How to deploy Collabora Online Office on Ubuntu with Apache2 as Reverse Proxy and Docker

– English Translation
– apache2-vhost
– Add Instructions for more than one nextcloud-domain
– Renew Screenshots
– Add Links to Troubleshooting Guides

In this guide i will show you how to deploy Collabora Office with Apache2 and Docker to integrate in Nextcloud.

– one Ubuntu VPS
– LAMP stack installed
– Apache2 Reverse Proxy Modules activated
– Docker installed
– certbot installed
– DNS-A record for Apache2-vHost
– Working Nextcloud installation with Collabora online app

If requirements are missing please use this:

LAMP stack:

 sudo apt-get install lamp-server^

Apache2 modules:

sudo a2enmod proxy
sudo a2enmod proxy_http
sudo a2enmod ssl
sudo a2enmod proxy_https
sudo a2enmod proxy_ajp
sudo a2enmod rewrite
sudo a2enmod deflate
sudo a2enmod headers
sudo a2enmod proxy_balancer
sudo a2enmod proxy_connect
sudo a2enmod proxy_html
sudo a2enmod proxy_wstunnel

Version from official Ubuntu Repository:

sudo apt-get install
sudo systemctl start docker
sudo systemctl enable docker

or directly from Docker:

sudo curl -sSL | CHANNEL=stable sh
sudo systemctl enable docker.service
sudo systemctl start docker.service


sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-apache

when finished, we can continue with Step 1.

Step 1: Collabora

Connect via ssh to host and deploy Docker container for one nextcloud-domain:

docker run -t -d -p -e 'domain=subdomain\\.domain\\.com' -e 'username=UserName' -e 'password=Your-Password' --cap-add MKNOD collabora/code

or for more than one nextcloud-domain:

docker run -t -d -p -e 'domain=subdomain1\\.domain\\.com|subdomain2\\.domain\\.com' -e 'username=UserName' -e 'password=Your-Password' --cap-add MKNOD collabora/code

Please insert here your subdomain, on which Nextcloud runs, afterwards with

docker ps

check whether container is active.

Step 2: Apache2

create apache2-vHost for collabora:

sudo nano /etc/apache2/sites-available/002-office.your-domain.tld.conf

Content (adjust according your domain):

<VirtualHost *:80>
        # The ServerName directive sets the request scheme, hostname and port that
        # the server uses to identify itself. This is used when creating
        # redirection URLs. In the context of virtual hosts, the ServerName
        # specifies what hostname must appear in the request's Host: header to
        # match this virtual host. For the default virtual host (this file) this
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        ServerName office.your-domain.tld

        ServerAdmin webmaster@your-domain.tld
        DocumentRoot /var/www/html

        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
        # error, crit, alert, emerg.
        # It is also possible to configure the loglevel for particular
        # modules, e.g.
        #LogLevel info ssl:warn

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
        # include a line for only one particular virtual host. For example the
        # following line enables the CGI configuration for this host only
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf

activate vHost:

sudo a2ensite 002-office.your-domain.tld.conf

create LetsEncrypt-Certificate:

sudo certbot --authenticator standalone --installer apache -d office.your-domain.tld --pre-hook "service apache2 stop" --post-hook "service apache2 start"

and choose Option 2 (redirect), and edit the new conf:

sudo nano /etc/apache2/sites-available/002-office.your-domain.tld-le-ssl.conf
<VirtualHost *:443>
ServerName office.your-domain.tld:443

# SSL configuration, you may want to take the easy route instead and use Lets Encrypt!
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/office.deine-domain.tld/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/office.deine-domain.tld/privkey.pem
SSLProtocol             all -SSLv2 -SSLv3
SSLHonorCipherOrder     on

# Encoded slashes need to be allowed
AllowEncodedSlashes NoDecode

# Container uses a unique non-signed certificate
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off

# keep the host
ProxyPreserveHost On

# static html, js, images, etc. served from loolwsd
# loleaflet is the client part of Collabora Online
ProxyPass           /loleaflet retry=0
ProxyPassReverse    /loleaflet

# WOPI discovery URL
ProxyPass           /hosting/discovery retry=0
ProxyPassReverse    /hosting/discovery

# Capabilities
ProxyPass           /hosting/capabilities retry=0
ProxyPassReverse    /hosting/capabilities

# Main websocket
ProxyPassMatch "/lool/(.*)/ws$" wss://$1/ws nocanon

# Admin Console websocket
ProxyPass   /lool/adminws wss://

# Download as, Fullscreen presentation and Image upload operations
ProxyPass           /lool
ProxyPassReverse    /lool

save conf and reload apache2:

sudo systemctl reload apache2

then check access to Collabora at the following Admin-URL:


Step 3: Nextcloud

Activate the Collabora Online app in Nextcloud and enter the subdomain of your Collabora vHost.

Now you can edit any document directly in the browser:



That’s it and Happy Nextclouding! 😉


If you get in trouble, please check this Guides:
Troubleshooting Nextcloud in Plesk mit Docker und OnlyOffice- oder Collabora-Image
Troubleshooting Nextcloud in Plesk mit Docker und OnlyOffice- oder Collabora-Image Teil 2

Do you have Plesk?
How to deploy Collabora Online Office without Docker in Plesk and connect to Nextcloud on Ubuntu