Hi,
I’m working since a while on my collabora installation and I think, I made almost everything up. But finally when I try to open a supported document in Nextcloud, it doesn’t work and shows a message, that loading was’nt possible and I have to try again later. It’s really a riddle to me, like Rubik’s cube, I really can’t see the reason.
ERROR docker log
wsd-00001-00035 2023-02-16 07:42:58.834063 +0000 [ prisoner_poll ] WRN Attempted ping on non-upgraded websocket! #34| net/WebSocketHandler.hpp:573
wsd-00001-00050 2023-02-16 07:42:59.797280 +0000 [ websrv_poll ] ERR #36: Attempted to remove: 668 which is > size: 0 clamped to 0| net/Socket.hpp:1237
wsd-00001-00224 2023-02-16 07:43:28.551428 +0000 [ docbroker_00a ] WRN #33 has timed out while requesting [GET www.example.net/nextcloud/index.php/apps/richdocuments/wopi/files/148817_ocgwavlecjem?access_token=OQHb2CzBw6Mu2ZeXlEOpjDTYOoxgHiuO&access_token_ttl=1676569372000] after 30029ms| net/HttpRequest.hpp:1342
wsd-00001-00224 2023-02-16 07:43:28.551658 +0000 [ docbroker_00a ] ERR WOPI::CheckFileInfo failed for URI [https://www.example.net/nextcloud/index.php/apps/richdocuments/wopi/files/148817_ocgwavlecjem?access_token=OQHb2CzBw6Mu2ZeXlEOpjDTYOoxgHiuO&access_token_ttl=1676569372000]: 0 . Headers: Body: []| wsd/Storage.cpp:687
wsd-00001-00224 2023-02-16 07:43:28.551771 +0000 [ docbroker_00a ] ERR loading document exception: WOPI::CheckFileInfo failed: | wsd/DocumentBroker.cpp:2339
wsd-00001-00224 2023-02-16 07:43:28.551866 +0000 [ docbroker_00a ] ERR Failed to add session to [https://www.example.net:443/nextcloud/index.php/apps/richdocuments/wopi/files/148817_ocgwavlecjem] with URI [https://www.example.net/nextcloud/index.php/apps/richdocuments/wopi/files/148817_ocgwavlecjem?access_token=OQHb2CzBw6Mu2ZeXlEOpjDTYOoxgHiuO&access_token_ttl=1676569372000]: WOPI::CheckFileInfo failed: | wsd/DocumentBroker.cpp:2301
wsd-00001-00224 2023-02-16 07:43:28.551970 +0000 [ docbroker_00a ] ERR Storage error while starting session on https://www.example.net:443/nextcloud/index.php/apps/richdocuments/wopi/files/148817_ocgwavlecjem for socket #23. Terminating connection. Error: WOPI::CheckFileInfo failed: | wsd/COOLWSD.cpp:4737
wsd-00001-00224 2023-02-16 07:43:28.594743 +0000 [ docbroker_00a ] ERR #28: Read failed, have 0 buffered bytes (ECONNRESET: Connection reset by peer)| net/Socket.hpp:1134
wsd-00001-00224 2023-02-16 07:43:28.594857 +0000 [ docbroker_00a ] WRN DocBroker [https://www.example.net:443/nextcloud/index.php/apps/richdocuments/wopi/files/148817_ocgwavlecjem] got disconnected from its Kit (-1). Closing.| wsd/COOLWSD.cpp:3283
wsd-00001-00035 2023-02-16 07:43:28.595068 +0000 [ prisoner_poll ] WRN Prisoner connection disconnected but without valid socket.| wsd/COOLWSD.cpp:3275
wsd-00001-00035 2023-02-16 07:43:28.595137 +0000 [ prisoner_poll ] WRN An unassociated Kit disconnected.| wsd/COOLWSD.cpp:3290
wsd-00001-00035 2023-02-16 07:43:29.567399 +0000 [ prisoner_poll ] WRN Attempted ping on non-upgraded websocket! #32| net/WebSocketHandler.hpp:573
wsd-00001-00236 2023-02-16 07:43:59.090472 +0000 [ docbroker_00b ] WRN #31 has timed out while requesting [GET www.example.net/nextcloud/index.php/apps/richdocuments/wopi/files/148817_ocgwavlecjem?access_token=OQHb2CzBw6Mu2ZeXlEOpjDTYOoxgHiuO&access_token_ttl=1676569372000&permission=edit] after 30029ms| net/HttpRequest.hpp:1342
wsd-00001-00236 2023-02-16 07:43:59.090692 +0000 [ docbroker_00b ] ERR WOPI::CheckFileInfo failed for URI [https://www.example.net/nextcloud/index.php/apps/richdocuments/wopi/files/148817_ocgwavlecjem?access_token=OQHb2CzBw6Mu2ZeXlEOpjDTYOoxgHiuO&access_token_ttl=1676569372000&permission=edit]: 0 . Headers: Body: []| wsd/Storage.cpp:687
wsd-00001-00236 2023-02-16 07:43:59.090894 +0000 [ docbroker_00b ] ERR loading document exception: WOPI::CheckFileInfo failed: | wsd/DocumentBroker.cpp:2339
wsd-00001-00236 2023-02-16 07:43:59.090950 +0000 [ docbroker_00b ] ERR Failed to add session to [https://www.example.net:443/nextcloud/index.php/apps/richdocuments/wopi/files/148817_ocgwavlecjem] with URI [https://www.example.net/nextcloud/index.php/apps/richdocuments/wopi/files/148817_ocgwavlecjem?access_token=OQHb2CzBw6Mu2ZeXlEOpjDTYOoxgHiuO&access_token_ttl=1676569372000&permission=edit]: WOPI::CheckFileInfo failed: | wsd/DocumentBroker.cpp:2301
wsd-00001-00236 2023-02-16 07:43:59.091006 +0000 [ docbroker_00b ] ERR Storage error while starting session on https://www.example.net:443/nextcloud/index.php/apps/richdocuments/wopi/files/148817_ocgwavlecjem for socket #22. Terminating connection. Error: WOPI::CheckFileInfo failed: | wsd/COOLWSD.cpp:4737
wsd-00001-00236 2023-02-16 07:43:59.119417 +0000 [ docbroker_00b ] ERR #34: Read failed, have 0 buffered bytes (ECONNRESET: Connection reset by peer)| net/Socket.hpp:1134
wsd-00001-00236 2023-02-16 07:43:59.119564 +0000 [ docbroker_00b ] WRN DocBroker [https://www.example.net:443/nextcloud/index.php/apps/richdocuments/wopi/files/148817_ocgwavlecjem] got disconnected from its Kit (-1). Closing.| wsd/COOLWSD.cpp:3283
wsd-00001-00035 2023-02-16 07:43:59.119755 +0000 [ prisoner_poll ] WRN Prisoner connection disconnected but without valid socket.| wsd/COOLWSD.cpp:3275
wsd-00001-00035 2023-02-16 07:43:59.119798 +0000 [ prisoner_poll ] WRN An unassociated Kit disconnected.| wsd/COOLWSD.cpp:3290
Environment:
VPS Ubuntu 20.04 LTS 64bit
4 CPU Cores
4 GB RAM
PHP 8.1.15 fpm-fcgi (apcu activated)
MySQL 8.0.32-0ubuntu0.20.04.2
Domain www.example.net/nextcloud/
Nextcloud 25.0.3
APP Nextcloud Office 7.1.1
- Collabora Online Server is reachable
- Allow list for WOPI requests: localhost, 0.0.0.0/0
Let’s encrpyt for collabora.example.net correctly added to certificate for www.example.net
- Web-Interface
https://collabora.example.net/browser/dist/admin/admin.htmlis reachable -
https://collabora.example.net/hosting/discoveryis reachable
www.example.net:/etc/apache2/sites-available/www.example.net.ssl.conf
<VirtualHost *:443>
ServerName www.example.net
ServerAlias 10.8.0.1
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>
ServerAdmin webmaster@example.net
DocumentRoot /srv/www
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/www.example.net/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.example.net/privkey.pem
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM
Redirect 301 /.well-known/carddav /nextcloud/remote.php/dav
Redirect 301 /.well-known/caldav /nextcloud/remote.php/dav
Redirect 301 /.well-known/webfinger /nextcloud/index.php/.well-known/webfinger
Redirect 301 /.well-known/nodeinfo /nextcloud/index.php/.well-known/nodeinfo
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /srv/www/>
<IfModule security2_module>
SecRuleEngine on
Options -Indexes
# Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</IfModule>
</Directory>
<Directory /srv/www/nextcloud/>
<IfModule security2_module>
SecRuleEngine off
Options Indexes SymLinksIfOwnerMatch
AllowOverride All
Require all granted
<FilesMatch \.php$>
SetHandler "proxy:unix:/run/php/php-fpm.sock|fcgi://loca>
Include /etc/apache2/conf-available/php8.1-fpm.conf
</FilesMatch>
</IfModule>
</Directory>
.
