4 203
modifications
Ligne 46 : | Ligne 46 : | ||
=Sur le serveur nextcloud= | =Sur le serveur nextcloud= | ||
==Exemple de proxy apache== | |||
<pre> | |||
<VirtualHost *:443> | |||
ServerName collabora.example.com:443 | |||
Options -Indexes | |||
# SSL configuration, you may want to take the easy route instead and use Lets Encrypt! | |||
SSLEngine on | |||
SSLCertificateFile /path/to/signed_certificate | |||
SSLCertificateChainFile /path/to/intermediate_certificate | |||
SSLCertificateKeyFile /path/to/private/key | |||
SSLProtocol all -SSLv2 -SSLv3 | |||
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS | |||
SSLHonorCipherOrder on | |||
# Encoded slashes need to be allowed | |||
AllowEncodedSlashes NoDecode | |||
# Container uses a unique non-signed certificate | |||
SSLProxyEngine On | |||
SSLProxyVerify None | |||
SSLProxyCheckPeerCN Off | |||
SSLProxyCheckPeerName Off | |||
# keep the host | |||
ProxyPreserveHost On | |||
# static html, js, images, etc. served from loolwsd | |||
# loleaflet is the client part of Collabora Online | |||
ProxyPass /loleaflet https://127.0.0.1:9980/loleaflet retry=0 | |||
ProxyPassReverse /loleaflet https://127.0.0.1:9980/loleaflet | |||
# WOPI discovery URL | |||
ProxyPass /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0 | |||
ProxyPassReverse /hosting/discovery https://127.0.0.1:9980/hosting/discovery | |||
# Capabilities | |||
ProxyPass /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities retry=0 | |||
ProxyPassReverse /hosting/capabilities https://127.0.0.1:9980/hosting/capabilities | |||
# Main websocket | |||
ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws nocanon | |||
# Admin Console websocket | |||
ProxyPass /lool/adminws wss://127.0.0.1:9980/lool/adminws | |||
# Download as, Fullscreen presentation and Image upload operations | |||
ProxyPass /lool https://127.0.0.1:9980/lool | |||
ProxyPassReverse /lool https://127.0.0.1:9980/lool | |||
</VirtualHost> | |||
</pre> |