Archived

Nextcloud+Collabora Office文档在线协作

Posted by 橙叶 on Mon, May 1, 2017

本文演示在VPS上配置Nextcloud+CollaboraOffice实现文档在线预览

视频教程

[tabgroup][tab title="bilibili" id="1"] [/tab][tab title="腾讯视频" id="2"][/tab][tab title="优酷视频" id="3"][/tab] [/tabgroup]

简介

这个Office文档在线预览功能是基于Nextcloud Collabora Online插件和在Docker上跑的Collabora Office。

通过Apache反向代理将Collabora Office代理至443端口,供Nextcloud通过HTTPS访问。

你需要

[ssbluelist]
  • 2个子域名,分别用于Collabora Office和Nextcloud,且两个域名均拥有合法SSL证书。例如:cloud.orgleaf.com用于访问Nextcloud,office.orgleaf.com用于部署Collabora Office
  • 一个在443端口正常运行的Nextcloud实例,并拥有合法SSL证书(最好不要用自签名证书)
  • 一台可以运行Docker的公网VPS(建议系统为Ubuntu 14.0+)
[/ssbluelist]

在Docker上部署Collabora Office

首先安装Docker 
sudo apt-get install docker.io
从DockerHub中拉取镜像: 
sudo docker pull collabora/code
 Using default tag: latest
 latest: Pulling from collabora/code
 8aec416115fd: Pull complete 
 695f074e24e3: Pull complete 
 946d6c48c2a7: Pull complete 
 bc7277e579f0: Pull complete 
 2508cbcde94b: Pull complete 
 db0e063f8c96: Pull complete 
 698261b49ccf: Pull complete 
 c8427a52a3b3: Pull complete
启动镜像:

[infobox]请将cloud.orgleaf.com替换为自己的域名(即用于访问Nextcloud的域名),注意主机名后面有一个"/"。[/infobox]

docker run -t -d -p 127.0.0.1:9980:9980 -e 'domain=cloud\\.orgleaf\\.com' --restart always --cap-add MKNOD collabora/code

如果要让这个Collabora Office同时服务于多个域名的话,需要在两个不同域名之间加上|,例如:

'domain=cloud\\.nextcloud\\.com\|second\\.nexcloud\\.com'

查看镜像是否启动:

root@cloud:/etc/apache2/sites-available# docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                      NAMES
bcf8fe64b0ae        collabora/code      "/bin/sh -c 'bash sta"   1 second ago      Up 1 second      127.0.0.1:9980->9980/tcp   silly_stallman

反向代理的配置

激活Apache扩展: 
a2enmod proxy proxy_wstunnel proxy_http ssl
激活扩展后,创建一个新的虚拟主机文件,把下面的内容粘贴进去:

注意要把<VirtualHost office.orgleaf.com:443>和ServerName office.orgleaf.com:443中的office.orgleaf.com替换为你自己的域名。

<VirtualHost office.orgleaf.com:443>
	ServerName office.orgleaf.com:443

	# SSL证书配置,请将SSLCertificateFile SSLCertificateChainFile指向你自己的证书
	SSLEngine on
	SSLCertificateFile /path/to/signed_certificate
	SSLCertificateChainFile /path/to/intermediate_certificate
	SSLCertificateKeyFile /path/to/private/key
	SSLProtocol             all -SSLv2 -SSLv3
	SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
			SSLHonorCipherOrder     on
        #下面的内容不要修改!!
	# 允许编码斜杠
	AllowEncodedSlashes NoDecode

	#容器使用唯一的非签名证书
	SSLProxyEngine On
	SSLProxyVerify None
	SSLProxyCheckPeerCN Off
	SSLProxyCheckPeerName Off

	#keep the host
	ProxyPreserveHost On

	# static html, js, images, etc. served from loolwsd
	# loleaflet is the client part of LibreOffice Online
	ProxyPass           /loleaflet https://127.0.0.1:9980/loleaflet retry=0
	ProxyPassReverse    /loleaflet https://127.0.0.1:9980/loleaflet

	# WOPI discovery URL
	ProxyPass           /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
	ProxyPassReverse    /hosting/discovery https://127.0.0.1:9980/hosting/discovery

	# Main websocket
	ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws nocanon

	# Admin Console websocket
	ProxyPass   /lool/adminws wss://127.0.0.1:9980/lool/adminws

	# Download as, Fullscreen presentation and Image upload operations
	ProxyPass           /lool https://127.0.0.1:9980/lool
	ProxyPassReverse    /lool https://127.0.0.1:9980/lool
</VirtualHost>

另附Nginx方向代理的配置:

server {
    listen       443 ssl;
    server_name  collabora.example.com;

    ssl_certificate /path/to/ssl_certificate;
    ssl_certificate_key /path/to/ssl_certificate_key;

    # static files
    location ^~ /loleaflet {
        proxy_pass https://localhost:9980;
        proxy_set_header Host $http_host;
    }

    # WOPI discovery URL
    location ^~ /hosting/discovery {
        proxy_pass https://localhost:9980;
        proxy_set_header Host $http_host;
    }

    # main websocket
    location ~ ^/lool/(.*)/ws$ {
        proxy_pass https://localhost:9980;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host $http_host;
        proxy_read_timeout 36000s;
    }

    # download, presentation and image upload
    location ~ ^/lool {
        proxy_pass https://localhost:9980;
        proxy_set_header Host $http_host;
    }

    # Admin Console websocket
    location ^~ /lool/adminws {
        proxy_pass https://localhost:9980;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host $http_host;
        proxy_read_timeout 36000s;
    }
}

 

完成配置后,保存退出。

重启Apache:

systemctl restart apache2

配置Nextcloud

到Nextcloud->apps激活Collabora Online插件

进入配置—>在线协作,输入反向代理地址:

点击“应用”,完成设置。

回到首页,点击“+”创建Office文档:

点击创建好的文档文件:

Enjoy it!

实测完美支持中文:

PPT

Excel

comments powered by Disqus
FEATURED TAGS
Archived EE Electronic Engineering fpga NAS verilog zynq
FRIENDS