Nextcloud integration fails after routine Collabora upgrade

I have a nextcloud server in one box and a collabora and reverse proxy server in another. After a routine upgrade (apt upgrade) I can no longer edit rich text (docx etc). I have been running on this model successfully for several years.

“Failed to load Nextcloud Office - please try again later”

Initially I assumed the upgrade had altered my coolswsd.xml file but on checking it did not.

My setup is as follows:

Nextcloud-Version: Nextcloud Hub 4 (26.0.13)
Nextcloud Office: 8.0.10
Allow list for WOPI requests: “,,” (Static IP, IP of nextcloud server, localhost)
Does https://collabora-domain/hosting/discovery 21 show an xml File? answer=yes
Collabora error log (apache2):
"[Sat Apr 27 10:52:53.532736 2024] [proxy_http:error] [pid 4087283] (70014)End of file found: [client] AH01102: error reading status line from remote server"

Anonymized content of collabora-webinstance:

	SSLProxyEngine On
    # Keep the host
    ProxyPreserveHost On

    # Cert is issued for $$$$$ and then we proxy to localhost
    SSLProxyVerify none
    #SSLProxyCACertificatePath /etc/ssl
    SSLProxyCheckPeerCN Off
    SSLProxyCheckPeerName Off
    SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
    Protocols h2 http/1.1

    # static html, js, images, etc. served from coolwsd
    # loleaflet/browser is the client part of Collabora Online
    #ProxyPass /loleaflet retry=0
    #ProxyPassReverse /loleaflet
    ProxyPass /browser retry=0
    ProxyPassReverse /browser 

    # WOPI discovery URL
    ProxyPass /hosting/discovery retry=0
    ProxyPassReverse /hosting/discovery

    # Capabilities
    ProxyPass /hosting/capabilities retry=0
    ProxyPassReverse /hosting/capabilities

    # Main websocket
    ProxyPassMatch "/cool/(.*)/ws$" wss://$1/ws nocanon

    # Admin Console websocket
    ProxyPass /cool/adminws wss://

    # Download as, Fullscreen presentation and Image upload operations
    ProxyPass /cool
    ProxyPassReverse /cool   
  • Which SSL-Certs are being used self signed or from a recognized authority)? answer= both, CA to proxy server and Self-Signed to Collabora server on 9980 (all in same box). All certificates have been checked for expiry.
  • Result of “uname -a” = Linux 5.15.0-105-generic #115-Ubuntu SMP Mon Apr 15 09:52:04 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
  • Date of the download of the collabora update (when things went wrong) = 25/4/24

From coolwsd.xml:

    <termination default="true" desc="Connection via proxy where coolwsd acts as 
    working via https, but actually uses http." type="bool">false</termination>
                <cert_file_path desc="Path to the cert file" 
                <key_file_path desc="Path to the key file" 
                <ca_file_path desc="Path to the ca file" relative="false">/etc/coolwsd/ca- 
1 Like

Hey @cnic023. Welcome to the forum and thanks for the info. :slight_smile:

(I’m moving this thread to the “Installation & Configuration” section for more visibility.)

Hmmm… I see you have:

  • Nextcloud 26.0.13
  • NextcloudOffice 8.0.10

Nextcloud 26 is currently listed as “Unsupported”.

Q1. Any chance you could update to Nextcloud 27+?

I see you also mentioned it broke on:

  • 2024/04/25

Soo… According to these richdocuments release dates/notes, that may have landed you somewhere between:

  • Nextcloud Office 8.0.9 / 8.0.8

Q2. Do you happen to remember:

  • Which working version you had previously?

Q3. Also, would be helpful knowing:

  • Which OS you are running?
  • What Collabora Office version is installed?

Edit: While searching for your:

  • "error reading status line from remote server" Collabora

I also ran across a few other older topics with Apache + reverse proxy issues… perhaps something there might help too:

Hmmm… but since it was working fine, and broke within the past week… hmmm…

First, thanks for your attention to this problem. Much appreciated.
I upgraded to nextcloud 27.1.9 on about 30 April, also upgraded to php2.2 - same problem.
The nextcloud people said it was strange to proxy with https but I have been doing this for years too using self-signed certificates (see my config file). I will double check these but they don’t seem to have expired. I have a reverse proxy server (apache2) and the CODE server on the same box. This proxies to a nextcloud server on another box. The CODE server has its own domain certificate from Letsencrypt.
No, sorry I don’t know the previous upgrade of Nextclous but I was on in August. 2023.As for nextcloud office I don’t know that either.
I am running ubuntu server 22.04, apache2 2.4.59.
Running dpkg -l |grep coolwsd gives:
ii coolwsd amd64 Collabora Online WebSocket Daemon
Not sure if this is what you want.

1 Like

The following may be useful. I have this nextcloud log entry:
WOPI request denied from as it does not match the configured ranges:,,
Note: is the proxy server in the same box as the CODE server.
Perhaps I must configure this in coolwsd.xml (but I have never done so before):
host desc=“hostname to allow or deny.” allow=“true”>scheme://hostname:port
alias desc=“regex pattern of aliasname”>scheme://aliasname1:port
alias desc=“regex pattern of aliasname”>scheme://aliasname2:port

I am now running:
Nextcloud Hub 7 (28.0.5)
Nextcloud Office 8.3.6

Still same problem.

I seem to have solved this problem by adding the ip address of my ISP provided router, its internal LAN address that is. I added this to the Nextcloud Office WOPI request whitelist within the admin settings in the Nextcloud GUI.
Rich documents are now available.
I had never had this entry there before. But there were no log complaints and everything worked fine. I would love to know what the change was but it is not a ‘bug’ now, if it ever was.


@cnic023 Absolutely fantastic hearing that you finally solved it. :slight_smile:

Maybe the upgrades from Nextcloud 26->28 + Nextcloud Office 8.0->8.3 corrected many hidden issues too. (Usually lots of bugs are fixed in each version as well.)

Whenever anything goes very strange, usually one of the first steps I do is… to test the latest. Sometimes, the issue was already reported/squished (or made better) months ago. :slight_smile: