Hello!
I have tried to fix the permission denied issue with collabora online but I was not able to fix it by
- disabling ufw
- Following the guide here: FTL Capability error - #4 by Stuart_Naylor
Nextcloud-Version 11.0.3
Collaboraplugin-Version 1.1.25
[details=collabora-domain/hosting/discovery]Proxy Error
The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET /hosting/discovery.
Reason: Error reading from remote server[/details]
[details=Docker logs]
wsd-00024-00024 13:07:49.933921 [ loolwsd ] FTL Failed to fork child processes.| wsd/LOOLWSD.cpp:2405
Failed to fork child processes.
wsd-00024-00024 13:07:49.934167 [ loolwsd ] FTL Failed to fork child processes.| wsd/LOOLWSD.cpp:2551
Failed to fork child processes.
wsd-00024-00024 13:07:49.934310 [ loolwsd ] WRN Waking up dead poll thread [admin], started: false, finished: false| ./net/Socket.hpp:445
wsd-00024-00024 13:07:49.934331 [ loolwsd ] WRN Waking up dead poll thread [admin], started: false, finished: false| ./net/Socket.hpp:445
-00024 13:07:49.934598 [ loolwsd ] WRN Waking up dead poll thread [accept_poll], started: false, finished: false| ./net/Socket.hpp:445
-00024 13:07:49.934609 [ loolwsd ] WRN Waking up dead poll thread [accept_poll], started: false, finished: false| ./net/Socket.hpp:445
-00024 13:07:49.934614 [ loolwsd ] WRN Waking up dead poll thread [websrv_poll], started: false, finished: false| ./net/Socket.hpp:445
-00024 13:07:49.934620 [ loolwsd ] WRN Waking up dead poll thread [websrv_poll], started: false, finished: false| ./net/Socket.hpp:445
-00024 13:07:49.934625 [ loolwsd ] WRN Waking up dead poll thread [accept_poll], started: false, finished: false| ./net/Socket.hpp:445
-00024 13:07:49.934629 [ loolwsd ] WRN Waking up dead poll thread [accept_poll], started: false, finished: false| ./net/Socket.hpp:445
-00024 13:07:49.934741 [ loolwsd ] WRN Waking up dead poll thread [websrv_poll], started: false, finished: false| ./net/Socket.hpp:445
-00024 13:07:49.934754 [ loolwsd ] WRN Waking up dead poll thread [websrv_poll], started: false, finished: false| ./net/Socket.hpp:445
Generating RSA private key, 2048 bit long modulus
…+++
…+++
e is 65537 (0x10001)
Generating RSA private key, 2048 bit long modulus
…+++
…+++
e is 65537 (0x10001)
Signature ok
subject=/C=DE/ST=BW/L=Stuttgart/O=Dummy Authority/CN=localhost
Getting CA Private Key
loolforkit version details: 2.1.0 - b2e736a3
frk-00027-00027 13:07:50.676559 [ forkit ] FTL Capability cap_sys_chroot is not set for the loolforkit program.| kit/ForKit.cpp:151
frk-00027-00027 13:07:50.676614 [ forkit ] FTL Capability cap_mknod is not set for the loolforkit program.| kit/ForKit.cpp:151
frk-00027-00027 13:07:50.676643 [ forkit ] FTL Capability cap_fowner is not set for the loolforkit program.| kit/ForKit.cpp:151[/details]
[details=docker ps] CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e0b2a28dbcb2 collabora/code “/bin/sh -c 'bash …” 3 hours ago Up 5 seconds 127.0.0.1:9980->9980/tcp flamboyant_hugle[/details]
It seems that the uptime is getting reset after about 60 seconds
[details=docker info]
Containers: 3
Running: 1
Paused: 0
Stopped: 2
Images: 2
Server Version: 17.03.1-ce
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 15
Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 4ab9917febca54791c5f071a9d1f404867857fcc
runc version: 54296cf40ad8143b62dbcaa1d90e520a2136ddfe
init version: 949e6fa
Security Options:
apparmor
seccomp
Profile: default
Kernel Version: 4.4.0-21-generic
Operating System: Ubuntu 16.04.2 LTS
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 1.945 GiB
Name: domain.com
ID: JKTK:32GY:RAWM:VS6F:DNUP:YT6G:QPPK:EVUW:YQOM:32SD:HP2K:I53H
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: No swap limit support
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false[/details]
docker run -t -d -p 127.0.0.1:9980:9980 -e ‘domain=cloud\.domain\.com’ --restart always --cap-add MKNOD collabora/code
15975be00162d14aa50a19500d319846db71c068a6e0b62817073a7b8eb87066
[details=uname -a]Linux domain.com 4.4.0-21-generic #37-Ubuntu SMP Mon Apr 18 18:33:37 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux[/details]
collabora.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ServerName office.domain.com:443
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# A self-signed (snakeoil) certificate can be created by installing
# the ssl-cert package. See
# /usr/share/doc/apache2/README.Debian.gz for more info.
# If both key and certificate are stored in the same file, only the
# SSLCertificateFile directive is needed.
SSLCertificateFile /etc/letsencrypt/live/office.domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/office.domain.com/privkey.pem
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
#CONFIGURATION COLLABORA PROXY
# Encoded slashes need to be allowed
AllowEncodedSlashes NoDecode
# Container uses a unique non-signed certificate
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
# keep the host
ProxyPreserveHost On
# static html, js, images, etc. served from loolwsd
# loleaflet is the client part of LibreOffice Online
ProxyPass /loleaflet https://127.0.0.1:9980/loleaflet retry=0
ProxyPassReverse /loleaflet https://127.0.0.1:9980/loleaflet
# WOPI discovery URL
ProxyPass /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
ProxyPassReverse /hosting/discovery https://127.0.0.1:9980/hosting/discovery
# Main websocket
ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws nocanon
# Admin Console websocket
ProxyPass /lool/adminws wss://127.0.0.1:9980/lool/adminws
# Download as, Fullscreen presentation and Image upload operations
ProxyPass /lool https://127.0.0.1:9980/lool
ProxyPassReverse /lool https://127.0.0.1:9980/lool
ServerAlias office.domain.com
</VirtualHost>
</IfModule>
vim: syntax=apache ts=4 sw=4 sts=4 sr noet
I have installed everything today. However, I just get the permission denied page. Do you have any ideas how to fix this?