Difference between revisions of "Nextcloud"

From Organic Design wiki
m
(See also: Document Liberation Project)
(31 intermediate revisions by the same user not shown)
Line 1: Line 1:
[[File:LOOL.jpg|500px|right]]This is our procedure for installing [https://nextcloud.com NextCloud] and [https://www.libreoffice.org/ LibreOffice Online] on a Debian-based server. LibreOffice has included a component to allow it to be served over HTTP [http://www.zdnet.com/article/libreoffice-finally-to-go-online/ since version 5.3] but to use it you need to integrate it with a cloud file system that supports it. NextCloud which is a brilliant groupware suite in its own right supports LibreOffice Online and integrates perfectly with it.
+
[https://nextcloud.com Nextcloud] is a kind of personal ''Dropbox'' solution which is completely free and open source. There are many add-on applications available such as calendar, tasks, chat and collaborative file editing.
  
I'm following the instructions created by ''Collabora'' and ''NextCloud'' from [https://nextcloud.com/collaboraonline/ here], and more specifically the ''Nginx'' variation [https://icewind.nl/entry/collabora-online/ here]. I'm documenting here my specific configuration to include the ''LetsEncrypt'' and other specific configuration aspects that are out of the scope of those instructions so that we have a more easily reproducible procedure.
+
== Installation ==
 +
[[File:LOOL.jpg|500px|right]]This is our procedure for installing [https://nextcloud.com Nextcloud] and [https://www.libreoffice.org/ LibreOffice Online] on a Debian-based server. LibreOffice has included a component to allow it to be served over HTTP [http://www.zdnet.com/article/libreoffice-finally-to-go-online/ since version 5.3] but to use it you need to integrate it with a cloud file system that supports it. Nextcloud which is a brilliant groupware suite in its own right supports LibreOffice Online and integrates perfectly with it.
  
I'm using two domains here which you'll need to change for your own purposes, ''office.organicdesign.host'' for the LibreOffice Online WebSocket entry point, and ''files.organicdesign.host'' for the ''NextCloud''. You can set it up using a single domain, in that case you'd put the LOOL Nginx server block contents into the ''NextCloud'' block, see [https://github.com/Ligmincha/Code/blob/master/Config/nginx.lool.conf this] for example.
+
I'm following the instructions created by ''Collabora'' and ''Nextcloud'' from [https://nextcloud.com/collaboraonline/ here], and more specifically the ''Nginx'' variation [https://icewind.nl/entry/collabora-online/ here]. I'm documenting here my specific configuration to include the ''LetsEncrypt'' and other specific configuration aspects that are out of the scope of those instructions so that we have a more easily reproducible procedure.
  
== Set up the server ==
+
I'm using the ''office.organicdesign.host'' domain here which you'll need to change for your own purposes.
 +
 
 +
=== Set up the server ===
 
Bring the machine up to date and install the following dependencies.
 
Bring the machine up to date and install the following dependencies.
 
<source lang="bash">
 
<source lang="bash">
Line 12: Line 15:
 
</source>
 
</source>
  
Set up MariaDB from their repositories [https://downloads.mariadb.org/mariadb/repositories/ here], and create a database and user ready for ''NextCloud''.
+
Set up MariaDB from their repositories [https://downloads.mariadb.org/mariadb/repositories/ here], and create a database and user ready for ''Nextcloud''.
  
== Configure the web-server and SSL certificates ==
+
=== Configure the web-server and SSL certificates ===
 
In the ''Nginx'' configuration for this site, add a basic block for handling non-HTTP requests as follows. This will allow the ''LetsEncrypt'' domain validation requests to pass, but all other requests will be bounced to their respective HTTPS counterparts.
 
In the ''Nginx'' configuration for this site, add a basic block for handling non-HTTP requests as follows. This will allow the ''LetsEncrypt'' domain validation requests to pass, but all other requests will be bounced to their respective HTTPS counterparts.
 
