Operating system and version (e.g., Ubuntu 24.04):
debian 12
Is this the first time you’ve seen this error? (Yes / No):
Yes
When did this problem seem to first start?
from migration
Installation method (e.g. AlO, NCP, Bare Metal/Archive, etc.)
AIO
Summary of the issue you are facing:
I migrated an instance of AIO that was running on a vps to a self-hosted server.
So far I can access it through my local network and from the outside through a domain name. I am using the AIO interface to have Collabora enabled, which was enough on my previous instance (if I’m not forgetting an extra step I might have done before), but on this one it seems the collabora server is not reachable. I tried to add the CODE app without result. The error seems to come from the mastercontainer not being able to reach the collabora one.
I pasted the log I have, but so far I’m confused, is this issue coming from my server configuration or rather from my home network ?
Log entries
Nextcloud
Failed to fetch discovery: cURL error 28: Connection timed out after 5002 milliseconds (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://my.domain/hosting/discovery
Mastercontainer
sudo docker exec -it nextcloud-aio-nextcloud bash
Warning: You have logged in into the Nextcloud container as root user.
See https://github.com/nextcloud/all-in-one#how-to-run-occ-commands if you want to run occ commands.
Apart from that, you can use 'sudo -E -u www-data php occ <your-command>' in order to run occ commands.
Of course <your-command> needs to be substituted with the command that you want to use.
35509d7bf977:/var/www/html# curl https://my.domain/hosting/discovery
curl: (35) TLS connect error: error:00000000:lib(0)::reason(0)
It looks like the Collabora container can’t reach your domain due to a TLS or network issue. This often happens after migrating AIO to a local setup where NAT loopback isn’t working.
Works after adding the IP to /etc/hosts, and in the settings I have this status
Collabora Online server is reachable.
Collabora Online Development Edition 24.04.13.3 b7ba9a23ba
URL used by the browser: https://old.domain
Nextcloud URL used by Collabora: https://my.domain (Determined from the browser URL)
Certificate check states * SSL certificate verify ok.
I do have an XML file at https://my.domain/hosting/discovery
I don’t have any traefik container, but the collabora one is full of timeout errors, which makes sense.
Collabora is indeed enabled in the AIO interface.
When I try to open a document I encounter a Failed to load Nextcloud Office - please try again later error and have this in the collabora container
wsd-00007-00029 2025-05-20 15:49:58.460236 +0000 [ websrv_poll ] WRN #30: CheckTimeout: Timeout while requesting [GET my.domain/index.php/apps/richdocuments/wopi/files/106645_ocv4bgnvlopj?access_token=cbctXONghUl9nVFKzOW6lK5jVyrjE06k&access_token_ttl=0] after 34581ms| net/HttpRequest.hpp:1813
wsd-00007-00029 2025-05-20 15:49:58.460265 +0000 [ websrv_poll ] ERR #30: WOPI::CheckFileInfo failed for URI [https://my.domain/index.php/apps/richdocuments/wopi/files/106645_ocv4bgnvlopj?access_token=cbctXONghUl9nVFKzOW6lK5jVyrjE06k&access_token_ttl=0]: 0 (Unknown) . Headers: Body: []| wsd/wopi/CheckFileInfo.cpp:102
wsd-00007-00029 2025-05-20 15:49:58.460271 +0000 [ websrv_poll ] ERR #30: Invalid URI or access denied to [https://my.domain/index.php/apps/richdocuments/wopi/files/106645_ocv4bgnvlopj?access_token=cbctXONghUl9nVFKzOW6lK5jVyrjE06k&access_token_ttl=0]| wsd/wopi/CheckFileInfo.cpp:117
The status of collabora is weird, it still somehow reminds the old domain name from before I migrated to this server. And manual edits to /etc/hosts will be lost in case of reboot right ?
I’m facing a similar issue after changing routers that doesn’t support NAT hairpinning directly.
Since updating the hosts file inside nextcloud-aio-nextcloud does appear to make it work. What would be a better solution, since if you need to restart the containers all the way the changes would be lost?
Is there a better configuration?
Appreciate any help this issue took me a while to figure out after updating!
I tried to follow this tutorial before sending my request, but something is likely off. My home internet box allows me to redirect port 443 to my internal server’s port 443. I also have a pihole instance redirecting the domain to my server’s internal IP (192.168.xx.xx). Isn’t this what is described in the split-brain DNS tutorial ? I have the feeling I’m either missing something obvious or my box simply can’t be configured the appropriate way.
