Add complete docker-compose.yml example for collabora office #630
Conversation
This docker-compose.yml file will create a nextcloud instance with signed certs using the lets encrypt companion and the nginx reverse proxy. Collabora office will also be deployed using signed certs. To use collabora the app must be installed within nextcloud and configured to use office.DOMAIN.TLD. There is no need to specify a port, simply the pubilc domain used to create your certs for the office instance. Ports, 443 and 80 should be forwarded to the server. Signed-off-by: aarskar <[email protected]>
Signed-off-by: aarskar <[email protected]>
Signed-off-by: aarskar <[email protected]>
Signed-off-by: aarskar <[email protected]>
|
Thanks for making the installation much easier for a lot of people! Although, after using this docker-compose file I still have not been able to finally fix it. When I start the Collabora Integration app and fill in the collabora url [https://office.DOMAIN.TLD], I get the following error:
When I try to open a document I get:
Maybe you know what would be a quick fix for this problem? Thanks a lot in advance! |
|
Hi @kromsam, I'll post this response in both places. Here is a snippet from my /app/config/config.php, my assumption is you need to add the lines for overwritehost and overwriteprotocol. This is necessary if you wish to use the passwords app as well. Be sure to use your actual hostname for your nextcloud where I have used cloud.example.com below. |
|
@kromsam , looks like the NC conversation site is undergoing some maintenance. I will update there at a later date when replying is enabled again. |
|
I used the following Docker Ansible playbook: https://github.com/ReinerNippes/nextcloud_on_docker (testing branch has collabora). Which got me much closer to a solution, I think. I'm stiil stuck though. This isn't really of your business of course. So I put the issue here: ReinerNippes/nextcloud_on_docker#5 |
|
@kromsam, ok looks like you issue was solved by a pass proxy option in the other thread. Glad to see you are up and running! |
|
Hi everyone I'm having a similar issue, I've gotten the Collabora server to start up successfully and when navigating to office.MY-DOMAIN.COM I see the OK message. I'm also able to go to the /hosting/discovery path and see the XML configuration. However, when I attempt to open a document through Nextcloud I get a Below is my and here is my |
Same as here |
|
Hi @dpcee30 have you put this configuration in your /app/config/config.php? You may need to add 2 lines into this config file. (I'm not aware of any reason to modify your nginx config file manually. If you want to do large file uploads you may need to add an additional file but that is a separate issue.) 'overwritehost' => 'cloud.example.com', After adding these lines you may need to restart your nextcloud docker container.
|
|
Just want to note that it can take a few minutes until the docker container with collabora is fully up an running, on my server it takes ~8 minutes! |
|
@aaronSkar applying both |
|
@palto42 thanks for the note about waiting a few minutes for the container to boot. Unfortunately, my container appears to be fully online (getting the OK message from Collabora and able to access the admin settings) however, I'm still unable to load documents from Nextcloud. |
|
@alecbcs I don't see anything jumping out as wrong when looking at your config. I'll comb through it more this afternoon. Good to hear the errors are gone. The wait period mention is a real thing but once your are getting the OK message it should be ready to use in my experience. Can you describe the documents you are opening a bit more for me? Are they newly created in nextcloud? Are they existing? What is the extension? Also can you give the version of collabora you are on? |
|
@alecbcs so looking at your default.conf file things look ok assuming there is actually a list of ssl_ciphers where you have {removed} and the last 2 } are present in the actual file and just cut off in the copy/paste. Otherwise is basically identical to what I have on my servers. |
|
@alecbcs can you also share how you entered the url into the collabora settings field (URL (and Port) of Collabora Online-server)? |
|
@aaronSkar I have entered the domain as |
|
@aaronSkar currently I'm curious if the problem is using the |
| - VIRTUAL_HOST=cloud.DOMAIN.TLD | ||
| - LETSENCRYPT_HOST=cloud.DOMAIN.TLD | ||
| # This needs to be a real email as it will be used by let's encrypt for your cert and is used to warn you about renewals. | ||
| - [email protected] |
| - VIRTUAL_HOST=office.DOMAIN.TLD | ||
| - LETSENCRYPT_HOST=office.DOMAIN.TLD | ||
| # This needs to be a real email as it will be used by let's encrypt for your cert and is used to warn you about renewals. | ||
| - [email protected] |
| - 9980:9980 | ||
| environment: | ||
| # This nees to be the same as what you set your app domain too (ex: cloud.domain.tld). | ||
| - domain=cloud\\.DOMAIN\\.TDL |
There was a problem hiding this comment.
Double backslash is only required when invoked from a shell. Here a single backslash would suffice.
| # Create a passoword for the collabora office admin page. | ||
| - password=CREATE-A-SECURE-PASSWORD-HERE | ||
| - VIRTUAL_PROTO=https | ||
| - VIRTUAL_PORT=443 |
There was a problem hiding this comment.
Use http here because the reverse proxy handles SSL:
- VIRTUAL_PORT=9980
- extra_params=--o:ssl.enable=false --o:ssl.termination=true
(and remove VIRTUAL_PROTO)
| cap_add: | ||
| - MKNOD | ||
| ports: | ||
| - 9980:9980 |
There was a problem hiding this comment.
why don't you use just
expose:
- '9980'
and then connect nextcloud via nextcloud_network using container name nextcloud-collab
??
Also you need to specify domain=container_name
There was a problem hiding this comment.
I have been unable to connect via local host if you have done this please let me know otherwise you can use the expose if you add
- VIRTUAL_NETWORK=proxy-ssl
and change your networks to look like this
nextcloud_network:
external:
name: proxy-ssl
With a working version looking like this
collabora:
image: collabora/code
container_name: nextcloud-collab
networks:
- nextcloud_network
depends_on:
- reverse-proxy
cap_add:
- MKNOD
expose:
- 9980
environment:
- domain=${HOST}
- VIRTUAL_HOST=cloud\.DOMAIN\.TLD
- VIRTUAL_NETWORK=proxy-ssl
- VIRTUAL_PORT=9980
- extra_params=--o:ssl.enable=false --o:ssl.termination=true
- LETSENCRYPT_HOST=collabora\.DOMAIN\.TDL
restart: unless-stopped
networks:
nextcloud_network:
external:
name: proxy-ssl
you do have to run docker network create proxy-ssl Before it works
Edit:
you also must set your settings to something like this
There was a problem hiding this comment.
same here. cannot connect at all, the only thing is using the docker instance ip address as collabora online-server ip address but also that is not working with I think the ws connection.
I can only access the admin panel and to /hosting/discovery
collabora:
image: collabora/code
container_name: collabora
networks:
- proxy-tier
depends_on:
- proxy
restart: always
expose:
- 9980
cap_add:
- MKNOD
environment:
- username=admin
- password=password
- domain=ntc.example.tld
- VIRTUAL_HOST=collabora.example.tld
- VIRTUAL_NETWORK=nginx-proxy
- VIRTUAL_PORT=9980
- VIRTUAL_PROTO=https
- LETSENCRYPT_HOST=collabora.example.tld
- LETSENCRYPT_EMAIL=my-email
and the nextcloud script is here:
https://github.com/nextcloud/docker/blob/master/.examples/docker-compose/with-nginx-proxy/mariadb-cron-redis/fpm/docker-compose.yml
There was a problem hiding this comment.
I have been unable to connect via local host if you have done this please let me know otherwise you can use the expose if you add
about reverse proxy you can look here.
https://www.collaboraoffice.com/code/nginx-reverse-proxy/
There was a problem hiding this comment.
my was a firewall related issue.
