onlyoffice-auto-install/install-everything.sh

#!/bin/bash


# Warning: This BASH script is UNTESTED !!!
# Before you start: Set DNS Record of Domain Name to this servers IP

# More Infos: https://help.nextcloud.com/t/onlyoffice-compiled-with-mobile-edit-back/79282

# Change your parameters here:
DOMAIN_NAME="office.notice.at"
CERT_EMAIL="certbot-announcements@notice.at"
SECRET="changeme"

# Select Container (should already be ok)
CONTAINER_NAME="nemskiller007/officeunleashed"

# Install Docker
apt-get update
apt-get install docker docker.io

# Install Docker Image
docker pull $CONTAINER_NAME

# Run Docker Image
docker run -i -t -d -p 8000:80 --restart=always $CONTAINER_NAME

# Lookup Container ID
# Manually: docker ps -a
CONTAINER_ID=$(docker ps -aqf "$CONTAINER_NAME")

# Change passwords (secret)
# Set request/inbox and request/outbox to true


# MANUAL approach:
#docker exec -it $CONTAINER_ID /bin/bash
#nano /out/linux_64/onlyoffice/documentserver/server/Common/config/default.jsoni

# Go on line 155 and replace every string with secret
# written in it with your own password :
# Example: 
# "browser": {"string": "myNewSuperSecurePassw0rd", "file": "", "tenants": {}},
#
# Then on line 163 to 170 change all false by true
# Example:
# "request": {
#     "inbox": true,   
#     "outbox": true
# }

#exit

# Automated approach:
CONFIG_PATH="/out/linux_64/onlyoffice/documentserver/server/Common/config/default.json"
docker exec -i $CONTAINER_ID bash <<EOF
sed -i 's/"secret"/"${SECRET}"/g'           ${CONFIG_PATH}
sed -i 's/"inbox": false,/"inbox": true,/g' ${CONFIG_PATH} 
sed -i 's/"outbox": false/"outbox": true/g' ${CONFIG_PATH} 
EOF

# Restart the Docker Image
docker stop $CONTAINER_ID
docker start $CONTAINER_ID

# Now, we've got a local installation. 
# but we may need to serve it for external domains.
# With nginx ... and https


# Install more tools
apt-get install nginx certbot python3-certbot-nginx

# create NGINX config
cat >/etc/nginx/sites-available/$DOMAIN_NAME <<EOL
upstream docservice {
  server ${DOMAIN_NAME}:8000;
}

map $http_host $this_host {
    "" $host;
    default $http_host;
}

map $http_x_forwarded_proto $the_scheme {
     default $http_x_forwarded_proto;
     "" $scheme;
}

map $http_x_forwarded_host $the_host {
    default $http_x_forwarded_host;
    "" $this_host;
}

map $http_upgrade $proxy_connection {
  default upgrade;
  "" close;
}

proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $proxy_connection;
proxy_set_header X-Forwarded-Host $the_host;
proxy_set_header X-Forwarded-Proto $the_scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;


server {
  server_tokens off;
  server_name ${DOMAIN_NAME};
  location / {
    proxy_pass http://docservice;
    proxy_http_version 1.1;
  }

  listen 0.0.0.0:80;
  listen [::]:80;
  server_name ${DOMAIN_NAME};
   
}

EOL

# symlink for enabling nginx config
ln -s /etc/nginx/sites-available/$DOMAIN_NAME /etc/nginx/sites-enabled/$DOMAIN_NAME

# reload nginx
systemctl reload nginx.service

# Obtain new certificate
certbot certonly -n --agree-tos --email $CERT_EMAIL --redirect -d $DOMAIN_NAME


# DONE!