Nextcloud-Container including an online-office package (Collabora or Onlyoffice) that mounts the user-directories
- start the containers
- manually add
'onlyoffice'
to thetrusted_domains
-array in/var/www/html/config/config.php
(inside the nextcloud-container):docker exec -ti nextcloud /bin/bash
nano /var/www/html/config/config.php
- add line
1 => 'onlyoffice',
after line 23 - optionally add a line
'trusted_proxies' => ['172.16.0.102', 'philleconnect'],
after the trusted domains (see also below)
activate LDAP-App and in the settings for it:
- add ldap-Server-address (=philleconnect-Server) like
172.16.0.102
- add
cn=admin,dc=ldap,dc=philleconnect
and password, base-dn should fill in todc=ldap,dc=philleconnect
and test should succeed - on the next page "user" for
inetOrgPerson
the ldap-filter might get configured to(|(objectclass=inetOrgPerson))
, if it does not do it by hand - the login-attribures might get filled with
(&(|(objectclass=inetOrgPerson))(uid=%uid))
, if not do it by hand - for the groups select
students
andteachers
- in the advanced-settings type in
cn
for the displayName (folder settings) and the name of the home-folder (special settings)
activate app for OnlyOffice and set it up in the settings:
- someting like
http://172.16.0.100:82/
(oronlyoffice.my-domain.tld
if you run it under that domain) in the first field http://onlyoffice/
for internal document editinghttps://nextcloud.my-domain.tld
for external editing- the adress needs to be in the trusted domains (see above)!
If you run this behind a proxy, i.e. to make it accessible from the web, maybe with a https-secured connection, you might need to add these parameters to the /var/www/html/config/config.php
:
'trusted_proxies' =>
array (
0 => '172.16.0.102',
1 => 'philleconnect',
),
'overwrite.cli.url' => 'https://nextcloud.my-domain.tld',
'overwritehost' => 'nextcloud.my-domain.tld',
My working nginx-config looks like this:
server {
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /etc/letsencrypt/live/nextcloud.my-domain.tld/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/nextcloud.my-domain.tld/privkey.pem;
server_name nextcloud.my-domain.tld;
location / {
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://172.16.0.100:86/;
}
}
server {
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /etc/letsencrypt/live/onlyoffice.my-domain.tld/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/onlyoffice.my-domain.tld/privkey.pem;
server_name onlyoffice.my-domain.tld;
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://172.16.0.100:82/;
}
}
Just use your own domains and your own IPs!
There is still a problem mounting the samba-shares which might be a recent bug in nextcloud. The cpu-load explodes when mounting samba-shares, so this will come later. Try with:
- activate app for external storage support and
- set up your folders:
** choose
SMB/CIFS
** test with "username and password" ** for production "save login in session" is what you want
Please be aware that, when setting up shares as the Nextcloud-admin, you can only reach them as an according LDAP-user, so those errors can be ignored during setup.