Collabora + Reverseproxy

ℹ️ Support 📄 Collabora
1

Hello,

I try to install collabora on my running nextcloud 15.0.9 Installation:

Unbenannt
Unbenannt.JPG1094×1019 80.6 KB

But my Problem is: I get no connection from nextcloud to collabora (collabora online could not be loaded - try again later).

This is the /etc/apache2/sites-available/collabora.nextcloud-ssl.conf on the ReverseProxy:

<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName collabora.myfirstcloud.dynvpn.de

Include /etc/letsencrypt/options-ssl-apache.conf

# Encoded slashes need to be allowed
AllowEncodedSlashes NoDecode

# Container uses a unique non-signed certificate
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off

# keep the host
ProxyPreserveHost On

# static html, js, images, etc. served from loolwsd
# loleaflet is the client part of LibreOffice Online
ProxyPass /loleaflet https://192.168.3.204:9980/loleaflet retry=0
ProxyPassReverse /loleaflet https://192.168.3.204:9980/loleaflet

# WOPI discovery URL
ProxyPass /hosting/discovery https://192.168.3.204:9980/hosting/discovery retry=0
ProxyPassReverse /hosting/discovery https://192.168.3.204:9980/hosting/discovery

# Main websocket
ProxyPassMatch "/lool/(.*)/ws$" wss://192.168.3.204:9980/lool/$1/ws nocanon

# Admin Console websocket
ProxyPass /lool/adminws wss://192.168.3.204:9980/lool/adminws

# Download as, Fullscreen presentation and Image upload operations
ProxyPass /lool https://192.168.3.204:9980/lool
ProxyPassReverse /lool https://192.168.3.204:9980/lool

SSLCertificateFile /etc/letsencrypt/live/collabora.firstcloud.dynvpn.de/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/collabora.firstcloud.dynvpn.de/privkey.pem
</VirtualHost>
</IfModule>

This is the /etc/apache2/sites-available/collabora.firstcloud.dynvpn.de.conf on the Collabora Docker Client:

<VirtualHost *:80>
ServerName collabora.firstcloud.dynvpn.de
DocumentRoot /var/www/html
</VirtualHost>


<VirtualHost *:9080>
ServerName collabora.firstcloud.dynvpn.de

# Encoded slashes need to be allowed
AllowEncodedSlashes NoDecode

# Container uses a unique non-signed certificate
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off

# keep the host
#ProxyPreserveHost On

# static html, js, images, etc. served from loolwsd
# loleaflet is the client part of LibreOffice Online
ProxyPass           /loleaflet https://127.0.0.1:9980/loleaflet retry=0
ProxyPassReverse    /loleaflet https://127.0.0.1:9980/loleaflet

# WOPI discovery URL
ProxyPass           /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
ProxyPassReverse    /hosting/discovery https://127.0.0.1:9980/hosting/discovery

# Main websocket
ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws nocanon

# Admin Console websocket
ProxyPass   /lool/adminws wss://127.0.0.1:9980/lool/adminws

# Download as, Fullscreen presentation and Image upload operations
ProxyPass           /lool https://127.0.0.1:9980/lool
ProxyPassReverse    /lool https://127.0.0.1:9980/lool

# Endpoint with information about availability of various features
ProxyPass           /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities retry=
0
ProxyPassReverse    /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities
</VirtualHost>

Docker/collabora is running:

docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e7cf32a6aea5 collabora/code “/bin/sh -c 'bash st…” 9 hours ago Up 4 minutes 127.0.0.1:9980->9980/tcp keen_stonebraker

Is it normal when I try: curl http://127.0.0.1:9980/loleaflet/dist/admin/admin.html

to get:

curl: (56) Recv failure: Die Verbindung wurde vom Kommunikationspartner zurückgesetzt

I have spent hours with troubleshooting. Who could give me a hint as to how I can get on best?

Thank you!

Tony

2

I try to find a solution. So I saw I have a wrong port in the apache config in the collabora client.

Is an apache required in my configuration? :thinking:

3

Hi tony.blue,
my config is very similar but its only diffs that i use docker container for nc and lool.

First of all you should enable the debug log file config for your apache, nextcloud and collabora container and get a deeper look in the log files. Then you should be use fqdn for your config at every point to avoid config mismatch. To be sure collabora works properly please call https://fqdn/hosting/discovery from outside and you should get as answer the wopi discovery xml setup file.

Most mistakes in this config are caused by misconfigured loolwsd.xml at the collabora container and config.php in the nc setup.

Regards,
Ralf

4

Hello Ralfi,

thank you for your answer. Would it be possible that you send/post me your configuration-files (virtualHosts) of the ReverseProxy and the collabora DockerContainer?

Thanks in advance!

Tony

5

CONFIG for LOOL

de
office.FQDN.de.png808×802 84.6 KB

CONFIG for NC

de
nextcloud.fqdn.de.png884×606 71.7 KB

You should be notice that

  • 172.18.1.3 is the internal docker IP from the LOOL container
  • 172.18.1.4 is the internal docker ip from the NC container

Please take a look at this …

nc-lool-abstract
nc-lool-abstract.png1068×740 91.3 KB

Regards, Ralfi

6

If you are using Docker, I strongly recommend docker-compose. I had a lot of problems getting Collabora to work, and nothing I did with it worked until I moved my setup to docker-compose and had it create a network for the group.

I’m glad I did because I ended up having five containers in my setup (Nextcloud, mariadb, redis, Collabora, coturn).

7

Yes, KarlF12, you are right, i am also do it with a user-defined network (172.18.1.0) but you really do not need docker-compose.

I am a little bit sceptical with all sripted solutions - unless they are mine :wink: - as long as i do not quite know what they are doing …

Regards,
Ralfi