Nextcloud and Collabora (NGINX)


Following this guide, you will gain your Collabora Online Office within your Nextcloud, based on your existing NGINX Webserver (reverse proxy or default configuration). You don’t have to configure a second domain, just use your existing one e.g. your.dedyn.io and ammend your current configuration.

Prerequirement: NGINX ≥ 1.13.14 on Ubuntu 16.04.04 LTS or Ubuntu 18.04 LTS on an AMD64 infrastructure (not ARM64)

You just have to substitute and paste the red ones to your requirements.


Last Updates:
May, 17th 2018:
~ added the logon username and password to the docker command
~ added the admin url and screenshots


Let’s start with the preparation of the docker environment:

apt remove docker docker-engine docker.io
apt install apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
UBUNTU 16.04.4 LTS:
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
UBUNTU 18.04 LTS:
sed -i '$adeb https://download.docker.com/linux/ubuntu artful stable' /etc/apt/sources.list
apt update && apt install docker-ce

Please ensure, docker is running properly:

docker run hello-world

Your result should look similar to mine:

Now start downloading and install collaboras docker:

docker pull collabora/code

Wait for about 500 MB of downloaded binaries and modify your NGINX configuration properly.

Assuming your Nextcloud is running at https://your.dedyn.io

Add the following block to your Webserver configuration:


NGINX acting as reverse proxy:

vi /etc/nginx/conf.d/gateway.conf

server {
listen 80 default_server;
server_name YOUR.DEDYN.IO;
location ^~ /.well-known/acme-challenge {
proxy_pass http://127.0.0.1:81;
proxy_set_header Host $host;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl http2 default_server;
server_name YOUR.DEDYN.IO;
include /etc/nginx/ssl.conf;
include /etc/nginx/header.conf;
### Start Collabora Online ###
location ^~ /loleaflet {
proxy_pass https://localhost:9980;
proxy_set_header Host $http_host;
}
location ^~ /hosting/discovery {
proxy_pass https://localhost:9980;
proxy_set_header Host $http_host;
}
location ^~ /lool {
proxy_pass https://localhost:9980;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
### End Collabora Online ###
location ^~ / {
client_max_body_size 10G;
proxy_connect_timeout 3600;
proxy_send_timeout 3600;
proxy_read_timeout 3600;
send_timeout 3600;
proxy_buffering on;
proxy_max_temp_file_size 10240m;
proxy_request_buffering on;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:82;
proxy_redirect off;
}
}

NGINX acting as default/non reverse proxy server

vi /etc/nginx/conf.d/nextcloud.conf

server {
server_name YOUR.DEDYN.IO;
listen 80 default_server;
location ^~ /.well-known/acme-challenge {
proxy_pass http://127.0.0.1:81;
proxy_set_header Host $host;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
server_name YOUR.DEDYN.IO;
listen 443 ssl http2 default_server;
root /var/www/nextcloud/;
access_log /var/log/nginx/nextcloud.access.log main;
error_log /var/log/nginx/nextcloud.error.log warn;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
client_max_body_size 10240M;
### Start Collabora Online ###
location ^~ /loleaflet {
proxy_pass https://localhost:9980;
proxy_set_header Host $http_host;
}
location ^~ /hosting/discovery {
proxy_pass https://localhost:9980;
proxy_set_header Host $http_host;
}
location ^~ /lool {
proxy_pass https://localhost:9980;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
### End Collabora Online ###
location / {
rewrite ^ /index.php$uri;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ \.(?:flv|mp4|mov|m4a)$ {
mp4;
mp4_buffer_size 100m;
mp4_max_buffer_size 1024m;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
include php_optimization.conf;
fastcgi_pass php-handler;
fastcgi_param HTTPS on;
}
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
include php_optimization.conf;
fastcgi_pass php-handler;
fastcgi_param HTTPS on;
}
location ~ ^/(?:updater|ocs-provider)(?:$|/) {
try_files $uri/ =404;
index index.php;
}
location ~ \.(?:css|js|woff|svg|gif|png|html|ttf|ico|jpg|jpeg)$ {
try_files $uri /index.php$uri$is_args$args;
access_log off;
expires 360d;
}
}

Restart your Webserver by issuing

service nginx restart

and start the docker image by issuing

docker run -t -d -p 127.0.0.1:9980:9980 -e "domain=your\\.dedyn\\.io" -e "username=UserName" -e "password=Your-Secret" --restart always --cap-add MKNOD collabora/code

Logon to your Nextcloud as your administrator and enable the Collabora Online app.

Switch to the Settings and fill in your Nextcloud domain (https://your.dedyn.io) as shown examplarily:

From now, you can create and edit office documents directly in your Nextcloud instance.

If you are interested in information regarding the usage of your Collabora you may find the admin console at

https://your.dedyn.io/loleaflet/dist/admin/admin.html

using your choosen “UserName” and  password “Your-Secret” from the docker command to logon:

Enjoy your documents in your secured and hardened Nextcloud-Server!


Carsten Rieger


Usefull docker-things:

Status of docker container:

docker ps
docker image list

Issuing updates for Collabora Office:

docker ps
docker stop <id from "docker ps">
docker pull collabora/code
docker rm <id from "docker ps">
docker run -t -d -p 127.0.0.1:9980:9980 -e "domain=your\\.dedyn\\.io" --restart always --cap-add MKNOD collabora/code
service nginx restart

Amount of used docker space:

docker system df

Reclaim space:

docker system prune

This will remove:
– all stopped containers
– all networks not used by at least one container
– all dangling images
– all build cache


6 Responses

  1. robbie says:

    Carsten, if you’ve some time, please can you make a tutorial for nextcloud and ONLYOFFICE with docker? 🙂

  2. Thomas Müller says:

    Hallo Carsten,

    ich bin schon einigen Deiner Anleitungen gefolgt und bin mit allen höchst zufrieden, dafür viele Dank.

    Vielleicht hast Du auch einen Tip mit Collabora Office unter Nutzung von Safari auf Mac. Hier kann ich keinen Text im Textdokument eingeben oder sehe den momentanen Bearbeiter. Ein Spreadsheet ist im Safari ohne Probleme editierbar. Ein wechsel auf Safari zeigt, dass es am Browser liegen könnte, da Firefox eine Eingabe ermöglicht.

    Vielleicht ist Dir da eine Lösung oder Debugmöglichkeit bekannt?

    Danke und Grüße
    Thomas

  3. Franko says:

    Hallo Carsten

    Super Anleitung! Habe aber glaub ich einen Fehler gefunden also wenn ich unter Collabora Online https://your.dedyn.io geht es bei mir nicht nur mit / am Ende also so -> https://your.dedyn.io/

Leave a Reply

Your email address will not be published. Required fields are marked *