OnlyOffice 集成

从 6.1.0+ (包括开源版) 版本开始,Seafile 支持集成OnlyOffice来在线编辑和预览office文档。要想使用 OnlyOffice,你必须先部署一个 OnlyOffice 服务。

关于集群

在集群部署中,我们建议在另一个子域中专门部署一台DocumentServer主机或一个DocumentServer集群。从技术上来讲,如果负载均衡器可以调度文件夹,它也可以通过子文件夹来工作。

对于大多数用户,我们建议将documentserver部署为docker镜像,并使用一个子文件夹来提供

这么做的好处:

  • 不需要依赖额外的服务器
  • 不需要依赖额外的子域
  • 不需要依赖额外的ssl证书
  • 部署方便快捷
  • 维护简单

    通过子域部署DocumentServer

URL 示例:https://onlyoffice.domain.com

  • 子域
  • 子域的DNS解析记录
  • SSL证书
    我们建议您使用ONLYOFFICE/Docker-DocumentServer来简单快速的进行子域安装。只需要遵循这个OnlyOffice文档指南。

测试 DocumentServer 是否在运行

安装过程完成后,访问这个页面来确保您的 OnlyOffice 工作正常:http{s}://{your Seafile Server's domain or IP}/welcome,您将会在这个页面中得到Document Server is running

配置Seafile服务

添加以下配置信息到seahub_settings.py

  1. # Enable Only Office
  2. ENABLE_ONLYOFFICE = True
  3. VERIFY_ONLYOFFICE_CERTIFICATE = False
  4. ONLYOFFICE_APIJS_URL = 'http{s}://{your OnlyOffice server's domain or IP}/web-apps/apps/api/documents/api.js'
  5. ONLYOFFICE_FILE_EXTENSION = ('doc', 'docx', 'ppt', 'pptx', 'xls', 'xlsx', 'odt', 'fodt', 'odp', 'fodp', 'ods', 'fods')
  6. ONLYOFFICE_EDIT_FILE_EXTENSION = ('docx', 'pptx', 'xlsx')

然后重启Seafile服务

  1. ./seafile.sh restart
  2. ./seahub.sh restart
  3. # or
  4. service seafile-server restart

当您点击一个文档您应该会看到一个新的预览页面。

通过子文件夹部署DocumentServer

URL 示例:https://seafile.domain.com/onlyofficeds

  • 通过已存在的 Seafile 服务的域名代理到本地的子文件夹
  • 通过 Seafile 服务域名的SSL链接,不需要依赖额外的证书!
    如果不是绝对需要,请不要更改子文件夹!

/onlyoffice/不能作为Seafile 和 Document服务之间的通信路径来使用!

以下指南说明了如何在本地部署一个OnlyOffice Document服务。

它基于"ONLYOFFICE/Docker-DocumentServer" documentation.

要求 只适用于通过Docker部署OnlyOffice DocumentServerhttps://github.com/ONLYOFFICE/Docker-DocumentServer#recommended-system-requirements

安装Docker

Ubuntu, Debian, CentOS

部署 OnlyOffice DocumentServer Docker 镜像

这里下载并部署DocumentServer监听在本地88端口。

Debian 8

  1. docker run -i -t -d -p 88:80 --restart=always --name oods onlyoffice/documentserver

Ubuntu 16.04

  1. docker run -dit -p 88:80 --restart always --name oods onlyoffice/documentserver

在CentOS 7上没有任何确认,您可以尝试以上任何一个命令,他们也可以工作。

示例:具有内存限制的Debian Docker容器

在Debian 8中,您首先需要更改grub配置中的一些设置,以支持docker的内存限制。

  1. # 编辑 /etc/default/grub
  2. # 添加以下配置项
  3. GRUB_CMDLINE_LINUX_DEFAULT="cgroup_enable=memory swapaccount=1"
  4. # 更新Grub2并重启
  5. update-grub2 && reboot

现在您可以在启动docker时设置内存大小限制。

docker run -i -t -d -p 88:80 —restart=always —memory "6g" —memory-swap="6g" —name oods onlyoffice/documentserver

