[support] Siwat's Docker Repository


Recommended Posts

  • 1 month later...
On 10/7/2019 at 3:01 PM, DavidSpek said:

I had quite a bit of trouble getting OnlyOfficeDocumentServer to work with nextcloud and letsencrypt. So I had letsencrypt install for plex etc and got it working with nextcloud. The confusing part of getting OnlyOfficeDocumentServer  to work with letsencrypt is that you need to create self-signed ssl certificates for the docker container itself, and then have letsencrypt create certificates for your public address. So a short overview of the steps I took. I left the ports of the container default as I wanted to eliminate potential problems. 

 

1. Install the OnlyOfficeDocumentServer container. Leave everything as default (the name can contain capitals for the setup I have, network is bridge). 

2. Add your subdomain to the letsencrypt container, and add the file onlyofficedocumentserver.subdomain.conf with the content below in the folder /appdata/letsencrypt/nginx/proxy-confs/. Please change the server_name to [YOUR SUBDOMAIN].*; and proxy_pass to https://[YOUR UNRAID SERVER IP]:4430/. Also, the formatting of the first, second and forth line seems to be off in this field and the extra tab/spaces should be there. 


server {
    listen 443 ssl;
	
    server_name oods.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;


    location / {
		include /config/nginx/proxy.conf;
		resolver 127.0.0.11 valid=30s;
        set $upstream_oods onlyofficedocumentserver;
		proxy_pass https://192.168.178.65:4430/;
        proxy_redirect off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host $server_name;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

3. Restart letsencrypt container to get a certificate for your new subdomain. 

4. Check that OnlyOfficeDocumentServer is accessible via http://[YOUR UNRAID IP]:8080 (note this is HTTP and not HTTPS yet).

5. Create the certs folder and certificates for OnlyOfficeDocumentServer using the following command in an unraid terminal (I used the unraid web terminal). Note that the second openssl command will request various data to be filled in and that this certificate will be valid for 365 days.


cd /mnt/user/appdata/onlyofficeds/Data

mkdir certs

cd certs

openssl genrsa -out onlyoffice.key 2048

openssl req -new -key onlyoffice.key -out onlyoffice.csr

openssl x509 -req -days 365 -in onlyoffice.csr -signkey onlyoffice.key -out onlyoffice.crt

5. Check that OnlyOfficeDocumentServer is now accessible via https://[YOUR UNRAID IP]:4430. You will get an warning that the server has a self signed certificate. At this point the http address of OnlyOfficeDocumentServer was not accessible anymore for me. 

6. Check that OnlyOfficeDocumentServer is now accessible through letsencrypt and your subdomain.domain.com (for me oods.xxxxxxx.com). When looking at the certificate of my domain, it seems all certificates are verified by letsencrypt and I saw no remnant of the self-signed certificates (with plex I do see some warnings about certificate redirects or something when looking at the developer tools of chrome, but this causes no issue and clicking the lock icon shows it to be fine). 

7. Go to your nextcloud, install the onlyoffice plugin. 

8. Go to settings, then OnlyOffice and fill in https://[subdomain].[domain].com and everything should now all be working. 

I hope this helps some others that have been struggling with this and find the need for self-signed and letsencrypt certificates confusing. When I tried to use the letsencrypt certificates in the /Data/certs folder I got an error in the OnlyOfficeDocumentServer container log that nginx failed to start. I did, however, only create the onlyoffice.crt and onlyoffice.key from my letsencrypt fullchain.pem and privkey.pem and did not create the onlyoffice.csr. Also, if there is a way to get the letsencrypt certificates working I would be very interested to know how to do this. 

 

For a next step I would like to implement the secret that can be filled in within nextcloud, however, I have not fully looked into doing this with these docker containers yet. 

These instructions should be stickied! THANK YOU!

  • Like 2
Link to comment
  • 2 weeks later...

I need a little help with HomebridgeWithWebGUI as I'm trying to install the plugin for Envisakit. - https://github.com/andylittle/envisakit

The problem is that it requires something extra outside of the plugin and extra commands.

This successfully executed.

# Clone the repository
$ git clone 'https://github.com/andylittle/envisakit.git'
$ cd envisakit

 

However this is where I get stuck:

# Create virtual env and install packages
$ virtualenv venv
$ source venv/bin/activate
$ pip install -r requirements.txt

 

Is there a way to get virtualenv into the docker? or am I limited?