.
.
</VirtualHost>
www.example.net:/etc/apache2/sites-enabled/collabora.example.net.ssl.conf
<VirtualHost *:443>
ServerName collabora.example.net
# SSL configuration, you may want to take the easy route instead and use Lets Encrypt!
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/www.example.net/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.example.net/privkey.pem
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite HIGH:MEDIUM
SSLHonorCipherOrder on
# Encoded slashes need to be allowed
AllowEncodedSlashes NoDecode
# Container uses a unique non-signed certificate
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
# keep the host
ProxyPreserveHost On
# static html, js, images, etc. served from coolwsd
# browser is the client part of Collabora Online
ProxyPass /browser http://127.0.0.1:9980/browser retry=0
ProxyPassReverse /browser http://127.0.0.1:9980/browser
# WOPI discovery URL
ProxyPass /hosting/discovery http://127.0.0.1:9980/hosting/discovery retry=0
ProxyPassReverse /hosting/discovery http://127.0.0.1:9980/hosting/discovery
# Capabilities
ProxyPass /hosting/capabilities http://127.0.0.1:9980/hosting/capabilities retry=0
ProxyPassReverse /hosting/capabilities http://127.0.0.1:9980/hosting/capabilities
# Main websocket
ProxyPassMatch "/cool/(.*)/ws$" ws://127.0.0.1:9980/cool/$1/ws nocanon
# Admin Console websocket
ProxyPass /cool/adminws ws://127.0.0.1:9980/cool/adminws
# Download as, Fullscreen presentation and Image upload operations
ProxyPass /cool http://127.0.0.1:9980/cool
ProxyPassReverse /cool http://127.0.0.1:9980/cool
# Compatibility with integrations that use the /lool/convert-to endpoint
ProxyPass /lool http://127.0.0.1:9980/cool
ProxyPassReverse /lool http://127.0.0.1:9980/cool
</VirtualHost>
www.example.net:/etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
collabora.example.net
www.example.net
Subdomain collabora.example.net
Docker 23.0.1
OOLWSD 22.05.9.2
LOKit Collabora Office 22.05.9.2
docker run -t -d -p 127.0.0.1:9980:9980 -e "aliasgroup1=https:\\.example\\.net" -e "username=admin" -e "password=S3cRet" -e 'dictionaries=de en es ..' --privileged --restart always --cap-add MKNOD collabora/code
docker:/etc/coolwsd/coolwsd.xml
Only the manually made changes:
<ssl_verification desc="Enable or disable SSL verification" type="string" default="false"></ssl_verification>
<enable type="bool" desc="Controls whether SSL encryption between coolwsd and the network is enabled (do not disable for production deployment). If default is false, must first be compiled with SSL support to enable." default="true">false</enable>
<termination desc="Connection via proxy where coolwsd acts as working via https, but actually uses http." type="bool" default="true">true</termination>
<filesystem allow="true" />
<host desc="hostname to allow or deny." allow="true">https:\.example\.net</host>