4?access_token=6lybwD4G8KJplVvCbkhAru6JX0XMtPV4].e[0m
e[37mwsd-00024-02 00:01:16.384594 [ client_ws_0004 ] WOPI::CheckFileInfo header for URI [XXXXS://nc.DOMAIN.org/index.php/apps/richdocuments/wopi/files/4?access_token=6lybwD4G8KJplVvCbkhAru6JX0XMtPV4]:
Date: Wed, 26 Oct 2016 17:29:24 GMT / Server: Apache/2.4.7 (Ubuntu) / Content-Length: 335 / Connection: close / Content-Type: text/html; charset=iso-8859-1 / e[0m
e[37mwsd-00024-02 00:01:16.384700 [ client_ws_0004 ] WOPI::CheckFileInfo returned: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /index.php/apps/richdocuments/wopi/files/4 was not found on this server.</p>
<hr>
<address>Apache/2.4.7 (Ubuntu) Server at nc.DOMAIN.org Port 443</address>
</body></html>
e[0m
e[1me[31mwsd-00024-02 00:01:16.384742 [ client_ws_0004 ] WOPI::CheckFileInfo is missing JSON payloade[0m
e[39mwsd-00024-02 00:01:16.384947 [ client_ws_0004 ] After checkfileinfo: e[0m
e[39mwsd-00024-02 00:01:16.385163 [ client_ws_0004 ] ~DocumentBroker [XXXXS://nc.DOMAIN.org/index.php/apps/richdocuments/wopi/files/4?access_token=6lybwD4G8KJplVvCbkhAru6JX0XMtPV4] destroyed with 0 sessions left.e[0m
e[39mwsd-00024-02 00:01:16.385195 [ client_ws_0004 ] ~ChildProcess dtor [43].e[0m
e[1me[33mkit-00043-00 00:01:16.359456 [ loolkit ] Connection closed.e[0m
e[39mkit-00043-00 00:01:16.359523 [ loolkit ] SocketProcessor finishing. TerminationFlag: 0, n: 2, payload size: 2, flags: 88e[0m
e[39mkit-00043-00 00:01:16.359553 [ loolkit ] SocketProcessor finished.e[0m
e[39mkit-00043-00 00:01:16.359574 [ loolkit ] Removing '/lo'e[0m
e[39mkit-00043-00 00:01:16.638123 [ loolkit ] Removing '/user/docs/'e[0m
e[1me[33mwsd-00024-00 00:01:16.664154 [ prison_ws ] Connection closed.e[0m
e[39mwsd-00024-00 00:01:16.664198 [ prison_ws ] SocketProcessor finishing. TerminationFlag: 0, n: 0, payload size: 0, flags: 0e[0m
e[39mwsd-00024-00 00:01:16.664240 [ prison_ws ] SocketProcessor finished.e[0m
e[39mwsd-00024-02 00:01:16.664519 [ client_ws_0004 ] Closing child [43].e[0m
e[1me[31mwsd-00024-02 00:01:16.664617 [ client_ws_0004 ] ClientRequestHandler::handleRequest: BadRequestException: Invalid URI or access denied.e[0m
e[37mwsd-00024-02 00:01:16.664819 [ client_ws_0004 ] Already sent response!?e[0m
e[37mwsd-00024-02 00:01:16.664916 [ client_ws_0004 ] Thread finished.e[0m
e[39mkit-00043-00 00:01:17.638763 [ loolkit ] Process finished.e[0m
e[39mfrk-00033-00 00:01:18.165925 [ loolforkit ] Child 43 has exited, removing its jail '/opt/lool/child-roots/43'e[0m ......
OC_appconfig:
('richdocuments', 'doc_format', 'odf'),
('richdocuments', 'edit_groups', ''),
('richdocuments', 'enabled', 'yes'),
('richdocuments', 'installed_version', '1.1.9'),
('richdocuments', 'ocsid', '174727'),
('richdocuments', 'types', ''),
('richdocuments', 'wopi_url', 'XXXXS://co.DOMAIN.org:443'),
The row wopi_url didn’t exist and I added it manually
the infoheader URI (e.g. XXXXS://nc.DOMAIN.org/index.php/apps/richdocuments/wopi/files/4?access_token=6lybwD4G8KJplVvCbkhAru6JX0XMtPV4 ) finds information about the file (e.g. filename)
http://co.DOMAIN.org is redirected to XXXXS, http://nc.DOMAIN.org is redirected to XXXXS (see apache config).
I already found the thread about the
ClientRequestHandler::handleRequest: BadRequestException: Invalid URI or access denied.
error, but I have a 404 even before. So hopefully there is a solution to this?
thank you and kind regards,
Tim