How To Install ONLYOFFICE Docs on Ubuntu 24.04

The ONLYOFFICE Docs is a free to use, yet powerful, collaborative online office suite bundled with document viewers and editors for texts, presentations, spreadsheets, forms and PDF. ONLYOFFICE suite is fully compatible with Office Open XML formats: .docx, .xlsx, .pptx and supports collaborative editing of documents in real time. In this article we will show you how to install and configure ONLYOFFICE Docs on Ubuntu 24.04 (Noble Numbat).

The ONLYOFFICE Docs is packaged with the following components:

• server – This is a backend server layer controlling all the components of ONLYOFFICE Docs.
• core – Enables for communication between the office document formats (DOC, DOCX, ODT, RTF, TXT, PDF, HTML, EPUB, XPS, DjVu, XLS, XLSX, ODS, CSV, PPT, PPTX, ODP).
• sdkjs – JavaScript SDK API for all the included components client-side interaction.
• web-apps – This is the frontend for ONLYOFFICE Docs
• dictionaries – Contain the dictionaries of various languages used for spellchecking in ONLYOFFICE Docs.

Here is the list of editors that comes with ONLYOFFICE Docs:

• ONLYOFFICE Document Editor
• ONLYOFFICE Spreadsheet Editor
• ONLYOFFICE Presentation Editor
• ONLYOFFICE Form Creator
• ONLYOFFICE PDF editor, reader & converter

Set up requirements

In this article we are installing the Community Edition of ONLYOFFICE Docs on a local Ubuntu server. The minimum server hardware requirements is as follows:

• CPU: At least dual core 2 GHz
• RAM: At least 2 GB
• Disk space: At least 40 GB of free space
• SWAP: At least 4 GB, or more RAM if no swap.
• OS: 64-bit Ubuntu or Debian Linux system

If you meet the requirements, it’s good time to shift the attention into setting up your Documents server.

Step 1: Set up PostgreSQL database

Begin the setup by ensuring your system is up-to-date:

sudo apt update && sudo apt upgrade -y

We can install the PostgreSQL server version available in our OS default repositories.

sudo apt install postgresql

Once the package is installed the service is started automatically, the next point of action it to create PostgreSQL database and user:

sudo -i -u postgres psql -c "CREATE USER onlyoffice WITH PASSWORD 'onlyoffice';"
sudo -i -u postgres psql -c "CREATE DATABASE onlyoffice OWNER onlyoffice;"

Step 2: Install RabbitMQ Server

ONLYOFFICE uses RabbitMQ as a messaging broker to enable communication between different services within the ONLYOFFICE suite. Install the package by running the following command:

sudo apt install rabbitmq-server

You can check the service status:

$ systemctl status rabbitmq-server.service
● rabbitmq-server.service - RabbitMQ Messaging Server
     Loaded: loaded (/usr/lib/systemd/system/rabbitmq-server.service; enabled; preset: enabled)
     Active: active (running) since Tue 2024-07-30 08:20:24 UTC; 6s ago
   Main PID: 15046 (beam.smp)
      Tasks: 24 (limit: 4658)
     Memory: 102.8M (peak: 107.9M)
        CPU: 3.770s
     CGroup: /system.slice/rabbitmq-server.service
             ├─15046 /usr/lib/erlang/erts-13.2.2.5/bin/beam.smp -W w -MBas ageffcbf -MHas ageffcbf -MBlmbcs 512 -MHlmbcs 512 -MMmcs 30 -pc unicode -P 1048576 -t 5000000 -stbt db -zdbbl 128000 -sbwt none -sbwtdcpu none -sb>
             ├─15056 erl_child_setup 65536
             ├─15108 /usr/lib/erlang/erts-13.2.2.5/bin/inet_gethost 4
             ├─15109 /usr/lib/erlang/erts-13.2.2.5/bin/inet_gethost 4
             └─15112 /bin/sh -s rabbit_disk_monitor

Jul 30 08:20:20 ubuntu-cloudspinx-com systemd[1]: Starting rabbitmq-server.service - RabbitMQ Messaging Server...
Jul 30 08:20:24 ubuntu-cloudspinx-com systemd[1]: Started rabbitmq-server.service - RabbitMQ Messaging Server.

