Okay switched to apache on linode end and my local server end.
2 Likes
If anyone can help me?
I am trying to enable colabora online.
This is the tutorial i aim to follow. Do I use this reverse proxy on linode end or local? or both?
1 Like
Its highly depends on your setup in mine both are used independent of docker and podman but in order to use the internal you need to have split dns setup right so you arenât fucking over external requests
The simplest route is just the external but this has the caveat that all internal traffic is looping out then in again
Collabora is a bitch to setup. I got it working⌠Barely. I canât provide support on it because I dont really understand it confidently enough
Most of the stuff after my basic networking I did on my own without help. I only had help with the initial firewall stuff with novasty. Its a tough deal but thats mostly how home labs are due to the nature of custom setups. Wish I could provide more. Most of the tutorials out there are a decent get your feet wet start
FYI on large documents it becomes a pretty big resource hog and that only gets much much worse with more users. Hope you know what you are getting yourself into because its cool on paper and shitty in implementation
1 Like
@Dynamic_Gravity
What do you suggest?
I want collabora. i have apache with nextcloud installed (local server to me) and apache reverse proxy (linode) to front end my nextcloud instance to the world.
I am not using docker, I am running next cloud and collabora server inside a vm.
I have followed the guide
and have found that it does not work. How do i get collabora to connect to the linode side of things?
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName collab.argone.com
ServerAlias www.collab.aegmine.com
Include /etc/letsencrypt/options-ssl-apache.conf
# Encoded slashes need to be allowed
AllowEncodedSlashes NoDecode
# Container uses a unique non-signed certificate
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
# keep the host
ProxyPreserveHost On
# static html, js, images, etc. served from loolwsd
# loleaflet is the client part of LibreOffice Online
ProxyPass /loleaflet https://10.0.0.2:9980/loleaflet retry=0
ProxyPassReverse /loleaflet https://10.0.0.2:9980/loleaflet
# WOPI discovery URL
ProxyPass /hosting/discovery https://10.0.0.2:9980/hosting/discovery retry=0
ProxyPassReverse /hosting/discovery https://10.0.0.2:9980/hosting/discovery
# Main websocket
ProxyPassMatch "/lool/(.*)/ws$" wss://10.0.0.2:9980/lool/$1/ws nocanon
# Admin Console websocket
ProxyPass /lool/adminws wss://10.0.0.2:9980/lool/adminws
# Download as, Fullscreen presentation and Image upload operations
ProxyPass /lool https://127.0.0.1:9980/lool
ProxyPassReverse /lool https://10.0.0.2:9980/lool
SSLCertificateFile /etc/letsencrypt/live/collab.aegmine.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/collab.aegmine.com/privkey.pem
</VirtualHost>
</IfModule>
is my apache reverse proxy i have tried doing collabora.
To be frank my nextcloud works to linode, it is collabora i have been working on for the last day.
I dont quite understand whats stopping you from doing the work yourself exactly? Im looking at the tutorial and not only has it gotten better since Ive done it⌠they have made it very straight forward?
########################################
# Reverse proxy for Collabora Online
#
########################################
AllowEncodedSlashes NoDecode
ProxyPreserveHost On
# static html, js, images, etc. served from coolwsd
# browser is the client part of Collabora Online
ProxyPass /browser http://127.0.0.1:9980/browser retry=0
ProxyPassReverse /browser http://127.0.0.1:9980/browser
# WOPI discovery URL
ProxyPass /hosting/discovery http://127.0.0.1:9980/hosting/discovery retry=0
ProxyPassReverse /hosting/discovery http://127.0.0.1:9980/hosting/discovery
# Capabilities
ProxyPass /hosting/capabilities http://127.0.0.1:9980/hosting/capabilities retry=0
ProxyPassReverse /hosting/capabilities http://127.0.0.1:9980/hosting/capabilities
# Main websocket
ProxyPassMatch "/cool/(.*)/ws$" ws://127.0.0.1:9980/cool/$1/ws nocanon
# Admin Console websocket
ProxyPass /cool/adminws ws://127.0.0.1:9980/cool/adminws
# Download as, Fullscreen presentation and Image upload operations
ProxyPass /cool http://127.0.0.1:9980/cool
ProxyPassReverse /cool http://127.0.0.1:9980/cool
# Compatibility with integrations that use the /lool/convert-to endpoint
ProxyPass /lool http://127.0.0.1:9980/cool
ProxyPassReverse /lool http://127.0.0.1:9980/cool
Literally⌠nearly plug in play. You point the proxy pass to the IP and the port. Like they provide even the WOPI and discovery and stuff which I had to figure out by myself a long while back
Look at my
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName collab.argone.com
ServerAlias www.collab.aegmine.com
Include /etc/letsencrypt/options-ssl-apache.conf
