Nextcloud Office WOPI allow list for setups with dynamic IP

15sawyer · April 19, 2023, 11:26am

I have a Nextcloud and a Collabora docker installation. Both are behind a Traefik reverse proxy but on the same network (172.20.0.0/16). I can’t get the allow list for WOPI requests to work. I found several other posts with this issue but their solutions wouldn’t work for me.

First, some people just put in the docker network range. That didn’t work for me. Collabora wouldn’t load. Do Nextcloud and Collabora need to be connected directly in that case? Meaning not via “https://collabora.mydomain.com” but via “collabora-container-name:9980”?

Secondly, others put in their public IP. That does work and Collabora loads fine, but because I have a dynamic IP that is not a viable solution.

Another problem is that all solutions use NGINX reverse proxy which I have no experience in.

pascal_l · September 2, 2023, 9:55pm

@15sawyer do you have any update on this?

15sawyer · September 4, 2023, 11:36am

Sorry, not really. The closest “solution” I found is to add all Subnet ranges from your ISP to your WOPI-allowed list. This wasn’t acceptable for me, but maybe for you. If you find another solution, let me know.

pascal_l · September 4, 2023, 6:10pm

I’m not sure, if the external accessibility from the collabora container is necessary. If yes the issue should be relevant for all installations, with not static up.

H5N1 · March 6, 2024, 10:12am

Hi, this is my own Solution, maybe it helps

I wrote a little Script top Update the wopi IP

#!/bin/bash

dyn_ip=$( cat /usr/local/sbin/wopi-ip.txt )
ext_ip=`curl -s http://checkip.dyndns.org | awk '{print $6}' | awk ' BEGIN { FS = "<" } { print $1 } '`
if      [ "$ext_ip" = "" ];then
                echo "Keine Internetverbindung. Keine IP zum aktualisieren."
elif [ "$dyn_ip" = "$ext_ip" ];then
        echo "ist aktuell $dyn_ip"
elif [ "$dyn_ip" != "$ext_ip" ];then
        echo $ext_ip > /usr/local/sbin/wopi-ip.txt
        echo $(date +"%m.%d.%Y") $ext_ip >> /usr/local/sbin/wopi-ip-hist.txt
        echo "DynDNS ist nicht aktuell, Update gestartet: Neue IP = $ext_ip"
        sudo -u www-data /usr/bin/php8.2 -f /phat/to/your/Cloud/occ config:app:set richdocuments wopi_allowlist --value=$ext_ip
else
        echo "ERROR"
fi

wopi-ip-his.txt ist for the Update History, wopi-ip.txt is for the Last known IP.
I use a cronjob every 10 minutes.

#WOPI Office IP aktualisieren
*/10 * * * * /usr/local/sbin/wopi-ip.sh > /dev/null

Hope it helps you.