first commit

install-everything.sh

@@ -0,0 +1,134 @@
+#!/bin/bash
+
+
+# Warning: This BASH script is UNTESTED !!!
+# Before you start: Set DNS Record of Domain Name to this servers IP
+
+# More Infos: https://help.nextcloud.com/t/onlyoffice-compiled-with-mobile-edit-back/79282
+
+# Change your parameters here:
+DOMAIN_NAME="office.notice.at"
+CERT_EMAIL="certbot-announcements@notice.at"
+SECRET="changeme"
+
+# Select Container (should already be ok)
+CONTAINER_NAME="nemskiller007/officeunleashed"
+
+# Install Docker
+apt-get update
+apt-get install docker docker.io
+
+# Install Docker Image
+docker pull $CONTAINER_NAME
+
+# Run Docker Image
+docker run -i -t -d -p 8000:80 --restart=always $CONTAINER_NAME
+
+# Lookup Container ID
+# Manually: docker ps -a
+CONTAINER_ID=$(docker ps -aqf "$CONTAINER_NAME")
+
+# Change passwords (secret)
+# Set request/inbox and request/outbox to true
+
+
+# MANUAL approach:
+#docker exec -it $CONTAINER_ID /bin/bash
+#nano /out/linux_64/onlyoffice/documentserver/server/Common/config/default.jsoni
+
+# Go on line 155 and replace every string with secret
+# written in it with your own password :
+# Example: 
+# "browser": {"string": "myNewSuperSecurePassw0rd", "file": "", "tenants": {}},
+#
+# Then on line 163 to 170 change all false by true
+# Example:
+# "request": {
+#     "inbox": true,   
+#     "outbox": true
+# }
+
+#exit
+
+# Automated approach:
+CONFIG_PATH="/out/linux_64/onlyoffice/documentserver/server/Common/config/default.json"
+docker exec -i $CONTAINER_ID bash <<EOF
+sed -i 's/"secret"/"${SECRET}"/g'           ${CONFIG_PATH}
+sed -i 's/"inbox": false,/"inbox": true,/g' ${CONFIG_PATH} 
+sed -i 's/"outbox": false/"outbox": true/g' ${CONFIG_PATH} 
+EOF
+
+# Restart the Docker Image
+docker stop $CONTAINER_ID
+docker start $CONTAINER_ID
+
+# Now, we've got a local installation. 
+# but we may need to serve it for external domains.
+# With nginx ... and https
+
+
+# Install more tools
+apt-get install nginx certbot python3-certbot-nginx
+
+# create NGINX config
+cat >/etc/nginx/sites-available/$DOMAIN_NAME <<EOL
+upstream docservice {
+  server ${DOMAIN_NAME}:8000;
+}
+
+map $http_host $this_host {
+    "" $host;
+    default $http_host;
+}
+
+map $http_x_forwarded_proto $the_scheme {
+     default $http_x_forwarded_proto;
+     "" $scheme;
+}
+
+map $http_x_forwarded_host $the_host {
+    default $http_x_forwarded_host;
+    "" $this_host;
+}
+
+map $http_upgrade $proxy_connection {
+  default upgrade;
+  "" close;
+}
+
+proxy_set_header Upgrade $http_upgrade;
+proxy_set_header Connection $proxy_connection;
+proxy_set_header X-Forwarded-Host $the_host;
+proxy_set_header X-Forwarded-Proto $the_scheme;
+proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+
+server {
+  server_tokens off;
+  server_name ${DOMAIN_NAME};
+  location / {
+    proxy_pass http://docservice;
+    proxy_http_version 1.1;
+  }
+
+  listen 0.0.0.0:80;
+  listen [::]:80;
+  server_name ${DOMAIN_NAME};
+   
+}
+
+EOL
+
+# symlink for enabling nginx config
+ln -s /etc/nginx/sites-available/$DOMAIN_NAME /etc/nginx/sites-enabled/$DOMAIN_NAME
+
+# reload nginx
+systemctl reload nginx.service
+
+# Obtain new certificate
+certbot certonly -n --agree-tos --email $CERT_EMAIL --redirect -d $DOMAIN_NAME
+
+
+# DONE!
+
+