docker-compose一键部署nextcloud和collbora在线浏览(2025-02-26更新)
docker版本:
[root@k8s-node1 config]# docker --version Docker version 24.0.2, build cb74dfc [root@k8s-node1 config]# docker-compose --version Docker Compose version v2.23.0
1、使用docker-compose安装nextcloud和collabora
vim docker-compose.yml version: '3' services: db: image: mariadb:10.6 container_name: mariadb restart: always command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW volumes: - /opt/docker/mysql:/var/lib/mysql environment: - MYSQL_ROOT_PASSWORD=root密码 - MYSQL_PASSWORD=nextcloud@123 - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud network_mode: "host" app: image: nextcloud:latest container_name: nextcloud restart: always ports: - 8080:80 volumes: - /opt/docker/nextcloud/html:/var/www/html environment: - MYSQL_PASSWORD=nextcloud@123 - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - MYSQL_HOST=192.168.3.225 #宿主机ip collabora: image: collabora/code container_name: collabora restart: always environment: - domain=192.168.3.225 - domain=nextcloud.test.com.cn - username=admin - password=Coll123456 cap_add: - MKNOD network_mode: "host"
随便开通下防火墙
开通防火墙 iptables -A INPUT -p tcp --dport 9980 -j ACCEPT iptables -A INPUT -p tcp --dport 8080 -j ACCEPT iptables -A INPUT -p tcp --dport 3306 -j ACCEPT service iptables save
构建
docker-compose up -d
检查容器有没有启动,或有没有启动失败的,特别是数据库有没有初始化完成等
2、修改collabora配置,使之能通过http访问
vim coolwsd.xml 修改配置文件(默认启用ssl证书改成false) <ssl desc="SSL settings"> <enable type="bool" desc="xxx." default="true">false</enable> mv coolwsd.xml coolwsd.xml_1 docker cp ./coolwsd.xml_1 collabora:/etc/coolwsd/coolwsd.xml_1 docker exec -it -u root collabora /bin/bash cd /etc/coolwsd/ chown -R cool:cool ./coolwsd.xml_1 mv coolwsd.xml_1 coolwsd.xml docker restart collabora 访问测试 http://192.168.3.225:9980 http://192.168.3.225:9980/browser/dist/admin/adminSettings.html http://collbora.test.com.cn:9980 #解析了域名是为了方便访问,可以不用 http://collbora.test.com.cn:9980/browser/dist/admin/adminSettings.html admin Coll123456
3、配置nextcloud
http://192.168.3.225:8080/ http://nextcloud.test.com.cn:8080
登录页面创建新用户
创建用户名和密码
nextcloud
nextcloud@1234
增加授权访问(可忽略,默认只有上面步骤页面访问地址,可以增加IP和域名都能访问nextcloud页面)
vim /opt/docker/nextcloud/html/config/config.php array ( 0 => '192.168.3.225:8080', 1 => 'http://nextcloud.test.com.cn:8080', ),
安装插件(使用离线安装,在线安装会超时)
nextcloud网页上添加collabora online 和 nextcloud office插件 (手动安装,国内网络问题,自动安装基本会超时失败)
浏览器访问https://apps.nextcloud.com/,里面根据安装nextcloud版本选择对应版本插件压缩包。
本次下载有两个安装包
richdocumentscode.tar.gz richdocuments-v8.5.3.tar.gz
解压授权,并mv到nextcloud/html/apps目录下
tar -xf richdocumentscode.tar.gz chown -R 33.root richdocumentscode/ chmod -R 777 richdocumentscode mv richdocumentscode nextcloud/html/apps/ # richdocuments-v8.5.3.tar.gz 同理
然后在nextcloud页面 ,个人信息->应用->已禁用的应用中找到Collabora Online 和Nextcloud Office启用
个人信息->设置->Offcie 输入collabora地址
测试:
nextcloud页面->文件里面编辑,在collabora里面就能看到记录了
更新(2026-02-25)
在原基础上更新nextcloud和collbora到最新版,并使用https访问
1、备份原项目,包括数据库、nextcloud、collbora。
2、原http访问,新增https访问方式
原容器挂载路径不变,修改了docker-compose.yml部署文件
version: '3'
services:
db:
image: 1431f5976afc
container_name: mariadb
restart: always
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
volumes:
- /opt/docker/mysql:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=c5TiFxEagxxx
- MYSQL_PASSWORD=nextcloud@123
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
network_mode: "host"
app:
image: nextcloud:stable #最新版
container_name: nextcloud
restart: always
ports:
- 8081:80
volumes:
- /opt/docker/nextcloud/html:/var/www/html
environment:
- MYSQL_PASSWORD=nextcloud@123
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_HOST=192.168.3.223
collabora:
#image: d3bfb5a571cb
image: collabora/code #最新版
container_name: collabora
restart: always
environment:
- domain=192.168.3.223
- domain=docs.xxx.com.cn
- domain=collabora.xxx.com.cn
- username=admin
- password=Coll123456
privileged: true
cap_add:
- MKNOD
network_mode: "host"
nginx:
image: nginx:latest
container_name: nextcloud_nginx
restart: always
#network_mode: "host"
ports:
- 80:80
- 443:443
volumes:
- /opt/docker/nginx/html:/usr/share/nginx/html
- /opt/docker/nginx/conf/nginx.conf:/etc/nginx/nginx.conf/
- /opt/docker/nginx/conf.d:/etc/nginx/conf.d/
- /opt/docker/nginx/logs:/var/log/nginx