Link to comment
  • 2 weeks later...

I haven't seen much mention of the H265ize docker in this thread, but the support link brough me here so I'm gonna add my thoughts:

The tmp folder for the encoding is part of the docker image. A superlative idea sir with just two minor flaws; 1) Because it fills up a relatively small image file with rather large media files and 2) because it fills up a relatively small image file with rather large media files. Now I realise that technically speaking thats only one flaw, but I thought it was such a big one it was worth mentioning twice.

 

Dwarfing aside: if you add a path variable to the docker targetting the host path /tmp and redirecting it to a temp share it'll allow H265ize to continue without bombing out afer 13hours because it's filled up the space in your docer image file. :D

Link to comment

Looking for a little help with the onlyoffice document server and using it with the nextcloud android app. I have the whole thing setup and working with nextcloud and nginxproxymanager. it works 100% with the webui of nextcloud however when i try to edit my documents with the android app it appears to open the onlyoffice connection but never loads the document.  

Link to comment
On 1/23/2020 at 3:56 PM, OFark said:

I haven't seen much mention of the H265ize docker in this thread, but the support link brough me here so I'm gonna add my thoughts:

The tmp folder for the encoding is part of the docker image. A superlative idea sir with just two minor flaws; 1) Because it fills up a relatively small image file with rather large media files and 2) because it fills up a relatively small image file with rather large media files. Now I realise that technically speaking thats only one flaw, but I thought it was such a big one it was worth mentioning twice.

 

Dwarfing aside: if you add a path variable to the docker targetting the host path /tmp and redirecting it to a temp share it'll allow H265ize to continue without bombing out afer 13hours because it's filled up the space in your docer image file. :D

Container Template Updated :), Temp Directory added.

Edited by Siwat2545
Link to comment
  • 2 weeks later...
Have followed Spaceinvader's guide
to setup OnlyOfficeDocumentServer but the container seem to malfunction, when I https to it via my web browser I'm greeted with this:
 
bild.thumb.png.d6ed0a73b9c6147dd1d079e9a87013ac.png
 
And the logs:
 
bild.png.b3c5cd54296a7e9776ed2b0d49644a41.png
 
 
Any ideas?
 
Can you try "rm -rv /mnt/user/onlyofficeds" and try again?

Sent from my Pixel 3 using Tapatalk

Link to comment
1 minute ago, Siwat2545 said:

Can I have a screenshot of your onlyoffice document server configuration?

Sent from my Pixel 3 using Tapatalk
 

Hmmm ... there is actually no such thing that I can find. The configs I know of is the Letsencrypt proxy config, the docker template in Unraid.

Can you point me in the right direction where I can find what you are looking for, thanks?

Link to comment
13 hours ago, Amigaz said:

Hmmm ... there is actually no such thing that I can find. The configs I know of is the Letsencrypt proxy config, the docker template in Unraid.

Can you point me in the right direction where I can find what you are looking for, thanks?

Click on the container icon and click edit the take a screenshot

Link to comment
55 minutes ago, Siwat2545 said:

Click on the container icon and click edit the take a screenshot

Everything is left unchanged like in ED's guide except I have changed Host port 1 and the network which is set to use my Let's Encrypt proxy network like in ED's guide

 

bild.thumb.png.9c46d031a2f3d8b7a6796651f193ce31.png

Edited by Amigaz
Link to comment

Hey sorry if noob question.   I just finished following SpaceInvaders setup.   Got everything working  

But was wondering should I not be doing something to secure the OpenOfficedocument server. 

 

I can see that in Nextcloud there is a space for a secret Key but not sure where to configure this in open office... 

 

I ask as I am not wanting anyone who gets access to my   onlyoffice.reverseproxy.me   type of site to have access... to my docker  

Sorry in advance if this is a mute question due to other means of being secure. 

 

 

Link to comment
6 hours ago, Aceriz said:

Hey sorry if noob question.   I just finished following SpaceInvaders setup.   Got everything working  

But was wondering should I not be doing something to secure the OpenOfficedocument server. 

 

I can see that in Nextcloud there is a space for a secret Key but not sure where to configure this in open office... 

