Deployment (container)
elDoc All-in-One (AIO) Container Guide
Introduction
This document explains how to set up and run the elDoc application in a single "all-in-one" container (AIO) using Podman (or Docker). The AIO image bundles elDoc plus all its dependencies.
Requirements
- Podman (or Docker) installed. If using Docker, simply replace
podmanwithdockerin the examples below. - A domain name (internal or external) for hosting elDoc.
- Persistent storage for:
data(application data)conf(configuration files)- Optionally
logs(application logs — strongly recommended).
Container Overview
Exposed Ports
443– HTTPS
Mounted Volumes
/data– application data (required)/conf– configuration (required)/logs– logs (optional but recommended)
Environment Variables
ELDOC_BASE_URL– domain name used to access elDoc (default:eldoc.local)COLLABORA_HOST_URL– URL of an external Collabora service (see External Collabora Online service section for details). If unset, the embedded Collabora service will start instead of using external one.DISABLE_EMBEDDED_MONGODB– set totrueto disable the embedded MongoDB server (see External MongoDB Database below).
Self-Signed SSL Certificates
On first startup, the container generates self-signed certs at:/conf/nginx/cert/eldoc.crt/conf/nginx/cert/eldoc.key
To use your own certificates (e.g. from a trusted CA), simply overwrite those files before starting the container.
Installing & Running
1. Pull the elDoc AIO Image
podman pull registry.eldoc.online/eldoc/eldoc-aio:latest
2. Start the Container
2.1. As a systemd quadlet (auto-start on boot)
Create
/etc/containers/systemd/eldoc.containerservice file with the following content:[Unit] Description=elDoc All-in-One (AIO) Container [Container] Image=registry.example.com/eldoc/eldoc-aio:latest ContainerName=eldoc Network=eldoc-net NetworkAlias=eldoc.domain.com PublishPort=443:443 Environment=ELDOC_BASE_URL="eldoc.domain.com" Volume=/path/to/data:/local/data Volume=/path/to/conf:/local/conf Volume=/path/to/logs:/local/logs [Service] Restart=always [Install] WantedBy=multi-user.target default.target
Replace
eldoc.domain.comwith your actual domain.Reload systemd and start:
systemctl daemon-reload && systemctl enable --now eldoc
(Optional) For diagnostics, you can also start it manually:
podman run -d \ --name eldoc \ --network eldoc-net --network-alias="eldoc.domain.com" -p 443:443 \ -v /path/to/data:/local/data \ -v /path/to/conf:/local/conf \ -v /path/to/logs:/local/logs \ -e ELDOC_BASE_URL="eldoc.domain.com" \ eldoc/eldoc-aio:latest
2.2. Container parameters
-d- runs application in background-p 443:443- maps port 443/TCP to be used accessing elDoc-v /path/to/data:/local/data- mounts/path/to/datadirectory into container to store elDoc data-v /path/to/conf:/local/conf- mounts/path/to/confdirectory into container to store elDoc and its dependencies configuration files-v /path/to/data:/local/logs- mounts/path/to/logsdirectory into container to store elDoc and its dependencies logs (Optional)-e ELDOC_BASE_URL="eldoc.domain.com"- configures elDoc to be accessed usingeldoc.domain.comdomain name-e COLLABORA_HOST_URL="http://coolwsd.domain.com:9980"- configures elDoc to use Collabora service, available athttp://coolwsd.domain.com:9980url-address (Optional). See External Collabora Online service section for details.
IMPORTANT! While mounting /local/logs directory is optional, for troubleshooting elDoc system it is recommended to have it mounted to host system to have access to elDoc logs.
IMPORTANT! During first start, container will enable Maintenance Mode for elDoc for initial setup. Credentials for accessing elDoc in Maintenance Mode are printed to the container logs (both console and init.log file in logs directory).
It is strongly recommended to disable Maintenance Mode after initial system configuration! For more details, please refer to elDoc documentation
3. Verifying container is running
systemctl status eldoc # or podman ps
Given commands should show container Status as Active: active(running) in case of systemctl or Up X minutes in Status column, if using podman ps
4. Access Logs
To access general container logs, use following command:
journalctl -xeu eldoc # or podman logs eldoc
Where eldoc is the name of the container, specified during launch. This will provide generic container logs, describing startup process of the elDoc system, similar to:
... 2025-03-27 09:29:22,877 INFO success: supervisord-watchdog entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) 2025-03-27 09:29:23,884 INFO success: jmc entered RUNNING state, process has stayed up for > than 2 seconds (startsecs) 2025-03-27 09:29:23,884 INFO success: nginx entered RUNNING state, process has stayed up for > than 2 seconds (startsecs) 2025-03-27 09:29:27,141 INFO success: mongodb entered RUNNING state, process has stayed up for > than 5 seconds (startsecs) 2025-03-27 09:29:27,142 INFO success: solr entered RUNNING state, process has stayed up for > than 5 seconds (startsecs) 2025-03-27 09:29:27,142 INFO success: coolwsd entered RUNNING state, process has stayed up for > than 5 seconds (startsecs) 2025-03-27 09:29:52,639 INFO success: eldoc entered RUNNING state, process has stayed up for > than 30 seconds (startsecs)
To access more detailed logs, navigate to the folder that was mounted to /local/logs directory (see start container command).
