[SOLVED] Fresh collabora install, unable to open documents (with local DNS server)

Hi everybody.

I just installed fresh Collabora docker image on Ubuntu 16.04 with Nextcloud 11.0.1.
I followed the official guide from https://nextcloud.com/collaboraonline/
I am running apache2 web server and Collabora online app 1.1.25.
I have two domains with SSL activated (let’sencrypt), nextcloud.xxxx.me for my nextcloud and office.xxxx.me for collabora.

Unfortunately I am unable to open any OpenOffice document from Nextcloud. Unable to connect to the document.
When I clic on a document in Nextcloud, Collabora screen is opening and stuck on a connection screen.
Docker logs :

wsd-00026-0029 19:55:18.132291 [ client_req_hdl ] WRN WOPI host did not pass optional access_token_ttl| wsd/FileServer.cpp:255
wsd-00026-0032 19:57:05.758690 [ client_ws_0019 ] ERR Error in client request handler: Timeout| wsd/LOOLWSD.cpp:1038
wsd-00026-0028 20:00:05.933386 [ client_ws_001a ] ERR Error in client request handler: Timeout| wsd/LOOLWSD.cpp:1038

I tried everything I can found on internet since 3 days but I still can’t have it working.
Please help, thanks.

Could you check you have aufs support.

grep aufs /proc/filesystems

Then could you share your office.xxx.me proxy config?
Thanks

Hi Ark74,

grep aufs /proc/filesystems :

nodev aufs

My office.conf :

> <VirtualHost *:443>
>   ServerName office.xxx.me:443

>   # SSL configuration, you may want to take the easy route instead and use Lets Encrypt!
>   SSLEngine on
>   SSLCertificateFile /etc/letsencrypt/live/xxx.me/cert.pem
>   SSLCertificateKeyFile /etc/letsencrypt/live/xxx.me/privkey.pem
>   SSLCertificateChainFile /etc/letsencrypt/live/xxx.me/chain.pem
>   SSLProtocol             all -SSLv2 -SSLv3
>   SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
>   SSLHonorCipherOrder     on

>   # Encoded slashes need to be allowed
>   AllowEncodedSlashes NoDecode

>   # Container uses a unique non-signed certificate
>   SSLProxyEngine On
>   SSLProxyVerify None
>   SSLProxyCheckPeerCN Off
>   SSLProxyCheckPeerName Off

>   # keep the host
>   ProxyPreserveHost On

>   # static html, js, images, etc. served from loolwsd
>   # loleaflet is the client part of LibreOffice Online
>   ProxyPass           /loleaflet https://127.0.0.1:9980/loleaflet retry=0
>   ProxyPassReverse    /loleaflet https://127.0.0.1:9980/loleaflet

>   # WOPI discovery URL
>   ProxyPass           /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
>   ProxyPassReverse    /hosting/discovery https://127.0.0.1:9980/hosting/discovery

>   # Main websocket
>   ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws nocanon

>   # Admin Console websocket
>   ProxyPass   /lool/adminws wss://127.0.0.1:9980/lool/adminws

>   # Download as, Fullscreen presentation and Image upload operations
>   ProxyPass           /lool https://127.0.0.1:9980/lool
>   ProxyPassReverse    /lool https://127.0.0.1:9980/lool
> </VirtualHost>

Thx for your help.

Mmm interesting.
That seems fine so far,

Could you share:
docker info & docker images

We can go from there.

Docker info

Running: 1
 Paused: 0
 Stopped: 0
Images: 1
Server Version: 1.12.3
Storage Driver: aufs
 Root Dir: /var/lib/docker/aufs
 Backing Filesystem: extfs
 Dirs: 10
 Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: host bridge null overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Security Options: apparmor seccomp
Kernel Version: 4.4.0-59-generic
Operating System: Ubuntu 16.04.1 LTS
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 3.751 GiB
Name: IntelNUC
ID: XOWD:F4VJ:PGFZ:ZLAX:P77W:P5HZ:VC35:HK2F:7PVN:CZOA:DLBB:JRTQ
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: No swap limit support
Insecure Registries:
 127.0.0.0/8

Docker images

REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
collabora/code      latest              e2e5f739c3f8        3 days ago          1.613 GB

I run image with

docker run -t -d -p 127.0.0.1:9980:9980 -e 'domain=nextcloud\.xxx\.me' --restart always --cap-add MKNOD collabora/code

I tried to run with double \ to escape the dot but it doesn’t work too.

