NextCloud的协同编辑有两个选择:OnlyOffice和Collabora Online,原理都一样,借助独立的第三方服务器提供多人协同编辑功能。所以为Nextcloud扩展协同编辑功能时,需要分两步进行:安装专门的服务、为NextCloud服务器安装应用扩展。
1. 安装OnlyOffice服务
1.1 安装docker,拉onlyoffice镜像,并运行
apt install docker.io
mkdir /var/www/onlyoffice
cd /var/www/onlyoffice
mkdir log data lib db
docker pull onlyoffice/documentserver
docker run -i -t -d -p 8000:80 --restart=always -e JWT_ENABLED=true -e JWT_SECRET=keysecretsecretkey -v /var/www/onlyoffice/log:/var/log/onlyoffice -v /var/www/onlyoffice/app:/var/www/onlyoffice -v /var/www/onlyoffice/lib:/var/lib/onlyoffice -v /var/www/onlyoffice/db:/var/lib/postgresql onlyoffice/documentserver
其中JWT_ENABLED=true表示启用token认证,同时通过JWT_SECRET参数设置使用的token。
1.2. 发布OnlyOffice
OnlyOffice针对三种场景提供了Nginx、Apache httpd、HA、Træfik的配置范例:
- Using Document Server Behind the Proxy:
https://helpcenter.onlyoffice.com/server/document/document-server-proxy.aspx - 本地服务器反向代理
- 代理http发布到https
- 发布http到另一个站点的虚拟目录
以下是Nginx代理http服务,发布到https的配置
upstream docservice {
server localhost:8000;
}
map $http_host $this_host {
"" $host;
default $http_host;
}
map $http_x_forwarded_proto $the_scheme {
default $http_x_forwarded_proto;
"" $scheme;
}
map $http_x_forwarded_host $the_host {
default $http_x_forwarded_host;
"" $this_host;
}
map $http_upgrade $proxy_connection {
default upgrade;
"" close;
}
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $proxy_connection;
proxy_set_header X-Forwarded-Host $the_host;
proxy_set_header X-Forwarded-Proto $the_scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
server {
listen 443 ssl;
server_name cloud.abc.com;
server_tokens off;
root /usr/share/nginx/html;
ssl_certificate /path/ssl.pem;
ssl_certificate_key /path/ssl.key;
ssl_verify_client off;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security max-age=31536000;
# add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
## [Optional] If your certficate has OCSP, enable OCSP stapling to reduce the overhead and latency of running SSL.
## Replace with your ssl_trusted_certificate. For more info see:
## - https://medium.com/devops-programming/4445f4862461
## - https://www.ruby-forum.com/topic/4419319
## - https://www.digitalocean.com/community/tutorials/how-to-configure-ocsp-stapling-on-apache-and-nginx
# ssl_stapling on;
# ssl_stapling_verify on;
# ssl_trusted_certificate /etc/nginx/ssl/stapling.trusted.crt;
# resolver 208.67.222.222 208.67.222.220 valid=300s; # Can change to your DNS resolver if desired
# resolver_timeout 10s;
## [Optional] Generate a stronger DHE parameter:
## cd /etc/ssl/certs
## sudo openssl dhparam -out dhparam.pem 4096
##
# ssl_dhparam /etc/ssl/certs/dhparam.pem;
location / {
proxy_pass http://docservice;
proxy_http_version 1.1;
}
location /welcome {
charset utf-8;
default_type text/html;
return 200 'under construction.<footer style="width:100%; position:fixed; bottom:20px;; text-align:center;"><a href="http://www.beian.miit.gov.cn/" target="_blank">某XICP备88888888-1号</a></footer>';
}
}
2. 为NextCloud服务器安装OnlyOffice应用
- * 因为应用商店打开速度非常慢,所以直接采用离线安装的方式添加OnlyOffice应用
- * 应用商店网址 https://apps.nextcloud.com/
- * onlyoffice应用网址 https://apps.nextcloud.com/apps/onlyoffice
- 根据nextcloud版本,下载对应onlyoffice压缩包
- 上传到服务器,并解压到nextcloud目录的apps目录下
- 在nextcloud服务器的Apps页面找到并启用onlyoffice
- 在nextcloud服务器的设置里为onlyoffice设置服务器地址以及secret key
至此,onlyoffice就可以使用了。在文档页面,可以直接建立office文档,同时也可以在网页上直接进行多人协作。
3. 通知API
通知API的作用是向特定用户发送一则消息提醒。
3.1 用法
curl -H "OCS-APIREQUEST: true" -X POST \
https://<admin-user>:<admin-app-password-token>@<server-url>/ocs/v2.php/apps/admin_notifications/api/v1/notifications/<user-id> \
-d "shortMessage=<short-message>" \
-d "longMessage=<long-message>"
admin-user: User ID of a user with admin priviliges
admin-app-password-token: Password or an "app password" of the "admin-user"
server-url: URL with Webroot of your Nextcloud installation
user-id: User ID of the user to notify
short-message: Short message to be sent to the user (max. 255 characters)
long-message: Long mesage to be sent to the user (max. 4000 characters)
示例:
curl -H "OCS-APIREQUEST: true" -X POST https://admin:admin123@cloud.abc.com/ocs/v2.php/apps/admin_notifications/api/v1/notifications/zhangsan -d "shortMessage=标题短" -d "longMessage=内容长内容长内容长"
3.2 效果
如果打开客户端,会在桌面右下角弹出提示;如果登录在网页,会同时显示网页消息通知和浏览器通知(Chrome)。