Step 3: Install ONLYOFFICE Docs

Now that we have configured the environment, we are ready to install ONLYOFFICE Docs into our Ubuntu system. However, we have to import the GPG key used in package signing as the first step.

curl -fsSL  https://download.onlyoffice.com/GPG-KEY-ONLYOFFICE|sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/onlyoffice.gpg

Once the GPG us imported, we can add ONLYOFFICE APT repository:

echo "deb https://download.onlyoffice.com/repo/debian squeeze main" | sudo tee /etc/apt/sources.list.d/onlyoffice.list

Update the package manager cache and install ONLYOFFICE Docs.

sudo apt update
sudo apt install onlyoffice-documentserver ttf-mscorefonts-installer

When prompted to provide database password just hit <ENTER> key in your keyboard to proceed. Next accept license agreement terms.

Check if there are any errors encountered during the installation. If everything goes well, ONLYOFFICE can be accessed in your browser at  http://localhost or  http://serverdomain_or_ip.

Step 4: Secure ONLYOFFICE Docs with SSL

We can configure ONLYOFFICE Docs for access using HTTPS protocol which is much more secure than HTTP. By default, it’s configured to run on HTTP.

In our setup the server used is running in a Cloud environment. This allows to use Let’s Encrypt free SSL.

Using Let’s Encrypt SSL

The easiest way to configure HTTPS for ONLYOFFICE Docs is to use Let’s Encrypt SSL Certificates using certbot. Use the next command to install certbot.

• Debian / Ubuntu:

sudo apt update && sudo apt install certbot
sudo apt install python3-certbot-nginx

• RHEL-based systems:

sudo dnf -y install epel-release
sudo dnf -y install certbot python3-certbot-nginx

Once you have installed certbot, run ONLYOFFICE script that automates SSL configurations.

sudo bash /usr/bin/documentserver-letsencrypt.sh [email protected] yourdomain.com

Replace [email protected] with your actual email address, and yourdomain.com with the domain name configured in DNS for ONLYOFFICE Docs server.

When you run the commands, it will output the path to a log file from where you can check SSL generation progress and any errors will be logged there.

Saving debug log to /var/log/letsencrypt/letsencrypt.log

To check log file contents use cat command:

sudo cat /var/log/letsencrypt/letsencrypt.log

Sample last few lines output from the file:

...

-----BEGIN CERTIFICATE-----
MIIEVzCCAj+gAwIBAgIRAIOPbGPOsTmMYgZigxXJ/d4wDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCRTUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNCzqK
a2GOtu/cX1jnxkJFVKtj9mZhSAouWXW0gQI3ULc/FnncmOyhKJdyIBwsz9V8UiBO
VHhbhBRrwJCuhezAUUE8Wod/Bk3U/mDR+mwt4X2VEIiiCFQPmRpM5uoKrNijgfgw
gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSfK1/PPCFPnQS37SssxMZw
i9LXDTAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAH3KdNEVCQdqk0LKyuNImTKdRJY1C
2uw2SJajuhqkyGPY8C+zzsufZ+mgnhnq1A2KVQOSykOEnUbx1cy637rBAihx97r+
bcwbZM6sTDIaEriR/PLk6LKs9Be0uoVxgOKDcpG9svD33J+G9Lcfv1K9luDmSTgG
6XNFIN5vfI5gs/lMPyojEMdIzK9blcl2/1vKxO8WGCcjvsQ1nJ/Pwt8LQZBfOFyV
XP8ubAp/au3dc4EKWG9MO5zcx1qT9+NXRGdVWxGvmBFRAajciMfXME1ZuGmk3/GO
koAM7ZkjZmleyokP1LGzmfJcUd9s7eeu1/9/eg5XlXd/55GtYjAM+C4DG5i7eaNq
cm2F+yxYIPt6cbbtYVNJCGfHWqHEQ4FYStUyFnv8sjyqU8ypgZaNJ9aVcWSICLOI
E1/Qv/7oKsnZCWJ926wU6RqG1OYPGOi1zuABhLw61cuPVDT28nQS/e6z95cJXq0e
K1BcaJ6fJZsmbjRgD5p3mvEf5vdQM7MCEvU0tHbsx2I5mHHJoABHb8KVBgWp/lcX
GWiWaeOyB7RP+OfDtvi2OsapxXiV7vNVs7fMlrRjY1joKaqmmycnBvAq14AEbtyL
sVfOS66B8apkeFX2NY4XPEYV4ZSCe8VHPrdrERk2wILG3T/EGmSIkCYVUMSnjmJd
VQD9F6Na/+zmXCc=
-----END CERTIFICATE-----

2024-07-30 08:56:34,141:DEBUG:acme.client:Storing nonce: Ma8ZwRNA9J1JoJ_IMl_v_1HLCTTt5G01XNs8p_Mvri6JbKsSWrI
2024-07-30 08:56:34,142:DEBUG:certbot._internal.storage:Creating directory /etc/letsencrypt/archive.
2024-07-30 08:56:34,142:DEBUG:certbot._internal.storage:Creating directory /etc/letsencrypt/live.
2024-07-30 08:56:34,142:DEBUG:certbot._internal.storage:Writing README to /etc/letsencrypt/live/README.
2024-07-30 08:56:34,143:DEBUG:certbot._internal.storage:Creating directory /etc/letsencrypt/archive/docs.cloudlabske.com.
2024-07-30 08:56:34,143:DEBUG:certbot._internal.storage:Creating directory /etc/letsencrypt/live/docs.cloudlabske.com.
2024-07-30 08:56:34,143:DEBUG:certbot._internal.storage:Writing certificate to /etc/letsencrypt/live/docs.cloudlabske.com/cert.pem.
2024-07-30 08:56:34,143:DEBUG:certbot._internal.storage:Writing private key to /etc/letsencrypt/live/docs.cloudlabske.com/privkey.pem.
2024-07-30 08:56:34,143:DEBUG:certbot._internal.storage:Writing chain to /etc/letsencrypt/live/docs.cloudlabske.com/chain.pem.
2024-07-30 08:56:34,143:DEBUG:certbot._internal.storage:Writing full chain to /etc/letsencrypt/live/docs.cloudlabske.com/fullchain.pem.
2024-07-30 08:56:34,144:DEBUG:certbot._internal.storage:Writing README to /etc/letsencrypt/live/docs.cloudlabske.com/README.
2024-07-30 08:56:34,156:DEBUG:certbot.configuration:Var account=985390e388f48deb37eab1e67d361272 (set by user).
2024-07-30 08:56:34,157:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer None
2024-07-30 08:56:34,157:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer None
2024-07-30 08:56:34,157:DEBUG:certbot.configuration:Var webroot_path=['/var/www/onlyoffice/documentserver/letsencrypt'] (set by user).
2024-07-30 08:56:34,157:DEBUG:certbot.configuration:Var webroot_map={'docs.cloudlabske.com': '/var/www/onlyoffice/documentserver/letsencrypt'} (set by user).
2024-07-30 08:56:34,157:DEBUG:certbot._internal.storage:Writing new config /etc/letsencrypt/renewal/docs.cloudlabske.com.conf.
2024-07-30 08:56:34,159:DEBUG:certbot._internal.display.obj:Notifying user:
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/docs.cloudlabske.com/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/docs.cloudlabske.com/privkey.pem
This certificate expires on 2024-10-28.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
2024-07-30 08:56:34,161:DEBUG:certbot._internal.display.obj:Notifying user: If you like Certbot, please consider supporting our work by:
 * Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
 * Donating to EFF:                    https://eff.org/donate-le

Using self-signed SSL certificates

For systems sitting in a private network, you can generate self-signed certificates. Alternatively, if you manage DNS on Cloudflare, check our article on how to configure Let’s Encrypt with Cloudflare DNS.

Users using self-signed certs can edit the following file contents and adjust path to key and domain certificate:

sudo nano /etc/onlyoffice/documentserver/nginx/ds.conf

See contents below from our setup in this article using Let’s Encypt.

include /etc/nginx/includes/http-common.conf;

## Normal HTTP host
server {
  listen 0.0.0.0:80;
  listen [::]:80 default_server;
  server_name _;
  server_tokens off;
  set $secure_link_secret nsdy8N28Ylobmp5EL4wF;

  ## Redirects all traffic to the HTTPS host
  root /nowhere; ## root doesn't have to be a valid path since we are redirecting
  rewrite ^ https://$host$request_uri? permanent;
}

#HTTP host for internal services
server {
  listen 127.0.0.1:80;
  listen [::1]:80;
  server_name localhost;
  server_tokens off;
  set $secure_link_secret nsdy8N28Ylobmp5EL4wF;

  include /etc/nginx/includes/ds-common.conf;
  include /etc/nginx/includes/ds-docservice.conf;
}

## HTTPS host
server {
  listen 0.0.0.0:443 ssl;
  listen [::]:443 ssl default_server;
  server_tokens off;
  set $secure_link_secret nsdy8N28Ylobmp5EL4wF;
  root /usr/share/nginx/html;

  ## Strong SSL Security
  ## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
  ssl_certificate /etc/letsencrypt/live/docs.cloudlabske.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/docs.cloudlabske.com/privkey.pem;
  # Uncomment string below and specify the path to the file with the password if you use encrypted certificate key
  # ssl_password_file {{SSL_PASSWORD_PATH}};
  ssl_verify_client off;

  ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";

  ssl_protocols TLSv1.2;
  ssl_session_cache  builtin:1000  shared:SSL:10m;

  ssl_prefer_server_ciphers   on;

  add_header Strict-Transport-Security max-age=31536000;
  # add_header X-Frame-Options SAMEORIGIN;
  add_header X-Content-Type-Options nosniff;

  ## [Optional] If your certficate has OCSP, enable OCSP stapling to reduce the overhead and latency of running SSL.
  ## Replace with your ssl_trusted_certificate. For more info see:
  ## - https://medium.com/devops-programming/4445f4862461
  ## - https://www.ruby-forum.com/topic/4419319
  ## - https://www.digitalocean.com/community/tutorials/how-to-configure-ocsp-stapling-on-apache-and-nginx
  # ssl_stapling on;
  # ssl_stapling_verify on;
  # ssl_trusted_certificate /etc/nginx/ssl/stapling.trusted.crt;
  # resolver 208.67.222.222 208.67.222.220 valid=300s; # Can change to your DNS resolver if desired
  # resolver_timeout 10s;

  ## [Optional] Generate a stronger DHE parameter:
  ##   cd /etc/ssl/certs
  ##   sudo openssl dhparam -out dhparam.pem 4096
  ##
  # ssl_dhparam /etc/ssl/certs/dhparam.pem;

  include /etc/nginx/includes/ds-*.conf;

}

Update ssl_certificate and ssl_certificate_key to match your environment.

Access OnlyOffice Docs at https://yourdomain

You will get the ONLYOFFICE Docs welcome page with further instructions on you can enable document examples and integrate to your applications using the provided API.

Step 5: Integrate 3rd party apps

It’s a smooth process integrating ONLYOFFICE with your third party applications like Pydio, Zimbra, WordPress, Odoo, SuiteCRM, Mattermost, e.t.c. Check out all connectors in the following link:

• ONLYOFFICE connectors list