NC18, OnlyOffice in separate docker -> "loading document" forever

I finally managed to install a separate docker instance of OnlyOffice after fiddling for hours with traefik. I can connect to the OO server at office.example.net/healthcheck, which responds with “true” and accessing office.example.net/ gives a “Document server is running”.
I have entered the details into the connector settings in NC18 as below, only “Document Editing Service address for internal requests from the server” is left empty.
However, when trying to add/edit a new document, it always results in the message “Document loading…” forever, just after showing the OO workspace.
The logs do not show any error message, neither NC, nor OO.

Any ideas?

NC18.0.1, linuxserver docker image, Onlyoffice latest official docker image, OO connector app v4.1.4.

image

image

Solved it, the correct headers were missing:

  - "traefik.http.middlewares.oo-header.headers.referrerPolicy=no-referrer"
  - "traefik.http.middlewares.oo-header.headers.stsSeconds=31536000"
  - "traefik.http.middlewares.oo-header.headers.forceSTSHeader=true"
  - "traefik.http.middlewares.oo-header.headers.stsPreload=true"
  - "traefik.http.middlewares.oo-header.headers.stsIncludeSubdomains=true"
  - "traefik.http.middlewares.oo-header.headers.browserXssFilter=true"
  - "traefik.http.middlewares.oo-header.headers.customRequestHeaders.X-Forwarded-Proto=https"

I have your problem too. Where should I add this?

Sorry for not being more detailed, I have put this in my docker-compose.yml in OnlyOffice’s section.

Can you show us what your docker-compose.yml file looks like?
THX

The entries for NC & OnlyOffice are as follows, hope that helps (albeit the rather late answer…)

traefik:
image: traefik:latest
container_name: traefik
restart: unless-stopped
networks:
  - proxy
ports:
  - 80:80
  - 443:443
volumes:
  - /etc/localtime:/etc/localtime:ro
  - /var/run/docker.sock:/var/run/docker.sock:ro
  - /opt/traefik/acme.json:/acme.json
  - /opt/traefik/traefik.toml:/traefik.toml:ro
  - /var/log/traefik:/logs
labels:
  - "traefik.enable=true"
  - "traefik.http.routers.traefik.entrypoints=http"
  - "traefik.http.routers.traefik.rule=Host(`traefik.domain.net`)"
  - "traefik.http.middlewares.traefik-auth.basicauth.users=user:hash"
  - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
  - "traefik.http.middlewares.nc-header.headers.referrerPolicy=no-referrer"
  - "traefik.http.middlewares.nc-header.headers.stsSeconds=31536000"
  - "traefik.http.middlewares.nc-header.headers.forceSTSHeader=true"
  - "traefik.http.middlewares.nc-header.headers.stsPreload=true"
  - "traefik.http.middlewares.nc-header.headers.stsIncludeSubdomains=true"
  - "traefik.http.middlewares.nc-header.headers.browserXssFilter=true"
  - "traefik.http.middlewares.nc-header.headers.customRequestHeaders.X-Forwarded-Proto=https"
  - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
  - "traefik.http.routers.traefik-secure.entrypoints=https"
  - "traefik.http.routers.traefik-secure.rule=Host(`traefik.domain.net`)"
  - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
  - "traefik.http.routers.traefik-secure.tls=true"
  - "traefik.http.routers.traefik-secure.tls.certresolver=http"
  - "traefik.http.routers.traefik-secure.service=api@internal"

