Install ONLYOFFICE Docs on Fedora Linux with Podman and connect it with Nextcloud

Photo by Chris Leggat on Unsplash

If you need a reliable office suite for online editing and collaboration within your sync & share platform, you can try ONLYOFFICE Docs. In this tutorial, we learn how to install it on your Fedora Linux with Podman and discover the ONLYOFFICE-Nextcloud integration.

What is ONLYOFFICE Docs

ONLYOFFICE Docs (Document Server) is an open-source office suite distributed under GNU AGPL v3.0. It is comprised of web-based viewers and collaborative editors for text documents, spreadsheets, and presentations. The suite is highly compatible with OOXML formats (docx, xlsx, pptx).

A brief features overview includes:

  • Full set of editing and styling tools, operations with fonts and styles, paragraph and text formatting.
  • Inserting and customizing all kinds of objects: shapes, charts, text art, text boxes, etc.
  • Academic formatting and navigation: endnotes, footnotes, table of contents, bookmarks.
  • Content Controls for creating digital forms and templates.
  • Extending functionality with plugins, building your own plugins using API.
  • Collaborative features: real-time and paragraph-locking co-editing modes, review and track changes, comments and mentions, integrated chat, version history.
  • Flexible access permissions: edit, view, comment, fill forms, review, restriction on copying, downloading, and printing, custom filter for spreadsheets.

You can integrate ONLYOFFICE Docs with various cloud services such as Nextcloud, ownCloud, Seafile, Alfresco, Plone, etc. What’s more, developers can embed the editors into their own solutions. 

You can also use the suite together with ONLYOFFICE Groups, a free open-source collaboration platform distributed under Apache 2.0. The complete solution is available as ONLYOFFICE Workspace.

What is Podman

Podman is a daemonless container engine for developing, managing, and running OCI containers on your Linux system. Users can run containers either as root or in rootless mode. 

It is available by default on Fedora Workstation. If it’s not the case, install podman with the command:

sudo dnf install podman

What you need for ONLYOFFICE Docs installation

  • CPU: single core 2 GHz or better
  • RAM: 2 GB or more
  • HDD: at least 40 GB of free space
  • At least 4 GB of swap

Install and run ONLYOFFICE Docs

Start with the following commands for the root-privileged deployment. This creates directories for mounting from the container to the host system:

$ sudo mkdir -p /app/onlyoffice/DocumentServer/logs \
 /app/onlyoffice/DocumentServer/data \
 /app/onlyoffice/DocumentServer/lib \
 /app/onlyoffice/DocumentServer/db

Now mount these directories via podman. When prompted, select the image from docker.io):

$ sudo podman run -i -t -d -p 80:80 -p 443:443 --restart=always \
 -v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice:Z \
 -v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data:Z \
 -v /app/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice:Z \
 -v /app/onlyoffice/DocumentServer/db:/var/lib/postgresql:Z \
 -u root onlyoffice/documentserver:latest

Please note that rootless deployment is NOT recommended for ONLYOFFICE Docs.

To check that ONLYOFFICE is working correctly, run:

$ sudo podman exec $(sudo podman ps -q) sudo supervisorctl start ds:example

Then, open http://localhost/welcome and click the word “here” in the line Once started the example will be available here. Or look for the orange “button” that says “GO TO TEST EXAMPLE”. This opensthe test example where you can create a document.

Alternatively, to install ONLYOFFICE Docs, you can build an image in podman:

$ git clone https://github.com/ONLYOFFICE/Docker-DocumentServer.git
$ cd Docker-DocumentServer/
$ sudo podman build --tag oods6.2.0:my -f ./Dockerfile

Or build an image from the Docker file in buildah (you need root access):

$ buildah bud --tag oods6.2.0buildah:mybuildah -f ./Dockerfile

Activate HTTPS

To secure the application via SSL basically two things are needed:

  • Private key (.key)
  • SSL certificate (.crt)

So you need to create and install the following files:

/app/onlyoffice/DocumentServer/data/certs/onlyoffice.key
/app/onlyoffice/DocumentServer/data/certs/onlyoffice.crt

You can get certificates in several ways depending on your requirements: buy from certification centers, request from Let’s Encrypt, or create a self-signed certificate through OpenSSL (note that self-signed certificates are not recommended for production use).

