How to Set Up OnlyOffice Docs Self-Hosting

I love using my personal instance of Nextcloud to host and move files around between machines. It comes in handy for letting me sync my documents, photos, wallpapers, and much more.

However, at some point several months ago, I really wanted to get the OnlyOffice integration working correctly with Nextcloud. There was a hacky solution to use a community server hosted within the server, but it didn’t display some of my documents correctly and felt less than perfect. I wanted to get the real thing hosted and running at the time.

I’m not much of a sysadmin, so I ran into quite a few snags and pitfalls as I tried over and over to get everything working. However, I eventually got everything to work exactly as I wanted. I was so happy that I wrote down everything I did in case I ever wanted to repeat the process.

How Did I Do It?

It started with my various attempts at using Digital Ocean to spin up new Ubuntu 1-click servers with Docker pre-loaded and pre-configured. I didn’t know the ins and outs of Docker, so I always found myself hitting a brick wall when going through instructions that weren’t quite clear enough on various websites.

It even seemed to me that the guides emphasizing how “easy” everything was with 1-click solutions turned out to be the hardest and least helpful for me due to their lack of clarity.

But after enough trial and error, I finally got everything to work as detailed below. Reference links are included for further reference.

Resources Referenced During Process

Initial Setup of a Fedora Server
ssh-copy-id not working (support thread)
Fedora Magazine guide to Installing ONLYOFFICE Docs on Fedora w/ Podman
Setup ONLYOFFICE Document Server with Let’s Encrypt

A Few Quick Notes

This isn’t an easy thing to get working, especially if you’re like me and aren’t much of a sysadmin. You could also think of it as a bit of a learning exercise if you’re a greenhorn at this sort of thing like I am.
I sometimes feel like I barely got things working the way I wanted, so there may be optimizations I could make to this guide. I get that. Don’t be afraid to point out how I could make this clearer or better.
Pay close attention to any parts emphasizing to not copy and paste commands blindly; there are sometimes variables that you will need to change.
As time goes on, some of these steps may need to be updated depending on how things change or update.

The Steps

STEP 1: Spin up a new Fedora Linux server. I used DigitalOcean’s Fedora servers to do this.
STEP 2: Follow some of the initial setup help of a Fedora server and add a non-root user (see link above) straight from DigitalOcean, albeit with a few caveats:
- The article shows that it’s a Fedora 22 server, but I had to adapt small bits and pieces to work for the relatively updated Fedora 36.
- Adding a user as listed with sammy was fine, but I ran into a snag with ssh-copy-id not giving me permission. That’s where the above thread on it not working came in serious handy. (To save the extra click, I’ll detail what I did here on the next few steps.)
STEP 3: Login with root account directly to server via SSH.
STEP 4: Install nano or vim. Beginners may want to use nano, but I prefer vim and will refer to that in the next steps.
STEP 5: Use vim with root permissions to edit /etc/ssh/sshd_config.
STEP 6: Change PasswordAuthentication variable from no to yes.
STEP 7: Save changes and run sudo systemctl restart sshd.
STEP 8: Use ssh-copy-id with the -i operator to specify my SSH keys like so: ssh-copy-id -i NAMEOFSSHKEYFILE user@serverip
STEP 9: Login again and undo changes to /etc/ssh/sshd_config file by changing yes back to no.
STEP 10: Repeat STEP 7.
STEP 11: Return to DigitalOcean’s setup guide, but do not disable PermitRootLogin for now. As much as I would like to disable this, I almost locked myself out when I did previously.
STEP 12: Configure time zone by entering in this command: sudo ln -sf /usr/share/zoneinfo/US/Central /etc/localtime
STEP 13: Skip steps on enabling a firewall and allowing HTTP and HTTPS traffic for now.
STEP 14: Install mlocate with sudo dnf install mlocate to easliy find things from the terminal server-side.
STEP 15: Add a domain or subdomain to the “Networking” side panel. Go to “A” record and use the login IP address.
STEP 16: Click the “AAAA” record tab and do the same thing with the IP6 address and the same domain or subdomain.
- It’s important to do this step somewhat early, as DNS changes do take time to go into effect.
STEP 17: As per the Fedora Magazine guide listed above, install podman with sudo dnf install podman. By this point, you should most definitely be using a non-root and sudo-enabled user.
STEP 18: Copy and paste the command below to create sudo directories. And please, please, PLEASE DO NOT TYPE THIS COMMAND IN MANUALLY. Last time I tried to, I mistyped somewhere along the way and had to start the entire process again due to my lack of experience.

