Reverse proxy with collabora online docker

A

aquasp

New Member
#1
#1
Hi guys,

Thanks for creating openlitespeed and making it available for free, it's such a good product!

I have a NextCloud installation on a VPS that is working fine with openlitespeed.

However, I was trying to setup a collabora server, as seen here: https://www.linuxbabe.com/cloud-storage/integrate-collabora-online-server-nextcloud-ubuntu

To setup the server, we need to use reverse proxy.

This is the example for apache:


Code: 
<VirtualHost *:80>

  ServerName collabora.example.com

  Options -Indexes



  ErrorLog "/var/log/apache2/collabora_error"

  # Encoded slashes need to be allowed

  AllowEncodedSlashes NoDecode



  # keep the host

  ProxyPreserveHost On



  # static html, js, images, etc. served from loolwsd

  # loleaflet is the client part of Collabora Online

  ProxyPass           /loleaflet http://127.0.0.1:9980/loleaflet retry=0

  ProxyPassReverse    /loleaflet http://127.0.0.1:9980/loleaflet



  # WOPI discovery URL

  ProxyPass           /hosting/discovery http://127.0.0.1:9980/hosting/discovery retry=0

  ProxyPassReverse    /hosting/discovery http://127.0.0.1:9980/hosting/discovery



  # Capabilities

  ProxyPass           /hosting/capabilities http://127.0.0.1:9980/hosting/capabilities retry=0

  ProxyPassReverse    /hosting/capabilities http://127.0.0.1:9980/hosting/capabilities



  # Main websocket

  ProxyPassMatch "/lool/(.*)/ws$" ws://127.0.0.1:9980/lool/$1/ws nocanon



  # Admin Console websocket

  ProxyPass   /lool/adminws ws://127.0.0.1:9980/lool/adminws



  # Download as, Fullscreen presentation and Image upload operations

  ProxyPass           /lool http://127.0.0.1:9980/lool

  ProxyPassReverse    /lool http://127.0.0.1:9980/lool



</VirtualHost>
And this is the example for nginx:


Code: 
server {

    listen 80;

    listen [::]:80;

    server_name  collabora.example.com;



    error_log /var/log/nginx/collabora.error;



    # static files

    location ^~ /loleaflet {

        proxy_pass http://localhost:9980;

        proxy_set_header Host $http_host;

    }



    # WOPI discovery URL

    location ^~ /hosting/discovery {

        proxy_pass http://localhost:9980;

        proxy_set_header Host $http_host;

    }



    # Capabilities

    location ^~ /hosting/capabilities {

        proxy_pass http://localhost:9980;

        proxy_set_header Host $http_host;

    }



    # main websocket

    location ~ ^/lool/(.*)/ws$ {

        proxy_pass http://localhost:9980;

        proxy_set_header Upgrade $http_upgrade;

        proxy_set_header Connection "Upgrade";

        proxy_set_header Host $http_host;

        proxy_read_timeout 36000s;

    }



    # download, presentation and image upload

    location ~ ^/lool {

        proxy_pass http://localhost:9980;

        proxy_set_header Host $http_host;

    }



    # Admin Console websocket

    location ^~ /lool/adminws {

        proxy_pass http://localhost:9980;

        proxy_set_header Upgrade $http_upgrade;

        proxy_set_header Connection "Upgrade";

        proxy_set_header Host $http_host;

        proxy_read_timeout 36000s;

    }

}
I've read the openlitespeed guide (method 3) https://openlitespeed.org/kb/reverse-proxy-basics/ and I tried this:

1648002689246.png

1648002734150.png

Do you guys know why it isn't working? http://collabora.whyprivacy.win/

I've also added it to the http listener:
1648002812238.png

Sorry to bother, and thanks again. Any idea will help me a lot!
 
Cold-Egg

Cold-Egg

Administrator
#2
#2
This is what I did,
1. Start the collabora container
Code: 
sudo docker run -t -d -p 1.2.3.4:9980:9980 -e 'domain=nextcloud.example.com' --restart always collabora/code
2. Goto Web Admin Server Configuration > External App to add a Web Server with NAME: collabora and Address: https://1.2.3.4:9980
3. Goto Web Admin Virtual Host> Rewrite to add
Code: 
RewriteRule ^(.*)$ HTTPS://collabora/$1 [P,L,E=PROXY-HOST:nextcloud.example.com]
Feel free to add more rewrite conditions for your case.

If you want to run docker with 127.0.0.1, then you need to find a way to add network host to the docker-compose file, so the openlitespeed container is able to contact 127.0.0.1.
 
A

aquasp

New Member
#3
#3
Cold-Egg said:
This is what I did,
1. Start the collabora container
Code: 
sudo docker run -t -d -p 1.2.3.4:9980:9980 -e 'domain=nextcloud.example.com' --restart always collabora/code
2. Goto Web Admin Server Configuration > External App to add a Web Server with NAME: collabora and Address: https://1.2.3.4:9980
3. Goto Web Admin Virtual Host> Rewrite to add
Code: 
RewriteRule ^(.*)$ HTTPS://collabora/$1 [P,L,E=PROXY-HOST:nextcloud.example.com]
Feel free to add more rewrite conditions for your case.

If you want to run docker with 127.0.0.1, then you need to find a way to add network host to the docker-compose file, so the openlitespeed container is able to contact 127.0.0.1.
Click to expand...

Holy, you are a genius man!
Thanks! It worked like a charm!
https://collabora.whyprivacy.win:9980

One last question, is it possible to install a SSL with this docker reverse proxy setup? And do I even need one?
Collabora is working inside NextCloud only if I check "disable certificate verification(Non-secure)"

Probably that is not true, since it is actually running with https, but with a self-signed certified I guess :think:

Thanks again!!
 
A

aquasp

New Member
#5
#5
Ohh, got it. I could create the SSL certificate, but after adding it to the virtual host proxy, it is still not secure. Is there any other place that I need to setup it? 1648132948123.png

Thanks again and I totally understand if you can't answer this question
 
You must log in or register to reply here.
Top