From 15211509a6e4623317a7ca1f5de5153283d24930 Mon Sep 17 00:00:00 2001 From: Stefan Hacker Date: Sat, 11 Apr 2026 22:10:06 +0200 Subject: [PATCH] simplify: OnlyOffice nutzt JWT_SECRET_KEY, kein extra Secret - OnlyOffice und Mini-Cloud teilen sich den gleichen JWT_SECRET_KEY - ONLYOFFICE_JWT_SECRET komplett entfernt (aus .env, docker-compose, Backend, Frontend) - docker-compose: OnlyOffice liest JWT_SECRET=${JWT_SECRET_KEY} - In .env nur noch ONLYOFFICE_URL setzen, fertig - Admin-GUI zeigt: URL + "JWT nutzt JWT_SECRET_KEY aus .env" Co-Authored-By: Claude Opus 4.6 (1M context) --- .env.example | 5 ++--- backend/app/api/office.py | 2 +- backend/app/api/users.py | 1 - docker-compose.yml | 2 +- frontend/src/views/AdminView.vue | 10 ++++------ 5 files changed, 8 insertions(+), 12 deletions(-) diff --git a/.env.example b/.env.example index 9b9ce69..4c5c931 100644 --- a/.env.example +++ b/.env.example @@ -32,7 +32,6 @@ FRONTEND_URL=https://cloud.example.com MAX_UPLOAD_SIZE_MB=500 # OnlyOffice Document Server (optional) -# Oeffentliche HTTPS-URL unter der OnlyOffice im Browser erreichbar ist +# Eigene Subdomain mit HTTPS, z.B. https://office.example.com +# JWT wird automatisch vom JWT_SECRET_KEY oben verwendet ONLYOFFICE_URL= -# Muss mit JWT_SECRET im OnlyOffice-Container uebereinstimmen -ONLYOFFICE_JWT_SECRET= diff --git a/backend/app/api/office.py b/backend/app/api/office.py index 807c891..ab9213c 100644 --- a/backend/app/api/office.py +++ b/backend/app/api/office.py @@ -381,7 +381,7 @@ def onlyoffice_config(file_id): } # Sign with JWT if secret is set - jwt_secret = os.environ.get('ONLYOFFICE_JWT_SECRET', '') + jwt_secret = os.environ.get('JWT_SECRET_KEY', '') if jwt_secret: import jwt as pyjwt config['config']['token'] = pyjwt.encode(config['config'], jwt_secret, algorithm='HS256') diff --git a/backend/app/api/users.py b/backend/app/api/users.py index 99483b4..49ec64e 100644 --- a/backend/app/api/users.py +++ b/backend/app/api/users.py @@ -155,7 +155,6 @@ def get_settings(): 'system_email_from': AppSettings.get('system_email_from', ''), 'onlyoffice_url': os.environ.get('ONLYOFFICE_URL', ''), 'onlyoffice_configured': bool(os.environ.get('ONLYOFFICE_URL', '')), - 'onlyoffice_jwt_set': bool(os.environ.get('ONLYOFFICE_JWT_SECRET', '')), }), 200 diff --git a/docker-compose.yml b/docker-compose.yml index 92f3e18..703a97f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -20,7 +20,7 @@ services: - "8080:80" environment: - JWT_ENABLED=true - - JWT_SECRET=${ONLYOFFICE_JWT_SECRET} + - JWT_SECRET=${JWT_SECRET_KEY} volumes: - ./data/onlyoffice/logs:/var/log/onlyoffice - ./data/onlyoffice/data:/var/www/onlyoffice/Data diff --git a/frontend/src/views/AdminView.vue b/frontend/src/views/AdminView.vue index e751eda..5436882 100644 --- a/frontend/src/views/AdminView.vue +++ b/frontend/src/views/AdminView.vue @@ -95,15 +95,15 @@ {{ onlyofficeUrl }}
- JWT Secret: - + JWT: + Nutzt JWT_SECRET_KEY aus .env
Konfiguration ueber .env: - 
ONLYOFFICE_URL=https://office.deine-domain.de
-ONLYOFFICE_JWT_SECRET=dein-secret-hier
+ 
ONLYOFFICE_URL=https://office.deine-domain.de
+

JWT wird automatisch vom JWT_SECRET_KEY verwendet - kein extra Secret noetig.

Setup-Schritte:
  1. In docker-compose.yml den onlyoffice-Service aktivieren
    2. @@ -551,7 +551,6 @@ const smtpForm = ref({ const smtpPasswordSet = ref(false) const onlyofficeConfigured = ref(false) const onlyofficeUrl = ref('') -const onlyofficeJwtSet = ref(false) const smtpTesting = ref(false) // Backup & Restore @@ -661,7 +660,6 @@ async function loadSettings() { smtpPasswordSet.value = res.data.system_smtp_password_set onlyofficeConfigured.value = res.data.onlyoffice_configured onlyofficeUrl.value = res.data.onlyoffice_url || '' - onlyofficeJwtSet.value = res.data.onlyoffice_jwt_set } catch { /* first load, defaults */ } }