这些限制超过了建议的最小限制(4G RAM/2GB SWAP)因此当多个用户编辑文档时DocumentServer's的性能保持不变。Docker SWAP不同于服务器 SWAP,点击Docker文档

Docker 文档

如果你有任何疑问请查看Docker文档

自动运行docker镜像

如果你希望限制docker使用的资源请查看Docker文档

配置 webserver

配置 Nginx

添加以下配置到你的seafile的nginx配置中(e.g./etc/nginx/conf.d/seafile.conf)的searver配置段以外。将为DocumentServer定义这些变量以在子文件夹中工作。

  1. # Required for only office document server
  2. map $http_x_forwarded_proto $the_scheme {
  3. default $http_x_forwarded_proto;
  4. "" $scheme;
  5. }
  6. map $http_x_forwarded_host $the_host {
  7. default $http_x_forwarded_host;
  8. "" $host;
  9. }
  10. map $http_upgrade $proxy_connection {
  11. default upgrade;
  12. "" close;
  13. }

添加以下配置到你的seafile的nginx配置中(e.g./etc/nginx/conf.d/seafile.conf)的searver配置段下。

  1. ...
  2. location /onlyofficeds/ {
  3. # THIS ONE IS IMPORTANT ! - Trailing slash !
  4. proxy_pass http://{your Seafile server's domain or IP}:88/;
  5. proxy_http_version 1.1;
  6. client_max_body_size 100M; # Limit Document size to 100MB
  7. proxy_read_timeout 3600s;
  8. proxy_connect_timeout 3600s;
  9. proxy_set_header Upgrade $http_upgrade;
  10. proxy_set_header Connection $proxy_connection;
  11. # THIS ONE IS IMPORTANT ! - Subfolder and NO trailing slash !
  12. proxy_set_header X-Forwarded-Host $the_host/onlyofficeds;
  13. proxy_set_header X-Forwarded-Proto $the_scheme;
  14. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  15. }
  16. ...

配置Apache

添加以下配置到你的seafile apache配置文件中(e.g. sites-enabled/seafile.conf)的<VirtualHost >配置段以外。

  1. ...
  2. LoadModule authn_core_module modules/mod_authn_core.so
  3. LoadModule authz_core_module modules/mod_authz_core.so
  4. LoadModule unixd_module modules/mod_unixd.so
  5. LoadModule proxy_module modules/mod_proxy.so
  6. LoadModule proxy_http_module modules/mod_proxy_http.so
  7. LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
  8. LoadModule headers_module modules/mod_headers.so
  9. LoadModule setenvif_module modules/mod_setenvif.so
  10. <IfModule unixd_module>
  11. User daemon
  12. Group daemon
  13. </IfModule>
  14. ...

添加以下配置到你的seafile apache配置文件中(e.g. sites-enabled/seafile.conf)的<VirtualHost >配置段的末尾。

  1. ...
  2. Define VPATH /onlyofficeds
  3. Define DS_ADDRESS {your Seafile server's domain or IP}:88
  4. ...
  5. <Location ${VPATH}>
  6. Require all granted
  7. SetEnvIf Host "^(.*)$" THE_HOST=$1
  8. RequestHeader setifempty X-Forwarded-Proto http
  9. RequestHeader setifempty X-Forwarded-Host %{THE_HOST}e
  10. RequestHeader edit X-Forwarded-Host (.*) $1${VPATH}
  11. ProxyAddHeaders Off
  12. ProxyPass "http://${DS_ADDRESS}/"
  13. ProxyPassReverse "http://${DS_ADDRESS}/"
  14. </Location>
  15. ...

测试DocumentServer正在通过子文件夹运行

当安装过程完成后,访问这个页面确保你部署的OnlyOffice工作正常:http{s}://{your Seafile Server's domain or IP}/{your subdolder}/welcome,你将会在这个页面中得到Document Server is running

配置seafile服务

添加以下配置项到seahub_settings.py:

  1. # Enable Only Office
  2. ENABLE_ONLYOFFICE = True
  3. VERIFY_ONLYOFFICE_CERTIFICATE = True
  4. ONLYOFFICE_APIJS_URL = 'http{s}://{your Seafile server's domain or IP}/{your subdolder}/web-apps/apps/api/documents/api.js'
  5. ONLYOFFICE_FILE_EXTENSION = ('doc', 'docx', 'ppt', 'pptx', 'xls', 'xlsx', 'odt', 'fodt', 'odp', 'fodp', 'ods', 'fods')
  6. ONLYOFFICE_EDIT_FILE_EXTENSION = ('docx', 'pptx', 'xlsx')

然后重启seafile服务。

  1. ./seafile.sh restart
  2. ./seahub.sh restart
  3. # or
  4. service seafile-server restart

当你点击一个文档时你应该看到一个新的预览页面。

完整的nginx配置示例

基于Seafile Server V6.1包含子文件夹方式部署OnlyOffice DocumentServer的完整nginx配置文件(e.g. /etc/nginx/conf.d/seafile.conf)示例:

  1. # Required for OnlyOffice DocumentServer
  2. map $http_x_forwarded_proto $the_scheme {
  3. default $http_x_forwarded_proto;
  4. "" $scheme;
  5. }
  6. map $http_x_forwarded_host $the_host {
  7. default $http_x_forwarded_host;
  8. "" $host;
  9. }
  10. map $http_upgrade $proxy_connection {
  11. default upgrade;
  12. "" close;
  13. }
  14. server {
  15. listen 80;
  16. server_name seafile.domain.com;
  17. rewrite ^ https://$http_host$request_uri? permanent; # force redirect http to https
  18. server_tokens off;
  19. }
  20. server {
  21. listen 443 http2;
  22. ssl on;
  23. ssl_certificate /etc/ssl/cacert.pem; # path to your cacert.pem
  24. ssl_certificate_key /etc/ssl/privkey.pem; # path to your privkey.pem
  25. server_name seafile.domain.com;
  26. proxy_set_header X-Forwarded-For $remote_addr;
  27. add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
  28. server_tokens off;
  29. #
  30. # seahub
  31. #
  32. location / {
  33. fastcgi_pass 127.0.0.1:8000;
  34. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  35. fastcgi_param PATH_INFO $fastcgi_script_name;
  36. fastcgi_param SERVER_PROTOCOL $server_protocol;
  37. fastcgi_param QUERY_STRING $query_string;
  38. fastcgi_param REQUEST_METHOD $request_method;
  39. fastcgi_param CONTENT_TYPE $content_type;
  40. fastcgi_param CONTENT_LENGTH $content_length;
  41. fastcgi_param SERVER_ADDR $server_addr;
  42. fastcgi_param SERVER_PORT $server_port;
  43. fastcgi_param SERVER_NAME $server_name;
  44. fastcgi_param REMOTE_ADDR $remote_addr;
  45. fastcgi_param HTTPS on;
  46. fastcgi_param HTTP_SCHEME https;
  47. access_log /var/log/nginx/seahub.access.log;
  48. error_log /var/log/nginx/seahub.error.log;
  49. fastcgi_read_timeout 36000;
  50. client_max_body_size 0;
  51. }
  52. #
  53. # seafile
  54. #
  55. location /seafhttp {
  56. rewrite ^/seafhttp(.*)$ $1 break;
  57. proxy_pass http://127.0.0.1:8082;
  58. client_max_body_size 0;
  59. proxy_connect_timeout 36000s;
  60. proxy_read_timeout 36000s;
  61. proxy_send_timeout 36000s;
  62. send_timeout 36000s;
  63. }
  64. location /media {
  65. root /home/user/haiwen/seafile-server-latest/seahub;
  66. }
  67. #
  68. # seafdav (webdav)
  69. #
  70. location /seafdav {
  71. fastcgi_pass 127.0.0.1:8080;
  72. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  73. fastcgi_param PATH_INFO $fastcgi_script_name;
  74. fastcgi_param SERVER_PROTOCOL $server_protocol;
  75. fastcgi_param QUERY_STRING $query_string;
  76. fastcgi_param REQUEST_METHOD $request_method;
  77. fastcgi_param CONTENT_TYPE $content_type;
  78. fastcgi_param CONTENT_LENGTH $content_length;
  79. fastcgi_param SERVER_ADDR $server_addr;
  80. fastcgi_param SERVER_PORT $server_port;
  81. fastcgi_param SERVER_NAME $server_name;
  82. fastcgi_param HTTPS on;
  83. client_max_body_size 0;
  84. access_log /var/log/nginx/seafdav.access.log;
  85. error_log /var/log/nginx/seafdav.error.log;
  86. }
  87. #
  88. # onlyofficeds
  89. #
  90. location /onlyofficeds/ {
  91. # IMPORTANT ! - Trailing slash !
  92. proxy_pass http://127.0.0.1:88/;
  93. proxy_http_version 1.1;
  94. client_max_body_size 100M; # Limit Document size to 100MB
  95. proxy_read_timeout 3600s;
  96. proxy_connect_timeout 3600s;
  97. proxy_set_header Upgrade $http_upgrade;
  98. proxy_set_header Connection $proxy_connection;
  99. # IMPORTANT ! - Subfolder and NO trailing slash !
  100. proxy_set_header X-Forwarded-Host $the_host/onlyofficeds;
  101. proxy_set_header X-Forwarded-Proto $the_scheme;
  102. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  103. }
  104. }

