Try the fastest and simplest way to install ONLYOFFICE

Docker-Compose Success?

Questions/problems on Docker

Docker-Compose Success?

Postby dconroy » Mon Apr 03, 2017 1:03 pm

Hi Community,
We're looking to take the leap into OnlyOffice for a rather large implementation after evaluating the online offering and have wanted to get working under docker-compose as the scripts do not operate in our environment.

ur implementation relies on an Nginx proxy which speaks only to the Community Server via http but serves it to the public as HTTPS via letsencrypt certificates, and allows the containers themselves to communicate to each other via HTTP. We use the jwilder/nginx-proxy along with the letsencrypt companion on many other containers yet are facing issues with getting the Document server to load documents.

Our Docker-compose.yml is as follows:
Code: Select all
version: '2'
services:

  oo-db:
    container_name: oo-db
    restart: always
    image: mariadb
    volumes:
      - ./db:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=password
      - MYSQL_DATABASE=cs
      - MYSQL_USER=oo
      - MYSQL_PASSWORD=userpassword
    networks:
      - proxy-tier


  oo-ds-app:
    container_name: oo-ds-app
    restart: always
    image: onlyoffice/documentserver
    volumes:
      - ./ds/logs:/var/log/onlyoffice
      - ./ds/data:/var/www/onlyoffice/Data
      - ./ds/fonts:/usr/share/fonts/truetype/custom
    stdin_open: true
    tty: true
    networks:
      - proxy-tier


  oo-cs-app:
    container_name: oo-cs-app
    restart: always
    image: onlyoffice/communityserver
    ports:
      - 5222:5222
    volumes:
      - ./cs/data:/var/www/onlyoffice/Data
      #- ./db:/var/lib/mysql
      - ./cs/logs:/var/log/onlyoffice
      - ./ds/data:/var/www/onlyoffice/DocumentServerData               
    environment:
      - DOCUMENT_SERVER_PORT_80_TCP_ADDR=oo-ds-app
      - DOCKER_ENABLED=true
      - VIRTUAL_HOST=host@hostname.com
      - VIRTUAL_NETWORK=nginx-proxy
      - VIRTUAL_PORT=80
      - LETSENCRYPT_HOST=host.hostname.com
      - LETSENCRYPT_EMAIL=user@hostname.com

      - MAIL_SERVER_DB_HOST=oo-mail-app
      - SERVER_HOST=oo-cs-app

      - MYSQL_SERVER_HOST=oo-db
      - MYSQL_SERVER_DB_NAME=cs
      - MYSQL_SERVER_USER=oo
      - MYSQL_SERVER_PASS=userpassword
      - MYSQL_SERVER_PORT=3306
    stdin_open: true
    tty: true
    networks:
      - proxy-tier

  oo-mail-app:
    container_name: oo-mail-app
    restart: always
    image: onlyoffice/mailserver
    hostname: mx.test.com
    ports:
      - 25:25
      - 587:587
      - 993:993
      - 8081:8081
    environment:
      - CONFIGURATION_ONLY=YES
      - USE_DOCKER=YES
    volumes:
      - ./mail/certs:/etc/pki/tls/mailserver
      - ./mail/logs:/var/log
      - ./mail/db:/var/lib/mysql
    stdin_open: true
    tty: true
    privileged: true
    networks:
      - proxy-tier

networks:
  proxy-tier:
    external:
      name: nginx-proxy

--


While this allows us to load the Community Server, the Document Server component displays an error when loading any documents that simply says "Unknown Error - Press OK to return to Document List". Additionally, in Settings -> Integration -> Document Service, the first option "Document Editing Service Address" only contains /OfficeWeb/apps/api/documents/api.js where as all the other options contain "http://oo-ds-app/<content>". When attempting to update this field, we are met with an error that says "API Service is not defined".

I am stumped before I am able to release this to my developers to begin their investigations on integration and implementation. Perhaps members of the community can also relay their experiences with using the LetsEncrypt Certificate service along with a Nginx Reverse Proxy on docker w/ docker-compose ?

Kind Regards, Dave
dconroy
 
Posts: 3
Joined: Mon Apr 03, 2017 12:38 pm

Re: Docker-Compose Success?

