Nextcloud version (eg, 18.0.2): 20.0.5
Operating system and version (eg, Ubuntu 20.04): Debian 10
Apache or nginx version (eg, Apache 2.4.25): Apache 2.4.38
PHP version (eg, 7.1): 7.3
The issue you are facing:
I recently set up my own server running Nextcloud. At first I installed Collabora + builtin Collabora Code, and it was working nicely before I got SSL set up for my domain. Now I can’t access it anymore, and I have been trying to find out why. I also tried setting up CODE server with docker, but didn’t manage to get that working either. But I believe I’d be perfectly happy with the built-in option if I got it to work.
My setup
- ISP blocks all the usual ports, so I have switched 443 to 6800 and 80 to 1025
- I bought the domain from namecheap and bought a PositiveSSL certificate with it. I think I got it set up properly.
- At first I tried to just find out why I can’t use the builtin server, but didn’t know where to look for the error (or actually looks like there’s errors everywhere so I don’t know what to focus to)
- Then I thought that it should be easier to set up docker container for the CODE server (even thought I have never used docker before).
- So I followed this guide Installation guide - Collabora Online in Nextcloud , set up subdomain for my domain in namecheap and bought and set up certificate, then set everything up as said in the guide, but it doesn’t work. Or, looks like almost nothing in it works.
- my nextcloud is installed in jukranpujut. net and I made a domain called office.jukranpujut. net for the Collabora
Virtualhost config
<VirtualHost *:6800>
ServerName office.jukranpujut.net:6800
# SSL configuration, you may want to take the easy route instead and use Lets Encrypt!
SSLEngine on
SSLCertificateFile /etc/ssl/office/office.jukranpujut.net.crt
SSLCertificateChainFile /etc/ssl/office/office.jukranpujut.net.ca-bundle
SSLCertificateKeyFile /etc/ssl/office/office.jukranpujut.net_tld.key
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM$
SSLHonorCipherOrder on
# Encoded slashes need to be allowed
AllowEncodedSlashes NoDecode
# Container uses a unique non-signed certificate
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
# keep the host
ProxyPreserveHost On
# static html, js, images, etc. served from loolwsd
# loleaflet is the client part of LibreOffice Online
ProxyPass /loleaflet https://127.0.0.1:9980/loleaflet retry=0
ProxyPassReverse /loleaflet https://127.0.0.1:9980/loleaflet
# WOPI discovery URL
ProxyPass /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
ProxyPassReverse /hosting/discovery https://127.0.0.1:9980/hosting/discovery
# Main websocket
ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws nocanon
# Admin Console websocket
ProxyPass /lool/adminws wss://127.0.0.1:9980/lool/adminws
# Download as, Fullscreen presentation and Image upload operations
ProxyPass /lool https://127.0.0.1:9980/lool
ProxyPassReverse /lool https://127.0.0.1:9980/lool
# Endpoint with information about availability of various features
ProxyPass /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities retry=0
ProxyPassReverse /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities
</VirtualHost>
From localhost/lan I can’t access even office.jukranpujut. net:6800 (remotely I can access and see the default apache welcome). Remotely I can also access office.jukranpujut. net:6800/hosting/discovery which output is here: Untitled - Pastebin
However, I can’t access to https ://office .jukranpujut .net:6800/lool/wsadmin from anywhere. By googling I found some mixed (or at least too difficult for me) information about the SSL thing. I think that Install guide says that you need to have SSL for the subdomain, but why is that when there is already SSL built in CODE server? I had a look to loolwsd.xml but it didn’t make me wiser either. Here’s what is included in loolwsd.xml Untitled - Pastebin
I ran the docker container with
docker run -t -d -p 127.0.0.1:9980:9980 -e 'domain=jukranpujut\\.net' --restart always --cap-add MKNOD collabora/code
And here’s docker container log, if it provides something useful: Untitled - Pastebin
The output of your Nextcloud log in Admin > Logging (this is about the builtin CODE server stuff, let’s say the original problem):
[richdocuments] Error: GuzzleHttp\Exception\ConnectException: cURL error 7: Failed to connect to jukranpujut.net port 6800: Connection refused (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) at <<closure>>
0. /var/www/nextcloud/3rdparty/guzzlehttp/guzzle/src/Handler/CurlFactory.php line 155
GuzzleHttp\Handler\CurlFactory::createRejection(GuzzleHttp\Handl ... l}, {0: "And 36 more ... l})
1. /var/www/nextcloud/3rdparty/guzzlehttp/guzzle/src/Handler/CurlFactory.php line 105
GuzzleHttp\Handler\CurlFactory::finishError(GuzzleHttp\Handler\CurlHandler {}, GuzzleHttp\Handl ... l}, GuzzleHttp\Handler\CurlFactory {})
2. /var/www/nextcloud/3rdparty/guzzlehttp/guzzle/src/Handler/CurlHandler.php line 43
