Hello. I’m completely new to both NextCloud and Collabora. I’m trying to set this up for the first time. I seem to have the NextCloud part down, but I’m having trouble with Collabora. When I click on a doc, it spins for about 10 seconds and then gives me “Failed to connect to Collabora Online. Please try again later or contact your server administrator.” Here’s a breakdown of what I’ve done.
Sorry for the spaces below, the forum is telling me I can’t post more than 4 links…
I’m running a single Ubuntu 18.04 server dedicated to this. I’ve installed NextCloud via snap and changed the listening ports to 8080 and 8443. This seems to be fine.
nextcloud.enable-https self-signed
snap set nextcloud ports.http=8080 ports.https=8443
Then I installed Collabora with Docker as per their instructions. This also appears to be running as far as I can tell. It’s listening on TCP 9980. This is what I did specifically:
docker run -t -d -p 192.168.1.20:9980:9980 -e 'domain=nextcloud\\.example\\.net' --restart always --cap-add MKNOD collabora/code
I have DNS names set up for both, let’s say nextcloud.example.net and collabora.example.net. Collabora is a CNAME for nextcloud and they resolve correctly.
At first I tried with no proxy before changing the snap ports. I set up Collabora Online to connect several different ways such as https ://127.0.0.1:9980 and https://192.168.1.20:9980 and https ://collabora.example.net:9980. All had the same result. It spins opening a document and then times out with the aforementioned error.
Seeing all the talk of reverse proxies, I thought maybe this was really needed, so I changed the nextcloud listen ports and installed apache2 from apt. I enabled the apache2 modules as listed at https ://nextcloud.com/collaboraonline but used a different site config since I’m also passing nextcloud through it. Here is my full site config:
# NextCloud HTTP
<VirtualHost *:80>
ServerName nextcloud.example.net
ProxyPreserveHost On
ProxyPass / http ://nextcloud.example.net:8080/
ProxyPassReverse / http ://nextcloud.example.net:8080/
AllowEncodedSlashes NoDecode
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<IfModule mod_ssl.c>
# NextCloud HTTPS
<VirtualHost *:443>
ServerName nextcloud.example.net
ProxyPreserveHost On
ProxyPass / https ://nextcloud.example.net:8443/
ProxyPassReverse / https ://nextcloud.example.net:8443/
AllowEncodedSlashes NoDecode
SSLEngine On
# SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
# SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
SSLCertificateFile /etc/ssl/certs/_.example.net.pem
SSLCertificateKeyFile /etc/ssl/private/_.example.net.key
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
# Collabora HTTPS
<VirtualHost *:443>
ServerName collabora.example.net
ProxyPreserveHost On
ProxyPass / https ://collabora.example.net:9980/
ProxyPassReverse / https ://collabora.example.net:9980/
AllowEncodedSlashes NoDecode
SSLEngine On
# SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
# SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
SSLCertificateFile /etc/ssl/certs/_.example.net.pem
SSLCertificateKeyFile /etc/ssl/private/_.example.net.key
SSLProxyEngine On
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
</IfModule>
This also seems to be working, as far as I can tell. NextCloud and Collabora servers are using whatever self-signed SSL they came with. When I go to https ://nextcloud.example.net I reach my nextcloud interface and see my Let’s Encrypt wildcard cert from Apache. When I go to https ://collabora.example.net I get “OK” and that’s all, but according to some references I’ve seen to people pulling it with curl, that seems to be the expected response. I went to the Collabora Online config in NextCloud and set it to https://collabora.example.net (removed port number so it defaults to 443).
But, at the end of all that, I’m still in the same spot. When I click on a doc, it spins for a few seconds and them times out. I ran tshark on port 9980, and I can see them talking. They go back and forth for about 650 packets, then pause, and then about another 650 packets when the connection errors out. It’s all SSL so I can’t really see what was said. Although one of the IPs in the conversation is 172.17.0.2 which isn’t one of mine. I assume that’s a Docker NAT or something since it’s on the port 9980 end of the conversation? I’m new to Docker too.
I tried it again using the VirtualHost configuration as it is on https ://nextcloud.com/collaboraonline/ minus the names and certs. Same thing.
I’m not sure where to go from here since I’m new to these programs. Any help is much appreciated.