Nextcloud and 2 docker for collabra

Hi there,

I am running Nextcloud 18 on a Ubuntu 18.04.4 system. I am using collabra with docker on this system.
Up to now, everything works fine. But now, I have a new thing that I want to set up.

Till now, I was only having one domain “foo.com” with a docker image for collabra and all works fine.
Now, what I want to have is a second domain “bar.com” on the same system using a second docker instance for collabra.

Here is the situation at the moment:

  1. for domain “foo.com” (domain A):
    I use the subdomain “office.foo.com” for docker and all works fine. When I log into Nextcloud and open an existing or create a new Collabra document, it opens correctly. So no problem for domain A at all.

  2. for domain “bar.com” (domain B):
    Here, no matter what I do, I get an “unauthorized WOPI-access” error.
    To find the cause, I give a few informations:

  • docker start of domain
docker run -t -d -p 127.0.0.1:9990:9980 -e 'domain=office\\.bar\\com' --restart always --name bar-office --cap-add MKNOD collabora/code
  • Configuration in admin interface of collabra app in nextcloud:
    URL (und Port) des Collabora Online-Servers
    https://office.bar.com

  • Apache virtual host file for it:

<IfModule mod_ssl.c>
<VirtualHost *:443>
  ServerName office.bar.com
  ServerAdmin webmaster@domain.xx

# Encoded slashes need to be allowed
AllowEncodedSlashes NoDecode

# Container uses a unique non-signed certificate
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off

# keep the host
ProxyPreserveHost On

# static html, js, images, etc. served from loolwsd
# loleaflet is the client part of LibreOffice Online
ProxyPass /loleaflet https://127.0.0.1:9990/loleaflet retry=0
ProxyPassReverse /loleaflet https://127.0.0.1:9990/loleaflet

# WOPI discovery URL
ProxyPass           /hosting/discovery https://127.0.0.1:9990/hosting/discovery retry=0
ProxyPassReverse    /hosting/discovery https://127.0.0.1:9990/hosting/discovery

# Main websocket
ProxyPassMatch           "/lool/(.*)/ws$" wss://127.0.0.1:9990/lool/$1/ws nocanon

# Admin Console websocket
ProxyPass    /lool/adminws wss://127.0.0.1:9990/lool/adminws

# Download as, Fullscreen presentation and Image upload operations
ProxyPass /lool https://127.0.0.1:9990/lool
ProxyPassReverse   /lool https://127.0.0.1:9990/lool

# Endpoint with information about availability of various features
ProxyPass           /hosting/capabilities https://127.0.0.1:9990/hosting/capabilities retry=0
ProxyPassReverse    /hosting/capabilities https://127.0.0.1:9990/hosting/capabilities

Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/bar.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/bar.com/privkey.pem
</VirtualHost>
</IfModule>

Can somebody please help me solve this? If possible at all?

is your nextcloud running on a different domain (foo.com)? you may look here:

is your apache running in a container as well?

p.s.: if that’s not the solution, would you mind to “draw” your config? (with draw.io app) that would give a better understanding where is what.

Try this one:

docker run -t -d -p 127.0.0.1:9990:9980 -e 'domain=office\\.bar\\com|bar\\.com' --restart always --name bar-office --cap-add MKNOD collabora/code

Hi there,

I tried to make an overview ; here it is:

I hope it makes more clear what I did so far. If you need more information, please let me know.

@thijssie85: I tried your suggestion, but unfortunately this didn’t solve my problem.

Why do u use two times the docker for collabra?

I should do the same at the top and one docker with collabra, start it with the code i just write.

The idea behind it is that both collabra instances should work on their own.
That means: User of domain A should be completely independent of the users of domain B.
Both user-groups should not be able to somehow get in touch of the documents of the other.

So I thought that dividing the two groups would be best done by separate collabra instances.
Am I wrong?

Also: would this really work? Although both domain names are hosted on the same server, shouldn’t I have the same in the docker instance?
What I tried in short: I gave Nextcloud in domain B (in the settings for collabra, admin interface of Nextcloud) the URL of Nextcloud-collabra of domain A. I still get the unauthorized WOPI error.