NextCloud - "Could not establish connection to the Collabora Online server"

Hello all,

I have a NextCloud 30.0.4 installation, AIO script, docker on Linux, that has no reverse proxy and is resolving externally via a firewall NAT’d Internet IP and external DNS name.

The AIO containers are on an AIO created private bridged docker nextcloud network. The only containers publishing ports are apache (443), talk (talk port) and nextcloudmc which is publishing admin ports. Only https and talk are accessible from the internet.

All other aspects of nextcloud are working well, but when I go to the “office” section of the administration menu I see “Could not establish connection to the Collabora Online server…Failed to connect to the remote server: cURL error 7: Failed to connect to [ourhost.ourdomain. com] port 443 after 0 ms: Could not connect to server”

When I set the URL to http:// nextcloud-aio-collabora:9980 I receive a message “Collabora Online server is reachable… URL used by the browser: https://[ourhost.ourdomain.com]Nextcloud URL used by Collabora: https://[ourhost.ourdomain.com]”.

The external IP and the container bridge network IP are all part of the WOPI requests, along with the other defaults. The only time we can access the WOPI settings screen in Nextcloud office is when the container name and collaborate port are entered.

The WOPI requests include the external NAT IP the server traffic is forwarded to as well as the standard non-routable networks, local host, etc. that are configured by default. Adding 0.0.0.0 and/or 0.0.0.0/0 do not make the configuration work.

This change using container name as the collabora sever is not persistent when the containers are restarted but it is the only time “Collabora Online server is reachable” is present.

All of the containers can resolve the external DNS name, [ourhost.ourdomain. com]. We can connect externally to the /hosting/capabilities, /hosting/discovery and /status.php pages but cannot curl them from the containers (nextcloud, apache and collaborate).

The local server host file does not have an entry pointing [ourhost.ourdomain .com].

It appears the default nextcloud AIO installation is using Caddy on the Apache server. Not sure how relevant this is but my understanding is that Apache is proxying the Collabora requests, and port 9980 is only available on the private bridge network - communication should be between nextcloud-aio-apache and nextcloud-aio-collabora on their private network. The collabora server ports are not published via docker.

When we try to access any document via Nextcloud files we receive a “Document loading failed…Failed to load Nextcloud Office - please try again later”

Not sure if the AIO expectation is that the entire installation is installed behind a reverse proxy but is there any way we can make the existing configuration - which is supposed to be ‘simple’ work - or should we just go the reverse proxy route?

Any assistance is appreciated!

Hello @gork welcome to the collabora online forum

Can you please check following points

1. Add Host Entry in /etc/hosts for Internal Containers

  • Inside the relevant containers (nextcloud-aio-apache, nextcloud-aio-collabora, etc.), add a hosts file entry mapping your external DNS name to the internal Docker network IP of the Collabora container.
  • You can do this by adding the line:
<Collabora-container-IP> <your-hostname>
  • This ensures internal requests resolve to the correct internal IP instead of attempting external NAT routing.

2. Adjust WOPI Settings

  • Ensure the external DNS and internal Docker network IPs of the Collabora container are explicitly included in the WOPI aliasgroup or allowed origins settings. You may have to update the Collabora configuration (/etc/coolwsd/coolwsd.xml) to reflect these settings.

3. Expose Collabora Ports Safely

  • Temporarily expose the Collabora container’s port 9980 to the host for troubleshooting:
docker run -p 9980:9980 <collabora-container>
  • This helps verify if the issue is related to Docker’s internal networking. After verification, you can revert to the default setup for security.

4. Force Internal DNS Resolution

  • Configure the Docker network’s DNS to prefer internal IP resolution for the ourhost.ourdomain.com. Use the --dns option when starting containers or modify Docker’s daemon.json to include your internal DNS server.