Closed jvillafanez closed 3 months ago
I ran with the docker compose below but it's still has an issue with the cross origin
---
version: "3.7"
services:
traefik:
image: traefik:v2.9.1
networks:
ocis-net:
aliases:
- ${OCIS_DOMAIN:-ocis.owncloud.test}
- ${WOPISERVER_DOMAIN:-wopiserver.owncloud.test}
- ${COLLABORA_DOMAIN:-collabora.owncloud.test}
- ${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test}
- ${COMPANION_DOMAIN:-companion.owncloud.test}
command:
- "--log.level=${TRAEFIK_LOG_LEVEL:-ERROR}"
# letsencrypt configuration
- "--certificatesResolvers.http.acme.email=${TRAEFIK_ACME_MAIL:-example@example.org}"
- "--certificatesResolvers.http.acme.storage=/certs/acme.json"
- "--certificatesResolvers.http.acme.httpChallenge.entryPoint=http"
- "--certificatesresolvers.http.acme.caserver=${TRAEFIK_ACME_CASERVER:-https://acme-v02.api.letsencrypt.org/directory}"
# enable dashboard
- "--api.dashboard=true"
# define entrypoints
- "--entryPoints.http.address=:80"
- "--entryPoints.http.http.redirections.entryPoint.to=https"
- "--entryPoints.http.http.redirections.entryPoint.scheme=https"
- "--entryPoints.https.address=:443"
# docker provider (get configuration from container labels)
- "--providers.docker.endpoint=unix:///var/run/docker.sock"
- "--providers.docker.exposedByDefault=false"
# access log
- "--accessLog=true"
- "--accessLog.format=json"
- "--accessLog.fields.headers.names.X-Request-Id=keep"
ports:
- "80:80"
- "443:443"
volumes:
- "${DOCKER_SOCKET_PATH:-/var/run/docker.sock}:/var/run/docker.sock:ro"
- "certs:/certs"
labels:
- "traefik.enable=${TRAEFIK_DASHBOARD:-false}"
- "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_BASIC_AUTH_USERS:-admin:$$apr1$$4vqie50r$$YQAmQdtmz5n9rEALhxJ4l.}" # defaults to admin:admin
- "traefik.http.routers.traefik.entrypoints=https"
- "traefik.http.routers.traefik.rule=Host(`${TRAEFIK_DOMAIN:-traefik.owncloud.test}`)"
- "traefik.http.routers.traefik.middlewares=traefik-auth"
- "traefik.http.routers.traefik.tls.certresolver=http"
- "traefik.http.routers.traefik.service=api@internal"
logging:
driver: ${LOG_DRIVER:-local}
restart: always
ocis:
image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest}
networks:
ocis-net:
ports:
- "9999:9999"
entrypoint:
- /bin/sh
# run ocis init to initialize a configuration file with random secrets
# it will fail on subsequent runs, because the config file already exists
# therefore we ignore the error and then start the ocis server
command: [ "-c", "ocis init || true; ocis server" ]
environment:
OCIS_URL: https://${OCIS_DOMAIN:-ocis.owncloud.test}
OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-info}
OCIS_LOG_COLOR: "${OCIS_LOG_COLOR:-false}"
PROXY_TLS: "false" # do not use SSL between Traefik and oCIS
GATEWAY_GRPC_ADDR: 0.0.0.0:9142 # make the REVA gateway accessible to the app drivers
# INSECURE: needed if oCIS / Traefik is using self generated certificates
OCIS_INSECURE: "${INSECURE:-false}"
# basic auth (not recommended, but needed for eg. WebDav clients that do not support OpenID Connect)
PROXY_ENABLE_BASIC_AUTH: "${PROXY_ENABLE_BASIC_AUTH:-false}"
# admin user password
IDM_ADMIN_PASSWORD: "${ADMIN_PASSWORD:-admin}" # this overrides the admin password from the configuration file
