ONLYOFFICE 7.0: online forms, password protection in sheets, collaboration improvements and much more
ONLYOFFICE 7.0 released

Docker SSL certs location

Hi everyone, and thank you for welcoming me.
I’m luctus, and this is my fisrt post.
I have projects for a french common interest organization. I would like to ask for some help from the pros working on Docker w/OnlyOffice.

Type of installation of the Document Server (docker)
OS: Ubuntu Linux
Browser version: Firefox/Chrome based, Windows Clients

So we just bought SSL certs, and we need to certify the whole server network with them.
So I created containers with docker-compose, tested and enjoyed the app, uploaded them Certs in a folder of this fresh installed Ubuntu Linux Server.

The Documentation on docker-compose , at Setting Up HTTPS is telling me to uncomment these following lines on the Docker-compose.yml file.

- FORCE_SSL=true

- CERT_FOLDER=/certs/

- /app/onlyoffice/DocumentServer/data/certs/onlyoffice.pem:/certs/cert1.pem

However, I can’t seem to find the right block, nor these keywords by searching this long config file. Anyone knows precisely on which block I should write them up ?

Moreover, I have made back ups, and I searched every docker container looking for the /app folder, and at the root of the Server, which does not seem to exist. May I create that directory without compromising the health of the server/container ?

Thank you very much, hope my expression is clear enough :slight_smile:

Hello luctus.

Sorry for the late reply.

The mentioned guide is outdated. I’m so sorry about it. We will take a closer look at it and we will rewrite it. Meanwhile, I suggest using this guide as a workaround solution to deploy ONLYOFFICE via docker with HTTPS feature: Installing ONLYOFFICE Docs for Docker on a local server - ONLYOFFICE

Hi Alexandre,
Thank you for your answer, can’t wait to try working around with this.

No worries, I’m still tryna figure out how to import them on a few different servers (like old fashioned Exchange) and I’ve beeen able to get owncloud use my commercial SSL certificate. However, I’d be really happy to contribute to writing the EN/FR Documentation with you as soon as I find how to interact with Docker-compose.

The need for a Wildcard certificate appends because this local server should be integrated in an owncloud environment from its web GUI. I believe creating Wildcards certificates using LE would lead to a similar issue

Probably we have one more workaround solution for you. You can try to use yml file from this repo: https://github.com/ONLYOFFICE/Docker-DocumentServer/blob/master/cluster.yml

in the file, you need to replace image: * ds-image with the actual image of the documentserver image: onlyoffice/documentserver.

After that try to merge the certificate files to one file, set the path and uncomment the necessary lines (as the old guide provides). After that you can run docker-compose -f cluster.yml up -d

1 Like

Tried the cluster.yml solution.
I encountered errors involving some docker-compose versions mismatches and pasted the modified cluster.yml in Document-server/cluster.yml

ERROR: The Compose file './cluster.yml' is invalid because:
Invalid top-level property "onlyoffice/documentserver". Valid top-level sections for this Compose file are: version, services, networks, volumes, and extensions starting with "x-".

You might be seeing this error because you're using the wrong Compose file version. Either specify a supported version (e.g "2.2" or "3.3") and place your service definitions under the `services` key, or omit the `version` key and place your service definitions at the root of the file to use version 1.
For more on the Compose file format versions, see https://docs.docker.com/compose/compose-file/

docker-compose up -d looked fine until step 5/15 at running the script

Step 4/15 : ARG ONLYOFFICE_VALUE=onlyoffice
 ---> Running in ee7869c9a227
Removing intermediate container ee7869c9a227
 ---> 155c47e99593
Step 5/15 : RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d &&     apt-get -y update &&     apt-get -yq install wget apt-transport-https gnupg locales &&     apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 &&     locale-gen en_US.UTF-8 &&     echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections &&     apt-get -yq install         adduser         apt-utils         bomstrip         certbot         curl         gconf-service         htop         libasound2         libboost-regex-dev         libcairo2         libcurl3-gnutls         libcurl4         libgtk-3-0         libnspr4         libnss3         libstdc++6         libxml2         libxss1         libxtst6         mysql-client         nano         net-tools         netcat-openbsd         nginx-extras         postgresql         postgresql-client         pwgen         rabbitmq-server         redis-server         software-properties-common         sudo         supervisor         ttf-mscorefonts-installer         xvfb         zlib1g &&     if [  $(ls -l /usr/share/fonts/truetype/msttcorefonts | wc -l) -ne 61 ];         then echo 'msttcorefonts failed to download'; exit 1; fi  &&     echo "SERVER_ADDITIONAL_ERL_ARGS=\"+S 1:1\"" | tee -a /etc/rabbitmq/rabbitmq-env.conf &&     sed -i "s/bind .*/bind 127.0.0.1/g" /etc/redis/redis.conf &&     sed 's|\(application\/zip.*\)|\1\n    application\/wasm wasm;|' -i /etc/nginx/mime.types &&     pg_conftool $PG_VERSION main set listen_addresses 'localhost' &&     service postgresql restart &&     sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE;" &&     sudo -u postgres psql -c "CREATE USER $ONLYOFFICE_VALUE WITH password '$ONLYOFFICE_VALUE';" &&     sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE $ONLYOFFICE_VALUE TO $ONLYOFFICE_VALUE;" &&     service postgresql stop &&     service redis-server stop &&     service rabbitmq-server stop &&     service supervisor stop &&     service nginx stop &&     rm -rf /var/lib/apt/lists/*
 ---> Running in 93f846d34a02
Err:1 http://security.ubuntu.com/ubuntu focal-security InRelease
  Temporary failure resolving 'security.ubuntu.com'
Err:2 http://archive.ubuntu.com/ubuntu focal InRelease
  Temporary failure resolving 'archive.ubuntu.com'
Err:3 http://archive.ubuntu.com/ubuntu focal-updates InRelease
  Temporary failure resolving 'archive.ubuntu.com'
Err:4 http://archive.ubuntu.com/ubuntu focal-backports InRelease
  Temporary failure resolving 'archive.ubuntu.com'
Reading package lists...
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/focal/InRelease  Temporary failure resolving 'archive.ubuntu.com'
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/focal-updates/InRelease  Temporary failure resolving 'archive.ubuntu.com'
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/focal-backports/InRelease  Temporary failure resolving 'archive.ubuntu.com'
W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/focal-security/InRelease  Temporary failure resolving 'security.ubuntu.com'
W: Some index files failed to download. They have been ignored, or old ones used instead.
Reading package lists...
Building dependency tree...
Reading state information...
Package gnupg is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source

