Nextcloud office OK on local network but fails with public IP

ℹ️ Support 📄 Office
, , ,
1

Dear all,

I already spent one week to try to solve this problem but since there is almost nothing in the logs, I can’t go further without your help!

I can edit .doc files with collaborative when I connect to Nextcloud and collaborate servers with local network IP addresses (192.168.1.x) but when I try to connect with public IP and apache proxy, it fails!

Here is my config:

  • Debian GNU/Linux 12 (bookworm)
  • Apache/2.4.62
  • Nextcloud docker latest image: 30.0.5
  • Collabora/code docker latest image: 24.04.12.2.1

Here is the configuration that works:

Runs on local network with these two docker containers:

docker run -d -p 8080:80 nextcloud
docker run -t -d -p 9980:9980 -e "extra_params=--o:ssl.enable=false" -e "username=admin" -e "password=secret" collabora/code

http://192.168.1.89:8080/settings/admin/richdocuments displays:

Collabora Online server is reachable.
Collabora Online Development Edition 24.04.12.1 663fe346b8
URL used by the browser: http://192.168.1.89:9980
Nextcloud URL used by Collabora: http://192.168.1.89:8080 (Determined from the browser URL)

Result OK

Here are the two configuration that do not work:

Runs with public servers:
I used Reverse proxy settings in Apache2 config (SSL termination) from this page:

I launched these two containers:

docker run -d -p 8080:80 -v nextcloud:/var/www/html nextcloud
docker run -t -d -p 9980:9980 -e "extra_params=--o:ssl.enable=false --o:ssl.termination=true" -e "username=admin" -e "password=secret" -e "server_name=office.mydomain.org" -e "aliasgroup1=https://.*:443" collabora/code

Runs with public servers:
I used Reverse proxy settings in Apache2 config (SSL termination) from this page:

I launched these two containers:

docker run -d -p 8080:80 -v nextcloud:/var/www/html nextcloud
docker run -t -d -p 9980:9980 -e "extra_params=--o:ssl.enable=true" -e "username=admin" -e "password=secret" -e "server_name=office.mydomain.org" -e "aliasgroup1=https://.*:443" collabora/code
  1. and 3. give the same results:

Collabora Online server is reachable.
Collabora Online Development Edition 24.04.12.1 663fe346b8
URL used by the browser: https://office.mydomain.org
Nextcloud URL used by Collabora: https://intranet.mydomain.org (Determined from the browser URL)
Disable certificate verification

On https://office.mydomain.org/browser/dist/admin/admin.html I can see the connection with 1 user online, 1 document open

Result: Document loading failed
Failed to load Nextcloud Office - please try again later

I added these lines on Nextcloud config.php:

  'trusted_proxies' => 
  array (
    0 => '77.194.146.178',
    1 => '2a02:8429:81d1:1e01:d9a8:903f:e833:d314',
    2 => '192.168.1.89',
  ),
  'overwritehost'     => 'intranet.mydomain.org',
  'overwriteprotocol' => 'https',
  'overwritewebroot'  => '/',
  'overwritecondaddr' => '^77\.194\.146\.178$',
  • Apache error logs for both servers are empty
  • Apache access logs for both servers show only http 200 responses codes
  • Nextcloud /var/www/html/data/nextcloud.log is empty even with loglevel 0
  • Docker logs nextcloud_id gives only http 200 responses codes
  • Docker logs collabora_id gives these 3 different error lines:
[ coolwsd ] WRN  Waking up dead poll thread [main], started: false, finished: false| net/Socket.hpp:824
[ forkit ] WRN  The systemplate directory [/opt/cool/systemplate] is read-only, and at least [/opt/cool/systemplate//etc/hosts] is out-of-date. Will have to clone dynamic elements of systemplate to the jails. To restore optimal performance, make sure the files in [/opt/cool/systemplate/etc] are up-to-date.| common/JailUtil.cpp:587
sh: 1: /usr/bin/coolmount: Operation not permitted

I tried the same config on another server on another network and I obtain the same results.

Any help would be greatly appreciated!