# demo users
IDM_CREATE_DEMO_USERS: "${DEMO_USERS:-false}"
MICRO_REGISTRY_ADDRESS: 127.0.0.1:9233
NATS_NATS_HOST: 0.0.0.0
NATS_NATS_PORT: 9233
PROXY_CSP_CONFIG_FILE_LOCATION: /etc/ocis/csp.yaml
COLLABORA_DOMAIN: ${COLLABORA_DOMAIN:-collabora.owncloud.test}
ONLYOFFICE_DOMAIN: ${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test}
# make collabora the secure view app
FRONTEND_APP_HANDLER_SECURE_VIEW_APP_ADDR: com.owncloud.api.app-provider-collabora
volumes:
- ./config/ocis/app-registry.yaml:/etc/ocis/app-registry.yaml
- ./config/ocis/csp.yaml:/etc/ocis/csp.yaml
- ./config/ocis/web.yaml:/etc/ocis/web.yaml
- ocis-config:/etc/ocis
- ocis-data:/var/lib/ocis
labels:
- "traefik.enable=true"
- "traefik.http.routers.ocis.entrypoints=https"
- "traefik.http.routers.ocis.rule=Host(`${OCIS_DOMAIN:-ocis.owncloud.test}`)"
- "traefik.http.routers.ocis.tls.certresolver=http"
- "traefik.http.routers.ocis.service=ocis"
- "traefik.http.services.ocis.loadbalancer.server.port=9200"
logging:
driver: ${LOG_DRIVER:-local}
restart: always
wopiserver:
image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest}
networks:
ocis-net:
ports:
- "9304:9304"
depends_on:
onlyoffice:
condition: service_healthy
entrypoint:
- /bin/sh
command: [ "-c", "ocis collaboration server" ]
environment:
COLLABORATION_GRPC_ADDR: 0.0.0.0:9301
COLLABORATION_HTTP_ADDR: 0.0.0.0:9300
MICRO_REGISTRY: "nats-js-kv"
MICRO_REGISTRY_ADDRESS: "ocis:9233"
COLLABORATION_WOPI_WOPISRC: http://wopiserver:9300
COLLABORATION_WOPI_SECRET: Brotato
COLLABORATION_APP_NAME: "OnlyOffice"
COLLABORATION_APP_ADDR: https://${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test}
COLLABORATION_APP_INSECURE: "${INSECURE:-true}"
COLLABORATION_CS3API_DATAGATEWAY_INSECURE: "${INSECURE:-true}"
COLLABORATION_DEBUG_ADDR: 0.0.0.0:9304
COLLABORATION_DEBUG_PPROF: "true"
COLLABORATION_DEBUG_ZPAGES: "true"
AUTOMEMLIMIT_EXPERIMENT: system
COLLABORATION_LOG_LEVEL: debug
OCIS_RUNTIME_HOST: "ocis"
OCIS_CONFIG_DIR: /etc/ocis/
volumes:
- ./config/ocis/csp.yaml:/etc/ocis/csp.yaml
- ocis-config:/etc/ocis
- ocis-data:/var/lib/ocis
labels:
- "traefik.enable=true"
- "traefik.http.routers.wopiserver.entrypoints=https"
- "traefik.http.routers.wopiserver.rule=Host(`wopiserver.${DOMAIN:-owncloud.test}`)"
- "traefik.http.routers.wopiserver.tls.certresolver=http"
- "traefik.http.routers.wopiserver.service=wopiserver"
- "traefik.http.services.wopiserver.loadbalancer.server.port=9300"
logging:
driver: "local"
restart: always
onlyoffice:
image: onlyoffice/documentserver:7.5.0
networks:
ocis-net:
entrypoint:
- /bin/sh
- /entrypoint-override.sh
environment:
WOPI_ENABLED: "true"
USE_UNAUTHORIZED_STORAGE: "${INSECURE:-false}" # self signed certificates
volumes:
- ./config/onlyoffice/entrypoint-override.sh:/entrypoint-override.sh
- ./config/onlyoffice/local.json:/etc/onlyoffice/documentserver/local.dist.json
labels:
- "traefik.enable=true"
- "traefik.http.routers.onlyoffice.entrypoints=https"
- "traefik.http.routers.onlyoffice.rule=Host(`${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test}`)"
- "traefik.http.routers.onlyoffice.tls.certresolver=http"
- "traefik.http.routers.onlyoffice.service=onlyoffice"
- "traefik.http.services.onlyoffice.loadbalancer.server.port=80"
