How to Easily Integrate OnlyOffice and NextCloud Using Docker
Previously I’ve written about integrating OnlyOffice and NextCloud the traditional way, which is a long process. Now you can easily integrate OnlyOffice and NextCloud using Docker.
There’s a new Github repository created by OnlyOffice developer team to help with integration of OnlyOffice document server and NextCloud, which allows users to create and edit Office documents directly from NextCloud. As a matter of fact, it also supports integration of OnlyOffice and OwnCloud. Since most of us are NextCloud users, I will focus on NextCloud only.
Using this method, both OnlyOffice document server and NextCloud will be installed as Docker container application and Nginx will be used as web server. I will show you how to integrate these two and how to enable HTTPS with Let’s Encrypt.
Prerequisites
To follow this tutorial, you need
- A server on which port 80 and 443 are available, and at least 1GB of RAM, preferrably 2GB of RAM. I recommend Vultr where you can get a high-performance 2GB RAM Linux VPS for only $10 per month.
- A domain name. I bought my domain name from NameCheap. Not only is their price lower than Godaddy, but also they give whois privacy protection for free.
Install Docker on Your Server
First we need to install Docker and Docker Compose, the latest version of which can be installed from Docker’s official repository. The following steps are for Ubuntu 16.04. Users of other Linux distributions can check out the official installation instructions.
Create a source list file for Docker repository.
sudo nano /etc/apt/sources.list.d/docker.list
Copy the following line and paste it into the file.
deb [arch=amd64] https://download.docker.com/linux/ubuntu xenial stable
Save and close the file. Then import Docker’s PGP key by running the command below.
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
Since this repository uses HTTPS connection, we also need to install apt-transport-https and ca-certificates package.
sudo apt install apt-transport-https ca-certificates
Next, update package index and install the latest version of Docker CE (Community Edition).
sudo apt update sudo apt install docker-ce
To install the latest version of Docker Compose, run the following commands.
sudo curl -L https://github.com/docker/compose/releases/download/1.17.1/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose sudo chmod +x /usr/local/bin/docker-compose
Check Docker version.
docker -v
Sample output:
Docker version 17.09.0-ce, build afdb6d4
Check Docker Compose version.
docker-compose --version
Sample output:
docker-compose version 1.17.1, build 6d101fb
Once installed, the Docker daemon should be automatically started. You can check it with:
systemctl status docker
Output:
● docker.service - Docker Application Container Engine Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled) Active: active (running) since Sat 2017-11-11 12:40:23 UTC; 3min 32s ago Docs: https://docs.docker.com Main PID: 4090 (dockerd) CGroup: /system.slice/docker.service ├─4090 /usr/bin/dockerd -H fd:// └─4159 docker-containerd -l unix:///var/run/docker/libcontainerd/docker-containerd.sock --metrics-inter
If it’s not running, then start the daemon with this command:
sudo systemctl start docker
And enable auto-start with system boot:
sudo systemctl enable docker
Clone the Github Repo
We will use git to clone the Github repository.
git clone --recursive https://github.com/ONLYOFFICE/docker-onlyoffice-owncloud cd docker-onlyoffice-owncloud git submodule update --remote
Edit the docker-compose.yml file.
nano docker-compose.yml
Find the 5th line.
image: owncloud:fpm
Since we want to install NextCloud, change this line to :
image: nextcloud:fpm
If you want to enable HTTPS with Let’s Encrypt, add the following line in nginx service. This line tells Docker to mount directory /etc/letsencrypt on the host into Nginx container.
- /etc/letsencrypt:/etc/letsencrypt
Save and close the file. Then edit nginx.conf file in docker-onlyoffice-owncloud directory. This file will be mounted as /etc/nginx/nginx.conf in the Nginx container.
nano nginx.conf
Add a server_name directive in the server block. Don’t forget to set A record for your domain name.
server {
listen 80;
server_name cloud.example.com;
....
