ONLYOFFICE 7.0: online forms, password protection in sheets, collaboration improvements and much more
ONLYOFFICE 7.0 released

How to pass JWT_SECRET to the nextcloud app from the environment?

I’m running both Nextcloud and Onlyoffice in docker, and in the latter, I can pass JWT_SECRET as an environment variable.

Can I possibly do the same on the NC side? Or, having it read up from a file would be even better.

Hello @mortee
Sorry, we didn’t test such scenario. And I’m not sure that this scenario is possible, because we do not build Nextcloud containers. Probably, it’s better for you to contact Nextcloud team and discuss about this feature with them.
As for the situation in general, there are only 2 ways to add jwt_secret on Nextcloud side: the connector page and config.php file.

Okay, I was looking for ways to specify the secret in config.php, but I didn’t find where to put it.

You should add these lines to config.php:

'onlyoffice' =>
  array (
    'jwt_secret' => 'your_secret',
    'jwt_header' => 'your_header'
)

Thank you. Is this documented somewhere? I would much rather look there than ask around here.

What I’m not sure about whether it would work if I only specify the secret here; and if the header is arbitrary and up to me, or it must match something?

These parameters must match your local.json config file on the Document server side.
Earlier connector app version didn’t have jwt settings, so it was the only way for integration (via config.php). But now it’s more simpler to use connector app page to set jwt_secret.
As for documentation, I’m not sure that these lines are described somewhere at the moment, since it’s easier to use connector app page. But you can notice the same structure for self-signed certificate validation here:

'onlyoffice' => array (
    'verify_peer_off' => true
)

ONLYOFFICE Api Documentation - Nextcloud ONLYOFFICE integration app

This doesn’t seem to work.

$ cat /storage/nextcloud/config/config.php                                                                  <?php
$CONFIG = array (
  ...
  'onlyoffice' =>
  array (
    'jwt_secret' => 'MYSECRETSECRET'
  )
);

$ docker exec -ti -u www-data $(docker ps -q -f name=nextcloud_app) php occ config:list onlyoffice
{
    "apps": {
        "onlyoffice": {
            ...
            "enabled": "yes",
            "installed_version": "7.3.2",
            "jwt_secret": "",
            ...
        }
    }
}

Let’s try to add comma symbol, so it looks like:

'onlyoffice' =>

array (

'jwt_secret' => 'mysecret',

),

One more thing. Did you try to open any file for editing after changes had been made?

Weird, but apparently it works indeed with the added comma. And yes, I can open libreoffice files now in the browser.

Thanks for the help.

1 Like