Comments (18)
Thanks a lot it finaly works.
cat /etc/loolwsd/ca-chain.cert.pem >> /var/www/owncloud/resources/config/ca-bundle.crt
this was what really missing (beside my misconfiguration)
really thanks a lot
from officeonlin-install.sh.
Hi, the script is still missing a post install configuration,
You need to add the nextcloud domain as allowed wopi host in the /opt/online/loowsd.xml file then restart lool with
systemctl stop loolwsd && systemctl start loolwsd.
You have logs at /var/log/loolwsd.log for more info.
from officeonlin-install.sh.
@aalaesar
from officeonlin-install.sh.
<storage desc="Backend storage"> <filesystem allow="false" /> <wopi desc="Allow/deny wopi storage. Mutually exclusive with webdav." allow="true"> <host desc="Regex pattern of hostname to allow or deny." allow="true">mycloud.something</host> <host desc="Regex pattern of hostname to allow or deny." allow="true">10\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}</host> <host desc="Regex pattern of hostname to allow or deny." allow="true">172\.1[6789]\.[0-9]{1,3}\.[0-9]{1,3}</host> <host desc="Regex pattern of hostname to allow or deny." allow="true">172\.2[0-9]\.[0-9]{1,3}\.[0-9]{1,3}</host> <host desc="Regex pattern of hostname to allow or deny." allow="true">172\.3[01]\.[0-9]{1,3}\.[0-9]{1,3}</host> <host desc="Regex pattern of hostname to allow or deny." allow="true">192\.168\.[0-9]{1,3}\.[0-9]{1,3}</host> <host desc="Regex pattern of hostname to allow or deny." allow="false">192\.168\.1\.1</host> <max_file_size desc="Maximum document size in bytes to load. 0 for unlimited." type="uint">0</max_file_size> </wopi> <webdav desc="Allow/deny webdav storage. Mutually exclusive with wopi." allow="true"> <host desc="Hostname to allow" allow="true">https://mycloud.something</host> </webdav> </storage>
with this configuration i still get the error.
from officeonlin-install.sh.
Should look something like this,
<host desc="Regex pattern of hostname to allow or deny." allow="true">10\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host desc="Regex pattern of hostname to allow or deny." allow="true">172\.1[6789]\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host desc="Regex pattern of hostname to allow or deny." allow="true">mycloud\.something</host>
from officeonlin-install.sh.
Ps. i see that webdav is also enabled, no need to do that.
<storage desc="Backend storage">
<filesystem allow="false" />
<wopi desc="Allow/deny wopi storage. Mutually exclusive with webdav." allow="true">
<host desc="Regex pattern of hostname to allow or deny." allow="true">localhost</host>
<host desc="Regex pattern of hostname to allow or deny." allow="true">10\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host desc="Regex pattern of hostname to allow or deny." allow="true">172\.1[6789]\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host desc="Regex pattern of hostname to allow or deny." allow="true">172\.2[0-9]\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host desc="Regex pattern of hostname to allow or deny." allow="true">172\.3[01]\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host desc="Regex pattern of hostname to allow or deny." allow="true">192\.168\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host desc="Regex pattern of hostname to allow or deny." allow="false">192\.168\.1\.1</host>
<host desc="Regex pattern of hostname to allow or deny." allow="true">mycloud\.something</host>
<max_file_size desc="Maximum document size in bytes to load. 0 for unlimited." type="uint">0</max_file_size>
</wopi>
<webdav desc="Allow/deny webdav storage. Mutually exclusive with wopi." allow="false">
<host desc="Hostname to allow" allow="false">localhost</host>
</webdav>
from officeonlin-install.sh.
I tried but still no acces.
when i tried https://mycloud.something:9980 in browser is get OK.
I think this is not bad.
Sorry to ask but is it possible that the location of the config for office subdomain is in the wrong folder?
from officeonlin-install.sh.
Do you have owncloud and lool on the same server?
from officeonlin-install.sh.
Yes
from officeonlin-install.sh.
Did you disable webdav? Webdav and wopi can not be set 'true' at the same time.
from officeonlin-install.sh.
