NextCloud and OnlyOffice via Docker: Difference between revisions

From WikiMLT
VisualWikitext
mNo edit summary
Line 3: Line 3:


== Install Docker ==
== Install Docker ==
According to the Docker installation, read the guide [[Docker Basic Setup]].
{{collapse/begin}}
{{collapse/begin}}
According to the Docker installation, read the guide [[Docker Basic Setup]]. The following part of this section is deprecated, but is leaved here as historical note :)
The rest part of this section is deprecated, but is leaved here as historical note :)
{{collapse/div|#Remove me: Deprecated Section}}
{{collapse/div|#Remove me: Deprecated Section}}
<syntaxhighlight lang="shell" line="1">
<syntaxhighlight lang="shell" line="1">

Revision as of 09:09, 25 September 2022

Lin­ux Serv­er

Here is a short step-by-step man­u­al: How to set­up On­ly­Of­fice Dock­er con­tain­er and proxy it by Apache2 for NextCloud us­age.

In­stall Dock­er

Ac­cord­ing to the Dock­er in­stal­la­tion, read the guide Dock­er Ba­sic Set­up.

The rest part of this sec­tion is dep­re­cat­ed, but is leaved here as his­tor­i­cal note :)

#Re­move me: Dep­re­cat­ed Sec­tion
sudo apt update
sudo apt install apt-transport-https ca-certificates curl software-properties-common

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - && \
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu  $(lsb_release -cs)  stable"

sudo apt install docker-ce
docker --version
sudo systemctl start docker
sudo systemctl enable docker
Al­low Dock­er us­age by your $USER with­out us­ing su­do.
sudo groupadd docker
sudo usermod -aG docker $USER
su - $USER
id -nG
Prune un­used Dock­er con­tain­ers and im­ages pe­ri­od­i­cal­ly.
sudo crontab -l | grep -i 'docker'

0 2 * * 7 /usr/bin/docker container prune
In my case the fol­low­ing was the most im­por­taint step to get On­ly­Of­fice con­tain­er works cor­rect­ly.
sudo sed 's/^#DOCKER_OPTS/DOCKER_OPTS/' /etc/default/docker -i
sudo systemctl restart docker

In­stall lat­est On­ly­Of­fice

The rest part of this sec­tion is dep­re­cat­ed, but is leaved here as his­tor­i­cal note :)

#Re­move me: Dep­re­cat­ed Sec­tion
Get a list of all avail­able ver­sions of On­ly­Of­fice im­ages (ref­er­ence).
wget -q https://registry.hub.docker.com/v1/repositories/onlyoffice/documentserver/tags -O - | jq -r '.[].name'
Down­lad the lat­est On­ly­Of­fice im­age and run it at port 81 of 127.0.0.1 lo­cal­host.
# docker pull onlyoffice/documentserver
docker run -i -t -d -p 81:80 --restart=always onlyoffice/documentserver:latest
  • Note the op­tion –restart=always means the con­tain­er will run au­to­mat­i­cal­ly when Dock­er is started/​​​restarted.
  • Dock­er will pull the im­age au­to­mat­i­cal­ly when it is not avail­able lo­cal­ly.

Apache2 Proxy Vir­tu­al Host

Test Whether the ce­ses­sary Apache2 mod­ules are en­abled.

sudo apache2ctl -M | grep -E 'auth[nz]_core|unixd|proxy|headers|setenvif'

 unixd_module (static)          # Required
 authn_core_module (shared)     # Required
 authz_core_module (shared)     # Required
 headers_module (shared)        # Required
 proxy_module (shared)          # Required
 proxy_fcgi_module (shared)
 proxy_http_module (shared)     # Required
 proxy_http2_module (shared)
 proxy_wstunnel_module (shared) # Required
 setenvif_module (shared)       # Required

Set­up a new vir­tu­al host as fol­low and restart Apache2. Note in this sce­nar­i­ou you need a valid SSL/TLS certivi­cate.

sudo nano /etc/apache2/sites-enabled/docs.example.com.conf

<VirtualHost *:80>
    ServerName docs.example.com
    ServerAdmin admin@example.com
    Redirect permanent "/" "https://docs.example.com/"
</VirtualHost>

<IfModule mod_ssl.c>
<VirtualHost _default_:443>
    ServerName docs.example.com
    ServerAdmin admin@example.com

    ErrorLog ${APACHE_LOG_DIR}/docs.example.com.error.log
    CustomLog ${APACHE_LOG_DIR}/docs.example.com.access.log combined

    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem

    <IfModule pagespeed_module>
        ModPagespeed off
    </IfModule>
    
    <IfModule security2_module>
      # SecRuleEngine Off
    </IfModule>
    
    # ProxyPreserveHost On
    # ProxyRequests Off

    SetEnvIf Host "^(.*)$" THE_HOST=$1
    Header edit Set-Cookie ^(.*)$ "$1; HttpOnly; Secure"
    RequestHeader setifempty X-Forwarded-Proto https
    RequestHeader setifempty X-Forwarded-Host %{THE_HOST}e
    ProxyAddHeaders Off

    ProxyPassMatch (.*)(\/websocket)$ "ws://localhost:81/$1$2"
    ProxyPass / "http://localhost:81/"
    ProxyPassReverse / "http://localhost:81/"

</VirtualHost>
</IfModule>

Ref­er­ences

Retrieved from "https://wiki.metalevel.tech/index.php?title=NextCloud_and_OnlyOffice_via_Docker&oldid=31819"