How do I set up apache behind a reverse proxy?

I’m trying to configure a collaborative server online, but I don’t know.
The situation

  • Nginx reverse proxy server (debian 10)
  • Nextcloud 23 + Collabora Online (debian 11)

I found various tutorials on the Internet and used something from each. Nextcloud works well, so I only want to solve Collabora Online.
Reverse proxy nginx ( configuration.

server {

    location / {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


server {
    if ($host = {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    listen 80;
    return 404; # managed by Certbot


The SSL certificate is valid and everything works.
Collabora Online installation (on

sudo apt install apt-transport-https ca-certificates
sudo apt-key adv --keyserver --recv-keys 0C54D189F4BA284D
nano /etc/apt/sources.list.d/collabora.list
deb ./
sudo apt update
sudo apt install coolwsd code-brand
sudo nano /etc/coolwsd/coolwsd.xml
<ssl desc="SSL settings">
     <enable type="bool" desc="Controls whether SSL encryption is enable (do not disable for production deployment). If default is false, must first be compiled with SSL support to enable." default="true">false</enable>
     <termination desc="Connection via proxy where loolwsd acts as working via https, but actually uses https." type="bool" default="true">true</termination>
<storage desc="Backend storage">
    <filesystem allow="false" />
    <wopi desc="Allow/deny wopi storage. Mutually exclusive with webdav." allow="true">
        <host desc="Regex pattern of hostname to allow or deny." allow="true">localhost</host>
        <host desc="Regex pattern of hostname to allow or deny." allow="true">nextcloud\.example\.com</host>
<admin_console desc="Web admin console settings.">
      <enable desc="Enable the admin console functionality" type="bool" default="true">true</enable>
      <enable_pam desc="Enable admin user authentication with PAM" type="bool" default="false">false</enable_pam>
      <username desc="The username of the admin console. Ignored if PAM is enabled.">user_name</username>
      <password desc="The password of the admin console. Deprecated on most platforms. Instead, use PAM or loolconfig to set up a secure password.">super_secret_password</password>
sudo systemctl status coolwsd.service
● coolwsd.service - Collabora Online WebSocket Daemon
     Loaded: loaded (/lib/systemd/system/coolwsd.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2022-01-20 22:02:51 CET; 11h ago
   Main PID: 7590 (coolwsd)
        CPU: 1min 32.261s
     CGroup: /system.slice/coolwsd.service
             ├─7590 /usr/bin/coolwsd --version --o:sys_template_path=/opt/cool/systemplate --o:child_root_path=/opt/cool/child>
             ├─7598 /usr/bin/coolforkit --losubpath=lo --systemplate=/opt/cool/systemplate --lotemplate=/opt/collaboraoffice ->
             └─7600 /usr/bin/coolforkit --losubpath=lo --systemplate=/opt/cool/systemplate --lotemplate=/opt/collaboraoffice ->

Jan 20 22:02:54 debian-11-nextcloud coolwsd[7590]: wsd-07590-07597 2022-01-20 22:02:54.103781 +0100 [ prisoner_poll ] TRC  Cal>
Jan 20 22:02:54 debian-11-nextcloud coolwsd[7590]: wsd-07590-07597 2022-01-20 22:02:54.103816 +0100 [ prisoner_poll ] TRC  Add>
Jan 20 22:02:54 debian-11-nextcloud coolwsd[7590]: wsd-07590-07597 2022-01-20 22:02:54.103847 +0100 [ prisoner_poll ] INF  Hav>
Jan 20 22:02:54 debian-11-nextcloud coolwsd[7590]: wsd-07590-07597 2022-01-20 22:02:54.103878 +0100 [ prisoner_poll ] TRC  Not>
sudo ufw allow 9980

How do I set up virtualhost on apache servers?

sudo nano /etc/apache2/sites-available/

Configuration content ?

sudo a2ensite
sudo systemctl reload apache2

Welcome @gusto and thanks for your first topic!

It seems there is still no answer on this. So let me try, albeit far from an expert and not even a sysadmin, to be the first.

There are quite useful bits in the SDK documentation more precisely this: Proxy settings — SDK documentation In there, you will also find Apache2 config laid out for you. I hope that helps.

I also wrote a very similar question here.
I used this config, but there is still something wrong

It still doesn’t work. :unamused: