How to Easily Integrate OnlyOffice and NextCloud Using Docker

Previously I’ve written about integrating OnlyOffice and NextCloud the traditional way, which is a long process. Now you can easily integrate OnlyOffice and NextCloud using Docker.

There’s a new Github repository created by OnlyOffice developer team to help with integration of OnlyOffice document server and NextCloud, which allows users to create and edit Office documents directly from NextCloud. As a matter of fact, it also supports integration of OnlyOffice and OwnCloud. Since most of us are NextCloud users, I will focus on NextCloud only.

Using this method, both OnlyOffice document server and NextCloud will be installed as Docker container application and Nginx will be used as web server. I will show you how to integrate these two and how to enable HTTPS with Let’s Encrypt.

Prerequisites

To follow this tutorial, you need

  • A server on which port 80 and 443 are available, and at least 1GB of RAM, preferrably 2GB of RAM. I recommend Linode where you can get a high-performance 2GB RAM Linux VPS for only $10 per month.
  • A domain name. I bought my domain name from NameCheap. Not only is their price lower than Godaddy, but also they give whois privacy protection for free.

Install Docker on Your Server

First we need to install Docker and Docker Compose, the latest version of which can be installed from Docker’s official repository. The following steps are for Ubuntu 16.04. Users of other Linux distributions can check out the official installation instructions.

Create a source list file for Docker repository.

sudo nano /etc/apt/sources.list.d/docker.list

Copy the following line and paste it into the file.

deb [arch=amd64] https://download.docker.com/linux/ubuntu xenial stable

Save and  close the file. Then import Docker’s PGP key by running the command below.

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

Since this repository uses HTTPS connection, we also need to install apt-transport-https and  ca-certificates package.

sudo apt install apt-transport-https ca-certificates

Next, update package index and install the latest version of Docker CE (Community Edition).

sudo apt update

sudo apt install docker-ce

To install the latest version of Docker Compose, run the following commands.

sudo curl -L https://github.com/docker/compose/releases/download/1.17.1/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose

sudo chmod +x /usr/local/bin/docker-compose

Check Docker version.

docker -v

Sample output:

Docker version 17.09.0-ce, build afdb6d4

Check Docker Compose version.

docker-compose --version

Sample output:

docker-compose version 1.17.1, build 6d101fb

Once installed, the Docker daemon should be automatically started. You can check it with:

systemctl status docker

Output:

 docker.service - Docker Application Container Engine
   Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2017-11-11 12:40:23 UTC; 3min 32s ago
     Docs: https://docs.docker.com
 Main PID: 4090 (dockerd)
   CGroup: /system.slice/docker.service
           ├─4090 /usr/bin/dockerd -H fd://
           └─4159 docker-containerd -l unix:///var/run/docker/libcontainerd/docker-containerd.sock --metrics-inter

If it’s not running, then start the daemon with this command:

sudo systemctl start docker

And enable auto-start with system boot:

sudo systemctl enable docker

Clone the Github Repo

We will use git to clone the Github repository.

git clone --recursive https://github.com/ONLYOFFICE/docker-onlyoffice-owncloud

cd docker-onlyoffice-owncloud

git submodule update --remote

Edit the docker-compose.yml file.

nano docker-compose.yml

Find the 5th line.

image: owncloud:fpm

Since we want to install NextCloud, change this line to :

image: nextcloud:fpm

If you want to enable HTTPS with Let’s Encrypt, add the following line in nginx service. This line tells Docker to mount directory /etc/letsencrypt on the host into Nginx container.

- /etc/letsencrypt:/etc/letsencrypt

nextcloud onlyoffice docker

Save and close the file. Then edit nginx.conf file in docker-onlyoffice-owncloud directory.  This file will be mounted as /etc/nginx/nginx.conf in the Nginx container.

nano nginx.conf

Add a server_name directive in the server block. Don’t forget to set A record for your domain name.

server {
     listen 80;
     server_name cloud.example.com;
....

Also, add the following lines in the server block because later on we will use Certbot webroot plug-in to obtain SSL certificate.

 location ~ /.well-known/acme-challenge {
       root /var/www/html/;
       allow all;
 }

Save and close the file. Now start containers defined in docker-compose.yml file.

sudo docker-compose up -d

The above command will create the onlyoffice network and start three containers: NextCloud, OnlyOffice document server and Nginx, as can be seen by issuing the following commands:

sudo docker network ls
sudo docker ps

Now point your web browser to cloud.example.com and you will be greeted by NextCloud install wizard. Before we enter anything in the wizard, let’s enable HTTPS with Let’s Encrypt.

onlyoffice nextcloud same server

Enabling HTTPS With Let’s Encrypt

Now install Let’s Encrypt client (certbot) on your server. The following instructions is for Ubuntu.

sudo apt install software-properties-common

sudo add-apt-repository ppa:certbot/certbot

sudo apt update

sudo apt install certbot

Since Nginx is running in a Docker container, we won’t be able to use the Nginx plugin to obtain and install SSL/TLS certificate. Instead, we can use the webroot plugin to obtain a certificate and then manually configure SSL/TLS. Run the following command to obtain a certificate.

sudo certbot certonly --webroot --agree-tos --email your-email-address -d cloud.example.com -w /var/lib/docker/volumes/dockeronlyofficeowncloud_app_data/_data

Explanation:

  • certonly: Obtain a certificate. Don’t install it.
  • –webroot: Use webroot plugin
  • –agree-tos: accept Let’s Encrypt terms of service
  • –email: Your email address used for account registration and recovery.
  • -d: your domain name.

The -w flag is followed by the path to web root directory, which is /var/www/html/ in Nginx container. Its mount point on the host is /var/lib/docker/volumes/dockeronlyofficeowncloud_app_data/_data. Certbot can’t access the web root in Nginx container and must use its mount point. As you can see, I have successfully obtained an SSL certificate.

onlyoffice nextcloud ssl

After obtaining the certificate, edit nginx.conf file in docker-onlyoffice-owncloud directory to configure SSL.

nano nginx.conf

Add the following lines in server block. Remember to replace red text with your actual domain name.

   listen 443 ssl http2;

   if ($scheme != "https") {
       return 301 https://$host$request_uri;
   }

   ssl_certificate /etc/letsencrypt/live/cloud.example.com/fullchain.pem; 
   ssl_certificate_key /etc/letsencrypt/live/cloud.example.com/privkey.pem; 
   ssl_session_cache shared:le_nginx_SSL:1m;
   ssl_session_timeout 1440m;

   ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
   ssl_prefer_server_ciphers on;

   ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS";

Save and close the file. Then restart Nginx container.

sudo docker restart nginx-server

Refresh NextCloud install wizard and you shall see a green padlock in browers’s address bar.

nextcloud onlyoffice docker integration

If there’s an error, you can check out nginx-server container’s log to find out the error.

sudo docker logs nginx-server

Using MariaDB Database with NextCloud

If you want to use MariaDB with NextCloud, then you will need to run a MariaDB Docker container. The following command will run the official MariaDB docker container and add it to the onlyoffice network. Replace your-pass with your preferred MariaDB root password.

sudo docker run --restart=always --net dockeronlyofficeowncloud_onlyoffice --name mariadb-server -e MYSQL_ROOT_PASSWORD=your-pass -d mariadb --log-bin --binlog-format=MIXED

Check status.

sudo docker ps

Once MariaDB container is running, we can access it by issuing the following command.

sudo docker exec -it mariadb-server bash

Then log into MariaDB server as root.

mysql -u root -p

Then create a database for Nextcloud. This tutorial name the database nextcloud. You can use whatever name you like.

create database nextcloud;

Create the database user. Again, you can use your preferred name for this user. Replace your-password with your preferred password. Notice that we want to create an user which would be able to login from NextCloud container, which has the IP address 172.18.0.3.

create user nextclouduser@172.18.0.3 identified by 'your-password';

Note: Your NextCloud container may have a different IP address. Run the following command on the host to find it.

sudo docker inspect app-server | grep IPAddress

Grant this user all privileges on the nextcloud database.

