Dear All,
I’ve recently followed the following guild to setup NextCloud on a LAMP server stack on Ubuntu 24 headless server.
PHP version 8.3.6
MariaDB version 10.11.8-MariaDB-0ubuntu0.24.04.1 Ubuntu 24.04
NextCloud version 31.0.2
The online office software function did not work out of the box and I’ve tried to follow various guides to get it working without much luck. Can someone please direct me to a know good guide for getting the CODE backed editors working?
Thanks.
A few more details that I missed.
The server hosting Next cloud is sat behind a router that has it’s own WIFI and Ethernet network. I only use that network for untrusted devices, aside from the server. The server shares the internet connection through to a managed ethernet switch with two VLANs.
The WAN router port forwards 80 and 443 to the server. The servers firewall is configured using nftables. I use an online ddns service to allow my dynamic IP address to be addressed by a URL.
I have file sync working floorlessly for remote devices such as my android connected to the 4/5G network. From inside I tend to use the servers internal IP address rather than the external URL to point to the nextcloud server. This does mean the browsers tend to complain about the HTTPS certificates, but otherwise tends to work fine.
I do intend to try to get the DNS server on the server to point itself rather that relay the enquiry to an external DNS server. At the moment when I request the URL on an internal browser it shows the admin interface if the WAN router. I guess the easiest thing to do may be to move Nextcloud onto two other ports for HTTP and HTTPS and get the router to forward these instead. Then internal requests to 80 / 443 won’t be assumed to be requests to get access to the routers admin pages.
All that said I was testing the Office app via my Android when it was connected to a 5G network, rather than one of my own networks.
For the integrated build-in i think you must only install the two apps:
Nextcloud Office and Collabora Online - Built-in CODE Server
(or for ARM64 Collabora Online - Built-in CODE Server (ARM64)).
After that look the settings in index.php/settings/admin/richdocuments
amd index.php/settings/admin/richdocumentscode.
Morning. I’ve logged on to the server and looked for the settings file you refer to. On my system index.php is a file ratehr than a folder, and in it there I searced for ‘rich’ and found nothing. There is also no settings folder in the root directory of my nextcloud site, which I currently have in /var/www/nextcloud. Nothing look similar in the config directory either, only config.php and config.sample.php. Niether of these have ‘rich’ in them.
Ok. Go in Nextcloud GUI → “right top” → “Apps” → “Your apps” and install the apps Nextcloud Office and Collabora Online - Built-in CODE Server. After that look in your administration settings. Post e.g. screenshots or errors.
Thanks for the help. I’ll be back on it, on Monday.
Oh, i just had writed two topocks here about my struggle.
You need nextcloud manual+collabora online reverce proxy manual example (i used ssl termination) but if you have built-in code - port in proxy will be 9983 not 9980. Then you maybe will need to disable strict https security to get rid of curl out of time errors and enable OOXML to make new documents creation work fast. Dont forget to play with allowed ips in woip config, you can add there even a server FQDN, also the same about allowed ips and domains in nextcloud security settings and in config.php of nextcloud. Good luck.
The apps you have listed are already installed. These are screenshots from both my desktop on the local net and my mobile device via the WAN.
I do have a potential issue with the SSL certificates. I’ve created certificates for the address I’ve linked with a DDNS service provider, but I can’t use that address internally. The residential grade 5G modem (UK based, 3 service provider, ZTE MC888) points all attempts to access the DDNS registered address (with appropriate port forwarding on the router - hence the mobile device can see the nextcloud site) towards it’s own admin page, or blocks connection to ports other than 80 or 443.
I had a look at the richcodedocumentscode config file and it is talking a lot about coolwsd, which is not installed.