Also, add the following lines in the server block because later on we will use Certbot webroot plug-in to obtain SSL certificate.
location ~ /.well-known/acme-challenge {
root /var/www/html/;
allow all;
}
Save and close the file. Now start containers defined in docker-compose.yml file.
sudo docker-compose up -d
The above command will create the onlyoffice network and start three containers: NextCloud, OnlyOffice document server and Nginx, as can be seen by issuing the following commands:
sudo docker network ls sudo docker ps
Now point your web browser to cloud.example.com and you will be greeted by NextCloud install wizard. Before we enter anything in the wizard, let’s enable HTTPS with Let’s Encrypt.
Enabling HTTPS With Let’s Encrypt
Now install Let’s Encrypt client (certbot) on your server. The following instructions is for Ubuntu.
sudo apt install software-properties-common sudo add-apt-repository ppa:certbot/certbot sudo apt update sudo apt install certbot
Since Nginx is running in a Docker container, we won’t be able to use the Nginx plugin to obtain and install SSL/TLS certificate. Instead, we can use the webroot plugin to obtain a certificate and then manually configure SSL/TLS. Run the following command to obtain a certificate.
sudo certbot certonly --webroot --agree-tos --email your-email-address -d cloud.example.com -w /var/lib/docker/volumes/dockeronlyofficeowncloud_app_data/_data
Explanation:
- certonly: Obtain a certificate. Don’t install it.
- –webroot: Use webroot plugin
- –agree-tos: accept Let’s Encrypt terms of service
- –email: Your email address used for account registration and recovery.
- -d: your domain name.
The -w flag is followed by the path to web root directory, which is /var/www/html/ in Nginx container. Its mount point on the host is /var/lib/docker/volumes/dockeronlyofficeowncloud_app_data/_data. Certbot can’t access the web root in Nginx container and must use its mount point. As you can see, I have successfully obtained an SSL certificate.
After obtaining the certificate, edit nginx.conf file in docker-onlyoffice-owncloud directory to configure SSL.
nano nginx.conf
Add the following lines in server block. Remember to replace red text with your actual domain name.
listen 443 ssl http2;
if ($scheme != "https") {
return 301 https://$host$request_uri;
}
ssl_certificate /etc/letsencrypt/live/cloud.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/cloud.example.com/privkey.pem;
ssl_session_cache shared:le_nginx_SSL:1m;
ssl_session_timeout 1440m;
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
Save and close the file. Then restart Nginx container.
sudo docker restart nginx-server
Refresh NextCloud install wizard and you shall see a green padlock in browers’s address bar.
If there’s an error, you can check out nginx-server container’s log to find out the error.
sudo docker logs nginx-server
Using MariaDB Database with NextCloud
If you want to use MariaDB with NextCloud, then you will need to run a MariaDB Docker container. The following command will run the official MariaDB docker container and add it to the onlyoffice network. Replace your-pass with your preferred MariaDB root password.
sudo docker run --restart=always --net dockeronlyofficeowncloud_onlyoffice --name mariadb-server -e MYSQL_ROOT_PASSWORD=your-pass -d mariadb --log-bin --binlog-format=MIXED
Check status.
sudo docker ps
Once MariaDB container is running, we can access it by issuing the following command.
sudo docker exec -it mariadb-server bash
Then log into MariaDB server as root.
mysql -u root -p
Then create a database for Nextcloud. This tutorial name the database nextcloud. You can use whatever name you like.
create database nextcloud;
Create the database user. Again, you can use your preferred name for this user. Replace your-password with your preferred password. Notice that we want to create an user which would be able to login from NextCloud container, which has the IP address 172.18.0.3.
create user nextclouduser@172.18.0.3 identified by 'your-password';
Note: Your NextCloud container may have a different IP address. Run the following command on the host to find it.
sudo docker inspect app-server | grep IPAddress
Grant this user all privileges on the nextcloud database.
grant all privileges on nextcloud.* to nextclouduser@172.18.0.3 identified by 'your-password';
Flush privileges and exit.
flush privileges; exit;
Exit out of MariaDB container.
exit
Now in the NextCloud install wizard, you can create an admin account and enter the details of MariaDB database server. Note that you need to replace localhost with mariadb-server, which is the name of MariaDB container. localhost here points to NextCloud container. Because NextCloud container and MariaDB container are both in the onlyoffice network, NextCloud can resolve mariadb-server using an embedded DNS server.