Package locales is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source

E: Unable to locate package wget
E: Package 'gnupg' has no installation candidate
E: Package 'locales' has no installation candidate
ERROR: Service 'onlyoffice-documentserver' failed to build: The command '/bin/sh -c echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d &&     apt-get -y update &&     apt-get -yq install wget apt-transport-https gnupg locales &&     apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 &&     locale-gen en_US.UTF-8 &&     echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections &&     apt-get -yq install         adduser         apt-utils         bomstrip         certbot         curl         gconf-service         htop         libasound2         libboost-regex-dev         libcairo2         libcurl3-gnutls         libcurl4         libgtk-3-0         libnspr4         libnss3         libstdc++6         libxml2         libxss1         libxtst6         mysql-client         nano         net-tools         netcat-openbsd         nginx-extras         postgresql         postgresql-client         pwgen         rabbitmq-server         redis-server         software-properties-common         sudo         supervisor         ttf-mscorefonts-installer         xvfb         zlib1g &&     if [  $(ls -l /usr/share/fonts/truetype/msttcorefonts | wc -l) -ne 61 ];         then echo 'msttcorefonts failed to download'; exit 1; fi  &&     echo "SERVER_ADDITIONAL_ERL_ARGS=\"+S 1:1\"" | tee -a /etc/rabbitmq/rabbitmq-env.conf &&     sed -i "s/bind .*/bind 127.0.0.1/g" /etc/redis/redis.conf &&     sed 's|\(application\/zip.*\)|\1\n    application\/wasm wasm;|' -i /etc/nginx/mime.types &&     pg_conftool $PG_VERSION main set listen_addresses 'localhost' &&     service postgresql restart &&     sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE;" &&     sudo -u postgres psql -c "CREATE USER $ONLYOFFICE_VALUE WITH password '$ONLYOFFICE_VALUE';" &&     sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE $ONLYOFFICE_VALUE TO $ONLYOFFICE_VALUE;" &&     service postgresql stop &&     service redis-server stop &&     service rabbitmq-server stop &&     service supervisor stop &&     service nginx stop &&     rm -rf /var/lib/apt/lists/*' returned a non-zero code: 100
root@ubumac:~/Docker-DocumentServer# docker-compose up -d
Building onlyoffice-documentserver
Step 1/15 : FROM ubuntu:20.04
 ---> ba6acccedd29
Step 2/15 : LABEL maintainer Ascensio System SIA <support@onlyoffice.com>
 ---> Using cache
 ---> 30c76fad9074
Step 3/15 : ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=12
 ---> Using cache
 ---> 8168f5abad11
Step 4/15 : ARG ONLYOFFICE_VALUE=onlyoffice
 ---> Using cache
 ---> 155c47e99593
Step 5/15 : RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d &&     apt-get -y update &&     apt-get -yq install wget apt-transport-https gnupg locales &&     apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 &&     locale-gen en_US.UTF-8 &&     echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections &&     apt-get -yq install         adduser         apt-utils         bomstrip         certbot         curl         gconf-service         htop         libasound2         libboost-regex-dev         libcairo2         libcurl3-gnutls         libcurl4         libgtk-3-0         libnspr4         libnss3         libstdc++6         libxml2         libxss1         libxtst6         mysql-client         nano         net-tools         netcat-openbsd         nginx-extras         postgresql         postgresql-client         pwgen         rabbitmq-server         redis-server         software-properties-common         sudo         supervisor         ttf-mscorefonts-installer         xvfb         zlib1g &&     if [  $(ls -l /usr/share/fonts/truetype/msttcorefonts | wc -l) -ne 61 ];         then echo 'msttcorefonts failed to download'; exit 1; fi  &&     echo "SERVER_ADDITIONAL_ERL_ARGS=\"+S 1:1\"" | tee -a /etc/rabbitmq/rabbitmq-env.conf &&     sed -i "s/bind .*/bind 127.0.0.1/g" /etc/redis/redis.conf &&     sed 's|\(application\/zip.*\)|\1\n    application\/wasm wasm;|' -i /etc/nginx/mime.types &&     pg_conftool $PG_VERSION main set listen_addresses 'localhost' &&     service postgresql restart &&     sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE;" &&     sudo -u postgres psql -c "CREATE USER $ONLYOFFICE_VALUE WITH password '$ONLYOFFICE_VALUE';" &&     sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE $ONLYOFFICE_VALUE TO $ONLYOFFICE_VALUE;" &&     service postgresql stop &&     service redis-server stop &&     service rabbitmq-server stop &&     service supervisor stop &&     service nginx stop &&     rm -rf /var/lib/apt/lists/*
 ---> Running in a1ea022c3c40
Err:1 http://security.ubuntu.com/ubuntu focal-security InRelease
  Temporary failure resolving 'security.ubuntu.com'
Err:2 http://archive.ubuntu.com/ubuntu focal InRelease
  Temporary failure resolving 'archive.ubuntu.com'
Err:3 http://archive.ubuntu.com/ubuntu focal-updates InRelease
  Temporary failure resolving 'archive.ubuntu.com'
Err:4 http://archive.ubuntu.com/ubuntu focal-backports InRelease
  Temporary failure resolving 'archive.ubuntu.com'
Reading package lists...
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/focal/InRelease  Temporary failure resolving 'archive.ubuntu.com'
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/focal-updates/InRelease  Temporary failure resolving 'archive.ubuntu.com'
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/focal-backports/InRelease  Temporary failure resolving 'archive.ubuntu.com'
W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/focal-security/InRelease  Temporary failure resolving 'security.ubuntu.com'
W: Some index files failed to download. They have been ignored, or old ones used instead.
Reading package lists...
Building dependency tree...
Reading state information...
Package gnupg is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source

