Nextcloud Office + Collabra Online in Docker - Looks OK, doesn't work

Hi all,

I want to run this on my Chromebook in Linux and I have had many other things running fine that way both in Docker standalone and Docker Compose.

There are two containers running -

$ docker ps --no-trunc
CONTAINER ID                                                       IMAGE            COMMAND                               CREATED          STATUS          PORTS                                       NAMES
d36e3e9ba098d89d70f4aa88f92a8fd567bb32e1fccfb206edd2f3a85ebf210d   collabora/code   "/start-collabora-online.sh"          49 minutes ago   Up 47 minutes   0.0.0.0:9980->9980/tcp, :::9980->9980/tcp   elated_shirley
7a3e3ae36118db7e39dffd8339facb4e74994d01bb34b4b569aff66940778b5e   nextcloud        "/entrypoint.sh apache2-foreground"   13 hours ago     Up 13 hours     0.0.0.0:8080->80/tcp, :::8080->80/tcp       jolly_ride

On the host http://localhost:8080 takes me to Nextcloud and I configured Nextcloud Office to call the Collabra container at http://172.17.0.3:9980. The configuration screen reports:

And back in the Linux VM everything looks good:

$ docker exec -t elated_shirley cat /etc/coolwsd/coolwsd.xml | grep "SSL support"
        <enable type="bool" desc="Controls whether SSL encryption between coolwsd and the network is enabled (do not disable for production deployment). If default is false, must first be compiled with SSL support to enable." default="true">false</enable>
davidm@penguin:~
$ docker exec -t elated_shirley hostname -i
172.17.0.3
davidm@penguin:~
$ curl http://172.17.0.3:9980
OK
davidm@penguin:~
$ docker logs -n10 elated_shirley 
wsd-00001-00027 2022-04-13 09:20:37.803266 +0000 [ prisoner_poll ] TRC  Adding one child to NewChildren| wsd/COOLWSD.cpp:527
wsd-00001-00027 2022-04-13 09:20:37.803938 +0000 [ prisoner_poll ] INF  Have 1 spare child after adding [30].| wsd/COOLWSD.cpp:531
wsd-00001-00027 2022-04-13 09:20:37.804222 +0000 [ prisoner_poll ] TRC  Notifying NewChildrenCV| wsd/COOLWSD.cpp:534
wsd-00001-00027 2022-04-13 09:20:37.804621 +0000 [ prisoner_poll ] TRC  Removing socket #21 (at 2 of 3) from prisoner_poll| net/Socket.cpp:489
wsd-00001-00027 2022-04-13 09:20:37.804729 +0000 [ prisoner_poll ] TRC  #19: setupPollFds getPollEvents: 0x1| net/Socket.hpp:852
wsd-00001-00027 2022-04-13 09:20:37.805010 +0000 [ prisoner_poll ] TRC  #20: setupPollFds getPollEvents: 0x1| net/Socket.hpp:852
wsd-00001-00001 2022-04-13 09:20:37.805059 +0000 [ coolwsd ] TRC  Have 1 new children.| wsd/COOLWSD.cpp:4680
wsd-00001-00001 2022-04-13 09:20:37.805399 +0000 [ coolwsd ] INF  WSD initialization complete: setting log-level to [warning] as configured.| wsd/COOLWSD.cpp:4696
Ready to accept connections on port 9980.

And yet, when I try to open or create an office document (docx file) in Nextcloud, I just get: “Failed to load Nextcloud Office - please try again later”.

Please can anyone help me debug this issue?

Thanks,

Dave

1 Like

@Dave can you give us full logs after it fails to open the document ? thanks
also share <storage desc="Backend storage">...</storage> part of coolwsd.xml

Hi thanks for taking a look at this. Thinking on, I guess I may need to configure the nextcloud host and port somewhere (172.17.0.2:80) as the collabra container might be trying to reach localhost:8080 for webdav?

First the logs from the Nextcloud container (nothing new was logged by the Collabra container) - when it failed to open a document:

172.17.0.1 - - [13/Apr/2022:12:26:04 +0000] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 304 799 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.57.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.64 Safari/537.36"
172.17.0.1 - - [13/Apr/2022:12:26:04 +0000] "POST /apps/text/session/sync HTTP/1.1" 200 1036 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.57.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.64 Safari/537.36"
172.17.0.1 - - [13/Apr/2022:12:26:09 +0000] "POST /apps/text/session/sync HTTP/1.1" 200 1036 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.57.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.64 Safari/537.36"
172.17.0.1 - - [13/Apr/2022:12:26:14 +0000] "POST /apps/text/session/sync HTTP/1.1" 200 1036 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.57.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.64 Safari/537.36"
172.17.0.1 - - [13/Apr/2022:12:26:17 +0000] "PROPFIND /remote.php/dav/files/dave/Documents/CV.docx HTTP/1.1" 207 1391 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.57.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.64 Safari/537.36"
172.17.0.1 - - [13/Apr/2022:12:26:17 +0000] "GET /apps/richdocuments/index?fileId=166&requesttoken=l1hADO41FuQEbHhdGuFRhRMlf6uhjczVckxAIciyYRs%3D%3A0g41ZIFkeoxUKTp2YKsrqiBqO5mOtIaPRmcEd4rZU2I%3D&path=%2FDocuments%2FCV.docx HTTP/1.1" 200 8250 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.57.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.64 Safari/537.36"
172.17.0.1 - - [13/Apr/2022:12:26:18 +0000] "GET /cron.php HTTP/1.1" 200 931 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.57.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.64 Safari/537.36"
172.17.0.1 - - [13/Apr/2022:12:26:19 +0000] "POST /apps/text/session/sync HTTP/1.1" 200 1035 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.57.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.64 Safari/537.36"
172.17.0.1 - - [13/Apr/2022:12:26:25 +0000] "POST /apps/text/session/sync HTTP/1.1" 200 1036 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.57.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.64 Safari/537.36"
172.17.0.1 - - [13/Apr/2022:12:26:30 +0000] "POST /apps/text/session/sync HTTP/1.1" 200 1036 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.57.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.64 Safari/537.36"

The storage backend is configured like so:

    <storage desc="Backend storage">
        <filesystem allow="false" />
        <wopi desc="Allow/deny wopi storage." allow="true">
            <max_file_size desc="Maximum document size in bytes to load. 0 for unlimited." type="uint">0</max_file_size>
            <locking desc="Locking settings">
                <refresh desc="How frequently we should re-acquire a lock with the storage server, in seconds (default 15 mins) or 0 for no refresh" type="int" default="900">900</refresh>
            </locking>

            <alias_groups desc="default mode is 'first' it allows only the first host when groups are not defined. set mode to 'groups' and define group to allow multiple host and its aliases" mode="first">
            <!-- If you need to use multiple wopi hosts, please change the mode to "groups" and
                    add the hosts below.  If one host is accessible under multiple ip addresses
                    or names, add them as aliases. -->
            <!--<group>
                    <host desc="hostname to allow or deny." allow="true">scheme://hostname:port</host>
                    <alias desc="regex pattern of aliasname">scheme://aliasname1:port</alias>
                    <alias desc="regex pattern of aliasname">scheme://aliasname2:port</alias>
            </group>-->
            <!-- More "group"s possible here -->
            </alias_groups>

        </wopi>
        <ssl desc="SSL settings">
            <as_scheme type="bool" default="true" desc="When set we exclusively use the WOPI URI's scheme to enable SSL for storage"></as_scheme>
            <enable type="bool" desc="If as_scheme is false or not set, this can be set to force SSL encryption between storage and coolwsd. When empty this defaults to following the ssl.enable setting"></enable>
            <cert_file_path desc="Path to the cert file" relative="false"></cert_file_path>
            <key_file_path desc="Path to the key file" relative="false"></key_file_path>
            <ca_file_path desc="Path to the ca file. If this is not empty, then SSL verification will be strict, otherwise cert of storage (WOPI-like host) will not be verified." relative="false"></ca_file_path>
            <cipher_list desc="List of OpenSSL ciphers to accept. If empty the defaults are used. These can be overridden only if absolutely needed."></cipher_list>
        </ssl>
    </storage>

Thanks - A reply is pending the spam filter…

@Dave thanks for the heads up, I have marked as not a spam , everyone now should be able to see that

1 Like

@Dave Sorry, I forgot to specify I wanted collabora online logs when it fails to connect

@rash419 Sorry, found what you were looking for, I think. There were no logs in docker for the Collabra container (and nothing new in /var/log), just the original final console message from startup:

wsd-00001-00001 2022-04-13 12:45:34.514423 +0000 [ coolwsd ] INF  WSD initialization complete: setting log-level to [warning] as configured.| wsd/COOLWSD.cpp:4696
Ready to accept connections on port 9980.

