Does anyone have an idea how I enable this in my configuration? I could not find a single thing. Nextcloud Office - Self-hosted online office suite
1 Like
I’m using Onlyoffice-Documentserver together with Nextcloud, for setup your own document server see Onlyoffice-Documentserver - NixOS Wiki
Nextcloud Office is the same as Collabora Online and I’ve seen here people successfully using it but haven’t tried it (and wrote about it on the NixOS wiki) yet
I had played around with this sometime time back, but ended up abandoning in favor of the Nextcloud AIO https://github.com/nextcloud/all-in-one/blob/e8ef49c42f27583df133d169612597ef54e76ceb/reverse-proxy.md as this got a lot up and running with little effort. One day I would like to revisit it and get everything up and running on Nixos just to say I did.
This is how I got Collabora Online (Nextcloud Office) running on Nixos. Please keep in mind I have not used this for about a year, so thing may have changed.
#Collabora Containers
virtualisation.oci-containers.containers.collabora = {
image = "docker.io/collabora/code:latest";
ports = [ "9980:9980/tcp" ];
environment = {
server_name = "code.example.com";
aliasgroup1 = "https://nextcloud.example.com:443";
dictionaries = "en_US";
username = "username";
password = "password";
extra_params = "--o:ssl.enable=false --o:ssl.termination=true";
};
extraOptions = [
"--pull=newer"
];
};
#Collabora Virtual Hosts
services.nginx.virtualHosts.${config.virtualisation.oci-containers.containers.collabora.environment.server_name} = {
enableACME = true;
forceSSL = true;
extraConfig = ''
# static files
location ^~ /browser {
proxy_pass http://127.0.0.1:9980;
proxy_set_header Host $host;
}
# WOPI discovery URL
location ^~ /hosting/discovery {
proxy_pass http://127.0.0.1:9980;
proxy_set_header Host $host;
}
# Capabilities
location ^~ /hosting/capabilities {
proxy_pass http://127.0.0.1:9980;
proxy_set_header Host $host;
}
# main websocket
location ~ ^/cool/(.*)/ws$ {
proxy_pass http://127.0.0.1:9980;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_read_timeout 36000s;
}
# download, presentation and image upload
location ~ ^/(c|l)ool {
proxy_pass http://127.0.0.1:9980;
proxy_set_header Host $host;
}
# Admin Console websocket
location ^~ /cool/adminws {
proxy_pass http://127.0.0.1:9980;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_read_timeout 36000s;
}
'';
}
Here are two links with info that maybe helpful to understand what I was doing:
https://sdk.collaboraonline.com/docs/installation/CODE_Docker_image.html
https://sdk.collaboraonline.com/docs/installation/Proxy_settings.html?highlight=proxy
Once you have Collabora online up and running, you will need to install the Nextcoud connection app and configure it. My notes on this are not as good, sorry, you may need to do some investigation of your own here.
Here is the app’s GitHub page: https://github.com/nextcloud/richdocuments and app store page https://apps.nextcloud.com/apps/richdocuments.
And here are the OCC command I used, but you may have better luck with the GUI in Nextcloud itself.
occ app:install richdocuments
occ config:app:set richdocuments wopi_url --value=https://code.example.com
I hope this helps
2 Likes
That was a compromise and never fully got it declarative. Below is my proxy config:
# Reverse Proxy For Nextcloud
services.nginx.virtualHosts."nextcloud.example.com" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:11000";
proxyWebsockets = true;
extraConfig = ''
client_body_buffer_size 512k;
proxy_read_timeout 86400s;
client_max_body_size 0;
'';
};
};
# Reverse Proxy For Nextcloud AIO Admin
services.nginx.virtualHosts."aio-nextcloud.example.com" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "https://127.0.0.1:8080";
proxyWebsockets = true;
extraConfig =
# required when the target is also TLS server with multiple hosts
"proxy_ssl_server_name on;" +
# required when the server wants to use HTTP Authentication
"proxy_pass_header Authorization;"
;
};
};
Have docker enable if not already:
# Enable Docker
virtualisation.docker.enable = true;
Then just run the docker command to start Nextcloud AIO and follow the instructions:
sudo docker run \
--sig-proxy=false \
--name nextcloud-aio-mastercontainer \
--restart always \
--publish 8080:8080 \
--env APACHE_PORT=11000 \
--env APACHE_IP_BINDING=0.0.0.0 \
--volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \
--volume /var/run/docker.sock:/var/run/docker.sock:ro \
nextcloud/all-in-one:latest
The AIO interface and backup function make it easy to back up, move and reproduce.
I tried using “virtualisation.oci-containers.containers” and changing the back end to docker, to run the docker command, but this kept giving errors.
This is mostly not the answer you were looking for. But it was the easiest to get going and maintenance.
