Suddenly the OnlyOffice server won’t work properly anymore.
When opening a document it shows the loading screen but then does nothing and runs into errors. Tried in different browsers.
I’ve checked if anything changed on the OnlyOffice nginx config GitHub repo. Nothing new to what I see.
I’ve upgraded to the latest onlyoffice docker image, then other errors appeared. What is the issue?
@daniel.pan @xiez Any idea?
Actualy tried it and its work OK for me. Or how did you upgrade?
buffon ~ # docker pull onlyoffice/documentserver
Using default tag: latest
latest: Pulling from onlyoffice/documentserver
Digest: sha256:c6e70e63e60b9a2c9589916578935981e9a5403126fd139548d7457854b1d81e
Status: Image is up to date for onlyoffice/documentserver:latest
buffon ~ #
I wrote a update script that runs once a month.
#!/bin/bash
echo "# Updating OODS - OnlyOffice docker image"
docker stop oods
sleep 60
docker rm oods
sleep 30
docker pull onlyoffice/documentserver
docker run -i -t -d -p 88:80 --restart=always --name oods onlyoffice/documentserver
I tried to find the bug here. At first I though that the add blocker plugins do harm. Disabled those. Nothing changed.
Then In the logs it shows even more errors now. Cleaning browser cache does not do any good either. :-/
Following the errors from firefox gives the following links:
Is this anything that one has to do for this to work?
What is the latest version from onlyoffice that works for you?
Anybody? I have no idea what the problem could be. And I don’t have much time to look further into this currently. Any idea?
Hi,
sorry alot work in job and I’m not on PC over weekend. So I tried do update to latest version on second server and still every think working. For sure I upgrade one of the servers from Debian 8.9 to 9.1. So actualy I have very think up-to-date and working. So I guess there is problem with your configuration. Ho did you setup access to your OnlyOffice over WebServer(Apache/NGinx)?
HTTP 2 section is ignore, it works without it
<IfModule mod_ssl.c>
<VirtualHost *:443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName office.example.cz
ServerAdmin webmaster@example.cz
DocumentRoot /var/www/office/www
SSLEngine ON
SSLCertificateFile /etc/letsencrypt/live/office.example.cz/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/office.example.cz/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
RewriteEngine On
SetEnvIf Host "^(.*)$" THE_HOST=$1
RequestHeader setifempty X-Forwarded-Proto https
RequestHeader setifempty X-Forwarded-Host %{THE_HOST}e
#RequestHeader edit X-Forwarded-Host (.*) $1/onlyofficeds
ProxyAddHeaders Off
# HTTP 2
Protocols h2 h2c http/1.1
H2Push on
H2PushPriority * after
H2PushPriority text/css before
H2PushPriority image/jpeg after 32
H2PushPriority image/png after 32
H2PushPriority application/javascript interleaved
# #HTTP2
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
ProxyPass / http://127.0.0.1:9980/
ProxyPassReverse / http://127.0.0.1:9980/
ProxyPassMatch ^/(.*\websocket)$ wss://localhost:9981/$1
ProxyPassReverse /websocket wss://localhost:9981/websocket
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog /var/www/office/logs/office_error.log
CustomLog /var/www/office/logs/office_access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
</IfModule>
docker run -i -t -d --restart=always -p 127.0.0.1:9980:80 -p 127.0.0.1:9981:443 onlyoffice/documentserver
I use nginx. I actuslly wrote the onlyoffice guide in the manual and can see the onlyoffice document server welcome page just fine.
As said before it suddenly starts throwing those errors. I don’t know for sure if it was working in 6.2.2, last time I used it was with 6.1.2.
I have Seafile CE 6.2.2 and lates OnlyOffice docker container. Using apache it works. But I don’t know NGinx a lot.
Can you post more info as NGinx config, browser error etc?
Errors are above. For the Nginx config I need access from my home pc. I don’t put my private private key on my work machine.