I do
<host desc="Regex pattern of hostname to allow or deny." allow="true">localhost</host> <host desc="Regex pattern of hostname to allow or deny." allow="true">mycloud\.something</host> <host desc="Regex pattern of hostname to allow or deny." allow="true">10\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}</host> <host desc="Regex pattern of hostname to allow or deny." allow="true">172\.1[6789]\.[0-9]{1,3}\.[0-9]{1,3}</host> <host desc="Regex pattern of hostname to allow or deny." allow="true">172\.2[0-9]\.[0-9]{1,3}\.[0-9]{1,3}</host> <host desc="Regex pattern of hostname to allow or deny." allow="true">172\.3[01]\.[0-9]{1,3}\.[0-9]{1,3}</host> <host desc="Regex pattern of hostname to allow or deny." allow="true">192\.168\.[0-9]{1,3}\.[0-9]{1,3}</host> <host desc="Regex pattern of hostname to allow or deny." allow="false">192\.168\.1\.1</host> <max_file_size desc="Maximum document size in bytes to load. 0 for unlimited." type="uint">0</max_file_size> </wopi> <webdav desc="Allow/deny webdav storage. Mutually exclusive with wopi." allow="false"> <host desc="Hostname to allow" allow="false">mycloud\.something</host> </webdav> </storage>
from officeonlin-install.sh.
Does your ssl settings look something like this?
<ssl desc="SSL settings">
<enable type="bool" default="true">true</enable>
<termination desc="Connection via proxy where loolwsd acts as working via https, but actually uses http." type="bool" default="true">false</termination>
<cert_file_path desc="Path to the cert file" relative="false">/etc/letsencrypt/live/office-mycloud.something/cert.pem</cert_file_path>
<key_file_path desc="Path to the key file" relative="false">/etc/letsencrypt/live/office-mycloud.something/key.pem</key_file_path>
<ca_file_path desc="Path to the ca file" relative="false">/etc/letsencrypt/live/office-mycloud.something/ca-chain.cert.pem</ca_file_path>
<hpkp desc="Enable HTTP Public key pinning" enable="false" report_only="false">
<max_age desc="HPKP's max-age directive - time in seconds browser should remember the pins" enable="true">1000</max_age>
<report_uri desc="HPKP's report-uri directive - pin validation failure are reported at this URL" enable="false"></report_uri>
<pins desc="Base64 encoded SPKI fingerprints of keys to be pinned">
<pin></pin>
</pins>
</hpkp>
</ssl>
from officeonlin-install.sh.
Loolwsd.log should show the ssl settings and wopi hosts allowed.
from officeonlin-install.sh.
Now i feel a bit stupid. I change the settings and now it is broken
β loolwsd.service - LibreOffice OnLine WebSocket Daemon Loaded: loaded (/etc/systemd/system/loolwsd.service; enabled) Active: failed (Result: exit-code) since Sun 2017-04-23 14:16:10 CEST; 4min 54s ago Process: 1081 ExecStart=/opt/online/loolwsd --o:sys_template_path=/opt/online/systemplate --o:lo_template_path=/opt/libreoffice/instdir --o:child_root_path=/opt/online/jails --o:storage.filesystem[@allow]=true --o:admin_console.username=admin --o:admin_console.password=password (code=exited, status=70) Process: 1078 ExecStartPre=/bin/chown lool: /usr/local/var/cache/loolwsd (code=exited, status=0/SUCCESS) Process: 1076 ExecStartPre=/bin/mkdir -p /usr/local/var/cache/loolwsd (code=exited, status=0/SUCCESS) Main PID: 1081 (code=exited, status=70)
from officeonlin-install.sh.
What does loolwsd.log show? Setting loolwsd.xml with debug instead of trace makes it more readable.
<level type="string" desc="Can be 0-8, or none (turns off logging), fatal, critical, error, warning, notice, information, debug, trace" default=trace>debug</level>
from officeonlin-install.sh.
