In the last article, I showed you how to install OnlyOffice on Ubuntu 22.04 and connect it to your Nextcloud instance. Now, let’s go through how to install OnlyOffice on Debian 12 (Bookworm). You may ask, what is the difference between the two, as both use the apt package manager? Mostly, they are the same, but there are a few differences which will be covered here.
Let’s get started.
1- Prepare the server
Update the system first.
apt update && apt upgrade
If you installed the OS from a DVD drive and encountered:
E: The repository ‘cdrom://[Debian GNU/Linux 12.5.0 Bookworm – Official amd64 DVD Binary-1 with firmware 20240210-11:28] bookworm Release’ does not have a Release file.
Open the sources file, comment out the cdrom line, and add the following lines.
nano /etc/apt/sources.list
deb http://deb.debian.org/debian bookworm main non-free-firmware
deb-src http://deb.debian.org/debian bookworm main non-free-firmware
deb http://deb.debian.org/debian-security/ bookworm-security main non-free-firmware
deb-src http://deb.debian.org/debian-security/ bookworm-security main non-free-firmware
deb http://deb.debian.org/debian bookworm-updates main non-free-firmware
deb-src http://deb.debian.org/debian bookworm-updates main non-free-firmware
Save and run the update command again.
apt install apt-transport-https ca-certificates curl software-properties-common
Install Apache for a proxy and vim:
apt install apache2 vim
In the recent release, the PATH for /usr/sbin, etc, has been removed, so let’s add them back.
vim ~/.bashrc
Add the following to it:
export PATH=$PATH:/usr/local/sbin:/usr/sbin:/sbin
Save and run source ~/.bashrc
.
2- Add docker repository
Let’s add the Docker repository for the Debian system.
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker.gpg] https://download.docker.com/linux/debian bookworm stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
Update the package metadata and install the Docker package.
apt update
apt install docker-ce
This will pull all the required dependencies including docker-ce-cli containerd.io.
3- Start services
Enable Apache modules:
a2enmod ssl rewrite headers proxy proxy_http deflate cache proxy_wstunnel
We have taken care of the PATH above. You can also use /usr/sbin/a2enmod if you want.
systemctl enable apache2
systemctl restart apache2
4- Create a virtual host
Create a virtual host file for the OnlyOffice domain.
cd /etc/apache2/sites-available/
vim oo.conf
Add the following to it, making changes where needed.
<VirtualHost *:80>
ServerName DOMAIN.COM
DocumentRoot /var/www/html
<Directory "/var/www/html">
AllowOverride All
Options -Indexes +FollowSymLinks
</Directory>
ErrorLog ${APACHE_LOG_DIR}/onlyoffice_error.log
</VirtualHost>
Enable this configuration and restart Apache.
a2ensite oo.conf
a2dissite 000-default.conf
apachectl -t
systemctl restart apache2
5- Install OnlyOffice
We will now install OnlyOffice via Docker. Change the JWT_SECRET to a secret of your choice.
docker run -i -t -d -p 127.0.0.1:9981:80 --restart=always \
-e JWT_ENABLED=true \
-e JWT_SECRET=f343nf27gdg4543vf341k9 \
-e JWT_HEADER=Authorization \
-e JWT_IN_BODY=true \
-v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data onlyoffice/documentserver
You can check Docker containers with docker ps
.
To enter a docker container:
docker exec -it CONTAINER_ID bash
6- Install Certbot and get an SSL
apt install certbot
Get an SSL for your domain.
certbot certonly --webroot -w /var/www/html -d DOMAIN.COM
Note down the certificate paths.
7- Update virtual host
We are almost there now, with OnlyOffice Docker up and running, SSL certificates at hand. It’s now time to update our virtual host file with the 443 block.
vim /etc/apache2/sites-available/oo.conf
The only thing you may need to change is DOMAIN.COM.
<VirtualHost *:443>
ServerName DOMAIN.COM
ErrorLog ${APACHE_LOG_DIR}/onlyoffice_error.log
# SSL configuration
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/DOMAIN.COM/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/DOMAIN.COM/privkey.pem
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
SSLHonorCipherOrder on
SSLCompression off
SetEnvIf Host "^(.*)$" THE_HOST=$1
RequestHeader setifempty X-Forwarded-Proto https
RequestHeader setifempty X-Forwarded-Host %{THE_HOST}e
ProxyAddHeaders Off
ProxyPassMatch (.*)(\/websocket)$ "ws://127.0.0.1:9981/$1$2"
ProxyPass / "http://127.0.0.1:9981/"
ProxyPassReverse / "http://127.0.0.1:9981/"
</VirtualHost>
Restart Apache and browse the URL with HTTPS.
apachectl -t
systemctl restart apache2
8- Connect to Nextcloud
Go to your Nextcloud instance and install OnlyOffice app from the store.
After that, go to Administration. Click on ONLYOFFICE on the left-hand side menu. Enter the URL with https in the Address field and the secret in the Secret field.
Save, and you’re all set.