From 28f7d3571ca69fb408fe1f8f173b1d3ac0c8f9a6 Mon Sep 17 00:00:00 2001 From: "Ruben D." Date: Tue, 14 Oct 2025 20:59:42 +0200 Subject: [PATCH 001/432] Add clamav milter packaged, configure it and use supervisord to start it up. TODO: start milter only if community container stalwart is used. Signed-off-by: Ruben D. --- Containers/clamav/Dockerfile | 8 ++++++-- Containers/clamav/start.sh | 1 + Containers/clamav/supervisord.conf | 7 +++++++ 3 files changed, 14 insertions(+), 2 deletions(-) diff --git a/Containers/clamav/Dockerfile b/Containers/clamav/Dockerfile index 216ea1c9..9330c57f 100644 --- a/Containers/clamav/Dockerfile +++ b/Containers/clamav/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.22.1 RUN set -ex; \ apk upgrade --no-cache -a; \ - apk add --no-cache tzdata clamav supervisor bash; \ + apk add --no-cache tzdata clamav clamav-milter supervisor bash; \ mkdir -p /var/lib/clamav /run/clamav /var/log/supervisord /var/run/supervisord; \ chmod 777 -R /run/clamav /var/log/clamav /var/log/supervisord /var/run/supervisord; \ chown -R 100:100 /var/lib/clamav; \ @@ -12,7 +12,11 @@ RUN set -ex; \ sed -i "s|#\?PCREMaxFileSize.*|PCREMaxFileSize aio-placeholder|g" /etc/clamav/clamd.conf; \ sed -i "s|#\?StreamMaxLength.*|StreamMaxLength aio-placeholder|g" /etc/clamav/clamd.conf; \ sed -i "s|#\?TCPSocket|TCPSocket|g" /etc/clamav/clamd.conf; \ - sed -i "s|^LocalSocket .*|LocalSocket /tmp/clamd.sock|g" /etc/clamav/clamd.conf + sed -i "s|^LocalSocket .*|LocalSocket /tmp/clamd.sock|g" /etc/clamav/clamd.conf; \ + sed -i "s|Example| |g" /etc/clamav/clamav-milter.conf; \ + sed -i "s|#\?MilterSocket inet:7357|MilterSocket inet:7357|g" /etc/clamav/clamav-milter.conf; \ + sed -i "s|#\?ClamdSocket unix:/run/clamav/clamd.sock|ClamdSocket unix:/tmp/clamd.sock|g" /etc/clamav/clamav-milter.conf; \ + sed -i "s|#\?AddHeader Replace|AddHeader Add|g" /etc/clamav/clamav-milter.conf COPY --chmod=775 start.sh /start.sh COPY --chmod=775 healthcheck.sh /healthcheck.sh diff --git a/Containers/clamav/start.sh b/Containers/clamav/start.sh index bda4add5..2c56db49 100644 --- a/Containers/clamav/start.sh +++ b/Containers/clamav/start.sh @@ -1,6 +1,7 @@ #!/bin/bash sed "s|aio-placeholder|$MAX_SIZE|" /etc/clamav/clamd.conf > /tmp/clamd.conf +cp /etc/clamav/clamav-milter.conf /tmp/clamv-milter-conf # Print out clamav version for compliance reasons clamscan --version diff --git a/Containers/clamav/supervisord.conf b/Containers/clamav/supervisord.conf index 8f53856a..283833b8 100644 --- a/Containers/clamav/supervisord.conf +++ b/Containers/clamav/supervisord.conf @@ -21,3 +21,10 @@ stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 command=clamd --foreground --config-file=/tmp/clamd.conf + +[program:milter] +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 +command=clamav-milter --foreground --config-file=/tmp/clamv-milter-conf \ No newline at end of file From 2d86c0d788461fd0adf52af8c6e15e1bfc9c19f8 Mon Sep 17 00:00:00 2001 From: "Ruben D." Date: Tue, 14 Oct 2025 21:10:48 +0200 Subject: [PATCH 002/432] Remove copying and omit checks for stalwart Signed-off-by: Ruben D. --- Containers/clamav/start.sh | 1 - Containers/clamav/supervisord.conf | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/Containers/clamav/start.sh b/Containers/clamav/start.sh index 2c56db49..bda4add5 100644 --- a/Containers/clamav/start.sh +++ b/Containers/clamav/start.sh @@ -1,7 +1,6 @@ #!/bin/bash sed "s|aio-placeholder|$MAX_SIZE|" /etc/clamav/clamd.conf > /tmp/clamd.conf -cp /etc/clamav/clamav-milter.conf /tmp/clamv-milter-conf # Print out clamav version for compliance reasons clamscan --version diff --git a/Containers/clamav/supervisord.conf b/Containers/clamav/supervisord.conf index 283833b8..7aad65ed 100644 --- a/Containers/clamav/supervisord.conf +++ b/Containers/clamav/supervisord.conf @@ -27,4 +27,4 @@ stdout_logfile=/dev/stdout stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 -command=clamav-milter --foreground --config-file=/tmp/clamv-milter-conf \ No newline at end of file +command=clamav-milter --foreground --config-file=/etc/clamav/clamav-milter.conf \ No newline at end of file From 3a4dfaa4b69ca5d56dccf15c17c25db7d6a5c002 Mon Sep 17 00:00:00 2001 From: "Ruben D." Date: Thu, 16 Oct 2025 19:31:16 +0200 Subject: [PATCH 003/432] Change --foreground option from supervisord to milter configuration file Signed-off-by: Ruben D. --- Containers/clamav/Dockerfile | 3 ++- Containers/clamav/supervisord.conf | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Containers/clamav/Dockerfile b/Containers/clamav/Dockerfile index 9330c57f..35c81710 100644 --- a/Containers/clamav/Dockerfile +++ b/Containers/clamav/Dockerfile @@ -16,7 +16,8 @@ RUN set -ex; \ sed -i "s|Example| |g" /etc/clamav/clamav-milter.conf; \ sed -i "s|#\?MilterSocket inet:7357|MilterSocket inet:7357|g" /etc/clamav/clamav-milter.conf; \ sed -i "s|#\?ClamdSocket unix:/run/clamav/clamd.sock|ClamdSocket unix:/tmp/clamd.sock|g" /etc/clamav/clamav-milter.conf; \ - sed -i "s|#\?AddHeader Replace|AddHeader Add|g" /etc/clamav/clamav-milter.conf + sed -i "s|#\?AddHeader Replace|AddHeader Add|g" /etc/clamav/clamav-milter.conf; \ + sed -i "s|#\?Foreground yes|Foreground yes|g" /etc/clamav/clamav-milter.conf COPY --chmod=775 start.sh /start.sh COPY --chmod=775 healthcheck.sh /healthcheck.sh diff --git a/Containers/clamav/supervisord.conf b/Containers/clamav/supervisord.conf index 7aad65ed..e1216df5 100644 --- a/Containers/clamav/supervisord.conf +++ b/Containers/clamav/supervisord.conf @@ -27,4 +27,4 @@ stdout_logfile=/dev/stdout stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 -command=clamav-milter --foreground --config-file=/etc/clamav/clamav-milter.conf \ No newline at end of file +command=clamav-milter --config-file=/etc/clamav/clamav-milter.conf \ No newline at end of file From 8d67d300d380da915cf0a64de5ee4bcce23f4611 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Fri, 17 Oct 2025 12:21:33 +0200 Subject: [PATCH 004/432] nextcloud-entrypoint: set max av size back to unlimited by default Signed-off-by: Simon L. --- Containers/clamav/Dockerfile | 3 ++- Containers/nextcloud/entrypoint.sh | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Containers/clamav/Dockerfile b/Containers/clamav/Dockerfile index db59f64a..6e23851f 100644 --- a/Containers/clamav/Dockerfile +++ b/Containers/clamav/Dockerfile @@ -8,8 +8,9 @@ RUN set -ex; \ chmod 777 -R /run/clamav /var/log/clamav /var/log/supervisord /var/run/supervisord; \ chown -R 100:100 /var/lib/clamav; \ sed -i "s|#\?MaxDirectoryRecursion.*|MaxDirectoryRecursion 30|g" /etc/clamav/clamd.conf; \ + sed -i "s|#\?MaxScanSize.*|MaxScanSize 2G|g" /etc/clamav/clamd.conf; \ sed -i "s|#\?MaxFileSize.*|MaxFileSize 2G|g" /etc/clamav/clamd.conf; \ - sed -i "s|#\?PCREMaxFileSize.*|PCREMaxFileSize aio-placeholder|g" /etc/clamav/clamd.conf; \ + sed -i "s|#\?PCREMaxFileSize.*|PCREMaxFileSize 0|g" /etc/clamav/clamd.conf; \ sed -i "s|#\?StreamMaxLength.*|StreamMaxLength aio-placeholder|g" /etc/clamav/clamd.conf; \ sed -i "s|#\?TCPSocket|TCPSocket|g" /etc/clamav/clamd.conf; \ sed -i "s|^LocalSocket .*|LocalSocket /tmp/clamd.sock|g" /etc/clamav/clamd.conf diff --git a/Containers/nextcloud/entrypoint.sh b/Containers/nextcloud/entrypoint.sh index fd8e6136..89d99d29 100644 --- a/Containers/nextcloud/entrypoint.sh +++ b/Containers/nextcloud/entrypoint.sh @@ -881,7 +881,7 @@ if [ "$CLAMAV_ENABLED" = 'yes' ]; then php /var/www/html/occ config:app:set files_antivirus av_port --value="3310" php /var/www/html/occ config:app:set files_antivirus av_host --value="$CLAMAV_HOST" php /var/www/html/occ config:app:set files_antivirus av_stream_max_length --value="$CLAMAV_MAX_SIZE" - php /var/www/html/occ config:app:set files_antivirus av_max_file_size --value="$CLAMAV_MAX_SIZE" + php /var/www/html/occ config:app:set files_antivirus av_max_file_size --value="-1" php /var/www/html/occ config:app:set files_antivirus av_infected_action --value="only_log" if [ -n "$CLAMAV_BLOCKLISTED_DIRECTORIES" ]; then php /var/www/html/occ config:app:set files_antivirus av_blocklisted_directories --value="$CLAMAV_BLOCKLISTED_DIRECTORIES" From 91ade7ed94fe576f17d6dc29f6aa86a766abb3da Mon Sep 17 00:00:00 2001 From: Zoey Date: Fri, 17 Oct 2025 20:26:22 +0200 Subject: [PATCH 005/432] remove libreoffice see https://github.com/nextcloud/all-in-one/discussions/6997#discussioncomment-14712015 Signed-off-by: Zoey --- Containers/nextcloud/Dockerfile | 1 - 1 file changed, 1 deletion(-) diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 4eae8029..ae54df35 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -230,7 +230,6 @@ RUN set -ex; \ sudo \ grep \ nodejs \ - libreoffice \ bind-tools \ imagemagick \ imagemagick-svg \ From a176ecdd9f10c403038ccbcc9e2b8b58718572c1 Mon Sep 17 00:00:00 2001 From: Zoey Date: Fri, 17 Oct 2025 20:30:05 +0200 Subject: [PATCH 006/432] remove librewolf from readme Signed-off-by: Zoey --- readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/readme.md b/readme.md index 11df8a73..3150c6a2 100644 --- a/readme.md +++ b/readme.md @@ -46,7 +46,7 @@ Included are: - By default confined (good for security) but can [allow access to additional storages](https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host) in order to enable the usage of the local external storage feature - Possibility included to [adjust default installed Nextcloud apps](https://github.com/nextcloud/all-in-one#how-to-change-the-nextcloud-apps-that-are-installed-on-the-first-startup) - Nextcloud installation is not read only - that means you can apply patches if you should need them (instead of having to wait for the next release for them getting applied) -- `ffmpeg`, `smbclient`, `libreoffice` and `nodejs` are included by default +- `ffmpeg`, `smbclient` and `nodejs` are included by default - Possibility included to [permanently add additional OS packages into the Nextcloud container](https://github.com/nextcloud/all-in-one#how-to-change-the-nextcloud-apps-that-are-installed-on-the-first-startup) without having to build your own Docker image - Possibility included to [permanently add additional PHP extensions into the Nextcloud container](https://github.com/nextcloud/all-in-one#how-to-add-php-extensions-permanently-to-the-nextcloud-container) without having to build your own Docker image - Possibility included to [pass the needed device for hardware transcoding](https://github.com/nextcloud/all-in-one#how-to-enable-hardware-acceleration-for-nextcloud) to the Nextcloud container From 4690c8a4df6020114a36b17497d077c141f596ff Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 Oct 2025 19:04:20 +0000 Subject: [PATCH 007/432] build(deps): bump playwright and @playwright/test in /php/tests Bumps [playwright](https://github.com/microsoft/playwright) to 1.56.1 and updates ancestor dependency [@playwright/test](https://github.com/microsoft/playwright). These dependencies need to be updated together. Updates `playwright` from 1.51.1 to 1.56.1 - [Release notes](https://github.com/microsoft/playwright/releases) - [Commits](https://github.com/microsoft/playwright/compare/v1.51.1...v1.56.1) Updates `@playwright/test` from 1.51.1 to 1.56.1 - [Release notes](https://github.com/microsoft/playwright/releases) - [Commits](https://github.com/microsoft/playwright/compare/v1.51.1...v1.56.1) --- updated-dependencies: - dependency-name: playwright dependency-version: 1.56.1 dependency-type: indirect - dependency-name: "@playwright/test" dependency-version: 1.56.1 dependency-type: direct:development ... Signed-off-by: dependabot[bot] --- php/tests/package-lock.json | 44 +++++++++++-------------------------- php/tests/package.json | 2 +- 2 files changed, 14 insertions(+), 32 deletions(-) diff --git a/php/tests/package-lock.json b/php/tests/package-lock.json index ea2b4296..7d7d3383 100644 --- a/php/tests/package-lock.json +++ b/php/tests/package-lock.json @@ -7,20 +7,19 @@ "": { "name": "e2e", "version": "1.0.0", - "license": "ISC", + "license": "AGPL-3.0-or-later", "devDependencies": { - "@playwright/test": "^1.51.1", - "@types/node": "^22.13.10" + "@playwright/test": "^1.56.1" } }, "node_modules/@playwright/test": { - "version": "1.51.1", - "resolved": "https://registry.npmjs.org/@playwright/test/-/test-1.51.1.tgz", - "integrity": "sha512-nM+kEaTSAoVlXmMPH10017vn3FSiFqr/bh4fKg9vmAdMfd9SDqRZNvPSiAHADc/itWak+qPvMPZQOPwCBW7k7Q==", + "version": "1.56.1", + "resolved": "https://registry.npmjs.org/@playwright/test/-/test-1.56.1.tgz", + "integrity": "sha512-vSMYtL/zOcFpvJCW71Q/OEGQb7KYBPAdKh35WNSkaZA75JlAO8ED8UN6GUNTm3drWomcbcqRPFqQbLae8yBTdg==", "dev": true, "license": "Apache-2.0", "dependencies": { - "playwright": "1.51.1" + "playwright": "1.56.1" }, "bin": { "playwright": "cli.js" @@ -29,16 +28,6 @@ "node": ">=18" } }, - "node_modules/@types/node": { - "version": "22.13.10", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.13.10.tgz", - "integrity": "sha512-I6LPUvlRH+O6VRUqYOcMudhaIdUVWfsjnZavnsraHvpBwaEyMN29ry+0UVJhImYL16xsscu0aske3yA+uPOWfw==", - "dev": true, - "license": "MIT", - "dependencies": { - "undici-types": "~6.20.0" - } - }, "node_modules/fsevents": { "version": "2.3.2", "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", @@ -55,13 +44,13 @@ } }, "node_modules/playwright": { - "version": "1.51.1", - "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.51.1.tgz", - "integrity": "sha512-kkx+MB2KQRkyxjYPc3a0wLZZoDczmppyGJIvQ43l+aZihkaVvmu/21kiyaHeHjiFxjxNNFnUncKmcGIyOojsaw==", + "version": "1.56.1", + "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.56.1.tgz", + "integrity": "sha512-aFi5B0WovBHTEvpM3DzXTUaeN6eN0qWnTkKx4NQaH4Wvcmc153PdaY2UBdSYKaGYw+UyWXSVyxDUg5DoPEttjw==", "dev": true, "license": "Apache-2.0", "dependencies": { - "playwright-core": "1.51.1" + "playwright-core": "1.56.1" }, "bin": { "playwright": "cli.js" @@ -74,9 +63,9 @@ } }, "node_modules/playwright-core": { - "version": "1.51.1", - "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.51.1.tgz", - "integrity": "sha512-/crRMj8+j/Nq5s8QcvegseuyeZPxpQCZb6HNk3Sos3BlZyAknRjoyJPFWkpNn8v0+P3WiwqFF8P+zQo4eqiNuw==", + "version": "1.56.1", + "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.56.1.tgz", + "integrity": "sha512-hutraynyn31F+Bifme+Ps9Vq59hKuUCz7H1kDOcBs+2oGguKkWTU50bBWrtz34OUWmIwpBTWDxaRPXrIXkgvmQ==", "dev": true, "license": "Apache-2.0", "bin": { @@ -85,13 +74,6 @@ "engines": { "node": ">=18" } - }, - "node_modules/undici-types": { - "version": "6.20.0", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz", - "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==", - "dev": true, - "license": "MIT" } } } diff --git a/php/tests/package.json b/php/tests/package.json index ebfa99ec..95aae5a8 100644 --- a/php/tests/package.json +++ b/php/tests/package.json @@ -3,6 +3,6 @@ "version": "1.0.0", "license": "AGPL-3.0-or-later", "devDependencies": { - "@playwright/test": "^1.51.1" + "@playwright/test": "^1.56.1" } } From c4245657e12f2c74d971584af8245e1dc2f41c47 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 21 Oct 2025 11:52:01 +0200 Subject: [PATCH 008/432] fix typo Signed-off-by: Simon L. --- community-containers/calcardbackup/readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/community-containers/calcardbackup/readme.md b/community-containers/calcardbackup/readme.md index 0bb04a3b..42a218b4 100644 --- a/community-containers/calcardbackup/readme.md +++ b/community-containers/calcardbackup/readme.md @@ -2,7 +2,7 @@ This container packages calcardbackup which is a tool that exports calendars and addressbooks from Nextcloud to .ics and .vcf files and saves them to a compressed file. ### Notes -- Backups will be created at 00:00 CEST every day. Make sure that this does not conflict with the configured daily backups inside AIO. +- Backups will be created at 00:00 UTC every day. Make sure that this does not conflict with the configured daily backups inside AIO. - All the exports will be included in AIOs backup solution - You can find the exports in the nextcloud_aio_calcardbackup volume - See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack From 1fbe2575d4ba30ba482f5866d67174599aefd02d Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Tue, 21 Oct 2025 12:03:53 +0000 Subject: [PATCH 009/432] php dependency updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- php/composer.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/php/composer.lock b/php/composer.lock index 4809bae8..355c5788 100644 --- a/php/composer.lock +++ b/php/composer.lock @@ -4724,28 +4724,28 @@ }, { "name": "webmozart/assert", - "version": "1.11.0", + "version": "1.12.0", "source": { "type": "git", "url": "https://github.com/webmozarts/assert.git", - "reference": "11cb2199493b2f8a3b53e7f19068fc6aac760991" + "reference": "541057574806f942c94662b817a50f63f7345360" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/webmozarts/assert/zipball/11cb2199493b2f8a3b53e7f19068fc6aac760991", - "reference": "11cb2199493b2f8a3b53e7f19068fc6aac760991", + "url": "https://api.github.com/repos/webmozarts/assert/zipball/541057574806f942c94662b817a50f63f7345360", + "reference": "541057574806f942c94662b817a50f63f7345360", "shasum": "" }, "require": { "ext-ctype": "*", + "ext-date": "*", + "ext-filter": "*", "php": "^7.2 || ^8.0" }, - "conflict": { - "phpstan/phpstan": "<0.12.20", - "vimeo/psalm": "<4.6.1 || 4.6.2" - }, - "require-dev": { - "phpunit/phpunit": "^8.5.13" + "suggest": { + "ext-intl": "", + "ext-simplexml": "", + "ext-spl": "" }, "type": "library", "extra": { @@ -4776,9 +4776,9 @@ ], "support": { "issues": "https://github.com/webmozarts/assert/issues", - "source": "https://github.com/webmozarts/assert/tree/1.11.0" + "source": "https://github.com/webmozarts/assert/tree/1.12.0" }, - "time": "2022-06-03T18:03:27+00:00" + "time": "2025-10-20T12:43:39+00:00" } ], "aliases": [], From 6a54eb5a4403f62bb9127065e757a9cfa18d2d8c Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Tue, 21 Oct 2025 12:05:17 +0000 Subject: [PATCH 010/432] talk-update automated change Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- Containers/talk/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/talk/Dockerfile b/Containers/talk/Dockerfile index 37ece0f4..888d3a38 100644 --- a/Containers/talk/Dockerfile +++ b/Containers/talk/Dockerfile @@ -4,7 +4,7 @@ FROM eturnal/eturnal:1.12.2-alpine AS eturnal FROM strukturag/nextcloud-spreed-signaling:2.0.4 AS signaling FROM alpine:3.22.2 AS janus -ARG JANUS_VERSION=v1.3.2 +ARG JANUS_VERSION=v1.3.3 WORKDIR /src RUN set -ex; \ apk upgrade --no-cache -a; \ From 330ca71de26223e7199055420e48b5aa433dcbd1 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Wed, 22 Oct 2025 12:03:39 +0000 Subject: [PATCH 011/432] php dependency updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- php/composer.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/php/composer.lock b/php/composer.lock index 355c5788..09f93f25 100644 --- a/php/composer.lock +++ b/php/composer.lock @@ -3338,16 +3338,16 @@ }, { "name": "nikic/php-parser", - "version": "v5.6.1", + "version": "v5.6.2", "source": { "type": "git", "url": "https://github.com/nikic/PHP-Parser.git", - "reference": "f103601b29efebd7ff4a1ca7b3eeea9e3336a2a2" + "reference": "3a454ca033b9e06b63282ce19562e892747449bb" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/f103601b29efebd7ff4a1ca7b3eeea9e3336a2a2", - "reference": "f103601b29efebd7ff4a1ca7b3eeea9e3336a2a2", + "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/3a454ca033b9e06b63282ce19562e892747449bb", + "reference": "3a454ca033b9e06b63282ce19562e892747449bb", "shasum": "" }, "require": { @@ -3390,9 +3390,9 @@ ], "support": { "issues": "https://github.com/nikic/PHP-Parser/issues", - "source": "https://github.com/nikic/PHP-Parser/tree/v5.6.1" + "source": "https://github.com/nikic/PHP-Parser/tree/v5.6.2" }, - "time": "2025-08-13T20:13:15+00:00" + "time": "2025-10-21T19:32:17+00:00" }, { "name": "phpdocumentor/reflection-common", From fb1ca10ab45ef58ff1a44defe4aabb125ce5095b Mon Sep 17 00:00:00 2001 From: Josh Date: Wed, 22 Oct 2025 12:29:55 -0400 Subject: [PATCH 012/432] docs: Revise reverse proxy docs (first pass) Updated the reverse proxy documentation for Nextcloud AIO, enhancing clarity and structure. Re-organized top section(s). Added sections to provide context on integrated versus external reverse proxies versus secure tunnels/proxy platforms. De-duplicated some content. Signed-off-by: Josh --- reverse-proxy.md | 210 ++++++++++++++++++++++++++++------------------- 1 file changed, 127 insertions(+), 83 deletions(-) diff --git a/reverse-proxy.md b/reverse-proxy.md index 4d6cc2fa..953f1fd0 100644 --- a/reverse-proxy.md +++ b/reverse-proxy.md @@ -1,67 +1,71 @@ -# Reverse Proxy Documentation - -> [!NOTE] -> Please note that AIO comes secured with TLS out-of-the-box. So you don't need to necessarily set up your own reverse proxy if you only want to run Nextcloud AIO which is much easier. See [the normal readme](https://github.com/nextcloud/all-in-one?tab=readme-ov-file#how-to-use-this) in that case. However if port 443 should already be used because you already run a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else), you need to follow this reverse proxy documentation to set up Nextcloud AIO. - -> [!TIP] -> If you don't have a domain yet, [Tailscale is recommended](https://github.com/nextcloud/all-in-one/discussions/6817). If you don't have a reverse proxy yet, [Caddy is recommended](https://github.com/nextcloud/all-in-one/discussions/575). +# Using a reverse proxy or secure tunnel to access Nextcloud AIO ## Introduction -In order to run Nextcloud behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else), you need to: -1. add a specific config to your web server or reverse proxy. [See the documentation below.](#1-configure-the-reverse-proxy) -2. specify the port that AIO's integrated Apache container shall use via the environmental variable `APACHE_PORT` (that runs inside its own container and published this port on the host) and adjust the `docker run` command of AIO. [See the documentation below.](#2-use-this-startup-command). -3. Open the AIO interface at port `8080` and type in and validate your domain. [See the documentation below.](#4-open-the-aio-interface) -Here one example with all reverse proxy settings for Linux: -``` -sudo docker run \ ---init \ ---sig-proxy=false \ ---name nextcloud-aio-mastercontainer \ ---restart always \ ---publish 8080:8080 \ ---env APACHE_PORT=11000 \ ---env APACHE_IP_BINDING=0.0.0.0 \ ---env APACHE_ADDITIONAL_NETWORK="" \ ---env SKIP_DOMAIN_VALIDATION=false \ ---volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \ ---volume /var/run/docker.sock:/var/run/docker.sock:ro \ -ghcr.io/nextcloud-releases/all-in-one:latest -``` +This guide explains how to connect to Nextcloud AIO securely via HTTPS (TLS) using a reverse proxy or a secure tunnel/proxying platform. It covers: -
+- Integrated: AIO's internal reverse proxy +- External: an external reverse proxy such as Caddy or Nginx +- Secure tunnel: a Zero Trust Network Access platform such as Tailscale or Cloudflare Tunnel -Explanation of the command - -- `sudo docker run` This command spins up a new docker container. Docker commands can optionally be used without `sudo` if the user is added to the docker group (this is not the same as docker rootless, see FAQ in the normal readme). -- `--init` This option makes sure that no zombie-processes are created, ever. See [the Docker documentation](https://docs.docker.com/reference/cli/docker/container/run/#init). -- `--sig-proxy=false` This option allows to exit the container shell that gets attached automatically when using `docker run` by using `[CTRL] + [C]` without shutting down the container. -- `--name nextcloud-aio-mastercontainer` This is the name of the container. This line is not allowed to be changed, since mastercontainer updates would fail. -- `--restart always` This is the "restart policy". `always` means that the container should always get started with the Docker daemon. See the Docker documentation for further detail about restart policies: https://docs.docker.com/config/containers/start-containers-automatically/ -- `--publish 8080:8080` This means that port 8080 of the container should get published on the host using port 8080. This port is used for the AIO interface and uses a self-signed certificate by default. You can also use a different host port if port 8080 is already used on your host, for example `--publish 8081:8080` (only the first port can be changed for the host, the second port is for the container and must remain at 8080). -- `--env APACHE_PORT=11000` This is the port that is published on the host that runs Docker and Nextcloud AIO at which the reverse proxy should point at. -- `--env APACHE_IP_BINDING=0.0.0.0` This can be modified to allow access to the published port on the host only from certain ip-addresses. [See this documentation](#3-limit-the-access-to-the-apache-container) -- `--env APACHE_ADDITIONAL_NETWORK=""` This can be used to put the sibling apache container that is created by AIO into a specified network - useful if your reverse proxy runs as a container on the same host. [See this documentation](#adapting-the-sample-web-server-configurations-below) -- `--env SKIP_DOMAIN_VALIDATION=false` This can be set to `true` if the domain validation does not work and you are sure that you configured everything correctly after you followed [the debug documentation](#7-how-to-debug-things). -- `--volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config` This means that the files that are created by the mastercontainer will be stored in a docker volume that is called `nextcloud_aio_mastercontainer`. This line is not allowed to be changed, since built-in backups would fail later on. -- `--volume /var/run/docker.sock:/var/run/docker.sock:ro` The docker socket is mounted into the container which is used for spinning up all the other containers and for further features. It needs to be adjusted on Windows/macOS and on docker rootless. See the applicable documentation on this. If adjusting, don't forget to also set `WATCHTOWER_DOCKER_SOCKET_PATH`! If you dislike this, see https://github.com/nextcloud/all-in-one/tree/main/manual-install. -- `ghcr.io/nextcloud-releases/all-in-one:latest` This is the docker container image that is used. -- Further options can be set using environment variables, for example `--env NEXTCLOUD_DATADIR="/mnt/ncdata"` (This is an example for Linux. See [this](https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir) for other OS' and for an explanation of what this value does. This specific one needs to be specified upon the first startup if you want to change it to a specific path instead of the default Docker volume). To see explanations and examples for further variables (like changing the location of Nextcloud's datadir or mounting some locations as external storage into the Nextcloud container), read through this readme and look at the docker-compose file: https://github.com/nextcloud/all-in-one/blob/main/compose.yaml - -
- -> [!Note] -> If you run into troubles, see [the debug section](#7-how-to-debug-things). - ---- - -> [!IMPORTANT] -> If you need HTTPS between Nextcloud and the reverse proxy because it is running on a different server in the same network, simply add another reverse proxy to the chain that runs on the same server like AIO and takes care of HTTPS proxying (most likely via self-signed certificates). Another option would be to create a VPN between the server that runs AIO and the server that runs the reverse proxy which takes care of encrypting the connection. +> [!TIP] +> If AIO's internal reverse proxy meets your needs, you may not need to set up your own reverse proxy. See the next section to assess whether this is the case. > [!NOTE] -> Since the Apache container gets created by the mastercontainer, there is **NO** way to provide custom docker labels or custom environmental variables for the Apache container. So please do not attempt to do this because it will fail! +> If your goal is to use AIO purely locally, refer to the [Local instance documentation](https://github.com/nextcloud/all-in-one/blob/main/local-instance.md). -## Content +### Integrated: Using AIO's internal reverse proxy with built-in HTTPS support + +Nextcloud AIO is secured with TLS (HTTPS) out of the box via its internal reverse proxy. The integrated HTTPS support works well if your goal is to make AIO accessible from the public Internet and to ensure all traffic is encrypted with HTTPS. + +Requirements: +- A public IP address (it does **not** need to be a dedicated public IP). +- Port `443/tcp` on that IP must be dedicated to AIO, and port 443 must be opened/forwarded on the internet-facing firewall/router to the AIO host.[^talkPort] + +**If AIO's integrated HTTPS support and internal reverse proxy meet your requirements, you do not need to proceed further — follow the [standard Nextcloud AIO instructions](https://github.com/nextcloud/all-in-one?tab=readme-ov-file#how-to-use-this) instead.**. + +### External: Using AIO with an external reverse proxy (e.g., *Caddy, Nginx*) + +A reverse proxy (or a web server acting as a reverse proxy) enables multiple web applications to share the same IP address and/or port (for example `443/tcp`) by directing traffic based on each application's hostname (often called "virtual hosts"). Incoming requests reach the reverse proxy and are then forwarded to the appropriate internal IP address, port, or container based on the requested hostname. + +Most notably, an external reverse proxy allows you to: +- share one external IP address among multiple hostnames/web applications, and +- use a different internal port than the externally used port. + +Using an existing external reverse proxy is required in particular if port `443/tcp` on your public IP is already in use by another web application or by an existing web server/reverse proxy (for example Caddy or Nginx). + +> [!TIP] +> Examples of web servers or reverse proxies you might already be running include Apache, Caddy, Nginx, Traefik, and HAProxy — but only if they are bound to port `443/tcp` on the IP address you plan to associate with AIO. + +> [!NOTE] +> An external reverse proxy can also facilitate other routing approaches (for example shared-hostname / subfolder-based routing), but Nextcloud AIO only supports webroot-based (non-shared-hostname) access, so those scenarios are not applicable here.[^shared] + +### Secure tunnel: Using AIO with a Zero Trust Network Access platform (*Tailscale, Cloudflare*) + +Cloudflare and Tailscale provide Zero Trust Network Access services. For AIO we are primarily concerned with: + +- Cloudflare Tunnel / Cloudflare Proxy +- Tailscale Serve / Tailscale Funnel + +> [!TIP] +> Because of how [Cloudflare's Tunnel/Proxy operate](https://github.com/nextcloud/all-in-one/tree/main?tab=readme-ov-file#notes-on-cloudflare-proxytunnel), we recommend using Tailscale with Nextcloud when possible. Tailscale typically offers better performance and fewer trade-offs/limitations for Nextcloud. + +## Deployment + +### Quick overview + +To run Nextcloud AIO behind an external reverse proxy or secure tunneling/proxying service (instead of using AIO's integrated reverse proxy), you need to: + +1. Add a specific configuration to your web server or reverse proxy. See ["Configuring your reverse proxy"](#1-configure-the-reverse-proxy) below. +2. Specify the port that AIO's integrated Apache container will use via the environment variable `APACHE_PORT`. The Apache container runs in its own container and publishes that port on the host — update the `docker run` command (or your Compose file) accordingly. See ["Use this startup command"](#2-use-this-startup-command) below. +3. Open the AIO interface at port `8080` and enter and validate your domain. See ["Open the AIO interface"](#4-open-the-aio-interface) below. + +Don't worry if these steps are not clear yet — each is expanded on in the sections below. + +> [!TIP] +> If you don't have a domain yet, we recommend [an approach using Tailscale](https://github.com/nextcloud/all-in-one/discussions/6817). If you don't have an external reverse proxy yet, we recommend [Caddy](https://github.com/nextcloud/all-in-one/discussions/575). + +### Getting Started The process to run Nextcloud behind a reverse proxy consists of at least steps 1, 2 and 4: 1. **Configure the reverse proxy! See [point 1](#1-configure-the-reverse-proxy)** @@ -72,9 +76,19 @@ The process to run Nextcloud behind a reverse proxy consists of at least steps 1 1. Optional: get a valid certificate for the AIO interface! See [point 6](#6-optional-get-a-valid-certificate-for-the-aio-interface) 1. Optional: how to debug things? See [point 7](#7-how-to-debug-things) -## 1. Configure the reverse proxy +> [!Note] +> If you run into troubles, see [the debug section](#7-how-to-debug-things). + +> [!IMPORTANT] +> If you need HTTPS between Nextcloud and the reverse proxy because it is running on a different server in the same network, simply add another reverse proxy to the chain that runs on the same server like AIO and takes care of HTTPS proxying (most likely via self-signed certificates). Another option would be to create a VPN between the server that runs AIO and the server that runs the reverse proxy which takes care of encrypting the connection. + +> [!NOTE] +> Since the Apache container gets created by the mastercontainer, there is **NO** way to provide custom docker labels or custom environmental variables for the Apache container. So please do not attempt to do this because it will fail! + +### 1. Configure the reverse proxy + +#### Adapting the sample web server configurations below -### Adapting the sample web server configurations below 1. Replace `` with the domain on which you want to run Nextcloud. 1. Adjust the port `11000` to match your chosen `APACHE_PORT`. 1. Adjust `localhost` or `127.0.0.1` to point to the Nextcloud server IP or domain depending on where the reverse proxy is running. See the following options. @@ -108,7 +122,7 @@ The process to run Nextcloud behind a reverse proxy consists of at least steps 1 -### Apache +##### Apache
@@ -188,7 +202,7 @@ To make the config work you can run the following command:
-### Caddy (recommended) +##### Caddy (recommended)
@@ -211,7 +225,7 @@ The Caddyfile is a text file called `Caddyfile` (no extension) which – if you
-### Caddy with ACME DNS-challenge +##### Caddy with ACME DNS-challenge
@@ -239,7 +253,7 @@ You can get AIO running using the ACME DNS-challenge. Here is how to do it.
-### OpenLiteSpeed +##### OpenLiteSpeed
@@ -249,7 +263,7 @@ You can find the OpenLiteSpeed reverse proxy guide by @MorrowShore here: https:/
-### Citrix ADC VPX / Citrix Netscaler +##### Citrix ADC VPX / Citrix Netscaler
@@ -259,7 +273,7 @@ For a reverse proxy example guide for Citrix ADC VPX / Citrix Netscaler, see thi
-### Cloudflare Tunnel +##### Cloudflare Tunnel
@@ -278,7 +292,7 @@ Although it does not seem like it is the case but from AIO perspective a Cloudfl
-### HaProxy +##### HAProxy
@@ -375,7 +389,7 @@ backend Nextcloud
-### Nginx, Freenginx, Openresty, Angie +##### Nginx, Freenginx, Openresty, Angie
@@ -474,7 +488,7 @@ server {
-### NPMplus (Fork of Nginx-Proxy-Manager - NPM) +##### NPMplus (Fork of Nginx-Proxy-Manager - NPM)
@@ -505,7 +519,7 @@ Second, see these screenshots for a working config:
-### Nginx-Proxy-Manager - NPM +##### Nginx-Proxy-Manager - NPM
@@ -538,7 +552,7 @@ Also change `@` to a mail address of yours.
-### Nginx-Proxy +##### Nginx-Proxy
@@ -554,7 +568,7 @@ Apart from that, there is a [manual-install](https://github.com/nextcloud/all-in
-### Node.js with Express +##### Node.js with Express
@@ -641,7 +655,7 @@ httpServer.on('upgrade', (req, socket, head) => {
-### Synology Reverse Proxy +##### Synology Reverse Proxy
@@ -659,7 +673,7 @@ See these screenshots for a working config:
-### Traefik 2 +##### Traefik 2
@@ -751,7 +765,7 @@ The examples below define the dynamic configuration in YAML files. If you rather
-### Traefik 3 +##### Traefik 3
@@ -837,7 +851,7 @@ The examples below define the dynamic configuration in YAML files. If you rather
-### IIS with ARR and URL Rewrite +##### IIS with ARR and URL Rewrite
@@ -907,7 +921,7 @@ Add the following `web.config` file to the root of the site you created as the r
-### Tailscale +##### Tailscale
@@ -918,7 +932,7 @@ For a reverse proxy example guide for Tailscale, see this guide by [@Perseus333]
-### Others +##### Others
@@ -928,7 +942,7 @@ Config examples for other reverse proxies are currently not documented. Pull req
-## 2. Use this startup command +### 2. Use this startup command After adjusting your reverse proxy config, use the following command to start AIO:
@@ -951,6 +965,27 @@ sudo docker run \ ghcr.io/nextcloud-releases/all-in-one:latest ``` +
+ +Explanation of the command + +- `sudo docker run` This command spins up a new docker container. Docker commands can optionally be used without `sudo` if the user is added to the docker group (this is not the same as docker rootless, see FAQ in the normal readme). +- `--init` This option makes sure that no zombie-processes are created, ever. See [the Docker documentation](https://docs.docker.com/reference/cli/docker/container/run/#init). +- `--sig-proxy=false` This option allows to exit the container shell that gets attached automatically when using `docker run` by using `[CTRL] + [C]` without shutting down the container. +- `--name nextcloud-aio-mastercontainer` This is the name of the container. This line is not allowed to be changed, since mastercontainer updates would fail. +- `--restart always` This is the "restart policy". `always` means that the container should always get started with the Docker daemon. See the Docker documentation for further detail about restart policies: https://docs.docker.com/config/containers/start-containers-automatically/ +- `--publish 8080:8080` This means that port 8080 of the container should get published on the host using port 8080. This port is used for the AIO interface and uses a self-signed certificate by default. You can also use a different host port if port 8080 is already used on your host, for example `--publish 8081:8080` (only the first port can be changed for the host, the second port is for the container and must remain at 8080). +- `--env APACHE_PORT=11000` This is the port that is published on the host that runs Docker and Nextcloud AIO at which the reverse proxy should point at. +- `--env APACHE_IP_BINDING=0.0.0.0` This can be modified to allow access to the published port on the host only from certain ip-addresses. [See this documentation](#3-limit-the-access-to-the-apache-container) +- `--env APACHE_ADDITIONAL_NETWORK=""` This can be used to put the sibling apache container that is created by AIO into a specified network - useful if your reverse proxy runs as a container on the same host. [See this documentation](#adapting-the-sample-web-server-configurations-below) +- `--env SKIP_DOMAIN_VALIDATION=false` This can be set to `true` if the domain validation does not work and you are sure that you configured everything correctly after you followed [the debug documentation](#7-how-to-debug-things). +- `--volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config` This means that the files that are created by the mastercontainer will be stored in a docker volume that is called `nextcloud_aio_mastercontainer`. This line is not allowed to be changed, since built-in backups would fail later on. +- `--volume /var/run/docker.sock:/var/run/docker.sock:ro` The docker socket is mounted into the container which is used for spinning up all the other containers and for further features. It needs to be adjusted on Windows/macOS and on docker rootless. See the applicable documentation on this. If adjusting, don't forget to also set `WATCHTOWER_DOCKER_SOCKET_PATH`! If you dislike this, see https://github.com/nextcloud/all-in-one/tree/main/manual-install. +- `ghcr.io/nextcloud-releases/all-in-one:latest` This is the docker container image that is used. +- Further options can be set using environment variables, for example `--env NEXTCLOUD_DATADIR="/mnt/ncdata"` (This is an example for Linux. See [this](https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir) for other OS' and for an explanation of what this value does. This specific one needs to be specified upon the first startup if you want to change it to a specific path instead of the default Docker volume). To see explanations and examples for further variables (like changing the location of Nextcloud's datadir or mounting some locations as external storage into the Nextcloud container), read through this readme and look at the docker-compose file: https://github.com/nextcloud/all-in-one/blob/main/compose.yaml + +
+ Note: you may be interested in adjusting Nextcloud’s datadir to store the files in a different location than the default docker volume. See [this documentation](https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir) on how to do it. You should also think about limiting the Apache container to listen only on localhost in case the reverse proxy is running on the same host and in the host network, by providing an additional environmental variable to this docker run command. See [point 3](#3-limit-the-access-to-the-apache-container). @@ -989,17 +1024,17 @@ On Synology DSM see https://github.com/nextcloud/all-in-one#how-to-run-aio-on-sy Simply translate the docker run command into a docker-compose file. You can have a look at [this file](https://github.com/nextcloud/all-in-one/blob/main/compose.yaml) for some inspiration but you will need to modify it either way. You can find further examples here: https://github.com/nextcloud/all-in-one/discussions/588 -## 3. Limit the access to the Apache container +### 3. Limit the access to the Apache container Use this environment variable during the initial startup of the mastercontainer to make the apache container only listen on localhost: `--env APACHE_IP_BINDING=127.0.0.1`. **Attention:** This is only recommended to be set if you use `localhost` in your reverse proxy config to connect to your AIO instance. If you use an ip-address instead of localhost, you should set it to `0.0.0.0`. -## 4. Open the AIO interface +### 4. Open the AIO interface After starting AIO, you should be able to access the AIO Interface via `https://ip.address.of.the.host:8080` and type in and validate the domain that you have configured.
⚠️ **Important:** do always use an ip-address if you access this port and not a domain as HSTS might block access to it later! (It is also expected that this port uses a self-signed certificate due to security concerns which you need to accept in your browser)
Enter your domain in the AIO interface that you've used in the reverse proxy config and you should be done. Please do not forget to open/forward port `3478/TCP` and `3478/UDP` in your firewall/router for the Talk container! -## 5. Optional: Configure AIO for reverse proxies that connect to nextcloud using an ip-address and not localhost nor 127.0.0.1 +### 5. Optional: Configure AIO for reverse proxies that connect to nextcloud using an ip-address and not localhost nor 127.0.0.1 If your reverse proxy connects to nextcloud using an ip-address and not localhost or 127.0.0.1* you must make the following configuration changes *: The IP address it uses to connect to AIO is not in a private IP range such as these: `127.0.0.1/8,192.168.0.0/16,172.16.0.0/12,10.0.0.0/8,fd00::/8,::1` @@ -1011,7 +1046,7 @@ Add the IP it uses connect to AIO to the Nextcloud trusted_proxies like this: sudo docker exec --user www-data -it nextcloud-aio-nextcloud php occ config:system:set trusted_proxies 2 --value=ip.address.of.proxy ``` -### Collabora WOPI allow list +#### Collabora WOPI allow list If your reverse proxy connects to Nextcloud with an IP address that is different from the one for your domain* and you are using the Collabora server then you must also add the IP to the WOPI request allow list via `Administration Settings > Administration > Office > Allow list for WOPI requests`. *: For example, the reverse proxy has a public globally routable IP and connects to your AIO instance via Tailscale with an IP in the `100.64.0.0/10` range, or you are using a Cloudflare tunnel ([cloudflare notes](https://github.com/nextcloud/all-in-one?tab=readme-ov-file#notes-on-cloudflare-proxytunnel): You must add all [Cloudflare IP-Ranges](https://www.cloudflare.com/ips/) to the WOPI allowlist.) @@ -1037,7 +1072,8 @@ https://:8443 { Afterwards should the AIO interface be accessible via `https://ip.address.of.the.host:8443`. You can alternatively change the domain to a different subdomain by using `https://:443` instead of `https://:8443` in the Caddyfile and use that to access the AIO interface. -## 7. How to debug things? +### 7. How to debug things? + @@ -1057,7 +1093,8 @@ If something does not work, follow the steps below: 1. Try to configure everything from scratch - if it still does not work by following https://github.com/nextcloud/all-in-one#how-to-properly-reset-the-instance. 1. As last resort, you may disable the domain validation by adding `--env SKIP_DOMAIN_VALIDATION=true` to the docker run command. But only use this if you are completely sure that you've correctly configured everything! -## 8. Removing the reverse proxy +### 8. Removing the reverse proxy + If you, at some point, want to remove the reverse proxy, here are some general steps: 1. Stop all running containers in the AIO Interface. 2. Stop and remove the mastercontainer. @@ -1075,3 +1112,10 @@ If you, at some point, want to remove the reverse proxy, here are some general s *The first command ensures that the Apache container is listening on all available network interfaces and the second command configures it to listen to port 443.* 5. Restart all other containers in the AIO interface. + +--- + +## Footnotes: + +[^talkPort]: Ports 3478/TCP and 3478/UDP are also required if using Nextcloud Talk (but they're less likely to conflict with existing services). +[^shared]: Other Nextcloud Server deployment methods (but not AIO) can be deployed behind shared hostnames and accessed via subfolder-based URLs. For example, this is supported with Bare Metal (Archive) and the micro-services Docker image, among others. Note that pure subfolder deployments are less and less required these days, with the broad support for virtual host based access (including at the reverse proxy level), which easily faciliates port IP address and external port sharing. From 3a7d77a7660d4157e0166cc07eadbcaea9f7a792 Mon Sep 17 00:00:00 2001 From: Josh Date: Wed, 22 Oct 2025 12:36:09 -0400 Subject: [PATCH 013/432] fix: make headers consistent Signed-off-by: Josh --- reverse-proxy.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/reverse-proxy.md b/reverse-proxy.md index 953f1fd0..80aa7e10 100644 --- a/reverse-proxy.md +++ b/reverse-proxy.md @@ -1039,7 +1039,7 @@ If your reverse proxy connects to nextcloud using an ip-address and not localhos *: The IP address it uses to connect to AIO is not in a private IP range such as these: `127.0.0.1/8,192.168.0.0/16,172.16.0.0/12,10.0.0.0/8,fd00::/8,::1` -### Nextcloud trusted proxies +#### Nextcloud trusted proxies Add the IP it uses connect to AIO to the Nextcloud trusted_proxies like this: ``` @@ -1051,11 +1051,11 @@ If your reverse proxy connects to Nextcloud with an IP address that is different *: For example, the reverse proxy has a public globally routable IP and connects to your AIO instance via Tailscale with an IP in the `100.64.0.0/10` range, or you are using a Cloudflare tunnel ([cloudflare notes](https://github.com/nextcloud/all-in-one?tab=readme-ov-file#notes-on-cloudflare-proxytunnel): You must add all [Cloudflare IP-Ranges](https://www.cloudflare.com/ips/) to the WOPI allowlist.) -### External reverse proxies connecting via VPN (e.g. Tailscale) +#### External reverse proxies connecting via VPN (e.g. Tailscale) If your reverse proxy is outside your LAN and connecting via VPN such as Tailscale, you may want to set `APACHE_IP_BINDING=AIO.VPN.host.IP` to ensure only traffic coming from the VPN can connect. -## 6. Optional: get a valid certificate for the AIO interface +### 6. Optional: get a valid certificate for the AIO interface If you want to also access your AIO interface publicly with a valid certificate, you can add e.g. the following config to your Caddyfile: From d107cccb92428d018c88835078abcc9979fab2aa Mon Sep 17 00:00:00 2001 From: Josh Date: Wed, 22 Oct 2025 13:39:55 -0400 Subject: [PATCH 014/432] chore: fix typo Signed-off-by: Josh --- reverse-proxy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/reverse-proxy.md b/reverse-proxy.md index 80aa7e10..8cf0bb74 100644 --- a/reverse-proxy.md +++ b/reverse-proxy.md @@ -1118,4 +1118,4 @@ If you, at some point, want to remove the reverse proxy, here are some general s ## Footnotes: [^talkPort]: Ports 3478/TCP and 3478/UDP are also required if using Nextcloud Talk (but they're less likely to conflict with existing services). -[^shared]: Other Nextcloud Server deployment methods (but not AIO) can be deployed behind shared hostnames and accessed via subfolder-based URLs. For example, this is supported with Bare Metal (Archive) and the micro-services Docker image, among others. Note that pure subfolder deployments are less and less required these days, with the broad support for virtual host based access (including at the reverse proxy level), which easily faciliates port IP address and external port sharing. +[^shared]: Other Nextcloud Server deployment methods (but not AIO) can be deployed behind shared hostnames and accessed via subfolder-based URLs. For example, this is supported with Bare Metal (Archive) and the micro-services Docker image, among others. Note that pure subfolder deployments are less and less required these days, with the broad support for virtual host based access (including at the reverse proxy level), which easily facilitates port IP address and external port sharing. From c53308ab3286664e44f7fa0db12f5a9c48fc6c3c Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Thu, 23 Oct 2025 13:56:56 +0200 Subject: [PATCH 015/432] update `nextcloud-aio-minio` to `v2` Signed-off-by: Simon L. --- community-containers/minio/minio.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/community-containers/minio/minio.json b/community-containers/minio/minio.json index 2403f213..50613202 100644 --- a/community-containers/minio/minio.json +++ b/community-containers/minio/minio.json @@ -2,7 +2,7 @@ "aio_services_v1": [ { "container_name": "nextcloud-aio-minio", - "image_tag": "v1", + "image_tag": "v2", "display_name": "Minio S3 Storage", "documentation": "https://github.com/nextcloud/all-in-one/tree/main/community-containers/minio", "image": "ghcr.io/szaimen/aio-minio", From 1968cd3b362aaf267c137f28e59bda4e9a40f242 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 24 Oct 2025 04:19:59 +0000 Subject: [PATCH 016/432] build(deps): bump elasticsearch in /Containers/fulltextsearch Bumps elasticsearch from 8.19.5 to 8.19.6. --- updated-dependencies: - dependency-name: elasticsearch dependency-version: 8.19.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/fulltextsearch/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/fulltextsearch/Dockerfile b/Containers/fulltextsearch/Dockerfile index 980fe275..a50aee53 100644 --- a/Containers/fulltextsearch/Dockerfile +++ b/Containers/fulltextsearch/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Probably from here https://github.com/elastic/elasticsearch/blob/main/distribution/docker/src/docker/Dockerfile -FROM elasticsearch:8.19.5 +FROM elasticsearch:8.19.6 USER root From 152f1e375b86fd04048f8919f1f51809e64467e1 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Fri, 24 Oct 2025 07:25:45 +0000 Subject: [PATCH 017/432] nextcloud-update automated change Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- Containers/nextcloud/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 4eae8029..a94e41e2 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -8,7 +8,7 @@ ENV SOURCE_LOCATION=/usr/src/nextcloud ENV REDIS_DB_INDEX=0 # AIO settings start # Do not remove or change this line! -ENV NEXTCLOUD_VERSION=31.0.9 +ENV NEXTCLOUD_VERSION=31.0.10 ENV AIO_TOKEN=123456 ENV AIO_URL=localhost # AIO settings end # Do not remove or change this line! From 8fb2f84440867a8db5208ec25d66ee161cd30492 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Fri, 24 Oct 2025 09:29:30 +0200 Subject: [PATCH 018/432] increase to 11.11.0 Signed-off-by: Simon L. --- php/templates/containers.twig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/templates/containers.twig b/php/templates/containers.twig index 8db6beb6..16a240dc 100644 --- a/php/templates/containers.twig +++ b/php/templates/containers.twig @@ -17,7 +17,7 @@
-

Nextcloud AIO v11.10.0

+

Nextcloud AIO v11.11.0

{# Add 2nd tab warning #} From fc9265653ee1e9c6faf86e52b153443dfdae839e Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Fri, 24 Oct 2025 09:48:00 +0200 Subject: [PATCH 019/432] nextcloud: download nextcloud archive file from github instead of download.nextcloud.com Signed-off-by: Simon L. --- Containers/nextcloud/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index a94e41e2..c5ab4985 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -156,7 +156,7 @@ RUN set -ex; \ ; \ \ curl -fsSL -o nextcloud.tar.bz2 \ - "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2"; \ + "https://github.com/nextcloud-releases/server/releases/download/v${NEXTCLOUD_VERSION}/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2"; \ curl -fsSL -o nextcloud.tar.bz2.asc \ "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2.asc"; \ export GNUPGHOME="$(mktemp -d)"; \ From 5568c78293cdec239a560a7060aed34af5e66ecd Mon Sep 17 00:00:00 2001 From: masterwoot Date: Fri, 24 Oct 2025 09:59:57 +0200 Subject: [PATCH 020/432] Update backupscript.sh Typo in string messages, changing from "Nextclouds data directory.." to "Nextcloud's data directory.." as it's in the possessive form. Signed-off-by: masterwoot --- Containers/borgbackup/backupscript.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Containers/borgbackup/backupscript.sh b/Containers/borgbackup/backupscript.sh index 602ec586..41c05724 100644 --- a/Containers/borgbackup/backupscript.sh +++ b/Containers/borgbackup/backupscript.sh @@ -199,7 +199,7 @@ if [ "$BORG_MODE" = backup ]; then if [ -f "/nextcloud_aio_volumes/nextcloud_aio_nextcloud_data/.noaiobackup" ]; then BORG_EXCLUDE+=(--exclude "/nextcloud_aio_volumes/nextcloud_aio_nextcloud_data/") BORG_INCLUDE+=(--pattern="+/nextcloud_aio_volumes/nextcloud_aio_nextcloud_data/.noaiobackup") - echo "⚠️⚠️⚠️ '.noaiobackup' file was found in Nextclouds data directory. Excluding the data directory from backup!" + echo "⚠️⚠️⚠️ '.noaiobackup' file was found in Nextcloud's data directory. Excluding the data directory from backup!" # Exclude preview folder if .noaiobackup file was found elif [ -f /nextcloud_aio_volumes/nextcloud_aio_nextcloud_data/appdata_*/preview/.noaiobackup ]; then BORG_EXCLUDE+=(--exclude "/nextcloud_aio_volumes/nextcloud_aio_nextcloud_data/appdata_*/preview/") @@ -344,7 +344,7 @@ if [ "$BORG_MODE" = restore ]; then ADDITIONAL_RSYNC_EXCLUDES=(--exclude "nextcloud_aio_nextcloud_data/**") ADDITIONAL_BORG_EXCLUDES=(--exclude "sh:nextcloud_aio_volumes/nextcloud_aio_nextcloud_data/**") ADDITIONAL_FIND_EXCLUDES=(-o -regex 'nextcloud_aio_volumes/nextcloud_aio_nextcloud_data\(/.*\)?') - echo "⚠️⚠️⚠️ '.noaiobackup' file was found in Nextclouds data directory. Excluding the data directory from restore!" + echo "⚠️⚠️⚠️ '.noaiobackup' file was found in Nextcloud's data directory. Excluding the data directory from restore!" echo "You might run into problems due to this afterwards as potentially this makes the directory go out of sync with the database." echo "You might be able to fix this by running 'occ files:scan --all' and 'occ maintenance:repair' and 'occ files:scan-app-data' after the restore." echo "See https://github.com/nextcloud/all-in-one#how-to-run-occ-commands" From bf42de65dacf05471305776aa41f24e9582f0077 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Oct 2025 04:21:21 +0000 Subject: [PATCH 021/432] build(deps): bump php in /Containers/mastercontainer Bumps php from 8.4.13-fpm-alpine3.22 to 8.4.14-fpm-alpine3.22. --- updated-dependencies: - dependency-name: php dependency-version: 8.4.14-fpm-alpine3.22 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/mastercontainer/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile index c1cbaa59..20f22421 100644 --- a/Containers/mastercontainer/Dockerfile +++ b/Containers/mastercontainer/Dockerfile @@ -6,7 +6,7 @@ FROM docker:28.5.1-cli AS docker FROM caddy:2.10.2-alpine AS caddy # From https://github.com/docker-library/php/blob/master/8.4/alpine3.22/fpm/Dockerfile -FROM php:8.4.13-fpm-alpine3.22 +FROM php:8.4.14-fpm-alpine3.22 EXPOSE 80 EXPOSE 8080 From 19d5ad2a794503ed1b3992ed05991667b4a61327 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Oct 2025 04:21:59 +0000 Subject: [PATCH 022/432] build(deps): bump haproxy in /Containers/docker-socket-proxy Bumps haproxy from 3.2.6-alpine to 3.2.7-alpine. --- updated-dependencies: - dependency-name: haproxy dependency-version: 3.2.7-alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/docker-socket-proxy/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/docker-socket-proxy/Dockerfile b/Containers/docker-socket-proxy/Dockerfile index 72034cec..ad128d54 100644 --- a/Containers/docker-socket-proxy/Dockerfile +++ b/Containers/docker-socket-proxy/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM haproxy:3.2.6-alpine +FROM haproxy:3.2.7-alpine # hadolint ignore=DL3002 USER root From 2598f1b983b883d45224c71f2a673f1cb310c040 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Oct 2025 04:22:17 +0000 Subject: [PATCH 023/432] build(deps): bump php in /Containers/nextcloud Bumps php from 8.3.26-fpm-alpine3.22 to 8.3.27-fpm-alpine3.22. --- updated-dependencies: - dependency-name: php dependency-version: 8.3.27-fpm-alpine3.22 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/nextcloud/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index c5ab4985..0250f067 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM php:8.3.26-fpm-alpine3.22 +FROM php:8.3.27-fpm-alpine3.22 ENV PHP_MEMORY_LIMIT=512M ENV PHP_UPLOAD_LIMIT=16G From b7c6ab018de93f361a9e38f70392f9e5b6b0d3da Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Oct 2025 04:22:30 +0000 Subject: [PATCH 024/432] build(deps): bump nextcloud-releases/whiteboard Bumps nextcloud-releases/whiteboard from v1.3.0 to v1.4.0. --- updated-dependencies: - dependency-name: nextcloud-releases/whiteboard dependency-version: v1.4.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Containers/whiteboard/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/whiteboard/Dockerfile b/Containers/whiteboard/Dockerfile index e60bb815..f90dfdee 100644 --- a/Containers/whiteboard/Dockerfile +++ b/Containers/whiteboard/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Probably from this file: https://github.com/nextcloud/whiteboard/blob/main/Dockerfile -FROM ghcr.io/nextcloud-releases/whiteboard:v1.3.0 +FROM ghcr.io/nextcloud-releases/whiteboard:v1.4.0 USER root RUN set -ex; \ From 68f7958c1253a522b5f80cdfdc730b0fd5406f5e Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 27 Oct 2025 11:37:12 +0100 Subject: [PATCH 025/432] update detail Signed-off-by: Simon L. --- nextcloud-aio-helm-chart/readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nextcloud-aio-helm-chart/readme.md b/nextcloud-aio-helm-chart/readme.md index edf6c779..cb31e601 100755 --- a/nextcloud-aio-helm-chart/readme.md +++ b/nextcloud-aio-helm-chart/readme.md @@ -1,7 +1,7 @@ # Nextcloud AIO Helm-chart > [!NOTE] -> For an enterprise-ready and scalable deployment method based on Helm Charts (also available for Podman), please [contact Nextcloud GmbH](https://nextcloud.com/enterprise/). +> For an enterprise-ready and scalable deployment method based on Helm Charts (also available for Podman and OpenShift), please [contact Nextcloud GmbH](https://nextcloud.com/enterprise/). > [!IMPORTANT] > This Helm-Chart is not intended to be used with Ingress as it handles TLS itself via the built-in apache container and exposes a Loadbalancer port itself on the Cluster. See the [apache service](https://github.com/nextcloud/all-in-one/blob/main/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-service.yaml). However if the Cluster is used behind NAT, you can adjust `APACHE_PORT` to a different one than 443 and do the TLS offloading on an external Reverse Proxy that forwards the traffic to the configured port via http. If you really need the Ingress feature, please [contact Nextcloud GmbH](https://nextcloud.com/enterprise/) as we offer an enterprise-ready and scalable deployment method based on Helm Charts that also allows Ingress to be used. From 8a3befadddb10a272a2970093d05db8e951720e8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Oct 2025 14:04:50 +0000 Subject: [PATCH 026/432] build(deps): bump actions/upload-artifact in /.github/workflows Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 5. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/playwright.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/playwright.yml b/.github/workflows/playwright.yml index 9de89243..8c7b0a93 100644 --- a/.github/workflows/playwright.yml +++ b/.github/workflows/playwright.yml @@ -82,7 +82,7 @@ jobs: exit 1 fi - - uses: actions/upload-artifact@v4 + - uses: actions/upload-artifact@v5 if: ${{ !cancelled() }} with: name: playwright-report From 6c3f2e41ff4b2673ba464e1d84daedade1750879 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 27 Oct 2025 18:23:21 +0100 Subject: [PATCH 027/432] add DeepWiki badge to auto-refresh the wiki Signed-off-by: Simon L. --- readme.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/readme.md b/readme.md index 9dfc2e77..80f8808c 100644 --- a/readme.md +++ b/readme.md @@ -1143,3 +1143,11 @@ AIO ships its own update notifications implementation. It checks if container up ### Huge docker logs If you should run into issues with huge docker logs, you can adjust the log size by following https://docs.docker.com/config/containers/logging/local/#usage. However for the included AIO containers, this should usually not be needed because almost all of them have the log level set to warn so they should not produce many logs. + +
+ +Badges + +[![Ask DeepWiki](https://deepwiki.com/badge.svg)](https://deepwiki.com/nextcloud/all-in-one) + +
From 68edc82bf4ac950f4c51cfff3dd00508a582ba45 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 29 Oct 2025 13:30:43 +0100 Subject: [PATCH 028/432] watchtower: revert to building watchtower manually Signed-off-by: Simon L. --- .github/workflows/watchtower-update.yml | 36 +++++++++++++++++++++++++ Containers/watchtower/Dockerfile | 12 +++++++-- 2 files changed, 46 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/watchtower-update.yml diff --git a/.github/workflows/watchtower-update.yml b/.github/workflows/watchtower-update.yml new file mode 100644 index 00000000..329cd284 --- /dev/null +++ b/.github/workflows/watchtower-update.yml @@ -0,0 +1,36 @@ +name: watchtower-update + +on: + workflow_dispatch: + schedule: + - cron: '00 12 * * *' + +jobs: + watchtower-update: + name: update watchtower + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v5 + - name: Run watchtower-container-update + run: | + # Watchtower + watchtower_version="$( + git ls-remote https://github.com/nicholas-fedor/watchtower v* \ + | cut -d/ -f3 \ + | sort -V \ + | grep -E "^v[0-9\.]+$" \ + | tail -1 + )" + watchtower_commit_hash="$(git ls-remote https://github.com/nicholas-fedor/watchtower $watchtower_version | sed 's/refs.*//')" + sed -i "s|^ENV WATCHTOWER_COMMIT_HASH.*$|ENV WATCHTOWER_COMMIT_HASH=$watchtower_commit_hash # $watchtower_version|" ./Containers/watchtower/Dockerfile + + - name: Create Pull Request + uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7 + with: + commit-message: watchtower-update automated change + signoff: true + title: watchtower container update + body: Automated watchtower container update + labels: dependencies, 3. to review + milestone: next + branch: watchtower-container-update diff --git a/Containers/watchtower/Dockerfile b/Containers/watchtower/Dockerfile index c2b38b18..e3858248 100644 --- a/Containers/watchtower/Dockerfile +++ b/Containers/watchtower/Dockerfile @@ -1,5 +1,13 @@ # syntax=docker/dockerfile:latest -FROM ghcr.io/nicholas-fedor/watchtower:1.12.1 AS watchtower +FROM golang:1.25.3-alpine3.22 AS go + +ENV WATCHTOWER_COMMIT_HASH=v1.12.1 + +RUN set -ex; \ + apk upgrade --no-cache -a; \ + apk add --no-cache \ + build-base; \ + go install github.com/nicholas-fedor/watchtower@$WATCHTOWER_COMMIT_HASH; FROM alpine:3.22.2 @@ -7,7 +15,7 @@ RUN set -ex; \ apk upgrade --no-cache -a; \ apk add --no-cache bash ca-certificates tzdata -COPY --from=watchtower /watchtower /watchtower +COPY --from=go /go/bin/watchtower /watchtower COPY --chmod=775 start.sh /start.sh From e2614defe02501dffb0a13aac067c7beba16b663 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 29 Oct 2025 14:54:36 +0100 Subject: [PATCH 029/432] helm: adjust externalTrafficPolicy to Local only for apache container Signed-off-by: Simon L. --- nextcloud-aio-helm-chart/update-helm.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nextcloud-aio-helm-chart/update-helm.sh b/nextcloud-aio-helm-chart/update-helm.sh index 80882854..9c249cb1 100755 --- a/nextcloud-aio-helm-chart/update-helm.sh +++ b/nextcloud-aio-helm-chart/update-helm.sh @@ -252,7 +252,7 @@ find ./ -name '*talk-service.yaml' -exec grep -v '{{ .Values.TALK.*}}\|protocol: # shellcheck disable=SC1083 find ./ -name '*talk-service.yaml' -exec mv /tmp/talk-service.copy \{} \; # shellcheck disable=SC1083 -find ./ -name '*service.yaml' -exec sed -i "/type: LoadBalancer/a\ \ externalTrafficPolicy: Local" \{} \; +find ./ -name '*apache-service.yaml' -exec sed -i "/type: LoadBalancer/a\ \ externalTrafficPolicy: Local" \{} \; # shellcheck disable=SC1083 find ./ -name '*service.yaml' -exec sed -i "/^spec:/a\ \ ipFamilyPolicy: PreferDualStack" \{} \; # shellcheck disable=SC1083 From 5289da58d6ac876321dc5af032ee7efc8c0887ed Mon Sep 17 00:00:00 2001 From: Josh Date: Thu, 30 Oct 2025 14:34:46 -0400 Subject: [PATCH 030/432] docs: further enhance reverse proxy / secure tunnel docs Further updated the guide to clarify the use of reverse proxies and secure tunnels with Nextcloud AIO. Signed-off-by: Josh --- reverse-proxy.md | 159 ++++++++++++++++++++++++++++++++++------------- 1 file changed, 115 insertions(+), 44 deletions(-) diff --git a/reverse-proxy.md b/reverse-proxy.md index 8cf0bb74..b1eb353c 100644 --- a/reverse-proxy.md +++ b/reverse-proxy.md @@ -2,88 +2,150 @@ ## Introduction -This guide explains how to connect to Nextcloud AIO securely via HTTPS (TLS) using a reverse proxy or a secure tunnel/proxying platform. It covers: +This guide explains how to connect to Nextcloud AIO securely via HTTPS (TLS) using a reverse proxy or a secure tunneling platform. It covers several potential scenarios: -- Integrated: AIO's internal reverse proxy -- External: an external reverse proxy such as Caddy or Nginx -- Secure tunnel: a Zero Trust Network Access platform such as Tailscale or Cloudflare Tunnel +- **Integrated**: AIO's built-in reverse proxy with automatic HTTPS +- **External**: An external reverse proxy (such as Caddy or Nginx or Cloudflare Proxy) +- **Secure tunnel**: Tunneling services for private network access or public access without port forwarding (such as Tailscale Serve or Cloudflare Tunnel) + +## Choosing Your Approach > [!TIP] > If AIO's internal reverse proxy meets your needs, you may not need to set up your own reverse proxy. See the next section to assess whether this is the case. > [!NOTE] -> If your goal is to use AIO purely locally, refer to the [Local instance documentation](https://github.com/nextcloud/all-in-one/blob/main/local-instance.md). +> If your goal is to use AIO purely locally, refer to the [Local instance documentation](https://github.com/nextcloud/all-in-one/blob/main/local-instance.md). Local instance setups don't require domain validation. + +### When to use each approach + +| Approach | Best for | Requirements | Inbound Ports Required | +|----------|----------|--------------|---------------| +| **Integrated** | Simple setups, single service on port 443 | Public IP, dedicated port 443 | Yes (443) | +| **External Reverse Proxy** (including Cloudflare Proxy) | Multiple services, existing web server, or users wanting DDoS protection | Existing reverse proxy, willingness to set one up, or Cloudflare account | Yes (443) | +| **Cloudflare Tunnel** | No port forwarding possible/desired, public access | Cloudflare account | No | +| **Tailscale Serve** | Private access (tailnet only) | Tailscale account | No | +| **Tailscale Funnel** | Public access via Tailscale | Tailscale account | No | + +## Implementation Details ### Integrated: Using AIO's internal reverse proxy with built-in HTTPS support Nextcloud AIO is secured with TLS (HTTPS) out of the box via its internal reverse proxy. The integrated HTTPS support works well if your goal is to make AIO accessible from the public Internet and to ensure all traffic is encrypted with HTTPS. Requirements: -- A public IP address (it does **not** need to be a dedicated public IP). -- Port `443/tcp` on that IP must be dedicated to AIO, and port 443 must be opened/forwarded on the internet-facing firewall/router to the AIO host.[^talkPort] +- A public IP address that is reachable from the Internet (it does **not** need to be static, but it must not be behind carrier-grade NAT, which some ISPs use to share IP addresses among multiple customers). +- Port `443/tcp` on that IP must be available for AIO's exclusive use, and it must be opened/forwarded on your internet-facing firewall/router to the AIO host.[^talkPort] -**If AIO's integrated HTTPS support and internal reverse proxy meet your requirements, you do not need to proceed further — follow the [standard Nextcloud AIO instructions](https://github.com/nextcloud/all-in-one?tab=readme-ov-file#how-to-use-this) instead.**. +**If AIO's integrated HTTPS support and internal reverse proxy meet your requirements, you do not need to proceed further. Follow the [standard Nextcloud AIO instructions](https://github.com/nextcloud/all-in-one?tab=readme-ov-file#how-to-use-this).** -### External: Using AIO with an external reverse proxy (e.g., *Caddy, Nginx*) +### External: Using AIO with an external reverse proxy (e.g., *Caddy, Nginx, Cloudflare Proxy*) + +**When you use an external reverse proxy, you disable AIO's built-in HTTPS support** because your reverse proxy will handle HTTPS/TLS certificates and encryption instead. This approach is necessary when: +- Port 443 is already in use by another service +- You want to run multiple web services on the same IP address +- You already have an existing reverse proxy infrastructure A reverse proxy (or a web server acting as a reverse proxy) enables multiple web applications to share the same IP address and/or port (for example `443/tcp`) by directing traffic based on each application's hostname (often called "virtual hosts"). Incoming requests reach the reverse proxy and are then forwarded to the appropriate internal IP address, port, or container based on the requested hostname. +**Types of external reverse proxies:** +- **Self-hosted** (Caddy, Nginx, Apache, Traefik, HAProxy, etc.) - You manage the reverse proxy on your own server or separate server +- **Cloudflare Proxy** (orange-clouded DNS) - Cloudflare provides the reverse proxy at their edge network with DDoS protection and CDN benefits. This is distinct from Cloudflare Tunnel, though Tunnel can optionally use these proxy features when publishing routes. + Most notably, an external reverse proxy allows you to: - share one external IP address among multiple hostnames/web applications, and - use a different internal port than the externally used port. Using an existing external reverse proxy is required in particular if port `443/tcp` on your public IP is already in use by another web application or by an existing web server/reverse proxy (for example Caddy or Nginx). +> [!NOTE] +> Cloudflare **Tunnel** and Cloudflare **Proxy** are different approaches: +> - **Cloudflare Tunnel** doesn't require opening any inbound ports on your firewall. +> - **Cloudflare Proxy** still requires port 443 exposed on your server. + > [!TIP] > Examples of web servers or reverse proxies you might already be running include Apache, Caddy, Nginx, Traefik, and HAProxy — but only if they are bound to port `443/tcp` on the IP address you plan to associate with AIO. > [!NOTE] -> An external reverse proxy can also facilitate other routing approaches (for example shared-hostname / subfolder-based routing), but Nextcloud AIO only supports webroot-based (non-shared-hostname) access, so those scenarios are not applicable here.[^shared] +> An external reverse proxy can also facilitate other routing approaches, but Nextcloud AIO only supports having its own dedicated hostname (e.g., `cloud.example.com`). You cannot run it in a subfolder like `example.com/nextcloud/`.[^shared] -### Secure tunnel: Using AIO with a Zero Trust Network Access platform (*Tailscale, Cloudflare*) +### Secure tunnel: Using AIO with a secure tunneling service (*Tailscale, Cloudflare*) -Cloudflare and Tailscale provide Zero Trust Network Access services. For AIO we are primarily concerned with: +Cloudflare and Tailscale offer secure tunneling services that let you access your Nextcloud without opening ports on your firewall. -- Cloudflare Tunnel / Cloudflare Proxy -- Tailscale Serve / Tailscale Funnel +#### Private network access + +For Nextcloud AIO, you can use: +- **Cloudflare Tunnel (`cloudflared`)** - Secure outbound-only tunnels that don't require exposing ports +- **Tailscale Serve** - Expose services privately on your Tailscale network (tailnet only) + +Both options provide private network access to your Nextcloud AIO instance. + +#### Public Internet access (without port forwarding) + +To make your Nextcloud AIO instance accessible from the public Internet (not just your private network), you can use: +- **Cloudflare Tunnel** with public routes enabled (which combines Cloudflare Tunnel with Cloudflare's proxy features) +- **Tailscale Funnel** - Expose services to the public Internet via Tailscale's infrastructure + +**Comparison of Cloudflare and Tailscale options:** + +| Feature | Access Scope | Inbound Ports Required | Use Case | +|---------|--------------|----------------|----------| +| **Cloudflare Tunnel** | Public Internet | None | Public access without port forwarding | +| **Tailscale Serve** | Your Tailscale network only | None | Private access for you and invited users | +| **Tailscale Funnel** | Public Internet | None | Public access through Tailscale | > [!TIP] > Because of how [Cloudflare's Tunnel/Proxy operate](https://github.com/nextcloud/all-in-one/tree/main?tab=readme-ov-file#notes-on-cloudflare-proxytunnel), we recommend using Tailscale with Nextcloud when possible. Tailscale typically offers better performance and fewer trade-offs/limitations for Nextcloud. +> +> **For private/personal use**: [Tailscale Serve](https://tailscale.com/kb/1312/serve) is ideal - it keeps your Nextcloud completely private to your tailnet. +> +> **For public access without port forwarding**: Use [Tailscale Funnel](https://tailscale.com/kb/1223/funnel). -## Deployment +## Configuration and Deployment + +> [!NOTE] +> These instructions assume you already have a domain name pointing to your server's public IP address. If you don't have a domain yet, see the recommendations below. ### Quick overview -To run Nextcloud AIO behind an external reverse proxy or secure tunneling/proxying service (instead of using AIO's integrated reverse proxy), you need to: +To run Nextcloud AIO behind an external reverse proxy or secure tunneling/proxying service (instead of using AIO's integrated reverse proxy), the basic process is: -1. Add a specific configuration to your web server or reverse proxy. See ["Configuring your reverse proxy"](#1-configure-the-reverse-proxy) below. -2. Specify the port that AIO's integrated Apache container will use via the environment variable `APACHE_PORT`. The Apache container runs in its own container and publishes that port on the host — update the `docker run` command (or your Compose file) accordingly. See ["Use this startup command"](#2-use-this-startup-command) below. -3. Open the AIO interface at port `8080` and enter and validate your domain. See ["Open the AIO interface"](#4-open-the-aio-interface) below. +1. Configure your web server or reverse proxy with the specific settings for AIO. +2. Specify the port that AIO's integrated Apache container will use. +3. Open the AIO interface and validate your domain. -Don't worry if these steps are not clear yet — each is expanded on in the sections below. +The sections below provide detailed instructions for each step. > [!TIP] -> If you don't have a domain yet, we recommend [an approach using Tailscale](https://github.com/nextcloud/all-in-one/discussions/6817). If you don't have an external reverse proxy yet, we recommend [Caddy](https://github.com/nextcloud/all-in-one/discussions/575). +> If you don't have a domain yet, we recommend using [an approach using Tailscale](https://github.com/nextcloud/all-in-one/discussions/6817). If you don't have an external reverse proxy yet, we recommend [Caddy](https://github.com/nextcloud/all-in-one/discussions/575). -### Getting Started +### Step-by-Step Instructions -The process to run Nextcloud behind a reverse proxy consists of at least steps 1, 2 and 4: -1. **Configure the reverse proxy! See [point 1](#1-configure-the-reverse-proxy)** -1. **Use this startup command! See [point 2](#2-use-this-startup-command)** -1. Optional: if the reverse proxy is installed on the same host and in the host network, you should limit the apache container to only listen on localhost. See [point 3](#3-limit-the-access-to-the-apache-container) -1. **Open the AIO interface. See [point 4](#4-open-the-aio-interface)** -1. Optional: if the reverse proxy is outside the host network, configure AIO to trust it. See [point 5](#5-optional-configure-aio-for-reverse-proxies-that-connect-to-nextcloud-using-an-ip-address-and-not-localhost-nor-127001) -1. Optional: get a valid certificate for the AIO interface! See [point 6](#6-optional-get-a-valid-certificate-for-the-aio-interface) -1. Optional: how to debug things? See [point 7](#7-how-to-debug-things) +The process to run Nextcloud AIO behind a reverse proxy has three required steps and three optional steps: -> [!Note] +**Required steps:** +1. **Configure** your web server or reverse proxy with the specific settings for AIO. See ["Configuring your reverse proxy"](#1-configure-the-reverse-proxy) below. +2. **Specify** the port that AIO's integrated Apache container will use via the environment variable `APACHE_PORT`, and update the `docker run` command or your Compose file accordingly. See ["Use this startup command"](#2-use-this-startup-command) below. + - *Optional*: Limit the access to the Apache container. See ["Limit the access to the Apache container"](#3-limit-the-access-to-the-apache-container). +3. **Open** the AIO interface at port `8080`, enter your domain, and validate it. See ["Open the AIO interface"](#4-open-the-aio-interface) below. + +**Optional steps:** + +4. Configure additional settings if your reverse proxy uses an IP address to connect to AIO. See ["Configure AIO for IP-based reverse proxies"](#5-optional-configure-aio-for-reverse-proxies-that-connect-to-nextcloud-using-an-ip-address-and-not-localhost-nor-127001). +5. Get a valid certificate for the AIO interface. See ["Get a valid certificate for the AIO interface"](#6-optional-get-a-valid-certificate-for-the-aio-interface). +6. Debug things if needed. See ["How to debug things"](#7-how-to-debug-things). + +> [!NOTE] > If you run into troubles, see [the debug section](#7-how-to-debug-things). > [!IMPORTANT] -> If you need HTTPS between Nextcloud and the reverse proxy because it is running on a different server in the same network, simply add another reverse proxy to the chain that runs on the same server like AIO and takes care of HTTPS proxying (most likely via self-signed certificates). Another option would be to create a VPN between the server that runs AIO and the server that runs the reverse proxy which takes care of encrypting the connection. +> If you need HTTPS between Nextcloud and the reverse proxy (because the reverse proxy runs on a different server), you have two options: +> +> 1. **Add a local reverse proxy**: Install another reverse proxy on the same server as AIO to handle HTTPS (typically with self-signed certificates) +> 2. **Use a VPN**: Create a VPN tunnel between the AIO server and the reverse proxy server to encrypt the connection > [!NOTE] -> Since the Apache container gets created by the mastercontainer, there is **NO** way to provide custom docker labels or custom environmental variables for the Apache container. So please do not attempt to do this because it will fail! +> Since the Apache container gets created by the mastercontainer, there is **NO** way to provide custom Docker labels or custom environmental variables for the Apache container. So please do not attempt to do this because it will fail! ### 1. Configure the reverse proxy @@ -673,6 +735,26 @@ See these screenshots for a working config: +##### Tailscale (Serve) + +
+ +Click here to expand + +Tailscale can be used to provide private access to your Nextcloud AIO instance without opening ports on your firewall. With **Tailscale Serve**, your Nextcloud is accessible only to devices on your Tailscale network (tailnet) via a secure HTTPS domain. + +For a detailed setup guide using Tailscale Serve with Nextcloud AIO, see this guide by [@Perseus333](https://github.com/Perseus333): https://github.com/nextcloud/all-in-one/discussions/6817 + +The guide covers: +- Setting up system-wide (non-containerized) Tailscale as a reverse proxy +- Configuring Nextcloud AIO to work with Tailscale Serve +- Using Tailscale's MagicDNS to provide automatic HTTPS certificates +- Private access via your tailnet (e.g., `yourserver.tail0a12b3.ts.net`) + +⚠️ **Please note:** This guide covers **Tailscale Serve** for private tailnet access. If you need public Internet access, consider using **Tailscale Funnel**. + +
+ ##### Traefik 2
@@ -921,17 +1003,6 @@ Add the following `web.config` file to the root of the site you created as the r
-##### Tailscale - -
- -click here to expand - -For a reverse proxy example guide for Tailscale, see this guide by [@Perseus333](https://github.com/Perseus333): https://github.com/nextcloud/all-in-one/discussions/6817 - -
- - ##### Others
From 727d0d03db4d59fe6425c01f812c2f9a4af65dc6 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Fri, 31 Oct 2025 12:03:38 +0000 Subject: [PATCH 031/432] php dependency updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- php/composer.lock | 48 +++++++++++++++++++++++------------------------ 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/php/composer.lock b/php/composer.lock index 09f93f25..93aeefab 100644 --- a/php/composer.lock +++ b/php/composer.lock @@ -1646,16 +1646,16 @@ }, { "name": "twig/twig", - "version": "v3.21.1", + "version": "v3.22.0", "source": { "type": "git", "url": "https://github.com/twigphp/Twig.git", - "reference": "285123877d4dd97dd7c11842ac5fb7e86e60d81d" + "reference": "4509984193026de413baf4ba80f68590a7f2c51d" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/twigphp/Twig/zipball/285123877d4dd97dd7c11842ac5fb7e86e60d81d", - "reference": "285123877d4dd97dd7c11842ac5fb7e86e60d81d", + "url": "https://api.github.com/repos/twigphp/Twig/zipball/4509984193026de413baf4ba80f68590a7f2c51d", + "reference": "4509984193026de413baf4ba80f68590a7f2c51d", "shasum": "" }, "require": { @@ -1709,7 +1709,7 @@ ], "support": { "issues": "https://github.com/twigphp/Twig/issues", - "source": "https://github.com/twigphp/Twig/tree/v3.21.1" + "source": "https://github.com/twigphp/Twig/tree/v3.22.0" }, "funding": [ { @@ -1721,7 +1721,7 @@ "type": "tidelift" } ], - "time": "2025-05-03T07:21:55+00:00" + "time": "2025-10-29T15:56:47+00:00" } ], "packages-dev": [ @@ -3883,16 +3883,16 @@ }, { "name": "symfony/console", - "version": "v6.4.26", + "version": "v6.4.27", "source": { "type": "git", "url": "https://github.com/symfony/console.git", - "reference": "492de6dfd93910d7d7a729c5a04ddcd2b9e99c4f" + "reference": "13d3176cf8ad8ced24202844e9f95af11e2959fc" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/console/zipball/492de6dfd93910d7d7a729c5a04ddcd2b9e99c4f", - "reference": "492de6dfd93910d7d7a729c5a04ddcd2b9e99c4f", + "url": "https://api.github.com/repos/symfony/console/zipball/13d3176cf8ad8ced24202844e9f95af11e2959fc", + "reference": "13d3176cf8ad8ced24202844e9f95af11e2959fc", "shasum": "" }, "require": { @@ -3957,7 +3957,7 @@ "terminal" ], "support": { - "source": "https://github.com/symfony/console/tree/v6.4.26" + "source": "https://github.com/symfony/console/tree/v6.4.27" }, "funding": [ { @@ -3977,7 +3977,7 @@ "type": "tidelift" } ], - "time": "2025-09-26T12:13:46+00:00" + "time": "2025-10-06T10:25:16+00:00" }, { "name": "symfony/filesystem", @@ -4051,16 +4051,16 @@ }, { "name": "symfony/finder", - "version": "v6.4.24", + "version": "v6.4.27", "source": { "type": "git", "url": "https://github.com/symfony/finder.git", - "reference": "73089124388c8510efb8d2d1689285d285937b08" + "reference": "a1b6aa435d2fba50793b994a839c32b6064f063b" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/finder/zipball/73089124388c8510efb8d2d1689285d285937b08", - "reference": "73089124388c8510efb8d2d1689285d285937b08", + "url": "https://api.github.com/repos/symfony/finder/zipball/a1b6aa435d2fba50793b994a839c32b6064f063b", + "reference": "a1b6aa435d2fba50793b994a839c32b6064f063b", "shasum": "" }, "require": { @@ -4095,7 +4095,7 @@ "description": "Finds files and directories via an intuitive fluent interface", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/finder/tree/v6.4.24" + "source": "https://github.com/symfony/finder/tree/v6.4.27" }, "funding": [ { @@ -4115,7 +4115,7 @@ "type": "tidelift" } ], - "time": "2025-07-15T12:02:45+00:00" + "time": "2025-10-15T18:32:00+00:00" }, { "name": "symfony/polyfill-intl-grapheme", @@ -4724,16 +4724,16 @@ }, { "name": "webmozart/assert", - "version": "1.12.0", + "version": "1.12.1", "source": { "type": "git", "url": "https://github.com/webmozarts/assert.git", - "reference": "541057574806f942c94662b817a50f63f7345360" + "reference": "9be6926d8b485f55b9229203f962b51ed377ba68" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/webmozarts/assert/zipball/541057574806f942c94662b817a50f63f7345360", - "reference": "541057574806f942c94662b817a50f63f7345360", + "url": "https://api.github.com/repos/webmozarts/assert/zipball/9be6926d8b485f55b9229203f962b51ed377ba68", + "reference": "9be6926d8b485f55b9229203f962b51ed377ba68", "shasum": "" }, "require": { @@ -4776,9 +4776,9 @@ ], "support": { "issues": "https://github.com/webmozarts/assert/issues", - "source": "https://github.com/webmozarts/assert/tree/1.12.0" + "source": "https://github.com/webmozarts/assert/tree/1.12.1" }, - "time": "2025-10-20T12:43:39+00:00" + "time": "2025-10-29T15:56:20+00:00" } ], "aliases": [], From f88e4aef373c9a151a6181176a831c72a1c9faa7 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Fri, 31 Oct 2025 12:25:33 +0000 Subject: [PATCH 032/432] Helm Chart updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- nextcloud-aio-helm-chart/Chart.yaml | 2 +- .../templates/nextcloud-aio-apache-deployment.yaml | 2 +- .../templates/nextcloud-aio-clamav-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-collabora-deployment.yaml | 2 +- .../templates/nextcloud-aio-database-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-fulltextsearch-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-imaginary-deployment.yaml | 2 +- .../templates/nextcloud-aio-nextcloud-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-notify-push-deployment.yaml | 2 +- .../templates/nextcloud-aio-onlyoffice-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-redis-deployment.yaml | 2 +- .../templates/nextcloud-aio-talk-deployment.yaml | 2 +- .../templates/nextcloud-aio-talk-recording-deployment.yaml | 2 +- .../templates/nextcloud-aio-talk-service.yaml | 1 - .../templates/nextcloud-aio-whiteboard-deployment.yaml | 2 +- 15 files changed, 19 insertions(+), 20 deletions(-) diff --git a/nextcloud-aio-helm-chart/Chart.yaml b/nextcloud-aio-helm-chart/Chart.yaml index 6eb13d92..0b10dd4d 100755 --- a/nextcloud-aio-helm-chart/Chart.yaml +++ b/nextcloud-aio-helm-chart/Chart.yaml @@ -1,6 +1,6 @@ name: nextcloud-aio-helm-chart description: A generated Helm Chart for Nextcloud AIO from Skippbox Kompose -version: 11.10.0 +version: 11.11.0 apiVersion: v2 keywords: - latest diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml index 4196cb99..3388c1d7 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml @@ -61,7 +61,7 @@ spec: value: "{{ .Values.TIMEZONE }}" - name: WHITEBOARD_HOST value: nextcloud-aio-whiteboard - image: ghcr.io/nextcloud-releases/aio-apache:20251015_082711 + image: ghcr.io/nextcloud-releases/aio-apache:20251031_122139 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml index 9f8dda8d..35b30e41 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml @@ -36,7 +36,7 @@ spec: {{- end }} initContainers: - name: init-subpath - image: ghcr.io/nextcloud-releases/aio-alpine:20251015_082711 + image: ghcr.io/nextcloud-releases/aio-alpine:20251031_122139 command: - mkdir - "-p" @@ -59,7 +59,7 @@ spec: value: "{{ .Values.NEXTCLOUD_UPLOAD_LIMIT }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-clamav:20251015_082711 + image: ghcr.io/nextcloud-releases/aio-clamav:20251031_122139 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml index 5db29234..449a24fc 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml @@ -35,7 +35,7 @@ spec: value: --o:ssl.enable=false --o:ssl.termination=true --o:mount_jail_tree=false --o:logging.level=warning --o:logging.level_startup=warning --o:home_mode.enable=true --o:remote_font_config.url=https://{{ .Values.NC_DOMAIN }}/apps/richdocuments/settings/fonts.json --o:net.post_allow.host[0]=.+ - name: server_name value: "{{ .Values.NC_DOMAIN }}" - image: ghcr.io/nextcloud-releases/aio-collabora:20251015_082711 + image: ghcr.io/nextcloud-releases/aio-collabora:20251031_122139 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml index 8466fe03..6f08b4a6 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml @@ -35,7 +35,7 @@ spec: {{- end }} initContainers: - name: init-subpath - image: ghcr.io/nextcloud-releases/aio-alpine:20251015_082711 + image: ghcr.io/nextcloud-releases/aio-alpine:20251031_122139 command: - mkdir - "-p" @@ -64,7 +64,7 @@ spec: value: nextcloud - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-postgresql:20251015_082711 + image: ghcr.io/nextcloud-releases/aio-postgresql:20251031_122139 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml index 5b9ef69f..49dc3d34 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml @@ -24,7 +24,7 @@ spec: spec: initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20251015_082711 + image: ghcr.io/nextcloud-releases/aio-alpine:20251031_122139 command: - chmod - "777" @@ -54,7 +54,7 @@ spec: value: basic - name: xpack.security.enabled value: "false" - image: ghcr.io/nextcloud-releases/aio-fulltextsearch:20251015_082711 + image: ghcr.io/nextcloud-releases/aio-fulltextsearch:20251031_122139 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml index 84ea42e6..4956ed71 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml @@ -38,7 +38,7 @@ spec: value: "{{ .Values.IMAGINARY_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-imaginary:20251015_082711 + image: ghcr.io/nextcloud-releases/aio-imaginary:20251031_122139 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml index c6559fbd..49f2bd53 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml @@ -38,7 +38,7 @@ spec: # AIO settings start # Do not remove or change this line! initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20251015_082711 + image: ghcr.io/nextcloud-releases/aio-alpine:20251031_122139 command: - chmod - "777" @@ -188,7 +188,7 @@ spec: value: "{{ .Values.WHITEBOARD_ENABLED }}" - name: WHITEBOARD_SECRET value: "{{ .Values.WHITEBOARD_SECRET }}" - image: ghcr.io/nextcloud-releases/aio-nextcloud:20251015_082711 + image: ghcr.io/nextcloud-releases/aio-nextcloud:20251031_122139 {{- if eq (.Values.RPSS_ENABLED | default "no") "yes" }} # AIO-config - do not change this comment! securityContext: # The items below only work in container context diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml index dac83c98..b93283e7 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml @@ -55,7 +55,7 @@ spec: value: "{{ .Values.REDIS_PASSWORD }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-notify-push:20251015_082711 + image: ghcr.io/nextcloud-releases/aio-notify-push:20251031_122139 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml index 98f75058..c30f6a0e 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml @@ -24,7 +24,7 @@ spec: spec: initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20251015_082711 + image: ghcr.io/nextcloud-releases/aio-alpine:20251031_122139 command: - chmod - "777" @@ -42,7 +42,7 @@ spec: value: "{{ .Values.ONLYOFFICE_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-onlyoffice:20251015_082711 + image: ghcr.io/nextcloud-releases/aio-onlyoffice:20251031_122139 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml index 61938748..2d5da82d 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml @@ -39,7 +39,7 @@ spec: value: "{{ .Values.REDIS_PASSWORD }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-redis:20251015_082711 + image: ghcr.io/nextcloud-releases/aio-redis:20251031_122139 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml index aa078677..b6f2e489 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml @@ -52,7 +52,7 @@ spec: value: "{{ .Values.TURN_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-talk:20251015_082711 + image: ghcr.io/nextcloud-releases/aio-talk:20251031_122139 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml index 27a50beb..e0902a0f 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml @@ -44,7 +44,7 @@ spec: value: "{{ .Values.RECORDING_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-talk-recording:20251015_082711 + image: ghcr.io/nextcloud-releases/aio-talk-recording:20251031_122139 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-service.yaml index 675a2729..10d17177 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-service.yaml @@ -12,7 +12,6 @@ metadata: spec: ipFamilyPolicy: PreferDualStack type: LoadBalancer - externalTrafficPolicy: Local ports: - name: "{{ .Values.TALK_PORT }}" port: {{ .Values.TALK_PORT }} diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml index 08d3fcca..28c05cab 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml @@ -48,7 +48,7 @@ spec: value: redis - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-whiteboard:20251015_082711 + image: ghcr.io/nextcloud-releases/aio-whiteboard:20251031_122139 readinessProbe: exec: command: From 3475a7b5d3eca296046351b967c6ea0f0987c2e8 Mon Sep 17 00:00:00 2001 From: "Ruben D." Date: Fri, 24 Oct 2025 20:53:55 +0200 Subject: [PATCH 033/432] Change Milter OnInfected action to Reject Signed-off-by: Ruben D. --- Containers/clamav/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Containers/clamav/Dockerfile b/Containers/clamav/Dockerfile index 81db262f..94d39b67 100644 --- a/Containers/clamav/Dockerfile +++ b/Containers/clamav/Dockerfile @@ -17,6 +17,7 @@ RUN set -ex; \ sed -i "s|Example| |g" /etc/clamav/clamav-milter.conf; \ sed -i "s|#\?MilterSocket inet:7357|MilterSocket inet:7357|g" /etc/clamav/clamav-milter.conf; \ sed -i "s|#\?ClamdSocket unix:/run/clamav/clamd.sock|ClamdSocket unix:/tmp/clamd.sock|g" /etc/clamav/clamav-milter.conf; \ + sed -i "s|#\?OnInfected Quarantine|OnInfected Reject|g" /etc/clamav/clamav-milter.conf; \ sed -i "s|#\?AddHeader Replace|AddHeader Add|g" /etc/clamav/clamav-milter.conf; \ sed -i "s|#\?Foreground yes|Foreground yes|g" /etc/clamav/clamav-milter.conf From f07b015a4170548d420b0903537f4ee72146bac7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 4 Nov 2025 04:13:53 +0000 Subject: [PATCH 034/432] build(deps): bump redis in /Containers/redis Bumps redis from 7.2.11-alpine to 7.2.12-alpine. --- updated-dependencies: - dependency-name: redis dependency-version: 7.2.12-alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/redis/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/redis/Dockerfile b/Containers/redis/Dockerfile index 8cb0f973..a44295de 100644 --- a/Containers/redis/Dockerfile +++ b/Containers/redis/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # From https://github.com/docker-library/redis/blob/master/7.2/alpine/Dockerfile -FROM redis:7.2.11-alpine +FROM redis:7.2.12-alpine COPY --chmod=775 start.sh /start.sh From 1f6c30b93aa830dd609116b566c71e60a5c57a22 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 4 Nov 2025 04:14:11 +0000 Subject: [PATCH 035/432] build(deps): bump nextcloud-releases/whiteboard Bumps nextcloud-releases/whiteboard from v1.4.0 to v1.4.1. --- updated-dependencies: - dependency-name: nextcloud-releases/whiteboard dependency-version: v1.4.1 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Containers/whiteboard/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/whiteboard/Dockerfile b/Containers/whiteboard/Dockerfile index f90dfdee..90aa72f2 100644 --- a/Containers/whiteboard/Dockerfile +++ b/Containers/whiteboard/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Probably from this file: https://github.com/nextcloud/whiteboard/blob/main/Dockerfile -FROM ghcr.io/nextcloud-releases/whiteboard:v1.4.0 +FROM ghcr.io/nextcloud-releases/whiteboard:v1.4.1 USER root RUN set -ex; \ From 74933c6b83f1231c6439d766347a947ca9c5b322 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 4 Nov 2025 13:42:05 +0100 Subject: [PATCH 036/432] update redis to v8.x Signed-off-by: Simon L. --- Containers/redis/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Containers/redis/Dockerfile b/Containers/redis/Dockerfile index a44295de..7cc1ff84 100644 --- a/Containers/redis/Dockerfile +++ b/Containers/redis/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest -# From https://github.com/docker-library/redis/blob/master/7.2/alpine/Dockerfile -FROM redis:7.2.12-alpine +# From https://github.com/redis/docker-library-redis/blob/release/8.2/alpine/Dockerfile +FROM redis:8.2.3-alpine COPY --chmod=775 start.sh /start.sh From abf0bbc43157748c8372b37d3bff0f43cb213921 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 4 Nov 2025 13:44:33 +0100 Subject: [PATCH 037/432] dependabot: update redis also to new minor versions Signed-off-by: Simon L. --- .github/dependabot.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 0caaabfb..f79c4ce2 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -55,6 +55,6 @@ updates: - dependency-name: "postgres" update-types: ["version-update:semver-major"] - dependency-name: "redis" - update-types: ["version-update:semver-major", "version-update:semver-minor"] + update-types: ["version-update:semver-major"] - dependency-name: "elasticsearch" update-types: ["version-update:semver-major"] From 0ee5ec00366434b22269a13216da364b18430f07 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 4 Nov 2025 13:48:39 +0100 Subject: [PATCH 038/432] docker-image-prune: only remove image with `label=org.label-schema.vendor=Nextcloud` Signed-off-by: Simon L. --- Containers/mastercontainer/cron.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/mastercontainer/cron.sh b/Containers/mastercontainer/cron.sh index fc8c4081..5829d8da 100644 --- a/Containers/mastercontainer/cron.sh +++ b/Containers/mastercontainer/cron.sh @@ -60,7 +60,7 @@ while true; do fi # Remove dangling images - sudo -u www-data docker image prune --force + sudo -u www-data docker image prune --filter "label=org.label-schema.vendor=Nextcloud" --force # Check for available free space sudo -u www-data php /var/www/docker-aio/php/src/Cron/CheckFreeDiskSpace.php From f179e5adad0f66ebea3ec6eb5273507a8a21ceb1 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 4 Nov 2025 13:57:22 +0100 Subject: [PATCH 039/432] app: update min and max versions Signed-off-by: Simon L. --- app/appinfo/info.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/appinfo/info.xml b/app/appinfo/info.xml index 8b911c10..832d3ccd 100644 --- a/app/appinfo/info.xml +++ b/app/appinfo/info.xml @@ -13,7 +13,7 @@ monitoring https://github.com/nextcloud/all-in-one/issues - + From b10c9b74bf182448bdc0320c7036e77ec3d362b4 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 4 Nov 2025 14:00:16 +0100 Subject: [PATCH 040/432] nextcloud: update to `32.0.1` Signed-off-by: Simon L. --- Containers/nextcloud/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 35bf5b20..0617db93 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -8,7 +8,7 @@ ENV SOURCE_LOCATION=/usr/src/nextcloud ENV REDIS_DB_INDEX=0 # AIO settings start # Do not remove or change this line! -ENV NEXTCLOUD_VERSION=31.0.10 +ENV NEXTCLOUD_VERSION=32.0.1 ENV AIO_TOKEN=123456 ENV AIO_URL=localhost # AIO settings end # Do not remove or change this line! From d17ed75d6246a1d25b15bf859babb5fc361a9498 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 4 Nov 2025 14:02:37 +0100 Subject: [PATCH 041/432] aio-interface: hide upgrade notice Signed-off-by: Simon L. --- php/templates/containers.twig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/templates/containers.twig b/php/templates/containers.twig index 16a240dc..12b4d81b 100644 --- a/php/templates/containers.twig +++ b/php/templates/containers.twig @@ -36,7 +36,7 @@ {% set isBackupOrRestoreRunning = false %} {% set isApacheStarting = false %} {# Setting newMajorVersion to '' will hide corresponding options/elements, can be set to an integer like 26 in order to show corresponding elements. If set, also increase installLatestMajor in https://github.com/nextcloud/all-in-one/blob/main/php/src/Controller/DockerController.php #} - {% set newMajorVersionString = '25 Autumn' %} + {% set newMajorVersionString = '' %} {% if is_backup_container_running == true %} {% if borg_backup_mode == 'backup' or borg_backup_mode == 'restore' %} From 21fbb58c96b4cbc8315bfc4af07645b0bfec02b5 Mon Sep 17 00:00:00 2001 From: Lorenzo Moscati Date: Sat, 23 Aug 2025 01:30:20 +0200 Subject: [PATCH 042/432] Rewrite all AIO interface paths to be relative Signed-off-by: Lorenzo Moscati --- php/public/base_path.js | 3 + php/public/index.php | 6 +- .../Controller/ConfigurationController.php | 2 +- php/src/Controller/DockerController.php | 19 +++-- php/src/Controller/LoginController.php | 12 +-- php/src/Middleware/AuthMiddleware.php | 10 ++- php/templates/already-installed.twig | 6 +- php/templates/components/container-state.twig | 6 +- php/templates/containers.twig | 83 ++++++++++--------- .../includes/community-containers.twig | 2 +- .../includes/optional-containers.twig | 10 +-- php/templates/layout.twig | 4 +- php/templates/login.twig | 6 +- php/templates/setup.twig | 6 +- 14 files changed, 96 insertions(+), 79 deletions(-) create mode 100644 php/public/base_path.js diff --git a/php/public/base_path.js b/php/public/base_path.js new file mode 100644 index 00000000..67c1a4a7 --- /dev/null +++ b/php/public/base_path.js @@ -0,0 +1,3 @@ +document.addEventListener("DOMContentLoaded", function(event) { + document.getElementById("base_path") && (document.getElementById("base_path").value = window.location.pathname.slice(0, -11)); +}); \ No newline at end of file diff --git a/php/public/index.php b/php/public/index.php index aac83826..d3fbbeb9 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -178,17 +178,17 @@ $app->get('/', function (\Psr\Http\Message\RequestInterface $request, Response $ $setup = $container->get(\AIO\Data\Setup::class); if($setup->CanBeInstalled()) { return $response - ->withHeader('Location', '/setup') + ->withHeader('Location', 'setup') ->withStatus(302); } if($authManager->IsAuthenticated()) { return $response - ->withHeader('Location', '/containers') + ->withHeader('Location', 'containers') ->withStatus(302); } else { return $response - ->withHeader('Location', '/login') + ->withHeader('Location', 'login') ->withStatus(302); } }); diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index ed3be505..5727c364 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -161,7 +161,7 @@ readonly class ConfigurationController { $this->configurationManager->DeleteBorgBackupLocationVars(); } - return $response->withStatus(201)->withHeader('Location', '/'); + return $response->withStatus(201)->withHeader('Location', '.'); } catch (InvalidSettingConfigurationException $ex) { $response->getBody()->write($ex->getMessage()); return $response->withStatus(422); diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index 678bbdc9..dd6b1076 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -85,7 +85,7 @@ readonly class DockerController { public function StartBackupContainerBackup(Request $request, Response $response, array $args) : Response { $forceStopNextcloud = true; $this->startBackup($forceStopNextcloud); - return $response->withStatus(201)->withHeader('Location', '/'); + return $response->withStatus(201)->withHeader('Location', '.'); } public function startBackup(bool $forceStopNextcloud = false) : void { @@ -102,7 +102,7 @@ readonly class DockerController { public function StartBackupContainerCheck(Request $request, Response $response, array $args) : Response { $this->checkBackup(); - return $response->withStatus(201)->withHeader('Location', '/'); + return $response->withStatus(201)->withHeader('Location', '.'); } public function checkBackup() : void { @@ -132,7 +132,7 @@ readonly class DockerController { $id = 'nextcloud-aio-borgbackup'; $this->PerformRecursiveContainerStart($id); - return $response->withStatus(201)->withHeader('Location', '/'); + return $response->withStatus(201)->withHeader('Location', '.'); } public function StartBackupContainerCheckRepair(Request $request, Response $response, array $args) : Response { @@ -148,7 +148,7 @@ readonly class DockerController { $config['backup-mode'] = 'check'; $this->configurationManager->WriteConfig($config); - return $response->withStatus(201)->withHeader('Location', '/'); + return $response->withStatus(201)->withHeader('Location', '.'); } public function StartBackupContainerTest(Request $request, Response $response, array $args) : Response { @@ -163,7 +163,7 @@ readonly class DockerController { $id = 'nextcloud-aio-borgbackup'; $this->PerformRecursiveContainerStart($id); - return $response->withStatus(201)->withHeader('Location', '/'); + return $response->withStatus(201)->withHeader('Location', '.'); } public function StartContainer(Request $request, Response $response, array $args) : Response @@ -171,6 +171,7 @@ readonly class DockerController { $uri = $request->getUri(); $host = $uri->getHost(); $port = $uri->getPort(); + $path = $request->getParsedBody()['base_path']; if ($port === 8000) { error_log('The AIO_URL-port was discovered to be 8000 which is not expected. It is now set to 443.'); $port = 443; @@ -184,7 +185,7 @@ readonly class DockerController { $config = $this->configurationManager->GetConfig(); // set AIO_URL - $config['AIO_URL'] = $host . ':' . $port; + $config['AIO_URL'] = $host . ':' . $port . $path; // set wasStartButtonClicked $config['wasStartButtonClicked'] = 1; // set install_latest_major @@ -204,7 +205,7 @@ readonly class DockerController { // Temporarily disabled as it leads much faster to docker rate limits // apcu_clear_cache(); - return $response->withStatus(201)->withHeader('Location', '/'); + return $response->withStatus(201)->withHeader('Location', '.'); } public function startTopContainer(bool $pullImage) : void { @@ -223,7 +224,7 @@ readonly class DockerController { public function StartWatchtowerContainer(Request $request, Response $response, array $args) : Response { $this->startWatchtower(); - return $response->withStatus(201)->withHeader('Location', '/'); + return $response->withStatus(201)->withHeader('Location', '.'); } public function startWatchtower() : void { @@ -261,7 +262,7 @@ readonly class DockerController { $forceStopNextcloud = true; $this->PerformRecursiveContainerStop($id, $forceStopNextcloud); - return $response->withStatus(201)->withHeader('Location', '/'); + return $response->withStatus(201)->withHeader('Location', '.'); } public function stopTopContainer() : void { diff --git a/php/src/Controller/LoginController.php b/php/src/Controller/LoginController.php index 196e7138..233a795e 100644 --- a/php/src/Controller/LoginController.php +++ b/php/src/Controller/LoginController.php @@ -19,33 +19,33 @@ readonly class LoginController { public function TryLogin(Request $request, Response $response, array $args) : Response { if (!$this->dockerActionManager->isLoginAllowed()) { $response->getBody()->write("The login is blocked since Nextcloud is running."); - return $response->withHeader('Location', '/')->withStatus(422); + return $response->withHeader('Location', '.')->withStatus(422); } $password = $request->getParsedBody()['password'] ?? ''; if($this->authManager->CheckCredentials($password)) { $this->authManager->SetAuthState(true); - return $response->withHeader('Location', '/')->withStatus(201); + return $response->withHeader('Location', '.')->withStatus(201); } $response->getBody()->write("The password is incorrect."); - return $response->withHeader('Location', '/')->withStatus(422); + return $response->withHeader('Location', '.')->withStatus(422); } public function GetTryLogin(Request $request, Response $response, array $args) : Response { $token = $request->getQueryParams()['token'] ?? ''; if($this->authManager->CheckToken($token)) { $this->authManager->SetAuthState(true); - return $response->withHeader('Location', '/')->withStatus(302); + return $response->withHeader('Location', '../..')->withStatus(302); } - return $response->withHeader('Location', '/')->withStatus(302); + return $response->withHeader('Location', '../..')->withStatus(302); } public function Logout(Request $request, Response $response, array $args) : Response { $this->authManager->SetAuthState(false); return $response - ->withHeader('Location', '/') + ->withHeader('Location', '.') ->withStatus(302); } } diff --git a/php/src/Middleware/AuthMiddleware.php b/php/src/Middleware/AuthMiddleware.php index f8d44857..a54f47a6 100644 --- a/php/src/Middleware/AuthMiddleware.php +++ b/php/src/Middleware/AuthMiddleware.php @@ -27,7 +27,15 @@ readonly class AuthMiddleware { if(!in_array($request->getUri()->getPath(), $publicRoutes)) { if(!$this->authManager->IsAuthenticated()) { $status = 302; - $headers = ['Location' => '/']; + if(count(explode('/', $request->getUri()->getPath())) > 2) { + $location = '..'; + for($i = 0; $i < count(explode('/', $request->getUri()->getPath())) - 3; $i++) { + $location = $location . '/..'; + } + } else { + $location = '.'; + } + $headers = ['Location' => $location]; $response = new Response($status, $headers); return $response; } diff --git a/php/templates/already-installed.twig b/php/templates/already-installed.twig index fa18f988..e16e6792 100644 --- a/php/templates/already-installed.twig +++ b/php/templates/already-installed.twig @@ -3,11 +3,11 @@ {% block body %} {% endblock %} diff --git a/php/templates/components/container-state.twig b/php/templates/components/container-state.twig index 4cf5dd4e..8375d033 100644 --- a/php/templates/components/container-state.twig +++ b/php/templates/components/container-state.twig @@ -4,15 +4,15 @@ {% if c.GetStartingState().value == 'starting' %} {{ c.GetDisplayName() }} - (Starting) + (Starting) {% elseif c.GetRunningState().value == 'running' %} {{ c.GetDisplayName() }} - (Running) + (Running) {% else %} {{ c.GetDisplayName() }} - (Stopped) + (Stopped) {% endif %} {% if c.GetDocumentation() != '' %} (docs) diff --git a/php/templates/containers.twig b/php/templates/containers.twig index 12b4d81b..1e795149 100644 --- a/php/templates/containers.twig +++ b/php/templates/containers.twig @@ -6,9 +6,9 @@
-
+ @@ -63,11 +63,11 @@ {% endfor %} {% if is_daily_backup_running == true %} -

Daily backup currently running. (Mastercontainer logs) (Borg backup container logs)

+

Daily backup currently running. (Mastercontainer logs) (Borg backup container logs)

{% if automatic_updates == true %}

This will update your containers, the mastercontainer and, on Saturdays, your Nextcloud apps if the backup is successful.

{% if is_mastercontainer_update_available == true %} -

When the mastercontainer is updated it will restart, making it unavailable for a moment. (Logs)

+

When the mastercontainer is updated it will restart, making it unavailable for a moment. (Logs)

{% endif %} {% endif %} {% if has_update_available == false %} @@ -78,7 +78,7 @@

Reload ↻

If the daily backup is stuck somehow, you can unstick it by running sudo docker exec nextcloud-aio-mastercontainer rm /mnt/docker-aio-config/data/daily_backup_running and afterwards reloading this interface.

{% elseif isWatchtowerRunning == true %} -

Mastercontainer update currently running. Once the update is complete the mastercontainer will restart, making it unavailable for a moment. Please wait until it's done. (Logs)

+

Mastercontainer update currently running. Once the update is complete the mastercontainer will restart, making it unavailable for a moment. Please wait until it's done. (Logs)

Reload ↻

{% else %} {% if is_backup_container_running == false and domain == "" %} @@ -88,7 +88,7 @@ {% elseif is_mastercontainer_update_available == true %}

Mastercontainer update

⚠️ A mastercontainer update is available. Please click on the button below to update it. Afterwards, you will be able to proceed with the setup.

- + @@ -108,7 +108,7 @@ {% if skip_domain_validation == true %}

Please note: The domain validation is disabled so any domain will be accepted here! Make sure you do not make a typo here as you will not be able to change it afterwards!

{% endif %} - + @@ -137,7 +137,7 @@ {% if hasBackupLocation %} {% if borg_backup_mode in ['test', 'check'] %} {% if backup_exit_code > 0 %} -

Last {{ borg_backup_mode }} failed! (Logs)

+

Last {{ borg_backup_mode }} failed! (Logs)

{% if borg_backup_mode == 'test' %}

Please adjust the path and/or the encryption password in order to make it work!

{% elseif borg_backup_mode == 'check' %} @@ -145,7 +145,7 @@
Reveal repair option

Below is the option to repair the integrity of your backup. Please note: Please only use this after you have read the documentation above! (It will run the command 'borg check --repair' for you.)

- + @@ -153,10 +153,10 @@
{% endif %} {% elseif backup_exit_code == 0 %} -

Last {{ borg_backup_mode }} successful! (Logs)

+

Last {{ borg_backup_mode }} successful! (Logs)

{% if borg_backup_mode == 'test' %}

Feel free to check the integrity of the backup archive below before starting the restore process in order to make ensure that the restore will work. This can take a long time though depending on the size of the backup archive and is thus not required.

- + @@ -164,7 +164,7 @@ {% endif %}

Choose the backup that you want to restore and click on the button below to restore the selected backup. This will restore the whole AIO instance. Please note that the current AIO passphrase will be kept and the previous AIO passphrase will not be restored from backup!

Important: If the backup that you want to restore contained any community container, you need to restore the same backup a second time after this attempt so that the community container data is also correctly restored.

- +


@@ -210,7 +210,7 @@ {% endif %} {% else %}

Everything set! Click on the button below to test the path and encryption password:

- + @@ -223,14 +223,14 @@ {% if was_start_button_clicked == true %} {% if current_channel starts with 'latest' or current_channel starts with 'beta' or current_channel starts with 'develop' %} -

You are running the {{ current_channel }} channel. (Logs)

+

You are running the {{ current_channel }} channel. (Logs)

{% else %}

No channel was found. This means that AIO is not able to update itself and its component and will also not be able to report about updates. Updates need to be done externally.

{% endif %} {% endif %} {% if is_backup_container_running == true %} -

Backup container is currently running: {{ borg_backup_mode }} (Logs)

+

Backup container is currently running: {{ borg_backup_mode }} (Logs)

Reload ↻

{% endif %} @@ -259,7 +259,7 @@ {% else %}

It seems at least one container was not able to start correctly and is currently restarting.

To break this endless loop, you can stop the containers below and investigate the issue in the container logs before starting the containers again.

- + @@ -312,7 +312,7 @@

You can find all changes here

{% endif %} {% endif %} - + @@ -327,31 +327,34 @@ {% endif %} {% if is_mastercontainer_update_available == true %}

⚠️ A mastercontainer update is available. Please click on the button below to update it.

- +
{% else %} {% if was_start_button_clicked == false %} -
+ + {% if newMajorVersionString != '' %}
{% endif %}
{% elseif has_update_available == false %} -
+ +
{% else %} -
+ + {% if bypass_container_update == true %} {% endif %} @@ -376,7 +379,7 @@ remote borg repo url and submit it. You will be provided with an SSH public key for authorization at the remote afterwards.

- +

@@ -393,13 +396,13 @@ {% if is_backup_container_running == false %}

Backup and restore

{% if backup_exit_code > 0 %} -

Last {{ borg_backup_mode }} failed! (Logs)

+

Last {{ borg_backup_mode }} failed! (Logs)

{% if borg_backup_mode == "check" %}

The backup check was not successful. This might indicate a corrupt archive (look at the logs). If that should be the case, you can try to fix it by following this documentation

Reveal repair option

Below is the option to repair the integrity of your backup. Please note: Please only use this after you have read the documentation above! (It will run the command 'borg check --repair' for you.)

- + @@ -417,7 +420,7 @@ {% endif %}

You may change the backup path again since the initial backup was not successful. After submitting the new value, you need to click on Create Backup to test the new value.

- +

@@ -427,9 +430,9 @@ {% endif %} {% elseif backup_exit_code == 0 %} {% if borg_backup_mode == "backup" %} -

Last {{ borg_backup_mode }} successful on {{ last_backup_time }} UTC! (Logs)

+

Last {{ borg_backup_mode }} successful on {{ last_backup_time }} UTC! (Logs)

{% else %} -

Last {{ borg_backup_mode }} successful! (Logs)

+

Last {{ borg_backup_mode }} successful! (Logs)

{% endif %} {% endif %} {% endif %} @@ -464,7 +467,7 @@ {% if isApacheStarting != true %}

Backup creation

Clicking on the button below will create a backup.

- + @@ -479,7 +482,7 @@ {% endif %} is wrong, you can reset it by clicking on the button below.

- + @@ -493,7 +496,7 @@

Backup check

Click on the button below to perform a backup integrity check. This is an option that verifies that your backup is intact. It shouldn't be needed in most situations.

- + @@ -501,7 +504,7 @@

Backup restore

Choose the backup that you want to restore and click on the button below to restore the selected backup. This will overwrite all your files with the chosen backup so you should consider creating a backup first. You can run an integrity check before restoring your files but this shouldn't be needed in most situations. Please note that this will not restore additionally chosen backup directories! The restore process should be pretty fast as rsync, which only transfers changed files, is used to restore the chosen backup.

- + @@ -529,7 +532,7 @@ Also your containers, the mastercontainer and, on Saturdays, your Nextcloud apps will be automatically updated. {% endif %}

To change your backup time first disable Daily Backups, then enter your new backup time, and then re-enable them.

- + @@ -539,7 +542,7 @@

Back up additional directories and docker volumes of your host

Below you can enter directories and docker volumes of your host that will be backed up into the same borg backup archive. Make sure to press the submit button after changing anything.

- + @@ -566,7 +569,7 @@
Click here to change your AIO passphrase

You can change your AIO passphrase below:

- + @@ -592,7 +595,7 @@ {% if timezone == "" %}

To get the correct time values for certain Nextcloud features, set the timezone for Nextcloud to the one that your users mainly use. Please note that this setting does not apply to the mastercontainer and any backup option.

You can configure the timezone for Nextcloud below (Do not forget to submit the value!):

- + @@ -601,7 +604,7 @@

You need to make sure that the timezone that you enter is valid. An example is Europe/Berlin. You can get valid values by looking at the 'TZ identifier' column of this list: click here. The default is Etc/UTC if nothing is entered.

{% else %}

The timezone for Nextcloud is currently set to {{ timezone }}. You can change the timezone by clicking on the button below.

- + @@ -620,6 +623,8 @@ {% endif %} + +
{% endblock %} diff --git a/php/templates/includes/community-containers.twig b/php/templates/includes/community-containers.twig index f74e3756..66cceb2b 100644 --- a/php/templates/includes/community-containers.twig +++ b/php/templates/includes/community-containers.twig @@ -8,7 +8,7 @@ {% endif %}
Show/Hide available Community Containers - + diff --git a/php/templates/includes/optional-containers.twig b/php/templates/includes/optional-containers.twig index 6bea68db..b4764592 100644 --- a/php/templates/includes/optional-containers.twig +++ b/php/templates/includes/optional-containers.twig @@ -5,7 +5,7 @@ {% else %}

Please note: Make sure to save your changes by clicking Save changes below the list of optional containers. The changes will not be auto-saved.

{% endif %} - + @@ -160,7 +160,7 @@ {% if collabora_dictionaries == "" %}

In order to get the correct dictionaries in Collabora, you may configure the dictionaries below:

- + @@ -169,7 +169,7 @@

You need to make sure that the dictionaries that you enter are valid. An example is de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru.

{% else %}

The dictionaries for Collabora are currently set to {{ collabora_dictionaries }}. You can reset them again by clicking on the button below.

- + @@ -182,7 +182,7 @@ {% if collabora_additional_options == "" %}

You can configure additional options for collabora below.

(This can be used for configuring the net.content_security_policy and more. Make sure to submit the value!)

- + @@ -191,7 +191,7 @@

You need to make sure that the options that you enter are valid. An example is --o:net.content_security_policy=frame-ancestors *.example.com:*;.

{% else %}

The additioinal options for Collabora are currently set to {{ collabora_additional_options }}. You can reset them again by clicking on the button below.

- + diff --git a/php/templates/layout.twig b/php/templates/layout.twig index e20ca3e0..4d842e3d 100644 --- a/php/templates/layout.twig +++ b/php/templates/layout.twig @@ -1,8 +1,8 @@ AIO - - + + diff --git a/php/templates/login.twig b/php/templates/login.twig index cf5cc0c3..1c5420c2 100644 --- a/php/templates/login.twig +++ b/php/templates/login.twig @@ -3,14 +3,14 @@ {% block body %}
From 01ad594ec56f8fbc2b5b3b026dfd0b5dc4da4ed2 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 24 Nov 2025 18:28:35 +0100 Subject: [PATCH 134/432] aio-interface: add button to update the backup list Signed-off-by: Simon L. --- Containers/borgbackup/backupscript.sh | 9 +++++++++ Containers/borgbackup/start.sh | 4 ++-- community-containers/borgbackup-viewer/readme.md | 2 +- php/public/index.php | 1 + php/src/Controller/DockerController.php | 14 ++++++++++++++ php/templates/containers.twig | 11 +++++++++++ readme.md | 2 +- 7 files changed, 39 insertions(+), 4 deletions(-) diff --git a/Containers/borgbackup/backupscript.sh b/Containers/borgbackup/backupscript.sh index 50815f38..b7b96147 100644 --- a/Containers/borgbackup/backupscript.sh +++ b/Containers/borgbackup/backupscript.sh @@ -612,3 +612,12 @@ if [ "$BORG_MODE" = test ]; then fi fi fi + +if [ "$BORG_MODE" = list ]; then + echo "Updating backup list..." + if ! borg info > /dev/null; then + echo "Could not update the backup list." + exit 1 + fi + # The update gets done automatically in the wrapper start.sh script. +fi diff --git a/Containers/borgbackup/start.sh b/Containers/borgbackup/start.sh index 9da0d840..bb7a8a6a 100644 --- a/Containers/borgbackup/start.sh +++ b/Containers/borgbackup/start.sh @@ -32,8 +32,8 @@ else fi # Validate BORG_MODE -if [ "$BORG_MODE" != backup ] && [ "$BORG_MODE" != restore ] && [ "$BORG_MODE" != check ] && [ "$BORG_MODE" != "check-repair" ] && [ "$BORG_MODE" != test ]; then - echo "No correct BORG_MODE mode applied. Valid are 'backup', 'check', 'restore' and 'test'." +if [ "$BORG_MODE" != backup ] && [ "$BORG_MODE" != restore ] && [ "$BORG_MODE" != check ] && [ "$BORG_MODE" != "check-repair" ] && [ "$BORG_MODE" != "test" ] && [ "$BORG_MODE" != "list" ]; then + echo "No correct BORG_MODE mode applied. Valid are 'backup', 'check', 'restore', 'test' and 'list'." exit 1 fi diff --git a/community-containers/borgbackup-viewer/readme.md b/community-containers/borgbackup-viewer/readme.md index dc3d5806..ddd11be7 100644 --- a/community-containers/borgbackup-viewer/readme.md +++ b/community-containers/borgbackup-viewer/readme.md @@ -5,7 +5,7 @@ This container allows to view the local borg repository in a web session. It als - After adding and starting the container, you need to visit `https://ip.address.of.this.server:5801` in order to log in with the user `nextcloud` and the password that you can see next to the container in the AIO interface. (The web page uses a self-signed certificate, so you need to accept the warning). - Then, you should see a terminal. There type in `borg mount /mnt/borgbackup/borg /tmp/borg` to mount the backup archive at `/tmp/borg` inside the container. Afterwards type in `nautilus /tmp/borg` which will show a file explorer and allows you to see all the files. You can then copy files and folders back to their initial mountpoints inside `/nextcloud_aio_volumes/`, `/host_mounts/` and `/docker_volumes/`. ⚠️ Be very carefully while doing that as can break your instance! - After you are done with the operation, click on the terminal in the background and press `[CTRL]+[c]` multiple times to close any open application. Then run `umount /tmp/borg` to unmount the mountpoint correctly. -- You can also delete specific archives by running `borg list`, delete a specific archive e.g. via `borg delete --stats --progress "::20220223_174237-nextcloud-aio"` and compact the archives via `borg compact`. After doing so, make sure to update the backup archives list in the AIO interface! You can do so by clicking on the `Check backup integrity` button or `Create backup` button. +- You can also delete specific archives by running `borg list`, delete a specific archive e.g. via `borg delete --stats --progress "::20220223_174237-nextcloud-aio"` and compact the archives via `borg compact`. After doing so, make sure to update the backup archives list in the AIO interface! You can do so by clicking on the `Update backup list` button in the `Update backup list` section inside the `Backup and restore` section. - ⚠️ After you are done doing your operations, remove the container for better security again from the stack: https://github.com/nextcloud/all-in-one/tree/main/community-containers#how-to-remove-containers-from-aios-stack - See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack diff --git a/php/public/index.php b/php/public/index.php index f2880ca7..46967c72 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -60,6 +60,7 @@ $app->get('/api/docker/getwatchtower', AIO\Controller\DockerController::class . $app->post('/api/docker/start', AIO\Controller\DockerController::class . ':StartContainer'); $app->post('/api/docker/backup', AIO\Controller\DockerController::class . ':StartBackupContainerBackup'); $app->post('/api/docker/backup-check', AIO\Controller\DockerController::class . ':StartBackupContainerCheck'); +$app->post('/api/docker/backup-list', AIO\Controller\DockerController::class . ':StartBackupContainerList'); $app->post('/api/docker/backup-check-repair', AIO\Controller\DockerController::class . ':StartBackupContainerCheckRepair'); $app->post('/api/docker/backup-test', AIO\Controller\DockerController::class . ':StartBackupContainerTest'); $app->post('/api/docker/restore', AIO\Controller\DockerController::class . ':StartBackupContainerRestore'); diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index 8473ed57..6626e3e4 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -105,6 +105,11 @@ readonly class DockerController { return $response->withStatus(201)->withHeader('Location', '.'); } + public function StartBackupContainerList(Request $request, Response $response, array $args) : Response { + $this->listBackup(); + return $response->withStatus(201)->withHeader('Location', '.'); + } + public function checkBackup() : void { $config = $this->configurationManager->GetConfig(); $config['backup-mode'] = 'check'; @@ -114,6 +119,15 @@ readonly class DockerController { $this->PerformRecursiveContainerStart($id); } + private function listBackup() : void { + $config = $this->configurationManager->GetConfig(); + $config['backup-mode'] = 'list'; + $this->configurationManager->WriteConfig($config); + + $id = 'nextcloud-aio-borgbackup'; + $this->PerformRecursiveContainerStart($id); + } + public function StartBackupContainerRestore(Request $request, Response $response, array $args) : Response { $config = $this->configurationManager->GetConfig(); $config['backup-mode'] = 'restore'; diff --git a/php/templates/containers.twig b/php/templates/containers.twig index 39a2de48..a27fdaee 100644 --- a/php/templates/containers.twig +++ b/php/templates/containers.twig @@ -518,6 +518,17 @@ +

Update backup list

+
+ Click here to reveal this option +

If you use an external snapshot tool to restore the server that runs AIO, you might run into a problem that the above listed available backups are not up-to-date to restore your server from. You can click the button below to update this list.

