From 95cd3c441c490d6abf2b946f48208fa4dd08503a Mon Sep 17 00:00:00 2001
From: StepanovPlaton <mail2platon@yandex.ru>
Date: Thu, 12 Feb 2026 18:39:50 +0400
Subject: [PATCH] Add cloud web office

---
 .gitignore                              |   1 +
 cloud/.env.example                      |   4 ++
 cloud/docker-compose.yml                |  36 ++++++++----
 proxy/nginx/conf.d/.default.conf.swp    | Bin 0 -> 1024 bytes
 proxy/nginx/conf.d/default.conf.example |  74 +++++++++++++++++++++++-
 5 files changed, 103 insertions(+), 12 deletions(-)
 create mode 100644 proxy/nginx/conf.d/.default.conf.swp

diff --git a/.gitignore b/.gitignore
index eb22232..74715c1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -21,6 +21,7 @@ matrix/db
 cloud/db
 cloud/data
 cloud/config
+cloud/apps
 
 disk/filebrowser.db
 
diff --git a/cloud/.env.example b/cloud/.env.example
index 7e571e8..acadd16 100644
--- a/cloud/.env.example
+++ b/cloud/.env.example
@@ -7,3 +7,7 @@ PATH_TO_FOLDER=/path/to/folder/
 NEXTCLOUD_ADMIN=admin
 NEXTCLOUD_PASSWORD=password
 NEXTCLOUD_DOMAIN=cloud.domain.ru
+
+COLLABORA_ADMIN=admin
+COLLABORA_PASSWORD=password
+COLLABORA_DOMAIN=office.domain.ru
diff --git a/cloud/docker-compose.yml b/cloud/docker-compose.yml
index 034c586..a7809f0 100644
--- a/cloud/docker-compose.yml
+++ b/cloud/docker-compose.yml
@@ -29,16 +29,17 @@ services:
       - ${PATH_TO_FOLDER:?}:/var/www/external_storage:z
       - ./data:/var/www/html/data:z
       - ./config:/var/www/html/config:z
-    environment:
-      - MYSQL_PASSWORD=${DATABASE_PASSWORD:?}
-      - MYSQL_DATABASE=${NEXTCLOUD_DATABASE:?}
-      - MYSQL_USER=${DATABASE_USER:?}
-      - MYSQL_HOST=nextcloud-db
-      - REDIS_HOST=nextcloud-redis
-
-      - NEXTCLOUD_ADMIN_USER=${NEXTCLOUD_ADMIN:?}
-      - NEXTCLOUD_ADMIN_PASSWORD=${NEXTCLOUD_PASSWORD:?}
-      - NEXTCLOUD_TRUSTED_DOMAINS=${NEXTCLOUD_DOMAIN:?}
+      - ./apps:/var/www/html/custom_apps:z
+    #environment:
+    #  - MYSQL_PASSWORD=${DATABASE_PASSWORD:?}
+    #  - MYSQL_DATABASE=${NEXTCLOUD_DATABASE:?}
+    #  - MYSQL_USER=${DATABASE_USER:?}
+    #  - MYSQL_HOST=nextcloud-db
+    #  - REDIS_HOST=nextcloud-redis
+    #
+    #  - NEXTCLOUD_ADMIN_USER=${NEXTCLOUD_ADMIN:?}
+    #  - NEXTCLOUD_ADMIN_PASSWORD=${NEXTCLOUD_PASSWORD:?}
+    #  - NEXTCLOUD_TRUSTED_DOMAINS=${NEXTCLOUD_DOMAIN:?}
     depends_on:
       - nextcloud-db
       - nextcloud-redis
@@ -46,6 +47,21 @@ services:
       - cloud_network
       - private_cloud_network
 
+  nextcloud-collabora:
+    image: docker.io/collabora/code:latest
+    container_name: nextcloud-collabora
+    restart: always
+    environment:
+      - aliasgroup1=https://${NEXTCLOUD_DOMAIN:?}
+      - DONT_GEN_SSL_CERT=true
+      - server_name=${COLLABORA_DOMAIN:?}
+      - extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:net.post_allow.host[0]=.*
+      - username=${COLLABORA_ADMIN:?}
+      - password=${COLLABORA_PASSWORD:?}
+    networks:
+      - cloud_network
+      - private_cloud_network
+
 networks:
   cloud_network:
     name: cloud_network
diff --git a/proxy/nginx/conf.d/.default.conf.swp b/proxy/nginx/conf.d/.default.conf.swp
new file mode 100644
index 0000000000000000000000000000000000000000..188d4476c5ef33abbf217f0932912bd63bf5fda4
GIT binary patch
literal 1024
zcmYc?$V<%2SFq4CVL$<qYt0!_$`gyyP(-nF!0L)qi^@`quq%Lyrlh7Nmgbb`CFkc6
VV=P{?MkPl>U^E0s4uMc~9RTZ15CZ@J

literal 0
HcmV?d00001

diff --git a/proxy/nginx/conf.d/default.conf.example b/proxy/nginx/conf.d/default.conf.example
index 5be670f..4d03d9a 100644
--- a/proxy/nginx/conf.d/default.conf.example
+++ b/proxy/nginx/conf.d/default.conf.example
@@ -74,7 +74,77 @@ server {
     }
 }
 
-# 4. Matrix
+# 5. Cloud
+server {
+    listen 443 ssl;
+    server_name cloud.stepanovplaton.ru;
+
+    ssl_certificate /etc/letsencrypt/live/cloud.stepanovplaton.ru/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/cloud.stepanovplaton.ru/privkey.pem;
+
+    client_max_body_size 0;
+
+    location / {
+        proxy_pass http://nextcloud;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}
+server {
+    listen 443 ssl;
+    server_name office.stepanovplaton.ru;
+
+    ssl_certificate /etc/letsencrypt/live/office.stepanovplaton.ru/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/office.stepanovplaton.ru/privkey.pem;
+
+    location ^~ /browser {
+        proxy_pass http://nextcloud-collabora:9980;
+        proxy_set_header Host $host;
+    }
+    location ^~ /hosting/discovery {
+        proxy_pass http://nextcloud-collabora:9980;
+        proxy_set_header Host $host;
+    }
+    location ^~ /hosting/capabilities {
+        proxy_pass http://nextcloud-collabora:9980;
+        proxy_set_header Host $host;
+    }
+    location ~ ^/cool/(.*)/ws$ {
+        proxy_pass http://nextcloud-collabora:9980;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade"; # Явно указываем Upgrade
+        proxy_set_header Host $host;
+        proxy_read_timeout 36000s;
+    }
+    location ^~ /cool/adminws {
+        proxy_pass http://nextcloud-collabora:9980;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+        proxy_set_header Host $host;
+        proxy_read_timeout 36000s;
+    }
+    location / {
+        proxy_pass http://nextcloud-collabora:9980;
+        proxy_set_header Host $host;
+    }
+}
+server {
+    listen 443 ssl;
+    server_name talk.stepanovplaton.ru;
+
+    ssl_certificate /etc/letsencrypt/live/talk.stepanovplaton.ru/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/talk.stepanovplaton.ru/privkey.pem;
+
+    location / {
+        return 200 "Nextcloud Talk TURN server not configured";
+        add_header Content-Type text/plain;
+    }
+}
+
+
+# 6. Matrix
 server {
     listen 443 ssl;
     server_name m.domain.ru;
@@ -110,7 +180,7 @@ server {
     }
 }
 
-# Memos
+# 7. Memos
 server {
     listen 443 ssl;
     server_name todo.domain.ru;