Syncplicity Support

Follow

Configuring WOPI Connector

To complete installation, you must edit the Syncplicity software configuration file. However, you first must obtain the access key.

To retrieve the access key, click the Settings tab of the administrative console and select Manage StorageVaults at the bottom of the page. A list of configured storage vaults and their associated access keys is displayed. Select the storage vault you have configured with the Syncplicity Storage Connectors and copy the access key. If you have no storage vaults, see Configuring and managing StorageVaults.

Perform the following.

Configuration steps

  1. At the virtual machine, edit the following file using the vi editor:
    # sudo vi /etc/syncp-wopi/syncp-wopi.conf

  2. In the syncplicity.ws section of the syncp-wopi.conf file, replace <syncplicity access key> with the access key that you retrieved from the Manage StorageVault Settings For example:
    accesskey: "d4jJDpO7erZEmrlKab6w"

  3. If your company is using the EU PrivacyRegion, the on-premises WOPI Connector must be configured with the following settings:
    ws.url: “https://xml.eu.syncplicity.com/1.1”
    syncplicity.ws.external.url: “https://api.eu.syncplicity.com”
    syncplicity.health.url: “https://health.eu.syncplicity.com/v1”

  4. If using a proxy, set the enable flag to true and specify the proxy host and port in the proxy section.

    syncplicity ws {
      proxy {
            enable: true
            host: "my_proxy.mycompany.com"
            port: 8080 
      }
    }
  5. In the syncplicity.storage section of the syncp-wopi.conf file, replace <storage type> with atmosfor EMC Atmos systems, s3 for AWS s3 buckets or EMC ECS systems, isilon for EMC Isilon systems, vnx for EMC VNX systems, or fs for generic NFS v3 systems. For example:
    type: "atmos"

  6. If type is “atmos”, configure your Atmos storage settings. Under the atmos section of the syncp-wopi.conf file, set url to the URL and port to the port which your Atmos installation listens. Make sure to explicitly include the port number. Set token to your Atmos authentication token and set secret to your Atmos secret key. For example:

    atmos {
      url: "https://atmos.internal:443"
      token: "7ce21bbh56ek8feg0a7c23f343ad8df99/tenant"
      secret: "poSq7g5123t1TEQp5PlWhv4SAxk="
    }
  7. If type is “s3” for AWS s3 storage, configure your AWS storage settings under the s3 section of the syncp-wopi.conf file. Enter the name of the bucket you created and its region, the access key and secret For AWS, the secret was generated when you created the IAM user. For example:

    s3 {
    access: "put access key here"
      secret: "put secret key here"
      data.bucket: "cec-euw-sync-data"
      region: "eu-central-1"
      s3_signature_version: "v4"
    }
  8. If type is “s3” for EMC ECS storage, configure your EMC ECS storage settings under the s3 section of the syncp-wopi.conf file by providing the following information:

    • The full url of the ECS storage, including the port. Refer to your ECS Storage administrator for the exact ports being used. Default ports are 9020 for http and 9021 for https.
    • The name of the bucket you created.
    • The access key used for authentication, which is generated by the ECS administrator. With ECS, the access key used is typically an email address.
    • The secret used for authentication, which is generated by the ECS administrator.

      For example:
      s3 {
      access: "syncplicity@mycompany.com"
      secret: "put secret key here"
      url: "http://10.1.1.1:9020"
      bucket: "MyStorageVault_bucket"
      }

NOTE: When an IP address is used in the URL, the Base URL (fully qualified URL) must be defined in the ECS admin console. The Base URL should correspond to the URL you use in the syncp-wopi.conf file. The Base URL is used by ECS as part of the object address where virtual host style addressing is used and enables ECS to know which part of the address refers to the bucket and, optionally, namespace. To avoid upload errors, such as the one below, make sure to add the Base URL in the ViPR console for ALL your VDCs.

The request signature we calculated does not match the signature you provided. Check your secret access key and signing method. For more information, see REST authentication and SOAP authentication for details.

