Thanks for the reply, and the additional links. They were very helpful.
I did eventually solve my problem.
I suspect I had a number of things misconfigured between not understanding the reverse-proxy, and being new to Docker. It was very puzzling to get a âGreen Lightâ in the Office Admin configuration with the docker-based self-hosted CODE server, and yet have documents still failing to open. I wasted masses of time fiddling with the apache2 code for the proxy, and the docker container set up.
The short answer to the base problem was fairly simple:
The allow list for WOPI requests got misconfigured somewhere along the way. I had decided to update the host address to a subnet address for the docker-based collabora/code container, and when I did so I entered a subnet address without the subnet masq, ie, 127.15.0.0 instead of 127.15.0.0/16. Iâd also modified what was a machine ip address for the host nextcloud server from 192.168.1.x to cover the lan subnet 192.168.1.0, again neglecting to put the /16 masq at the end.
These entries are apparently a bit sensitive requiring an exact format (as explained in the instructions on screen): Comma separated, with no extraneous characters or spaces. I have my suspicions they might be sequence sensitive, or otherwise cranky, because my first trials at amending them seemed to have no effect. But eventually I got some libreoffice docx and other files to open with the lan subnet first in line, and the docker subnet next.
The docker container build that worked was:
docker run -t -d -p 127.0.0.1:9980:9980 -e 'aliasgroup1=YourNextcloudSubdomain\\.Domain\\.Ext\' -e "extra_params=--o:ssl.enable=true " -e 'dictionaries=en' -e 'username=xxxxxx' -e 'password=xxxxxxxxxxxxxxxx' --restart always --cap-add MKNOD collabora/code
The apache2 reverse-proxy code, which I added via the Domains>Options>Apache Directives block in the ISPConfig3 site management system is as follows (found it on a web search here: Making sure you're not a bot! ).
########################################
Reverse proxy for Collabora Online
########################################
AllowEncodedSlashes NoDecode
SSLProxyEngine On
ProxyPreserveHost On
# cert is issued for collaboraonline.example.com and we proxy to localhost
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
# static html, js, images, etc. served from coolwsd
# browser is the client part of Collabora Online
ProxyPass /browser https://127.0.0.1:9980/browser retry=0
ProxyPassReverse /browser https://127.0.0.1:9980/browser
# WOPI discovery URL
ProxyPass /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
ProxyPassReverse /hosting/discovery https://127.0.0.1:9980/hosting/discovery
# Capabilities
ProxyPass /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities retry=0
ProxyPassReverse /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities
# Main websocket
ProxyPassMatch "/cool/(.*)/ws$" wss://127.0.0.1:9980/cool/$1/ws nocanon
# Admin Console websocket
ProxyPass /cool/adminws wss://127.0.0.1:9980/cool/adminws
# Download as, Fullscreen presentation and Image upload operations
ProxyPass /cool https://127.0.0.1:9980/cool
ProxyPassReverse /cool https://127.0.0.1:9980/cool
# Compatibility with integrations that use the /lool/convert-to endpoint
ProxyPass /lool https://127.0.0.1:9980/cool
ProxyPassReverse /lool https://127.0.0.1:9980/cool
One remaining mystery that bugs me is being unable to open and explore the CODE Admin Console. When I go to https://subdomain.domain.ext/cool/adminws I get âHTTP Error 400â.
If anyone knows how to enable, find, and open that console, please chime in here!