There should be test for missing /hosting/capabilities added instead of just silently failing?
Iāve read the posts. Everyone writes that they have the same problem. And they all donāt give any useful information about their setup.
What can anyone do to help?
Also, changes in the apache setup of Collabora Online are no problem for the Nextcloud app.
Oh, u use an apache reverse proxy, not nginx? The first part of an useful information.
It would be helpful if the app would why it failed, like: āMissing /hosting/capabilitiesā or something else.
Same Problem, Docker installation and Collabora Online 3.6.0 Collabora error āOnline is not setup yetā.
Back to version 3.5.3 works perfectly. Will now be more careful when updating this app, it is apparently not being tested.
@helge ā How do you discover the exact version of your docker container? My compose file is setup to use latest collabora docker image and it was last updated 9 days ago. When I look at docker hub Iām seeing version 4.2.3.1 as the latest and not 3.6.0
@kevdog It is the Collabora Online App 3.6.0 Version, not the docker version. https://apps.nextcloud.com/apps/richdocuments
The solution is to set the following entry in Apache VirtualHost. https://nextcloud.com/de/collaboraonline/
# Endpoint with information about availability of various features
ProxyPass /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities retry=0
ProxyPassReverse /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities
This is how the Collabora Online Version 3.6.0 works.
Thank you very much for your solution.
It perfectly solves the problem on a bare-metal installation made with the D. Hansson VM scripts.
I faced the same problem with Collabora after upgrade at Debian 9 / Nginx / PHP-FPM installation.
I wonder why developers had not proposed any solution to this bug until now.
Such major releases should be tested thoroughly before publishing.
Adding those lines to apacheās config file works perfect.
It doesnāt seem to be a bug, but an improvement.
As a suggestion, the warning message telling that collabora is not well configured could be more accurate, or address a link with an explanation.
Anyway, thank you for improving the app!!! I find it one of the most usefull ones for nextcloud platform.
Hello,
Thanks, it works for me with the nginx configuration. I added the following lines :
# Capabilities
location ^~ /hosting/capabilities {
proxy_pass https://localhost:9980;
proxy_set_header Host $http_host;
}
But I had a bad gateway Nginx webpage. I tried to update collabora with docker pull collabora/code
. You can find all command lines at this webpage :
After update, everything was ok.
Thank you!
I added Capabilities and now everything works fine for Nginx/FPM as well.
Thanks, that worked for me too. Using nginx as proxy
The only thing i had to do on top of changing the nginx config i had to click the āsaveā button on Collaboras settings page.
The problem remains. I updated the application, made changes to the host configuration and restarted Apache.
I even compared character configuration of the host with the configuration on the site, the differences are only in the address of the site and the path to the certificates.
In the settings of the Collabora Online I enter the server address I click save it shows that everything is fine but it costs to refresh the page or re-enter the settings everything stops working.
Returned to version 3.5.3
Maybe you intermixed http and https in the prox config?
No, here is the host configuration for connecting Collabora
I indicate in the application settings https://office.domain.com:443
<VirtualHost *:443>
ServerName office.domain.com:443
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/domain.com/cert.pem
SSLCertificateChainFile /etc/letsencrypt/live/domain.com/chain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain.com/privkey.pem
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
SSLHonorCipherOrder on
AllowEncodedSlashes NoDecode
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
ProxyPreserveHost On
ProxyPass /loleaflet https://127.0.0.1:9980/loleaflet retry=0
ProxyPassReverse /loleaflet https://127.0.0.1:9980/loleaflet
ProxyPass /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
ProxyPassReverse /hosting/discovery https://127.0.0.1:9980/hosting/discovery
ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws nocanon
ProxyPass /lool/adminws wss://127.0.0.1:9980/lool/adminws
ProxyPass /lool https://127.0.0.1:9980/lool
ProxyPassReverse /lool https://127.0.0.1:9980/lool
ProxyPass /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities retry=0
ProxyPassReverse /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities
</VirtualHost>
Would the self-signed certificate be the problem?
I am using self-signed certificate for both cloud and office server. And those works fine just before update to 3.6.0, or after downgrade to 3.5.3.
The missing of "ProxyPass /hosting/capabilities " should not be the only reason.
In my system, those "ProxyPass /hosting/capabilities " always exist, and the docker Collabora Online server is the new installed one. The 2.5.3 works fine, however not for 3.6.0.
I should change from
ProxyPass /loleaflet https://127.0.0.1:9980/loleaflet retry=0
To
ProxyPass /loleaflet https://server.domain.com:9980/loleaflet retry=0
And add to the hosts the line
127.0.0.1 server.domain.com
These change was due to the certificate that fails when use directly 127.0.0.1 because the certificate was registered for server.domain.com
Hi,
I run a nextcloud installation via the same script.
What exactly did you do to get it working?