Like I said, one day, I would like to do it all declarative in Nixos just to say I did. Last time I tried in was the full text search that did it in. I could not get the right version or Elasticsearch with the needed pulling running on Nixos to work.
Cheers
I also finally got this working using the external Collabora container (podman) alongside the Nextcloud NixOS module. Thanks for the post! I use traefik as a reverse proxy and everything seems to work including the collaborative editing.
- Nextcloud needs the “Nextcloud Office” app installed but not the “Collabora” (CODE) app.
- Set URL and port of Collabora Server under “Office” settings:
https://office.domain.com:443 - Set WOPI allow list to the IP range of your container (e.g.
10.88.0.0/24).
Working nextcloud config:
# Nextcloud
{
config,
lib,
pkgs,
sops,
...
}:{
sops.secrets.nextcloud-admin-password = {
mode = "0440";
owner = config.users.users.nextcloud.name;
group = config.users.users.nextcloud.group;
};
users.users.nextcloud.extraGroups = ["render" "users"];
environment.systemPackages = with pkgs; [
nodejs_18 # required for Recognize
ffmpeg # required for Memories
];
# Allow using /dev/dri for Memories
systemd.services.phpfpm-nextcloud.serviceConfig = {
PrivateDevices = lib.mkForce false;
};
services.nginx.virtualHosts."nc.domain.com".listen = [ { addr = "127.0.0.1"; port = 8180; } ];
services.nextcloud = {
enable = true;
package = pkgs.nextcloud28;
hostName = "nc.domain.com";
database.createLocally = true;
configureRedis = true;
appstoreEnable = true;
config = {
adminuser = "firecat53";
adminpassFile = "${config.sops.secrets.nextcloud-admin-password.path}";
dbtype = "mysql";
defaultPhoneRegion = "US";
trustedProxies = ["127.0.0.1"];
};
extraOptions = {
mail_smtpmode = "sendmail";
mail_sendmailmode = "pipe";
mysql.utf8mb4 = true;
memories.exiftool = "${lib.getExe pkgs.exiftool}";
memories.vod.ffmpeg = "${lib.getExe pkgs.ffmpeg-headless}";
memories.vod.ffprobe = "${pkgs.ffmpeg-headless}/bin/ffprobe";
preview_ffmpeg_path = "${pkgs.ffmpeg-headless}/bin/ffmpeg";
};
maxUploadSize = "10G"; # also sets post_max_size and memory_limit
phpOptions = {
"opcache.interned_strings_buffer" = "16";
};
};
services.traefik.dynamicConfigOptions.http.routers.nextcloud = {
rule = "Host(`nc.domain.com`)";
service = "nextcloud";
middlewares = ["headers"];
entrypoints = ["websecure"];
tls = {
certResolver = "le";
};
};
services.traefik.dynamicConfigOptions.http.services.nextcloud = {
loadBalancer = {
servers = [
{
url = "http://localhost:8180";
}
];
};
};
systemd.timers."nextcloud-files-update" = {
wantedBy = ["timers.target"];
timerConfig = {
OnBootSec = "2m";
OnUnitActiveSec = "15m";
Unit = "nextcloud-files-update.service";
};
};
systemd.services."nextcloud-files-update" = {
bindsTo = ["mysql.service" "phpfpm-nextcloud.service"];
after = ["mysql.service" "phpfpm-nextcloud.service"];
script = ''
${config.services.nextcloud.occ}/bin/nextcloud-occ files:scan -q --all
${config.services.nextcloud.occ}/bin/nextcloud-occ preview:pre-generate
'';
serviceConfig = {
User = "nextcloud";
};
path = ["config.services.nextcloud" pkgs.perl];
};
systemd.services."nextcloud-cron" = {
path = [pkgs.perl];
};
## Collabora (Nextcloud Office)
virtualisation.oci-containers.containers.collabora = {
image = "docker.io/collabora/code";
autoStart = true;
environment = {
aliasgroup1 = "https://nc.domain.com:443";
extra_params = "--o:ssl.enable=false --o:ssl.termination=true";
};
extraOptions = [
"--cap-add=MKNOD"
"--label=traefik.enable=true"
"--label=traefik.http.routers.collabora.rule=Host(`office.domain.com`) && (PathPrefix(`/lool`) || PathPrefix(`/cool`) || PathPrefix(`/browser`) || PathPrefix(`/hosting/discovery`) || PathPrefix(`/hosting/capabilities`) || PathPrefix(`/loleaflet`))"
"--label=traefik.http.routers.collabora.entrypoints=websecure"
"--label=traefik.http.routers.collabora.tls.certResolver=le"
"--label=traefik.http.routers.collabora.middlewares=headers@file"
"--label=traefik.http.services.collabora.loadbalancer.server.port=9980"
];
};
}
What do you need those extraOptions for? It works without for me but I use nginx on the NixOS side.
All but the --cap-add are just for traefik. I actually don’t recall why I added the other option. I’ll have to do some research.