Hello,
Both nextcloud and collabora are behind a reverse proxy on a NAT with one single public IPv4.
Both have a TLS certificate on the reverse proxy so " The corresponding loolwsd settings are ssl.enable=false
and ssl.termination=true
."
So far, so good
Now it gets trickier.
Nextcloud is also working on IPv6 with a certbot TLS certificate. It’s actually the nextcloud container that deliver the TLS certificate (thanks to sftp) to the reverse proxy for IPv4 connection to nextcloud.
The reverse proxy get the TLS certificate of collabora thanks to certbot for now.
My question is : how can I make collabora working also on IPv6.
Collabora has it’s own IPv6. I would like collabora to get it’s certificate thanks to certbot and deliver it to the reverse proxy as I do for nextcloud and other CT (I’d stop certbot on the reverse proxy nginx then) but if it gets a TLS certificate then I need to change the loolwsd settings to ssl.enable=true
, right? But then, Ipv4 won’t work anymore…
It feels like collabora is not IPv6 ready and not easy to implement in a dual stack environment.
Unless, maybe, if I could get “SSL on both ends” also for IPv4 but I don’t know how I can do that…