Package locales is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source

E: Unable to locate package wget
E: Package 'gnupg' has no installation candidate
E: Package 'locales' has no installation candidate
ERROR: Service 'onlyoffice-documentserver' failed to build: The command '/bin/sh -c echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d &&     apt-get -y update &&     apt-get -yq install wget apt-transport-https gnupg locales &&     apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 &&     locale-gen en_US.UTF-8 &&     echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections &&     apt-get -yq install         adduser         apt-utils         bomstrip         certbot         curl         gconf-service         htop         libasound2         libboost-regex-dev         libcairo2         libcurl3-gnutls         libcurl4         libgtk-3-0         libnspr4         libnss3         libstdc++6         libxml2         libxss1         libxtst6         mysql-client         nano         net-tools         netcat-openbsd         nginx-extras         postgresql         postgresql-client         pwgen         rabbitmq-server         redis-server         software-properties-common         sudo         supervisor         ttf-mscorefonts-installer         xvfb         zlib1g &&     if [  $(ls -l /usr/share/fonts/truetype/msttcorefonts | wc -l) -ne 61 ];         then echo 'msttcorefonts failed to download'; exit 1; fi  &&     echo "SERVER_ADDITIONAL_ERL_ARGS=\"+S 1:1\"" | tee -a /etc/rabbitmq/rabbitmq-env.conf &&     sed -i "s/bind .*/bind 127.0.0.1/g" /etc/redis/redis.conf &&     sed 's|\(application\/zip.*\)|\1\n    application\/wasm wasm;|' -i /etc/nginx/mime.types &&     pg_conftool $PG_VERSION main set listen_addresses 'localhost' &&     service postgresql restart &&     sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE;" &&     sudo -u postgres psql -c "CREATE USER $ONLYOFFICE_VALUE WITH password '$ONLYOFFICE_VALUE';" &&     sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE $ONLYOFFICE_VALUE TO $ONLYOFFICE_VALUE;" &&     service postgresql stop &&     service redis-server stop &&     service rabbitmq-server stop &&     service supervisor stop &&     service nginx stop &&     rm -rf /var/lib/apt/lists/*' returned a non-zero code: 100

Right now i’m trying to build another docker-compose based on what you wrote as the first response and see how it’s going.

I may specify one more thing : I’m home and not working on the domain concerned by the commercial Cert, could that be any limitation in the process?
I’m doing a backup of the modified cluster.yml and docker-compose.yml before trying , you might want to throw an eye on them?

thank you for your grateful help.

Hello luctus.

I sent you our example of yml file via PM which we tested recently (can’t post yml\zip file here). Please take a look at it and compare with your own one.
Cert location for .pem file: /app/onlyoffice/DocumentServer/data/certs/

1 Like

Thank you Alex for your help.
The request can be closed since we have found what was going on.

GoDaddy certificates needed, like Certbot LetsEncrypt to have a the 80 port opened too.
So I did a docker run and specified the -p 80:80 option next to the -p 443:443 option when building or loading the container.

Next, I’m going to test this with docker-compose, and see how it behaves when I try to specify these ports in the docker-compose.yml file.

:smiley: I’m so excited! :smiley:

thank you so much!
Have real nice holidays / enjoy your xmass / etc../

1 Like