GuzzleHttp\Handler\CurlFactory::finish(GuzzleHttp\Handler\CurlHandler {}, GuzzleHttp\Handl ... l}, GuzzleHttp\Handler\CurlFactory {})
3. /var/www/nextcloud/3rdparty/guzzlehttp/guzzle/src/Handler/Proxy.php line 28
GuzzleHttp\Handler\CurlHandler->__invoke("*** sensitive parameter replaced ***", "*** sensitive parameter replaced ***")
4. /var/www/nextcloud/3rdparty/guzzlehttp/guzzle/src/Handler/Proxy.php line 51
GuzzleHttp\Handler\Proxy::GuzzleHttp\Handler\{closure}("*** sensitive parameters replaced ***")
5. /var/www/nextcloud/3rdparty/guzzlehttp/guzzle/src/PrepareBodyMiddleware.php line 37
GuzzleHttp\Handler\Proxy::GuzzleHttp\Handler\{closure}("*** sensitive parameters replaced ***")
6. /var/www/nextcloud/3rdparty/guzzlehttp/guzzle/src/Middleware.php line 29
GuzzleHttp\PrepareBodyMiddleware->__invoke("*** sensitive parameter replaced ***", "*** sensitive parameter replaced ***")
7. /var/www/nextcloud/3rdparty/guzzlehttp/guzzle/src/RedirectMiddleware.php line 70
GuzzleHttp\Middleware::GuzzleHttp\{closure}("*** sensitive parameters replaced ***")
8. /var/www/nextcloud/3rdparty/guzzlehttp/guzzle/src/Middleware.php line 59
GuzzleHttp\RedirectMiddleware->__invoke("*** sensitive parameter replaced ***", "*** sensitive parameter replaced ***")
9. /var/www/nextcloud/3rdparty/guzzlehttp/guzzle/src/HandlerStack.php line 71
GuzzleHttp\Middleware::GuzzleHttp\{closure}("*** sensitive parameters replaced ***")
10. /var/www/nextcloud/3rdparty/guzzlehttp/guzzle/src/Client.php line 361
GuzzleHttp\HandlerStack->__invoke("*** sensitive parameter replaced ***", "*** sensitive parameter replaced ***")
11. /var/www/nextcloud/3rdparty/guzzlehttp/guzzle/src/Client.php line 163
GuzzleHttp\Client->transfer("*** sensitive parameter replaced ***", "*** sensitive parameter replaced ***")
12. /var/www/nextcloud/3rdparty/guzzlehttp/guzzle/src/Client.php line 183
GuzzleHttp\Client->requestAsync("get", GuzzleHttp\Psr7\Uri {}, {0: "And 6 more ... }})
13. /var/www/nextcloud/lib/private/Http/Client/Client.php line 233
GuzzleHttp\Client->request("get", "https://jukranp ... y", {verify: false,t ... e})
14. /var/www/nextcloud/apps/richdocuments/lib/WOPI/DiscoveryManager.php line 84
OC\Http\Client\Client->get("https://jukranp ... y", {timeout: 45,nex ... e})
15. /var/www/nextcloud/apps/richdocuments/lib/WOPI/DiscoveryManager.php line 56
OCA\Richdocuments\WOPI\DiscoveryManager->fetchFromRemote()
16. /var/www/nextcloud/apps/richdocuments/lib/WOPI/Parser.php line 41
OCA\Richdocuments\WOPI\DiscoveryManager->get()
17. /var/www/nextcloud/apps/richdocuments/lib/TokenManager.php line 210
OCA\Richdocuments\WOPI\Parser->getUrlSrc("application/vnd ... t")
18. /var/www/nextcloud/apps/richdocuments/lib/Controller/DocumentController.php line 256
OCA\Richdocuments\TokenManager->getToken("*** sensitive parameters replaced ***")
19. /var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php line 169
OCA\Richdocuments\Controller\DocumentController->index("*** sensitive parameter replaced ***", null)
20. /var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php line 100
OC\AppFramework\Http\Dispatcher->executeController(OCA\Richdocument ... {}, "index")
21. /var/www/nextcloud/lib/private/AppFramework/App.php line 152
OC\AppFramework\Http\Dispatcher->dispatch(OCA\Richdocument ... {}, "index")
22. /var/www/nextcloud/lib/private/Route/Router.php line 309
OC\AppFramework\App::main("OCA\\Richdocume ... r", "index", OC\AppFramework\ ... {}, {_route: "richdocuments.document.index"})
23. /var/www/nextcloud/lib/base.php line 1008
OC\Route\Router->match("/apps/richdocuments/index")
24. /var/www/nextcloud/index.php line 37
OC::handleRequest()
The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):
<?php
$CONFIG = array (
'instanceid' => 'ocdwbkf3x8o1',
'passwordsalt' => 'lw4KwN06mNHqHZdyUfccyXq+A4wRbA',
'secret' => 'w5mHn5mMwE6vC4kBohI+yTHX+tLu85f1oWpnzKtVICjno9zR',
'trusted_domains' =>
array (
0 => 'localhost',
1 => '192.168.1.116',
2 => 'jukranpujut.net',
3 => '192.168.1.117',
4 => 'office.jukranpujut.net',
),
'datadirectory' => '/media/data/nextcloud-data',
'dbtype' => 'mysql',
'version' => '20.0.5.2',
'overwrite.cli.url' => 'http://localhost',
'dbname' => 'nextcloud',
'dbhost' => 'localhost',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'nextclouduser',
'dbpassword' => '(censored)',
'installed' => true,
'memcache.local' => '\\OC\\Memcache\\APCu',
'allow_local_remote_servers' => true,
'maintenance' => false,
'updater.secret' => '',
'theme' => '',
'loglevel' => 2,
);
The output of your Apache log in /var/log/error.log (probably messed up with both tries with and without docker): https ://pastebin.pl/view/1742c647
I admit this is hell of a mess, and probably too messy to get rid of. Anyway I’d appreciate any help, so please ask if you need more (or more specific) info. I haven’t played with stuff like this before, and when everything is new to me, I lose the focus on what is important and what can be ignored.