Nextcloud not able to open documents using the Onlyoffice document viewer/editor
-
Do you also restart the onlyoffice app after making changes to the secret? Does the issue happen in some other browser as well?
Otherwise, I am out of ideas. If you can drop a mail to support@cloudron.io, we can debug further.
-
@ChristopherMag said in Nextcloud not able to open documents using the Onlyoffice document viewer/editor:
PS, if I mess up the hostname intentionally I get a different error
Error when trying to connect (cURL error 6: Could not resolve host: testonlyoffice.cloudron.magnusonfinancial2.com (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://testonlyoffice.cloudron.magnusonfinancial2.com/healthcheck)so it seems like that part is correct.If I change the Secret Key to
changeme2I also get a different errorError when trying to connect (Error occurred in the document service: Invalid token)This seems to indicate that the hostname and secret key parameters are correct.
Actually, you haven't mention it in your message above just in case you overlooked it, you must make sure to change the secret string in /app/data/config/production-linux.json file as well, not only in NextCloud configuration.
-
@micmc I don't have to change it if I leave it as the default
changemewhich is why I didn't mention it.When changing it in the onlyoffice app along with the nextcloud onlyoffice app it results in the same behavior.
-
@girish If I change the Secret Key to
changeme2in the nextcloud onlyoffice's app settings I get a different errorError when trying to connect (Error occurred in the document service: Invalid token)which indicates that the defaultchangemesecret key does appear to match both on the onlyoffice cloudron app and the nextcloud onlyoffice app's settings.The error that occurs when clicking Save happens in firefox and google chrome.
-
@girish said in Nextcloud not able to open documents using the Onlyoffice document viewer/editor:
Are you able to reproduce this in our demo maybe ? https://my.demo.cloudron.io (username/password: cloudron)
@ChristopherMag just to rule out some internal / network related issues, can you quickly try this on the demo?
-
@girish When I navigate to that site and enter the username and password as
cloudronit takes be back to the username and password login form and doesn't seem to login. -
@nebulon I have gone through the same steps above and they worked fine, with and without the disable certificate verification checkbox checked as your demo system gets valid SSL certs.
Our internal cloudron is not able to be publicly accessible and so we use our own root ca with a wild card cert for cloudron apps that we have loaded into the root trust stores of our client computers and phones.
It sounds like either we need to be on cloudron 7.5 instead of 7.4.3 or there is something that is now no longer working with locally managed certificates, even though we have the insecure option checked and the error message is different when it is blocked due to ssl certificate issues.
Here is the error our current instance gets when the disable certificate verification checkbox is unchecked
Error when trying to connect (cURL error 60: SSL certificate problem: unable to get local issuer certificate.Nothing shows up in the logs section of the nextcloud and onlyoffice cloudron apps that appears to be collrelated, is there other log locations I can check to try and see additional logs that might be generated when we try to save the setting and get the error
Error when trying to connect (Error occurred in the document service: Error while downloading the document file to be converted.) (version 7.3.3.49)? -
ahm the external reachability might be the issue. Both the browser (basically nextcloud UI) as well as the Nextcloud backend have to be able to reach the office app by domain. Depending on your router this may or may not work then if things are not publicly reachable.
-
@nebulon All dns requests for any host in the subdomain of cloudron.ourtopdomain.com all return the same ip address.
There is a feature of our DNS provider that basically allowed us to setup *.cloudron.ourtopdomain.com so that even requests for hosts we have never done anything specific to setup records for will respond with the same ip address as everything is hosted on one server.If DNS reachability was a problem in general I wouldn't have expected it to work for 8 months and also wouldn't expect that it would be able to give error messages that are different than the one that you receive when nextcloud can't reach the onlyoffice host via dns resolution.
If I mess up the hostname intentionally we get the error
Error when trying to connect (cURL error 6: Could not resolve host: testonlyoffice.cloudron.wrongrootdomain.comwhich is not the errorError when trying to connect (Error occurred in the document service: Error while downloading the document file to be converted.) (version 7.3.3.49)we get when the domain name is corrected.The document service would need to be reachable to receive an error message from it about it having trouble downloading the document to be converted.
In this case maybe it is Onlyoffice that is having trouble reaching out to nextcloud to pull the document that nextcloud requested Onlyoffice open.
if I run
dig testnextcloud.cloudron.ourtopdomain.comfrom the terminal of the testonlyoffice cloudron app it returns an A record with the correct ip address so dns reachability doesn't seem like the issue. -
I'm on 7.5 and since the NC update to 27.0.1 the OnlyOffice integration gets stuck with:
Fout bij het verbinden (Er is een fout opgetreden in de documentservice: Error while downloading the document file to be converted.) (versie 7.3.3.49)This error is shown while trying to save the settings in NC regarding OnlyOffice. I tried all the suggestions here but it still doesn't work.
-
-
@girish OUCH! My fault, after installation and all the updates I switched on Cloudflare DNS proxy because I’ve set up there “country whitelist”. I just switched proxy off and it works!
How can I use Cloudflare proxy in this setup or even better would be to have on Cloudron per app geo blocking
-
-
-
-
@imc67 Is there something in Cloudflare "logs" (if there is such a thing) as to why the healthcheck request was blocked? I wonder if Cloudflare is throwing some captcha or something and the server/browser request cannot handle this (since this is an API call)?
-
GOT IT! I recently moved my Cloudron from a Netcup VPS to a Netcup RS, it got a new IP. Just seconds ago (I didn’t saw you latest comment but it was the same direction) I discovered by the Cloudflare WAF logs that according to Cloudflare this IP is not in Germany (DE) but in the UK! Therefore all proxied domains where blocked by their own server! Bizar!
-
@girish I have emailed support on Tuesday as requested.
What would be my next step to get assistance in determining what is causing the issue we are seeing?
Happy to perform any additional troubleshooting steps, seems like possibly doing a packet capture from the nextcloud and onlyoffice containers on the Demo system where this works and on a system where it doesn't work would at least provide us the ability to pinpoint the differences between the failure and success states.
