This is my first post, so, if I do something wrong, I would be happy to know it.
Iām glad to have a fresh Nextcloud Up and running since 2 days !!!
BUT I have an issue with Collaboraā¦
When I try to connect Nextcloud to Collabora with https://office.mydomain.com, this is NOT WORKING, the only error have got is a TIMEOUT, nothing happen on the docker.
I added my IP adress in my proxy configuration and when I try to connect Nextcloud at Collabora with https://MY.EXTERNAL.IP.ADRESS, this is WORKING !
So I can lunch Collabora, but, obviously I have an issue with the certificate. I know a workaround for that, so I can use IT !
This is nice, after around 10 hours of trial and failure, now I would like to understand :
Why this is working with my external IP and not with my domain name ???
I would like to not have to use any workaround and have optimal functioningā¦
# SSL configuration
SSLEngine on
SSLCertificateFile /etc/letsencrypt/cert.pem
SSLCertificateChainFile /etc/letsencrypt/chain.pem
SSLCertificateKeyFile /etc/letsencrypt/privkey.pem
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-$
SSLHonorCipherOrder on
# Encoded slashes need to be allowed
AllowEncodedSlashes NoDecode
# Container uses a unique non-signed certificate
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
# keep the host
ProxyPreserveHost On
# static html, js, images, etc. served from loolwsd
# loleaflet is the client part of LibreOffice Online
ProxyPass /loleaflet https://127.0.0.1:9980/loleaflet retry=0
ProxyPassReverse /loleaflet https://127.0.0.1:9980/loleaflet
# WOPI discovery URL
ProxyPass /hosting/discovery https://127.0.0.1:9980/hosting/discovery$
ProxyPassReverse /hosting/discovery https://127.0.0.1:9980/hosting/discovery
# Main websocket
ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1/lool/$1/ws nocanon
# Admin Console websocket
ProxyPass /lool/adminws wss://127.0.0.1:9980/lool/adminws
# Download as, Fullscreen presentation and Image upload operations
ProxyPass /lool https://127.0.0.1:9980/lool
ProxyPassReverse /lool https://127.0.0.1:9980/lool
# Endpoint with information about availability of various features
ProxyPass /hosting/capabilities https://127.0.0.1:9980/hosting/capabi$
ProxyPassReverse /hosting/capabilities https://127.0.0.1:9980/hosting/capabi$
</VirtualHost>
How I run my docker sudo docker run -t -d -p 127.0.0.1:9980:9980 -e 'domain=cloud\\.MYDOMAIN\\.COM|MY\\.EXTERNAL\\.IP\\.ADRESS' --restart always --cap-add MKNOD collabora/code
For accessing via external IP, in many setups this wonāt work at all because most routers wonāt do hairpin routing (which is a silly thing anyway). What you need to do here is set up split-horizon DNS with that DNS on your LAN will resolve to LAN IPs instead of the external IP.
One other suggestion, you might consider setting up a reverse proxy vhost for Collabora so you can easily get a Letās Encrypt cert.
I know it should not have two ServerName, but this is the only way itās working for now with the external ip.
I donāt think I have a DNS problem because I can connect to Collabora server with the domain name with curl (in local) and with the navigator of my computer or my mobile.
I only have a TimeOut with Nextcloud when I use the domain name of Collabora, and i have a Letās Encrypt cert for it
More to the point, you shouldnāt have a ServerName that contains an IP. The vhost ServerName doesnāt affect Apacheās listening IPs. You should remove this before you continue troubleshooting.
If you run nslookup office.mydomain.com
do you get the local or external IP?
Do you know how to shell into the nextcloud container?
I believe the command
docker exec -u root -it /bin/bash
I donāt know what the nextcloud container uses as its base image (ubuntu/debian), but youāll probably once inside need to do an:
apt update
apt install iputils-ping
This will install ping into the container.
Once you have ping, try to ping collabora either by container name:
ping collabora
if that doesnāt work you might have to then install dig or nslookup or similar package and then try to discover why nextcloud container can not see collabora.
Oh and I just read KarlF12 comment - his comment is spot on. You either need a split dns, a dns host override at the router level, or an entry in the /etc/hosts file that will resolve office.mydoimain.com to a local IP address.
I was looking to install Bind9 on my server but I told myself that it was a big enterprise when finally the objective was simply to tell the server office.mydomain.com = 127.0.0.1.
So I wondered if adding ā127.0.0.1 office.mydomain.comā to /etc/hosts would be enough ā¦
Iām glad its working for you ā I wouldnāt have thought that would have worked but I was sure it was a Domain Name resolution issue. Just curious ā what kind of router are you running?