I tried Collabora CODE with podman and it works, looks great. Thx!
Are there some docs about security.
https://mydomain:9980 is open to the world. Behind a proxy, but everyone can access mydomain:9980/hosting/discovery
Acces sites like https://mydomain:9980/cool/getMetrics and https://mydomain:9980/browser/dist/admin/admin.html are secured by basic auth. Without user/password, there is no access. (I think 
)
With aliasgroup i set the wopiserver and net.frame_ancestors who is allowed to embed in frame.
Is this the way it works, or do I have to secure it some more, that no unwanted service is using my collabora service in their environment or does some harmful stuff.
Thx
Chris
@chrismaster Welcome to the Collabora Online forums!
To enhance the security and configuration of your Collabora CODE instance, refer to the following resources from the Collabora Online SDK documentation:
-
Security Settings:
- The Collabora Online SDK provides detailed security settings you can configure. Refer to the Security Settings Documentation for guidelines on SSL settings, network settings, and other security measures.
-
Configuration Topics:
- The configuration section includes various topics such as SSL settings, network settings, and more. Review the detailed configurations here: Configuration Documentation.
-
Proxy Settings:
- If you need to run Collabora Online behind a corporate firewall or set up load balancing, you can configure the
coolwsddaemon to use different ports. By default, it listens on port 9980, but you can change this using the--portcommand line option. For more details on setting up a reverse proxy, refer to the Proxy Settings Documentation.
- If you need to run Collabora Online behind a corporate firewall or set up load balancing, you can configure the
Let me know if you need more support.
Thanks,
Darshan