My Blog
Install Collabora Online Office on Ubuntu & connect to Owncloud or Nextcloud
- October 5, 2019
- -
- Linux Virtual & Dedicated server
- -
- nicolas
Please do not publish this article without my permission. Thanks.
Step 1: Once we have set up our cloud and installed the plugin for collabora office interface
we are preparing a new ubuntu server 19.04 either on Virtual Machine with the appropriate ports open, or on
Physical Machine also with the proper ports open, or a Google VM Instance,
for that go to console.cloud.google.com (create an account if you don't have one, you can have a trial) and
on the Compute Engine / VM Instances tab, we are creating a new instance with the following specifications:
n1-standard-1 (1 vcpu, 3.75 GB memory), (us-west1 (Oregon), ubuntu 19.04 minimum)
It only costs $ 24.67 a month.
Step 2: We start our server (SSH connection ie client or browser if google)
Step 3: After logging in we give the following commands (where we ask, press y and enter)
Administrator rights first (otherwise every command with sudo in front): sudo su
And right after:
apt-get update
apt-get ugprade
apt-get dist-upgrade
apt-get install lamp-server^
a2enmod proxy
a2enmod proxy_http
a2enmod ssl
a2enmod proxy_http2
a2enmod proxy_ajp
a2enmod rewrite
a2enmod deflate
a2enmod headers
a2enmod proxy_balancer
a2enmod proxy_connect
a2enmod proxy_html
a2enmod proxy_wstunnel
Step 4: apt-get install docker.io
systemctl start docker
systemctl enable docker
Step 5: apt-get update
apt-get install software-properties-common
add-apt-repository ppa:certbot/certbot
apt-get update
apt-get install python-certbot-apache
Step 6:
For this step, you will first need to make a subdomain of your address.
for example if your address is nikos.com the subdomain will be office.nikos.com
Once you make the subdomain from your dns service (on papaki, cloudflare, goddaddy, anywhere)
its A record should point to the external IP of your server, eg 48.32.144.12 etc.
(if your server is personal, open ports on the router and find the external ip from
whatismyip.com, if it is on google, Google gives it external IP directly)
Go to the console and write the following command
(replace the command with your own domain, eg .nikos \. com will become giorgos \ .gr)
(also replace the user with the username you want and definitely the password)
(WARNING, IT WILL NOT SUBDOMAIN YOUR CLOUD, BUT DOMAIN YOU HAVE YOUR CLOUD)
The order:
docker run -t -d -p 127.0.0.1:9980:9980 -e 'domain=nikos\.com' -e 'username=user' -e 'password=484848' --cap-add MKNOD collabora/code
Step 7:
We will now create the vhost that will connect your subdomain to the server:
nano /etc/apache2/sites-available/office.nikos.com.conf
(is meant before you give the command to replace the subdomain)
(if the nano program is not installed, first write: apt-get install nano)
Step 8:
In the nano window that will open, paste the following (by changing the subdomain):
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName office.nikos.com
ServerAdmin webmaster@nikos.com
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
Step 9:
Press CTRL + X, then Y and Enter to close and save the conf document you just created
Step 10:
We will now activate the new document:
a2ensite office.nikos.com.conf
and right after: systemctl reload apache2
Step 11:
Now we will create the LetsEncrypt-Certificate (change the subdomain before giving the command):
certbot --authenticator standalone --installer apache -d office.nikos.com --pre-hook "service apache2 stop" --post-hook "service apache2 start"
and ATTENTION, once he asks us area etc we will answer and just go to the technical part and ask us
we will select option 2 (redirect)
Step 12:
The Step 11 created another new conf file, like we did in step 8.
We need to edit it and change it.
Below I give you the command, change it to your own subdomain (but be careful not to change -le-ssl):
nano /etc/apache2/sites-available/office.nikos.com-le-ssl.conf
Step 13:
In the nano window that opened, slowly erase it inside and insert the following (make changes before):
<VirtualHost *:443>
ServerName office.nikos.com:443
# SSL configuration, you may want to take the easy route instead and use Lets Encrypt!
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/office.nikos.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/office.nikos.com/privkey.pem
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
SSLHonorCipherOrder on
# Encoded slashes need to be allowed
AllowEncodedSlashes NoDecode
# Container uses a unique non-signed certificate
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
# keep the host
ProxyPreserveHost On
# static html, js, images, etc. served from loolwsd
# loleaflet is the client part of Collabora Online
ProxyPass /loleaflet https://127.0.0.1:9980/loleaflet retry=0
ProxyPassReverse /loleaflet https://127.0.0.1:9980/loleaflet
# WOPI discovery URL
ProxyPass /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
ProxyPassReverse /hosting/discovery https://127.0.0.1:9980/hosting/discovery
# Capabilities
ProxyPass /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities retry=0
ProxyPassReverse /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities
# Main websocket
ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws nocanon
# Admin Console websocket
ProxyPass /lool/adminws wss://127.0.0.1:9980/lool/adminws
# Download as, Fullscreen presentation and Image upload operations
ProxyPass /lool https://127.0.0.1:9980/lool
ProxyPassReverse /lool https://127.0.0.1:9980/lool
</VirtualHost>
Step 14:
Save the document and close it (with CTRL + X, Y and Enter)
Restart apache with: systemctl reload apache2
Step 15:
See if all went well in the following admin url: https://office.nikos.com/loleaflet/dist/admin/admin.html
If it doesn't open:
See the following:
run the command: docker ps and see if the docker is running,
if not check step 6 again and then check again.
There may also be an issue with port 9980, open it, IN and OUT
If everything else is to blame, you have not done something right or you need to do something extra
because you may have another Linux distribution, older, newer, etc.
Anyway, contact me. 😉
Step 16:
From here we move on, once we are done with the previous ones.
This post is also available in: Ελληνικά