From f8cc109b7e1c2dc12e4319c79fc55e89dd256932 Mon Sep 17 00:00:00 2001 From: Jean-Yves <7360784+docjyJ@users.noreply.github.com> Date: Sat, 27 Sep 2025 12:26:56 +0200 Subject: [PATCH 01/37] Change ui_secret to use LLDAP_LDAP_USER_PASS Signed-off-by: Jean-Yves <7360784+docjyJ@users.noreply.github.com> --- community-containers/lldap/lldap.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/community-containers/lldap/lldap.json b/community-containers/lldap/lldap.json index 8f7fba88..32f8e7ec 100644 --- a/community-containers/lldap/lldap.json +++ b/community-containers/lldap/lldap.json @@ -27,7 +27,7 @@ "LLDAP_JWT_SECRET", "LLDAP_LDAP_USER_PASS" ], - "ui_secret": "LLDAP_JWT_SECRET", + "ui_secret": "LLDAP_LDAP_USER_PASS", "volumes": [ { "source": "nextcloud_aio_lldap", From b77af1a2f85f6de9d727d05dbe1b3267d58e0052 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexander=20M=C3=BCller?= <28591861+alexanderdd@users.noreply.github.com> Date: Sun, 28 Sep 2025 14:10:59 -0500 Subject: [PATCH 02/37] add comment about possibility of migration AIO->VM MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Alexander Müller <28591861+alexanderdd@users.noreply.github.com> --- readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/readme.md b/readme.md index 4c0712aa..6fa95704 100644 --- a/readme.md +++ b/readme.md @@ -52,7 +52,7 @@ Included are: - Possibility included to [pass the needed device for hardware transcoding](https://github.com/nextcloud/all-in-one#how-to-enable-hardware-acceleration-for-nextcloud) to the Nextcloud container - Possibility included to [store all docker related files on a separate drive](https://github.com/nextcloud/all-in-one#how-to-store-the-filesinstallation-on-a-separate-drive) - [LDAP can be used as user backend for Nextcloud](https://github.com/nextcloud/all-in-one/tree/main#ldap) -- Migration from any former Nextcloud installation to AIO is possible. See [this documentation](https://github.com/nextcloud/all-in-one/blob/main/migration.md) +- Migration from any former Nextcloud installation to AIO is possible. See [this documentation](https://github.com/nextcloud/all-in-one/blob/main/migration.md). Migration in the other direction (e.g. from AIO to a VM-based installation) is also possible. - [Fail2Ban can be added](https://github.com/nextcloud/all-in-one#fail2ban) - [phpMyAdmin, Adminer or pgAdmin can be added](https://github.com/nextcloud/all-in-one#phpmyadmin-adminer-or-pgadmin) - [Mail server can be added](https://github.com/nextcloud/all-in-one#mail-server) From 85a068f6791b8c2108b58aebe86203e4e8001774 Mon Sep 17 00:00:00 2001 From: jameskimmel <17176225+jameskimmel@users.noreply.github.com> Date: Fri, 3 Oct 2025 07:03:40 +0200 Subject: [PATCH 03/37] nginx-proxy Make it more clear what nginx-proxy is Signed-off-by: jameskimmel <17176225+jameskimmel@users.noreply.github.com> --- reverse-proxy.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/reverse-proxy.md b/reverse-proxy.md index 56e42fe3..6efe9026 100644 --- a/reverse-proxy.md +++ b/reverse-proxy.md @@ -538,13 +538,13 @@ Also change `@` to a mail address of yours. -### Nginx-Proxy +### nginx-proxy (Github Repo)
click here to expand -Unfortunately, it is not possible to configure Nginx-proxy in a way that works because it completely relies on environmental variables of the docker containers itself. Providing these variables does not work as stated above. +Unfortunately, it is not possible to configure nginx-proxy in a way that works because it completely relies on environmental variables of the docker containers itself. Providing these variables does not work as stated above. If you really want to use AIO, we recommend you to switch to caddy. It is simply amazing!
From a33ef5d1aa7f75f3716e4d55c266b5dc74f36d3a Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 6 Oct 2025 15:12:31 +0200 Subject: [PATCH 04/37] move the hint to a new line Signed-off-by: Simon L. --- readme.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/readme.md b/readme.md index 6fa95704..f48479e4 100644 --- a/readme.md +++ b/readme.md @@ -52,7 +52,8 @@ Included are: - Possibility included to [pass the needed device for hardware transcoding](https://github.com/nextcloud/all-in-one#how-to-enable-hardware-acceleration-for-nextcloud) to the Nextcloud container - Possibility included to [store all docker related files on a separate drive](https://github.com/nextcloud/all-in-one#how-to-store-the-filesinstallation-on-a-separate-drive) - [LDAP can be used as user backend for Nextcloud](https://github.com/nextcloud/all-in-one/tree/main#ldap) -- Migration from any former Nextcloud installation to AIO is possible. See [this documentation](https://github.com/nextcloud/all-in-one/blob/main/migration.md). Migration in the other direction (e.g. from AIO to a VM-based installation) is also possible. +- Migration from any former Nextcloud installation to AIO is possible. See [this documentation](https://github.com/nextcloud/all-in-one/blob/main/migration.md). +- Migration in the other direction (e.g. from AIO to a VM-based installation) is also possible. - [Fail2Ban can be added](https://github.com/nextcloud/all-in-one#fail2ban) - [phpMyAdmin, Adminer or pgAdmin can be added](https://github.com/nextcloud/all-in-one#phpmyadmin-adminer-or-pgadmin) - [Mail server can be added](https://github.com/nextcloud/all-in-one#mail-server) From 7fbc548d2df54904e05c5b374fc37db8875b62df Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 6 Oct 2025 15:44:27 +0200 Subject: [PATCH 05/37] lldap: adjust hint how to retrieve the password Signed-off-by: Simon L. --- community-containers/lldap/readme.md | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/community-containers/lldap/readme.md b/community-containers/lldap/readme.md index ce4636bc..586aea9e 100644 --- a/community-containers/lldap/readme.md +++ b/community-containers/lldap/readme.md @@ -18,10 +18,7 @@ Functionality with this configuration: > For simplicity, this configuration is done via the command line (don't worry, it's very simple). -First, you need to retrieve the LLDAP admin password, this will be used later on. Which you need to type in or copy and paste: -```bash -sudo docker inspect nextcloud-aio-lldap | grep LLDAP_LDAP_USER_PASS -``` +First, you need to retrieve the LLDAP admin password that you can see next to the container in the AIO interface. There you can configure smtp first and then invite users via mail. Now go into the Nextcloud container:
**Please note:** If you do not have CLI access to the server, you can now run docker commands via a web session by using this community container: https://github.com/nextcloud/all-in-one/tree/main/community-containers/container-management. This script below can be run from inside the container-management container via `bash /lldap.sh`. From c1949573c9d5596f361563fcfa3f19f772357ffa Mon Sep 17 00:00:00 2001 From: Josh Date: Fri, 26 Sep 2025 15:27:56 -0400 Subject: [PATCH 06/37] refactor(nextcloud): Tidy up entrypoint.sh error/log output - Cleaned up error messages - Reformatted some code for readability No logic changes. Signed-off-by: Josh --- Containers/nextcloud/entrypoint.sh | 207 +++++++++++++++++++---------- 1 file changed, 135 insertions(+), 72 deletions(-) diff --git a/Containers/nextcloud/entrypoint.sh b/Containers/nextcloud/entrypoint.sh index 4c50648a..fd8e6136 100644 --- a/Containers/nextcloud/entrypoint.sh +++ b/Containers/nextcloud/entrypoint.sh @@ -25,31 +25,34 @@ if [ "$DATABASE_TYPE" = postgres ]; then export DATABASE_TYPE=pgsql fi -# Only start container if redis is accessible +# Only start container if Redis is accessible # shellcheck disable=SC2153 while ! nc -z "$REDIS_HOST" "6379"; do - echo "Waiting for redis to start..." + echo "Waiting for Redis to start..." sleep 5 done # Check permissions in ncdata -touch "$NEXTCLOUD_DATA_DIR/this-is-a-test-file" -if ! [ -f "$NEXTCLOUD_DATA_DIR/this-is-a-test-file" ]; then - echo "The www-data user doesn't seem to have access rights in the datadir. -Most likely are the files located on a drive that does not follow linux permissions. -Please adjust the permissions like mentioned below. -The found permissions are: -$(stat -c "%u:%g %a" "$NEXTCLOUD_DATA_DIR") -(userID:groupID permissions) -but they should be: -33:0 750 -(userID:groupID permissions) -Also make sure that the parent directories on the host of the directory that you've chosen as datadir are publicly readable with e.g. 