在seafile里打开文档调用onlyoffice提示“文档安全令牌未正确形成”,怎解决?

image

https://cloud.seafile.com/published/seafile-manual-cn/docker/pro-edition/用Docker部署OnlyOffice.md

官方文档中, 将 OnlyOffice 加入到 nginx conf 中 这个seafile.nginx.conf文件是seafile容器下/shared/seafile/nginx/conf/seafile.nginx.conf文件,需要修改还是直接在末端添加?有没有注释说明之类的?

seafile启动不起来,报错 这样不对?

-- mode: nginx --

Auto generated at 11/05/2022 05:58:14

server {
listen 80;
server_name XXXXXX.top;

client_max_body_size 10m;

location / {
    proxy_pass http://127.0.0.1:8000/;
    proxy_read_timeout 310s;
    proxy_set_header Host $host;
    proxy_set_header Forwarded "for=$remote_addr;proto=$scheme";
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Connection "";
    proxy_http_version 1.1;

    client_max_body_size 0;
    access_log      /var/log/nginx/seahub.access.log seafileformat;
    error_log       /var/log/nginx/seahub.error.log;
}

location /seafhttp {
    rewrite ^/seafhttp(.*)$ $1 break;
    proxy_pass http://127.0.0.1:8082;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    client_max_body_size 0;
    proxy_connect_timeout  36000s;
    proxy_read_timeout  36000s;
    proxy_request_buffering off;
    access_log      /var/log/nginx/seafhttp.access.log seafileformat;
    error_log       /var/log/nginx/seafhttp.error.log;
}

location /seafdav {
    proxy_pass         http://127.0.0.1:8080;
    proxy_set_header   Host $host;
    proxy_set_header   X-Real-IP $remote_addr;
    proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header   X-Forwarded-Host $server_name;
    proxy_set_header   X-Forwarded-Proto $scheme;
    proxy_read_timeout  1200s;
    client_max_body_size 0;

    access_log      /var/log/nginx/seafdav.access.log seafileformat;
    error_log       /var/log/nginx/seafdav.error.log;
}

location /media {
    root /opt/seafile/seafile-server-latest/seahub;
}

# For letsencrypt
location /.well-known/acme-challenge/ {
    alias /var/www/challenges/;
    try_files $uri =404;
}
location /onlyofficeds/ {
    proxy_pass http://XXXXXX:2001/;
    proxy_http_version 1.1;
    client_max_body_size 100M;
    proxy_read_timeout 3600s;
    proxy_connect_timeout 3600s;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $proxy_connection;
    proxy_set_header X-Forwarded-Host $the_host/onlyofficeds;
    proxy_set_header X-Forwarded-Proto $the_scheme;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

}
完整的内容是这样??

map $http_x_forwarded_proto $the_scheme {
default $http_x_forwarded_proto;
“” $scheme;
}

map $http_x_forwarded_host $the_host {
default $http_x_forwarded_host;
“” $host;
}

map $http_upgrade $proxy_connection {
default upgrade;
“” close;
}

这部分加在最上面



全部更正了,还是不行,web直接不显示了

建议onlyoffice安装旧版本, 7.1.1及以下, 默认的是7.2, 我安装了旧版的onlyoffice, 啥问题都没有,一切正常, 原来新版的就是 提示“文档安全令牌未正确形成

https://cloud.seafile.com/published/seafile-manual-cn/docker/pro-edition/用Docker部署OnlyOffice.md
参考这个文档

问题解决了。
image
要和
image
这里对应

就是是7.2版本开始新增了JWT的令牌,在Docker中启动onlyoffice时带上这个参数【-e JWT_SECRET=my_jwt_secret】,再配合上面说的在 seahub_settings.py中的设置就可以正常使用了。

亲测有效!


不是docker安装的onlyoffice,有这个令牌报错,要怎么解决

seafile 和onlyoffice不在一台机器上

我是用onlyoffice 的docker版本,每次启动后JWT_SECRET都会重新生成,自己内网部署的话安全问题不是太大,我的解决办法是启动容器的时候加上一个环境变量:
–env JWT_SECRET=svM7pctcd7ODI2GtpYII
测出的值与conf/seahub_settings.py文件内ONLYOFFICE_JWT_SECRET值相同即可,这样每次重启服务器就不需要修改conf/seahub_settings.py文件了,不知道我们遇到的是不是同样的问题