+
+ + + +
+
+

Daily backup and automatic updates

{% if daily_backup_time == "" %}

By entering a time below and submitting it, you can enable daily backups. It will create them at the entered time in 24h format. E.g. 04:00 will create backups at 4 am UTC and 16:00 at 4 pm UTC. When creating the backup, containers will be stopped and restarted after the backup is complete.

diff --git a/readme.md b/readme.md index 0ae3d618..f22c7df3 100644 --- a/readme.md +++ b/readme.md @@ -970,7 +970,7 @@ sudo borg compact ``` After doing so, make sure to update the backup archives list in the AIO interface!
-You can do so by clicking on the `Check backup integrity` button or `Create backup` button. +You can do so by clicking on the `Update backup list` button in the `Update backup list` section inside the `Backup and restore` section. --- From 271c4b21cc38d1e408909c8095bccfe915d4c727 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 24 Nov 2025 19:16:58 +0100 Subject: [PATCH 135/432] docs: standardize links by removing `?tab=readme-ov-file` Signed-off-by: Simon L. --- community-containers/makemkv/readme.md | 2 +- compose.yaml | 2 +- reverse-proxy.md | 8 ++++---- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/community-containers/makemkv/readme.md b/community-containers/makemkv/readme.md index ed9ce040..e78510ee 100644 --- a/community-containers/makemkv/readme.md +++ b/community-containers/makemkv/readme.md @@ -5,7 +5,7 @@ This container bundles MakeMKV and auto-configures it for you. - This container should only be run in home networks - ⚠️ This container mounts all devices from the host inside the container in order to be able to access the external DVD/Blu-ray drives which is a security issue. However no better solution was found for the time being. - This container only works on Linux and not on Docker-Desktop. -- This container requires the [`NEXTCLOUD_MOUNT` variable in AIO to be set](https://github.com/nextcloud/all-in-one?tab=readme-ov-file#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host). Otherwise the output will not be saved correctly.. +- This container requires the [`NEXTCLOUD_MOUNT` variable in AIO to be set](https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host). Otherwise the output will not be saved correctly.. - After adding and starting the container, you need to visit `https://internal.ip.of.server:5802` in order to log in with the `makemkv` user and the password that you can see next to the container in the AIO interface. (The web page uses a self-signed certificate, so you need to accept the warning). - After the first login, you can adjust the `/output` directory in the MakeMKV settings to a subdirectory of the root of your chosen `NEXTCLOUD_MOUNT`. (by default `NEXTCLOUD_MOUNT` is mounted to `/output` inside the container. Thus all data is written to the root of it) - The configured `NEXTCLOUD_DATADIR` is getting mounted to `/storage` inside the container. diff --git a/compose.yaml b/compose.yaml index 13170c7e..e8966f4c 100644 --- a/compose.yaml +++ b/compose.yaml @@ -35,7 +35,7 @@ services: # NEXTCLOUD_ENABLE_DRI_DEVICE: true # This allows to enable the /dev/dri device for containers that profit from it. ⚠️⚠️⚠️ Warning: this only works if the '/dev/dri' device is present on the host! If it should not exist on your host, don't set this to true as otherwise the Nextcloud container will fail to start! See https://github.com/nextcloud/all-in-one#how-to-enable-hardware-acceleration-for-nextcloud # NEXTCLOUD_ENABLE_NVIDIA_GPU: true # This allows to enable the NVIDIA runtime and GPU access for containers that profit from it. ⚠️⚠️⚠️ Warning: this only works if an NVIDIA gpu is installed on the server. See https://github.com/nextcloud/all-in-one#how-to-enable-hardware-acceleration-for-nextcloud. # NEXTCLOUD_KEEP_DISABLED_APPS: false # Setting this to true will keep Nextcloud apps that are disabled in the AIO interface and not uninstall them if they should be installed. See https://github.com/nextcloud/all-in-one#how-to-keep-disabled-apps - # SKIP_DOMAIN_VALIDATION: false # This should only be set to true if things are correctly configured. See https://github.com/nextcloud/all-in-one?tab=readme-ov-file#how-to-skip-the-domain-validation + # SKIP_DOMAIN_VALIDATION: false # This should only be set to true if things are correctly configured. See https://github.com/nextcloud/all-in-one#how-to-skip-the-domain-validation # TALK_PORT: 3478 # This allows to adjust the port that the talk container is using which is exposed on the host. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-talk-port # WATCHTOWER_DOCKER_SOCKET_PATH: /var/run/docker.sock # Needs to be specified if the docker socket on the host is not located in the default '/var/run/docker.sock'. Otherwise mastercontainer updates will fail. For macos it needs to be '/var/run/docker.sock' diff --git a/reverse-proxy.md b/reverse-proxy.md index 52c830e0..546b8b78 100644 --- a/reverse-proxy.md +++ b/reverse-proxy.md @@ -36,7 +36,7 @@ Requirements: - A public IP address that is reachable from the Internet (it does **not** need to be static, but it must not be behind carrier-grade NAT, which some ISPs use to share IP addresses among multiple customers). - Port `443/tcp` on that IP must be available for AIO's exclusive use, and it must be opened/forwarded on your internet-facing firewall/router to the AIO host.[^talkPort] -**If AIO's integrated HTTPS support and internal reverse proxy meet your requirements, you do not need to proceed further. Follow the [standard Nextcloud AIO instructions](https://github.com/nextcloud/all-in-one?tab=readme-ov-file#how-to-use-this).** +**If AIO's integrated HTTPS support and internal reverse proxy meet your requirements, you do not need to proceed further. Follow the [standard Nextcloud AIO instructions](https://github.com/nextcloud/all-in-one#how-to-use-this).** ### External: Using AIO with an external reverse proxy (e.g., *Caddy, Nginx, Cloudflare Proxy*) @@ -95,7 +95,7 @@ To make your Nextcloud AIO instance accessible from the public Internet (not jus | **Tailscale Funnel** | Public Internet | None | Public access through Tailscale | > [!TIP] -> Because of how [Cloudflare's Tunnel/Proxy operate](https://github.com/nextcloud/all-in-one/tree/main?tab=readme-ov-file#notes-on-cloudflare-proxytunnel), we recommend using Tailscale with Nextcloud when possible. Tailscale typically offers better performance and fewer trade-offs/limitations for Nextcloud. +> Because of how [Cloudflare's Tunnel/Proxy operate](https://github.com/nextcloud/all-in-one/tree/main#notes-on-cloudflare-proxytunnel), we recommend using Tailscale with Nextcloud when possible. Tailscale typically offers better performance and fewer trade-offs/limitations for Nextcloud. > > **For private/personal use**: [Tailscale Serve](https://tailscale.com/kb/1312/serve) is ideal - it keeps your Nextcloud completely private to your tailnet. > @@ -1120,7 +1120,7 @@ sudo docker exec --user www-data -it nextcloud-aio-nextcloud php occ config:syst #### Collabora WOPI allow list If your reverse proxy connects to Nextcloud with an IP address that is different from the one for your domain* and you are using the Collabora server then you must also add the IP to the WOPI request allow list via `Administration Settings > Administration > Office > Allow list for WOPI requests`. -*: For example, the reverse proxy has a public globally routable IP and connects to your AIO instance via Tailscale with an IP in the `100.64.0.0/10` range, or you are using a Cloudflare tunnel ([cloudflare notes](https://github.com/nextcloud/all-in-one?tab=readme-ov-file#notes-on-cloudflare-proxytunnel): You must add all [Cloudflare IP-Ranges](https://www.cloudflare.com/ips/) to the WOPI allowlist.) +*: For example, the reverse proxy has a public globally routable IP and connects to your AIO instance via Tailscale with an IP in the `100.64.0.0/10` range, or you are using a Cloudflare tunnel ([cloudflare notes](https://github.com/nextcloud/all-in-one#notes-on-cloudflare-proxytunnel): You must add all [Cloudflare IP-Ranges](https://www.cloudflare.com/ips/) to the WOPI allowlist.) #### External reverse proxies connecting via VPN (e.g. Tailscale) @@ -1174,7 +1174,7 @@ If you, at some point, want to remove the reverse proxy, here are some general s sudo docker rm nextcloud-aio-mastercontainer ``` 3. Remove the software and configuration file that you used for the reverse proxy (see section 1). -4. Restart the mastercontainer with the [docker run command from the main readme](https://github.com/nextcloud/all-in-one?tab=readme-ov-file#how-to-use-this) but add the two options: +4. Restart the mastercontainer with the [docker run command from the main readme](https://github.com/nextcloud/all-in-one#how-to-use-this) but add the two options: ``` --env APACHE_IP_BINDING=0.0.0.0 \ --env APACHE_PORT=443 \ From 1fff416829cf2f139c0b7203d6a3bdfe3a52b692 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 25 Nov 2025 04:15:21 +0000 Subject: [PATCH 136/432] build(deps): bump docker in /Containers/mastercontainer Bumps docker from 29.0.2-cli to 29.0.4-cli. --- updated-dependencies: - dependency-name: docker dependency-version: 29.0.4-cli dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/mastercontainer/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile index dae14ea5..65dc31e6 100644 --- a/Containers/mastercontainer/Dockerfile +++ b/Containers/mastercontainer/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Docker CLI is a requirement -FROM docker:29.0.2-cli AS docker +FROM docker:29.0.4-cli AS docker # Caddy is a requirement FROM caddy:2.10.2-alpine AS caddy From 1d6a1ffb17c83c24e360c0873e00bc19697334c2 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 25 Nov 2025 13:23:22 +0100 Subject: [PATCH 137/432] add notifications community container Signed-off-by: Simon L. --- .../notifications/notifications.json | 23 +++++++++++++++++++ community-containers/notifications/readme.md | 12 ++++++++++ community-containers/scrutiny/readme.md | 2 +- community-containers/scrutiny/scrutiny.json | 2 +- 4 files changed, 37 insertions(+), 2 deletions(-) create mode 100644 community-containers/notifications/notifications.json create mode 100644 community-containers/notifications/readme.md diff --git a/community-containers/notifications/notifications.json b/community-containers/notifications/notifications.json new file mode 100644 index 00000000..5d886ec9 --- /dev/null +++ b/community-containers/notifications/notifications.json @@ -0,0 +1,23 @@ +{ + "aio_services_v1": [ + { + "container_name": "nextcloud-aio-notifications", + "display_name": "Notifications", + "documentation": "https://github.com/nextcloud/all-in-one/tree/main/community-containers/notifications", + "image": "ghcr.io/szaimen/aio-notifications", + "image_tag": "v1", + "internal_port": "10000", + "restart": "unless-stopped", + "volumes": [ + { + "source": "%WATCHTOWER_DOCKER_SOCKET_PATH%", + "destination": "/var/run/docker.sock", + "writeable": false + } + ], + "environment": [ + "TZ=%TIMEZONE%" + ] + } + ] +} diff --git a/community-containers/notifications/readme.md b/community-containers/notifications/readme.md new file mode 100644 index 00000000..78ec49b6 --- /dev/null +++ b/community-containers/notifications/readme.md @@ -0,0 +1,12 @@ +## Notifications +This container allows other AIO community containers to send admin notifications to Nextcloud users. + +### Notes +- It needs to be enabled for the [scrutiny container](https://github.com/nextcloud/all-in-one/tree/main/community-containers/scrutiny) for example to make use of admin notifications that are sent if a smartctl failure was found. +- See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack + +### Repository +https://github.com/szaimen/aio-notifications + +### Maintainer +https://github.com/szaimen diff --git a/community-containers/scrutiny/readme.md b/community-containers/scrutiny/readme.md index dc972d44..3bb728f7 100644 --- a/community-containers/scrutiny/readme.md +++ b/community-containers/scrutiny/readme.md @@ -6,7 +6,7 @@ This container bundles Scrutiny which is a frontend for SMART stats and auto-con - ⚠️ This container mounts all devices from the host inside the container in order to be able to access the drives and smartctl stats which is a security issue. However no better solution was found for the time being. - This container only works on Linux and not on Docker-Desktop. - After adding and starting the container, you need to visit `http://internal.ip.of.server:8000` which will show the dashboard for your drives. -- It currently does not support sending notifications as no good solution was found yet that makes this possible. See https://github.com/szaimen/aio-scrutiny/issues/3 +- It supports sending notifications in case of a smartctl failure if you enable the notifications community container: https://github.com/nextcloud/all-in-one/tree/main/community-containers/notifications - See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack ### Repository diff --git a/community-containers/scrutiny/scrutiny.json b/community-containers/scrutiny/scrutiny.json index 4b368291..b367e497 100644 --- a/community-containers/scrutiny/scrutiny.json +++ b/community-containers/scrutiny/scrutiny.json @@ -5,7 +5,7 @@ "display_name": "Scrutiny", "documentation": "https://github.com/nextcloud/all-in-one/tree/main/community-containers/scrutiny", "image": "ghcr.io/szaimen/aio-scrutiny", - "image_tag": "v1", + "image_tag": "v2", "internal_port": "8000", "init": false, "restart": "unless-stopped", From f3fbfae5353015ca392cbc1662cc874b40b058a9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 26 Nov 2025 04:15:59 +0000 Subject: [PATCH 138/432] build(deps): bump nextcloud-releases/whiteboard Bumps nextcloud-releases/whiteboard from v1.4.1 to v1.4.2. --- updated-dependencies: - dependency-name: nextcloud-releases/whiteboard dependency-version: v1.4.2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Containers/whiteboard/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/whiteboard/Dockerfile b/Containers/whiteboard/Dockerfile index cce2ed85..fe5d89f7 100644 --- a/Containers/whiteboard/Dockerfile +++ b/Containers/whiteboard/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Probably from this file: https://github.com/nextcloud/whiteboard/blob/main/Dockerfile -FROM ghcr.io/nextcloud-releases/whiteboard:v1.4.1 +FROM ghcr.io/nextcloud-releases/whiteboard:v1.4.2 USER root RUN set -ex; \ From 6a8d8d4479809364281fb5428ea26e3599df06a4 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 26 Nov 2025 10:30:41 +0100 Subject: [PATCH 139/432] add some notice regarding how to switch the channel Signed-off-by: Simon L. --- readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/readme.md b/readme.md index 0ae3d618..e6cd4526 100644 --- a/readme.md +++ b/readme.md @@ -641,7 +641,7 @@ See [multiple-instances.md](./multiple-instances.md) for some documentation on t Nextcloud features a built-in bruteforce protection which may get triggered and will block an ip-address or disable a user. You can unblock an ip-address by running `sudo docker exec --user www-data -it nextcloud-aio-nextcloud php occ security:bruteforce:reset ` and enable a disabled user by running `sudo docker exec --user www-data -it nextcloud-aio-nextcloud php occ user:enable `. See https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/occ_command.html#security for further information. **Please note:** If you do not have CLI access to the server, you can now run docker commands via a web session by using this community container: https://github.com/nextcloud/all-in-one/tree/main/community-containers/container-management ### How to switch the channel? -You can switch to a different channel like e.g. the beta channel or from the beta channel back to the latest channel by stopping the mastercontainer, removing it (no data will be lost) and recreating the container using the same command that you used initially to create the mastercontainer. You simply need to change the last line `ghcr.io/nextcloud-releases/all-in-one:latest` to `ghcr.io/nextcloud-releases/all-in-one:beta` and vice versa. +You can switch to a different channel like e.g. the beta channel or from the beta channel back to the latest channel by stopping the mastercontainer, removing it (no data will be lost) and recreating the container using the same command that you used initially to create the mastercontainer. You simply need to change the last line `ghcr.io/nextcloud-releases/all-in-one:latest` to `ghcr.io/nextcloud-releases/all-in-one:beta` and vice versa. ⚠️ In some rare occurences, you might need to run `docker pull ghcr.io/nextcloud-releases/all-in-one:latest` or `docker pull ghcr.io/nextcloud-releases/all-in-one:beta` first before being able to use the image. ### How to update the containers? If we push new containers to `latest`, you will see in the AIO interface below the `containers` section that new container updates were found. In this case, just press `Stop containers` and `Start and update containers` in order to update the containers. The mastercontainer has its own update procedure though. See below. And don't forget to back up the current state of your instance using the built-in backup solution before starting the containers again! Otherwise you won't be able to restore your instance easily if something should break during the update. From 50312bd2d9712a08479ee3ec866118d5cf67a89f Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 26 Nov 2025 10:53:29 +0100 Subject: [PATCH 140/432] fix typo Signed-off-by: Simon L. --- readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/readme.md b/readme.md index e6cd4526..c53f4d28 100644 --- a/readme.md +++ b/readme.md @@ -641,7 +641,7 @@ See [multiple-instances.md](./multiple-instances.md) for some documentation on t Nextcloud features a built-in bruteforce protection which may get triggered and will block an ip-address or disable a user. You can unblock an ip-address by running `sudo docker exec --user www-data -it nextcloud-aio-nextcloud php occ security:bruteforce:reset ` and enable a disabled user by running `sudo docker exec --user www-data -it nextcloud-aio-nextcloud php occ user:enable `. See https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/occ_command.html#security for further information. **Please note:** If you do not have CLI access to the server, you can now run docker commands via a web session by using this community container: https://github.com/nextcloud/all-in-one/tree/main/community-containers/container-management ### How to switch the channel? -You can switch to a different channel like e.g. the beta channel or from the beta channel back to the latest channel by stopping the mastercontainer, removing it (no data will be lost) and recreating the container using the same command that you used initially to create the mastercontainer. You simply need to change the last line `ghcr.io/nextcloud-releases/all-in-one:latest` to `ghcr.io/nextcloud-releases/all-in-one:beta` and vice versa. ⚠️ In some rare occurences, you might need to run `docker pull ghcr.io/nextcloud-releases/all-in-one:latest` or `docker pull ghcr.io/nextcloud-releases/all-in-one:beta` first before being able to use the image. +You can switch to a different channel like e.g. the beta channel or from the beta channel back to the latest channel by stopping the mastercontainer, removing it (no data will be lost) and recreating the container using the same command that you used initially to create the mastercontainer. You simply need to change the last line `ghcr.io/nextcloud-releases/all-in-one:latest` to `ghcr.io/nextcloud-releases/all-in-one:beta` and vice versa. ⚠️ In some rare occurrences, you might need to run `docker pull ghcr.io/nextcloud-releases/all-in-one:latest` or `docker pull ghcr.io/nextcloud-releases/all-in-one:beta` first before being able to use the image. ### How to update the containers? If we push new containers to `latest`, you will see in the AIO interface below the `containers` section that new container updates were found. In this case, just press `Stop containers` and `Start and update containers` in order to update the containers. The mastercontainer has its own update procedure though. See below. And don't forget to back up the current state of your instance using the built-in backup solution before starting the containers again! Otherwise you won't be able to restore your instance easily if something should break during the update. From 10b61a5edea92eab87a4c7de1ca37172c0edd9a4 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 24 Nov 2025 19:28:53 +0100 Subject: [PATCH 141/432] add `"com.docker.compose.project" => "nextcloud-aio"` to all containers Signed-off-by: Simon L. --- Containers/mastercontainer/Dockerfile | 4 +++- compose.yaml | 1 + php/src/Docker/DockerActionManager.php | 3 ++- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile index dae14ea5..a240fd4d 100644 --- a/Containers/mastercontainer/Dockerfile +++ b/Containers/mastercontainer/Dockerfile @@ -125,7 +125,9 @@ RUN set -ex; \ mkdir /var/log/supervisord; \ mkdir /var/run/supervisord; -LABEL org.label-schema.vendor="Nextcloud" +# hadolint ignore=DL3048 +LABEL org.label-schema.vendor="Nextcloud" \ + com.docker.compose.project="nextcloud-aio" # hadolint ignore=DL3002 USER root diff --git a/compose.yaml b/compose.yaml index e8966f4c..c18d92d3 100644 --- a/compose.yaml +++ b/compose.yaml @@ -1,3 +1,4 @@ +name: nextcloud-aio # Add the container to the same compose project like all the sibling containers are added to automatically. services: nextcloud-aio-mastercontainer: image: ghcr.io/nextcloud-releases/all-in-one:latest # This is the container image used. You can switch to ghcr.io/nextcloud-releases/all-in-one:beta if you want to help testing new releases. See https://github.com/nextcloud/all-in-one#how-to-switch-the-channel diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index a6f5d223..e22ab7f6 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -433,7 +433,8 @@ readonly class DockerActionManager { // All AIO-managed containers should not be updated externally via watchtower but gracefully by AIO's backup and update feature. // Also DIUN should not send update notifications. See https://crazymax.dev/diun/providers/docker/#docker-labels - $requestBody['Labels'] = ["com.centurylinklabs.watchtower.enable" => "false", "diun.enable" => "false", "org.label-schema.vendor" => "Nextcloud"]; + // Additionally set a default org.label-schema.vendor and com.docker.compose.project + $requestBody['Labels'] = ["com.centurylinklabs.watchtower.enable" => "false", "diun.enable" => "false", "org.label-schema.vendor" => "Nextcloud", "com.docker.compose.project" => "nextcloud-aio"]; // Containers should have a fixed host name. See https://github.com/nextcloud/all-in-one/discussions/6589 $requestBody['Hostname'] = $container->GetIdentifier(); From a48a1d66be90d29d67a98278096f2845d6b1641b Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 24 Nov 2025 23:21:50 +0100 Subject: [PATCH 142/432] update aio-caddy to v4 and add option for proxy protocol Signed-off-by: Simon L. --- community-containers/caddy/caddy.json | 3 ++- community-containers/caddy/readme.md | 1 + php/src/Docker/DockerActionManager.php | 1 + 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/community-containers/caddy/caddy.json b/community-containers/caddy/caddy.json index f6143fbc..e27df683 100644 --- a/community-containers/caddy/caddy.json +++ b/community-containers/caddy/caddy.json @@ -5,7 +5,7 @@ "display_name": "Caddy with geoblocking", "documentation": "https://github.com/nextcloud/all-in-one/tree/main/community-containers/caddy", "image": "ghcr.io/szaimen/aio-caddy", - "image_tag": "v3", + "image_tag": "v4", "internal_port": "443", "restart": "unless-stopped", "ports": [ @@ -19,6 +19,7 @@ "TZ=%TIMEZONE%", "NC_DOMAIN=%NC_DOMAIN%", "APACHE_PORT=%APACHE_PORT%", + "APACHE_IP_BINDING=%APACHE_IP_BINDING%", "NEXTCLOUD_EXPORTER_CADDY_PASSWORD=%NEXTCLOUD_EXPORTER_CADDY_PASSWORD%" ], "volumes": [ diff --git a/community-containers/caddy/readme.md b/community-containers/caddy/readme.md index 99bf133e..209b9c4a 100644 --- a/community-containers/caddy/readme.md +++ b/community-containers/caddy/readme.md @@ -6,6 +6,7 @@ This container bundles caddy and auto-configures it for you. It also covers [vau - Make sure that no other service is using port 443 on your host as otherwise the containers will fail to start. You can check this with `sudo netstat -tulpn | grep 443` before installing AIO. - Starting with AIO v12, the Talk port that was usually exposed on port 3478 is now set to port 443 udp and tcp and reachable via `your-nc-domain.com`. For the changes to become activated, you need to go to `https://your-nc-domain.com/settings/admin/talk` and delete all turn and stun servers. Then restart the containers and the new config should become active. - Starting with AIO v12, you can also limit vaultwarden, stalwart and lldap to certain ip-addresses. You can do so by creating a `allowed-IPs-vaultwarden.txt`, `allowed-IPs-stalwart.txt`, or `allowed-IPs-lldap.txt` file in the `nextcloud-aio-caddy` directory of your admin user and adding the ip-addresses in these files. +- The container also supports the proxy protocol inside caddy. That means that you can run a supported web server in front of port 443/tcp and use the proxy protocol. You can enable this by configuring the `APACHE_IP_BINDING` environmental variables for the mastercontainer and set it to an ip-address under which the protocol shall be accepted. ⚠️ Note that the initial domain validation will not work correctly if you want to use the proxy protocol. So make sure to skip the domain validation in that case. See the [documentation](https://github.com/nextcloud/all-in-one#how-to-skip-the-domain-validation). - If you want to use this with [vaultwarden](https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden), make sure that you point `bw.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for vaultwarden. - If you want to use this with [stalwart](https://github.com/nextcloud/all-in-one/tree/main/community-containers/stalwart), make sure that you point `mail.your-nc-domain.com` to your server using an A, AAAA or CNAME record so that caddy can get a certificate automatically for stalwart. - If you want to use this with [jellyfin](https://github.com/nextcloud/all-in-one/tree/main/community-containers/jellyfin), make sure that you point `media.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for jellyfin. diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index a6f5d223..d19fd050 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -550,6 +550,7 @@ readonly class DockerActionManager { 'SELECTED_RESTORE_TIME' => $this->configurationManager->GetSelectedRestoreTime(), 'RESTORE_EXCLUDE_PREVIEWS' => $this->configurationManager->GetRestoreExcludePreviews(), 'APACHE_PORT' => $this->configurationManager->GetApachePort(), + 'APACHE_IP_BINDING' => $this->configurationManager->GetApacheIPBinding(), 'TALK_PORT' => $this->configurationManager->GetTalkPort(), 'TURN_DOMAIN' => $this->configurationManager->GetTurnDomain(), 'NEXTCLOUD_MOUNT' => $this->configurationManager->GetNextcloudMount(), From 4b782649fdcca71827782269cac81336086ea316 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Wed, 26 Nov 2025 12:03:58 +0000 Subject: [PATCH 143/432] Yaml updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- manual-install/latest.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/manual-install/latest.yml b/manual-install/latest.yml index 83bc1ef1..12545ac3 100644 --- a/manual-install/latest.yml +++ b/manual-install/latest.yml @@ -160,7 +160,6 @@ services: - TALK_PORT - IMAGINARY_ENABLED - IMAGINARY_HOST=nextcloud-aio-imaginary - - CLAMAV_MAX_SIZE=${APACHE_MAX_SIZE} - PHP_UPLOAD_LIMIT=${NEXTCLOUD_UPLOAD_LIMIT} - PHP_MEMORY_LIMIT=${NEXTCLOUD_MEMORY_LIMIT} - FULLTEXTSEARCH_ENABLED @@ -256,7 +255,7 @@ services: - "9980" environment: - aliasgroup1=https://${NC_DOMAIN}:443,http://nextcloud-aio-apache:23973 - - extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:mount_jail_tree=false --o:logging.level=warning --o:logging.level_startup=warning --o:home_mode.enable=true --o:remote_font_config.url=https://${NC_DOMAIN}/apps/richdocuments/settings/fonts.json --o:net.post_allow.host[0]=.+ + - extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:logging.disable_server_audit=true --o:logging.level=warning --o:logging.level_startup=warning --o:welcome.enable=false --o:remote_font_config.url=https://${NC_DOMAIN}/apps/richdocuments/settings/fonts.json --o:net.post_allow.host[0]=.+ - dictionaries=${COLLABORA_DICTIONARIES} - TZ=${TIMEZONE} - server_name=${NC_DOMAIN} From 256a259ae6f048f6034cd176374e9a8c645c70ef Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 26 Nov 2025 12:41:00 +0100 Subject: [PATCH 144/432] update private ip-ranges Signed-off-by: Simon L. --- Containers/nextcloud/entrypoint.sh | 2 +- reverse-proxy.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Containers/nextcloud/entrypoint.sh b/Containers/nextcloud/entrypoint.sh index 09d7d15c..0c03a973 100644 --- a/Containers/nextcloud/entrypoint.sh +++ b/Containers/nextcloud/entrypoint.sh @@ -741,7 +741,7 @@ if [ "$COLLABORA_ENABLED" = 'yes' ]; then echo "No IPv6 address found for $COLLABORA_HOST." fi if [ -n "$COLLABORA_ALLOW_LIST" ]; then - PRIVATE_IP_RANGES='127.0.0.1/8,192.168.0.0/16,172.16.0.0/12,10.0.0.0/8,fd00::/8,::1' + PRIVATE_IP_RANGES='127.0.0.0/8,192.168.0.0/16,172.16.0.0/12,10.0.0.0/8,100.64.0.0/10,fd00::/8,::1/128' if ! echo "$COLLABORA_ALLOW_LIST" | grep -q "$PRIVATE_IP_RANGES"; then COLLABORA_ALLOW_LIST+=",$PRIVATE_IP_RANGES" fi diff --git a/reverse-proxy.md b/reverse-proxy.md index 546b8b78..e0497c84 100644 --- a/reverse-proxy.md +++ b/reverse-proxy.md @@ -1108,7 +1108,7 @@ Enter your domain in the AIO interface that you've used in the reverse proxy con ### 5. Optional: Configure AIO for reverse proxies that connect to nextcloud using an ip-address and not localhost nor 127.0.0.1 If your reverse proxy connects to nextcloud using an ip-address and not localhost or 127.0.0.1* you must make the following configuration changes -*: The IP address it uses to connect to AIO is not in a private IP range such as these: `127.0.0.1/8,192.168.0.0/16,172.16.0.0/12,10.0.0.0/8,fd00::/8,::1` +*: The IP address it uses to connect to AIO is not in a private IP range such as these: `127.0.0.0/8,192.168.0.0/16,172.16.0.0/12,10.0.0.0/8,100.64.0.0/10,fd00::/8,::1/128` #### Nextcloud trusted proxies Add the IP it uses connect to AIO to the Nextcloud trusted_proxies like this: From b2c24c92e307441e945a657c88689ac0b0e9a16c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 26 Nov 2025 12:18:44 +0000 Subject: [PATCH 145/432] build(deps): bump shivammathur/setup-php in /.github/workflows Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.35.5 to 2.36.0. - [Release notes](https://github.com/shivammathur/setup-php/releases) - [Commits](https://github.com/shivammathur/setup-php/compare/bf6b4fbd49ca58e4608c9c89fba0b8d90bd2a39f...7bf05c6b704e0b9bfee22300130a31b5ea68d593) --- updated-dependencies: - dependency-name: shivammathur/setup-php dependency-version: 2.36.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/dependency-updates.yml | 2 +- .github/workflows/lint-php.yml | 2 +- .github/workflows/php-deprecation-detector.yml | 2 +- .github/workflows/psalm-update-baseline.yml | 2 +- .github/workflows/psalm.yml | 2 +- .github/workflows/twig-lint.yml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/dependency-updates.yml b/.github/workflows/dependency-updates.yml index 53707dec..5eefc5e1 100644 --- a/.github/workflows/dependency-updates.yml +++ b/.github/workflows/dependency-updates.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v6.0.0 - - uses: shivammathur/setup-php@bf6b4fbd49ca58e4608c9c89fba0b8d90bd2a39f # v2 + - uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 with: php-version: 8.4 extensions: apcu diff --git a/.github/workflows/lint-php.yml b/.github/workflows/lint-php.yml index bf449e1f..9c74167a 100644 --- a/.github/workflows/lint-php.yml +++ b/.github/workflows/lint-php.yml @@ -41,7 +41,7 @@ jobs: persist-credentials: false - name: Set up php ${{ matrix.php-versions }} - uses: shivammathur/setup-php@bf6b4fbd49ca58e4608c9c89fba0b8d90bd2a39f # v2.35.5 + uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2.36.0 with: php-version: ${{ matrix.php-versions }} coverage: none diff --git a/.github/workflows/php-deprecation-detector.yml b/.github/workflows/php-deprecation-detector.yml index 22ed9854..ac6aa187 100644 --- a/.github/workflows/php-deprecation-detector.yml +++ b/.github/workflows/php-deprecation-detector.yml @@ -18,7 +18,7 @@ jobs: steps: - uses: actions/checkout@v6.0.0 - name: Set up php - uses: shivammathur/setup-php@bf6b4fbd49ca58e4608c9c89fba0b8d90bd2a39f # v2 + uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 with: php-version: 8.4 extensions: apcu diff --git a/.github/workflows/psalm-update-baseline.yml b/.github/workflows/psalm-update-baseline.yml index 49753535..91d41dfc 100644 --- a/.github/workflows/psalm-update-baseline.yml +++ b/.github/workflows/psalm-update-baseline.yml @@ -13,7 +13,7 @@ jobs: - uses: actions/checkout@v6.0.0 - name: Set up php - uses: shivammathur/setup-php@bf6b4fbd49ca58e4608c9c89fba0b8d90bd2a39f # v2 + uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 with: php-version: 8.4 extensions: apcu diff --git a/.github/workflows/psalm.yml b/.github/workflows/psalm.yml index 21ecf1e6..8f7da955 100644 --- a/.github/workflows/psalm.yml +++ b/.github/workflows/psalm.yml @@ -37,7 +37,7 @@ jobs: persist-credentials: false - name: Set up php - uses: shivammathur/setup-php@bf6b4fbd49ca58e4608c9c89fba0b8d90bd2a39f # v2.35.5 + uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2.36.0 with: php-version: 8.4 extensions: apcu diff --git a/.github/workflows/twig-lint.yml b/.github/workflows/twig-lint.yml index d8730987..1c453505 100644 --- a/.github/workflows/twig-lint.yml +++ b/.github/workflows/twig-lint.yml @@ -27,7 +27,7 @@ jobs: uses: actions/checkout@v6.0.0 - name: Set up php ${{ matrix.php-versions }} - uses: shivammathur/setup-php@bf6b4fbd49ca58e4608c9c89fba0b8d90bd2a39f # v2 + uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 with: php-version: 8.4 extensions: apcu From 4a8288a527f329cdf5e42141f3f913f64ac9c6bd Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 26 Nov 2025 20:44:09 +0100 Subject: [PATCH 146/432] fulltextsearch: disable memory locking Signed-off-by: Simon L. --- php/containers.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/containers.json b/php/containers.json index 0a48b3ea..8afb68e9 100644 --- a/php/containers.json +++ b/php/containers.json @@ -794,7 +794,7 @@ "environment": [ "TZ=%TIMEZONE%", "ES_JAVA_OPTS=%FULLTEXTSEARCH_JAVA_OPTIONS%", - "bootstrap.memory_lock=true", + "bootstrap.memory_lock=false", "cluster.name=nextcloud-aio", "discovery.type=single-node", "logger.level=WARN", From f080ed771d16e3bd196685d824a59ca36eb35b6c Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Fri, 28 Nov 2025 08:52:51 +0000 Subject: [PATCH 147/432] Helm Chart updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- nextcloud-aio-helm-chart/Chart.yaml | 2 +- .../templates/nextcloud-aio-apache-deployment.yaml | 2 +- .../templates/nextcloud-aio-clamav-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-collabora-deployment.yaml | 8 ++++++-- .../templates/nextcloud-aio-database-deployment.yaml | 4 ++-- .../nextcloud-aio-fulltextsearch-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-imaginary-deployment.yaml | 2 +- .../templates/nextcloud-aio-nextcloud-deployment.yaml | 6 ++---- .../templates/nextcloud-aio-notify-push-deployment.yaml | 2 +- .../templates/nextcloud-aio-onlyoffice-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-redis-deployment.yaml | 2 +- .../templates/nextcloud-aio-talk-deployment.yaml | 2 +- .../nextcloud-aio-talk-recording-deployment.yaml | 2 +- .../templates/nextcloud-aio-whiteboard-deployment.yaml | 2 +- 14 files changed, 24 insertions(+), 22 deletions(-) diff --git a/nextcloud-aio-helm-chart/Chart.yaml b/nextcloud-aio-helm-chart/Chart.yaml index 0b10dd4d..7d6a0c55 100755 --- a/nextcloud-aio-helm-chart/Chart.yaml +++ b/nextcloud-aio-helm-chart/Chart.yaml @@ -1,6 +1,6 @@ name: nextcloud-aio-helm-chart description: A generated Helm Chart for Nextcloud AIO from Skippbox Kompose -version: 11.11.0 +version: 12.1.4 apiVersion: v2 keywords: - latest diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml index 3388c1d7..e6273a8b 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml @@ -61,7 +61,7 @@ spec: value: "{{ .Values.TIMEZONE }}" - name: WHITEBOARD_HOST value: nextcloud-aio-whiteboard - image: ghcr.io/nextcloud-releases/aio-apache:20251031_122139 + image: ghcr.io/nextcloud-releases/aio-apache:20251128_084214 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml index 35b30e41..662d68a0 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml @@ -36,7 +36,7 @@ spec: {{- end }} initContainers: - name: init-subpath - image: ghcr.io/nextcloud-releases/aio-alpine:20251031_122139 + image: ghcr.io/nextcloud-releases/aio-alpine:20251128_084214 command: - mkdir - "-p" @@ -59,7 +59,7 @@ spec: value: "{{ .Values.NEXTCLOUD_UPLOAD_LIMIT }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-clamav:20251031_122139 + image: ghcr.io/nextcloud-releases/aio-clamav:20251128_084214 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml index 449a24fc..e91cfe56 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml @@ -32,10 +32,14 @@ spec: - name: dictionaries value: "{{ .Values.COLLABORA_DICTIONARIES }}" - name: extra_params - value: --o:ssl.enable=false --o:ssl.termination=true --o:mount_jail_tree=false --o:logging.level=warning --o:logging.level_startup=warning --o:home_mode.enable=true --o:remote_font_config.url=https://{{ .Values.NC_DOMAIN }}/apps/richdocuments/settings/fonts.json --o:net.post_allow.host[0]=.+ + value: --o:ssl.enable=false --o:ssl.termination=true --o:logging.disable_server_audit=true --o:logging.level=warning --o:logging.level_startup=warning --o:welcome.enable=false --o:remote_font_config.url=https://{{ .Values.NC_DOMAIN }}/apps/richdocuments/settings/fonts.json --o:net.post_allow.host[0]=.+ - name: server_name value: "{{ .Values.NC_DOMAIN }}" - image: ghcr.io/nextcloud-releases/aio-collabora:20251031_122139 + {{- if contains "--o:support_key=" (join " " (.Values.ADDITIONAL_COLLABORA_OPTIONS | default list)) }} + image: ghcr.io/nextcloud-releases/aio-collabora-online:20251128_084214 + {{- else }} + image: ghcr.io/nextcloud-releases/aio-collabora:20251128_084214 + {{- end }} readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml index 6f08b4a6..d65dfa78 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml @@ -35,7 +35,7 @@ spec: {{- end }} initContainers: - name: init-subpath - image: ghcr.io/nextcloud-releases/aio-alpine:20251031_122139 + image: ghcr.io/nextcloud-releases/aio-alpine:20251128_084214 command: - mkdir - "-p" @@ -64,7 +64,7 @@ spec: value: nextcloud - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-postgresql:20251031_122139 + image: ghcr.io/nextcloud-releases/aio-postgresql:20251128_084214 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml index 49dc3d34..a3877029 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml @@ -24,7 +24,7 @@ spec: spec: initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20251031_122139 + image: ghcr.io/nextcloud-releases/aio-alpine:20251128_084214 command: - chmod - "777" @@ -54,7 +54,7 @@ spec: value: basic - name: xpack.security.enabled value: "false" - image: ghcr.io/nextcloud-releases/aio-fulltextsearch:20251031_122139 + image: ghcr.io/nextcloud-releases/aio-fulltextsearch:20251128_084214 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml index 4956ed71..c8ae83d9 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml @@ -38,7 +38,7 @@ spec: value: "{{ .Values.IMAGINARY_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-imaginary:20251031_122139 + image: ghcr.io/nextcloud-releases/aio-imaginary:20251128_084214 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml index 49f2bd53..2a925878 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml @@ -38,7 +38,7 @@ spec: # AIO settings start # Do not remove or change this line! initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20251031_122139 + image: ghcr.io/nextcloud-releases/aio-alpine:20251128_084214 command: - chmod - "777" @@ -100,8 +100,6 @@ spec: value: "{{ .Values.CLAMAV_ENABLED }}" - name: CLAMAV_HOST value: nextcloud-aio-clamav - - name: CLAMAV_MAX_SIZE - value: "{{ .Values.APACHE_MAX_SIZE }}" - name: COLLABORA_ENABLED value: "{{ .Values.COLLABORA_ENABLED }}" - name: COLLABORA_HOST @@ -188,7 +186,7 @@ spec: value: "{{ .Values.WHITEBOARD_ENABLED }}" - name: WHITEBOARD_SECRET value: "{{ .Values.WHITEBOARD_SECRET }}" - image: ghcr.io/nextcloud-releases/aio-nextcloud:20251031_122139 + image: ghcr.io/nextcloud-releases/aio-nextcloud:20251128_084214 {{- if eq (.Values.RPSS_ENABLED | default "no") "yes" }} # AIO-config - do not change this comment! securityContext: # The items below only work in container context diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml index b93283e7..5f16388a 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml @@ -55,7 +55,7 @@ spec: value: "{{ .Values.REDIS_PASSWORD }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-notify-push:20251031_122139 + image: ghcr.io/nextcloud-releases/aio-notify-push:20251128_084214 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml index c30f6a0e..4e64f6c5 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml @@ -24,7 +24,7 @@ spec: spec: initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20251031_122139 + image: ghcr.io/nextcloud-releases/aio-alpine:20251128_084214 command: - chmod - "777" @@ -42,7 +42,7 @@ spec: value: "{{ .Values.ONLYOFFICE_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-onlyoffice:20251031_122139 + image: ghcr.io/nextcloud-releases/aio-onlyoffice:20251128_084214 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml index 2d5da82d..18ceee18 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml @@ -39,7 +39,7 @@ spec: value: "{{ .Values.REDIS_PASSWORD }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-redis:20251031_122139 + image: ghcr.io/nextcloud-releases/aio-redis:20251128_084214 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml index b6f2e489..81f616fa 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml @@ -52,7 +52,7 @@ spec: value: "{{ .Values.TURN_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-talk:20251031_122139 + image: ghcr.io/nextcloud-releases/aio-talk:20251128_084214 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml index e0902a0f..0319cce8 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml @@ -44,7 +44,7 @@ spec: value: "{{ .Values.RECORDING_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-talk-recording:20251031_122139 + image: ghcr.io/nextcloud-releases/aio-talk-recording:20251128_084214 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml index 28c05cab..35f29df7 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml @@ -48,7 +48,7 @@ spec: value: redis - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-whiteboard:20251031_122139 + image: ghcr.io/nextcloud-releases/aio-whiteboard:20251128_084214 readinessProbe: exec: command: From 6b3af009e252b37a13ebf2e2adca252b09159d30 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Fri, 28 Nov 2025 12:17:11 +0100 Subject: [PATCH 148/432] nextcloud: allow to configure mysql root cert Signed-off-by: Simon L. --- Containers/nextcloud/config/postgres.config.php | 8 ++++++++ Containers/nextcloud/entrypoint.sh | 4 ++++ Containers/notify-push/start.sh | 7 +++++-- 3 files changed, 17 insertions(+), 2 deletions(-) diff --git a/Containers/nextcloud/config/postgres.config.php b/Containers/nextcloud/config/postgres.config.php index 38f980fe..acde7b82 100644 --- a/Containers/nextcloud/config/postgres.config.php +++ b/Containers/nextcloud/config/postgres.config.php @@ -7,3 +7,11 @@ if (getenv('NEXTCLOUD_TRUSTED_CERTIFICATES_POSTGRES')) { ), ); } +if (getenv('NEXTCLOUD_TRUSTED_CERTIFICATES_MYSQL')) { + $CONFIG = array( + 'dbdriveroptions' => array( + 'PDO::MYSQL_ATTR_SSL_CA' => '/var/www/html/data/certificates/MYSQL', + ), + ); +} + diff --git a/Containers/nextcloud/entrypoint.sh b/Containers/nextcloud/entrypoint.sh index 09d7d15c..c0dfd803 100644 --- a/Containers/nextcloud/entrypoint.sh +++ b/Containers/nextcloud/entrypoint.sh @@ -283,6 +283,10 @@ EOF if [ -n "$NEXTCLOUD_TRUSTED_CERTIFICATES_POSTGRES" ]; then mkdir /var/www/html/data/certificates echo "$NEXTCLOUD_TRUSTED_CERTIFICATES_POSTGRES" > "/var/www/html/data/certificates/POSTGRES" + # Write out mysql root cert + elif [ -n "$NEXTCLOUD_TRUSTED_CERTIFICATES_MYSQL" ]; then + mkdir /var/www/html/data/certificates + echo "$NEXTCLOUD_TRUSTED_CERTIFICATES_MYSQL" > "/var/www/html/data/certificates/MYSQL" fi echo "Installing with $DATABASE_TYPE database" diff --git a/Containers/notify-push/start.sh b/Containers/notify-push/start.sh index 859c6309..9277bdaa 100644 --- a/Containers/notify-push/start.sh +++ b/Containers/notify-push/start.sh @@ -68,11 +68,14 @@ fi # Postgres root cert if [ -f "/nextcloud/data/certificates/POSTGRES" ]; then - POSTGRES_CERT="?sslmode=verify-ca&sslrootcert=/nextcloud/data/certificates/POSTGRES" + CERT_OPTIONS="?sslmode=verify-ca&sslrootcert=/nextcloud/data/certificates/POSTGRES" +# Mysql root cert +elif [ -f "/nextcloud/data/certificates/MYSQL" ]; then + CERT_OPTIONS="?sslmode=verify-ca&ssl-ca=/nextcloud/data/certificates/MYSQL" fi # Set sensitive values as env -export DATABASE_URL="$DATABASE_TYPE://$POSTGRES_USER:$POSTGRES_PASSWORD@$POSTGRES_HOST:$POSTGRES_PORT/$POSTGRES_DB$POSTGRES_CERT" +export DATABASE_URL="$DATABASE_TYPE://$POSTGRES_USER:$POSTGRES_PASSWORD@$POSTGRES_HOST:$POSTGRES_PORT/$POSTGRES_DB$CERT_OPTIONS" export REDIS_URL="redis://$REDIS_USER:$REDIS_HOST_PASSWORD@$REDIS_HOST/$REDIS_DB_INDEX" # Run it From 38838be0b19334e73274a8b8165dcaaefdd4eb7d Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Fri, 28 Nov 2025 12:03:24 +0000 Subject: [PATCH 149/432] php dependency updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- php/composer.lock | 97 ++++++++++++++++++++++++----------------------- 1 file changed, 49 insertions(+), 48 deletions(-) diff --git a/php/composer.lock b/php/composer.lock index 6a33558f..fa856220 100644 --- a/php/composer.lock +++ b/php/composer.lock @@ -391,16 +391,16 @@ }, { "name": "laravel/serializable-closure", - "version": "v2.0.6", + "version": "v2.0.7", "source": { "type": "git", "url": "https://github.com/laravel/serializable-closure.git", - "reference": "038ce42edee619599a1debb7e81d7b3759492819" + "reference": "cb291e4c998ac50637c7eeb58189c14f5de5b9dd" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/laravel/serializable-closure/zipball/038ce42edee619599a1debb7e81d7b3759492819", - "reference": "038ce42edee619599a1debb7e81d7b3759492819", + "url": "https://api.github.com/repos/laravel/serializable-closure/zipball/cb291e4c998ac50637c7eeb58189c14f5de5b9dd", + "reference": "cb291e4c998ac50637c7eeb58189c14f5de5b9dd", "shasum": "" }, "require": { @@ -409,7 +409,7 @@ "require-dev": { "illuminate/support": "^10.0|^11.0|^12.0", "nesbot/carbon": "^2.67|^3.0", - "pestphp/pest": "^2.36|^3.0", + "pestphp/pest": "^2.36|^3.0|^4.0", "phpstan/phpstan": "^2.0", "symfony/var-dumper": "^6.2.0|^7.0.0" }, @@ -448,7 +448,7 @@ "issues": "https://github.com/laravel/serializable-closure/issues", "source": "https://github.com/laravel/serializable-closure" }, - "time": "2025-10-09T13:42:30+00:00" + "time": "2025-11-21T20:52:36+00:00" }, { "name": "nikic/fast-route", @@ -3455,16 +3455,16 @@ }, { "name": "phpdocumentor/reflection-docblock", - "version": "5.6.4", + "version": "5.6.5", "source": { "type": "git", "url": "https://github.com/phpDocumentor/ReflectionDocBlock.git", - "reference": "90a04bcbf03784066f16038e87e23a0a83cee3c2" + "reference": "90614c73d3800e187615e2dd236ad0e2a01bf761" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/90a04bcbf03784066f16038e87e23a0a83cee3c2", - "reference": "90a04bcbf03784066f16038e87e23a0a83cee3c2", + "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/90614c73d3800e187615e2dd236ad0e2a01bf761", + "reference": "90614c73d3800e187615e2dd236ad0e2a01bf761", "shasum": "" }, "require": { @@ -3513,22 +3513,22 @@ "description": "With this component, a library can provide support for annotations via DocBlocks or otherwise retrieve information that is embedded in a DocBlock.", "support": { "issues": "https://github.com/phpDocumentor/ReflectionDocBlock/issues", - "source": "https://github.com/phpDocumentor/ReflectionDocBlock/tree/5.6.4" + "source": "https://github.com/phpDocumentor/ReflectionDocBlock/tree/5.6.5" }, - "time": "2025-11-17T21:13:10+00:00" + "time": "2025-11-27T19:50:05+00:00" }, { "name": "phpdocumentor/type-resolver", - "version": "1.11.1", + "version": "1.12.0", "source": { "type": "git", "url": "https://github.com/phpDocumentor/TypeResolver.git", - "reference": "f626740b38009078de0dc8b2b9dc4e7f749c6eba" + "reference": "92a98ada2b93d9b201a613cb5a33584dde25f195" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpDocumentor/TypeResolver/zipball/f626740b38009078de0dc8b2b9dc4e7f749c6eba", - "reference": "f626740b38009078de0dc8b2b9dc4e7f749c6eba", + "url": "https://api.github.com/repos/phpDocumentor/TypeResolver/zipball/92a98ada2b93d9b201a613cb5a33584dde25f195", + "reference": "92a98ada2b93d9b201a613cb5a33584dde25f195", "shasum": "" }, "require": { @@ -3571,9 +3571,9 @@ "description": "A PSR-5 based resolver of Class names, Types and Structural Element Names", "support": { "issues": "https://github.com/phpDocumentor/TypeResolver/issues", - "source": "https://github.com/phpDocumentor/TypeResolver/tree/1.11.1" + "source": "https://github.com/phpDocumentor/TypeResolver/tree/1.12.0" }, - "time": "2025-11-21T11:31:57+00:00" + "time": "2025-11-21T15:09:14+00:00" }, { "name": "phpstan/phpdoc-parser", @@ -3624,16 +3624,16 @@ }, { "name": "revolt/event-loop", - "version": "v1.0.7", + "version": "v1.0.8", "source": { "type": "git", "url": "https://github.com/revoltphp/event-loop.git", - "reference": "09bf1bf7f7f574453efe43044b06fafe12216eb3" + "reference": "b6fc06dce8e9b523c9946138fa5e62181934f91c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/revoltphp/event-loop/zipball/09bf1bf7f7f574453efe43044b06fafe12216eb3", - "reference": "09bf1bf7f7f574453efe43044b06fafe12216eb3", + "url": "https://api.github.com/repos/revoltphp/event-loop/zipball/b6fc06dce8e9b523c9946138fa5e62181934f91c", + "reference": "b6fc06dce8e9b523c9946138fa5e62181934f91c", "shasum": "" }, "require": { @@ -3690,9 +3690,9 @@ ], "support": { "issues": "https://github.com/revoltphp/event-loop/issues", - "source": "https://github.com/revoltphp/event-loop/tree/v1.0.7" + "source": "https://github.com/revoltphp/event-loop/tree/v1.0.8" }, - "time": "2025-01-25T19:27:39+00:00" + "time": "2025-08-27T21:33:23+00:00" }, { "name": "sebastian/diff", @@ -3763,16 +3763,16 @@ }, { "name": "spatie/array-to-xml", - "version": "3.4.1", + "version": "3.4.3", "source": { "type": "git", "url": "https://github.com/spatie/array-to-xml.git", - "reference": "6a740f39415aee8886aea10333403adc77d50791" + "reference": "7b9202dccfe18d4e3a13303156d6bbcc1c61dabf" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/spatie/array-to-xml/zipball/6a740f39415aee8886aea10333403adc77d50791", - "reference": "6a740f39415aee8886aea10333403adc77d50791", + "url": "https://api.github.com/repos/spatie/array-to-xml/zipball/7b9202dccfe18d4e3a13303156d6bbcc1c61dabf", + "reference": "7b9202dccfe18d4e3a13303156d6bbcc1c61dabf", "shasum": "" }, "require": { @@ -3815,7 +3815,7 @@ "xml" ], "support": { - "source": "https://github.com/spatie/array-to-xml/tree/3.4.1" + "source": "https://github.com/spatie/array-to-xml/tree/3.4.3" }, "funding": [ { @@ -3827,7 +3827,7 @@ "type": "github" } ], - "time": "2025-11-12T10:32:50+00:00" + "time": "2025-11-27T09:08:26+00:00" }, { "name": "sserbin/twig-linter", @@ -3987,16 +3987,16 @@ }, { "name": "symfony/filesystem", - "version": "v7.3.6", + "version": "v7.4.0", "source": { "type": "git", "url": "https://github.com/symfony/filesystem.git", - "reference": "e9bcfd7837928ab656276fe00464092cc9e1826a" + "reference": "d551b38811096d0be9c4691d406991b47c0c630a" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/filesystem/zipball/e9bcfd7837928ab656276fe00464092cc9e1826a", - "reference": "e9bcfd7837928ab656276fe00464092cc9e1826a", + "url": "https://api.github.com/repos/symfony/filesystem/zipball/d551b38811096d0be9c4691d406991b47c0c630a", + "reference": "d551b38811096d0be9c4691d406991b47c0c630a", "shasum": "" }, "require": { @@ -4005,7 +4005,7 @@ "symfony/polyfill-mbstring": "~1.8" }, "require-dev": { - "symfony/process": "^6.4|^7.0" + "symfony/process": "^6.4|^7.0|^8.0" }, "type": "library", "autoload": { @@ -4033,7 +4033,7 @@ "description": "Provides basic utilities for the filesystem", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/filesystem/tree/v7.3.6" + "source": "https://github.com/symfony/filesystem/tree/v7.4.0" }, "funding": [ { @@ -4053,7 +4053,7 @@ "type": "tidelift" } ], - "time": "2025-11-05T09:52:27+00:00" + "time": "2025-11-27T13:27:24+00:00" }, { "name": "symfony/finder", @@ -4459,22 +4459,23 @@ }, { "name": "symfony/string", - "version": "v7.3.4", + "version": "v7.4.0", "source": { "type": "git", "url": "https://github.com/symfony/string.git", - "reference": "f96476035142921000338bad71e5247fbc138872" + "reference": "d50e862cb0a0e0886f73ca1f31b865efbb795003" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/string/zipball/f96476035142921000338bad71e5247fbc138872", - "reference": "f96476035142921000338bad71e5247fbc138872", + "url": "https://api.github.com/repos/symfony/string/zipball/d50e862cb0a0e0886f73ca1f31b865efbb795003", + "reference": "d50e862cb0a0e0886f73ca1f31b865efbb795003", "shasum": "" }, "require": { "php": ">=8.2", + "symfony/deprecation-contracts": "^2.5|^3.0", "symfony/polyfill-ctype": "~1.8", - "symfony/polyfill-intl-grapheme": "~1.0", + "symfony/polyfill-intl-grapheme": "~1.33", "symfony/polyfill-intl-normalizer": "~1.0", "symfony/polyfill-mbstring": "~1.0" }, @@ -4482,11 +4483,11 @@ "symfony/translation-contracts": "<2.5" }, "require-dev": { - "symfony/emoji": "^7.1", - "symfony/http-client": "^6.4|^7.0", - "symfony/intl": "^6.4|^7.0", + "symfony/emoji": "^7.1|^8.0", + "symfony/http-client": "^6.4|^7.0|^8.0", + "symfony/intl": "^6.4|^7.0|^8.0", "symfony/translation-contracts": "^2.5|^3.0", - "symfony/var-exporter": "^6.4|^7.0" + "symfony/var-exporter": "^6.4|^7.0|^8.0" }, "type": "library", "autoload": { @@ -4525,7 +4526,7 @@ "utf8" ], "support": { - "source": "https://github.com/symfony/string/tree/v7.3.4" + "source": "https://github.com/symfony/string/tree/v7.4.0" }, "funding": [ { @@ -4545,7 +4546,7 @@ "type": "tidelift" } ], - "time": "2025-09-11T14:36:48+00:00" + "time": "2025-11-27T13:27:24+00:00" }, { "name": "vimeo/psalm", From 8185c537323aeb88c4e9f34b54d192814c260900 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Fri, 28 Nov 2025 12:14:01 +0000 Subject: [PATCH 150/432] nextcloud-update automated change Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- Containers/nextcloud/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 034ebba2..03663b85 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -86,7 +86,7 @@ RUN set -ex; \ pecl install APCu-5.1.27; \ pecl install -D 'enable-memcached-igbinary="yes"' memcached-3.4.0; \ pecl install -oD 'enable-redis-igbinary="yes" enable-redis-zstd="yes" enable-redis-lz4="yes"' redis-6.3.0; \ - pecl install -o imagick-3.8.0; \ + pecl install -o imagick-3.8.1; \ \ docker-php-ext-enable \ igbinary \ From 190a9824e0acb9f4a6d02d96413e5ad56e840280 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Fri, 28 Nov 2025 17:05:56 +0100 Subject: [PATCH 151/432] address review Co-authored-by: Jean-Yves <7360784+docjyJ@users.noreply.github.com> Signed-off-by: Simon L. --- php/src/Controller/DockerController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index ed3d3bf9..ff33fbfd 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -185,7 +185,7 @@ readonly class DockerController { $config = $this->configurationManager->GetConfig(); // set AIO_URL - $config['AIO_URL'] = $host . ':' . (string)$port . $path; + $config['AIO_URL'] = $host . ':' . strval($port) . $path; // set wasStartButtonClicked $config['wasStartButtonClicked'] = 1; // set install_latest_major From 634e819ab15642400c916796356333feb92a352e Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Fri, 28 Nov 2025 17:14:16 +0100 Subject: [PATCH 152/432] address review Signed-off-by: Simon L. --- php/templates/containers.twig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/templates/containers.twig b/php/templates/containers.twig index 53b97dcc..6fda338c 100644 --- a/php/templates/containers.twig +++ b/php/templates/containers.twig @@ -548,7 +548,7 @@ {% if borg_remote_repo %} or the remote repo {{ borg_remote_repo }} {% endif %} - is wrong, you can reset it by clicking on the button below. + is wrong or if you want to reset the backup location due to other reasons, you can do so by clicking on the button below.

From 411fe4cb531fdf08b24880941ae36a60f09bb7ab Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Fri, 28 Nov 2025 17:18:08 +0100 Subject: [PATCH 153/432] address review Signed-off-by: Simon L. --- community-containers/caddy/readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/community-containers/caddy/readme.md b/community-containers/caddy/readme.md index 209b9c4a..6cdcb452 100644 --- a/community-containers/caddy/readme.md +++ b/community-containers/caddy/readme.md @@ -6,7 +6,7 @@ This container bundles caddy and auto-configures it for you. It also covers [vau - Make sure that no other service is using port 443 on your host as otherwise the containers will fail to start. You can check this with `sudo netstat -tulpn | grep 443` before installing AIO. - Starting with AIO v12, the Talk port that was usually exposed on port 3478 is now set to port 443 udp and tcp and reachable via `your-nc-domain.com`. For the changes to become activated, you need to go to `https://your-nc-domain.com/settings/admin/talk` and delete all turn and stun servers. Then restart the containers and the new config should become active. - Starting with AIO v12, you can also limit vaultwarden, stalwart and lldap to certain ip-addresses. You can do so by creating a `allowed-IPs-vaultwarden.txt`, `allowed-IPs-stalwart.txt`, or `allowed-IPs-lldap.txt` file in the `nextcloud-aio-caddy` directory of your admin user and adding the ip-addresses in these files. -- The container also supports the proxy protocol inside caddy. That means that you can run a supported web server in front of port 443/tcp and use the proxy protocol. You can enable this by configuring the `APACHE_IP_BINDING` environmental variables for the mastercontainer and set it to an ip-address under which the protocol shall be accepted. ⚠️ Note that the initial domain validation will not work correctly if you want to use the proxy protocol. So make sure to skip the domain validation in that case. See the [documentation](https://github.com/nextcloud/all-in-one#how-to-skip-the-domain-validation). +- The container also supports the proxy protocol inside caddy. That means that you can run a supported web server in front of port 443/tcp and use the proxy protocol. You can enable this by configuring the `APACHE_IP_BINDING` environmental variable for the mastercontainer and set it to an ip-address from which the protocol shall be accepted. ⚠️ Note that the initial domain validation will not work correctly if you want to use the proxy protocol. So make sure to skip the domain validation in that case. See the [documentation](https://github.com/nextcloud/all-in-one#how-to-skip-the-domain-validation). - If you want to use this with [vaultwarden](https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden), make sure that you point `bw.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for vaultwarden. - If you want to use this with [stalwart](https://github.com/nextcloud/all-in-one/tree/main/community-containers/stalwart), make sure that you point `mail.your-nc-domain.com` to your server using an A, AAAA or CNAME record so that caddy can get a certificate automatically for stalwart. - If you want to use this with [jellyfin](https://github.com/nextcloud/all-in-one/tree/main/community-containers/jellyfin), make sure that you point `media.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for jellyfin. From c6e7d61a9eb0e36e4c7cd8680e86db8b562f7c01 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Sat, 29 Nov 2025 16:40:43 +0100 Subject: [PATCH 154/432] Add cute animal to bug report template Signed-off-by: Simon L. --- .github/ISSUE_TEMPLATE/Bug_report.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/ISSUE_TEMPLATE/Bug_report.md b/.github/ISSUE_TEMPLATE/Bug_report.md index d3228dfa..ec25fc4a 100644 --- a/.github/ISSUE_TEMPLATE/Bug_report.md +++ b/.github/ISSUE_TEMPLATE/Bug_report.md @@ -33,3 +33,5 @@ labels: 0. Needs triage #### Output of `sudo docker logs nextcloud-aio-mastercontainer` #### Other valuable info + +#### A picture of a cute animal From b4ec51f99e916dbc172b19a5c8473d70e71294f8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Dec 2025 04:36:14 +0000 Subject: [PATCH 155/432] build(deps): bump collabora/code in /Containers/collabora Bumps collabora/code from 25.04.7.1.1 to 25.04.7.3.1. --- updated-dependencies: - dependency-name: collabora/code dependency-version: 25.04.7.3.1 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Containers/collabora/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/collabora/Dockerfile b/Containers/collabora/Dockerfile index 10f068ea..071d0751 100644 --- a/Containers/collabora/Dockerfile +++ b/Containers/collabora/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # From a file located probably somewhere here: https://github.com/CollaboraOnline/online/blob/master/docker/from-packages/Dockerfile -FROM collabora/code:25.04.7.1.1 +FROM collabora/code:25.04.7.3.1 USER root ARG DEBIAN_FRONTEND=noninteractive From cc41c3465ed5091efaf576ec563fa9ae96d2384a Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 1 Dec 2025 12:50:44 +0100 Subject: [PATCH 156/432] mastercontainer: refactor docker api version check Signed-off-by: Simon L. --- Containers/mastercontainer/start.sh | 65 +++++++++++++++++++---------- 1 file changed, 42 insertions(+), 23 deletions(-) diff --git a/Containers/mastercontainer/start.sh b/Containers/mastercontainer/start.sh index 77c4675e..4ca193be 100644 --- a/Containers/mastercontainer/start.sh +++ b/Containers/mastercontainer/start.sh @@ -75,18 +75,15 @@ elif ! sudo -E -u www-data test -r /var/run/docker.sock; then fi fi -# Check if api version is supported -if ! sudo -E -u www-data docker info &>/dev/null; then - print_red "Cannot connect to the docker socket. Cannot proceed." - echo "Did you maybe remove group read permissions for the docker socket? AIO needs them in order to access the docker socket." - echo "If SELinux is enabled on your host, see https://github.com/nextcloud/all-in-one#are-there-known-problems-when-selinux-is-enabled" - echo "If you are on TrueNas SCALE, see https://github.com/nextcloud/all-in-one#can-i-run-aio-on-truenas-scale" +# Get default docker api version +API_VERSION_FILE="$(find ./ -name DockerActionManager.php | head -1)" +API_VERSION="$(grep -oP 'const string API_VERSION.*\;' "$API_VERSION_FILE" | grep -oP '[0-9]+.[0-9]+' | head -1)" +if [ -z "$API_VERSION" ]; then + print_red "Could not get API_VERSION. Something is wrong!" exit 1 fi -# Docker api version check -API_VERSION_FILE="$(find ./ -name DockerActionManager.php | head -1)" -API_VERSION="$(grep -oP 'const string API_VERSION.*\;' "$API_VERSION_FILE" | grep -oP '[0-9]+.[0-9]+' | head -1)" +# Check if DOCKER_API_VERSION is set globally if [ -n "$DOCKER_API_VERSION" ]; then if ! echo "$DOCKER_API_VERSION" | grep -q '^[0-9].[0-9]\+$'; then print_red "You've set DOCKER_API_VERSION but not to an allowed value. @@ -98,23 +95,45 @@ It is set to '$DOCKER_API_VERSION'." print_red "Please note that only v$API_VERSION is officially supported and tested by the maintainers of Nextcloud AIO." print_red "So you run on your own risk and things might break without warning." else - # shellcheck disable=SC2001 - API_VERSION_NUMB="$(echo "$API_VERSION" | sed 's/\.//')" - LOCAL_API_VERSION_NUMB="$(sudo -E -u www-data docker version | grep -i "api version" | grep -oP '[0-9]+.[0-9]+' | head -1 | sed 's/\.//')" - if [ -n "$LOCAL_API_VERSION_NUMB" ] && [ -n "$API_VERSION_NUMB" ]; then - if ! [ "$LOCAL_API_VERSION_NUMB" -ge "$API_VERSION_NUMB" ]; then - print_red "Docker API v$API_VERSION is not supported by your docker engine. Cannot proceed. Please upgrade your docker engine if you want to run Nextcloud AIO!" - echo "Alternatively, set the DOCKER_API_VERSION environmental variable to a compatible version." - echo "However please note that only v$API_VERSION is officially supported and tested by the maintainers of Nextcloud AIO." - echo "See https://github.com/nextcloud/all-in-one#how-to-adjust-the-internally-used-docker-api-version" - exit 1 - fi - else - echo "LOCAL_API_VERSION_NUMB or API_VERSION_NUMB are not set correctly. Cannot check if the API version is supported." - sleep 10 + # Export docker api version to use it everywhere + export DOCKER_API_VERSION="$API_VERSION" +fi + +# Set a fallback docker api version. Needed for api version check. +# The check will not work otherwise on old docker versions +FALLBACK_DOCKER_API_VERSION="1.41" + +# Check if docker info can be used +if ! sudo -E -u www-data docker info &>/dev/null; then + if ! sudo -E -u www-data DOCKER_API_VERSION="$FALLBACK_DOCKER_API_VERSION" docker info &>/dev/null; then + print_red "Cannot connect to the docker socket. Cannot proceed." + echo "Did you maybe remove group read permissions for the docker socket? AIO needs them in order to access the docker socket." + echo "If SELinux is enabled on your host, see https://github.com/nextcloud/all-in-one#are-there-known-problems-when-selinux-is-enabled" + echo "If you are on TrueNas SCALE, see https://github.com/nextcloud/all-in-one#can-i-run-aio-on-truenas-scale" + exit 1 fi fi +# Docker api version check +# shellcheck disable=SC2001 +API_VERSION_NUMB="$(echo "$API_VERSION" | sed 's/\.//')" +LOCAL_API_VERSION_NUMB="$(sudo -E -u www-data docker version | grep -i "api version" | grep -oP '[0-9]+.[0-9]+' | head -1 | sed 's/\.//')" +if [ -z "$LOCAL_API_VERSION_NUMB" ]; then + LOCAL_API_VERSION_NUMB="$(sudo -E -u www-data DOCKER_API_VERSION="$FALLBACK_DOCKER_API_VERSION" docker version | grep -i "api version" | grep -oP '[0-9]+.[0-9]+' | head -1 | sed 's/\.//')" +fi +if [ -n "$LOCAL_API_VERSION_NUMB" ] && [ -n "$API_VERSION_NUMB" ]; then + if ! [ "$LOCAL_API_VERSION_NUMB" -ge "$API_VERSION_NUMB" ]; then + print_red "Docker API v$API_VERSION is not supported by your docker engine. Cannot proceed. Please upgrade your docker engine if you want to run Nextcloud AIO!" + echo "Alternatively, set the DOCKER_API_VERSION environmental variable to a compatible version." + echo "However please note that only v$API_VERSION is officially supported and tested by the maintainers of Nextcloud AIO." + echo "See https://github.com/nextcloud/all-in-one#how-to-adjust-the-internally-used-docker-api-version" + exit 1 + fi +else + echo "LOCAL_API_VERSION_NUMB or API_VERSION_NUMB are not set correctly. Cannot check if the API version is supported." + sleep 10 +fi + # Check Storage drivers STORAGE_DRIVER="$(sudo -E -u www-data docker info | grep "Storage Driver")" # Check if vfs is used: https://github.com/nextcloud/all-in-one/discussions/1467 From 2663ffeee5c7a27ca8f2625a6af0bc0bd5fed917 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Mon, 1 Dec 2025 12:03:40 +0000 Subject: [PATCH 157/432] php dependency updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- php/composer.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/php/composer.lock b/php/composer.lock index fa856220..2fbf905c 100644 --- a/php/composer.lock +++ b/php/composer.lock @@ -1644,16 +1644,16 @@ }, { "name": "twig/twig", - "version": "v3.22.0", + "version": "v3.22.1", "source": { "type": "git", "url": "https://github.com/twigphp/Twig.git", - "reference": "4509984193026de413baf4ba80f68590a7f2c51d" + "reference": "1de2ec1fc43ab58a4b7e80b214b96bfc895750f3" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/twigphp/Twig/zipball/4509984193026de413baf4ba80f68590a7f2c51d", - "reference": "4509984193026de413baf4ba80f68590a7f2c51d", + "url": "https://api.github.com/repos/twigphp/Twig/zipball/1de2ec1fc43ab58a4b7e80b214b96bfc895750f3", + "reference": "1de2ec1fc43ab58a4b7e80b214b96bfc895750f3", "shasum": "" }, "require": { @@ -1707,7 +1707,7 @@ ], "support": { "issues": "https://github.com/twigphp/Twig/issues", - "source": "https://github.com/twigphp/Twig/tree/v3.22.0" + "source": "https://github.com/twigphp/Twig/tree/v3.22.1" }, "funding": [ { @@ -1719,7 +1719,7 @@ "type": "tidelift" } ], - "time": "2025-10-29T15:56:47+00:00" + "time": "2025-11-16T16:01:12+00:00" } ], "packages-dev": [ From 57306c8cae44959dad8439d1153aa13fdd14b930 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 1 Dec 2025 17:00:27 +0100 Subject: [PATCH 158/432] refactor `backup-mode` handling Signed-off-by: Simon L. --- php/public/index.php | 2 +- php/src/Controller/DockerController.php | 24 +++++++----------------- php/src/Data/ConfigurationManager.php | 15 ++++++--------- 3 files changed, 14 insertions(+), 27 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 46967c72..c49629bd 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -104,7 +104,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'is_backup_container_running' => $dockerActionManger->isBackupContainerRunning(), 'backup_exit_code' => $dockerActionManger->GetBackupcontainerExitCode(), 'is_instance_restore_attempt' => $configurationManager->isInstanceRestoreAttempt(), - 'borg_backup_mode' => $configurationManager->GetBorgBackupMode(), + 'borg_backup_mode' => $configurationManager->GetBackupMode(), 'was_start_button_clicked' => $configurationManager->wasStartButtonClicked(), 'has_update_available' => $dockerActionManger->isAnyUpdateAvailable(), 'last_backup_time' => $configurationManager->GetLastBackupTime(), diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index 6626e3e4..7402bfd1 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -89,9 +89,7 @@ readonly class DockerController { } public function startBackup(bool $forceStopNextcloud = false) : void { - $config = $this->configurationManager->GetConfig(); - $config['backup-mode'] = 'backup'; - $this->configurationManager->WriteConfig($config); + $this->configurationManager->SetBackupMode('backup'); $id = self::TOP_CONTAINER; $this->PerformRecursiveContainerStop($id, $forceStopNextcloud); @@ -111,26 +109,22 @@ readonly class DockerController { } public function checkBackup() : void { - $config = $this->configurationManager->GetConfig(); - $config['backup-mode'] = 'check'; - $this->configurationManager->WriteConfig($config); + $this->configurationManager->SetBackupMode('check'); $id = 'nextcloud-aio-borgbackup'; $this->PerformRecursiveContainerStart($id); } private function listBackup() : void { - $config = $this->configurationManager->GetConfig(); - $config['backup-mode'] = 'list'; - $this->configurationManager->WriteConfig($config); + $this->configurationManager->SetBackupMode('list'); $id = 'nextcloud-aio-borgbackup'; $this->PerformRecursiveContainerStart($id); } public function StartBackupContainerRestore(Request $request, Response $response, array $args) : Response { + $this->configurationManager->SetBackupMode('restore'); $config = $this->configurationManager->GetConfig(); - $config['backup-mode'] = 'restore'; $config['selected-restore-time'] = $request->getParsedBody()['selected_restore_time'] ?? ''; if (isset($request->getParsedBody()['restore-exclude-previews'])) { $config['restore-exclude-previews'] = 1; @@ -150,24 +144,20 @@ readonly class DockerController { } public function StartBackupContainerCheckRepair(Request $request, Response $response, array $args) : Response { - $config = $this->configurationManager->GetConfig(); - $config['backup-mode'] = 'check-repair'; - $this->configurationManager->WriteConfig($config); + $this->configurationManager->SetBackupMode('check-repair'); $id = 'nextcloud-aio-borgbackup'; $this->PerformRecursiveContainerStart($id); // Restore to backup check which is needed to make the UI logic work correctly - $config = $this->configurationManager->GetConfig(); - $config['backup-mode'] = 'check'; - $this->configurationManager->WriteConfig($config); + $this->configurationManager->SetBackupMode('check'); return $response->withStatus(201)->withHeader('Location', '.'); } public function StartBackupContainerTest(Request $request, Response $response, array $args) : Response { + $this->configurationManager->SetBackupMode('test'); $config = $this->configurationManager->GetConfig(); - $config['backup-mode'] = 'test'; $config['instance_restore_attempt'] = 0; $this->configurationManager->WriteConfig($config); diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 0b0a034d..c8d16c7d 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -423,6 +423,12 @@ class ConfigurationManager return $config['backup-mode']; } + public function SetBackupMode(string $mode) : void { + $config = $this->GetConfig(); + $config['backup-mode'] = $mode; + $this->WriteConfig($config); + } + public function GetSelectedRestoreTime() : string { $config = $this->GetConfig(); if(!isset($config['selected-restore-time'])) { @@ -664,15 +670,6 @@ class ConfigurationManager return false; } - public function GetBorgBackupMode() : string { - $config = $this->GetConfig(); - if(!isset($config['backup-mode'])) { - $config['backup-mode'] = ''; - } - - return $config['backup-mode']; - } - public function GetNextcloudMount() : string { $envVariableName = 'NEXTCLOUD_MOUNT'; $configName = 'nextcloud_mount'; From 1cdc4e3beffd18e6fa58a48d0093a6d83c60f098 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 2 Dec 2025 04:33:44 +0000 Subject: [PATCH 159/432] build(deps): bump haproxy in /Containers/docker-socket-proxy Bumps haproxy from 3.2.9-alpine to 3.3.0-alpine. --- updated-dependencies: - dependency-name: haproxy dependency-version: 3.3.0-alpine dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Containers/docker-socket-proxy/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/docker-socket-proxy/Dockerfile b/Containers/docker-socket-proxy/Dockerfile index ccc283f9..ed2e9e2d 100644 --- a/Containers/docker-socket-proxy/Dockerfile +++ b/Containers/docker-socket-proxy/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM haproxy:3.2.9-alpine +FROM haproxy:3.3.0-alpine # hadolint ignore=DL3002 USER root From ae132c8d396c9532d297b28148d6b4f8a7ac755f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 2 Dec 2025 04:34:06 +0000 Subject: [PATCH 160/432] build(deps): bump docker in /Containers/mastercontainer Bumps docker from 29.0.4-cli to 29.1.1-cli. --- updated-dependencies: - dependency-name: docker dependency-version: 29.1.1-cli dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Containers/mastercontainer/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile index 9c50af3f..f6ecd08e 100644 --- a/Containers/mastercontainer/Dockerfile +++ b/Containers/mastercontainer/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Docker CLI is a requirement -FROM docker:29.0.4-cli AS docker +FROM docker:29.1.1-cli AS docker # Caddy is a requirement FROM caddy:2.10.2-alpine AS caddy From d44d077a632c7744aa215f733ec24d452c71c082 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 2 Dec 2025 12:11:02 +0100 Subject: [PATCH 161/432] update oo Signed-off-by: Simon L. --- Containers/onlyoffice/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/onlyoffice/Dockerfile b/Containers/onlyoffice/Dockerfile index be1d580f..c2b94d8c 100644 --- a/Containers/onlyoffice/Dockerfile +++ b/Containers/onlyoffice/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # From https://github.com/ONLYOFFICE/Docker-DocumentServer/blob/master/Dockerfile -FROM onlyoffice/documentserver:9.1.0.1 +FROM onlyoffice/documentserver:9.2.0.1 # USER root is probably used From a842cbb82a508e6d0d2477d1720c42320035d607 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 2 Dec 2025 12:12:40 +0100 Subject: [PATCH 162/432] increase to 12.2.0 Signed-off-by: Simon L. --- php/templates/containers.twig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/templates/containers.twig b/php/templates/containers.twig index eac34445..2b381c90 100644 --- a/php/templates/containers.twig +++ b/php/templates/containers.twig @@ -17,7 +17,7 @@
-

Nextcloud AIO v12.1.4

+

Nextcloud AIO v12.2.0

{# Add 2nd tab warning #} From 83de5260511dcfabc32cafaa576aa1fe611b0c56 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 2 Dec 2025 12:42:13 +0100 Subject: [PATCH 163/432] adjust DeleteBorgBackupLocationVars to also delete the borg.config file Signed-off-by: Simon L. --- php/src/Controller/ConfigurationController.php | 2 +- php/src/Data/ConfigurationManager.php | 10 +++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index 051f8d9e..45586f9c 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -159,7 +159,7 @@ readonly class ConfigurationController { } if (isset($request->getParsedBody()['delete_borg_backup_location_vars'])) { - $this->configurationManager->DeleteBorgBackupLocationVars(); + $this->configurationManager->DeleteBorgBackupLocationItems(); } return $response->withStatus(201)->withHeader('Location', '.'); diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 253b1371..e9982eb3 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -506,11 +506,19 @@ class ConfigurationManager } } - public function DeleteBorgBackupLocationVars() : void { + public function DeleteBorgBackupLocationItems() : void { + // Delete the variables $config = $this->GetConfig(); $config['borg_backup_host_location'] = ''; $config['borg_remote_repo'] = ''; $this->WriteConfig($config); + + // Also delete the borg config file to be able to start over + if (file_exists(DataConst::GetBackupKeyFile())) { + if (unlink(DataConst::GetBackupKeyFile())) { + error_log('borg.config file deleted to be able to start over.'); + } + } } /** From 095d3d9cc004b702486048e348abbb57594dc5d7 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 2 Dec 2025 15:51:53 +0100 Subject: [PATCH 164/432] aio-smbserver: now compatible with arm64 as well Signed-off-by: Simon L. --- community-containers/smbserver/readme.md | 1 - 1 file changed, 1 deletion(-) diff --git a/community-containers/smbserver/readme.md b/community-containers/smbserver/readme.md index 9886f4b2..20d90c9f 100644 --- a/community-containers/smbserver/readme.md +++ b/community-containers/smbserver/readme.md @@ -3,7 +3,6 @@ This container bundles an SMB-server and allows to configure it via a graphical ### Notes - This container should only be run in home networks -- This container currently only works on amd64. See https://github.com/szaimen/aio-smbserver/issues/3 - After adding and starting the container, you need to visit `https://internal.ip.of.server:5803` in order to log in with the `smbserver` user and the password that you can see next to the container in the AIO interface. (The web page uses a self-signed certificate, so you need to accept the warning). Then type in `bash /smbserver.sh` and you will see a graphical UI for configuring the smb-server interactively. - The config data of SMB-server will be automatically included in AIOs backup solution! - See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack From 7634a3887f1c1b7bcc7ddd8b83e9b82dceb9c024 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 3 Dec 2025 04:12:39 +0000 Subject: [PATCH 165/432] build(deps): bump elasticsearch in /Containers/fulltextsearch Bumps elasticsearch from 8.19.7 to 8.19.8. --- updated-dependencies: - dependency-name: elasticsearch dependency-version: 8.19.8 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/fulltextsearch/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/fulltextsearch/Dockerfile b/Containers/fulltextsearch/Dockerfile index 8c46ed97..6e739095 100644 --- a/Containers/fulltextsearch/Dockerfile +++ b/Containers/fulltextsearch/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Probably from here https://github.com/elastic/elasticsearch/blob/main/distribution/docker/src/docker/Dockerfile -FROM elasticsearch:8.19.7 +FROM elasticsearch:8.19.8 USER root From 0c0f956ea221f34cb785023da648714fb0633a46 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 3 Dec 2025 04:12:43 +0000 Subject: [PATCH 166/432] build(deps): bump golang in /Containers/imaginary Bumps golang from 1.25.4-alpine3.22 to 1.25.5-alpine3.22. --- updated-dependencies: - dependency-name: golang dependency-version: 1.25.5-alpine3.22 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/imaginary/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/imaginary/Dockerfile b/Containers/imaginary/Dockerfile index 7e477820..ea0a70de 100644 --- a/Containers/imaginary/Dockerfile +++ b/Containers/imaginary/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM golang:1.25.4-alpine3.22 AS go +FROM golang:1.25.5-alpine3.22 AS go ENV IMAGINARY_HASH=6a274b488759a896aff02f52afee6e50b5e3a3ee From d72181f754f31c4e459cbe06efbe23b348074b24 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 3 Dec 2025 04:13:40 +0000 Subject: [PATCH 167/432] build(deps): bump golang in /Containers/watchtower Bumps golang from 1.25.4-alpine3.22 to 1.25.5-alpine3.22. --- updated-dependencies: - dependency-name: golang dependency-version: 1.25.5-alpine3.22 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/watchtower/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/watchtower/Dockerfile b/Containers/watchtower/Dockerfile index 602d2106..d2db5ae3 100644 --- a/Containers/watchtower/Dockerfile +++ b/Containers/watchtower/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM golang:1.25.4-alpine3.22 AS go +FROM golang:1.25.5-alpine3.22 AS go ENV WATCHTOWER_COMMIT_HASH=6c5a1b0bea65cea1d4cc1de5196789a01617957a From edba082dcecc4b5e6a641093dfc6babeda61f9bc Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 3 Dec 2025 09:26:18 +0100 Subject: [PATCH 168/432] improve detail Signed-off-by: Simon L. --- community-containers/caddy/readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/community-containers/caddy/readme.md b/community-containers/caddy/readme.md index 6cdcb452..a8baf9ea 100644 --- a/community-containers/caddy/readme.md +++ b/community-containers/caddy/readme.md @@ -3,7 +3,7 @@ This container bundles caddy and auto-configures it for you. It also covers [vau ### Notes - This container is incompatible with the [npmplus](https://github.com/nextcloud/all-in-one/tree/main/community-containers/npmplus) community container. So make sure that you do not enable both at the same time! -- Make sure that no other service is using port 443 on your host as otherwise the containers will fail to start. You can check this with `sudo netstat -tulpn | grep 443` before installing AIO. +- Make sure that no other service is using port 443/tcp on your host as otherwise the containers will fail to start. You can check this with `sudo netstat -tulpn | grep 443` before installing AIO. - Starting with AIO v12, the Talk port that was usually exposed on port 3478 is now set to port 443 udp and tcp and reachable via `your-nc-domain.com`. For the changes to become activated, you need to go to `https://your-nc-domain.com/settings/admin/talk` and delete all turn and stun servers. Then restart the containers and the new config should become active. - Starting with AIO v12, you can also limit vaultwarden, stalwart and lldap to certain ip-addresses. You can do so by creating a `allowed-IPs-vaultwarden.txt`, `allowed-IPs-stalwart.txt`, or `allowed-IPs-lldap.txt` file in the `nextcloud-aio-caddy` directory of your admin user and adding the ip-addresses in these files. - The container also supports the proxy protocol inside caddy. That means that you can run a supported web server in front of port 443/tcp and use the proxy protocol. You can enable this by configuring the `APACHE_IP_BINDING` environmental variable for the mastercontainer and set it to an ip-address from which the protocol shall be accepted. ⚠️ Note that the initial domain validation will not work correctly if you want to use the proxy protocol. So make sure to skip the domain validation in that case. See the [documentation](https://github.com/nextcloud/all-in-one#how-to-skip-the-domain-validation). From 832d9b5ae6776854373883d3b2182bc62e282a4b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 3 Dec 2025 12:21:58 +0000 Subject: [PATCH 169/432] build(deps): bump actions/checkout in /.github/workflows Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.0 to 6.0.1. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v6...v6.0.1) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/codespell.yml | 2 +- .github/workflows/collabora.yml | 2 +- .github/workflows/community-containers.yml | 2 +- .github/workflows/dependency-updates.yml | 2 +- .github/workflows/docker-lint.yml | 2 +- .github/workflows/helm-release.yml | 2 +- .github/workflows/imaginary-update.yml | 2 +- .github/workflows/json-validator.yml | 2 +- .github/workflows/lint-helm.yml | 2 +- .github/workflows/lint-php.yml | 2 +- .github/workflows/nextcloud-update.yml | 2 +- .github/workflows/php-deprecation-detector.yml | 2 +- .github/workflows/playwright.yml | 2 +- .github/workflows/psalm-update-baseline.yml | 2 +- .github/workflows/psalm.yml | 2 +- .github/workflows/shellcheck.yml | 2 +- .github/workflows/talk.yml | 2 +- .github/workflows/twig-lint.yml | 2 +- .github/workflows/update-copyright.yml | 2 +- .github/workflows/update-helm.yml | 2 +- .github/workflows/update-yaml.yml | 2 +- .github/workflows/watchtower-update.yml | 2 +- 22 files changed, 22 insertions(+), 22 deletions(-) diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml index c1bc4889..2bd4823a 100644 --- a/.github/workflows/codespell.yml +++ b/.github/workflows/codespell.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@v6.0.0 + uses: actions/checkout@v6.0.1 - name: Check spelling uses: codespell-project/actions-codespell@8f01853be192eb0f849a5c7d721450e7a467c579 # v2 with: diff --git a/.github/workflows/collabora.yml b/.github/workflows/collabora.yml index b39ca29b..816f57bf 100644 --- a/.github/workflows/collabora.yml +++ b/.github/workflows/collabora.yml @@ -10,7 +10,7 @@ jobs: name: update collabora runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.0 + - uses: actions/checkout@v6.0.1 - name: Run collabora-profile-update run: | rm -f php/cool-seccomp-profile.json diff --git a/.github/workflows/community-containers.yml b/.github/workflows/community-containers.yml index cd3a9530..7446677f 100644 --- a/.github/workflows/community-containers.yml +++ b/.github/workflows/community-containers.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6.0.0 + uses: actions/checkout@v6.0.1 - name: Validate structure run: | CONTAINERS="$(find ./community-containers -mindepth 1 -maxdepth 1 -type d)" diff --git a/.github/workflows/dependency-updates.yml b/.github/workflows/dependency-updates.yml index 5eefc5e1..12a11f1f 100644 --- a/.github/workflows/dependency-updates.yml +++ b/.github/workflows/dependency-updates.yml @@ -10,7 +10,7 @@ jobs: name: Run dependency update script runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.0 + - uses: actions/checkout@v6.0.1 - uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 with: php-version: 8.4 diff --git a/.github/workflows/docker-lint.yml b/.github/workflows/docker-lint.yml index 0efebdbb..917df1d6 100644 --- a/.github/workflows/docker-lint.yml +++ b/.github/workflows/docker-lint.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6.0.0 + uses: actions/checkout@v6.0.1 - name: Install hadolint run: | diff --git a/.github/workflows/helm-release.yml b/.github/workflows/helm-release.yml index 1b083b64..b4c32778 100644 --- a/.github/workflows/helm-release.yml +++ b/.github/workflows/helm-release.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6.0.0 + uses: actions/checkout@v6.0.1 - name: Turnstyle uses: softprops/turnstyle@2e4451ef94c5969eee533c487092052d4d1a53af # v2 diff --git a/.github/workflows/imaginary-update.yml b/.github/workflows/imaginary-update.yml index 883ea66c..8b624e39 100644 --- a/.github/workflows/imaginary-update.yml +++ b/.github/workflows/imaginary-update.yml @@ -10,7 +10,7 @@ jobs: name: update to latest imaginary commit on master branch runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.0 + - uses: actions/checkout@v6.0.1 - name: Run imaginary-update run: | # Imaginary diff --git a/.github/workflows/json-validator.yml b/.github/workflows/json-validator.yml index d406e011..4cbd28ed 100644 --- a/.github/workflows/json-validator.yml +++ b/.github/workflows/json-validator.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6.0.0 + uses: actions/checkout@v6.0.1 - name: Validate Json run: | sudo apt-get update diff --git a/.github/workflows/lint-helm.yml b/.github/workflows/lint-helm.yml index 1f7f2e72..7beec865 100644 --- a/.github/workflows/lint-helm.yml +++ b/.github/workflows/lint-helm.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6.0.0 + uses: actions/checkout@v6.0.1 with: fetch-depth: 0 diff --git a/.github/workflows/lint-php.yml b/.github/workflows/lint-php.yml index 9c74167a..0c5e2c74 100644 --- a/.github/workflows/lint-php.yml +++ b/.github/workflows/lint-php.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5 # v5.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v5.0.1 with: persist-credentials: false diff --git a/.github/workflows/nextcloud-update.yml b/.github/workflows/nextcloud-update.yml index eb083eed..d90d57e1 100644 --- a/.github/workflows/nextcloud-update.yml +++ b/.github/workflows/nextcloud-update.yml @@ -11,7 +11,7 @@ jobs: name: Run nextcloud-update script runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.0 + - uses: actions/checkout@v6.0.1 - name: Run nextcloud-update script run: | # Inspired by https://github.com/nextcloud/docker/blob/master/update.sh diff --git a/.github/workflows/php-deprecation-detector.yml b/.github/workflows/php-deprecation-detector.yml index ac6aa187..c8638683 100644 --- a/.github/workflows/php-deprecation-detector.yml +++ b/.github/workflows/php-deprecation-detector.yml @@ -16,7 +16,7 @@ jobs: name: PHP Deprecation Detector runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.0 + - uses: actions/checkout@v6.0.1 - name: Set up php uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 with: diff --git a/.github/workflows/playwright.yml b/.github/workflows/playwright.yml index df791fe6..3919690b 100644 --- a/.github/workflows/playwright.yml +++ b/.github/workflows/playwright.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.0 + - uses: actions/checkout@v6.0.1 - uses: actions/setup-node@v6 with: diff --git a/.github/workflows/psalm-update-baseline.yml b/.github/workflows/psalm-update-baseline.yml index 91d41dfc..99ba4e32 100644 --- a/.github/workflows/psalm-update-baseline.yml +++ b/.github/workflows/psalm-update-baseline.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.0 + - uses: actions/checkout@v6.0.1 - name: Set up php uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 diff --git a/.github/workflows/psalm.yml b/.github/workflows/psalm.yml index 8f7da955..bdae585e 100644 --- a/.github/workflows/psalm.yml +++ b/.github/workflows/psalm.yml @@ -32,7 +32,7 @@ jobs: name: static-psalm-analysis steps: - name: Checkout - uses: actions/checkout@c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5 # v5.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v5.0.1 with: persist-credentials: false diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml index 2c0fd697..86954033 100644 --- a/.github/workflows/shellcheck.yml +++ b/.github/workflows/shellcheck.yml @@ -15,7 +15,7 @@ jobs: name: Check Shell runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.0 + - uses: actions/checkout@v6.0.1 - name: Run Shellcheck uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 # v2.0.0 with: diff --git a/.github/workflows/talk.yml b/.github/workflows/talk.yml index 9636502b..689e7e7e 100644 --- a/.github/workflows/talk.yml +++ b/.github/workflows/talk.yml @@ -10,7 +10,7 @@ jobs: name: update talk runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.0 + - uses: actions/checkout@v6.0.1 - name: Run talk-container-update run: | # Recording diff --git a/.github/workflows/twig-lint.yml b/.github/workflows/twig-lint.yml index 1c453505..7e9b5cdc 100644 --- a/.github/workflows/twig-lint.yml +++ b/.github/workflows/twig-lint.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6.0.0 + uses: actions/checkout@v6.0.1 - name: Set up php ${{ matrix.php-versions }} uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 diff --git a/.github/workflows/update-copyright.yml b/.github/workflows/update-copyright.yml index 353e5e9d..f7960ead 100644 --- a/.github/workflows/update-copyright.yml +++ b/.github/workflows/update-copyright.yml @@ -8,4 +8,4 @@ jobs: name: update copyright runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.0 + - uses: actions/checkout@v6.0.1 diff --git a/.github/workflows/update-helm.yml b/.github/workflows/update-helm.yml index c1452355..06555a90 100644 --- a/.github/workflows/update-helm.yml +++ b/.github/workflows/update-helm.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6.0.0 + uses: actions/checkout@v6.0.1 - name: update helm chart run: | set -x diff --git a/.github/workflows/update-yaml.yml b/.github/workflows/update-yaml.yml index a19f34aa..9d9affce 100644 --- a/.github/workflows/update-yaml.yml +++ b/.github/workflows/update-yaml.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6.0.0 + uses: actions/checkout@v6.0.1 - name: update yaml files run: | sudo bash manual-install/update-yaml.sh diff --git a/.github/workflows/watchtower-update.yml b/.github/workflows/watchtower-update.yml index 9f126eb4..69b1b14e 100644 --- a/.github/workflows/watchtower-update.yml +++ b/.github/workflows/watchtower-update.yml @@ -10,7 +10,7 @@ jobs: name: update watchtower runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.0 + - uses: actions/checkout@v6.0.1 - name: Run watchtower-container-update run: | # Watchtower From 0db006605aabd912e2a506419a1456eb370ffb35 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 3 Dec 2025 14:29:55 +0100 Subject: [PATCH 170/432] fix spacing Signed-off-by: Simon L. --- php/src/Controller/DockerController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index 904af4a1..ef0d0702 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -115,7 +115,7 @@ readonly class DockerController { $this->PerformRecursiveContainerStart($id); } - private function listBackup() : void { + private function listBackup() : void { $this->configurationManager->SetBackupMode('list'); $id = 'nextcloud-aio-borgbackup'; From 22a784a3dea08775ab63639fe6ca24d06dc8ac49 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 17 Mar 2025 12:06:08 +0100 Subject: [PATCH 171/432] add workflow to lint github actions Signed-off-by: Simon L. --- .github/workflows/lint-yaml.yml | 39 +++++++++++++++++++++++++++++++++ zizmor.yml | 3 +++ 2 files changed, 42 insertions(+) create mode 100644 .github/workflows/lint-yaml.yml create mode 100644 zizmor.yml diff --git a/.github/workflows/lint-yaml.yml b/.github/workflows/lint-yaml.yml new file mode 100644 index 00000000..658d8b52 --- /dev/null +++ b/.github/workflows/lint-yaml.yml @@ -0,0 +1,39 @@ +# This workflow is provided via the organization template repository +# +# https://github.com/nextcloud/.github +# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT + +name: Lint YAML + +on: pull_request + +permissions: + contents: read + +jobs: + yaml-lint: + runs-on: ubuntu-latest + + name: yaml + + steps: + - name: Checkout + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + persist-credentials: false + + - name: GitHub action templates lint + uses: ibiqlik/action-yamllint@2576378a8e339169678f9939646ee3ee325e845c # v3.1.1 + with: + file_or_dir: .github/workflows + config_data: | + line-length: warning + + - name: Install the latest version of uv + uses: astral-sh/setup-uv@f94ec6bedd8674c4426838e6b50417d36b6ab231 # v5.3.1 + + - name: Check GitHub actions + run: uvx zizmor --min-severity medium .github/workflows/*.yml diff --git a/zizmor.yml b/zizmor.yml new file mode 100644 index 00000000..ee110b08 --- /dev/null +++ b/zizmor.yml @@ -0,0 +1,3 @@ +rules: + excessive-permissions: + disable: true From d6e0d8b87d8b323d7dca477c0a503ef0d610e956 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 3 Dec 2025 18:29:22 +0100 Subject: [PATCH 172/432] run yaml lint only if yml files were changes Signed-off-by: Simon L. --- .github/workflows/lint-yaml.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/lint-yaml.yml b/.github/workflows/lint-yaml.yml index 658d8b52..c88f697e 100644 --- a/.github/workflows/lint-yaml.yml +++ b/.github/workflows/lint-yaml.yml @@ -8,7 +8,10 @@ name: Lint YAML -on: pull_request +on: + pull_request: + paths: + - '**.yml' permissions: contents: read From 86f8f71548a258a63538dc35d1b237a23ba6a211 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 4 Dec 2025 04:13:06 +0000 Subject: [PATCH 173/432] build(deps): bump python in /Containers/talk-recording Bumps python from 3.14.0-alpine3.22 to 3.14.1-alpine3.22. --- updated-dependencies: - dependency-name: python dependency-version: 3.14.1-alpine3.22 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/talk-recording/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/talk-recording/Dockerfile b/Containers/talk-recording/Dockerfile index cc58aa43..cfc1f952 100644 --- a/Containers/talk-recording/Dockerfile +++ b/Containers/talk-recording/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM python:3.14.0-alpine3.22 +FROM python:3.14.1-alpine3.22 COPY --chmod=775 start.sh /start.sh COPY --chmod=775 healthcheck.sh /healthcheck.sh From 7d46e12df70052591d6a9bab47ece0cd97da319f Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Thu, 4 Dec 2025 13:08:03 +0100 Subject: [PATCH 174/432] exchange strval with string cast Signed-off-by: Simon L. --- php/src/Controller/DockerController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index ef0d0702..27a06bc8 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -189,7 +189,7 @@ readonly class DockerController { $config = $this->configurationManager->GetConfig(); // set AIO_URL - $config['AIO_URL'] = $host . ':' . strval($port) . $path; + $config['AIO_URL'] = $host . ':' . (string)$port . $path; // set wasStartButtonClicked $config['wasStartButtonClicked'] = 1; // set install_latest_major From 911cdef763350d64661459b33da3a06563ce2b7f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 4 Dec 2025 12:18:56 +0000 Subject: [PATCH 175/432] build(deps): bump astral-sh/setup-uv in /.github/workflows Bumps [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) from 5.3.1 to 7.1.4. - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](https://github.com/astral-sh/setup-uv/compare/f94ec6bedd8674c4426838e6b50417d36b6ab231...1e862dfacbd1d6d858c55d9b792c756523627244) --- updated-dependencies: - dependency-name: astral-sh/setup-uv dependency-version: 7.1.4 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/lint-yaml.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-yaml.yml b/.github/workflows/lint-yaml.yml index c88f697e..a911f5ad 100644 --- a/.github/workflows/lint-yaml.yml +++ b/.github/workflows/lint-yaml.yml @@ -36,7 +36,7 @@ jobs: line-length: warning - name: Install the latest version of uv - uses: astral-sh/setup-uv@f94ec6bedd8674c4426838e6b50417d36b6ab231 # v5.3.1 + uses: astral-sh/setup-uv@1e862dfacbd1d6d858c55d9b792c756523627244 # v7.1.4 - name: Check GitHub actions run: uvx zizmor --min-severity medium .github/workflows/*.yml From 0a23880281bcbd0bc59f50ce6c1efbe3e458c5a2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 4 Dec 2025 12:19:16 +0000 Subject: [PATCH 176/432] build(deps): bump actions/checkout in /.github/workflows Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 6.0.1. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v4.2.2...v6.0.1) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/lint-yaml.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-yaml.yml b/.github/workflows/lint-yaml.yml index c88f697e..b3d2f0d8 100644 --- a/.github/workflows/lint-yaml.yml +++ b/.github/workflows/lint-yaml.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false From 9d08ce1ce51a38e96a3842539ac91df3ce9b7487 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Thu, 4 Dec 2025 16:14:31 +0100 Subject: [PATCH 177/432] readme: add section on how to limit the resource usage of AIO Signed-off-by: Simon L. --- readme.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/readme.md b/readme.md index f6b4f9e2..acc12d95 100644 --- a/readme.md +++ b/readme.md @@ -217,6 +217,7 @@ https://your-domain-that-points-to-this-server.tld:8443 - [How to adjust the internally used docker api version?](#how-to-adjust-the-internally-used-docker-api-version) - [How to change the default location of Nextcloud's Datadir?](#how-to-change-the-default-location-of-nextclouds-datadir) - [How to store the files/installation on a separate drive?](#how-to-store-the-filesinstallation-on-a-separate-drive) + - [How to limit the resource usage of AIO?](#how-to-limit-the-resource-usage-of-aio) - [How to allow the Nextcloud container to access directories on the host?](#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host) - [How to adjust the Talk port?](#how-to-adjust-the-talk-port) - [How to adjust the upload limit for Nextcloud?](#how-to-adjust-the-upload-limit-for-nextcloud) @@ -465,6 +466,9 @@ You can move the whole docker library and all its files including all Nextcloud This should solve the problem. +### How to limit the resource usage of AIO? +In some cases, you might want to limit the overall resource usage of AIO. You can do so by following [this documentation](https://github.com/nextcloud/all-in-one/discussions/7273). + ### How to allow the Nextcloud container to access directories on the host? By default, the Nextcloud container is confined and cannot access directories on the host OS. You might want to change this when you are planning to use local external storage in Nextcloud to store some files outside the data directory and can do so by adding the environmental variable `NEXTCLOUD_MOUNT` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used). Allowed values for that variable are strings that start with `/` and are not equal to `/`. From bd45cb4544e3007d028ed9986756ffcb2fa83c63 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Thu, 4 Dec 2025 16:18:28 +0100 Subject: [PATCH 178/432] add additional hint Signed-off-by: Simon L. --- readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/readme.md b/readme.md index acc12d95..fc46b3fb 100644 --- a/readme.md +++ b/readme.md @@ -467,7 +467,7 @@ You can move the whole docker library and all its files including all Nextcloud This should solve the problem. ### How to limit the resource usage of AIO? -In some cases, you might want to limit the overall resource usage of AIO. You can do so by following [this documentation](https://github.com/nextcloud/all-in-one/discussions/7273). +In some cases, you might want to limit the overall resource usage of AIO. You can do so by following [this documentation](https://github.com/nextcloud/all-in-one/discussions/7273). Another possibility is to use the [manual installation](./manual-install/). ### How to allow the Nextcloud container to access directories on the host? By default, the Nextcloud container is confined and cannot access directories on the host OS. You might want to change this when you are planning to use local external storage in Nextcloud to store some files outside the data directory and can do so by adding the environmental variable `NEXTCLOUD_MOUNT` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used). Allowed values for that variable are strings that start with `/` and are not equal to `/`. From b80bc2640dba54b8121957f25a97ca2ee976d06c Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Thu, 4 Dec 2025 16:19:30 +0100 Subject: [PATCH 179/432] fix mentioning of docker.io Signed-off-by: Simon L. --- manual-install/readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manual-install/readme.md b/manual-install/readme.md index 874a5b4b..ea2c2978 100644 --- a/manual-install/readme.md +++ b/manual-install/readme.md @@ -6,7 +6,7 @@ You can run the containers that are build for AIO with docker-compose. This come - You can run it without a container having access to the docker socket - You can modify all values on your own - You can run the containers with docker swarm -- You can run this in environments where access to docker.io is not possible. See [this issue](https://github.com/nextcloud/all-in-one/discussions/5268). +- You can run this in environments where access to ghcr.io is not possible. See [this issue](https://github.com/nextcloud/all-in-one/discussions/5268). ### Disadvantages - You lose the AIO interface From 57efcd852da78180671212e166adf602e2d6fbab Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 5 Dec 2025 04:12:33 +0000 Subject: [PATCH 180/432] build(deps): bump httpd in /Containers/apache Bumps httpd from 2.4.65-alpine3.22 to 2.4.66-alpine3.22. --- updated-dependencies: - dependency-name: httpd dependency-version: 2.4.66-alpine3.22 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/apache/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/apache/Dockerfile b/Containers/apache/Dockerfile index d9602864..c844c364 100644 --- a/Containers/apache/Dockerfile +++ b/Containers/apache/Dockerfile @@ -2,7 +2,7 @@ FROM caddy:2.10.2-alpine AS caddy # From https://github.com/docker-library/httpd/blob/master/2.4/alpine/Dockerfile -FROM httpd:2.4.65-alpine3.22 +FROM httpd:2.4.66-alpine3.22 COPY --from=caddy /usr/bin/caddy /usr/bin/caddy From 238117ac47d879a3d51814d8919acc346da6a1e9 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 8 Dec 2025 09:45:09 +0100 Subject: [PATCH 181/432] mastercontainer: fix docker api version check if DOCKER_API_VERSION was set globally Signed-off-by: Simon L. --- Containers/mastercontainer/start.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Containers/mastercontainer/start.sh b/Containers/mastercontainer/start.sh index 4ca193be..1002ef84 100644 --- a/Containers/mastercontainer/start.sh +++ b/Containers/mastercontainer/start.sh @@ -116,14 +116,14 @@ fi # Docker api version check # shellcheck disable=SC2001 -API_VERSION_NUMB="$(echo "$API_VERSION" | sed 's/\.//')" +API_VERSION_NUMB="$(echo "$DOCKER_API_VERSION" | sed 's/\.//')" LOCAL_API_VERSION_NUMB="$(sudo -E -u www-data docker version | grep -i "api version" | grep -oP '[0-9]+.[0-9]+' | head -1 | sed 's/\.//')" if [ -z "$LOCAL_API_VERSION_NUMB" ]; then LOCAL_API_VERSION_NUMB="$(sudo -E -u www-data DOCKER_API_VERSION="$FALLBACK_DOCKER_API_VERSION" docker version | grep -i "api version" | grep -oP '[0-9]+.[0-9]+' | head -1 | sed 's/\.//')" fi if [ -n "$LOCAL_API_VERSION_NUMB" ] && [ -n "$API_VERSION_NUMB" ]; then if ! [ "$LOCAL_API_VERSION_NUMB" -ge "$API_VERSION_NUMB" ]; then - print_red "Docker API v$API_VERSION is not supported by your docker engine. Cannot proceed. Please upgrade your docker engine if you want to run Nextcloud AIO!" + print_red "Docker API v$DOCKER_API_VERSION is not supported by your docker engine. Cannot proceed. Please upgrade your docker engine if you want to run Nextcloud AIO!" echo "Alternatively, set the DOCKER_API_VERSION environmental variable to a compatible version." echo "However please note that only v$API_VERSION is officially supported and tested by the maintainers of Nextcloud AIO." echo "See https://github.com/nextcloud/all-in-one#how-to-adjust-the-internally-used-docker-api-version" From a9d462489c5fa7f568e8ced174177d565662430e Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 8 Dec 2025 10:03:53 +0100 Subject: [PATCH 182/432] increase to 12.2.1 Signed-off-by: Simon L. --- php/templates/containers.twig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/templates/containers.twig b/php/templates/containers.twig index 2b381c90..2432ab13 100644 --- a/php/templates/containers.twig +++ b/php/templates/containers.twig @@ -17,7 +17,7 @@
-

Nextcloud AIO v12.2.0

+

Nextcloud AIO v12.2.1

{# Add 2nd tab warning #} From 19ad65966b24c93709dc521444b1783d7d0a7b22 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Dec 2025 12:16:55 +0000 Subject: [PATCH 183/432] build(deps): bump peter-evans/create-pull-request in /.github/workflows Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.9 to 7.0.11. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/84ae59a2cdc2258d6fa0732dd66352dddae2a412...22a9089034f40e5a961c8808d113e2c98fb63676) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-version: 7.0.11 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/collabora.yml | 2 +- .github/workflows/dependency-updates.yml | 2 +- .github/workflows/imaginary-update.yml | 2 +- .github/workflows/nextcloud-update.yml | 2 +- .github/workflows/psalm-update-baseline.yml | 2 +- .github/workflows/talk.yml | 2 +- .github/workflows/update-helm.yml | 2 +- .github/workflows/update-yaml.yml | 2 +- .github/workflows/watchtower-update.yml | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/collabora.yml b/.github/workflows/collabora.yml index 816f57bf..37e974f7 100644 --- a/.github/workflows/collabora.yml +++ b/.github/workflows/collabora.yml @@ -18,7 +18,7 @@ jobs: mv cool-seccomp-profile.json php/ - name: Create Pull Request - uses: peter-evans/create-pull-request@84ae59a2cdc2258d6fa0732dd66352dddae2a412 # v7 + uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 with: commit-message: collabora-seccomp-update automated change signoff: true diff --git a/.github/workflows/dependency-updates.yml b/.github/workflows/dependency-updates.yml index 12a11f1f..1b448139 100644 --- a/.github/workflows/dependency-updates.yml +++ b/.github/workflows/dependency-updates.yml @@ -44,7 +44,7 @@ jobs: )" sed -i "s|pecl install APCu.*\;|pecl install APCu-$apcu_version\;|" ./Containers/mastercontainer/Dockerfile - name: Create Pull Request - uses: peter-evans/create-pull-request@84ae59a2cdc2258d6fa0732dd66352dddae2a412 # v7 + uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 with: commit-message: php dependency updates signoff: true diff --git a/.github/workflows/imaginary-update.yml b/.github/workflows/imaginary-update.yml index 8b624e39..060b376e 100644 --- a/.github/workflows/imaginary-update.yml +++ b/.github/workflows/imaginary-update.yml @@ -22,7 +22,7 @@ jobs: sed -i "s|^ENV IMAGINARY_HASH.*$|ENV IMAGINARY_HASH=$imaginary_version|" ./Containers/imaginary/Dockerfile - name: Create Pull Request - uses: peter-evans/create-pull-request@84ae59a2cdc2258d6fa0732dd66352dddae2a412 # v7 + uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 with: commit-message: imaginary-update automated change signoff: true diff --git a/.github/workflows/nextcloud-update.yml b/.github/workflows/nextcloud-update.yml index d90d57e1..7fe5bbf9 100644 --- a/.github/workflows/nextcloud-update.yml +++ b/.github/workflows/nextcloud-update.yml @@ -79,7 +79,7 @@ jobs: fi - name: Create Pull Request - uses: peter-evans/create-pull-request@84ae59a2cdc2258d6fa0732dd66352dddae2a412 # v7 + uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 with: commit-message: nextcloud-update automated change signoff: true diff --git a/.github/workflows/psalm-update-baseline.yml b/.github/workflows/psalm-update-baseline.yml index 99ba4e32..1bd47ac4 100644 --- a/.github/workflows/psalm-update-baseline.yml +++ b/.github/workflows/psalm-update-baseline.yml @@ -30,7 +30,7 @@ jobs: continue-on-error: true - name: Create Pull Request - uses: peter-evans/create-pull-request@84ae59a2cdc2258d6fa0732dd66352dddae2a412 # v7 + uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 with: token: ${{ secrets.COMMAND_BOT_PAT }} commit-message: Update psalm baseline diff --git a/.github/workflows/talk.yml b/.github/workflows/talk.yml index 689e7e7e..f28ad9f2 100644 --- a/.github/workflows/talk.yml +++ b/.github/workflows/talk.yml @@ -45,7 +45,7 @@ jobs: sed -i "s|^ARG JANUS_VERSION=.*$|ARG JANUS_VERSION=$janus_version|" ./Containers/talk/Dockerfile - name: Create Pull Request - uses: peter-evans/create-pull-request@84ae59a2cdc2258d6fa0732dd66352dddae2a412 # v7 + uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 with: commit-message: talk-update automated change signoff: true diff --git a/.github/workflows/update-helm.yml b/.github/workflows/update-helm.yml index 06555a90..ee8e4669 100644 --- a/.github/workflows/update-helm.yml +++ b/.github/workflows/update-helm.yml @@ -23,7 +23,7 @@ jobs: sudo bash nextcloud-aio-helm-chart/update-helm.sh "$DOCKER_TAG" fi - name: Create Pull Request - uses: peter-evans/create-pull-request@84ae59a2cdc2258d6fa0732dd66352dddae2a412 # v7 + uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 with: commit-message: Helm Chart updates signoff: true diff --git a/.github/workflows/update-yaml.yml b/.github/workflows/update-yaml.yml index 9d9affce..ba92fd50 100644 --- a/.github/workflows/update-yaml.yml +++ b/.github/workflows/update-yaml.yml @@ -16,7 +16,7 @@ jobs: run: | sudo bash manual-install/update-yaml.sh - name: Create Pull Request - uses: peter-evans/create-pull-request@84ae59a2cdc2258d6fa0732dd66352dddae2a412 # v7 + uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 with: commit-message: Yaml updates signoff: true diff --git a/.github/workflows/watchtower-update.yml b/.github/workflows/watchtower-update.yml index 69b1b14e..be929285 100644 --- a/.github/workflows/watchtower-update.yml +++ b/.github/workflows/watchtower-update.yml @@ -26,7 +26,7 @@ jobs: sed -i "s|\$WATCHTOWER_COMMIT_HASH.*$|\$WATCHTOWER_COMMIT_HASH # $watchtower_version|" ./Containers/watchtower/Dockerfile - name: Create Pull Request - uses: peter-evans/create-pull-request@84ae59a2cdc2258d6fa0732dd66352dddae2a412 # v7 + uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 with: commit-message: watchtower-update automated change signoff: true From f5fbc591565d1a3538791d03463653d5d220d425 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Dec 2025 12:16:59 +0000 Subject: [PATCH 184/432] build(deps): bump astral-sh/setup-uv in /.github/workflows Bumps [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) from 7.1.4 to 7.1.5. - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](https://github.com/astral-sh/setup-uv/compare/1e862dfacbd1d6d858c55d9b792c756523627244...ed21f2f24f8dd64503750218de024bcf64c7250a) --- updated-dependencies: - dependency-name: astral-sh/setup-uv dependency-version: 7.1.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/lint-yaml.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-yaml.yml b/.github/workflows/lint-yaml.yml index b91d8c63..542f38b8 100644 --- a/.github/workflows/lint-yaml.yml +++ b/.github/workflows/lint-yaml.yml @@ -36,7 +36,7 @@ jobs: line-length: warning - name: Install the latest version of uv - uses: astral-sh/setup-uv@1e862dfacbd1d6d858c55d9b792c756523627244 # v7.1.4 + uses: astral-sh/setup-uv@ed21f2f24f8dd64503750218de024bcf64c7250a # v7.1.5 - name: Check GitHub actions run: uvx zizmor --min-severity medium .github/workflows/*.yml From 02b095040bd76c7f445fb2d197cef57da3478d76 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Dec 2025 12:17:02 +0000 Subject: [PATCH 185/432] build(deps): bump softprops/turnstyle in /.github/workflows Bumps [softprops/turnstyle](https://github.com/softprops/turnstyle) from 3.2.1 to 3.2.2. - [Release notes](https://github.com/softprops/turnstyle/releases) - [Changelog](https://github.com/softprops/turnstyle/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/turnstyle/compare/2e4451ef94c5969eee533c487092052d4d1a53af...15f9da4059166900981058ba251e0b652511c68f) --- updated-dependencies: - dependency-name: softprops/turnstyle dependency-version: 3.2.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/helm-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/helm-release.yml b/.github/workflows/helm-release.yml index b4c32778..639b0785 100644 --- a/.github/workflows/helm-release.yml +++ b/.github/workflows/helm-release.yml @@ -16,7 +16,7 @@ jobs: uses: actions/checkout@v6.0.1 - name: Turnstyle - uses: softprops/turnstyle@2e4451ef94c5969eee533c487092052d4d1a53af # v2 + uses: softprops/turnstyle@15f9da4059166900981058ba251e0b652511c68f # v2 with: continue-after-seconds: 180 env: From cd8158c9f6463a018b3334bab10005ceb3e5a2c9 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 8 Dec 2025 14:42:30 +0100 Subject: [PATCH 186/432] fix excluding zizmor workflow in downstream repo Signed-off-by: Simon L. --- zizmor.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/zizmor.yml b/zizmor.yml index ee110b08..afc373cb 100644 --- a/zizmor.yml +++ b/zizmor.yml @@ -1,3 +1,6 @@ rules: excessive-permissions: disable: true + dangerous-triggers: + ignore: + - build_images.yml From 1691a19036b32f45068d1dea9f1237c49cf4aa0c Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 8 Dec 2025 15:36:02 +0100 Subject: [PATCH 187/432] make redis port configurable Signed-off-by: Simon L. --- Containers/nextcloud/Dockerfile | 2 +- Containers/nextcloud/config/redis.config.php | 6 ++---- Containers/nextcloud/entrypoint.sh | 2 +- Containers/notify-push/start.sh | 6 +++++- Containers/whiteboard/healthcheck.sh | 2 +- Containers/whiteboard/start.sh | 4 ++-- php/containers.json | 3 +++ 7 files changed, 15 insertions(+), 10 deletions(-) diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 03663b85..7ba63a39 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -138,7 +138,7 @@ RUN set -ex; \ \ { \ echo 'session.save_handler = redis'; \ - echo 'session.save_path = "tcp://${REDIS_HOST}:6379?database=${REDIS_DB_INDEX}${REDIS_USER_AUTH}&auth[]=${REDIS_HOST_PASSWORD}"'; \ + echo 'session.save_path = "tcp://${REDIS_HOST}:${REDIS_PORT}?database=${REDIS_DB_INDEX}${REDIS_USER_AUTH}&auth[]=${REDIS_HOST_PASSWORD}"'; \ echo 'redis.session.locking_enabled = 1'; \ echo 'redis.session.lock_retries = -1'; \ echo 'redis.session.lock_wait_time = 10000'; \ diff --git a/Containers/nextcloud/config/redis.config.php b/Containers/nextcloud/config/redis.config.php index 80848974..b59fe4ea 100644 --- a/Containers/nextcloud/config/redis.config.php +++ b/Containers/nextcloud/config/redis.config.php @@ -9,10 +9,8 @@ if (getenv('REDIS_HOST')) { ), ); - if (getenv('REDIS_HOST_PORT')) { - $CONFIG['redis']['port'] = (int) getenv('REDIS_HOST_PORT'); - } elseif (getenv('REDIS_HOST')[0] != '/') { - $CONFIG['redis']['port'] = 6379; + if (getenv('REDIS_PORT')) { + $CONFIG['redis']['port'] = (int) getenv('REDIS_PORT'); } if (getenv('REDIS_DB_INDEX')) { diff --git a/Containers/nextcloud/entrypoint.sh b/Containers/nextcloud/entrypoint.sh index 8fdff0d0..86ffe159 100644 --- a/Containers/nextcloud/entrypoint.sh +++ b/Containers/nextcloud/entrypoint.sh @@ -27,7 +27,7 @@ fi # Only start container if Redis is accessible # shellcheck disable=SC2153 -while ! nc -z "$REDIS_HOST" "6379"; do +while ! nc -z "$REDIS_HOST" "$REDIS_PORT"; do echo "Waiting for Redis to start..." sleep 5 done diff --git a/Containers/notify-push/start.sh b/Containers/notify-push/start.sh index 9277bdaa..2f30106a 100644 --- a/Containers/notify-push/start.sh +++ b/Containers/notify-push/start.sh @@ -52,6 +52,10 @@ fi if [ -z "$REDIS_DB_INDEX" ]; then REDIS_DB_INDEX=0 fi +# Set a default value for REDIS_PORT +if [ -z "$REDIS_PORT" ]; then + REDIS_PORT=6379 +fi # Set a default for db type if [ -z "$DATABASE_TYPE" ]; then DATABASE_TYPE=postgres @@ -76,7 +80,7 @@ fi # Set sensitive values as env export DATABASE_URL="$DATABASE_TYPE://$POSTGRES_USER:$POSTGRES_PASSWORD@$POSTGRES_HOST:$POSTGRES_PORT/$POSTGRES_DB$CERT_OPTIONS" -export REDIS_URL="redis://$REDIS_USER:$REDIS_HOST_PASSWORD@$REDIS_HOST/$REDIS_DB_INDEX" +export REDIS_URL="redis://$REDIS_USER:$REDIS_HOST_PASSWORD@$REDIS_HOST:$REDIS_PORT/$REDIS_DB_INDEX" # Run it /nextcloud/custom_apps/notify_push/bin/"$CPU_ARCH"/notify_push \ diff --git a/Containers/whiteboard/healthcheck.sh b/Containers/whiteboard/healthcheck.sh index 4f53988a..5909db82 100644 --- a/Containers/whiteboard/healthcheck.sh +++ b/Containers/whiteboard/healthcheck.sh @@ -1,4 +1,4 @@ #!/bin/bash -nc -z "$REDIS_HOST" 6379 || exit 0 +nc -z "$REDIS_HOST" "$REDIS_PORT" || exit 0 nc -z 127.0.0.1 3002 || exit 1 diff --git a/Containers/whiteboard/start.sh b/Containers/whiteboard/start.sh index 962df9b9..8975e0c6 100644 --- a/Containers/whiteboard/start.sh +++ b/Containers/whiteboard/start.sh @@ -1,7 +1,7 @@ #!/bin/bash # Only start container if nextcloud is accessible -while ! nc -z "$REDIS_HOST" 6379; do +while ! nc -z "$REDIS_HOST" "$REDIS_PORT"; do echo "Waiting for redis to start..." sleep 5 done @@ -11,7 +11,7 @@ if [ -z "$REDIS_DB_INDEX" ]; then REDIS_DB_INDEX=0 fi -export REDIS_URL="redis://$REDIS_USER:$REDIS_HOST_PASSWORD@$REDIS_HOST/$REDIS_DB_INDEX" +export REDIS_URL="redis://$REDIS_USER:$REDIS_HOST_PASSWORD@$REDIS_HOST:$REDIS_PORT/$REDIS_DB_INDEX" # Run it exec npm --prefix /app run server:start diff --git a/php/containers.json b/php/containers.json index 8afb68e9..486a4694 100644 --- a/php/containers.json +++ b/php/containers.json @@ -204,6 +204,7 @@ "POSTGRES_DB=nextcloud_database", "POSTGRES_USER=nextcloud", "REDIS_HOST=nextcloud-aio-redis", + "REDIS_PORT=6379", "REDIS_HOST_PASSWORD=%REDIS_PASSWORD%", "APACHE_HOST=nextcloud-aio-apache", "APACHE_PORT=%APACHE_PORT%", @@ -305,6 +306,7 @@ "NEXTCLOUD_HOST=nextcloud-aio-nextcloud", "TZ=%TIMEZONE%", "REDIS_HOST=nextcloud-aio-redis", + "REDIS_PORT=6379", "REDIS_HOST_PASSWORD=%REDIS_PASSWORD%", "POSTGRES_HOST=nextcloud-aio-database", "POSTGRES_PORT=5432", @@ -875,6 +877,7 @@ "JWT_SECRET_KEY=%WHITEBOARD_SECRET%", "STORAGE_STRATEGY=redis", "REDIS_HOST=nextcloud-aio-redis", + "REDIS_PORT=6379", "REDIS_HOST_PASSWORD=%REDIS_PASSWORD%", "BACKUP_DIR=/tmp" ], From 3ab5740f0cb70a9be7d3b9df3cc71a85cbd1d33b Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 8 Dec 2025 19:30:10 +0100 Subject: [PATCH 188/432] add further explanation to failed docker check Signed-off-by: Simon L. --- Containers/mastercontainer/start.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Containers/mastercontainer/start.sh b/Containers/mastercontainer/start.sh index 1002ef84..ad1734f1 100644 --- a/Containers/mastercontainer/start.sh +++ b/Containers/mastercontainer/start.sh @@ -110,6 +110,10 @@ if ! sudo -E -u www-data docker info &>/dev/null; then echo "Did you maybe remove group read permissions for the docker socket? AIO needs them in order to access the docker socket." echo "If SELinux is enabled on your host, see https://github.com/nextcloud/all-in-one#are-there-known-problems-when-selinux-is-enabled" echo "If you are on TrueNas SCALE, see https://github.com/nextcloud/all-in-one#can-i-run-aio-on-truenas-scale" + echo "On macOS, see https://github.com/nextcloud/all-in-one#how-to-run-aio-on-macos" + echo "Another possibility might be that Docker api v$API_VERSION is not supported by your docker daemon." + echo "In that case, you should report this to https://github.com/nextcloud/all-in-one/issues" + echo "" exit 1 fi fi From 2498911854c16ef7aad74867870cadbf9be8edb6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 9 Dec 2025 04:13:08 +0000 Subject: [PATCH 189/432] build(deps): bump docker in /Containers/mastercontainer Bumps docker from 29.1.1-cli to 29.1.2-cli. --- updated-dependencies: - dependency-name: docker dependency-version: 29.1.2-cli dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/mastercontainer/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile index f6ecd08e..63c8ea35 100644 --- a/Containers/mastercontainer/Dockerfile +++ b/Containers/mastercontainer/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Docker CLI is a requirement -FROM docker:29.1.1-cli AS docker +FROM docker:29.1.2-cli AS docker # Caddy is a requirement FROM caddy:2.10.2-alpine AS caddy From 7fa5af0e8cdaec036b299401553b8e5b636791f8 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 9 Dec 2025 09:14:59 +0100 Subject: [PATCH 190/432] daily-bakup.sh: fix issue with apache-port Signed-off-by: Simon L. --- Containers/mastercontainer/daily-backup.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Containers/mastercontainer/daily-backup.sh b/Containers/mastercontainer/daily-backup.sh index edc5bddd..d11f3e85 100644 --- a/Containers/mastercontainer/daily-backup.sh +++ b/Containers/mastercontainer/daily-backup.sh @@ -23,8 +23,8 @@ fi sudo -E -u www-data touch "/mnt/docker-aio-config/data/daily_backup_running" # Check if apache is running/stopped, watchtower is stopped and backupcontainer is stopped -APACHE_PORT="$(docker inspect nextcloud-aio-apache --format "{{.Config.Env}}" | grep -o 'APACHE_PORT=[0-9]\+' | grep -o '[0-9]\+' | head -1)" -if [ -z "$APACHE_PORT" ]; then +LOCAL_APACHE_PORT="$(docker inspect nextcloud-aio-apache --format "{{.Config.Env}}" | grep -o 'APACHE_PORT=[0-9]\+' | grep -o '[0-9]\+' | head -1)" +if [ -z "$LOCAL_APACHE_PORT" ]; then echo "APACHE_PORT is not set which is not expected..." else # Connect mastercontainer to nextcloud-aio network to make sure that nextcloud-aio-apache is reachable @@ -32,7 +32,7 @@ else docker network connect nextcloud-aio nextcloud-aio-mastercontainer &>/dev/null # Wait for apache to start - while docker ps --format "{{.Names}}" | grep -q "^nextcloud-aio-apache$" && ! nc -z nextcloud-aio-apache "$APACHE_PORT"; do + while docker ps --format "{{.Names}}" | grep -q "^nextcloud-aio-apache$" && ! nc -z nextcloud-aio-apache "$LOCAL_APACHE_PORT"; do echo "Waiting for apache to become available" sleep 30 done From b6f85b04b511e40f09947f1c10f4594930736117 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Tue, 9 Dec 2025 12:03:48 +0000 Subject: [PATCH 191/432] Yaml updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- manual-install/latest.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manual-install/latest.yml b/manual-install/latest.yml index 12545ac3..4e2cfaee 100644 --- a/manual-install/latest.yml +++ b/manual-install/latest.yml @@ -438,7 +438,7 @@ services: environment: - TZ=${TIMEZONE} - ES_JAVA_OPTS=${FULLTEXTSEARCH_JAVA_OPTIONS} - - bootstrap.memory_lock=true + - bootstrap.memory_lock=false - cluster.name=nextcloud-aio - discovery.type=single-node - logger.level=WARN From 52f67f2de96033bfe687530302ebf6bd0676f0dc Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Tue, 9 Dec 2025 12:14:58 +0000 Subject: [PATCH 192/432] nextcloud-update automated change Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- Containers/nextcloud/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 03663b85..866ad126 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -83,7 +83,7 @@ RUN set -ex; \ \ # pecl will claim success even if one install fails, so we need to perform each install separately pecl install -o igbinary-3.2.16; \ - pecl install APCu-5.1.27; \ + pecl install APCu-5.1.28; \ pecl install -D 'enable-memcached-igbinary="yes"' memcached-3.4.0; \ pecl install -oD 'enable-redis-igbinary="yes" enable-redis-zstd="yes" enable-redis-lz4="yes"' redis-6.3.0; \ pecl install -o imagick-3.8.1; \ From 0f3f88da0841c0239cd1fdb106e44c70eb1e251f Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Wed, 10 Dec 2025 12:29:46 +0000 Subject: [PATCH 193/432] php dependency updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- Containers/mastercontainer/Dockerfile | 2 +- php/composer.lock | 74 +++++++++++++-------------- 2 files changed, 38 insertions(+), 38 deletions(-) diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile index f6ecd08e..4bea57a4 100644 --- a/Containers/mastercontainer/Dockerfile +++ b/Containers/mastercontainer/Dockerfile @@ -52,7 +52,7 @@ RUN set -ex; \ apk add --no-cache --virtual .build-deps \ autoconf \ build-base; \ - pecl install APCu-5.1.27; \ + pecl install APCu-5.1.28; \ docker-php-ext-enable apcu; \ rm -r /tmp/pear; \ runDeps="$( \ diff --git a/php/composer.lock b/php/composer.lock index 2fbf905c..24565073 100644 --- a/php/composer.lock +++ b/php/composer.lock @@ -2035,16 +2035,16 @@ }, { "name": "amphp/parallel", - "version": "v2.3.2", + "version": "v2.3.3", "source": { "type": "git", "url": "https://github.com/amphp/parallel.git", - "reference": "321b45ae771d9c33a068186b24117e3cd1c48dce" + "reference": "296b521137a54d3a02425b464e5aee4c93db2c60" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/amphp/parallel/zipball/321b45ae771d9c33a068186b24117e3cd1c48dce", - "reference": "321b45ae771d9c33a068186b24117e3cd1c48dce", + "url": "https://api.github.com/repos/amphp/parallel/zipball/296b521137a54d3a02425b464e5aee4c93db2c60", + "reference": "296b521137a54d3a02425b464e5aee4c93db2c60", "shasum": "" }, "require": { @@ -2107,7 +2107,7 @@ ], "support": { "issues": "https://github.com/amphp/parallel/issues", - "source": "https://github.com/amphp/parallel/tree/v2.3.2" + "source": "https://github.com/amphp/parallel/tree/v2.3.3" }, "funding": [ { @@ -2115,7 +2115,7 @@ "type": "github" } ], - "time": "2025-08-27T21:55:40+00:00" + "time": "2025-11-15T06:23:42+00:00" }, { "name": "amphp/parser", @@ -3111,20 +3111,20 @@ }, { "name": "league/uri", - "version": "7.6.0", + "version": "7.7.0", "source": { "type": "git", "url": "https://github.com/thephpleague/uri.git", - "reference": "f625804987a0a9112d954f9209d91fec52182344" + "reference": "8d587cddee53490f9b82bf203d3a9aa7ea4f9807" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/thephpleague/uri/zipball/f625804987a0a9112d954f9209d91fec52182344", - "reference": "f625804987a0a9112d954f9209d91fec52182344", + "url": "https://api.github.com/repos/thephpleague/uri/zipball/8d587cddee53490f9b82bf203d3a9aa7ea4f9807", + "reference": "8d587cddee53490f9b82bf203d3a9aa7ea4f9807", "shasum": "" }, "require": { - "league/uri-interfaces": "^7.6", + "league/uri-interfaces": "^7.7", "php": "^8.1", "psr/http-factory": "^1" }, @@ -3197,7 +3197,7 @@ "docs": "https://uri.thephpleague.com", "forum": "https://thephpleague.slack.com", "issues": "https://github.com/thephpleague/uri-src/issues", - "source": "https://github.com/thephpleague/uri/tree/7.6.0" + "source": "https://github.com/thephpleague/uri/tree/7.7.0" }, "funding": [ { @@ -3205,20 +3205,20 @@ "type": "github" } ], - "time": "2025-11-18T12:17:23+00:00" + "time": "2025-12-07T16:02:06+00:00" }, { "name": "league/uri-interfaces", - "version": "7.6.0", + "version": "7.7.0", "source": { "type": "git", "url": "https://github.com/thephpleague/uri-interfaces.git", - "reference": "ccbfb51c0445298e7e0b7f4481b942f589665368" + "reference": "62ccc1a0435e1c54e10ee6022df28d6c04c2946c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/thephpleague/uri-interfaces/zipball/ccbfb51c0445298e7e0b7f4481b942f589665368", - "reference": "ccbfb51c0445298e7e0b7f4481b942f589665368", + "url": "https://api.github.com/repos/thephpleague/uri-interfaces/zipball/62ccc1a0435e1c54e10ee6022df28d6c04c2946c", + "reference": "62ccc1a0435e1c54e10ee6022df28d6c04c2946c", "shasum": "" }, "require": { @@ -3281,7 +3281,7 @@ "docs": "https://uri.thephpleague.com", "forum": "https://thephpleague.slack.com", "issues": "https://github.com/thephpleague/uri-src/issues", - "source": "https://github.com/thephpleague/uri-interfaces/tree/7.6.0" + "source": "https://github.com/thephpleague/uri-interfaces/tree/7.7.0" }, "funding": [ { @@ -3289,7 +3289,7 @@ "type": "github" } ], - "time": "2025-11-18T12:17:23+00:00" + "time": "2025-12-07T16:03:21+00:00" }, { "name": "netresearch/jsonmapper", @@ -3344,16 +3344,16 @@ }, { "name": "nikic/php-parser", - "version": "v5.6.2", + "version": "v5.7.0", "source": { "type": "git", "url": "https://github.com/nikic/PHP-Parser.git", - "reference": "3a454ca033b9e06b63282ce19562e892747449bb" + "reference": "dca41cd15c2ac9d055ad70dbfd011130757d1f82" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/3a454ca033b9e06b63282ce19562e892747449bb", - "reference": "3a454ca033b9e06b63282ce19562e892747449bb", + "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/dca41cd15c2ac9d055ad70dbfd011130757d1f82", + "reference": "dca41cd15c2ac9d055ad70dbfd011130757d1f82", "shasum": "" }, "require": { @@ -3396,9 +3396,9 @@ ], "support": { "issues": "https://github.com/nikic/PHP-Parser/issues", - "source": "https://github.com/nikic/PHP-Parser/tree/v5.6.2" + "source": "https://github.com/nikic/PHP-Parser/tree/v5.7.0" }, - "time": "2025-10-21T19:32:17+00:00" + "time": "2025-12-06T11:56:16+00:00" }, { "name": "phpdocumentor/reflection-common", @@ -3889,16 +3889,16 @@ }, { "name": "symfony/console", - "version": "v6.4.27", + "version": "v6.4.30", "source": { "type": "git", "url": "https://github.com/symfony/console.git", - "reference": "13d3176cf8ad8ced24202844e9f95af11e2959fc" + "reference": "1b2813049506b39eb3d7e64aff033fd5ca26c97e" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/console/zipball/13d3176cf8ad8ced24202844e9f95af11e2959fc", - "reference": "13d3176cf8ad8ced24202844e9f95af11e2959fc", + "url": "https://api.github.com/repos/symfony/console/zipball/1b2813049506b39eb3d7e64aff033fd5ca26c97e", + "reference": "1b2813049506b39eb3d7e64aff033fd5ca26c97e", "shasum": "" }, "require": { @@ -3963,7 +3963,7 @@ "terminal" ], "support": { - "source": "https://github.com/symfony/console/tree/v6.4.27" + "source": "https://github.com/symfony/console/tree/v6.4.30" }, "funding": [ { @@ -3983,7 +3983,7 @@ "type": "tidelift" } ], - "time": "2025-10-06T10:25:16+00:00" + "time": "2025-12-05T13:47:41+00:00" }, { "name": "symfony/filesystem", @@ -4550,16 +4550,16 @@ }, { "name": "vimeo/psalm", - "version": "6.13.1", + "version": "6.14.1", "source": { "type": "git", "url": "https://github.com/vimeo/psalm.git", - "reference": "1e3b7f0a8ab32b23197b91107adc0a7ed8a05b51" + "reference": "cf26e6debc366836754f359ece5b68629a1ee185" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/vimeo/psalm/zipball/1e3b7f0a8ab32b23197b91107adc0a7ed8a05b51", - "reference": "1e3b7f0a8ab32b23197b91107adc0a7ed8a05b51", + "url": "https://api.github.com/repos/vimeo/psalm/zipball/cf26e6debc366836754f359ece5b68629a1ee185", + "reference": "cf26e6debc366836754f359ece5b68629a1ee185", "shasum": "" }, "require": { @@ -4582,7 +4582,7 @@ "fidry/cpu-core-counter": "^0.4.1 || ^0.5.1 || ^1.0.0", "netresearch/jsonmapper": "^5.0", "nikic/php-parser": "^5.0.0", - "php": "~8.1.31 || ~8.2.27 || ~8.3.16 || ~8.4.3", + "php": "~8.1.31 || ~8.2.27 || ~8.3.16 || ~8.4.3 || ~8.5.0", "sebastian/diff": "^4.0 || ^5.0 || ^6.0 || ^7.0", "spatie/array-to-xml": "^2.17.0 || ^3.0", "symfony/console": "^6.0 || ^7.0", @@ -4664,7 +4664,7 @@ "issues": "https://github.com/vimeo/psalm/issues", "source": "https://github.com/vimeo/psalm" }, - "time": "2025-08-06T10:10:28+00:00" + "time": "2025-12-10T09:31:26+00:00" }, { "name": "wapmorgan/php-deprecation-detector", From a3a8cbff34690706c7ce8c3cf489ed663de92d1f Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Wed, 10 Dec 2025 13:39:37 +0000 Subject: [PATCH 194/432] Helm Chart updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- nextcloud-aio-helm-chart/Chart.yaml | 2 +- .../templates/nextcloud-aio-apache-deployment.yaml | 2 +- .../templates/nextcloud-aio-clamav-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-collabora-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-database-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-fulltextsearch-deployment.yaml | 6 +++--- .../templates/nextcloud-aio-imaginary-deployment.yaml | 2 +- .../templates/nextcloud-aio-nextcloud-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-notify-push-deployment.yaml | 2 +- .../templates/nextcloud-aio-onlyoffice-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-redis-deployment.yaml | 2 +- .../templates/nextcloud-aio-talk-deployment.yaml | 2 +- .../templates/nextcloud-aio-talk-recording-deployment.yaml | 2 +- .../templates/nextcloud-aio-whiteboard-deployment.yaml | 2 +- 14 files changed, 21 insertions(+), 21 deletions(-) diff --git a/nextcloud-aio-helm-chart/Chart.yaml b/nextcloud-aio-helm-chart/Chart.yaml index 7d6a0c55..01453437 100755 --- a/nextcloud-aio-helm-chart/Chart.yaml +++ b/nextcloud-aio-helm-chart/Chart.yaml @@ -1,6 +1,6 @@ name: nextcloud-aio-helm-chart description: A generated Helm Chart for Nextcloud AIO from Skippbox Kompose -version: 12.1.4 +version: 12.2.1 apiVersion: v2 keywords: - latest diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml index e6273a8b..f9fd44e6 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml @@ -61,7 +61,7 @@ spec: value: "{{ .Values.TIMEZONE }}" - name: WHITEBOARD_HOST value: nextcloud-aio-whiteboard - image: ghcr.io/nextcloud-releases/aio-apache:20251128_084214 + image: ghcr.io/nextcloud-releases/aio-apache:20251210_133359 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml index 662d68a0..e07f9bfb 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml @@ -36,7 +36,7 @@ spec: {{- end }} initContainers: - name: init-subpath - image: ghcr.io/nextcloud-releases/aio-alpine:20251128_084214 + image: ghcr.io/nextcloud-releases/aio-alpine:20251210_133359 command: - mkdir - "-p" @@ -59,7 +59,7 @@ spec: value: "{{ .Values.NEXTCLOUD_UPLOAD_LIMIT }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-clamav:20251128_084214 + image: ghcr.io/nextcloud-releases/aio-clamav:20251210_133359 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml index e91cfe56..8f8d6d3c 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml @@ -36,9 +36,9 @@ spec: - name: server_name value: "{{ .Values.NC_DOMAIN }}" {{- if contains "--o:support_key=" (join " " (.Values.ADDITIONAL_COLLABORA_OPTIONS | default list)) }} - image: ghcr.io/nextcloud-releases/aio-collabora-online:20251128_084214 + image: ghcr.io/nextcloud-releases/aio-collabora-online:20251210_133359 {{- else }} - image: ghcr.io/nextcloud-releases/aio-collabora:20251128_084214 + image: ghcr.io/nextcloud-releases/aio-collabora:20251210_133359 {{- end }} readinessProbe: exec: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml index d65dfa78..1c6491fc 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml @@ -35,7 +35,7 @@ spec: {{- end }} initContainers: - name: init-subpath - image: ghcr.io/nextcloud-releases/aio-alpine:20251128_084214 + image: ghcr.io/nextcloud-releases/aio-alpine:20251210_133359 command: - mkdir - "-p" @@ -64,7 +64,7 @@ spec: value: nextcloud - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-postgresql:20251128_084214 + image: ghcr.io/nextcloud-releases/aio-postgresql:20251210_133359 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml index a3877029..f40d6ff3 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml @@ -24,7 +24,7 @@ spec: spec: initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20251128_084214 + image: ghcr.io/nextcloud-releases/aio-alpine:20251210_133359 command: - chmod - "777" @@ -41,7 +41,7 @@ spec: - name: TZ value: "{{ .Values.TIMEZONE }}" - name: bootstrap.memory_lock - value: "true" + value: "false" - name: cluster.name value: nextcloud-aio - name: discovery.type @@ -54,7 +54,7 @@ spec: value: basic - name: xpack.security.enabled value: "false" - image: ghcr.io/nextcloud-releases/aio-fulltextsearch:20251128_084214 + image: ghcr.io/nextcloud-releases/aio-fulltextsearch:20251210_133359 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml index c8ae83d9..5906d566 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml @@ -38,7 +38,7 @@ spec: value: "{{ .Values.IMAGINARY_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-imaginary:20251128_084214 + image: ghcr.io/nextcloud-releases/aio-imaginary:20251210_133359 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml index 2a925878..242b9f16 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml @@ -38,7 +38,7 @@ spec: # AIO settings start # Do not remove or change this line! initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20251128_084214 + image: ghcr.io/nextcloud-releases/aio-alpine:20251210_133359 command: - chmod - "777" @@ -186,7 +186,7 @@ spec: value: "{{ .Values.WHITEBOARD_ENABLED }}" - name: WHITEBOARD_SECRET value: "{{ .Values.WHITEBOARD_SECRET }}" - image: ghcr.io/nextcloud-releases/aio-nextcloud:20251128_084214 + image: ghcr.io/nextcloud-releases/aio-nextcloud:20251210_133359 {{- if eq (.Values.RPSS_ENABLED | default "no") "yes" }} # AIO-config - do not change this comment! securityContext: # The items below only work in container context diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml index 5f16388a..114ddc1d 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml @@ -55,7 +55,7 @@ spec: value: "{{ .Values.REDIS_PASSWORD }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-notify-push:20251128_084214 + image: ghcr.io/nextcloud-releases/aio-notify-push:20251210_133359 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml index 4e64f6c5..d1ae2b35 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml @@ -24,7 +24,7 @@ spec: spec: initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20251128_084214 + image: ghcr.io/nextcloud-releases/aio-alpine:20251210_133359 command: - chmod - "777" @@ -42,7 +42,7 @@ spec: value: "{{ .Values.ONLYOFFICE_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-onlyoffice:20251128_084214 + image: ghcr.io/nextcloud-releases/aio-onlyoffice:20251210_133359 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml index 18ceee18..3af2d622 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml @@ -39,7 +39,7 @@ spec: value: "{{ .Values.REDIS_PASSWORD }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-redis:20251128_084214 + image: ghcr.io/nextcloud-releases/aio-redis:20251210_133359 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml index 81f616fa..9d9c6d80 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml @@ -52,7 +52,7 @@ spec: value: "{{ .Values.TURN_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-talk:20251128_084214 + image: ghcr.io/nextcloud-releases/aio-talk:20251210_133359 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml index 0319cce8..58afc7d0 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml @@ -44,7 +44,7 @@ spec: value: "{{ .Values.RECORDING_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-talk-recording:20251128_084214 + image: ghcr.io/nextcloud-releases/aio-talk-recording:20251210_133359 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml index 35f29df7..229395ca 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml @@ -48,7 +48,7 @@ spec: value: redis - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-whiteboard:20251128_084214 + image: ghcr.io/nextcloud-releases/aio-whiteboard:20251210_133359 readinessProbe: exec: command: From e5f1cb5955575750602ce19dd8ec0014d1d2371f Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Wed, 10 Dec 2025 14:59:46 +0000 Subject: [PATCH 195/432] watchtower-update automated change Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- Containers/watchtower/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Containers/watchtower/Dockerfile b/Containers/watchtower/Dockerfile index d2db5ae3..50ba3b7d 100644 --- a/Containers/watchtower/Dockerfile +++ b/Containers/watchtower/Dockerfile @@ -1,13 +1,13 @@ # syntax=docker/dockerfile:latest FROM golang:1.25.5-alpine3.22 AS go -ENV WATCHTOWER_COMMIT_HASH=6c5a1b0bea65cea1d4cc1de5196789a01617957a +ENV WATCHTOWER_COMMIT_HASH=1ee8747544ce9a49711d9314f1690b30c29e6a8c RUN set -ex; \ apk upgrade --no-cache -a; \ apk add --no-cache \ build-base; \ - go install github.com/nicholas-fedor/watchtower@$WATCHTOWER_COMMIT_HASH # v1.12.3 + go install github.com/nicholas-fedor/watchtower@$WATCHTOWER_COMMIT_HASH # v1.12.5 FROM alpine:3.22.2 From 1492e7ad46c8c137981dff57cc185db880becf02 Mon Sep 17 00:00:00 2001 From: nextcloud-command Date: Thu, 11 Dec 2025 04:19:27 +0000 Subject: [PATCH 196/432] Update psalm baseline Signed-off-by: GitHub --- php/psalm-baseline.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/psalm-baseline.xml b/php/psalm-baseline.xml index d04c5aa8..dfff8ba0 100644 --- a/php/psalm-baseline.xml +++ b/php/psalm-baseline.xml @@ -1,2 +1,2 @@ - + From 8a3628d1d8560c493d721538ff179fe19096f067 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Thu, 11 Dec 2025 11:03:36 +0000 Subject: [PATCH 197/432] nextcloud-update automated change Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- Containers/nextcloud/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 866ad126..7ca67cac 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -8,7 +8,7 @@ ENV SOURCE_LOCATION=/usr/src/nextcloud ENV REDIS_DB_INDEX=0 # AIO settings start # Do not remove or change this line! -ENV NEXTCLOUD_VERSION=32.0.2 +ENV NEXTCLOUD_VERSION=32.0.3 ENV AIO_TOKEN=123456 ENV AIO_URL=localhost # AIO settings end # Do not remove or change this line! From 29dbf6e565e27861264d41c53ae54342d78eb52e Mon Sep 17 00:00:00 2001 From: stefano99 Date: Thu, 11 Dec 2025 12:16:35 +0100 Subject: [PATCH 198/432] Docs update: Add encoded characters config for Traefik v3.6.4+ (#7286) Signed-off-by: stefano99 --- reverse-proxy.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/reverse-proxy.md b/reverse-proxy.md index e0497c84..14e7aaaf 100644 --- a/reverse-proxy.md +++ b/reverse-proxy.md @@ -870,6 +870,11 @@ The examples below define the dynamic configuration in YAML files. If you rather transport: respondingTimeouts: readTimeout: 24h # Allows uploads > 100MB; prevents connection reset due to chunking (public upload-only links) + http: + # Required for Nextcloud to correctly handle encoded URL characters (%2F and %3F in this case) in newer Traefik versions (v3.6.4+). + encodedCharacters: + allowEncodedSlash: true + allowEncodedQuestionMark: true # If you want to enable HTTP/3 support, uncomment the line below # http3: {} From eada5b90fe7ec99141ce2edd98545d4c1db22036 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Thu, 11 Dec 2025 12:19:48 +0000 Subject: [PATCH 199/432] php dependency updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- php/composer.lock | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/php/composer.lock b/php/composer.lock index 24565073..d829d29f 100644 --- a/php/composer.lock +++ b/php/composer.lock @@ -4550,16 +4550,16 @@ }, { "name": "vimeo/psalm", - "version": "6.14.1", + "version": "6.14.2", "source": { "type": "git", "url": "https://github.com/vimeo/psalm.git", - "reference": "cf26e6debc366836754f359ece5b68629a1ee185" + "reference": "bbd217fc98c0daa0a13aea2a7f119d03ba3fc9a0" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/vimeo/psalm/zipball/cf26e6debc366836754f359ece5b68629a1ee185", - "reference": "cf26e6debc366836754f359ece5b68629a1ee185", + "url": "https://api.github.com/repos/vimeo/psalm/zipball/bbd217fc98c0daa0a13aea2a7f119d03ba3fc9a0", + "reference": "bbd217fc98c0daa0a13aea2a7f119d03ba3fc9a0", "shasum": "" }, "require": { @@ -4664,7 +4664,7 @@ "issues": "https://github.com/vimeo/psalm/issues", "source": "https://github.com/vimeo/psalm" }, - "time": "2025-12-10T09:31:26+00:00" + "time": "2025-12-11T08:58:52+00:00" }, { "name": "wapmorgan/php-deprecation-detector", From 7f71a94c8cbfdba9a5c45c62804e238e217a0439 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Thu, 11 Dec 2025 12:20:33 +0000 Subject: [PATCH 200/432] Yaml updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- manual-install/latest.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/manual-install/latest.yml b/manual-install/latest.yml index 4e2cfaee..9da46d0f 100644 --- a/manual-install/latest.yml +++ b/manual-install/latest.yml @@ -135,6 +135,7 @@ services: - POSTGRES_DB=nextcloud_database - POSTGRES_USER=nextcloud - REDIS_HOST=nextcloud-aio-redis + - REDIS_PORT=6379 - REDIS_HOST_PASSWORD=${REDIS_PASSWORD} - APACHE_HOST=nextcloud-aio-apache - APACHE_PORT @@ -206,6 +207,7 @@ services: - NEXTCLOUD_HOST=nextcloud-aio-nextcloud - TZ=${TIMEZONE} - REDIS_HOST=nextcloud-aio-redis + - REDIS_PORT=6379 - REDIS_HOST_PASSWORD=${REDIS_PASSWORD} - POSTGRES_HOST=nextcloud-aio-database - POSTGRES_PORT=5432 @@ -475,6 +477,7 @@ services: - JWT_SECRET_KEY=${WHITEBOARD_SECRET} - STORAGE_STRATEGY=redis - REDIS_HOST=nextcloud-aio-redis + - REDIS_PORT=6379 - REDIS_HOST_PASSWORD=${REDIS_PASSWORD} - BACKUP_DIR=/tmp restart: unless-stopped From 65501079013c6df1bedb2ca4c5115909699682aa Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Fri, 28 Nov 2025 13:02:20 +0100 Subject: [PATCH 201/432] standardize ca-config Signed-off-by: Simon L. --- Containers/nextcloud/Dockerfile | 1 + .../nextcloud/config/postgres.config.php | 4 +- Containers/nextcloud/entrypoint.sh | 107 +++++++++++++----- Containers/notify-push/start.sh | 4 +- 4 files changed, 84 insertions(+), 32 deletions(-) diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 034ebba2..f4891920 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -251,6 +251,7 @@ RUN set -ex; \ chmod 777 -R /usr/local/etc/php/conf.d && \ chmod 777 -R /usr/local/etc/php-fpm.d && \ chmod -R 777 /tmp; \ + chmod -R 777 /etc/openldap; \ \ mkdir -p /nc-updater; \ chmod -R 777 /nc-updater diff --git a/Containers/nextcloud/config/postgres.config.php b/Containers/nextcloud/config/postgres.config.php index acde7b82..71a657a7 100644 --- a/Containers/nextcloud/config/postgres.config.php +++ b/Containers/nextcloud/config/postgres.config.php @@ -3,14 +3,14 @@ if (getenv('NEXTCLOUD_TRUSTED_CERTIFICATES_POSTGRES')) { $CONFIG = array( 'pgsql_ssl' => array( 'mode' => 'verify-ca', - 'rootcert' => '/var/www/html/data/certificates/POSTGRES', + 'rootcert' => '/var/www/html/data/certificates/ca-bundle.crt', ), ); } if (getenv('NEXTCLOUD_TRUSTED_CERTIFICATES_MYSQL')) { $CONFIG = array( 'dbdriveroptions' => array( - 'PDO::MYSQL_ATTR_SSL_CA' => '/var/www/html/data/certificates/MYSQL', + 'PDO::MYSQL_ATTR_SSL_CA' => '/var/www/html/data/certificates/ca-bundle.crt', ), ); } diff --git a/Containers/nextcloud/entrypoint.sh b/Containers/nextcloud/entrypoint.sh index c0dfd803..edc6c32c 100644 --- a/Containers/nextcloud/entrypoint.sh +++ b/Containers/nextcloud/entrypoint.sh @@ -20,6 +20,79 @@ run_upgrade_if_needed_due_to_app_update() { fi } +set_global_ca_bundle_path() { + # Only run if env is set + if env | grep -q NEXTCLOUD_TRUSTED_CERTIFICATES_; then + php /var/www/html/occ config:system:set default_certificates_bundle_path --value="$CERTIFICATE_BUNDLE" + fi +} + +# Create cert bundle +if env | grep -q NEXTCLOUD_TRUSTED_CERTIFICATES_; then + + # Enable debug mode + set -x + + # Default vars + CERTIFICATES_ROOT_DIR="/var/www/html/data/certificates" + CERTIFICATE_BUNDLE="/var/www/html/data/certificates/ca-bundle.crt" + + # Remove old root certs and recreate them with current ones + rm -rf "$CERTIFICATES_ROOT_DIR" + mkdir -p "$CERTIFICATES_ROOT_DIR" + + # Retrieve default root cert bundle + if ! [ -f "$SOURCE_LOCATION/resources/config/ca-bundle.crt" ]; then + echo "Root ca-bundle not found. Only concattening configured NEXTCLOUD_TRUSTED_CERTIFICATES files!" + # Recreate cert file + touch "$CERTIFICATE_BUNDLE" + else + # Write default bundle to the target ca file + cat "$SOURCE_LOCATION/resources/config/ca-bundle.crt" > "$CERTIFICATE_BUNDLE" + fi + + # Iterate through certs + TRUSTED_CERTIFICATES="$(env | grep NEXTCLOUD_TRUSTED_CERTIFICATES_ | grep -oP '^[A-Z_a-z0-9]+')" + mapfile -t TRUSTED_CERTIFICATES <<< "$TRUSTED_CERTIFICATES" + for certificate in "${TRUSTED_CERTIFICATES[@]}"; do + + # Create new line + echo "" >> "$CERTIFICATE_BUNDLE" + + # Check if variable is an actual cert + if echo "${!certificate}" | grep -q "BEGIN CERTIFICATE" && echo "${!certificate}" | grep -q "END CERTIFICATE"; then + # Write out cert to bundle + echo "${!certificate}" >> "$CERTIFICATE_BUNDLE" + fi + + # Create file in cert dir for extra logic in other places + if ! [ -f "$CERTIFICATES_ROOT_DIR/$CERTIFICATE_NAME" ]; then + touch "$CERTIFICATES_ROOT_DIR/$CERTIFICATE_NAME" + fi + + done + + # Custom logic for ldap conf + if ! grep -q "TLS_" /etc/openldap/ldap.conf; then + cat << EOL >> /etc/openldap/ldap.conf +TLS_CACERT $CERTIFICATE_BUNDLE +TLS_REQCERT try +EOL + fi + + # Backwards compatibility with older instances + if [ -f "/var/www/html/config/postgres.config.php" ]; then + sed -i "s|/var/www/html/data/certificates/POSTGRES|/var/www/html/data/certificates/ca-bundle.crt|" /var/www/html/config/postgres.config.php + sed -i "s|/var/www/html/data/certificates/MYSQL|/var/www/html/data/certificates/ca-bundle.crt|" /var/www/html/config/postgres.config.php + fi + + # Print out bundle one last time + cat "$CERTIFICATE_BUNDLE" + + # Disable debug mode + set +x +fi + # Adjust DATABASE_TYPE to by Nextcloud supported value if [ "$DATABASE_TYPE" = postgres ]; then export DATABASE_TYPE=pgsql @@ -173,6 +246,8 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then run_upgrade_if_needed_due_to_app_update + set_global_ca_bundle_path + php /var/www/html/occ maintenance:mode --off echo "Getting and backing up the status of apps for later; this might take a while..." @@ -279,16 +354,6 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then ); EOF - # Write out postgres root cert - if [ -n "$NEXTCLOUD_TRUSTED_CERTIFICATES_POSTGRES" ]; then - mkdir /var/www/html/data/certificates - echo "$NEXTCLOUD_TRUSTED_CERTIFICATES_POSTGRES" > "/var/www/html/data/certificates/POSTGRES" - # Write out mysql root cert - elif [ -n "$NEXTCLOUD_TRUSTED_CERTIFICATES_MYSQL" ]; then - mkdir /var/www/html/data/certificates - echo "$NEXTCLOUD_TRUSTED_CERTIFICATES_MYSQL" > "/var/www/html/data/certificates/MYSQL" - fi - echo "Installing with $DATABASE_TYPE database" # Set a default value for POSTGRES_PORT if [ -z "$POSTGRES_PORT" ]; then @@ -316,6 +381,8 @@ EOF # Try to force generation of appdata dir: php /var/www/html/occ maintenance:repair + set_global_ca_bundle_path + if [ -z "$OBJECTSTORE_S3_BUCKET" ] && [ -z "$OBJECTSTORE_SWIFT_URL" ]; then max_retries=10 try=0 @@ -532,6 +599,8 @@ fi run_upgrade_if_needed_due_to_app_update +set_global_ca_bundle_path + if [ -z "$OBJECTSTORE_S3_BUCKET" ] && [ -z "$OBJECTSTORE_SWIFT_URL" ]; then # Check if appdata is present # If not, something broke (e.g. changing ncdatadir after aio was first started) @@ -649,24 +718,6 @@ else fi # AIO app end # Do not remove or change this line! -# Allow to add custom certs to Nextcloud's trusted cert store -if env | grep -q NEXTCLOUD_TRUSTED_CERTIFICATES_; then - set -x - TRUSTED_CERTIFICATES="$(env | grep NEXTCLOUD_TRUSTED_CERTIFICATES_ | grep -oP '^[A-Z_a-z0-9]+')" - mapfile -t TRUSTED_CERTIFICATES <<< "$TRUSTED_CERTIFICATES" - CERTIFICATES_ROOT_DIR="/var/www/html/data/certificates" - mkdir -p "$CERTIFICATES_ROOT_DIR" - for certificate in "${TRUSTED_CERTIFICATES[@]}"; do - # shellcheck disable=SC2001 - CERTIFICATE_NAME="$(echo "$certificate" | sed 's|^NEXTCLOUD_TRUSTED_CERTIFICATES_||')" - if ! [ -f "$CERTIFICATES_ROOT_DIR/$CERTIFICATE_NAME" ]; then - echo "${!certificate}" > "$CERTIFICATES_ROOT_DIR/$CERTIFICATE_NAME" - php /var/www/html/occ security:certificates:import "$CERTIFICATES_ROOT_DIR/$CERTIFICATE_NAME" - fi - done - set +x -fi - # Notify push if ! [ -d "/var/www/html/custom_apps/notify_push" ]; then php /var/www/html/occ app:install notify_push diff --git a/Containers/notify-push/start.sh b/Containers/notify-push/start.sh index 9277bdaa..375009fc 100644 --- a/Containers/notify-push/start.sh +++ b/Containers/notify-push/start.sh @@ -68,10 +68,10 @@ fi # Postgres root cert if [ -f "/nextcloud/data/certificates/POSTGRES" ]; then - CERT_OPTIONS="?sslmode=verify-ca&sslrootcert=/nextcloud/data/certificates/POSTGRES" + CERT_OPTIONS="?sslmode=verify-ca&sslrootcert=/nextcloud/data/certificates/ca-bundle.crt" # Mysql root cert elif [ -f "/nextcloud/data/certificates/MYSQL" ]; then - CERT_OPTIONS="?sslmode=verify-ca&ssl-ca=/nextcloud/data/certificates/MYSQL" + CERT_OPTIONS="?sslmode=verify-ca&ssl-ca=/nextcloud/data/certificates/ca-bundle.crt" fi # Set sensitive values as env From 0be8409c365aa4996c577070b025baa496fa7ef6 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Thu, 11 Dec 2025 15:21:13 +0100 Subject: [PATCH 202/432] increase to 12.3.0 Signed-off-by: Simon L. --- php/templates/containers.twig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/templates/containers.twig b/php/templates/containers.twig index 2432ab13..4e25dcf3 100644 --- a/php/templates/containers.twig +++ b/php/templates/containers.twig @@ -17,7 +17,7 @@
-

