How to Integrate OnlyOffice with NextCloud

ownCloud users can use OnlyOffice online editors to edit office documents right from their ownCloud installation, thanks to the ownCloud OnlyOffice integration app released in February 2017. Now OnlyOffice has updated its integration app to add support for Nextcloud. This tutorial will be showing you how to integrate OnlyOffice with Nextcloud using the Nextcloud OnlyOffice integration app.

The Nextcloud OnlyOffice integration app features:

  • Full-featured text editor available online with all the functionality of desktop editors.
  • 100% view, conversion, print and pagination fidelity.
  • Add links, tables and charts, insert images, auto shapes, formulas and text objects and manipulate them, create bulleted or numbered lists and more.
  • Real-time collaborative editing with your teammates: show changes instantly or after saving only. Use commenting and built-in chat, reviewing and tracking changes.
  • Support for most popular formats: edit DOCX, XLSX, PPTX, TXT files and save in ODT, ODS, ODP, DOC, XLS, PPT, PPS, EPUB, RTF, HTML, HTM.

To complete this guide, you will need to

  • Have a working Nextcloud server. See the Nextcloud installation on Ubuntu tutorial if you haven’t installed it.
  • Install OnlyOffice document server running in HTTPS
  • Install Nextcloud OnlyOffice integration app on Nextcloud server

The OnlyOffice document server and Nextcloud server can be installed on two different machines. Let’s get started.

Installing ONLYOFFICE Document Server

Please note that OnlyOffice document server requires at least 2GB of RAM. An additional 2GB of swap space is recommended. OnlyOffice document server depends on PostgreSQL, Node.js, Redis Server, RabbitMQ server and Nginx. The following steps are tested on a Ubuntu 16.04 server but should also be applicable to other Debian-based Linux distributions.

Install PostgreSQL from Ubuntu repository

sudo apt install postgresql

Then create the onlyoffice database.

sudo -u postgres psql -c "CREATE DATABASE onlyoffice;"

Create the onlyoffice user.

sudo -u postgres psql -c "CREATE USER onlyoffice WITH password 'onlyoffice';"

Grant permission.

sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE onlyoffice TO onlyoffice;"

Install NodeJS from official repository

OnlyOffice document server requires nodejs 6.9.1+, but the version in Ubuntu repository is outdated, so we will need to install the latest LTS version (6.10.0) of Node.js from upstream repository.

Add Node.js repostiory.

curl -sL https://deb.nodesource.com/setup_6.x | sudo -E bash -

Install Node.js.

sudo apt install nodejs

Check Node.js version.

node -v

Sample output:

v6.10.0

Install Redis server and Rabbitmq

sudo apt install redis-server rabbitmq-server

Check their status.

systemctl status redis-server

systemctl status rabbitmq-server

You should see they are active (running).  If rabbitmq-server failed to start, that’s mostly because of low memory on the machine or invalid hostname.

Install OnlyOffice document server

Add OnlyOffice repository with the following command.

echo "deb http://download.onlyoffice.com/repo/debian squeeze main" | sudo tee /etc/apt/sources.list.d/onlyoffice.list

Import OnlyOffice public key.

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys CB2DE8E5

Update local package index and install OnlyOffice document server. Note that Nginx will be installed as the web server so you might need to stop Apache if it’s running.

sudo apt update

sudo apt install onlyoffice-documentserver

During the installation process, you will be asked to enter PostgreSQL password for onlyoffice. Enter “onlyoffice” (without double quotes).

onlyoffice document server install

You also need to accept the Microsoft license terms in order to install TrueType core fonts from Microsoft.

install onlyoffice document server on ubuntu 16.04

Once the installation is finished, enter your server’s public IP address in web browser, you should see “Document Server is running”

onlyoffice document server

Enabling HTTPS

To connect NextCloud to OnlyOffice document server, the latter must be running in HTTPS mode. The following steps show how to obtain and install Let’s Encrypt TLS certificate.

