Hello everyone,
I’ve been running Docker containers and various services for years without major issues. About two months ago, I started running Nextcloud along with PostgreSQL and Redis, and everything has been working great.
However, I missed the ability (like in OneDrive or Google Drive) to edit documents directly in the browser. To enable this, I installed the Nextcloud Office app and set up a Collabora Docker container.
The Collabora container is running without errors.
Nextcloud itself is also showing no errors.
The Problem:
I’m having trouble getting the Nextcloud Office app to connect to my Collabora server.
Here’s what I’ve tried:
-
Using internal Docker hostname:
http://collabora:9980
Didn’t work. -
Using container IP address:
http://<docker_collabora_container_ip>:9980
Also didn’t work. -
Exposing the Collabora port in docker-compose and accessing via host IP:
http://<server_ip>:9980
Still didn’t work.
They all says this:
Your browser has been unable to connect to the Collabora server: http://one_of_the_3_above:9980
This URL is determined on the Collabora server either from the configured URL or the server_name parameter in coolwsd.xml.
What I Found:
From the docs and forums, it seems most people set up a reverse proxy for Collabora and access it through a proper domain (e.g., https://collabora.mydomain.com). This is not possible in my case because:
I’m using Tailscale in a Docker container.
As a result, other Docker containers can’t resolve the Tailscale domain (e.g., server.tailscalename.ts.net).
If anyone has insight on how to allow other containers to resolve Tailscale DNS, I’d appreciate it — although that’s not the main goal of this post.
Partial Success:
If I set the OVERWRITEHOST environment variable in the Nextcloud Docker container to my server IP, I can connect using:
http://<server_ip>:9980
So, the connection technically works, but I dont wanna overwrite my tailscale domain all the time.
My Questions:
Is there a recommended way to connect Nextcloud Office to a Collabora container without using a reverse proxy?
Is using OVERWRITEHOST with a plain IP address a safe and acceptable solution?
Is there any way to enable domain resolution for Docker containers using Tailscale (without moving Tailscale outside of Docker)?
My docker-compose.yml
services:
tailscale:
image: tailscale/tailscale:latest
container_name: tailscale
restart: unless-stopped
cap_add:
- NET_ADMIN
- SYS_MODULE
volumes:
- tailscale-var-lib:/var/lib/tailscale
- tailscale-sock:/var/run/tailscale
- /dev/net/tun:/dev/net/tun
privileged: true
entrypoint: >
sh -c "tailscaled &
sleep 5 &&
tailscale up --ssh=false --authkey=${TAILSCALE_AUTH_KEY} --hostname=${TAILSCALE_HOSTNAME} &&
tail -f /dev/null"
networks:
- tailscale-net
extra_hosts:
- "server:host-gateway"
- "router:${ROUTER_IP}"
caddy_tailscale:
container_name: caddy_tailscale
image: caddy:latest
volumes:
- ./configs/caddy/Caddyfile_tailscale:/etc/caddy/Caddyfile
- tailscale-sock:/var/run/tailscale
restart: unless-stopped
network_mode: "service:tailscale"
nextcloud:
image: nextcloud:latest
container_name: nextcloud
restart: unless-stopped
volumes:
- nextcloud:/var/www/html
environment:
- POSTGRES_HOST=nextcloud_postgres
- POSTGRES_DB=nextcloud
- POSTGRES_USER=nextcloud
- POSTGRES_PASSWORD=nextcloud
- REDIS_HOST=nextcloud_redis
- NEXTCLOUD_ADMIN_USER=${NEXTCLOUD_ADMIN_USER}
- NEXTCLOUD_ADMIN_PASSWORD=${NEXTCLOUD_ADMIN_PASSWORD}
#- NEXTCLOUD_TRUSTED_DOMAINS=${NEXTCLOUD_TRUSTED_DOMAINS}
#- OVERWRITECLIURL=${NEXTCLOUD_OVERWRITECLIURL}
#- OVERWRITEPROTOCOL=${NEXTCLOUD_OVERWRITEPROTOCOL}
#- OVERWRITEHOST=${NEXTCLOUD_OVERWRITEHOST}
networks:
- tailscale-net
depends_on:
- nextcloud_postgres
- nextcloud_redis
nextcloud_postgres:
image: postgres:latest
restart: unless-stopped
container_name: nextcloud_postgres
volumes:
- nextcloud_postgres:/var/lib/postgresql/data
environment:
- POSTGRES_DB=nextcloud
- POSTGRES_USER=nextcloud
- POSTGRES_PASSWORD=nextcloud
networks:
- tailscale-net
nextcloud_redis:
image: redis:latest
container_name: nextcloud_redis
restart: unless-stopped
volumes:
- redis_data:/data
networks:
- tailscale-net
collabora:
container_name: collabora
image: collabora/code:latest
cap_add:
- MKNOD
environment:
#- domain=192.168.0.249
- username=someuser
- password=somepassword
#- extra_params=o:ssl.enable=false
#- VIRTUAL_PROTO=http
#- VIRTUAL_PORT=9980
- extra_params=--o:ssl.enable=false
#- cert_domain=collabora
# Collabora domain (without reverse proxy it's docker service)
#- server_name=collabora:9980
# Nextcloud domain (without reverse proxy it's docker service)
#- domain=
ports:
- "9980:9980"
restart: always
volumes:
- "/etc/localtime:/etc/localtime:ro"
networks:
- tailscale-net
volumes:
tailscale-var-lib:
tailscale-sock:
nextcloud:
nextcloud_postgres:
redis_data:
networks:
tailscale-net:
driver: "bridge"
ipam:
driver: default
config:
- subnet: ${TAILSCALE_NETWORK_IP}
And this is my Caddyfile:
server.tailscalename.ts.net:8008 {
reverse_proxy nextcloud:80
}
Thanks in advance for any help or suggestions!