'sudo chmod +r /mnt' (adjust the command accordingly to your case) and the same for all subdirectories. -Additionally, if you want to use a Fuse-mount as datadir, set 'allow_other' as additional mount option. -For SMB/CIFS mounts as datadir, see https://github.com/nextcloud/all-in-one#can-i-use-a-cifssmb-share-as-nextclouds-datadir" +test_file="$NEXTCLOUD_DATA_DIR/this-is-a-test-file" +touch "$test_file" +if ! [ -f "$test_file" ]; then + echo "The www-data user does not appear to have access rights to the data directory." + echo "It is possible that the files are on a filesystem that does not support standard Linux permissions," + echo "or the permissions simply need to be adjusted. Please change the permissions as described below." + echo "Current permissions are:" + stat -c "%u:%g %a" "$NEXTCLOUD_DATA_DIR" + echo "(userID:groupID permissions)" + echo "They should be:" + echo "33:0 750" + echo "(userID:groupID permissions)" + echo "Also, ensure that all parent directories on the host of your chosen data directory are publicly readable." + echo "For example: sudo chmod +r /mnt (adjust this command as needed)." + echo "If you want to use a FUSE mount as the data directory, add 'allow_other' as an additional mount option." + echo "For SMB/CIFS mounts as the data directory, see:" + echo " https://github.com/nextcloud/all-in-one#can-i-use-a-cifssmb-share-as-nextclouds-datadir" exit 1 fi -rm "$NEXTCLOUD_DATA_DIR/this-is-a-test-file" +rm -f "$test_file" if [ -f /var/www/html/version.php ]; then # shellcheck disable=SC2016 @@ -71,26 +74,31 @@ fi # Don't start the container if Nextcloud is not compatible with the PHP version if [ -f "/var/www/html/lib/versioncheck.php" ] && ! php /var/www/html/lib/versioncheck.php; then - echo "It seems like your installed Nextcloud is not compatible with the by the container provided PHP version." - echo "This most likely happened because you tried to restore an old Nextcloud version from backup that is not compatible with the PHP version that comes with the container." - echo "Please try to restore a more recent backup which contains a Nextcloud version that is compatible with the PHP version that comes with the container." - echo "If you do not have a more recent backup, feel free to have a look at this documentation: https://github.com/nextcloud/all-in-one/blob/main/manual-upgrade.md" + echo "Your installed Nextcloud version is not compatible with the PHP version provided by this image." + echo "This typically occurs when you restore an older Nextcloud backup that does not support the" + echo "PHP version included in this image." + echo "Please restore a more recent backup that includes a compatible Nextcloud version." + echo "If you do not have a more recent backup, refer to the manual upgrade documentation:" + echo " https://github.com/nextcloud/all-in-one/blob/main/manual-upgrade.md" exit 1 fi # Do not start the container if the last update failed if [ -f "$NEXTCLOUD_DATA_DIR/update.failed" ]; then echo "The last Nextcloud update failed." - echo "Please restore from backup and try again!" - echo "If you do not have a backup in place, you can simply delete the update.failed file in the datadir which will allow the container to start again." + echo "Please restore from a backup and try again." + echo "If you do not have a backup, you can delete the update.failed file in the data directory" + echo "to allow the container to start again." exit 1 fi # Do not start the container if the install failed if [ -f "$NEXTCLOUD_DATA_DIR/install.failed" ]; then echo "The initial Nextcloud installation failed." - echo "Please reset AIO properly and try again. For further clues what went wrong, check the logs above." - echo "See https://github.com/nextcloud/all-in-one#how-to-properly-reset-the-instance" + echo "For more information about what went wrong, check the logs above." + echo "Please reset AIO properly and try again." + echo "See:" + echo " https://github.com/nextcloud/all-in-one#how-to-properly-reset-the-instance" exit 1 fi @@ -143,7 +151,7 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then if [ "$installed_version" != "0.0.0.0" ]; then # Check connection to appstore start # Do not remove or change this line! while true; do - echo -e "Checking connection to appstore" + echo -e "Checking connection to the app store..." APPSTORE_URL="https://apps.nextcloud.com/api/v1" if grep -q appstoreurl /var/www/html/config/config.php; then set -x @@ -154,10 +162,10 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then CURL_STATUS="$(curl -LI "$APPSTORE_URL"/apps.json -o /dev/null -w '%{http_code}\n' -s)" if [[ "$CURL_STATUS" = "200" ]] then - echo "Appstore is reachable" + echo "App store is reachable." break else - echo "Curl didn't produce a 200 status, is appstore reachable?" + echo "Curl did not return a 200 status. Is the app store reachable?" sleep 5 fi done @@ -167,21 +175,21 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then php /var/www/html/occ maintenance:mode --off - echo "Getting and backing up the status of apps for later, this might take a while..." + echo "Getting and backing up the status of apps for later; this might take a while..." NC_APPS="$(find /var/www/html/custom_apps/ -type d -maxdepth 1 -mindepth 1 | sed 's|/var/www/html/custom_apps/||g')" if [ -z "$NC_APPS" ]; then - echo "No apps detected, aborting export of app status..." + echo "No apps detected. Aborting export of app status..." APPSTORAGE="no-export-done" else mapfile -t NC_APPS_ARRAY <<< "$NC_APPS" declare -Ag APPSTORAGE - echo "Disabling apps before the update in order to make the update procedure more safe. This can take a while..." + echo "Disabling apps before the update to make the update procedure safer. This can take a while..." for app in "${NC_APPS_ARRAY[@]}"; do if APPSTORAGE[$app]="$(php /var/www/html/occ config:app:get "$app" enabled)"; then php /var/www/html/occ app:disable "$app" else APPSTORAGE[$app]="" - echo "Not disabling $app because the occ command to get the enabled state was failing." + echo "Not disabling $app because the occ command to get its enabled state failed." fi done fi @@ -195,8 +203,13 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then run_upgrade_if_needed_due_to_app_update fi - echo "Initializing nextcloud $image_version ..." - rsync -rlD --delete --exclude-from=/upgrade.exclude "$SOURCE_LOCATION/" /var/www/html/ + echo "Initializing Nextcloud $image_version ..." + + # Copy over initial data from Nextcloud archive + rsync -rlD --delete \ + --exclude-from=/upgrade.exclude \ + "$SOURCE_LOCATION/" \ + /var/www/html/ # Copy custom_apps from Nextcloud archive if ! directory_empty "$SOURCE_LOCATION/custom_apps"; then @@ -204,22 +217,47 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then for app in "$SOURCE_LOCATION/custom_apps"/*; do app_id="$(basename "$app")" mkdir -p "/var/www/html/custom_apps/$app_id" - rsync -rlD --delete --include "/$app_id/" --exclude '/*' "$SOURCE_LOCATION/custom_apps/" /var/www/html/custom_apps/ + rsync -rlD --delete \ + --include "/$app_id/" \ + --exclude '/*' \ + "$SOURCE_LOCATION/custom_apps/" \ + /var/www/html/custom_apps/ done set +x fi - # Copy over initial data from Nextcloud archive + # Copy these from Nextcloud archive if they don't exist yet (i.e. new install) for dir in config data custom_apps themes; do if [ ! -d "/var/www/html/$dir" ] || directory_empty "/var/www/html/$dir"; then - rsync -rlD --include "/$dir/" --exclude '/*' "$SOURCE_LOCATION/" /var/www/html/ + rsync -rlD \ + --include "/$dir/" \ + --exclude '/*' \ + "$SOURCE_LOCATION/" \ + /var/www/html/ fi done - rsync -rlD --delete --include '/config/' --exclude '/*' --exclude '/config/CAN_INSTALL' --exclude '/config/config.sample.php' --exclude '/config/config.php' "$SOURCE_LOCATION/" /var/www/html/ - rsync -rlD --include '/version.php' --exclude '/*' "$SOURCE_LOCATION/" /var/www/html/ + + rsync -rlD --delete \ + --include '/config/' \ + --exclude '/*' \ + --exclude '/config/CAN_INSTALL' \ + --exclude '/config/config.sample.php' \ + --exclude '/config/config.php' \ + "$SOURCE_LOCATION/" \ + /var/www/html/ + + rsync -rlD \ + --include '/version.php' \ + --exclude '/*' \ + "$SOURCE_LOCATION/" \ + /var/www/html/ + echo "Initializing finished" - #install + ################ + # Fresh Install + ################ + if [ "$installed_version" = "0.0.0.0" ]; then echo "New Nextcloud instance." @@ -233,13 +271,13 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then INSTALL_OPTIONS+=(--data-dir "$NEXTCLOUD_DATA_DIR") fi - # We do our own permission check so the permission check is not needed - cat << DATADIR_PERMISSION_CONF > /var/www/html/config/datadir.permission.config.php + # Skip the default permission check (we do our own) + cat > /var/www/html/config/datadir.permission.config.php <<'EOF' false -); -DATADIR_PERMISSION_CONF + $CONFIG = array ( + 'check_data_directory_permissions' => false + ); +EOF # Write out postgres root cert if [ -n "$NEXTCLOUD_TRUSTED_CERTIFICATES_POSTGRES" ]; then @@ -250,11 +288,20 @@ DATADIR_PERMISSION_CONF echo "Installing with $DATABASE_TYPE database" # Set a default value for POSTGRES_PORT if [ -z "$POSTGRES_PORT" ]; then - POSTGRES_PORT=5432 + POSTGRES_PORT=5432 fi - # shellcheck disable=SC2153 - INSTALL_OPTIONS+=(--database "$DATABASE_TYPE" --database-name "$POSTGRES_DB" --database-user "$POSTGRES_USER" --database-pass "$POSTGRES_PASSWORD" --database-host "$POSTGRES_HOST" --database-port "$POSTGRES_PORT") + # Add database options to INSTALL_OPTIONS + # shellcheck disable=SC2153 + INSTALL_OPTIONS+=( + --database "$DATABASE_TYPE" + --database-name "$POSTGRES_DB" + --database-user "$POSTGRES_USER" + --database-pass "$POSTGRES_PASSWORD" + --database-host "$POSTGRES_HOST" + --database-port "$POSTGRES_PORT" + ) + echo "Starting Nextcloud installation..." if ! php /var/www/html/occ maintenance:install "${INSTALL_OPTIONS[@]}"; then echo "Installation of Nextcloud failed!" @@ -276,7 +323,7 @@ DATADIR_PERMISSION_CONF if [ "$try" -ge "$max_retries" ]; then echo "Installation of Nextcloud failed!" - echo "Install errors: $(cat /var/www/html/data/nextcloud.log)" + echo "Installation errors: $(cat /var/www/html/data/nextcloud.log)" touch "$NEXTCLOUD_DATA_DIR/install.failed" exit 1 fi @@ -312,10 +359,12 @@ DATADIR_PERMISSION_CONF installed_version="$(php -r 'require "/var/www/html/version.php"; echo implode(".", $OC_Version);')" INSTALLED_MAJOR="${installed_version%%.