Postby Maxim » Tue Apr 04, 2017 6:50 am

Hello dconroy!
I suppose you should run all servers using https.
Running ONLYOFFICE Document Server using HTTPS
Running Community Server using HTTPS protocol
Maxim
 
Posts: 790
Joined: Tue Oct 11, 2016 2:34 pm

Re: Docker-Compose Success?

Postby dconroy » Sat Apr 15, 2017 9:04 pm

I have finally had the time to try this again, yet it seems after following the steps that it is not recognizing we wish to use HTTPS and therefore not creating the appropriate SSL configuration for nginx (inside the onlyoffice-community-server container).

Because we utilize Reverse proxies for SSL termination we cannot proceed further with our evaluation of OO due to the Document Editing feature failing. We will monitor to see if it is ever resolved and commence reevaluation again. The jwilder/nginx-proxy + jrcs/letsencrypt-companion images are very well used across docker installations and I'm fairly certain others will be experiencing the same problems instead of having to manually work with SSL certificates inside each of the containers. Regards,
Dave
dconroy
 
Posts: 3
Joined: Mon Apr 03, 2017 12:38 pm

Re: Docker-Compose Success?

Postby Maxim » Mon Apr 17, 2017 7:47 am

Hello dconroy!
Maybe this will help you
Maxim
 
Posts: 790
Joined: Tue Oct 11, 2016 2:34 pm

Re: Docker-Compose Success?

Postby dconroy » Mon Apr 17, 2017 3:08 pm

Thanks Maxim for your patience! I couldn't sleep all night and got up and went at it with a fresh mind, and.. SUCCESS! I'm assuming the Enterprise Edition will be a similar success.

For those who wish to utilize a Nginx SSL Reverse Proxy here is a working docker-compose.yml file with all services inside of the container seperated for better performance/management purposes.

Code: Select all
version: '2'
services:
  oo-cs-app:
    container_name: oo-cs-app
    image: onlyoffice/communityserver:latest
    depends_on:
      - oo-cs-db
    environment:
      - VIRTUAL_PROTO=https
      - VIRTUAL_HOST=onlyoffice
      - VIRTUAL_NETWORK=nginx-proxy
      - VIRTUAL_PORT=443
      - LETSENCRYPT_HOST=onlyoffice
      - LETSENCRYPT_EMAIL=email@hostname.com

      - MAIL_SERVER_DB_HOST=oo-mail-app

      - MYSQL_SERVER_HOST=oo-cs-db
      - MYSQL_SERVER_DB_NAME=onlyoffice-cs
      - MYSQL_SERVER_USER=onlyoffice
      - MYSQL_SERVER_PASS=password
      - MYSQL_SERVER_PORT=3306
      - MYSQL_SERVER_EXTERNAL=true

      - SSL_CERTIFICATES_DIR=/certs
      - SSL_CERTIFICATE_PATH=/certs/cert.pem
      - SSL_KEY_PATH=/certs/key.pem
      - SSL_DHPARAM_PATH=/certs/dhparam.pem
      - SSL_VERIFY_CLIENT=off
      - ONLYOFFICE_HTTPS_HSTS_ENABLED=false

      - REDIS_SERVER_HOST=oo-redis
      - REDIS_SERVER_CACHEPORT=6379
      - REDIS_SERVER_DATABASE=7

      - DOCUMENT_SERVER_ENABLED=true
      - DOCUMENT_SERVER_PORT_80_TCP_ADDR=oo-ds-app
    networks:
     - proxy-tier
    ports:
     - xx.xx.xx.xx:80:80
     - xx.xx.xx.xx:443:443
     - xx.xx.xx.xx:5222:5222
    stdin_open: true
    tty: true
    restart: always
    volumes:
     - /var/local/data/onlyoffice/cs/data:/var/www/onlyoffice/Data
     - /var/local/data/onlyoffice/cs/log:/var/log/onlyoffice
     - /var/local/data/onlyoffice/ds/data:/var/www/onlyoffice/DocumentServerData
     - /var/local/data/nginx-proxy/conf/certs/onlyoffice:/certs:ro

