Introducing DigitalOcean Functions: A powerful, serverless compute solution

Related

Let's Encrypt - how to migrate from servers
Question
[lesaff] serverpilot - letsencrypt
Question

Question

Setting up OnlyOffice with Let's Encrypt

Hi there,

How can one setup OnlyOffice from the Marketplace with Let’s Encrypt. I’ve tried using the generic LE guide on DO tutorials, but that changes the config to direct the domain to the default nginx page. Any ideas?

Subscribe
Share
henry000February 6, 2020

This comment has been deleted

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Andy HattemerFebruary 5, 2020

Hey @rtaibah

I had a look for myself, and I think you are getting that issue because you are attempting to install Lets Encrypt via the nginx running on the Ubuntu VM, but the OnlyOffice One-Click is configured to just skip that and forward everything from port 80 and 443 (HTTP/HTTPS ports) directly to a docker container. All the config and logic is inside the Docker container.

This is not really a great method because you are going into the docker container and modifying it, but I think it should work:

  1. SSH into the Droplet
  2. List the ID’s of the running docker containers with docker container ls - look for the ID of the “onlyoffice/communityserver” container, you will also see it has the HTTP/HTTPS ports proxied to it.
  3. Now initialize a bash session inside the container by running: docker exec -it ID_OF_COMMUNITY_IMAGE /bin/bash
  4. Now you can go through the Let’s Encrypt instructions you referenced earlier, with a couple important notes:

A. The nginx config file for onlyoffice is located at /etc/nginx/sites-enabled/onlyoffice <-- _that’s where you add the server_name ...; line_ B. Instead of running systemctl reload nginxyou need to runservice nginx restart`

Andy HattemerFebruary 5, 2020

Hey @rtaibah

I had a look for myself, and I think you are getting that issue because you are attempting to install Lets Encrypt via the nginx running on the Ubuntu VM, but the OnlyOffice One-Click is configured to just skip that and forward everything from port 80 and 443 (HTTP/HTTPS ports) directly to a docker container. All the config and logic is inside the Docker container.

This is not really a great method because you are going into the docker container and modifying it, but I think it should work:

  1. SSH into the Droplet
  2. List the ID’s of the running docker containers with docker container ls - look for the ID of the “onlyoffice/communityserver” container, you will also see it has the HTTP/HTTPS ports proxied to it.
  3. Now initialize a bash session inside the container by running: docker exec -it ID_OF_COMMUNITY_IMAGE /bin/bash
  4. Now you can go through the Let’s Encrypt instructions you referenced earlier, with a couple important notes:

A. The nginx config file for onlyoffice is located at /etc/nginx/sites-enabled/onlyoffice <-- _that’s where you add the server_name ...; line_ B. Instead of running systemctl reload nginxyou need to runservice nginx restart`

jamesApex27July 16, 2020

I struggled to do this, I found an easier solution was just to create a cloudflare account that basically sat between my droplet and the user and cloudflare provided it’s catch-all SSL certificate.

Really easy, hardly any setup.

Hope this offers a different perspective.

James.

henry000February 6, 2020

Thanks for the question and answer, I am doing the exact same thing!

However, when I tried to generate the certificate I get the following error:

Could not automatically find a matching server block for mydomain.co. Set the `server_name` directive to use the Nginx installer.

My /etc/nginx/sites-available/onlyoffice file looks like this:

upstream fastcgi_backend {
        server unix:/var/run/onlyoffice/onlyoffice.socket;
        keepalive 32;
}

server {
        listen 80;
        listen 443 ssl;
        server_name mydomain.co www.mydomain.co;

        ssl_certificate {{SSL_CERTIFICATE_PATH}};
        ssl_certificate_key {{SSL_KEY_PATH}};

        fastcgi_keep_conn on;
        fastcgi_index   Default.aspx;
        fastcgi_intercept_errors on;


        include fastcgi_params;

        fastcgi_param HTTP_X_REWRITER_URL $http_x_rewriter_url;
        fastcgi_param SERVER_NAME $host;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO "";

        fastcgi_read_timeout    600;
        fastcgi_send_timeout    600;


        location / {
                root    /var/www/onlyoffice/WebStudio/;
                expires           0;
                add_header        Cache-Control no-cache;
                rewrite ^(.*)$ /StartConfigure.htm  break;
        }

        location /api {
                fastcgi_pass fastcgi_backend;
                break;
        }

        location  ~* ^/(warmup[2-9]?)/ {
                rewrite /warmup([^/]*)/(.*) /$2 break;
                fastcgi_pass unix:/var/run/onlyoffice/onlyoffice$1.socket;
        }
}

The nginx -t command returns OK/success.

Any idea?

Join the DigitalOcean CommunityCommunity

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner

Related

Let's Encrypt - how to migrate from servers
Question
[lesaff] serverpilot - letsencrypt
Question
Join the DigitalOcean CommunityCommunity

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner