Install OnlyOffice using Docker

Requirements Docker

Recommended System Requirements for OnlyOffice DocumentServer
RAM: 4 GB or more
CPU: dual-core 2 GHz or higher
Swap: at least 2 GB
HDD: at least 2 GB of free space
Distribution: 64-bit Red Hat, CentOS or other compatible distributive with kernel version 3.8 or later, 64-bit Debian, Ubuntu or other compatible distributive with kernel version 3.8 or later
Docker: version 1.9.0 or later

Install docker source:

sudo apt-get update

sudo apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg2 \

curl -fsSL | sudo apt-key add -

sudo add-apt-repository \
"deb [arch=amd64] \
$(lsb_release -cs) \
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli

Install OODocumentServer source:

Running ONLYOFFICE Document Server on Different Port
To change the port, use the -p command. E.g.: to make your portal accessible via port 8080 execute the following command:
sudo docker run -i -t -d -p 8080:80 onlyoffice/documentserver

Running ONLYOFFICE Document Server using HTTPS

sudo docker run -i -t -d -p 443:443 \
-v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data onlyoffice/documentserver

Access to the onlyoffice

application can be secured using SSL so as to prevent unauthorized access. While a CA certified SSL certificate allows for verification of trust via the CA, a self signed certificates can also provide an equal level of trust verification as long as each client takes some additional steps to verify the identity of your website. Below the instructions on achieving this are provided.
To secure the application via SSL basically two things are needed:

Private key (.key)

SSL certificate (.crt)

So you need to create and install the following files:

When using CA certified certificates, these files are provided to you by the CA. When using self-signed certificates you need to generate these files yourself. Skip the following section if you are have CA certified SSL certificates.

Generation of Self Signed Certificates

Generation of self-signed SSL certificates involves a simple 3 step procedure.
STEP 1: Create the server private key

openssl genrsa -out onlyoffice.key 2048

STEP 2: Create the certificate signing request (CSR)

openssl req -new -key onlyoffice.key -out onlyoffice.csr

STEP 3: Sign the certificate using the private key and CSR

openssl x509 -req -days 365 -in onlyoffice.csr -signkey onlyoffice.key -out onlyoffice.crt

You have now generated an SSL certificate that’s valid for 365 days.

To have Nextcloud ignore the selfsigned certificate add following to /var/www/nextcloud/config/config.php just before the last );

'onlyoffice' =>
array (
'verify_peer_off' =>TRUE,

You can now enable and configure the ONLYOFFICE app in Nextcloud and set it to the local server IP using https

Instead you can also run certbot to obtain a letsencrypt certificate, and copy the obtained /etc/letsencrypt/archive/oo.domain.tld/cert_key.pem to /app/onlyoffice/DocumentServer/data/certs/onlyoffice.key and the /etc/letsencrypt/archive/oo.domain.tld/cert.pem to /app/onlyoffice/DocumentServer/data/certs/onlyoffice.crt

Key generation section could use some code formatting (cannot access from my mobile).

FYI you can add a table of contents under topic gear icon in edit menu and clarify headers using ### in markdown.


Do you think this makes more sense to add to the #how-to-faqs section of the forum? It is x86 only, yes? And not ncp specific. I’m not concerned other way, just curious.

Yep, I created this how to as a pastebin initially, sharing it when asked about OO. Copied it to the docs, not very long ago, when someone suggested I move it there.
Not even sure if it is not already in the forum somewhere too :face_with_raised_eyebrow:

Does this post need more work?

I still use procedure as described in the article. Afaik it can go from draft to FAQ or docs section.
Other then that, It would be nice to have a script that checks for and copies new certificates and keys to the OO docker path.