Secure ONLYOFFICE Docs switching to the HTTPS protocol:

$ sudo mkdir /app/onlyoffice/DocumentServer/data/certs
$ sudo cp onlyoffice.crt /app/onlyoffice/DocumentServer/data/certs/
$ sudo cp onlyoffice.key /app/onlyoffice/DocumentServer/data/certs/
$ sudo chown -R 100108:100111 /app/onlyoffice/DocumentServer/data/certs/
# find the podman container id
$ sudo podman ps -a
# restart the container to use the new certificate
$ sudo podman restart {container_id}

Now you can integrate ONLYOFFICE Docs with the platform you already use and start working with your documents.

ONLYOFFICE-Nextcloud integration example

To connect ONLYOFFICE Docs and Nextcloud (or any other DMS), you need a connector. This is an integration app that functions like a bridge between two services.  

In case you’re new to Nextcloud, you can install it with Podman following this tutorial.   

If you already have Nextcloud installed, you just need to install and activate the connector. Do this with the following steps:

  1. launch your Nextcloud as an admin,
  2. click your user icon in the upper right corner,
  3. switch to + Apps,
  4. find ONLYOFFICE in the list of available applications in the section “Office & text”,
  5. click the Download and enable button. 

ONLYOFFICE now appears in the Active apps section and you can go ahead with the configuration. 

Select your user icon again in the upper right corner -> Settings -> Administration -> ONLYOFFICE. On the settings page, you can configure:

  • The address of the machine with ONLYOFFICE installed
  • Secret key (JWT that protects docs from unauthorized access)
  • ONLYOFFICE and Nextcloud addresses for internal requests

You can also adjust additional settings which are not mandatory but will make your user experience more comfortable:

  • Restrict access to the editors to user groups
  • Enable/disable the Open file in the same tab option
  • Select file formats that will be opened by default with ONLYOFFICE
  • Customize editor interface
  • Enable watermarking

Conclusion

Installing ONLYOFFICE Docs on Fedora Linux with Podman is quite easy. It will give you a powerful office suite for integration into any Document Managemet System.


						
											
					
Fedora Project community

18 Comments

  1. …Or you can go with google suite, or Office 365. 😀

    Question: If I have a team, they all have to do this on their machines to work collaboratively? or they just need a browser and this install works as a server (if so, why install it on a local machine)? then they would have to replace “localhost” with the “computer network name”…

    • Edgar

      Using google suite or Office 365, you have a data privacy problem… You have no control over your data. Using your own server on your hardware controlled by you our your organization leave your data in-house and under your control.

      Yes, your team just need a browser to use the same server to work together on documents. And they need to specify the name of the server, if the run the browser not on the server itself.

      • Serge Meeuwsen

        “Using google suite or Office 365, you have a data privacy problem… You have no control over your data.”.
        That statement is not entirely true (certainly not for Office 365). You still ‘own’ the data and are responsible for ensuring it is backed up. You can also encrypt that data at rest with your own encryption keys in the Microsoft datacentres, to ensure you have data confidentiality. In addition, you have ways to protect the data at rest on the clients that may be accessing or downloading the data, as well as protecting it with TLS while the data is in transit. The only thing you don’t have direct contol over is how (and where) the encrypted data is stored in the Microsoft datacentres but on the flipside that also means you don’t have to worry about managing the servers (and possibly the hardware they run on), which is considered a big plus for many enterprises, small businesses.

        • Ralf Seidenschwang

          I agree with that. I seems to be a very rare event that Microsoft discloses information to law enforcement or other entities, but it differs between countries.

          The report are not up-to-date, but the counts are very low for civil legal requests or emergencies. I don’t want to comment on criminal cases for obvious reasons.

          The question is if you are able to better protect your in-house data from theft.
          At least the infrastructure you need is associated with costs.
          https://www.microsoft.com/en-us/corporate-responsibility/law-enforcement-requests-report

          I’m a little bit worried about the fact that the number of requests had been particularly high in my home country in 2020.

        • Edgar

          I refer to DS-GVO in Germany / Europe. You cannot store personal data compliant with the General Data Protection Regulation with providers that are subject to U.S. law.

          • Ralf Seidenschwang

            I don’t know what to make of our government in Germany. It seems that many government organizations have specialized in undermining the Constitution.

            One of the most trustworthiness Organisation are associated with data protection.
            There was somehow the discussion that Microsoft had posted some time ago that it’s possible to configure their servers securely in regards to data protection, as demonstrated in a lab environment in one of our most important data protection offices in Germany . This discussion is one or two years old and probably will pop up every upcoming year.
            20 years ago, I would never have thought that I would spend such an incredible amount of time with such questions.

            To think that this will get better in the foreseeable future would be …

            • Edgar

              The problem is that under the General Data Protection Regulation in Germany / Europe, data protection laws must be at the same level of protection as in the EU when storing data or transferring data to these countries. Under the USA Freedom Act, the US government can demand that US companies hand over data on their servers, including servers located in other countries. This means that even if the servers are located in the EU, the US government can access this data.

              Strong encryption can help before storing. However, it is also known that the CIA has large data centers with powerful servers to break encryption.

              • Ralf Seidenschwang

                The problem is that the people I have trouble with certainly will come with the argument that foreign governments…

      • Ralf Seidenschwang

        To be honest, I can fully understand that too. There is a lack of credibility due to many negative experiences in the past, which I can not explain in any way up this day.

  2. Ralf

    Very vivid posting. Greetings to the UK. Thanks.

  3. Sanjay

    This is totally awesome … Gotta try it. Thanks

  4. Asiri Iroshan

    Why Fedora 33 though? Should do this on 34. Anyways, the process is not different I guess. I have not tried this yet but this seems to be a thorough article. Thank you.

  5. Bruce

    I tried to run this on Fedora 34. The web pages came up, but the documents wouldn’t load. Where can I look for more information regarding diagnosing this issue?

  6. Mehdi

    Thank you for this post. I learned good stuff about OnlyOffice.
    Question, is it easy to set this up on a server with a DNS to be easily accessible to several users? The example uses localhost and I am not sure how much work it will take to go from localhost to http://www.example.com.
    It matters for me because I had a lot of problems just to port a localhost-run podman-powered wordpress site to my server at http://www.example.com (used for anonymity).

  7. Ralf Seidenschwang

    I thought the reason for all the container stuff is to make it possible that the containers run independently from your host system or OS-Version you are running on, right? I would be interested in more articles about container-networking in a datacenter-like environment.

  8. John

    OpenOffice – NO development in 10 years. LibreOffice ongoing major development. OpenOffice????? Why????

  9. Matt

    I have to admit I had to read the title a couple of times because I had the same question as John at first haha.

    +1 for supporting LibreOffice! The issue I think is that LibreOffice’s Online edition is limited… they openly say it is unsupported for enterprise to set expectations. I don’t think many enterprises are using Nextcloud, but I think that combination of ONLYOFFICE and Nextcloud can scale a bit better if needed.

Comments are Closed

The opinions expressed on this website are those of each author, not of the author's employer or of Red Hat. Fedora Magazine aspires to publish all content under a Creative Commons license but may not be able to do so in all cases. You are responsible for ensuring that you have the necessary permission to reuse any work on this site. The Fedora logo is a trademark of Red Hat, Inc. Terms and Conditions