ivnmad
March 31, 2022, 10:28am
1
21.11.3.4.1 doesn’t seem to work with multiple domains.
I pull the docker as usual:
sudo docker run -t -d -p 9980:9980 -e “username=admin” -e “password=0123456789” -e ‘domain=domain3\.com|domain2\.com|domain3\.com’ --name collabora --restart=always --cap-add MKNOD collabora/code
If I connect to Collabora from domain1.com , everything works fine, but it gets stuck on this screen for the other domains. Same if I connect first with domain2.com . Everything works fine with that domain, but it won’t work with the other domains.
Collabora seems to only accept the first domain you connect with.
Everything works fine with 21.11.2.4.1, so this is definitely an issue introduced with 21.11.3.4.1.
1 Like
We are aware of it and working on it we just introduced a new way to configure multihost which is not adapted to docker files. for now you can add multihosts by editing coolwsd.xml like shown in this comment. let me know if you need any help
opened 10:38PM - 24 Mar 22 UTC
bug
unconfirmed
**Describe the bug**
Access from multiple domains does not work.
**To Reprod… uce**
Steps to reproduce the behavior:
1. Create docker instance via docker-compose:
```version: '3.3'
services:
collabora_app:
image: collabora/code
container_name: collabora_app
cap_add:
- MKNOD
ports:
- "9980:9980"
environment:
- domain=cloud\\.domain1\\.de|cloud\\.domain2\\.de
- dictionaries=de en
- username=USERNAME
- password=PASSWORD
restart: always
```
2. Connect both nextclouds to collabora
**Expected behavior**
Both should work
**Actual behavior**
Only the second cloud works with collabora.
Trying to reach collabora via the first cloud results in:
```
wsd-00001-00063 2022-03-24 22:23:35.149283 +0000 [ docbroker_002 ] ERR Only allowed host is: cloud.domain2.de| wsd/Storage.cpp:330
wsd-00001-00063 2022-03-24 22:23:35.175933 +0000 [ docbroker_002 ] ERR No acceptable WOPI hosts found matching the target host [cloud.domain1.de] in config.| wsd/Storage.cpp:436
```
Content of /etc/coolwsd/coolwsd.xml
```<storage desc="Backend storage">
<filesystem allow="false" />
<wopi desc="Allow/deny wopi storage." allow="true">
<host desc="Regex pattern of hostname to allow or deny." allow="true">cloud\.domain1\.de|cloud\.domain2\.de</host>
<host desc="Regex pattern of hostname to allow or deny." allow="true">10\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host desc="Regex pattern of hostname to allow or deny." allow="true">172\.1[6789]\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host desc="Regex pattern of hostname to allow or deny." allow="true">172\.2[0-9]\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host desc="Regex pattern of hostname to allow or deny." allow="true">172\.3[01]\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host desc="Regex pattern of hostname to allow or deny." allow="true">192\.168\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host desc="Regex pattern of hostname to allow or deny." allow="false">192\.168\.1\.1</host>
<max_file_size desc="Maximum document size in bytes to load. 0 for unlimited." type="uint">0</max_file_size>
<locking desc="Locking settings">
<refresh desc="How frequently we should re-acquire a lock with the storage server, in seconds (default 15 mins) or 0 for no refresh" type="int" default="900">900</refresh>
</locking>
<alias_groups desc="default mode is 'first' it allows only the first host when groups are not defined. set mode to 'groups' and define group to allow multiple host and its aliases" mode="first">
<!-- If you need to use multiple wopi hosts, please change the mode to "groups" and
add the hosts below. If one host is accessible under multiple ip addresses
or names, add them as aliases. -->
<!--<group>
<host desc="hostname to allow or deny." allow="true">scheme://hostname:port</host>
<alias desc="regex pattern of aliasname">scheme://aliasname1:port</alias>
<alias desc="regex pattern of aliasname">scheme://aliasname2:port</alias>
</group>-->
</alias_groups>
</wopi>
<ssl desc="SSL settings">
<as_scheme type="bool" default="true" desc="When set we exclusively use the WOPI URI's scheme to enable SSL for storage">true</as_scheme>
<enable type="bool" desc="If as_scheme is false or not set, this can be set to force SSL encryption between storage and coolwsd. When empty this defaults to following the ssl.enable setting"></enable>
<cert_file_path desc="Path to the cert file" relative="false"></cert_file_path>
<key_file_path desc="Path to the key file" relative="false"></key_file_path>
<ca_file_path desc="Path to the ca file. If this is not empty, then SSL verification will be strict, otherwise cert of storage (WOPI-like host) will not be verified." relative="false"></ca_file_path>
<cipher_list desc="List of OpenSSL ciphers to accept. If empty the defaults are used. These can be overridden only if absolutely needed."></cipher_list>
</ssl>
</storage>
```
**Desktop (please complete the following information)**
- OS: Win10
- Browser: Firefox
- Version: 98.0.1
2 Likes
ivnmad
March 31, 2022, 1:21pm
3
@rash419 that worked, thank you.
For anyone else’s reference, this is what I did.
Logged into the container as root, installed nano and then edited /etc/coolwsd/coolwsd.xml
sudo docker exec -u 0 -it “container_ID” /bin/bash
apt update
apt install nano
nano /etc/coolwsd/coolwsd.xml
Changed mode from “first” to “groups”
<alias_groups desc="default mode is 'first' it allows only the first host when groups are not defined. set mode to 'groups' and define group to allow multiple host and its aliases" mode="groups">
Added the following lines below that:
<group>
<host desc="hostname to allow or deny." allow="true">https://domain1.com:443</host>
</group>
<group>
<host desc="hostname to allow or deny." allow="true">https://domain2.com:443</host>
</group>
<group>
<host desc="hostname to allow or deny." allow="true">https://domain3.com:443</host>
</group>
You can obviously have http:// and port 80, if you that is allowed in your environment.
2 Likes
You saved my day !!! I didn’t see the mode=“groups” in alias_groups bracket !
wwe
August 25, 2022, 7:45pm
5
using current versions there is no need to edit coolwsd.xml everything works in a docker way