Nextcloud AIO v12.2.1

+

Nextcloud AIO v12.3.0

{# Add 2nd tab warning #} From 76cae30d5ca4048b3caca5872d67bc1c70c203cf Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Thu, 11 Dec 2025 15:56:27 +0100 Subject: [PATCH 203/432] update helm chart Signed-off-by: Simon L. --- .../templates/nextcloud-aio-nextcloud-deployment.yaml | 2 ++ .../templates/nextcloud-aio-notify-push-deployment.yaml | 2 ++ .../templates/nextcloud-aio-whiteboard-deployment.yaml | 2 ++ 3 files changed, 6 insertions(+) diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml index 242b9f16..3911d7eb 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml @@ -160,6 +160,8 @@ spec: value: nextcloud-aio-redis - name: REDIS_HOST_PASSWORD value: "{{ .Values.REDIS_PASSWORD }}" + - name: REDIS_PORT + value: "6379" - name: REMOVE_DISABLED_APPS value: "{{ .Values.REMOVE_DISABLED_APPS }}" - name: SIGNALING_SECRET diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml index 114ddc1d..dc33201f 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml @@ -53,6 +53,8 @@ spec: value: nextcloud-aio-redis - name: REDIS_HOST_PASSWORD value: "{{ .Values.REDIS_PASSWORD }}" + - name: REDIS_PORT + value: "6379" - name: TZ value: "{{ .Values.TIMEZONE }}" image: ghcr.io/nextcloud-releases/aio-notify-push:20251210_133359 diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml index 229395ca..410d6ae8 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml @@ -44,6 +44,8 @@ spec: value: nextcloud-aio-redis - name: REDIS_HOST_PASSWORD value: "{{ .Values.REDIS_PASSWORD }}" + - name: REDIS_PORT + value: "6379" - name: STORAGE_STRATEGY value: redis - name: TZ From 17bf4f91d7d20a91ed499d126eb014beb50d735f Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Fri, 12 Dec 2025 13:06:50 +0100 Subject: [PATCH 204/432] nextcloud: fix configuration of `default_certificates_bundle_path` and allow to use bundle for mailer Signed-off-by: Simon L. --- .../nextcloud/config/certificates-bundle.config.php | 5 +++++ Containers/nextcloud/config/smtp.config.php | 11 +++++++++++ Containers/nextcloud/entrypoint.sh | 13 ------------- 3 files changed, 16 insertions(+), 13 deletions(-) create mode 100644 Containers/nextcloud/config/certificates-bundle.config.php diff --git a/Containers/nextcloud/config/certificates-bundle.config.php b/Containers/nextcloud/config/certificates-bundle.config.php new file mode 100644 index 00000000..cc05b06a --- /dev/null +++ b/Containers/nextcloud/config/certificates-bundle.config.php @@ -0,0 +1,5 @@ + array( + 'ssl' => array( + 'verify_peer_name' => false, + 'cafile' => '/var/www/html/data/certificates/ca-bundle.crt', + ) + ) + ); +} diff --git a/Containers/nextcloud/entrypoint.sh b/Containers/nextcloud/entrypoint.sh index 526a4b67..eea3d65b 100644 --- a/Containers/nextcloud/entrypoint.sh +++ b/Containers/nextcloud/entrypoint.sh @@ -20,13 +20,6 @@ run_upgrade_if_needed_due_to_app_update() { fi } -set_global_ca_bundle_path() { - # Only run if env is set - if env | grep -q NEXTCLOUD_TRUSTED_CERTIFICATES_; then - php /var/www/html/occ config:system:set default_certificates_bundle_path --value="$CERTIFICATE_BUNDLE" - fi -} - # Create cert bundle if env | grep -q NEXTCLOUD_TRUSTED_CERTIFICATES_; then @@ -246,8 +239,6 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then run_upgrade_if_needed_due_to_app_update - set_global_ca_bundle_path - php /var/www/html/occ maintenance:mode --off echo "Getting and backing up the status of apps for later; this might take a while..." @@ -381,8 +372,6 @@ EOF # Try to force generation of appdata dir: php /var/www/html/occ maintenance:repair - set_global_ca_bundle_path - if [ -z "$OBJECTSTORE_S3_BUCKET" ] && [ -z "$OBJECTSTORE_SWIFT_URL" ]; then max_retries=10 try=0 @@ -599,8 +588,6 @@ fi run_upgrade_if_needed_due_to_app_update -set_global_ca_bundle_path - if [ -z "$OBJECTSTORE_S3_BUCKET" ] && [ -z "$OBJECTSTORE_SWIFT_URL" ]; then # Check if appdata is present # If not, something broke (e.g. changing ncdatadir after aio was first started) From 2998dfdf435148a637f1a2bd2adb1e95972138ab Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Dec 2025 04:15:48 +0000 Subject: [PATCH 205/432] build(deps): bump nextcloud-releases/whiteboard Bumps nextcloud-releases/whiteboard from v1.4.2 to v1.5.0. --- updated-dependencies: - dependency-name: nextcloud-releases/whiteboard dependency-version: v1.5.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Containers/whiteboard/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/whiteboard/Dockerfile b/Containers/whiteboard/Dockerfile index fe5d89f7..e2f40160 100644 --- a/Containers/whiteboard/Dockerfile +++ b/Containers/whiteboard/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Probably from this file: https://github.com/nextcloud/whiteboard/blob/main/Dockerfile -FROM ghcr.io/nextcloud-releases/whiteboard:v1.4.2 +FROM ghcr.io/nextcloud-releases/whiteboard:v1.5.0 USER root RUN set -ex; \ From 4c1947afdcf9994dd4a7d3b74fefe32126e08c5f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Dec 2025 12:21:36 +0000 Subject: [PATCH 206/432] build(deps): bump dessant/lock-threads in /.github/workflows Bumps [dessant/lock-threads](https://github.com/dessant/lock-threads) from 5.0.1 to 6.0.0. - [Release notes](https://github.com/dessant/lock-threads/releases) - [Changelog](https://github.com/dessant/lock-threads/blob/main/CHANGELOG.md) - [Commits](https://github.com/dessant/lock-threads/compare/1bf7ec25051fe7c00bdd17e6a7cf3d7bfb7dc771...7266a7ce5c1df01b1c6db85bf8cd86c737dadbe7) --- updated-dependencies: - dependency-name: dessant/lock-threads dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/lock-threads.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lock-threads.yml b/.github/workflows/lock-threads.yml index be8273d5..bda40ee2 100644 --- a/.github/workflows/lock-threads.yml +++ b/.github/workflows/lock-threads.yml @@ -14,7 +14,7 @@ jobs: action: runs-on: ubuntu-latest steps: - - uses: dessant/lock-threads@1bf7ec25051fe7c00bdd17e6a7cf3d7bfb7dc771 # v5 + - uses: dessant/lock-threads@7266a7ce5c1df01b1c6db85bf8cd86c737dadbe7 # v5 with: issue-inactive-days: '14' process-only: 'issues' From d0b5e64272df65b96aa3259dd5228575d4eb13df Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Dec 2025 12:21:43 +0000 Subject: [PATCH 207/432] build(deps): bump astral-sh/setup-uv in /.github/workflows Bumps [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) from 7.1.5 to 7.1.6. - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](https://github.com/astral-sh/setup-uv/compare/ed21f2f24f8dd64503750218de024bcf64c7250a...681c641aba71e4a1c380be3ab5e12ad51f415867) --- updated-dependencies: - dependency-name: astral-sh/setup-uv dependency-version: 7.1.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/lint-yaml.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-yaml.yml b/.github/workflows/lint-yaml.yml index 542f38b8..9b5710cb 100644 --- a/.github/workflows/lint-yaml.yml +++ b/.github/workflows/lint-yaml.yml @@ -36,7 +36,7 @@ jobs: line-length: warning - name: Install the latest version of uv - uses: astral-sh/setup-uv@ed21f2f24f8dd64503750218de024bcf64c7250a # v7.1.5 + uses: astral-sh/setup-uv@681c641aba71e4a1c380be3ab5e12ad51f415867 # v7.1.6 - name: Check GitHub actions run: uvx zizmor --min-severity medium .github/workflows/*.yml From 5fef93eabf77b693dbd4b4ce35e4bc60012bab60 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Dec 2025 12:21:53 +0000 Subject: [PATCH 208/432] build(deps): bump actions/upload-artifact in /.github/workflows Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 5 to 6. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/playwright.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/playwright.yml b/.github/workflows/playwright.yml index 3919690b..252a6510 100644 --- a/.github/workflows/playwright.yml +++ b/.github/workflows/playwright.yml @@ -82,7 +82,7 @@ jobs: exit 1 fi - - uses: actions/upload-artifact@v5 + - uses: actions/upload-artifact@v6 if: ${{ !cancelled() }} with: name: playwright-report From 92d036d04ad6cf10f5c5d2ebaed604b786433645 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 16 Dec 2025 04:15:35 +0000 Subject: [PATCH 209/432] build(deps): bump python in /Containers/talk-recording Bumps python from 3.14.1-alpine3.22 to 3.14.2-alpine3.22. --- updated-dependencies: - dependency-name: python dependency-version: 3.14.2-alpine3.22 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/talk-recording/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/talk-recording/Dockerfile b/Containers/talk-recording/Dockerfile index cfc1f952..beeb517e 100644 --- a/Containers/talk-recording/Dockerfile +++ b/Containers/talk-recording/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM python:3.14.1-alpine3.22 +FROM python:3.14.2-alpine3.22 COPY --chmod=775 start.sh /start.sh COPY --chmod=775 healthcheck.sh /healthcheck.sh From a66445d4437791835682750bb338eac6d8d34229 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 16 Dec 2025 10:40:45 +0100 Subject: [PATCH 210/432] nextcloud: allow to configure `FULLTEXTSEARCH_PROTOCOL` Signed-off-by: Simon L. --- Containers/nextcloud/entrypoint.sh | 5 ++++- php/containers.json | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/Containers/nextcloud/entrypoint.sh b/Containers/nextcloud/entrypoint.sh index eea3d65b..d5ca8952 100644 --- a/Containers/nextcloud/entrypoint.sh +++ b/Containers/nextcloud/entrypoint.sh @@ -972,6 +972,9 @@ if [ "$FULLTEXTSEARCH_ENABLED" = 'yes' ]; then php /var/www/html/occ app:disable fulltextsearch_elasticsearch php /var/www/html/occ app:disable files_fulltextsearch else + if [ -z "$FULLTEXTSEARCH_PROTOCOL" ]; then + FULLTEXTSEARCH_PROTOCOL="http" + fi if ! [ -d "/var/www/html/custom_apps/fulltextsearch" ]; then php /var/www/html/occ app:install fulltextsearch elif [ "$(php /var/www/html/occ config:app:get fulltextsearch enabled)" != "yes" ]; then @@ -994,7 +997,7 @@ if [ "$FULLTEXTSEARCH_ENABLED" = 'yes' ]; then php /var/www/html/occ app:update files_fulltextsearch fi php /var/www/html/occ fulltextsearch:configure '{"search_platform":"OCA\\FullTextSearch_Elasticsearch\\Platform\\ElasticSearchPlatform"}' - php /var/www/html/occ fulltextsearch_elasticsearch:configure "{\"elastic_host\":\"http://$FULLTEXTSEARCH_USER:$FULLTEXTSEARCH_PASSWORD@$FULLTEXTSEARCH_HOST:$FULLTEXTSEARCH_PORT\",\"elastic_index\":\"$FULLTEXTSEARCH_INDEX\"}" + php /var/www/html/occ fulltextsearch_elasticsearch:configure "{\"elastic_host\":\"$FULLTEXTSEARCH_PROTOCOL://$FULLTEXTSEARCH_USER:$FULLTEXTSEARCH_PASSWORD@$FULLTEXTSEARCH_HOST:$FULLTEXTSEARCH_PORT\",\"elastic_index\":\"$FULLTEXTSEARCH_INDEX\"}" php /var/www/html/occ files_fulltextsearch:configure "{\"files_pdf\":true,\"files_office\":true}" # Do the index diff --git a/php/containers.json b/php/containers.json index 486a4694..d8556184 100644 --- a/php/containers.json +++ b/php/containers.json @@ -237,6 +237,7 @@ "PHP_MEMORY_LIMIT=%NEXTCLOUD_MEMORY_LIMIT%", "FULLTEXTSEARCH_ENABLED=%FULLTEXTSEARCH_ENABLED%", "FULLTEXTSEARCH_HOST=nextcloud-aio-fulltextsearch", + "FULLTEXTSEARCH_PROTOCOL=http", "FULLTEXTSEARCH_PORT=9200", "FULLTEXTSEARCH_USER=elastic", "FULLTEXTSEARCH_INDEX=nextcloud-aio", From f415bf201d521111ad40a56654673ac8586d1898 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 16 Dec 2025 10:31:33 +0100 Subject: [PATCH 211/432] s3-config: adjust the multibucket setting Signed-off-by: Simon L. Co-Authored-By: Kate <26026535+provokateurin@users.noreply.github.com> --- Containers/nextcloud/config/s3.config.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Containers/nextcloud/config/s3.config.php b/Containers/nextcloud/config/s3.config.php index 66e1476d..59217a78 100644 --- a/Containers/nextcloud/config/s3.config.php +++ b/Containers/nextcloud/config/s3.config.php @@ -6,9 +6,10 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { $autocreate = getenv('OBJECTSTORE_S3_AUTOCREATE'); $multibucket = getenv('OBJECTSTORE_S3_MULTIBUCKET'); $CONFIG = array( - $multibucket === 'true' ? 'objectstore_multibucket' : 'objectstore' => array( + 'objectstore' => array( 'class' => '\OC\Files\ObjectStore\S3', 'arguments' => array( + 'multibucket' => $multibucket === 'true', 'bucket' => getenv('OBJECTSTORE_S3_BUCKET'), 'key' => getenv('OBJECTSTORE_S3_KEY') ?: '', 'secret' => getenv('OBJECTSTORE_S3_SECRET') ?: '', From 0f0265abd4096ad73eb7dc340ff24bc13e9e97e0 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Tue, 16 Dec 2025 11:09:08 +0000 Subject: [PATCH 212/432] Yaml updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- manual-install/latest.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/manual-install/latest.yml b/manual-install/latest.yml index 9da46d0f..e9362ccc 100644 --- a/manual-install/latest.yml +++ b/manual-install/latest.yml @@ -165,6 +165,7 @@ services: - PHP_MEMORY_LIMIT=${NEXTCLOUD_MEMORY_LIMIT} - FULLTEXTSEARCH_ENABLED - FULLTEXTSEARCH_HOST=nextcloud-aio-fulltextsearch + - FULLTEXTSEARCH_PROTOCOL=http - FULLTEXTSEARCH_PORT=9200 - FULLTEXTSEARCH_USER=elastic - FULLTEXTSEARCH_INDEX=nextcloud-aio From 1dadf3ff10c338d6e74bfabe3ab06c0d3f59c989 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 16 Dec 2025 13:01:52 +0100 Subject: [PATCH 213/432] Merge pull request #7328 from nextcloud/enh/noid/update-helm --- .../templates/nextcloud-aio-nextcloud-deployment.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml index 3911d7eb..e95b8b0b 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml @@ -114,6 +114,8 @@ spec: value: "{{ .Values.FULLTEXTSEARCH_PASSWORD }}" - name: FULLTEXTSEARCH_PORT value: "9200" + - name: FULLTEXTSEARCH_PROTOCOL + value: http - name: FULLTEXTSEARCH_USER value: elastic - name: IMAGINARY_ENABLED From 082bbab85561944db7de12b351611e11253bdca9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 17 Dec 2025 04:13:11 +0000 Subject: [PATCH 214/432] build(deps): bump collabora/code in /Containers/collabora Bumps collabora/code from 25.04.7.3.1 to 25.04.8.1.1. --- updated-dependencies: - dependency-name: collabora/code dependency-version: 25.04.8.1.1 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Containers/collabora/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/collabora/Dockerfile b/Containers/collabora/Dockerfile index 071d0751..50b6cfef 100644 --- a/Containers/collabora/Dockerfile +++ b/Containers/collabora/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # From a file located probably somewhere here: https://github.com/CollaboraOnline/online/blob/master/docker/from-packages/Dockerfile -FROM collabora/code:25.04.7.3.1 +FROM collabora/code:25.04.8.1.1 USER root ARG DEBIAN_FRONTEND=noninteractive From 06f492397b04dd412e7c111f959f0bfc846897c5 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 17 Dec 2025 12:27:56 +0100 Subject: [PATCH 215/432] helm: make documentation more clear about storage classes Signed-off-by: Simon L. --- nextcloud-aio-helm-chart/update-helm.sh | 4 ++-- nextcloud-aio-helm-chart/values.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/nextcloud-aio-helm-chart/update-helm.sh b/nextcloud-aio-helm-chart/update-helm.sh index 02428db8..39aa7007 100755 --- a/nextcloud-aio-helm-chart/update-helm.sh +++ b/nextcloud-aio-helm-chart/update-helm.sh @@ -425,8 +425,8 @@ sed -i 's|17179869184|"17179869184"|' /tmp/sample.conf # shellcheck disable=SC2129 echo "" >> /tmp/sample.conf # shellcheck disable=SC2129 -echo 'STORAGE_CLASS: # By setting this, you can adjust the storage class for your volumes. This should be a fast storage like SSD backed storage!' >> /tmp/sample.conf -echo 'STORAGE_CLASS_DATA: # Allows to set a dedicated storage class for the Nextcloud data volume. This can be a bit slower storage than the one above. ⚠️ Warning: only set this for new installations, not existing ones!' >> /tmp/sample.conf +echo 'STORAGE_CLASS: # By setting this, you can adjust the storage class for your volumes. This should be a fast storage like SSD backed storage! This storage class must provide RWX and RWO volumes (ReadWriteMany and ReadWriteOnce).' >> /tmp/sample.conf +echo 'STORAGE_CLASS_DATA: # Allows to set a dedicated storage class for the Nextcloud data volume. This can be a bit slower storage than the one above. This storage class must provide RWO volumes (ReadWriteMany). ⚠️ Warning: only set this for new installations, not existing ones!' >> /tmp/sample.conf for variable in "${VOLUME_VARIABLE[@]}"; do echo "$variable: 1Gi # You can change the size of the $(echo "$variable" | sed 's|_STORAGE_SIZE||;s|_|-|g' | tr '[:upper:]' '[:lower:]') volume that default to 1Gi with this value" >> /tmp/sample.conf done diff --git a/nextcloud-aio-helm-chart/values.yaml b/nextcloud-aio-helm-chart/values.yaml index 10603a7c..8b17bc97 100755 --- a/nextcloud-aio-helm-chart/values.yaml +++ b/nextcloud-aio-helm-chart/values.yaml @@ -38,8 +38,8 @@ REMOVE_DISABLED_APPS: yes # Setting this to no keep Nextcloud apps that a TALK_PORT: 3478 # This allows to adjust the port that the talk container is using. It should be set to something higher than 1024! Otherwise it might not work! UPDATE_NEXTCLOUD_APPS: no # When setting to yes (with quotes), it will automatically update all installed Nextcloud apps upon container startup on saturdays. -STORAGE_CLASS: # By setting this, you can adjust the storage class for your volumes. This should be a fast storage like SSD backed storage! -STORAGE_CLASS_DATA: # Allows to set a dedicated storage class for the Nextcloud data volume. This can be a bit slower storage than the one above. ⚠️ Warning: only set this for new installations, not existing ones! +STORAGE_CLASS: # By setting this, you can adjust the storage class for your volumes. This should be a fast storage like SSD backed storage! This storage class must provide RWX and RWO volumes (ReadWriteMany and ReadWriteOnce). +STORAGE_CLASS_DATA: # Allows to set a dedicated storage class for the Nextcloud data volume. This can be a bit slower storage than the one above. This storage class must provide RWO volumes (ReadWriteMany). ⚠️ Warning: only set this for new installations, not existing ones! APACHE_STORAGE_SIZE: 1Gi # You can change the size of the apache volume that default to 1Gi with this value CLAMAV_STORAGE_SIZE: 1Gi # You can change the size of the clamav volume that default to 1Gi with this value DATABASE_STORAGE_SIZE: 1Gi # You can change the size of the database volume that default to 1Gi with this value From adedd78c34948409525d7dd1d7dfbcd801f9bcfd Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 17 Dec 2025 13:43:32 +0100 Subject: [PATCH 216/432] fix typo Signed-off-by: Simon L. --- nextcloud-aio-helm-chart/update-helm.sh | 2 +- nextcloud-aio-helm-chart/values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/nextcloud-aio-helm-chart/update-helm.sh b/nextcloud-aio-helm-chart/update-helm.sh index 39aa7007..f39d3035 100755 --- a/nextcloud-aio-helm-chart/update-helm.sh +++ b/nextcloud-aio-helm-chart/update-helm.sh @@ -426,7 +426,7 @@ sed -i 's|17179869184|"17179869184"|' /tmp/sample.conf echo "" >> /tmp/sample.conf # shellcheck disable=SC2129 echo 'STORAGE_CLASS: # By setting this, you can adjust the storage class for your volumes. This should be a fast storage like SSD backed storage! This storage class must provide RWX and RWO volumes (ReadWriteMany and ReadWriteOnce).' >> /tmp/sample.conf -echo 'STORAGE_CLASS_DATA: # Allows to set a dedicated storage class for the Nextcloud data volume. This can be a bit slower storage than the one above. This storage class must provide RWO volumes (ReadWriteMany). ⚠️ Warning: only set this for new installations, not existing ones!' >> /tmp/sample.conf +echo 'STORAGE_CLASS_DATA: # Allows to set a dedicated storage class for the Nextcloud data volume. This can be a bit slower storage than the one above. This storage class must provide RWX volumes (ReadWriteMany). ⚠️ Warning: only set this for new installations, not existing ones!' >> /tmp/sample.conf for variable in "${VOLUME_VARIABLE[@]}"; do echo "$variable: 1Gi # You can change the size of the $(echo "$variable" | sed 's|_STORAGE_SIZE||;s|_|-|g' | tr '[:upper:]' '[:lower:]') volume that default to 1Gi with this value" >> /tmp/sample.conf done diff --git a/nextcloud-aio-helm-chart/values.yaml b/nextcloud-aio-helm-chart/values.yaml index 8b17bc97..25fb2c92 100755 --- a/nextcloud-aio-helm-chart/values.yaml +++ b/nextcloud-aio-helm-chart/values.yaml @@ -39,7 +39,7 @@ TALK_PORT: 3478 # This allows to adjust the port that the talk containe UPDATE_NEXTCLOUD_APPS: no # When setting to yes (with quotes), it will automatically update all installed Nextcloud apps upon container startup on saturdays. STORAGE_CLASS: # By setting this, you can adjust the storage class for your volumes. This should be a fast storage like SSD backed storage! This storage class must provide RWX and RWO volumes (ReadWriteMany and ReadWriteOnce). -STORAGE_CLASS_DATA: # Allows to set a dedicated storage class for the Nextcloud data volume. This can be a bit slower storage than the one above. This storage class must provide RWO volumes (ReadWriteMany). ⚠️ Warning: only set this for new installations, not existing ones! +STORAGE_CLASS_DATA: # Allows to set a dedicated storage class for the Nextcloud data volume. This can be a bit slower storage than the one above. This storage class must provide RWX volumes (ReadWriteMany). ⚠️ Warning: only set this for new installations, not existing ones! APACHE_STORAGE_SIZE: 1Gi # You can change the size of the apache volume that default to 1Gi with this value CLAMAV_STORAGE_SIZE: 1Gi # You can change the size of the clamav volume that default to 1Gi with this value DATABASE_STORAGE_SIZE: 1Gi # You can change the size of the database volume that default to 1Gi with this value From 748857a495cc13a513674ea3e5a1d4a76de76d35 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 17 Dec 2025 15:11:24 +0100 Subject: [PATCH 217/432] onlyoffice: disable background check for editors Signed-off-by: Simon L. --- Containers/nextcloud/entrypoint.sh | 1 + Containers/nextcloud/run-exec-commands.sh | 5 ----- php/containers.json | 4 ---- 3 files changed, 1 insertion(+), 9 deletions(-) diff --git a/Containers/nextcloud/entrypoint.sh b/Containers/nextcloud/entrypoint.sh index d5ca8952..6825f04c 100644 --- a/Containers/nextcloud/entrypoint.sh +++ b/Containers/nextcloud/entrypoint.sh @@ -831,6 +831,7 @@ if [ "$ONLYOFFICE_ENABLED" = 'yes' ]; then fi # Set OnlyOffice configuration + php /var/www/html/occ config:system:set onlyoffice editors_check_interval --value="0" --type=integer php /var/www/html/occ config:system:set onlyoffice jwt_secret --value="$ONLYOFFICE_SECRET" php /var/www/html/occ config:app:set onlyoffice jwt_secret --value="$ONLYOFFICE_SECRET" php /var/www/html/occ config:system:set onlyoffice jwt_header --value="AuthorizationJwt" diff --git a/Containers/nextcloud/run-exec-commands.sh b/Containers/nextcloud/run-exec-commands.sh index 9ef6ba69..e8066881 100644 --- a/Containers/nextcloud/run-exec-commands.sh +++ b/Containers/nextcloud/run-exec-commands.sh @@ -19,11 +19,6 @@ else echo "Activating Collabora config..." php /var/www/html/occ richdocuments:activate-config fi - # OnlyOffice must work also if using manual-install - if [ "$ONLYOFFICE_ENABLED" = yes ]; then - echo "Activating OnlyOffice config..." - php /var/www/html/occ onlyoffice:documentserver --check - fi fi signal_handler() { diff --git a/php/containers.json b/php/containers.json index d8556184..8c507f91 100644 --- a/php/containers.json +++ b/php/containers.json @@ -723,10 +723,6 @@ "ONLYOFFICE_SECRET" ], "restart": "unless-stopped", - "nextcloud_exec_commands": [ - "echo 'Activating OnlyOffice config...'", - "php /var/www/html/occ onlyoffice:documentserver --check" - ], "profiles": [ "onlyoffice" ], From 7b91fcbbd34c80fde199b0b297769c11c94b75af Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 17 Dec 2025 15:24:28 +0100 Subject: [PATCH 218/432] nextcloud: Allow to disable imagick without having to enable it each time Signed-off-by: Simon L. --- Containers/nextcloud/Dockerfile | 1 + Containers/nextcloud/start.sh | 12 +++++------- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 05b3dd0a..f40de2ce 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -93,6 +93,7 @@ RUN set -ex; \ apcu \ memcached \ redis \ + imagick \ ; \ rm -r /tmp/pear; \ \ diff --git a/Containers/nextcloud/start.sh b/Containers/nextcloud/start.sh index 14cb35d1..05ccb8b0 100644 --- a/Containers/nextcloud/start.sh +++ b/Containers/nextcloud/start.sh @@ -86,15 +86,13 @@ fi # Install additional php extensions if [ -n "$ADDITIONAL_PHP_EXTENSIONS" ]; then if ! [ -f "/additional-php-extensions-are-installed" ]; then + # Allow to disable imagick without having to enable it each time + if ! echo "$ADDITIONAL_PHP_EXTENSIONS" | grep -q imagick; then + # Remove the ini file as there is no docker-php-ext-disable script available + rm /usr/local/etc/php/conf.d/docker-php-ext-imagick.ini + fi read -ra ADDITIONAL_PHP_EXTENSIONS_ARRAY <<< "$ADDITIONAL_PHP_EXTENSIONS" for app in "${ADDITIONAL_PHP_EXTENSIONS_ARRAY[@]}"; do - if [ "$app" = imagick ]; then - echo "Enabling Imagick..." - if ! docker-php-ext-enable imagick >/dev/null; then - echo "Could not install PHP extension imagick!" - fi - continue - fi # shellcheck disable=SC2086 if [ "$PHP_DEPS_ARE_INSTALLED" != 1 ]; then echo "Installing PHP build dependencies..." From 3ca5f5b3000799c3012530153b7b9ba4a1c7b648 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 18 Dec 2025 04:16:17 +0000 Subject: [PATCH 219/432] build(deps): bump nats in /Containers/talk Bumps nats from 2.12.2-scratch to 2.12.3-scratch. --- updated-dependencies: - dependency-name: nats dependency-version: 2.12.3-scratch dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/talk/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/talk/Dockerfile b/Containers/talk/Dockerfile index a74fa1ae..f94886cb 100644 --- a/Containers/talk/Dockerfile +++ b/Containers/talk/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM nats:2.12.2-scratch AS nats +FROM nats:2.12.3-scratch AS nats FROM eturnal/eturnal:1.12.2-alpine AS eturnal FROM strukturag/nextcloud-spreed-signaling:2.0.4 AS signaling FROM alpine:3.22.2 AS janus From 576c6a18bde86af0811b05fef4c6b307a8eedd0f Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Thu, 18 Dec 2025 09:58:11 +0000 Subject: [PATCH 220/432] Helm Chart updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- nextcloud-aio-helm-chart/Chart.yaml | 2 +- .../templates/nextcloud-aio-apache-deployment.yaml | 2 +- .../templates/nextcloud-aio-clamav-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-collabora-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-database-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-fulltextsearch-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-imaginary-deployment.yaml | 2 +- .../templates/nextcloud-aio-nextcloud-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-notify-push-deployment.yaml | 2 +- .../templates/nextcloud-aio-onlyoffice-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-redis-deployment.yaml | 2 +- .../templates/nextcloud-aio-talk-deployment.yaml | 2 +- .../templates/nextcloud-aio-talk-recording-deployment.yaml | 2 +- .../templates/nextcloud-aio-whiteboard-deployment.yaml | 2 +- 14 files changed, 20 insertions(+), 20 deletions(-) diff --git a/nextcloud-aio-helm-chart/Chart.yaml b/nextcloud-aio-helm-chart/Chart.yaml index 01453437..16e7a82c 100755 --- a/nextcloud-aio-helm-chart/Chart.yaml +++ b/nextcloud-aio-helm-chart/Chart.yaml @@ -1,6 +1,6 @@ name: nextcloud-aio-helm-chart description: A generated Helm Chart for Nextcloud AIO from Skippbox Kompose -version: 12.2.1 +version: 12.3.0 apiVersion: v2 keywords: - latest diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml index f9fd44e6..6eddefe9 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml @@ -61,7 +61,7 @@ spec: value: "{{ .Values.TIMEZONE }}" - name: WHITEBOARD_HOST value: nextcloud-aio-whiteboard - image: ghcr.io/nextcloud-releases/aio-apache:20251210_133359 + image: ghcr.io/nextcloud-releases/aio-apache:20251218_095503 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml index e07f9bfb..26eda032 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml @@ -36,7 +36,7 @@ spec: {{- end }} initContainers: - name: init-subpath - image: ghcr.io/nextcloud-releases/aio-alpine:20251210_133359 + image: ghcr.io/nextcloud-releases/aio-alpine:20251218_095503 command: - mkdir - "-p" @@ -59,7 +59,7 @@ spec: value: "{{ .Values.NEXTCLOUD_UPLOAD_LIMIT }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-clamav:20251210_133359 + image: ghcr.io/nextcloud-releases/aio-clamav:20251218_095503 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml index 8f8d6d3c..c0984e1d 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml @@ -36,9 +36,9 @@ spec: - name: server_name value: "{{ .Values.NC_DOMAIN }}" {{- if contains "--o:support_key=" (join " " (.Values.ADDITIONAL_COLLABORA_OPTIONS | default list)) }} - image: ghcr.io/nextcloud-releases/aio-collabora-online:20251210_133359 + image: ghcr.io/nextcloud-releases/aio-collabora-online:20251218_095503 {{- else }} - image: ghcr.io/nextcloud-releases/aio-collabora:20251210_133359 + image: ghcr.io/nextcloud-releases/aio-collabora:20251218_095503 {{- end }} readinessProbe: exec: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml index 1c6491fc..b7b54647 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml @@ -35,7 +35,7 @@ spec: {{- end }} initContainers: - name: init-subpath - image: ghcr.io/nextcloud-releases/aio-alpine:20251210_133359 + image: ghcr.io/nextcloud-releases/aio-alpine:20251218_095503 command: - mkdir - "-p" @@ -64,7 +64,7 @@ spec: value: nextcloud - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-postgresql:20251210_133359 + image: ghcr.io/nextcloud-releases/aio-postgresql:20251218_095503 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml index f40d6ff3..14f19447 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml @@ -24,7 +24,7 @@ spec: spec: initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20251210_133359 + image: ghcr.io/nextcloud-releases/aio-alpine:20251218_095503 command: - chmod - "777" @@ -54,7 +54,7 @@ spec: value: basic - name: xpack.security.enabled value: "false" - image: ghcr.io/nextcloud-releases/aio-fulltextsearch:20251210_133359 + image: ghcr.io/nextcloud-releases/aio-fulltextsearch:20251218_095503 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml index 5906d566..9f0c54c5 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml @@ -38,7 +38,7 @@ spec: value: "{{ .Values.IMAGINARY_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-imaginary:20251210_133359 + image: ghcr.io/nextcloud-releases/aio-imaginary:20251218_095503 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml index e95b8b0b..3cbfa2fe 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml @@ -38,7 +38,7 @@ spec: # AIO settings start # Do not remove or change this line! initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20251210_133359 + image: ghcr.io/nextcloud-releases/aio-alpine:20251218_095503 command: - chmod - "777" @@ -190,7 +190,7 @@ spec: value: "{{ .Values.WHITEBOARD_ENABLED }}" - name: WHITEBOARD_SECRET value: "{{ .Values.WHITEBOARD_SECRET }}" - image: ghcr.io/nextcloud-releases/aio-nextcloud:20251210_133359 + image: ghcr.io/nextcloud-releases/aio-nextcloud:20251218_095503 {{- if eq (.Values.RPSS_ENABLED | default "no") "yes" }} # AIO-config - do not change this comment! securityContext: # The items below only work in container context diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml index dc33201f..a9822a80 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml @@ -57,7 +57,7 @@ spec: value: "6379" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-notify-push:20251210_133359 + image: ghcr.io/nextcloud-releases/aio-notify-push:20251218_095503 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml index d1ae2b35..c8160edd 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml @@ -24,7 +24,7 @@ spec: spec: initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20251210_133359 + image: ghcr.io/nextcloud-releases/aio-alpine:20251218_095503 command: - chmod - "777" @@ -42,7 +42,7 @@ spec: value: "{{ .Values.ONLYOFFICE_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-onlyoffice:20251210_133359 + image: ghcr.io/nextcloud-releases/aio-onlyoffice:20251218_095503 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml index 3af2d622..8446167d 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml @@ -39,7 +39,7 @@ spec: value: "{{ .Values.REDIS_PASSWORD }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-redis:20251210_133359 + image: ghcr.io/nextcloud-releases/aio-redis:20251218_095503 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml index 9d9c6d80..c28e7335 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml @@ -52,7 +52,7 @@ spec: value: "{{ .Values.TURN_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-talk:20251210_133359 + image: ghcr.io/nextcloud-releases/aio-talk:20251218_095503 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml index 58afc7d0..a0d36c08 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml @@ -44,7 +44,7 @@ spec: value: "{{ .Values.RECORDING_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-talk-recording:20251210_133359 + image: ghcr.io/nextcloud-releases/aio-talk-recording:20251218_095503 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml index 410d6ae8..e311f230 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml @@ -50,7 +50,7 @@ spec: value: redis - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-whiteboard:20251210_133359 + image: ghcr.io/nextcloud-releases/aio-whiteboard:20251218_095503 readinessProbe: exec: command: From 638c8e262d3e5a11cf314dd500cb6550628fbe54 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 19 Dec 2025 04:11:37 +0000 Subject: [PATCH 221/432] build(deps): bump alpine from 3.22.2 to 3.23.2 in /Containers/alpine Bumps alpine from 3.22.2 to 3.23.2. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Containers/alpine/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/alpine/Dockerfile b/Containers/alpine/Dockerfile index 25ac9671..718c5510 100644 --- a/Containers/alpine/Dockerfile +++ b/Containers/alpine/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM alpine:3.22.2 +FROM alpine:3.23.2 RUN set -ex; \ apk upgrade --no-cache -a From 32c6325ab8b150378f85493c61a7ec37871fc2ee Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 19 Dec 2025 04:11:43 +0000 Subject: [PATCH 222/432] build(deps): bump alpine from 3.22.2 to 3.23.2 in /Containers/borgbackup Bumps alpine from 3.22.2 to 3.23.2. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Containers/borgbackup/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/borgbackup/Dockerfile b/Containers/borgbackup/Dockerfile index 3d4ce1ce..637d035c 100644 --- a/Containers/borgbackup/Dockerfile +++ b/Containers/borgbackup/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM alpine:3.22.2 +FROM alpine:3.23.2 RUN set -ex; \ \ From ad92033faf7d03825e6e5474f6fd80eeb82688ab Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 19 Dec 2025 04:11:46 +0000 Subject: [PATCH 223/432] build(deps): bump alpine from 3.22.2 to 3.23.2 in /Containers/clamav Bumps alpine from 3.22.2 to 3.23.2. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Containers/clamav/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/clamav/Dockerfile b/Containers/clamav/Dockerfile index eab313fd..196b109a 100644 --- a/Containers/clamav/Dockerfile +++ b/Containers/clamav/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM alpine:3.22.2 +FROM alpine:3.23.2 RUN set -ex; \ apk upgrade --no-cache -a; \ From 93aefb05a9f4bd2dda53c9596c4a8ce436d786fa Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 19 Dec 2025 04:11:54 +0000 Subject: [PATCH 224/432] build(deps): bump alpine in /Containers/domaincheck Bumps alpine from 3.22.2 to 3.23.2. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Containers/domaincheck/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/domaincheck/Dockerfile b/Containers/domaincheck/Dockerfile index c4b340e2..769c24ac 100644 --- a/Containers/domaincheck/Dockerfile +++ b/Containers/domaincheck/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM alpine:3.22.2 +FROM alpine:3.23.2 RUN set -ex; \ apk upgrade --no-cache -a; \ apk add --no-cache bash lighttpd netcat-openbsd; \ From 224e4ed91793841615a3f87e3976476871dffc56 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 19 Dec 2025 04:12:02 +0000 Subject: [PATCH 225/432] build(deps): bump alpine from 3.22.2 to 3.23.2 in /Containers/imaginary Bumps alpine from 3.22.2 to 3.23.2. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Containers/imaginary/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/imaginary/Dockerfile b/Containers/imaginary/Dockerfile index ea0a70de..79ea1228 100644 --- a/Containers/imaginary/Dockerfile +++ b/Containers/imaginary/Dockerfile @@ -14,7 +14,7 @@ RUN set -ex; \ build-base; \ go install github.com/h2non/imaginary@"$IMAGINARY_HASH"; -FROM alpine:3.22.2 +FROM alpine:3.23.2 RUN set -ex; \ apk upgrade --no-cache -a; \ apk add --no-cache \ From 86328d650977ba91665d6c97b39a5d602ef354a5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 19 Dec 2025 04:12:58 +0000 Subject: [PATCH 226/432] build(deps): bump alpine in /Containers/notify-push Bumps alpine from 3.22.2 to 3.23.2. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Containers/notify-push/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/notify-push/Dockerfile b/Containers/notify-push/Dockerfile index 812ec840..83b4cab1 100644 --- a/Containers/notify-push/Dockerfile +++ b/Containers/notify-push/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM alpine:3.22.2 +FROM alpine:3.23.2 COPY --chmod=775 start.sh /start.sh COPY --chmod=775 healthcheck.sh /healthcheck.sh From e136b51fc1fa6b1479e6222b12f97c9ca60ca1a7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 19 Dec 2025 04:13:19 +0000 Subject: [PATCH 227/432] build(deps): bump alpine from 3.22.2 to 3.23.2 in /Containers/talk Bumps alpine from 3.22.2 to 3.23.2. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Containers/talk/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Containers/talk/Dockerfile b/Containers/talk/Dockerfile index a74fa1ae..fe7d017d 100644 --- a/Containers/talk/Dockerfile +++ b/Containers/talk/Dockerfile @@ -2,7 +2,7 @@ FROM nats:2.12.2-scratch AS nats FROM eturnal/eturnal:1.12.2-alpine AS eturnal FROM strukturag/nextcloud-spreed-signaling:2.0.4 AS signaling -FROM alpine:3.22.2 AS janus +FROM alpine:3.23.2 AS janus ARG JANUS_VERSION=v1.3.3 WORKDIR /src @@ -35,7 +35,7 @@ RUN set -ex; \ make configs; \ rename -v ".jcfg.sample" ".jcfg" /usr/local/etc/janus/*.jcfg.sample -FROM alpine:3.22.2 +FROM alpine:3.23.2 ENV ETURNAL_ETC_DIR="/conf" ENV SKIP_CERT_VERIFY=false COPY --from=janus --chmod=777 --chown=1000:1000 /usr/local /usr/local From 667a6ebfad10f461b0cf8b3f20c607bb0d28e36f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 19 Dec 2025 04:13:29 +0000 Subject: [PATCH 228/432] build(deps): bump alpine from 3.22.2 to 3.23.2 in /Containers/watchtower Bumps alpine from 3.22.2 to 3.23.2. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Containers/watchtower/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/watchtower/Dockerfile b/Containers/watchtower/Dockerfile index 50ba3b7d..14f6c672 100644 --- a/Containers/watchtower/Dockerfile +++ b/Containers/watchtower/Dockerfile @@ -9,7 +9,7 @@ RUN set -ex; \ build-base; \ go install github.com/nicholas-fedor/watchtower@$WATCHTOWER_COMMIT_HASH # v1.12.5 -FROM alpine:3.22.2 +FROM alpine:3.23.2 RUN set -ex; \ apk upgrade --no-cache -a; \ From 15fa3be6555e0916be19c0a788ed3208aa010022 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 30 Dec 2025 13:46:07 +0100 Subject: [PATCH 229/432] Update collabora.yml Signed-off-by: Simon L. --- .github/workflows/collabora.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/collabora.yml b/.github/workflows/collabora.yml index 37e974f7..8e464925 100644 --- a/.github/workflows/collabora.yml +++ b/.github/workflows/collabora.yml @@ -14,7 +14,7 @@ jobs: - name: Run collabora-profile-update run: | rm -f php/cool-seccomp-profile.json - wget https://raw.githubusercontent.com/CollaboraOnline/online/refs/heads/master/docker/cool-seccomp-profile.json + wget https://raw.githubusercontent.com/CollaboraOnline/online/refs/heads/main/docker/cool-seccomp-profile.json mv cool-seccomp-profile.json php/ - name: Create Pull Request From e8176e15f5076397629bc38c1867070add001a9f Mon Sep 17 00:00:00 2001 From: nextcloud-command Date: Wed, 31 Dec 2025 04:22:04 +0000 Subject: [PATCH 230/432] Update psalm baseline Signed-off-by: GitHub --- php/psalm-baseline.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/psalm-baseline.xml b/php/psalm-baseline.xml index dfff8ba0..8c90cdc8 100644 --- a/php/psalm-baseline.xml +++ b/php/psalm-baseline.xml @@ -1,2 +1,2 @@ - + From 093b553354ce412192dc1947a2cd6bf3a6be2dd2 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Wed, 31 Dec 2025 12:03:35 +0000 Subject: [PATCH 231/432] php dependency updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- php/composer.lock | 126 ++++++++++++++++++++++++---------------------- 1 file changed, 65 insertions(+), 61 deletions(-) diff --git a/php/composer.lock b/php/composer.lock index d829d29f..ed6667ed 100644 --- a/php/composer.lock +++ b/php/composer.lock @@ -333,16 +333,16 @@ }, { "name": "http-interop/http-factory-guzzle", - "version": "1.2.0", + "version": "1.2.1", "source": { "type": "git", "url": "https://github.com/http-interop/http-factory-guzzle.git", - "reference": "8f06e92b95405216b237521cc64c804dd44c4a81" + "reference": "c2c859ceb05c3f42e710b60555f4c35b6a4a3995" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/http-interop/http-factory-guzzle/zipball/8f06e92b95405216b237521cc64c804dd44c4a81", - "reference": "8f06e92b95405216b237521cc64c804dd44c4a81", + "url": "https://api.github.com/repos/http-interop/http-factory-guzzle/zipball/c2c859ceb05c3f42e710b60555f4c35b6a4a3995", + "reference": "c2c859ceb05c3f42e710b60555f4c35b6a4a3995", "shasum": "" }, "require": { @@ -385,9 +385,9 @@ ], "support": { "issues": "https://github.com/http-interop/http-factory-guzzle/issues", - "source": "https://github.com/http-interop/http-factory-guzzle/tree/1.2.0" + "source": "https://github.com/http-interop/http-factory-guzzle/tree/1.2.1" }, - "time": "2021-07-21T13:50:14+00:00" + "time": "2025-12-15T11:28:16+00:00" }, { "name": "laravel/serializable-closure", @@ -1644,16 +1644,16 @@ }, { "name": "twig/twig", - "version": "v3.22.1", + "version": "v3.22.2", "source": { "type": "git", "url": "https://github.com/twigphp/Twig.git", - "reference": "1de2ec1fc43ab58a4b7e80b214b96bfc895750f3" + "reference": "946ddeafa3c9f4ce279d1f34051af041db0e16f2" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/twigphp/Twig/zipball/1de2ec1fc43ab58a4b7e80b214b96bfc895750f3", - "reference": "1de2ec1fc43ab58a4b7e80b214b96bfc895750f3", + "url": "https://api.github.com/repos/twigphp/Twig/zipball/946ddeafa3c9f4ce279d1f34051af041db0e16f2", + "reference": "946ddeafa3c9f4ce279d1f34051af041db0e16f2", "shasum": "" }, "require": { @@ -1707,7 +1707,7 @@ ], "support": { "issues": "https://github.com/twigphp/Twig/issues", - "source": "https://github.com/twigphp/Twig/tree/v3.22.1" + "source": "https://github.com/twigphp/Twig/tree/v3.22.2" }, "funding": [ { @@ -1719,7 +1719,7 @@ "type": "tidelift" } ], - "time": "2025-11-16T16:01:12+00:00" + "time": "2025-12-14T11:28:47+00:00" } ], "packages-dev": [ @@ -3455,16 +3455,16 @@ }, { "name": "phpdocumentor/reflection-docblock", - "version": "5.6.5", + "version": "5.6.6", "source": { "type": "git", "url": "https://github.com/phpDocumentor/ReflectionDocBlock.git", - "reference": "90614c73d3800e187615e2dd236ad0e2a01bf761" + "reference": "5cee1d3dfc2d2aa6599834520911d246f656bcb8" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/90614c73d3800e187615e2dd236ad0e2a01bf761", - "reference": "90614c73d3800e187615e2dd236ad0e2a01bf761", + "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/5cee1d3dfc2d2aa6599834520911d246f656bcb8", + "reference": "5cee1d3dfc2d2aa6599834520911d246f656bcb8", "shasum": "" }, "require": { @@ -3474,7 +3474,7 @@ "phpdocumentor/reflection-common": "^2.2", "phpdocumentor/type-resolver": "^1.7", "phpstan/phpdoc-parser": "^1.7|^2.0", - "webmozart/assert": "^1.9.1" + "webmozart/assert": "^1.9.1 || ^2" }, "require-dev": { "mockery/mockery": "~1.3.5 || ~1.6.0", @@ -3513,9 +3513,9 @@ "description": "With this component, a library can provide support for annotations via DocBlocks or otherwise retrieve information that is embedded in a DocBlock.", "support": { "issues": "https://github.com/phpDocumentor/ReflectionDocBlock/issues", - "source": "https://github.com/phpDocumentor/ReflectionDocBlock/tree/5.6.5" + "source": "https://github.com/phpDocumentor/ReflectionDocBlock/tree/5.6.6" }, - "time": "2025-11-27T19:50:05+00:00" + "time": "2025-12-22T21:13:58+00:00" }, { "name": "phpdocumentor/type-resolver", @@ -3763,16 +3763,16 @@ }, { "name": "spatie/array-to-xml", - "version": "3.4.3", + "version": "3.4.4", "source": { "type": "git", "url": "https://github.com/spatie/array-to-xml.git", - "reference": "7b9202dccfe18d4e3a13303156d6bbcc1c61dabf" + "reference": "88b2f3852a922dd73177a68938f8eb2ec70c7224" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/spatie/array-to-xml/zipball/7b9202dccfe18d4e3a13303156d6bbcc1c61dabf", - "reference": "7b9202dccfe18d4e3a13303156d6bbcc1c61dabf", + "url": "https://api.github.com/repos/spatie/array-to-xml/zipball/88b2f3852a922dd73177a68938f8eb2ec70c7224", + "reference": "88b2f3852a922dd73177a68938f8eb2ec70c7224", "shasum": "" }, "require": { @@ -3815,7 +3815,7 @@ "xml" ], "support": { - "source": "https://github.com/spatie/array-to-xml/tree/3.4.3" + "source": "https://github.com/spatie/array-to-xml/tree/3.4.4" }, "funding": [ { @@ -3827,7 +3827,7 @@ "type": "github" } ], - "time": "2025-11-27T09:08:26+00:00" + "time": "2025-12-15T09:00:41+00:00" }, { "name": "sserbin/twig-linter", @@ -3889,16 +3889,16 @@ }, { "name": "symfony/console", - "version": "v6.4.30", + "version": "v6.4.31", "source": { "type": "git", "url": "https://github.com/symfony/console.git", - "reference": "1b2813049506b39eb3d7e64aff033fd5ca26c97e" + "reference": "f9f8a889f54c264f9abac3fc0f7a371ffca51997" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/console/zipball/1b2813049506b39eb3d7e64aff033fd5ca26c97e", - "reference": "1b2813049506b39eb3d7e64aff033fd5ca26c97e", + "url": "https://api.github.com/repos/symfony/console/zipball/f9f8a889f54c264f9abac3fc0f7a371ffca51997", + "reference": "f9f8a889f54c264f9abac3fc0f7a371ffca51997", "shasum": "" }, "require": { @@ -3963,7 +3963,7 @@ "terminal" ], "support": { - "source": "https://github.com/symfony/console/tree/v6.4.30" + "source": "https://github.com/symfony/console/tree/v6.4.31" }, "funding": [ { @@ -3983,29 +3983,29 @@ "type": "tidelift" } ], - "time": "2025-12-05T13:47:41+00:00" + "time": "2025-12-22T08:30:34+00:00" }, { "name": "symfony/filesystem", - "version": "v7.4.0", + "version": "v8.0.1", "source": { "type": "git", "url": "https://github.com/symfony/filesystem.git", - "reference": "d551b38811096d0be9c4691d406991b47c0c630a" + "reference": "d937d400b980523dc9ee946bb69972b5e619058d" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/filesystem/zipball/d551b38811096d0be9c4691d406991b47c0c630a", - "reference": "d551b38811096d0be9c4691d406991b47c0c630a", + "url": "https://api.github.com/repos/symfony/filesystem/zipball/d937d400b980523dc9ee946bb69972b5e619058d", + "reference": "d937d400b980523dc9ee946bb69972b5e619058d", "shasum": "" }, "require": { - "php": ">=8.2", + "php": ">=8.4", "symfony/polyfill-ctype": "~1.8", "symfony/polyfill-mbstring": "~1.8" }, "require-dev": { - "symfony/process": "^6.4|^7.0|^8.0" + "symfony/process": "^7.4|^8.0" }, "type": "library", "autoload": { @@ -4033,7 +4033,7 @@ "description": "Provides basic utilities for the filesystem", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/filesystem/tree/v7.4.0" + "source": "https://github.com/symfony/filesystem/tree/v8.0.1" }, "funding": [ { @@ -4053,20 +4053,20 @@ "type": "tidelift" } ], - "time": "2025-11-27T13:27:24+00:00" + "time": "2025-12-01T09:13:36+00:00" }, { "name": "symfony/finder", - "version": "v6.4.27", + "version": "v6.4.31", "source": { "type": "git", "url": "https://github.com/symfony/finder.git", - "reference": "a1b6aa435d2fba50793b994a839c32b6064f063b" + "reference": "5547f2e1f0ca8e2e7abe490156b62da778cfbe2b" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/finder/zipball/a1b6aa435d2fba50793b994a839c32b6064f063b", - "reference": "a1b6aa435d2fba50793b994a839c32b6064f063b", + "url": "https://api.github.com/repos/symfony/finder/zipball/5547f2e1f0ca8e2e7abe490156b62da778cfbe2b", + "reference": "5547f2e1f0ca8e2e7abe490156b62da778cfbe2b", "shasum": "" }, "require": { @@ -4101,7 +4101,7 @@ "description": "Finds files and directories via an intuitive fluent interface", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/finder/tree/v6.4.27" + "source": "https://github.com/symfony/finder/tree/v6.4.31" }, "funding": [ { @@ -4121,7 +4121,7 @@ "type": "tidelift" } ], - "time": "2025-10-15T18:32:00+00:00" + "time": "2025-12-11T14:52:17+00:00" }, { "name": "symfony/polyfill-intl-grapheme", @@ -4550,16 +4550,16 @@ }, { "name": "vimeo/psalm", - "version": "6.14.2", + "version": "6.14.3", "source": { "type": "git", "url": "https://github.com/vimeo/psalm.git", - "reference": "bbd217fc98c0daa0a13aea2a7f119d03ba3fc9a0" + "reference": "d0b040a91f280f071c1abcb1b77ce3822058725a" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/vimeo/psalm/zipball/bbd217fc98c0daa0a13aea2a7f119d03ba3fc9a0", - "reference": "bbd217fc98c0daa0a13aea2a7f119d03ba3fc9a0", + "url": "https://api.github.com/repos/vimeo/psalm/zipball/d0b040a91f280f071c1abcb1b77ce3822058725a", + "reference": "d0b040a91f280f071c1abcb1b77ce3822058725a", "shasum": "" }, "require": { @@ -4585,8 +4585,8 @@ "php": "~8.1.31 || ~8.2.27 || ~8.3.16 || ~8.4.3 || ~8.5.0", "sebastian/diff": "^4.0 || ^5.0 || ^6.0 || ^7.0", "spatie/array-to-xml": "^2.17.0 || ^3.0", - "symfony/console": "^6.0 || ^7.0", - "symfony/filesystem": "~6.3.12 || ~6.4.3 || ^7.0.3", + "symfony/console": "^6.0 || ^7.0 || ^8.0", + "symfony/filesystem": "~6.3.12 || ~6.4.3 || ^7.0.3 || ^8.0", "symfony/polyfill-php84": "^1.31.0" }, "provide": { @@ -4608,7 +4608,7 @@ "psalm/plugin-phpunit": "^0.19", "slevomat/coding-standard": "^8.4", "squizlabs/php_codesniffer": "^3.6", - "symfony/process": "^6.0 || ^7.0" + "symfony/process": "^6.0 || ^7.0 || ^8.0" }, "suggest": { "ext-curl": "In order to send data to shepherd", @@ -4664,7 +4664,7 @@ "issues": "https://github.com/vimeo/psalm/issues", "source": "https://github.com/vimeo/psalm" }, - "time": "2025-12-11T08:58:52+00:00" + "time": "2025-12-23T15:36:48+00:00" }, { "name": "wapmorgan/php-deprecation-detector", @@ -4735,23 +4735,23 @@ }, { "name": "webmozart/assert", - "version": "1.12.1", + "version": "2.0.0", "source": { "type": "git", "url": "https://github.com/webmozarts/assert.git", - "reference": "9be6926d8b485f55b9229203f962b51ed377ba68" + "reference": "1b34b004e35a164bc5bb6ebd33c844b2d8069a54" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/webmozarts/assert/zipball/9be6926d8b485f55b9229203f962b51ed377ba68", - "reference": "9be6926d8b485f55b9229203f962b51ed377ba68", + "url": "https://api.github.com/repos/webmozarts/assert/zipball/1b34b004e35a164bc5bb6ebd33c844b2d8069a54", + "reference": "1b34b004e35a164bc5bb6ebd33c844b2d8069a54", "shasum": "" }, "require": { "ext-ctype": "*", "ext-date": "*", "ext-filter": "*", - "php": "^7.2 || ^8.0" + "php": "^8.2" }, "suggest": { "ext-intl": "", @@ -4761,7 +4761,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "1.10-dev" + "dev-feature/2-0": "2.0-dev" } }, "autoload": { @@ -4777,6 +4777,10 @@ { "name": "Bernhard Schussek", "email": "bschussek@gmail.com" + }, + { + "name": "Woody Gilk", + "email": "woody.gilk@gmail.com" } ], "description": "Assertions to validate method input/output with nice error messages.", @@ -4787,9 +4791,9 @@ ], "support": { "issues": "https://github.com/webmozarts/assert/issues", - "source": "https://github.com/webmozarts/assert/tree/1.12.1" + "source": "https://github.com/webmozarts/assert/tree/2.0.0" }, - "time": "2025-10-29T15:56:20+00:00" + "time": "2025-12-16T21:36:00+00:00" } ], "aliases": [], From 68400eafde480f2856ab9a0eecb0c6d9754b1027 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Wed, 31 Dec 2025 12:11:32 +0000 Subject: [PATCH 232/432] watchtower-update automated change Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- Containers/watchtower/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Containers/watchtower/Dockerfile b/Containers/watchtower/Dockerfile index 50ba3b7d..93f91252 100644 --- a/Containers/watchtower/Dockerfile +++ b/Containers/watchtower/Dockerfile @@ -1,13 +1,13 @@ # syntax=docker/dockerfile:latest FROM golang:1.25.5-alpine3.22 AS go -ENV WATCHTOWER_COMMIT_HASH=1ee8747544ce9a49711d9314f1690b30c29e6a8c +ENV WATCHTOWER_COMMIT_HASH=f6a7b29c312bec5f389a4fb52259919f0678800b RUN set -ex; \ apk upgrade --no-cache -a; \ apk add --no-cache \ build-base; \ - go install github.com/nicholas-fedor/watchtower@$WATCHTOWER_COMMIT_HASH # v1.12.5 + go install github.com/nicholas-fedor/watchtower@$WATCHTOWER_COMMIT_HASH # v1.13.1 FROM alpine:3.22.2 From 5b360e96ac7d132a5d9a0db33b9319ca8440f4c0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 1 Jan 2026 04:13:30 +0000 Subject: [PATCH 233/432] build(deps): bump docker in /Containers/mastercontainer Bumps docker from 29.1.2-cli to 29.1.3-cli. --- updated-dependencies: - dependency-name: docker dependency-version: 29.1.3-cli dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/mastercontainer/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile index ebf8b27d..253394de 100644 --- a/Containers/mastercontainer/Dockerfile +++ b/Containers/mastercontainer/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Docker CLI is a requirement -FROM docker:29.1.2-cli AS docker +FROM docker:29.1.3-cli AS docker # Caddy is a requirement FROM caddy:2.10.2-alpine AS caddy From 6a356b5390939c68b76707c85d26b6c7aa44b12b Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 5 Jan 2026 09:46:10 +0100 Subject: [PATCH 234/432] rp-docs: traefik: encode `%` Signed-off-by: Simon L. --- reverse-proxy.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/reverse-proxy.md b/reverse-proxy.md index 14e7aaaf..50a6bccd 100644 --- a/reverse-proxy.md +++ b/reverse-proxy.md @@ -871,10 +871,11 @@ The examples below define the dynamic configuration in YAML files. If you rather respondingTimeouts: readTimeout: 24h # Allows uploads > 100MB; prevents connection reset due to chunking (public upload-only links) http: - # Required for Nextcloud to correctly handle encoded URL characters (%2F and %3F in this case) in newer Traefik versions (v3.6.4+). + # Required for Nextcloud to correctly handle encoded URL characters (%2F, %3F and %25 in this case) in newer Traefik versions (v3.6.4+). encodedCharacters: allowEncodedSlash: true allowEncodedQuestionMark: true + allowEncodedPercent: true # If you want to enable HTTP/3 support, uncomment the line below # http3: {} From cea609d746345a5191b105b58799610be1effe5b Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 5 Jan 2026 09:53:30 +0100 Subject: [PATCH 235/432] update OO Signed-off-by: Simon L. --- Containers/onlyoffice/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/onlyoffice/Dockerfile b/Containers/onlyoffice/Dockerfile index c2b94d8c..d028ccbc 100644 --- a/Containers/onlyoffice/Dockerfile +++ b/Containers/onlyoffice/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # From https://github.com/ONLYOFFICE/Docker-DocumentServer/blob/master/Dockerfile -FROM onlyoffice/documentserver:9.2.0.1 +FROM onlyoffice/documentserver:9.2.1.1 # USER root is probably used From 06cdd8eca1dda533978e0ff69fd9b4e6501393f7 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 5 Jan 2026 09:57:39 +0100 Subject: [PATCH 236/432] update remaining dependencies to alpine 3.23 Signed-off-by: Simon L. --- Containers/apache/Dockerfile | 2 +- Containers/imaginary/Dockerfile | 4 ++-- Containers/mastercontainer/Dockerfile | 4 ++-- Containers/nextcloud/Dockerfile | 2 +- Containers/postgresql/Dockerfile | 2 +- Containers/talk-recording/Dockerfile | 2 +- Containers/watchtower/Dockerfile | 2 +- readme.md | 2 +- 8 files changed, 10 insertions(+), 10 deletions(-) diff --git a/Containers/apache/Dockerfile b/Containers/apache/Dockerfile index c844c364..0948fb25 100644 --- a/Containers/apache/Dockerfile +++ b/Containers/apache/Dockerfile @@ -2,7 +2,7 @@ FROM caddy:2.10.2-alpine AS caddy # From https://github.com/docker-library/httpd/blob/master/2.4/alpine/Dockerfile -FROM httpd:2.4.66-alpine3.22 +FROM httpd:2.4.66-alpine3.23 COPY --from=caddy /usr/bin/caddy /usr/bin/caddy diff --git a/Containers/imaginary/Dockerfile b/Containers/imaginary/Dockerfile index 79ea1228..319325b1 100644 --- a/Containers/imaginary/Dockerfile +++ b/Containers/imaginary/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:latest -FROM golang:1.25.5-alpine3.22 AS go +FROM golang:1.25.5-alpine3.23 AS go -ENV IMAGINARY_HASH=6a274b488759a896aff02f52afee6e50b5e3a3ee +ENV IMAGINARY_HASH=6a274b488759a896aff02f52afee6e50b5e3a3ee RUN set -ex; \ apk upgrade --no-cache -a; \ diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile index 253394de..e10895e8 100644 --- a/Containers/mastercontainer/Dockerfile +++ b/Containers/mastercontainer/Dockerfile @@ -5,8 +5,8 @@ FROM docker:29.1.3-cli AS docker # Caddy is a requirement FROM caddy:2.10.2-alpine AS caddy -# From https://github.com/docker-library/php/blob/master/8.4/alpine3.22/fpm/Dockerfile -FROM php:8.4.15-fpm-alpine3.22 +# From https://github.com/docker-library/php/blob/master/8.4/alpine3.23/fpm/Dockerfile +FROM php:8.4.15-fpm-alpine3.23 EXPOSE 80 EXPOSE 8080 diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 05b3dd0a..578e7165 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM php:8.3.28-fpm-alpine3.22 +FROM php:8.3.28-fpm-alpine3.23 ENV PHP_MEMORY_LIMIT=512M ENV PHP_UPLOAD_LIMIT=16G diff --git a/Containers/postgresql/Dockerfile b/Containers/postgresql/Dockerfile index 4da6a372..725b8042 100644 --- a/Containers/postgresql/Dockerfile +++ b/Containers/postgresql/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -# From https://github.com/docker-library/postgres/blob/master/17/alpine3.22/Dockerfile +# From https://github.com/docker-library/postgres/blob/master/17/alpine3.23/Dockerfile FROM postgres:17.7-alpine COPY --chmod=775 start.sh /start.sh diff --git a/Containers/talk-recording/Dockerfile b/Containers/talk-recording/Dockerfile index beeb517e..65af7db4 100644 --- a/Containers/talk-recording/Dockerfile +++ b/Containers/talk-recording/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM python:3.14.2-alpine3.22 +FROM python:3.14.2-alpine3.23 COPY --chmod=775 start.sh /start.sh COPY --chmod=775 healthcheck.sh /healthcheck.sh diff --git a/Containers/watchtower/Dockerfile b/Containers/watchtower/Dockerfile index 14f6c672..fcf4678a 100644 --- a/Containers/watchtower/Dockerfile +++ b/Containers/watchtower/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM golang:1.25.5-alpine3.22 AS go +FROM golang:1.25.5-alpine3.23 AS go ENV WATCHTOWER_COMMIT_HASH=1ee8747544ce9a49711d9314f1690b30c29e6a8c diff --git a/readme.md b/readme.md index fc46b3fb..bcbf7d57 100644 --- a/readme.md +++ b/readme.md @@ -504,7 +504,7 @@ You might want to adjust the Nextcloud apps that are installed upon the first st ### How to add OS packages permanently to the Nextcloud container? Some Nextcloud apps require additional external dependencies that must be bundled within Nextcloud container in order to work correctly. As we cannot put each and every dependency for all apps into the container - as this would make the project quickly unmaintainable - there is an official way in which you can add additional dependencies into the Nextcloud container. However note that doing this is disrecommended since we do not test Nextcloud apps that require external dependencies. -You can do so by adding `--env NEXTCLOUD_ADDITIONAL_APKS="imagemagick dependency2 dependency3"` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and customize the value to your fitting. It must be a string with small letters a-z, digits 0-9, spaces, dots and hyphens or '_'. You can find available packages here: https://pkgs.alpinelinux.org/packages?branch=v3.22. By default `imagemagick` is added. If you want to keep it, you need to specify it as well. +You can do so by adding `--env NEXTCLOUD_ADDITIONAL_APKS="imagemagick dependency2 dependency3"` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and customize the value to your fitting. It must be a string with small letters a-z, digits 0-9, spaces, dots and hyphens or '_'. You can find available packages here: https://pkgs.alpinelinux.org/packages?branch=v3.23. By default `imagemagick` is added. If you want to keep it, you need to specify it as well. ### How to add PHP extensions permanently to the Nextcloud container? Some Nextcloud apps require additional php extensions that must be bundled within Nextcloud container in order to work correctly. As we cannot put each and every dependency for all apps into the container - as this would make the project quickly unmaintainable - there is an official way in which you can add additional php extensions into the Nextcloud container. However note that doing this is disrecommended since we do not test Nextcloud apps that require additional php extensions. From 8a184fdce00484107cebc9442e3741bad4c2a3e0 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Mon, 5 Jan 2026 12:03:44 +0000 Subject: [PATCH 237/432] imaginary-update automated change Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- Containers/imaginary/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/imaginary/Dockerfile b/Containers/imaginary/Dockerfile index 319325b1..11250a43 100644 --- a/Containers/imaginary/Dockerfile +++ b/Containers/imaginary/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:latest FROM golang:1.25.5-alpine3.23 AS go -ENV IMAGINARY_HASH=6a274b488759a896aff02f52afee6e50b5e3a3ee +ENV IMAGINARY_HASH=6a274b488759a896aff02f52afee6e50b5e3a3ee RUN set -ex; \ apk upgrade --no-cache -a; \ From 84c581b8bf1d08a5a89b8efd36d372f5fec791ec Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 5 Jan 2026 15:43:17 +0100 Subject: [PATCH 238/432] notify-push & whiteboard: URL-encode passwords Signed-off-by: Simon L. --- Containers/notify-push/Dockerfile | 1 + Containers/notify-push/start.sh | 4 ++++ Containers/whiteboard/Dockerfile | 2 +- Containers/whiteboard/start.sh | 3 +++ 4 files changed, 9 insertions(+), 1 deletion(-) diff --git a/Containers/notify-push/Dockerfile b/Containers/notify-push/Dockerfile index 83b4cab1..029c93f2 100644 --- a/Containers/notify-push/Dockerfile +++ b/Containers/notify-push/Dockerfile @@ -11,6 +11,7 @@ RUN set -ex; \ netcat-openbsd \ tzdata \ bash \ + jq \ openssl; \ # Give root a random password echo "root:$(openssl rand -base64 12)" | chpasswd; \ diff --git a/Containers/notify-push/start.sh b/Containers/notify-push/start.sh index 4f07907b..26d74333 100644 --- a/Containers/notify-push/start.sh +++ b/Containers/notify-push/start.sh @@ -70,6 +70,10 @@ if [ "$POSTGRES_USER" = nextcloud ]; then export POSTGRES_USER fi +# URL-encode passwords +POSTGRES_PASSWORD="$(jq -rn --arg v "$POSTGRES_PASSWORD" '$v|@uri')" +REDIS_HOST_PASSWORD="$(jq -rn --arg v "$REDIS_HOST_PASSWORD" '$v|@uri')" + # Postgres root cert if [ -f "/nextcloud/data/certificates/POSTGRES" ]; then CERT_OPTIONS="?sslmode=verify-ca&sslrootcert=/nextcloud/data/certificates/ca-bundle.crt" diff --git a/Containers/whiteboard/Dockerfile b/Containers/whiteboard/Dockerfile index e2f40160..f6b8cc7d 100644 --- a/Containers/whiteboard/Dockerfile +++ b/Containers/whiteboard/Dockerfile @@ -4,7 +4,7 @@ FROM ghcr.io/nextcloud-releases/whiteboard:v1.5.0 USER root RUN set -ex; \ - apk add --no-cache bash; \ + apk add --no-cache bash jq; \ chmod 777 -R /tmp; \ if [ -f /usr/lib/chromium/chrome_crashpad_handler ] && [ ! -f /usr/lib/chromium/chrome_crashpad_handler.real ]; then \ mv /usr/lib/chromium/chrome_crashpad_handler /usr/lib/chromium/chrome_crashpad_handler.real; \ diff --git a/Containers/whiteboard/start.sh b/Containers/whiteboard/start.sh index 8975e0c6..e0babd7f 100644 --- a/Containers/whiteboard/start.sh +++ b/Containers/whiteboard/start.sh @@ -11,6 +11,9 @@ if [ -z "$REDIS_DB_INDEX" ]; then REDIS_DB_INDEX=0 fi +# URL-encode password +REDIS_HOST_PASSWORD="$(jq -rn --arg v "$REDIS_HOST_PASSWORD" '$v|@uri')" + export REDIS_URL="redis://$REDIS_USER:$REDIS_HOST_PASSWORD@$REDIS_HOST:$REDIS_PORT/$REDIS_DB_INDEX" # Run it From 9da86241d4e96f5486f26c2d1243f8874c234d1b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 6 Jan 2026 04:18:07 +0000 Subject: [PATCH 239/432] build(deps): bump haproxy in /Containers/docker-socket-proxy Bumps haproxy from 3.3.0-alpine to 3.3.1-alpine. --- updated-dependencies: - dependency-name: haproxy dependency-version: 3.3.1-alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/docker-socket-proxy/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/docker-socket-proxy/Dockerfile b/Containers/docker-socket-proxy/Dockerfile index ed2e9e2d..796c855a 100644 --- a/Containers/docker-socket-proxy/Dockerfile +++ b/Containers/docker-socket-proxy/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM haproxy:3.3.0-alpine +FROM haproxy:3.3.1-alpine # hadolint ignore=DL3002 USER root From d178e12ae4df07a08d198fbc60f820aba58a513b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 6 Jan 2026 04:18:11 +0000 Subject: [PATCH 240/432] build(deps): bump elasticsearch in /Containers/fulltextsearch Bumps elasticsearch from 8.19.8 to 8.19.9. --- updated-dependencies: - dependency-name: elasticsearch dependency-version: 8.19.9 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/fulltextsearch/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/fulltextsearch/Dockerfile b/Containers/fulltextsearch/Dockerfile index 6e739095..7975bcbb 100644 --- a/Containers/fulltextsearch/Dockerfile +++ b/Containers/fulltextsearch/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Probably from here https://github.com/elastic/elasticsearch/blob/main/distribution/docker/src/docker/Dockerfile -FROM elasticsearch:8.19.8 +FROM elasticsearch:8.19.9 USER root From 5718c1e7edc5673b5adfbf657ca20ca00ae2af44 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 6 Jan 2026 04:18:39 +0000 Subject: [PATCH 241/432] build(deps): bump php in /Containers/mastercontainer Bumps php from 8.4.15-fpm-alpine3.23 to 8.4.16-fpm-alpine3.23. --- updated-dependencies: - dependency-name: php dependency-version: 8.4.16-fpm-alpine3.23 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/mastercontainer/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile index e10895e8..c5b91b7d 100644 --- a/Containers/mastercontainer/Dockerfile +++ b/Containers/mastercontainer/Dockerfile @@ -6,7 +6,7 @@ FROM docker:29.1.3-cli AS docker FROM caddy:2.10.2-alpine AS caddy # From https://github.com/docker-library/php/blob/master/8.4/alpine3.23/fpm/Dockerfile -FROM php:8.4.15-fpm-alpine3.23 +FROM php:8.4.16-fpm-alpine3.23 EXPOSE 80 EXPOSE 8080 From 7a623fb12038ac1f0083359102f16c9a99f2bb62 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 6 Jan 2026 04:19:00 +0000 Subject: [PATCH 242/432] build(deps): bump php in /Containers/nextcloud Bumps php from 8.3.28-fpm-alpine3.23 to 8.3.29-fpm-alpine3.23. --- updated-dependencies: - dependency-name: php dependency-version: 8.3.29-fpm-alpine3.23 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/nextcloud/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 3ee04ae3..6b6be7f8 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM php:8.3.28-fpm-alpine3.23 +FROM php:8.3.29-fpm-alpine3.23 ENV PHP_MEMORY_LIMIT=512M ENV PHP_UPLOAD_LIMIT=16G From e2b425bcda4956b7d9b1e1e01667d9ddd3ba1a96 Mon Sep 17 00:00:00 2001 From: nextcloud-command Date: Tue, 6 Jan 2026 04:23:38 +0000 Subject: [PATCH 243/432] Update psalm baseline Signed-off-by: GitHub --- php/psalm-baseline.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/psalm-baseline.xml b/php/psalm-baseline.xml index 8c90cdc8..a9b7140d 100644 --- a/php/psalm-baseline.xml +++ b/php/psalm-baseline.xml @@ -1,2 +1,2 @@ - + From 1f6871ff5cc4dce028b71dd164d982d058376826 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Wed, 7 Jan 2026 12:03:32 +0100 Subject: [PATCH 244/432] Fix typo in variable throughout the code base Signed-off-by: Pablo Zmdl --- php/public/index.php | 22 ++++----- php/src/Cron/BackupNotification.php | 66 +++++++++++++-------------- php/src/Cron/CheckFreeDiskSpace.php | 6 +-- php/src/Cron/OutdatedNotification.php | 8 ++-- php/src/Cron/UpdateNotification.php | 12 ++--- 5 files changed, 57 insertions(+), 57 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index c49629bd..b57f65a5 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -77,11 +77,11 @@ $app->get('/containers', function (Request $request, Response $response, array $ $view->addExtension(new \AIO\Twig\ClassExtension()); /** @var \AIO\Data\ConfigurationManager $configurationManager */ $configurationManager = $container->get(\AIO\Data\ConfigurationManager::class); - /** @var \AIO\Docker\DockerActionManager $dockerActionManger */ - $dockerActionManger = $container->get(\AIO\Docker\DockerActionManager::class); + /** @var \AIO\Docker\DockerActionManager $dockerActionManager */ + $dockerActionManager = $container->get(\AIO\Docker\DockerActionManager::class); /** @var \AIO\Controller\DockerController $dockerController */ $dockerController = $container->get(\AIO\Controller\DockerController::class); - $dockerActionManger->ConnectMasterContainerToNetwork(); + $dockerActionManager->ConnectMasterContainerToNetwork(); $dockerController->StartDomaincheckContainer(); // Check if bypass_mastercontainer_update is provided on the URL, a special developer mode to bypass a mastercontainer update and use local image. @@ -99,17 +99,17 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'nextcloud_password' => $configurationManager->GetAndGenerateSecret('NEXTCLOUD_PASSWORD'), 'containers' => (new \AIO\ContainerDefinitionFetcher($container->get(\AIO\Data\ConfigurationManager::class), $container))->FetchDefinition(), 'borgbackup_password' => $configurationManager->GetAndGenerateSecret('BORGBACKUP_PASSWORD'), - 'is_mastercontainer_update_available' => ( $bypass_mastercontainer_update ? false : $dockerActionManger->IsMastercontainerUpdateAvailable() ), + 'is_mastercontainer_update_available' => ( $bypass_mastercontainer_update ? false : $dockerActionManager->IsMastercontainerUpdateAvailable() ), 'has_backup_run_once' => $configurationManager->hasBackupRunOnce(), - 'is_backup_container_running' => $dockerActionManger->isBackupContainerRunning(), - 'backup_exit_code' => $dockerActionManger->GetBackupcontainerExitCode(), + 'is_backup_container_running' => $dockerActionManager->isBackupContainerRunning(), + 'backup_exit_code' => $dockerActionManager->GetBackupcontainerExitCode(), 'is_instance_restore_attempt' => $configurationManager->isInstanceRestoreAttempt(), 'borg_backup_mode' => $configurationManager->GetBackupMode(), 'was_start_button_clicked' => $configurationManager->wasStartButtonClicked(), - 'has_update_available' => $dockerActionManger->isAnyUpdateAvailable(), + 'has_update_available' => $dockerActionManager->isAnyUpdateAvailable(), 'last_backup_time' => $configurationManager->GetLastBackupTime(), 'backup_times' => $configurationManager->GetBackupTimes(), - 'current_channel' => $dockerActionManger->GetCurrentChannel(), + 'current_channel' => $dockerActionManager->GetCurrentChannel(), 'is_clamav_enabled' => $configurationManager->isClamavEnabled(), 'is_onlyoffice_enabled' => $configurationManager->isOnlyofficeEnabled(), 'is_collabora_enabled' => $configurationManager->isCollaboraEnabled(), @@ -144,10 +144,10 @@ $app->get('/containers', function (Request $request, Response $response, array $ })->setName('profile'); $app->get('/login', function (Request $request, Response $response, array $args) use ($container) { $view = Twig::fromRequest($request); - /** @var \AIO\Docker\DockerActionManager $dockerActionManger */ - $dockerActionManger = $container->get(\AIO\Docker\DockerActionManager::class); + /** @var \AIO\Docker\DockerActionManager $dockerActionManager */ + $dockerActionManager = $container->get(\AIO\Docker\DockerActionManager::class); return $view->render($response, 'login.twig', [ - 'is_login_allowed' => $dockerActionManger->isLoginAllowed(), + 'is_login_allowed' => $dockerActionManager->isLoginAllowed(), ]); }); $app->get('/setup', function (Request $request, Response $response, array $args) use ($container) { diff --git a/php/src/Cron/BackupNotification.php b/php/src/Cron/BackupNotification.php index 17da93b2..6fbab65f 100644 --- a/php/src/Cron/BackupNotification.php +++ b/php/src/Cron/BackupNotification.php @@ -1,33 +1,33 @@ -get(\AIO\Docker\DockerActionManager::class); -/** @var \AIO\ContainerDefinitionFetcher $containerDefinitionFetcher */ -$containerDefinitionFetcher = $container->get(\AIO\ContainerDefinitionFetcher::class); - -$id = 'nextcloud-aio-nextcloud'; -$nextcloudContainer = $containerDefinitionFetcher->GetContainerById($id); - -$backupExitCode = $dockerActionManger->GetBackupcontainerExitCode(); - -if ($backupExitCode === 0) { - if (getenv('SEND_SUCCESS_NOTIFICATIONS') === "0") { - error_log("Daily backup successful! Only logging successful backup and not sending backup notification since that has been disabled! You can get further info by looking at the backup logs in the AIO interface."); - } else { - $dockerActionManger->sendNotification($nextcloudContainer, 'Daily backup successful!', 'You can get further info by looking at the backup logs in the AIO interface.'); - } -} - -if ($backupExitCode > 0) { - $dockerActionManger->sendNotification($nextcloudContainer, 'Daily backup failed!', 'You can get further info by looking at the backup logs in the AIO interface.'); -} +get(\AIO\Docker\DockerActionManager::class); +/** @var \AIO\ContainerDefinitionFetcher $containerDefinitionFetcher */ +$containerDefinitionFetcher = $container->get(\AIO\ContainerDefinitionFetcher::class); + +$id = 'nextcloud-aio-nextcloud'; +$nextcloudContainer = $containerDefinitionFetcher->GetContainerById($id); + +$backupExitCode = $dockerActionManager->GetBackupcontainerExitCode(); + +if ($backupExitCode === 0) { + if (getenv('SEND_SUCCESS_NOTIFICATIONS') === "0") { + error_log("Daily backup successful! Only logging successful backup and not sending backup notification since that has been disabled! You can get further info by looking at the backup logs in the AIO interface."); + } else { + $dockerActionManager->sendNotification($nextcloudContainer, 'Daily backup successful!', 'You can get further info by looking at the backup logs in the AIO interface.'); + } +} + +if ($backupExitCode > 0) { + $dockerActionManager->sendNotification($nextcloudContainer, 'Daily backup failed!', 'You can get further info by looking at the backup logs in the AIO interface.'); +} diff --git a/php/src/Cron/CheckFreeDiskSpace.php b/php/src/Cron/CheckFreeDiskSpace.php index b462195e..1b5d2d64 100644 --- a/php/src/Cron/CheckFreeDiskSpace.php +++ b/php/src/Cron/CheckFreeDiskSpace.php @@ -11,8 +11,8 @@ require __DIR__ . '/../../vendor/autoload.php'; $container = \AIO\DependencyInjection::GetContainer(); -/** @var \AIO\Docker\DockerActionManager $dockerActionManger */ -$dockerActionManger = $container->get(\AIO\Docker\DockerActionManager::class); +/** @var \AIO\Docker\DockerActionManager $dockerActionManager */ +$dockerActionManager = $container->get(\AIO\Docker\DockerActionManager::class); /** @var \AIO\ContainerDefinitionFetcher $containerDefinitionFetcher */ $containerDefinitionFetcher = $container->get(\AIO\ContainerDefinitionFetcher::class); @@ -22,5 +22,5 @@ $nextcloudContainer = $containerDefinitionFetcher->GetContainerById($id); $df = disk_free_space(DataConst::GetDataDirectory()); if ($df !== false && (int)$df < 1024 * 1024 * 1024 * 5) { error_log("The drive that hosts the mastercontainer volume has less than 5 GB free space. Container updates and backups might not succeed due to that!"); - $dockerActionManger->sendNotification($nextcloudContainer, 'Low on space!', 'The drive that hosts the mastercontainer volume has less than 5 GB free space. Container updates and backups might not succeed due to that!'); + $dockerActionManager->sendNotification($nextcloudContainer, 'Low on space!', 'The drive that hosts the mastercontainer volume has less than 5 GB free space. Container updates and backups might not succeed due to that!'); } diff --git a/php/src/Cron/OutdatedNotification.php b/php/src/Cron/OutdatedNotification.php index e652ba3a..628f0924 100644 --- a/php/src/Cron/OutdatedNotification.php +++ b/php/src/Cron/OutdatedNotification.php @@ -10,17 +10,17 @@ require __DIR__ . '/../../vendor/autoload.php'; $container = \AIO\DependencyInjection::GetContainer(); -/** @var \AIO\Docker\DockerActionManager $dockerActionManger */ -$dockerActionManger = $container->get(\AIO\Docker\DockerActionManager::class); +/** @var \AIO\Docker\DockerActionManager $dockerActionManager */ +$dockerActionManager = $container->get(\AIO\Docker\DockerActionManager::class); /** @var \AIO\ContainerDefinitionFetcher $containerDefinitionFetcher */ $containerDefinitionFetcher = $container->get(\AIO\ContainerDefinitionFetcher::class); $id = 'nextcloud-aio-nextcloud'; $nextcloudContainer = $containerDefinitionFetcher->GetContainerById($id); -$isNextcloudImageOutdated = $dockerActionManger->isNextcloudImageOutdated(); +$isNextcloudImageOutdated = $dockerActionManager->isNextcloudImageOutdated(); if ($isNextcloudImageOutdated === true) { - $dockerActionManger->sendNotification($nextcloudContainer, 'AIO is outdated!', 'Please open the AIO interface or ask an administrator to update it. If you do not want to do it manually each time, you can enable the daily backup feature from the AIO interface which automatically updates all containers.', '/notify-all.sh'); + $dockerActionManager->sendNotification($nextcloudContainer, 'AIO is outdated!', 'Please open the AIO interface or ask an administrator to update it. If you do not want to do it manually each time, you can enable the daily backup feature from the AIO interface which automatically updates all containers.', '/notify-all.sh'); } diff --git a/php/src/Cron/UpdateNotification.php b/php/src/Cron/UpdateNotification.php index e1d57f6a..2c12e2f4 100644 --- a/php/src/Cron/UpdateNotification.php +++ b/php/src/Cron/UpdateNotification.php @@ -10,21 +10,21 @@ require __DIR__ . '/../../vendor/autoload.php'; $container = \AIO\DependencyInjection::GetContainer(); -/** @var \AIO\Docker\DockerActionManager $dockerActionManger */ -$dockerActionManger = $container->get(\AIO\Docker\DockerActionManager::class); +/** @var \AIO\Docker\DockerActionManager $dockerActionManager */ +$dockerActionManager = $container->get(\AIO\Docker\DockerActionManager::class); /** @var \AIO\ContainerDefinitionFetcher $containerDefinitionFetcher */ $containerDefinitionFetcher = $container->get(\AIO\ContainerDefinitionFetcher::class); $id = 'nextcloud-aio-nextcloud'; $nextcloudContainer = $containerDefinitionFetcher->GetContainerById($id); -$isMastercontainerUpdateAvailable = $dockerActionManger->IsMastercontainerUpdateAvailable(); -$isAnyUpdateAvailable = $dockerActionManger->isAnyUpdateAvailable(); +$isMastercontainerUpdateAvailable = $dockerActionManager->IsMastercontainerUpdateAvailable(); +$isAnyUpdateAvailable = $dockerActionManager->isAnyUpdateAvailable(); if ($isMastercontainerUpdateAvailable === true) { - $dockerActionManger->sendNotification($nextcloudContainer, 'Mastercontainer update available!', 'Please open your AIO interface to update it. If you do not want to do it manually each time, you can enable the daily backup feature from the AIO interface which also automatically updates the mastercontainer.'); + $dockerActionManager->sendNotification($nextcloudContainer, 'Mastercontainer update available!', 'Please open your AIO interface to update it. If you do not want to do it manually each time, you can enable the daily backup feature from the AIO interface which also automatically updates the mastercontainer.'); } if ($isAnyUpdateAvailable === true) { - $dockerActionManger->sendNotification($nextcloudContainer, 'Container updates available!', 'Please open your AIO interface to update them. If you do not want to do it manually each time, you can enable the daily backup feature from the AIO interface which also automatically updates your containers and your Nextcloud apps.'); + $dockerActionManager->sendNotification($nextcloudContainer, 'Container updates available!', 'Please open your AIO interface to update them. If you do not want to do it manually each time, you can enable the daily backup feature from the AIO interface which also automatically updates your containers and your Nextcloud apps.'); } From 05d0ea928276819ac71293f9ace4f98a354ab1b0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Jan 2026 12:26:14 +0000 Subject: [PATCH 245/432] build(deps): bump astral-sh/setup-uv in /.github/workflows Bumps [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) from 7.1.6 to 7.2.0. - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](https://github.com/astral-sh/setup-uv/compare/681c641aba71e4a1c380be3ab5e12ad51f415867...61cb8a9741eeb8a550a1b8544337180c0fc8476b) --- updated-dependencies: - dependency-name: astral-sh/setup-uv dependency-version: 7.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/lint-yaml.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-yaml.yml b/.github/workflows/lint-yaml.yml index 9b5710cb..3bb1d33f 100644 --- a/.github/workflows/lint-yaml.yml +++ b/.github/workflows/lint-yaml.yml @@ -36,7 +36,7 @@ jobs: line-length: warning - name: Install the latest version of uv - uses: astral-sh/setup-uv@681c641aba71e4a1c380be3ab5e12ad51f415867 # v7.1.6 + uses: astral-sh/setup-uv@61cb8a9741eeb8a550a1b8544337180c0fc8476b # v7.2.0 - name: Check GitHub actions run: uvx zizmor --min-severity medium .github/workflows/*.yml From 13b885928b2f9fe695575b47cf00edfa1b5c094e Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 7 Jan 2026 13:52:42 +0100 Subject: [PATCH 246/432] fix zizmor config Signed-off-by: Simon L. --- zizmor.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/zizmor.yml b/zizmor.yml index afc373cb..a991eaa5 100644 --- a/zizmor.yml +++ b/zizmor.yml @@ -4,3 +4,7 @@ rules: dangerous-triggers: ignore: - build_images.yml + unpinned-uses: + config: + policies: + actions/*: ref-pin From 4253308781bf227d46d2283473d567e002f3b683 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 7 Jan 2026 17:27:28 +0100 Subject: [PATCH 247/432] increase to v12.4.0 Signed-off-by: Simon L. --- php/templates/containers.twig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/templates/containers.twig b/php/templates/containers.twig index 4e25dcf3..c318e8a6 100644 --- a/php/templates/containers.twig +++ b/php/templates/containers.twig @@ -17,7 +17,7 @@
-

