From 947eb4451b99fd5b450b6c89fa544d79300587e4 Mon Sep 17 00:00:00 2001
From: francesco <f.picone92@gmail.com>
Date: Mon, 9 Mar 2026 16:35:19 +0100
Subject: [PATCH] ++ fix

---
 .env               |  43 +++-----
 README.md          | 239 ---------------------------------------------
 docker-compose.yml | 102 +++++++++----------
 3 files changed, 62 insertions(+), 322 deletions(-)
 delete mode 100644 README.md

diff --git a/.env b/.env
index 62e6a1c..5fb7301 100644
--- a/.env
+++ b/.env
@@ -1,32 +1,19 @@
-# Database Configuration
-MYSQL_ROOT_PASSWORD=kfhsdi3GDAhk3las
-MYSQL_PASSWORD=XBCF$UJCLOUDF
+TZ=Europe/Rome
+
+NEXTCLOUD_DOMAIN=drive.pyconetwork.it
+NEXTCLOUD_DOMAIN_REGEX=drive\\.pyconetwork\\.it
+TRUSTED_PROXY_IP=192.168.4.4
+
+# Porte pubblicate sul nodo Docker: il reverse proxy punta qui.
+NEXTCLOUD_PORT=8282
+COLLABORA_PORT=9980
+
 MYSQL_DATABASE=nextcloud
 MYSQL_USER=nextcloud
+MYSQL_PASSWORD=8sQ@7xN!hV2r@Kp4LmZ9
+MYSQL_ROOT_PASSWORD=R4!uP9@tZ2&cW7mQx5Jf
 
-# Nextcloud Configuration
-NEXTCLOUD_PORT=8282
-NEXTCLOUD_ADMIN_USER=admin
-NEXTCLOUD_ADMIN_PASSWORD=Z.p8ibwg4jri
-NEXTCLOUD_TRUSTED_DOMAINS=localhost 127.0.0.1 192.168.4.0/24 192.168.4.62 drive.pyconetwork.it
+REDIS_PASSWORD=vN3pgH8!pL2@qR7@yT5k
 