I tried appending the 2 lines at the end of office.mydomain.com.conf but that didnāt work for me.
My config file:
<VirtualHost *:443>
ServerName office.mydomain.com:443
<Directory /var/www>
Options -Indexes
</Directory>
# TLS configuration, you may want to take the easy route instead and use Lets Encrypt!
SSLEngine on
SSLCertificateChainFile /etc/letsencrypt/live/office.mydomain.com/chain.pem
SSLCertificateFile /etc/letsencrypt/live/office.mydomain.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/office.mydomain.com/privkey.pem
SSLOpenSSLConfCmd DHParameters /etc/letsencrypt/live/office.mydomain.com/dhparam.pem
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA38>
SSLHonorCipherOrder on
SSLCompression off
# Encoded slashes need to be allowed
AllowEncodedSlashes NoDecode
# Container uses a unique non-signed certificate
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
# keep the host
ProxyPreserveHost On
# static html, js, images, etc. served from loolwsd
# loleaflet is the client part of LibreOffice Online
ProxyPass /loleaflet https://127.0.0.1:9980/loleaflet retry=0
ProxyPassReverse /loleaflet https://127.0.0.1:9980/loleaflet
# WOPI discovery URL
ProxyPass /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
ProxyPassReverse /hosting/discovery https://127.0.0.1:9980/hosting/discovery
# Main websocket
ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws nocanon
# Admin Console websocket
ProxyPass /lool/adminws wss://127.0.0.1:9980/lool/adminws
# Download as, Fullscreen presentation and Image upload operations
ProxyPass /lool https://127.0.0.1:9980/lool
ProxyPassReverse /lool https://127.0.0.1:9980/lool
# Endpoint with information about availability of various features
ProxyPass /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities retry=0
ProxyPassReverse /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities
</VirtualHost>
Hi alivansheikh,
These are the only things I do :
- edit the /etc/apache2/sites-available/collabora.my-domain.net.conf with the content below.
- then restart apache2.
The only differences seems to be the position of the 2 lines, not at the end for me, and the content of the SSLCipherSuite
variable (yours seems to be cut at position 189 and end with >
) :
<VirtualHost *:443>
ServerName collabora.my-domain.net:443
<Directory /var/www>
Options -Indexes
</Directory>
# TLS configuration, you may want to take the easy route instead and use Lets Encrypt!
SSLEngine on
SSLCertificateChainFile /etc/letsencrypt/live/collabora.my-domain.net/chain.pem
SSLCertificateFile /etc/letsencrypt/live/collabora.my-domain.net/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/collabora.my-domain.net/privkey.pem
SSLOpenSSLConfCmd DHParameters /etc/letsencrypt/live/collabora.my-domain.net/dhparam.pem
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
SSLHonorCipherOrder on
SSLCompression off
# Encoded slashes need to be allowed
AllowEncodedSlashes NoDecode
# Container uses a unique non-signed certificate
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
# keep the host
ProxyPreserveHost On
# static html, js, images, etc. served from loolwsd
# loleaflet is the client part of LibreOffice Online
ProxyPass /loleaflet https://127.0.0.1:9980/loleaflet retry=0
ProxyPassReverse /loleaflet https://127.0.0.1:9980/loleaflet
# WOPI discovery URL
ProxyPass /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
ProxyPassReverse /hosting/discovery https://127.0.0.1:9980/hosting/discovery
# Endpoint with information about availability of various features
ProxyPass /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities retry=0
ProxyPassReverse /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities
# Main websocket
ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws nocanon
# Admin Console websocket
ProxyPass /lool/adminws wss://127.0.0.1:9980/lool/adminws
# Download as, Fullscreen presentation and Image upload operations
ProxyPass /lool https://127.0.0.1:9980/lool
ProxyPassReverse /lool https://127.0.0.1:9980/lool
</VirtualHost>
I have found the right reason of why canāt connect to my Collabora Online server, however donāt know how to solve it.
Reason: in richdocument 3.6.0, canāt set ports to others instead of 443 ?
In my wan network, port 443 is shielded. So that I set a port forwarding rule in my router.
External port: 54321, Internal Port: 443, Protocol: tcp , Ip: Ip of my centos server
and then using the External port ( https://office.domain.name:54321 ) to vist my Collabora Online server form internet. It works fine in richdocument 3.5.3.
I just tested it in the lan network under my router. And set the āURL (and Port) of Collabora Online-serverā to https://office.domain.name:443 or https://office.domain.name, then it says: Collabora Online server is reachable. However, Unreachable for https://office.domain.name:54321, and at the same time in my a nother nextcloud test server installed with richdocument 3.5.3, the https://office.domain.name:54321 still works fine.
So I think I have found this bug.
Any suggestion to solve this?
I have opened anoter Post on this issue: Can't set to other ports instead of 443 in richdocument 3.6.0?