Nextcloud implementation of Onlyoffice community edition via docker

Support intro

Sorry to hear you’re facing problems :slightly_frowning_face:

help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:

example

Or for longer, use three backticks above and below the code snippet:

longer
example
here

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can :heart:

Nextcloud version (eg, 12.0.2): 15.05
Operating system and version (eg, Ubuntu 17.04): 16.04
Apache or nginx version (eg, Apache 2.4.25): 2.4.18
PHP version (eg, 7.1): 7.0.28

The issue you are facing:

Is this the first time you’ve seen this error? (Y/N): Y

Steps to replicate it:

  1. Install onlyoffice via https://helpcenter.onlyoffice.com/server/docker/opensource/opensource-script-installation.aspx?_ga=2.209510930.1660986152.1553515262-50356048.1553515262
  2. In NC i tried to link the onlyoffice server , because i have nc and onlyoffice on separete servers
  3. By settings up the Document Editing Service address in /index.php/settings/admin/onlyoffice it pops up Error when trying to connect (Bad request or timmed out)

This is my config.php of NC
<?php
$CONFIG = array (
‘trashbin_retention_obligation’ => 30,
‘instanceid’ => ‘ocv8d357168a’,
‘passwordsalt’ => ‘+’,
‘secret’ => ‘’,
‘trusted_domains’ =>
array (
0 => ‘myserver’,
1 => ‘myserver’,
),
‘datadirectory’ => ‘/var/www/nextcloud/data’,
‘overwrite.cli.url’ => ‘http://myserver’,
‘dbtype’ => ‘pgsql’,
‘version’ => ‘15.0.5.3’,
‘dbname’ => ‘nextcloud’,
‘dbhost’ => ‘myip’,
‘dbport’ => ‘’,
‘dbtableprefix’ => ‘oc_’,
‘dbuser’ => ‘ncdbuser’,
‘dbpassword’ => ‘’,
‘logtimezone’ => ‘UTC’,
‘installed’ => true,
‘mail_from_address’ => ‘files’,
‘mail_smtpmode’ => ‘smtp’,
‘mail_domain’ => ‘myserver’,
‘maintenance’ => false,
‘theme’ => ‘’,
‘loglevel’ => 2,
‘log_rotate_size’ => 10485760,
‘updater.release.channel’ => ‘stable’,
‘memcache.distributed’ => ‘\OC\Memcache\Redis’,
‘memcache.local’ => ‘\OC\Memcache\Redis’,
‘filelocking.enabled’ => ‘true’,
‘memcache.locking’ => ‘\OC\Memcache\Redis’,
‘redis’ =>
array (
‘host’ => ‘localhost’,
‘timeout’ => 0,
‘dbindex’ => 0,
‘port’ => 6379,
),
‘ldapIgnoreNamingRules’ => false,
‘ldapProviderFactory’ => ‘\OCA\User_LDAP\LDAPProviderFactory’,
‘data-fingerprint’ => ‘3bb03e5bf1e9f20f12ece2bf5a4a69ce’,
‘overwriteprotocol’ => ‘https’,
‘trusted_proxies’ =>
array (
0 => ‘myip’,
),
‘versions_retention_obligation’ => ‘auto, 30’,
‘mail_smtphost’ => ‘localhost’,
‘mail_smtpport’ => ‘25’,
‘onlyoffice’ =>
array (
‘verify_peer_off’ => TRUE,
),

);

On onlyoffice server pops up this error in Console:

WebSocket connection to 'wss://myserver/socketio/socket.io/?EIO=3&transport=websocket&sid=NlOo30clZHMro3plAAfd' failed: Error during WebSocket handshake: Unexpected response code: 400

Logging:
[PHP] Error: file_get_contents(https://myserver/healthcheck): failed to open stream: HTTP request failed! HTTP/1.1 502 Bad Gateway
at /var/www/nextcloud/apps/onlyoffice/lib/documentservice.php#385

This error is after the onlyoffice update this morning, it resembles somehow ->

[onlyoffice] Error: HealthcheckRequest on check error: Server error: GET https://myserver/healthcheck resulted in a 502 Bad Gateway response:

502 Bad Gateway

502 Bad Gateway


ngin (truncated...)

Up… anyone ?

Hi,

I removed your DB password from your post.
To your problem, there is something wrong with the setup of onlyoffice. Bad Gateway is an error message from nginx usually saying that the connection to a configured “upstream” cannot be established, for example the php-handler or node. Recheck your nginx config of your OO server and check if all configured upstreams are correctly defined and reachable/ running.

There is nothing to check on theNC side right now.

@Schmu hi and ty for the edit, i’m using docker , nginx isnt installed ? I tried to install it, but when i try to connect to the oo it pops up nginx is running and thats all , uhm… should i have installed the nginx ? without it i can connect freely to oo but NC cannot make the connection happen as the error stated above. i did ping/telnet it works, but cannot connect, :-? Thanks.

up… anyone ? Still haven’t fixed it , the certificates im using are on a proxy on host that allows the server to pass trough, the NC server is on another host with a proxy that lets it pass trough , i can wget to each other or other commands, it just doesnt let me connect the nextcloud to oo server :-? Any hints would be appreciated. The settings from my point of view are correct since i can reach the server from others and even from NC and vice versa , just that it doesnt allow me to make the bridge between these 2 ~. The problem is still the bad gateway … Thanks.

Hi @Alex23

I struggle to connect Onlyoffice to Nextcloud myself, however, I have a different issue as it seems.
The bad gateway error message you receive still indicates some issue with an upstream for nginx.

Can you please describe in more detail and maybe show some outputs how you connect to the onlyoffice server?
When you enter the address of your onlyoffice server in the browser, you see the “Welcome to Onlyoffice” message, right?
Is this address, which you entered in the browser, is the exact same address you enter in the onlyoffice app in nextcloud?

What is the output of the following two commands when you run them in the shell of your nextcloud server? (replace the URL with the URL you entered in the onlyoffice app in nextcloud)

  1. curl https://onlyoffice.yourdomain.tld/welcome
  2. curl https://onlyoffice.yourdomain.tld/healthcheck

Hi @Schmu
As you mentioned the issue is with an upstream for nginx after few installs of different servers/tutorials is an upstream for nginx.

I’m installing the OO on a host via docker(last time did it manually but default i was using their script for installation that can be found on OO website). The installation is with docker and mailserver, as for access to the server i used a proxy to grant it access, the same goes for the access of the NC which is installed on a different host, on NC i have installed the onlyoffice app on which i insert my OO server dns address https://onlyoffice.dns.com(just an example) and it pops up bad gateway when i try to save it. The installation works and can be reached from both sides just the bridges that unites them wont work, as for OO it works i can enter the app and go trough files.

for the first curl you mentioned 1 : it gets the whole file thats found at https://onlyoffice.yourdomain.tld/welcome , which is quite big (cut some parts cuz i hit the character limit) :

Welcome

<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Strict//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd”>
<html xmlns=“http://www.w3.org/1999/xhtml” xml:lang=“en”>
 <head>
 <meta http-equiv=“Content-Type” content=“text/html; charset=utf-8” />
 <link rel=“icon” href="/TenantLogo.ashx?logotype=3" type=“image/x-icon” />
 <title>Not Found</title>
 <style type=“text/css”>
   html, body, div, span, p{margin:0; padding:0; border:0; vertical-align:baseline; background:transparent;}
   body{
   background:#DFDFDF url(“data:image/jpeg;base64,/9j/4AAQSkZJRgABAgAAZABkAAD/7AARRHVja3kAAQAEAAAAUAAA/+4ADkFkb2JlAGTAAAAAAf/bAIQAAgICAgICAgICAgMCAgIDBAMCAgMEBQQEBAQEBQYFBQUFBQUG
BgcHCAcHBgkJCgoJCQwMDAwMDAwMDAwMDAwMDAEDAwMFBAUJBgYJDQsJCw0PDg4ODg8PDAwMDAwPDwwMDAwMDA8MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwM/8AAEQgDrgABAwERAAIRAQMRAf/EAaIAAAAHAQEBAQEAAAAAAAAAAAQ
FAwIGAQAHCAkKCwEAAgIDAQEBAQEAAAAAAAAAAQACAwQFBgcICQoLEAACAQMDAgQCBgcDBAIGAnMBAgMRBAAFIRIxQVEGE2EicYEUMpGhBxWxQiPBUtHhMxZi8CRygvElQzRTkqKyY3PCNUQnk6OzNhdUZHTD0uIIJoMJChgZhJRFRqS0Vt
NVKBry4/PE1OT0ZXWFlaW1xdXl9WZ2hpamtsbW5vY3R1dnd4eXp7fH1+f3OEhYaHiImKi4yNjo+Ck5SVlpeYmZqbnJ2en5KjpKWmp6ipqqusra6voRAAICAQIDBQUEBQYECAMDbQEAAhEDBCESMUEFURNhIgZxgZEyobHwFMHR4SNCFVJic
vEzJDRDghaSUyWiY7LCB3PSNeJEgxdUkwgJChgZJjZFGidkdFU38qOzwygp0+PzhJSktMTU5PRldYWVpbXF1eX1RlZmdoaWprbG1ub2R1dnd4eXp7fH1+f3OEhYaHiImKi4yNjo+DlJWWl5iZmpucnZ6fkqOkpaanqKmqq6ytrq+v/aAAwD
AQACEQMRAD8A+vFM3zz1LqYFXYpbwJX0wIpdhSupgSuwKvoMCW6YrS6h8MKV+RVdTFK7Aq+mKV2BK6mKV9MC0voMUrsCV9BgtV1MU0voMbVdgTS+gwJXUOKqlMC03Q4pX4ErqHFK/Aq6hxSvyKV9MVXYpXUwJX4FXUxTa/FV9BgS3gWm6Hw
xSqYq3Q4Er8Ct4sqX4ELsKV1MCV1MC03Q4pX0wKuwpb4++C1XYFbxTTdD4YqvyKXYVbxSupii3cvbAlbirsVdiqnirsVW8jiq3FWuQxVZirqjxxVTxV2KqeKuqPHFVPFXYqp1PjiqzkcVaxVbyOKrajxxVTxVrkMVWYqsqcVW1GKrMVW8vb
FVuKrKnFVtRiqzFVvL2xVbUeOKqeKrKnFWsVU8VaqMVWYqt5e2KrcVU8VW8jiq3FVlT44q1iqnirsVU8VdUeOKqeKrORxVrFVvL2xVSq/8v44q/wD/2Q==”) 0 0 repeat-x;  
   cursor:default;
   }

