Sign in Subscribe

Nextcloud with Collabora

Last updated on 
Nextcloud with Collabora
High quality logo of Nextcloud with Collabora CODE made in MS Paint

Do you want your own Google docs? Because I do. This one is quite straightforward. Most difficult being the setup of reverse proxy. I wanted to put it here as a base for some other posts that will build upon this one.

Collabora docker setup

Having running Nextcloud docker is a prerequisite to this step. Otherwise there nothing special to it. Previously there used to be a requirement to double escape that allowed domains. In this case cloud.example.cz would be written as cloud\.example\.cz. But this requirement is now dropped, as you can see from my docker run.

This container is one of the very few that I use with specific tag and not with :latest tag. There were some breaking changes few times and Collabora stopped working for me in the most inconvenient times. So now I always update and test it with opening a file straight away.

docker run
  -d
  --name='collabora'
  --net='proxynet'
  -e TZ="Europe/Budapest"
  -e HOST_OS="Unraid"
  -e HOST_HOSTNAME="ClearSky"
  -e HOST_CONTAINERNAME="collabora"
  -e 'aliasgroup1'='https://cloud.example.cz'
  -e 'aliasgroup2'='https://vikyrky.example.cz:443'
  -e 'username'='admin'
  -e 'password'='secret'
  -e 'dictionaries'='en_GB en_US es_ES ru cs'
  -e 'extra_params'=''
  -l net.unraid.docker.managed=dockerman
  -l net.unraid.docker.webui='https://[IP]:[PORT:9980]/browser/dist/admin/admin.html'
  -l net.unraid.docker.icon='https://raw.githubusercontent.com/chvb/docker-templates/master/chvb/img/collabora.png'
  -p '9980:9980/tcp' 'collabora/code:22.05.12.2.1'

My docker run command

I am using this Collabora container to server two different Nextcloud instances. That is why I have two aliasgroups. I put down the port on the second one, but that is not really required, unless you run your instance on non-standard port.

Username and password are used to access the administration of the container. You can't do much here really, but you can access the UI at the docker web UI address.

Dictionaries are installed through a list of ISO 639 codes.

Collabora nginx config

I am running the current linuxserver:swag template for Collabora. The only change being the domain name.

## Version 2023/02/05
# make sure that your collabora container is named collabora
# make sure that your dns has a cname set for collabora

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name collabora.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    # enable for ldap auth (requires ldap-location.conf in the location block)
    #include /config/nginx/ldap-server.conf;

    # enable for Authelia (requires authelia-location.conf in the location block)
    #include /config/nginx/authelia-server.conf;

    # enable for Authentik (requires authentik-location.conf in the location block)
    #include /config/nginx/authentik-server.conf;

    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;

        # enable for ldap auth (requires ldap-server.conf in the server block)
        #include /config/nginx/ldap-location.conf;

        # enable for Authelia (requires authelia-server.conf in the server block)
        #include /config/nginx/authelia-location.conf;

        # enable for Authentik (requires authentik-server.conf in the server block)
        #include /config/nginx/authentik-location.conf;

        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app collabora;
        set $upstream_port 9980;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

    }
}

My nginx proxy config

Nextcloud setup

You will need to install Nextcloud Office app. This will bring Office settings to your Administration. Here you will tell Nextcloud that you will use your own server and put down the URL of your server. That is the one used in the nginx config - https://collabora.example.cz.

Now after hitting save, you should get a green light saying.

Collabora Online server is reachable.

You should be able to open and modify Office files now.

Some specialities

There are some specialities that took me some time to solve. Collabora works without setting these. These are nice to haves, not must haves.

Collabora allow-list for WOPI requests

My understanding is that this should be a list of allowed IP addresses that can connect to the Collabora server.

You have not configured the allow-list for WOPI requests. Without this setting users may download restricted files via WOPI requests to the Nextcloud server. Click here for more info

This gets a bit complicated when you are using a Cloudflare proxy, but still can be solved. As you will be accessing the Collabora server through the proxy, you need to add all Cloudflare IPs. You need to find a list of all Cloudflare IP addresses a paste it into this box. This list is published on Cloudflare's website - Cloudflare IP Ranges. You just have to make it a comma separated single line.

Zotero

I have never heard of it before but in my Personal - Office appeared a field for Zotero API, so I had to had a look if it is worth using. So what is Zotero?

Zotero is a free and open-source reference management software to manage bibliographic data and related research materials, such as PDF files. - Wikipedia/Zotero

To use Zotero you need to set Zotero API Key that you can get on your Zotero account.

In my documentation I have a note that you have turn Zotero in docker run by adding the following extra parameter, but that is no longer required. I decided to not enable it but I still have the option in my settings.

-e 'extra_params'='--o:enable-zotero=true'

Extra param to enable Zotero