- /opt/docker/nginx/ssl:/etc/nginx/ssl
# 依赖Nextcloud和Collabora,确保先启动后再启动Nginx
depends_on:
- app
- collabora
docker-compose down && docker-compose up -d
部署后,nextcloud需要执行命令更新(collbora测试直接用最新版镜像重新部署即可)
#升级 docker exec -u www-data nextcloud php occ upgrade #可能会出现提示”表/列 已经存在的报错”,执行下面步骤处理重复表/列即可 #进入MariaDB容器(密码填docke-compose.yml里设置的数据库密码) docker exec -it mariadb mysql -u nextcloud -p #切换到Nextcloud数据库 USE nextcloud; #先确认`oc_ex_ui_files_actions`表有`version`列 DESCRIBE oc_ex_ui_files_actions; # (看到`version`列存在的话,执行下一步删除) #删除重复的`version`列 ALTER TABLE oc_ex_ui_files_actions DROP COLUMN version; #退出数据库 exit 配置文件新增 vim /opt/docker/nextcloud/html/config/config.php 'overwriteprotocol' => 'https', 'session_secure_cookie' => true, 'overwrite.cli.url' => 'https://docs.xxx.com.cn',
完后重启nextcloud容器
3、nginx配置
nextcloud.conf
server { listen 80; server_name docs.xxx.com.cn; #nextcloud访问域名 return 301 https://$host$request_uri; } server { listen 443 ssl; http2 on; server_name docs.xxx.com.cn; ssl_certificate /etc/nginx/ssl/server.pem; ssl_certificate_key /etc/nginx/ssl/server.key; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; # 客户端上传文件大小限制(和Nextcloud保持一致,默认10G) client_max_body_size 10G; proxy_max_temp_file_size 0; # 反向代理Nextcloud主服务 location / { proxy_pass http://192.168.3.223:8081; # 指向Nextcloud容器的80端口 proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Port $server_port; proxy_connect_timeout 3600; proxy_send_timeout 3600; proxy_read_timeout 3600; } # Nextcloud静态资源缓存(可选,提升访问速度) location ~* \.(css|js|png|jpg|jpeg|gif|ico|svg)$ { proxy_pass http://192.168.3.223:8081; proxy_cache_valid 200 1d; proxy_cache_use_stale error timeout invalid_header updating; expires 365d; } }
collbora.conf
server { #listen 9980 ssl; listen 443 ssl; http2 on; server_name collbora.xxx.com.cn; #collbora访问域名 ssl_certificate /etc/nginx/ssl/server.pem; ssl_certificate_key /etc/nginx/ssl/server.key; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; location / { proxy_pass http://192.168.3.223:9980; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; } location ^~ /loleaflet { proxy_pass http://192.168.3.223:9980; proxy_set_header Host $http_host; } location ^~ /hosting/discovery { proxy_pass http://192.168.3.223:9980; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; } location ^~ /lool { proxy_pass http://192.168.3.223:9980; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header Host $http_host; } location ~ ^/lool/(.*)/ws$ { proxy_pass http://192.168.3.223:9980; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header Host $http_host; proxy_read_timeout 36000s; } location ^~ /lool/adminws { proxy_pass http://192.168.3.223:9980; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header Host $http_host; proxy_read_timeout 36000s; } }
4、collbora配置修改
coolwsd.xml
docker cp collabora:/etc/coolwsd/coolwsd.xml ./ vim coolwsd.xml 修改配置文件(ssl证书改回true) <ssl desc="SSL settings"> <enable type="bool" desc="xxx." default="true">false</enable> ... <alias_groups desc="default mode is 'first' it allows only the first host when groups are not defined. set mode to 'groups' and define group to allow multiple host and its aliases" mode="first"> <!-- If you need to use multiple wopi hosts, please change the mode to "groups" and add the hosts below. If one host is accessible under multiple ip addresses or names, add them as aliases. --> <group> <host desc="hostname to allow or deny." allow="true">docs.xxx.com.cn</host> <host desc="hostname to allow or deny." allow="true">collbora.xxx.com.cn</host> <alias desc="regex pattern of aliasname">http://192.168.3.223</alias> <alias desc="regex pattern of aliasname">scheme://aliasname2:port</alias> </group> <!-- More "group"s possible here --> </alias_groups> ... mv coolwsd.xml coolwsd_1.xml docker cp ./coolwsd_1.xml collabora:/etc/coolwsd/coolwsd_1.xml docker exec -it -u root collabora /bin/bash cd /etc/coolwsd/ chown -R cool:cool ./coolwsd_1.xml mv coolwsd_1.xml coolwsd.xml docker restart collabora
访问测试
https://docs.xxx.com.cn https://collbora.xxx.com.cn/browser/dist/admin/adminSettings.html
注意:升级后,插件需要重新下载对应新版本安装,安装方式和前面的一样,此处不再重写,然后就可以在office中配置https://collbora.xxx.com.cn/ 进行在线编辑了
注:如果要在新服务上安装现在的最新版本,直接使用现在的docker-compose.yml和映射目录迁移过去即可(迁移后修改对应配置域名)
好记性不如烂笔头,最难不过坚持
浙公网安备 33010602011771号