  oo-cs-db:
    container_name: oo-cs-db
    restart: always
    image: mariadb:latest
    volumes:
      - /var/local/db/onlyoffice/cs:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=rootpassword
      - MYSQL_DATABASE=onlyoffice-cs
      - MYSQL_USER=onlyoffice
      - MYSQL_PASSWORD=password
    networks:
      - proxy-tier

  oo-redis:
    container_name: oo-redis
    restart: always
    image: redis:alpine
    command:
    - --loglevel warning
    networks:
      - proxy-tier
    volumes:
    - /var/local/db/onlyoffice/redis:/var/lib/redis:Z


  oo-ds-data:
    container_name: oo-ds-data
    image: onlyoffice/documentserver:latest
    environment:
      - ONLYOFFICE_DATA_CONTAINER=true
      - POSTGRESQL_SERVER_HOST=oo-ds-db
      - POSTGRESQL_SERVER_PORT=5432
      - POSTGRESQL_SERVER_DB_NAME=oo-ds
      - POSTGRESQL_SERVER_USER=onlyoffice
      - POSTGRESQL_SERVER_PASS=password
      - RABBITMQ_SERVER_URL=amqp://guest:guest@oo-ds-rabbitmq
      - REDIS_SERVER_HOST=oo-redis
      - REDIS_SERVER_PORT=6379
    stdin_open: true
    restart: always
    networks:
      - proxy-tier
    volumes:
       - /var/local/data/onlyoffice/ds/data:/var/www/onlyoffice/Data
       - /var/local/data/onlyoffice/ds/log:/var/log/onlyoffice
       - /var/local/data/onlyoffice/ds/fonts:/usr/share/fonts/truetype/custom

   oo-ds-app:
    container_name: oo-ds-app
    image: onlyoffice/documentserver:latest
    depends_on:
      - oo-ds-data
      - oo-ds-db
      - oo-ds-rabbitmq
    environment:
      - ONLYOFFICE_DATA_CONTAINER_HOST=oo-ds-data
      - BALANCE=uri depth 3
      - EXCLUDE_PORTS=443
      - HTTP_CHECK=GET /healthcheck
      - EXTRA_SETTINGS=http-check expect string true
    stdin_open: true
    restart: always
    networks:
      - proxy-tier
    expose:
      - '80'
    volumes_from:
      - oo-ds-data

    oo-ds-rabbitmq:
    container_name: oo-ds-rabbitmq
    image: rabbitmq:alpine
    restart: always
    volumes:
      - /var/local/db/onlyoffice/ds-rabbitmq:/var/lib/rabbitmq
    networks:
     - proxy-tier
    expose:
      - '5672'

  oo-ds-db:
    container_name: oo-ds-db
    image: postgres:9.5-alpine
    environment:
      - POSTGRES_DB=oo-ds
      - POSTGRES_USER=onlyoffice
      - POSTGRES_PASSWORD=password
    networks:
      - proxy-tier
    restart: always
    expose:
      - '5432'
    volumes:
      - /var/local/db/onlyoffice/ds:/var/lib/postgresql

  oo-mail-app:
    container_name: oo-mail-app
    restart: always
    image: onlyoffice/mailserver
    hostname: mx.onlyoffice
    ports:
      - xx:25:25
      - xx:587:587
      - xx:993:993
      - xx:8081:8081
    environment:
      - DOMAIN_ADMIN_PASSWD=password
    volumes:
      - /var/local/data/onlyoffice/mail/data:/var/mail
      - /var/local/data/onlyoffice/mail/certs:/etc/pki/tls/mailserver
      - /var/local/data/onlyoffice/mail/logs:/var/log
      - /var/local/db/onlyoffice/mail:/var/lib/mysql
     
    stdin_open: true
    tty: true
    privileged: true
    networks:
      - proxy-tier


networks:
  proxy-tier:
    external:
      name: nginx-proxy
dconroy
 
Posts: 3
Joined: Mon Apr 03, 2017 12:38 pm


Return to Docker Version

Who is online

Users browsing this forum: No registered users and 1 guest