NextCloud and OnlyOffice via Docker: Difference between revisions
Line 38: | Line 38: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
=== Pull the Docker images and run | === Pull the Docker images and run an OnlyOffice container for a first time === | ||
<syntaxhighlight lang="shell" line="1"> | <syntaxhighlight lang="shell" line="1"> | ||
sudo docker run -i -t -d -p 8081:80 --restart=always \ | sudo docker run -i -t -d -p 8081:80 --restart=always \ | ||
Line 94: | Line 94: | ||
{{collapse/end}} | {{collapse/end}} | ||
Finally | |||
<syntaxhighlight lang="shell" line="1" class=""> | '''Starting from version 7.2, JWT is enabled by default.''' A random secret is generated automatically if a custom secret has not been added during installation. To obtain the default secret, run this command:<syntaxhighlight lang="shell" line="1" class=""> | ||
docker exec onlyoffice-docs /var/www/onlyoffice/documentserver/npm/json \ | |||
-f /etc/onlyoffice/documentserver/local.json 'services.CoAuthoring.secret.session.string' | |||
</syntaxhighlight><syntaxhighlight lang="shell-session"> | |||
xd4f2PO5hdHJHjpV1NdD | |||
</syntaxhighlight>You can replace the default secret with a custom key using Docker env. More information about JWT in the [https://api.onlyoffice.com/editors/signature/ documentation]. | |||
'''Finally.''' Stop and prune the container, because in the next section we will create a Docker-compose configuration file.<syntaxhighlight lang="shell" line="1" class=""> | |||
docker stop onlyoffice-docs | docker stop onlyoffice-docs | ||
docker container prune | docker container prune | ||
</syntaxhighlight> | </syntaxhighlight> | ||
=== Docker-compose === | === Manage an OnlyOffice container by Docker-compose === | ||
Create the <code>docker-compose.yaml</code> file. Tweak the value of the host port <code>8081</code>, and the time zone <code>TZ</code> if it is needed.<syntaxhighlight lang="shell" line="1"> | Create the <code>docker-compose.yaml</code> file. Tweak the value of the host port <code>8081</code>, and the time zone <code>TZ</code> if it is needed.<syntaxhighlight lang="shell" line="1"> | ||
nano docker-compose.yaml | nano docker-compose.yaml | ||
Line 107: | Line 114: | ||
# https://github.com/ONLYOFFICE/onlyoffice-owncloud/issues/108 | # https://github.com/ONLYOFFICE/onlyoffice-owncloud/issues/108 | ||
version: "3" | version: "3.9" | ||
services: | services: | ||
onlyoffice-docs: | onlyoffice-docs: | ||
Line 120: | Line 127: | ||
# Volumes store your data between container upgrades | # Volumes store your data between container upgrades | ||
volumes: | volumes: | ||
- | - "DocumentServer/logs:/var/log/onlyoffice" \ | ||
- | - "DocumentServer/data:/var/www/onlyoffice/Data" \ | ||
- "DocumentServer/lib:/var/lib/onlyoffice" \ | |||
- "DocumentServer/db:/var/lib/postgresql" \ | |||
- "DocumentServer/etc/onlyoffice:/etc/onlyoffice" \ | |||
- "DocumentServer/etc/supervisor:/etc/supervisor" \ | |||
- " | |||
- | |||
- | |||
- | |||
restart: unless-stopped | restart: unless-stopped | ||
volumes: | |||
DocumentServer: | |||
</syntaxhighlight>Download the Docker images and run the container in detached (persistent) mode.<syntaxhighlight lang="shell" line="1"> | </syntaxhighlight>Download the Docker images and run the container in detached (persistent) mode.<syntaxhighlight lang="shell" line="1"> | ||
docker-compose up -d | docker-compose up -d |
Revision as of 15:40, 25 September 2022
Here is a short step-by-step manual: How to setup OnlyOffice Docker container and proxy it by Apache2 for NextCloud usage.
