[Update 2] Centos 7 : Install Collabora Online Development Edition (CODE) 4.0 with domain Nextcloud -> No docker


#1

nano /etc/nginx/conf.d/domainenextcloud.conf

ADD :

##########Collabora Online##########

#static files
location ^~ /loleaflet {
    proxy_pass https://127.0.0.1:9980;
    proxy_set_header Host $http_host;
}

#WOPI discovery URL
location ^~ /hosting/discovery {
    proxy_pass https://127.0.0.1:9980;
    proxy_set_header Host $http_host;
}

#main websocket
location ~ ^/lool/(.*)/ws$ {
proxy_pass https://127.0.0.1:9980;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection “Upgrade”;
proxy_set_header Host $http_host;
proxy_read_timeout 36000s;
}

#download, presentation and image upload
location ~ ^/lool {
proxy_pass https://127.0.0.1:9980;
proxy_set_header Host $http_host;
}

#Admin Console websocket
location ^~ /lool/adminws {
proxy_pass https://127.0.0.1:9980;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection “Upgrade”;
proxy_set_header Host $http_host;
proxy_read_timeout 36000s;
}

##NEW CODE4
#Capabilities
location ^~ /hosting/capabilities {
proxy_pass https://localhost:9980;
proxy_set_header Host $http_host;
}
}

#https://github.com/CollaboraOnline/Docker-CODE/blob/master/scripts/start-libreoffice.sh
#https://github.com/CollaboraOnline/Docker-CODE/blob/master/scripts/install-libreoffice.sh
#https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-centos7/

#import the signing key
wget https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-centos7/repodata/repomd.xml.key && rpm --import repomd.xml.key
#add the repository URL to yum
yum-config-manager --add-repo https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-centos7

yum install loolwsd CODE-brand collaboraofficebasis6.0* collaboraoffice6.0-dict*

#Update CODE3.4.2/Collabora5.3 to CODE4.0/Collabora6.0
yum update loolwsd CODE-brand collabora*

##Création certificat en 127.0.0.1
mkdir /var/certs/collabora
cd /var/certs/collabora/

openssl genrsa -out privatekey.pem 4096
openssl req -new -x509 -sha512 -days 3650 -key privatekey.pem -out fullchain.pem

##Modification fichier host pour trafic en local.

#Rajouter votre domaine nextcloud
nano /etc/hosts

#Fix Lool resolv.conf
rm /opt/lool/systemplate/etc/resolv.conf
ln -s /etc/resolv.conf /opt/lool/systemplate/etc/resolv.conf

##Modification fichier conf de loolwsd
cd /etc/loolwsd
nano loolwsd.xml

#Server

	<server_name default="" desc="Hostname:port of the server running loolwsd. If empty, it's derived from the request." type="string">nomdomaine</server_name>

#LOG

    <level default="warning" desc="Can be 0-8, or none (turns off logging), fatal, critical, error, warning, notice, information, debug, trace" type="string">error</level>
<file enable="true">

#WOPI
ADD

<wopi allow="true" desc="Allow/deny wopi storage. Mutually exclusive with webdav.">
    <host allow="true" desc="Regex pattern of hostname to allow or deny.">nomdomaine</host>

#NETWORK

<proto default="all" desc="Protocol to use IPv4, IPv6 or all for both" type="string">IPv4</proto>
<listen default="any" desc="Listen address that loolwsd binds to. Can be 'any' or 'loopback'." type="string">loopback</listen>

#Certificat SSL

    <cert_file_path desc="Path to the cert file" relative="false">/var/certs/collabora/fullchain.pem</cert_file_path>
    <key_file_path desc="Path to the key file" relative="false">/var/certs/collabora/privatekey.pem</key_file_path>
    <ca_file_path desc="Path to the ca file" relative="false"></ca_file_path>
    <cipher_list desc="List of OpenSSL ciphers to accept" default=""ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"">EECDH+AESGCM:EECDH+CHACHA20:EECDH+AES256:AES256+EDH:!aNULL:!SHA</cipher_list>

#Pour accéder a la console d’admin (Fin du fichier) :

perl -pi -e “s/<username (.)>.</username>/<username \1>Admin</username>/” /etc/loolwsd/loolwsd.xml

#Créer MDP secure

loolconfig set-admin-password

#Ajout Dictionnaire FR/EN

perl -pi -e “s/<allowed_languages (.)>.</allowed_languages>/<allowed_languages \1>de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru</allowed_languages>/” /etc/loolwsd/loolwsd.xml

#Activation fichier LOG

touch /var/log/loolwsd.log
chown lool /var/log/loolwsd.log

#Service :

nano /usr/lib/systemd/system/loolwsd.service

#For 5.3
ExecStart=/usr/bin/loolwsd --version --o:sys_template_path=/opt/lool/systemplate --o:lo_template_path=/opt/collaboraoffice5.3 --o:child_root_path=/opt/lool/child-roots --o:file_server_root_path=/usr/share/loolwsd

#For 6.0 (CODE 4)
ExecStart=/usr/bin/loolwsd --version --o:sys_template_path=/opt/lool/systemplate --o:lo_template_path=/opt/collaboraoffice6.0 --o:child_root_path=/opt/lool/child-roots --o:file_server_root_path=/usr/share/loolwsd

semanage port --add --type http_port_t --proto tcp 9980
semanage port --add --type http_port_t --proto tcp 9981

##Integration Nextcloud

  • Activer l’application “Collabora Online”
  • Administration/Collabora Online : “Mettre le domaine de votre serveur nextcloud (ex: https://domainenextcloud.com/)”

Access console admin Collabora : https://domainenextcloud.com/loleaflet/dist/admin/admin.html

systemctl enable loolwsd
systemctl restart loolwsd

Erreur :

WOPI HOST Error -> Delete “add_header Content-Security-Policy”


Installing Collabora on nextcloud without docker on centos 7 behind apache
Loolwsd.xml - cipher suite