Onlyoffice Server behind a nginx proxy

gegerwccqdedeef · 18 April 2024 01:11

Hi All

Have a new install OnlyOffice/Ubuntu22LTS/postgres/Nginx that is behind an Nginx proxy server serving LetsEncypt certs.

I created a subdomain for this server: eg; onlyoffice.mydomain.tld

I believe that I have the proxy is setup correctly to allow OO into the LAN.

I installed OO using the onlyoffice website install guide. I used the proxy nginx conf file from the install guide as well.

But I believe that I am having nginx configuration issues on the OO server.

I have been editing the “/etc/nginx/conf.d/ds.conf” file, I removed all the 443 server block contents, as per the nginx config tester command “systemctl status nginx.service”

Also weird is when I type in “https://onlyoffice.mydomain.tld” in the browser, it redirects to “https://onlyoffice.mydomain.tld/mail”

Wondering if anyone has a generic nginx file contents that I can use to populate it and start editing it from there?

Also, if I need to edit other nginx files? I tried editing the default in the sites-available folder, but still no go.

Any other ideas, will be helpful

Cannot find a good answer in the internet searches.

Regards

Constantine · 19 April 2024 11:14

Hello @gegerwccqdedeef

Please see this article from Help Center to find examples of configs for various proxy service that can be used with Document Server:

gegerwccqdedeef · 21 April 2024 00:54

Hi Constantine

Thank you for your reply,

I did use this config file on the proxy nginx.

I still can’t through proxy from internet.

This is the edits that I did in the proxy https->http config file:

upstream docservice {
  server 192.168.1.22;
}

…

## Normal HTTP host
server {
  listen 0.0.0.0:80;
  listen [::]:80 default_server;
  server_name onlyoffice.mydomain.com;
  server_tokens off;

  ## Redirects all traffic to the HTTPS host
  return 301 https://$server_name:443$request_uri;
}

server {
  listen 0.0.0.0:443 ssl;
  listen [::]:443 ssl default_server;
  server_tokens off;
  root /usr/share/nginx/html;

  ## Strong SSL Security
  ## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
  #ssl on;
  ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
  ssl_verify_client off;

  ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";

  ssl_protocols  TLSv1.1 TLSv1.2 TLSv1.3;
  ssl_session_cache  builtin:1000  shared:SSL:10m;

Is this correct?

Regards

Constantine · 23 April 2024 09:52

If your goal is to set up https to http proxy, please refer to this config:

github.com

ONLYOFFICE/document-server-proxy/blob/master/nginx/proxy-https-to-http.conf

# Use this example for proxy HTTPS traffic to the document server running at 'backendserver-address'.
# Replace {{SSL_CERTIFICATE_PATH}} with the path to the ssl certificate file
# Replace {{SSL_KEY_PATH}} with the path to the ssl private key file

upstream docservice {
  server backendserver-address;
}

map $http_host $this_host {
    "" $host;
    default $http_host;
}

map $http_x_forwarded_proto $the_scheme {
     default $http_x_forwarded_proto;
     "" $scheme;
}

map $http_x_forwarded_host $the_host {
    default $http_x_forwarded_host;

This file has been truncated. show original

gegerwccqdedeef · 25 April 2024 17:25

Hi

Yes I know that is the file,

Can you please see if the edits to the file in my second post is correct?

Regards

Constantine · 27 April 2024 10:53

As I can see many parameters from mentioned proxy-https-to-http.conf are missing. There are commented out notes in the config that tell which parameters to change in order to make it work.

Please use whole config for your scenario with proper changes.

If you require deep analysis of your issue, please visit this thread: