Nextcloud integration fails after routine Collabora upgrade

cnic023 · April 27, 2024, 8:21pm

I have a nextcloud server in one box and a collabora and reverse proxy server in another. After a routine upgrade (apt upgrade) I can no longer edit rich text (docx etc). I have been running on this model successfully for several years.

“Failed to load Nextcloud Office - please try again later”

Initially I assumed the upgrade had altered my coolswsd.xml file but on checking it did not.

My setup is as follows:

Nextcloud-Version: Nextcloud Hub 4 (26.0.13)
Nextcloud Office: 8.0.10
Allow list for WOPI requests: “125.xxx.xxx.xx,192.168.0.xxx,127.0.0.1” (Static IP, IP of nextcloud server, localhost)
Does https://collabora-domain/hosting/discovery 21 show an xml File? answer=yes
Collabora error log (apache2):
"[Sat Apr 27 10:52:53.532736 2024] [proxy_http:error] [pid 4087283] (70014)End of file found: [client 192.168.0.1:51049] AH01102: error reading status line from remote server 127.0.0.1:9980"

Anonymized content of collabora-webinstance:

<VirtualHost>	
$$$$$$$$$$$$$$$
	SSLProxyEngine On
    
    # Keep the host
    ProxyPreserveHost On

    # Cert is issued for $$$$$ and then we proxy to localhost
    SSLProxyVerify none
    #SSLProxyCACertificatePath /etc/ssl
    SSLProxyCheckPeerCN Off
    SSLProxyCheckPeerName Off
    SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
    Protocols h2 http/1.1

    # static html, js, images, etc. served from coolwsd
    # loleaflet/browser is the client part of Collabora Online
    #ProxyPass /loleaflet https://127.0.0.1:9980/loleaflet retry=0
    #ProxyPassReverse /loleaflet https://127.0.0.1:9980/loleaflet
    ProxyPass /browser https://127.0.0.1:9980/browser retry=0
    ProxyPassReverse /browser https://127.0.0.1:9980/browser 

    # WOPI discovery URL
    ProxyPass /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
    ProxyPassReverse /hosting/discovery https://127.0.0.1:9980/hosting/discovery

    # Capabilities
    ProxyPass /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities retry=0
    ProxyPassReverse /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities

    # Main websocket
    ProxyPassMatch "/cool/(.*)/ws$" wss://127.0.0.1:9980/cool/$1/ws nocanon

    # Admin Console websocket
    ProxyPass /cool/adminws wss://127.0.0.1:9980/cool/adminws

    # Download as, Fullscreen presentation and Image upload operations
    ProxyPass /cool https://127.0.0.1:9980/cool
    ProxyPassReverse /cool https://127.0.0.1:9980/cool   
    
</VirtualHost>

Which SSL-Certs are being used self signed or from a recognized authority)? answer= both, CA to proxy server and Self-Signed to Collabora server on 9980 (all in same box). All certificates have been checked for expiry.
Result of “uname -a” = Linux xxx.xxx.nz 5.15.0-105-generic #115-Ubuntu SMP Mon Apr 15 09:52:04 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Date of the download of the collabora update (when things went wrong) = 25/4/24

From coolwsd.xml:

    <termination default="true" desc="Connection via proxy where coolwsd acts as 
    working via https, but actually uses http." type="bool">false</termination>
                <cert_file_path desc="Path to the cert file" 
    relative="false">/etc/coolwsd/cert.pem</cert_file_path>
                <key_file_path desc="Path to the key file" 
    relative="false">/etc/coolwsd/key.pem</key_file_path>
                <ca_file_path desc="Path to the ca file" relative="false">/etc/coolwsd/ca- 
   chain.cert.pem</ca_file_path>

Tex · May 2, 2024, 3:02am

Hey @cnic023. Welcome to the forum and thanks for the info.

(I’m moving this thread to the “Installation & Configuration” section for more visibility.)

Hmmm… I see you have:

Nextcloud 26.0.13
NextcloudOffice 8.0.10

Nextcloud 26 is currently listed as “Unsupported”.

