[Update 3] Centos 7 : Install Collabora Online Development Edition (CODE) 4.2 with domain Nextcloud -> No docker

nano /etc/nginx/conf.d/domainenextcloud.conf


##########Collabora Online##########

#static files
location ^~ /loleaflet {
    proxy_set_header Host $http_host;

#WOPI discovery URL
location ^~ /hosting/discovery {
    proxy_set_header Host $http_host;

#main websocket
location ~ ^/lool/(.*)/ws$ {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection “Upgrade”;
proxy_set_header Host $http_host;
proxy_read_timeout 36000s;

#download, presentation and image upload
location ~ ^/lool {
proxy_set_header Host $http_host;

#Admin Console websocket
location ^~ /lool/adminws {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection “Upgrade”;
proxy_set_header Host $http_host;
proxy_read_timeout 36000s;

location ^~ /hosting/capabilities {
proxy_pass https://localhost:9980;
proxy_set_header Host $http_host;


#import the signing key
wget https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-centos7/repodata/repomd.xml.key && rpm --import repomd.xml.key
#add the repository URL to yum
yum-config-manager --add-repo https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-centos7

yum install loolwsd CODE-brand collaboraofficebasis6.2* collaboraoffice6.2-dict*

#Update CODE3.4.2/Collabora5.3 to CODE4.2/Collabora6.2
yum update loolwsd CODE-brand collabora*

##Création certificat en
mkdir /var/certs/collabora
cd /var/certs/collabora/

openssl genrsa -out privatekey.pem 4096
openssl req -new -x509 -sha512 -days 3650 -key privatekey.pem -out fullchain.pem

##Modification fichier host pour trafic en local.

#Rajouter votre domaine nextcloud
nano /etc/hosts

#Fix Lool resolv.conf
rm /opt/lool/systemplate/etc/resolv.conf
ln -s /etc/resolv.conf /opt/lool/systemplate/etc/resolv.conf

##Modification fichier conf de loolwsd
cd /etc/loolwsd
nano loolwsd.xml


<server_name default="" desc="Hostname:port of the server running loolwsd. If empty, it's derived from the request." type="string">nomdomaine</server_name>


<protocol type="bool" descr="Enable minimal client-site JS protocol logging from the start">1</protocol>
<level default="warning" desc="Can be 0-8, or none (turns off logging), fatal, critical, error, warning, notice, information, debug, trace" type="string">error</level>
<file enable="true">
<property desc="Log file path." name="path">/var/log/loolwsd.log</property>
 <property desc="Log file rotation strategy. See Poco FileChannel." name="rotation">never</property>
 <property desc="Append either timestamp or number to the archived log filename." name="archive">timestamp</property>
<property desc="Enable/disable log file compression." name="compress">true</property>
<property desc="The maximum age of log files to preserve. See Poco FileChannel." name="purgeAge">10 days</property>
 <property desc="The maximum number of log archives to preserve. Use 'none' to disable purging. See Poco FileChannel." name="purgeCount">10</property>
<property desc="Enable/disable log file rotation on opening." name="rotateOnOpen">true</property>
<property desc="Enable/disable flushing after logging each line. May harm performance. Note that without flushing after each line, the log lines from the different processes will$</file>
<loleaflet_logging default="false" desc="Logging in the browser console">true</loleaflet_logging>


<wopi allow="true" desc="Allow/deny wopi storage. Mutually exclusive with webdav.">
    <host allow="true" desc="Regex pattern of hostname to allow or deny.">nomdomaine</host>


<proto default="all" desc="Protocol to use IPv4, IPv6 or all for both" type="string">IPv4</proto>
<listen default="any" desc="Listen address that loolwsd binds to. Can be 'any' or 'loopback'." type="string">loopback</listen>

#Certificat SSL

    <cert_file_path desc="Path to the cert file" relative="false">/var/certs/collabora/fullchain.pem</cert_file_path>
    <key_file_path desc="Path to the key file" relative="false">/var/certs/collabora/privatekey.pem</key_file_path>
    <ca_file_path desc="Path to the ca file" relative="false"></ca_file_path>
    <cipher_list desc="List of OpenSSL ciphers to accept" default=""ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"">EECDH+AESGCM:EECDH+CHACHA20:EECDH+AES256:AES256+EDH:!aNULL:!SHA</cipher_list>

#Pour accéder a la console d’admin (Fin du fichier) :

perl -pi -e “s/<username (.)>.</username>/<username \1>Admin</username>/” /etc/loolwsd/loolwsd.xml

#Créer MDP secure

loolconfig set-admin-password

#Ajout Dictionnaire FR/EN

perl -pi -e “s/<allowed_languages (.)>.</allowed_languages>/<allowed_languages \1>de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru</allowed_languages>/” /etc/loolwsd/loolwsd.xml

#Activation fichier LOG

touch /var/log/loolwsd.log
chown lool /var/log/loolwsd.log

#Service :

nano /usr/lib/systemd/system/loolwsd.service

#For 5.3
ExecStart=/usr/bin/loolwsd --version --o:sys_template_path=/opt/lool/systemplate --o:lo_template_path=/opt/collaboraoffice5.3 --o:child_root_path=/opt/lool/child-roots --o:file_server_root_path=/usr/share/loolwsd

#For 6.0 (CODE 4)
ExecStart=/usr/bin/loolwsd --version --o:sys_template_path=/opt/lool/systemplate --o:child_root_path=/opt/lool/child-roots --o:file_server_root_path=/usr/share/loolwsd

nano /etc/sysconfig/loolwsd

semanage port --add --type http_port_t --proto tcp 9980
semanage port --add --type http_port_t --proto tcp 9981

Fix permissions

chown -R lool:lool /opt/
chown -R lool:lool /etc/loolwsd

##Integration Nextcloud

  • Activer l’application “Collabora Online”
  • Administration/Collabora Online : “Mettre le domaine de votre serveur nextcloud (ex: https://domainenextcloud.com/)”

Access console admin Collabora : https://domainenextcloud.com/loleaflet/dist/admin/admin.html

systemctl enable loolwsd
systemctl restart loolwsd

Erreur :

WOPI HOST Error -> Delete “add_header Content-Security-Policy”

1 Like