The way to an own clowd - Part 15
The Way to Your Own Cloud (Part 15) – Your Own Office
Last week I showed how you can set up a solid foundation for knowledge management with a wiki.
Today we take it a step further: an online office where you can edit texts, spreadsheets or presentations directly in the browser.
For this we use Collabora Online – an open-source alternative to Google Docs or Microsoft 365. The best part: several people can work on the same document at the same time – without your data ending up with Google or Microsoft.
Setup
Since Collabora Online does not require a database, you can start directly with the setup.
First, create the working directory:
sudo mkdir -p /opt/collabora
cd /opt/collabora
Inside it, create the file docker-compose.yaml
:
services:
collabora:
image: localhost:5000/collabora/code:latest
container_name: collabora
restart: unless-stopped
environment:
- domain=www.your-domain.tld
- username=random_user_name
- password=<STRONG-PASSWORD>
- extra_params=--o:ssl.enable=false --o:ssl.termination=true
ports:
- "9980:9980"
👉 Note: For random_user_name
, choose a fictional name that does not reveal your identity.
Mirror the official image into the local registry as usual:
docker pull collabora/code:latest
docker tag collabora/code:latest localhost:5000/collabora/code:latest
docker push localhost:5000/collabora/code:latest
Start the service:
docker compose up -d
For external accessibility you will again need a dedicated port. The easiest way is to generate one randomly:
echo $(shuf -i 1024-65535 -n 1)
Then create a new NGINX configuration under /etc/nginx/sites-available/collabora
:
server {
listen <RANDOM-PORT> ssl;
server_name www.your-domain.tld;
ssl_certificate /etc/letsencrypt/live/www.your-domain.tld/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.your-domain.tld/privkey.pem;
location / {
proxy_pass http://127.0.0.1:9980;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Enable and restart NGINX:
sudo ln -s /etc/nginx/sites-available/collabora /etc/nginx/sites-enabled/
sudo systemctl restart nginx
Open the firewall:
sudo ufw allow <RANDOM-PORT>
sudo ufw reload
Connect with NextCloud
- Log into Nextcloud as admin.
- Navigate to Apps → Office & Text.
- Install the
NextCloud Office
app. - Under Settings → Administration → Collabora Online, enter the address:
https://www.your-domain.tld:<RANDOM-PORT>
From then on you can create and collaboratively edit office documents directly from within Nextcloud.
Backup
Collabora mainly stores configuration data and logs.
To integrate it into the backup system, simply create a plugin at /opt/backup/plugins/collabora.sh
:
#!/bin/bash
PLUGIN_OUTPUT_DIR="$1"
log() {
echo "[$(date '+%Y-%m-%d %H:%M:%S.%3N')] $*"
}
COLLABORA_DIR="/opt/collabora"
BACKUP_FILE="$PLUGIN_OUTPUT_DIR/collabora_$(date '+%Y-%m-%d').tar.gz"
log "[INFO] Backing up Collabora data..."
tar -czf "$BACKUP_FILE" -C "$COLLABORA_DIR" .
if [ $? -eq 0 ]; then
log "[INFO] Backup successful: $BACKUP_FILE"
else
log "[ERROR] Backup failed!"
fi
Make it executable with:
chmod +x /opt/backup/plugins/collabora.sh
to integrate it into the backup system.
Conclusion
With Collabora Online you have your very own Google Docs in your private cloud.
Texts, spreadsheets and presentations can be collaboratively edited from anywhere – without data leaks to Microsoft or Google.
Quick & Dirty
su -
DOMAIN="www.your-domain.tld"
PORT=$(shuf -i 1024-65535 -n 1)
USERNAME="random_user_name"
PASSWORD="STRONG_PASSWORD"
mkdir -p /opt/collabora && cd /opt/collabora
cat <<EOF > docker-compose.yaml
services:
collabora:
image: localhost:5000/collabora/code:latest
container_name: collabora
restart: unless-stopped
environment:
- domain="$DOMAIN"
- username="$USERNAME"
- password="$PASSWORD"
- extra_params=--o:ssl.enable=false --o:ssl.termination=true
ports:
- "9980:9980"
EOF
docker pull collabora/code:latest
docker tag collabora/code:latest localhost:5000/collabora/code:latest
docker push localhost:5000/collabora/code:latest
docker compose up -d
cat <<EOF | sudo tee /etc/nginx/sites-available/collabora
server {
listen $PORT ssl;
server_name $DOMAIN;
ssl_certificate /etc/letsencrypt/live/$DOMAIN/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/$DOMAIN/privkey.pem;
location / {
proxy_pass http://127.0.0.1:9980;
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
}
}
EOF
sudo ln -s /etc/nginx/sites-available/collabora /etc/nginx/sites-enabled/
sudo systemctl restart nginx
sudo ufw allow $PORT
sudo ufw reload
cat <<'EOF' > /opt/backup/plugins/collabora.sh
#!/bin/bash
PLUGIN_OUTPUT_DIR="$1"
log() {
echo "[$(date '+%Y-%m-%d %H:%M:%S.%3N')] $*"
}
COLLABORA_DIR="/opt/collabora"
BACKUP_FILE="$PLUGIN_OUTPUT_DIR/collabora_$(date '+%Y-%m-%d').tar.gz"
log "[INFO] Backup of Collabora data ..."
tar -czf "$BACKUP_FILE" -C "$COLLABORA_DIR" .
if [ $? -eq 0 ]; then
log "[INFO] Backup successful: $BACKUP_FILE"
else
log "[ERROR] Backup failed!"
fi
EOF
chmod +x /opt/backup/plugins/collabora.sh