Hey guys!
I have a problem with my Nextcloud instance in connection with Collabora. My Nextcloud is in the network behind another computer that acts as a reverse proxy with apache. So my nextcloud cannot be reached directly from the outside but via the reverse proxy.
Now I have installed collabora as a docker container on the same host where the nextcloud is running. Everything works wonderfully in the internal network and collabora can be reached. Unfortunately, when I access it from the outside, I get a
โNot Found The requested URL was not found on this server.โ
I think it has to do with my reverse proxy config.
I attach the two configs.
10.0.0.4 is the Nextcloud server on which collabora also runs in docker - ( only internal reachable ) - running apache
10.0.0.6 is the server accessible from the WWW (via port forwarding) - running apache
The Docker container was started with the following command:
sudo docker run -t -d -p 127.0.0.1:9980:9980 -e 'domain = cloud \\. domain \\. com' -e "extra_params = - o: ssl.enable = false --o: ssl .termination = true "-e 'username = admin' -e 'password = admin' -e 'dictionaries = de en es ..' --restart always --cap-add MKNOD collabora / code
Can someone help me how to configure the reverse proxy correctly?
In the settings, the collabora server is displayed as reachable both externally and internally (even after saving again)
Greetings!
vHost file on nextcloud/collabora server:
<VirtualHost *:443>
ServerName office.spacyal.com
# Encoded slashes need to be allowed
SSLEngine on
SSLCertificateFile /home/office/ssl.cert
SSLCertificateKeyFile /home/office/ssl.key
SSLProtocol +TLSv1.2 +TLSv1.3
SSLCACertificateFile /home/office/ssl.ca
# keep the host
# static html, js, images, etc. served from loolwsd
# loleaflet is the client part of LibreOffice Online
SetEnvIf Host "^(.*)$" THE_HOST=$1
RequestHeader setifempty X-Forwarded-Proto https
RequestHeader setifempty X-Forwarded-Host %{THE_HOST}e
ProxyAddHeaders Off
ProxyPassMatch (.*)(\/websocket)$ "ws://[10.0.0.4/$1$2](http://10.0.0.4/$1$2)"
ProxyPass / "http://10.0.0.4/"
ProxyPassReverse / "http://10.0.0.4/"
</VirtualHost>
inspired by: document-server-proxy/apache at master ยท ONLYOFFICE/document-server-proxy ยท GitHub
vHost file on external reachable server
<VirtualHost 10.0.0.4:80>
ServerName office.domain.com
ServerAdmin webmaster@domain.com
</VirtualHost>
<VirtualHost 10.0.0.4:443>
ServerAdmin webmaster@domaincom
ServerName office.domain.com
Options -Indexes
# Container uses a unique non-signed certificate
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/ssloffice.cert
SSLCertificateKeyFile /etc/apache2/ssl/ssloffice.key
SSLProtocol +TLSv1.2 +TLSv1.3
SSLCACertificateFile /etc/apache2/ssl/ssloffice.ca
# Encoded slashes need to be allowed
AllowEncodedSlashes NoDecode
# Container uses a unique non-signed certificate
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
# keep the host
ProxyPreserveHost On
# static html, js, images, etc. served from loolwsd
# loleaflet is the client part of Collabora Online
ProxyPass /loleaflet http://127.0.0.1:9980/loleaflet retry=0
ProxyPassReverse /loleaflet http://127.0.0.1:9980/loleaflet
# WOPI discovery URL
ProxyPass /hosting/discovery http://127.0.0.1:9980/hosting/discovery retry=0
ProxyPassReverse /hosting/discovery http://127.0.0.1:9980/hosting/discovery
# Capabilities
ProxyPass /hosting/capabilities http://127.0.0.1:9980/hosting/capabilities retry=0
ProxyPassReverse /hosting/capabilities http://127.0.0.1:9980/hosting/capabilities
# Main websocket
ProxyPassMatch "/lool/(.*)/ws$" ws://127.0.0.1:9980/lool/$1/ws nocanon
# Admin Console websocket
ProxyPass /lool/adminws ws://127.0.0.1:9980/lool/adminws
# Download as, Fullscreen presentation and Image upload operations
ProxyPass /lool http://127.0.0.1:9980/lool
ProxyPassReverse /lool http://127.0.0.1:9980/lool
</VirtualHost>