<source lang="nginx">
 
<source lang="nginx">
Line 37: Line 40:
 
<source lang="bash">
 
<source lang="bash">
 
letsencrypt/letsencrypt-auto certonly -q --keep --renew-with-new-domains --expand --webroot -w /var/www --agree-tos \
 
letsencrypt/letsencrypt-auto certonly -q --keep --renew-with-new-domains --expand --webroot -w /var/www --agree-tos \
     --email "admin@organicdesign.host" -d office.organicdesign.host -d files.organicdesign.host
+
     --email "admin@organicdesign.host" -d office.organicdesign.host
 
</source>
 
</source>
  
Line 62: Line 65:
 
</source>
 
</source>
  
== Install and configure NextCloud ==
+
=== Install and configure Nextcloud ===
[https://nextcloud.com NextCloud] is a "drop-box" style web-application which is completely open-source so you can install it on your own server, and it has built-in integration for working with ''LibreOffice Online''. NextCloud is PHP so first download the source and unpack it into ''/var/www/nextcloud'', ensure it's accessible by ''www-data'', and then add the ''Nginx'' configuration recommended [https://docs.nextcloud.com/server/13/admin_manual/installation/nginx.html here]. In this configuration we need to adjust the domain names and delete the port 80 block since we have an existing one described above to handle ''LetsEncrypt'' domain validation requests. Also remove the SSL lines and replace them with an include of the ''nginx.ssl.conf'' we made above.
+
[https://nextcloud.com Nextcloud] is a "drop-box" style web-application which is completely open-source so you can install it on your own server, and it has built-in integration for working with ''LibreOffice Online''. Nextcloud is PHP so first download the source and unpack it into ''/var/www/nextcloud'', ensure it's accessible by ''www-data'', and then add the ''Nginx'' configuration recommended [https://docs.nextcloud.com/server/13/admin_manual/installation/nginx.html here]. In this configuration we need to adjust the domain names and delete the port 80 block since we have an existing one described above to handle ''LetsEncrypt'' domain validation requests. Also remove the SSL lines and replace them with an include of the ''nginx.ssl.conf'' we made above.
  
A database and user will need to be created and then you can run through the install by going to the ''files.organicdesign.host'' domain. After you've successfully installed NextCloud, go to the admin updater to check for any problems or optimisations and upgrade to the latest stable version.
+
A database and user will need to be created and then you can run through the install by going to the ''files.organicdesign.host'' domain. After you've successfully installed Nextcloud, go to the admin updater to check for any problems or optimisations and upgrade to the latest stable version.
  
 
*I changed the URL in config/config.php to https
 
*I changed the URL in config/config.php to https
Line 71: Line 74:
 
*I removed the ''upstream'' block and used ''unix:/run/php/php7.0-fpm.sock'' directly for the ''fastcgi_pass'' parameter
 
*I removed the ''upstream'' block and used ''unix:/run/php/php7.0-fpm.sock'' directly for the ''fastcgi_pass'' parameter
  
== Install LibreOffice Online ==
+
=== Install LibreOffice Online ===
 
We now need to add a reverse-proxy block into our ''Nginx'' configuration, you can use the block from the instructions [https://icewind.nl/entry/collabora-online/ here]. Adjust the ''server_name'' parameter to the domain you're using and replace the SSL directives with an include of the ''nginx.ssl.conf'' we created above.
 
We now need to add a reverse-proxy block into our ''Nginx'' configuration, you can use the block from the instructions [https://icewind.nl/entry/collabora-online/ here]. Adjust the ''server_name'' parameter to the domain you're using and replace the SSL directives with an include of the ''nginx.ssl.conf'' we created above.
  
=== From the Docker image ===
+
'''Note:''' If you're using the same domain for both Nextcloud and LOOL, you need to put the LOOL Nginx server block contents inside the ''Nextcloud'' block, see [https://gitlab.com/Aranad/ligmincha/blob/master/Config/nginx.lool.conf this] for example.
 +
 
 +
==== From the Docker image ====
 
By far the simplest method is to use Docker. Run through the [https://docs.docker.com/install/linux/docker-ce/debian/ Docker installation] if you don't already have it installed. Then simply pull down the image and run it.
 
By far the simplest method is to use Docker. Run through the [https://docs.docker.com/install/linux/docker-ce/debian/ Docker installation] if you don't already have it installed. Then simply pull down the image and run it.
  
