OnlyOffice¶
Seafile supports OnlyOffice to view/edit office files online. In order to use OnlyOffice, you must first deploy an OnlyOffice server.
Deployment Tips
You can deploy OnlyOffice to the same machine as Seafile (only support deploying with Docker with sufficient cores and RAM) using the onlyoffice.yml
provided by Seafile according to this document, or you can deploy it to a different machine according to OnlyOffice official document.
Deployment of OnlyOffice¶
Download the onlyoffice.yml
wget https://manual.seafile.com/12.0/docker/onlyoffice.yml
insert onlyoffice.yml
into COMPOSE_FILE
list (i.e., COMPOSE_FILE='...,onlyoffice.yml'
), and add the following configurations of onlyoffice in .env
file.
# OnlyOffice image
ONLYOFFICE_IMAGE=onlyoffice/documentserver:8.1.0.1
# Persistent storage directory of OnlyOffice
ONLYOFFICE_VOLUME=/opt/onlyoffice
# OnlyOffice document server port
ONLYOFFICE_PORT=6233
# jwt secret, generated by `pwgen -s 40 1`
ONLYOFFICE_JWT_SECRET=<your jwt secret>
Note
From Seafile 12.0, OnlyOffice's JWT verification will be forced to enable. Secure communication between Seafile and OnlyOffice is granted by a shared secret. You can get the JWT secret by following command
pwgen -s 40 1
Also modify seahub_settings.py
ENABLE_ONLYOFFICE = True
ONLYOFFICE_APIJS_URL = 'https://seafile.example.com:6233/web-apps/apps/api/documents/api.js'
ONLYOFFICE_FILE_EXTENSION = ('doc', 'docx', 'ppt', 'pptx', 'xls', 'xlsx', 'odt', 'fodt', 'odp', 'fodp', 'ods', 'fods', 'csv', 'ppsx', 'pps')
ONLYOFFICE_JWT_SECRET = '<your jwt secret>'
Tip
By default OnlyOffice will use port 6233 used for communication between Seafile and Document Server, You can modify the bound port by specifying ONLYOFFICE_PORT
, and port in the term ONLYOFFICE_APIJS_URL
in seahub_settings.py
has been modified together.
Advanced: Custom settings of OnlyOffice¶
The following configuration options are only for OnlyOffice experts. You can create and mount a custom configuration file called local-production-linux.json
to force some settings.
nano local-production-linux.json
For example, you can configure OnlyOffice to automatically save by copying the following code block in this file:
{
"services": {
"CoAuthoring": {
"autoAssembly": {
"enable": true,
"interval": "5m"
}
}
},
"FileConverter": {
"converter": {
"downloadAttemptMaxCount": 3
}
}
}
Mount this config file into your onlyoffice block in onlyoffice.yml
:
service:
...
onlyoffice:
...
volumes:
...
- <Your path to local-production-linux.json>:/etc/onlyoffice/documentserver/local-production-linux.json
...
For more information you can check the official documentation: https://api.onlyoffice.com/editors/signature/ and https://github.com/ONLYOFFICE/Docker-DocumentServer#available-configuration-parameters
Restart Seafile-docker instance and test that OnlyOffice is running¶
docker-compose down
docker-compose up -d
Success
After the installation process is finished, visit this page to make sure you have deployed OnlyOffice successfully: http{s}://{your Seafile server's domain or IP}:6233/welcome
, you will get Document Server is running info at this page.
FAQ¶
Download failed¶
Firstly, run docker logs -f seafile-onlyoffice
, then open an office file. After the "Download failed." error appears on the page, observe the logs for the following error:
==> /var/log/onlyoffice/documentserver/converter/out.log <==
...
Error: DNS lookup {local IP} (family:undefined, host:undefined) is not allowed. Because, It is a private IP address.
...
If it shows this error message and you haven't enabled JWT while using a local network, then it's likely due to an error triggered proactively by OnlyOffice server for enhanced security. (https://github.com/ONLYOFFICE/DocumentServer/issues/2268#issuecomment-1600787905)
So, as mentioned in the post, we highly recommend you enabling JWT in your integrations to fix this problem.
The document security token is not correctly formed¶
Starting from OnlyOffice Docker-DocumentServer version 7.2, JWT is enabled by default on OnlyOffice server.
So, for security reason, please Configure OnlyOffice to use JWT Secret.
OnlyOffice on a separate host and URL¶
In general, you only need to specify the values of the following fields in seahub_settings.py
and then restart the service.
ENABLE_ONLYOFFICE = True
ONLYOFFICE_APIJS_URL = 'http{s}://<Your OnlyOffice host url>/web-apps/apps/api/documents/api.js'
ONLYOFFICE_FILE_EXTENSION = ('doc', 'docx', 'ppt', 'pptx', 'xls', 'xlsx', 'odt', 'fodt', 'odp', 'fodp', 'ods', 'fods', 'csv', 'ppsx', 'pps')
ONLYOFFICE_JWT_SECRET = '<your jwt secret>'
About SSL¶
For deployments using the onlyoffice.yml
file in this document, SSL is primarily handled by the Caddy
. If the OnlyOffice document server and Seafile server are not on the same machine, please refer to the official document to configure SSL for OnlyOffice.