*}" IMAGE_MAJOR="${image_version%%.*}" + # If a valid upgrade path, trigger the Nextcloud built-in Updater if ! [ "$INSTALLED_MAJOR" -gt "$IMAGE_MAJOR" ]; then php /var/www/html/updater/updater.phar --no-interaction --no-backup if ! php /var/www/html/occ -V || php /var/www/html/occ status | grep maintenance | grep -q 'true'; then echo "Installation of Nextcloud failed!" + # TODO: Add a hint here about what to do / where to look / updater.log? touch "$NEXTCLOUD_DATA_DIR/install.failed" exit 1 fi @@ -392,11 +441,11 @@ DATADIR_PERMISSION_CONF #upgrade else touch "$NEXTCLOUD_DATA_DIR/update.failed" - echo "Upgrading nextcloud from $installed_version to $image_version..." + echo "Upgrading Nextcloud from $installed_version to $image_version..." php /var/www/html/occ config:system:delete integrity.check.disabled if ! php /var/www/html/occ upgrade || ! php /var/www/html/occ -V; then echo "Upgrade failed. Please restore from backup." - bash /notify.sh "Nextcloud update to $image_version failed!" "Please restore from backup!" + bash /notify.sh "Nextcloud update to $image_version failed!" "Please restore from backup." exit 1 fi @@ -404,7 +453,7 @@ DATADIR_PERMISSION_CONF installed_version="$(php -r 'require "/var/www/html/version.php"; echo implode(".", $OC_Version);')" rm "$NEXTCLOUD_DATA_DIR/update.failed" - bash /notify.sh "Nextcloud update to $image_version successful!" "Feel free to inspect the Nextcloud container logs for more info." + bash /notify.sh "Nextcloud update to $image_version successful!" "You may inspect the Nextcloud container logs for more information." php /var/www/html/occ app:update --all @@ -412,7 +461,7 @@ DATADIR_PERMISSION_CONF # Restore app status if [ "${APPSTORAGE[0]}" != "no-export-done" ]; then - echo "Restoring the status of apps. This can take a while..." + echo "Restoring app statuses. This may take a while..." for app in "${!APPSTORAGE[@]}"; do if [ -n "${APPSTORAGE[$app]}" ]; then if [ "${APPSTORAGE[$app]}" != "no" ]; then @@ -424,13 +473,13 @@ DATADIR_PERMISSION_CONF php /var/www/html/occ maintenance:mode --off fi run_upgrade_if_needed_due_to_app_update - echo "The $app app could not get enabled. Probably because it is not compatible with the new Nextcloud version." + echo "The $app app could not be re-enabled, probably because it is not compatible with the new Nextcloud version." if [ "$app" = apporder ]; then CUSTOM_HINT="The apporder app was deprecated. A possible replacement is the side_menu app, aka 'Custom menu'." else - CUSTOM_HINT="Most likely because it is not compatible with the new Nextcloud version." + CUSTOM_HINT="Most likely, it is not compatible with the new Nextcloud version." fi - bash /notify.sh "Could not enable the $app app after the Nextcloud update!" "$CUSTOM_HINT Feel free to look at the Nextcloud update logs and force-enable the app again from the app-store UI." + bash /notify.sh "Could not re-enable the $app app after the Nextcloud update!" "$CUSTOM_HINT Feel free to review the Nextcloud update logs and force-enable the app again if you wish." continue fi # Only restore the group settings, if the app was enabled (and is thus compatible with the new NC version) @@ -452,7 +501,7 @@ DATADIR_PERMISSION_CONF php /var/www/html/occ config:app:set updatenotification notify_groups --value="[]" # Apply optimization - echo "Doing some optimizations..." + echo "Performing some optimizations..." if [ "$NEXTCLOUD_SKIP_DATABASE_OPTIMIZATION" != yes ]; then php /var/www/html/occ maintenance:repair --include-expensive php /var/www/html/occ db:add-missing-indices @@ -483,10 +532,10 @@ if [ -z "$OBJECTSTORE_S3_BUCKET" ] && [ -z "$OBJECTSTORE_SWIFT_URL" ]; then # Check if appdata is present # If not, something broke (e.g. changing ncdatadir after aio was first started) if [ -z "$(find "$NEXTCLOUD_DATA_DIR/" -maxdepth 1 -mindepth 1 -type d -name "appdata_*")" ]; then - echo "Appdata is not present. Did you maybe change the datadir after the initial Nextcloud installation? This is not supported!" + echo "Appdata is not present. Did you change the datadir after the initial Nextcloud installation? This is not supported!" echo "See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir" - echo "If you adjusted the datadir to be located on an external drive, make sure that the drive is still mounted!" - echo "In the datadir was found:" + echo "If you moved the datadir to an external drive, make sure that the drive is still mounted." + echo "The following was found in the datadir:" ls -la "$NEXTCLOUD_DATA_DIR/" exit 1 fi @@ -678,7 +727,7 @@ if [ "$COLLABORA_ENABLED" = 'yes' ]; then fi fi else - echo "Warning: No ipv4-address found for $COLLABORA_HOST." + echo "Warning: No IPv4 address found for $COLLABORA_HOST." fi if [ -n "$COLLABORA_IPv6_ADDRESS" ]; then if ! echo "$COLLABORA_ALLOW_LIST" | grep -q "$COLLABORA_IPv6_ADDRESS"; then @@ -689,7 +738,7 @@ if [ "$COLLABORA_ENABLED" = 'yes' ]; then fi fi else - echo "No ipv6-address found for $COLLABORA_HOST." + echo "No IPv6 address found for $COLLABORA_HOST." fi if [ -n "$COLLABORA_ALLOW_LIST" ]; then PRIVATE_IP_RANGES='127.0.0.1/8,192.168.0.0/16,172.16.0.0/12,10.0.0.0/8,fd00::/8,::1' @@ -703,7 +752,7 @@ if [ "$COLLABORA_ENABLED" = 'yes' ]; then fi php /var/www/html/occ config:app:set richdocuments wopi_allowlist --value="$COLLABORA_ALLOW_LIST" else - echo "Warning: wopi_allowlist is empty which should not be the case!" + echo "Warning: wopi_allowlist is empty; this should not be the case!" fi else if [ "$REMOVE_DISABLED_APPS" = yes ] && [ -d "/var/www/html/custom_apps/richdocuments" ]; then @@ -713,15 +762,20 @@ fi # OnlyOffice if [ "$ONLYOFFICE_ENABLED" = 'yes' ]; then + # Determine OnlyOffice port based on host pattern if echo "$ONLYOFFICE_HOST" | grep -q "nextcloud-.*-onlyoffice"; then ONLYOFFICE_PORT=80 else ONLYOFFICE_PORT=443 fi + + # Wait for OnlyOffice to become available while ! nc -z "$ONLYOFFICE_HOST" "$ONLYOFFICE_PORT"; do - echo "waiting for OnlyOffice to become available..." + echo "Waiting for OnlyOffice to become available..." sleep 5 done + + # Install or enable OnlyOffice app as needed if ! [ -d "/var/www/html/custom_apps/onlyoffice" ]; then php /var/www/html/occ app:install onlyoffice elif [ "$(php /var/www/html/occ config:app:get onlyoffice enabled)" != "yes" ]; then @@ -729,16 +783,25 @@ if [ "$ONLYOFFICE_ENABLED" = 'yes' ]; then elif [ "$SKIP_UPDATE" != 1 ]; then php /var/www/html/occ app:update onlyoffice fi + + # Set OnlyOffice configuration php /var/www/html/occ config:system:set onlyoffice jwt_secret --value="$ONLYOFFICE_SECRET" php /var/www/html/occ config:app:set onlyoffice jwt_secret --value="$ONLYOFFICE_SECRET" php /var/www/html/occ config:system:set onlyoffice jwt_header --value="AuthorizationJwt" + + # Adjust the OnlyOffice host if using internal pattern if echo "$ONLYOFFICE_HOST" | grep -q "nextcloud-.