search

ONLYOFFICE / onlyoffice-nextcloud

The app which enables the users to edit office documents from Nextcloud using ONLYOFFICE Document Server, allows multiple users to collaborate in real time and to save back those changes to Nextcloud
GNU Affero General Public License v3.0
557 stars 157 forks source link

Nextcloud with Onlyoffice Docker behind a Sophos WAF #30

Open Rick26L opened 5 years ago

Rick26L commented 5 years ago

Steps to reproduce Install Nextcloud with Onlyoffice Docker Activate WAF on Sophos for the Webservers Try to open a Document Expected behaviour Onlyoffice should open the document to be able to edit/view it

Actual behaviour Onlyoffice App opens, but after a short time you get "Unknown Error. Press OK to return to document list"

Information With DNAT, Onlyoffice is working Communication between Onlyoffice Docker and Nextcloud is ok. Server configuration Operating system:Ubuntu Linux 16.04.1

Web server: Apache version 2.4.18

Nextcloud version: 14.0.3

Where did you install Nextcloud from: Tech and Me

Signing status: No errors have been found.

Nextcloud configuration:

"system": {
"passwordsalt": "REMOVED SENSITIVE VALUE",
"secret": "REMOVED SENSITIVE VALUE",
"trusted_domains": [
"localhost",
"192.168.146.11",
"cloud..de",
"office..de"
],
"datadirectory": "REMOVED SENSITIVE VALUE",
"overwrite.cli.url": "https://cloud.**********.de/",
"dbtype": "mysql",
"version": "14.0.3.0",
"dbname": "REMOVED SENSITIVE VALUE",
"dbhost": "REMOVED SENSITIVE VALUE",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "REMOVED SENSITIVE VALUE",
"dbpassword": "REMOVED SENSITIVE VALUE",
"installed": true,
"instanceid": "REMOVED SENSITIVE VALUE",
"maintenance": false,
"mail_smtpmode": "smtp",
"memcache.local": "\OC\Memcache\Redis",
"filelocking.enabled": true,
"memcache.distributed": "\OC\Memcache\Redis",
"memcache.locking": "\OC\Memcache\Redis",
"redis": {
"host": "REMOVED SENSITIVE VALUE",
"port": 0,
"timeout": 0,
"dbindex": 0,
"password": "REMOVED SENSITIVE VALUE"
},
"htaccess.RewriteBase": "/",
"loglevel": "2",
"log_type": "file",
"logfile": "/var/ncdata/nextcloud.log",
"logtimezone": "Europe/Berlin",
"ldapIgnoreNamingRules": false,
"ldapProviderFactory": "\OCA\User_LDAP\LDAPProviderFactory",
"auth.bruteforce.protection.enabled": false,
"mail_smtphost": "REMOVED SENSITIVE VALUE",
"mail_smtpauthtype": "LOGIN",
"mail_smtpport": "25",
"mail_from_address": "REMOVED SENSITIVE VALUE",
"mail_domain": "REMOVED SENSITIVE VALUE",
"theme": "",
"updater.release.channel": "stable"
}

Are you using external storage, if yes which one: smb

Are you using encryption: no

Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory

Client configuration Browser: Chrome/Firefox/IE

Operating system: W10

ShockwaveNN commented 5 years ago

Hello, we do not test any of our application with Sophos WAF and currently have no resources (or experience) to figure it out. If someone can help with it - please do.

johnczer commented 5 years ago

I have a similar scenario with Nextcloud/OnlyOffice running on an Ubuntu VM behind Sophos WAF. The solution that I came up with which works perfectly is to change the port in Apache for the OnlyOffice to something other that 443 (i.e. 4443) and create a DNAT in Sophos for Any/Port 4443/Ext WAN/IP of Server where OnlyOffice is. This works inside and outside with no issues.

Rick26L commented 5 years ago

Hi @johnczer ,

thank's for your reply! Did you only changed the Port in the Apache for the Onlyoffice? Or did you changed the port for the docker container too?

johnczer commented 5 years ago

Hi Rick,

Yes, I changed the OnlyOffice to another port other than 443 in Apache but left the Docker side as is. When I changed the port for OnlyOffice in Apache I did this in the config file but it can be changed in either place.