Collabora Server for Secure View

denis_ferreira · February 24, 2023, 10:00am

Hello,

Basically I am trying to install Collabora on my Nextcloud Hub (25.0.4)
I went to the apps section and installed “Collabora Online - Built-in CODE Server” which then tells me I should install Nextcloud Office.
When I Download and install it causes the server to crash and throw Gateway Timeouts.
Nextcloud Logs:

Error richdocuments GuzzleHttp\Exception\ConnectException: cURL error 28: Operation timed out after 45001 milliseconds with 0 out of 0 bytes received (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://sensitive.com/apps/richdocumentscode/proxy.php?req=/hosting/capabilities

What am I missing I tried already a few things like changing the timeouts in:

nano /var/www/html/nextcloud/lib/private/Http/Client/Client.php
nano /var/www/html/nextcloud/lib/private/Installer.php
nano /var/www/html/nextcloud/apps/files_sharing/lib/External/Storage.php

I am using Red Hat Enterprise Linux 8.7 on a postgres 14 the base installation works fine even ldap and other apps.

I followed this setup and added https to it Example installation on CentOS 8 — Nextcloud latest Administration Manual latest documentation

https://example.com/apps/richdocumentscode/proxy.php?req=/hosting/capabilities →

{
"convert-to":{"available":true,"endpoint":"/cool/convertto"},
"hasMobileSupport":true,
"hasProxyPrefix":true,
"hasTemplateSaveAs":false,
"hasTemplateSource":true,
"productName":"Collabora Online Development Edition",
"productVersion":"22.05.8.2",
"productVersionHash":"sensitive",
"serverId":"sensitive"
}

wwe · February 25, 2023, 5:50pm

hello @denis_ferreira welcome to the forum

likely the problem is not a timeout but some other (networking) issue which prevents the system from accessing the CODE instance… depending on your instillation this could be DNS issue, reverse proxy or webserver config.

Application activation freezes Nextcloud instance

opened 10:10AM - 19 Oct 21 UTC

closed 06:02AM - 29 Oct 21 UTC

Ollie89

### Steps to reproduce 1. Installing and Activating via Store or via OCC (app:i…nstall richdocuments) ### Expected behaviour After the installation and activation of the richdocuments application from the store, I expect to access the settings in order to perform the configuration. ### Actual behaviour The installation and activation of the richdocuments application from the store works, however, the Nextcloud instance then times out. Accessing the instance isn't possible anymore until the application is disabled via OCC. ### Server configuration **Operating system**: Description: Ubuntu 20.04.3 LTS Release: 20.04 Codename: focal **Web server:** Apache **Database:** MariaDB **PHP version:** 7.4 **Nextcloud version:** (see Nextcloud admin page) 22.2.0 (also affected 21.* Versions) **Updated from an older Nextcloud/ownCloud or fresh install:** Updated from older Nextcloud **Where did you install Nextcloud from:** Nextcloud **Signing status:** No errors have been found. **List of activated apps:** Enabled: - accessibility: 1.8.0 - activity: 2.15.0 - bruteforcesettings: 2.2.0 - calendar: 2.3.4 - circles: 22.1.1 - cloud_federation_api: 1.5.0 - comments: 1.12.0 - contacts: 4.0.3 - contactsinteraction: 1.3.0 - dashboard: 7.2.0 - dav: 1.19.0 - facerecognition: 0.8.3 - federatedfilesharing: 1.12.0 - federation: 1.12.0 - files: 1.17.0 - files_pdfviewer: 2.3.0 - files_rightclick: 1.1.0 - files_sharing: 1.14.0 - files_trashbin: 1.12.0 - files_versions: 1.15.0 - files_videoplayer: 1.11.0 - firstrunwizard: 2.11.0 - logreader: 2.7.0 - lookup_server_connector: 1.10.0 - mail: 1.10.5 - nextcloud_announcements: 1.11.0 - notifications: 2.10.1 - oauth2: 1.10.0 - password_policy: 1.12.0 - photos: 1.4.0 - privacy: 1.6.0 - provisioning_api: 1.12.0 - recommendations: 1.1.0 - richdocuments: 4.2.3 - serverinfo: 1.12.0 - settings: 1.4.0 - sharebymail: 1.12.0 - spreed: 12.1.2 - support: 1.5.0 - survey_client: 1.10.0 - systemtags: 1.12.0 - text: 3.3.0 - theming: 1.13.0 - twofactor_backupcodes: 1.11.0 - updatenotification: 1.12.0 - user_status: 1.2.0 - viewer: 1.6.0 - weather_status: 1.2.0 - workflowengine: 2.4.0 Disabled: - admin_audit - encryption - files_external - user_ldap **The content of config/config.php:** $CONFIG = array ( 'instanceid' => '', 'passwordsalt' => '', 'secret' => '', 'trusted_domains' => array ( 0 => '1.1.1.1', 1 => 'domain1', 2 => 'domain2', ), 'datadirectory' => '/mnt/drive/nextcloud', 'dbtype' => 'mysql', 'version' => '22.2.0.2', 'dbname' => 'database', 'dbhost' => '0.0.0.0', 'dbport' => '', 'dbtableprefix' => 'oc_', 'mysql.utf8mb4' => true, 'dbuser' => 'dbuser', 'dbpassword' => 'dbpassword', 'installed' => true, 'maintenance' => false, 'data-fingerprint' => '', 'trusted_proxies' => array ( 0 => '0.0.0.0', ), 'default_phone_region' => 'DE', 'loglevel' => 3, 'mail_smtpmode' => 'smtp', 'mail_smtpsecure' => 'tls', 'mail_sendmailmode' => 'smtp', 'mail_from_address' => 'cloud', 'mail_domain' => 'domain.com, 'mail_smtphost' => '123.server.com', 'mail_smtpport' => '587', **Are you using external storage, if yes which one:** local/smb/sftp/... No **Are you using encryption:** yes/no No **Are you using an external user-backend, if yes which one:** LDAP/ActiveDirectory/Webdav/... No ### Client configuration 1 **Browser:** Opera Firefox Safari **Operating system:** macOS 11.6 ### Client configuration 2 **Browser:** Opera Firefox Edge Chrome **Operating system:** Windows 10 1909 (ENT) ### Logs #### Web server error log [Tue Oct 19 10:06:25.189751 2021] [mpm_prefork:notice] [pid 153986] AH00163: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f configured -- resuming normal operations [Tue Oct 19 10:06:25.189780 2021] [core:notice] [pid 153986] AH00094: Command line: '/usr/sbin/apache2' #### Nextcloud log (data/nextcloud.log) Cleared all entries, changed debug to 1. Restarted apache2 service = empty logs Removing/renaming file nextcloud/apps/richdocuments/lib/AppInfo/Applications.php makes instance responsive, therefore seems to be related. #### Browser log N(index):1370 crbug/1173575, non-JS module files deprecated. (anonymous) @ (index):1370