well tho log file is about 3441 lines long o.O so i just copy the last lines
`wsd-01159-01159 12:31:03.344677 [ loolwsd ] INF Adding trusted WOPI host: [localhost].| wsd/Storage.cpp:86
wsd-01159-01159 12:31:03.344704 [ loolwsd ] INF Adding trusted WOPI host: [medi-cloud.tk].| wsd/Storage.cpp:86
wsd-01159-01159 12:31:03.344724 [ loolwsd ] INF Adding trusted WOPI host: [10.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}].| wsd/Storage.cpp:86
wsd-01159-01159 12:31:03.344744 [ loolwsd ] INF Adding trusted WOPI host: [172.1[6789].[0-9]{1,3}.[0-9]{1,3}].| wsd/Storage.cpp:86
wsd-01159-01159 12:31:03.344769 [ loolwsd ] INF Adding trusted WOPI host: [172.2[0-9].[0-9]{1,3}.[0-9]{1,3}].| wsd/Storage.cpp:86
wsd-01159-01159 12:31:03.344789 [ loolwsd ] INF Adding trusted WOPI host: [172.3[01].[0-9]{1,3}.[0-9]{1,3}].| wsd/Storage.cpp:86
wsd-01159-01159 12:31:03.344806 [ loolwsd ] INF Adding trusted WOPI host: [192.168.[0-9]{1,3}.[0-9]{1,3}].| wsd/Storage.cpp:86
wsd-01159-01159 12:31:03.344834 [ loolwsd ] INF Adding blocked WOPI host: [192.168.1.1].| wsd/Storage.cpp:91
wsd-01159-01159 12:31:03.346430 [ loolwsd ] INF SSL Cert file: /etc/letsencrypt/live/office-my-cloud/fullchain.pem| wsd/LOOLWSD.cpp:818
wsd-01159-01159 12:31:03.346461 [ loolwsd ] INF SSL Key file: /etc/letsencrypt/live/office-my-cloud/privkey.pem| wsd/LOOLWSD.cpp:821
wsd-01159-01159 12:31:03.346483 [ loolwsd ] INF SSL CA file: /etc/letsencrypt/live/office-my-cloud/chain.pem| wsd/LOOLWSD.cpp:824
wsd-01159-01159 12:31:03.348915 [ loolwsd ] FTL Cannot load CA file/directory at /etc/letsencrypt/live/office-cloud/mymistake-.-.pem (error:0200100D:system library:fopen:Permission denied)| wsd/LOOLWSD.cpp:2576
wsd-01159-01159 12:31:03.349604 [ loolwsd ] WRN Waking up dead poll thread [delay_poll], started: false, finished: false| ./net/Socket.hpp:445
wsd-01159-01159 12:31:03.349629 [ loolwsd ] DBG Stopping delay_poll.| net/Socket.hpp:271
wsd-01159-01159 12:31:03.349636 [ loolwsd ] WRN Waking up dead poll thread [delay_poll], started: false, finished: false| ./net/Socket.hpp:445
okay i see permission denied error but i dont see why? i mean all the files have the same permission
`
from officeonlin-install.sh.
well i googled a bit and found a big mistake that i made.
i used fullchain.pem instead of cert.pem.
well but i looks like i have no ca file
from officeonlin-install.sh.
You can use the standard settings and see if that works.
<cert_file_path desc="Path to the cert file" relative="false">/etc/loolwsd/cert.pem</cert_file_path> <key_file_path desc="Path to the key file" relative="false">/etc/loolwsd/key.pem</key_file_path> <ca_file_path desc="Path to the ca file" relative="false">/etc/loolwsd/ca-chain.cert.pem</ca_file_path>
Could be that you have to do the next command for owncloud to accept your seft-signed certificate.
cat /etc/loolwsd/ca-chain.cert.pem >> /var/www/owncloud/resources/config/ca-bundle.crt
(or wherever your owncloud is installed)
from officeonlin-install.sh.
Related Issues (20)
- Build error on Debian 9 HOT 1
- Multiple editors "crashes" loolwsd HOT 1
- Build error on Debian 10 HOT 2
- Build Error on Debian 10 HOT 3
- [SOLVED] Error Editing Docs with Γ€,ΓΆ,ΓΌ etc. HOT 6
- Build fails on rapsberry pi 4 running Raspian Buster HOT 1
- I build a docker image and pushed it to docker hub. HOT 3
- Error when creating document HOT 11
- openjdk error HOT 1
- Style sidebar HOT 2
- configure: error: unrecognized options: --disable-gstreamer-0-10, --disable-kde4 HOT 5
- In deleteTestDirectory function: remove Directory file:///tmp/????'?? HOT 2
- Collaboration in document bug? HOT 1
- openjdk-8-jdk : unknown command HOT 1
- ERR No DocBroker found, or DocBroker marked to be destroyed. Terminating session ToClient
- Could Node.js be updated to a supported version? HOT 6
- Build process on Ubuntu 18.04 not working HOT 5
- Debian 11 HOT 3
- can't configure multiple hosts in the new group and alias_group options HOT 3
- download as pdf not working HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from officeonlin-install.sh.