   html{height:100%;}
   body{min-height:100%; position:relative;}
   * html body{height:100%;}

   #wrapper{
   background: transparent url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA7gAAAKGCAMAAABX4McAAAAB7FBMVEUAAAD////x9/v2+vz////////////8/f7s9fn////////o8vj////////////y+Pv/////

center 0 no-repeat;  
   width:100%; height:310px; padding:315px 0 0; margin-top:-325px; position:absolute; left:0; top:50%; z-index:1;
   }
   #container{width:310px; margin:0 auto; padding-left:38px; text-align:center; font:normal 24px/35px Tahoma; color:#275678;position:relative;}
   #portalLogo{position:absolute;top:-81px;left:77px;}
 </style>
</head>

<body>
 <div id=“wrapper”>
   <div id=“container”>
       <p>Sorry, the resource</p>
       <p>cannot be found.</p>
   </div>
 </div>
</body>
</html>

as for the 2nd curl this is the output:

healthcheck

<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.15.7</center>
</body>
</html>

what i have observed is this while doing the input on the browser of the first curl you mentioned, tried the website before you suggest the website im using with the extend of this /ds-vpath/ redirects me to welcome showing me its working. even the https://onlyofficce…etc/welcome redirects me to https://onlyoffice…etc/ds-vpath/welcome .

As for the nginx logs from docker this is the problem with upstream

*516 upstream server temporarily disabled while connecting to upstream, client: <ip_server>, server: , request: “GET /healthcheck HTTP/1.1”, upstream: “http://127.0.0.1:9810/”, host: “domain.of.onlyoffice”

Any other information i can provide …?

This is not looking good here.
If the browser forwards you to something like

https://onlyoffice…etc/ds-vpath/welcome

can you try to enter the address

https://onlyoffice…etc/ds-vpath/

into the OO app and see if that works?
If this doesn’t help, you may want to search the internet for this error message:

This is probably a configuration issue in nginx (proxy?) on the machine where onlyoffice is running.

Maybe you can send me your URLs in a private message and I see for myself what the forwarding addresses are. It’s difficult to understand for me right now.

maybe help you

Well… this one works, but i already have NC running for a long time , what i want is a clean install of the OnlyOffice on a different server and connect NC to it via the app. @desdemo_Guo

Hello,

did you actualized the onlyoffice DockerContainer to a new version?
If you disable the onlyoffice addon / the vhost the nextcloud should be available again.

First is the webseite of your nextcloud and the onlyoffice reacable trough google DNS Server? (Nameresolution)
Within the Dockercontainer i had to change this:
vim /etc/onlyoffice/documentserver/default.json
/etc/onlyoffice/documentserver/default.json : “rejectUnauthorized”: true > “rejectUnauthorized”: false

And in the config.php from the cloud.
vim /var/www/nextcloud/config/config.php
‘onlyoffice’ =>
array (
‘verify_peer_off’ => TRUE,
)

And the container probably uses the google dns servers, if thy cant lookup your domain than it will fail.

best regards

@chonta the docker container is at it latest version , the nc works , tried your settings, its still the same. I guess its from my proxy not allowing it to pass, but the ports are open and the certificate from the proxy host are allowing it to pass , only problem its that i have an websocket error that im trying to solve it but i really dont know how , because i have added conditions for proxypass on that certificate for websocket wss:///websocket but i dont know why wont it work, maybe i’m writing it bad ? It is as it follows :