And now NextCloud is successfully installed.
Using a Script to Integrate OnlyOffice and NextCloud
In the docker-onlyoffice-owncloud directory, there’s a script named set_configuration.sh. Run this script to integrate OnlyOffice and NextCloud.
sudo bash set_configuration.sh
Now you can create and edit Office documents from NextCloud.
Fixing Error
I found that if I enforce HTTPS with 301 redirect, then the office documents won’t load.
It seems that if HTTPS is enforced, then NextCloud will talk to OnlyOffice document server only in HTTPS, which can’t be done because we didn’t install TLS certificate on the document server.
The solution is to comment out the following lines in nginx.conf file.
if ($scheme != "https") {
return 301 https://$host$request_uri;
}
Then restart Nginx container.
sudo docker restart nginx-server
In this way, users will need to manually add the https:// prefix in the browser address bar in order to encrypt the data communication..
That’s it! I hope this tutorial helped you integrate OnlyOffice and NextCloud using Docker. As always, if you found this post useful, then subscribe to our free newsletter.
Worked very well. But in the end I lost https. I got a message that cetrificate was OK, and the webbpage showed https:. But after having run the Script to Integrate OnlyOffice and NextCloud I get only http and not safe.
How can I solve that?
Hello. I followed the tutorial, and I was able to get to the Nextcloud login page through plain http. But when I run certbot to get the SSL certificate, I get the following error:
Any suggestion?
Okay, for anyone having the same problem, you can fix it by placing this location in the server block of nginx.conf, instead of the one detailed in the tutorial:
location ^~ /.well-known/acme-challenge/ { default_type "text/plain"; root /var/www/html/; }Notice the caret before the tilde, that will prevent nginx from processing other regexp.
Thank you so much! @Juan
Excellent tutorial, thanks a lot!!!
It worked flawlessly, except when i tried to finish the install wizard. It was failing to login in the database. I check the ip of the containers and it doesn’t match the ip assigned to mariadb user, so I choose to use (the lazy approach) 172.%.%.% and then the install wizard worked:
I ran set_configuration.sh, but now Onlyoffice is complaining about it can’t save the document, I will see what’s happening…
same here 🙁
ya no funciono vrD?
Hello, the tutorial is good and works too. There is only the problem, if I reach my server over http, everything works fine. Also OnlyOffice works. If I switch to https, Nextcloud will continue to work, but OnlyOffice will stop working. The error: “Document can not be saved and loaded” appears and I have to cancel. When I remove the block for ssl in nginx.conf, everything works again. How do I get OnlyOffice running via https?
Hello. I think this is a problem in OnlyOffice itself. You should ask OnlyOffice developers to fix this error.
Does anybody know why the menu isn’t “complete”? I’m not able to see and therefore change the different menu-tabs as mentioned on the official onlyoffice site:
In your screenshot there are no tabs either…
I’m getting “App “Onlyoffice” cannot be installed because it is not compatible with this version of the server.” when trying to enable Onlyoffice (using either the script or the GUI). I guess the nextcloud:fpm image isn’t compatible with the current onlyoffice/documentserver:latest image…
git clone --recursive https://github.com/ONLYOFFICE/docker-onlyoffice-nextcloud cd docker-onlyoffice-nextcloud git submodule update --remote nano docker-compose.yml image: nextcloud:fpm - /etc/letsencrypt:/etc/letsencrypt nano nginx.conf server { listen 80; server_name cloud.server.com; .... location ^~ /.well-known/acme-challenge/ { default_type "text/plain"; root /var/www/html/; } sudo docker-compose up -d sudo docker network ls sudo docker psDear All I getting an error when I run “sudo bash set_configuration.sh”.