-# Protocol and Host (per reverse proxy)
-OVERWRITEPROTOCOL=https
-OVERWRITEHOST=drive.pyconetwork.it
-
-# Collabora Configuration
-COLLABORA_PORT=9980
-COLLABORA_DOMAIN=nextcloud\\.drive\\.pyconetwork\\.it
-COLLABORA_USERNAME=admin
-COLLABORA_PASSWORD=collabora_password_here
-COLLABORA_DICTIONARIES=it en_US en_GB de_DE fr_FR es_ES
-
-# Note: 
-# - COLLABORA_DOMAIN deve usare escape per i punti: nextcloud\\.domain\\.com
-# - NEXTCLOUD_TRUSTED_DOMAINS: separa i domini con spazi (non virgole)
-#   Includi: localhost, IP locali, subnet LAN, domini pubblici
-# - Dopo l'installazione, configura Collabora in Nextcloud andando in:
-#   Impostazioni -> Amministrazione -> Collabora Online
-#   URL: http://collabora:9980
-# - Se usi un dominio/reverse proxy HTTPS, imposta OVERWRITEPROTOCOL=https
-#   e OVERWRITEHOST=<tuo-dominio>
+COLLABORA_USERNAME=collaboraadmin
+COLLABORA_PASSWORD=Q2@nV8!rK5@pT9pwM3yZ
diff --git a/README.md b/README.md
deleted file mode 100644
index 9c697ec..0000000
--- a/README.md
+++ /dev/null
@@ -1,239 +0,0 @@
-# Nextcloud con Collabora Online - Docker Compose
-
-Setup completo di Nextcloud con Collabora Online usando Docker Compose.
-
-## Componenti
-
-- **Nextcloud**: Piattaforma di cloud storage e collaboration
-- **MariaDB**: Database per Nextcloud
-- **Redis**: Cache per migliorare le performance
-- **Collabora Online**: Suite office online integrata
-- **Cron**: Job cron per task schedulati di Nextcloud
-
-## Installazione
-
-### 1. Configura le variabili d'ambiente
-
-Modifica il file `.env` con i tuoi valori:
-
-```bash
-# Cambia le password
-MYSQL_ROOT_PASSWORD=<password-sicura>
-MYSQL_PASSWORD=<password-nextcloud>
-NEXTCLOUD_ADMIN_PASSWORD=<password-admin>
-COLLABORA_PASSWORD=<password-collabora>
-
-# Configura i domini (IMPORTANTE: separa con SPAZI, non virgole)
-NEXTCLOUD_TRUSTED_DOMAINS=localhost 127.0.0.1 192.168.4.0/24 your-domain.com
-OVERWRITEHOST=your-domain.com
-OVERWRITEPROTOCOL=https
-COLLABORA_DOMAIN=nextcloud\\.your-domain\\.com
-```
-
-**Importante**: 
-- Nel campo `COLLABORA_DOMAIN`, i punti devono essere escaped con `\\`
-- `NEXTCLOUD_TRUSTED_DOMAINS` deve contenere domini **separati da spazi** (non virgole)
-- Includi: localhost, IP locali, subnet LAN (es. 192.168.4.0/24), e domini pubblici
-- Per accesso locale: usa `OVERWRITEPROTOCOL=http` e `OVERWRITEHOST=localhost:8282`
-- Per reverse proxy HTTPS: usa `OVERWRITEPROTOCOL=https` e `OVERWRITEHOST=your-domain.com`
-
-### 2. Avvia i servizi
-
-```bash
-docker-compose up -d
-```
-
-### 3. Verifica lo stato
-
-```bash
-docker-compose ps
-docker-compose logs -f nextcloud
-```
-
-### 4. Accedi a Nextcloud
-
-Apri il browser e vai a: `http://localhost:8282` (o la porta configurata nella variabile `NEXTCLOUD_PORT`)
-
-- Username: `admin` (o quello configurato in `.env`)
-- Password: quella impostata in `NEXTCLOUD_ADMIN_PASSWORD`
-
-### 5. Configura Collabora in Nextcloud
-
-1. Accedi a Nextcloud come amministratore
-2. Installa l'app **Nextcloud Office** (ex Collabora Online):
-   - Menu → App → Sezione "Office & text" → Installa "Nextcloud Office"
-3. Vai in **Impostazioni** → **Amministrazione** → **Collabora Online**
-4. Seleziona "Usa il tuo server"
-5. Inserisci l'URL: `http://collabora:9980`
-6. Salva
-
-## Porte utilizzate
-
-- `8282`: Nextcloud Web UI (configurabile in `.env` con `NEXTCLOUD_PORT`)
-- `9980`: Collabora Online
-
-## Volumi
-
-I dati persistenti sono salvati nei volumi Docker:
-
-- `db_data`: Database MariaDB
-- `nextcloud_data`: File e configurazioni Nextcloud
-
-## Backup
-
-Per fare il backup:
-
-```bash
-# Backup dei volumi
-docker run --rm -v nextcloud_db_data:/data -v $(pwd):/backup alpine tar czf /backup/db_backup.tar.gz -C /data .
-docker run --rm -v nextcloud_nextcloud_data:/data -v $(pwd):/backup alpine tar czf /backup/nextcloud_backup.tar.gz -C /data .
-```
-
-## Comandi utili
-
-```bash
-# Avvia i servizi
-docker-compose up -d
-
-# Ferma i servizi
-docker-compose down
-
-# Visualizza i log
-docker-compose logs -f
-
-# Riavvia un servizio specifico
-docker-compose restart nextcloud
-
-# Aggiorna le immagini
-docker-compose pull
-docker-compose up -d
-```
-
-## Troubleshooting
-
-### Collabora non si connette
-
-1. Verifica che il container sia attivo: `docker-compose ps`
-2. Controlla i log: `docker-compose logs collabora`
-3. Verifica che l'URL in Nextcloud sia: `http://collabora:9980`
-
-### Errore "Trusted domain" o "Password non funziona"
-
-Questo errore può manifestarsi come:
-- "Access through untrusted domain"
-- "Unknown error while checking password" (anche con credenziali corrette)
-- Impossibilità di configurare storage esterni
-