*-onlyoffice"; then ONLYOFFICE_HOST="$NC_DOMAIN/onlyoffice" export ONLYOFFICE_HOST fi + php /var/www/html/occ config:app:set onlyoffice DocumentServerUrl --value="https://$ONLYOFFICE_HOST" else - if [ "$REMOVE_DISABLED_APPS" = yes ] && [ -d "/var/www/html/custom_apps/onlyoffice" ] && [ -n "$ONLYOFFICE_SECRET" ] && [ "$(php /var/www/html/occ config:system:get onlyoffice jwt_secret)" = "$ONLYOFFICE_SECRET" ]; then + # Remove OnlyOffice app if disabled and removal is requested + if [ "$REMOVE_DISABLED_APPS" = yes ] && \ + [ -d "/var/www/html/custom_apps/onlyoffice" ] && \ + [ -n "$ONLYOFFICE_SECRET" ] && \ + [ "$(php /var/www/html/occ config:system:get onlyoffice jwt_secret)" = "$ONLYOFFICE_SECRET" ]; then php /var/www/html/occ app:remove onlyoffice fi fi @@ -784,7 +847,7 @@ fi if [ -d "/var/www/html/custom_apps/spreed" ]; then if [ "$TALK_RECORDING_ENABLED" = 'yes' ]; then while ! nc -z "$TALK_RECORDING_HOST" 1234; do - echo "waiting for Talk Recording to become available..." + echo "Waiting for Talk Recording to become available..." sleep 5 done # TODO: migrate to occ command if that becomes available @@ -799,12 +862,12 @@ fi if [ "$CLAMAV_ENABLED" = 'yes' ]; then count=0 while ! nc -z "$CLAMAV_HOST" 3310 && [ "$count" -lt 90 ]; do - echo "waiting for clamav to become available..." + echo "Waiting for ClamAV to become available..." count=$((count+5)) sleep 5 done if [ "$count" -ge 90 ]; then - echo "Clamav did not start in time. Skipping initialization and disabling files_antivirus app." + echo "ClamAV did not start in time. Skipping initialization and disabling files_antivirus app." php /var/www/html/occ app:disable files_antivirus else if ! [ -d "/var/www/html/custom_apps/files_antivirus" ]; then @@ -851,7 +914,7 @@ fi if [ "$FULLTEXTSEARCH_ENABLED" = 'yes' ]; then count=0 while ! nc -z "$FULLTEXTSEARCH_HOST" "$FULLTEXTSEARCH_PORT" && [ "$count" -lt 90 ]; do - echo "waiting for Fulltextsearch to become available..." + echo "Waiting for Fulltextsearch to become available..." count=$((count+5)) sleep 5 done @@ -888,14 +951,14 @@ if [ "$FULLTEXTSEARCH_ENABLED" = 'yes' ]; then # Do the index if ! [ -f "$NEXTCLOUD_DATA_DIR/fts-index.done" ]; then - echo "Waiting 10s before activating FTS..." + echo "Waiting 10 seconds before activating fulltextsearch..." sleep 10 echo "Activating fulltextsearch..." if php /var/www/html/occ fulltextsearch:test && php /var/www/html/occ fulltextsearch:index "{\"errors\": \"reset\"}" --no-readline; then touch "$NEXTCLOUD_DATA_DIR/fts-index.done" else echo "Fulltextsearch failed. Could not index." - echo "Feel free to follow https://github.com/nextcloud/all-in-one/discussions/1709 if you want to skip the indexing in the future." + echo "If you want to skip indexing in the future, see https://github.com/nextcloud/all-in-one/discussions/1709" fi fi fi From 593379de56d30a7fdf6db83adb614f14a6940755 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 7 Oct 2025 04:18:34 +0000 Subject: [PATCH 07/37] build(deps): bump elasticsearch in /Containers/fulltextsearch Bumps elasticsearch from 8.19.4 to 8.19.5. --- updated-dependencies: - dependency-name: elasticsearch dependency-version: 8.19.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/fulltextsearch/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/fulltextsearch/Dockerfile b/Containers/fulltextsearch/Dockerfile index 289722ea..980fe275 100644 --- a/Containers/fulltextsearch/Dockerfile +++ b/Containers/fulltextsearch/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Probably from here https://github.com/elastic/elasticsearch/blob/main/distribution/docker/src/docker/Dockerfile -FROM elasticsearch:8.19.4 +FROM elasticsearch:8.19.5 USER root From 6d6183b9e83e37a0a6baed9835e3ccd225ed5424 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 7 Oct 2025 13:08:54 +0000 Subject: [PATCH 08/37] build(deps): bump softprops/turnstyle in /.github/workflows Bumps [softprops/turnstyle](https://github.com/softprops/turnstyle) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/softprops/turnstyle/releases) - [Changelog](https://github.com/softprops/turnstyle/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/turnstyle/compare/858c58d647eeb05b1725a96ae3fc290230321af3...9d692f15fa9f84928799bccac2dba6565e024bdf) --- updated-dependencies: - dependency-name: softprops/turnstyle dependency-version: 3.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/helm-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/helm-release.yml b/.github/workflows/helm-release.yml index 56854ed4..e6527250 100644 --- a/.github/workflows/helm-release.yml +++ b/.github/workflows/helm-release.yml @@ -16,7 +16,7 @@ jobs: uses: actions/checkout@v5 - name: Turnstyle - uses: softprops/turnstyle@858c58d647eeb05b1725a96ae3fc290230321af3 # v2 + uses: softprops/turnstyle@9d692f15fa9f84928799bccac2dba6565e024bdf # v2 with: continue-after-seconds: 180 env: From c35e0809bdce3f3e947a8b072f57287bce2847ea Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 8 Oct 2025 04:20:04 +0000 Subject: [PATCH 09/37] build(deps): bump golang in /Containers/imaginary Bumps golang from 1.25.1-alpine3.22 to 1.25.2-alpine3.22. --- updated-dependencies: - dependency-name: golang dependency-version: 1.25.2-alpine3.22 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/imaginary/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/imaginary/Dockerfile b/Containers/imaginary/Dockerfile index afeb69a4..1d673ecd 100644 --- a/Containers/imaginary/Dockerfile +++ b/Containers/imaginary/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM golang:1.25.1-alpine3.22 AS go +FROM golang:1.25.2-alpine3.22 AS go ENV IMAGINARY_HASH=1d4e251cfcd58ea66f8361f8721d7b8cc85002a3 From 7d923db4481dec87acc0146f19a952a26ca42972 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 8 Oct 2025 04:20:52 +0000 Subject: [PATCH 10/37] build(deps): bump python in /Containers/talk-recording Bumps python from 3.13.7-alpine3.22 to 3.14.0-alpine3.22. --- updated-dependencies: - dependency-name: python dependency-version: 3.14.0-alpine3.22 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Containers/talk-recording/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/talk-recording/Dockerfile b/Containers/talk-recording/Dockerfile index 40b01470..b93e1338 100644 --- a/Containers/talk-recording/Dockerfile +++ b/Containers/talk-recording/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM python:3.13.7-alpine3.22 +FROM python:3.14.0-alpine3.22 COPY --chmod=775 start.sh /start.sh COPY --chmod=775 healthcheck.sh /healthcheck.sh From 436c6ff5b7f103c01dc58eb5161b6aa55b4fcf9f Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 11 Dec 2024 10:09:37 +0100 Subject: [PATCH 11/37] nextcloud: adjust max_input_time to -1 Signed-off-by: Simon L. --- Containers/nextcloud/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 0ae91b63..c5fd6ed6 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -132,7 +132,7 @@ RUN set -ex; \ echo 'upload_max_filesize=${PHP_UPLOAD_LIMIT}'; \ echo 'post_max_size=${PHP_UPLOAD_LIMIT}'; \ echo 'max_execution_time=${PHP_MAX_TIME}'; \ - echo 'max_input_time=${PHP_MAX_TIME}'; \ + echo 'max_input_time=-1'; \ echo 'default_socket_timeout=${PHP_MAX_TIME}'; \ } > /usr/local/etc/php/conf.d/nextcloud.ini; \ \ From 90d346ea650c7a5838328cacd96b1609a75199ca Mon Sep 17 00:00:00 2001 From: Josh Date: Wed, 8 Oct 2025 16:05:15 -0400 Subject: [PATCH 12/37] docs: Add README.md for Nextcloud container Added README.md for Nextcloud container. Signed-off-by: Josh --- Containers/nextcloud/README.md | 35 ++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 Containers/nextcloud/README.md diff --git a/Containers/nextcloud/README.md b/Containers/nextcloud/README.md new file mode 100644 index 00000000..b94a1b77 --- /dev/null +++ b/Containers/nextcloud/README.md @@ -0,0 +1,35 @@ +# Nextcloud All-in-One ``nextcloud`` Container + +This folder contains the OCI/Docker container definition, along with associated resources and configuration files, for building the `nextcloud` container as part of the [Nextcloud All-in-One](https://github.com/nextcloud/all-in-one) project. This container hosts PHP and the Nextcloud Server application. + +## Overview + +The Nextcloud container provides the core Nextcloud application environment, including the necessary dependencies and configuration for seamless integration into the All-in-One stack. The container hosts: + +- The PHP SAPI/backend (php-fpm) +- Nextcloud background jobs and scheduled tasks, which are handled via cron +- Miscellaneous minor support services specific to AIO's Nextcloud deployment (health and exec) + +## Contents + +- **Dockerfile**: Instructions for building the Nextcloud container image. +- **Entrypoint script**: The `start.sh` script is used for container initialization and runtime configuration before starting supervisord. +- **Nextcloud configuration files**: Specific to running in a containerized setting and/or within AIO. +- **Supervisor**: The `supervisord.conf` file defines the long-running services hosted within the container (php-fpm, cron, etc.). + +## Usage + +This container is intended to be used as part of the All-in-One deployment and is not meant to be used on its own. Among other requirements, it needs a web server container (which is provided by AIO in a dedicated Apache container). It is designed to be orchestrated by [the All-in-One mastercontainer](https://github.com/nextcloud/all-in-one/tree/main/Containers/mastercontainer). + +## Documentation + +- [Nextcloud All-in-One Documentation](https://github.com/nextcloud/all-in-one#readme) +- [Nextcloud Documentation](https://docs.nextcloud.com/) + +## Contributing + +Contributions are welcome! Please follow the Nextcloud project's guidelines and submit pull requests or issues via the main repository. + +## License + +This folder and its contents are licensed under the [GNU AGPLv3](https://www.gnu.org/licenses/agpl-3.0.html), in line with the rest of Nextcloud All-in-One. From 03413d944056b57362bb65a47d2d03d837d66893 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 Oct 2025 04:22:08 +0000 Subject: [PATCH 13/37] build(deps): bump alpine from 3.22.1 to 3.22.2 in /Containers/alpine Bumps alpine from 3.22.1 to 3.22.2. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.22.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/alpine/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/alpine/Dockerfile b/Containers/alpine/Dockerfile index 429485b3..25ac9671 100644 --- a/Containers/alpine/Dockerfile +++ b/Containers/alpine/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM alpine:3.22.1 +FROM alpine:3.22.2 RUN set -ex; \ apk upgrade --no-cache -a From a64237c9d649d6b7b83be4f3e09ba167d7a3036d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 Oct 2025 04:22:13 +0000 Subject: [PATCH 14/37] build(deps): bump alpine from 3.22.1 to 3.22.2 in /Containers/borgbackup Bumps alpine from 3.22.1 to 3.22.2. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.22.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/borgbackup/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/borgbackup/Dockerfile b/Containers/borgbackup/Dockerfile index 74d87f45..3d4ce1ce 100644 --- a/Containers/borgbackup/Dockerfile +++ b/Containers/borgbackup/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM alpine:3.22.1 +FROM alpine:3.22.2 RUN set -ex; \ \ From 8fb81686ba728893243b676f1b95dcdcda8a9917 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 Oct 2025 04:22:17 +0000 Subject: [PATCH 15/37] build(deps): bump alpine from 3.22.1 to 3.22.2 in /Containers/clamav Bumps alpine from 3.22.1 to 3.22.2. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.22.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/clamav/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/clamav/Dockerfile b/Containers/clamav/Dockerfile index 216ea1c9..db59f64a 100644 --- a/Containers/clamav/Dockerfile +++ b/Containers/clamav/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM alpine:3.22.1 +FROM alpine:3.22.2 RUN set -ex; \ apk upgrade --no-cache -a; \ From 494639990580bdcd4796df9fdbf28b70f0fb0006 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 Oct 2025 04:22:22 +0000 Subject: [PATCH 16/37] build(deps): bump alpine in /Containers/domaincheck Bumps alpine from 3.22.1 to 3.22.2. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.22.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/domaincheck/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/domaincheck/Dockerfile b/Containers/domaincheck/Dockerfile index 99ae1184..c4b340e2 100644 --- a/Containers/domaincheck/Dockerfile +++ b/Containers/domaincheck/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM alpine:3.22.1 +FROM alpine:3.22.2 RUN set -ex; \ apk upgrade --no-cache -a; \ apk add --no-cache bash lighttpd netcat-openbsd; \ From 5c59bee1eed80d9ef507e693784e22284616314b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 Oct 2025 04:22:25 +0000 Subject: [PATCH 17/37] build(deps): bump alpine from 3.22.1 to 3.22.2 in /Containers/imaginary Bumps alpine from 3.22.1 to 3.22.2. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.22.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/imaginary/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/imaginary/Dockerfile b/Containers/imaginary/Dockerfile index 1d673ecd..55503dcb 100644 --- a/Containers/imaginary/Dockerfile +++ b/Containers/imaginary/Dockerfile @@ -14,7 +14,7 @@ RUN set -ex; \ build-base; \ go install github.com/h2non/imaginary@"$IMAGINARY_HASH"; -FROM alpine:3.22.1 +FROM alpine:3.22.2 RUN set -ex; \ apk upgrade --no-cache -a; \ apk add --no-cache \ From 44659edf9c99fc01f921d851c2e1b99f38a36f2e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 Oct 2025 04:22:30 +0000 Subject: [PATCH 18/37] build(deps): bump docker in /Containers/mastercontainer Bumps docker from 28.5.0-cli to 28.5.1-cli. --- updated-dependencies: - dependency-name: docker dependency-version: 28.5.1-cli dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/mastercontainer/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile index 2532ec16..c1cbaa59 100644 --- a/Containers/mastercontainer/Dockerfile +++ b/Containers/mastercontainer/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Docker CLI is a requirement -FROM docker:28.5.0-cli AS docker +FROM docker:28.5.1-cli AS docker # Caddy is a requirement FROM caddy:2.10.2-alpine AS caddy From 9d76e6486e4bffdabb384c9c903ade7d000950ee Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 Oct 2025 04:22:55 +0000 Subject: [PATCH 19/37] build(deps): bump alpine in /Containers/notify-push Bumps alpine from 3.22.1 to 3.22.2. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.22.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/notify-push/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/notify-push/Dockerfile b/Containers/notify-push/Dockerfile index 8138582d..812ec840 100644 --- a/Containers/notify-push/Dockerfile +++ b/Containers/notify-push/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM alpine:3.22.1 +FROM alpine:3.22.2 COPY --chmod=775 start.sh /start.sh COPY --chmod=775 healthcheck.sh /healthcheck.sh From 8e8580122de67686a6fb74b67dd70c7776479f2b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 Oct 2025 04:23:03 +0000 Subject: [PATCH 20/37] build(deps): bump alpine from 3.22.1 to 3.22.2 in /Containers/talk Bumps alpine from 3.22.1 to 3.22.2. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.22.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/talk/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Containers/talk/Dockerfile b/Containers/talk/Dockerfile index 7067c72e..84109d3b 100644 --- a/Containers/talk/Dockerfile +++ b/Containers/talk/Dockerfile @@ -2,7 +2,7 @@ FROM nats:2.12.0-scratch AS nats FROM eturnal/eturnal:1.12.2-alpine AS eturnal FROM strukturag/nextcloud-spreed-signaling:2.0.4 AS signaling -FROM alpine:3.22.1 AS janus +FROM alpine:3.22.2 AS janus ARG JANUS_VERSION=v1.3.2 WORKDIR /src @@ -35,7 +35,7 @@ RUN set -ex; \ make configs; \ rename -v ".jcfg.sample" ".jcfg" /usr/local/etc/janus/*.jcfg.sample -FROM alpine:3.22.1 +FROM alpine:3.22.2 ENV ETURNAL_ETC_DIR="/conf" ENV SKIP_CERT_VERIFY=false COPY --from=janus --chmod=777 --chown=1000:1000 /usr/local /usr/local From 1f2e97a24634d857543cb84aea2fae240bee5f00 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 Oct 2025 04:23:13 +0000 Subject: [PATCH 21/37] build(deps): bump alpine from 3.22.1 to 3.22.2 in /Containers/watchtower Bumps alpine from 3.22.1 to 3.22.2. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.22.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/watchtower/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/watchtower/Dockerfile b/Containers/watchtower/Dockerfile index ec2c0d0a..c2b38b18 100644 --- a/Containers/watchtower/Dockerfile +++ b/Containers/watchtower/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:latest FROM ghcr.io/nicholas-fedor/watchtower:1.12.1 AS watchtower -FROM alpine:3.22.1 +FROM alpine:3.22.2 RUN set -ex; \ apk upgrade --no-cache -a; \ From 26bb93df914e70f83f8faa8b19f0bdf51293a980 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Fri, 10 Oct 2025 08:42:36 +0200 Subject: [PATCH 22/37] fix typo Signed-off-by: Simon L. --- readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/readme.md b/readme.md index 3d82e634..11df8a73 100644 --- a/readme.md +++ b/readme.md @@ -360,7 +360,7 @@ You can adjust the MTU size of the docker network by creating it beforehand with ``` docker network create --driver bridge --opt com.docker.network.driver.mtu=1440 nextcloud-aio ``` -When you open the AIO interface for the first time after you execute the `docker run` command, it will automatically connect to the `aio-nextcloud` network with the custom MTU. Keep in mind that if you previously started the mastercontainer without creating the network with the extra options, you will need to remove the old `aio-nextcloud` network and recreate it with the new configuration. +When you open the AIO interface for the first time after you execute the `docker run` command, it will automatically connect to the `nextcloud-aio` network with the custom MTU. Keep in mind that if you previously started the mastercontainer without creating the network with the extra options, you will need to remove the old `nextcloud-aio` network and recreate it with the new configuration. If you want to use docker compose, you can check out the comments in the `compose.yaml` file for more details. From 84288c4ac728795b4b949f64dc88fd17d3199c34 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Oct 2025 04:19:54 +0000 Subject: [PATCH 23/37] build(deps): bump nextcloud-releases/whiteboard Bumps nextcloud-releases/whiteboard from v1.2.1 to v1.3.0. --- updated-dependencies: - dependency-name: nextcloud-releases/whiteboard dependency-version: v1.3.