 

I ask as I am not wanting anyone who gets access to my   onlyoffice.reverseproxy.me   type of site to have access... to my docker  

Sorry in advance if this is a mute question due to other means of being secure. 

 

 

The onlyoffice container only serve as an editor, It does not store your document. The only attack vector is flooding.

Link to comment
  • 2 weeks later...

I followed the same spaceinvader tutorial and I get 502 bad gateway when I try entering the subdomain I assigned.

 

DocumentServer log:

 

==> /var/log/onlyoffice/documentserver/metrics/out.log <==
gauges: { 'statsd.timestamp_lag': 0 },
timer_data: {},
counter_rates:
{ 'statsd.bad_lines_seen': 0,
'statsd.packets_received': 0,
'statsd.metrics_received': 0 },
sets: {},
pctThreshold: [ 90 ] }
29 Feb 07:23:05 - [574] reading config file: ../../config/config.js
29 Feb 07:23:05 - server is up INFO

==> /var/log/onlyoffice/documentserver/nginx.error.log <==


==> /var/log/onlyoffice/documentserver/spellchecker/err.log <==

==> /var/log/onlyoffice/documentserver/spellchecker/out.log <==
[2020-02-29T06:39:17.054] [WARN] nodeJS - Express server starting...
[2020-02-29T06:39:17.135] [WARN] nodeJS - Express server listening on port 8080 in production-linux mode
[2020-02-29T06:40:59.621] [WARN] nodeJS - start cluster with 1 workers
[2020-02-29T06:40:59.630] [WARN] nodeJS - worker 641 started.
[2020-02-29T06:41:00.071] [WARN] nodeJS - Express server starting...
[2020-02-29T06:41:00.128] [WARN] nodeJS - Express server listening on port 8080 in production-linux mode
[2020-02-29T07:23:05.166] [WARN] nodeJS - start cluster with 1 workers
[2020-02-29T07:23:05.172] [WARN] nodeJS - worker 643 started.
[2020-02-29T07:23:05.790] [WARN] nodeJS - Express server starting...
[2020-02-29T07:23:05.857] [WARN] nodeJS - Express server listening on port 8080 in production-linux mode
Creating new cluster 9.5/main ...
config /etc/postgresql/9.5/main
data /var/lib/postgresql/9.5/main
locale en_US.UTF-8
socket /var/run/postgresql
port 5432
* Starting PostgreSQL 9.5 database server
...done.
* Starting RabbitMQ Messaging Server rabbitmq-server
...done.
Starting redis-server: redis-server.
CREATE DATABASE
CREATE ROLE
GRANT
Usage: grep [OPTION]... PATTERN [FILE]...
Try 'grep --help' for more information.
Starting supervisor: supervisord.
* Starting periodic command scheduler cron
...done.
* Starting nginx nginx
...fail!
Generating AllFonts.js, please wait...Done
Generating presentation themes, please wait...Done
ds:docservice: stopped
ds:docservice: started
ds:converter: stopped
ds:converter: started
* Reloading nginx configuration nginx
...fail!
==> /var/log/onlyoffice/documentserver/converter/err.log <==

==> /var/log/onlyoffice/documentserver/converter/out.log <==
[2020-02-29T07:27:16.024] [WARN] nodeJS - update cluster with 1 workers
[2020-02-29T07:27:16.036] [WARN] nodeJS - worker 744 started.
[2020-02-29T07:27:16.037] [WARN] nodeJS - update cluster with 1 workers
[2020-02-29T07:27:31.728] [WARN] nodeJS - update cluster with 1 workers
[2020-02-29T07:27:31.734] [WARN] nodeJS - worker 828 started.
[2020-02-29T07:27:31.734] [WARN] nodeJS - update cluster with 1 workers

==> /var/log/onlyoffice/documentserver/docservice/err.log <==

==> /var/log/onlyoffice/documentserver/docservice/out.log <==
[2020-02-29T07:27:16.036] [WARN] nodeJS - worker 743 started.
[2020-02-29T07:27:16.036] [WARN] nodeJS - update cluster with 1 workers
[2020-02-29T07:27:16.456] [WARN] nodeJS - Express server starting...
[2020-02-29T07:27:16.919] [WARN] nodeJS - Express server listening on port 8000 in production-linux mode
[2020-02-29T07:27:29.688] [WARN] nodeJS - Plugins watch exception (https://nodejs.org/docs/latest/api/fs.html#fs_availability).
[2020-02-29T07:27:29.696] [WARN] nodeJS - update cluster with 1 workers
[2020-02-29T07:27:29.701] [WARN] nodeJS - worker 807 started.
[2020-02-29T07:27:29.701] [WARN] nodeJS - update cluster with 1 workers
[2020-02-29T07:27:29.952] [WARN] nodeJS - Express server starting...
[2020-02-29T07:27:30.343] [WARN] nodeJS - Express server listening on port 8000 in production-linux mode

