Secure nextcloud and collabora

Jean-Paul · January 2, 2024, 6:49pm

Hello,

I’m running Nextcloud 28.0.1 on “nextcloud.domain.com” and Collabora 23.05.6.4 on “collabora.domain.com”. Both under docker. It is working well but I’d like to secure it.

I tried the env variable on collabora “domain=nextcloud.domain.com” and it doesn’t change anything (if I set domain to something else, I can still open my nextcloud document).

And for nextcloud, I tried to set “Allow list for WOPI requests” but it doesn’t retain the value (the entered value disappear)

I’ve also tried on a fresh install just to be sure, but same problem

How can I secure it so my collabora server will be used only with my nextcloud server and that my nextcloud data will not leak?

Thank you

Best

wwe · January 2, 2024, 9:07pm

Please use the search - lot of issues have been discussed already

It works for me. please review Docker persistent data

is completely outdated see more: Important changes regarding COOL/CODE docker versions from v21.11.3.6 on (multiple domains setup)

Jean-Paul · January 3, 2024, 5:45pm

Hello,

Thanks a lot for your help. I did search but I haven’t found the solution.

using “aliasgroup” solved my problem for collabora securing.

I still have trouble with “Allow list for WOPI requests”. On the fresh installed nextcloud instance I can set it but on my “old” instance that have been updated, it doesn’t work. (the ip adress automaticcaly disappear :()

Best

Jean-Paul · January 3, 2024, 7:28pm

It seems to be this issue: [Bug]: Unable to Enter IP in 'Allow List for WOPI Requests' in Nextcloud Admin Settings · Issue #3377 · nextcloud/richdocuments · GitHub

Jean-Paul · January 3, 2024, 8:02pm

Problem solved, using
docker exec -u 33 -it nextcloud ./occ config:app:set richdocuments wopi_allowlist --value=XXX.XXX.XXX.XXX

wwe · January 3, 2024, 8:52pm

for me it works using GUI as well, but great you found a way to fix the problem!