commit 52ccb8919b09da32cbaa1b8025aa25dadbf17adc
Author: Francesco Picone <f.picone92@gmail.com>
Date:   Fri Mar 27 15:25:10 2026 +0100

    ++ Caricamento Progetto

diff --git a/.env.example b/.env.example
new file mode 100644
index 0000000..d14a3ef
--- /dev/null
+++ b/.env.example
@@ -0,0 +1,12 @@
+# ─────────────────────────────────────────────
+# Configurazione ONLYOFFICE + Cloudflare Tunnel
+# Rinomina questo file in .env prima di avviare
+# ─────────────────────────────────────────────
+
+# Token del tunnel Cloudflare (prendilo dal dashboard Zero Trust)
+# ATTENZIONE: non condividere mai questo valore pubblicamente
+CLOUDFLARE_TOKEN=il_tuo_token_qui
+
+# Chiave JWT per proteggere l'accesso all'API di ONLYOFFICE
+# Genera con: openssl rand -hex 32
+JWT_SECRET=cambia_con_stringa_casuale_sicura
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..a94f168
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,12 @@
+### Windows
+# Windows thumbnail cache files
+Thumbs.db
+
+# Folder config file
+[Dd]esktop.ini
+
+# Recycle Bin used on file shares
+$RECYCLE.BIN/
+
+# Windows shortcuts
+*.lnk
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..62d1cbd
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,58 @@
+services:
+
+  # ─────────────────────────────────────────────
+  # ONLYOFFICE Document Server (modalità lite)
+  # Usa SQLite + memoria interna, niente PostgreSQL/RabbitMQ
+  # ─────────────────────────────────────────────
+  onlyoffice:
+    image: onlyoffice/documentserver:latest
+    container_name: onlyoffice
+    restart: unless-stopped
+    environment:
+      JWT_ENABLED: "true"
+      JWT_SECRET: ${JWT_SECRET}
+      JWT_HEADER: Authorization
+    volumes:
+      - onlyoffice_data:/var/www/onlyoffice/Data
+      - onlyoffice_logs:/var/log/onlyoffice
+      - onlyoffice_lib:/var/lib/onlyoffice
+    expose:
+      - "80"
+    # Limiti risorse — adatta in base alla RAM disponibile
+    mem_limit: 1g
+    mem_reservation: 512m
+    cpus: "1.0"
+    networks:
+      - office_net
+
+  # ─────────────────────────────────────────────
+  # Cloudflare Tunnel — nessuna porta esposta
+  # Instrada il traffico da Cloudflare → onlyoffice:80
+  # ─────────────────────────────────────────────
+  cloudflared:
+    image: cloudflare/cloudflared:latest
+    container_name: cloudflared
+    restart: unless-stopped
+    command: tunnel --no-autoupdate run --token ${CLOUDFLARE_TOKEN}
+    mem_limit: 128m
+    mem_reservation: 64m
+    cpus: "0.25"
+    depends_on:
+      - onlyoffice
+    networks:
+      - office_net
+
+# ─────────────────────────────────────────────
+# Volumi persistenti
+# ─────────────────────────────────────────────
+volumes:
+  onlyoffice_data:
+  onlyoffice_logs:
+  onlyoffice_lib:
+
+# ─────────────────────────────────────────────
+# Rete interna
+# ─────────────────────────────────────────────
+networks:
+  office_net:
+    driver: bridge