Collabora CODE is more straightforward to install than Nextcloud. Typically, Collabora prerequisites are installed when Nextcloud is installed. To install Collabora CODE, follow the steps below:
Import the Collabora CODE signing key.
cd /usr/share/keyrings sudo wget https://collaboraoffice.com/downloads/gpg/collaboraonline-release-keyring.gpg
Create a source file for the Collabora CODE package repository.
sudo vi /etc/apt/sources.list.d/collaboraonline.sources
Add the following information to the file and save it.
nano /etc/apt/sources.list.d/collaboraonline.sources
Types: deb URIs: https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-ubuntu2204 Suites: ./ Signed-By: /usr/share/keyrings/collaboraonline-release-keyring.gpg
Update the repository
sudo apt update -y
Install Collabora CODE using apt.
sudo apt install coolwsd code-brand -y
How to Configure Collabora
Collabora configuration depends on an XML file at /etc/coolwsd/coolwsd.xml. Although this file can be edited directly, it is faster to use the coolconfig tool to make configuration changes. To configure Collabora, follow the steps below:
With the current configuration, the coolwsd service continues to fail and restart. This happens because Collabora cannot establish an HTTPS connection with the local host. Use the coolconfig tool to disable HTTPS on the connection.
sudo coolconfig set ssl.enable false sudo coolconfig set ssl.termination true
Only certain designated hosts are allowed to access the Collabora server. To designate Nextcloud as a trusted client, set storage.wopi.host to the Nextcloud domain, for example, nextcloud.example.com. In the following command, substitute the real domain name in place of example.com.
sudo coolconfig set storage.wopi.host nextcloud.example.com
Create an administration account and provide a password for the account. When prompted, enter the admin username. Then, enter the admin password twice.
sudo coolconfig set-admin-password
Restart the coolwsd service and verify the service status.
sudo systemctl restart coolwsd sudo systemctl status coolwsd
coolwsd.service - Collabora Online WebSocket Daemon Loaded: loaded (/lib/systemd/system/coolwsd.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2022-12-13 14:42:09 UTC; 7s ago
How to Configure the Collabora Virtual Host
Both NGINX and Apache require a Collabora virtual host to serve the Collabora application. This guide uses NGINX. To configure an NGINX virtual host, follow the steps below:
apt install nginx
For details on how to configure the Apache virtual host, see the Collabora Apache Proxy Settings from the Collabora installation guide. Enable the proxy, proxy_http, proxy_connect, and proxy_wstunnel modules using the a2enmod command. Create a collabora NGINX virtual host file.
sudo vi /etc/nginx/sites-available/collabora
Add the following configuration to the file. Change the value of server_name from collabora.example.com to the name of the Collabora subdomain.
nano /etc/nginx/sites-available/collabora
server { listen 80; listen [::]:80; server_name collabora.example.com; error_log /var/log/nginx/collabora.error; # static files location ^~ /browser { proxy_pass http://127.0.0.1:9980; proxy_set_header Host $http_host; } # WOPI discovery URL location ^~ /hosting/discovery { proxy_pass http://127.0.0.1:9980; proxy_set_header Host $http_host; } # Capabilities location ^~ /hosting/capabilities { proxy_pass http://127.0.0.1:9980; proxy_set_header Host $http_host; } # main websocket location ~ ^/cool/(.*)/ws$ { proxy_pass http://127.0.0.1:9980; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header Host $http_host; proxy_read_timeout 36000s; } # download, presentation and image upload location ~ ^/(c|l)ool { proxy_pass http://127.0.0.1:9980; proxy_set_header Host $http_host; } # Admin Console websocket location ^~ /cool/adminws { proxy_pass http://127.0.0.1:9980; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header Host $http_host; proxy_read_timeout 36000s; } }
Enable the Collabora site on the server by creating a symbolic link in the sites-enabled directory.
sudo ln -s /etc/nginx/sites-available/collabora /etc/nginx/sites-enabled/collabora
Test the file syntax to ensure it does not contain any errors.
sudo nginx -t
Restart NGINX and verify its status.
sudo systemctl reload nginx sudo systemctl status nginx
How to Enable HTTPS for the Collabora Domain
The steps in this section explain how to use Certbot to request a Let’s Encrypt TLS certificate and enable HTTPS support. The snap package manager can be used to install Certbot. For additional information about Certbot, Let’s Encrypt certificates, and HTTPS, consult the Linode guide to Using Certbot on NGINX.
Install the snap package manager.
sudo apt install snapd sudo snap install core
Remove the old certbot package and use snap to install the newer certbot Snap. Then, create a symbolic link to the new directory.
sudo apt remove certbot sudo snap install --classic certbot sudo ln -s /snap/bin/certbot /usr/bin/certbot
Run the certbot command to request and install a Let’s Encrypt TLS certificate. The –nginx option allows Certbot to modify the NGINX virtual host file for the domain.
During the certificate granting process, certbot prompts for more information. Some of these questions might not appear if you have used Certbot on this particular Compute Instance before. To request a certificate, follow the guidelines below:
Enter the administrator’s email address when requested to do so. Let’s Encrypt sends renewal notices and other relevant updates to this email address.
Enter Y to agree to the Terms of Service. Enter N to end the program.
Certbot asks for permission to register the address with the Electronic Frontier Foundation. Enter either Y or N. This does not affect the rest of the installation.
Enter the Collabora domain name, for example, collabora.example.com, or choose the correct name from a list. If certbot displays a list, select the number corresponding to the Collabora domain.
The certbot program confirms the results of the certificate request and displays any error messages. certbot automatically schedules the certificate for auto-renewal.
sudo certbot --nginx
Requesting a certificate for collabora.example.com
Successfully received certificate. Certificate is saved at: /etc/letsencrypt/live/collabora.example.com/fullchain.pem Key is saved at: /etc/letsencrypt/live/collabora.example.com/privkey.pem This certificate expires on 2023-03-14.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
Deploying certificate
Successfully deployed certificate for collabora.example.com to /etc/nginx/sites-enabled/collabora
Congratulations! You have successfully enabled HTTPS on https://collabora.example.com
Reload NGINX to incorporate the changes.
sudo systemctl reload nginx
For Nextcloud integration you can read the other article posted here: