我遇到的是什么问题?很简单,配置好ssl以后,你用其他ownCloud 等连接的时候是可以连接,但你打开文档就会报错,,无法打开文档,显示下载错误等等问题,以下操作是我用甲骨文VPS有独立ip的情况下操作的,DDNS等方法等我研究再来发布。
onlyoffice版本乱七八糟的,我感觉很混乱,下面是我拉取的镜像,docker-compose我配置ssl会报错,直接安装就不会,迷了
我映射的80是9001,先记住这个,443的不管
参考文章: (
https://aarondevelops.com/nextcloud-onlyoffice/
)
sudo docker run -i -t -d -p 9001:80 -p 9002:443 \
-v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice \
-v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data \
-v /app/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice \
-v /app/onlyoffice/DocumentServer/rabbitmq:/var/lib/rabbitmq \
-v /app/onlyoffice/DocumentServer/redis:/var/lib/redis \
-v /app/onlyoffice/DocumentServer/db:/var/lib/postgresql onlyoffice/documentserver
因为反向代理ssl的不是443,因此不要去考虑docker内443的问题,教程来源官方文档
# ------- 官方文档必须要加的内容---开始
upstream docservice {
server 127.0.0.1:9001;
map $http_host $this_host {
"" $host;
default $http_host;
map $http_x_forwarded_proto $the_scheme {
default $http_x_forwarded_proto;
"" $scheme;
map $http_x_forwarded_host $the_host {
default $http_x_forwarded_host;
"" $this_host;
map $http_upgrade $proxy_connection {
default upgrade;
"" close;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $proxy_connection;
proxy_set_header X-Forwarded-Host $the_host;
proxy_set_header X-Forwarded-Proto $the_scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# ------- 官方文档必须要加的内容---结束
# 80端口默认转https
server {
listen 127.0.0.1:80;
listen [::]:80 default_server;
server_name www.onlyoffice.域名.cn;
server_tokens off;
return 301 https://www.onlyoffice.域名.cn:443$request_uri;
server {
server_name www.onlyoffice.域名.cn;
listen 127.0.0.1:443 ssl;
listen [::]:443 ssl;
# ------开始,这是我面板申请证书后的配置,你的是什么就是什么,可改可不改,
ssl_prefer_server_ciphers on;
server_tokens off;
ssl on;
ssl_ciphers EECDH:+AES256:-3DES:RSA+AES:!NULL:!RC4;
ssl_certificate "/var/www/httpd-cert/www-root/www.onlyoffice.域名.cn_le1.crtca";
ssl_certificate_key "/var/www/httpd-cert/www-root/www.onlyoffice.域名.cn_le1.key";
ssl_verify_client off;
ssl_dhparam /etc/ssl/certs/dhparam4096.pem;
add_header Strict-Transport-Security "max-age=31536000;";
add_header Strict-Transport-Security "max-age=1209600; includeSubDomains" always;
add_header X-Content-Type-Options nosniff;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_session_cache builtin:1000 shared:SSL:10m;
set $root_path /var/www/www-root/data/www/www.onlyoffice.域名.cn;
root $root_path;
charset off;
disable_symlinks if_not_owner from=$root_path;
include /etc/nginx/vhosts-includes/*.conf;
include /etc/nginx/vhosts-resources/www.onlyoffice.域名.cn/*.conf;
access_log /var/www/httpd-logs/www.onlyoffice.域名.cn.access.log;
error_log /var/www/httpd-logs/www.onlyoffice.域名.cn.error.log notice;
# ------结束,这是我面板申请证书后的配置,你的是什么就是什么,可改可不改,
location / {
proxy_pass http://127.0.0.1:9001; # 这里填写docker映射的端口