Onlyoffice (document-server): ubuntu 20.04

Repositorio mono

  • Agregamos la llave
sudo apt install gnupg ca-certificates
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF
echo "deb https://download.mono-project.com/repo/ubuntu stable-focal main" | sudo tee /etc/apt/sources.list.d/mono-official-stable.list
sudo apt update
sudo apt install mono-devel mono-complete
  • Agregamos mono-extra
echo "deb https://d2nlctn12v279m.cloudfront.net/repo/mono/ubuntu focal main" | tee /etc/apt/sources.list.d/mono-extra.list
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys CB2DE8E5

Repositorio nodejs

curl -sL https://deb.nodesource.com/setup_15.x | sudo -E bash -
sudo apt-get install gcc g++ make -y
sudo apt-get install -y nodejs

echo "deb https://deb.nodesource.com/node_15.x focal main" | tee /etc/apt/sources.list.d/nodesource.list
echo "deb-src https://deb.nodesource.com/node_15.x focal main" >> /etc/apt/sources.list.d/nodesource.list
curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add -

Repositorio NGINX

wget http://nginx.org/keys/nginx_signing.key
apt-key add nginx_signing.key
echo "deb http://nginx.org/packages/ubuntu/ focal nginx" | tee /etc/apt/sources.list.d/nginx.list
rm nginx_signing.key
apt install nginx -y

Actualizamos

  • Actualizamos
sudo apt-get update

Instalación de ONLYOFFICE Docs Community Edition

Instalar postgress

  • Ejecutamos
sudo apt-get install postgresql -y
  • Creamos la base de datos (NOTA: el usuario debe llamarse onlyoffice)
sudo -i -u postgres psql -c "CREATE DATABASE onlyoffice;"
sudo -i -u postgres psql -c "CREATE USER onlyoffice WITH password 'RB0';"
sudo -i -u postgres psql -c "GRANT ALL privileges ON DATABASE onlyoffice TO onlyoffice;"
  • No nos equivocamos podemos resetar la configuración con
echo RESET onlyoffice/db-user | debconf-communicate onlyoffice-documentserver
echo RESET onlyoffice/db-pwd | debconf-communicate onlyoffice-documentserver
dpkg --configure onlyoffice-documentserver

Instalar rabbitmq

  • Instalamos
sudo apt-get install rabbitmq-server -y

ONLYOFFICE Docs

  • Ahora si desea puede cambiar el número de puerto, sino lo dejamos en el 80
echo onlyoffice-documentserver onlyoffice/ds-port select <PORT_NUMBER> | sudo debconf-set-selections
  • Agregamos la llave
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys CB2DE8E5
  • Agregamos el repositorio
sudo echo "deb https://download.onlyoffice.com/repo/debian squeeze main" | sudo tee /etc/apt/sources.list.d/onlyoffice.list
apt update
  • instalamos mscorefonts
sudo apt-get install ttf-mscorefonts-installer -y
  • instalamos ONLYOFFICE Docs
sudo apt-get install onlyoffice-documentserver -y
  • Ya podemos ingresar a http://10.20.200.49

Habilitar https

Creación de certificado Letsencrypt

PROXY

  • Creamos en los DNS el dominio: document.siua.ac.cr -> 10.20.200.49/181.193.87.6
  • Creamos el archivo
nano /etc/apache2/sites-available/document.siua.ac.cr.conf
  • Contenido
NameVirtualHost 181.193.87.6:80

<VirtualHost 181.193.87.6:80>

        #************************************************************************
        #******************* DATOS DEL SITIO WEB ********************************
        #************************************************************************
        ServerName document.siua.ac.cr
        ServerAlias www.document.siua.ac.cr
        ErrorLog /var/log/apache2/document_80.siua.ac.cr-error.log
        CustomLog /var/log/apache2/document_80.siua.ac.cr-access.log common

        #************************************************************************
        #********************** DATOS DEL WEBMASTER *****************************
        #************************************************************************
        ServerAdmin interuniversitariadealajuela@gmail.com
        Header add Author "Unidad de Gestion e Innovacion Tecnologica"

        #************************************************************************
        #************************** DATOS DEL REDIRECCIONAMIENTO ****************
        #************************************************************************

</VirtualHost>
  • Lo habilitamos
a2ensite document.siua.ac.cr.conf 
  • Reiniciamos apache
systemctl reload apache2
  • Mandamos a crear el certificado
certbot --installer apache
  • Editamos el archivo
nano /etc/apache2/sites-available/document.siua.ac.cr-le-ssl.conf
  • Remplazamos todo el contenido por:
<IfModule mod_ssl.c>
<VirtualHost 181.193.87.6:443>

#************************************************************************
#******************* DATOS DEL SITIO WEB ********************************
#************************************************************************
ServerName document.siua.ac.cr
ServerAlias www.document.siua.ac.cr
ErrorLog /var/log/apache2/document_443.siua.ac.cr-error.log
CustomLog /var/log/apache2/document_443.siua.ac.cr-access.log common

#************************************************************************
#********************** DATOS DEL WEBMASTER *****************************
#************************************************************************
ServerAdmin interuniversitariadealajuela@gmail.com
Header add Author "Unidad de Gestion e Innovacion Tecnologica"

#************************************************************************
#********************* DATOS DEL REDIRECCIONAMIENTO *********************
#************************************************************************
ProxyPreserveHost On
ProxyRequests off
SSLProxyEngine on
ProxyPass / https://10.20.200.49/
ProxyPassReverse / https://10.20.200.49/


#************************************************************************
#********************** DATOS DEL CERTIFICADO ***************************
#************************************************************************
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/document.siua.ac.cr/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/document.siua.ac.cr/privkey.pem
</VirtualHost>
</IfModule>
  • Reiniciamos apache
systemctl reload apache2

Servidor DOCUMENT

  • Creamos una carpeta para almacenar los certificados
mkdir /var/www/onlyoffice/Data/certs
  • Le damos permisos
chmod 777 -R /var/www/onlyoffice/Data/certs

PROXY

  • Le pasamos los certificados
scp -P 44 -r /etc/letsencrypt/live/document.siua.ac.cr/fullchain.pem root@10.20.200.49:/var/www/onlyoffice/Data/certs/fullchain.pem 

scp -P 44 -r /etc/letsencrypt/live/document.siua.ac.cr/privkey.pem root@10.20.200.49:/var/www/onlyoffice/Data/certs/privkey.pem
  • Detenemos nginx
sudo service nginx stop
  • Copiamos el archivo de configuración de ejemplo
sudo cp -f /etc/onlyoffice/documentserver/nginx/ds-ssl.conf.tmpl /etc/onlyoffice/documentserver/nginx/ds.conf
  • Abrimos el archivo
nano /etc/onlyoffice/documentserver/nginx/ds.conf
  • Modificamos
ssl_certificate {{SSL_CERTIFICATE_PATH}};
X
ssl_certificate /var/www/onlyoffice/Data/certs/fullchain.pem;
-------------------------------------------------------------
ssl_certificate_key {{SSL_KEY_PATH}};
X
ssl_certificate_key /var/www/onlyoffice/Data/certs/privkey.pem;
  • Iniciamos el servicio
service nginx start