github-starred/pangolin
2
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-03-09 07:15:04 -05:00
Code Issues 94 Packages Projects Releases 48 Wiki Activity

pangolin + nextcloud + collabora #319

New Issue
Closed
opened 2025-11-13 11:56:46 -06:00 by GiteaMirror · 7 comments
GiteaMirror commented 2025-11-13 11:56:46 -06:00
Owner
Copy Link

Originally created by @gilluc on GitHub (May 7, 2025).

I just spent 2 days in trying to run nextcloud + collabora behind pangolin without success...

has anyone done it ?
how ?

infos

  • nextcloud alone seems to work, created admin account, navigated files and folders, ... with https://nextcloud.mydomain.com

  • collabora alone seems to run, connection to / get 'OK' and discovery get a (long) json file ... with https://collabora.mydomain.com

  • any test i made to connect them ends with error or nextcloud office setup page locked

  • i also tested nextcloud + collabora in the same docker compose : collabora no access...

well...

Originally created by @gilluc on GitHub (May 7, 2025). I just spent 2 days in trying to run nextcloud + collabora behind pangolin without success... has anyone done it ? how ? infos - nextcloud alone seems to work, created admin account, navigated files and folders, ... with https://nextcloud.mydomain.com - collabora alone seems to run, connection to / get 'OK' and discovery get a (long) json file ... with https://collabora.mydomain.com - any test i made to connect them ends with error or nextcloud office setup page locked - i also tested nextcloud + collabora in the same docker compose : collabora no access... well...
GiteaMirror commented 2025-11-13 11:56:47 -06:00
Author
Owner
Copy Link

@ir0ki11er commented on GitHub (May 9, 2025):

If you have SSO, you need to create a route in Traefik that authorizes the NextCloud domain and the Collabora domain. The same goes for all domains that need to be able to communicate with each other without SSO controls (Authentik, Authelia, etc.).

I'd like to know if this can be done via the web interface. That would be a plus.

@ir0ki11er commented on GitHub (May 9, 2025): If you have SSO, you need to create a route in Traefik that authorizes the NextCloud domain and the Collabora domain. The same goes for all domains that need to be able to communicate with each other without SSO controls (Authentik, Authelia, etc.). I'd like to know if this can be done via the web interface. That would be a plus.
GiteaMirror commented 2025-11-13 11:56:47 -06:00
Author
Owner
Copy Link

@gilluc commented on GitHub (May 10, 2025):

I have no access to traefik, pangolin manages it all

@gilluc commented on GitHub (May 10, 2025): I have no access to traefik, pangolin manages it all
GiteaMirror commented 2025-11-13 11:56:47 -06:00
Author
Owner
Copy Link

@oschwartz10612 commented on GitHub (May 12, 2025):

Yeah if you need nextcloud.mydomain.com to talk to collabora.mydomain.com and you have Pangolin auth turned on then it may be blocking each service from itself. You could use the bypass rules and do api rules very fine grained or you could just whitelist everything from the IP where both are installed maybe if you know that and it does not change?

I dont personally know how to set this up, but maybe you could do as you say as well and put them both in the same stack but allow them to talk using their local container names in the docker compose stack.

@oschwartz10612 commented on GitHub (May 12, 2025): Yeah if you need nextcloud.mydomain.com to talk to collabora.mydomain.com and you have Pangolin auth turned on then it may be blocking each service from itself. You could use the bypass rules and do api rules very fine grained or you could just whitelist everything from the IP where both are installed maybe if you know that and it does not change? I dont personally know how to set this up, but maybe you could do as you say as well and put them both in the same stack but allow them to talk using their local container names in the docker compose stack.
GiteaMirror commented 2025-11-13 11:56:47 -06:00
Author
Owner
Copy Link

@gilluc commented on GitHub (May 13, 2025):

Thank you.
I réalisés vert early that pangolin sso bas to ne off...

Le 12 mai 2025 15:50:58 GMT+02:00, Owen Schwartz @.***> a écrit :

oschwartz10612 left a comment (fosrl/pangolin#692)

Yeah if you need nextcloud.mydomain.com to talk to collabora.mydomain.com and you have Pangolin auth turned on then it may be blocking each service from itself. You could use the bypass rules and do api rules very fine grained or you could just whitelist everything from the IP where both are installed maybe if you know that and it does not change?

I dont personally know how to set this up, but maybe you could do as you say as well and put them both in the same stack but allow them to talk using their local container names in the docker compose stack.

--
Reply to this email directly or view it on GitHub:
https://github.com/fosrl/pangolin/issues/692#issuecomment-2872663397
You are receiving this because you authored the thread.

Message ID: @.***>

@gilluc commented on GitHub (May 13, 2025): Thank you. I réalisés vert early that pangolin sso bas to ne off... Le 12 mai 2025 15:50:58 GMT+02:00, Owen Schwartz ***@***.***> a écrit : >oschwartz10612 left a comment (fosrl/pangolin#692) > >Yeah if you need nextcloud.mydomain.com to talk to collabora.mydomain.com and you have Pangolin auth turned on then it may be blocking each service from itself. You could use the bypass rules and do api rules very fine grained or you could just whitelist everything from the IP where both are installed maybe if you know that and it does not change? > >I dont personally know how to set this up, but maybe you could do as you say as well and put them both in the same stack but allow them to talk using their local container names in the docker compose stack. > >-- >Reply to this email directly or view it on GitHub: >https://github.com/fosrl/pangolin/issues/692#issuecomment-2872663397 >You are receiving this because you authored the thread. > >Message ID: ***@***.***>
GiteaMirror commented 2025-11-13 11:56:47 -06:00
Author
Owner
Copy Link

@gilluc commented on GitHub (May 13, 2025):

Thank you.
I realized very early that pangolin SSO has to be turned off.

Le 12 mai 2025 15:50:58 GMT+02:00, Owen Schwartz @.***> a écrit :

oschwartz10612 left a comment (fosrl/pangolin#692)

Yeah if you need nextcloud.mydomain.com to talk to collabora.mydomain.com and you have Pangolin auth turned on then it may be blocking each service from itself. You could use the bypass rules and do api rules very fine grained or you could just whitelist everything from the IP where both are installed maybe if you know that and it does not change?

I dont personally know how to set this up, but maybe you could do as you say as well and put them both in the same stack but allow them to talk using their local container names in the docker compose stack.

--
Reply to this email directly or view it on GitHub:
https://github.com/fosrl/pangolin/issues/692#issuecomment-2872663397
You are receiving this because you authored the thread.

Message ID: @.***>

@gilluc commented on GitHub (May 13, 2025): Thank you. I realized very early that pangolin SSO has to be turned off. Le 12 mai 2025 15:50:58 GMT+02:00, Owen Schwartz ***@***.***> a écrit : >oschwartz10612 left a comment (fosrl/pangolin#692) > >Yeah if you need nextcloud.mydomain.com to talk to collabora.mydomain.com and you have Pangolin auth turned on then it may be blocking each service from itself. You could use the bypass rules and do api rules very fine grained or you could just whitelist everything from the IP where both are installed maybe if you know that and it does not change? > >I dont personally know how to set this up, but maybe you could do as you say as well and put them both in the same stack but allow them to talk using their local container names in the docker compose stack. > >-- >Reply to this email directly or view it on GitHub: >https://github.com/fosrl/pangolin/issues/692#issuecomment-2872663397 >You are receiving this because you authored the thread. > >Message ID: ***@***.***>
GiteaMirror commented 2025-11-13 11:56:48 -06:00
Author
Owner
Copy Link

@gilluc commented on GitHub (May 13, 2025):

IT WORKS NOW!
some nice guy on reddit give me the solution.

the two docker stacks here
https://www.reddit.com/r/selfhosted/comments/1kkbwk1/has_anyone_succeeded_in_running/

@gilluc commented on GitHub (May 13, 2025): IT WORKS NOW! some nice guy on reddit give me the solution. the two docker stacks here https://www.reddit.com/r/selfhosted/comments/1kkbwk1/has_anyone_succeeded_in_running/
GiteaMirror commented 2025-11-13 11:56:48 -06:00
Author
Owner
Copy Link

@oschwartz10612 commented on GitHub (May 13, 2025):

Great! Glad you got it working! Let us know if you need anything else.

@oschwartz10612 commented on GitHub (May 13, 2025): Great! Glad you got it working! Let us know if you need anything else.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
api
authentication
bug
config
dependencies
docker
documentation
enhancement
good first issue
help wanted
Improvement
Look Into
needs investigating
networking
new feature
non-critical bug
potential bug
pull-request
Mirrored from GitHub Pull Request
 question
reverse proxy
Security
stale
ui
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/pangolin#319
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?