nano /etc/nginx/conf.d/domainenextcloud.conf
ADD :
##########Collabora Online##########
#static files location ^~ /loleaflet { proxy_pass https://127.0.0.1:9980; proxy_set_header Host $http_host; } #WOPI discovery URL location ^~ /hosting/discovery { proxy_pass https://127.0.0.1:9980; proxy_set_header Host $http_host; }#main websocket
location ~ ^/lool/(.*)/ws$ {
proxy_pass https://127.0.0.1:9980;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection “Upgrade”;
proxy_set_header Host $http_host;
proxy_read_timeout 36000s;
}#download, presentation and image upload
location ~ ^/lool {
proxy_pass https://127.0.0.1:9980;
proxy_set_header Host $http_host;
}#Admin Console websocket
location ^~ /lool/adminws {
proxy_pass https://127.0.0.1:9980;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection “Upgrade”;
proxy_set_header Host $http_host;
proxy_read_timeout 36000s;
}##NEW CODE4
#Capabilities
location ^~ /hosting/capabilities {
proxy_pass https://localhost:9980;
proxy_set_header Host $http_host;
}
}
#https://github.com/CollaboraOnline/Docker-CODE/blob/master/scripts/start-libreoffice.sh
#https://github.com/CollaboraOnline/Docker-CODE/blob/master/scripts/install-libreoffice.sh
#Index of /repos/CollaboraOnline/CODE-centos7
#import the signing key
wget https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-centos7/repodata/repomd.xml.key && rpm --import repomd.xml.key
#add the repository URL to yum
yum-config-manager --add-repo Index of /repos/CollaboraOnline/CODE-centos7
yum install loolwsd CODE-brand collaboraofficebasis6.2* collaboraoffice6.2-dict*
update CODE3.4.2/Collabora5.3 to CODE4.2/Collabora6.2
yum update loolwsd CODE-brand collabora*
##Création certificat en 127.0.0.1
mkdir /var/certs/collabora
cd /var/certs/collabora/
openssl genrsa -out privatekey.pem 4096
openssl req -new -x509 -sha512 -days 3650 -key privatekey.pem -out fullchain.pem
##Modification fichier host pour trafic en local.
#Rajouter votre domaine nextcloud
nano /etc/hosts
- 127.0.0.1 XXX XXX XXX domainenextcloud.com
#Fix Lool resolv.conf
rm /opt/lool/systemplate/etc/resolv.conf
ln -s /etc/resolv.conf /opt/lool/systemplate/etc/resolv.conf
##Modification fichier conf de loolwsd
cd /etc/loolwsd
nano loolwsd.xml
#Server
<server_name default="" desc="Hostname:port of the server running loolwsd. If empty, it's derived from the request." type="string">nomdomaine</server_name>
<protocol type="bool" descr="Enable minimal client-site JS protocol logging from the start">1</protocol>
<level default="warning" desc="Can be 0-8, or none (turns off logging), fatal, critical, error, warning, notice, information, debug, trace" type="string">error</level>
<file enable="true">
<property desc="Log file path." name="path">/var/log/loolwsd.log</property>
<property desc="Log file rotation strategy. See Poco FileChannel." name="rotation">never</property>
<property desc="Append either timestamp or number to the archived log filename." name="archive">timestamp</property>
<property desc="Enable/disable log file compression." name="compress">true</property>
<property desc="The maximum age of log files to preserve. See Poco FileChannel." name="purgeAge">10 days</property>
<property desc="The maximum number of log archives to preserve. Use 'none' to disable purging. See Poco FileChannel." name="purgeCount">10</property>
<property desc="Enable/disable log file rotation on opening." name="rotateOnOpen">true</property>
<property desc="Enable/disable flushing after logging each line. May harm performance. Note that without flushing after each line, the log lines from the different processes will$</file>
<loleaflet_logging default="false" desc="Logging in the browser console">true</loleaflet_logging>
<wopi allow="true" desc="Allow/deny wopi storage. Mutually exclusive with webdav.">
<host allow="true" desc="Regex pattern of hostname to allow or deny.">nomdomaine</host>
<proto default="all" desc="Protocol to use IPv4, IPv6 or all for both" type="string">IPv4</proto>
<listen default="any" desc="Listen address that loolwsd binds to. Can be 'any' or 'loopback'." type="string">loopback</listen>
#Certificat SSL
<cert_file_path desc="Path to the cert file" relative="false">/var/certs/collabora/fullchain.pem</cert_file_path>
<key_file_path desc="Path to the key file" relative="false">/var/certs/collabora/privatekey.pem</key_file_path>
<ca_file_path desc="Path to the ca file" relative="false"></ca_file_path>
<cipher_list desc="List of OpenSSL ciphers to accept" default=""ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"">EECDH+AESGCM:EECDH+CHACHA20:EECDH+AES256:AES256+EDH:!aNULL:!SHA</cipher_list>
#Pour accéder a la console d’admin (Fin du fichier) :
perl -pi -e “s/<username (.)>.</username>/<username \1>Admin</username>/” /etc/loolwsd/loolwsd.xml
#Créer MDP secure
loolconfig set-admin-password
#Ajout Dictionnaire FR/EN
perl -pi -e “s/<allowed_languages (.)>.</allowed_languages>/<allowed_languages \1>de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru</allowed_languages>/” /etc/loolwsd/loolwsd.xml
#Activation fichier LOG
touch /var/log/loolwsd.log
chown lool /var/log/loolwsd.log
#Service :
nano /usr/lib/systemd/system/loolwsd.service
#For 5.3
ExecStart=/usr/bin/loolwsd --version --o:sys_template_path=/opt/lool/systemplate --o:lo_template_path=/opt/collaboraoffice5.3 --o:child_root_path=/opt/lool/child-roots --o:file_server_root_path=/usr/share/loolwsd
#For 6.0 (CODE 4)
ExecStart=/usr/bin/loolwsd --version --o:sys_template_path=/opt/lool/systemplate --o:child_root_path=/opt/lool/child-roots --o:file_server_root_path=/usr/share/loolwsd
nano /etc/sysconfig/loolwsd
storage.ssl.cert_file_path=/var/certs/collabora
semanage port --add --type http_port_t --proto tcp 9980
semanage port --add --type http_port_t --proto tcp 9981
Fix permissions
chown -R lool:lool /opt/
chown -R lool:lool /etc/loolwsd
##Integration Nextcloud
- Activer l’application “Collabora Online”
- Administration/Collabora Online : “Mettre le domaine de votre serveur nextcloud (ex: https://domainenextcloud.com/)”
Access console admin Collabora : https://domainenextcloud.com/loleaflet/dist/admin/admin.html
systemctl enable loolwsd
systemctl restart loolwsd
Erreur :
WOPI HOST Error → Delete “add_header Content-Security-Policy”