Nextcloud AIO v12.3.0

+

Nextcloud AIO v12.4.0

{# Add 2nd tab warning #} From 2ce06a49c711a7e401385f0696752b6b2a473fdf Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 7 Jan 2026 18:01:30 +0100 Subject: [PATCH 248/432] fix bug with imagick Signed-off-by: Simon L. --- Containers/nextcloud/start.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Containers/nextcloud/start.sh b/Containers/nextcloud/start.sh index 05ccb8b0..a5f38534 100644 --- a/Containers/nextcloud/start.sh +++ b/Containers/nextcloud/start.sh @@ -93,6 +93,10 @@ if [ -n "$ADDITIONAL_PHP_EXTENSIONS" ]; then fi read -ra ADDITIONAL_PHP_EXTENSIONS_ARRAY <<< "$ADDITIONAL_PHP_EXTENSIONS" for app in "${ADDITIONAL_PHP_EXTENSIONS_ARRAY[@]}"; do + if [ "$app" = imagick ]; then + # imagick is already enabled by default, so does not need to be enabled anymore. + continue + fi # shellcheck disable=SC2086 if [ "$PHP_DEPS_ARE_INSTALLED" != 1 ]; then echo "Installing PHP build dependencies..." From a83c4e2ed1716acd5b7635063f7377e1cd52ac23 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Thu, 8 Jan 2026 15:25:23 +0100 Subject: [PATCH 249/432] nextcloud-entrypoint: remove custom logic for ldap.conf again as it does not work Signed-off-by: Simon L. --- Containers/nextcloud/entrypoint.sh | 8 -------- 1 file changed, 8 deletions(-) diff --git a/Containers/nextcloud/entrypoint.sh b/Containers/nextcloud/entrypoint.sh index 6825f04c..43432e6d 100644 --- a/Containers/nextcloud/entrypoint.sh +++ b/Containers/nextcloud/entrypoint.sh @@ -65,14 +65,6 @@ if env | grep -q NEXTCLOUD_TRUSTED_CERTIFICATES_; then done - # Custom logic for ldap conf - if ! grep -q "TLS_" /etc/openldap/ldap.conf; then - cat << EOL >> /etc/openldap/ldap.conf -TLS_CACERT $CERTIFICATE_BUNDLE -TLS_REQCERT try -EOL - fi - # Backwards compatibility with older instances if [ -f "/var/www/html/config/postgres.config.php" ]; then sed -i "s|/var/www/html/data/certificates/POSTGRES|/var/www/html/data/certificates/ca-bundle.crt|" /var/www/html/config/postgres.config.php From 6200327a778321afab206a38be20cd6ab088d90a Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Thu, 8 Jan 2026 16:15:51 +0100 Subject: [PATCH 250/432] add two further commands to the bug-report template Signed-off-by: Simon L. --- .github/ISSUE_TEMPLATE/Bug_report.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/ISSUE_TEMPLATE/Bug_report.md b/.github/ISSUE_TEMPLATE/Bug_report.md index ec25fc4a..5d6cc059 100644 --- a/.github/ISSUE_TEMPLATE/Bug_report.md +++ b/.github/ISSUE_TEMPLATE/Bug_report.md @@ -32,6 +32,10 @@ labels: 0. Needs triage #### Output of `sudo docker logs nextcloud-aio-mastercontainer` +#### Output of `sudo docker inspect nextcloud-aio-mastercontainer` + +#### Output of `sudo docker ps -a` + #### Other valuable info #### A picture of a cute animal From 71550aeeccf9a010f9bb4fa59ab1baf366a9be88 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Thu, 8 Jan 2026 12:41:42 +0100 Subject: [PATCH 251/432] run playwright tests also on push Signed-off-by: Simon L. --- .github/workflows/playwright-on-push.yml | 123 ++++++++++++++++++ ...ml => playwright-on-workflow-dispatch.yml} | 0 2 files changed, 123 insertions(+) create mode 100644 .github/workflows/playwright-on-push.yml rename .github/workflows/{playwright.yml => playwright-on-workflow-dispatch.yml} (100%) diff --git a/.github/workflows/playwright-on-push.yml b/.github/workflows/playwright-on-push.yml new file mode 100644 index 00000000..af8dec02 --- /dev/null +++ b/.github/workflows/playwright-on-push.yml @@ -0,0 +1,123 @@ +name: Playwright Tests on push + +on: + pull_request: + paths: + - 'php/**' + push: + branches: + - main + paths: + - 'php/**' + +concurrency: + group: playwright-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +env: + BASE_URL: https://localhost:8080 + +jobs: + test: + timeout-minutes: 60 + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v6.0.1 + + - uses: actions/setup-node@v6 + with: + node-version: lts/* + + - name: Install dependencies + run: cd php/tests && npm ci + + - name: Install Playwright Browsers + run: cd php/tests && npx playwright install --with-deps chromium + + - name: Set up php 8.4 + uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2.36.0 + with: + extensions: apcu + php-version: 8.4 + coverage: none + ini-file: development + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Adjust some things and fix permissions + run: | + cd php + rm -r ./data + rm -r ./session + composer install --no-dev + composer clear-cache + sudo chmod 777 -R ./ + + - name: Start fresh development server + run: | + docker rm --force nextcloud-aio-{mastercontainer,apache,notify-push,nextcloud,redis,database,domaincheck,whiteboard,imaginary,talk,collabora,borgbackup} || true + docker volume rm nextcloud_aio_{mastercontainer,apache,database,database_dump,nextcloud,nextcloud_data,redis,backup_cache,elasticsearch} || true + docker pull ghcr.io/nextcloud-releases/all-in-one:develop + docker run \ + -d \ + --init \ + --name nextcloud-aio-mastercontainer \ + --restart always \ + --publish 8080:8080 \ + --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \ + --volume ./php:/var/www/docker-aio/php \ + --volume /var/run/docker.sock:/var/run/docker.sock:ro \ + --env SKIP_DOMAIN_VALIDATION=true \ + --env APACHE_PORT=11000 \ + ghcr.io/nextcloud-releases/all-in-one:develop + echo Waiting for 10 seconds for the development container to start ... + sleep 10 + + - name: Run Playwright tests for initial setup + run: | + cd php/tests + export DEBUG=pw:api + if ! npx playwright test tests/initial-setup.spec.js; then + docker logs nextcloud-aio-mastercontainer + docker logs nextcloud-aio-borgbackup + exit 1 + fi + + - name: Start fresh development server + run: | + docker rm --force nextcloud-aio-{mastercontainer,apache,notify-push,nextcloud,redis,database,domaincheck,whiteboard,imaginary,talk,collabora,borgbackup} || true + docker volume rm nextcloud_aio_{mastercontainer,apache,database,database_dump,nextcloud,nextcloud_data,redis,backup_cache,elasticsearch} || true + docker run \ + -d \ + --init \ + --name nextcloud-aio-mastercontainer \ + --restart always \ + --publish 8080:8080 \ + --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \ + --volume ./php:/var/www/docker-aio/php \ + --volume /var/run/docker.sock:/var/run/docker.sock:ro \ + --env SKIP_DOMAIN_VALIDATION=false \ + --env APACHE_PORT=11000 \ + ghcr.io/nextcloud-releases/all-in-one:develop + echo Waiting for 10 seconds for the development container to start ... + sleep 10 + + - name: Run Playwright tests for backup restore + run: | + cd php/tests + export DEBUG=pw:api + if ! npx playwright test tests/restore-instance.spec.js; then + docker logs nextcloud-aio-mastercontainer + docker logs nextcloud-aio-borgbackup + exit 1 + fi + + - uses: actions/upload-artifact@v6 + if: ${{ !cancelled() }} + with: + name: playwright-report + path: php/tests/playwright-report/ + retention-days: 14 + overwrite: true diff --git a/.github/workflows/playwright.yml b/.github/workflows/playwright-on-workflow-dispatch.yml similarity index 100% rename from .github/workflows/playwright.yml rename to .github/workflows/playwright-on-workflow-dispatch.yml From cdd21ae1ff62f02992670677cd4b7aecc2f49107 Mon Sep 17 00:00:00 2001 From: Jean-Yves <7360784+docjyJ@users.noreply.github.com> Date: Sat, 10 Jan 2026 15:07:08 +0100 Subject: [PATCH 252/432] refactor: change private properties to public in Container class and update related methods Signed-off-by: Jean-Yves <7360784+docjyJ@users.noreply.github.com> --- php/src/Container/Container.php | 148 ++++-------------- php/src/ContainerDefinitionFetcher.php | 2 +- php/src/Controller/DockerController.php | 6 +- php/src/Docker/DockerActionManager.php | 112 ++++++------- php/templates/components/container-state.twig | 18 +-- php/templates/containers.twig | 12 +- 6 files changed, 105 insertions(+), 193 deletions(-) diff --git a/php/src/Container/Container.php b/php/src/Container/Container.php index baee1c00..6e5d2b54 100644 --- a/php/src/Container/Container.php +++ b/php/src/Container/Container.php @@ -5,121 +5,56 @@ namespace AIO\Container; use AIO\Data\ConfigurationManager; use AIO\Docker\DockerActionManager; use AIO\ContainerDefinitionFetcher; +use JsonException; readonly class Container { public function __construct( - private string $identifier, - private string $displayName, - private string $containerName, - private string $restartPolicy, - private int $maxShutdownTime, - private ContainerPorts $ports, - private string $internalPorts, - private ContainerVolumes $volumes, - private ContainerEnvironmentVariables $containerEnvironmentVariables, + public string $identifier, + public string $displayName, + public string $containerName, + public string $restartPolicy, + public int $maxShutdownTime, + public ContainerPorts $ports, + public string $internalPorts, + public ContainerVolumes $volumes, + public ContainerEnvironmentVariables $containerEnvironmentVariables, /** @var string[] */ - private array $dependsOn, + public array $dependsOn, private string $uiSecret, /** @var string[] */ - private array $devices, - private bool $enableNvidiaGpu, + public array $devices, + public bool $enableNvidiaGpu, /** @var string[] */ - private array $capAdd, - private int $shmSize, - private bool $apparmorUnconfined, + public array $capAdd, + public int $shmSize, + public bool $apparmorUnconfined, /** @var string[] */ - private array $backupVolumes, - private array $nextcloudExecCommands, - private bool $readOnlyRootFs, - private array $tmpfs, - private bool $init, - private string $imageTag, - private AioVariables $aioVariables, - private string $documentation, + public array $backupVolumes, + public array $nextcloudExecCommands, + public bool $readOnlyRootFs, + public array $tmpfs, + public bool $init, + public string $imageTag, + public AioVariables $aioVariables, + public string $documentation, private DockerActionManager $dockerActionManager ) { } - public function GetIdentifier() : string { - return $this->identifier; - } - - public function GetDisplayName() : string { - return $this->displayName; - } - - public function GetContainerName() : string { - return $this->containerName; - } - - public function GetRestartPolicy() : string { - return $this->restartPolicy; - } - - public function GetImageTag() : string { - return $this->imageTag; - } - - public function GetReadOnlySetting() : bool { - return $this->readOnlyRootFs; - } - - public function GetInit() : bool { - return $this->init; - } - - public function GetShmSize() : int { - return $this->shmSize; - } - - public function isApparmorUnconfined() : bool { - return $this->apparmorUnconfined; - } - - public function GetMaxShutdownTime() : int { - return $this->maxShutdownTime; - } - public function GetUiSecret() : string { return $this->dockerActionManager->GetAndGenerateSecretWrapper($this->uiSecret); } - public function GetTmpfs() : array { - return $this->tmpfs; - } - - public function GetDevices() : array { - return $this->devices; - } - - public function isNvidiaGpuEnabled() : bool { - return $this->enableNvidiaGpu; - } - - public function GetCapAdds() : array { - return $this->capAdd; - } - - public function GetBackupVolumes() : array { - return $this->backupVolumes; - } - - public function GetPorts() : ContainerPorts { - return $this->ports; - } - - public function GetInternalPort() : string { - return $this->internalPorts; - } - - public function GetVolumes() : ContainerVolumes { - return $this->volumes; - } - + /** + * @throws JsonException + */ public function GetRunningState() : ContainerState { return $this->dockerActionManager->GetContainerRunningState($this); } + /** + * @throws JsonException + */ public function GetRestartingState() : ContainerState { return $this->dockerActionManager->GetContainerRestartingState($this); } @@ -131,27 +66,4 @@ readonly class Container { public function GetStartingState() : ContainerState { return $this->dockerActionManager->GetContainerStartingState($this); } - - /** - * @return string[] - */ - public function GetDependsOn() : array { - return $this->dependsOn; - } - - public function GetNextcloudExecCommands() : array { - return $this->nextcloudExecCommands; - } - - public function GetEnvironmentVariables() : ContainerEnvironmentVariables { - return $this->containerEnvironmentVariables; - } - - public function GetAioVariables() : AioVariables { - return $this->aioVariables; - } - - public function GetDocumentation() : string { - return $this->documentation; - } } diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index 7b092e45..d7498047 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -25,7 +25,7 @@ readonly class ContainerDefinitionFetcher { $containers = $this->FetchDefinition(); foreach ($containers as $container) { - if ($container->GetIdentifier() === $id) { + if ($container->identifier === $id) { return $container; } } diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index 27a06bc8..a924e61f 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -23,7 +23,7 @@ readonly class DockerController { $container = $this->containerDefinitionFetcher->GetContainerById($id); // Start all dependencies first and then itself - foreach($container->GetDependsOn() as $dependency) { + foreach($container->dependsOn as $dependency) { $this->PerformRecursiveContainerStart($dependency, $pullImage); } @@ -46,7 +46,7 @@ readonly class DockerController { $container = $this->containerDefinitionFetcher->GetContainerById($id); // Pull all dependencies first and then itself - foreach($container->GetDependsOn() as $dependency) { + foreach($container->dependsOn as $dependency) { $this->PerformRecursiveImagePull($dependency); } @@ -255,7 +255,7 @@ readonly class DockerController { // We want to stop the Nextcloud container after 10s and not wait for the configured stop_grace_period $this->dockerActionManager->StopContainer($container, $forceStopNextcloud); } - foreach($container->GetDependsOn() as $dependency) { + foreach($container->dependsOn as $dependency) { $this->PerformRecursiveContainerStop($dependency, $forceStopNextcloud); } } diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 9e8a8ff2..529af1fe 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -36,15 +36,15 @@ readonly class DockerActionManager { } private function BuildImageName(Container $container): string { - $tag = $container->GetImageTag(); + $tag = $container->imageTag; if ($tag === '%AIO_CHANNEL%') { $tag = $this->GetCurrentChannel(); } - return $container->GetContainerName() . ':' . $tag; + return $container->containerName . ':' . $tag; } public function GetContainerRunningState(Container $container): ContainerState { - $url = $this->BuildApiUrl(sprintf('containers/%s/json', urlencode($container->GetIdentifier()))); + $url = $this->BuildApiUrl(sprintf('containers/%s/json', urlencode($container->identifier))); try { $response = $this->guzzleClient->get($url); } catch (RequestException $e) { @@ -64,7 +64,7 @@ readonly class DockerActionManager { } public function GetContainerRestartingState(Container $container): ContainerState { - $url = $this->BuildApiUrl(sprintf('containers/%s/json', urlencode($container->GetIdentifier()))); + $url = $this->BuildApiUrl(sprintf('containers/%s/json', urlencode($container->identifier))); try { $response = $this->guzzleClient->get($url); } catch (RequestException $e) { @@ -84,16 +84,16 @@ readonly class DockerActionManager { } public function GetContainerUpdateState(Container $container): VersionState { - $tag = $container->GetImageTag(); + $tag = $container->imageTag; if ($tag === '%AIO_CHANNEL%') { $tag = $this->GetCurrentChannel(); } - $runningDigests = $this->GetRepoDigestsOfContainer($container->GetIdentifier()); + $runningDigests = $this->GetRepoDigestsOfContainer($container->identifier); if ($runningDigests === null) { return VersionState::Different; } - $remoteDigest = $this->GetLatestDigestOfTag($container->GetContainerName(), $tag); + $remoteDigest = $this->GetLatestDigestOfTag($container->containerName, $tag); if ($remoteDigest === null) { return VersionState::Equal; } @@ -112,8 +112,8 @@ readonly class DockerActionManager { return $runningState; } - $containerName = $container->GetIdentifier(); - $internalPort = $container->GetInternalPort(); + $containerName = $container->identifier; + $internalPort = $container->internalPorts; if ($internalPort === '%APACHE_PORT%') { $internalPort = $this->configurationManager->GetApachePort(); } elseif ($internalPort === '%TALK_PORT%') { @@ -134,7 +134,7 @@ readonly class DockerActionManager { } public function DeleteContainer(Container $container): void { - $url = $this->BuildApiUrl(sprintf('containers/%s?v=true', urlencode($container->GetIdentifier()))); + $url = $this->BuildApiUrl(sprintf('containers/%s?v=true', urlencode($container->identifier))); try { $this->guzzleClient->delete($url); } catch (RequestException $e) { @@ -166,17 +166,17 @@ readonly class DockerActionManager { } public function StartContainer(Container $container): void { - $url = $this->BuildApiUrl(sprintf('containers/%s/start', urlencode($container->GetIdentifier()))); + $url = $this->BuildApiUrl(sprintf('containers/%s/start', urlencode($container->identifier))); try { $this->guzzleClient->post($url); } catch (RequestException $e) { - throw new \Exception("Could not start container " . $container->GetIdentifier() . ": " . $e->getResponse()?->getBody()->getContents()); + throw new \Exception("Could not start container " . $container->identifier . ": " . $e->getResponse()?->getBody()->getContents()); } } public function CreateVolumes(Container $container): void { $url = $this->BuildApiUrl('volumes/create'); - foreach ($container->GetVolumes()->GetVolumes() as $volume) { + foreach ($container->volumes->GetVolumes() as $volume) { $forbiddenChars = [ '/', ]; @@ -202,9 +202,9 @@ readonly class DockerActionManager { public function CreateContainer(Container $container): void { $volumes = []; - foreach ($container->GetVolumes()->GetVolumes() as $volume) { + foreach ($container->volumes->GetVolumes() as $volume) { // // NEXTCLOUD_MOUNT gets added via bind-mount later on - // if ($container->GetIdentifier() === 'nextcloud-aio-nextcloud') { + // if ($container->identifier === 'nextcloud-aio-nextcloud') { // if ($volume->name === $this->configurationManager->GetNextcloudMount()) { // continue; // } @@ -228,7 +228,7 @@ readonly class DockerActionManager { $requestBody['HostConfig']['Binds'] = $volumes; } - $aioVariables = $container->GetAioVariables()->GetVariables(); + $aioVariables = $container->aioVariables->GetVariables(); foreach ($aioVariables as $variable) { $config = $this->configurationManager->GetConfig(); $variable = $this->replaceEnvPlaceholders($variable); @@ -238,9 +238,9 @@ readonly class DockerActionManager { sleep(1); } - $envs = $container->GetEnvironmentVariables()->GetVariables(); + $envs = $container->containerEnvironmentVariables->GetVariables(); // Special thing for the nextcloud container - if ($container->GetIdentifier() === 'nextcloud-aio-nextcloud') { + if ($container->identifier === 'nextcloud-aio-nextcloud') { $envs[] = $this->GetAllNextcloudExecCommands(); } foreach ($envs as $key => $env) { @@ -251,13 +251,13 @@ readonly class DockerActionManager { $requestBody['Env'] = $envs; } - $requestBody['HostConfig']['RestartPolicy']['Name'] = $container->GetRestartPolicy(); + $requestBody['HostConfig']['RestartPolicy']['Name'] = $container->restartPolicy; - $requestBody['HostConfig']['ReadonlyRootfs'] = $container->GetReadOnlySetting(); + $requestBody['HostConfig']['ReadonlyRootfs'] = $container->readOnlyRootFs; $exposedPorts = []; - if ($container->GetInternalPort() !== 'host') { - foreach ($container->GetPorts()->GetPorts() as $value) { + if ($container->internalPorts !== 'host') { + foreach ($container->ports->GetPorts() as $value) { $port = $value->port; $protocol = $value->protocol; if ($port === '%APACHE_PORT%') { @@ -279,7 +279,7 @@ readonly class DockerActionManager { if (count($exposedPorts) > 0) { $requestBody['ExposedPorts'] = $exposedPorts; - foreach ($container->GetPorts()->GetPorts() as $value) { + foreach ($container->ports->GetPorts() as $value) { $port = $value->port; $protocol = $value->protocol; if ($port === '%APACHE_PORT%') { @@ -314,7 +314,7 @@ readonly class DockerActionManager { } $devices = []; - foreach ($container->GetDevices() as $device) { + foreach ($container->devices as $device) { if ($device === '/dev/dri' && !$this->configurationManager->isDriDeviceEnabled()) { continue; } @@ -325,7 +325,7 @@ readonly class DockerActionManager { $requestBody['HostConfig']['Devices'] = $devices; } - if ($container->isNvidiaGpuEnabled() && $this->configurationManager->isNvidiaGpuEnabled()) { + if ($container->enableNvidiaGpu && $this->configurationManager->isNvidiaGpuEnabled()) { $requestBody['HostConfig']['Runtime'] = 'nvidia'; $requestBody['HostConfig']['DeviceRequests'] = [ [ @@ -336,13 +336,13 @@ readonly class DockerActionManager { ]; } - $shmSize = $container->GetShmSize(); + $shmSize = $container->shmSize; if ($shmSize > 0) { $requestBody['HostConfig']['ShmSize'] = $shmSize; } $tmpfs = []; - foreach ($container->GetTmpfs() as $tmp) { + foreach ($container->tmpfs as $tmp) { $mode = ""; if (str_contains($tmp, ':')) { $mode = explode(':', $tmp)[1]; @@ -354,9 +354,9 @@ readonly class DockerActionManager { $requestBody['HostConfig']['Tmpfs'] = $tmpfs; } - $requestBody['HostConfig']['Init'] = $container->GetInit(); + $requestBody['HostConfig']['Init'] = $container->init; - $capAdds = $container->GetCapAdds(); + $capAdds = $container->capAdd; if (count($capAdds) > 0) { $requestBody['HostConfig']['CapAdd'] = $capAdds; } @@ -368,14 +368,14 @@ readonly class DockerActionManager { // Disable SELinux for AIO containers so that it does not break them $requestBody['HostConfig']['SecurityOpt'] = ["label:disable"]; - if ($container->isApparmorUnconfined()) { + if ($container->apparmorUnconfined) { $requestBody['HostConfig']['SecurityOpt'] = ["apparmor:unconfined", "label:disable"]; } $mounts = []; // Special things for the backup container which should not be exposed in the containers.json - if (str_starts_with($container->GetIdentifier(), 'nextcloud-aio-borgbackup')) { + if (str_starts_with($container->identifier, 'nextcloud-aio-borgbackup')) { // Additional backup directories foreach ($this->getAllBackupVolumes() as $additionalBackupVolumes) { if ($additionalBackupVolumes !== '') { @@ -384,7 +384,7 @@ readonly class DockerActionManager { } // Make volumes read only in case of borgbackup container. The viewer makes them writeable - $isReadOnly = $container->GetIdentifier() === 'nextcloud-aio-borgbackup'; + $isReadOnly = $container->identifier === 'nextcloud-aio-borgbackup'; foreach ($this->configurationManager->GetAdditionalBackupDirectoriesArray() as $additionalBackupDirectories) { if ($additionalBackupDirectories !== '') { @@ -397,12 +397,12 @@ readonly class DockerActionManager { } // Special things for the talk container which should not be exposed in the containers.json - } elseif ($container->GetIdentifier() === 'nextcloud-aio-talk') { + } elseif ($container->identifier === 'nextcloud-aio-talk') { // This is needed due to a bug in libwebsockets used in Janus which cannot handle unlimited ulimits $requestBody['HostConfig']['Ulimits'] = [["Name" => "nofile", "Hard" => 200000, "Soft" => 200000]]; // // Special things for the nextcloud container which should not be exposed in the containers.json - // } elseif ($container->GetIdentifier() === 'nextcloud-aio-nextcloud') { - // foreach ($container->GetVolumes()->GetVolumes() as $volume) { + // } elseif ($container->identifier === 'nextcloud-aio-nextcloud') { + // foreach ($container->volumes->GetVolumes() as $volume) { // if ($volume->name !== $this->configurationManager->GetNextcloudMount()) { // continue; // } @@ -410,11 +410,11 @@ readonly class DockerActionManager { // } // Special things for the caddy community container - } elseif ($container->GetIdentifier() === 'nextcloud-aio-caddy') { + } elseif ($container->identifier === 'nextcloud-aio-caddy') { $requestBody['HostConfig']['ExtraHosts'] = ['host.docker.internal:host-gateway']; // Special things for the collabora container which should not be exposed in the containers.json - } elseif ($container->GetIdentifier() === 'nextcloud-aio-collabora') { + } elseif ($container->identifier === 'nextcloud-aio-collabora') { if (!$this->configurationManager->isSeccompDisabled()) { // Load reference seccomp profile for collabora $seccompProfile = (string)file_get_contents(DataConst::GetCollaboraSeccompProfilePath()); @@ -437,9 +437,9 @@ readonly class DockerActionManager { $requestBody['Labels'] = ["com.centurylinklabs.watchtower.enable" => "false", "diun.enable" => "false", "org.label-schema.vendor" => "Nextcloud", "com.docker.compose.project" => "nextcloud-aio"]; // Containers should have a fixed host name. See https://github.com/nextcloud/all-in-one/discussions/6589 - $requestBody['Hostname'] = $container->GetIdentifier(); + $requestBody['Hostname'] = $container->identifier; - $url = $this->BuildApiUrl('containers/create?name=' . $container->GetIdentifier()); + $url = $this->BuildApiUrl('containers/create?name=' . $container->identifier); try { $this->guzzleClient->request( 'POST', @@ -449,18 +449,18 @@ readonly class DockerActionManager { ] ); } catch (RequestException $e) { - throw new \Exception("Could not create container " . $container->GetIdentifier() . ": " . $e->getResponse()?->getBody()->getContents()); + throw new \Exception("Could not create container " . $container->identifier . ": " . $e->getResponse()?->getBody()->getContents()); } } public function isRegistryReachable(Container $container): bool { - $tag = $container->GetImageTag(); + $tag = $container->imageTag; if ($tag === '%AIO_CHANNEL%') { $tag = $this->GetCurrentChannel(); } - $remoteDigest = $this->GetLatestDigestOfTag($container->GetContainerName(), $tag); + $remoteDigest = $this->GetLatestDigestOfTag($container->containerName, $tag); if ($remoteDigest === null) { return false; @@ -472,7 +472,7 @@ readonly class DockerActionManager { public function PullImage(Container $container, bool $pullImage = true): void { // Skip database image pull if the last shutdown was not clean - if ($container->GetIdentifier() === 'nextcloud-aio-database') { + if ($container->identifier === 'nextcloud-aio-database') { if ($this->GetDatabasecontainerExitCode() > 0) { $pullImage = false; error_log('Not pulling the latest database image because the container was not correctly shut down.'); @@ -484,7 +484,7 @@ readonly class DockerActionManager { if ($pullImage) { if (!$this->isRegistryReachable($container)) { $pullImage = false; - error_log('Not pulling the ' . $container->GetContainerName() . ' image for the ' . $container->GetIdentifier() . ' container because the registry does not seem to be reachable.'); + error_log('Not pulling the ' . $container->containerName . ' image for the ' . $container->identifier . ' container because the registry does not seem to be reachable.'); } } @@ -598,7 +598,7 @@ readonly class DockerActionManager { if ($container->GetUpdateState() === VersionState::Different) { $updateAvailable = '1'; } - foreach ($container->GetDependsOn() as $dependency) { + foreach ($container->dependsOn as $dependency) { $updateAvailable .= $this->isContainerUpdateAvailable($dependency); } return $updateAvailable; @@ -622,10 +622,10 @@ readonly class DockerActionManager { $container = $this->containerDefinitionFetcher->GetContainerById($id); $backupVolumes = ''; - foreach ($container->GetBackupVolumes() as $backupVolume) { + foreach ($container->backupVolumes as $backupVolume) { $backupVolumes .= $backupVolume . ' '; } - foreach ($container->GetDependsOn() as $dependency) { + foreach ($container->dependsOn as $dependency) { $backupVolumes .= $this->getBackupVolumes($dependency); } return $backupVolumes; @@ -641,10 +641,10 @@ readonly class DockerActionManager { $container = $this->containerDefinitionFetcher->GetContainerById($id); $nextcloudExecCommands = ''; - foreach ($container->GetNextcloudExecCommands() as $execCommand) { + foreach ($container->nextcloudExecCommands as $execCommand) { $nextcloudExecCommands .= $execCommand . PHP_EOL; } - foreach ($container->GetDependsOn() as $dependency) { + foreach ($container->dependsOn as $dependency) { $nextcloudExecCommands .= $this->GetNextcloudExecCommands($dependency); } return $nextcloudExecCommands; @@ -776,7 +776,7 @@ readonly class DockerActionManager { public function sendNotification(Container $container, string $subject, string $message, string $file = '/notify.sh'): void { if ($this->GetContainerStartingState($container) === ContainerState::Running) { - $containerName = $container->GetIdentifier(); + $containerName = $container->identifier; // schedule the exec $url = $this->BuildApiUrl(sprintf('containers/%s/exec', urlencode($containerName))); @@ -901,14 +901,14 @@ readonly class DockerActionManager { // Add a secondary alias for domaincheck container, to keep it as similar to actual apache controller as possible. // If a reverse-proxy is relying on container name as hostname this allows it to operate as usual and still validate the domain // The domaincheck container and apache container are never supposed to be active at the same time because they use the same APACHE_PORT anyway, so this doesn't add any new constraints. - $alias = ($container->GetIdentifier() === 'nextcloud-aio-domaincheck') ? 'nextcloud-aio-apache' : ''; + $alias = ($container->identifier === 'nextcloud-aio-domaincheck') ? 'nextcloud-aio-apache' : ''; - $this->ConnectContainerIdToNetwork($container->GetIdentifier(), $container->GetInternalPort(), alias: $alias); + $this->ConnectContainerIdToNetwork($container->identifier, $container->internalPorts, alias: $alias); - if ($container->GetIdentifier() === 'nextcloud-aio-apache' || $container->GetIdentifier() === 'nextcloud-aio-domaincheck') { + if ($container->identifier === 'nextcloud-aio-apache' || $container->identifier === 'nextcloud-aio-domaincheck') { $apacheAdditionalNetwork = $this->configurationManager->GetApacheAdditionalNetwork(); if ($apacheAdditionalNetwork !== '') { - $this->ConnectContainerIdToNetwork($container->GetIdentifier(), $container->GetInternalPort(), $apacheAdditionalNetwork, false, $alias); + $this->ConnectContainerIdToNetwork($container->identifier, $container->internalPorts, $apacheAdditionalNetwork, false, $alias); } } } @@ -917,9 +917,9 @@ readonly class DockerActionManager { if ($forceStopContainer) { $maxShutDownTime = 10; } else { - $maxShutDownTime = $container->GetMaxShutdownTime(); + $maxShutDownTime = $container->maxShutdownTime; } - $url = $this->BuildApiUrl(sprintf('containers/%s/stop?t=%s', urlencode($container->GetIdentifier()), $maxShutDownTime)); + $url = $this->BuildApiUrl(sprintf('containers/%s/stop?t=%s', urlencode($container->identifier), $maxShutDownTime)); try { $this->guzzleClient->post($url); } catch (RequestException $e) { diff --git a/php/templates/components/container-state.twig b/php/templates/components/container-state.twig index 8375d033..07580e66 100644 --- a/php/templates/components/container-state.twig +++ b/php/templates/components/container-state.twig @@ -3,24 +3,24 @@ {% if c.GetStartingState().value == 'starting' %} - {{ c.GetDisplayName() }} - (Starting) + {{ c.displayName }} + (Starting) {% elseif c.GetRunningState().value == 'running' %} - {{ c.GetDisplayName() }} - (Running) + {{ c.displayName }} + (Running) {% else %} - {{ c.GetDisplayName() }} - (Stopped) + {{ c.displayName }} + (Stopped) {% endif %} - {% if c.GetDocumentation() != '' %} - (docs) + {% if c.documentation != '' %} + (docs) {% endif %} {% if c.GetUiSecret() != '' %}
- Show password for {{ c.GetDisplayName() }} + Show password for {{ c.displayName }}
{% endif %} diff --git a/php/templates/containers.twig b/php/templates/containers.twig index c318e8a6..0e7d1427 100644 --- a/php/templates/containers.twig +++ b/php/templates/containers.twig @@ -45,19 +45,19 @@ {% endif %} {% for container in containers %} - {% if container.GetDisplayName() != '' and container.GetRunningState().value == 'running' %} + {% if container.displayName != '' and container.GetRunningState().value == 'running' %} {% set isAnyRunning = true %} {% endif %} - {% if container.GetDisplayName() != '' and container.GetRestartingState().value == 'restarting' %} + {% if container.displayName != '' and container.GetRestartingState().value == 'restarting' %} {% set isAnyRestarting = true %} {% endif %} - {% if container.GetIdentifier() == 'nextcloud-aio-watchtower' and container.GetRunningState().value == 'running' %} + {% if container.identifier == 'nextcloud-aio-watchtower' and container.GetRunningState().value == 'running' %} {% set isWatchtowerRunning = true %} {% endif %} - {% if container.GetIdentifier() == 'nextcloud-aio-domaincheck' and container.GetRunningState().value == 'running' %} + {% if container.identifier == 'nextcloud-aio-domaincheck' and container.GetRunningState().value == 'running' %} {% set isDomaincheckRunning = true %} {% endif %} - {% if container.GetIdentifier() == 'nextcloud-aio-apache' and container.GetStartingState().value == 'starting' %} + {% if container.identifier == 'nextcloud-aio-apache' and container.GetStartingState().value == 'starting' %} {% set isApacheStarting = true %} {% endif %} {% endfor %} @@ -280,7 +280,7 @@
    {# @var containers \AIO\Container\Container[] #} {% for container in containers %} - {% if container.GetDisplayName() != '' %} + {% if container.displayName != '' %} {% include 'components/container-state.twig' with {'c': container} only %} {% endif %} {% endfor %} From a53e315e7fc87e58e20a4bb98fe4e0858d075edb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 11 Jan 2026 15:05:21 +0000 Subject: [PATCH 253/432] build(deps): bump docker in /Containers/mastercontainer Bumps docker from 29.1.3-cli to 29.1.4-cli. --- updated-dependencies: - dependency-name: docker dependency-version: 29.1.4-cli dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/mastercontainer/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile index c5b91b7d..d2019e49 100644 --- a/Containers/mastercontainer/Dockerfile +++ b/Containers/mastercontainer/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Docker CLI is a requirement -FROM docker:29.1.3-cli AS docker +FROM docker:29.1.4-cli AS docker # Caddy is a requirement FROM caddy:2.10.2-alpine AS caddy From b998fa8ebf6907f9d3aa14f09446af2675e775ee Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 12 Jan 2026 10:58:58 +0100 Subject: [PATCH 254/432] s3.config.php: allow to configure num_buckets Signed-off-by: Simon L. --- Containers/nextcloud/config/s3.config.php | 1 + 1 file changed, 1 insertion(+) diff --git a/Containers/nextcloud/config/s3.config.php b/Containers/nextcloud/config/s3.config.php index 59217a78..6ea06697 100644 --- a/Containers/nextcloud/config/s3.config.php +++ b/Containers/nextcloud/config/s3.config.php @@ -10,6 +10,7 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { 'class' => '\OC\Files\ObjectStore\S3', 'arguments' => array( 'multibucket' => $multibucket === 'true', + 'num_buckets' => (int)getenv('OBJECTSTORE_S3_NUM_BUCKETS') ?: 64, 'bucket' => getenv('OBJECTSTORE_S3_BUCKET'), 'key' => getenv('OBJECTSTORE_S3_KEY') ?: '', 'secret' => getenv('OBJECTSTORE_S3_SECRET') ?: '', From b1baefb959119199291ad0a33226b7e4c8760f30 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 12 Jan 2026 16:03:10 +0000 Subject: [PATCH 255/432] build(deps): bump softprops/turnstyle in /.github/workflows Bumps [softprops/turnstyle](https://github.com/softprops/turnstyle) from 3.2.2 to 3.2.3. - [Release notes](https://github.com/softprops/turnstyle/releases) - [Changelog](https://github.com/softprops/turnstyle/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/turnstyle/compare/15f9da4059166900981058ba251e0b652511c68f...e565d2d86403c5d23533937e95980570545e5586) --- updated-dependencies: - dependency-name: softprops/turnstyle dependency-version: 3.2.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/helm-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/helm-release.yml b/.github/workflows/helm-release.yml index 639b0785..a4f441c2 100644 --- a/.github/workflows/helm-release.yml +++ b/.github/workflows/helm-release.yml @@ -16,7 +16,7 @@ jobs: uses: actions/checkout@v6.0.1 - name: Turnstyle - uses: softprops/turnstyle@15f9da4059166900981058ba251e0b652511c68f # v2 + uses: softprops/turnstyle@e565d2d86403c5d23533937e95980570545e5586 # v2 with: continue-after-seconds: 180 env: From 95a320a3e470aa50c2fe14bba347464d8c5b7740 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 13 Jan 2026 11:06:14 +0100 Subject: [PATCH 256/432] DockerActionManager: disable seccomp policy for borgbackup container Signed-off-by: Simon L. --- php/src/Docker/DockerActionManager.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 9e8a8ff2..67134576 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -376,6 +376,11 @@ readonly class DockerActionManager { // Special things for the backup container which should not be exposed in the containers.json if (str_starts_with($container->GetIdentifier(), 'nextcloud-aio-borgbackup')) { + // Disable seccomp policy if seccomp is enabled in the kernel to fix issues like https://github.com/nextcloud/all-in-one/issues/7308 + if (!$this->configurationManager->isSeccompDisabled()) { + $requestBody['HostConfig']['SecurityOpt'] = ["apparmor:unconfined", "label:disable", "seccomp:unconfined"]; + } + // Additional backup directories foreach ($this->getAllBackupVolumes() as $additionalBackupVolumes) { if ($additionalBackupVolumes !== '') { From c2f070b278a4772f3b75818a185817e4b946317c Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 13 Jan 2026 11:44:05 +0100 Subject: [PATCH 257/432] aio-cadddy: mention how to remove the container again Signed-off-by: Simon L. --- community-containers/caddy/readme.md | 1 + 1 file changed, 1 insertion(+) diff --git a/community-containers/caddy/readme.md b/community-containers/caddy/readme.md index a8baf9ea..a8d673b0 100644 --- a/community-containers/caddy/readme.md +++ b/community-containers/caddy/readme.md @@ -17,6 +17,7 @@ This container bundles caddy and auto-configures it for you. It also covers [vau - After the container was started the first time, you should see a new `nextcloud-aio-caddy` folder and inside there an `allowed-countries.txt` file when you open the files app with the default `admin` user. In there you can adjust the allowed country codes for caddy by adding them to the first line, e.g. `IT FR` would allow access from italy and france. Private ip-ranges are always allowed. Additionally, in order to activate this config, you need to get an account at https://dev.maxmind.com/geoip/geolite2-free-geolocation-data and download the `GeoLite2-Country.mmdb` and upload it with this exact name into the `nextcloud-aio-caddy` folder. Afterwards restart all containers from the AIO interface and your new config should be active! - You can add your own Caddy configurations in `/data/caddy-imports/` inside the Caddy container (`sudo docker exec -it nextcloud-aio-caddy bash`). These will be imported on container startup. **Please note:** If you do not have CLI access to the server, you can now run docker commands via a web session by using this community container: https://github.com/nextcloud/all-in-one/tree/main/community-containers/container-management - See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack +- If you want to remove the container again and revert back to the default, you need to follow https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md#8-removing-the-reverse-proxy ### Repository https://github.com/szaimen/aio-caddy From 81f477211fdf95bdf5386a5a9b57c54623d8e776 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 13 Jan 2026 11:44:43 +0100 Subject: [PATCH 258/432] fix detail Signed-off-by: Simon L. --- community-containers/caddy/readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/community-containers/caddy/readme.md b/community-containers/caddy/readme.md index a8d673b0..803bbec2 100644 --- a/community-containers/caddy/readme.md +++ b/community-containers/caddy/readme.md @@ -17,7 +17,7 @@ This container bundles caddy and auto-configures it for you. It also covers [vau - After the container was started the first time, you should see a new `nextcloud-aio-caddy` folder and inside there an `allowed-countries.txt` file when you open the files app with the default `admin` user. In there you can adjust the allowed country codes for caddy by adding them to the first line, e.g. `IT FR` would allow access from italy and france. Private ip-ranges are always allowed. Additionally, in order to activate this config, you need to get an account at https://dev.maxmind.com/geoip/geolite2-free-geolocation-data and download the `GeoLite2-Country.mmdb` and upload it with this exact name into the `nextcloud-aio-caddy` folder. Afterwards restart all containers from the AIO interface and your new config should be active! - You can add your own Caddy configurations in `/data/caddy-imports/` inside the Caddy container (`sudo docker exec -it nextcloud-aio-caddy bash`). These will be imported on container startup. **Please note:** If you do not have CLI access to the server, you can now run docker commands via a web session by using this community container: https://github.com/nextcloud/all-in-one/tree/main/community-containers/container-management - See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack -- If you want to remove the container again and revert back to the default, you need to follow https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md#8-removing-the-reverse-proxy +- If you want to remove the container again and revert back to the default, you need to disable the container via the AIO-interface and follow https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md#8-removing-the-reverse-proxy ### Repository https://github.com/szaimen/aio-caddy From 6fe3337a21ff0e6f63a45b22f55a648555ecd0ba Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 14 Jan 2026 04:09:32 +0000 Subject: [PATCH 259/432] build(deps): bump elasticsearch in /Containers/fulltextsearch Bumps elasticsearch from 8.19.9 to 8.19.10. --- updated-dependencies: - dependency-name: elasticsearch dependency-version: 8.19.10 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/fulltextsearch/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/fulltextsearch/Dockerfile b/Containers/fulltextsearch/Dockerfile index 7975bcbb..ed0cafe9 100644 --- a/Containers/fulltextsearch/Dockerfile +++ b/Containers/fulltextsearch/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Probably from here https://github.com/elastic/elasticsearch/blob/main/distribution/docker/src/docker/Dockerfile -FROM elasticsearch:8.19.9 +FROM elasticsearch:8.19.10 USER root From eadf0dc5cde07f21ebe75cc96aa7eba65e91d081 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 14 Jan 2026 04:10:53 +0000 Subject: [PATCH 260/432] build(deps): bump nextcloud-releases/whiteboard Bumps nextcloud-releases/whiteboard from v1.5.0 to v1.5.1. --- updated-dependencies: - dependency-name: nextcloud-releases/whiteboard dependency-version: v1.5.1 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Containers/whiteboard/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/whiteboard/Dockerfile b/Containers/whiteboard/Dockerfile index f6b8cc7d..37ba25e0 100644 --- a/Containers/whiteboard/Dockerfile +++ b/Containers/whiteboard/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Probably from this file: https://github.com/nextcloud/whiteboard/blob/main/Dockerfile -FROM ghcr.io/nextcloud-releases/whiteboard:v1.5.0 +FROM ghcr.io/nextcloud-releases/whiteboard:v1.5.1 USER root RUN set -ex; \ From 9a6e2cbe4975ba09c3a46caaeb14cc451fc59a3c Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Wed, 14 Jan 2026 11:54:57 +0000 Subject: [PATCH 261/432] Helm Chart updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- nextcloud-aio-helm-chart/Chart.yaml | 2 +- .../templates/nextcloud-aio-apache-deployment.yaml | 2 +- .../templates/nextcloud-aio-clamav-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-collabora-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-database-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-fulltextsearch-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-imaginary-deployment.yaml | 2 +- .../templates/nextcloud-aio-nextcloud-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-notify-push-deployment.yaml | 2 +- .../templates/nextcloud-aio-onlyoffice-deployment.yaml | 4 ++-- .../templates/nextcloud-aio-redis-deployment.yaml | 2 +- .../templates/nextcloud-aio-talk-deployment.yaml | 2 +- .../templates/nextcloud-aio-talk-recording-deployment.yaml | 2 +- .../templates/nextcloud-aio-whiteboard-deployment.yaml | 2 +- 14 files changed, 20 insertions(+), 20 deletions(-) diff --git a/nextcloud-aio-helm-chart/Chart.yaml b/nextcloud-aio-helm-chart/Chart.yaml index 16e7a82c..7d990549 100755 --- a/nextcloud-aio-helm-chart/Chart.yaml +++ b/nextcloud-aio-helm-chart/Chart.yaml @@ -1,6 +1,6 @@ name: nextcloud-aio-helm-chart description: A generated Helm Chart for Nextcloud AIO from Skippbox Kompose -version: 12.3.0 +version: 12.4.0 apiVersion: v2 keywords: - latest diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml index 6eddefe9..6cdf8db8 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml @@ -61,7 +61,7 @@ spec: value: "{{ .Values.TIMEZONE }}" - name: WHITEBOARD_HOST value: nextcloud-aio-whiteboard - image: ghcr.io/nextcloud-releases/aio-apache:20251218_095503 + image: ghcr.io/nextcloud-releases/aio-apache:20260114_114729 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml index 26eda032..d7627802 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml @@ -36,7 +36,7 @@ spec: {{- end }} initContainers: - name: init-subpath - image: ghcr.io/nextcloud-releases/aio-alpine:20251218_095503 + image: ghcr.io/nextcloud-releases/aio-alpine:20260114_114729 command: - mkdir - "-p" @@ -59,7 +59,7 @@ spec: value: "{{ .Values.NEXTCLOUD_UPLOAD_LIMIT }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-clamav:20251218_095503 + image: ghcr.io/nextcloud-releases/aio-clamav:20260114_114729 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml index c0984e1d..7e86c402 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml @@ -36,9 +36,9 @@ spec: - name: server_name value: "{{ .Values.NC_DOMAIN }}" {{- if contains "--o:support_key=" (join " " (.Values.ADDITIONAL_COLLABORA_OPTIONS | default list)) }} - image: ghcr.io/nextcloud-releases/aio-collabora-online:20251218_095503 + image: ghcr.io/nextcloud-releases/aio-collabora-online:20260114_114729 {{- else }} - image: ghcr.io/nextcloud-releases/aio-collabora:20251218_095503 + image: ghcr.io/nextcloud-releases/aio-collabora:20260114_114729 {{- end }} readinessProbe: exec: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml index b7b54647..055ecd0a 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml @@ -35,7 +35,7 @@ spec: {{- end }} initContainers: - name: init-subpath - image: ghcr.io/nextcloud-releases/aio-alpine:20251218_095503 + image: ghcr.io/nextcloud-releases/aio-alpine:20260114_114729 command: - mkdir - "-p" @@ -64,7 +64,7 @@ spec: value: nextcloud - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-postgresql:20251218_095503 + image: ghcr.io/nextcloud-releases/aio-postgresql:20260114_114729 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml index 14f19447..df30e6a8 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml @@ -24,7 +24,7 @@ spec: spec: initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20251218_095503 + image: ghcr.io/nextcloud-releases/aio-alpine:20260114_114729 command: - chmod - "777" @@ -54,7 +54,7 @@ spec: value: basic - name: xpack.security.enabled value: "false" - image: ghcr.io/nextcloud-releases/aio-fulltextsearch:20251218_095503 + image: ghcr.io/nextcloud-releases/aio-fulltextsearch:20260114_114729 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml index 9f0c54c5..d2fc1375 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml @@ -38,7 +38,7 @@ spec: value: "{{ .Values.IMAGINARY_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-imaginary:20251218_095503 + image: ghcr.io/nextcloud-releases/aio-imaginary:20260114_114729 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml index 3cbfa2fe..fe72d307 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml @@ -38,7 +38,7 @@ spec: # AIO settings start # Do not remove or change this line! initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20251218_095503 + image: ghcr.io/nextcloud-releases/aio-alpine:20260114_114729 command: - chmod - "777" @@ -190,7 +190,7 @@ spec: value: "{{ .Values.WHITEBOARD_ENABLED }}" - name: WHITEBOARD_SECRET value: "{{ .Values.WHITEBOARD_SECRET }}" - image: ghcr.io/nextcloud-releases/aio-nextcloud:20251218_095503 + image: ghcr.io/nextcloud-releases/aio-nextcloud:20260114_114729 {{- if eq (.Values.RPSS_ENABLED | default "no") "yes" }} # AIO-config - do not change this comment! securityContext: # The items below only work in container context diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml index a9822a80..5b05336e 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml @@ -57,7 +57,7 @@ spec: value: "6379" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-notify-push:20251218_095503 + image: ghcr.io/nextcloud-releases/aio-notify-push:20260114_114729 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml index c8160edd..0e3a7fda 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml @@ -24,7 +24,7 @@ spec: spec: initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20251218_095503 + image: ghcr.io/nextcloud-releases/aio-alpine:20260114_114729 command: - chmod - "777" @@ -42,7 +42,7 @@ spec: value: "{{ .Values.ONLYOFFICE_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-onlyoffice:20251218_095503 + image: ghcr.io/nextcloud-releases/aio-onlyoffice:20260114_114729 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml index 8446167d..1ccebd79 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml @@ -39,7 +39,7 @@ spec: value: "{{ .Values.REDIS_PASSWORD }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-redis:20251218_095503 + image: ghcr.io/nextcloud-releases/aio-redis:20260114_114729 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml index c28e7335..8635a6ce 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml @@ -52,7 +52,7 @@ spec: value: "{{ .Values.TURN_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-talk:20251218_095503 + image: ghcr.io/nextcloud-releases/aio-talk:20260114_114729 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml index a0d36c08..2cfcaa53 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml @@ -44,7 +44,7 @@ spec: value: "{{ .Values.RECORDING_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-talk-recording:20251218_095503 + image: ghcr.io/nextcloud-releases/aio-talk-recording:20260114_114729 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml index e311f230..50dfc3c4 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml @@ -50,7 +50,7 @@ spec: value: redis - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-whiteboard:20251218_095503 + image: ghcr.io/nextcloud-releases/aio-whiteboard:20260114_114729 readinessProbe: exec: command: From 045e5edf841324dd8eff918be27fa9e3fd332efb Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Wed, 14 Jan 2026 12:03:59 +0000 Subject: [PATCH 262/432] php dependency updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- php/composer.lock | 95 ++++++++++++++++++++++++----------------------- 1 file changed, 48 insertions(+), 47 deletions(-) diff --git a/php/composer.lock b/php/composer.lock index ed6667ed..ce1ae80f 100644 --- a/php/composer.lock +++ b/php/composer.lock @@ -391,16 +391,16 @@ }, { "name": "laravel/serializable-closure", - "version": "v2.0.7", + "version": "v2.0.8", "source": { "type": "git", "url": "https://github.com/laravel/serializable-closure.git", - "reference": "cb291e4c998ac50637c7eeb58189c14f5de5b9dd" + "reference": "7581a4407012f5f53365e11bafc520fd7f36bc9b" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/laravel/serializable-closure/zipball/cb291e4c998ac50637c7eeb58189c14f5de5b9dd", - "reference": "cb291e4c998ac50637c7eeb58189c14f5de5b9dd", + "url": "https://api.github.com/repos/laravel/serializable-closure/zipball/7581a4407012f5f53365e11bafc520fd7f36bc9b", + "reference": "7581a4407012f5f53365e11bafc520fd7f36bc9b", "shasum": "" }, "require": { @@ -448,7 +448,7 @@ "issues": "https://github.com/laravel/serializable-closure/issues", "source": "https://github.com/laravel/serializable-closure" }, - "time": "2025-11-21T20:52:36+00:00" + "time": "2026-01-08T16:22:46+00:00" }, { "name": "nikic/fast-route", @@ -2755,22 +2755,22 @@ }, { "name": "danog/advanced-json-rpc", - "version": "v3.2.2", + "version": "v3.2.3", "source": { "type": "git", "url": "https://github.com/danog/php-advanced-json-rpc.git", - "reference": "aadb1c4068a88c3d0530cfe324b067920661efcb" + "reference": "ae703ea7b4811797a10590b6078de05b3b33dd91" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/danog/php-advanced-json-rpc/zipball/aadb1c4068a88c3d0530cfe324b067920661efcb", - "reference": "aadb1c4068a88c3d0530cfe324b067920661efcb", + "url": "https://api.github.com/repos/danog/php-advanced-json-rpc/zipball/ae703ea7b4811797a10590b6078de05b3b33dd91", + "reference": "ae703ea7b4811797a10590b6078de05b3b33dd91", "shasum": "" }, "require": { "netresearch/jsonmapper": "^5", "php": ">=8.1", - "phpdocumentor/reflection-docblock": "^4.3.4 || ^5.0.0" + "phpdocumentor/reflection-docblock": "^4.3.4 || ^5.0.0 || ^6" }, "replace": { "felixfbecker/php-advanced-json-rpc": "^3" @@ -2801,9 +2801,9 @@ "description": "A more advanced JSONRPC implementation", "support": { "issues": "https://github.com/danog/php-advanced-json-rpc/issues", - "source": "https://github.com/danog/php-advanced-json-rpc/tree/v3.2.2" + "source": "https://github.com/danog/php-advanced-json-rpc/tree/v3.2.3" }, - "time": "2025-02-14T10:55:15+00:00" + "time": "2026-01-12T21:07:10+00:00" }, { "name": "daverandom/libdns", @@ -3455,16 +3455,16 @@ }, { "name": "phpdocumentor/reflection-docblock", - "version": "5.6.6", + "version": "6.0.0", "source": { "type": "git", "url": "https://github.com/phpDocumentor/ReflectionDocBlock.git", - "reference": "5cee1d3dfc2d2aa6599834520911d246f656bcb8" + "reference": "02600c041e7d0f4b7d1fe1d260565ec525472fa9" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/5cee1d3dfc2d2aa6599834520911d246f656bcb8", - "reference": "5cee1d3dfc2d2aa6599834520911d246f656bcb8", + "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/02600c041e7d0f4b7d1fe1d260565ec525472fa9", + "reference": "02600c041e7d0f4b7d1fe1d260565ec525472fa9", "shasum": "" }, "require": { @@ -3472,8 +3472,8 @@ "ext-filter": "*", "php": "^7.4 || ^8.0", "phpdocumentor/reflection-common": "^2.2", - "phpdocumentor/type-resolver": "^1.7", - "phpstan/phpdoc-parser": "^1.7|^2.0", + "phpdocumentor/type-resolver": "^2.0", + "phpstan/phpdoc-parser": "^2.0", "webmozart/assert": "^1.9.1 || ^2" }, "require-dev": { @@ -3483,7 +3483,8 @@ "phpstan/phpstan-mockery": "^1.1", "phpstan/phpstan-webmozart-assert": "^1.2", "phpunit/phpunit": "^9.5", - "psalm/phar": "^5.26" + "psalm/phar": "^5.26", + "shipmonk/dead-code-detector": "^0.5.1" }, "type": "library", "extra": { @@ -3513,44 +3514,44 @@ "description": "With this component, a library can provide support for annotations via DocBlocks or otherwise retrieve information that is embedded in a DocBlock.", "support": { "issues": "https://github.com/phpDocumentor/ReflectionDocBlock/issues", - "source": "https://github.com/phpDocumentor/ReflectionDocBlock/tree/5.6.6" + "source": "https://github.com/phpDocumentor/ReflectionDocBlock/tree/6.0.0" }, - "time": "2025-12-22T21:13:58+00:00" + "time": "2026-01-07T20:22:53+00:00" }, { "name": "phpdocumentor/type-resolver", - "version": "1.12.0", + "version": "2.0.0", "source": { "type": "git", "url": "https://github.com/phpDocumentor/TypeResolver.git", - "reference": "92a98ada2b93d9b201a613cb5a33584dde25f195" + "reference": "327a05bbee54120d4786a0dc67aad30226ad4cf9" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpDocumentor/TypeResolver/zipball/92a98ada2b93d9b201a613cb5a33584dde25f195", - "reference": "92a98ada2b93d9b201a613cb5a33584dde25f195", + "url": "https://api.github.com/repos/phpDocumentor/TypeResolver/zipball/327a05bbee54120d4786a0dc67aad30226ad4cf9", + "reference": "327a05bbee54120d4786a0dc67aad30226ad4cf9", "shasum": "" }, "require": { "doctrine/deprecations": "^1.0", - "php": "^7.3 || ^8.0", + "php": "^7.4 || ^8.0", "phpdocumentor/reflection-common": "^2.0", - "phpstan/phpdoc-parser": "^1.18|^2.0" + "phpstan/phpdoc-parser": "^2.0" }, "require-dev": { "ext-tokenizer": "*", "phpbench/phpbench": "^1.2", - "phpstan/extension-installer": "^1.1", - "phpstan/phpstan": "^1.8", - "phpstan/phpstan-phpunit": "^1.1", + "phpstan/extension-installer": "^1.4", + "phpstan/phpstan": "^2.1", + "phpstan/phpstan-phpunit": "^2.0", "phpunit/phpunit": "^9.5", - "rector/rector": "^0.13.9", - "vimeo/psalm": "^4.25" + "psalm/phar": "^4" }, "type": "library", "extra": { "branch-alias": { - "dev-1.x": "1.x-dev" + "dev-1.x": "1.x-dev", + "dev-2.x": "2.x-dev" } }, "autoload": { @@ -3571,22 +3572,22 @@ "description": "A PSR-5 based resolver of Class names, Types and Structural Element Names", "support": { "issues": "https://github.com/phpDocumentor/TypeResolver/issues", - "source": "https://github.com/phpDocumentor/TypeResolver/tree/1.12.0" + "source": "https://github.com/phpDocumentor/TypeResolver/tree/2.0.0" }, - "time": "2025-11-21T15:09:14+00:00" + "time": "2026-01-06T21:53:42+00:00" }, { "name": "phpstan/phpdoc-parser", - "version": "2.3.0", + "version": "2.3.1", "source": { "type": "git", "url": "https://github.com/phpstan/phpdoc-parser.git", - "reference": "1e0cd5370df5dd2e556a36b9c62f62e555870495" + "reference": "16dbf9937da8d4528ceb2145c9c7c0bd29e26374" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpdoc-parser/zipball/1e0cd5370df5dd2e556a36b9c62f62e555870495", - "reference": "1e0cd5370df5dd2e556a36b9c62f62e555870495", + "url": "https://api.github.com/repos/phpstan/phpdoc-parser/zipball/16dbf9937da8d4528ceb2145c9c7c0bd29e26374", + "reference": "16dbf9937da8d4528ceb2145c9c7c0bd29e26374", "shasum": "" }, "require": { @@ -3618,9 +3619,9 @@ "description": "PHPDoc parser with support for nullable, intersection and generic types", "support": { "issues": "https://github.com/phpstan/phpdoc-parser/issues", - "source": "https://github.com/phpstan/phpdoc-parser/tree/2.3.0" + "source": "https://github.com/phpstan/phpdoc-parser/tree/2.3.1" }, - "time": "2025-08-30T15:50:23+00:00" + "time": "2026-01-12T11:33:04+00:00" }, { "name": "revolt/event-loop", @@ -4735,16 +4736,16 @@ }, { "name": "webmozart/assert", - "version": "2.0.0", + "version": "2.1.2", "source": { "type": "git", "url": "https://github.com/webmozarts/assert.git", - "reference": "1b34b004e35a164bc5bb6ebd33c844b2d8069a54" + "reference": "ce6a2f100c404b2d32a1dd1270f9b59ad4f57649" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/webmozarts/assert/zipball/1b34b004e35a164bc5bb6ebd33c844b2d8069a54", - "reference": "1b34b004e35a164bc5bb6ebd33c844b2d8069a54", + "url": "https://api.github.com/repos/webmozarts/assert/zipball/ce6a2f100c404b2d32a1dd1270f9b59ad4f57649", + "reference": "ce6a2f100c404b2d32a1dd1270f9b59ad4f57649", "shasum": "" }, "require": { @@ -4791,9 +4792,9 @@ ], "support": { "issues": "https://github.com/webmozarts/assert/issues", - "source": "https://github.com/webmozarts/assert/tree/2.0.0" + "source": "https://github.com/webmozarts/assert/tree/2.1.2" }, - "time": "2025-12-16T21:36:00+00:00" + "time": "2026-01-13T14:02:24+00:00" } ], "aliases": [], From 069195bf237fab2fe9f831bb6d815d011bea14fa Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Thu, 15 Jan 2026 12:47:51 +0100 Subject: [PATCH 263/432] nextcloud: update to 32.0.4 Signed-off-by: Simon L. --- Containers/nextcloud/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 6b6be7f8..9c468bbb 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -8,7 +8,7 @@ ENV SOURCE_LOCATION=/usr/src/nextcloud ENV REDIS_DB_INDEX=0 # AIO settings start # Do not remove or change this line! -ENV NEXTCLOUD_VERSION=32.0.3 +ENV NEXTCLOUD_VERSION=32.0.4 ENV AIO_TOKEN=123456 ENV AIO_URL=localhost # AIO settings end # Do not remove or change this line! From b5b642232891dccc59ef4e7c8bc5bc8c5b7bb626 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Thu, 15 Jan 2026 13:41:20 +0100 Subject: [PATCH 264/432] Revert "DockerActionManager: disable seccomp policy for borgbackup container" Signed-off-by: Simon L. --- php/src/Docker/DockerActionManager.php | 5 ----- 1 file changed, 5 deletions(-) diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 67134576..9e8a8ff2 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -376,11 +376,6 @@ readonly class DockerActionManager { // Special things for the backup container which should not be exposed in the containers.json if (str_starts_with($container->GetIdentifier(), 'nextcloud-aio-borgbackup')) { - // Disable seccomp policy if seccomp is enabled in the kernel to fix issues like https://github.com/nextcloud/all-in-one/issues/7308 - if (!$this->configurationManager->isSeccompDisabled()) { - $requestBody['HostConfig']['SecurityOpt'] = ["apparmor:unconfined", "label:disable", "seccomp:unconfined"]; - } - // Additional backup directories foreach ($this->getAllBackupVolumes() as $additionalBackupVolumes) { if ($additionalBackupVolumes !== '') { From 9e362e1dc9ece2fc4bbfd5f10b656d99cae4e6ce Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Thu, 15 Jan 2026 13:48:06 +0100 Subject: [PATCH 265/432] increase to 12.5.0 Signed-off-by: Simon L. --- php/templates/containers.twig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/templates/containers.twig b/php/templates/containers.twig index c318e8a6..9c55350e 100644 --- a/php/templates/containers.twig +++ b/php/templates/containers.twig @@ -17,7 +17,7 @@
    -

    Nextcloud AIO v12.4.0

    +

    Nextcloud AIO v12.5.0

    {# Add 2nd tab warning #} From 59ad7dc98be6eecbe7866add09ac771cd8ccf0ee Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Fri, 16 Jan 2026 15:12:44 +0100 Subject: [PATCH 266/432] move version to a dedicated file Signed-off-by: Simon L. --- nextcloud-aio-helm-chart/update-helm.sh | 2 +- php/templates/containers.twig | 3 ++- php/templates/includes/aio-version.twig | 1 + 3 files changed, 4 insertions(+), 2 deletions(-) create mode 100644 php/templates/includes/aio-version.twig diff --git a/nextcloud-aio-helm-chart/update-helm.sh b/nextcloud-aio-helm-chart/update-helm.sh index f39d3035..9e5aba86 100755 --- a/nextcloud-aio-helm-chart/update-helm.sh +++ b/nextcloud-aio-helm-chart/update-helm.sh @@ -407,7 +407,7 @@ rm latest.yml mv latest.yml.backup latest.yml # Get version of AIO -AIO_VERSION="$(grep 'Nextcloud AIO ' ../php/templates/containers.twig | grep -oP '[0-9]+.[0-9]+.[0-9]+')" +AIO_VERSION="$(grep 'Nextcloud AIO ' ../php/templates/includes/aio-version.twig | grep -oP '[0-9]+.[0-9]+.[0-9]+')" sed -i "s|^version:.*|version: $AIO_VERSION|" ../helm-chart/Chart.yaml # Conversion of sample.conf diff --git a/php/templates/containers.twig b/php/templates/containers.twig index 9c55350e..d0ed38b1 100644 --- a/php/templates/containers.twig +++ b/php/templates/containers.twig @@ -17,7 +17,8 @@
    -