Install Docker
According to the Docker and Docker-compose installation, read the guide Docker Basic Setup. The rest part of this section is deprecated, but is leaved here as historical note :)
sudo apt update
sudo apt install apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - && \
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
sudo apt install docker-ce
docker --version
sudo systemctl start docker
sudo systemctl enable docker
$USER
without using sudo
.sudo groupadd docker
sudo usermod -aG docker $USER
su - $USER
id -nG
sudo crontab -l | grep -i 'docker'
0 2 * * 7 /usr/bin/docker container prune
sudo sed 's/^#DOCKER_OPTS/DOCKER_OPTS/' /etc/default/docker -i
sudo systemctl restart docker
Setup the OnlyOffice Docker Container
Create a directory where the configuration file docker-compose.yaml
and the persistent volumes will live.
mkdir /home/docker/onlyoffice
cd /home/docker/onlyoffice
Pull the Docker images and run an OnlyOffice container for a first time
sudo docker run -i -t -d -p 8081:80 --restart=always \
-v $PWD/DocumentServer/logs:/var/log/onlyoffice \
-v $PWD/DocumentServer/data:/var/www/onlyoffice/Data \
-v $PWD/DocumentServer/lib:/var/lib/onlyoffice \
-v $PWD/DocumentServer/db:/var/lib/postgresql \
--hostname docs --name onlyoffice-docs \
onlyoffice/documentserver:latest
Test whether it works. At this point the OnlyOffice document server must be accessible the browser, probably you maybe need to wait about 10 seconds before it become accessible. Note the host port 8081
must be open (for you) within the host's firewall.
http://<host-ip>:8081/welcome/
Enable the integrated test examples.
docker exec onlyoffice-docs supervisorctl start ds:example
docker exec onlyoffice-docs sed 's,autostart=false,autostart=true,' -i /etc/supervisor/conf.d/ds-example.conf
Now you can access the examples at the following address.
http://<host-ip>:8081/example/
Export the configuration files. For some reason the configuration files cannot be exported via the volume option as this is done above for some other directories. So, if we need that, we need first to copy them manually.
sudo mkdir DocumentServer/etc
sudo docker cp onlyoffice-docs:/etc/onlyoffice DocumentServer/etc
sudo docker cp onlyoffice-docs:/etc/supervisor DocumentServer/etc
Now we can stop and prune the container.
docker stop onlyoffice-docs
docker container prune
sudo docker run -i -t -d -p 8081:80 --restart=always \
-v "$PWD/DocumentServer/logs:/var/log/onlyoffice" \
-v "$PWD/DocumentServer/data:/var/www/onlyoffice/Data" \
-v "$PWD/DocumentServer/lib:/var/lib/onlyoffice" \
-v "$PWD/DocumentServer/db:/var/lib/postgresql" \
-v "$PWD/DocumentServer/etc/onlyoffice:/etc/onlyoffice" \
-v "$PWD/DocumentServer/etc/supervisor:/etc/supervisor" \
--hostname docs --name onlyoffice-docs \
onlyoffice/documentserver:latest
Starting from version 7.2, JWT is enabled by default. A random secret is generated automatically if a custom secret has not been added during installation. To obtain the default secret, run this command:
docker exec onlyoffice-docs /var/www/onlyoffice/documentserver/npm/json \
-f /etc/onlyoffice/documentserver/local.json 'services.CoAuthoring.secret.session.string'
xd4f2PO5hdHJHjpV1NdD
You can replace the default secret with a custom key using Docker env. More information about JWT in the documentation. Finally. Stop and prune the container, because in the next section we will create a Docker-compose configuration file.
docker stop onlyoffice-docs
docker container prune
Manage an OnlyOffice container by Docker-compose
Create the docker-compose.yaml
file. Tweak the value of the host port 8081
, and the time zone TZ
if it is needed.