# websockets can't be opend when this is ommitted
- "traefik.http.middlewares.onlyoffice.headers.customrequestheaders.X-Forwarded-Proto=https"
- "traefik.http.routers.onlyoffice.middlewares=onlyoffice"
logging:
driver: ${LOG_DRIVER:-local}
restart: always
healthcheck:
test: [ "CMD", "curl", "-f", "http://localhost/hosting/discovery" ]
volumes:
certs:
ocis-config:
ocis-data:
wopi-recovery:
#portainer_data:
#keycloak_postgres_data:
networks:
ocis-net:
Works well
---
version: "3.7"
services:
traefik:
image: traefik:v2.9.1
networks:
ocis-net:
aliases:
- ${OCIS_DOMAIN:-ocis.owncloud.test}
- ${WOPISERVER_DOMAIN:-wopiserver.owncloud.test}
- ${COLLABORA_DOMAIN:-collabora.owncloud.test}
- ${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test}
- ${COMPANION_DOMAIN:-companion.owncloud.test}
command:
- "--log.level=${TRAEFIK_LOG_LEVEL:-ERROR}"
# letsencrypt configuration
- "--certificatesResolvers.http.acme.email=${TRAEFIK_ACME_MAIL:-example@example.org}"
- "--certificatesResolvers.http.acme.storage=/certs/acme.json"
- "--certificatesResolvers.http.acme.httpChallenge.entryPoint=http"
- "--certificatesresolvers.http.acme.caserver=${TRAEFIK_ACME_CASERVER:-https://acme-v02.api.letsencrypt.org/directory}"
# enable dashboard
- "--api.dashboard=true"
# define entrypoints
- "--entryPoints.http.address=:80"
- "--entryPoints.http.http.redirections.entryPoint.to=https"
- "--entryPoints.http.http.redirections.entryPoint.scheme=https"
- "--entryPoints.https.address=:443"
# docker provider (get configuration from container labels)
- "--providers.docker.endpoint=unix:///var/run/docker.sock"
- "--providers.docker.exposedByDefault=false"
# access log
- "--accessLog=true"
- "--accessLog.format=json"
- "--accessLog.fields.headers.names.X-Request-Id=keep"
ports:
- "80:80"
- "443:443"
volumes:
- "${DOCKER_SOCKET_PATH:-/var/run/docker.sock}:/var/run/docker.sock:ro"
- "certs:/certs"
labels:
- "traefik.enable=${TRAEFIK_DASHBOARD:-false}"
- "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_BASIC_AUTH_USERS:-admin:$$apr1$$4vqie50r$$YQAmQdtmz5n9rEALhxJ4l.}" # defaults to admin:admin
- "traefik.http.routers.traefik.entrypoints=https"
- "traefik.http.routers.traefik.rule=Host(`${TRAEFIK_DOMAIN:-traefik.owncloud.test}`)"
- "traefik.http.routers.traefik.middlewares=traefik-auth"
- "traefik.http.routers.traefik.tls.certresolver=http"
- "traefik.http.routers.traefik.service=api@internal"
logging:
driver: ${LOG_DRIVER:-local}
restart: always
ocis:
image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest}
networks:
ocis-net:
ports:
- "9999:9999"
entrypoint:
- /bin/sh
# run ocis init to initialize a configuration file with random secrets
# it will fail on subsequent runs, because the config file already exists
# therefore we ignore the error and then start the ocis server
command: [ "-c", "ocis init || true; ocis server" ]
environment:
OCIS_URL: https://${OCIS_DOMAIN:-ocis.owncloud.test}
OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-info}
OCIS_LOG_COLOR: "${OCIS_LOG_COLOR:-false}"
PROXY_TLS: "false" # do not use SSL between Traefik and oCIS
GATEWAY_GRPC_ADDR: 0.0.0.0:9142 # make the REVA gateway accessible to the app drivers
# INSECURE: needed if oCIS / Traefik is using self generated certificates
OCIS_INSECURE: "${INSECURE:-false}"