 
<source lang="bash">
 
<source lang="bash">
 
docker pull collabora/code
 
docker pull collabora/code
docker run -t -d -p 127.0.0.1:9980:9980 -e 'domain=files\\.organicdesign\\.host' --restart always --cap-add MKNOD collabora/code
+
docker run -t -d -p 127.0.0.1:9980:9980 -e 'domain=office\\.organicdesign\\.nz' --restart unless-stopped --cap-add MKNOD collabora/code
 
</source>
 
</source>
  
=== Using the Debian package ===
+
==== Using the Debian package ====
 
Although using Docker is by far the simplest method, Docker is heavy and you may prefer to install ''loolwsd'' from a native Debian package to reduce dependencies and have it running in the native environment. Most of this is just taken directly from the [https://github.com/CollaboraOnline/Docker-CODE/blob/master/scripts/start-libreoffice.sh start script] in the Docker image source.
 
Although using Docker is by far the simplest method, Docker is heavy and you may prefer to install ''loolwsd'' from a native Debian package to reduce dependencies and have it running in the native environment. Most of this is just taken directly from the [https://github.com/CollaboraOnline/Docker-CODE/blob/master/scripts/start-libreoffice.sh start script] in the Docker image source.
 
<source lang="bash">
 
<source lang="bash">
Line 125: Line 130:
  
  
Change the ''host'' configuration settings from ''localhost'' to your ''NextCloud'' domain (you can just edit ''loolwsd.xml'' directly if you prefer):
+
Change the ''host'' configuration settings from ''localhost'' to your ''Nextcloud'' domain (you can just edit ''loolwsd.xml'' directly if you prefer):
 
<source lang="bash">
 
<source lang="bash">
 
perl -pi -e "s/localhost<\/host>/files.organicdesign.host<\/host>/g" /etc/loolwsd/loolwsd.xml
 
perl -pi -e "s/localhost<\/host>/files.organicdesign.host<\/host>/g" /etc/loolwsd/loolwsd.xml
Line 137: Line 142:
 
</source>
 
</source>
  
== Finishing up ==
+
=== Finishing up ===
Now you can enable the ''Collabora Online'' application in your ''NextCloud'' from ''settings/apps'' and then go to ''Collabora Online'' in the ''administration'' section of ''settings'' and set the URL of your application to ''https://office.organicdesign.host''. Now you should be ready to testing out creating and editing some office documents in our files!
+
Now you can enable the ''Collabora Online'' application in your ''Nextcloud'' from ''settings/apps'' and then go to ''Collabora Online'' in the ''administration'' section of ''settings'' and set the URL of your application to ''https://office.organicdesign.host''. Now you should be ready to testing out creating and editing some office documents in our files!
 +
 
 +
'''Mail:''' You can configure and test you site's mailout settings from ''settings/administration/additional settings''. Set your email to something external to the server first so that the test messages will be a proper test, since sometimes you may have settings that work for local addresses but not for external ones. For example, our server setup does work for external addresses if the encrypted and authenticated SMTP is used since that only works for connections coming in from the outside, since the Nextcloud is on the same host, unencrypted SMTP connections on port 25 should be used.
 +
 
 +
'''Registration:''' After that, you may want to install the ''registration'' add-on so that users can register themselves, you can configure it from the same place as the mail and define a default group and whether the accounts need admin approval - if so, the account is initially disabled and needs to be enabled by an admin.
 +
 
 +
=== Upgrading ===
 +
To upgrade, simply stop the Docker container, pull the ''collabora/code'' repo, and if a new image version was retrieved, delete the old container and image, and start the new one with the docker run command shown above in the installation. For some reason it sometimes takes an hour or so before you can start editing documents with it in Nextcloud, so if its not working after upgrade, come back to it after a couple of hours and check then.
 +
 
 +
=== Changing domain name ===
 +
To change the domain name of a Nextcloud installation which is running Collabora there are five places that need to be updated:
 +
*The sites SSL certificates
 +
*The web-server configuration
 +
*Nextcloud's ''config.php'' file
 +
*Remove the ''collabora/code'' container and run a new one using the new ''domain'' parameter
 +
*Set the new Collabora URL in the Nextcloud site configuration.
  