grant all privileges on nextcloud.* to nextclouduser@172.18.0.3 identified by 'your-password';

Flush privileges and exit.

flush privileges;

exit;

Exit out of MariaDB container.

exit

Now in the NextCloud install wizard, you can create an admin account and enter the details of MariaDB database server. Note that you need to replace localhost with mariadb-server, which is the name of MariaDB container. localhost here points to NextCloud container. Because NextCloud container and MariaDB container are both in the onlyoffice network, NextCloud can resolve mariadb-server using an embedded DNS server.

nextcloud onlyoffice mariadb docker

And now NextCloud is successfully installed.

nextcloud integration onlyoffice

Using a Script to Integrate OnlyOffice and NextCloud

In the docker-onlyoffice-owncloud directory, there’s a script named set_configuration.sh. Run this script to integrate OnlyOffice and NextCloud.

sudo bash set_configuration.sh

Now you can create and edit Office documents from NextCloud.

onlyoffice document server letsencrypt

nextcloud onlyoffice same machine

Fixing Error

I found that if I enforce HTTPS with 301 redirect, then the office documents won’t load.

onlyoffice download failed

It seems that if HTTPS is enforced, then NextCloud will talk to OnlyOffice document server only in HTTPS, which can’t be done because we didn’t install TLS certificate on the document server.

The solution is to comment out the following lines in nginx.conf file.

if ($scheme != "https") {
         return 301 https://$host$request_uri;
}

Then restart Nginx container.

sudo docker restart nginx-server

In this way, users will need to manually add the https:// prefix in the browser address bar in order to encrypt the data communication..

That’s it! I hope this tutorial helped you integrate OnlyOffice and NextCloud using Docker. As always, if you found this post useful, then subscribe to our free newsletter.

Rate this tutorial
[Total: 18 Average: 4.1]

17 Responses to “How to Easily Integrate OnlyOffice and NextCloud Using Docker

  • roland andersson
    4 months ago

    Worked very well. But in the end I lost https. I got a message that cetrificate was OK, and the webbpage showed https:. But after having run the Script to Integrate OnlyOffice and NextCloud I get only http and not safe.
    How can I solve that?

  • Hello. I followed the tutorial, and I was able to get to the Nextcloud login page through plain http. But when I run certbot to get the SSL certificate, I get the following error:

    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Plugins selected: Authenticator webroot, Installer None
    Obtaining a new certificate
    Performing the following challenges:
    http-01 challenge for cloud.my-real-domain.com
    Using the webroot path /var/lib/docker/volumes/docker-onlyoffice-owncloud_app_data/_data for all unmatched domains.
    Waiting for verification...
    Cleaning up challenges
    Failed authorization procedure. cloud.my-real-domain.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://cloud.my-real-domain.com/.well-known/acme-challenge/2435h243jk5h4j3kl5hkjlh342klj5hklj [22.22.22.22]: 403
    
    IMPORTANT NOTES:
     - The following errors were reported by the server:
    
       Domain: cloud.my-real-domain.com
       Type:   unauthorized
       Detail: Invalid response from
       http://cloud.my-real-domain.com/.well-known/acme-challenge/2435h243jk5h4j3kl5hkjlh342klj5hklj
       [22.22.22.22]: 403
    
       To fix these errors, please make sure that your domain name was
       entered correctly and the DNS A/AAAA record(s) for that domain
       contain(s) the right IP address.

    Any suggestion?

    • Okay, for anyone having the same problem, you can fix it by placing this location in the server block of nginx.conf, instead of the one detailed in the tutorial:

              location ^~ /.well-known/acme-challenge/ {
              default_type "text/plain";
              root         /var/www/html/;
              }
      

      Notice the caret before the tilde, that will prevent nginx from processing other regexp.

    • Thank you so much! @Juan

  • Eduardo Rudas
    4 months ago

    Excellent tutorial, thanks a lot!!!
    It worked flawlessly, except when i tried to finish the install wizard. It was failing to login in the database. I check the ip of the containers and it doesn’t match the ip assigned to mariadb user, so I choose to use (the lazy approach) 172.%.%.% and then the install wizard worked:

    create user [email protected]'172.%.%.%' identified by 'your-password';
    
    grant all privileges on nextcloud.* to [email protected]'172.%.%.%' identified by 'your-password';

    I ran set_configuration.sh, but now Onlyoffice is complaining about it can’t save the document, I will see what’s happening…

  • Hello, the tutorial is good and works too. There is only the problem, if I reach my server over http, everything works fine. Also OnlyOffice works. If I switch to https, Nextcloud will continue to work, but OnlyOffice will stop working. The error: “Document can not be saved and loaded” appears and I have to cancel. When I remove the block for ssl in nginx.conf, everything works again. How do I get OnlyOffice running via https?

  • Does anybody know why the menu isn’t “complete”? I’m not able to see and therefore change the different menu-tabs as mentioned on the official onlyoffice site:

    We are adding more and more editing tools, so navigating around them threatened to become confusing for our users one day soon. But we have found a way out – the new interface layout. It groups editing instruments into functional tabs to make your work more intuitive.

    In your screenshot there are no tabs either…

  • Barry Rowlingson
    2 months ago

    I’m getting “App “Onlyoffice” cannot be installed because it is not compatible with this version of the server.” when trying to enable Onlyoffice (using either the script or the GUI). I guess the nextcloud:fpm image isn’t compatible with the current onlyoffice/documentserver:latest image…

  • Syed Muhammad Hassan
    3 weeks ago

    Dear All I getting an error when I run “sudo bash set_configuration.sh”.

      [Exception]
      App "ONLYOFFICE" cannot be installed because it is not compatible with this
       version of the server.

    I can note edit or open files in nextcloud. Please help.

    My os is:
    NAME="Ubuntu"
    VERSION="16.04.3 LTS (Xenial Xerus)"
    ID=ubuntu
    ID_LIKE=debian
    PRETTY_NAME="Ubuntu 16.04.3 LTS"
    VERSION_ID="16.04"
    HOME_URL="http://www.ubuntu.com/"
    SUPPORT_URL="http://help.ubuntu.com/"
    BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/"
    VERSION_CODENAME=xenial
    UBUNTU_CODENAME=xenial
    • Hi, please go to the NextCloud Apps page to update ONLYOFFICE to the latest version, enable it, then run this script again.

  • Syed Muhammad Hassan
    3 weeks ago

    Dear Xiao,
    Thank you so much for your reply. I did this but now I got new error.

    “The document could not be saved. Please check connection settings or contact your administrator.
    When you click the ‘OK’ button, you will be prompted to download the document.

    Find more information about connecting Document Server here.”

    I know it is weird to asking for help again and again but I will be much obliged for your help

  • Syed Muhammad Hassan
    2 weeks ago

    Dear All,

    First of all I would like to thank Mr. Xiao Guo. He is the life saver and real hero. I wish I could meet him once in my life. He solved my problem by messenger, email reply and whatever medium I adopted to reach him. I am in debt for the whole of my life. When I texted he was going to sleep but still he replied to me. I am so grateful to him. Literally I have no words to thank him. He is the buddy I ever found. He is so helpful and supportive. I just say Love you Xiao Guo. Best wishes from my side. Keep up the good work.
    My VPS was down by service provider. Now I installed this as the same way as mentioned in that tutorial. This works like a charm. It is the best ever tutorial I ever found. This is the method on internet. Hats off to you. Bundle of thanks.

  • Hello,
    Thanks for this guide. Very helpful.
    Do you know how can I run two separate nextcloud installations with different domains on the same server ?
    I’ve tried a lot of things but not able to do that.
    Many thanks for your help.
    Bruno

  • Ricardo
    2 days ago

    As I can fix the ip of the containers, in the first installation all right, when I turned on the virtual machine, the ip of the container had changed

Leave a Comment

  • Comments with links are moderated by admin before published.
  • Your email address will not be published.
  • Use <pre> ... </pre> HTML tag to quote the output from your terminal/console.
  • * Some of my previous answers are lost after I uninstalled Disqus comment system from my website. I try to recover those answers whenever I can.