linux:owncloud:collabora_office

Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

Beide Seiten der vorigen Revision Vorhergehende Überarbeitung
Nächste Überarbeitung		 Vorhergehende Überarbeitung
Letzte ÜberarbeitungBeide Seiten der Revision
linux:owncloud:collabora_office [2022/11/20 00:36] psycorelinux:owncloud:collabora_office [2024/01/12 22:20] – Externe Bearbeitung 127.0.0.1
Zeile 1: Zeile 1:
 +{{tag>deutsch startpage linux debian owncloud collabora tls}}
 +====== Integration von Collabora Office in OwnCloud ======
  
 +
 +===== Installation von Docker =====
 +
 +<code bash>
 +apt update
 +
 +# Notwendiges Repository hinzufügen
 +apt install apt-transport-https ca-certificates curl gnupg lsb-release
 +
 +curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
 +
 +echo \
 +  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian \
 +  $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
 +
 +# Docker installieren
 +apt update
 +apt install docker-ce docker-ce-cli containerd.io
 +</code>
 +
 +===== Docker mit Collabora Image starten =====
 +
 +<code bash>
 +docker pull collabora/code
 +docker run -t -d -p 127.0.0.1:9980:9980 -e "aliasgroup1=https://cloud.yourdomain.de:443,https://cloud\\.yourdomain\\.de" -e "username=administrator" -e "password=password" --restart always collabora/code
 +</code>
 +
 +===== Apache Site Config =====
 +
 +<code text>
 +<VirtualHost 1.2.3.4:443>
 +ServerName collabora.yourdomain.de:443
 +#  ServerName collabora.example.com:443
 +  Options -Indexes
 +
 +  # SSL configuration, you may want to take the easy route instead and use Lets Encrypt!
 +  SSLEngine on
 +  SSLCertificateFile /etc/letsencrypt/live/collabora.yourdomain.de/cert.pem
 +  SSLCertificateKeyFile /etc/letsencrypt/live/collabora.yourdomain.de/privkey.pem
 +  SSLCACertificateFile /etc/letsencrypt/live/collabora.yourdomain.de/chain.pem
 +  SSLCertificateChainFile /etc/letsencrypt/live/collabora.yourdomain.de/fullchain.pem  
 +  SSLProtocol             all -SSLv2 -SSLv3
 +  SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
 +  SSLHonorCipherOrder     on
 +
 +  # Encoded slashes need to be allowed
 +  AllowEncodedSlashes NoDecode
 +
 +  # Container uses a unique non-signed certificate
 +  SSLProxyEngine On
 +  SSLProxyVerify None
 +  SSLProxyCheckPeerCN Off
 +  SSLProxyCheckPeerName Off
 +
 +  # keep the host
 +  ProxyPreserveHost On
 +
 +# static html, js, images, etc. served from coolwsd
 +# browser is the client part of LibreOffice Online
 +ProxyPass           /browser https://127.0.0.1:9980/browser retry=0
 +ProxyPassReverse    /browser https://127.0.0.1:9980/browser
 +
 +# WOPI discovery URL
 +ProxyPass           /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
 +ProxyPassReverse    /hosting/discovery https://127.0.0.1:9980/hosting/discovery
 +
 +# Main websocket
 +ProxyPassMatch "/cool/(.*)/ws$" wss://127.0.0.1:9980/cool/$1/ws nocanon
 +
 +# Admin Console websocket
 +ProxyPass   /cool/adminws wss://127.0.0.1:9980/cool/adminws
 +
 +# Download as, Fullscreen presentation and Image upload operations
 +ProxyPass           /cool https://127.0.0.1:9980/cool
 +ProxyPassReverse    /cool https://127.0.0.1:9980/cool
 +
 +# Endpoint with information about availability of various features
 +ProxyPass           /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities retry=0
 +ProxyPassReverse    /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities
 +ErrorLog "/var/customers/logs/collabora-error.log"
 +
 +</VirtualHost>
 +</code>
 +
 +===== Crontab für LetsEncrypt erzeugen =====
 +
 +<code text>
 +30 3 * * 0 /opt/certbot/certbot-auto certonly --apache --force-renewal -d collabora.yourdomain.de --post-hook "/etc/init.d/apache2 reload"
 +</code>