Unauthorized WOPI host - Collabora - No NAT Loopback

Hello
I have been trying to install Nextcloud v12 with Collabora in a Virtualbox VM. Nextcloud works perfectly but opening a document in Collabora fails.

System Enviroment

OS: Ubuntu 16.04 LTS
Nextcloud v12
Collabora
Installed from Nextcloud_install_production.sh (from Github)

Domains

The VM hosts both the cloud and office domains.

cloud.mydomain.co.nz office.mydomain.co.nz

The Error

This error pops up after about 30-45 seconds.

Unauthorized WOPI host. Please try again later and report to your administrator if the issue persists.

Troubleshooting

https://office.mydomain.co.nz/hosting/discovery - This link shows me the XML file successfully.

Network Setup

I am behind a router with no NAT loopback.

To get this to install with SSL certificates, I’ve set up my local hosts file.

`/etc/hosts

127.0.0.1 localhost
127.0.1.1 myserver-hostname
127.0.0.1 office.mydomain.co.nz
127.0.0.1 cloud.mydomain.co.nz
`

Docker

My docker command

docker run -t -d -p 127.0.0.1:9980:9980 -e 'domain=cloud\\.mydomain\\.co\\.nz' --restart always --cap-add MKNOD collabora/code

Docker logs:

wsd-00025-00034 10:44:29.949653 [ websrv_poll ] WRN WOPI host did not pass optional access_token_ttl| wsd/FileServer.cpp:317 wsd-00025-00063 10:45:30.606515 [ docbroker_008 ] ERR Cannot get file info from WOPI storage uri [https://cloud.mydomain.co.nz/apps/richdocuments/wopi/files/11_oc8jd9s0oegh?access_token=PSKdOxCJyfwoWcPE5yMgeshkzPoHVN2I&access_token_ttl=0&permission=edit]. Error: Timeout: connect timed out: 123.456.789.123:443| wsd/Storage.cpp:449 wsd-00025-00063 10:45:30.606577 [ docbroker_008 ] ERR Error while handling loading : Timeout| wsd/LOOLWSD.cpp:2113 wsd-00025-00063 10:45:30.606696 [ docbroker_008 ] WRN Attempted ping on non-upgraded websocket!| ./net/WebSocketHandler.hpp:285 wsd-00025-00063 10:45:30.606815 [ docbroker_008 ] WRN Attempted ping on non-upgraded websocket!| ./net/WebSocketHandler.hpp:285 wsd-00025-00063 10:45:30.606859 [ docbroker_008 ] WRN Child session [0012] not found to forward message: load url=https://cloud.mydomain.co.nz/apps/richdocuments/wopi/files/11_oc8jd9s0oegh?access_token=PSKdOxCJyfwoWcPE5yMgeshkzPoHVN2I&access_token_ttl=0&permission=edit readonly=0 lang=en| wsd/DocumentBroker.cpp:1272 wsd-00025-00063 10:45:30.613964 [ docbroker_008 ] ERR Socket #14 SSL BIO error: closed (0).| ./net/SslSocket.hpp:255 wsd-00025-00063 10:45:30.614042 [ docbroker_008 ] ERR Socket #14 SSL BIO error: error:140D00CF:SSL routines:SSL_write:protocol is shutdown (errno: Success)| ./net/SslSocket.hpp:273 wsd-00025-00063 10:45:30.614145 [ docbroker_008 ] WRN ToClient-0012: Exception while closing socket for docKey [cloud.mydomain.co.nz:443/apps/richdocuments/wopi/files/11_oc8jd9s0oegh]: error:140D00CF:SSL routines:SSL_write:protocol is shutdown| wsd/ClientSession.cpp:805 wsd-00025-00026 10:45:30.614366 [ prisoner_poll ] WRN Waking up dead poll thread [docbroker_008], started: true, finished: true| ./net/Socket.hpp:507 wsd-00025-00026 10:45:30.614386 [ prisoner_poll ] WRN Waking up dead poll thread [docbroker_008], started: true, finished: true| ./net/Socket.hpp:507 wsd-00025-00026 10:45:30.614456 [ prisoner_poll ] WRN Waking up dead poll thread [docbroker_008], started: false, finished: true| ./net/Socket.hpp:507 wsd-00025-00026 10:45:30.614494 [ prisoner_poll ] WRN Waking up dead poll thread [docbroker_008], started: false, finished: true| ./net/Socket.hpp:507

Docker Info

root@cloud:~# docker info Containers: 5 Running: 1 Paused: 0 Stopped: 4 Images: 1 Server Version: 17.03.1-ce Storage Driver: aufs Root Dir: /var/lib/docker/aufs Backing Filesystem: extfs Dirs: 18 Dirperm1 Supported: true Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: bridge host macvlan null overlay Swarm: inactive Runtimes: runc Default Runtime: runc Init Binary: docker-init containerd version: 4ab9917febca54791c5f071a9d1f404867857fcc runc version: 54296cf40ad8143b62dbcaa1d90e520a2136ddfe init version: 949e6fa Security Options: apparmor seccomp Profile: default Kernel Version: 4.4.0-78-generic Operating System: Ubuntu 16.04.2 LTS OSType: linux Architecture: x86_64 CPUs: 4 Total Memory: 1.953 GiB Name: cloud.mydomain.co.nz ID: Y64O:Q4B2:NDUM:TPZT:PMJT:KKKY:E3WS:GKE2:ZMRX:DUQ4:UUSZ:QX3J Docker Root Dir: /var/lib/docker Debug Mode (client): false Debug Mode (server): false Registry: https://index.docker.io/v1/ WARNING: No swap limit support Experimental: false Insecure Registries: 127.0.0.0/8 Live Restore Enabled: false

My observations

Two things that I see here are:

  1. WOPI host did not pass optional access_token_ttl| wsd/FileServer.cpp:317
  2. Error: Timeout: connect timed out: 123.456.789.123:443| wsd/Storage.cpp:449

The second error there tells me the VM is trying to connect to my WAN IP from inside the VM. But because I have no NAT loopback it cannot connect.

I assume I can rectify this by running a BIND DNS server. Only this is where my technical expertise stops me from poking around further.

Does anyone have any ideas for how I can make this work? Any ideas or direction is most appreciated.

TIA