Docker-DocumentServer icon indicating copy to clipboard operation
Docker-DocumentServer copied to clipboard

Published 20 hours ago verified publisher icon ONLYOFFICE

Set static secret key

Open hari-bo opened this issue 2 years ago • 5 comments

For the connection with Nextcloud i'm using the secret key which can be found with; docker exec [name or id docker container] /var/www/onlyoffice/documentserver/npm/json -f /etc/onlyoffice/documentserver/local.json 'services.CoAuthoring.secret.session.string'

But when the container is deployed with a new version the secret keys changes so Nexclout will be disconnected.

I can't find to set a static secret key. Is there a envorionment variable for this?

hari-bo avatar Oct 10 '22 08:10 hari-bo

Hi, I think it's done by design, so users who already connected to some document lost connection during update

Without that - users with old front-end scripts may be connected to new version of back-end and something unpredictable should happen

In any way we strongly advice run documentserver-prepare4shutdown.sh before any operation with documentsever, so all users save all data and nothing is lost

ShockwaveNN avatar Oct 10 '22 08:10 ShockwaveNN

I had the same problem.

The secret key will be restored each time when I restart Docker container.

As a result, Nextcloud was unable to successfully connect onlyoffice. I had to manually re-check the new secret key, and then re-enter it to connect.

I also want to set static secret key.

tobylibo avatar Oct 12 '22 06:10 tobylibo

Whoops, I may be wrong before

Are you meaning JWT key?

You know you can use docker env JWT_KEY to set it statically

ShockwaveNN avatar Oct 12 '22 06:10 ShockwaveNN

@ShockwaveNN Thank you very much. The way you told me is right.

Adding environment variables:

JWT_ENABLED=false When nextcloud connects to onlyoffice, you do not need to enter a JWT key

or

JWT_SECRET=<your own JWT key> The JWT key will NOT be restored each time when you restart Docker container.

Maybe help you @hari-bo

tobylibo avatar Oct 12 '22 06:10 tobylibo

And please note that we strongly advice do not disable JWT, since it may lead to vulnerabilities

ShockwaveNN avatar Oct 12 '22 06:10 ShockwaveNN

@ShockwaveNN Thank you very much. The way you told me is right.

Adding environment variables:

JWT_ENABLED=false When nextcloud connects to onlyoffice, you do not need to enter a JWT key

or

JWT_SECRET=<your own JWT key> The JWT key will NOT be restored each time when you restart Docker container.

Maybe help you @hari-bo

You are right, JWT_SECRET env set a constant JWT key, and after restart the container it is not cnange. I close this issue. Feel free to comment or reopen it if you got further questions.

igwyd avatar Dec 28 '23 16:12 igwyd

I close this issue. Feel free to comment or reopen it if you got further questions.

Rita-Bubnova avatar Dec 28 '23 16:12 Rita-Bubnova