However found the message below in the Nextcloud web console, in Administration → Logging.

Warning	no app in context	Host 172.17.0.3 was not connected to because it violates local access rules		2022-04-13T15:04:07+0100

There is some ACL configuration I need to do somewhere? I’m completely new to Nextcloud but liking what I see so far if I can get it working.

Thanks

@Dave docker logs <container-name> doesnot have anything when you try to open the document ?

It has nothing new from the time of the errors, only the original container startup messages. I captured the whole set to a file but I’m not able to attach it here as I’m a new user. You can view it here instead. Looks to me like Nextcloud doesn’t want to talk to 172.17.0.3 according to the error message in the console?

@Dave I have manually increased your user role to basic user

1 Like

I since tried adding 172.17.0.1/24 to the “brute force ip whitelist” but it didn’t work - still getting the same error in the console logs.
Also attached the logs from the Collabra container. I had to rename .txt as .doc to upload it.
collabralog.doc (316.4 KB)

( Thanks @Dave for letting me know I have just added to the allowed file extensions txt and rtf )

I created a docker network to be able to use resolvable hostnames instead of IP addresses.

$ docker network create --driver bridge collabora
$ docker run --name collabora --network collabora -t -d -p 9980:9980 -e "extra_params=--o:ssl.enable=false" --restart always collabora/code
$ docker run --name nextcloud --network collabora -t -d -p 8080:80 --restart always nextcloud
$ docker exec -t collabora cat /etc/coolwsd/coolwsd.xml | grep "SSL support"
        <enable type="bool" desc="Controls whether SSL encryption between coolwsd and the network is enabled (do not disable for production deployment). If default is false, must first be compiled with SSL support to enable." default="true">false</enable>
$ docker exec -t nextcloud curl http://collabora:9980
OK

This has got me past the “was not connected to because it violates local access rules” nextcloud UI logging errors but it still isn’t opening documents and the console logs are not providing any clues whether it actually reached collabora or not. The nextcloud logs after I click on a docx file (the sample one):

172.18.0.1 - - [14/Apr/2022:09:41:13 +0000] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 304 800 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.69.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.82 Safari/537.36"
172.18.0.1 - - [14/Apr/2022:09:41:18 +0000] "POST /apps/text/session/sync HTTP/1.1" 200 1034 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.69.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.82 Safari/537.36"
172.18.0.1 - - [14/Apr/2022:09:41:28 +0000] "POST /apps/text/session/sync HTTP/1.1" 200 1034 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.69.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.82 Safari/537.36"
172.18.0.1 - - [14/Apr/2022:09:41:43 +0000] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 304 800 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.69.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.82 Safari/537.36"
172.18.0.1 - - [14/Apr/2022:09:42:13 +0000] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 304 800 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.69.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.82 Safari/537.36"
172.18.0.1 - - [14/Apr/2022:09:42:13 +0000] "POST /apps/text/session/sync HTTP/1.1" 200 1033 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.69.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.82 Safari/537.36"
172.18.0.1 - - [14/Apr/2022:09:42:15 +0000] "PROPFIND /remote.php/dav/files/dave/Documents/Welcome%20to%20Nextcloud%20Hub.docx HTTP/1.1" 207 1389 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.69.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.82 Safari/537.36"
172.18.0.1 - - [14/Apr/2022:09:42:15 +0000] "GET /apps/richdocuments/index?fileId=11&requesttoken=pNkZ68n%2Bv3VzBco8EshKtILIdjgR53L2pjAUc5RU6Es%3D%3AnYBAh7iVx0cWb6dNV%2Fwj2tWmTk5ovxjAyl5RJ8RivHw%3D&path=%2FDocuments%2FWelcome%20to%20Nextcloud%20Hub.docx HTTP/1.1" 200 8186 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.69.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.82 Safari/537.36"
172.18.0.1 - - [14/Apr/2022:09:42:15 +0000] "GET /cron.php HTTP/1.1" 200 931 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.69.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.82 Safari/537.36"
172.18.0.1 - - [14/Apr/2022:09:42:18 +0000] "POST /apps/text/session/sync HTTP/1.1" 200 1033 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.69.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.82 Safari/537.36"
172.18.0.1 - - [14/Apr/2022:09:42:24 +0000] "POST /apps/text/session/sync HTTP/1.1" 200 1034 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.69.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.82 Safari/537.36"
172.18.0.1 - - [14/Apr/2022:09:42:29 +0000] "POST /apps/text/session/sync HTTP/1.1" 200 1034 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.69.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.82 Safari/537.36"
172.18.0.1 - - [14/Apr/2022:09:42:34 +0000] "POST /apps/text/session/sync HTTP/1.1" 200 1034 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.69.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.82 Safari/537.36"
172.18.0.1 - - [14/Apr/2022:09:42:34 +0000] "PUT /apps/user_status/heartbeat HTTP/1.1" 200 918 "-" "Mozilla/5.0 (X11; CrOS x86_64 14526.69.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.82 Safari/537.36"