# basic auth (not recommended, but needed for eg. WebDav clients that do not support OpenID Connect)
PROXY_ENABLE_BASIC_AUTH: "${PROXY_ENABLE_BASIC_AUTH:-false}"
# admin user password
IDM_ADMIN_PASSWORD: "${ADMIN_PASSWORD:-admin}" # this overrides the admin password from the configuration file
# demo users
IDM_CREATE_DEMO_USERS: "${DEMO_USERS:-false}"
MICRO_REGISTRY_ADDRESS: 127.0.0.1:9233
NATS_NATS_HOST: 0.0.0.0
NATS_NATS_PORT: 9233
PROXY_CSP_CONFIG_FILE_LOCATION: /etc/ocis/csp.yaml
COLLABORA_DOMAIN: ${COLLABORA_DOMAIN:-collabora.owncloud.test}
ONLYOFFICE_DOMAIN: ${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test}
# make collabora the secure view app
FRONTEND_APP_HANDLER_SECURE_VIEW_APP_ADDR: com.owncloud.api.app-provider-collabora
volumes:
- ./config/ocis/app-registry.yaml:/etc/ocis/app-registry.yaml
- ./config/ocis/csp.yaml:/etc/ocis/csp.yaml
- ./config/ocis/web.yaml:/etc/ocis/web.yaml
- ocis-config:/etc/ocis
- ocis-data:/var/lib/ocis
labels:
- "traefik.enable=true"
- "traefik.http.routers.ocis.entrypoints=https"
- "traefik.http.routers.ocis.rule=Host(`${OCIS_DOMAIN:-ocis.owncloud.test}`)"
- "traefik.http.routers.ocis.tls.certresolver=http"
- "traefik.http.routers.ocis.service=ocis"
- "traefik.http.services.ocis.loadbalancer.server.port=9200"
logging:
driver: ${LOG_DRIVER:-local}
restart: always
wopiserver:
image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest}
networks:
ocis-net:
ports:
- "9304:9304"
depends_on:
onlyoffice:
condition: service_healthy
entrypoint:
- /bin/sh
command: [ "-c", "ocis collaboration server" ]
environment:
COLLABORATION_GRPC_ADDR: 0.0.0.0:9301
COLLABORATION_HTTP_ADDR: 0.0.0.0:9300
MICRO_REGISTRY: "nats-js-kv"
MICRO_REGISTRY_ADDRESS: "ocis:9233"
COLLABORATION_WOPI_SRC: http://wopiserver:9300
COLLABORATION_WOPI_SECRET: Brotato
COLLABORATION_APP_NAME: "OnlyOffice"
COLLABORATION_APP_ADDR: https://${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test}
COLLABORATION_APP_INSECURE: "${INSECURE:-true}"
COLLABORATION_CS3API_DATAGATEWAY_INSECURE: "${INSECURE:-true}"
COLLABORATION_DEBUG_ADDR: 0.0.0.0:9304
COLLABORATION_DEBUG_PPROF: "true"
COLLABORATION_DEBUG_ZPAGES: "true"
OCIS_URL: "https://ocis.owncloud.test"
COLLABORATION_LOG_LEVEL: debug
OCIS_RUNTIME_HOST: "ocis"
OCIS_CONFIG_DIR: /etc/ocis/
volumes:
- ./config/ocis/csp.yaml:/etc/ocis/csp.yaml
- ocis-config:/etc/ocis
- ocis-data:/var/lib/ocis
labels:
- "traefik.enable=true"
- "traefik.http.routers.wopiserver.entrypoints=https"
- "traefik.http.routers.wopiserver.rule=Host(`wopiserver.${DOMAIN:-owncloud.test}`)"
- "traefik.http.routers.wopiserver.tls.certresolver=http"
- "traefik.http.routers.wopiserver.service=wopiserver"
- "traefik.http.services.wopiserver.loadbalancer.server.port=9300"
logging:
driver: "local"
restart: always
onlyoffice:
image: onlyoffice/documentserver:7.5.0
networks:
ocis-net:
entrypoint:
- /bin/sh
- /entrypoint-override.sh
environment:
WOPI_ENABLED: "true"
USE_UNAUTHORIZED_STORAGE: "${INSECURE:-false}" # self signed certificates
volumes:
- ./config/onlyoffice/entrypoint-override.sh:/entrypoint-override.sh
- ./config/onlyoffice/local.json:/etc/onlyoffice/documentserver/local.dist.json
labels:
- "traefik.enable=true"
- "traefik.http.routers.onlyoffice.entrypoints=https"
