Добрый день,
Ubuntu 22
Nginx reverse proxy 192.168.108.200
Nextcloud 26.0.1.1 192.168.108.201
Onlyoffice document server 7.3.3-49 192.168.108.202
брандмауэры не установлены
Nextcloud работает по https, все хорошо
1. проблема
Onlyoffice document server при открытии по https и нажатии на кнопку Go to test, далее открываем любой документ выходит сообщение: The document could not be saved. Download failed. По http, открывалось отлично.
2. При интеграции в nextcloud сервера onlyoffice по https выходит сообщение
Код:
При попытке соединения возникла ошибка (cURL error 7: Failed to connect to onlyoffice.zs**.ru
port 443 after 18 ms: Connection refused (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://onlyoffice.zs**.ru/healthcheck)
порт действительно закрыт на сервере onlyoffice, там дефолтная конфигурация nginx, но если все идет через nginx 192.168.108.200, нужно все равно открывать и сертификаты там ставить?
Конфигурации двух отдельных сайтов с сервера nginx:
1. onlyoffice.conf
Код:
server {
listen 80;
listen [::]:80;
server_name onlyoffice.zs**.ru;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name onlyoffice.zs**.ru;
ssl_certificate /etc/letsencrypt/live/onlyoffice.zs**.ru/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/onlyoffice.zs**.ru/privkey.pem;
location / {
proxy_pass http://192.168.108.202/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# These lines make sure that OnlyOffice can communicate with Nextcloud
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Url-Scheme $scheme;
proxy_buffering off;
# This line makes sure that OnlyOffice can communicate with Nextcloud
add_header 'Access-Control-Allow-Origin' '*';
# Proxy timeouts
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout 600;
}
}
2. nextcloud.conf
Код:
server {
server_name cloud1.zs**.ru;
location / {
proxy_pass http://192.168.108.201;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
rewrite ^/.well-known/carddav /remote.php/dav/ permanent;
rewrite ^/.well-known/caldav /remote.php/dav/ permanent;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/cloud1.zs**.ru/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/cloud1.zs**.ru/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
}
server {
if ($host = cloud1.zs**.ru) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name cloud1.zs**.ru;
return 404; # managed by Certbot
}