So is ok for me to merge this.
|
I had some issues to get everything working. I wanted a home-production-ready docker-based deployment of Nextcloud with:
It seems I was able to get a working version running. Please see: https://github.com/bentolor/docker-nextcloud-collabora-postgresql-letsencrypt. Maybe it is helpful to others. |
|
What is the current status of this pull request? |
|
This example was working fine for us, except we had to add to our However, this was back when we were using Nextcloud 15 and version 4.0.3 of the collabora/code image. Today I did an upgrade to Nextcloud 18 and 4.2 of the collabora/code image, and it's no longer working :/ Nothing happens when clicking an ODT file, and the docker-compose logs are not showing any error that I can see. Neither does the JS console when clicking the ODT file. Is anyone running this example successfully with Nextcloud 18, Collabora 4.2? |
I was curious and tried in Chromium instead of Firefox, and then I get a popup |
Nevermind, that JS console printout was from when loading the file listing page, not from when clicking the ODT file. |
Yes: https://github.com/bentolor/docker-nextcloud-collabora-postgresql-letsencrypt |
Thanks @bentolor, I will study the differences between our configs. |
Turns out I had ran into nextcloud/richdocuments#917 , but was able to solve it using the workaround posted by the |
|
|
||
| There is no need to specify a port, simply the pubilc domain used to create your certs for the office instance. Ports, 443 and 80 should be forwarded to the server. | ||
|
|
||
|  |
There was a problem hiding this comment.
|  | |
|  |
| @@ -0,0 +1,5 @@ | |||
| This docker-compose.yml file will create a nextcloud instance with signed certs using the lets encrypt companion and the nginx reverse proxy. Collabora office will also be deployed using signed certs. To use collabora the app must be installed within nextcloud and configured to use office.DOMAIN.TLD. | |||
|
|
|||
| There is no need to specify a port, simply the pubilc domain used to create your certs for the office instance. Ports, 443 and 80 should be forwarded to the server. | |||
There was a problem hiding this comment.
| There is no need to specify a port, simply the pubilc domain used to create your certs for the office instance. Ports, 443 and 80 should be forwarded to the server. | |
| There is no need to specify a port, simply the public domain used to create your certs for the office instance. Ports 443 and 80 should be forwarded to the server. |
| # Create a passoword for the collabora office admin page. | ||
| - password=CREATE-A-SECURE-PASSWORD-HERE | ||
| - VIRTUAL_PROTO=https | ||
| - VIRTUAL_PORT=443 |
There was a problem hiding this comment.
In the nginx-proxy docs it reads:
If your container exposes multiple ports, nginx-proxy will default to the service running on port 80. If you need to specify a different port, you can set a VIRTUAL_PORT env var to select a different one. If your container only exposes one port and it has a VIRTUAL_HOST env var set, that port will be selected.
So I got this up and running setting only VIRTUAL_HOST. The container exposes 9980 per default, and nginx-proxy will pick up on that automatically. So we can stay DRY and not specify 9980 multiple times, or at all for that matter.
My setup is a bit different (reverse proxy is one docker-compose, Nextcloud instance another), but I can confirm this works:
collabora:
image: collabora/code
networks:
# Just the default network of this docker-compose (no need to declare, exists per default):
- default
# Outside access through `external` reverse-proxy network:
- proxy_default
depends_on:
# NOT the reverse proxy, but nginx webserver for nextcloud-fpm image:
- web
cap_add:
- MKNOD
environment:
- username=admin
- password=password
# Domain the service should be accessed from:
- domain=${VIRTUAL_HOST}
#
- VIRTUAL_HOST=${COLLABORA_VIRTUAL_HOST}
- LETSENCRYPT_HOST=${COLLABORA_VIRTUAL_HOST}
#
# Extra parameters to Collabora, see also
# https://www.collaboraoffice.com/code/nginx-reverse-proxy/:
# SSL terminates at the proxy
- extra_params=--o:ssl.enable=false --o:ssl.termination=trueNote no ports were specified at all. nginx-proxy has created this entry in /etc/nginx/conf.d/default automatically:
# <office.domain.tld>
upstream <office.domain.tld> {
# Cannot connect to network of this container
server 127.0.0.1 down;
## Can be connected with "proxy_default" network
# nextcloud_collabora_1
server 192.168.16.5:9980;
}
where nextcloud_collabora_1 is the automatic container name, generated from the above collabora service in a docker-compose.yaml in a nextcloud directory. I redacted my domain for <office.domain.tld>.
