Continuing the discussion from Collabora Set-up - guidance:
Summary of the issue you are facing:
Hello again, I am still having issues with my nextcloud/collabora set-up. To summarise, I have both nextcloud and collabora running on the same network (my swag network mode), usually I can curl -v each container from the other, and from the client. But regularly, this does not work, it seems to be very intermittent, I can use the office features then 5 mins later, “could not resolve host” errors occur.
This is really frustrating as I can’t see where I have gone wrong, I don’t understand how it can resolve most of the time, and then lose it again a few minutes later! And then 2 mins later it will work again.
Logs
Log entries
Nextcloud
Could not establish connection to the Collabora Online server.
Failed to connect to the remote server: cURL error 6: Could not resolve host: collabora.XXXXX.duckdns.org (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://collabora.XXXXX.duckdns.org/hosting/discovery
And Randomly:
RouteNotFoundException
Unable to generate a URL for the named route "richdocuments.document.editonline" as such route does not exist.
Configuration
Configs
Nextcloud
{
"system": {
"memcache.local": "\\OC\\Memcache\\APCu",
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"instanceid": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_proxies": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"192.168.1.30:450",
"nextcloud.XXX.duckdns.org"
],
"dbtype": "mysql",
"version": "31.0.2.1",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"overwrite.cli.url": "https:\/\/nextcloud.XXX.duckdns.org",
"overwriteprotocol": "https",
"overwritehost": "nextcloud.XXX.duckdns.org",
"default_phone_region": "GB",
"mail_smtpmode": "smtp",
"mail_sendmailmode": "pipe",
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"maintenance": false,
"theme": "",
"loglevel": 1,
"memories.exiftool": "\/config\/www\/nextcloud\/apps\/memories\/bin-ext\/exiftool-amd64-musl",
"memories.vod.path": "\/config\/www\/nextcloud\/apps\/memories\/bin-ext\/go-vod-amd64",
"memories.vod.ffmpeg": "\/usr\/bin\/ffmpeg",
"memories.vod.ffprobe": "\/usr\/bin\/ffprobe",
"filelocking.enabled": true,
"preview_max_x": 512,
"preview_max_y": 512,
"enable_previews": true,
"upgrade.disable-web": false,
"app_install_overwrite": [
"memories",
"metadata",
"files_rightclick",
"camerarawpreviews"
],
"memories.gis_type": 1,
"preview_concurrency_new": 8,
"preview_concurrency_all": 16,
"memories.db.triggers.fcu": true,
"memcache.locking": "\\OC\\Memcache\\Redis",
"memcache.distributed": "\\OC\\Memcache\\Redis",
"redis": {
"host": "***REMOVED SENSITIVE VALUE***",
"port": 6379,
"password": "***REMOVED SENSITIVE VALUE***",
"timeout": 1.5
},
"memories.viewer.high_res_cond_default": "always",
"enabledPreviewProviders": [
"OC\\Preview\\HEIC",
"OC\\Preview\\TIFF",
"OC\\Preview\\Movie",
"OC\\Preview\\Image",
"OC\\Preview\\MKV",
"OC\\Preview\\AVI",
"OC\\Preview\\mov"
],
"memories.vod.connect": "172.20.0.8:47788",
"memories.vod.bind": "172.20.0.8:47788",
"memories.vod.nvenc": true,
"memories.vod.disable": false,
"memories.vod.qf": 25,
"memories.vod.external": true,
"memories.vod.use_gop_size": true,
"memories.video_default_quality": "-2",
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpport": "587",
"mail_smtpauth": true,
"mail_smtpname": "***REMOVED SENSITIVE VALUE***",
"mail_smtppassword": "***REMOVED SENSITIVE VALUE***"
}
}
Proxy Conf
Collabora
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name collabora.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
location / {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app collabora;
set $upstream_port 9980;
set $upstream_proto https;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}
Nextcloud
server {
listen 443 ssl;
listen [::]:443 ssl;
http2 on;
server_name nextcloud.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
location / {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app nextcloud;
set $upstream_port 443;
set $upstream_proto https;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
proxy_hide_header Referrer-Policy;
proxy_hide_header X-Content-Type-Options;
proxy_hide_header X-Frame-Options;
proxy_hide_header X-XSS-Protection;
# Disable proxy buffering
proxy_buffering off;
}
}
Compose
Nextcloud
services:
nextcloud:
image: ghcr.io/linuxserver/nextcloud:latest
container_name: nextcloud
network_mode: swag_default
environment:
- PUID=1001
- PGID=100
- REDIS_HOST=redis
- REDIS_PORT=6379
- REDIS_HOST_PASSWORD=XXXXXXXXX
volumes:
- /srv/dev-disk-by-uuid-c3060981-d75c-4ea9-8285-2333c24522df/nextcloud:/config
- /srv/dev-disk-by-uuid-c3060981-d75c-4ea9-8285-2333c24522df/nextcloud-data:/data
- /srv/dev-disk-by-uuid-98804e17-cc15-4de0-bd6d-db601baa8792/ncpreviews:/data/appdata_ocrue0s1tf5r/preview
- /etc/localtime:/etc/localtime:ro
- type: tmpfs
target: /tmp:exec
depends_on:
- mariadb
restart: unless-stopped
mariadb:
image: ghcr.io/linuxserver/mariadb:latest
container_name: nextclouddb
network_mode: swag_default
environment:
- PUID=1001
- PGID=100
- MYSQL_ROOT_PASSWORD=XXXXXXXX
- TZ=Etc/GMT
volumes:
- /srv/dev-disk-by-uuid-c3060981-d75c-4ea9-8285-2333c24522df/mariadb:/config
- /etc/localtime:/etc/localtime:ro
restart: unless-stopped
Collabora
services:
collabora:
image: collabora/code
container_name: collabora
network_mode: swag_default
environment:
- username=admin
- password=XXXXXXX
- dictionaries=en_GB,en_US
cap_add:
- MKNOD
- SYS_ADMIN
ports:
- 9980:9980
restart: unless-stopped
privileged: true
Curl Output
When it works from Nextcloud container:
curl -v "https://collabora.XXX.duckdns.org"
* Host collabora.XXX.duckdns.org:443 was resolved.
* IPv6: (none)
* IPv4: my public IP
* Trying my public IP:443...
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* CAfile: /etc/ssl/cert.pem
* CApath: /etc/ssl/certs
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 / x25519 / id-ecPublicKey
* ALPN: server accepted http/1.1
* Server certificate:
* subject: CN=*.XXX.duckdns.org
* start date: Apr 5 00:14:22 2025 GMT
* expire date: Jul 4 00:14:21 2025 GMT
* subjectAltName: host "collabora.XXX.duckdns.org" matched cert's "*.nc28.duckdns.org"
* issuer: C=US; O=Let's Encrypt; CN=E5
* SSL certificate verify ok.
* Certificate level 0: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA384
* Certificate level 1: Public key type EC/secp384r1 (384/192 Bits/secBits), signed using sha256WithRSAEncryption
* Certificate level 2: Public key type RSA (4096/152 Bits/secBits), signed using sha256WithRSAEncryption
* Connected to collabora.XXX.duckdns.org (my public IP) port 443
* using HTTP/1.x
> GET / HTTP/1.1
> Host: collabora.XXX.duckdns.org
> User-Agent: curl/8.12.1
> Accept: */*
>
* Request completely sent off
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
< HTTP/1.1 200 OK
< Server: nginx
< Date: Sat, 12 Apr 2025 11:09:33 GMT
< Content-Type: text/plain
< Content-Length: 2
< Connection: keep-alive
< Last-Modified: Sat, 12 Apr 2025 11:09:33
< Strict-Transport-Security: max-age=63072000
< Referrer-Policy: same-origin
< X-Content-Type-Options: nosniff
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 1; mode=block
<
* Connection #0 to host collabora.XXX.duckdns.org left intact
Curl from collabora to nextcloud container:
curl -v "https://nextcloud.XXX.duckdns.org"
* Could not resolve host: nextcloud.XXX.duckdns.org
* Closing connection 0
curl: (6) Could not resolve host: nextcloud.XXX.duckdns.org
Then 2 mins later:
cool@6b8cf314cc6f:/$ curl -v "https://nextcloud.XXX.duckdns.org"
* Trying my public IP:443...
* Connected to nextcloud.XXX.duckdns.org (my public IP) port 443 (#0)
* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted h2
* Server certificate:
* subject: CN=*.XXX.duckdns.org
* start date: Apr 5 00:14:22 2025 GMT
* expire date: Jul 4 00:14:21 2025 GMT
* subjectAltName: host "nextcloud.XXX.duckdns.org" matched cert's "*.XXX.duckdns.org"
* issuer: C=US; O=Let's Encrypt; CN=E5
* SSL certificate verify ok.
* using HTTP/2
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: nextcloud.XXX.duckdns.org]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 1 (easy handle 0x5560ca8ab780)
> GET / HTTP/2
> Host: nextcloud.XXX.duckdns.org
> user-agent: curl/7.88.1
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
< HTTP/2 302
< server: nginx
< date: Sat, 12 Apr 2025 11:21:02 GMT
< content-type: text/html; charset=UTF-8
< set-cookie: oc_sessionPassphrase=P5Qw6dR0HvpDQoxbi6oRAiciOczf%2FYbiRkXDMPd0SSi3lB0RRpXhVPt8nC9tKsDWPw1wH84yrsH4qXArqI4SSVwlZGqe0JWbNIzLGle8lu16h0iw%2B%2F4AYw8GoDSWYzLw; path=/; secure; HttpOnly; SameSite=Lax
< content-security-policy: default-src 'self'; script-src 'self' 'nonce-CW/sFtVaVm6KHwDWgXwYKfmBoeWGeSG+uQLi/aHmvdM='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self';
< set-cookie: __Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax
< set-cookie: __Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
< set-cookie: ocrue0s1tf5r=8d8n34hu7i9c9din6k0c1gsugc; path=/; secure; HttpOnly; SameSite=Lax
< location: https://nextcloud.XXX.duckdns.org/login
< x-download-options: noopen
< x-permitted-cross-domain-policies: none
< x-robots-tag: noindex, nofollow
< strict-transport-security: max-age=63072000
< referrer-policy: same-origin
< x-content-type-options: nosniff
< x-frame-options: SAMEORIGIN
< x-xss-protection: 1; mode=block
<
* Connection #0 to host nextcloud.XXX.duckdns.org left intact
Understandably, it can be hard to grab a curl from when it is not working, as it is intermittent.
In addition to the above, this section never populates, even when collabora is working:
This works just fine when I use collabora local address in nextcloud/
Please could you help to support my troubleshooting of this issue? Thanks!