Learn how to deploy Stirling-PDF in a Docker container on an Ubuntu 24.04 server. Our guide covers Nginx reverse proxy and Certbot SSL for a secure, self-hosted
What is Stirling-PDF?
Stirling-PDF is a powerful, open-source, and self-hosted web-based PDF manipulation tool. It allows us to perform a wide range of operations on PDF documents through a clean and intuitive web interface. Its key advantage is a focus on privacy and security, as all file processing happens locally on our server, ensuring no sensitive data is ever sent to an external service.
With Stirling-PDF, we can easily merge, split, compress, convert, and reorganize PDF files. It also includes advanced features like OCR (Optical Character Recognition) to extract text from scanned documents, adding passwords and watermarks, and redacting sensitive information. Since it is Docker-compatible, it offers a simple and consistent way to deploy a robust PDF solution on our own infrastructure.
Prerequisites
Before we begin, ensure we have the following:
- An Ubuntu 24.04 on dedicated server or KVM VPS.
- Domain Name point A record to the server IP.
- Basic Linux Command Line Knowledge.
Deploy and Configure Stirling-PDF on Ubuntu 24.04
Step 1: Prepare the Server
Before we do anything, let's make sure our Ubuntu 24.04 server is up to date. This is a crucial first step to ensure we have the latest security patches and package versions.
First, connect to your server via SSH.
sudo apt update
sudo apt upgrade
These commands update our package lists and upgrade all the installed packages to their latest versions. It's a good habit to run these commands regularly.
Step 2: Install Docker and Docker Compose
Listmonk is designed to run efficiently in Docker containers, making deployment straightforward and consistent. We'll install Docker Engine and Docker Compose.
Install Docker Engine:
Add Docker's official GPG key:
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
Add the repository to Apt sources:
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
Install Docker packages:
sudo apt-get install docker-ce -y
Verify Docker Installation:
sudo systemctl status docker
We should see "active (running)" in the output.
Step 3: Deploy Stirling-PDF with Docker Compose
Now that Docker is ready, we'll use Docker Compose to deploy Stirling-PDF. This approach is much cleaner than using a long docker run command.
First, create a dedicated directory for our Stirling-PDF project and navigate into it.
mkdir stirling-pdf && cd stirling-pdf
Next, create a docker-compose.yml file using our preferred text editor, for example, nano.
nano docker-compose.yml
Paste the following content into the file. We are using the official stirlingtools/stirling-pdf image. The ports section maps port 8080 from the container to port 8080 on the host, which is where the web application will be accessible.
services:
stirling-pdf:
image: docker.stirlingpdf.com/stirlingtools/stirling-pdf:latest
ports:
- '8080:8080'
volumes:
- ./trainingData:/usr/share/tessdata # Required for extra OCR languages
- ./extraConfigs:/configs
- ./customFiles:/customFiles/
- ./logs:/logs/
- ./pipeline:/pipeline/
restart: unless-stopped
Save the file and exit the editor.
Now, we can start the container. The -d flag runs it in detached mode, meaning it will run in the background.
docker compose up -d
Stirling-PDF should now be accessible at http://<your_server_ip>:8080.
Step 4: Install and Configure Nginx
Directly exposing Stirling-PDF to the internet is not a good practice. We'll use Nginx as a reverse proxy to manage the traffic and handle SSL encryption.
First, install Nginx.
sudo apt install nginx -y
Configure our firewall to allow HTTP and HTTPS traffic:
sudo ufw allow 'Nginx Full'
sudo ufw reload
Next, create a new Nginx server block for Stirling-PDF. We will replace yourdomain.com with our actual domain name.
sudo nano /etc/nginx/sites-available/stirling-pdf
Paste the following configuration. This tells Nginx to listen on port 80 and forward all traffic to our Docker container running on port 8080.
server {
listen 80;
listen [::]:80;
server_name yourdomain.com www.yourdomain.com;
location / {
proxy_pass http://localhost:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Save the file and create a symbolic link to enable the site.
sudo ln -s /etc/nginx/sites-available/stirling-pdf /etc/nginx/sites-enabled/
We should now test the Nginx configuration for any syntax errors.
sudo nginx -t
If the test is successful, we can reload Nginx to apply the changes.
sudo systemctl reload nginx
At this point, Stirling-PDF should be accessible via our domain name on a non-secure HTTP connection.
Step 5: Secure with Certbot SSL
To enable HTTPS and secure our traffic, we will use Certbot, a free and automated tool from Let's Encrypt.
First, install Certbot and its Nginx plugin.
sudo apt install certbot python3-certbot-nginx -y
Next, run Certbot to automatically fetch and install an SSL certificate.
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com
Certbot will guide us through a few prompts. It will ask for an email address for important notices and ask us to agree to the terms of service. It will then automatically modify our Nginx configuration to enable HTTPS and set up a redirect from HTTP to HTTPS.
Finally, we'll check if the automatic renewal is working properly. Certbot includes a systemd timer or cron job that handles renewals. We can test it with a dry run.
sudo certbot renew --dry-run
This command simulates the renewal process. If it runs without errors, we can rest assured that our SSL certificate will be renewed automatically before it expires.
Navigate to the browser and access https://yourdomain.com
Congratulations! We have successfully deployed a secure, self-hosted Stirling-PDF instance on our Ubuntu 24.04 server. Our new web application is now accessible via HTTPS, ensuring all our PDF manipulations are kept private and secure.
Checkout our low cost dedicated servers.