Edit /etc/nginx/conf.d/onlyoffice-documentserver.conf file.

sudo nano /etc/nginx/conf.d/onlyoffice-documentserver.conf

Change the configuration like below. Don’t forget to set an A record for onlyoffice.your-domain.com.

include /etc/nginx/includes/onlyoffice-http.conf;
server {
  listen 0.0.0.0:80;
  listen [::]:80 default_server;
  server_name onlyoffice.your-domain.com;
  server_tokens off;

  include /etc/nginx/includes/onlyoffice-documentserver-*.conf;

  location ~ /.well-known/acme-challenge {
        root /var/www/onlyoffice/;
        allow all;
  }
}

Save and close the file. Reload Nginx for the changes to take effect.

sudo systemctl reload nginx

Then install certbot (Let’s Encrypt) client.

sudo apt install letsencrypt

Next, run the following command to obtain a free TLS certificate using the webroot plugin.

sudo letsencrypt certonly --webroot --agree-tos --email your-email-address -d onlyoffice.your-domain.com -w /var/www/onlyoffice/

Within a few seconds, you shall see a message like below, which means the TLS certificate is successfully obtained.

onlyoffice https

Edit onlyoffice-documentserver.conf file.

sudo nano /etc/nginx/conf.d/onlyoffice-documentserver.conf

Delete everything in that file and paste the following text into the file. Change the red text accordingly.

include /etc/nginx/includes/onlyoffice-http.conf;
## Normal HTTP host
server {
  listen 0.0.0.0:80;
  listen [::]:80 default_server;
  server_name onlyoffice.your-domain.com;
  server_tokens off;
  ## Redirects all traffic to the HTTPS host
  root /nowhere; ## root doesn't have to be a valid path since we are redirecting
  rewrite ^ https://$host$request_uri? permanent;
}
#HTTP host for internal services
server {
  listen 127.0.0.1:80;
  listen [::1]:80;
  server_name localhost;
  server_tokens off;
  include /etc/nginx/includes/onlyoffice-documentserver-common.conf;
  include /etc/nginx/includes/onlyoffice-documentserver-docservice.conf;
}
## HTTPS host
server {
  listen 0.0.0.0:443 ssl;
  listen [::]:443 ssl default_server;
  server_name onlyoffice.your-domain.com;
  server_tokens off;
  root /usr/share/nginx/html;
  
  ssl_certificate /etc/letsencrypt/live/onlyoffice.your-domain.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/onlyoffice.your-domain.com/privkey.pem;
 
  ssl_ciphers "ECDHE-RSA-AES128-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA128:DHE-RSA-AES128-GCM-SHA384:DHE-RSA-AES128-GCM-SHA128:ECDHE-RSA-AES128-SHA384:ECDHE-RSA-AES128-SHA128:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA384:AES128-GCM-SHA128:AES128-SHA128:AES128-SHA128:AES128-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
  ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
  ssl_session_cache  builtin:1000  shared:SSL:10m;
  ssl_prefer_server_ciphers   on;
  add_header Strict-Transport-Security max-age=31536000;
  # add_header X-Frame-Options SAMEORIGIN;
  add_header X-Content-Type-Options nosniff;
  
  # ssl_stapling on;
  # ssl_stapling_verify on;
  # ssl_trusted_certificate /etc/nginx/ssl/stapling.trusted.crt;
  # resolver 208.67.222.222 208.67.222.220 valid=300s; # Can change to your DNS resolver if desired
  # resolver_timeout 10s;
  ## [Optional] Generate a stronger DHE parameter:
  ##   cd /etc/ssl/certs
  ##   sudo openssl dhparam -out dhparam.pem 4096
  ##
  #ssl_dhparam {{SSL_DHPARAM_PATH}};

  location ~ /.well-known/acme-challenge {
     root /var/www/onlyoffice/;
     allow all;
  }
  include /etc/nginx/includes/onlyoffice-documentserver-*.conf;
}

Save and close the file. Then test Nginx configuration and reload.

sudo nginx -t

sudo systemctl reload nginx

Visit https://onlyoffice.your-domain.com in web browser to verify OnlyOffice document server is running correctly in HTTPS mode.

onlyoffice nextcloud

Installing Nextcloud OnlyOffice Integration App

SSH into your Nextloud server, and then change directory to the Nextcloud apps directory.

cd /var/www/nextcloud/apps/

Next, download Nextcloud OnlyOffice integration app using the following command.

sudo git clone https://github.com/ONLYOFFICE/onlyoffice-owncloud.git onlyoffice

Then go to Nextcloud Apps page, click Not Enabled tab and enable the OnlyOffice app.

nextcloud onlyoffice integration app

 

After that, go to Nextcloud admin page, select Additional Settings tab on the left pane and enter the domain name for OnlyOffice in Document Editing Service Address field.

nextcloud onlyoffice app

After saving the above setting, you should be able to create documents, spreedsheets and presentation files within Nextcloud by clicking the plus (+) button. A separate tab will be opened for editing.

nextcloud onlyoffice

You will also see a new item called “Open in OnlyOffice” in the context menu of office documents.

