I can't connect to my Collabora server

1. Error

I’m running nextcloud and collabora in docker, but when I go to the nextcloud settings and point my server collabora it can’t connect. And only the message “Could not connect to the Collabora Online server.”

2. Configs
I use caddy for reverse proxy, nextcloud fpm and collabora/code.

docker-compose

version: '3.8'

# Docs ########################################################################
# https://github.com/nextcloud/docker

# Volumes #####################################################################
volumes:
  nextcloud_caddy_data:
    external: true
  nextcloud_data:
    external: true
  nextcloud_db_data:
    external: true

# Networks ####################################################################
networks:
  net:
    

# Services ####################################################################
services:
  # Caddy ---------------------------------------------------------------------
  caddy:
    image: caddy:alpine
    restart: unless-stopped
    ports:
      - 80:80
      - 443:443
    environment:
      DOMAIN: "${DOMAIN:?DOMAIN not set}"
      ADMIN_EMAIL: "${ADMIN_EMAIL:?ADMIN_EMAIL not set}"
    networks:
      - net
    volumes:
      - nextcloud_caddy_data:/data
      - ./caddy/Caddyfile:/etc/caddy/Caddyfile
    volumes_from:
      - app

  # Postgres ------------------------------------------------------------------
  db:
    image: postgres:${POSTGRES_VERSION:?POSTGRES_VERSION not set}
    restart: unless-stopped
    networks:
      - net
    volumes:
      - nextcloud_db_data:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:?POSTGRES_USER not set} -d ${POSTGRES_DB:?POSTGRES_DB not set}"]
      interval: 10s
      timeout: 5s
      retries: 5
      start_period: 5s
    environment:
      POSTGRES_DB: ${POSTGRES_DB:?POSTGRES_DB not set}
      POSTGRES_USER: ${POSTGRES_USER:?POSTGRES_USER not set}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?POSTGRES_PASSWORD not set}
    # command:
    #   postgres
    #   -c max_connections=100
    #   -c shared_buffers=1GB
    #   -c effective_cache_size=3GB
    #   -c maintenance_work_mem=256MB
    #   -c checkpoint_completion_target=0.9
    #   -c wal_buffers=16MB
    #   -c default_statistics_target=100
    #   -c random_page_cost=1.1
    #   -c effective_io_concurrency=200
    #   -c work_mem=10485kB
    #   -c min_wal_size=2GB
    #   -c max_wal_size=8GB
    #   -c max_worker_processes=2
    #   -c max_parallel_workers_per_gather=1
    #   -c max_parallel_workers=2
    #   -c max_parallel_maintenance_workers=1

  # Redis ---------------------------------------------------------------------
  redis:
    image: redis:alpine
    networks:
      - net
    restart: unless-stopped

  # Nextcloud -----------------------------------------------------------------
  app:
    image: nextcloud:${NEXTCLOUD_VERSION:?NEXTCLOUD_VERSION not set}
    networks:
      - net
    restart: unless-stopped
    volumes:
      - nextcloud_data:/var/www/html
    environment:
      NEXTCLOUD_TRUSTED_DOMAINS: ${DOMAIN:?DOMAIN not set}
      NEXTCLOUD_ADMIN_USER: ${NEXTCLOUD_ADMIN_USER:?NEXTCLOUD_ADMIN_USER not set}
      NEXTCLOUD_ADMIN_PASSWORD: ${NEXTCLOUD_ADMIN_PASSWORD:?NEXTCLOUD_ADMIN_PASSWORD not set}
      REDIS_HOST: redis
      POSTGRES_HOST: db
      POSTGRES_DB: ${POSTGRES_DB:?POSTGRES_DB not set}
      POSTGRES_USER: ${POSTGRES_USER:?POSTGRES_USER not set}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?POSTGRES_PASSWORD not set}
      PHP_MEMORY_LIMIT: '512M'
      PHP_UPLOAD_LIMIT: '16G'
      TZ: 'America/SaoPaulo'
    depends_on:
      db:
        condition: service_healthy
      redis:
        condition: service_started

  # Cron ----------------------------------------------------------------------
  cron:
    image: nextcloud:${NEXTCLOUD_VERSION:?NEXTCLOUD_VERSION not set}
    networks:
      - net
    restart: unless-stopped
    volumes_from:
      - app
    entrypoint: /cron.sh
    depends_on:
      db:
        condition: service_healthy
      app:
        condition: service_started
      redis:
        condition: service_started