- "traefik.http.routers.onlyoffice.rule=Host(`${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test}`)"
- "traefik.http.routers.onlyoffice.tls.certresolver=http"
- "traefik.http.routers.onlyoffice.service=onlyoffice"
- "traefik.http.services.onlyoffice.loadbalancer.server.port=80"
# websockets can't be opend when this is ommitted
- "traefik.http.middlewares.onlyoffice.headers.customrequestheaders.X-Forwarded-Proto=https"
- "traefik.http.routers.onlyoffice.middlewares=onlyoffice"
logging:
driver: ${LOG_DRIVER:-local}
restart: always
healthcheck:
test: [ "CMD", "curl", "-f", "http://localhost/hosting/discovery" ]
volumes:
certs:
ocis-config:
ocis-data:
wopi-recovery:
#portainer_data:
#keycloak_postgres_data:
networks:
ocis-net:
The typo in a var COLLABORATION_WOPI_WOPISRC
. It has to be COLLABORATION_WOPI_SRC
You're right with the typo. It would have cause a problem later, although it wasn't the problem for this one.
There might be something wrong with the app-provider (my ocis-appprovider-onlyoffice
container) which causes the call to the /wopi/iop/openinapp
endpoint to happen.
Removing that container (and fixing the typoe with the WOPI_SRC
env var) solves the issue.
I think we can close this issue, but maybe we want to investigate what happens with the ocis-appprovider-onlyoffice
container
I think we can close this issue, but maybe we want to investigate what happens with the ocis-appprovider-onlyoffice container
we do not need the old app provider anymore. The collaboration service brings its own one.
I think we can close this issue, but maybe we want to investigate what happens with the ocis-appprovider-onlyoffice container
we do not need the old app provider anymore. The collaboration service brings its own one.
👍
@jvillafanez You already implemented the openinapp
functionality in a collaboration service
We should update the documentation about the app-provider service... either remove the service, mark it as obsolete, or add some information about how / when to use it and the conditions to use it, if any.
If the app-provider service is meant to be used with the cs3org WOPI server, it should be clear. From what I understand, app-provider + cs3org wopiserver = collaboration service. This is totally fine by me, but it seems the app-provider is incompatible with the collaboration service. If we can't enforce that only one of those service is active (or none), at least it should be documented.
I'll add the deployment example
We will change the ocis wopi deployment example as soon as the collaboration service works with all 3 office suites.
1) collabora as part of the single process - this will be the default 2) onlyoffice as sidecar 3) office365 via wopiproxy as sidecar
Describe the bug
Opening office files with OnlyOffice (and likely other apps such as Collabora and office365) isn't possible. This happens with the current master (commit d200dfc03fa61a6e85a29038dc199f6f46f2a474). It was working before (probably around May, 24th)
Steps to reproduce
Expected behavior
The file is opened and can be edited
Actual behavior
The file can't be opened
Setup
Please describe how you started the server and provide a list of relevant environment variables or configuration files.
