小男孩‘自慰网亚洲一区二区,亚洲一级在线播放毛片,亚洲中文字幕av每天更新,黄aⅴ永久免费无码,91成人午夜在线精品,色网站免费在线观看,亚洲欧洲wwwww在线观看

搜索
分享

Docker部署onlyoffice,解決https訪問

 lichwoo 2024-01-26 發(fā)布于荷蘭

首先,啟動(dòng)onlyoffice的Docker鏡像,本文章采用的2023年11月初的官方鏡像,具體版本號未查到。當(dāng)時(shí)國內(nèi)的鏡像源只能下載到舊版本的,需要將/etc/docker/daemon.json設(shè)置"dns" : [ "8.8.8.8" ]方能下載。

先用docker exec進(jìn)入啟動(dòng)的onlyoffice鏡像,仿照如下帖子創(chuàng)建簽名

CentOS7自簽名SSL證書并給nginx配置https_ssl寫在nginx vhost中-CSDN博客

返回宿主機(jī),使用docker cp將簽名拷出,另外需從宿主機(jī)中找到ds-docservice.conf一同拷出。

需要配置nginx的配置文件ds.conf,代碼如下

  1. server {
  3.         listen 443 ssl;
  4.         listen [::]:443;
  5.         server_name localhost;
  8.         ssl_certificate /etc/onlyoffice/documentserver/nginx/onlyoffice.crt;
  10.         ssl_certificate_key /etc/onlyoffice/documentserver/nginx/onlyoffice.key;
  12.         ssl_session_cache shared:SSL:1m;
  13.         ssl_session_timeout 5m;
  14.         ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
  15.         ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  16.         ssl_prefer_server_ciphers on;
  18.   server_tokens off;
  21.   set $secure_link_secret xtj7tj7DSqWKqqHM3e2P;
  22.   include /etc/nginx/includes/ds-*.conf;
  23. }

為解決410和403的問題,需找到鏡像中的ds-docservice.conf,注釋掉部分代碼,代碼如下

  1.  secure_link $arg_md5,$arg_expires;
  2.   secure_link_md5 "$secure_link_expires$uri$secure_link_secret";
  4.   #if ($secure_link = "") {
  5.   #  return 403;
  6.   #}
  7.   #
  8.   #if ($secure_link = "0") {
  9.   #  return 410;
  10.   #}

 docker啟動(dòng)的映射路徑,配置如下

  1.   onlyoffice-documentserver: 
  2.     image: onlyoffice/documentserver:latest
  3.     container_name: onlyoffice-documentserver
  4.     restart: always
  5.     environment:
  6.       JWT_SECRET: my_little_secret
  7.     #dns_search:  
  8.     volumes:
  9.       - ./data/onlyoffice-documentserver/onlyoffice.key:/etc/onlyoffice/documentserver/nginx/onlyoffice.key
  10.       - ./data/onlyoffice-documentserver/onlyoffice.csr:/etc/onlyoffice/documentserver/nginx/onlyoffice.csr
  11.       - ./data/onlyoffice-documentserver/onlyoffice.crt:/etc/onlyoffice/documentserver/nginx/onlyoffice.crt
  12.       - ./data/onlyoffice-documentserver/ds.conf:/etc/onlyoffice/documentserver/nginx/ds.conf
  13.       - ./data/onlyoffice-documentserver/ds-docservice.conf:/etc/onlyoffice/documentserver/nginx/includes/ds-docservice.conf 
  14.     ports:
  15.       - "443:443"
  16.     networks:
  17.       - mynetwork

親測可用!

如此操作,瀏覽器會顯示“不安全”,如果有真實(shí)域名和CA證書,也可直接進(jìn)行配置,nginx.conf配置如下:

  1. server {
  2.         listen 443 ssl;
  3.         listen [::]:443;
  4.         server_name chat.victorysoft.online;
  6.         ssl_certificate /etc/onlyoffice/documentserver/nginx/xxx.xxx.xxx.pem;
  8.         ssl_certificate_key /etc/onlyoffice/documentserver/nginx/xxx.xxx.xxx.key;
  10.         ssl_session_cache shared:SSL:1m;
  11.         ssl_session_timeout 5m;
  12.         ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
  13.         ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  14.         ssl_prefer_server_ciphers on;
  16.   server_tokens off;
  19.   set $secure_link_secret xtj7tj7DSqWKqqHM3e2P;
  20.   include /etc/nginx/includes/ds-*.conf;
  21. }

    本站是提供個(gè)人知識管理的網(wǎng)絡(luò)存儲空間,所有內(nèi)容均由用戶發(fā)布,不代表本站觀點(diǎn)。請注意甄別內(nèi)容中的聯(lián)系方式、誘導(dǎo)購買等信息,謹(jǐn)防詐騙。如發(fā)現(xiàn)有害或侵權(quán)內(nèi)容,請點(diǎn)擊一鍵舉報(bào)。
    轉(zhuǎn)藏 分享 獻(xiàn)花(0

    0條評論

    發(fā)表

    請遵守用戶 評論公約

    類似文章 更多