Very simple this way!
|
Could this be merged? It would be sad if it was just left here. We've been successfully running our instance off of this example (or well, what it looked like in April last year) for over a year now. |
| - VIRTUAL_HOST=cloud.DOMAIN.TLD | ||
| - LETSENCRYPT_HOST=cloud.DOMAIN.TLD | ||
| # This needs to be a real email as it will be used by let's encrypt for your cert and is used to warn you about renewals. | ||
| - [email protected] |
There was a problem hiding this comment.
| - LETSENCRYPT_EMAIL=YOUR-EMAIL@DOMAIN.TDL | |
| - LETSENCRYPT_EMAIL=YOUR-EMAIL@DOMAIN.TLD |
| - VIRTUAL_HOST=office.DOMAIN.TLD | ||
| - LETSENCRYPT_HOST=office.DOMAIN.TLD | ||
| # This needs to be a real email as it will be used by let's encrypt for your cert and is used to warn you about renewals. | ||
| - [email protected] |
There was a problem hiding this comment.
| - LETSENCRYPT_EMAIL=YOUR-EMAIL@DOMAIN.TDL | |
| - LETSENCRYPT_EMAIL=YOUR-EMAIL@DOMAIN.TLD |
| - db:/var/lib/mysql | ||
| - /etc/localtime:/etc/localtime:ro | ||
| environment: | ||
| # Create a root password for the maraiadb instance. |
There was a problem hiding this comment.
| # Create a root password for the maraiadb instance. | |
| # Create a root password for the mariadb instance. |
| environment: | ||
| # Create a root password for the maraiadb instance. | ||
| - MYSQL_ROOT_PASSWORD=CREATE-A-SECURE-ROOT-PASSWORD-HERE | ||
| # Create a password for the nextcloud users. If you have to manually connect your database you would use the nextcloud user and this password. |
There was a problem hiding this comment.
| # Create a password for the nextcloud users. If you have to manually connect your database you would use the nextcloud user and this password. | |
| # Create a password for the nextcloud user. If you have to manually connect your database you would use the nextcloud user and this password. |
| ports: | ||
| - 9980:9980 | ||
| environment: | ||
| # This nees to be the same as what you set your app domain too (ex: cloud.domain.tld). |
There was a problem hiding this comment.
| # This nees to be the same as what you set your app domain too (ex: cloud.domain.tld). | |
| # This needs to be the same as what you set your app domain to (ex: cloud.domain.tld). |
|
Hi, I'm also interested in this pull request. |
|
Just made it work with @alexpovel solution above. Thx! |
|
This is now out of date, as the |
|
Has anyone a running setup for this with a current nextcloud version (>= 24) and might share it? Or is this approach out of date? |
|
@greenbourne277 Still running https://github.com/bentolor/docker-nextcloud-collabora-postgresql-letsencrypt with current Nextcloud; currently v26. |
|
@bentolor Thx. Good to know that it works for some people. My setup is almost identical (mariadb instead of postgres) and when i try to open documents using NextCloud Office, nothing happens and the browser displays a Content Security Policy error (media-src was blocked). Does your setup include some changes in the |
|
@greenbourne277 No. Literally as documented in my README.adoc .
|
|
@bentolor I did Step 7 & 8. and added therefore the |
|
This PR has an age of four years now, and it has gained a lot of devotion and contributions. Is there something that is holding it back to be merged? I think this is a valuable addition for a lot of users. We can bring it to perfection after being merged. |
joshtrichards
added
the
integration: office
joshtrichards
added
the
needs review
|
bumpp? how has this been open for 5 years? |
This example give a full example to deploy Nextcloud with Mariadb, Nginx, lets encrypt and Collabora office.
#55 #223