Do you want to: Ask a how-to question
Document Server version: latest
Type of installation of the Document Server: Docker and its installation guide
Arch Linux
Hey there,
I’m just trying to set up the onlyoffice docker container to compare it to nextcloud office, but I’m running into some quite annoying issues that have ground all progress to a halt.
At first I tried running the docker container as well as the nextcloud integration, but that’s already where my first problem appeared: There is nothing running on port 443 on the docker container (verified via netstat -tulpn), but the nextcloud integration demands https, for whatever reason. I want to note that at this point I was able to access the onlyoffice welcome page via port 80.
Then I tried putting the docker container behind my caddy reverse proxy. I gave it a subdomain and everything, but now there is no way for me to access anything. All I’m getting are 502s, and so is the nextcloud integration.
What am I supposed to do now? I’m literally all on the default configs. Zero errors in any of the log files. The only potential clue is find: ‘/var/www/onlyoffice/Data/certs’: No such file or directory at the top of the logs.
What is going on here and how do I fix it?
Thanks!
Hello @burgekin,
Please provide the following:
- Screenshot of docker ps command’s output
- A link to the installation guide that you used
- Document Server logs (/var/log/onlyoffice/documentserver - inside the container)
98f1615803ed onlyoffice/documentserver:latest "/app/ds/run-documen…" 22 hours ago Up 22 hours 80/tcp, 443/tcp
# docker exec -it onlyoffice bash
root@98f1615803ed:/# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 750/nginx: master p
tcp 0 0 0.0.0.0:4369 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.11:38145 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:25672 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN -
tcp6 0 0 :::80 :::* LISTEN 750/nginx: master p
tcp6 0 0 :::8000 :::* LISTEN -
tcp6 0 0 :::4369 :::* LISTEN -
tcp6 0 0 :::5672 :::* LISTEN -
tcp6 0 0 ::1:5432 :::* LISTEN -
udp 0 0 127.0.0.11:40833 0.0.0.0:* -
The guide: https://hub.docker.com/r/onlyoffice/documentserver
Logs: http://chonkyrabbit.eu/files/_share/094tg-onlyoffice-logs.tar.gz
Thanks!
I’ve done some more digging with a fresh brain, and I’ve found out a few things:
- Significant brain fart - I swapped the source and destination in the docker compose volume mappings
- Apparently I am required to generate https certificates despite the run command being at the very top of the list. Then and only then will the container listen on port 443. I would’ve expected these to be generated by default at least, but apparently not.
Now I’m running into another issue: Since this container won’t ever work behind a reverse proxy but demands HTTPS, I’m literally unable to serve it using caddy. Caddy wants to do all the cert handling, and that’s what I would prefer as well. Stupidly I actually do need to host openoffice on a publicly reachable location to be able to download the necessary scripts - why?
So there is just no way for me to use onlyoffice then? Why does this container use so many inflexible defaults?
update: had to do what caddy told me not to use in production:
Hello there,
you don’t need to run onlyoffice container with HTTPS. That was your choice.
You simply lack the knowledge how to configure your proxy to integrate your services correctly.
Please educate yourself before you throw around any silly accusations.
Onlyoffice is mostly of the time used as a backend-app for apps like nextcloud.
You don’t have to expose anything to the outside world. You simply have to run your containers on the same network and link them via vpath. No need to use HTTPS either as that should be handled by your reverse proxy, if you in fact have set it up for that, which your should have running nextcloud.
Configuring proxy services is not easy. In most cases you will see some configuration examples for specific cases, you will have to adapt to your host/environment, when necessary. You have your onlyoffice running in a container next to nextcloud. Your best option is to use virtual path to be able to integrate your onlyoffice service inside your nextcloud, both running as docker containers.
There is no example of caddy proxy configuration, but here you can check out the examples we have - Using ONLYOFFICE Docs behind the proxy
I don’t know why you need to be so condescending here. I don’t really even understand what you’re trying to tell me as I really did attempt to set it up without https. As explained, the server exclusively returned 502s via http, even to nextcloud itself.
If I want to be able to use onlyoffice in nextcloud (which also includes other people that I share the files with) they need to be able to access onlyoffice, otherwise it won’t load on their side, so yes, I do need to expose it publicly.
Thanks, unfortunately doing the exact same thing via caddy didn’t work in my case. As mentioned, all I got were 502s, that’s why I had to employ that weird https workaround.
IIRC I even got 502s connecting to the http port without any proxy in between. The same worked flawlessly via https.
Hello there.
I guess you still don’t know much about proxy configuration. You don’t need to expose onlyoffice. That is the beauty when using a proxy. I’m not being condescending. You are simply refusing to accept facts beside you own understanding of the topic. Beside, others (myself included) have working proxy configurations, which clearly prove that they are working when set up correctly. My setup does not expose onlyoffice. Nextcloud communicates with onlyoffice internally via vpath. Personally I don’t use caddy, I use swag.
Throwing around accusation will not solve your issue. If you get a 502 error, you are clearly having a proxy in between. This error is only produced by a gateway/proxy. But that is not so important now.
Onlyoffice provides you with example configurations. Show us what you have configured so far by providing your proxy setup.
If you have installed your container correctly you should be able to reach onlyoffice welcome page manually. That is a sign that the container is working and reachable.
Again, you don’t need https when working with docker containers and you certainly don’t need to expose everything. But it is of course up to you how much you want to expose and if you really need https when linking nextcloud and onlyoffice via a virtual network inside docker. Https makes things little bit more complicated. That’s why it is wise to start with http, make sure things are working and switch to https afterwards.