and the collabora logs not showing any evidence of communication (at 09:41-09:42)

 wsd-00001-00029 2022-04-14 09:33:55.119499 +0000 [ prisoner_poll ] TRC  #21: Sending WS Upgrade response: Date: Thu, 14 Apr 2022 09:33:55
Server: COOLWSD HTTP Server 21.11.3.6
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: 1Yy8N3tflrJ9qm5G1oauWeMUj9E=
| ./net/WebSocketHandler.hpp:891
wsd-00001-00029 2022-04-14 09:33:55.119664 +0000 [ prisoner_poll ] TRC  #21: Wrote 201 bytes of 201 buffered data| ./net/Socket.hpp:1413
wsd-00001-00029 2022-04-14 09:33:55.119789 +0000 [ prisoner_poll ] INF  ChildProcess ctor [32].| wsd/COOLWSD.hpp:58
wsd-00001-00029 2022-04-14 09:33:55.119929 +0000 [ prisoner_poll ] TRC  #21 resetting thread affinity while in transit (was 0x7b4e4a3ac700)| ./net/Socket.hpp:329
wsd-00001-00029 2022-04-14 09:33:55.120058 +0000 [ prisoner_poll ] TRC  Calling addNewChild in disposition's move thing to add to NewChildren| wsd/COOLWSD.cpp:2863
wsd-00001-00029 2022-04-14 09:33:55.120183 +0000 [ prisoner_poll ] TRC  Adding one child to NewChildren| wsd/COOLWSD.cpp:527
wsd-00001-00029 2022-04-14 09:33:55.120372 +0000 [ prisoner_poll ] INF  Have 1 spare child after adding [32].| wsd/COOLWSD.cpp:531
wsd-00001-00029 2022-04-14 09:33:55.120570 +0000 [ prisoner_poll ] TRC  Notifying NewChildrenCV| wsd/COOLWSD.cpp:534
wsd-00001-00001 2022-04-14 09:33:55.120713 +0000 [ coolwsd ] TRC  Have 1 new children.| wsd/COOLWSD.cpp:4680
wsd-00001-00001 2022-04-14 09:33:55.120759 +0000 [ coolwsd ] INF  WSD initialization complete: setting log-level to [warning] as configured.| wsd/COOLWSD.cpp:4696
Ready to accept connections on port 9980.

Also added an 80:80 port mapping on nextcloud but it made no difference.

Hi Dave, did you manage to get this working? Rob

Curious as well,
I find myself in somewhat the same situation.

  • NextCloud gives green
  • Visiting the Collabora-code address gives an “OK”

but still nothing works.
When I try to open a document within NextCloud, after a quite long “Loading xxx.odt document” I get “oading failed” and that’s it.

Tried to post in the forum quite a while ago, never got anywhere so far.
I am using Portainer to manage the whole thing, with separate docker-compose files,
and Nginx Proxy Manager on the front.

Everything else works (odoo, NextCloud itself, etc).

Thanks! :wink: