Collabora - unauthorised WOPI-Host

godfuture · May 29, 2018, 11:35pm

How would the solution look for nginx? Thx!

ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_ecdh_curve secp384r1;
ssl_session_timeout  10m;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;

proxy_buffering off;

# static files
location ^~ /loleaflet {
	proxy_pass https://localhost:8110;
	proxy_set_header Host $http_host;
}

# WOPI discovery URL
location ^~ /hosting/discovery {
	proxy_pass https://localhost:8110;
	proxy_set_header Host $http_host;
}

# main websocket
location ~ ^/lool/(.*)/ws$ {
   proxy_pass https://localhost:8110;
   proxy_set_header Upgrade $http_upgrade;
   proxy_set_header Connection "Upgrade";
   proxy_set_header Host $http_host;
   proxy_read_timeout 36000s;
}

# download, presentation and image upload
location ~ ^/lool {
   proxy_pass https://localhost:8110;
   proxy_set_header Host $http_host;
}

# Admin Console websocket
location ^~ /lool/adminws {
   proxy_pass https://localhost:8110;
   proxy_set_header Upgrade $http_upgrade;
   proxy_set_header Connection "Upgrade";
   proxy_set_header Host $http_host;
   proxy_read_timeout 36000s;
}