Nextcloud mit CODE in LXC unter Proxmox

apt update
apt install gnupg
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0C54D189F4BA284D
echo 'deb https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-ubuntu1804 ./' >> /etc/apt/sources.list
apt update
apt install loolwsd code-brand apache2
exit

Lets Encrypt Cert einspielen

cp /root/cert.pem /etc/loolwsd/cert.pem
cp /root/privkey.pem /etc/loolwsd/key.pem
cp /root/chain.pem /etc/loolwsd/ca-chain.cert.pem
 
chown lool /etc/loolwsd/cert.pem
chown lool /etc/loolwsd/key.pem
chown lool /etc/loolwsd/ca-chain.cert.pem
 
systemctl restart loolwsd.service

Reverse Proxy einrichten

Quelle: https://www.collaboraoffice.com/code/apache-reverse-proxy/

vim  /etc/apache2/sites-available/code.tiktaktux.eu.conf
 
<VirtualHost *:443>
    ServerName code.tiktaktux.eu:443
    Options -Indexes
 
    # Encoded slashes need to be allowed
AllowEncodedSlashes NoDecode
 
# Container uses a unique non-signed certificate
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
 
# keep the host
ProxyPreserveHost On
 
# static html, js, images, etc. served from loolwsd
# loleaflet is the client part of Collabora Online
ProxyPass /loleaflet https://127.0.0.1:9980/loleaflet retry=0
ProxyPassReverse /loleaflet https://127.0.0.1:9980/loleaflet
 
# WOPI discovery URL
ProxyPass /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
ProxyPassReverse /hosting/discovery https://127.0.0.1:9980/hosting/discovery
 
# Capabilities
ProxyPass /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities retry=0
ProxyPassReverse /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities
 
# Main websocket
ProxyPassMatch „/lool/(.*)/ws$“ wss://127.0.0.1:9980/lool/$1/ws nocanon
 
# Admin Console websocket
ProxyPass /lool/adminws wss://127.0.0.1:9980/lool/adminws
 
# Download as, Fullscreen presentation and Image upload operations
ProxyPass /lool https://127.0.0.1:9980/lool
ProxyPassReverse /lool https://127.0.0.1:9980/lool 
</VirtualHost>

Apache Aktivieren

a2ensite code.tiktaktux.eu.conf
a2enmod proxy
a2enmod proxy_http
a2enmod proxy_wstunnel
a2enmod ssl
 
systemctl restart apache2

host hinzufügen

vim /etc/loolwsd/loolwsd.xml
 
#Wopi suchen
#unter localhost den Host hinzufügen, punkte in der Domain escapen
...
<host desc="Regex pattern of hostname to allow or deny." allow="true">code.tiktaktux.eu</host>
<host desc="Regex pattern of hostname to allow or deny." allow="true">nextcloud16.tiktaktux.eu</host>

Neue Certs einspielen

#Neue Certs einspielen
#!/bin/bash
 
mv cert.pem /etc/loolwsd/cert.pem
mv privkey.pem /etc/loolwsd/key.pem
mv chain.pem /etc/loolwsd/ca-chain.cert.pem
 
chown lool /etc/loolwsd/cert.pem
chown lool /etc/loolwsd/key.pem
chown lool /etc/loolwsd/ca-chain.cert.pem
 
systemctl restart loolwsd.service
systemctl reload apache2.service