Hacker-Software
/
minmal-file-cloud-email-pim-passmanager
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: OnlyOffice Docker-Setup ohne Port-Mapping + nginx-Beispielconfig 

- docker-compose.yml: Kein ports-Mapping fuer OnlyOffice mehr
  (Zugriff nur ueber nginx mit HTTPS, nicht direkt ueber Port 8080)
- nginx.example.conf: Komplette Beispielkonfiguration fuer
  cloud.example.com + office.example.com mit Let's Encrypt
  - Unbegrenztes Upload-Limit (client_max_body_size 0)
  - CalDAV/CardDAV spezielle Location
  - WebSocket-Support vorbereitet
  - HTTP->HTTPS Redirect
- Admin-UI: Setup-Anleitung aktualisiert - erklaert nginx + HTTPS +
  Let's Encrypt Schritte, Hinweis dass die oeffentliche HTTPS-URL
  eingetragen werden muss (nicht die interne Docker-URL)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Stefan Hacker 2026-04-11 21:23:31 +02:00
parent 216445d41b
commit fca2bc2d47
3 changed files with 72 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docker-compose.yml
View File

@ -17,13 +17,11 @@ services:
# Optional: OnlyOffice Document Server fuer Office-Bearbeitung # Optional: OnlyOffice Document Server fuer Office-Bearbeitung
# Auskommentieren um DOCX/XLSX/PPTX bearbeiten zu koennen # Auskommentieren um DOCX/XLSX/PPTX bearbeiten zu koennen
# Nach dem Start die ONLYOFFICE_URL in den Admin-Einstellungen setzen
# oder als Umgebungsvariable: ONLYOFFICE_URL=http://onlyoffice
# #
# onlyoffice: # onlyoffice:
# image: onlyoffice/documentserver:latest # image: onlyoffice/documentserver:latest
# ports: # # Kein ports-Mapping noetig! Zugriff nur ueber nginx (HTTPS)
# - "8080:80" # # und intern im Docker-Netzwerk (minicloud -> onlyoffice)
# environment: # environment:
# - JWT_ENABLED=true # - JWT_ENABLED=true
# - JWT_SECRET=${ONLYOFFICE_JWT_SECRET:-minicloud-onlyoffice-secret} # - JWT_SECRET=${ONLYOFFICE_JWT_SECRET:-minicloud-onlyoffice-secret}

9
frontend/src/views/AdminView.vue
View File

@ -93,12 +93,15 @@
<Button label="Speichern" icon="pi pi-save" size="small" @click="saveSmtp" /> <Button label="Speichern" icon="pi pi-save" size="small" @click="saveSmtp" />
</div> </div>
<div class="restore-instructions" style="margin-top: 1rem"> <div class="restore-instructions" style="margin-top: 1rem">
<strong>Docker-Setup:</strong> <strong>Setup:</strong>
<ol> <ol>
<li>In <code>docker-compose.yml</code> den <code>onlyoffice</code>-Service auskommentieren</li> <li>In <code>docker-compose.yml</code> den <code>onlyoffice</code>-Service auskommentieren</li>
<li>Nginx-Eintrag fuer OnlyOffice anlegen (z.B. <code>office.deine-domain.de</code>) - siehe <code>nginx.example.conf</code></li>
<li>Let's Encrypt Zertifikat fuer die OnlyOffice-Domain erstellen</li>
<li><code>docker-compose up -d</code></li> <li><code>docker-compose up -d</code></li>
<li>URL auf <code>http://onlyoffice</code> (intern) oder die oeffentliche URL setzen</li> <li>Hier die <strong>oeffentliche HTTPS-URL</strong> eintragen (z.B. <code>https://office.deine-domain.de</code>)<br/>
<li>JWT Secret muss in beiden Services identisch sein</li> <em>Nicht</em> die interne Docker-URL - der Browser muss OnlyOffice erreichen koennen!</li>
<li>JWT Secret muss mit <code>ONLYOFFICE_JWT_SECRET</code> in <code>docker-compose.yml</code> uebereinstimmen</li>
</ol> </ol>
</div> </div>
</div> </div>

64
nginx.example.conf Normal file
View File

@ -0,0 +1,64 @@
# Beispiel nginx-Konfiguration fuer Mini-Cloud mit OnlyOffice
# Anpassen: cloud.example.com und office.example.com durch eigene Domains ersetzen
# Mini-Cloud
server {
listen 443 ssl http2;
server_name cloud.example.com;
ssl_certificate /etc/letsencrypt/live/cloud.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/cloud.example.com/privkey.pem;
client_max_body_size 0; # Kein Upload-Limit (wird von Flask gesteuert)
location / {
proxy_pass http://127.0.0.1:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# WebSocket (falls spaeter benoetigt)
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
# CalDAV/CardDAV braucht spezielle Methoden
location /dav/ {
proxy_pass http://127.0.0.1:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass_request_headers on;
}
}
# OnlyOffice Document Server (optional)
# Nur noetig wenn OnlyOffice in docker-compose aktiviert ist
server {
listen 443 ssl http2;
server_name office.example.com;
ssl_certificate /etc/letsencrypt/live/office.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/office.example.com/privkey.pem;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
# HTTP -> HTTPS Redirect
server {
listen 80;
server_name cloud.example.com office.example.com;
return 301 https://$host$request_uri;
}