These error say nothing to me. I don’t see HTTP Codes and don’t know german language 
I posted the links to the English error details page.
You may want to learn some German. Great language.
root@oods:~# cat /etc/nginx/conf.d/oods.conf
map $http_host $this_host {
"" $host;
default $http_host;
}
map $http_x_forwarded_proto $the_scheme {
default $http_x_forwarded_proto;
"" $scheme;
}
map $http_x_forwarded_host $the_host {
default $http_x_forwarded_host;
"" $this_host;
}
map $http_upgrade $proxy_connection {
default upgrade;
"" close;
}
server {
listen 80;
server_name oods.mydomain.de;
server_tokens off;
location ^~ /.well-known/acme-challenge/ {
allow all;
default_type "text/plain";
root /opt/certbot-webroot;
}
}
server {
listen 443 ssl http2;
#listen [::]:443 ssl http2;
ssl_certificate /etc/nginx/ssl/LEcert.pem;
ssl_certificate_key /etc/nginx/ssl/LEkey.pem;
server_name oods.mydomain.de;
# modern configuration. tweak to your needs.
ssl_protocols TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_prefer_server_ciphers on;
proxy_set_header X-Forwarded-For $remote_addr;
add_header X-Content-Type-Options nosniff;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
server_tokens off;
root /usr/share/nginx/html/;
error_page 502 @502;
location @502 {
try_files /503-appnode-app.html =502;
}
location /mysubfolder/ {
proxy_pass http://localhost:88/;
proxy_http_version 1.1;
client_max_body_size 100M; # Limit Document size to 100MB
proxy_read_timeout 3600s;
proxy_connect_timeout 3600s;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $proxy_connection;
# THIS ONE IS IMPORTANT ! - Subfolder and NO trailing slash !
proxy_set_header X-Forwarded-Host $the_host/mysubfolder;
proxy_set_header X-Forwarded-Proto $the_scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Can you post browser log in readable format with status codes without this I can only guess? My idea is problem with HSTS but if I can se full log I don’t know.
You setup your doc server in subfolder? Or why you have proxy_set_header lines only in /mysubfolder/
I will try to disable HSTS and try again. Although the only office devs suggest using HSTS in their example config.
I use the subfolder with a random long (~20) string to somewhat hide the server from the public. Did not have any issue with that so far. Once Seafile supports the security settings this becomes absolute.
Can anybody post their working nginx config?
Maybe something is configured to strict in Seafiles nginx config.
I’m only guessing about HSTS. Cause if something come without TSL then browser will no load that. HSTS is little problem to disable when I’m looking for your expiration time (Guess it’s 1 year for HTTP2). But maybe you can disable it in your browser.
Did your tried put all proxy_set_header lines out of the location section as it in example. I setup it some time ago on nginx and this worked for me, but as I sayd it’s long time.
I will check with HSTS and post the result.
I moved out all proxy header settings yesterday already. No improvement. Some new error then showed up: “wss:… Websocket error“.
What I don’t get is why, out of nowhere, this suddenly does not work anymore. I did not change any config. I mean this should be simple to debug, check what changed and fix.
This error I’m having to, but OnlyOffice work’s great. BTW I had some WSS error on first start up, after some play with proxy_headers I get it work. Maybe you have to move it out and then check what you sending.
Hi DerDanilo,
i have tested your nginx config in my environment and everyone works fine.
Which version of nginx do you use?
I use 1.13.4.
1.13.6 I think. I have to verify that later. I am using debian stretch and the nginx repo to receive the latest version.
Maybe I should switch to the latest stable version?
Update:
Browser Error message translated
"Error loading <script> with source file "https://oods.mydomain.de/mysubfolderstring/2017-08-11-08-40/web-apps/apps/documenteditor/main/app.js"."
When I try to open the file manually it works without problems. Something related to Seahub errors? Maybe some issue with the iframe?
Should I reinstall Seafile or something?
And which HTTP code it return? What about header in request and response.