remove the wopi part from the external proxy docs

docs/admin/getting-started/container/docker-compose/docker-external-proxy.md

@@ -20,7 +20,6 @@ If you don't have an existing reverse proxy or prefer to let Traefik manage cert
 - Proper DNS records for your domain:
   - `cloud.YOUR.DOMAIN`
   - `collabora.YOUR.DOMAIN`
-  - `wopiserver.YOUR.DOMAIN`
 - Installed software:
   - [Docker & Docker Compose](https://docs.docker.com/engine/install/)
   - `nginx`
@@ -62,7 +61,7 @@ Paste the following config and adjust the URLs:
 ```nginx
 server {
     listen 80;
-    server_name cloud.YOUR.DOMAIN collabora.YOUR.DOMAIN wopiserver.YOUR.DOMAIN;
+    server_name cloud.YOUR.DOMAIN collabora.YOUR.DOMAIN;
 
     root /var/www/certbot;
 
@@ -76,7 +75,7 @@ server {
 Enable and reload Nginx:
 
 ```bash
-sudo ln -s /etc/nginx/sites-available/certbot-challenge /etc/nginx/sites-enabled/
+sudo ln -s /etc/nginx/sites-available/certbot-challenge /etc/nginx/sites-enabled/certbot-challenge
 sudo nginx -t && sudo systemctl reload nginx
 ```
 
@@ -89,7 +88,6 @@ sudo certbot certonly --webroot \
   -w /var/www/certbot \
   -d cloud.YOUR.DOMAIN \
   -d collabora.YOUR.DOMAIN \
-  -d wopiserver.YOUR.DOMAIN \
   --email your@email.com \
   --agree-tos \
   --no-eff-email
@@ -123,12 +121,16 @@ OC_DOMAIN=cloud.YOUR.DOMAIN
 INITIAL_ADMIN_PASSWORD=YOUR.SECRET.PASSWORD
 
 COLLABORA_DOMAIN=collabora.YOUR.DOMAIN
-
-WOPISERVER_DOMAIN=wopiserver.YOUR.DOMAIN
 ```
 
 The initial Admin password is mandatory for security reasons.
 
+:::note
+The WOPI endpoint is served by OpenCloud on the OpenCloud domain. It is available through the OpenCloud proxy under `/wopi` and `/collaboration`.
+
+A separate `wopiserver` domain, reverse proxy block, or exposed WOPI port is not required.
+:::
+
 Start the docker compose setup
 
 ```bash
@@ -163,7 +165,7 @@ Paste the following configuration and adjust the URLs:
 # Redirect HTTP to HTTPS
 server {
     listen 80;
-    server_name cloud.YOUR.DOMAIN collabora.YOUR.DOMAIN wopiserver.YOUR.DOMAIN;
+    server_name cloud.YOUR.DOMAIN collabora.YOUR.DOMAIN;
 
     location /.well-known/acme-challenge/ {
         root /var/www/certbot;
@@ -210,45 +212,44 @@ server {
 
 # Collabora
 server {
-  listen 443 ssl http2;
-  server_name collabora.YOUR.DOMAIN;
-
-  ssl_certificate /etc/letsencrypt/live/cloud.YOUR.DOMAIN/fullchain.pem;
-  ssl_certificate_key /etc/letsencrypt/live/cloud.YOUR.DOMAIN/privkey.pem;
-  add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
-  # Increase max upload size to collabora editor
-  client_max_body_size 10M;
-
-  location / {
-      proxy_pass http://127.0.0.1:9980;
-      proxy_set_header Host $host;
-  }
-
-  location ~ ^/cool/(.*)/ws$ {
-      proxy_pass http://127.0.0.1:9980;
-      proxy_set_header Upgrade $http_upgrade;
-      proxy_set_header Connection "Upgrade";
-      proxy_set_header Host $host;
-  }
+    listen 443 ssl http2;
+    server_name collabora.YOUR.DOMAIN;
 
-}
+    ssl_certificate /etc/letsencrypt/live/cloud.YOUR.DOMAIN/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/cloud.YOUR.DOMAIN/privkey.pem;
 
-# WOPI Server
-server {
-  listen 443 ssl http2;
-  server_name wopiserver.YOUR.DOMAIN;
-
-  ssl_certificate /etc/letsencrypt/live/cloud.YOUR.DOMAIN/fullchain.pem;
-  ssl_certificate_key /etc/letsencrypt/live/cloud.YOUR.DOMAIN/privkey.pem;
-  add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
-
-  location / {
-      proxy_pass http://127.0.0.1:9300;
-      proxy_set_header Host $host;
-      proxy_set_header X-Real-IP $remote_addr;
-      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-      proxy_set_header X-Forwarded-Proto $scheme;
-  }
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+
+    client_max_body_size 10M;
+
+    location / {
+        proxy_pass http://127.0.0.1:9980;
+
+        proxy_set_header Host $host;
+        proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto https;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Real-IP $remote_addr;
+
+        proxy_read_timeout 36000s;
+        proxy_send_timeout 36000s;
+    }
+
+    location ~ ^/cool/(.*)/ws$ {
+        proxy_pass http://127.0.0.1:9980;
+
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+
+        proxy_set_header Host $host;
+        proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto https;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Real-IP $remote_addr;
+
+        proxy_read_timeout 36000s;
+        proxy_send_timeout 36000s;
+    }
 }
 ```
 
@@ -260,15 +261,27 @@ Starting from nginx 1.25.0, the `http2` directive syntax changed from: `listen 4
 We enabled HTTP/2 and increased keep-alive limits to prevent large syncs from failing and ensure stable client connections, since nginx closes connections after ~1,000 requests by default.
 :::
 
-Thanks to [mitexleo](https://github.com/mitexleo) for the Ngnix example configuration on GitHub and [zerox80](https://github.com/zerox80) for the adjustments
+Thanks to [mitexleo](https://github.com/mitexleo) for the Nginx example configuration on GitHub and [zerox80](https://github.com/zerox80) for the adjustments.
 
 Enable and reload Nginx:
 
 ```bash
-sudo ln -s /etc/nginx/sites-available/opencloud /etc/nginx/sites-enabled/
+sudo ln -s /etc/nginx/sites-available/opencloud /etc/nginx/sites-enabled/opencloud
 sudo nginx -t && sudo systemctl reload nginx
 ```
 
+Verify that Nginx is listening on port `443`:
+
+```bash
+sudo ss -tulpn | grep ':443'
+```
+
+Verify that Collabora is reachable through the external proxy:
+
+```bash
+curl -k https://collabora.YOUR.DOMAIN/hosting/discovery | head
+```
+
 ## Test Certificate Renewal
 
 ```bash

versioned_docs/version-4.0/admin/getting-started/container/docker-compose/docker-external-proxy.md

@@ -16,7 +16,6 @@ This guide walks you through setting up OpenCloud behind an external Nginx rever
 - Proper DNS records for your domain:
   - `cloud.YOUR.DOMAIN`
   - `collabora.YOUR.DOMAIN`
-  - `wopiserver.YOUR.DOMAIN`
 - Installed software:
   - [Docker & Docker Compose](https://docs.docker.com/engine/install/)
   - `nginx`
@@ -72,7 +71,7 @@ Paste the following config and adjust the URLs:
 ```nginx
 server {
     listen 80;
-    server_name cloud.YOUR.DOMAIN collabora.YOUR.DOMAIN wopiserver.YOUR.DOMAIN;
+    server_name cloud.YOUR.DOMAIN collabora.YOUR.DOMAIN;
 
     root /var/www/certbot;
 
@@ -86,7 +85,7 @@ server {
 Enable and reload Nginx:
 
 ```bash
-sudo ln -s /etc/nginx/sites-available/certbot-challenge /etc/nginx/sites-enabled/
+sudo ln -s /etc/nginx/sites-available/certbot-challenge /etc/nginx/sites-enabled/certbot-challenge
 sudo nginx -t && sudo systemctl reload nginx
 ```
 
@@ -99,7 +98,6 @@ sudo certbot certonly --webroot \
   -w /var/www/certbot \
   -d cloud.YOUR.DOMAIN \
   -d collabora.YOUR.DOMAIN \
-  -d wopiserver.YOUR.DOMAIN \
   --email your@email.com \
   --agree-tos \
   --no-eff-email
@@ -133,12 +131,16 @@ OC_DOMAIN=cloud.YOUR.DOMAIN
 INITIAL_ADMIN_PASSWORD=YOUR.SECRET.PASSWORD
 
 COLLABORA_DOMAIN=collabora.YOUR.DOMAIN
-
-WOPISERVER_DOMAIN=wopiserver.YOUR.DOMAIN
 ```
 
 The initial Admin password is mandatory for security reasons.
 
+:::note
+The WOPI endpoint is served by OpenCloud on the OpenCloud domain. It is available through the OpenCloud proxy under `/wopi` and `/collaboration`.
+
+A separate `wopiserver` domain, reverse proxy block, or exposed WOPI port is not required.
+:::
+
 For production releases, please refer to the considerations outlined in the Docker Compose base instructions:
 
 [production setup consideration](./production-setup-consideration.md)
@@ -169,7 +171,7 @@ Paste the following configuration and adjust the URLs:
 # Redirect HTTP to HTTPS
 server {
     listen 80;
-    server_name cloud.YOUR.DOMAIN collabora.YOUR.DOMAIN wopiserver.YOUR.DOMAIN;
+    server_name cloud.YOUR.DOMAIN collabora.YOUR.DOMAIN;
 
     location /.well-known/acme-challenge/ {
         root /var/www/certbot;
@@ -216,45 +218,44 @@ server {
 
 # Collabora
 server {
-  listen 443 ssl http2;
-  server_name collabora.YOUR.DOMAIN;
-
-  ssl_certificate /etc/letsencrypt/live/cloud.YOUR.DOMAIN/fullchain.pem;
-  ssl_certificate_key /etc/letsencrypt/live/cloud.YOUR.DOMAIN/privkey.pem;
-  add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
-  # Increase max upload size to collabora editor
-  client_max_body_size 10M;
-
-  location / {
-      proxy_pass http://127.0.0.1:9980;
-      proxy_set_header Host $host;
-  }
-
-  location ~ ^/cool/(.*)/ws$ {
-      proxy_pass http://127.0.0.1:9980;
-      proxy_set_header Upgrade $http_upgrade;
-      proxy_set_header Connection "Upgrade";
-      proxy_set_header Host $host;
-  }
+    listen 443 ssl http2;
+    server_name collabora.YOUR.DOMAIN;
 
-}
+    ssl_certificate /etc/letsencrypt/live/cloud.YOUR.DOMAIN/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/cloud.YOUR.DOMAIN/privkey.pem;
 
-# WOPI Server
-server {
-  listen 443 ssl http2;
-  server_name wopiserver.YOUR.DOMAIN;
-
-  ssl_certificate /etc/letsencrypt/live/cloud.YOUR.DOMAIN/fullchain.pem;
-  ssl_certificate_key /etc/letsencrypt/live/cloud.YOUR.DOMAIN/privkey.pem;
-  add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
-
-  location / {
-      proxy_pass http://127.0.0.1:9300;
-      proxy_set_header Host $host;
-      proxy_set_header X-Real-IP $remote_addr;
-      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-      proxy_set_header X-Forwarded-Proto $scheme;
-  }
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+
+    client_max_body_size 10M;
+
+    location / {
+        proxy_pass http://127.0.0.1:9980;
+
+        proxy_set_header Host $host;
+        proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto https;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Real-IP $remote_addr;
+
+        proxy_read_timeout 36000s;
+        proxy_send_timeout 36000s;
+    }
+
+    location ~ ^/cool/(.*)/ws$ {
+        proxy_pass http://127.0.0.1:9980;
+
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+
+        proxy_set_header Host $host;
+        proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto https;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Real-IP $remote_addr;
+
+        proxy_read_timeout 36000s;
+        proxy_send_timeout 36000s;
+    }
 }
 ```
 
@@ -266,15 +267,27 @@ Starting from nginx 1.25.0, the `http2` directive syntax changed from: `listen 4
 We enabled HTTP/2 and increased keep-alive limits to prevent large syncs from failing and ensure stable client connections, since nginx closes connections after ~1,000 requests by default.
 :::
 
-Thanks to [mitexleo](https://github.com/mitexleo) for the Ngnix example configuration on GitHub and [zerox80](https://github.com/zerox80) for the adjustments
+Thanks to [mitexleo](https://github.com/mitexleo) for the Nginx example configuration on GitHub and [zerox80](https://github.com/zerox80) for the adjustments.
 
 Enable and reload Nginx:
 
 ```bash
-sudo ln -s /etc/nginx/sites-available/opencloud /etc/nginx/sites-enabled/
+sudo ln -s /etc/nginx/sites-available/opencloud /etc/nginx/sites-enabled/opencloud
 sudo nginx -t && sudo systemctl reload nginx
 ```
 
+Verify that Nginx is listening on port `443`:
+
+```bash
+sudo ss -tulpn | grep ':443'
+```
+
+Verify that Collabora is reachable through the external proxy:
+
+```bash
+curl -k https://collabora.YOUR.DOMAIN/hosting/discovery | head
+```
+
 ## Test Certificate Renewal
 
 ```bash