  # Collabora ---------------------------------------------------------------------
  collabora:
    image: collabora/code
    restart: unless-stopped
    networks:
      - net
    ports:
      - "9980:9980"
    volumes:
      - /etc/localtime:/etc/localtime
      - /etc/timezone:/etc/timezone
    environment:
      - username=admin
      - password=${COLLABORA_PASSWORD}
      - server_name=${DOMAIN:?DOMAIN not set}
      - dictionaries=en_US
      - extra_params=--o:ssl.enable=true --o:ssl.termination=false # Set SSL options
    cap_add:
      - MKNOD
    tty: true

Caddyfile

{

  # SSL
  email {$ADMIN_EMAIL}
  #acme_ca https://acme-staging-v02.api.letsencrypt.org/directory

  # Enable to see header set by upstream
  debug
}

{$DOMAIN} {

  #acme_server
  #tls internal

  # Static content
  root * /var/www/html
  file_server

  # PHP fast cgi
  php_fastcgi app:9000 {
    env front_controller_active true
  }

  # Redirects for DAV apps
  redir /.well-known/carddav /remote.php/carddav 301
  redir /.well-known/caldav /remote.php/caldav 301

  respond /.well-known/acme-challenge 404
  respond /.well-known/pki-validation 404

  # redir /.well-known/* /index.php/.well-known/webfinger 301
  # redir /.well-known/nodeinfo /index.php/.well-known/nodeinfo 301
  redir /.well-known/* /index.php{uri} 301

  # Headers
  header {
    # If staging acme_ca is enabled, this needs to be commented out!
    # Otherwise, it is not possible to add exception
    Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"

    # More security hardening headers
    Referrer-Policy                   "no-referrer"
    X-Content-Type-Options            "nosniff"
    X-Download-Options                "noopen"
    X-Frame-Options                   "SAMEORIGIN"
    X-Permitted-Cross-Domain-Policies "none"
    X-Robots-Tag                      "none"
    X-XSS-Protection                  "1; mode=block"
    Permissions-Policy                "interest-cohort=()"

    # Remove X-Powered-By header, which is an information leak
    -X-Powered-By

    # Replace http with https in any Location header
    Location http:// https://
  }

  # Cache control
  @static {
    file
    path *.css *.js *.svg *.gif
  }

  header @static {
    Cache-Control "max-age=360"
  }

  @fonts {
    path /core/fonts
  }

  header @fonts {
    Cache-Control "max-age=604800"
  }

  # gzip encoding
  encode {
    gzip 4
    minimum_length 256

    match {
      header Content-Type text/*
      header Content-Type application/json*
      header Content-Type application/javascript*
      header Content-Type application/xhtml+xml*
      header Content-Type application/atom+xml*
      header Content-Type application/rss+xml*
      header Content-Type image/svg+xml*
      header Content-Type application/ld+json*
      header Content-Type application/manifest+json*
      header Content-Type application/vnd.geo+json*
      header Content-Type application/vnd.ms-fontobject*
      header Content-Type application/x-font-ttf*
      header Content-Type application/x-web-app-manifest+json*
      header Content-Type application/xml*
      header Content-Type font/opentype*
      header Content-Type image/bmp*
      header Content-Type image/x-icon*
      header Content-Type text/cache-manifest*
    }
  }

  @collabora {
              path /browser/* # Loleaflet is the client part of LibreOffice Online
              path /hosting/discovery # WOPI discovery URL
              path /hosting/capabilities # Show capabilities as json
              path /cool/* # Main websocket, uploads/downloads, presentations
              }

  reverse_proxy @collabora collabora:9980 {
    header_up Host "maraujo.rio.br"
    transport http {
      tls_insecure_skip_verify
    }
  }
  # .htaccess / data / config / ... shouldn't be accessible from outside
  @forbidden {
    path    /build/*
    path    /tests/*
    path    /.htaccess
    path    /data/*
    path    /config/*
    path    /db_structure
    path    /.xml
    path    /README
    path    /3rdparty/*
    path    /lib/*
    path    /templates/*
    path    /occ
    path    /console.php
    path    /autotest
    path    /issue
    path    /indie
    path    /db_
    path    /console
  }

  respond @forbidden 404
}

3. Questions

How can I debug this problem? I can’t find in any log what is happening when it tries to connect.

take a look at this post, most likely you find an answer

Hi @Ramolec

You can refer to the configuration in my article.

Use HTTPS with Ubuntu 22.04, apache, Nextcloud and Collabora(Docker)

Maybe you will find your way.

1 Like

Thanks for the answers! I just gave up on building the compose.

I started using Nextcloud AIO - GitHub - nextcloud/all-in-one: Nextcloud AIO stands for Nextcloud All In One and provides easy deployment and maintenance with most features included in this one Nextcloud instance.

After weeks of trying it was the easiest.

1 Like