完整的Apache配置示例

  1. LoadModule authn_core_module modules/mod_authn_core.so
  2. LoadModule authz_core_module modules/mod_authz_core.so
  3. LoadModule unixd_module modules/mod_unixd.so
  4. LoadModule proxy_module modules/mod_proxy.so
  5. LoadModule proxy_http_module modules/mod_proxy_http.so
  6. LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
  7. LoadModule headers_module modules/mod_headers.so
  8. LoadModule setenvif_module modules/mod_setenvif.so
  9. LoadModule ssl_module modules/mod_ssl.so
  10. <IfModule unixd_module>
  11. User daemon
  12. Group daemon
  13. </IfModule>
  14. <VirtualHost *:80>
  15. ServerName seafile.domain.com
  16. ServerAlias domain.com
  17. Redirect permanent / https://seafile.domain.com
  18. </VirtualHost>
  19. <VirtualHost *:443>
  20. ServerName seafile.domain.com
  21. DocumentRoot /var/www
  22. SSLEngine On
  23. SSLCertificateFile /etc/ssl/cacert.pem
  24. SSLCertificateKeyFile /etc/ssl/privkey.pem
  25. ## Strong SSL Security
  26. ## https://raymii.org/s/tutorials/Strong_SSL_Security_On_Apache2.html
  27. SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4
  28. SSLProtocol All -SSLv2 -SSLv3
  29. SSLCompression off
  30. SSLHonorCipherOrder on
  31. Alias /media /home/user/haiwen/seafile-server-latest/seahub/media
  32. <Location /media>
  33. Require all granted
  34. </Location>
  35. RewriteEngine On
  36. #
  37. # seafile fileserver
  38. #
  39. ProxyPass /seafhttp http://127.0.0.1:8082
  40. ProxyPassReverse /seafhttp http://127.0.0.1:8082
  41. RewriteRule ^/seafhttp - [QSA,L]
  42. #
  43. # seahub
  44. #
  45. SetEnvIf Request_URI . proxy-fcgi-pathinfo=unescape
  46. SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
  47. ProxyPass / fcgi://127.0.0.1:8000/
  48. #
  49. # onlyofficeds
  50. #
  51. Define VPATH /onlyofficeds
  52. Define DS_ADDRESS {your Seafile server's domain or IP}:88
  53. <Location ${VPATH}>
  54. Require all granted
  55. SetEnvIf Host "^(.*)$" THE_HOST=$1
  56. RequestHeader setifempty X-Forwarded-Proto http
  57. RequestHeader setifempty X-Forwarded-Host %{THE_HOST}e
  58. RequestHeader edit X-Forwarded-Host (.*) $1${VPATH}
  59. ProxyAddHeaders Off
  60. ProxyPass "http://${DS_ADDRESS}/"
  61. ProxyPassReverse "http://${DS_ADDRESS}/"
  62. </Location>
  63. </VirtualHost>

原文: https://manual-cn.seafile.com/deploy/only_office.html