Collabora & Nextcloud hinter NGINX Reverse Proxy

Apps & App Center
, , , ,
#1

Umgebung:
UCS 4.4-X mit Nextcloud+Collabora
NGINX als Reverse Proxy

Fehler:
Nach einem Update von Collabora erhält man beim Zugriff von außen(über den Reverse Proxy) den Fehler: “Die Verbindung zum Server wurde unterbrochen.”
Nextcloud_Collabora_save

Lösung:
Die Konfiguration von Collabora hat sich geändert, der Reverse Proxy muss angepasst werden. “lool” muss mit “cool” ersetzt werden und statt “loleaflet” muss “browser” eingesetzt werden.

Hier meine NGINX-Konfig:

server {
        ### server name ###
        server_name  example.com;
        keepalive_timeout 60;
        ### We want full access to SSL via backend ###
        location / {
           proxy_pass https://10.10.10.10/;
           ### force timeouts if backend is died ##
           proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
           ### Set headers ####
           proxy_set_header        Accept-Encoding   "";
           proxy_set_header        Host            $host;
           proxy_set_header        X-Real-IP       $remote_addr;
           proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_set_header        X-Forwarded-Proto $scheme;
           add_header              Front-End-Https   on;

           ### By default we don't want to redirect it ####
           proxy_redirect     default;
       }

   # static files
   location ^~ /browser {
       proxy_pass https://10.10.10.10:9980;
       proxy_set_header Host $http_host;
   }

   # WOPI discovery URL
   location ^~ /hosting/discovery {
       proxy_pass https://10.10.10.10:9980;
       proxy_set_header Host $http_host;
   }

   # Capabilities
   location ^~ /hosting/capabilities {
       proxy_pass https://10.10.10.10:9980;
       proxy_set_header Host $http_host;
   }

   # main websocket
   location ~ ^/cool/(.*)/ws$ {
       proxy_pass https://10.10.10.10:9980;
       proxy_set_header Upgrade $http_upgrade;
       proxy_set_header Connection "Upgrade";
       proxy_set_header Host $http_host;
       proxy_read_timeout 36000s;
   }

   # download, presentation and image upload
   location ~ ^/cool {
       proxy_pass https://10.10.10.10:9980;
       proxy_set_header Host $http_host;
   }

   # Admin Console websocket
   location ^~ /cool/adminws {
       proxy_pass https://10.10.10.10:9980;
       proxy_set_header Upgrade $http_upgrade;
       proxy_set_header Connection "Upgrade";
       proxy_set_header Host $http_host;
       proxy_read_timeout 36000s;
   }
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}
server {
    if ($host = example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


        server_name  example.com;
    listen 80;
    return 404; # managed by Certbot
Mastodon