github.com/nextcloud/richdocuments

RichDocuments built-in CODE causes significant slowdown/timeout issues

opened 01:12PM - 07 Dec 20 UTC

eganonoa

bug 2. developing high

Over the last couple of weeks Snap and Docker versions of Nextcloud have updated… to version 2.0.2 (snap on Friday). After the upgrade the connection to Nextcloud, particularly via the web-interface, slows to a crawl and/or times out. It appears to be caused by richdocuments/collabora. What is strange about this is that you cannot see easily identify the problem: basic analytics show no major increase in load on the CPU, Ram or I/O, the logs don't immediately show anything out of the ordinary. If you open top/htop on the server, however, and observe for a while you can see big, temporary spikes where available CPU's are maxed out by richdocuments/the Appimage related to Collabora and the Code server. When you go to the admin settings under collabora you can see an error that says that it cannot establish a connection to the in-built CODE server. The performance problem can be fixed by disabling both the collabora and code server apps: either in the web interface if you can get there through the performance issues, or in the server terminal (sudo snap run nextcloud.occ app:disable richdocuments ; sudo snap run nextcloud.occ app:disable richdocumentscore). After doing that normal service is resumed entirely across the Nextcloud server. This indicates that the failure to establish a connection to the inbuilt CODE server is the underlying problem and that there is something that happens when upgrading from Nextcloud v. 2.0.1 to 2.0.2 that causes it to break. Strangely, however, this is an issue that only appears to be present in Nextcloud Snap (where slowdown occurs) and Docker (where timeouts occur) and doesn't appear to have been reported by users of the regular Nextcloud: see threads on Nextcloud Community Forum (https://help.nextcloud.com/t/nextcloud-20-0-2snap2-interface-incredibly-slow/100304), Nextcloud Snap Github (https://github.com/nextcloud/nextcloud-snap/issues/1569), and Nextcloud Reddit (https://www.reddit.com/r/NextCloud/comments/k7b1of/extremely_slow_interface_nextcloud_snap/).

Please use the search regarding built-in CODE server, lot of issues has been discussed already.

denis_ferreira · March 30, 2023, 9:13am

We could not exactly identify why the redhat server was not able to download the packages.
We experienced similar issues while trying to manually install the coolwsd package on the server.

Since then we managed to install collabora.

Issues since then are:

I cannot open documents and secure view is not working
Admin pannel is not accessible under https://example.com/browser/dist/admin/admin.html and in the browser one can see WebSocket connection to ‘wss://example.com/cool/adminws/’ failed:

CODE proxy:

<VirtualHost *:80>
ServerName example.com
Redirect permanent / https://example.com/

<VirtualHost *:443>
ServerName example.com
SSLEngine on

    SSLCertificateFile cer
    SSLCertificateKeyFile key
    SSLCertificateChainFile crt

– Reverse proxy for Collabora Online
AllowEncodedSlashes NoDecode
ProxyPreserveHost On

– static html, js, images, etc. served from coolwsd
–browser is the client part of Collabora Online

ProxyPass / http://localhost:9980/
ProxyPassReverse / http://localhost:9980/

ProxyPass /browser http://127.0.0.1:9980/browser retry=0
ProxyPassReverse /browser http://127.0.0.1:9980/browser

– WOPI discovery URL
ProxyPass /hosting/discovery http://127.0.0.1:9980/hosting/discovery retry=0
ProxyPassReverse /hosting/discovery http://127.0.0.1:9980/hosting/discovery

– Capabilities
ProxyPass /hosting/capabilities http://127.0.0.1:9980/hosting/capabilities retry=0
ProxyPassReverse /hosting/capabilities http://127.0.0.1:9980/hosting/capabilities

– Main websocket
ProxyPassMatch “/cool/(.*)/ws$” ws://127.0.0.1:9980/cool/$1/ws nocanon

– Admin Console websocket
ProxyPass /cool/adminws ws://127.0.0.1:9980/cool/adminws

– Download as, Fullscreen presentation and Image upload operations
ProxyPass /cool http://127.0.0.1:9980/cool
ProxyPassReverse /cool http://127.0.0.1:9980/cool
– Compatibility with integrations that use the /lool/convert-to endpoint
ProxyPass /lool http://127.0.0.1:9980/cool
ProxyPassReverse /lool http://127.0.0.1:9980/cool

Nextcloud proxy:

<VirtualHost *:80>
ServerName example2.com
Redirect permanent / https://example2.com/

<VirtualHost *:443>
ServerName example2.com

– SSL configuration
SSLEngine on
SSLCertificateFile cer
SSLCertificateKeyFile key
SSLCertificateChainFile crt

– Nextcloud configuration
DocumentRoot “/var/www/html/nextcloud”
<Directory “/var/www/html/nextcloud”>
AllowOverride All
Options FollowSymLinks MultiViews
Require all granted

– PHP-FPM configuration
<FilesMatch .php$>
SetHandler “proxy:unix:/run/php-fpm/www.sock|fcgi://localhost”

Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"

Nextcloud config:

?php
$CONFIG = array (
‘directory’ => ‘/var/www/html/nextcloud/data’,
// ‘overwrite.cli.url’ => ‘’,
‘trusted_domains’ =>
array (
0 => ‘’,
),
‘allow_local_remote_servers’ => true,
‘datadirectory’ => ‘/var/www/html/nextcloud/data’,
‘dbtype’ => ‘’,
‘dbname’ => ‘’,
‘dbhost’ => ‘’,
‘dbport’ => ‘’,
‘dbtableprefix’ => ‘oc_’,
‘dbuser’ => ‘’,
‘dbpassword’ => ‘’,
// ‘proxy’ => ‘’,
‘redis’ =>
array (
‘host’ => ‘localhost’,
‘port’ => 6379,
),
‘memcache.local’ => ‘\OC\Memcache\APCu’,
‘filelocking.enabled’ => true,
‘memcache.locking’ => ‘\OC\Memcache\Redis’,
‘instanceid’ => ‘’,
‘passwordsalt’ => ‘’,
‘secret’ => ‘’,
‘version’ => ‘25.0.4.1’,
‘installed’ => true,
‘ldapProviderFactory’ => ‘OCA\User_LDAP\LDAPProviderFactory’,
);

In coolwsd.xml I added:

storage.wopi example2.com
Did not change default storage.ssl config
Added in net.post_allow example.com
ssl.enable = false and ssl.termination = true

When removing these line from collabora.conf (proxy)
ProxyPass / http://localhost:9980/
ProxyPassReverse / http://localhost:9980/

I regain acces to the admin pannel under: https://example.com/browser/dist/admin/admin.html

Once I add those I lose access to that panel

wwe · March 30, 2023, 11:48am

please follow the guide I provided.

I don’t know what are tring to achieve the configs are related to Collabora please ask in the right forum