==> /var/log/onlyoffice/documentserver/gc/err.log <==

==> /var/log/onlyoffice/documentserver/gc/out.log <==

==> /var/log/onlyoffice/documentserver/metrics/err.log <==

==> /var/log/onlyoffice/documentserver/metrics/out.log <==
29 Feb 07:27:15 - [666] reading config file: ../../config/config.js
29 Feb 07:27:15 - server is up INFO

==> /var/log/onlyoffice/documentserver/spellchecker/err.log <==

==> /var/log/onlyoffice/documentserver/spellchecker/out.log <==
[2020-02-29T07:27:15.721] [WARN] nodeJS - start cluster with 1 workers
[2020-02-29T07:27:15.729] [WARN] nodeJS - worker 729 started.
[2020-02-29T07:27:16.299] [WARN] nodeJS - Express server starting...
[2020-02-29T07:27:16.365] [WARN] nodeJS - Express server listening on port 8080 in production-linux mode

 

Link to comment
  • 2 weeks later...

Set this up a few weeks ago and have noticed some strangeness that began immediately.  None of this makes sense, but it didn't start happening until after Adguard.  I set up the docker, gave it its own IP, and set my Ubiquiti USG to use that same IP as its DNS, with 127.0.0.1 as a secondary DNS.  I know it works as I can of course see it in the Adguard web page, and it does block the ads on specific sites I was hoping for.  I have not done anything custom yet.

 

Here's the weirdness:

  • Reddit cannot connect in the mornings, around 6am, for some reason.  It's fine other times
  • Google maps is intermittent, sometimes it works, sometimes it can't connect either.
  • Netflix comes and goes too on specific computers, but not Android devices (shieldTV)

These are not issues outside my own network.  IE, when reddit loses connection in the morning, I just shut off wifi on y phone, and it connects immediately via the cell network.

 

Also, what is the difference between using the docker and just setting my routers DNS to Adguard's address?  Customization?

 

TIA

 

 

 

 

 

Link to comment
1 hour ago, btrcp2000 said:

Set this up a few weeks ago and have noticed some strangeness that began immediately.  None of this makes sense, but it didn't start happening until after Adguard.  I set up the docker, gave it its own IP, and set my Ubiquiti USG to use that same IP as its DNS, with 127.0.0.1 as a secondary DNS.  I know it works as I can of course see it in the Adguard web page, and it does block the ads on specific sites I was hoping for.  I have not done anything custom yet.

 

Here's the weirdness:

  • Reddit cannot connect in the mornings, around 6am, for some reason.  It's fine other times
  • Google maps is intermittent, sometimes it works, sometimes it can't connect either.
  • Netflix comes and goes too on specific computers, but not Android devices (shieldTV)

These are not issues outside my own network.  IE, when reddit loses connection in the morning, I just shut off wifi on y phone, and it connects immediately via the cell network.

 

Also, what is the difference between using the docker and just setting my routers DNS to Adguard's address?  Customization?

 

TIA

 

 

 

 

 

This should not happen, try nslookup in the morning and the other time when it work and check if it's the same (Use wireshark to find the domain)

You could set it to adguard dns but you will have no data log on the dashboard and no permissive block

Link to comment

Okay so this noob needs some help. I have installed the OnlyOffice Docker container and I've setup my subdomain but I seem to be stuck on this screen. Now looks like someone before mentioned something about attaching OnlyOffice to a database? I am extremely new to this world. I do have MariaDB running but how would I go about getting only office connected to MariaDB? Do I just add the variables inside the Maria DB docker settings, and then point OnlyOffice to that?? sorry for the noobish questions just trying to make sense of this shit

 

 

OnlyOffice2.png

OnlyOffice3.png

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.