linux:owncloud:collabora_office

Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

Nächste Überarbeitung		 Vorhergehende Überarbeitung
Letzte ÜberarbeitungBeide Seiten der Revision
linux:owncloud:collabora_office [2022/08/07 23:06] – angelegt psycorelinux:owncloud:collabora_office [2024/01/12 22:20] – Externe Bearbeitung 127.0.0.1
Zeile 1: Zeile 1:
 +{{tag>deutsch startpage linux debian owncloud collabora tls}}
 +====== Integration von Collabora Office in OwnCloud ======
  
 +
 +===== Installation von Docker =====
 +
 +<code bash>
 +apt update
 +
 +# Notwendiges Repository hinzufügen
 +apt install apt-transport-https ca-certificates curl gnupg lsb-release
 +
 +curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
 +
 +echo \
 +  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian \
 +  $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
 +
 +# Docker installieren
 +apt update
 +apt install docker-ce docker-ce-cli containerd.io
 +</code>
 +
 +===== Docker mit Collabora Image starten =====
 +
 +<code bash>
 +docker pull collabora/code
 +docker run -t -d -p 127.0.0.1:9980:9980 -e "aliasgroup1=https://cloud.yourdomain.de:443,https://cloud\\.yourdomain\\.de" -e "username=administrator" -e "password=password" --restart always collabora/code
 +</code>
 +
 +===== Apache Site Config =====
 +
 +<code text>
 +<VirtualHost 1.2.3.4:443>
 +ServerName collabora.yourdomain.de:443
 +#  ServerName collabora.example.com:443
 +  Options -Indexes
 +
 +  # SSL configuration, you may want to take the easy route instead and use Lets Encrypt!
 +  SSLEngine on
 +  SSLCertificateFile /etc/letsencrypt/live/collabora.yourdomain.de/cert.pem
 +  SSLCertificateKeyFile /etc/letsencrypt/live/collabora.yourdomain.de/privkey.pem
 +  SSLCACertificateFile /etc/letsencrypt/live/collabora.yourdomain.de/chain.pem
 +  SSLCertificateChainFile /etc/letsencrypt/live/collabora.yourdomain.de/fullchain.pem  
 +  SSLProtocol             all -SSLv2 -SSLv3
 +  SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
 +  SSLHonorCipherOrder     on
 +
 +  # Encoded slashes need to be allowed
 +  AllowEncodedSlashes NoDecode
 +
 +  # Container uses a unique non-signed certificate
 +  SSLProxyEngine On
 +  SSLProxyVerify None
 +  SSLProxyCheckPeerCN Off
 +  SSLProxyCheckPeerName Off
 +
 +  # keep the host
 +  ProxyPreserveHost On
 +
 +# static html, js, images, etc. served from coolwsd
 +# browser is the client part of LibreOffice Online
 +ProxyPass           /browser https://127.0.0.1:9980/browser retry=0
 +ProxyPassReverse    /browser https://127.0.0.1:9980/browser
 +
 +# WOPI discovery URL
 +ProxyPass           /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
 +ProxyPassReverse    /hosting/discovery https://127.0.0.1:9980/hosting/discovery
 +
 +# Main websocket
 +ProxyPassMatch "/cool/(.*)/ws$" wss://127.0.0.1:9980/cool/$1/ws nocanon
 +
 +# Admin Console websocket
 +ProxyPass   /cool/adminws wss://127.0.0.1:9980/cool/adminws
 +
 +# Download as, Fullscreen presentation and Image upload operations
 +ProxyPass           /cool https://127.0.0.1:9980/cool
 +ProxyPassReverse    /cool https://127.0.0.1:9980/cool
 +
 +# Endpoint with information about availability of various features
 +ProxyPass           /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities retry=0
 +ProxyPassReverse    /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities
 +ErrorLog "/var/customers/logs/collabora-error.log"
 +
 +</VirtualHost>
 +</code>
 +
 +===== Crontab für LetsEncrypt erzeugen =====
 +
 +<code text>
 +30 3 * * 0 /opt/certbot/certbot-auto certonly --apache --force-renewal -d collabora.yourdomain.de --post-hook "/etc/init.d/apache2 reload"
 +</code>