       ProxyPass “/websocket” “wss://myip/websocket”
       ProxyPassReverse “/websocket” “wss://myip/websocket”

MySettings, and Onlyoffice works like a charm.
It runs on the same Host like Nextcloud.
Like this its the only thing i got it work.
#####################
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
SSLProxyCheckPeerExpire off
SSLInsecureRenegotiation on
SSLVerifyClient none

ProxyPreserveHost On
ProxyRequests Off
RequestHeader unset Accept-Encoding

ProxyPass / “https://127.0.0.1:8443/
ProxyPassReverse / “https://127.0.0.1:8443/
#####################################

@chonta this is for NC or OO ? My onlyoffice works, tried on a local host to implement the 2 of them without proxy and all and worked as expected hm… my settings are also pretty simple nothing much but for OO i think i need something extra… :-?

ProxyCertForOnlyOffice

<VirtualHost *:80>
       ServerName server.dns.com

       ProxyPass / http://myip/
       ProxyPassReverse / http://myip/

       ProxyPass “/websocket” “wss://myip/websocket”
       ProxyPassReverse “/websocket” “wss://myip/websocket”

       CustomLog /var/log/apache2/server.dns.comaccess.log combined
       ErrorLog /var/log/apache2/server.dns.com.error.log
RewriteEngine on
RewriteCond %{SERVER_NAME} =server.dns.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

<IfModule mod_ssl.c>
<VirtualHost *:443>
       ServerName server.dns.com

      SSLProxyEngine on

      SSLProxyVerify none

      SSLProxyCheckPeerCN off

      SSLProxyCheckPeerName off

      SSLProxyCheckPeerExpire off

       ProxyPass / http://myip/
       ProxyPassReverse / http://myip/

       ProxyPass “/websocket” “wss://myip/websocket”
       ProxyPassReverse “/websocket” “wss://myip/websocket”

       CustomLog /var/log/apache2/server.dns.com.access.log combined
       ErrorLog /var/log/apache2/server.dns.com.error.log

SSLCertificateFile /etc/letsencrypt/live/server.dns.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/server.dns.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf

</VirtualHost>
</IfModule>

This is my proxy certificate, if you dont mind take a look and tell me if something is wrong or im missing something from there :-?

The config i posted is for the apache vhost for onlyoffice.
I am missing the port of your dockercontainer of onlyoffice.

you should not to try to give 443 to the dockercontainer :wink:

@chonta why shouldn’t i ? if you dont mind explaining , 443 is like 80, only secured… :-? Am i missing something ?

Edit: if so, tell me what changes i should be doing. THanks.

in default your webserver will listen to 443 on each IP/nic
if you try that the dockercontainer will have 443 on localhost ohr even worse the external IP it will not work.

sudo docker run --name=ONLYOFFICEDOCKER -i -t -d -p 127.0.0.1:8443:443 -v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data -e JWT_ENABLED=‘true’ -e JWT_SECRET=‘somesecret’ --restart=always onlyoffice/documentserver

#127.0.0.1:8443:443 8443 is the port your server will nat to 443 within the dockercontainer

JWT_SECRET=‘somesecret’ you have to check in the docker container if it is set

is hast to be set in the onlyofficeapp

So i’ve solved the problem partially, the problem was with my proxy setup after i added this :

       <IfModule mod_headers.c>
               RewriteEngine On
               SetEnvIf Host “^(.*)$” THE_HOST=$1
               RequestHeader set X-Forwarded-Proto “https”
               ProxyAddHeaders Off
       </IfModule>

it worked partially , but the errors regarding websocket are still popping up, at least it connect… still debugging, i arrived at this solution after a test on a local machine when trying to use https , the conversion of rewritecond and rule for https was causing it.
Atm im looking for how to solve the websocket wss fail.

Thanks for all your time, but if anyone knows how to solve the remaining problem i would appreciate.

Hi,
i have the same problem and for me the responses are :slight_smile:

502 Bad Gateway

502 Bad Gateway


nginx

Please help !
Thanks

Did anyone figure this out?

I’ve got the same issue. I used this guide to configure SSL for OnlyOffice:

I select force HTTPS, so it seems the redirect related reason is plausible.

EDIT: this turned out to be a basic user error:
I had trouble understanding the directions: “Please change the ‘’ for the server address in the below lines leaving the rest of the line exactly as it is.”

the document editing service address should have read: “https://my.domain/ds-vpath/

Once i updated that setting and used the full url with ds-vpath in NextCloud, it worked