Problem getting Collabora to work in Gentoo with Docker

#1

Hi I’m trying to install the Collabora office soute in my server with nextcloud.
My OS is Gentoo, I have installed Docker and it is up and running with the Collabora/Core image.

Lets start with Docker:

This is the ‘Docker ps’ output:

server / # docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS
ab035d1f5baa collabora/code “/bin/sh -c 'bash …” 2 hours ago Restarting (1) 18 seconds ago

PORT NAMES
hardcore_knuth

ifconfig gives me this docker port:

docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 0.0.0.0
ether 02:42:23:73:5b:d4 txqueuelen 0 (Ethernet)
RX packets 59 bytes 4472 (4.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1513 bytes 136166 (132.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

This is my docker.log output:

time=“2017-11-07T10:59:41.874152273+01:00” level=info msg="libcontainerd: new containerd process, pid: 30042"
time=“2017-11-07T10:59:42.880463048+01:00” level=info msg="Graph migration to content-addressability took 0.00 seconds"
time=“2017-11-07T10:59:42.881012995+01:00” level=info msg="Loading containers: start."
time=“2017-11-07T10:59:42.891729940+01:00” level=warning msg="Could not load necessary modules for IPSEC rules: Running modprobe xfrm_user failed with message: `
time=“2017-11-07T10:59:42.892973870+01:00” level=warning msg="Could not load necessary modules for Conntrack: Running modprobe nf_conntrack_netlink failed with m
time=“2017-11-07T10:59:42.916358099+01:00” level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be used
time=“2017-11-07T10:59:42.929037174+01:00” level=info msg="Loading containers: done."
time=“2017-11-07T10:59:42.932370216+01:00” level=info msg="Daemon has completed initialization"
time=“2017-11-07T10:59:42.932388914+01:00” level=info msg=“Docker daemon” commit=cec0b72 graphdriver=btrfs version=17.06.2-ce
time=“2017-11-07T10:59:42.938012556+01:00” level=info msg=“API listen on /var/run/docker.sock”

The container is started with this command

docker run -t -d -p 127.0.0.1:9980:9980 -e ‘domain=mydomain\.com’ --restart always --cap-add MKNOD collabora/code.

APACHE2 (v2.4.27)

I have added the proxy modules to apache:
proxy, proxy_http and proxy_wstunnel (ssl I had from before)
Let’s encrypt cert for mydomain.com and office.mydomin.com (Tested OK)

This is my modidifed v.host file from https://nextcloud.com/collaboraonline/

<VirtualHost *:443>
ServerName office.mydomain.com

    # SSL configuration

SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/mydomain.com/cert.pem
SSLCertificateChainFile /etc/letsencrypt/live/mydomin.com/chain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.com/privkey.pem
SSLProtocol ALL -SSLv2 -SSLv3
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECD-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SH
SSLHonorCipherOrder On

    # Encoded slashes need to be allowed

AllowEncodedSlashes NoDecode

    # Containers uses a unique non-signed certificate

SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off

    # keep the host

ProxyPreserveHost On

    # static html, js, images, etc. served from loolwsd
    # loleaflet is the client part of LibreOffice Online

ProxyPass /loleaflet hxxps://127.0.0.1:9980/loleaflet retry=0
ProxyPassReverse /loleaflet hxxps://127.0.0.1:9980/loleaflet

    # WOPI discovery URL

ProxyPass /hosting/discovery hxxps://127.0.0.1:9980/hosting/discovery retry=0
ProxyPassReverse /hosting/discovery hxxps://127.0.0.1:9980/hosting/discovery

    # Main websocket

ProxyPassMatch “/lool/(.*)/ws$” wss://127.0.0.1:9980/lool/$1/ws nocanon

    # Admin Console websocket

ProxyPass /lool/adminws wss://172.0.0.1:9980/lool/adminws

    # Download as, Fullscreen presentation and Image upload operations

ProxyPass /lool hxxps://127.0.0.1:9980/lool
ProxyPassReverse /lool hxxps://127.0.0.1:9980/lool

NEXTCLOUD

Next i added the collabora in my nextcloud and added hxxps://office.mydomain.com
An here the fun stops.
When I try to open a .odt file within nextcloud I just get this error message:

Internal Server Error

The server encountered an internal error and was unable to complete your request.

Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.

More details can be found in the server log.

Technical details

Remote Address: XX.166.XX.219
Request ID: SmHOzueDuA07G4tByxYx

In my nexcloud.log file i get this log entry:

…\ServerException",“Message”:“Server error response [url] https:\/\/office.mydomain.com\/hosting\/discovery [status code] 503 [reason phrase] Service Unavailable”,“Code”:503,\ and so on…

When I enter hxxps://office.mydomain.com in the browser I get this:

Forbidden

You don’t have permission to access / on this server.

I really could use some help on this.

Thanks.

PS: http written as hxxp was done to get this post published.

#2

Can you show us the apache error.log and access.log?

#3

This is the output from apache error-log:

v 07 14:04:01.783322 2017] [proxy:error] [pid 12774:tid 140478976550656] (111)Connection refused: AH00957: HTTPS: attempt to connect to 127.0.0.1:9980 (127.0.0.1) failed
v 07 14:04:01.783344 2017] [proxy_http:error] [pid 12774:tid 140478976550656] [client XX.166.XX.219:37426] AH01114: HTTP: failed to make connection to backend: 127.0.0.1

The access.log is emty :frowning_face:

Hmm that’s odd the apache 00_mod_log_config.conf file do contain
CustomLog /var/log/apache2/access_log common.