To check the DNS/Certs entry.

nslookup subdomain.example.com

openssl s_client -connect subdomain.example.com:443

Check from clients, server and container.

Docker, wasn’t very keen at first but actually become to like it.

docker ps -a #list all containers.
docker stop [container-id] #stop container
docker rm [container-id] #delete container
docker images #list all images
docker rmi [image-id] #delete image
docker exec -i -t [container-id] /bin/sh #run shell inside container
docker logs [container-id] #view log
docker info #environment setup

It is \\. as that works.

I restarted docker image with double \ to escape domain point.
docker run -t -d -p 127.0.0.1:9980:9980 -e 'domain=cloud\\.nextcloud\\.com' --restart always --cap-add MKNOD collabora/code

nslookup :
Server: 127.0.0.1
Address: 127.0.0.1#53

Name:   office.xxx.me
Address: 192.168.1.50

I have a local DNS server (dnsmasq) for local domain, I tried to deactivate it or redirect office.xxx.me to localhost with no luck.

Well that might be it as docker copies the resolv.conf from the host but in my working install when I entered the container with.

docker exec -i -t [container-id] /bin/sh

and ran

nslookup subdomain.example.com

openssl s_client -connect subdomain.example.com:443

I realised the DNS server was the initial settings of the host.

docker run -t -d -p 127.0.0.1:9980:9980 -e ‘domain=nextcloud\.vote4u\.org\.uk’ --dns=192.168.1.2 --restart always --cap-add MKNOD collabora/code

to make the container aware of the DNSMasq DNS server

1 Like

Can’t run nslookup inside container, command not found.

Anyway, it works running docker with --dns=192.168.1.50 wich is local ip address of my server.
Thanks !

One more thing, I noticed a lot of defunct process running when docker image is running. Maybe you know if it is normal or not ?
ps -e :