I can note edit or open files in nextcloud. Please help.
Hi, please go to the NextCloud Apps page to update ONLYOFFICE to the latest version, enable it, then run this script again.
Dear Xiao,
Thank you so much for your reply. I did this but now I got new error.
“The document could not be saved. Please check connection settings or contact your administrator.
When you click the ‘OK’ button, you will be prompted to download the document.
Find more information about connecting Document Server here.”
I know it is weird to asking for help again and again but I will be much obliged for your help
I ran into the same problem as Syed when trying to create and edit my first document with ONLYOFFICE:
——–
“The document could not be saved. Please check connection settings or contact your administrator.
When you click the ‘OK’ button, you will be prompted to download the document.
Find more information about connecting Document Server here.”
——–
Someone at https://help.nextcloud.com/t/warning-the-document-could-not-be-saved/26550/6 managed to solve it saying:
“After lots of messing around, I was able to resolve this for our setup. First, I put the generated certs in a certs folder under the app_data > data folder for our docker volume. Then I added https: for https://nginx-server/ 9 to our Server address for internal requests from the Document Editing Service under admin. Previously, it was set as the default http.”
…but I’m not sure how that’s done in the CLI. Would be great if you can update this tutorial with the steps. Thanks!
Dear All,
First of all I would like to thank Mr. Xiao Guo. He is the life saver and real hero. I wish I could meet him once in my life. He solved my problem by messenger, email reply and whatever medium I adopted to reach him. I am in debt for the whole of my life. When I texted he was going to sleep but still he replied to me. I am so grateful to him. Literally I have no words to thank him. He is the buddy I ever found. He is so helpful and supportive. I just say Love you Xiao Guo. Best wishes from my side. Keep up the good work.
My VPS was down by service provider. Now I installed this as the same way as mentioned in that tutorial. This works like a charm. It is the best ever tutorial I ever found. This is the method on internet. Hats off to you. Bundle of thanks.
Hello,
Thanks for this guide. Very helpful.
Do you know how can I run two separate nextcloud installations with different domains on the same server ?
I’ve tried a lot of things but not able to do that.
Many thanks for your help.
Bruno
As I can fix the ip of the containers, in the first installation all right, when I turned on the virtual machine, the ip of the container had changed
You can use wildcard to create an user on a specific network range like so:
Thanks for the write-up, it’s very detailed. I can’t get it to work. I have a droplet on Digital Ocean. I install docker, and manage to get up to composing the yml file. Using “sudo docker ps” does show the 3 containers working. However, when I go to my domain, or the IP address, nothing loads.
I can install nextcloud via snap, and regular apt method, and that seems to work. I can’t figure out what I’m doing wrong, and have had to refresh my OS several times.
Update: It works as instructed when using Ubuntu 16.04.
I still can’t get it working on Ubuntu 18.04, even though it all downloads.
Thank you for this tutorial, it is perfect 🙂
I followed it, there are several months but how to update the containers with the latest version?
Thank You.
All is working except ssl: I’m using local domain and bind9 dns with samba4 plugin on the other server. And certbot does not want to find a record for my local domain in dns server and to create certificates, so I gave up for now and using http.
Hi Xiao
All works great! But I then abled SSL and now I have the onlyoffice error ‘The document could not be saved. Please check connection settings or contact your administrator.
When you click the ‘OK’ button, you will be prompted to download the document.’
I have tried the fix you suggested but I then loose all access to nextcloud. Any ideas?
Thanks!
Hi Xiao,
this tutorial is a great help for this topic and after digging the tls-redirection-“no saved”-issue i found the solution to avoid it.
If you are interested in about it, send me an email account, I will describle it for you.