This is the screen on the mobile device when trying to connect:
The log file has a lot I’m not comfortable sharing openly (IP Addresses, usernames etc). That Said I cleared the log and attempted a connection. Here are some sections of log text that seem relevant:
"Failed to convert preview: cURL error 7: Failed to connect to A.B.C port 666 after 32 ms: Couldn't connect to server (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://A.B.C:666/apps/richdocumentscode/proxy.php?req=/cool/convert-to/png"
"Could not decrypt or decode encrypted session data"
"Failed to convert preview: cURL error 7: Failed to connect to A.B.C port 666 after 0 ms: Couldn't connect to server (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://A.B.C:666/apps/richdocumentscode/proxy.php?req=/cool/convert-to/png"
"Could not decrypt or decode encrypted session data"
"Failed to convert preview: cURL error 7: Failed to connect to A.B.C port 666 after 0 ms: Couldn't connect to server (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://A.B.C:666/apps/richdocumentscode/proxy.php?req=/cool/convert-to/png"
"Could not decrypt or decode encrypted session data"
"Call to a member function xpath() on false in file '/var/www/nextcloud/apps/richdocuments/lib/WOPI/Parser.php' line 41"
Server address mangled to A.B.C, and my chosen port isn’t 666. The client uses these addresses for file sync fine.
This is a simplification of the network setup.
Many irrelevant devices are left off. There are devices that connect to the modem that I wouldn’t want to have full access to the rest of my network devices. No issues connecting to the internet from my LAN computer, but I can only access the Nextcloud internally if I use the servers LAN address, rather than the Modem’s WAN address which is setup to port forward to the server.
Edit: Not sure why I didn’t think of this before but added the DDNS URL to the /etc/hosts on the LAN computer and now I can use the same address as on the Mobile device with no issues.
Edit2: Services running on the server include: apache2, apsupcd (UPS monitor), dnsmasq, mariadb, mosquitto, nginx (not running ATM), ssh, zfs-*. nftables is running and active.
Just spent the morning trying to install coolwsd and set it up but it is not co-operating. After one failed attempt I tried to remove coolwsd but now on each subsequent install attempt it complains that /etc/coolwsd/coolwsd.xml is missing, but there doesn’t appear to be a way for it to generate a basic default configuration.
Was trying to follow the following example:
Edit:
I’ve now got access to the coolwsd server at the following sites:
http://192.168.0.2:9980/browser/dist/admin/admin.html
https://192.168.0.2.888/browser/dist/admin/admin.html
<VirtualHost *:888>
ServerName URL-Removed
Options -Indexes
ErrorLog "/var/log/apache2/collabora_error"
# Encoded slashes need to be allowed
AllowEncodedSlashes NoDecode
# keep the host
ProxyPreserveHost On
# static html, js, images, etc. served from coolwsd
# loleaflet/browser is the client part of Collabora Online
ProxyPass /loleaflet http://127.0.0.1:9980/loleaflet retry=0
ProxyPassReverse /loleaflet http://127.0.0.1:9980/loleaflet
ProxyPass /browser http://127.0.0.1:9980/browser retry=0
ProxyPassReverse /browser http://127.0.0.1:9980/browser
# WOPI discovery URL
ProxyPass /hosting/discovery http://127.0.0.1:9980/hosting/discovery retry=0
ProxyPassReverse /hosting/discovery http://127.0.0.1:9980/hosting/discovery
# Capabilities
ProxyPass /hosting/capabilities http://127.0.0.1:9980/hosting/capabilities retry=0
ProxyPassReverse /hosting/capabilities http://127.0.0.1:9980/hosting/capabilities
# Main websocket
ProxyPassMatch "/cool/(.*)/ws$" ws://127.0.0.1:9980/cool/$1/ws nocanon
# Admin Console websocket
ProxyPass /cool/adminws ws://127.0.0.1:9980/cool/adminws
# Download as, Fullscreen presentation and Image upload operations
ProxyPass /cool http://127.0.0.1:9980/cool
ProxyPassReverse /cool http://127.0.0.1:9980/cool
SSLEngine on
#SSLCertificateFile /etc/ssl/certs/office-selfsigned.crt
#SSLCertificateKeyFile /etc/ssl/private/office-selfsigned.key
SSLCertificateFile /etc/letsencrypt/live/url-removed/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/url-removed/privkey.pem
</VirtualHost>
I should be able to set this up to be accessible if addressed from the external IP via the DDNS or internal IP address right?
Finally appears to be working.
My main issue was that the URL for the website wasn’t in the server’s /etc/hosts file. This was causing enquiries from the local net to crash into the router, and not get forwarded back to the server.
Thanks for being a sounding board!