Question

Setting up OnlyOffice with Let's Encrypt

Posted February 4, 2020 467 views
Let's EncryptONLYOFFICE 1-Click App

Hi there,

How can one setup OnlyOffice from the Marketplace with Let’s Encrypt. I’ve tried using the generic LE guide on DO tutorials, but that changes the config to direct the domain to the default nginx page. Any ideas?

Add a comment
rtaibah
By:
rtaibah
edited by AHA
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers
AHA February 5, 2020

Hey @rtaibah

I had a look for myself, and I think you are getting that issue because you are attempting to install Lets Encrypt via the nginx running on the Ubuntu VM, but the OnlyOffice One-Click is configured to just skip that and forward everything from port 80 and 443 (HTTP/HTTPS ports) directly to a docker container. All the config and logic is inside the Docker container.

This is not really a great method because you are going into the docker container and modifying it, but I think it should work:

  1. SSH into the Droplet
  2. List the ID’s of the running docker containers with docker container ls - look for the ID of the “onlyoffice/communityserver” container, you will also see it has the HTTP/HTTPS ports proxied to it.
  3. Now initialize a bash session inside the container by running: docker exec -it ID_OF_COMMUNITY_IMAGE /bin/bash
  4. Now you can go through the Let’s Encrypt instructions you referenced earlier, with a couple important notes:

A. The nginx config file for onlyoffice is located at /etc/nginx/sites-enabled/onlyoffice <– that’s where you add the `servername …; line_
B. Instead of running systemctl reload nginx you need to run service nginx restart

Reply Report
  • rtaibah February 5, 2020

    Great! That worked :)

    The auto renewal test failed though. Shouldn’t this be a guide. I am willing to write it up if this is the best way to get ssl on OnlyOffice.

    Reply Report
henry000 February 6, 2020

Thanks for the question and answer, I am doing the exact same thing!

However, when I tried to generate the certificate I get the following error:

Could not automatically find a matching server block for mydomain.co. Set the `server_name` directive to use the Nginx installer.

My /etc/nginx/sites-available/onlyoffice file looks like this:

upstream fastcgi_backend {
        server unix:/var/run/onlyoffice/onlyoffice.socket;
        keepalive 32;
}

server {
        listen 80;
        listen 443 ssl;
        server_name mydomain.co www.mydomain.co;

        ssl_certificate {{SSL_CERTIFICATE_PATH}};
        ssl_certificate_key {{SSL_KEY_PATH}};

        fastcgi_keep_conn on;
        fastcgi_index   Default.aspx;
        fastcgi_intercept_errors on;


        include fastcgi_params;

        fastcgi_param HTTP_X_REWRITER_URL $http_x_rewriter_url;
        fastcgi_param SERVER_NAME $host;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO "";

        fastcgi_read_timeout    600;
        fastcgi_send_timeout    600;


        location / {
                root    /var/www/onlyoffice/WebStudio/;
                expires           0;
                add_header        Cache-Control no-cache;
                rewrite ^(.*)$ /StartConfigure.htm  break;
        }

        location /api {
                fastcgi_pass fastcgi_backend;
                break;
        }

        location  ~* ^/(warmup[2-9]?)/ {
                rewrite /warmup([^/]*)/(.*) /$2 break;
                fastcgi_pass unix:/var/run/onlyoffice/onlyoffice$1.socket;
        }
}

The nginx -t command returns OK/success.

Any idea?

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help