COLLABORA: Instalar Ubuntu Server 18.04

Esta guía explica como instalar collabora online en ubuntu server 18.04

Actualización del sistema

  • Ingresar como usuario sudo
sudo su
  • Actualizamos los repositorios
apt update
  • Actualizamos el sistema
apt upgrade
  • Actualizamos la distribución
apt dist-upgrade

Instalación de Collabora

apt install apt-transport-https
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0C54D189F4BA284D
echo 'deb https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-ubuntu1804 ./' >> /etc/apt/sources.list
apt-get update && apt-get install loolwsd code-brand

Instalamos apache

apt install apache2
  • Habilitamos los módulos
a2enmod proxy
a2enmod proxy_wstunnel
a2enmod proxy_http
a2enmod ssl
systemctl restart apache2

Configuración de Collabora

  • Abrimos el archivo
nano /etc/loolwsd/loolwsd.xml
  • Buscamos la sección
<storage desc="Backend storage">
  • Agregamos
<host desc="Regex pattern of hostname to allow or deny." allow="true">127\.0\.0\.1</host>
<host desc="Regex pattern of hostname to allow or deny." allow="true">cloud.siua.ac.cr</host>
  • Buscamos la sección:
 <net desc="Network settings">
  • Y modificamos
<proto type="string" default="all" desc="Protocol to use IPv4, IPv6 or all for both">all</proto>
X
<proto type="string" default="all" desc="Protocol to use IPv4, IPv6 or all for both">IPv4</proto>
  • Buscamos
seccomp
  • Modificamos
<seccomp desc="Should we use the seccomp system call filtering." type="bool" default="true">true</seccomp>
X
<seccomp desc="Should we use the seccomp system call filtering." type="bool" default="true">false</seccomp>
  • Usuarios buscamos
admin_console
  • Modificamos
<username desc="The username of the admin console. Ignored if PAM is enabled."></username>
<password desc="The password of the admin console. Deprecated on most platforms. Instead, use PAM or loolconfig to set up a secure password."></password>

X

<username desc="The username of the admin console. Ignored if PAM is enabled.">ugit</username>
<password desc="The password of the admin console. Deprecated on most platforms. Instead, use PAM or loolconfig to set up a secure password.">CA2</password>
  • Guardamos el archivo
  • Asumimos que tenemos los certificados de letsencrypt en la ubicación
/etc/apache2/certificados/collabora.siua.ac.cr/
  • Les damos permisos
chgrp lool /etc/apache2/certificados/collabora.siua.ac.cr/*
chmod g+r /etc/apache2/certificados/collabora.siua.ac.cr/*
  • Abrimos el archivo
nano /etc/loolwsd/loolwsd.xml
  • Buscamos
<cert_file_path desc="Path to the cert file" relative="false">/etc/loolwsd/cert.pem</cert_file_path>
<key_file_path desc="Path to the key file" relative="false">/etc/loolwsd/key.pem</key_file_path>
<ca_file_path desc="Path to the ca file" relative="false">/etc/loolwsd/ca-chain.cert.pem</ca_file_path>
  • Modificamos
<cert_file_path desc="Path to the cert file" relative="false">/etc/apache2/certificados<key_file_path desc="Path to the key file" relative="false">/etc/apache2/certificados/collabora.siua.ac.cr/privkey.pem</key_file_path>
<ca_file_path desc="Path to the ca file" relative="false">/etc/apache2/certificados/collabora.siua.ac.cr/chain.pem</ca_file_path>
  • Reiniciamos los servicios y comprobamos que estén corriendo bien
systemctl restart loolwsd.service
systemctl status loolwsd.service
netstat -tulpen | grep 9980

Configurar virtual host

  • Abrimos el archivo
nano /etc/apache2/sites-available/collabora.siua.ac.cr.conf
  • Agregamos
<VirtualHost *:80>

    #************************************************************************
    #******************* DATOS DEL SITIO WEB ********************************
    #************************************************************************
    ServerName collabora.siua.ac.cr
    ServerAlias www.collabora.siua.ac.cr
    ErrorLog /var/log/apache2/collabora_80.siua.ac.cr-error.log
    CustomLog /var/log/apache2/collabora_80.siua.ac.cr-access.log common