Relevant docker-compose yaml file below
```console --- version: "3.7" services: ocis: #image: owncloud/ocis:4 image: go-dlv-mount2 networks: ocis-net: ports: - "9999:9999" entrypoint: - /bin/sh command: ["-c", "ocis init || true; ocis server"] environment: OCIS_CONFIG_DIR: /etc/ocis/ OCIS_URL: https://ocis.${DOMAIN:-owncloud.test} OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-warning} #OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-info} OCIS_LOG_COLOR: "${OCIS_LOG_COLOR:-false}" PROXY_TLS: "false" # do not use SSL between Traefik and oCIS GATEWAY_GRPC_ADDR: 0.0.0.0:9142 # make the REVA gateway accessible to the app drivers WEB_OIDC_CLIENT_ID: ${OCIS_OIDC_CLIENT_ID:-web} PROXY_USER_OIDC_CLAIM: "preferred_username" PROXY_USER_CS3_CLAIM: "username" GRAPH_ASSIGN_DEFAULT_USER_ROLE: "false" #GRAPH_USERNAME_MATCH: "none" # INSECURE: needed if oCIS / Traefik is using self generated certificates OCIS_INSECURE: "true" # basic auth (not recommended, but needed for eg. WebDav clients that do not support OpenID Connect) PROXY_ENABLE_BASIC_AUTH: "${PROXY_ENABLE_BASIC_AUTH:-false}" # fulltext search SEARCH_EXTRACTOR_TYPE: tika SEARCH_EXTRACTOR_TIKA_TIKA_URL: http://tika:9998 FRONTEND_FULL_TEXT_SEARCH_ENABLED: "true" # make the registry available to the app provider containers MICRO_REGISTRY: "nats-js-kv" MICRO_REGISTRY_ADDRESS: "127.0.0.1:9233" NATS_NATS_HOST: "0.0.0.0" NATS_NATS_PORT: "9233" OCIS_RUNTIME_HOST: "ocis" volumes: - ocis-config:/etc/ocis - ocis-data:/var/lib/ocis - ./config/ocis/app-registry.yaml:/etc/ocis/app-registry.yaml - ./config/ocis/csp.yaml:/etc/ocis/csp.yaml - ./ocis:/usr/bin/ocis labels: - "traefik.enable=true" - "traefik.http.routers.ocis.entrypoints=https" - "traefik.http.routers.ocis.rule=Host(`ocis.${DOMAIN:-owncloud.test}`)" - "traefik.http.routers.ocis.tls.certresolver=http" - "traefik.http.routers.ocis.service=ocis" - "traefik.http.services.ocis.loadbalancer.server.port=9200" - "traefik.http.routers.ocis.middlewares=ocis@docker" - "traefik.http.middlewares.ocis.compress=true" logging: driver: "local" restart: always ocis-appprovider-onlyoffice: image: go-dlv-mount2 networks: ocis-net: entrypoint: - /usr/bin/ocis command: app-provider server environment: OCIS_CONFIG_DIR: /etc/ocis/ # use the internal service name of the gateway REVA_GATEWAY: ${REVA_GATEWAY:-com.owncloud.api.gateway} APP_PROVIDER_GRPC_ADDR: 0.0.0.0:9164 # configure the service name to avoid collision with onlyoffice APP_PROVIDER_SERVICE_NAME: app-provider-onlyoffice # use the internal service name APP_PROVIDER_EXTERNAL_ADDR: com.owncloud.api.app-provider-onlyoffice APP_PROVIDER_DRIVER: wopi APP_PROVIDER_WOPI_APP_NAME: OnlyOffice APP_PROVIDER_WOPI_APP_ICON_URI: https://onlyoffice.${DOMAIN:-owncloud.test}/favicon.ico APP_PROVIDER_WOPI_APP_URL: https://onlyoffice.${DOMAIN:-owncloud.test} APP_PROVIDER_WOPI_INSECURE: "${INSECURE:-false}" APP_PROVIDER_WOPI_WOPI_SERVER_EXTERNAL_URL: https://wopiserver.