PID TTY TIME CMD
1 ? 00:00:40 systemd
2 ? 00:00:00 kthreadd
3 ? 00:00:04 ksoftirqd/0
5 ? 00:00:00 kworker/0:0H
7 ? 00:01:20 rcu_sched
8 ? 00:00:00 rcu_bh
9 ? 00:00:00 migration/0
10 ? 00:00:00 watchdog/0
11 ? 00:00:00 watchdog/1
12 ? 00:00:00 migration/1
13 ? 00:00:05 ksoftirqd/1
15 ? 00:00:00 kworker/1:0H
16 ? 00:00:00 kdevtmpfs
17 ? 00:00:00 netns
18 ? 00:00:00 perf
19 ? 00:00:00 khungtaskd
20 ? 00:00:00 writeback
21 ? 00:00:00 ksmd
22 ? 00:00:02 khugepaged
23 ? 00:00:00 crypto
24 ? 00:00:00 kintegrityd
25 ? 00:00:00 bioset
26 ? 00:00:00 kblockd
28 ? 00:00:00 ata_sff
29 ? 00:00:00 md
30 ? 00:00:00 devfreq_wq
33 ? 00:00:03 kswapd0
34 ? 00:00:00 vmstat
35 ? 00:00:00 fsnotify_mark
36 ? 00:00:00 ecryptfs-kthrea
52 ? 00:00:00 kthrotld
53 ? 00:00:00 acpi_thermal_pm
54 ? 00:00:00 bioset
55 ? 00:00:00 bioset
56 ? 00:00:00 bioset
57 ? 00:00:00 bioset
58 ? 00:00:00 bioset
59 ? 00:00:00 bioset
60 ? 00:00:00 bioset
61 ? 00:00:00 bioset
62 ? 00:00:00 bioset
63 ? 00:00:00 bioset
64 ? 00:00:00 bioset
65 ? 00:00:00 bioset
66 ? 00:00:00 bioset
67 ? 00:00:00 bioset
68 ? 00:00:00 bioset
69 ? 00:00:00 bioset
70 ? 00:00:00 bioset
71 ? 00:00:00 bioset
72 ? 00:00:00 bioset
73 ? 00:00:00 bioset
74 ? 00:00:00 bioset
75 ? 00:00:00 bioset
76 ? 00:00:00 bioset
77 ? 00:00:00 bioset
82 ? 00:00:00 ipv6_addrconf
95 ? 00:00:00 deferwq
96 ? 00:00:00 charger_manager
134 ? 00:00:00 scsi_eh_0
135 ? 00:00:00 scsi_tmf_0
136 ? 00:00:00 kpsmoused
137 ? 00:00:00 scsi_eh_1
139 ? 00:00:00 scsi_tmf_1
143 ? 00:00:00 bioset
145 ? 00:00:00 scsi_eh_2
146 ? 00:00:00 scsi_tmf_2
147 ? 00:00:00 usb-storage
172 ? 00:00:00 kworker/0:1H
174 ? 00:00:02 jbd2/sda1-8
175 ? 00:00:00 ext4-rsv-conver
189 ? 00:00:00 bioset
206 ? 00:00:00 kauditd
220 ? 00:00:00 kworker/1:1H
229 ? 00:01:05 systemd-journal
257 ? 00:00:01 systemd-udevd
338 ? 00:00:00 rc0
356 ? 00:00:00 cfg80211
359 ? 00:00:00 irq/91-mei_txe
361 ? 00:00:00 kworker/u5:0
362 ? 00:00:00 hci0
363 ? 00:00:00 hci0
365 ? 00:00:00 kworker/u5:2
366 ? 00:00:00 irq/93-iwlwifi
388 ? 00:00:00 kvm-irqfd-clean
582 ? 00:00:50 mount.ntfs
612 ? 00:00:00 jbd2/sda3-8
613 ? 00:00:00 ext4-rsv-conver
675 ? 00:00:00 systemd-timesyn
828 ? 00:00:04 thermald
840 ? 00:00:12 rsyslogd
859 ? 00:00:00 snapd
871 ? 00:00:00 bluetoothd
874 ? 00:00:00 ModemManager
890 ? 00:00:00 avahi-daemon
898 ? 00:00:00 cron
903 ? 00:00:07 systemd-logind
912 ? 00:00:38 dbus-daemon
917 ? 00:00:03 kworker/1:2
992 ? 00:00:00 avahi-daemon
1008 ? 00:00:00 NetworkManager
1009 ? 00:00:00 whoopsie
1010 ? 00:00:00 cgmanager
1031 ? 00:00:00 acpid
1088 ? 00:00:00 polkitd
1091 ? 00:00:02 irqbalance
1167 ? 00:00:00 wpa_supplicant
1330 ? 00:00:40 dockerd
1332 ? 00:08:36 transmission-da
1339 ? 00:00:03 sshd
1388 ? 00:00:50 mysqld
1440 tty1 00:00:00 agetty
1471 ? 00:00:01 ddclient - conn
1518 ? 00:00:02 apache2
1542 ? 00:00:03 containerd
1565 ? 00:00:00 murmurd
1607 ? 00:00:00 nmbd
1637 ? 00:00:05 winbindd
1638 ? 00:00:03 smbd
1639 ? 00:00:00 winbindd
1640 ? 00:00:00 smbd
1643 ? 00:00:00 winbindd
1644 ? 00:00:00 winbindd
1646 ? 00:00:00 smbd
1821 ? 00:00:00 kworker/u4:0
2398 ? 00:02:52 flexget
2542 ? 00:00:00 upowerd
2631 ? 00:00:00 krfcommd
5029 ? 00:00:00 kworker/u4:2
5040 ? 00:00:02 kworker/1:5
6481 ? 00:00:02 apache2
6677 ? 00:00:00 dnsmasq
8456 ? 00:00:03 kworker/0:2
9234 ? 00:00:00 smbd
9421 ? 00:00:00 sshd
9429 ? 00:00:00 systemd
9430 ? 00:00:00 (sd-pam)
9531 ? 00:00:00 sshd
9532 pts/0 00:00:00 bash
9819 ? 00:00:00 kworker/u4:1
9836 ? 00:00:01 kworker/1:1
10081 ? 00:00:01 kworker/0:1
10149 ? 00:00:01 apache2
10150 ? 00:00:01 apache2
10151 ? 00:00:00 apache2
10152 ? 00:00:01 apache2
10199 ? 00:00:00 kworker/1:3
10303 ? 00:00:01 apache2
10506 ? 00:00:00 docker-proxy
10511 ? 00:00:00 containerd-shim
10526 pts/1 00:00:00 sh
10546 pts/1 00:00:00 bash
10564 pts/1 00:00:00 su
10565 ? 00:00:01 loolwsd
10573 ? 00:00:53 loolforkit
10695 ? 00:00:00 loolkit
10697 ? 00:00:00 loolkit
10698 ? 00:00:00 loolkit
10701 ? 00:00:00 loolkit
10702 ? 00:00:00 loolkit
10703 ? 00:00:00 loolkit
10704 ? 00:00:00 loolkit
10709 ? 00:00:01 loolkit
10714 ? 00:00:00 loolkit
10728 ? 00:00:00 lo_startmain
10729 ? 00:00:00 lo_startmain
10730 ? 00:00:00 lo_startmain
10741 ? 00:00:00 lo_startmain
10762 ? 00:00:00 lo_startmain
10763 ? 00:00:00 lo_startmain
10764 ? 00:00:00 lo_startmain
10765 ? 00:00:00 lo_startmain
10766 ? 00:00:00 lo_startmain
10993 ? 00:00:00 kworker/0:0
11055 ? 00:00:00 apache2
11057 ? 00:00:00 apache2
11058 ? 00:00:00 apache2
11125 ? 00:00:00 apache2
11154 ? 00:00:00 smbd
11200 ? 00:00:00 smbd
11201 ? 00:00:00 sshd
11202 ? 00:00:00 sshd
11203 pts/0 00:00:00 ps
28576 ? 00:00:00 cups-browsed
30181 ? 00:00:06 apache2

