Wiki

NextCloud: Install Collabora: Difference between revisions

Newer edit →
Kangtain (talk | contribs)
Bureaucrats, Interface administrators, Suppressors, Administrators
9,154 edits
VisualWikitext
Created page with "This tutorial is going to show you how to install Collabora Online on Ubuntu and then integrate it with an existing Nextcloud server without using Docker. '''Collabora Online''' is a self-hostable and LibreOffice-based open-source online office suite. Its features include: * Basic editing * High fidelity, WYSIWYG rendering * Supports DOC, DOCX, PPT, PPTX, XLS, XLSX, ODF document format * Import and view Visio, Publisher and 100+ more * Shared Editing Collabora is a bi..."
 
No edit summary
Line 16: Line 16:
'''Ubuntu 22.04'''
'''Ubuntu 22.04'''


<code>echo 'deb <nowiki>https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-ubuntu2204</nowiki> ./' | sudo tee /etc/apt/sources.list.d/collabora.list</code>
echo 'deb <nowiki>https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-ubuntu2204</nowiki> ./' | sudo tee /etc/apt/sources.list.d/collabora.list


'''Ubuntu 20.04'''
'''Ubuntu 20.04'''
  <code>echo 'deb <nowiki>https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-ubuntu2004</nowiki> ./' | sudo tee /etc/apt/sources.list.d/collabora.list</code>
 
  echo 'deb <nowiki>https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-ubuntu2004</nowiki> ./' | sudo tee /etc/apt/sources.list.d/collabora.list
 
'''Ubuntu 18.04'''
'''Ubuntu 18.04'''
  <code>echo 'deb <nowiki>https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-ubuntu1804</nowiki> ./' | sudo tee /etc/apt/sources.list.d/collabora.list</code>
 
  echo 'deb <nowiki>https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-ubuntu1804</nowiki> ./' | sudo tee /etc/apt/sources.list.d/collabora.list
 
Then run the following command to download and import Collabora public key, which allows APT package manager to verify the integrity of packages downloaded from this repository.
Then run the following command to download and import Collabora public key, which allows APT package manager to verify the integrity of packages downloaded from this repository.
  <code>sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0C54D189F4BA284D</code>
 
  sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0C54D189F4BA284D
 
If you can’t import the public key with the above command, you can use the following command to download and import the key.
If you can’t import the public key with the above command, you can use the following command to download and import the key.
  <code>wget <nowiki>https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-centos7/repodata/repomd.xml.key</nowiki> && sudo apt-key add repomd.xml.key</code>
 
  wget <nowiki>https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-centos7/repodata/repomd.xml.key</nowiki> && sudo apt-key add repomd.xml.key
 
Since this repository uses HTTPS connection, we need to install the <code>apt-transport-https</code> and <code>ca-certificates</code> package, so the APT package manager can establish secure connection to the repository.
Since this repository uses HTTPS connection, we need to install the <code>apt-transport-https</code> and <code>ca-certificates</code> package, so the APT package manager can establish secure connection to the repository.
  <code>sudo apt install apt-transport-https ca-certificates</code>
 
  sudo apt install apt-transport-https ca-certificates
 
Now update local package index and install Collabora Online. '''coolwsd''' is the Collabora Online WebSocket Daemon.
Now update local package index and install Collabora Online. '''coolwsd''' is the Collabora Online WebSocket Daemon.
  <code>sudo apt update
 
  sudo apt install coolwsd code-brand</code>
  sudo apt update
  sudo apt install coolwsd code-brand


== Step 2: Configure Collabora Online WebSocket Daemon ==
== Step 2: Configure Collabora Online WebSocket Daemon ==
After they are installed, you can check the status of coolwsd.
After they are installed, you can check the status of coolwsd.
  <code>systemctl status coolwsd</code>
 
  systemctl status coolwsd
 
As you can see, it failed to start. We can check the journal to see why this happened.
As you can see, it failed to start. We can check the journal to see why this happened.
  <code>sudo journalctl -eu coolwsd</code>
 