${DOMAIN:-owncloud.test} APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL: https://ocis.${DOMAIN:-owncloud.test} # share the registry with the ocis container #MICRO_REGISTRY: "mdns" MICRO_REGISTRY: "nats-js-kv" MICRO_REGISTRY_ADDRESS: "ocis:9233" volumes: - ocis-config:/etc/ocis - ./ocis:/usr/bin/ocis logging: driver: "local" restart: always depends_on: ocis: condition: service_started onlyoffice: condition: service_healthy wopiserver: image: go-dlv-mount2 networks: ocis-net: ports: - "9304:9304" depends_on: onlyoffice: condition: service_healthy command: ['/usr/bin/ocis', 'collaboration', 'server'] environment: COLLABORATION_GRPC_ADDR: 0.0.0.0:9301 COLLABORATION_HTTP_ADDR: 0.0.0.0:9300 MICRO_REGISTRY: "nats-js-kv" MICRO_REGISTRY_ADDRESS: "ocis:9233" COLLABORATION_WOPI_WOPISRC: http://wopiserver:9300 COLLABORATION_WOPI_SECRET: Brotato COLLABORATION_APP_NAME: "OnlyOffice" COLLABORATION_APP_ADDR: https://${ONLYOFFICE_DOMAIN:-onlyoffice.jp.solidgear.prv} COLLABORATION_APP_INSECURE: "${INSECURE:-true}" COLLABORATION_CS3API_DATAGATEWAY_INSECURE: "${INSECURE:-true}" COLLABORATION_DEBUG_ADDR: 0.0.0.0:9304 COLLABORATION_DEBUG_PPROF: "true" COLLABORATION_DEBUG_ZPAGES: "true" COLLABORATION_LOG_LEVEL: debug OCIS_RUNTIME_HOST: "ocis" OCIS_CONFIG_DIR: /etc/ocis/ volumes: - ocis-config:/etc/ocis - ./ocis:/usr/bin/ocis labels: - "traefik.enable=true" - "traefik.http.routers.wopiserver.entrypoints=https" - "traefik.http.routers.wopiserver.rule=Host(`wopiserver.${DOMAIN:-owncloud.test}`)" - "traefik.http.routers.wopiserver.tls.certresolver=http" - "traefik.http.routers.wopiserver.service=wopiserver" - "traefik.http.services.wopiserver.loadbalancer.server.port=9300" logging: driver: "local" restart: always onlyoffice: image: onlyoffice/documentserver:7.3.3 networks: ocis-net: environment: WOPI_ENABLED: "true" USE_UNAUTHORIZED_STORAGE: "${INSECURE:-true}" # self signed certificates labels: - "traefik.enable=true" - "traefik.http.routers.onlyoffice.entrypoints=https" - "traefik.http.routers.onlyoffice.rule=Host(`${ONLYOFFICE_DOMAIN:-onlyoffice.jp.solidgear.prv}`)" - "traefik.http.routers.onlyoffice.tls.certresolver=http" - "traefik.http.routers.onlyoffice.service=onlyoffice" - "traefik.http.services.onlyoffice.loadbalancer.server.port=80" # websockets can't be opend when this is ommitted - "traefik.http.middlewares.onlyoffice.headers.customrequestheaders.X-Forwarded-Proto=https" - "traefik.http.routers.onlyoffice.middlewares=onlyoffice" logging: driver: "local" restart: always healthcheck: test: ["CMD", "curl", "-f", "http://localhost/hosting/discovery"] volumes: certs: ocis-config: ocis-data: wopi-recovery: #portainer_data: #keycloak_postgres_data: networks: ocis-net: ```
Additional context
Relevant logs:
Note that there is a call to
/wopi/iop/openinapp
in the wopiserver (running the collaboration service) which isn't implemented. As far as I know, this isn't part of the WOPI specification. If that endpoint is now mandatory, we'll need to implement it somehow.