银河麒麟服务器v10版本在arm架构下安装配置onlyoffice

服务器 0
  • 安装onlyoffice
  1. 环境信息

操作系统版本:Kylin Linux Advanced Server V10 (Lance)

cpu架构:aarch64

onlyoffice版本:onlyoffice-documentserver-7.5.1-23.el7.aarch64

阅读扩展:因为kylin本身的yum源资源有限,需要一些扩展包时经常找不到,我参照centos7(查看内核版本及dnf可能更接近centos8)进行扩展安装,可配置阿里centos7的epel源(https://mirrors.aliyun.com/repo/epel-7.repo)解决各种扩展安装需要。

  1. 安装依赖

nginx postgresql rabbitmq

(自行yum安装即可)

  1. 配置onlyoffice安装源并安装

[root@localhost ~]# yum install https://download.onlyoffice.com/repo/centos/main/noarch/onlyoffice-repo.noarch.rpm

[root@localhost ~]# cat /etc/yum.repos.d/onlyoffice.repo                                                                                                               

[onlyoffice]                                                                                                                                                           

name=onlyoffice repo                                                                                                                                                   

baseurl=http://download.onlyoffice.com/repo/centos/main/noarch/                                                                                                        

gpgcheck=1                                                                                                                                                             

enabled=1                                                                                                                                                              

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ONLYOFFICE

[root@localhost ~]# yum install onlyoffice-documentserver

在安装过程后段执行安装脚本会卡比较久时间,无法追踪到相关报错日志,解压rpm包未分析到相关脚本信息,直接等待安装结束就行。

  • onlyoffice配置使用

onlyoffice有多个服务需要管理

前端:nginx

数据库:postgres

消息队列:rabbitmq

后端服务:ds-converter ds-docservice ds-metrics 

在修改相关配置后需要重启相关服务,特别是后端服务(systemctl restart ds-converter ds-docservice ds-metrics

  1. 初始化配置

onlyoffice安装后有一个配置shell脚本提供配置向导以完成系统配置,配置前需要先启动rabbitmq及postgres服务

直接执行documentserver-configure.sh按向导输入相关信息即可完成配置,我喜欢将向导配置环境变量直接写入脚本,然后直接执行配置脚本自动完成配置,无需一项一项填 入。在documentserver-configure.sh头部添加以下环境变量

[root@localhost ono]# head -20 ./documentserver-configure.sh                                                                                                           

#!/bin/bash                                                                                                                                                            

                                                                                                                                                                       

DS_PORT=9000                                                                                                                                                           

#关闭JWT认证,否则打开在线编辑时将会报'文档安全令牌的格式不正确'的错误                                                                                                  

JWT_ENABLED=false                                                                                                                                                      

DB_TYPE=postgres                                                                                                                                                       

DB_HOST='127.0.0.1'                                                                                                                                                    

DB_PORT='3210'                                                                                                                                                         

DB_NAME='onlyoffice'                                                                                                                                                   

DB_USER='onlyoffice'                                                                                                                                                   

DB_PWD='onlyoffice'                                                                                                                                                    

AMQP_TYPE='rabbitmq'                                                                                                                                                   

AMQP_SERVER_HOST='127.0.0.1'                                                                                                                                           

AMQP_SERVER_USER='guest'                                                                                                                                               

AMQP_SERVER_PWD='guest'

关键环境变量说明:

JWT_ENABLED=false 

JSON Web Token(JWT)是⼀个开放标准(RFC?7519),它定义了⼀种紧凑的、⾃包含的⽅式,⽤于作为JSON对象在各⽅之间安全地传输信息。该信息可以被验证和信任,因为它是数字签名的。

为了安全访问onlyoffice默认是开启了jwt,如果没有在项目调用中配置token,在调用在线编辑时会报错“文档安全令牌的格式不正确”,这里没有进一步研究jwt配置使用,所以直接关闭jwt,在配置中加入JWT_ENABLED=false环境变量即可关闭。

如果已经完成配置,也可在onlyoffice的配置文件中手动关闭jwt

[root@localhost ono]# grep token -A 14 /etc/onlyoffice/documentserver/local.json                                                                                       

      "token": {                                                                                                                                                       

        "enable": {                                                                                                                                                    

          "request": {                                                                                                                                                 

            "inbox": false,                                                                                                                                            

            "outbox": false                                                                                                                                            

          },                                                                                                                                                           

          "browser": false                                                                                                                                             

        },                                                                                                                                                             

        "inbox": {                                                                                                                                                     

          "header": "Authorization"                                                                                                                                    

        },                                                                                                                                                             

        "outbox": {                                                                                                                                                    

          "header": "Authorization"                                                                                                                                    

        }                                                                                                                                                              

      },

  1. 打开文件进行在线编辑时提示“下载失败”的解决办法

通过查看onlyoffice服务日志/var/log/onlyoffice/documentserver/converter/out.log发现关于dns的错误信息,查看资料发现是onlyoffice默认不允许直接使用ip地址调用原文档进行在线编辑,需要将允许ip地址配置开启。

[root@localhost ono]# grep -A 3 request-filtering-agent /etc/onlyoffice/documentserver/default.json                                                                    

                        "request-filtering-agent" : {                                                                                                                  

                                "allowPrivateIPAddress": true,                                                                                                         

                                "allowMetaIPAddress": true                                                                                                             

                        },

以上配置修改后需要重启后端服务。

也许您对下面的内容还感兴趣: