Onlyoffice vs Collabora in Nextcloud
-
So even without HTTPS and pointing Nextcloud to NGINX for accessing Onlyoffice it doesn't work. I would run Onlyoffice with both https and http ports open and see if it works directly accessing Onlyoffice like you did above.
podman run -it -d -p 443:443 -p 80:80 --restart=always onlyoffice/documentserver -
@brandon220 said in Onlyoffice vs Collabora in Nextcloud:
proxy_pass http://192.168.1.106;Your backend box has no SSL. Likely something is getting confused. Wordpress has problems like this when behind a proxy.
Make a snapshot, add a self signed cert on your backend system and change the proxy to point to that.
What does that do to your functoinality?
-
@JaredBusch I’m sure you are right. I can access the document server via https through the proxy with the current config. Nextcloud can connect to it https. There is an error however in the browser (when you open the developer tools and view the console) and the document content never loads. I am trying so hard to avoid installing Docker, podman, etc on the NC server.
-
@brandon220 said in Onlyoffice vs Collabora in Nextcloud:
@JaredBusch I’m sure you are right. I can access the document server via https through the proxy with the current config. Nextcloud can connect to it https. There is an error however in the browser (when you open the developer tools and view the console) and the document content never loads. I am trying so hard to avoid installing Docker, podman, etc on the NC server.
I honestly have no clue. It is simply speculation based on prior experience with shit behind a proxy.
-
@JaredBusch Understood. Just frustrating when all the other hosts I have behind a proxy work perfect.
I’m just afraid it would work ok with the document server running on the NC server (as a container) but not be able to keep up with heavy use. I have learned to keep workloads separate.
-
I’ll have to take my test vm and put the cert directly on it and test the functionality.
-
@brandon220 said in Onlyoffice vs Collabora in Nextcloud:
I’ll have to take my test vm and put the cert directly on it and test the functionality.
You don't need a valid cert from a CA behind the proxy.
You just need a cert. That is why I said self signed. It is still encrypted. There is nothing wrong with the encryption of self signed certs.
For your Proxy to talk to the backend piece, you control it all so there is no trust issue with the public. The self signed cert will never be seen.
-
@JaredBusch makes sense. I’ll give it a try tomorrow.
-
This post is deleted! -
Update:
I was able to get it working with a self-signed certificate and the functionality is great. I had NC connected to the OO server with https://localip That worked fine but once left my LAN, from the web it tried to resolve the local ip. That of course will not work and it does zero good to only work while you are on the LAN. I was unsuccessful at getting the self-signed cert to work behind nginx reverse proxy.
Is it possible to just have nginx forward http to the OO server and:- Allow Letsencrypt to verify and issue the certs
- Actually function behind the proxy if the actual cert is on the OO server directly. I cannot find any good documentation of OO working properly behind the reverse proxy in the normal sense.