  sudo journalctl -eu coolwsd
 
Sample output:
Sample output:
  <code>Apr 21 16:13:06 ubuntu coolwsd[13842]: **File not found: /etc/coolwsd/ca-chain.cert.pem**
  Apr 21 16:13:06 ubuntu coolwsd[13842]: **File not found: /etc/coolwsd/ca-chain.cert.pem**
  Apr 21 16:13:06 ubuntu systemd[1]: coolwsd.service: Main process exited, code=exited, status
  Apr 21 16:13:06 ubuntu systemd[1]: coolwsd.service: Main process exited, code=exited, status
  Apr 21 16:13:06 ubuntu systemd[1]: coolwsd.service: Failed with result 'exit-code'.
  Apr 21 16:13:06 ubuntu systemd[1]: coolwsd.service: Failed with result 'exit-code'.
Line 46: Line 61:
  Apr 21 16:13:07 ubuntu systemd[1]: coolwsd.service: Start request repeated too quickly.
  Apr 21 16:13:07 ubuntu systemd[1]: coolwsd.service: Start request repeated too quickly.
  Apr 21 16:13:07 ubuntu systemd[1]: coolwsd.service: Failed with result 'exit-code'.
  Apr 21 16:13:07 ubuntu systemd[1]: coolwsd.service: Failed with result 'exit-code'.
  Apr 21 16:13:07 ubuntu systemd[1]: Failed to start LibreOffice Online WebSocket Daemon.</code>
  Apr 21 16:13:07 ubuntu systemd[1]: Failed to start LibreOffice Online WebSocket Daemon.
 
By default, coolwsd enables TLS connection. However, it didn’t find a TLS certificate file, hence the start failure. It’s better to disable TLS in coolwsd and terminate TLS at a reverse proxy. The coolwsd configuration file is located at <code>/etc/coolwsd/coolwsd.xml</code>. However, it’s an XML file, which is not easy to read and edit. We can use the <code>coolconfig</code> tool to change configurations.
By default, coolwsd enables TLS connection. However, it didn’t find a TLS certificate file, hence the start failure. It’s better to disable TLS in coolwsd and terminate TLS at a reverse proxy. The coolwsd configuration file is located at <code>/etc/coolwsd/coolwsd.xml</code>. However, it’s an XML file, which is not easy to read and edit. We can use the <code>coolconfig</code> tool to change configurations.


Run the following command to disable TLS in coolwsd.
Run the following command to disable TLS in coolwsd.
  <code>sudo coolconfig set ssl.enable false</code>
 
  sudo coolconfig set ssl.enable false
 
And enable TLS termination at the reverse proxy.
And enable TLS termination at the reverse proxy.
  <code>sudo coolconfig set ssl.termination true</code>
 
  sudo coolconfig set ssl.termination true
 
By default, coolwsd only allows known hosts to access its service. To allow Nextcloud to access the service, run the following command to add your Nextcloud hostname to the whitelist.
By default, coolwsd only allows known hosts to access its service. To allow Nextcloud to access the service, run the following command to add your Nextcloud hostname to the whitelist.
  <code>sudo coolconfig set storage.wopi.host nextcloud.example.com</code>
 
  sudo coolconfig set storage.wopi.host nextcloud.example.com
 
You can also enable the admin account for coolwsd with the following command. You will need to set a username and password for the admin account.
You can also enable the admin account for coolwsd with the following command. You will need to set a username and password for the admin account.
  <code>sudo coolconfig set-admin-password</code>
 
  sudo coolconfig set-admin-password
 
Restart coolwsd for the changes to take effect.
Restart coolwsd for the changes to take effect.
  <code>sudo systemctl restart coolwsd</code>
 
  sudo systemctl restart coolwsd
 
Now it should be running without errors.
Now it should be running without errors.
  <code>systemctl status coolwsd</code>
 
  systemctl status coolwsd


== Step 3: Set up Reverse Proxy ==
== Step 3: Set up Reverse Proxy ==
Line 67: Line 94:
=== Apache ===
=== Apache ===
Install Apache web server with the following command:
Install Apache web server with the following command:
  <code>sudo apt install apache2</code>
 
  sudo apt install apache2
 
Run the following command to create an Apache virtual host file for Collabora Online.
Run the following command to create an Apache virtual host file for Collabora Online.
  <code>sudo nano /etc/apache2/sites-available/collabora.conf</code>
 
  sudo vim /etc/apache2/sites-available/collabora.conf
 
Put the following text into the file. Replace the domain name with your actual domain name for Collabora Online. Don’t forget to create an A record for this sub-domain.
Put the following text into the file. Replace the domain name with your actual domain name for Collabora Online. Don’t forget to create an A record for this sub-domain.
  <code><VirtualHost *:80>
 