-**Causa**: `trusted_domains` non configurato correttamente nel `config.php`.
-
-**Soluzione rapida** - Aggiungi i tuoi domini in `.env` (separa con spazi, non virgole):
-```bash
-NEXTCLOUD_TRUSTED_DOMAINS=localhost 127.0.0.1 192.168.4.0/24 your-domain.com
-```
-
-Poi riavvia:
-```bash
-docker compose restart nextcloud
-```
-
-**Se il problema persiste** (istanza già inizializzata prima della modifica `.env`), correggi manualmente con `occ`:
-
-```bash
-# Imposta ogni dominio come elemento separato dell'array
-docker exec nextcloud-app php occ config:system:set trusted_domains 0 --value='localhost'
-docker exec nextcloud-app php occ config:system:set trusted_domains 1 --value='192.168.4.0/24'
-docker exec nextcloud-app php occ config:system:set trusted_domains 2 --value='your-domain.com'
-docker exec nextcloud-app php occ config:system:set trusted_domains 3 --value='192.168.4.62'
-
-# Verifica anche che overwrite.cli.url sia corretto
-docker exec nextcloud-app php occ config:system:set overwrite.cli.url --value='https://your-domain.com'
-```
-
-**Verifica la configurazione**:
-```bash
-docker exec nextcloud-app cat /var/www/html/config/config.php | grep -A 6 'trusted_domains'
-```
-
-Il formato corretto nel `config.php` deve essere:
-```php
-'trusted_domains' => 
-  array (
-    0 => 'localhost',
-    1 => '192.168.4.0/24',
-    2 => 'your-domain.com',
-  ),
-```
-
-❌ **NON deve essere** una stringa concatenata come:
-```php
-1 => 'localhost,192.168.4.0/24,your-domain.com',  // ERRORE
-```
-
-### Performance lente
-
-Redis è già configurato per la cache. Puoi verificare che sia attivo:
-```bash
-docker-compose exec nextcloud php occ config:system:get redis host
-```
-
-## Reverse Proxy (opzionale)
-
-Se usi un reverse proxy (nginx, Traefik, etc.), configura:
-
-1. Imposta `OVERWRITEPROTOCOL=https` in `.env`
-2. Imposta `OVERWRITEHOST=your-domain.com` in `.env`
-3. Configura il reverse proxy per puntare a `localhost:8282` (Nextcloud) e `localhost:9980` (Collabora)
-4. Assicurati che il reverse proxy invii gli header corretti:
-   ```
-   X-Forwarded-For
-   X-Forwarded-Proto
-   X-Forwarded-Host
-   ```
-
-## Comandi occ utili
-
-Il comando `occ` (ownCloud Console) permette di gestire Nextcloud da CLI:
-
-```bash
-# Verifica configurazione sistema
-docker exec nextcloud-app php occ config:system:get trusted_domains
-docker exec nextcloud-app php occ config:system:get overwritehost
-
-# Imposta trusted domains
-docker exec nextcloud-app php occ config:system:set trusted_domains 0 --value='localhost'
-docker exec nextcloud-app php occ config:system:set trusted_domains 1 --value='your-domain.com'
-
-# Verifica stato sistema
-docker exec nextcloud-app php occ status
-
-# Manutenzione
-docker exec nextcloud-app php occ maintenance:mode --on
-docker exec nextcloud-app php occ maintenance:mode --off
-
-# Esegui aggiornamenti
-docker exec nextcloud-app php occ upgrade
-
-# Verifica integrità file
-docker exec nextcloud-app php occ integrity:check-core
-
-# Gestione app
-docker exec nextcloud-app php occ app:list
-docker exec nextcloud-app php occ app:enable files_external
-
-# Cache
-docker exec nextcloud-app php occ files:scan --all
-docker exec nextcloud-app php occ files:cleanup
-```
-
-## Sicurezza
-
-- **Cambia tutte le password** nel file `.env`
-- Non esporre le porte direttamente su Internet senza un reverse proxy con HTTPS
-- Considera l'uso di certificati SSL/TLS (Let's Encrypt)
-- Mantieni aggiornate le immagini Docker
-
-## Licenza
-
-Questo è un setup di esempio. Consulta le licenze dei singoli progetti:
-- Nextcloud: AGPLv3
-- Collabora Online: MPLv2 (versione CODE - Community)
diff --git a/docker-compose.yml b/docker-compose.yml
index 126ced3..adb70f4 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,87 +1,79 @@
 services:
   db:
-    image: mariadb:10.11
+    image: mariadb:11.4
     container_name: nextcloud-db
-    restart: always
-    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --innodb-file-per-table=1 --skip-innodb-read-only-compressed
+    restart: unless-stopped
+    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
+    environment:
+      MYSQL_DATABASE: ${MYSQL_DATABASE}
+      MYSQL_USER: ${MYSQL_USER}
+      MYSQL_PASSWORD: ${MYSQL_PASSWORD}
+      MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
+      TZ: ${TZ}
     volumes:
       - db_data:/var/lib/mysql
-    environment:
-      - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
-      - MYSQL_PASSWORD=${MYSQL_PASSWORD}
-      - MYSQL_DATABASE=${MYSQL_DATABASE}
-      - MYSQL_USER=${MYSQL_USER}
     networks:
-      - nextcloud-network
+      - nextcloud_internal
 
   redis:
-    image: redis:alpine
+    image: redis:7-alpine
     container_name: nextcloud-redis
-    restart: always
+    restart: unless-stopped
+    command: redis-server --requirepass ${REDIS_PASSWORD}
     networks:
-      - nextcloud-network
+      - nextcloud_internal
 
-  nextcloud:
-    image: nextcloud:latest
+  app:
+    image: nextcloud:30-apache
     container_name: nextcloud-app
-    restart: always
-    ports:
-      - "${NEXTCLOUD_PORT}:80"
-    volumes:
-      - nextcloud_data:/var/www/html
-    environment:
-      - MYSQL_PASSWORD=${MYSQL_PASSWORD}
-      - MYSQL_DATABASE=${MYSQL_DATABASE}
-      - MYSQL_USER=${MYSQL_USER}
-      - MYSQL_HOST=db
-      - REDIS_HOST=redis
-      - NEXTCLOUD_ADMIN_USER=${NEXTCLOUD_ADMIN_USER}
-      - NEXTCLOUD_ADMIN_PASSWORD=${NEXTCLOUD_ADMIN_PASSWORD}
-      - NEXTCLOUD_TRUSTED_DOMAINS=${NEXTCLOUD_TRUSTED_DOMAINS}
-      - OVERWRITEPROTOCOL=${OVERWRITEPROTOCOL}
-      - OVERWRITEHOST=${OVERWRITEHOST}
+    restart: unless-stopped
     depends_on:
       - db
       - redis
+    ports:
+      - "${NEXTCLOUD_PORT}:80"
+    environment:
+      MYSQL_HOST: db
+      MYSQL_DATABASE: ${MYSQL_DATABASE}
+      MYSQL_USER: ${MYSQL_USER}
+      MYSQL_PASSWORD: ${MYSQL_PASSWORD}
+      REDIS_HOST: redis
+      REDIS_HOST_PASSWORD: ${REDIS_PASSWORD}
+      NEXTCLOUD_TRUSTED_DOMAINS: ${NEXTCLOUD_DOMAIN}
+      TRUSTED_PROXIES: ${TRUSTED_PROXY_IP}
+      OVERWRITEHOST: ${NEXTCLOUD_DOMAIN}
+      OVERWRITEPROTOCOL: https
+      OVERWRITECLIURL: https://${NEXTCLOUD_DOMAIN}
+      PHP_MEMORY_LIMIT: 1024M
+      PHP_UPLOAD_LIMIT: 20G
+      TZ: ${TZ}
+    volumes:
+      - nextcloud_data:/var/www/html
     networks:
-      - nextcloud-network
+      - nextcloud_internal
 
   collabora:
     image: collabora/code:latest
-    container_name: nextcloud-collabora
-    restart: always
+    container_name: collabora
+    restart: unless-stopped
     ports:
       - "${COLLABORA_PORT}:9980"
     environment:
-      - domain=${COLLABORA_DOMAIN}
-      - username=${COLLABORA_USERNAME}
-      - password=${COLLABORA_PASSWORD}
-      - extra_params=--o:ssl.enable=false --o:ssl.termination=true
-      - dictionaries=${COLLABORA_DICTIONARIES}
+      domain: ${NEXTCLOUD_DOMAIN_REGEX}
+      username: ${COLLABORA_USERNAME}
+      password: ${COLLABORA_PASSWORD}
+      dictionaries: en_US it_IT
+      extra_params: --o:ssl.enable=false --o:ssl.termination=true --o:welcome.enable=false
+      TZ: ${TZ}
     cap_add:
       - MKNOD
     networks:
-      - nextcloud-network
-
-  cron:
-    image: nextcloud:latest
-    container_name: nextcloud-cron
-    restart: always
-    volumes:
-      - nextcloud_data:/var/www/html
-    entrypoint: /cron.sh
-    depends_on:
-      - db
-      - redis
-    networks:
-      - nextcloud-network
+      - nextcloud_internal
 
 volumes:
   db_data:
-    driver: local
   nextcloud_data:
-    driver: local
 
 networks:
-  nextcloud-network:
+  nextcloud_internal:
     driver: bridge