From 2b982778f31b6e04ac39544a5f147c3846147f62 Mon Sep 17 00:00:00 2001 From: ReinerNippes Date: Thu, 5 Dec 2019 17:18:36 +0100 Subject: [PATCH] fix issue #96 ; 'Download failed' after upgrade to onlyoffice (#191) * fix issue #96 ; 'Download failed' after upgrade to onlyoffice - unable to verify the first certificate * New variable name REJECT_UNAUTHORIZED_STORAGE Shell variable rnamed to REJECT_UNAUTHORIZED_STORAGE. --- README.md | 1 + run-document-server.sh | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/README.md b/README.md index bea73b9..29e3a46 100644 --- a/README.md +++ b/README.md @@ -178,6 +178,7 @@ Below is the complete list of parameters that can be set using environment varia - **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to `secret`. - **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`. - **JWT_IN_BODY**: Specifies the enabling the token validation in the request body to the ONLYOFFICE Document Server. Defaults to `false`. +- **REJECT_UNAUTHORIZED_STORAGE**: Set to `true`if using selfsigned certificates for your storage server e.g. Nextcloud. Defaults to `false` ## Installing ONLYOFFICE Document Server integrated with Community and Mail Servers diff --git a/run-document-server.sh b/run-document-server.sh index 3f9d09d..d61be11 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -21,6 +21,7 @@ SSL_KEY_PATH=${SSL_KEY_PATH:-${SSL_CERTIFICATES_DIR}/onlyoffice.key} CA_CERTIFICATES_PATH=${CA_CERTIFICATES_PATH:-${SSL_CERTIFICATES_DIR}/ca-certificates.pem} SSL_DHPARAM_PATH=${SSL_DHPARAM_PATH:-${SSL_CERTIFICATES_DIR}/dhparam.pem} SSL_VERIFY_CLIENT=${SSL_VERIFY_CLIENT:-off} +REJECT_UNAUTHORIZED_STORAGE=${REJECT_UNAUTHORIZED_STORAGE:-false} ONLYOFFICE_HTTPS_HSTS_ENABLED=${ONLYOFFICE_HTTPS_HSTS_ENABLED:-true} ONLYOFFICE_HTTPS_HSTS_MAXAGE=${ONLYOFFICE_HTTPS_HSTS_MAXAGE:-31536000} SYSCONF_TEMPLATES_DIR="/app/ds/setup/config" @@ -350,6 +351,11 @@ update_nginx_settings(){ else sed '/max-age=/d' -i ${NGINX_ONLYOFFICE_CONF} fi + + if [ "${REJECT_UNAUTHORIZED_STORAGE}" == "true" ]; then + ${JSON} -I -e "if(this.services.CoAuthoring.requestDefaults===undefined)this.services.CoAuthoring.requestDefaults={}" + ${JSON} -I -e "if(this.services.CoAuthoring.requestDefaults.rejectUnauthorized===undefined)this.services.CoAuthoring.requestDefaults.rejectUnauthorized=false" + fi else ln -sf ${NGINX_ONLYOFFICE_PATH}/ds.conf.tmpl ${NGINX_ONLYOFFICE_CONF} fi