背景如下:
使用了官方了onlyoffice/documentserver镜像启动onlyoffice, 但是因为我有一台nginx主机专门用来代理内网服务,所以容器本身没有配置ssl。在nginx反代这个onlyoffice容器之后,去nextcloud主机添加onlyoffice报错404,具体报错如下:
GuzzleHttp\Exception\ClientException: Client error: `GET http://onlyoffice.*.*/cache/files/conv_check_1691855337_docx/output.docx/check_1691855337.docx?md5=_zTHiuEWC9wwWGN50IR4Hw&expires=1655468312&filename=check_1691855337.docx` resulted in a `404 Not Found` response: <!DOCTYPE html> <html> <head> <title>Not Found</title> <style> body { width: 35em; margin: 0 auto; (truncated…)
这个报错,我在很多地方都能搜到,但是都没有写太多的解决办法,最后大多是没下文,我在nextcloud主机用curl直接访问onlyoffice,报错如下
[root@nextcloud ~]# curl -v https://onlyoffice.*.*/ * About to connect() to onlyoffice.*.* port 443 (#0) * Trying 1.14.48.241... * Connected to onlyoffice.*.* (*.*.*.*) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * SSL connection using TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 * Server certificate: * subject: CN=onlyoffice.*.* * start date: Jun 17 08:14:33 2022 GMT * expire date: Sep 15 08:14:32 2022 GMT * common name: *.*.* * issuer: CN=R3,O=Let's Encrypt,C=US > GET / HTTP/1.1 > User-Agent: curl/7.29.0 > Host: onlyoffice.*.* > Accept: */* > < HTTP/1.1 302 Moved Temporarily < Server: nginx < Date: Fri, 17 Jun 2022 12:03:51 GMT < Content-Type: text/html < Content-Length: 138 < Connection: keep-alive < Location: http://onlyoffice.*.*/welcome/ < Cache-Control: no-cache < <html> <head><title>302 Found</title></head> <body> <center><h1>302 Found</h1></center> <hr><center>nginx</center> </body> </html> * Connection #0 to host onlyoffice.*.* left intact
***注意上面那个标粗放大的部分,以及我本身访问的域名,可以看到,我访问的https,但是跳转到了http,猜测这个跳转是onlyoffice自己跳转的,因为我在proxy这边用https映射onlyoffice的http链接,proxy的配置检查过也没发现什么不对的地方,就是很正常的proxy配置。
最后的解决办法:直接快刀斩乱麻吧,我最后把证书文件挂载到了容器里面,也就是启用onlyoffice的https,然后再代理这个https链接,问题得到解决。
[root@nextcloud ~]# curl -v https://onlyoffice.*.*/ * About to connect() to onlyoffice.fencatn.cn port 443 (#0) * Trying 1.14.48.241... * Connected to onlyoffice.*.* (*.*.*.*.) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * SSL connection using TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 * Server certificate: * subject: CN=onlyoffice.*.* * start date: Jun 17 08:14:33 2022 GMT * expire date: Sep 15 08:14:32 2022 GMT * common name: onlyoffice.*.* * issuer: CN=R3,O=Let's Encrypt,C=US > GET / HTTP/1.1 > User-Agent: curl/7.29.0 > Host: onlyoffice.*.* > Accept: */* > < HTTP/1.1 302 Moved Temporarily < Server: nginx < Date: Fri, 17 Jun 2022 12:35:35 GMT < Content-Type: text/html < Content-Length: 138 < Connection: keep-alive < Location: https://onlyoffice.*.*/welcome/ < Strict-Transport-Security: max-age=31536000 < X-Content-Type-Options: nosniff < Cache-Control: no-cache < <html> <head><title>302 Found</title></head> <body> <center><h1>302 Found</h1></center> <hr><center>nginx</center> </body> </html> * Connection #0 to host onlyoffice.*.* left intact
重新把https链接填入nextcloud,一切正常,测试也正常了
参考链接:
https://dev.to/powerflo/setup-onlyoffice-document-server-with-let-s-encrypt-3a6
https://github.com/ONLYOFFICE/document-server-proxy/blob/master/nginx/proxy-https-to-http.conf
https://helpcenter.onlyoffice.com/installation/docs-community-proxy.aspx