++ fix

2026-03-27 15:51:37 +01:00
parent 32b426859c
commit b93aa55b31
2 changed files with 10 additions and 96 deletions
--- a/.env.example
+++ b/.env.example
@@ -1,26 +1,12 @@
 # ─────────────────────────────────────────────
-# Configurazione Nextcloud + ONLYOFFICE + Cloudflare
+# Configurazione ONLYOFFICE standalone + Cloudflare
-# Rinomina in .env e compila tutti i valori
+# Rinomina in .env e compila i valori
 # ─────────────────────────────────────────────
-# ── Cloudflare Tunnel ──────────────────────────
+# Token del tunnel Cloudflare (Zero Trust → Tunnels)
-# Token del tunnel (rigeneralo se già esposto pubblicamente)
+# ⚠️  Rigenera il token se già condiviso pubblicamente
 CLOUDFLARE_TOKEN=il_tuo_token_cloudflare
-# ── Nextcloud ─────────────────────────────────
+# Chiave JWT per proteggere l'API di ONLYOFFICE
 # Dominio pubblico configurato nel tunnel Cloudflare
 NC_DOMAIN=cloud.tuodominio.com
 # Credenziali account amministratore Nextcloud
 NC_ADMIN_USER=admin
 NC_ADMIN_PASSWORD=cambia_questa_password
 # ── Database MariaDB ───────────────────────────
 DB_NAME=nextcloud
 DB_USER=nextcloud
 DB_PASSWORD=cambia_password_db
 DB_ROOT_PASSWORD=cambia_password_root_db
 # ── ONLYOFFICE JWT ─────────────────────────────
 # Genera con: openssl rand -hex 32
 JWT_SECRET=cambia_con_stringa_casuale_sicura
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,76 +1,8 @@
 services:
  # ─────────────────────────────────────────────
-  # Nextcloud — sync & share + editor web
+  # ONLYOFFICE Docs — editor web standalone
-  # ─────────────────────────────────────────────
+  # Accessibile direttamente dal browser via tunnel
  nextcloud:
    image: nextcloud:28-apache
    container_name: nextcloud
    restart: unless-stopped
    depends_on:
      - nextcloud-db
      - nextcloud-redis
    environment:
      NEXTCLOUD_ADMIN_USER: ${NC_ADMIN_USER}
      NEXTCLOUD_ADMIN_PASSWORD: ${NC_ADMIN_PASSWORD}
      NEXTCLOUD_TRUSTED_DOMAINS: ${NC_DOMAIN}
      MYSQL_HOST: nextcloud-db
      MYSQL_DATABASE: ${DB_NAME}
      MYSQL_USER: ${DB_USER}
      MYSQL_PASSWORD: ${DB_PASSWORD}
      REDIS_HOST: nextcloud-redis
      # Necessario per funzionare dietro Cloudflare Tunnel
      OVERWRITEPROTOCOL: https
      OVERWRITECLIURL: https://${NC_DOMAIN}
    volumes:
      - nextcloud_html:/var/www/html
      - nextcloud_data:/var/www/html/data
    expose:
      - "80"
    mem_limit: 512m
    mem_reservation: 256m
    cpus: "0.75"
    networks:
      - office_net
  # ─────────────────────────────────────────────
  # MariaDB — database per Nextcloud (più leggero di PostgreSQL)
  # ─────────────────────────────────────────────
  nextcloud-db:
    image: mariadb:11-ubi
    container_name: nextcloud-db
    restart: unless-stopped
    environment:
      MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD}
      MYSQL_DATABASE: ${DB_NAME}
      MYSQL_USER: ${DB_USER}
      MYSQL_PASSWORD: ${DB_PASSWORD}
    volumes:
      - nextcloud_db:/var/lib/mysql
    expose:
      - "3306"
    mem_limit: 256m
    mem_reservation: 128m
    cpus: "0.25"
    networks:
      - office_net
  # ─────────────────────────────────────────────
  # Redis — cache per Nextcloud (velocizza molto)
  # ─────────────────────────────────────────────
  nextcloud-redis:
    image: redis:7-alpine
    container_name: nextcloud-redis
    restart: unless-stopped
    command: redis-server --save "" --appendonly no --maxmemory 64mb --maxmemory-policy allkeys-lru
    mem_limit: 80m
    mem_reservation: 32m
    cpus: "0.10"
    networks:
      - office_net
  # ─────────────────────────────────────────────
  # ONLYOFFICE Document Server
  # ─────────────────────────────────────────────
  onlyoffice:
    image: onlyoffice/documentserver:latest
@@ -80,6 +12,8 @@ services:
      JWT_ENABLED: "true"
      JWT_SECRET: ${JWT_SECRET}
      JWT_HEADER: Authorization
      # Necessario per funzionare correttamente dietro proxy/tunnel
      WOPI_ENABLED: "true"
    volumes:
      - onlyoffice_data:/var/www/onlyoffice/Data
      - onlyoffice_logs:/var/log/onlyoffice
@@ -94,9 +28,7 @@ services:
  # ─────────────────────────────────────────────
  # Cloudflare Tunnel
-  # Espone SOLO Nextcloud (porta 80) verso l'esterno.
+  # Espone onlyoffice:80 verso il dominio configurato
  # ONLYOFFICE è raggiungibile internamente da Nextcloud
  # tramite http://onlyoffice:80
  # ─────────────────────────────────────────────
  cloudflared:
    image: cloudflare/cloudflared:latest
@@ -107,7 +39,6 @@ services:
    mem_reservation: 64m
    cpus: "0.25"
    depends_on:
      - nextcloud
      - onlyoffice
    networks:
      - office_net
@@ -116,9 +47,6 @@ services:
 # Volumi persistenti
 # ─────────────────────────────────────────────
 volumes:
  nextcloud_html:
  nextcloud_data:
  nextcloud_db:
  onlyoffice_data:
  onlyoffice_logs:
  onlyoffice_lib: