[SOLVED] Collabora CODE from different reverseproxy


I have successfully setup CODE and NC12 and I can sucessfullly open my documents in NC12 within my network. CODE is running in a Docker container on a seperate host and has “it’s” reverse proxy configured.

However, I can’t seem to get CODE to work, when connectinc from outside my LAN through my “bastion” reverse proxy. That is, I do have a separate Apache on Debian Strech, where all the incoming HTTPS traffic gets natted to. This Apache then uses the reverse_proxy module to forard the requests to the appropriate node inside the network. This works well for any other service but not fpr CODE.

Whenever I am trying to open a document in NC12 via this proxy, I am getting these messages in the Apache log for this particular vhost:

==> /var/log/apache2/collabora_access <== - - [18/Sep/2017:13:33:37 +0200] “POST /loleaflet/277d2b8/loleaflet.html?WOPISrc=https%3A%2F%2Fcloud.foo.bar%2Fapps%2Frichdocuments%2Fwopi%2Ffiles%2F236473_oc1wwqjjzful&title=bewerbung%20KFZ.docx&lang=de&closebutton=1&revisionhistory=1 HTTP/1.1” 200 1549 - - [18/Sep/2017:13:33:37 +0200] “GET /lool/https%3A%2F%2Fcloud.foo.bar%2Fapps%2Frichdocuments%2Fwopi%2Ffiles%2F236473_oc1wwqjjzful%3Faccess_token%3DfA1UfJuuWbGgK8eotq598MB55oqlEtet%26access_token_ttl%3D0%26permission%3Dedit/ws HTTP/1.1” 500 624 - - [18/Sep/2017:13:33:38 +0200] “GET /lool/https%3A%2F%2Fcloud.foo.bar%2Fapps%2Frichdocuments%2Fwopi%2Ffiles%2F236473_oc1wwqjjzful%3Faccess_token%3DfA1UfJuuWbGgK8eotq598MB55oqlEtet%26access_token_ttl%3D0%26permission%3Dedit/ws HTTP/1.1” 500 624 - - [18/Sep/2017:13:33:48 +0200] “GET /lool/https%3A%2F%2Fcloud.foo.bar%2Fapps%2Frichdocuments%2Fwopi%2Ffiles%2F236473_oc1wwqjjzful%3Faccess_token%3DfA1UfJuuWbGgK8eotq598MB55oqlEtet%26access_token_ttl%3D0%26permission%3Dedit/ws HTTP/1.1” 500 624

Does anybody know, how this can be setup? I don’t want to run a general reverse proxy on my NC12 host.


Never mind… I solved my issue switching from Apache to haproxy.

would you be willing to shar eyour haproxy confgi? I cannot get mine working at all


basically, I do have this config on my haproxy:

frontend https-in
        bind *:443 ssl crt /etc/haproxy/certs

        use_backend onlineoffice if { ssl_fc_sni host.domain.com }
backend redirect_to_https
            redirect scheme https
backend onlyoffice
        server server <server IP>:443 ssl check

As for the certificates and keys, I do keep them all in one file - a nice feature of haproxy, sorting those out on it’s own.