In this article we will go through OnlyOffice docker installation with Apache as reverse proxy for Nextcloud document editing. If you haven’t installed Nextcloud yet, click the button below to install Nextcloud 24.
To get started with the installation 1st thing we will do is point a domain or sub domain to the server IP. OS used in this setup is Ubuntu 20.04.
Minimum server requirements:
- Single-core 2 GHz CPU
- 2 GB of RAM or more
- 40 GB of free space
- 4 GB of swap
Install some basic required packages.
apt install apt-transport-https ca-certificates curl software-properties-common
Add docker repository for Ubuntu 20.04. Command below is one line.
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
Update the system and install docker and other packages.
apt update
apt install apache2 vim docker-ce
SSL certificate is required, you can follow this article to install certbot and get a certificate.
After installation of packages, we will enable some Apache modules.
a2enmod ssl rewrite headers proxy proxy_http deflate cache proxy_wstunnel
systemctl enable apache2
systemctl start apache2
Create virtual host
Create an OnlyOffice virtual host file for Apache .
cd /etc/apache2/sites-available/
vim oo.conf
If you have installed certbot and already retrieved certificate from Let’s encrypt. You can just paste the following in oo.conf
file. If you haven’t yet, it’s time to get one. Because OnlyOffice does not work with http.
<VirtualHost *:80>
ServerName DOMAIN_NAME.COM
ErrorLog ${APACHE_LOG_DIR}/DOMAIN_NAME.COM.error.log
CustomLog ${APACHE_LOG_DIR}/DOMAIN_NAME.COM.access.log combined
</VirtualHost>
<VirtualHost *:443>
ServerName DOMAIN_NAME.COM
ErrorLog ${APACHE_LOG_DIR}/DOMAIN_NAME.COM.error.log
CustomLog ${APACHE_LOG_DIR}/DOMAIN_NAME.COM.access.log combined
# SSL configuration
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/DOMAIN_NAME.COM/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/DOMAIN_NAME.COM/privkey.pem
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
SSLHonorCipherOrder on
SSLCompression off
SetEnvIf Host "^(.*)$" THE_HOST=$1
RequestHeader setifempty X-Forwarded-Proto https
RequestHeader setifempty X-Forwarded-Host %{THE_HOST}e
ProxyAddHeaders Off
ProxyPassMatch (.*)(\/websocket)$ "ws://127.0.0.1:9981/$1$2"
ProxyPass / "http://127.0.0.1:9981/"
ProxyPassReverse / "http://127.0.0.1:9981/"
</VirtualHost>
Change DOMAIN_NAME.COM to your actual domain.
Enable this new virtual host and restart Apache.
a2ensite oo.conf
a2dissite 000-default.conf
systemctl restart apache2
Start documentserver
We will start OnlyOffice docker container in the background now. Take note of the JWT_SECRET
it will be used in Nextcloud app later. You can change this to a secret of your choice.
docker run -i -t -d -p 127.0.0.1:9981:80 --restart=always \
-e JWT_ENABLED=true \
-e JWT_SECRET=ni87bSds623nk932ds32342 \
-e JWT_HEADER=Authorization \
-e JWT_IN_BODY=true \
-v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data onlyoffice/documentserver
Wait for the process to finish as it will download documentserver docker container. If you go to the document server URL(with https) you may see this. If not check the docker logs for what went wrong.
You can list docker containers, stop and start them.
docker ps
docker stop CONTAINER_ID
docker start CONTAINER_ID
To enter a docker container and modify or check things inside the container.
docker exec -it CONTAINER_ID bash
Go to your Nextcloud instance and install OnlyOffice documentserver app. Just make sure to not install the integrated app from Nextcloud. After installation, go to the app settings and enter the required details like URL, token etc.
If everything worked out as it should, happy editing.
Thanks for your answer Arif.
Ok, I have one server (at home) accessible with https://nextcloud.mydomain.com.
Now, I still not sure if I need/want another virtual server. Basically, I want to open my files directly on nextcloud. As I understand apache2 already use port 80 for nextcloud, right? So I follow the two subdomains, do I need to do something in the apache2 configuration or not needed? both virtual servers will use the same port.
I wonder is onlyoffice docker can be run using the certificate I already got for nextcloud .
I apologize if my questions are too dummy
Thanks again. Eric
In case of one server, what you can do is have two virtual servers. Which I explained already in the installation above and Nextcloud 24 installation.
No, you can’t use same domain for both.
“As I understand apache2 already use port 80 for nextcloud, right? So I follow the two subdomains, do I need to do something in the apache2 configuration or not needed? both virtual servers will use the same port.”
It’s easy. Let’s me explain.
You already have Nextcloud installed. If you follow the above guide, you will have another vhost with
onlyoffice
sub domain.These both can be on the same server. One is
/etc/apache2/sites-available/nextcloud.conf
and another is/etc/apache2/sites-available/oo.conf
. Both use vhost ports(80, 443).You can have many virtual servers on one server using vhost.
Hope I have explained it well.
Thanks for the guide.
I already installed Nextcloud 24 with apache2. I have my subdomain: https://nextcloud.mydomain.com
Could you please clarify if I need to create another subdomain and certificate for onlyoffice: htpps://onlyoffice.mydomain.com. Thanks for the clarification. Eric
Hi Eric,
Yes, if you have setup on a separate server or same server with another virtual host. You need what you explained.
nextcloud
andonlyoffice
sub domains with certificates.