Q1. Any chance you could update to Nextcloud 27+?

I see you also mentioned it broke on:

2024/04/25

Soo… According to these richdocuments release dates/notes, that may have landed you somewhere between:

Nextcloud Office 8.0.9 / 8.0.8

Q2. Do you happen to remember:

Which working version you had previously?

Q3. Also, would be helpful knowing:

Which OS you are running?
What Collabora Office version is installed?

Edit: While searching for your:

"error reading status line from remote server" Collabora

I also ran across a few other older topics with Apache + reverse proxy issues… perhaps something there might help too:

Collabora 22.05.12 with Nextcloud 25 and 24 at standalone Ubuntu server can't open any document - #2 by Tex

Hmmm… but since it was working fine, and broke within the past week… hmmm…

cnic023 · May 3, 2024, 1:55am

First, thanks for your attention to this problem. Much appreciated.
I upgraded to nextcloud 27.1.9 on about 30 April, also upgraded to php2.2 - same problem.
The nextcloud people said it was strange to proxy with https but I have been doing this for years too using self-signed certificates (see my config file). I will double check these but they don’t seem to have expired. I have a reverse proxy server (apache2) and the CODE server on the same box. This proxies to a nextcloud server on another box. The CODE server has its own domain certificate from Letsencrypt.
No, sorry I don’t know the previous upgrade of Nextclous but I was on 25.0.5.1 in August. 2023.As for nextcloud office I don’t know that either.
I am running ubuntu server 22.04, apache2 2.4.59.
Running dpkg -l |grep coolwsd gives:
ii coolwsd 24.04.1.4-1 amd64 Collabora Online WebSocket Daemon
Not sure if this is what you want.

cnic023 · May 5, 2024, 9:32pm

The following may be useful. I have this nextcloud log entry:
WOPI request denied from 192.168.0.xxx as it does not match the configured ranges: 125.236.230.32, 192.168.0.112, 127.0.0.1
Note: 192.168.0.xxx is the proxy server in the same box as the CODE server.
Perhaps I must configure this in coolwsd.xml (but I have never done so before):
host desc=“hostname to allow or deny.” allow=“true”>scheme://hostname:port
alias desc=“regex pattern of aliasname”>scheme://aliasname1:port
alias desc=“regex pattern of aliasname”>scheme://aliasname2:port

cnic023 · May 9, 2024, 1:34am

I am now running:
Nextcloud Hub 7 (28.0.5)
PHP8.3
Nextcloud Office 8.3.6

Still same problem.

cnic023 · May 9, 2024, 1:57am

I seem to have solved this problem by adding the ip address of my ISP provided router, its internal LAN address that is. I added this to the Nextcloud Office WOPI request whitelist within the admin settings in the Nextcloud GUI.
Rich documents are now available.
I had never had this entry there before. But there were no log complaints and everything worked fine. I would love to know what the change was but it is not a ‘bug’ now, if it ever was.

Tex · May 9, 2024, 3:15am

@cnic023 Absolutely fantastic hearing that you finally solved it.

Maybe the upgrades from Nextcloud 26->28 + Nextcloud Office 8.0->8.3 corrected many hidden issues too. (Usually lots of bugs are fixed in each version as well.)

Whenever anything goes very strange, usually one of the first steps I do is… to test the latest. Sometimes, the issue was already reported/squished (or made better) months ago.

Topic		Replies	Views
After update reverse proxy not working (AH01084 pass request body failed) Installation & Configuration	1	1177	September 26, 2022
Collabora 22.05.12 with Nextcloud 25 and 24 at standalone Ubuntu server can't open any document Installation & Configuration	1	756	May 2, 2024
Help debugging collabora + nextcloud on the same machine on Ubuntu 22.04 Installation & Configuration	2	1176	August 11, 2022
Failed to load Nextcloud office User Support	5	4447	April 2, 2023
Collabora and NextCloud on Docker, never worked, help finding out what is wrong and where User Support	19	1525	August 4, 2022

Nextcloud integration fails after routine Collabora upgrade

Anonymized content of collabora-webinstance:

From coolwsd.xml:

Related Topics