  1. If type is “isilon”, configure your Isilon storage settings. Under the isilon section of the syncp-wopi.conf file, set rootdir to the mount point of your Isilon cluster on this server. For example:
    isilon {
      rootdir: "/mnt/syncdata"
    }
    Make sure the syncp-wopi:syncp-wopi user owns the mount point. To set the ownership of the mount point, type the following command:
    # chown –R syncp-wopi:syncp-wopi <mount_point>

  2. If type is “vnx”, configure your VNX storage settings. Under the vnx section of the syncp-wopi.conf file, set the rootdir of your VNX system on this server. The directory that is located below the mount point, e. g., “data”, must exist before you proceed. If this directory has not already been created, be sure to create it now. For example:
    vnx {
       rootdir: "/mnt/syncdata/data"
    }
    Make sure the rootdir is one level below the mount point for VNX storage systems. For example, if the mount point is /mnt/syncdata, the rootdir value must be /mnt/syncdata/data.
    Make sure the syncp-wopi:syncp-wopi user owns the mount point. To set ownership of the mount point, type the following command:
    #chown –R syncp-wopi:syncp-wopi <mount_point>

  3. If type is “fs” for generic NFS v3 storage, configure your NFS storage settings. In the syncplicity.storage section of the syncp-wopi.conf file, add the following FS configuration and set rootdir to the mount point of your NFS v3 server on this server. If the following lines are already included in the syncp-wopi.conf file, edit the lines. For example:

    fs {
       # the root directory of the NFS mount
       rootdir: “/mnt/syncdata”
    }
    Make sure the syncp-wopi:syncp-wopi user owns the mount point. To set ownership of the mount point, type the following command:
    # chown –R syncp-wopi:syncp-wopi <mount_point>

  4. Now it is time to configure the WOPI Connector-specific settings. To do this you must generate a secret key file and store it securely on your system. This key is required to secure the WOPI access token, and the same key file should be used on all WOPI Connectors that are configured together against the same storage endpoint.

    To create the WOPI Connector key file, create a file with a file extension of .key and place it in a secure location (e.g. /etc/syncp-wopi/syncp-wopi.key). The file should include an ASCII format passphrase string of at least 256-bit length (i.e. at least 32 ASCII characters).

    Once the key file has been created or copied over from another WOPI Connector, execute the following commands:

    # sudo chown syncp-wopi.syncp-wopi /<folder>/<filename>.key
    # sudo chmod 400 /<folder>/<filename>.key

    Here is an example using the example filename and folder:

    # sudo chown syncp-wopi.syncp-wopi /etc/syncp-wopi/syncp-wopi.key
    # sudo chmod 400 /etc/syncp-wopi/syncp-wopi.key

    It is strongly advised to restrict access to the key files.
    After setting the owner and access to this key file, set key.file to the full path name for the key file in /etc/syncp-wopi/syncp-wopi.conf. For example:

    wopi {
    key.file: “/etc/syncp-wopi/syncp-wopi.key”
    }
  5. Start the WOPI Connector software on each of the WOPI Connectors you have configured with this command:
    # sudo systemctl start syncp-wopi

  6. After starting the syncp-wopi service, run some verification checks to make sure that there is no error in the configuration and the service started without any problem. For details see Verify and manage WOPI Connector.

Customizing WOPI Connector logging options

The WOPI Connector writes error, warning and info messages to a log file in /var/log/syncp-wopi/. The log settings can be customized to change the log level, the retention of log files and the name of the log file, which is useful in improving the usability of reviewing logs from multiple WOPI Connectors consolidated by a log shipping tool (example: logstash).

  1. To customize the name of the log file, edit /etc/syncp-wopi/logger.xml and modify the <appender><rollingPolicy><fileNamePattern> xml element.

    The default logfile name and format is:
    /var/log/syncp-wopi/${HOSTNAME}-wopi-$d{yyy-MM-dd}.log.gz

    You can hard code a name in place of ${HOSTNAME} or set this environment variable on your system using a persistent method (such as using /etc/environment/). For example:
    <fileNamePattern>/var/log/syncp-wopi/${HOSTNAME}-wopi-%d{yyyy-MM-dd}.log.gz</fileNamePattern>

  2. To change the log retention period, edit /etc/syncp-wopi/logger.xml and modify the <maxHistory> setting to the number of days to keep archived log files. The default setting is 30 days. For example, to change the log retention period to 7 days:
    <maxHistory>7</maxHistory>

  3. The log level can be set to one of the following: ERROR, WARN, INFO, DEBUG, TRACE, ALL, OFF. The default logging level is INFO, which provides a moderate level of logged data covering ERROR, WARN and INFO messages. To change the log level, edit /etc/syncp-wopi/logger.xml and modify the level setting for the application logger. For example:
    <logger name=”application” level=”INFO” />

  4. Any time you change the settings in logger.xml you must restart the WOPI Connector service for the changes to take effect. To restart the syncp-wopi service, type the following command:
    # sudo systemctl restart syncp-wopi

The base software installation process has been completed. If you have not already done so, you should verify the configuration as described in Verify and manage WOPI Connector.

Once you have verified the configuration, the next step is to point your Syncplicity account to the WOPI Connector URL and enable Microsoft Integration, which is described in Configuring and managing the on-premises storage settings.

Powered by Zendesk