Add new step 'Allow only whitelisted domains access' to "Install and …

…Configure Nextcloud Office" (hetzneronline#790) * Updated with link to installation of coolwsd * Add German version --------- Co-authored-by: svenja.michal <84835304+svenja11@users.noreply.github.com>
officialkentech · Mar 11, 2024 · df6db4c · df6db4c
1 parent 5c0d95f
commit df6db4c
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 0 deletions.
diff --git a/tutorials/install-and-configure-nextcloud-collabora-online/01.de.md b/tutorials/install-and-configure-nextcloud-collabora-online/01.de.md
@@ -188,6 +188,24 @@ systemctl enable --now snap.certbot.renew.timer
 
 Die SSL Zertifikate werden damit automatisch neuausgestellt, wenn sie sich der Ablaufzeit nähern.
 
+## Schritt 11 - Nur der eigenen Nextcloud-Instanz Zugriff erlauben
+
+Momentan kann jeder auf `office.example.com` zugreifen. Dieser Schritt erklärt, wie man den Zugriff nur für `nextcloud.example.com` erlaubt.
+
+- Folge [dieser Collabora Online Anleitung](https://www.collaboraoffice.com/code/linux-packages/), um die notwendigen Pakete zu installieren.
+
+Öffne die Datei `/etc/coolwsd/coolwsd.xml` und ändere die `alias_groups`-Konfiguration im `storage`-Abschnitt.
+
+```xml
+<alias_groups desc="default mode is 'first' it allows only the first host when groups are not defined. set mode to 'groups' and define group to allow multiple host and its aliases" mode="groups">
+            <!-- If you need to use multiple wopi hosts, please change the mode to "groups" and
+                    add the hosts below.  If one host is accessible under multiple ip addresses
+                    or names, add them as aliases. -->
+            <group>
+                    <host desc="hostname to allow or deny." allow="true">https://nextcloud.example.com</host>
+            </group>
+```
+
 ## Ergebnis
 
 Es wurde ein eigener Collabora Server installiert und in einer Nextcloud eingerichtet. Beim Öffnen von Dokumenten im Nextcloud Webinterface wird nun automatisch Collabora geladen, um das Dokument bearbeiten zu können.

diff --git a/tutorials/install-and-configure-nextcloud-collabora-online/01.en.md b/tutorials/install-and-configure-nextcloud-collabora-online/01.en.md
@@ -188,6 +188,24 @@ systemctl enable --now snap.certbot.renew.timer
 
 After that your SSL certs automatically get renewed when needed.
 
+## Step 11 - Whitelist your Nextcloud instance to access Collabora
+
+Currently, anyone can access `office.example.com`. This section aims to limit access to `nextcloud.example.com`.
+
+- Follow [this Collabora Online guide](https://www.collaboraoffice.com/code/linux-packages/) to install the required packages.
+
+Open the file `/etc/coolwsd/coolwsd.xml` and change the `alias_groups` configuration under the `storage` section.
+
+```xml
+<alias_groups desc="default mode is 'first' it allows only the first host when groups are not defined. set mode to 'groups' and define group to allow multiple host and its aliases" mode="groups">
+            <!-- If you need to use multiple wopi hosts, please change the mode to "groups" and
+                    add the hosts below.  If one host is accessible under multiple ip addresses
+                    or names, add them as aliases. -->
+            <group>
+                    <host desc="hostname to allow or deny." allow="true">https://nextcloud.example.com</host>
+            </group>
+```
+
 ## Conclusion
 
 You now have configured an own Collabora server and configured your Nextcloud to use it. Each office document should now be opened editable in the web interface.