通过 docker-compose 使用 Collabora CODE / Nextcloud / Traefik 反向代理出现混合内容错误

Question

通过 docker-compose 使用 Collabora CODE / Nextcloud / Traefik 反向代理出现混合内容错误

And*_*áth 3 docker docker-compose nextcloud

我正在尝试通过 docker-compose 与 Nextcloud 一起安装 Collabora CODE。在此部署中，一切似乎都正常运行，但每当我尝试访问 Collabora 代码编辑器时，都会收到以下“混合内容”错误：

\n

Blocked loading mixed active content \xe2\x80\x9chttp://docs.example.com/loleaflet/44a46d7/loleaflet.html?WOPISrc=https%3A%2F%2Fnc.example.com%2Findex.php%2Fapps%2Frichdocuments%2Fwopi%2Ffiles%2F13_oceqjdia3g5g&title=Welcome%20to%20Nextcloud%20Hub.docx&lang=en&closebutton=1&revisionhistory=1\xe2\x80\x9d\n

Run Code Online (Sandbox Code Playgroud)\n

我认为问题出"extra_params=--o:ssl.enable=false"在我传递给 Collabora 映像的环境变量上，但我无法让 Collabora 在启用其自己的 SSL 的情况下工作。

\n

有谁知道是否有办法强制 Collabora 始终使用 HTTPS 响应？

\n

任何帮助，将不胜感激。docs.example.org需要明确的是，我只是想在以下解决方案的框架内通过 HTTPS 访问 Collabora CODE ：

\n

version: '3.3'\n\nservices:\n\n  traefik:\n    image: traefik:latest\n    restart: always\n    container_name: "traefik"\n    command:\n      - "--api.insecure=true"\n      - "--providers.docker=true"\n      - "--providers.docker.exposedbydefault=false"\n      - "--entrypoints.web.address=:80"\n      - "--entrypoints.web.http.redirections.entryPoint.to=websecure"\n      - "--entrypoints.web.http.redirections.entryPoint.scheme=https"\n      - "--entrypoints.websecure.address=:443"\n      - "--certificatesresolvers.myresolver.acme.tlschallenge=true"\n      - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"\n      - "--certificatesresolvers.myresolver.acme.email=bandi@qodex.cc"\n      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"\n\n    networks:\n      - web\n      - internal\n    ports:\n      - 80:80\n      - 443:443\n      - 8080:8080\n    volumes:\n      - "./letsencrypt:/letsencrypt"\n      - /var/run/docker.sock:/var/run/docker.sock\n\n  nc_db:\n    image: mariadb\n    restart: always\n    container_name: "nextcloud-db"\n    volumes:\n      - nc_db:/var/lib/mysql\n    env_file:\n      - nc_secrets.env\n    labels:\n      - "traefik.enable=false"\n    networks:\n      - internal\n\n  collabora:\n    image: collabora/code\n    restart: unless-stopped\n    container_name: "collabora-app"\n    expose:\n      - "9980"\n    environment:\n      - domain=docs.example.com\n      - username=admin\n      - password=admin\n      - "SLEEPFORDEBUGGER=0"\n      - "extra_params=--o:ssl.enable=false"\n    cap_add:\n      - MKNOD\n    labels:\n      - "traefik.enable=true"\n      - "traefik.http.routers.collabora.tls=true"\n      - "traefik.http.routers.collabora.rule=Host(`docs.example.com`)"\n      - "traefik.http.services.collabora.loadbalancer.server.port=9980"\n      - "traefik.http.routers.collabora.tls.certresolver=myresolver"\n    networks:\n      - web\n\n  nextcloud:\n    image: nextcloud\n    restart: always\n    container_name: "nextcloud-app"\n    labels:\n      - "traefik.enable=true"\n      - "traefik.http.routers.nextcloud.tls=true"\n      - "traefik.http.routers.nextcloud.rule=Host(`nc.example.com`)"\n      - "traefik.http.routers.nextcloud.tls.certresolver=myresolver"\n    links:\n      - nc_db\n    volumes:\n      - nextcloud:/var/www/html\n    env_file:\n      - nc_secrets.env\n    networks:\n      - web\n      - internal\n\n  wordpress:\n    image: wordpress\n    restart: always\n    container_name: "wordpress-app"\n    links:\n      - wp_db\n    labels:\n      - "traefik.enable=true"\n      - "traefik.http.routers.wordpress.tls=true"\n      - "traefik.http.routers.wordpress.rule=Host(`example.com`)"\n      - "traefik.http.routers.wordpress.tls.certresolver=myresolver"\n    env_file:\n      - wp_secrets.env\n    volumes:\n      - wordpress:/var/www/html\n    networks:\n      - web\n      - internal\n\n  wp_db:\n    image: mysql:5.7\n    restart: always\n    container_name: "wordpress-db"\n    env_file:\n      - wp_secrets.env\n    volumes:\n      - wp_db:/var/lib/mysql\n    labels:\n      - "traefik.enable=false"\n    networks:\n      - internal\n\nvolumes:\n  wp_db:\n  wordpress:\n  nextcloud:\n  nc_db:\n\nnetworks:\n  internal:\n    external: false\n  web:\n    external: true\n

Run Code Online (Sandbox Code Playgroud)\n

预先感谢您的任何帮助/想法。

\n

Answer 1

And*_*áth 5

设法解决我自己的问题。Collabora 的配置文件中有一个未记录的选项：

<termination desc="Connection via proxy where loolwsd acts as working via https, but actually uses http." type="bool" default="true">true</termination>

Run Code Online (Sandbox Code Playgroud)

我还必须从主机上的文件中读取 loowsl.xml 参数，因为事实证明我作为环境变量传递的参数没有在容器中进行处理。Collabora 的最终 docker-compose 条目：

  collabora:
    image: collabora/code
    restart: unless-stopped
    container_name: "collabora-app"
    expose:
      - "9980"
    environment:
      - domain=nc.example.com
      - server_name=docs.example.com
    cap_add:
      - MKNOD
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.collabora.tls=true"
      - "traefik.http.routers.collabora.rule=Host(`docs.example.com`)"
      - "traefik.http.services.collabora.loadbalancer.server.port=9980"
      - "traefik.http.routers.collabora.tls.certresolver=myresolver"
    volumes:
      - ./loolwsd.xml:/etc/loolwsd/loolwsd.xml
    networks:
      - web

Run Code Online (Sandbox Code Playgroud)

主机上的loowsd.xml文件中需要设置以下两个参数：

    <ssl desc="SSL settings">
        <enable type="bool" desc="Controls whether SSL encryption between browser and loolwsd is enabled (do not disable for production deployment). If default is false, must first be compiled with SSL support to enable." default="true">false</enable>
        <termination desc="Connection via proxy where loolwsd acts as working via https, but actually uses http." type="bool" default="true">true</termination>

Run Code Online (Sandbox Code Playgroud)

这将允许您将 Collabora 与反向代理（在本例中为 Traefik）提供的 SSL 结合使用。

归档时间：	4 年，8 月前
查看次数：	2756 次
最近记录：	2 年，11 月前