$ sudo mkdir -p /app/onlyoffice/DocumentServer/logs \
 /app/onlyoffice/DocumentServer/data \
 /app/onlyoffice/DocumentServer/lib \
 /app/onlyoffice/DocumentServer/db

STEP 19: Copy and paste the next command to utilize the newly-created directories and get some ports set up in the process.

$ sudo podman run -i -t -d -p 80:80 -p 443:443 --restart=always \
 -v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice:Z \
 -v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data:Z \
 -v /app/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice:Z \
 -v /app/onlyoffice/DocumentServer/db:/var/lib/postgresql:Z \
 -u root onlyoffice/documentserver:latest

STEP 20: Select the image from docker.io (when prompted) to continue.
STEP 21: Enter in the following command to start the example and test if everything is working properly: sudo podman exec $(sudo podman ps -q) sudo supervisorctl start ds:example
STEP 22: Install certbot by running sudo dnf install certbot.
STEP 23: Run certbot certonly --standalone. If this doesn’t work, try running as sudo to see if it works.
STEP 24: Enter in the recovery email and domain or subdomain for the certificate. Agree or disagree with whatever pops up.
STEP 25: Skip over the Docker parts of the last link entirely and go straight to copying the newly-created certificates to their rightful directories:

sudo cp /etc/letsencrypt/live/SUBDOMAINADDRESSHERE/privkey.pem /app/onlyoffice/DocumentServer/data/certs/onlyoffice.key

sudo cp /etc/letsencrypt/live/SUBDOMAINADDRESSHERE/fullchain.pem /app/onlyoffice/DocumentServer/data/certs/onlyoffice.crt

PLEASE REMEMBER TO UPDATE the SUBDOMAINADDRESSHERE parts with an actual domain or subdomain from STEP 15 and 16. Do not blindly copy and paste these commands.
STEP 26: Run this command to give the server the right permissions for the newly-copied certificates: sudo chown -R 100108:100111 /app/onlyoffice/DocumentServer/data/certs/
STEP 27: Look up the podman container ID with sudo podman ps -a
STEP 28: Copy the container ID and plug it into this command: sudo podman restart COPIEDCONTAINERID in place of COPIEDCONTAINERID. This will restart everything so changes can go into effect.
- Once again, I reiterate: Do not blindly copy and paste this command.
STEP 29: Visit the aforementioned domain or subdomain and see if it’s working by this point. It might take a little time to go into effect. If it’s not, double check everything up to now.
STEP 30: If it is working, look at the command to look up the default secret via JWT.
STEP 31: Copy and paste it this point into the terminal, but change the docker part to podman instead.
STEP 32: Copy the resulting secret code.
STEP 33: Open up your Nextcloud instance and browse to apps to install the ONLYOFFICE plugin if it isn’t already up and running.
STEP 34: Browse through settings and find the ONLYOFFICE options on the sidebar. Open it.
STEP 35: For the field “ONLYOFFICE Docs address,” enter in the domain or subdomain you used in this guide.
STEP 36: For the secret key, paste in the key copied in STEP 32.
STEP 37: Save changes. If everything is working, change appropriate settings because you’re finally done!

What Exactly Does It Do?

Now, whenever you open a compatible file with an extension like .docx or whatever, it will open up in an instance of OnlyOffice within your browser. You can edit, make changes, and save just like you could when using your desktop instance of OnlyOffice. It even supports a mobile interface when you open said documents on the Nextcloud app. It’s pretty impressive stuff, especially if you anticipate needing to edit documents and files on the go with devices that don’t have any easy access to word processor apps.

What do you think? Have you used OnlyOffice as a standalone app? What about in its online interface like this? Do you prefer LibreOffice or a different word processor entirely?

One response to “How to Set Up OnlyOffice Docs Self-Hosting”

How Homelabbing is Saving Me Hundreds of Dollars a Year – Sudo Science says:

September 21, 2025 at 9:46 pm

[…] relatively easily on a server. I had a passing idea of what it was capable of. I even remembered my last attempt to use it a few years ago while having little idea what I was doing as I tried to install ONLYOFFICE integration on my Digital Ocean droplet. The setup was poor and […]

LikeLike