diff --git a/php/containers-schema.json b/php/containers-schema.json
index 40dcc16d..538593fd 100644
--- a/php/containers-schema.json
+++ b/php/containers-schema.json
@@ -21,6 +21,12 @@
 							"type": "string"
 						}
 					},
+					"cap_add": {
+						"type": "array",
+						"items": {
+							"type": "string"
+						}
+					},
 					"depends_on": {
 						"type": "array",
 						"items": {
diff --git a/php/containers.json b/php/containers.json
index a0294656..d75d59c9 100644
--- a/php/containers.json
+++ b/php/containers.json
@@ -318,6 +318,9 @@
       ],
       "devices": [
         "/dev/fuse"
+      ],
+      "cap_add": [
+        "SYS_ADMIN"
       ]
     },
     {
@@ -411,7 +414,10 @@
       "environment": [
         "TZ=%TIMEZONE%"
       ],
-      "restart": "unless-stopped"
+      "restart": "unless-stopped",
+      "cap_add": [
+        "SYS_NICE"
+      ]
     },
     {
       "container_name": "nextcloud-aio-fulltextsearch",
diff --git a/php/src/Container/Container.php b/php/src/Container/Container.php
index c7ff5cf7..e30e8674 100644
--- a/php/src/Container/Container.php
+++ b/php/src/Container/Container.php
@@ -23,6 +23,8 @@ class Container {
     private array $secrets;
     /** @var string[] */
     private array $devices;
+    /** @var string[] */
+    private array $capAdd;
     private DockerActionManager $dockerActionManager;
 
     public function __construct(
@@ -38,6 +40,7 @@ class Container {
         array $dependsOn,
         array $secrets,
         array $devices,
+        array $capAdd,
         DockerActionManager $dockerActionManager
     ) {
         $this->identifier = $identifier;
@@ -52,6 +55,7 @@ class Container {
         $this->dependsOn = $dependsOn;
         $this->secrets = $secrets;
         $this->devices = $devices;
+        $this->capAdd = $capAdd;
         $this->dockerActionManager = $dockerActionManager;
     }
 
@@ -83,6 +87,10 @@ class Container {
         return $this->devices;
     }
 
+    public function GetCapAdds() : array {
+        return $this->capAdd;
+    }
+
     public function GetPorts() : ContainerPorts {
         return $this->ports;
     }
diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php
index 4789bbfa..b903169e 100644
--- a/php/src/ContainerDefinitionFetcher.php
+++ b/php/src/ContainerDefinitionFetcher.php
@@ -213,6 +213,11 @@ class ContainerDefinitionFetcher
                 $devices = $entry['devices'];
             }
 
+            $capAdd = [];
+            if (isset($entry['cap_add'])) {
+                $capAdd = $entry['cap_add'];
+            }
+
             $containers[] = new Container(
                 $entry['container_name'],
                 $displayName,
@@ -226,6 +231,7 @@ class ContainerDefinitionFetcher
                 $dependsOn,
                 $secrets,
                 $devices,
+                $capAdd,
                 $this->container->get(DockerActionManager::class)
             );
         }
diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php
index b22ca032..3e5f7def 100644
--- a/php/src/Docker/DockerActionManager.php
+++ b/php/src/Docker/DockerActionManager.php
@@ -411,9 +411,13 @@ class DockerActionManager
             $requestBody['HostConfig']['Devices'] = $devices;
         }
 
+        $capAdds = $container->GetCapAdds();
+        if (count($capAdds) > 0) {
+            $requestBody['HostConfig']['CapAdd'] = $capAdds;
+        }
+
         // Special things for the backup container which should not be exposed in the containers.json
         if ($container->GetIdentifier() === 'nextcloud-aio-borgbackup') {
-            $requestBody['HostConfig']['CapAdd'] = ["SYS_ADMIN"];
             $requestBody['HostConfig']['SecurityOpt'] = ["apparmor:unconfined"];
             
             // Additional backup directories