Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Opening a Collabora Online document shows a blank page #3075

Closed
antlarr opened this issue Jul 16, 2023 · 2 comments
Closed

Opening a Collabora Online document shows a blank page #3075

antlarr opened this issue Jul 16, 2023 · 2 comments
Labels
0. Needs triage bug Something isn't working

Comments

@antlarr
Copy link

antlarr commented Jul 16, 2023

Steps to reproduce

  1. Create a new ods spreadsheet file
  2. Open it

Expected behavior

Collabora Online is opened

Actual behavior

Nothing happens. The web page remains blank (completely black or white depending on the web browser color scheme) and without giving any error after waiting for a long time.

Host OS

Docker/Portainer on an ASUSTOR NAS with a reverse proxy in a Raspberry Pi 4 running Apache on Debian

Nextcloud AIO version

v6.2.1

Current channel

latest

Other valuable info

I installed Nextcloud AIO on Portainer running on an ASUSTOR NAS using the following docker-compose configuration:

services:
  nextcloud:
    image: nextcloud/all-in-one:latest
    restart: always
    container_name: nextcloud-aio-mastercontainer
    volumes:
      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
      - /var/run/docker.sock:/var/run/docker.sock:ro
    ports:
      - 9080:8080
    environment:
      - APACHE_PORT=18080
      - APACHE_IP_BINDING=0.0.0.0
      - SKIP_DOMAIN_VALIDATION=true
volumes:
  nextcloud_aio_mastercontainer:
    name: nextcloud_aio_mastercontainer

Note that I can't use ports 443 nor 8080 in the NAS, so I'm using a raspberry pi 4 where I already have a web server (and letsencrypt/certbot configured to renew my domain certifications automatically) as a reverse proxy.
I configured a new virtual host in Apache in the raspberry pi 4 for host.mydomain.net with:

<IfModule mod_ssl.c>
<VirtualHost *:443>

        #  General setup for the virtual host
        DocumentRoot "/srv/www/htdocs/host.mydomain.net"
        ServerName host.mydomain.net
        ErrorLog /var/log/apache2/host.mydomain.net_error_log
        TransferLog /var/log/apache2/host.mydomain.net_access_log

RewriteEngine on
ProxyPreserveHost On
AllowEncodedSlashes NoDecode

# Some rewrite rules in this file were disabled on your HTTPS site,
# because they have the potential to create redirection loops.

# RewriteCond %{SERVER_NAME} =host.mydomain.net
# RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]


Include /etc/letsencrypt/options-ssl-apache.conf

<Directory /srv/www/htdocs/host.mydomain.net/>
          Options FollowSymlinks
          AllowOverride All
          Require all granted
</Directory>

SSLCertificateFile /etc/letsencrypt/live/mydomain.net/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.net/privkey.pem

ProxyPass / http://192.168.1.11:18080/ nocanon
ProxyPassReverse / http://192.168.1.11:18080/

RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteCond %{HTTP:Connection} upgrade [NC]
RewriteCond %{THE_REQUEST} "^[a-zA-Z]+ /(.*) HTTP/\d+(\.\d+)?$"
RewriteRule .? "ws://192.168.1.11:18080/%1" [P,L]

# Enable h2, h2c and http1.1
Protocols h2 h2c http/1.1

# Solves slow upload speeds caused by http2
H2WindowSize 5242880

# Disable HTTP TRACE method.
TraceEnable off
<Files ".ht*">
    Require all denied
</Files>

# Support big file uploads
LimitRequestBody 0

</VirtualHost>
</IfModule>

With this, I can access the AIO mastercontainer, configure it, and start all the containers. I can then access my Nextcloud instance at https://host.mydomain.net (which goes through the raspberry pi apache and redirects correctly to https://192.168.1.11:18080). All apps,like Photos, Activity, Talk, Calendar... work fine, but when I try to open a ods or odt file, it shows nothing.

I checked the tips in nextcloud/all-in-one#1358 but nothing helped. I've uploaded the output of curl -vvv https://$NC_DOMAIN:443/hosting/discovery at discovery.log

I'm also uploading the logs from the AIO containers (replacing the correct host url with host.mydomain.net):
nextcloud-aio-collabora.log
nextcloud-aio-nextcloud.log

BTW, the Office tab shows "Collabora Online server is reachable." . I also edited the collabora container to make it publish the 9980 port so I can access it from my network (just for testing purposes) and http://192.168.1.11:19980/ shows "OK". I also checked the collabora admin web at /browser/dist/admin/admin.html and didn't see anything wrong.

I see in the log from the nextcloud-aio-collabora container an error:
sh: 1: /usr/bin/coolmount: Operation not permitted
and if I get a shell in that container and run it manually (even as root), it fails with the same error. Might that be related? Although I saw in some bug reports that it was mentioned as something normal.

Any idea of what might be wrong? Of course, if you need me to test anything, or provide some other information, just tell me.
@antlarr antlarr added 0. Needs triage bug Something isn't working labels Jul 16, 2023
@szaimen szaimen transferred this issue from nextcloud/all-in-one Jul 16, 2023
@antlarr
Copy link
Author

antlarr commented Jul 17, 2023

I found the problem. I'll explain it here just in case it happens to someone else.

I noticed that when using the browser developer tools an error is shown in Firefox:

Content Security Policy: The page’s settings blocked the loading of a resource at https://host.mydomain.net/apps/dashboard/ (“frame-ancestors”).

or in Chromium:

Refused to frame 'https://host.mydomain.net/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".

So I searched for frame-ancestors and found that in /etc/apache2/conf-enabled/security.conf in my proxy server I have this line:

Header set Content-Security-Policy: "frame-ancestors 'none'"

So I modified the virtual host configuration to override that header just for host.mydomain.net with:

Header set Content-Security-Policy: "frame-ancestors 'self'"

and after restarting apache, Collabora documents now work perfectly.

@szaimen, Thanks for transferring this bug to the right product. I'll close it as it was a problem in my installation and it's fixed with that change.

@antlarr antlarr closed this as completed Jul 17, 2023
@Githopp192
Copy link

Nextcloud Server version
26.0.4

Operating system
RHEL 8.8

PHP engine version
PHP 8.1

Web server
Apache (supported)

Database engine version
MariaDB

Just did the upgrade of Collabora ONLINE to version: 23.5.202.

After upgrade was completed :

opening documents (*.xlsx, docx) - getting blank screen (logging in with different user)
trying to use another browser (i.e. Firefox) - same behave - blank screen
logging out /logging in / refresh the browser page - same result - blank screen
What i did to solve:

i had to switch between these setting (in fact re-enable the built-in code server):

ScreenShot052

@Githopp192

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
0. Needs triage bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@antlarr @Githopp192