|
@@ -0,0 +1,134 @@ |
|
|
|
|
|
#!/bin/bash |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Warning: This BASH script is UNTESTED !!! |
|
|
|
|
|
# Before you start: Set DNS Record of Domain Name to this servers IP |
|
|
|
|
|
|
|
|
|
|
|
# More Infos: https://help.nextcloud.com/t/onlyoffice-compiled-with-mobile-edit-back/79282 |
|
|
|
|
|
|
|
|
|
|
|
# Change your parameters here: |
|
|
|
|
|
DOMAIN_NAME="office.notice.at" |
|
|
|
|
|
CERT_EMAIL="certbot-announcements@notice.at" |
|
|
|
|
|
SECRET="changeme" |
|
|
|
|
|
|
|
|
|
|
|
# Select Container (should already be ok) |
|
|
|
|
|
CONTAINER_NAME="nemskiller007/officeunleashed" |
|
|
|
|
|
|
|
|
|
|
|
# Install Docker |
|
|
|
|
|
apt-get update |
|
|
|
|
|
apt-get install docker docker.io |
|
|
|
|
|
|
|
|
|
|
|
# Install Docker Image |
|
|
|
|
|
docker pull $CONTAINER_NAME |
|
|
|
|
|
|
|
|
|
|
|
# Run Docker Image |
|
|
|
|
|
docker run -i -t -d -p 8000:80 --restart=always $CONTAINER_NAME |
|
|
|
|
|
|
|
|
|
|
|
# Lookup Container ID |
|
|
|
|
|
# Manually: docker ps -a |
|
|
|
|
|
CONTAINER_ID=$(docker ps -aqf "$CONTAINER_NAME") |
|
|
|
|
|
|
|
|
|
|
|
# Change passwords (secret) |
|
|
|
|
|
# Set request/inbox and request/outbox to true |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# MANUAL approach: |
|
|
|
|
|
#docker exec -it $CONTAINER_ID /bin/bash |
|
|
|
|
|
#nano /out/linux_64/onlyoffice/documentserver/server/Common/config/default.jsoni |
|
|
|
|
|
|
|
|
|
|
|
# Go on line 155 and replace every string with secret |
|
|
|
|
|
# written in it with your own password : |
|
|
|
|
|
# Example: |
|
|
|
|
|
# "browser": {"string": "myNewSuperSecurePassw0rd", "file": "", "tenants": {}}, |
|
|
|
|
|
# |
|
|
|
|
|
# Then on line 163 to 170 change all false by true |
|
|
|
|
|
# Example: |
|
|
|
|
|
# "request": { |
|
|
|
|
|
# "inbox": true, |
|
|
|
|
|
# "outbox": true |
|
|
|
|
|
# } |
|
|
|
|
|
|
|
|
|
|
|
#exit |
|
|
|
|
|
|
|
|
|
|
|
# Automated approach: |
|
|
|
|
|
CONFIG_PATH="/out/linux_64/onlyoffice/documentserver/server/Common/config/default.json" |
|
|
|
|
|
docker exec -i $CONTAINER_ID bash <<EOF |
|
|
|
|
|
sed -i 's/"secret"/"${SECRET}"/g' ${CONFIG_PATH} |
|
|
|
|
|
sed -i 's/"inbox": false,/"inbox": true,/g' ${CONFIG_PATH} |
|
|
|
|
|
sed -i 's/"outbox": false/"outbox": true/g' ${CONFIG_PATH} |
|
|
|
|
|
EOF |
|
|
|
|
|
|
|
|
|
|
|
# Restart the Docker Image |
|
|
|
|
|
docker stop $CONTAINER_ID |
|
|
|
|
|
docker start $CONTAINER_ID |
|
|
|
|
|
|
|
|
|
|
|
# Now, we've got a local installation. |
|
|
|
|
|
# but we may need to serve it for external domains. |
|
|
|
|
|
# With nginx ... and https |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Install more tools |
|
|
|
|
|
apt-get install nginx certbot python3-certbot-nginx |
|
|
|
|
|
|
|
|
|
|
|
# create NGINX config |
|
|
|
|
|
cat >/etc/nginx/sites-available/$DOMAIN_NAME <<EOL |
|
|
|
|
|
upstream docservice { |
|
|
|
|
|
server ${DOMAIN_NAME}:8000; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
map $http_host $this_host { |
|
|
|
|
|
"" $host; |
|
|
|
|
|
default $http_host; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
map $http_x_forwarded_proto $the_scheme { |
|
|
|
|
|
default $http_x_forwarded_proto; |
|
|
|
|
|
"" $scheme; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
map $http_x_forwarded_host $the_host { |
|
|
|
|
|
default $http_x_forwarded_host; |
|
|
|
|
|
"" $this_host; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
map $http_upgrade $proxy_connection { |
|
|
|
|
|
default upgrade; |
|
|
|
|
|
"" close; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
proxy_set_header Upgrade $http_upgrade; |
|
|
|
|
|
proxy_set_header Connection $proxy_connection; |
|
|
|
|
|
proxy_set_header X-Forwarded-Host $the_host; |
|
|
|
|
|
proxy_set_header X-Forwarded-Proto $the_scheme; |
|
|
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
server { |
|
|
|
|
|
server_tokens off; |
|
|
|
|
|
server_name ${DOMAIN_NAME}; |
|
|
|
|
|
location / { |
|
|
|
|
|
proxy_pass http://docservice; |
|
|
|
|
|
proxy_http_version 1.1; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
listen 0.0.0.0:80; |
|
|
|
|
|
listen [::]:80; |
|
|
|
|
|
server_name ${DOMAIN_NAME}; |
|
|
|
|
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
EOL |
|
|
|
|
|
|
|
|
|
|
|
# symlink for enabling nginx config |
|
|
|
|
|
ln -s /etc/nginx/sites-available/$DOMAIN_NAME /etc/nginx/sites-enabled/$DOMAIN_NAME |
|
|
|
|
|
|
|
|
|
|
|
# reload nginx |
|
|
|
|
|
systemctl reload nginx.service |
|
|
|
|
|
|
|
|
|
|
|
# Obtain new certificate |
|
|
|
|
|
certbot certonly -n --agree-tos --email $CERT_EMAIL --redirect -d $DOMAIN_NAME |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# DONE! |
|
|
|
|
|
|
|
|
|
|
|
|