# Encoded slashes need to be allowed
AllowEncodedSlashes NoDecode
# Container uses a unique non-signed certificate
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
# keep the host
ProxyPreserveHost On
# static html, js, images, etc. served from loolwsd
# loleaflet is the client part of LibreOffice Online
ProxyPass /loleaflet https://10.0.0.2:9980/loleaflet retry=0
ProxyPassReverse /loleaflet https://10.0.0.2:9980/loleaflet
# WOPI discovery URL
ProxyPass /hosting/discovery https://10.0.0.2:9980/hosting/discovery retry=0
ProxyPassReverse /hosting/discovery https://10.0.0.2:9980/hosting/discovery
# Main websocket
ProxyPassMatch "/lool/(.*)/ws$" wss://10.0.0.2:9980/lool/$1/ws nocanon
# Admin Console websocket
ProxyPass /lool/adminws wss://10.0.0.2:9980/lool/adminws
# Download as, Fullscreen presentation and Image upload operations
ProxyPass /lool https://127.0.0.1:9980/lool
ProxyPassReverse /lool https://10.0.0.2:9980/lool
SSLCertificateFile /etc/letsencrypt/live/collab.aegmine.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/collab.aegmine.com/privkey.pem
</VirtualHost>
</IfModule>
i replaced the proxypass ip with my wireguard vpn instance. I cant get it to work. This is on linode end.
Okay and how are you hosting it on the VM end because collabora Docker and podman containers âper their manualâ say they have a web server inside of them and its there for a requisite
I am hosting it bare vm, no docker. it works on lan if i do 192.168.96.3:9980 in nextcloud (but only on lan)
vm (nextcloud and collabora server) +wireguard = >> wireguard + linode apache reverse proxy.
my aim is to get
https://collab.argone.com https://cloud.argone.com to play together. Like the collab server used is collab.argone.com.
that sounds like a collabora config issue
https://sdk.collaboraonline.com/docs/installation/Configuration.html#network-settings
start here⌠I think there might be a config where you allow it to respond to any
It describes where all these security and network settings would be configurable at. Subsequent menus also talk about security etc. Spend some time reading. if its not in there im gonna ask for a log dump and TCP dump of the WG interface to see if requests are coming through
and dont set it to both
They also have a symptoms based trouble shooting page
Check it out. Its impossible for us to just know off of a config that looks relatively normal
> Odroid HC4 has entered the chat
> Odroid HC4 has left the chat
Did PLL just RTFMâed Argone?
It doesnât even take TrueNAS to do that.
yes I honest to god did no troll sign needed.
Ive said this before to I think most of you. Understand how your program works before even running the command to install it. That is the way to do it otherwise your gonna go head strong into itâŚand end up overwhelmed after the first few copy pastas⌠Im trying to be honest here not rude
I dont mean just âI think I get itâ No I mean read the manual from Intro to trouble shooting⌠then start. Novasty forced me to do this the first two times and I actually thank him for it because all my questions were answered mostly on my own. When it got hard and even he didnt know is when I branched out and said alright guys we need some crowd help 
1 Like
I am starting to think it is wireguard, lan address for collabora is fine. And the reverse proxy does not seem to want to work. I will look into it further.
okay lets break this down. IS the collabora VM doing SSL termination inside when you navigate to the IP?
If not you misconfigured collabora per their documentation I was posting excerpts of above
If it is
Then look at wireguard. try to ping the IP from both sides⌠if you cant⌠its time to break this down slowly
If you can ping other network machines through it from the linode end then its local end and you need to consult the bridging firewall rules of your VM and the VMs internal firewall
Helpful elimination: The wireguard tunnel already functions for other services therefore it is working and is something else
Just to be clear, I know why reading the friendly manual is important and I understand why people tell others to do so. I never found RTFMâing to be hostile, but rather it being told out of a desire to help the individual asking, because understanding the issue at hand makes things easier for oneself.
To answer your DM question @Argone
yeah that means its working⌠the rest has to do with collabora internal configuration which is the âbitchâ part and it differs slightly in docker vs VM
some do so I wanted to qualify it that I wasnt trying to be an asshole
I gotta it you mutta fucka.
I switched back to nginx as my reverse proxy and it works. I donât know exactly what I did differently. But it works!
3 Likes
Nice. I still have dev sites running on Apache here, but when I get a chance Iâm going to start moving them over to nginx. Apacheâs got so much legacy baggage itâs often just not worth it especially for homelab.