    Nextcloud AIO v12.5.0

    + {% set aio_version = include('includes/aio-version.twig') %} +

    Nextcloud AIO v{{ aio_version }}

    {# Add 2nd tab warning #} diff --git a/php/templates/includes/aio-version.twig b/php/templates/includes/aio-version.twig new file mode 100644 index 00000000..b7d7205d --- /dev/null +++ b/php/templates/includes/aio-version.twig @@ -0,0 +1 @@ +12.5.0 From 792ba0dfb352fe6a0018dd7ee470c777da5658df Mon Sep 17 00:00:00 2001 From: Zoey Date: Fri, 16 Jan 2026 22:54:58 +0100 Subject: [PATCH 267/432] update NPMplus images in reverse proxy guide Signed-off-by: Zoey --- reverse-proxy.md | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/reverse-proxy.md b/reverse-proxy.md index 50a6bccd..bdeb3244 100644 --- a/reverse-proxy.md +++ b/reverse-proxy.md @@ -564,19 +564,14 @@ Note: this will cause that a non root user can bind privileged ports. Second, see these screenshots for a working config: -![grafik](https://github.com/user-attachments/assets/c32c8fe8-7417-4f8f-9625-24b95651e630) +image -![grafik](https://github.com/user-attachments/assets/f14bba5c-69ce-4514-a2ac-5e5d7fb97792) +image - +image -![grafik](https://github.com/user-attachments/assets/75d7f539-35d1-4a3e-8c51-43123f698893) +image -![grafik](https://github.com/user-attachments/assets/e494edb5-8b70-4d45-bc9b-374219230041) - -`proxy_set_header Accept-Encoding $http_accept_encoding;` - -⚠️ **Please note:** Nextcloud will complain that X-XXS-Protection is set to the wrong value, this is intended by NPMplus.
    ⚠️ **Please note:** look into [this](#adapting-the-sample-web-server-configurations-below) to adapt the above example configuration. From d5c3e79b31f34a66687db78bc9f1065bf24b31e4 Mon Sep 17 00:00:00 2001 From: ph818 <71797925+ph818@users.noreply.github.com> Date: Sat, 17 Jan 2026 17:17:28 -0500 Subject: [PATCH 268/432] Update local-instance.md Clarifying DNS-challenge description. Signed-off-by: ph818 <71797925+ph818@users.noreply.github.com> --- local-instance.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/local-instance.md b/local-instance.md index 1da26280..8abbddb6 100644 --- a/local-instance.md +++ b/local-instance.md @@ -22,10 +22,11 @@ The normal way is the following: **Hint:** You may have a look at [this video](https://youtu.be/zk-y2wVkY4c) for a more complete but possibly outdated example. ## 3. Use the ACME DNS-challenge -You can alternatively use the ACME DNS-challenge to get a valid certificate for Nextcloud. Here is described how to set it up: https://github.com/nextcloud/all-in-one#how-to-get-nextcloud-running-using-the-acme-dns-challenge +You can alternatively use the ACME DNS-challenge to get a valid certificate for Nextcloud. Here is described how to set it up using an external caddy reverse proxy: https://github.com/nextcloud/all-in-one#how-to-get-nextcloud-running-using-the-acme-dns-challenge ## 4. Use Cloudflare If you do not have any control over the network, you may think about using Cloudflare Tunnel to get a valid certificate for your Nextcloud. However it will be opened to the public internet then. See https://github.com/nextcloud/all-in-one#how-to-run-nextcloud-behind-a-cloudflare-tunnel how to set this up. ## 5. Buy a certificate and use that If none of the above ways work for you, you may simply buy a certificate from an issuer for your domain. You then download the certificate onto your server, configure AIO in [reverse proxy mode](./reverse-proxy.md) and use the certificate for your domain in your reverse proxy config. + From a3e43c5cd913d45b34d137bbecfb806d559cb6e7 Mon Sep 17 00:00:00 2001 From: ph818 <71797925+ph818@users.noreply.github.com> Date: Sat, 17 Jan 2026 17:22:42 -0500 Subject: [PATCH 269/432] Update readme.md Clarifying the Instructions for DNS-challenge so following the links will make more sense (configuring the caddyfile of the external caddy reverse proxy). Signed-off-by: ph818 <71797925+ph818@users.noreply.github.com> --- readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/readme.md b/readme.md index bcbf7d57..66059954 100644 --- a/readme.md +++ b/readme.md @@ -340,7 +340,7 @@ Although it does not seems like it is the case but from AIO perspective a Cloudf For a reverse proxy example guide for Tailscale, see this guide by [@Perseus333](https://github.com/Perseus333): https://github.com/nextcloud/all-in-one/discussions/6817 ### How to get Nextcloud running using the ACME DNS-challenge? -You can install AIO in reverse proxy mode where is also documented how to get it running using the ACME DNS-challenge for getting a valid certificate for AIO. See the [reverse proxy documentation](./reverse-proxy.md). (Meant is the `Caddy with ACME DNS-challenge` section). Also see https://github.com/dani-garcia/vaultwarden/wiki/Running-a-private-vaultwarden-instance-with-Let%27s-Encrypt-certs#getting-a-custom-caddy-build for additional docs on this topic. +You can install AIO behind an external reverse proxy where is also documented how to get it running using the ACME DNS-challenge for getting a valid certificate for AIO. See the [reverse proxy documentation](./reverse-proxy.md). (Meant is the `Caddy with ACME DNS-challenge` section). Also see https://github.com/dani-garcia/vaultwarden/wiki/Running-a-private-vaultwarden-instance-with-Let%27s-Encrypt-certs#getting-a-custom-caddy-build for additional docs on this topic. ### How to run Nextcloud locally? No domain wanted, or wanting intranet access within your LAN. If you do not want to open Nextcloud to the public internet, you may have a look at the following documentation on how to set it up locally: [local-instance.md](./local-instance.md), but keep in mind you're still required to have https working properly. From 4a65c04e3d7410109ca35121c6aedd0d8e4f0986 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 19 Jan 2026 04:28:14 +0000 Subject: [PATCH 270/432] build(deps): bump docker in /Containers/mastercontainer Bumps docker from 29.1.4-cli to 29.1.5-cli. --- updated-dependencies: - dependency-name: docker dependency-version: 29.1.5-cli dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/mastercontainer/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile index d2019e49..a719c71a 100644 --- a/Containers/mastercontainer/Dockerfile +++ b/Containers/mastercontainer/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Docker CLI is a requirement -FROM docker:29.1.4-cli AS docker +FROM docker:29.1.5-cli AS docker # Caddy is a requirement FROM caddy:2.10.2-alpine AS caddy From 9822a63c44dc965a202b539fcacb2ad9339243c3 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 19 Jan 2026 10:07:52 +0100 Subject: [PATCH 271/432] nextcloud-entrypoint: make recording server dependent on `REMOVE_DISABLED_APPS` Signed-off-by: Simon L. --- Containers/nextcloud/entrypoint.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Containers/nextcloud/entrypoint.sh b/Containers/nextcloud/entrypoint.sh index 43432e6d..5f47a0f4 100644 --- a/Containers/nextcloud/entrypoint.sh +++ b/Containers/nextcloud/entrypoint.sh @@ -894,7 +894,9 @@ if [ -d "/var/www/html/custom_apps/spreed" ]; then RECORDING_SERVERS_STRING="{\"servers\":[{\"server\":\"http://$TALK_RECORDING_HOST:1234/\",\"verify\":true}],\"secret\":\"$RECORDING_SECRET\"}" php /var/www/html/occ config:app:set spreed recording_servers --value="$RECORDING_SERVERS_STRING" else - php /var/www/html/occ config:app:delete spreed recording_servers + if [ "$REMOVE_DISABLED_APPS" = yes ]; then + php /var/www/html/occ config:app:delete spreed recording_servers + fi fi fi From 0e22f38d16b4a1a0eb375ce1945f796d5b40da4d Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 19 Jan 2026 10:25:14 +0100 Subject: [PATCH 272/432] add `wud.watch=false` to all containers Signed-off-by: Simon L. --- Containers/apache/Dockerfile | 1 + Containers/borgbackup/Dockerfile | 1 + Containers/clamav/Dockerfile | 1 + Containers/collabora-online/Dockerfile | 1 + Containers/collabora/Dockerfile | 1 + Containers/docker-socket-proxy/Dockerfile | 1 + Containers/domaincheck/Dockerfile | 1 + Containers/fulltextsearch/Dockerfile | 1 + Containers/imaginary/Dockerfile | 3 ++- Containers/nextcloud/Dockerfile | 1 + Containers/notify-push/Dockerfile | 1 + Containers/onlyoffice/Dockerfile | 1 + Containers/postgresql/Dockerfile | 1 + Containers/redis/Dockerfile | 1 + Containers/talk-recording/Dockerfile | 1 + Containers/talk/Dockerfile | 1 + Containers/watchtower/Dockerfile | 1 + Containers/whiteboard/Dockerfile | 1 + php/src/Docker/DockerActionManager.php | 2 +- 19 files changed, 20 insertions(+), 2 deletions(-) diff --git a/Containers/apache/Dockerfile b/Containers/apache/Dockerfile index 0948fb25..9ccadfb8 100644 --- a/Containers/apache/Dockerfile +++ b/Containers/apache/Dockerfile @@ -88,4 +88,5 @@ CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"] HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/borgbackup/Dockerfile b/Containers/borgbackup/Dockerfile index 637d035c..97d6198b 100644 --- a/Containers/borgbackup/Dockerfile +++ b/Containers/borgbackup/Dockerfile @@ -24,5 +24,6 @@ ENTRYPOINT ["/start.sh"] USER root LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" ENV BORG_RETENTION_POLICY="--keep-within=7d --keep-weekly=4 --keep-monthly=6" diff --git a/Containers/clamav/Dockerfile b/Containers/clamav/Dockerfile index 196b109a..e81fb06e 100644 --- a/Containers/clamav/Dockerfile +++ b/Containers/clamav/Dockerfile @@ -33,5 +33,6 @@ VOLUME /var/lib/clamav ENTRYPOINT ["/start.sh"] CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"] LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" HEALTHCHECK --start-period=60s --retries=9 CMD /healthcheck.sh diff --git a/Containers/collabora-online/Dockerfile b/Containers/collabora-online/Dockerfile index 72f79928..ec8b63f0 100644 --- a/Containers/collabora-online/Dockerfile +++ b/Containers/collabora-online/Dockerfile @@ -12,4 +12,5 @@ USER 1001 HEALTHCHECK --start-period=60s --retries=9 CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/collabora/Dockerfile b/Containers/collabora/Dockerfile index 50b6cfef..976360cb 100644 --- a/Containers/collabora/Dockerfile +++ b/Containers/collabora/Dockerfile @@ -11,4 +11,5 @@ USER 1001 HEALTHCHECK --start-period=60s --retries=9 CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/docker-socket-proxy/Dockerfile b/Containers/docker-socket-proxy/Dockerfile index 796c855a..62590f6f 100644 --- a/Containers/docker-socket-proxy/Dockerfile +++ b/Containers/docker-socket-proxy/Dockerfile @@ -19,4 +19,5 @@ COPY --chmod=664 haproxy.cfg /haproxy.cfg ENTRYPOINT ["/start.sh"] HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/domaincheck/Dockerfile b/Containers/domaincheck/Dockerfile index 769c24ac..8122f315 100644 --- a/Containers/domaincheck/Dockerfile +++ b/Containers/domaincheck/Dockerfile @@ -18,4 +18,5 @@ ENTRYPOINT ["/start.sh"] HEALTHCHECK CMD nc -z 127.0.0.1 $APACHE_PORT || exit 1 LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/fulltextsearch/Dockerfile b/Containers/fulltextsearch/Dockerfile index ed0cafe9..ff1e923f 100644 --- a/Containers/fulltextsearch/Dockerfile +++ b/Containers/fulltextsearch/Dockerfile @@ -22,5 +22,6 @@ USER 1000:0 HEALTHCHECK --interval=10s --timeout=5s --start-period=1m --retries=5 CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" ENV ES_JAVA_OPTS="-Xms512M -Xmx512M" diff --git a/Containers/imaginary/Dockerfile b/Containers/imaginary/Dockerfile index 11250a43..04f190b5 100644 --- a/Containers/imaginary/Dockerfile +++ b/Containers/imaginary/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:latest FROM golang:1.25.5-alpine3.23 AS go -ENV IMAGINARY_HASH=6a274b488759a896aff02f52afee6e50b5e3a3ee +ENV IMAGINARY_HASH=6a274b488759a896aff02f52afee6e50b5e3a3ee RUN set -ex; \ apk upgrade --no-cache -a; \ @@ -43,4 +43,5 @@ ENTRYPOINT ["/start.sh"] HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 9c468bbb..afb3def5 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -264,4 +264,5 @@ CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"] HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/notify-push/Dockerfile b/Containers/notify-push/Dockerfile index 029c93f2..425115c4 100644 --- a/Containers/notify-push/Dockerfile +++ b/Containers/notify-push/Dockerfile @@ -23,4 +23,5 @@ ENTRYPOINT ["/start.sh"] HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/onlyoffice/Dockerfile b/Containers/onlyoffice/Dockerfile index d028ccbc..13b4d456 100644 --- a/Containers/onlyoffice/Dockerfile +++ b/Containers/onlyoffice/Dockerfile @@ -8,4 +8,5 @@ COPY --chmod=775 healthcheck.sh /healthcheck.sh HEALTHCHECK --start-period=60s --retries=9 CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/postgresql/Dockerfile b/Containers/postgresql/Dockerfile index 725b8042..56090f26 100644 --- a/Containers/postgresql/Dockerfile +++ b/Containers/postgresql/Dockerfile @@ -44,4 +44,5 @@ ENTRYPOINT ["/start.sh"] HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/redis/Dockerfile b/Containers/redis/Dockerfile index 7cc1ff84..cc9181ad 100644 --- a/Containers/redis/Dockerfile +++ b/Containers/redis/Dockerfile @@ -21,4 +21,5 @@ ENTRYPOINT ["/start.sh"] HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/talk-recording/Dockerfile b/Containers/talk-recording/Dockerfile index 65af7db4..8df5b89e 100644 --- a/Containers/talk-recording/Dockerfile +++ b/Containers/talk-recording/Dockerfile @@ -58,4 +58,5 @@ CMD ["python", "-m", "nextcloud.talk.recording", "--config", "/conf/recording.co HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/talk/Dockerfile b/Containers/talk/Dockerfile index fc5f0379..fb78f943 100644 --- a/Containers/talk/Dockerfile +++ b/Containers/talk/Dockerfile @@ -107,4 +107,5 @@ CMD ["supervisord", "-c", "/supervisord.conf"] HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/watchtower/Dockerfile b/Containers/watchtower/Dockerfile index cd5238ac..6b948c9b 100644 --- a/Containers/watchtower/Dockerfile +++ b/Containers/watchtower/Dockerfile @@ -24,4 +24,5 @@ USER root ENTRYPOINT ["/start.sh"] LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/whiteboard/Dockerfile b/Containers/whiteboard/Dockerfile index 37ba25e0..0a45981d 100644 --- a/Containers/whiteboard/Dockerfile +++ b/Containers/whiteboard/Dockerfile @@ -23,4 +23,5 @@ WORKDIR /tmp ENTRYPOINT ["/start.sh"] LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 9e8a8ff2..99264d54 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -434,7 +434,7 @@ readonly class DockerActionManager { // All AIO-managed containers should not be updated externally via watchtower but gracefully by AIO's backup and update feature. // Also DIUN should not send update notifications. See https://crazymax.dev/diun/providers/docker/#docker-labels // Additionally set a default org.label-schema.vendor and com.docker.compose.project - $requestBody['Labels'] = ["com.centurylinklabs.watchtower.enable" => "false", "diun.enable" => "false", "org.label-schema.vendor" => "Nextcloud", "com.docker.compose.project" => "nextcloud-aio"]; + $requestBody['Labels'] = ["com.centurylinklabs.watchtower.enable" => "false", "wud.watch" => "false", "diun.enable" => "false", "org.label-schema.vendor" => "Nextcloud", "com.docker.compose.project" => "nextcloud-aio"]; // Containers should have a fixed host name. See https://github.com/nextcloud/all-in-one/discussions/6589 $requestBody['Hostname'] = $container->GetIdentifier(); From c5b146f84c1b517d956cc5e1796f953b8381e385 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 20 Jan 2026 04:08:44 +0000 Subject: [PATCH 273/432] build(deps): bump golang in /Containers/imaginary Bumps golang from 1.25.5-alpine3.23 to 1.25.6-alpine3.23. --- updated-dependencies: - dependency-name: golang dependency-version: 1.25.6-alpine3.23 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/imaginary/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/imaginary/Dockerfile b/Containers/imaginary/Dockerfile index 11250a43..a0c583e0 100644 --- a/Containers/imaginary/Dockerfile +++ b/Containers/imaginary/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM golang:1.25.5-alpine3.23 AS go +FROM golang:1.25.6-alpine3.23 AS go ENV IMAGINARY_HASH=6a274b488759a896aff02f52afee6e50b5e3a3ee From dbabfe14f0b35d0d6df9e16dd09d626888ae602d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 20 Jan 2026 04:09:56 +0000 Subject: [PATCH 274/432] build(deps): bump golang in /Containers/watchtower Bumps golang from 1.25.5-alpine3.23 to 1.25.6-alpine3.23. --- updated-dependencies: - dependency-name: golang dependency-version: 1.25.6-alpine3.23 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/watchtower/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/watchtower/Dockerfile b/Containers/watchtower/Dockerfile index cd5238ac..2ee06f51 100644 --- a/Containers/watchtower/Dockerfile +++ b/Containers/watchtower/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM golang:1.25.5-alpine3.23 AS go +FROM golang:1.25.6-alpine3.23 AS go ENV WATCHTOWER_COMMIT_HASH=f6a7b29c312bec5f389a4fb52259919f0678800b From f58465f93022b1960428c88d4c5a65c4636aec7d Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 19 Jan 2026 15:21:28 +0100 Subject: [PATCH 275/432] DockeractionManager: rewrite `PullImage` function to re-try 3 times before failing Signed-off-by: Simon L. --- php/src/Docker/DockerActionManager.php | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 9e8a8ff2..34ca4f56 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -503,14 +503,24 @@ readonly class DockerActionManager { } catch (\Throwable $e) { $imageIsThere = false; } - try { - $this->guzzleClient->post($url); - } catch (RequestException $e) { - $message = "Could not pull image " . $imageName . ": " . $e->getResponse()?->getBody()->getContents(); - if ($imageIsThere === false) { - throw new \Exception($message); - } else { - error_log($message); + + $maxRetries = 3; + for ($attempt = 1; $attempt <= $maxRetries; $attempt++) { + try { + $this->guzzleClient->post($url); + break; + } catch (RequestException $e) { + $message = "Could not pull image " . $imageName . " (attempt $attempt/$maxRetries): " . $e->getResponse()?->getBody()->getContents(); + if ($attempt === $maxRetries) { + if ($imageIsThere === false) { + throw new \Exception($message); + } else { + error_log($message); + } + } else { + error_log($message . ' Retrying...'); + sleep(1); + } } } } From b7d63253db7e5d74a83bd0d5f4bd7c51793c8da1 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 20 Jan 2026 11:50:04 +0100 Subject: [PATCH 276/432] postgres.config.php: fix `PDO::MYSQL_ATTR_SSL_CA` Signed-off-by: Simon L. --- Containers/nextcloud/config/postgres.config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/nextcloud/config/postgres.config.php b/Containers/nextcloud/config/postgres.config.php index 71a657a7..0dc835cc 100644 --- a/Containers/nextcloud/config/postgres.config.php +++ b/Containers/nextcloud/config/postgres.config.php @@ -10,7 +10,7 @@ if (getenv('NEXTCLOUD_TRUSTED_CERTIFICATES_POSTGRES')) { if (getenv('NEXTCLOUD_TRUSTED_CERTIFICATES_MYSQL')) { $CONFIG = array( 'dbdriveroptions' => array( - 'PDO::MYSQL_ATTR_SSL_CA' => '/var/www/html/data/certificates/ca-bundle.crt', + PDO::MYSQL_ATTR_SSL_CA => '/var/www/html/data/certificates/ca-bundle.crt', ), ); } From 88a45d1a8087b8097c257905b91ea77db30f4a6c Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 20 Jan 2026 13:20:09 +0100 Subject: [PATCH 277/432] add cooldown to dependabot Signed-off-by: Simon L. --- .github/dependabot.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index f79c4ce2..7fe1067e 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -10,6 +10,8 @@ updates: labels: - 3. to review - dependencies + cooldown: + default-days: 7 - package-ecosystem: composer directory: "/php/" schedule: From fcdd000731f025f11f6bcfe26c6e47c46bc64e63 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 21 Jan 2026 04:10:21 +0000 Subject: [PATCH 278/432] build(deps): bump nextcloud-releases/whiteboard Bumps nextcloud-releases/whiteboard from v1.5.1 to v1.5.3. --- updated-dependencies: - dependency-name: nextcloud-releases/whiteboard dependency-version: v1.5.3 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Containers/whiteboard/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/whiteboard/Dockerfile b/Containers/whiteboard/Dockerfile index 37ba25e0..31500313 100644 --- a/Containers/whiteboard/Dockerfile +++ b/Containers/whiteboard/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Probably from this file: https://github.com/nextcloud/whiteboard/blob/main/Dockerfile -FROM ghcr.io/nextcloud-releases/whiteboard:v1.5.1 +FROM ghcr.io/nextcloud-releases/whiteboard:v1.5.3 USER root RUN set -ex; \ From 3b3eea7ef02e7bf5f11dc632cfc3b654d101859f Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 21 Jan 2026 10:54:39 +0100 Subject: [PATCH 279/432] don't ask for a cute anmial picture Signed-off-by: Simon L. --- .github/ISSUE_TEMPLATE/Bug_report.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/Bug_report.md b/.github/ISSUE_TEMPLATE/Bug_report.md index 5d6cc059..aca2e718 100644 --- a/.github/ISSUE_TEMPLATE/Bug_report.md +++ b/.github/ISSUE_TEMPLATE/Bug_report.md @@ -37,5 +37,3 @@ labels: 0. Needs triage #### Output of `sudo docker ps -a` #### Other valuable info - -#### A picture of a cute animal From 2c968917ebcac51b6c0a6cc033fde63e8fb72cc7 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Wed, 21 Jan 2026 12:03:53 +0000 Subject: [PATCH 280/432] php dependency updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- php/composer.lock | 48 +++++++++++++++++++++++------------------------ 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/php/composer.lock b/php/composer.lock index ce1ae80f..75e53dfe 100644 --- a/php/composer.lock +++ b/php/composer.lock @@ -3111,20 +3111,20 @@ }, { "name": "league/uri", - "version": "7.7.0", + "version": "7.8.0", "source": { "type": "git", "url": "https://github.com/thephpleague/uri.git", - "reference": "8d587cddee53490f9b82bf203d3a9aa7ea4f9807" + "reference": "4436c6ec8d458e4244448b069cc572d088230b76" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/thephpleague/uri/zipball/8d587cddee53490f9b82bf203d3a9aa7ea4f9807", - "reference": "8d587cddee53490f9b82bf203d3a9aa7ea4f9807", + "url": "https://api.github.com/repos/thephpleague/uri/zipball/4436c6ec8d458e4244448b069cc572d088230b76", + "reference": "4436c6ec8d458e4244448b069cc572d088230b76", "shasum": "" }, "require": { - "league/uri-interfaces": "^7.7", + "league/uri-interfaces": "^7.8", "php": "^8.1", "psr/http-factory": "^1" }, @@ -3138,11 +3138,11 @@ "ext-gmp": "to improve IPV4 host parsing", "ext-intl": "to handle IDN host with the best performance", "ext-uri": "to use the PHP native URI class", - "jeremykendall/php-domain-parser": "to resolve Public Suffix and Top Level Domain", - "league/uri-components": "Needed to easily manipulate URI objects components", - "league/uri-polyfill": "Needed to backport the PHP URI extension for older versions of PHP", + "jeremykendall/php-domain-parser": "to further parse the URI host and resolve its Public Suffix and Top Level Domain", + "league/uri-components": "to provide additional tools to manipulate URI objects components", + "league/uri-polyfill": "to backport the PHP URI extension for older versions of PHP", "php-64bit": "to improve IPV4 host parsing", - "rowbot/url": "to handle WHATWG URL", + "rowbot/url": "to handle URLs using the WHATWG URL Living Standard specification", "symfony/polyfill-intl-idn": "to handle IDN host via the Symfony polyfill if ext-intl is not present" }, "type": "library", @@ -3197,7 +3197,7 @@ "docs": "https://uri.thephpleague.com", "forum": "https://thephpleague.slack.com", "issues": "https://github.com/thephpleague/uri-src/issues", - "source": "https://github.com/thephpleague/uri/tree/7.7.0" + "source": "https://github.com/thephpleague/uri/tree/7.8.0" }, "funding": [ { @@ -3205,20 +3205,20 @@ "type": "github" } ], - "time": "2025-12-07T16:02:06+00:00" + "time": "2026-01-14T17:24:56+00:00" }, { "name": "league/uri-interfaces", - "version": "7.7.0", + "version": "7.8.0", "source": { "type": "git", "url": "https://github.com/thephpleague/uri-interfaces.git", - "reference": "62ccc1a0435e1c54e10ee6022df28d6c04c2946c" + "reference": "c5c5cd056110fc8afaba29fa6b72a43ced42acd4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/thephpleague/uri-interfaces/zipball/62ccc1a0435e1c54e10ee6022df28d6c04c2946c", - "reference": "62ccc1a0435e1c54e10ee6022df28d6c04c2946c", + "url": "https://api.github.com/repos/thephpleague/uri-interfaces/zipball/c5c5cd056110fc8afaba29fa6b72a43ced42acd4", + "reference": "c5c5cd056110fc8afaba29fa6b72a43ced42acd4", "shasum": "" }, "require": { @@ -3231,7 +3231,7 @@ "ext-gmp": "to improve IPV4 host parsing", "ext-intl": "to handle IDN host with the best performance", "php-64bit": "to improve IPV4 host parsing", - "rowbot/url": "to handle WHATWG URL", + "rowbot/url": "to handle URLs using the WHATWG URL Living Standard specification", "symfony/polyfill-intl-idn": "to handle IDN host via the Symfony polyfill if ext-intl is not present" }, "type": "library", @@ -3281,7 +3281,7 @@ "docs": "https://uri.thephpleague.com", "forum": "https://thephpleague.slack.com", "issues": "https://github.com/thephpleague/uri-src/issues", - "source": "https://github.com/thephpleague/uri-interfaces/tree/7.7.0" + "source": "https://github.com/thephpleague/uri-interfaces/tree/7.8.0" }, "funding": [ { @@ -3289,7 +3289,7 @@ "type": "github" } ], - "time": "2025-12-07T16:03:21+00:00" + "time": "2026-01-15T06:54:53+00:00" }, { "name": "netresearch/jsonmapper", @@ -3455,16 +3455,16 @@ }, { "name": "phpdocumentor/reflection-docblock", - "version": "6.0.0", + "version": "6.0.1", "source": { "type": "git", "url": "https://github.com/phpDocumentor/ReflectionDocBlock.git", - "reference": "02600c041e7d0f4b7d1fe1d260565ec525472fa9" + "reference": "2f5cbed597cb261d1ea458f3da3a9ad32e670b1e" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/02600c041e7d0f4b7d1fe1d260565ec525472fa9", - "reference": "02600c041e7d0f4b7d1fe1d260565ec525472fa9", + "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/2f5cbed597cb261d1ea458f3da3a9ad32e670b1e", + "reference": "2f5cbed597cb261d1ea458f3da3a9ad32e670b1e", "shasum": "" }, "require": { @@ -3514,9 +3514,9 @@ "description": "With this component, a library can provide support for annotations via DocBlocks or otherwise retrieve information that is embedded in a DocBlock.", "support": { "issues": "https://github.com/phpDocumentor/ReflectionDocBlock/issues", - "source": "https://github.com/phpDocumentor/ReflectionDocBlock/tree/6.0.0" + "source": "https://github.com/phpDocumentor/ReflectionDocBlock/tree/6.0.1" }, - "time": "2026-01-07T20:22:53+00:00" + "time": "2026-01-20T15:30:42+00:00" }, { "name": "phpdocumentor/type-resolver", From b12c36f675274fd159ead5b19f7c74adf83302d7 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Wed, 21 Jan 2026 12:12:48 +0000 Subject: [PATCH 281/432] watchtower-update automated change Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- Containers/watchtower/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Containers/watchtower/Dockerfile b/Containers/watchtower/Dockerfile index cd5238ac..0aeb6fd7 100644 --- a/Containers/watchtower/Dockerfile +++ b/Containers/watchtower/Dockerfile @@ -1,13 +1,13 @@ # syntax=docker/dockerfile:latest FROM golang:1.25.5-alpine3.23 AS go -ENV WATCHTOWER_COMMIT_HASH=f6a7b29c312bec5f389a4fb52259919f0678800b +ENV WATCHTOWER_COMMIT_HASH=f522ce27e1fbe4618da54833025a95be62aa838a RUN set -ex; \ apk upgrade --no-cache -a; \ apk add --no-cache \ build-base; \ - go install github.com/nicholas-fedor/watchtower@$WATCHTOWER_COMMIT_HASH # v1.13.1 + go install github.com/nicholas-fedor/watchtower@$WATCHTOWER_COMMIT_HASH # v1.14.0 FROM alpine:3.23.2 From 708e542270df92a7baf4e01fc314bb45054f8183 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Wed, 21 Jan 2026 12:16:29 +0000 Subject: [PATCH 282/432] nextcloud-update automated change Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- Containers/nextcloud/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 9c468bbb..6968ac31 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -8,7 +8,7 @@ ENV SOURCE_LOCATION=/usr/src/nextcloud ENV REDIS_DB_INDEX=0 # AIO settings start # Do not remove or change this line! -ENV NEXTCLOUD_VERSION=32.0.4 +ENV NEXTCLOUD_VERSION=32.0.5 ENV AIO_TOKEN=123456 ENV AIO_URL=localhost # AIO settings end # Do not remove or change this line! From f59b2776c796ea4216ec8c6d5063ba5fb877e0dd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 22 Jan 2026 04:08:30 +0000 Subject: [PATCH 283/432] build(deps): bump php in /Containers/mastercontainer Bumps php from 8.4.16-fpm-alpine3.23 to 8.4.17-fpm-alpine3.23. --- updated-dependencies: - dependency-name: php dependency-version: 8.4.17-fpm-alpine3.23 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/mastercontainer/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile index d2019e49..ed930781 100644 --- a/Containers/mastercontainer/Dockerfile +++ b/Containers/mastercontainer/Dockerfile @@ -6,7 +6,7 @@ FROM docker:29.1.4-cli AS docker FROM caddy:2.10.2-alpine AS caddy # From https://github.com/docker-library/php/blob/master/8.4/alpine3.23/fpm/Dockerfile -FROM php:8.4.16-fpm-alpine3.23 +FROM php:8.4.17-fpm-alpine3.23 EXPOSE 80 EXPOSE 8080 From 8eed705a906351ed15e8f379650e1c6d22021d44 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 22 Jan 2026 04:08:35 +0000 Subject: [PATCH 284/432] build(deps): bump php in /Containers/nextcloud Bumps php from 8.3.29-fpm-alpine3.23 to 8.3.30-fpm-alpine3.23. --- updated-dependencies: - dependency-name: php dependency-version: 8.3.30-fpm-alpine3.23 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/nextcloud/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 9c468bbb..f3181a05 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM php:8.3.29-fpm-alpine3.23 +FROM php:8.3.30-fpm-alpine3.23 ENV PHP_MEMORY_LIMIT=512M ENV PHP_UPLOAD_LIMIT=16G From a7c091a5b26835db3ca579e9266fa02cc37172d0 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Thu, 22 Jan 2026 12:21:26 +0100 Subject: [PATCH 285/432] mastercontainer: also add `wud.watch` label Signed-off-by: Simon L. --- Containers/mastercontainer/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile index e92d0a86..2fea59d1 100644 --- a/Containers/mastercontainer/Dockerfile +++ b/Containers/mastercontainer/Dockerfile @@ -127,6 +127,7 @@ RUN set -ex; \ # hadolint ignore=DL3048 LABEL org.label-schema.vendor="Nextcloud" \ + wud.watch="false" \ com.docker.compose.project="nextcloud-aio" # hadolint ignore=DL3002 From 8fb3126ce7e11bdc9d6d2f7c609478ce72c89848 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 21 Jan 2026 14:30:23 +0100 Subject: [PATCH 286/432] `CreateContainer`: also insert the max shutdown time into the container itself Signed-off-by: Simon L. --- php/src/Docker/DockerActionManager.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 1743c4a5..fb3701a4 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -356,6 +356,11 @@ readonly class DockerActionManager { $requestBody['HostConfig']['Init'] = $container->init; + $maxShutDownTime = $container->maxShutdownTime; + if ($maxShutDownTime > 0) { + $requestBody['StopTimeout'] = $maxShutDownTime; + } + $capAdds = $container->capAdd; if (count($capAdds) > 0) { $requestBody['HostConfig']['CapAdd'] = $capAdds; From 00688a52bd9e85768398eb01c8389f940233268d Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Thu, 22 Jan 2026 13:12:02 +0000 Subject: [PATCH 287/432] Helm Chart updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- nextcloud-aio-helm-chart/Chart.yaml | 2 +- .../templates/nextcloud-aio-apache-deployment.yaml | 6 +++--- .../templates/nextcloud-aio-apache-service.yaml | 2 +- .../templates/nextcloud-aio-clamav-deployment.yaml | 8 ++++---- .../templates/nextcloud-aio-clamav-service.yaml | 2 +- .../templates/nextcloud-aio-collabora-deployment.yaml | 8 ++++---- .../templates/nextcloud-aio-collabora-service.yaml | 2 +- .../templates/nextcloud-aio-database-deployment.yaml | 8 ++++---- .../templates/nextcloud-aio-database-service.yaml | 2 +- .../nextcloud-aio-fulltextsearch-deployment.yaml | 8 ++++---- .../templates/nextcloud-aio-fulltextsearch-service.yaml | 2 +- .../templates/nextcloud-aio-imaginary-deployment.yaml | 6 +++--- .../templates/nextcloud-aio-imaginary-service.yaml | 2 +- .../templates/nextcloud-aio-nextcloud-deployment.yaml | 8 ++++---- .../templates/nextcloud-aio-nextcloud-service.yaml | 2 +- .../templates/nextcloud-aio-notify-push-deployment.yaml | 6 +++--- .../templates/nextcloud-aio-notify-push-service.yaml | 2 +- .../templates/nextcloud-aio-onlyoffice-deployment.yaml | 8 ++++---- .../templates/nextcloud-aio-onlyoffice-service.yaml | 2 +- .../templates/nextcloud-aio-redis-deployment.yaml | 6 +++--- .../templates/nextcloud-aio-redis-service.yaml | 2 +- .../templates/nextcloud-aio-talk-deployment.yaml | 6 +++--- .../nextcloud-aio-talk-recording-deployment.yaml | 6 +++--- .../templates/nextcloud-aio-talk-recording-service.yaml | 2 +- .../templates/nextcloud-aio-talk-service.yaml | 4 ++-- .../templates/nextcloud-aio-whiteboard-deployment.yaml | 6 +++--- .../templates/nextcloud-aio-whiteboard-service.yaml | 2 +- 27 files changed, 60 insertions(+), 60 deletions(-) diff --git a/nextcloud-aio-helm-chart/Chart.yaml b/nextcloud-aio-helm-chart/Chart.yaml index 7d990549..6288a381 100755 --- a/nextcloud-aio-helm-chart/Chart.yaml +++ b/nextcloud-aio-helm-chart/Chart.yaml @@ -1,6 +1,6 @@ name: nextcloud-aio-helm-chart description: A generated Helm Chart for Nextcloud AIO from Skippbox Kompose -version: 12.4.0 +version: 12.5.0 apiVersion: v2 keywords: - latest diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml index 6cdf8db8..e540791c 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-apache name: nextcloud-aio-apache @@ -17,7 +17,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-apache spec: @@ -61,7 +61,7 @@ spec: value: "{{ .Values.TIMEZONE }}" - name: WHITEBOARD_HOST value: nextcloud-aio-whiteboard - image: ghcr.io/nextcloud-releases/aio-apache:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-apache:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-service.yaml index 404ee626..98e33a4d 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-apache name: nextcloud-aio-apache diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml index d7627802..57ec7739 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-clamav name: nextcloud-aio-clamav @@ -18,7 +18,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-clamav spec: @@ -36,7 +36,7 @@ spec: {{- end }} initContainers: - name: init-subpath - image: ghcr.io/nextcloud-releases/aio-alpine:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-alpine:20260122_105751 command: - mkdir - "-p" @@ -59,7 +59,7 @@ spec: value: "{{ .Values.NEXTCLOUD_UPLOAD_LIMIT }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-clamav:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-clamav:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-service.yaml index 8dc8597d..8b236093 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-clamav name: nextcloud-aio-clamav diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml index 7e86c402..cd4e1368 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-collabora name: nextcloud-aio-collabora @@ -16,7 +16,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-collabora spec: @@ -36,9 +36,9 @@ spec: - name: server_name value: "{{ .Values.NC_DOMAIN }}" {{- if contains "--o:support_key=" (join " " (.Values.ADDITIONAL_COLLABORA_OPTIONS | default list)) }} - image: ghcr.io/nextcloud-releases/aio-collabora-online:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-collabora-online:20260122_105751 {{- else }} - image: ghcr.io/nextcloud-releases/aio-collabora:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-collabora:20260122_105751 {{- end }} readinessProbe: exec: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-service.yaml index ebe7bf3f..5c81ef3e 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-collabora name: nextcloud-aio-collabora diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml index 055ecd0a..be6a9c90 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-database name: nextcloud-aio-database @@ -17,7 +17,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-database spec: @@ -35,7 +35,7 @@ spec: {{- end }} initContainers: - name: init-subpath - image: ghcr.io/nextcloud-releases/aio-alpine:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-alpine:20260122_105751 command: - mkdir - "-p" @@ -64,7 +64,7 @@ spec: value: nextcloud - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-postgresql:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-postgresql:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-service.yaml index 9451d908..45fdce3a 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-database name: nextcloud-aio-database diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml index df30e6a8..bed60a0c 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-fulltextsearch name: nextcloud-aio-fulltextsearch @@ -18,13 +18,13 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-fulltextsearch spec: initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-alpine:20260122_105751 command: - chmod - "777" @@ -54,7 +54,7 @@ spec: value: basic - name: xpack.security.enabled value: "false" - image: ghcr.io/nextcloud-releases/aio-fulltextsearch:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-fulltextsearch:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-service.yaml index ae759475..efe474b3 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-fulltextsearch name: nextcloud-aio-fulltextsearch diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml index d2fc1375..af15d4b3 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-imaginary name: nextcloud-aio-imaginary @@ -16,7 +16,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-imaginary spec: @@ -38,7 +38,7 @@ spec: value: "{{ .Values.IMAGINARY_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-imaginary:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-imaginary:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-service.yaml index a5fb3266..44a57006 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-imaginary name: nextcloud-aio-imaginary diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml index fe72d307..8b6e8211 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-nextcloud name: nextcloud-aio-nextcloud @@ -17,7 +17,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-nextcloud spec: @@ -38,7 +38,7 @@ spec: # AIO settings start # Do not remove or change this line! initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-alpine:20260122_105751 command: - chmod - "777" @@ -190,7 +190,7 @@ spec: value: "{{ .Values.WHITEBOARD_ENABLED }}" - name: WHITEBOARD_SECRET value: "{{ .Values.WHITEBOARD_SECRET }}" - image: ghcr.io/nextcloud-releases/aio-nextcloud:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-nextcloud:20260122_105751 {{- if eq (.Values.RPSS_ENABLED | default "no") "yes" }} # AIO-config - do not change this comment! securityContext: # The items below only work in container context diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-service.yaml index 18cf84d8..08ab70f2 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-nextcloud name: nextcloud-aio-nextcloud diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml index 5b05336e..c8e30d05 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-notify-push name: nextcloud-aio-notify-push @@ -17,7 +17,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-notify-push spec: @@ -57,7 +57,7 @@ spec: value: "6379" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-notify-push:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-notify-push:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-service.yaml index 2b7bfccd..986d98d4 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-notify-push name: nextcloud-aio-notify-push diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml index 0e3a7fda..2bb79f19 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-onlyoffice name: nextcloud-aio-onlyoffice @@ -18,13 +18,13 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-onlyoffice spec: initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-alpine:20260122_105751 command: - chmod - "777" @@ -42,7 +42,7 @@ spec: value: "{{ .Values.ONLYOFFICE_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-onlyoffice:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-onlyoffice:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-service.yaml index 6ff9afa1..5fc10b85 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-onlyoffice name: nextcloud-aio-onlyoffice diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml index 1ccebd79..28335e64 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-redis name: nextcloud-aio-redis @@ -17,7 +17,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-redis spec: @@ -39,7 +39,7 @@ spec: value: "{{ .Values.REDIS_PASSWORD }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-redis:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-redis:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-service.yaml index af82a0bb..a6a9a0a5 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-redis name: nextcloud-aio-redis diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml index 8635a6ce..679dd66e 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-talk name: nextcloud-aio-talk @@ -16,7 +16,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-talk spec: @@ -52,7 +52,7 @@ spec: value: "{{ .Values.TURN_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-talk:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-talk:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml index 2cfcaa53..8e631656 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-talk-recording name: nextcloud-aio-talk-recording @@ -18,7 +18,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-talk-recording spec: @@ -44,7 +44,7 @@ spec: value: "{{ .Values.RECORDING_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-talk-recording:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-talk-recording:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-service.yaml index 4410ed72..87fe0355 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-talk-recording name: nextcloud-aio-talk-recording diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-service.yaml index 10d17177..65388792 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-service.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-talk name: nextcloud-aio-talk-public @@ -27,7 +27,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-talk name: nextcloud-aio-talk diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml index 50dfc3c4..5788cfa0 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-whiteboard name: nextcloud-aio-whiteboard @@ -16,7 +16,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-whiteboard spec: @@ -50,7 +50,7 @@ spec: value: redis - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-whiteboard:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-whiteboard:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-service.yaml index 8c8cb5aa..299f1ec3 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-whiteboard name: nextcloud-aio-whiteboard From c47ace7718a790c01e631ec3b4398293a298fa11 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Thu, 22 Jan 2026 13:33:38 +0000 Subject: [PATCH 288/432] imaginary-update automated change Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- Containers/imaginary/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/imaginary/Dockerfile b/Containers/imaginary/Dockerfile index 0a0c14ce..650c4c67 100644 --- a/Containers/imaginary/Dockerfile +++ b/Containers/imaginary/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:latest FROM golang:1.25.6-alpine3.23 AS go -ENV IMAGINARY_HASH=6a274b488759a896aff02f52afee6e50b5e3a3ee +ENV IMAGINARY_HASH=6a274b488759a896aff02f52afee6e50b5e3a3ee RUN set -ex; \ apk upgrade --no-cache -a; \ From 664ca0b26d0e69e1ebda9ea2010113b1f63b4d90 Mon Sep 17 00:00:00 2001 From: Jean-Yves <7360784+docjyJ@users.noreply.github.com> Date: Thu, 22 Jan 2026 21:08:08 +0100 Subject: [PATCH 289/432] Add Code of conduct See: https://github.com/nextcloud/server/blob/master/CODE_OF_CONDUCT.md Signed-off-by: Jean-Yves <7360784+docjyJ@users.noreply.github.com> --- CODE_OF_CONDUCT.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 CODE_OF_CONDUCT.md diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 00000000..fec85a59 --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,13 @@ + +In the Nextcloud community, participants from all over the world come together to create Free Software for a free internet. This is made possible by the support, hard work and enthusiasm of thousands of people, including those who create and use Nextcloud software. + +Our code of conduct offers some guidance to ensure Nextcloud participants can cooperate effectively in a positive and inspiring atmosphere, and to explain how together we can strengthen and support each other. + +The Code of Conduct is shared by all contributors and users who engage with the Nextcloud team and its community services. It presents a summary of the shared values and “common sense” thinking in our community. + +You can find our full code of conduct on our website: https://nextcloud.com/code-of-conduct/ + +Please, keep our CoC in mind when you contribute! That way, everyone can be a part of our community in a productive, positive, creative and fun way. From 89be3d9e234af8db8c07847539b6ae8354e16b29 Mon Sep 17 00:00:00 2001 From: Jean-Yves <7360784+docjyJ@users.noreply.github.com> Date: Thu, 22 Jan 2026 21:12:39 +0100 Subject: [PATCH 290/432] Add files via upload Signed-off-by: Jean-Yves <7360784+docjyJ@users.noreply.github.com> --- .github/pull_request_template.md | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 .github/pull_request_template.md diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 00000000..7958ceab --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,25 @@ + + +* Resolves: # + +## Summary + + +## TODO + +- [ ] ... + +## Checklist + +- Code is [properly formatted](https://docs.nextcloud.com/server/latest/developer_manual/digging_deeper/continuous_integration.html#linting) +- [Sign-off message](https://github.com/src-d/guide/blob/master/developer-community/fix-DCO.md) is added to all commits +- [ ] Tests ([unit](https://docs.nextcloud.com/server/latest/developer_manual/app_development/tutorial.html#unit-tests), [integration](https://docs.nextcloud.com/server/latest/developer_manual/app_development/tutorial.html#integration-tests), api and/or acceptance) are included +- [ ] Screenshots before/after for front-end changes +- [ ] Documentation ([manuals](https://github.com/nextcloud/documentation/) or wiki) has been updated or is not required +- [ ] [Backports requested](https://github.com/nextcloud/backportbot/#usage) where applicable (ex: critical bugfixes) +- [ ] [Labels added](https://github.com/nextcloud/server/labels) where applicable (ex: bug/enhancement, `3. to review`, feature component) +- [ ] [Milestone added](https://github.com/nextcloud/server/milestones) for target branch/version (ex: 32.x for `stable32`) From db07c79db1cc692903a637cb0cadd5d9b79755ca Mon Sep 17 00:00:00 2001 From: Jean-Yves <7360784+docjyJ@users.noreply.github.com> Date: Thu, 22 Jan 2026 21:20:36 +0100 Subject: [PATCH 291/432] novodb: add (deprecated) to its display name Signed-off-by: Jean-Yves <7360784+docjyJ@users.noreply.github.com> --- community-containers/nocodb/nocodb.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/community-containers/nocodb/nocodb.json b/community-containers/nocodb/nocodb.json index 7ef4cc5c..e93d173c 100644 --- a/community-containers/nocodb/nocodb.json +++ b/community-containers/nocodb/nocodb.json @@ -2,7 +2,7 @@ "aio_services_v1": [ { "container_name": "nextcloud-aio-nocodb", - "display_name": "NocoDB", + "display_name": "NocoDB (deprecated)", "documentation": "https://github.com/nextcloud/all-in-one/tree/main/community-containers/nocodb", "image": "nocodb/nocodb", "image_tag": "latest", From e1718faf0b4364283a4925a8b7163511f272ffae Mon Sep 17 00:00:00 2001 From: Jean-Yves <7360784+docjyJ@users.noreply.github.com> Date: Thu, 22 Jan 2026 21:24:35 +0100 Subject: [PATCH 292/432] Update README with licensing and maintenance notes Added caution and note about NocoDB licensing and maintenance status. Signed-off-by: Jean-Yves <7360784+docjyJ@users.noreply.github.com> --- community-containers/nocodb/readme.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/community-containers/nocodb/readme.md b/community-containers/nocodb/readme.md index 4c1281b5..fa23f8f6 100644 --- a/community-containers/nocodb/readme.md +++ b/community-containers/nocodb/readme.md @@ -1,3 +1,8 @@ +> [!CAUTION] +> NocoDB is licensed under a non-free license. +> +> And is no longer maintained. + > [!NOTE] > This container is there to compensate for the lack of functionality in Nextcloud Tables. > From 0e868c4570826497fd32b24d3d4bbd7d03d6557d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 23 Jan 2026 12:08:36 +0000 Subject: [PATCH 293/432] build(deps): bump actions/checkout in /.github/workflows Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.1 to 6.0.2. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v6.0.1...v6.0.2) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/codespell.yml | 2 +- .github/workflows/collabora.yml | 2 +- .github/workflows/community-containers.yml | 2 +- .github/workflows/dependency-updates.yml | 2 +- .github/workflows/docker-lint.yml | 2 +- .github/workflows/helm-release.yml | 2 +- .github/workflows/imaginary-update.yml | 2 +- .github/workflows/json-validator.yml | 2 +- .github/workflows/lint-helm.yml | 2 +- .github/workflows/lint-php.yml | 2 +- .github/workflows/lint-yaml.yml | 2 +- .github/workflows/nextcloud-update.yml | 2 +- .github/workflows/php-deprecation-detector.yml | 2 +- .github/workflows/playwright-on-push.yml | 2 +- .github/workflows/playwright-on-workflow-dispatch.yml | 2 +- .github/workflows/psalm-update-baseline.yml | 2 +- .github/workflows/psalm.yml | 2 +- .github/workflows/shellcheck.yml | 2 +- .github/workflows/talk.yml | 2 +- .github/workflows/twig-lint.yml | 2 +- .github/workflows/update-copyright.yml | 2 +- .github/workflows/update-helm.yml | 2 +- .github/workflows/update-yaml.yml | 2 +- .github/workflows/watchtower-update.yml | 2 +- 24 files changed, 24 insertions(+), 24 deletions(-) diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml index 2bd4823a..2fff5ddb 100644 --- a/.github/workflows/codespell.yml +++ b/.github/workflows/codespell.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@v6.0.1 + uses: actions/checkout@v6.0.2 - name: Check spelling uses: codespell-project/actions-codespell@8f01853be192eb0f849a5c7d721450e7a467c579 # v2 with: diff --git a/.github/workflows/collabora.yml b/.github/workflows/collabora.yml index 8e464925..abf5d520 100644 --- a/.github/workflows/collabora.yml +++ b/.github/workflows/collabora.yml @@ -10,7 +10,7 @@ jobs: name: update collabora runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - name: Run collabora-profile-update run: | rm -f php/cool-seccomp-profile.json diff --git a/.github/workflows/community-containers.yml b/.github/workflows/community-containers.yml index 7446677f..cfe35ee0 100644 --- a/.github/workflows/community-containers.yml +++ b/.github/workflows/community-containers.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6.0.1 + uses: actions/checkout@v6.0.2 - name: Validate structure run: | CONTAINERS="$(find ./community-containers -mindepth 1 -maxdepth 1 -type d)" diff --git a/.github/workflows/dependency-updates.yml b/.github/workflows/dependency-updates.yml index 1b448139..3a40363b 100644 --- a/.github/workflows/dependency-updates.yml +++ b/.github/workflows/dependency-updates.yml @@ -10,7 +10,7 @@ jobs: name: Run dependency update script runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 with: php-version: 8.4 diff --git a/.github/workflows/docker-lint.yml b/.github/workflows/docker-lint.yml index 917df1d6..b9ce68ef 100644 --- a/.github/workflows/docker-lint.yml +++ b/.github/workflows/docker-lint.