As I’ve seen tons and tons of questions about collabora and people often getting confused, I’ve decided to write down a very easy setup for nextcloud/owncloud to run with collabora on the same server in a few simple steps.
-
Add keyserver to your OS:
apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
-
Add repository & update repo:
apt-add-repository 'deb https://apt.dockerproject.org/repo ubuntu-xenial main' && apt-get update
-
Install docker & download collabora-container from repo:
apt-get install -y docker-engine && service docker start && docker pull collabora/code
-
Start docker with collabora:
docker run -t -d -p 127.0.0.1:9980:9980 -e 'domain=your\\.domain\\.ch' --restart always --cap-add MKNOD collabora/code
-
Check if docker (with collabora) is running on the correct port:
netstat -lntp
-
Check all running docker-containers:
docker ps
-
Note the conainer-ID:
ad934g496063... (just an example)
-
Add your selfsigned or wildcard-certificate to the ca-bundle of ownCloud/Nextcloud:
docker exec [containerID] cat /etc/loolwsd/ca-chain.cert.pem >> /var/www/html/nextcloud/resources/config/ca-bundle.crt
-
Activate apache2-modules and restart the apache server:
a2enmod proxy proxy_wstunnel proxy_http ssl && service apache2 restart
-
add proxy-settings to your running apache-configuration (sites-enabled/owncloud.conf or nextcloud.conf) [maybe improvements needed?], add these lines right after at top of your SSL-settings (eq: <Virtualhost *.443):
AllowEncodedSlashes NoDecode # Container uses a unique non-signed certificate SSLProxyEngine On SSLProxyVerify None SSLProxyCheckPeerCN Off SSLProxyCheckPeerName Off # keep the host ProxyPreserveHost On # static html, js, images, etc. served from loolwsd # loleaflet is the client part of LibreOffice Online ProxyPass /loleaflet https://127.0.0.1:9980/loleaflet retry=0 ProxyPassReverse /loleaflet https://127.0.0.1:9980/loleaflet # WOPI discovery URL ProxyPass /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0 ProxyPassReverse /hosting/discovery https://127.0.0.1:9980/hosting/discovery # Main websocket ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws nocanon # Admin Console websocket ProxyPass /lool/adminws wss://127.0.0.1:9980/lool/adminws # Download as, Fullscreen presentation and Image upload operations ProxyPass /lool https://127.0.0.1:9980/lool ProxyPassReverse /lool https://127.0.0.1:9980/lool
11 . Activate collabora-app and put the collabora-link to:
https://your.domain.ch
Hope this howto will help our mostly self-hosting administrators to work with
(06.04.2017) Update - Adjusted the following settings to mach most recent collabora-image:
> Apache host-config: AllowEncodedSlashes NoDecode
> Apache host-config: ProxyPassMatch “/lool/(.*)/ws$” wss://127.0.0.1:9980/lool/$1/ws nocanon
> Collabora-APP URL: https://your.domain.ch