Roll Your Own Google Docs with Collabora On NextCloud 🌱

Prerequisites

Installing Collabora Office

  1. Log into the Linux device
  2. Run the following commands in a terminal:
    # install signing key
    sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0C54D189F4BA284D
    # add software repository
    sudo echo 'deb https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-debian10 ./' >> sudo /etc/apt/sources.list
    # update software repositories
    sudo apt update
    # install loolwsd and code-brand
    sudo apt install loolwsd code-brand
    # enable required Apache modules
    sudo a2enmod proxy proxy_wstunnel proxy_http ssl

Creating SSL Certificates

  1. Launch XCA
  2. Open the PKI database if it is not already (File > Open DataBase), enter password
  3. Click on the Certificates tab, right click on your Intermediate CA certificate
  4. Select New
  5. On the Source tab, make sure Use this Certificate for signing is selected
  6. Verify your Intermediate CA certificate is selected from the drop down
  7. Click the Subject tab
  8. Complete the Distinguished Name section

    internalName: nettools.i12bretro.local
    countryName: US
    stateOrProvinceName: Virginia
    localityName: Northern
    organizationName: i12bretro
    organizationUnitName: i12bretro Certificate Authority
    commonName: nettools.i12bretro.local

  9. Click the Generate a New Key button
  10. Enter a name and set the key size to at least 2048
  11. Click Create
  12. Click on the Extensions tab
  13. Select End Entity from the type list
  14. Click Edit next to Subject Alternative Name
  15. Add any DNS or IP addresses that the certificate will identify
  16. Update the validity dates to fit your needs
  17. Click the Key Usage tab
  18. Under Key Usage select Digital Signature, Key Encipherment
  19. Under Extended Key Usage select Web Server and Web Client Authentication
  20. Click the Netscape tab
  21. Select SSL Server
  22. Click OK to create the certificate

Exporting Required Files

  1. In XCA, click on the Certificates tab
  2. Right click the Intermediate CA certificate > Export > File
  3. Set the file name CA.pem and verify the export format is PEM chain (*.pem)
  4. Click OK
  5. Right click the SSL certificate > Export > File
  6. Set the file name with a .crt extension and verify the export format is PEM (*.crt)
  7. Click OK
  8. Click the Private Keys tab
  9. Right click the private key generated for the SSL certificate > Export > File
  10. Set the file name with a .key extension and verify the export format is PEM private (*.pem)
  11. Click OK

Applying the Certificates

  1. Download WinSCP Download
  2. Extract WinSCP and run the executable
  3. Connect to the Collabora Online server via WinSCP
  4. Copy the created .crt, .key and .pem files to ~/
  5. On the Collabora Online server, run the following command in a terminal
    sudo cp ~/nettools.i12bretro.local.crt /etc/ssl/certs/
    sudo cp ~/nettools.i12bretro.local.key /etc/ssl/certs/
    sudo cp ~/CA.pem /etc/ssl/certs/
    # edit the configuration file
    sudo nano /etc/loolwsd/loolwsd.xml
  6. Edit the loolwsd.xml file, find the SSL block and update the cert_file_path, key_file_path and ca_file_path values

    <cert_file_path desc="Path to the cert file" relative="false">/etc/ssl/certs/nettools.i12bretro.local.crt</cert_file_path>
    <key_file_path desc="Path to the key file" relative="false">/etc/ssl/certs/nettools.i12bretro.local.key</key_file_path>
    <ca_file_path desc="Path to the ca file" relative="false">/etc/ssl/certs/CA.pem</ca_file_path>

  7. Press CTRL+W and search for wopi
  8. Add a new host for the DNS name of the NextCloud server
    nettools.i12bretro.local
  9. Press CTRL+O, Enter, CTRL+X
  10. Continue the configuration by running the following commands in terminal:
    # create CODE proxy configuration file
    sudo nano /etc/apache2/conf-available/code.conf
  11. Paste the following into code.conf

    Options -Indexes

    #Encoded slashes need to be allowed
    AllowEncodedSlashes NoDecode

    # Container uses a unique non-signed certificate
    SSLProxyEngine On
    SSLProxyVerify None
    SSLProxyCheckPeerCN Off
    SSLProxyCheckPeerName Off

    # keep the host
    ProxyPreserveHost On

    # static html, js, images, etc. served from loolwsd
    # loleaflet is the client part of Collabora Online
    ProxyPass /loleaflet https://127.0.0.1:9980/loleaflet retry=0
    ProxyPassReverse /loleaflet https://127.0.0.1:9980/loleaflet

    # WOPI discovery URL
    ProxyPass /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
    ProxyPassReverse /hosting/discovery https://127.0.0.1:9980/hosting/discovery

    # Capabilities
    ProxyPass /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities retry=0
    ProxyPassReverse /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities

    # Main websocket
    ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws nocanon

    # Admin Console websocket
    ProxyPass /lool/adminws wss://127.0.0.1:9980/lool/adminws

    # Download as, Fullscreen presentation and Image upload operations
    ProxyPass /lool https://127.0.0.1:9980/lool
    ProxyPassReverse /lool https://127.0.0.1:9980/lool

  12. Press CTRL+O, Enter, CTRL+X
  13. Continue the configuration by running the following commands in terminal:
    # edit default SSL configuration file
    sudo nano /etc/apache2/sites-available/default-ssl.conf
  14. Add the following line just above the </VirtualHost tag

    Include /etc/apache2/conf-available/code.conf

  15. Press CTRL+O, Enter, CTRL+X
  16. Continue the configuration by running the following commands in terminal:
    # edit NextCloud configuration file
    sudo nano /var/www/nextcloud/config/config.php
  17. Find the trusted_domains array and add the DNS used for the SSL certificate
  18. Press CTRL+O, Enter, CTRL+X
  19. Continue with the following commands to restart loolwsd and apache2 to apply the changes:
    sudo systemctl restart loolwsd apache2
  20. Open a web browser and navigate to https://DNS:9980
  21. If everything is working as expected the message OK should be shown

Adding Collabora Office to NextCloud

  1. Log into NextCloud with an administrative user
  2. Click the user avatar > Apps
  3. Select Office & text from the left navigation
  4. Scroll down to find the Collabora app > Click Download and enable
  5. After the download completes, click the user avatar > Settings
  6. Click Administration > Collabora Online Development Edition in the left navigation
  7. Enter the URL in the Collabora Online-server field > Click Save
  8. If the above option does not appear, you can complete the same terminal by running:
    cd /var/www/nextcloud
    sudo -u www-data php occ config:app:set --value https://nettools.i12bretro.local:9980 richdocuments wopi_url
  9. Click on Files in the top navigation
  10. Click the + icon > Select New Document
  11. Give the document a name and press Enter
  12. The new document should load in a word processor inside the web browser and be ready for editing

Source: https://www.collaboraoffice.com/code/linux-packages/