Brilliant tutorial! Thanks a lot. Everything worked fine, but after a restart I am having a 500 error; the log says:
Any ideas about the reason and hopefully about possible solutions?
Thanks again,
Giovanni
Maybe because the IP address has changed. You can use wildcard to create an user on a specific network range like so:
Thanks, it works!
It’s possible to run it over Kubernetes? Have anybody tried it?
Thank you
I’ve donne the installation (except SSL part as it will running behind a VPN – not configure yet still on local network)… It was working great but after a restart I’ve only a blank page when accessing my IP, all containers running… a bit disappointing and frustrating :/ Any help on this? (I’m actually working on a virtual host before installing it to my physical server)
Hello everyone,
This entire setup has been working like a breeze for about a month; now, right after aa server reboot (intentional and gentle) Nextcloud is working, but Onlyoffice is not. Any ideas? Thanks!
GITHUB REPO ONLYOFFICE FOR NEXTCLOUD (no owncloud)
git clone --recursive https://github.com/ONLYOFFICE/docker-onlyoffice-nextcloud cd docker-onlyoffice-nextcloud git submodule update --remote nano docker-compose.yml image: nextcloud:fpm - /etc/letsencrypt:/etc/letsencrypt nano nginx.conf server { listen 80; server_name cloud.server.com; .... location ^~ /.well-known/acme-challenge/ { default_type "text/plain"; root /var/www/html/; } sudo docker-compose up -d sudo docker network ls sudo docker psINSTALL LETS ENCRYPT
FIX NGINX HTTP POLICY FOR NEXTCLOUD
INTEGRATE ONLYOFFICE AND NEXTCLOUD
sudo bash set_configuration.sh nano nginx.conf if ($scheme != "https") { return 301 https://$host$request_uri; } sudo docker restart nginx-serverNOW appear the ONLYOFFICE tab-menu when login to nextcloud server
INTEGRATE ONLYOFFICE AND NEXTCLOUD
nano nginx.conf user www-data; worker_processes 1; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; events { worker_connections 1024; #ONLYOFFICE multi_accept on; use epoll; #ONLYOFFICE } http { upstream backend { server app-server:9000; } #ONLYOFFICE server_names_hash_bucket_size 64; upstream onlyoffice-docker { server 127.0.0.1:8443; } set_real_ip_from 127.0.0.1; set_real_ip_from 172.16.0.0/24; real_ip_header X-Forwarded-For; real_ip_recursive on; #ONLYOFFICE include /etc/nginx/mime.types; default_type application/octet-stream; screen -S dhparam openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096 mkdir -p /app/onlyoffice/DocumentServer/data/certs cp /etc/letsencrypt/live/cloud.server.com/privkey.pem /app/onlyoffice/DocumentServer/data/certs/onlyoffice.key cp /etc/letsencrypt/live/cloud.server.com/fullchain.pem /app/onlyoffice/DocumentServer/data/certs/onlyoffice.crt cp /etc/ssl/certs/dhparam.pem /app/onlyoffice/DocumentServer/data/certs/dhparam.pem chmod 400 /app/onlyoffice/DocumentServer/data/certs/onlyoffice.key sudo docker restart nginx-server sudo bash set_configuration.sh nano nginx.conf if ($scheme != "https") { return 301 https://$host$request_uri; } docker run --name=ONLYOFFICEDOCKER -i -t -d -p 8443:443 -v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data -e JWT_ENABLED='true' -e JWT_SECRET='yourpass' --restart=always onlyoffice/documentserver sudo docker restart nginx-serverRECLAIM SPACE
Hello
I just followed your tutorial and get the error “App “ONLYOFFICE” cannot be installed because it is not compatible with this version of the server.”. I check the App page of Nextcloud and see in red “Server version 10 or lower is required.” and cannot find any update for this app. Is there an issue with Nextcloud 11 and current version of Onlyoffice ?
Or is it a way to bypass this limitation ?
Thanks for helping.