1 Like

I am a docker noob like you John, dunno.

Prob not getting full info of the internal container processes.

If you find commands not installed.

docker exec -i -t [container-id] /bin/sh

apt-get install dnsutils

If what you install is dbus free then you usually fine to install.

dnsutils can be installed no probs, think I also installed nano and that was ok to.

Rather than the container run command you could of edited /etc/hosts in the container.

Glad you got it going though.

OK no problem, thanks a lot for your help, both of you.

I will mark subject solved.
Here is the solution to run collabora with docker and a local DNS server.

Great.
DNS is an issue that can easily be left out the equation.

Cheers! :slight_smile:

I tried this but it didn’t work for me. Was this the final solution or am I missing something?

If your self hosting then the DNS will not be correct and for many yes.
If you have a webhost domain & dns then it will prob not be this.

You need to post more info on what your errors are as from outside & inside the docker containers.

It is sort of unrelated to the already resolved issue but whilst searching for a solution I stumbled upon this thread amongst others. If you are not hosting your own dns server and have dns issues behind a NAT you can use --add-host to edit the containers local /etc/hosts file.

I wrote a little article that might one day can help someone :slight_smile:
English:
https://blog.hackzenwerk.org/2019/08/23/integration-of-collabora-online-on-a-nextcloud-behind-nat-on-a-kvm-hypervisor/

German:
https://blog.hackzenwerk.org/2019/08/23/integration-von-collabora-online-auf-einer-nextcloud-hinter-nat-auf-kvm/

Cheers,
Ori