Hi, Habr!

I am engaged in testing ONLYOFFICE document editors, as well as testing the integration of editors into third-party services. We are often approached by users with various configuration problems, solutions of which are simply not found.

One of the most popular integrations is with the open-source system Nextcloud, which allows you to create your own cloud storage. For example, you have documents, spreadsheets and presentations that you want to share with other users, and a server (alternatively, a wheelbarrow in DigitalOcean). You install Nextcloud there (or ownCloud, from which he actually stuck), connect document editors and get the opportunity to work with these documents together.

Most integration options are described in our documentation. But sometimes interesting user cases come up. For example, how to configure a proxy server for Nextcloud and ONLYOFFICE if all three services are installed on different servers (Nextcloud, editors, proxy). This can happen if there is a complex system where document editors and document management systems are part of a larger system with many services.

Note: Nextcloud and editors host either one server or different servers. And in fact, and in another case, you must have a proxy server for the correct work of editors, which can be raised on one of these servers.

Given:

Three servers: the first is installed nginx ( http: // nginx ), the second is Nextcloud ( http: // nextcloud ), the third is the document editors ( http: // onlyoffice ). Everything was installed using docker, port 80 was used.

Task:

Configure nginx so that when prompted for http: // nginx opens Nextcloud. Configure Nextcloud to work with document editors available at http: // nginx / editors

We deconstruct the problem and solve it according to the following plan:

• Proxy configuration for Nextcloud
• Configure proxies for document editors so that they are available at http: // nginx / editors
• Installing the connector in Nextcloud and setting it up
  (The Connector is a small program that allows you to link Nextcloud and editors: adds a new settings menu, buttons for creating documents, spreadsheets and presentations, etc.)

Proxy for Nextcloud

To proxy Nextcloud through nginx, you need to change the settings of nginx and add its address to the trusted Nextcloud domains.

Trusted domains are a white list of domains from which entry can be made. If you try to open Nextcloud through a proxy without adding its domain to the list, we will see an error.

The domain from which the wizard is passed to Nextcloud is added there automatically, and the rest must be registered. More information about trusted domains can be found in the documentation .

The settings we need are in the nginx container on the path /etc/nginx/conf.d/default.conf. We bring this file to the following form:

server {
        listen80;
        location / {
            proxy_pass_header   Server;
            proxy_pass          http://nextcloud/;
        }
}

Note the slash at the end of the proxy_pass path.

Update nginx settings with the command

service nginx reload

Now you need to add the http: // nginx domain to the Nextcloud trusted domains. To do this, you need to open the config in the Nextcloud container, which is located here /var/www/html/config/config.php. It is necessary to find (or add) the trusted_domain section in it, add the nginx address to it. After the changes, this part of the config will look like this:

‘trusted_domain’ => (0 => ‘nextcloud’, 1 => ‘nginx’)

Proxy for document editors

Again, open default.conf on the nginx server and add another location:

location /editors/ {
            proxy_pass http://onlyoffice/;
        }

But for the work of editors this is not enough. By default, the document editor generates links to resources using the address that comes in the request. And since the editor knows nothing about the proxy server, it will generate paths relative to it (for example, http: // nginx / apps / files / ). This is incorrect, because the files / apps / files / are located on the server http: // onlyoffice / . To fix this, you need to specify in the request header the path relative to which the links should be generated. This is done using the “X-Forwarded-Host” header.

Add the following code to the beginning of the configuration file:

proxy_set_header X-Forwarded-Host $http_host/editors;

Two other important headers are Upgrade and Connection. They allow you to use websocket protocol for the work of document editors. Without them, editors will also work, but not so efficiently, because xhr will be used instead of websocket.

The resulting default.conf file will look like this:

proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $proxy_connection;
proxy_set_header X-Forwarded-Host $http_host/editors;
server {
        listen80;
        location / {
            proxy_pass_header Server;
            proxy_pass http://nextcloud/;
        }
        location /editors/ {
            proxy_pass http://onlyoffice/;
        }
}

Installing the connector in Nextcloud and setting it up

The connector is in opensource ( github ), and it can be installed manually, but it is easier to do this through the Nextcloud App Store. Immediately after installation, a new menu item appears in the settings, which is responsible for the configuration of the connector. Add there the address of the editors of documents ( http: // nginx / editors / ).

Thus, ONLYOFFICE and Nextcloud can be installed and configured.

Finally

It was a cross between an article and an instruction. I hope it will be useful.

I deliberately omitted some details when setting up, because I wanted to describe only the necessary things, so that it would be quite simple and understandable. But if something seemed confusing - write in the comments, I will try to explain. Thanks for attention.