nextcloud:
image: linuxserver/nextcloud
container_name: nextcloud
networks:
  - proxy
environment:
  - PUID=1001
  - PGID=1001
  - TZ=Europe/Berlin
volumes:
  - /opt/nextcloud:/config
  - /opt/nextcloud_data:/data
  - /mnt:/smbmnt
restart: unless-stopped
labels:
  - "traefik.enable=true"
  - "traefik.http.routers.nextcloud-secure.entrypoints=https"
  - "traefik.http.routers.nextcloud-secure.rule=Host(`cloud.domain.net`)"
  - "traefik.http.routers.nextcloud-secure.tls=true"
  - "traefik.http.routers.nextcloud-secure.tls.certresolver=http"
  - "traefik.http.routers.nextcloud-secure.service=nextcloud"
  - "traefik.http.services.nextcloud.loadbalancer.server.port=443"
  - "traefik.http.services.nextcloud.loadbalancer.server.scheme=https"
  #- "traefik.http.services.nextcloud.loadbalancer.server.scheme=http"
  - "traefik.http.routers.nextcloud.entrypoints=http"
  - "traefik.http.routers.nextcloud.rule=Host(`cloud.domain.net`)"
  - "traefik.http.routers.nextcloud.middlewares=nextcloud-https-redirect"
  - "traefik.http.middlewares.nextcloud-https-redirect.redirectscheme.scheme=https"
  - "traefik.http.routers.nextcloud-secure.middlewares=nc-header"
  - "traefik.http.routers.nextcloud.middlewares=nc-header"


onlyoffice:
  image: onlyoffice/documentserver
  container_name: onlyoffice
  stdin_open: true
  tty: true
  networks:
    - proxy
  restart: unless-stopped
  labels:
    - "traefik.enable=true"
    - "traefik.http.routers.onlyoffice-secure.entrypoints=https"
    - 'traefik.http.routers.onlyoffice-secure.rule=Host("office.domain.net")'
    - "traefik.http.routers.onlyoffice-secure.tls=true"
    - "traefik.http.routers.onlyoffice-secure.tls.certresolver=http"
    - "traefik.http.routers.onlyoffice-secure.service=onlyoffice"
    - "traefik.http.services.onlyoffice.loadbalancer.server.port=80"
    - "traefik.http.services.onlyoffice.loadbalancer.server.scheme=https"
    - "traefik.http.routers.onlyoffice.entrypoints=http"
    - 'traefik.http.routers.onlyoffice.rule=Host("office.domain.net")'
    - "traefik.http.routers.onlyoffice.middlewares=onlyoffice-https-redirect"
    - "traefik.http.middlewares.onlyoffice-https-redirect.redirectscheme.scheme=https"
    - "traefik.http.routers.onlyoffice.service=onlyoffice"
    - "traefik.http.services.onlyoffice.loadbalancer.server.scheme=http"
    - "traefik.http.routers.onlyoffice-secure.middlewares=oo-header"
    - "traefik.http.middlewares.oo-header.headers.referrerPolicy=no-referrer"
    - "traefik.http.middlewares.oo-header.headers.stsSeconds=31536000"
    - "traefik.http.middlewares.oo-header.headers.forceSTSHeader=true"
    - "traefik.http.middlewares.oo-header.headers.stsPreload=true"
    - "traefik.http.middlewares.oo-header.headers.stsIncludeSubdomains=true"
    - "traefik.http.middlewares.oo-header.headers.browserXssFilter=true"
    - "traefik.http.middlewares.oo-header.headers.customRequestHeaders.X-Forwarded-Proto=https"
  volumes:
    - /opt/onlyoffice/logs:/var/log/onlyoffice # for logs
    - /opt/onlyoffice/Data:/var/www/onlyoffice/Data # for certificates
    - /opt/onlyoffice:/var/lib/onlyoffice # for file cache
    - /opt/onlyoffice/postgresql:/var/lib/postgresql # for database
    - /opt/onlyoffice/fonts:/usr/share/fonts/truetype/custom # for custom fonts
  environment:
    JWT_ENABLED: "true"
    JWT_SECRET: secretphrase  # --> to enter into Nextcloud settings for onlyoffice

Hoooooly moly @Cantello you have no idea how happy you just made me! I have been struggling with this problem for weeks and thanks to your docker-compose.yml I could identificate where it went wrong. Thank you soooo so much!!