Update : following this https://github.com/ONLYOFFICE/onlyoffice-nextcloud/issues/37 I downloaded the app manually with –depth=1 :
sudo git clone –depth=1 https://github.com/ONLYOFFICE/onlyoffice-nextcloud.git onlyoffice
And then moved mv onlyoffice/ /var/lib/docker/volumes/docker-onlyoffice-owncloud_app_data/_data/apps/
chowned and it’s now working with the previous version of the app.
I still doesn’t work, somebody have an idea?
Followed the tutorial, and all is working good, thanks!
Anybody able to get pretty url’s working? I’ve tried many methods, but am not able to remove index.php from the url.
Isn’t the “OnlyOffice document server” free for just a 30 day trial?
Or does that only apply to the version installed with deb/packages while the docker installation is free??
I finally found this nice table:
https://github.com/ONLYOFFICE/DocumentServer#onlyoffice-document-server-editions
So yes, there’s a “community edition” that is free and open source.
hello and thanks again for this nice tutorial! Question: the update tool from the web interface is not working. Is there fast and reliable way to update the entire docker container?
Thanks!
Hello,
I didn’t set the HTTPS because my server is in LAN and cannot be accessed from the outside (so far I was never able to validate a certificate …)
Except for that, I installed nextcloud and onlyoffice using these steps.
I don’t get error messages, but after the script, the onlyoffice connector doesn’t work, it says it requires server version 10 minimum.
Nextcloud is version 15 and offers to update to version 16, but it doesn’t seem to have the permissions to do it automaticaly.
There is no option tu update the onyoffice connector from the app interface. If I delete it, I cannot download and install it (because of server version, again).
I’m not sure how to fix that :s
I would very much appreciate if someone had a hint :3
Thank you in advance for your time !
Chris
How can I add a trusted domain in nextcloud, I have loocked for config.php to add it but I couldn’t find it, could you tell me where it is
To get your truested domains:
docker exec -u www-data app-server php occ config:system:get trusted_domains
To set a new one, (eg position 3):
docker exec -u www-data app-server php occ config:system:set trusted_domains 3 –value=thirddomain.com
For those of us not familiar enough with docker/docker-compose, do you think you could make a yaml file that includes the setup of a redis-server container and a mariadb-server container? Also to get a customized nextcloud-data directory to mount? This is what I have so far and it’s not working out.
version: ‘3’
services:
app:
container_name: app-server
image: nextcloud:fpm
stdin_open: true
tty: true
restart: always
expose:
– ’80’
– ‘9000’
volumes:
– app_data:/nextcloud-data/
onlyoffice-document-server:
container_name: onlyoffice-document-server
image: onlyoffice/documentserver:latest
stdin_open: true
tty: true
restart: always
expose:
– ’80’
– ‘443’
volumes:
– document_data:/var/www/onlyoffice/Data
– document_log:/var/log/onlyoffice
nginx:
container_name: nginx-server
image: nginx
stdin_open: true
tty: true
restart: always
ports:
– 80:80
– 443:443
volumes:
– ./nginx.conf:/etc/nginx/nginx.conf
– app_data:/nextcloud-data/
– /etc/letsencrypt:/etc/letsencrypt
redis:
container_name: redis
image: redis
ports:
– 6379:6379
hostname: redis
command: [“redis-server”, “–appendonly”, “yes”]
volumes:
– redis-data:/data
db:
image: mariadb
command: –transaction-isolation=READ-COMMITTED –binlog-format=MIXED –log-bin
restart: always
volumes:
– db:/var/lib/mysql
environment:
– MYSQL_ROOT_PASSWORD=LinuxBabeIsAwesomeness
– MYSQL_PASSWORD=LinuxBabeIsAwesome
– MYSQL_DATABASE=nextcloud
– MYSQL_USER=nextclouduser volumes:
document_data:
document_log:
app_data:
redis-data:
db:
whether the data server must be different from the onlyoffice server?