Installing OnlyOffice Document Server and Nextcloud on the Same Machine

The OnlyOffice Document server uses Nginx as web server.

If you have an existing Nextcloud server running with Nginx, then there’s no damage to your Nextcloud server when installing OnlyOffice on the same machine. It will remove nginx-core and install nginx-extras package, so there’ll be a little downtime, but your configurations will be intact.

If you have an existing Nextcloud server running with Apache web server, and you want to install OnlyOffice on the same machine, then you have two choices:

Configuring Nginx as a Reverse Proxy for Apache

If you choose the second route, then you should first change the port number of Apache before you install OnlyOffice document server.

Edit the ports.conf file.

sudo nano /etc/apache2/ports.conf

Find the line:

Listen 80

Change it to a different port number like 8180. Note that you shouldn’t use 8080 here because OnlyOffice document server needs port 8080 to start its docservice.

Listen 8180

You should also change the SSL port number because later Nginx will do the SSL termination. Find the line:

Listen 443

Change the port number to something like 4433.

Listen 4433

Save and close the file. Next, edit the virtual host file for Nextcloud.

sudo nano /etc/apache2/sites-enabled/nextcloud.conf

The first line should be like this:

<VirtualHost *:80>

Change the port number to 8180.

<VirtualHost *:8180>

We should also disable redirecting HTTP to HTTPS by adding comment characters before the following lines. (Your Nextcloud server is using HTTPS connection, right?)

#RewriteEngine on
#RewriteCond %{SERVER_NAME} =nextcloud.your-domain.com
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

And change the SSL listening port.

<VirtualHost *:443>

Change the above port to 4433. Save and close the file. Reload Apache configuration.

sudo systemctl reload apache2

Now Apache listens on port 8180 and 4433. We can then follow the above instructions to install OnlyOffice document server, which will install Nginx in the process.

Once OnlyOffice document server and Nginx are installed, create an Nginx server block file to proxy requests to Apache.

sudo nano /etc/nginx/conf.d/nextcloud-proxy.conf

Add the following lines to the file. Replace the domain name with your own. The path for ssl_certificate and ssl_certificate_key is for Let’s Encrypt issued certificates. If you use a certificate issued by another CA, then you should enter your own path.

server {
        listen 80;
        server_name nextcloud.your-domain.com;
        return 301 https://$server_name$request_uri;
}

server {
        listen 443 ssl http2;
        server_name nextcloud.your-domain.com;

        ssl_certificate /etc/letsencrypt/live/nextcloud.your-domain.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/nextcloud.your-domain.com/privkey.pem;

        ssl_session_timeout 1d;
        ssl_session_cache shared:SSL:10m;
        ssl_session_tickets off;
        ssl_protocols TLSv1.1 TLSv1.2;

        add_header Strict-Transport-Security max-age=15768000;

        ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
        ssl_prefer_server_ciphers on;

        location / {
                proxy_pass http://127.0.0.1:8180;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
}

The location / {...} section redirects all requests to Apache web server listening on port 8180. Save and close the file. Then test Nginx configuration.

sudo nginx -t

Reload Nginx if syntax is OK.

sudo systemctl reload nginx

Now you should be able to visit your Nextcloud server as usual, without adding a port number in the URL. If you use the following cURL command to fetch HTTP header, then you should see the front-end server is Nginx.

curl -I https://nextcloud.your-domain.com

Sample output:

HTTP/1.1 302 Found
Server: nginx/1.11.9
Date: Tue, 14 Mar 2017 08:55:30 GMT
Content-Type: text/html; charset=UTF-8

That’s it!

I hope this tutorial helped you with integrating OnlyOffice with Nextcloud. As always, if you found this post useful, then subscribe to our free newsletter. You can also follow us on Google+Twitter or like our Facebook page.

Rate this tutorial
[Total: 6 Average: 3.8]