nano docker-compose.yaml
# https://hub.docker.com/r/onlyoffice/documentserver/
# https://github.com/ONLYOFFICE/onlyoffice-owncloud/issues/108
version: "3.9"
services:
onlyoffice-docs:
container_name: onlyoffice-docs
image: onlyoffice/documentserver:latest
hostname: docs
#network_mode: host
ports:
- "8081:80/tcp"
environment:
TZ: 'Europe/Sofia'
# Volumes store your data between container upgrades
volumes:
- "DocumentServer/logs:/var/log/onlyoffice" \
- "DocumentServer/data:/var/www/onlyoffice/Data" \
- "DocumentServer/lib:/var/lib/onlyoffice" \
- "DocumentServer/db:/var/lib/postgresql" \
- "DocumentServer/etc/onlyoffice:/etc/onlyoffice" \
- "DocumentServer/etc/supervisor:/etc/supervisor" \
restart: unless-stopped
volumes:
DocumentServer:
Download the Docker images and run the container in detached (persistent) mode.
docker-compose up -d
Open the OnlyOffice document server via the browser. Note the host port 8081
must be open (for you) within the host's firewall.
http://<host-ip>:8081/welcome/
The rest part of this section is deprecated, but is leaved here as historical note :)
wget -q https://registry.hub.docker.com/v1/repositories/onlyoffice/documentserver/tags -O - | jq -r '.[].name'
81
of 127.0.0.1 localhost
.# docker pull onlyoffice/documentserver
docker run -i -t -d -p 81:80 --restart=always onlyoffice/documentserver:latest
- Note the option
–restart=always
means the container will run automatically when Docker is started/restarted. - Docker will pull the image automatically when it is not available locally.
Apache2 Proxy Virtual Host
Test Whether the cesessary Apache2 modules are enabled.
sudo apache2ctl -M | grep -E 'auth[nz]_core|unixd|proxy|headers|setenvif'
unixd_module (static) # Required
authn_core_module (shared) # Required
authz_core_module (shared) # Required
headers_module (shared) # Required
proxy_module (shared) # Required
proxy_fcgi_module (shared)
proxy_http_module (shared) # Required
proxy_http2_module (shared)
proxy_wstunnel_module (shared) # Required
setenvif_module (shared) # Required
Setup a new virtual host as follow and restart Apache2. Note in this scenariou you need a valid SSL/TLS certivicate.
sudo nano /etc/apache2/sites-enabled/docs.example.com.conf
<VirtualHost *:80>
ServerName docs.example.com
ServerAdmin admin@example.com
Redirect permanent "/" "https://docs.example.com/"
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerName docs.example.com
ServerAdmin admin@example.com
ErrorLog ${APACHE_LOG_DIR}/docs.example.com.error.log
CustomLog ${APACHE_LOG_DIR}/docs.example.com.access.log combined
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem
<IfModule pagespeed_module>
ModPagespeed off
</IfModule>
<IfModule security2_module>
# SecRuleEngine Off
</IfModule>
# ProxyPreserveHost On
# ProxyRequests Off
SetEnvIf Host "^(.*)$" THE_HOST=$1
Header edit Set-Cookie ^(.*)$ "$1; HttpOnly; Secure"
RequestHeader setifempty X-Forwarded-Proto https
RequestHeader setifempty X-Forwarded-Host %{THE_HOST}e
ProxyAddHeaders Off
ProxyPassMatch (.*)(\/websocket)$ "ws://localhost:81/$1$2"
ProxyPass / "http://localhost:81/"
ProxyPassReverse / "http://localhost:81/"
</VirtualHost>
</IfModule>
References
- OnlyOffice Help Center: Installing ONLYOFFICE Docs Community Edition for Docker on a local server
- Docker Hub: onlyoffice/documentserver
- GitHub: ONLYOFFICE/onlyoffice-nextcloud
- GitHub: ONLYOFFICE/onlyoffice-nextcloud/releases
- OnlyOffice Api Docs: Nextcloud ONLYOFFICE integration app
- GitHub: ONLYOFFICE/onlyoffice-nextcloud/issues/[Can't connect do document server after update to NC19 #297]
- PhoenixNAP: How To Install and Use Docker on Ubuntu 20.04