# https://github.com/ONLYOFFICE/Docker-documentserver/blob/master/README.md
# https://hub.docker.com/r/onlyoffice/documentserver
# https://github.com/ONLYOFFICE/Docker-documentserver

Create user and group
---------------------
Credentials -> Local Users -> Add
Full Name: onlyoffice
Username: onlyoff
Disable Password: <select>
Email: stuurmcp@telkomsa.net
UID: (note)
Create New Primary Group: <select>
Primary Group: onlyoff
Create Home Directory: <uncheck>
Samba Authentication: <uncheck>
Save

onlyoff UID: 3049
onlyoff GID: 3048

Create datasets
---------------
# In Truenas shell:
# list datasets
zfs list | grep -i "docker.*onlyoffice"
zfs list | grep -i "NData2.*onlyoffice"
# create following datasets if not present
zfs create SSD1/docker/data/onlyoffice
zfs create SSD1/docker/data/onlyoffice/communityserver
zfs create SSD1/docker/data/onlyoffice/documentserver
zfs create SSD1/docker/data/onlyoffice/mailserver
zfs create SSD1/docker/data/onlyoffice/rabbitmq
zfs create SSD1/docker/data/onlyoffice/redis
zfs create SSD1/docker/data/onlyoffice/communityserver/letsencrypt
zfs create SSD1/docker/data/onlyoffice/communityserver/logs
zfs create SSD1/docker/data/onlyoffice/communityserver/data
zfs create SSD1/docker/data/onlyoffice/documentserver/logs
zfs create SSD1/docker/data/onlyoffice/documentserver/data
zfs create SSD1/docker/data/onlyoffice/documentserver/lib
zfs create SSD1/docker/data/onlyoffice/mailserver/logs
zfs create SSD1/docker/data/onlyoffice/mailserver/data
zfs create SSD1/docker/data/onlyoffice/pgdata
zfs create SSD1/docker/data/onlyoffice/pgbackups
zfs create SSD1/docker/data/onlyoffice/mysqldata
zfs create stpool1/NData2/bulkstore
zfs create stpool1/NData2/bulkstore/onlyoffice
zfs create stpool1/NData2/bulkstore/onlyoffice/mailserver
zfs create stpool1/NData2/bulkstore/onlyoffice/mailserver/data
chown -R onlyoff:onlyoff /mnt/SSD1/docker/data/onlyoffice
chown -R postgres:postgres /mnt/SSD1/docker/data/onlyoffice/pgdata
chown -R postgres:postgres /mnt/SSD1/docker/data/onlyoffice/pgbackups
chown -R onlyoff:onlyoff /mnt/SSD1/docker/data/onlyoffice/mysqldata
chown -R onlyoff:onlyoff /mnt/stpool1/NData2/bulkstore/onlyoffice

Create secrets folder
---------------------
mkdir -p /mnt/SSD1/docker/stacks/onlyoffice/secrets
mkdir /mnt/SSD1/docker/data/onlyoffice/redis/data

Create folders
--------------
mkdir /mnt/SSD1/docker/data/onlyoffice/documentserver/data/certs
mkdir /mnt/SSD1/docker/data/onlyoffice/documentserver/public
mkdir /mnt/SSD1/docker/data/onlyoffice/documentserver/fonts
mkdir /mnt/SSD1/docker/data/onlyoffice/mailserver/data/certs
chown onlyoff:onlyoff /mnt/SSD1/docker/data/onlyoffice/documentserver/data
chown onlyoff:onlyoff /mnt/SSD1/docker/data/onlyoffice/documentserver/public
chown onlyoff:onlyoff /mnt/SSD1/docker/data/onlyoffice/documentserver/fonts

Copy folder to docker stacks
----------------------------
# In Windows cmd shell in onlyoffice folder, enter:
./cp2nas
# or
pscp -P 22 -r stacks/*.* root@192.168.2.2:/mnt/SSD1/docker/stacks/onlyoffice/

Create secrets
--------------
# In Truenas shell:
cd /mnt/SSD1/docker/stacks/onlyoffice/secrets
echo -n $(cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 32) > /mnt/SSD1/docker/stacks/onlyoffice/secrets/onlyoffice_jwt_secret
echo -n 'your_postgresql_database_name' > /mnt/SSD1/docker/stacks/onlyoffice/secrets/onlyoffice_postgresql_database
echo -n 'your_postgresql_username' > /mnt/SSD1/docker/stacks/onlyoffice/secrets/onlyoffice_postgresql_username
openssl rand 36 | base64 -w 0 > /mnt/SSD1/docker/stacks/onlyoffice/secrets/onlyoffice_postgresql_password
openssl rand 64 | base64 -w 0 | sed 's/[\$,\#,/,+,=]//g' | cut -c -50  | tr -d '\n' > /mnt/SSD1/docker/stacks/onlyoffice/secrets/onlyoffice_redis_password
openssl rand 48 | base64 -w 0 > /mnt/SSD1/docker/stacks/onlyoffice/secrets/onlyoffice_mysql_rootpassword
openssl rand 36 | base64 -w 0 > /mnt/SSD1/docker/stacks/onlyoffice/secrets/onlyoffice_mysql_password
openssl rand 36 | base64 -w 0 > /mnt/SSD1/docker/stacks/onlyoffice/secrets/onlyoffice_mysql_mailpassword
# restrict access
chown -R onlyoff:onlyoff /mnt/SSD1/docker/stacks/onlyoffice/secrets/
chmod -R 400 /mnt/SSD1/docker/stacks/onlyoffice/secrets/
# read existing acl permissions, if any
getfacl /mnt/SSD1/docker/stacks/onlyoffice/secrets
# set acl permissions
setfacl -m u:postgres:4 /mnt/SSD1/docker/stacks/onlyoffice/secrets
setfacl -m u:postgres:4 /mnt/SSD1/docker/stacks/onlyoffice/secrets/onlyoffice_postgresql_password
setfacl -m u:postgres:4 /mnt/SSD1/docker/stacks/onlyoffice/secrets/onlyoffice_postgresql_username
setfacl -m u:postgres:4 /mnt/SSD1/docker/stacks/onlyoffice/secrets/onlyoffice_postgresql_database
# NB! if you want to remove all acl entries from a folder recursively, use setfacl -b -R <foldername>
# to list secrets in secrets dir
cd /mnt/SSD1/docker/stacks/onlyoffice/secrets
for i in $(ls -1); do echo $i = `cat $i`; done | sort

Backup onlyoffice database
-------------------------- 
# In truenas shell:
mkdir /mnt/stpool1/apps/pgadmin/storage/stuurmcp_telkomsa.net/$(date -I)
chown pgadmin:pgadmin /mnt/stpool1/apps/pgadmin/storage/stuurmcp_telkomsa.net/$(date -I)
# Using browser, log in to pgAdmin on truenas
# Connect to servers; refer to "connecting to servers.txt", which also explains how to obtain db passwords
# To perform plain text backup:
# Navigate to Servers => onlyoffice -> Databases -> onlyoffice
# Right click on onlyoffice database and select Backup...
# Enter the following on the different tabs of dialog box that opened:
General:
# Replace ##### with date in YYYY-MM-DD format when backup is being made
Filename: /#####/onlyoffice-backup.sql (this maps to: /mnt/stpool1/apps/pgadmin/storage/stuurmcp_telkomsa.net/#####/onlyoffice-backup.sql on truenas)
# Or click on folder icon and navigate to the folder that was created above. Enter onlyoffice-backup.sql in Save As field, then click on Create
Format: Plain
Encoding: UTF8
Role name: onlyoffice
Data Options:
Sections:
Pre-data: <select>
Data: <select>
Post-data: <select>
Objects:
Check public to select all objects
Click Backup
# After backup, verify presence of backup file:
ls -al /mnt/stpool1/apps/pgadmin/storage/stuurmcp_telkomsa.net/$(date -I)
# copy backup file(s) to onlyoffice backups folder, replacing $(date -I) with date when backup was made if not today
mkdir /mnt/SSD1/docker/data/onlyoffice/documentserver/pgbackups/$(date -I)/
cp -vr /mnt/stpool1/apps/pgadmin/storage/stuurmcp_telkomsa.net/$(date -I)/onlyoffice-backup.sql /mnt/SSD1/docker/data/onlyoffice/documentserver/pgbackups/$(date -I)/ 
chown -R pguser:pguser /mnt/SSD1/docker/data/onlyoffice/documentserver/pgbackups/

Migrating database
------------------
# In truenas shell
jlmkr shell docker
cd /opt/stacks/onlyoffice
docker compose down
# remove all files/folders from pgdata; if any are already in this folder with data to be retained, move it to another folder before executing next command
rm -r /mnt/data/onlyoffice/documentserver/pgdata/*
docker compose up -d
# get the container names
docker ps
# After successfull startup of documentserver and postgres, stop documentserver from docker cmd line
docker stop onlyoffice-documentserver-1   
docker exec onlyoffice-postgresql-1 psql -U <your_db_user> -d postgres -c "DROP DATABASE \"<your_db_name>\";"
docker exec onlyoffice-postgresql-1 psql -U <your_db_user> -d postgres -c "CREATE DATABASE \"<your_db_name>\";"
docker exec onlyoffice-postgresql-1 psql -U <your_db_user> -d <your_db_name> -f /mnt/backups/$(date -I)/onlyoffice-backup.sql   # replace $(date -I) with the appropriate date
docker stop onlyoffice-documentserver-1  

Stop truenas onlyoffice
---------------------------
# In truenas shell
heavyscript app --stop onlyoffice
# NB: Do NOT stop onlyoffice with truenas gui

If you need to log into db
--------------------------
docker exec -it onlyoffice_postgresql bash
psql -U <your_db_user> -d <your_db_name>