  <VirtualHost *:80>
   ServerName collabora.example.com
   ServerName collabora.example.com
   Options -Indexes
   Options -Indexes
Line 107: Line 139:
   ProxyPassReverse    /cool <nowiki>http://127.0.0.1:9980/cool</nowiki>
   ProxyPassReverse    /cool <nowiki>http://127.0.0.1:9980/cool</nowiki>
   
   
  </VirtualHost></code>
  </VirtualHost>
 
Save and close the file. To be able to proxy traffic using Apache, we need to enable some Apache modules.
Save and close the file. To be able to proxy traffic using Apache, we need to enable some Apache modules.
  <code>sudo a2enmod proxy proxy_wstunnel proxy_http</code>
 
  sudo a2enmod proxy proxy_wstunnel proxy_http
 
Enable this virtual host with the following command:
Enable this virtual host with the following command:
  <code>sudo a2ensite collabora.conf</code>
 
  sudo a2ensite collabora.conf
 
Then restart Apache.
Then restart Apache.
  <code>sudo systemctl restart apache2</code>
 
  sudo systemctl restart apache2


=== Nginx ===
=== Nginx ===
Install Nginx on Ubuntu with the following command:
Install Nginx on Ubuntu with the following command:
  <code>sudo apt install nginx</code>
 
  sudo apt install nginx
 
Create a virtual host file for Collabora Online.
Create a virtual host file for Collabora Online.
  <code>sudo nano /etc/nginx/conf.d/collabora.conf</code>
 
  sudo nano /etc/nginx/conf.d/collabora.conf
 
Put the following text into the file. Replace the domain name with your actual domain name for Collabora Online. Don’t forget to create an A record for this domain name.
Put the following text into the file. Replace the domain name with your actual domain name for Collabora Online. Don’t forget to create an A record for this domain name.
  <code>server {
  server {
     listen 80;
     listen 80;
     listen [::]:80;
     listen [::]:80;
Line 174: Line 216:
         proxy_read_timeout 36000s;
         proxy_read_timeout 36000s;
     }
     }
  }</code>
  }
 
Save and close the file. Then test Nginx configurations.
Save and close the file. Then test Nginx configurations.
  <code>sudo nginx -t</code>
 
  sudo nginx -t
If the test is successful, reload Nginx server.
If the test is successful, reload Nginx server.
  <code>sudo systemctl reload nginx</code>
 
  sudo systemctl reload nginx


== Step 4: Obtain and Install TLS Certificate ==
== Step 4: Obtain and Install TLS Certificate ==
Now let’s obtain a free TLS certificate from Let’s encrypt. Run the following commands to install Let’s Encrypt client (certbot) from the default software repository.
Now let’s obtain a free TLS certificate from Let’s encrypt. Run the following commands to install Let’s Encrypt client (certbot) from the default software repository.
  <code>sudo apt install certbot</code>
 
  sudo apt install certbot
 
If you use '''Apache''' web server, then you also need to install the Certbot Apache plugin.
If you use '''Apache''' web server, then you also need to install the Certbot Apache plugin.
  <code>sudo apt install python3-certbot-apache</code>
 
  sudo apt install python3-certbot-apache
 
Then issue the following command to obtain a free TLS/SSL certificate.
Then issue the following command to obtain a free TLS/SSL certificate.
  <code>sudo certbot --apache --agree-tos --redirect --hsts --staple-ocsp --email you@example.com -d collabora.example.com</code>
 
  sudo certbot --apache --agree-tos --redirect --hsts --staple-ocsp --email you@example.com -d collabora.example.com
 
If you use '''Nginx''' web server, then you need to install the Certbot Nginx plugin.
If you use '''Nginx''' web server, then you need to install the Certbot Nginx plugin.
  <code>sudo apt install python3-certbot-nginx</code>
 
  sudo apt install python3-certbot-nginx
 
Then use the Nginx plugin to obtain and install the certificate by running the following command.
Then use the Nginx plugin to obtain and install the certificate by running the following command.
  <code>sudo certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --email you@example.com -d collabora.example.com</code>
 
  sudo certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --email you@example.com -d collabora.example.com
 
You will see the following text indicating that you have successfully obtained a TLS certificate.
You will see the following text indicating that you have successfully obtained a TLS certificate.


Retrieved from "https://kangtain.com/wiki/index.php/NextCloud:_Install_Collabora"