5. Stop & Restart
systemctl start eldoc # Start container systemctl stop eldoc # Stop container systemctl restart eldoc # Restart container
Updating elDoc system
Please refer to Update Guide and Release Notes to ensure valid upgrade path in case of breaking changes
1. Backup elDoc data
To perform backup, it is enough to stop container with podman stop eldoc and copy data and conf directories, that was mounted to container during startup. It is also recommended to backup logs directory to maintain consistent elDoc logs history.
2. Stop and remove elDoc container
Use the following command to stop and remove elDoc AIO container:
systemctl stop eldoc
3. Pull new elDoc AIO image
podman pull registry.eldoc.online/eldoc/eldoc-aio:latest
4. Migrations
Perform additional upgrade/migration steps, if mentioned in release noted/upgrade guide
5. Start new elDoc AIO container
systemctl start eldoc
Using external services
1. External Collabora Online service
To use external Collabora Online service the environment variable COLLABORA_HOST_URL should be provided to the eldoc-aio container with URL pointing to the Collabora Online service as follows: "http://coolwsd.domain.com:9980" or "http://IP:9980". Protocol "http" should be used as by default eldoc-aio container acts as reverse-proxy to the external Collabora Online service by terminating HTTPS-connections from end-users and accessing Collabora Online via http.
When environment variable COLLABORA_HOST_URL is set, embedded Collabora Online (CODE) service will be disabled and won't start with the eldoc-aio container. To switch back to the embedded Collabora Online (CODE) - simply remove environment variable.
When using external Collabora Online service, make sure it is accessible from the server where elDoc container runs, and allows connection from elDoc, and vise versa: eldoc-aio container must be accessible from the external Collabora Online container via the elDoc URL.
External Collabora Online service configuration is applied by container deployment script, for more details refer to the elDoc documentation.
2. External MongoDB Database
To use external MongoDB database server, it is required to provide proper connection parameters for elDoc and JMC components, according to the guide elDoc documentation.
elDoc configuration file may be found in mapped conf folder under conf/elDoc/eldoc.conf path.
JMC configuration file may be found in mapped conf folder under conf/jmc/config-eldoc.json path.
IMPORTANT: After switching database from internal to external make sure to remove oplog.timestamp file (can be found in the mounted conf folder under conf/jmc/oplog.timestamp path) and Solr core data files (can be found in mounted data folder under data/solrData/data/prd1 path) to ensure JMC properly updates full-text search. After this, JMC should perform initial dump. Initial dump progress and JMC status can be monitored in the mounted logs folder.
When using external MongoDB server it is highly recommended to disable embedded MongoDB by setting DISABLE_EMBEDDED_MONGODB container environment variable to true. This can be done by deleting existing elDoc container, if present, and starting new container with additional -e DISABLE_EMBEDDED_MONGODB=true parameter.
Securing elDoc system
For security purposes, we recommend using valid signed SSL certificates. To replace initial self-signed certificates with new ones, replace existing certificate (nginx/cert/eldoc.crt) and key (nginx/cert/eldoc.key) files with new ones in the mounted conf directory.
It is not recommended to expose MongoDB port 27017, unless strongly required. In case of exposing port, ensure secure access to it configured via firewall or other access policies.
Troubleshooting elDoc system
IMPORTANT! For troubleshooting elDoc system it is recommended to have /local/logs directory mounted to host system to have access to the elDoc logs.
Refer to the Container status check and elDoc logs to ensure container is up and running. This will provide generic overview of the system and give details about whether it is running or some of the services are failing.
To investigate further, check logs in the mounted logs directory (see Starting elDoc for details). In case container was initially started without logs directory mounted, stop container and restart it with mounted logs directory. This will allow to easily access elDoc AIO system logs, but only since the first start with mounted logs folder. If you don't have logs directory mounted and need to get access to previous logs, please refer to Copying files from container or Accessing running container documentation
Using elDoc system
For documentation on using elDoc system, please refer to the Official Documentation.
Last modified: July 30, 2025