First sorry for my English, I go through a translator, which is easier to explain myself. I hope it will be understandable for you.
I’m using Nextcloud with Docker, I’m using a SWAG reverse proxy.
To bypass Nextcloud’s security alerts, I edited swag’s nginx/ssl.conf file and uncommented the lines to enable them:
add_header Strict-Transport-Security "max-age=63072000" always; add_header X-Frame-Options "SAMEORIGIN" always;
To deploy OnlyOffice with docker I used as options:
environment: JWT_ENABLED: 'true' JWT_SECRET: 'SuperSecretPasskeyThatNoOneKnows' JWT_HEADER: 'AuthorizationJwt' JWT_IN_BODY: 'true'
But in this configuration I could not create or open documents via Nextcloud, I had to modify the file www/nextcloud/config/config.php of nextcloud and add:
'onlyoffice' => array ( 'jwt_header' => 'AuthorizationJwt', ),
Unfortunately since the recent update, my setup no longer works with headers enabled. OnlyOffice does not load when opening/creating a document and I have a message:
mydomain.com does not allow login.
I saw the jwt_leeway to add, but it changes nothing for this case
'jwt_leeway' => 10 )
If anyone has any idea what is stuck. Thank you so much