You can configure and test you site's mailout settings from ''settings/administration/additional settings''. After that, you may want to install the ''registration'' add-on so that users can register themselves, you can configure it from the same place as the mail and define a default group and whether the accounts need admin approval - if so, the account is initially disabled and needs to be enabled by an admin.
+
== Developing a custom add-on ==
 +
I'd like to make an add-on which caters for some of the things we need to do but that we've not found available within the current selection of addons. The idea is to be able to create custom record types and instances of those records. Creating a new record type would involve defining a list of fields and their data-types (which in turn requires a list of such types and their input/output contexts) and the design of a form for creating or modifying instances of those records.
 +
*The ability for the public to create and edit their own instances if records would allow for information gathering like google forms
 +
*Searching and reporting would be necessary and they could be exported to CSV or spreadsheet
 +
*Deck might be a good existing addon to base it on since it already has boards, stacks and cards, this could map for example to record-types, record-instances and fields
  
 
== Tips & Tricks ==
 
== Tips & Tricks ==
 +
*Always leave a document by closing it, rather than just closing the browser or tab as ghost users can cause problems
 +
*Only add registered people as participants in calendar events, an edit won't save if there's unregistered participants being added
 +
*It seems that it's best to use [https://docs.nextcloud.com/server/11/admin_manual/configuration_server/background_jobs_configuration.html cron for background maintenance] rather than Ajax updates (just run '''php -f .../cron.php''' as the web server user every 15min)
 +
*You can get user's email addresses from the ''accounts'' table which contains a JSON string of all the account into with original display name in the key column
 +
*Maintenance can be done from shell, use '''sudo -u www-data php occ''' to see all the commands and options
 +
 
=== Changing default preferences ===
 
=== Changing default preferences ===
 
The online version of Libre Office has a very simplified user interface with very few adjustable options, but since it's using the actual Libre Office code internally those options can still be set from within the server configuration (this method does not work if you're running LOOL from the Docker image).
 
The online version of Libre Office has a very simplified user interface with very few adjustable options, but since it's using the actual Libre Office code internally those options can still be set from within the server configuration (this method does not work if you're running LOOL from the Docker image).
Line 159: Line 189:
  
 
You can however download your sheet, and enable the cell protection using the offline version of Libre Office, and then upload it again and then you'll find that the cell protection works as it should. To modify or un-protect a a protected cell, you'll need to go back to the offline version though.
 
You can however download your sheet, and enable the cell protection using the offline version of Libre Office, and then upload it again and then you'll find that the cell protection works as it should. To modify or un-protect a a protected cell, you'll need to go back to the offline version though.
 +
 +
=== Custom CSS ===
 +
I like to enable the "Custom CSS" app which gives you the ability to add your own CSS rules in the ''theming'' section of ''settings''. Here's my custom rules:
 +
<source lang="css">
 +
/* Highlight the background of the current day in the calendar */
 +
#fullcalendar td.fc-today {
 +
  background-color: #FFFFDE;
 +
}
 +
 +
/* Make the notifications more obvious */
 +
div#notification {
 +
  background-color: #FFFFDE;
 +
  font-size: 200%;
 +
  padding: 20px 40px;
 +
  font-weight: bold;
 +
  margin-top: 100px;
 +
  border-radius: 10px;
 +
  border: 1px solid black;
 +
}
 +
</source>
  
 
== See also ==
 
== See also ==
*[https://nextcloud.com/collaboraonline/ NextCloud's article on Collabora Online]
+
*[[Backup]] ''- other backup and filesync solutions''
 +
*[https://nextcloud.com/collaboraonline/ Nextcloud's article on Collabora Online]
 
*[https://github.com/Ligmincha/Code/blob/master/Config/nginx.lool.conf Example single-domain Nginx config]
 
*[https://github.com/Ligmincha/Code/blob/master/Config/nginx.lool.conf Example single-domain Nginx config]
 +
*[https://docs.nextcloud.com/server/13/admin_manual/configuration_server/config_sample_php_parameters.html Config.php parameters]
 
*[http://www.zdnet.com/article/libreoffice-finally-to-go-online/ ZDnet article about LibreOffice going online at last]
 
*[http://www.zdnet.com/article/libreoffice-finally-to-go-online/ ZDnet article about LibreOffice going online at last]
 
*[https://wiki.documentfoundation.org/Development/LibreOffice_Online LOOL wiki page]
 
*[https://wiki.documentfoundation.org/Development/LibreOffice_Online LOOL wiki page]
*[https://github.com/nextcloud/spreed Video conferencing in NextCloud!]
+
*[https://github.com/nextcloud/spreed Video conferencing in Nextcloud!]
*[https://docs.nextcloud.com/server/11/admin_manual/configuration_server/email_configuration.html NextCloud mail configuration]
+
*[https://docs.nextcloud.com/server/11/admin_manual/configuration_server/email_configuration.html Nextcloud mail configuration]
*[https://docs.nextcloud.com/server/12/developer_manual/ NextCloud developer manual]
+
*[https://docs.nextcloud.com/server/12/developer_manual/ Nextcloud developer manual]
[[Category:Procedures]][[Category:Linux]]
+
*[https://linux.die.net/man/1/unoconv Unoconv] ''- command utility to convert to and from Libre Office format server side''
 +
*[https://www.documentliberation.org/projects/ Document Liberation Project]
 +
[[Category:Procedures]][[Category:Linux]][[Category:Federated]][[Category:Libre software]]

Revision as of 20:26, 6 February 2019

Nextcloud is a kind of personal Dropbox solution which is completely free and open source. There are many add-on applications available such as calendar, tasks, chat and collaborative file editing.

Installation

LOOL.jpg

This is our procedure for installing Nextcloud and LibreOffice Online on a Debian-based server. LibreOffice has included a component to allow it to be served over HTTP since version 5.3 but to use it you need to integrate it with a cloud file system that supports it. Nextcloud which is a brilliant groupware suite in its own right supports LibreOffice Online and integrates perfectly with it.

I'm following the instructions created by Collabora and Nextcloud from here, and more specifically the Nginx variation here. I'm documenting here my specific configuration to include the LetsEncrypt and other specific configuration aspects that are out of the scope of those instructions so that we have a more easily reproducible procedure.

I'm using the office.organicdesign.host domain here which you'll need to change for your own purposes.

Set up the server

Bring the machine up to date and install the following dependencies.

apt install git net-tools apt-transport-https locales-all \
            nginx php7.0-fpm php7.0-mysqlnd php7.0-zip php7.0-gd php7.0-curl php7.0-simplexml php7.0-mbstring

Set up MariaDB from their repositories here, and create a database and user ready for Nextcloud.

Configure the web-server and SSL certificates

In the Nginx configuration for this site, add a basic block for handling non-HTTP requests as follows. This will allow the LetsEncrypt domain validation requests to pass, but all other requests will be bounced to their respective HTTPS counterparts.

server {
	listen 80;
	listen [::]:80;
	server_name ~^;
	rewrite ^/\.well-known $uri last;
	return 301 https://$server_name$request_uri;
}


We can now install LetsEncrypt.

cd /var/www
git clone https://github.com/certbot/certbot.git letsencrypt


And then run it to make our certificates, after it has successfully created them add the command to be called from crontab daily.

letsencrypt/letsencrypt-auto certonly -q --keep --renew-with-new-domains --expand --webroot -w /var/www --agree-tos \
    --email "admin@organicdesign.host" -d office.organicdesign.host


Now create /var/www/nginx.ssl.conf with the following content that will be included from all SSL blocks. You'll need to replace the certificate paths with the ones that LetsEncrypt created for you. This block uses a set of secure cyphers suggested by SSLlabs, see SSL for more details.

ssl on;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EDH+aRSA:EECDH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS; # SSLlabs
ssl_prefer_server_ciphers on;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:10m;
ssl_dhparam /var/www/dhparams.pem;
ssl_certificate /etc/letsencrypt/live/office.organicdesign.host/fullchain.pem;
ssl_client_certificate /etc/letsencrypt/live/office.organicdesign.host/chain.pem;
ssl_certificate_key /etc/letsencrypt/live/office.organicdesign.host/privkey.pem;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;


Don't forget to create the strong Diffi-Hellman parameters which we referred to in nginx.ssl.conf.

openssl dhparam -out /var/www/dhparams.pem 2048

Install and configure Nextcloud

Nextcloud is a "drop-box" style web-application which is completely open-source so you can install it on your own server, and it has built-in integration for working with LibreOffice Online. Nextcloud is PHP so first download the source and unpack it into /var/www/nextcloud, ensure it's accessible by www-data, and then add the Nginx configuration recommended here. In this configuration we need to adjust the domain names and delete the port 80 block since we have an existing one described above to handle LetsEncrypt domain validation requests. Also remove the SSL lines and replace them with an include of the nginx.ssl.conf we made above.

A database and user will need to be created and then you can run through the install by going to the files.organicdesign.host domain. After you've successfully installed Nextcloud, go to the admin updater to check for any problems or optimisations and upgrade to the latest stable version.

  • I changed the URL in config/config.php to https
  • I noticed the install had used the wrong DB user once so may need editing in config.php
  • I removed the upstream block and used unix:/run/php/php7.0-fpm.sock directly for the fastcgi_pass parameter

Install LibreOffice Online

We now need to add a reverse-proxy block into our Nginx configuration, you can use the block from the instructions here. Adjust the server_name parameter to the domain you're using and replace the SSL directives with an include of the nginx.ssl.conf we created above.

Note: If you're using the same domain for both Nextcloud and LOOL, you need to put the LOOL Nginx server block contents inside the Nextcloud block, see this for example.

From the Docker image

By far the simplest method is to use Docker. Run through the Docker installation if you don't already have it installed. Then simply pull down the image and run it.

docker pull collabora/code
docker run -t -d -p 127.0.0.1:9980:9980 -e 'domain=office\\.organicdesign\\.nz' --restart unless-stopped --cap-add MKNOD collabora/code

Using the Debian package

Although using Docker is by far the simplest method, Docker is heavy and you may prefer to install loolwsd from a native Debian package to reduce dependencies and have it running in the native environment. Most of this is just taken directly from the start script in the Docker image source.

echo "deb https://collaboraoffice.com/repos/CollaboraOnline/CODE /" >> /etc/apt/sources.list.d/collabora.list
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 6CCEA47B2281732DF5D504D00C54D189F4BA284D
apt update
apt install loolwsd code-brand


If you want to add dictionaries for various languages

apt install collaboraoffice5.3-dict* collaboraofficebasis5.3*
mkdir -p /usr/share/hunspell
mkdir -p /usr/share/hyphen
mkdir -p /usr/share/mythes
mkdir -p /opt/lool/systemplate/usr/share/hyphen
for i in `find /opt/collaboraoffice5.3/share/extensions/ -name hyph*.dic`;do cp $i /opt/lool/systemplate/usr/share/hyphen;done
for i in `find /opt/collaboraoffice5.3/share/extensions/ -name hyph*.dic`;do cp $i /usr/share/hyphen;done
cp /opt/collaboraoffice5.3/share/extensions/dict-en/en_US.* /usr/share/hunspell
cp /opt/collaboraoffice5.3/share/extensions/dict-en/en_GB.* /usr/share/hunspell
cp /opt/collaboraoffice5.3/share/extensions/dict-pt-BR/pt_BR.* /usr/share/hunspell
apt remove --purge collaboraoffice5.3-dict*
rm -rf /var/lib/apt/lists/*


This is needed to fix a domain resolving bug:

rm /opt/lool/systemplate/etc/resolv.conf
ln -s /etc/resolv.conf /opt/lool/systemplate/etc/resolv.conf


Copy the LetsEncrypt certs (replace with your own cert path):

cp /etc/letsencrypt/live/office.organicdesign.host/privkey.pem /etc/loolwsd/key.pem
cp /etc/letsencrypt/live/office.organicdesign.host/cert.pem /etc/loolwsd/cert.pem
cp /etc/letsencrypt/live/office.organicdesign.host/chain.pem /etc/loolwsd/ca-chain.cert.pem
chown lool:lool /etc/loolwsd/*.pem


Change the host configuration settings from localhost to your Nextcloud domain (you can just edit loolwsd.xml directly if you prefer):

perl -pi -e "s/localhost<\/host>/files.organicdesign.host<\/host>/g" /etc/loolwsd/loolwsd.xml


Then finally run the daemon as the lool user in the background (you may also like to make a @reboot crontab entry for it as well).

sudo -u lool loolwsd --version --o:sys_template_path=/opt/lool/systemplate --o:lo_template_path=/opt/collaboraoffice5.3 \
    --o:child_root_path=/opt/lool/child-roots --o:file_server_root_path=/usr/share/loolwsd &

Finishing up

Now you can enable the Collabora Online application in your Nextcloud from settings/apps and then go to Collabora Online in the administration section of settings and set the URL of your application to https://office.organicdesign.host. Now you should be ready to testing out creating and editing some office documents in our files!

Mail: You can configure and test you site's mailout settings from settings/administration/additional settings. Set your email to something external to the server first so that the test messages will be a proper test, since sometimes you may have settings that work for local addresses but not for external ones. For example, our server setup does work for external addresses if the encrypted and authenticated SMTP is used since that only works for connections coming in from the outside, since the Nextcloud is on the same host, unencrypted SMTP connections on port 25 should be used.

Registration: After that, you may want to install the registration add-on so that users can register themselves, you can configure it from the same place as the mail and define a default group and whether the accounts need admin approval - if so, the account is initially disabled and needs to be enabled by an admin.

Upgrading

To upgrade, simply stop the Docker container, pull the collabora/code repo, and if a new image version was retrieved, delete the old container and image, and start the new one with the docker run command shown above in the installation. For some reason it sometimes takes an hour or so before you can start editing documents with it in Nextcloud, so if its not working after upgrade, come back to it after a couple of hours and check then.

Changing domain name

To change the domain name of a Nextcloud installation which is running Collabora there are five places that need to be updated:

  • The sites SSL certificates
  • The web-server configuration
  • Nextcloud's config.php file
  • Remove the collabora/code container and run a new one using the new domain parameter
  • Set the new Collabora URL in the Nextcloud site configuration.

Developing a custom add-on

I'd like to make an add-on which caters for some of the things we need to do but that we've not found available within the current selection of addons. The idea is to be able to create custom record types and instances of those records. Creating a new record type would involve defining a list of fields and their data-types (which in turn requires a list of such types and their input/output contexts) and the design of a form for creating or modifying instances of those records.

  • The ability for the public to create and edit their own instances if records would allow for information gathering like google forms
  • Searching and reporting would be necessary and they could be exported to CSV or spreadsheet
  • Deck might be a good existing addon to base it on since it already has boards, stacks and cards, this could map for example to record-types, record-instances and fields

Tips & Tricks

  • Always leave a document by closing it, rather than just closing the browser or tab as ghost users can cause problems
  • Only add registered people as participants in calendar events, an edit won't save if there's unregistered participants being added
  • It seems that it's best to use cron for background maintenance rather than Ajax updates (just run php -f .../cron.php as the web server user every 15min)
  • You can get user's email addresses from the accounts table which contains a JSON string of all the account into with original display name in the key column
  • Maintenance can be done from shell, use sudo -u www-data php occ to see all the commands and options

Changing default preferences

The online version of Libre Office has a very simplified user interface with very few adjustable options, but since it's using the actual Libre Office code internally those options can still be set from within the server configuration (this method does not work if you're running LOOL from the Docker image).

The configuration file containing the preferences is /etc/loolwsd/loolkitconfig.xcu which is a very simplified version of the desktop Libre Office configuration file usually found in ~/.config/libreoffice/4/user/registrymodifications.xcu. We can find the preferences we want to adjust in the desktop version of the file and copy those same entries across to the LOOL version.

For example, I wanted to disable the auto-correct functionality that fixed capitalisation of the first two letters of words. In the desktop version when I disable this functionality from the interface the following entry in the configuration is updated:

<item oor:path="/org.openoffice.Office.Common/AutoCorrect"><prop oor:name="TwoCapitalsAtStart" oor:op="fuse"><value>false</value></prop></item>

I then added this rows into the /etc/loolwsd/loolkitconfig.xcu file and after restarting the service, LOOL recognised the new preference and disabled the functionality properly.

Using cell protection

You may have noticed in the spreadsheet that the "cell protection" tab is still available in the "format cells" dialog box, but you can use it because the "protect sheet" option is not available in the "tools" menu.

You can however download your sheet, and enable the cell protection using the offline version of Libre Office, and then upload it again and then you'll find that the cell protection works as it should. To modify or un-protect a a protected cell, you'll need to go back to the offline version though.

Custom CSS

I like to enable the "Custom CSS" app which gives you the ability to add your own CSS rules in the theming section of settings. Here's my custom rules:

/* Highlight the background of the current day in the calendar */
#fullcalendar td.fc-today {
  background-color: #FFFFDE;
}

/* Make the notifications more obvious */
div#notification {
  background-color: #FFFFDE;
  font-size: 200%;
  padding: 20px 40px;
  font-weight: bold;
  margin-top: 100px;
  border-radius: 10px;
  border: 1px solid black;
}

See also