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Containers/whiteboard/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/whiteboard/Dockerfile b/Containers/whiteboard/Dockerfile index 680a59d0..e60bb815 100644 --- a/Containers/whiteboard/Dockerfile +++ b/Containers/whiteboard/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Probably from this file: https://github.com/nextcloud/whiteboard/blob/main/Dockerfile -FROM ghcr.io/nextcloud-releases/whiteboard:v1.2.1 +FROM ghcr.io/nextcloud-releases/whiteboard:v1.3.0 USER root RUN set -ex; \ From e940d47079f0a25ee4045671e0f40cda3f60f392 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 14 Oct 2025 13:25:57 +0200 Subject: [PATCH 24/37] talk-recording: allow to use it on arm64 Signed-off-by: Simon L. --- Containers/talk-recording/start.sh | 2 ++ php/src/Data/ConfigurationManager.php | 5 ----- php/templates/includes/optional-containers.twig | 2 +- 3 files changed, 3 insertions(+), 6 deletions(-) diff --git a/Containers/talk-recording/start.sh b/Containers/talk-recording/start.sh index a03eed04..b49e5e9c 100644 --- a/Containers/talk-recording/start.sh +++ b/Containers/talk-recording/start.sh @@ -59,6 +59,8 @@ extensionvideo = .webm [recording] browser = firefox +driverPath = /usr/bin/geckodriver +browserPath = /usr/bin/firefox RECORDING_CONF exec "$@" diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index ceae13d0..1a2b4461 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -286,11 +286,6 @@ class ConfigurationManager $value = 0; } - // Currently only works on x64. See https://github.com/nextcloud/nextcloud-talk-recording/issues/17 - if (!$this->isx64Platform()) { - $value = 0; - } - $config = $this->GetConfig(); $config['isTalkRecordingEnabled'] = $value; $this->WriteConfig($config); diff --git a/php/templates/includes/optional-containers.twig b/php/templates/includes/optional-containers.twig index 572af5f1..6bea68db 100644 --- a/php/templates/includes/optional-containers.twig +++ b/php/templates/includes/optional-containers.twig @@ -96,7 +96,7 @@ data-initial-state="false" {% endif %} > - +

Date: Tue, 14 Oct 2025 12:16:14 +0000 Subject: [PATCH 25/37] build(deps): bump actions/setup-node from 5 to 6 in /.github/workflows Bumps [actions/setup-node](https://github.com/actions/setup-node) from 5 to 6. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/setup-node dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/playwright.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/playwright.yml b/.github/workflows/playwright.yml index d2bcad71..9de89243 100644 --- a/.github/workflows/playwright.yml +++ b/.github/workflows/playwright.yml @@ -15,7 +15,7 @@ jobs: steps: - uses: actions/checkout@v5 - - uses: actions/setup-node@v5 + - uses: actions/setup-node@v6 with: node-version: lts/* From 3fdd77e75d0a536e11cdb6b0c79c80cf50aadd05 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Wed, 15 Oct 2025 08:40:45 +0000 Subject: [PATCH 26/37] Helm Chart updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- nextcloud-aio-helm-chart/Chart.yaml | 2 +- .../templates/nextcloud-aio-apache-deployment.yaml | 2 +- .../templates/nextcloud-aio-clamav-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-collabora-deployment.yaml | 2 +- .../templates/nextcloud-aio-database-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-fulltextsearch-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-imaginary-deployment.yaml | 2 +- .../templates/nextcloud-aio-nextcloud-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-notify-push-deployment.yaml | 2 +- .../templates/nextcloud-aio-onlyoffice-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-redis-deployment.yaml | 2 +- .../templates/nextcloud-aio-talk-deployment.yaml | 2 +- .../templates/nextcloud-aio-talk-recording-deployment.yaml | 2 +- .../templates/nextcloud-aio-whiteboard-deployment.yaml | 2 +- 14 files changed, 19 insertions(+), 19 deletions(-) diff --git a/nextcloud-aio-helm-chart/Chart.yaml b/nextcloud-aio-helm-chart/Chart.yaml index 03627c26..6eb13d92 100755 --- a/nextcloud-aio-helm-chart/Chart.yaml +++ b/nextcloud-aio-helm-chart/Chart.yaml @@ -1,6 +1,6 @@ name: nextcloud-aio-helm-chart description: A generated Helm Chart for Nextcloud AIO from Skippbox Kompose -version: 11.9.0 +version: 11.10.0 apiVersion: v2 keywords: - latest diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml index 992e66de..4196cb99 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml @@ -61,7 +61,7 @@ spec: value: "{{ .Values.TIMEZONE }}" - name: WHITEBOARD_HOST value: nextcloud-aio-whiteboard - image: ghcr.io/nextcloud-releases/aio-apache:20250927_081431 + image: ghcr.io/nextcloud-releases/aio-apache:20251015_082711 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml index 2e9ccb95..9f8dda8d 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml @@ -36,7 +36,7 @@ spec: {{- end }} initContainers: - name: init-subpath - image: ghcr.io/nextcloud-releases/aio-alpine:20250927_081431 + image: ghcr.io/nextcloud-releases/aio-alpine:20251015_082711 command: - mkdir - "-p" @@ -59,7 +59,7 @@ spec: value: "{{ .Values.NEXTCLOUD_UPLOAD_LIMIT }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-clamav:20250927_081431 + image: ghcr.io/nextcloud-releases/aio-clamav:20251015_082711 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml index 07f09220..5db29234 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml @@ -35,7 +35,7 @@ spec: value: --o:ssl.enable=false --o:ssl.termination=true --o:mount_jail_tree=false --o:logging.level=warning --o:logging.level_startup=warning --o:home_mode.enable=true --o:remote_font_config.url=https://{{ .Values.NC_DOMAIN }}/apps/richdocuments/settings/fonts.json --o:net.post_allow.host[0]=.+ - name: server_name value: "{{ .Values.NC_DOMAIN }}" - image: ghcr.io/nextcloud-releases/aio-collabora:20250927_081431 + image: ghcr.io/nextcloud-releases/aio-collabora:20251015_082711 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml index abfa8b01..8466fe03 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml @@ -35,7 +35,7 @@ spec: {{- end }} initContainers: - name: init-subpath - image: ghcr.io/nextcloud-releases/aio-alpine:20250927_081431 + image: ghcr.io/nextcloud-releases/aio-alpine:20251015_082711 command: - mkdir - "-p" @@ -64,7 +64,7 @@ spec: value: nextcloud - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-postgresql:20250927_081431 + image: ghcr.io/nextcloud-releases/aio-postgresql:20251015_082711 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml index 9dcc9d63..5b9ef69f 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml @@ -24,7 +24,7 @@ spec: spec: initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20250927_081431 + image: ghcr.io/nextcloud-releases/aio-alpine:20251015_082711 command: - chmod - "777" @@ -54,7 +54,7 @@ spec: value: basic - name: xpack.security.enabled value: "false" - image: ghcr.io/nextcloud-releases/aio-fulltextsearch:20250927_081431 + image: ghcr.io/nextcloud-releases/aio-fulltextsearch:20251015_082711 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml index 5e54704c..84ea42e6 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml @@ -38,7 +38,7 @@ spec: value: "{{ .Values.IMAGINARY_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-imaginary:20250927_081431 + image: ghcr.io/nextcloud-releases/aio-imaginary:20251015_082711 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml index 1644464c..c6559fbd 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml @@ -38,7 +38,7 @@ spec: # AIO settings start # Do not remove or change this line! initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20250927_081431 + image: ghcr.io/nextcloud-releases/aio-alpine:20251015_082711 command: - chmod - "777" @@ -188,7 +188,7 @@ spec: value: "{{ .Values.WHITEBOARD_ENABLED }}" - name: WHITEBOARD_SECRET value: "{{ .Values.WHITEBOARD_SECRET }}" - image: ghcr.io/nextcloud-releases/aio-nextcloud:20250927_081431 + image: ghcr.io/nextcloud-releases/aio-nextcloud:20251015_082711 {{- if eq (.Values.RPSS_ENABLED | default "no") "yes" }} # AIO-config - do not change this comment! securityContext: # The items below only work in container context diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml index 799e4390..dac83c98 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml @@ -55,7 +55,7 @@ spec: value: "{{ .Values.REDIS_PASSWORD }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-notify-push:20250927_081431 + image: ghcr.io/nextcloud-releases/aio-notify-push:20251015_082711 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml index 820e6842..98f75058 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml @@ -24,7 +24,7 @@ spec: spec: initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20250927_081431 + image: ghcr.io/nextcloud-releases/aio-alpine:20251015_082711 command: - chmod - "777" @@ -42,7 +42,7 @@ spec: value: "{{ .Values.ONLYOFFICE_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-onlyoffice:20250927_081431 + image: ghcr.io/nextcloud-releases/aio-onlyoffice:20251015_082711 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml index 015da80f..61938748 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml @@ -39,7 +39,7 @@ spec: value: "{{ .Values.REDIS_PASSWORD }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-redis:20250927_081431 + image: ghcr.io/nextcloud-releases/aio-redis:20251015_082711 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml index bb6f2a1c..aa078677 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml @@ -52,7 +52,7 @@ spec: value: "{{ .Values.TURN_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-talk:20250927_081431 + image: ghcr.io/nextcloud-releases/aio-talk:20251015_082711 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml index d59c60c0..27a50beb 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml @@ -44,7 +44,7 @@ spec: value: "{{ .Values.RECORDING_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-talk-recording:20250927_081431 + image: ghcr.io/nextcloud-releases/aio-talk-recording:20251015_082711 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml index 804c5d2d..08d3fcca 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml @@ -48,7 +48,7 @@ spec: value: redis - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-whiteboard:20250927_081431 + image: ghcr.io/nextcloud-releases/aio-whiteboard:20251015_082711 readinessProbe: exec: command: From b55b4aac1cde4a254c9a89fdb624c2144a461a29 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Wed, 15 Oct 2025 12:03:37 +0000 Subject: [PATCH 27/37] php dependency updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- php/composer.lock | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/php/composer.lock b/php/composer.lock index bb81d695..4809bae8 100644 --- a/php/composer.lock +++ b/php/composer.lock @@ -391,16 +391,16 @@ }, { "name": "laravel/serializable-closure", - "version": "v2.0.5", + "version": "v2.0.6", "source": { "type": "git", "url": "https://github.com/laravel/serializable-closure.git", - "reference": "3832547db6e0e2f8bb03d4093857b378c66eceed" + "reference": "038ce42edee619599a1debb7e81d7b3759492819" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/laravel/serializable-closure/zipball/3832547db6e0e2f8bb03d4093857b378c66eceed", - "reference": "3832547db6e0e2f8bb03d4093857b378c66eceed", + "url": "https://api.github.com/repos/laravel/serializable-closure/zipball/038ce42edee619599a1debb7e81d7b3759492819", + "reference": "038ce42edee619599a1debb7e81d7b3759492819", "shasum": "" }, "require": { @@ -448,7 +448,7 @@ "issues": "https://github.com/laravel/serializable-closure/issues", "source": "https://github.com/laravel/serializable-closure" }, - "time": "2025-09-22T17:29:40+00:00" + "time": "2025-10-09T13:42:30+00:00" }, { "name": "nikic/fast-route", From 12c9b6807142dd0b5e2ab763ce13d57efb31df39 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Wed, 15 Oct 2025 12:05:06 +0000 Subject: [PATCH 28/37] talk-update automated change Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- Containers/talk-recording/Dockerfile | 2 +- Containers/talk-recording/recording.conf | 48 +++++++++++++++++++++++- 2 files changed, 48 insertions(+), 2 deletions(-) diff --git a/Containers/talk-recording/Dockerfile b/Containers/talk-recording/Dockerfile index b93e1338..83b7859b 100644 --- a/Containers/talk-recording/Dockerfile +++ b/Containers/talk-recording/Dockerfile @@ -4,7 +4,7 @@ FROM python:3.14.0-alpine3.22 COPY --chmod=775 start.sh /start.sh COPY --chmod=775 healthcheck.sh /healthcheck.sh -ENV RECORDING_VERSION=v0.1 +ENV RECORDING_VERSION=v0.2.0 ENV ALLOW_ALL=false ENV HPB_PROTOCOL=https ENV NC_PROTOCOL=https diff --git a/Containers/talk-recording/recording.conf b/Containers/talk-recording/recording.conf index 99515528..cc8bd495 100644 --- a/Containers/talk-recording/recording.conf +++ b/Containers/talk-recording/recording.conf @@ -1,3 +1,5 @@ +# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: AGPL-3.0-or-later [logs] # Log level based on numeric values of Python logging levels: # - Critical: 50 @@ -12,6 +14,11 @@ # IP and port to listen on for HTTP requests. #listen = 127.0.0.1:8000 +[app] +# Comma separated list of trusted proxies (IPs or CIDR networks) that may set +# the "X-Forwarded-For" header. +#trustedproxies = + [backend] # Allow any hostname as backend endpoint. This is extremely insecure and should # only be used during development. @@ -100,6 +107,18 @@ # ffmpeg. The options given here fully override the default global options. #common = ffmpeg -loglevel level+warning -n +# The (additional) options given to ffmpeg for the audio input. The options +# given here extend the default options for the audio input, although they do +# not override them. +# Default options: '-f pulse -i {AUDIO_SOURCE}' +#inputaudio = + +# The (additional) options given to ffmpeg for the video input. The options +# given here extend the default options for the video input, although they do +# not override them. +# Default options: '-f x11grab -draw_mouse 0 -video_size {WIDTH}x{HEIGHT} -i {VIDEO_SOURCE}' +#inputvideo = + # The options given to ffmpeg to encode the audio output. The options given here # fully override the default options for the audio output. #outputaudio = -c:a libopus @@ -120,4 +139,31 @@ # will use Google Chrome, or Chromium if Google Chrome is not installed. # Allowed values: firefox, chrome # Defaults to firefox -# browser = firefox +#browser = firefox + +# Path to the Selenium driver to use for recordings. +# If set the driver must match the browser being used (for example, +# "/usr/bin/geckodriver" for "firefox"). If no driver is explicitly set Selenium +# Manager will try to find the right one in $PATH, downloading it as a fallback. +# Note that Selenium Manager does not work in some architectures (for example, +# Linux on arm64/aarch64), so in those architectures the driver must be +# explicitly set. +#driverPath = + +# Path to the browser executable to use for recordings. +# If set the executable must match the browser being used (for example, +# "/usr/bin/firefox-esr" for "firefox"). If no executable is explicitly set +# Selenium Manager will try to find the right one in $PATH. Depending on the +# installed Selenium version if the executable is not found Selenium Manager may +# also download the browser as a fallback. +# Note that Selenium Manager does not work in some architectures (for example, +# Linux on arm64/aarch64); in those architectures the Selenium driver will try +# to find the executable, but the executable may need to be explicitly set if +# not found by the driver. +#browserPath = + +[stats] +# Comma-separated list of IP addresses (or CIDR networks) that are allowed to +# access the stats endpoint. +# Leave commented to only allow access from "127.0.0.1". +#allowed_ips = From c8b8740980690283c823d8a6c3d52154a39e76f0 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Wed, 15 Oct 2025 12:14:36 +0000 Subject: [PATCH 29/37] nextcloud-update automated change Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- Containers/nextcloud/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 0ae91b63..9c940846 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -84,7 +84,7 @@ RUN set -ex; \ # pecl will claim success even if one install fails, so we need to perform each install separately pecl install -o igbinary-3.2.16; \ pecl install APCu-5.1.27; \ - pecl install -D 'enable-memcached-igbinary="yes"' memcached-3.3.0; \ + pecl install -D 'enable-memcached-igbinary="yes"' memcached-3.4.0; \ pecl install -oD 'enable-redis-igbinary="yes" enable-redis-zstd="yes" enable-redis-lz4="yes"' redis-6.2.0; \ pecl install -o imagick-3.8.0; \ \ From 97af7b63e29c152e6823cf4b7e20a2d7b17e4a5f Mon Sep 17 00:00:00 2001 From: jameskimmel <17176225+jameskimmel@users.noreply.github.com> Date: Tue, 7 Oct 2025 16:11:44 +0200 Subject: [PATCH 30/37] rp-docs: add link for nginx-proxy Signed-off-by: jameskimmel <17176225+jameskimmel@users.noreply.github.com> Co-Authored-By: Simon L. --- reverse-proxy.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/reverse-proxy.md b/reverse-proxy.md index 6efe9026..4d6cc2fa 100644 --- a/reverse-proxy.md +++ b/reverse-proxy.md @@ -538,13 +538,15 @@ Also change `@` to a mail address of yours.

-### nginx-proxy (Github Repo) +### Nginx-Proxy
click here to expand -Unfortunately, it is not possible to configure nginx-proxy in a way that works because it completely relies on environmental variables of the docker containers itself. Providing these variables does not work as stated above. +This section refers to the dedicated project named `nginx-proxy`. See its [GitHub repo](https://github.com/nginx-proxy/nginx-proxy). If you should be looking for Nginx, see the `Nginx, Freenginx, Openresty, Angie` section in this docu. + +Unfortunately, it is not possible to configure `nginx-proxy` in a way that works because it completely relies on environmental variables of the docker containers itself. Providing these variables does not work as stated above. If you really want to use AIO, we recommend you to switch to caddy. It is simply amazing!
From 6bdd7bafdf927ecddf085b352ee0bcb682ffc208 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 16 Oct 2025 04:22:10 +0000 Subject: [PATCH 31/37] build(deps): bump golang in /Containers/imaginary Bumps golang from 1.25.2-alpine3.22 to 1.25.3-alpine3.22. --- updated-dependencies: - dependency-name: golang dependency-version: 1.25.3-alpine3.22 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/imaginary/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/imaginary/Dockerfile b/Containers/imaginary/Dockerfile index 55503dcb..47eccfad 100644 --- a/Containers/imaginary/Dockerfile +++ b/Containers/imaginary/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM golang:1.25.2-alpine3.22 AS go +FROM golang:1.25.3-alpine3.22 AS go ENV IMAGINARY_HASH=1d4e251cfcd58ea66f8361f8721d7b8cc85002a3 From a4320317d5eb26bdcd2e328876c49589cf1363e7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 16 Oct 2025 04:22:53 +0000 Subject: [PATCH 32/37] build(deps): bump nats in /Containers/talk Bumps nats from 2.12.0-scratch to 2.12.1-scratch. --- updated-dependencies: - dependency-name: nats dependency-version: 2.12.1-scratch dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/talk/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/talk/Dockerfile b/Containers/talk/Dockerfile index 84109d3b..37ece0f4 100644 --- a/Containers/talk/Dockerfile +++ b/Containers/talk/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM nats:2.12.0-scratch AS nats +FROM nats:2.12.1-scratch AS nats FROM eturnal/eturnal:1.12.2-alpine AS eturnal FROM strukturag/nextcloud-spreed-signaling:2.0.4 AS signaling FROM alpine:3.22.2 AS janus From 26e2b631102af22fa18caa1ac27c23117ffb2f96 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Thu, 16 Oct 2025 09:00:50 +0200 Subject: [PATCH 33/37] update OO Signed-off-by: Simon L. --- Containers/onlyoffice/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/onlyoffice/Dockerfile b/Containers/onlyoffice/Dockerfile index 42c72e5f..be1d580f 100644 --- a/Containers/onlyoffice/Dockerfile +++ b/Containers/onlyoffice/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # From https://github.com/ONLYOFFICE/Docker-DocumentServer/blob/master/Dockerfile -FROM onlyoffice/documentserver:9.0.4.1 +FROM onlyoffice/documentserver:9.1.0.1 # USER root is probably used From 8ed64db45c5395739ab91339960f332025725628 Mon Sep 17 00:00:00 2001 From: Josh Date: Thu, 16 Oct 2025 10:58:21 -0400 Subject: [PATCH 34/37] fix: add manual install and Helm chart usage context Signed-off-by: Josh --- Containers/nextcloud/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/nextcloud/README.md b/Containers/nextcloud/README.md index b94a1b77..574afd03 100644 --- a/Containers/nextcloud/README.md +++ b/Containers/nextcloud/README.md @@ -19,7 +19,7 @@ The Nextcloud container provides the core Nextcloud application environment, inc ## Usage -This container is intended to be used as part of the All-in-One deployment and is not meant to be used on its own. Among other requirements, it needs a web server container (which is provided by AIO in a dedicated Apache container). It is designed to be orchestrated by [the All-in-One mastercontainer](https://github.com/nextcloud/all-in-one/tree/main/Containers/mastercontainer). +This container is intended to be used as part of the All-in-One deployment and is not meant to be used on its own. Among other requirements, it needs a web server container (which AIO provides in a dedicated Apache container). It is designed to be orchestrated by the [All-in-One mastercontainer](https://github.com/nextcloud/all-in-one/tree/main/Containers/mastercontainer) or used within an [AIO Manual Installation](https://github.com/nextcloud/all-in-one/tree/main/manual-install) or [AIO Helm chart](https://github.com/nextcloud/all-in-one/tree/main/nextcloud-aio-helm-chart). ## Documentation From f996afdb4aed741e6e489252ab68cab8a6ba59fd Mon Sep 17 00:00:00 2001 From: Zoey Date: Thu, 16 Oct 2025 21:09:58 +0200 Subject: [PATCH 35/37] mastercontainer: bind 8000 only to 127.0.0.1 In my test it worked Signed-off-by: Zoey --- Containers/mastercontainer/mastercontainer.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Containers/mastercontainer/mastercontainer.conf b/Containers/mastercontainer/mastercontainer.conf index 6a7d37dd..4effec19 100644 --- a/Containers/mastercontainer/mastercontainer.conf +++ b/Containers/mastercontainer/mastercontainer.conf @@ -1,5 +1,5 @@ -Listen 8000 -Listen 8080 +Listen 127.0.0.1:8000 +Listen 8080 https # Deny access to .ht files From 6624330ce505b025b990d74dcdec133bcf32ff44 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 17 Oct 2025 04:21:14 +0000 Subject: [PATCH 36/37] build(deps): bump collabora/code in /Containers/collabora Bumps collabora/code from 25.04.6.1.1 to 25.04.6.2.1. --- updated-dependencies: - dependency-name: collabora/code dependency-version: 25.04.6.2.1 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Containers/collabora/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/collabora/Dockerfile b/Containers/collabora/Dockerfile index 593c5323..347ae83f 100644 --- a/Containers/collabora/Dockerfile +++ b/Containers/collabora/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # From a file located probably somewhere here: https://github.com/CollaboraOnline/online/blob/master/docker/from-packages/Dockerfile -FROM collabora/code:25.04.6.1.1 +FROM collabora/code:25.04.6.2.1 USER root ARG DEBIAN_FRONTEND=noninteractive From 2794fb3a7e3c24e781ed57e82db73b0e21b629dc Mon Sep 17 00:00:00 2001 From: Zoey Date: Fri, 17 Oct 2025 07:40:54 +0200 Subject: [PATCH 37/37] apply suggestion Signed-off-by: Zoey --- Containers/mastercontainer/mastercontainer.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Containers/mastercontainer/mastercontainer.conf b/Containers/mastercontainer/mastercontainer.conf index 4effec19..7d294694 100644 --- a/Containers/mastercontainer/mastercontainer.conf +++ b/Containers/mastercontainer/mastercontainer.conf @@ -7,8 +7,8 @@ Listen 8080 https # Http host - - ServerName localhost + + ServerName 127.0.0.1 # Add error log CustomLog /proc/self/fd/1 proxy