    #************************************************************************
    #********************** DATOS DEL WEBMASTER *****************************
    #************************************************************************
    ServerAdmin interuniversitariadealajuela@gmail.com
    Header add Author "Unidad de Gestion e Innovacion Tecnologica"

    #************************************************************************
    #********************* DATOS DEL REDIRECIONAMIENTO **********************
    #************************************************************************
    RedirectMatch permanent ^/(.*) https://collabora.siua.ac.cr/$1


    #************************************************************************
    #************************* DATOS DEL SITIO WEB **************************
    #************************************************************************
    DocumentRoot /var/www/html/XXXXXXXXXXXXXXXXXXX

</VirtualHost>
  • Abrimos el archivo
nano /etc/apache2/sites-available/collabora.siua.ac.cr-le-ssl.conf
  • Agregamos
IfModule mod_ssl.c>

   #************************************************************************
   #HTTPS://www.collabora.siua.ac.cr
   #************************************************************************
   <VirtualHost *:443>
        ServerName www.collabora.siua.ac.cr
        RedirectMatch permanent ^/(.*) https://collabora.siua.ac.cr/$1
        #************************************************************************
        #*************************** DATOS DEL CERTIFICADO **********************
        #************************************************************************
        SSLEngine on
        SSLCertificateFile /etc/apache2/certificados/collabora.siua.ac.cr/fullchain.pem
        SSLCertificateKeyFile /etc/apache2/certificados/collabora.siua.ac.cr/privkey.pem
   </VirtualHost>

   #************************************************************************
   #HTTPS://collabora.siua.ac.cr
   #************************************************************************
   <VirtualHost *:443>

        #************************************************************************
        #******************* DATOS DEL SITIO WEB ********************************
        #************************************************************************
        ServerName collabora.siua.ac.cr
        ErrorLog /var/log/apache2/collabora_443.siua.ac.cr-error.log
        CustomLog /var/log/apache2/collabora_443.siua.ac.cr-access.log common

        #************************************************************************
        #********************** DATOS DEL WEBMASTER *****************************
        #************************************************************************
        ServerAdmin interuniversitariadealajuela@gmail.com
        Header add Author "Unidad de Gestion e Innovacion Tecnologica"


        #************************************************************************
        #************************** DATOS DEL CERTIFICADO ***********************
        #************************************************************************
        SSLEngine on
        SSLCertificateFile /etc/apache2/certificados/collabora.siua.ac.cr/fullchain.pem
        SSLCertificateKeyFile /etc/apache2/certificados/collabora.siua.ac.cr/privkey.pem

        #************************************************************************
        #************************** DATOS DEL SITIO WEB *************************
        #************************************************************************
        #DocumentRoot /var/www/html/XXXXXXXXXXXXXXXXX

        SSLProtocol all -SSLv2 -SSLv3
        SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES25$
        SSLHonorCipherOrder on
SetEnvIf User-Agent ".*MSIE.*" \
        nokeepalive ssl-unclean-shutdown \
        downgrade-1.0 force-response-1.0

        # Encoded slashes need to be allowed
        AllowEncodedSlashes NoDecode

        # Enable and configure SSL Proxy
        SSLProxyEngine On
        SSLProxyVerify None
        SSLProxyCheckPeerCN Off

        # Make sure to keep the host
        ProxyPreserveHost On

        # static html, js, images, etc. served from loolwsd
        # loleaflet is the client part of LibreOffice Online
        ProxyPass /loleaflet https://127.0.0.1:9980/loleaflet retry=0
        ProxyPassReverse /loleaflet https://127.0.0.1:9980/loleaflet


        # WOPI discovery URL
        ProxyPass /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
        ProxyPassReverse /hosting/discovery https://127.0.0.1:9980/hosting/discovery
 # Main websocket
        ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws nocanon

        # Admin Console websocket
        ProxyPass /lool/adminws wss://127.0.0.1:9980/lool/adminws

        # Download as, Fullscreen presentation and Image upload operations
        ProxyPass /lool https://127.0.0.1:9980/lool
        ProxyPassReverse /lool https://127.0.0.1:9980/lool


  </VirtualHost>
</IfModule>


  • Para ver la consola
https://collabora.siua.ac.cr:9980/loleaflet/dist/admin/admin.html