Improvements for Nethserver-Collabora

mark_nl · February 20, 2021, 11:05am

Note : you still need to set it up as described in README.rst
EDIT: above applies to version nethserver-collabora-0.1.2-1.ns7.noarch not the wip-package

To get rid of most additional steps to configure nethserver-collabora and make it more stable at updates is what this "TLC"efffort is about.

syntaxerrormmm · February 20, 2021, 12:37pm

Well, tried the first round yesterday, but found out that probably the droplet I created was too small in RAM. Will retry in some hours

stephdl · February 21, 2021, 8:01am

same for me, someone has a clue ?

mark_nl · February 21, 2021, 10:03am

As @mrmarkuz mentioned above it seems to be a upstream bug in the richdocuments netxtcloud app

mrmarkuz · February 21, 2021, 5:30pm

In the CODE repo there’s only version 6.0 and 6.4. I’d like to get some dictionaries for our version 6.2. I don’t understand because 6.2 should be LTS from what I saw here.

Install code repo:

sudo yum-config-manager --add-repo https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-centos7

EDIT:

Version 6.4 working here with dictionaries.

Collabora is named like collaboraofficebasis6.4* whereas the dictionaries are named like

yum install collaboraoffice6.4-dict-en collaboraoffice6.4-dict-de collaboraoffice6.4-dict-es

mark_nl · February 21, 2021, 7:07pm

Did not take a possible LTS version in to consideration, i’ll gues it for collabora-subscribtion users (or build it yourself).
Did two brief update tests from 6.0 > 6.2 > 6.4 and one 6.0 > 6.4, it did not break but did only basic functional tests.
If this makes it to release i’d propose to include CODE/collabora office 6.4 in the nethforge repo.

mrmarkuz · February 21, 2021, 7:17pm

Fully agree

mark_nl · February 22, 2021, 2:00pm

IMHO it is ready to go through the development/audit cycle

@giacomo do you prefer I open an issue in Nethserver/dev for this (or not),
asking because it is a nethforge module.

giacomo · February 22, 2021, 3:51pm

I’d say yes, it will help you tracking the progress. I we will add the forge tag to the issue

mark_nl · February 22, 2021, 6:11pm

Does this apply to all services in the (update) event ?:

event_services($event, qw(
               httpd reload
               loolwsd restart
));

Goal is to set/check the WopiUrl after httpd reload

EDIT Sorry RTFM:
https://docs.nethserver.org/projects/nethserver-devel/en/latest/events.html#order-of-implicit-actions

stephdl · February 22, 2021, 6:54pm

this is the goal indeed action 91 will be triggered after the services restart

mrmarkuz · February 22, 2021, 9:47pm

Updated another server, worked without issues.

mark_nl · February 23, 2021, 10:58am

With the last commit nethserver-collabora works like intended;

The default wopiUrl (collabora.server_domain) created on installation needs to be resolvable.

Included it in the /etc/hosts template, can not think of a cleaner method.

mrmarkuz · February 23, 2021, 2:02pm

I updated a Nethserver at work with Collabora 6.4 because there were problems with formattings and it worked and solved the format issues in first tests.

mark_nl · February 25, 2021, 8:19am

Can some of you review the changes made in the PR on github?

To make a bit of a quiz: found one bogus IF statement myself…

cc/ @Amygos

Like to have “special permission” from @giacomo or @davidep on the Add default collabora WopiUrl to server-hostnames part…

giacomo · February 25, 2021, 10:30am

You now have write access to repo so you can merge and request for review.
I will take a look to it, but it will require a little time.

In the meanwhile, @stephdl could you please take a look?

mark_nl · February 25, 2021, 10:35am

Take your time
As long as needed, I’m not in a hurry.

Pinged here because could not add reviewers and need some auditing going on in time.

stephdl · February 25, 2021, 12:18pm

Will do it asap, currently in holidays but interested mainly because I installed it recently.

Either next week or sooner if possible.

mrmarkuz · February 25, 2021, 7:06pm

I tested on a VM and found an issue. If the cert is LE but does not contain “collabora.domain.local” the cert check is not working correctly.

We catch only error 60

[root@testserver ~]# curl https://collabora.domain.local; echo $?
curl: (60) Peer's certificate issuer has been marked as not trusted by the user.

but if you get an LE cert without adding collabora.server-domain to it you get another error 51:

[root@testserver ~]# curl https://collabora.domain.local; echo $?
curl: (51) Unable to communicate securely with peer: requested domain name does not match the server's certificate.

Here’s something that works:

answer=$?

    if [[ $answer -eq 60 || $answer -eq 51 ]]; then
        /usr/local/sbin/occ config:app:set richdocuments disable_certificate_verification --value=yes
        echo "bad cert $answer"
    else        
        /usr/local/sbin/occ config:app:set richdocuments disable_certificate_verification --value=''
        echo "good cert $answer"
    fi

    /usr/local/sbin/occ richdocuments:activate-config

Maybe it’s better to do it other way round like asking if the cert is ok by checking if $? = 0 and for the rest we disable cert verification?

mark_nl · February 25, 2021, 7:26pm

Thanks!

Thought about that, did not want to disable the certificate-check if the host cannot be resolved.
This can be a external host (other server) and than the certicicate-update event (on that other serever) cannot correct this.
But think your suggestion is more fail-save… hence better.