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6.0.1 + uses: actions/checkout@v6.0.2 - name: Install hadolint run: | diff --git a/.github/workflows/helm-release.yml b/.github/workflows/helm-release.yml index a4f441c2..f621f229 100644 --- a/.github/workflows/helm-release.yml +++ b/.github/workflows/helm-release.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6.0.1 + uses: actions/checkout@v6.0.2 - name: Turnstyle uses: softprops/turnstyle@e565d2d86403c5d23533937e95980570545e5586 # v2 diff --git a/.github/workflows/imaginary-update.yml b/.github/workflows/imaginary-update.yml index 060b376e..7440a09f 100644 --- a/.github/workflows/imaginary-update.yml +++ b/.github/workflows/imaginary-update.yml @@ -10,7 +10,7 @@ jobs: name: update to latest imaginary commit on master branch runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - name: Run imaginary-update run: | # Imaginary diff --git a/.github/workflows/json-validator.yml b/.github/workflows/json-validator.yml index 4cbd28ed..4213296b 100644 --- a/.github/workflows/json-validator.yml +++ b/.github/workflows/json-validator.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6.0.1 + uses: actions/checkout@v6.0.2 - name: Validate Json run: | sudo apt-get update diff --git a/.github/workflows/lint-helm.yml b/.github/workflows/lint-helm.yml index 7beec865..1ea877a6 100644 --- a/.github/workflows/lint-helm.yml +++ b/.github/workflows/lint-helm.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6.0.1 + uses: actions/checkout@v6.0.2 with: fetch-depth: 0 diff --git a/.github/workflows/lint-php.yml b/.github/workflows/lint-php.yml index 0c5e2c74..12cba439 100644 --- a/.github/workflows/lint-php.yml +++ b/.github/workflows/lint-php.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v5.0.1 + uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 # v5.0.1 with: persist-credentials: false diff --git a/.github/workflows/lint-yaml.yml b/.github/workflows/lint-yaml.yml index 3bb1d33f..010077ca 100644 --- a/.github/workflows/lint-yaml.yml +++ b/.github/workflows/lint-yaml.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 # v6.0.1 with: persist-credentials: false diff --git a/.github/workflows/nextcloud-update.yml b/.github/workflows/nextcloud-update.yml index 7fe5bbf9..b96ac2b9 100644 --- a/.github/workflows/nextcloud-update.yml +++ b/.github/workflows/nextcloud-update.yml @@ -11,7 +11,7 @@ jobs: name: Run nextcloud-update script runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - name: Run nextcloud-update script run: | # Inspired by https://github.com/nextcloud/docker/blob/master/update.sh diff --git a/.github/workflows/php-deprecation-detector.yml b/.github/workflows/php-deprecation-detector.yml index c8638683..ee35830c 100644 --- a/.github/workflows/php-deprecation-detector.yml +++ b/.github/workflows/php-deprecation-detector.yml @@ -16,7 +16,7 @@ jobs: name: PHP Deprecation Detector runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - name: Set up php uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 with: diff --git a/.github/workflows/playwright-on-push.yml b/.github/workflows/playwright-on-push.yml index af8dec02..28ba7d9c 100644 --- a/.github/workflows/playwright-on-push.yml +++ b/.github/workflows/playwright-on-push.yml @@ -24,7 +24,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - uses: actions/setup-node@v6 with: diff --git a/.github/workflows/playwright-on-workflow-dispatch.yml b/.github/workflows/playwright-on-workflow-dispatch.yml index 252a6510..483811f2 100644 --- a/.github/workflows/playwright-on-workflow-dispatch.yml +++ b/.github/workflows/playwright-on-workflow-dispatch.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - uses: actions/setup-node@v6 with: diff --git a/.github/workflows/psalm-update-baseline.yml b/.github/workflows/psalm-update-baseline.yml index 1bd47ac4..14715108 100644 --- a/.github/workflows/psalm-update-baseline.yml +++ b/.github/workflows/psalm-update-baseline.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - name: Set up php uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 diff --git a/.github/workflows/psalm.yml b/.github/workflows/psalm.yml index bdae585e..cbc77bf5 100644 --- a/.github/workflows/psalm.yml +++ b/.github/workflows/psalm.yml @@ -32,7 +32,7 @@ jobs: name: static-psalm-analysis steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v5.0.1 + uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 # v5.0.1 with: persist-credentials: false diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml index 86954033..0ef69085 100644 --- a/.github/workflows/shellcheck.yml +++ b/.github/workflows/shellcheck.yml @@ -15,7 +15,7 @@ jobs: name: Check Shell runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - name: Run Shellcheck uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 # v2.0.0 with: diff --git a/.github/workflows/talk.yml b/.github/workflows/talk.yml index f28ad9f2..c1b96d24 100644 --- a/.github/workflows/talk.yml +++ b/.github/workflows/talk.yml @@ -10,7 +10,7 @@ jobs: name: update talk runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - name: Run talk-container-update run: | # Recording diff --git a/.github/workflows/twig-lint.yml b/.github/workflows/twig-lint.yml index 7e9b5cdc..3b04704d 100644 --- a/.github/workflows/twig-lint.yml +++ b/.github/workflows/twig-lint.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6.0.1 + uses: actions/checkout@v6.0.2 - name: Set up php ${{ matrix.php-versions }} uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 diff --git a/.github/workflows/update-copyright.yml b/.github/workflows/update-copyright.yml index f7960ead..95329d3c 100644 --- a/.github/workflows/update-copyright.yml +++ b/.github/workflows/update-copyright.yml @@ -8,4 +8,4 @@ jobs: name: update copyright runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 diff --git a/.github/workflows/update-helm.yml b/.github/workflows/update-helm.yml index ee8e4669..2f441735 100644 --- a/.github/workflows/update-helm.yml +++ b/.github/workflows/update-helm.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6.0.1 + uses: actions/checkout@v6.0.2 - name: update helm chart run: | set -x diff --git a/.github/workflows/update-yaml.yml b/.github/workflows/update-yaml.yml index ba92fd50..41b0adf2 100644 --- a/.github/workflows/update-yaml.yml +++ b/.github/workflows/update-yaml.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6.0.1 + uses: actions/checkout@v6.0.2 - name: update yaml files run: | sudo bash manual-install/update-yaml.sh diff --git a/.github/workflows/watchtower-update.yml b/.github/workflows/watchtower-update.yml index be929285..b26cd1a4 100644 --- a/.github/workflows/watchtower-update.yml +++ b/.github/workflows/watchtower-update.yml @@ -10,7 +10,7 @@ jobs: name: update watchtower runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - name: Run watchtower-container-update run: | # Watchtower From d2940b0dc8d3c92d9647c4faf101b4e19e37b6d1 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Sat, 24 Jan 2026 12:03:23 +0000 Subject: [PATCH 294/432] php dependency updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- php/composer.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/php/composer.lock b/php/composer.lock index 75e53dfe..30c13df6 100644 --- a/php/composer.lock +++ b/php/composer.lock @@ -1644,16 +1644,16 @@ }, { "name": "twig/twig", - "version": "v3.22.2", + "version": "v3.23.0", "source": { "type": "git", "url": "https://github.com/twigphp/Twig.git", - "reference": "946ddeafa3c9f4ce279d1f34051af041db0e16f2" + "reference": "a64dc5d2cc7d6cafb9347f6cd802d0d06d0351c9" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/twigphp/Twig/zipball/946ddeafa3c9f4ce279d1f34051af041db0e16f2", - "reference": "946ddeafa3c9f4ce279d1f34051af041db0e16f2", + "url": "https://api.github.com/repos/twigphp/Twig/zipball/a64dc5d2cc7d6cafb9347f6cd802d0d06d0351c9", + "reference": "a64dc5d2cc7d6cafb9347f6cd802d0d06d0351c9", "shasum": "" }, "require": { @@ -1707,7 +1707,7 @@ ], "support": { "issues": "https://github.com/twigphp/Twig/issues", - "source": "https://github.com/twigphp/Twig/tree/v3.22.2" + "source": "https://github.com/twigphp/Twig/tree/v3.23.0" }, "funding": [ { @@ -1719,7 +1719,7 @@ "type": "tidelift" } ], - "time": "2025-12-14T11:28:47+00:00" + "time": "2026-01-23T21:00:41+00:00" } ], "packages-dev": [ From 7e2e0d11daf517a303da09ac4906d032697220d5 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Sun, 25 Jan 2026 12:03:33 +0000 Subject: [PATCH 295/432] php dependency updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- php/composer.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/php/composer.lock b/php/composer.lock index 30c13df6..42bc1415 100644 --- a/php/composer.lock +++ b/php/composer.lock @@ -3890,16 +3890,16 @@ }, { "name": "symfony/console", - "version": "v6.4.31", + "version": "v6.4.32", "source": { "type": "git", "url": "https://github.com/symfony/console.git", - "reference": "f9f8a889f54c264f9abac3fc0f7a371ffca51997" + "reference": "0bc2199c6c1f05276b05956f1ddc63f6d7eb5fc3" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/console/zipball/f9f8a889f54c264f9abac3fc0f7a371ffca51997", - "reference": "f9f8a889f54c264f9abac3fc0f7a371ffca51997", + "url": "https://api.github.com/repos/symfony/console/zipball/0bc2199c6c1f05276b05956f1ddc63f6d7eb5fc3", + "reference": "0bc2199c6c1f05276b05956f1ddc63f6d7eb5fc3", "shasum": "" }, "require": { @@ -3964,7 +3964,7 @@ "terminal" ], "support": { - "source": "https://github.com/symfony/console/tree/v6.4.31" + "source": "https://github.com/symfony/console/tree/v6.4.32" }, "funding": [ { @@ -3984,7 +3984,7 @@ "type": "tidelift" } ], - "time": "2025-12-22T08:30:34+00:00" + "time": "2026-01-13T08:45:59+00:00" }, { "name": "symfony/filesystem", @@ -4058,16 +4058,16 @@ }, { "name": "symfony/finder", - "version": "v6.4.31", + "version": "v6.4.32", "source": { "type": "git", "url": "https://github.com/symfony/finder.git", - "reference": "5547f2e1f0ca8e2e7abe490156b62da778cfbe2b" + "reference": "3ec24885c1d9ababbb9c8f63bb42fea3c8c9b6de" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/finder/zipball/5547f2e1f0ca8e2e7abe490156b62da778cfbe2b", - "reference": "5547f2e1f0ca8e2e7abe490156b62da778cfbe2b", + "url": "https://api.github.com/repos/symfony/finder/zipball/3ec24885c1d9ababbb9c8f63bb42fea3c8c9b6de", + "reference": "3ec24885c1d9ababbb9c8f63bb42fea3c8c9b6de", "shasum": "" }, "require": { @@ -4102,7 +4102,7 @@ "description": "Finds files and directories via an intuitive fluent interface", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/finder/tree/v6.4.31" + "source": "https://github.com/symfony/finder/tree/v6.4.32" }, "funding": [ { @@ -4122,7 +4122,7 @@ "type": "tidelift" } ], - "time": "2025-12-11T14:52:17+00:00" + "time": "2026-01-10T14:09:00+00:00" }, { "name": "symfony/polyfill-intl-grapheme", @@ -4460,16 +4460,16 @@ }, { "name": "symfony/string", - "version": "v7.4.0", + "version": "v7.4.4", "source": { "type": "git", "url": "https://github.com/symfony/string.git", - "reference": "d50e862cb0a0e0886f73ca1f31b865efbb795003" + "reference": "1c4b10461bf2ec27537b5f36105337262f5f5d6f" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/string/zipball/d50e862cb0a0e0886f73ca1f31b865efbb795003", - "reference": "d50e862cb0a0e0886f73ca1f31b865efbb795003", + "url": "https://api.github.com/repos/symfony/string/zipball/1c4b10461bf2ec27537b5f36105337262f5f5d6f", + "reference": "1c4b10461bf2ec27537b5f36105337262f5f5d6f", "shasum": "" }, "require": { @@ -4527,7 +4527,7 @@ "utf8" ], "support": { - "source": "https://github.com/symfony/string/tree/v7.4.0" + "source": "https://github.com/symfony/string/tree/v7.4.4" }, "funding": [ { @@ -4547,7 +4547,7 @@ "type": "tidelift" } ], - "time": "2025-11-27T13:27:24+00:00" + "time": "2026-01-12T10:54:30+00:00" }, { "name": "vimeo/psalm", From 0df6c0a645e1a117978d70e109d676977f5dc243 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Sun, 25 Jan 2026 11:41:58 +0100 Subject: [PATCH 296/432] mastercontainer: make check for correct volume name more strict Signed-off-by: Simon L. --- Containers/mastercontainer/start.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/mastercontainer/start.sh b/Containers/mastercontainer/start.sh index ad1734f1..a65e29ae 100644 --- a/Containers/mastercontainer/start.sh +++ b/Containers/mastercontainer/start.sh @@ -166,7 +166,7 @@ elif ! sudo -E -u www-data docker volume ls --format "{{.Name}}" | grep -q "^nex print_red "It seems like you did not give the mastercontainer volume the correct name? (The 'nextcloud_aio_mastercontainer' volume was not found.) Using a different name is not supported since the built-in backup solution will not work in that case!" exit 1 -elif ! sudo -E -u www-data docker inspect nextcloud-aio-mastercontainer | grep -q "nextcloud_aio_mastercontainer"; then +elif ! sudo -E -u www-data docker inspect nextcloud-aio-mastercontainer --format '{{.Mounts}}' | grep -q " nextcloud_aio_mastercontainer "; then print_red "It seems like you did not attach the 'nextcloud_aio_mastercontainer' volume to the mastercontainer? This is not supported since the built-in backup solution will not work in that case!" exit 1 From ebe3d7ee838a7d74dd1129555ad99a80dfd0c834 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 26 Jan 2026 11:55:19 +0100 Subject: [PATCH 297/432] increase to v12.6.0 Signed-off-by: Simon L. --- php/templates/includes/aio-version.twig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/templates/includes/aio-version.twig b/php/templates/includes/aio-version.twig index b7d7205d..062985d4 100644 --- a/php/templates/includes/aio-version.twig +++ b/php/templates/includes/aio-version.twig @@ -1 +1 @@ -12.5.0 +12.6.0 From 27eae80466a43ea5e181309fb150730b0283c9a0 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Thu, 22 Jan 2026 17:50:28 +0100 Subject: [PATCH 298/432] pin all actions via commit hash Signed-off-by: Simon L. --- .github/workflows/codespell.yml | 2 +- .github/workflows/collabora.yml | 2 +- .github/workflows/community-containers.yml | 2 +- .github/workflows/dependency-updates.yml | 2 +- .github/workflows/docker-lint.yml | 2 +- .github/workflows/helm-release.yml | 2 +- .github/workflows/imaginary-update.yml | 2 +- .github/workflows/json-validator.yml | 2 +- .github/workflows/lint-helm.yml | 2 +- .github/workflows/lint-php.yml | 2 +- .github/workflows/nextcloud-update.yml | 2 +- .github/workflows/php-deprecation-detector.yml | 2 +- .github/workflows/playwright-on-push.yml | 6 +++--- .github/workflows/playwright-on-workflow-dispatch.yml | 6 +++--- .github/workflows/psalm-update-baseline.yml | 2 +- .github/workflows/psalm.yml | 2 +- .github/workflows/shellcheck.yml | 2 +- .github/workflows/talk.yml | 2 +- .github/workflows/twig-lint.yml | 2 +- .github/workflows/update-copyright.yml | 2 +- .github/workflows/update-helm.yml | 2 +- .github/workflows/update-yaml.yml | 2 +- .github/workflows/watchtower-update.yml | 2 +- zizmor.yml | 6 ++---- 24 files changed, 29 insertions(+), 31 deletions(-) diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml index 2fff5ddb..94af09c8 100644 --- a/.github/workflows/codespell.yml +++ b/.github/workflows/codespell.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@v6.0.2 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Check spelling uses: codespell-project/actions-codespell@8f01853be192eb0f849a5c7d721450e7a467c579 # v2 with: diff --git a/.github/workflows/collabora.yml b/.github/workflows/collabora.yml index abf5d520..39758f3e 100644 --- a/.github/workflows/collabora.yml +++ b/.github/workflows/collabora.yml @@ -10,7 +10,7 @@ jobs: name: update collabora runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Run collabora-profile-update run: | rm -f php/cool-seccomp-profile.json diff --git a/.github/workflows/community-containers.yml b/.github/workflows/community-containers.yml index cfe35ee0..c901358d 100644 --- a/.github/workflows/community-containers.yml +++ b/.github/workflows/community-containers.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6.0.2 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Validate structure run: | CONTAINERS="$(find ./community-containers -mindepth 1 -maxdepth 1 -type d)" diff --git a/.github/workflows/dependency-updates.yml b/.github/workflows/dependency-updates.yml index 3a40363b..66404af5 100644 --- a/.github/workflows/dependency-updates.yml +++ b/.github/workflows/dependency-updates.yml @@ -10,7 +10,7 @@ jobs: name: Run dependency update script runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 with: php-version: 8.4 diff --git a/.github/workflows/docker-lint.yml b/.github/workflows/docker-lint.yml index b9ce68ef..7a5509df 100644 --- a/.github/workflows/docker-lint.yml +++ b/.github/workflows/docker-lint.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6.0.2 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Install hadolint run: | diff --git a/.github/workflows/helm-release.yml b/.github/workflows/helm-release.yml index f621f229..528c6cd3 100644 --- a/.github/workflows/helm-release.yml +++ b/.github/workflows/helm-release.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6.0.2 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Turnstyle uses: softprops/turnstyle@e565d2d86403c5d23533937e95980570545e5586 # v2 diff --git a/.github/workflows/imaginary-update.yml b/.github/workflows/imaginary-update.yml index 7440a09f..e182b073 100644 --- a/.github/workflows/imaginary-update.yml +++ b/.github/workflows/imaginary-update.yml @@ -10,7 +10,7 @@ jobs: name: update to latest imaginary commit on master branch runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Run imaginary-update run: | # Imaginary diff --git a/.github/workflows/json-validator.yml b/.github/workflows/json-validator.yml index 4213296b..68b66812 100644 --- a/.github/workflows/json-validator.yml +++ b/.github/workflows/json-validator.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6.0.2 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Validate Json run: | sudo apt-get update diff --git a/.github/workflows/lint-helm.yml b/.github/workflows/lint-helm.yml index 1ea877a6..e65d7cdc 100644 --- a/.github/workflows/lint-helm.yml +++ b/.github/workflows/lint-helm.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6.0.2 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 diff --git a/.github/workflows/lint-php.yml b/.github/workflows/lint-php.yml index 12cba439..69c42c2b 100644 --- a/.github/workflows/lint-php.yml +++ b/.github/workflows/lint-php.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 # v5.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false diff --git a/.github/workflows/nextcloud-update.yml b/.github/workflows/nextcloud-update.yml index b96ac2b9..aaaa26eb 100644 --- a/.github/workflows/nextcloud-update.yml +++ b/.github/workflows/nextcloud-update.yml @@ -11,7 +11,7 @@ jobs: name: Run nextcloud-update script runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Run nextcloud-update script run: | # Inspired by https://github.com/nextcloud/docker/blob/master/update.sh diff --git a/.github/workflows/php-deprecation-detector.yml b/.github/workflows/php-deprecation-detector.yml index ee35830c..61ae7c0d 100644 --- a/.github/workflows/php-deprecation-detector.yml +++ b/.github/workflows/php-deprecation-detector.yml @@ -16,7 +16,7 @@ jobs: name: PHP Deprecation Detector runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Set up php uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 with: diff --git a/.github/workflows/playwright-on-push.yml b/.github/workflows/playwright-on-push.yml index 28ba7d9c..2eda156e 100644 --- a/.github/workflows/playwright-on-push.yml +++ b/.github/workflows/playwright-on-push.yml @@ -24,9 +24,9 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - - uses: actions/setup-node@v6 + - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6 with: node-version: lts/* @@ -114,7 +114,7 @@ jobs: exit 1 fi - - uses: actions/upload-artifact@v6 + - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 if: ${{ !cancelled() }} with: name: playwright-report diff --git a/.github/workflows/playwright-on-workflow-dispatch.yml b/.github/workflows/playwright-on-workflow-dispatch.yml index 483811f2..ab31c564 100644 --- a/.github/workflows/playwright-on-workflow-dispatch.yml +++ b/.github/workflows/playwright-on-workflow-dispatch.yml @@ -13,9 +13,9 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - - uses: actions/setup-node@v6 + - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6 with: node-version: lts/* @@ -82,7 +82,7 @@ jobs: exit 1 fi - - uses: actions/upload-artifact@v6 + - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 if: ${{ !cancelled() }} with: name: playwright-report diff --git a/.github/workflows/psalm-update-baseline.yml b/.github/workflows/psalm-update-baseline.yml index 14715108..45860741 100644 --- a/.github/workflows/psalm-update-baseline.yml +++ b/.github/workflows/psalm-update-baseline.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Set up php uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 diff --git a/.github/workflows/psalm.yml b/.github/workflows/psalm.yml index cbc77bf5..47a6994c 100644 --- a/.github/workflows/psalm.yml +++ b/.github/workflows/psalm.yml @@ -32,7 +32,7 @@ jobs: name: static-psalm-analysis steps: - name: Checkout - uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 # v5.0.1 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml index 0ef69085..8b746c05 100644 --- a/.github/workflows/shellcheck.yml +++ b/.github/workflows/shellcheck.yml @@ -15,7 +15,7 @@ jobs: name: Check Shell runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Run Shellcheck uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 # v2.0.0 with: diff --git a/.github/workflows/talk.yml b/.github/workflows/talk.yml index c1b96d24..6057ed1a 100644 --- a/.github/workflows/talk.yml +++ b/.github/workflows/talk.yml @@ -10,7 +10,7 @@ jobs: name: update talk runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Run talk-container-update run: | # Recording diff --git a/.github/workflows/twig-lint.yml b/.github/workflows/twig-lint.yml index 3b04704d..07e6549b 100644 --- a/.github/workflows/twig-lint.yml +++ b/.github/workflows/twig-lint.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6.0.2 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Set up php ${{ matrix.php-versions }} uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 diff --git a/.github/workflows/update-copyright.yml b/.github/workflows/update-copyright.yml index 95329d3c..f453a05c 100644 --- a/.github/workflows/update-copyright.yml +++ b/.github/workflows/update-copyright.yml @@ -8,4 +8,4 @@ jobs: name: update copyright runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 diff --git a/.github/workflows/update-helm.yml b/.github/workflows/update-helm.yml index 2f441735..69974d3a 100644 --- a/.github/workflows/update-helm.yml +++ b/.github/workflows/update-helm.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6.0.2 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: update helm chart run: | set -x diff --git a/.github/workflows/update-yaml.yml b/.github/workflows/update-yaml.yml index 41b0adf2..41a54a41 100644 --- a/.github/workflows/update-yaml.yml +++ b/.github/workflows/update-yaml.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6.0.2 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: update yaml files run: | sudo bash manual-install/update-yaml.sh diff --git a/.github/workflows/watchtower-update.yml b/.github/workflows/watchtower-update.yml index b26cd1a4..34938de0 100644 --- a/.github/workflows/watchtower-update.yml +++ b/.github/workflows/watchtower-update.yml @@ -10,7 +10,7 @@ jobs: name: update watchtower runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Run watchtower-container-update run: | # Watchtower diff --git a/zizmor.yml b/zizmor.yml index a991eaa5..7601baa4 100644 --- a/zizmor.yml +++ b/zizmor.yml @@ -4,7 +4,5 @@ rules: dangerous-triggers: ignore: - build_images.yml - unpinned-uses: - config: - policies: - actions/*: ref-pin + artipacked: + disable: true From 3e6deb8802848222f3a00b38b101464d3afc922e Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Mon, 26 Jan 2026 12:04:00 +0000 Subject: [PATCH 299/432] php dependency updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- php/composer.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/php/composer.lock b/php/composer.lock index 42bc1415..ee344d52 100644 --- a/php/composer.lock +++ b/php/composer.lock @@ -3578,16 +3578,16 @@ }, { "name": "phpstan/phpdoc-parser", - "version": "2.3.1", + "version": "2.3.2", "source": { "type": "git", "url": "https://github.com/phpstan/phpdoc-parser.git", - "reference": "16dbf9937da8d4528ceb2145c9c7c0bd29e26374" + "reference": "a004701b11273a26cd7955a61d67a7f1e525a45a" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpdoc-parser/zipball/16dbf9937da8d4528ceb2145c9c7c0bd29e26374", - "reference": "16dbf9937da8d4528ceb2145c9c7c0bd29e26374", + "url": "https://api.github.com/repos/phpstan/phpdoc-parser/zipball/a004701b11273a26cd7955a61d67a7f1e525a45a", + "reference": "a004701b11273a26cd7955a61d67a7f1e525a45a", "shasum": "" }, "require": { @@ -3619,9 +3619,9 @@ "description": "PHPDoc parser with support for nullable, intersection and generic types", "support": { "issues": "https://github.com/phpstan/phpdoc-parser/issues", - "source": "https://github.com/phpstan/phpdoc-parser/tree/2.3.1" + "source": "https://github.com/phpstan/phpdoc-parser/tree/2.3.2" }, - "time": "2026-01-12T11:33:04+00:00" + "time": "2026-01-25T14:56:51+00:00" }, { "name": "revolt/event-loop", From 3f85f10bfb7e0cf913b94365209a09edd13b0cf1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 26 Jan 2026 13:08:44 +0000 Subject: [PATCH 300/432] build(deps): bump actions/checkout in /.github/workflows Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.1 to 6.0.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v6.0.1...de0fac2e4500dabe0009e67214ff5f5447ce83dd) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/codespell.yml | 2 +- .github/workflows/collabora.yml | 2 +- .github/workflows/community-containers.yml | 2 +- .github/workflows/dependency-updates.yml | 2 +- .github/workflows/docker-lint.yml | 2 +- .github/workflows/helm-release.yml | 2 +- .github/workflows/imaginary-update.yml | 2 +- .github/workflows/json-validator.yml | 2 +- .github/workflows/lint-helm.yml | 2 +- .github/workflows/lint-php.yml | 2 +- .github/workflows/lint-yaml.yml | 2 +- .github/workflows/nextcloud-update.yml | 2 +- .github/workflows/php-deprecation-detector.yml | 2 +- .github/workflows/playwright-on-push.yml | 2 +- .github/workflows/playwright-on-workflow-dispatch.yml | 2 +- .github/workflows/psalm-update-baseline.yml | 2 +- .github/workflows/psalm.yml | 2 +- .github/workflows/shellcheck.yml | 2 +- .github/workflows/talk.yml | 2 +- .github/workflows/twig-lint.yml | 2 +- .github/workflows/update-copyright.yml | 2 +- .github/workflows/update-helm.yml | 2 +- .github/workflows/update-yaml.yml | 2 +- .github/workflows/watchtower-update.yml | 2 +- 24 files changed, 24 insertions(+), 24 deletions(-) diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml index 94af09c8..475940a9 100644 --- a/.github/workflows/codespell.yml +++ b/.github/workflows/codespell.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Check spelling uses: codespell-project/actions-codespell@8f01853be192eb0f849a5c7d721450e7a467c579 # v2 with: diff --git a/.github/workflows/collabora.yml b/.github/workflows/collabora.yml index 39758f3e..81ea8ff1 100644 --- a/.github/workflows/collabora.yml +++ b/.github/workflows/collabora.yml @@ -10,7 +10,7 @@ jobs: name: update collabora runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Run collabora-profile-update run: | rm -f php/cool-seccomp-profile.json diff --git a/.github/workflows/community-containers.yml b/.github/workflows/community-containers.yml index c901358d..5271bfa8 100644 --- a/.github/workflows/community-containers.yml +++ b/.github/workflows/community-containers.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Validate structure run: | CONTAINERS="$(find ./community-containers -mindepth 1 -maxdepth 1 -type d)" diff --git a/.github/workflows/dependency-updates.yml b/.github/workflows/dependency-updates.yml index 66404af5..7bdc5d1a 100644 --- a/.github/workflows/dependency-updates.yml +++ b/.github/workflows/dependency-updates.yml @@ -10,7 +10,7 @@ jobs: name: Run dependency update script runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 with: php-version: 8.4 diff --git a/.github/workflows/docker-lint.yml b/.github/workflows/docker-lint.yml index 7a5509df..3f09bb98 100644 --- a/.github/workflows/docker-lint.yml +++ b/.github/workflows/docker-lint.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Install hadolint run: | diff --git a/.github/workflows/helm-release.yml b/.github/workflows/helm-release.yml index 528c6cd3..ba3b865d 100644 --- a/.github/workflows/helm-release.yml +++ b/.github/workflows/helm-release.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Turnstyle uses: softprops/turnstyle@e565d2d86403c5d23533937e95980570545e5586 # v2 diff --git a/.github/workflows/imaginary-update.yml b/.github/workflows/imaginary-update.yml index e182b073..171fb132 100644 --- a/.github/workflows/imaginary-update.yml +++ b/.github/workflows/imaginary-update.yml @@ -10,7 +10,7 @@ jobs: name: update to latest imaginary commit on master branch runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Run imaginary-update run: | # Imaginary diff --git a/.github/workflows/json-validator.yml b/.github/workflows/json-validator.yml index 68b66812..8c0a7f45 100644 --- a/.github/workflows/json-validator.yml +++ b/.github/workflows/json-validator.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Validate Json run: | sudo apt-get update diff --git a/.github/workflows/lint-helm.yml b/.github/workflows/lint-helm.yml index e65d7cdc..61e51450 100644 --- a/.github/workflows/lint-helm.yml +++ b/.github/workflows/lint-helm.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 diff --git a/.github/workflows/lint-php.yml b/.github/workflows/lint-php.yml index 69c42c2b..c0d2d577 100644 --- a/.github/workflows/lint-php.yml +++ b/.github/workflows/lint-php.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false diff --git a/.github/workflows/lint-yaml.yml b/.github/workflows/lint-yaml.yml index 010077ca..e36b8f4c 100644 --- a/.github/workflows/lint-yaml.yml +++ b/.github/workflows/lint-yaml.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.1 with: persist-credentials: false diff --git a/.github/workflows/nextcloud-update.yml b/.github/workflows/nextcloud-update.yml index aaaa26eb..5b420c20 100644 --- a/.github/workflows/nextcloud-update.yml +++ b/.github/workflows/nextcloud-update.yml @@ -11,7 +11,7 @@ jobs: name: Run nextcloud-update script runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Run nextcloud-update script run: | # Inspired by https://github.com/nextcloud/docker/blob/master/update.sh diff --git a/.github/workflows/php-deprecation-detector.yml b/.github/workflows/php-deprecation-detector.yml index 61ae7c0d..38b0fa8d 100644 --- a/.github/workflows/php-deprecation-detector.yml +++ b/.github/workflows/php-deprecation-detector.yml @@ -16,7 +16,7 @@ jobs: name: PHP Deprecation Detector runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up php uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 with: diff --git a/.github/workflows/playwright-on-push.yml b/.github/workflows/playwright-on-push.yml index 2eda156e..40277e57 100644 --- a/.github/workflows/playwright-on-push.yml +++ b/.github/workflows/playwright-on-push.yml @@ -24,7 +24,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6 with: diff --git a/.github/workflows/playwright-on-workflow-dispatch.yml b/.github/workflows/playwright-on-workflow-dispatch.yml index ab31c564..6d2f6d32 100644 --- a/.github/workflows/playwright-on-workflow-dispatch.yml +++ b/.github/workflows/playwright-on-workflow-dispatch.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6 with: diff --git a/.github/workflows/psalm-update-baseline.yml b/.github/workflows/psalm-update-baseline.yml index 45860741..0c2f8aee 100644 --- a/.github/workflows/psalm-update-baseline.yml +++ b/.github/workflows/psalm-update-baseline.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up php uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 diff --git a/.github/workflows/psalm.yml b/.github/workflows/psalm.yml index 47a6994c..2bab876e 100644 --- a/.github/workflows/psalm.yml +++ b/.github/workflows/psalm.yml @@ -32,7 +32,7 @@ jobs: name: static-psalm-analysis steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml index 8b746c05..b051c355 100644 --- a/.github/workflows/shellcheck.yml +++ b/.github/workflows/shellcheck.yml @@ -15,7 +15,7 @@ jobs: name: Check Shell runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Run Shellcheck uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 # v2.0.0 with: diff --git a/.github/workflows/talk.yml b/.github/workflows/talk.yml index 6057ed1a..28f9fef7 100644 --- a/.github/workflows/talk.yml +++ b/.github/workflows/talk.yml @@ -10,7 +10,7 @@ jobs: name: update talk runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Run talk-container-update run: | # Recording diff --git a/.github/workflows/twig-lint.yml b/.github/workflows/twig-lint.yml index 07e6549b..27b8776d 100644 --- a/.github/workflows/twig-lint.yml +++ b/.github/workflows/twig-lint.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up php ${{ matrix.php-versions }} uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 diff --git a/.github/workflows/update-copyright.yml b/.github/workflows/update-copyright.yml index f453a05c..103851c9 100644 --- a/.github/workflows/update-copyright.yml +++ b/.github/workflows/update-copyright.yml @@ -8,4 +8,4 @@ jobs: name: update copyright runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 diff --git a/.github/workflows/update-helm.yml b/.github/workflows/update-helm.yml index 69974d3a..2dcd2e73 100644 --- a/.github/workflows/update-helm.yml +++ b/.github/workflows/update-helm.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: update helm chart run: | set -x diff --git a/.github/workflows/update-yaml.yml b/.github/workflows/update-yaml.yml index 41a54a41..a60ea1c6 100644 --- a/.github/workflows/update-yaml.yml +++ b/.github/workflows/update-yaml.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: update yaml files run: | sudo bash manual-install/update-yaml.sh diff --git a/.github/workflows/watchtower-update.yml b/.github/workflows/watchtower-update.yml index 34938de0..c04657be 100644 --- a/.github/workflows/watchtower-update.yml +++ b/.github/workflows/watchtower-update.yml @@ -10,7 +10,7 @@ jobs: name: update watchtower runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Run watchtower-container-update run: | # Watchtower From 59e0776808f377244484d2ed59d499d484e7960c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 27 Jan 2026 04:06:09 +0000 Subject: [PATCH 301/432] build(deps): bump docker in /Containers/mastercontainer Bumps docker from 29.1.5-cli to 29.2.0-cli. --- updated-dependencies: - dependency-name: docker dependency-version: 29.2.0-cli dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Containers/mastercontainer/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile index 2fea59d1..f3079ca7 100644 --- a/Containers/mastercontainer/Dockerfile +++ b/Containers/mastercontainer/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Docker CLI is a requirement -FROM docker:29.1.5-cli AS docker +FROM docker:29.2.0-cli AS docker # Caddy is a requirement FROM caddy:2.10.2-alpine AS caddy From 0213d8e548066624e202a387d01ca3f65791ae53 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 28 Jan 2026 04:08:45 +0000 Subject: [PATCH 302/432] build(deps): bump nats in /Containers/talk Bumps nats from 2.12.3-scratch to 2.12.4-scratch. --- updated-dependencies: - dependency-name: nats dependency-version: 2.12.4-scratch dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/talk/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/talk/Dockerfile b/Containers/talk/Dockerfile index fb78f943..fc8cc54a 100644 --- a/Containers/talk/Dockerfile +++ b/Containers/talk/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM nats:2.12.3-scratch AS nats +FROM nats:2.12.4-scratch AS nats FROM eturnal/eturnal:1.12.2-alpine AS eturnal FROM strukturag/nextcloud-spreed-signaling:2.0.4 AS signaling FROM alpine:3.23.2 AS janus From 3f4eecaa9654c5c88c5b2fc5b24f40352f9236c3 Mon Sep 17 00:00:00 2001 From: Julius Knorr Date: Wed, 28 Jan 2026 09:53:53 +0100 Subject: [PATCH 303/432] feat: Add office switcher with feature comparison (#7421) Signed-off-by: Julius Knorr Signed-off-by: Simon L. Signed-off-by: Andrew Backhouse Co-authored-by: Simon L. Co-authored-by: Andrew Backhouse --- php/public/containers-form-submit.js | 58 ++++++- php/public/disable-collabora.js | 2 +- php/public/disable-onlyoffice.js | 6 +- php/public/style.css | 163 +++++++++++++++++- .../Controller/ConfigurationController.php | 24 +-- php/templates/containers.twig | 2 +- .../includes/optional-containers.twig | 134 ++++++++++---- php/templates/layout.twig | 2 +- php/tests/tests/initial-setup.spec.js | 6 +- 9 files changed, 338 insertions(+), 59 deletions(-) diff --git a/php/public/containers-form-submit.js b/php/public/containers-form-submit.js index b7ffd2d8..1382bced 100644 --- a/php/public/containers-form-submit.js +++ b/php/public/containers-form-submit.js @@ -1,7 +1,9 @@ document.addEventListener("DOMContentLoaded", function () { // Hide submit button initially - const optionsFormSubmit = document.getElementById("options-form-submit"); - optionsFormSubmit.style.display = 'none'; + const optionsFormSubmit = document.querySelectorAll(".options-form-submit"); + optionsFormSubmit.forEach(element => { + element.style.display = 'none'; + }); const communityFormSubmit = document.getElementById("community-form-submit"); communityFormSubmit.style.display = 'none'; @@ -12,6 +14,14 @@ document.addEventListener("DOMContentLoaded", function () { const optionsContainersCheckboxes = document.querySelectorAll("#options-form input[type='checkbox']"); const communityContainersCheckboxes = document.querySelectorAll("#community-form input[type='checkbox']"); + // Office suite radio buttons + const collaboraRadio = document.getElementById('office-collabora'); + const onlyofficeRadio = document.getElementById('office-onlyoffice'); + const noneRadio = document.getElementById('office-none'); + const collaboraHidden = document.getElementById('collabora'); + const onlyofficeHidden = document.getElementById('onlyoffice'); + let initialOfficeSelection = null; + optionsContainersCheckboxes.forEach(checkbox => { initialStateOptionsContainers[checkbox.id] = checkbox.checked; // Use checked property to capture actual initial state }); @@ -20,6 +30,17 @@ document.addEventListener("DOMContentLoaded", function () { initialStateCommunityContainers[checkbox.id] = checkbox.checked; // Use checked property to capture actual initial state }); + // Store initial office suite selection + if (collaboraRadio && onlyofficeRadio && noneRadio) { + if (collaboraRadio.checked) { + initialOfficeSelection = 'collabora'; + } else if (onlyofficeRadio.checked) { + initialOfficeSelection = 'onlyoffice'; + } else { + initialOfficeSelection = 'none'; + } + } + // Function to compare current states to initial states function checkForOptionContainerChanges() { let hasChanges = false; @@ -30,8 +51,32 @@ document.addEventListener("DOMContentLoaded", function () { } }); + // Check office suite changes and sync to hidden inputs + if (collaboraRadio && onlyofficeRadio && noneRadio && collaboraHidden && onlyofficeHidden) { + let currentOfficeSelection = null; + if (collaboraRadio.checked) { + currentOfficeSelection = 'collabora'; + collaboraHidden.value = 'on'; + onlyofficeHidden.value = ''; + } else if (onlyofficeRadio.checked) { + currentOfficeSelection = 'onlyoffice'; + collaboraHidden.value = ''; + onlyofficeHidden.value = 'on'; + } else { + currentOfficeSelection = 'none'; + collaboraHidden.value = ''; + onlyofficeHidden.value = ''; + } + + if (currentOfficeSelection !== initialOfficeSelection) { + hasChanges = true; + } + } + // Show or hide submit button based on changes - optionsFormSubmit.style.display = hasChanges ? 'block' : 'none'; + optionsFormSubmit.forEach(element => { + element.style.display = hasChanges ? 'block' : 'none'; + }); } // Function to compare current states to initial states @@ -82,6 +127,13 @@ document.addEventListener("DOMContentLoaded", function () { // Initialize talk-recording visibility on page load handleTalkVisibility(); // Ensure talk-recording is correctly initialized + // Add event listeners for office suite radio buttons + if (collaboraRadio && onlyofficeRadio && noneRadio) { + collaboraRadio.addEventListener('change', checkForOptionContainerChanges); + onlyofficeRadio.addEventListener('change', checkForOptionContainerChanges); + noneRadio.addEventListener('change', checkForOptionContainerChanges); + } + // Initial call to check for changes checkForOptionContainerChanges(); checkForCommunityContainerChanges(); diff --git a/php/public/disable-collabora.js b/php/public/disable-collabora.js index 3064ef51..762252ce 100644 --- a/php/public/disable-collabora.js +++ b/php/public/disable-collabora.js @@ -1,5 +1,5 @@ document.addEventListener("DOMContentLoaded", function(event) { // Collabora - let collabora = document.getElementById("collabora"); + const collabora = document.getElementById("office-collabora"); collabora.disabled = true; }); \ No newline at end of file diff --git a/php/public/disable-onlyoffice.js b/php/public/disable-onlyoffice.js index 83482339..c660bd9d 100644 --- a/php/public/disable-onlyoffice.js +++ b/php/public/disable-onlyoffice.js @@ -1,7 +1,5 @@ document.addEventListener("DOMContentLoaded", function(event) { // OnlyOffice - let onlyoffice = document.getElementById("onlyoffice"); - if (onlyoffice) { - onlyoffice.disabled = true; - } + const onlyoffice = document.getElementById("office-onlyoffice"); + onlyoffice.disabled = true; }); \ No newline at end of file diff --git a/php/public/style.css b/php/public/style.css index b4d5f8a5..b35883d0 100644 --- a/php/public/style.css +++ b/php/public/style.css @@ -28,7 +28,7 @@ --border-radius-large: 12px; --default-font-size: 13px; --checkbox-size: 16px; - --max-width: 500px; + --max-width: 580px; --container-top-margin: 20px; --container-bottom-margin: 20px; --container-padding: 2px; @@ -37,9 +37,9 @@ --main-padding: 50px; } -/* Breakpoint calculation: 500px (max-width) + 100px (main-padding * 2) + 200px (additional space) = 800px +/* Breakpoint calculation: 580px (max-width) + 100px (main-padding * 2) + 200px (additional space) = 880px Note: Unfortunately, it's not possible to calculate this dynamically using CSS variables in media queries */ -@media only screen and (max-width: 800px) { +@media only screen and (max-width: 880px) { :root { --container-top-margin: 50px; --container-bottom-margin: 0px; @@ -549,3 +549,160 @@ input[type="checkbox"]:disabled:not(:checked) + label { #theme-toggle:not(:hover) #theme-icon { opacity: 0.6; /* Slightly transparent */ } +/* Office Suite Feature Cards */ +.office-suite-cards { + display: grid; + grid-template-columns: repeat(auto-fit, minmax(220px, 1fr)); + gap: 16px; + margin: 20px 0; + align-items: stretch; +} + +.office-radio { + display: none; +} + +.office-card { + position: relative; + border: 2px solid var(--color-border-maxcontrast); + border-radius: var(--border-radius-large); + padding: 20px; + cursor: pointer; + transition: all 0.3s ease; + background-color: var(--color-main-background); + display: flex; + flex-direction: column; +} + +.office-card-disabled { + opacity: 50%; + pointer-events: none; +} + +.office-card:hover { + border-color: var(--color-primary-element); + box-shadow: 0 4px 12px rgba(0, 130, 201, 0.15); + transform: translateY(-2px); +} + +#office-collabora:checked + .office-card, +#office-onlyoffice:checked + .office-card { + border-color: var(--color-nextcloud-blue); + background: linear-gradient(135deg, rgba(0, 130, 201, 0.08) 0%, rgba(0, 130, 201, 0.02) 100%); +} + +[data-theme="dark"] #office-collabora:checked + .office-card, +[data-theme="dark"] #office-onlyoffice:checked + .office-card { + background: linear-gradient(135deg, rgba(0, 145, 242, 0.15) 0%, rgba(0, 145, 242, 0.03) 100%); +} + +.office-card-header { + display: flex; + justify-content: space-between; + align-items: center; + margin-bottom: 16px; +} + +.office-card h4 { + margin: 0; + height: 24px; + font-size: 18px; + font-weight: 600; + color: var(--color-main-text); +} + +.office-checkmark { + flex-shrink: 0; + display: none; +} + +#office-collabora:checked + .office-card .office-checkmark, +#office-onlyoffice:checked + .office-card .office-checkmark { + display: block; +} + +.office-features { + list-style: none; + padding: 0; + margin: 0; +} + +.office-features li { + position: relative; + padding-left: 20px; + margin-bottom: 4px; + font-size: var(--default-font-size); + line-height: 1.5; + color: var(--color-main-text); +} + +.office-features li::before { + content: '•'; + position: absolute; + left: 6px; + color: var(--color-nextcloud-blue); + font-weight: bold; +} + +.office-checkbox { + position: absolute; + opacity: 0; + pointer-events: none; +} + +.office-learn-more { + display: inline-flex; + align-items: center; + margin-top: 12px; + color: var(--color-primary-element); + text-decoration: none; + font-size: var(--default-font-size); + font-weight: 500; + transition: color 0.2s ease; +} + +.office-learn-more:hover { + color: var(--color-primary-element-hover); +} + +.office-learn-more svg { + transition: transform 0.2s ease; +} + +.office-learn-more:hover svg { + transform: translateX(3px); +} + +.office-none-card { + text-align: center; + margin: 12px 0 20px 0; +} + +.office-none-label { + display: inline-flex; + align-items: center; + font-size: 13px; + color: var(--color-primary-element); + cursor: pointer; + opacity: 0.7; + transition: opacity 0.2s ease; + padding: 8px 12px; + border-radius: var(--border-radius); +} + +.office-none-label:hover { + opacity: 1; + background-color: var(--color-primary-element-light); +} + +#office-none:checked + .office-none-label { + opacity: 1; + font-weight: 600; +} + +/* Responsive adjustments for mobile */ +@media only screen and (max-width: 800px) { + .office-suite-cards { + grid-template-columns: 1fr; + } +} \ No newline at end of file diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index 45586f9c..b449db6a 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -76,24 +76,24 @@ readonly class ConfigurationController { } if (isset($request->getParsedBody()['options-form'])) { - if (isset($request->getParsedBody()['collabora']) && isset($request->getParsedBody()['onlyoffice'])) { - throw new InvalidSettingConfigurationException("Collabora and Onlyoffice are not allowed to be enabled at the same time!"); + $officeSuiteChoice = $request->getParsedBody()['office_suite_choice'] ?? ''; + + if ($officeSuiteChoice === 'collabora') { + $this->configurationManager->SetCollaboraEnabledState(1); + $this->configurationManager->SetOnlyofficeEnabledState(0); + } elseif ($officeSuiteChoice === 'onlyoffice') { + $this->configurationManager->SetCollaboraEnabledState(0); + $this->configurationManager->SetOnlyofficeEnabledState(1); + } else { + $this->configurationManager->SetCollaboraEnabledState(0); + $this->configurationManager->SetOnlyofficeEnabledState(0); } + if (isset($request->getParsedBody()['clamav'])) { $this->configurationManager->SetClamavEnabledState(1); } else { $this->configurationManager->SetClamavEnabledState(0); } - if (isset($request->getParsedBody()['onlyoffice'])) { - $this->configurationManager->SetOnlyofficeEnabledState(1); - } else { - $this->configurationManager->SetOnlyofficeEnabledState(0); - } - if (isset($request->getParsedBody()['collabora'])) { - $this->configurationManager->SetCollaboraEnabledState(1); - } else { - $this->configurationManager->SetCollaboraEnabledState(0); - } if (isset($request->getParsedBody()['talk'])) { $this->configurationManager->SetTalkEnabledState(1); } else { diff --git a/php/templates/containers.twig b/php/templates/containers.twig index 2f722768..8e437bc2 100644 --- a/php/templates/containers.twig +++ b/php/templates/containers.twig @@ -27,7 +27,7 @@ {# js for optional containers and additional containers forms #} - + {% set hasBackupLocation = borg_backup_host_location or borg_remote_repo %} {% set isAnyRunning = false %} diff --git a/php/templates/includes/optional-containers.twig b/php/templates/includes/optional-containers.twig index b4764592..dcf59bfb 100644 --- a/php/templates/includes/optional-containers.twig +++ b/php/templates/includes/optional-containers.twig @@ -9,6 +9,105 @@ +

    Office Suite

    + {% if isAnyRunning == false %} +

    Choose your preferred office suite. Only one can be enabled at a time.

    + {% endif %} +
    + + + + + + +
    + {% if isAnyRunning == false %} +
    + + +
    + {% endif %} + +

    Additional Optional Containers

    -

    - - -

    -

    - - -

    +

    - +

    Minimal system requirements: When any optional container is enabled, at least 2GB RAM, a dual-core CPU and 40GB system storage are required. When enabling ClamAV, Nextcloud Talk Recording-server or Fulltextsearch, at least 3GB RAM are required. For Talk Recording-server additional 2 vCPUs are required. When enabling everything, at least 5GB RAM and a quad-core CPU are required. Recommended are at least 1GB more RAM than the minimal requirement. For further advice and recommendations see this documentation

    {% if isAnyRunning == true %} - - + + diff --git a/php/templates/layout.twig b/php/templates/layout.twig index 4d842e3d..79c615d9 100644 --- a/php/templates/layout.twig +++ b/php/templates/layout.twig @@ -1,7 +1,7 @@ AIO - + diff --git a/php/tests/tests/initial-setup.spec.js b/php/tests/tests/initial-setup.spec.js index c88cd8e3..1f21f011 100644 --- a/php/tests/tests/initial-setup.spec.js +++ b/php/tests/tests/initial-setup.spec.js @@ -32,12 +32,12 @@ test('Initial setup', async ({ page: setupPage }) => { await containersPage.locator('#talk').uncheck(); await containersPage.getByRole('checkbox', { name: 'Whiteboard' }).uncheck(); await containersPage.getByRole('checkbox', { name: 'Imaginary' }).uncheck(); - await containersPage.getByRole('checkbox', { name: 'Collabora' }).uncheck(); - await containersPage.getByRole('button', { name: 'Save changes' }).click(); + await containersPage.getByText('Disable office suite').click(); + await containersPage.getByRole('button', { name: 'Save changes' }).last().click(); await expect(containersPage.locator('#talk')).not.toBeChecked() await expect(containersPage.getByRole('checkbox', { name: 'Whiteboard' })).not.toBeChecked() await expect(containersPage.getByRole('checkbox', { name: 'Imaginary' })).not.toBeChecked() - await expect(containersPage.getByRole('checkbox', { name: 'Collabora' })).not.toBeChecked() + await expect(containersPage.locator('#office-none')).toBeChecked() // Reject invalid time zones await containersPage.locator('#timezone').click(); From 0b6c0733ab996a3141b0afebb794f40c5c290cfe Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Wed, 7 Jan 2026 17:29:24 +0100 Subject: [PATCH 304/432] Cache config, introduce get() and set() helpers to guide new way to set attributes Use cached config, use set() for single attributes, setMultiple to wrap multiple calls to set() Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 50 ++++++++++++++++++++++++--- 1 file changed, 45 insertions(+), 5 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 320bc477..3b09c5b3 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -9,15 +9,19 @@ class ConfigurationManager { private array $secrets = []; + private array $config = []; + + private bool $noWrite = false; + public function GetConfig() : array { - if(file_exists(DataConst::GetConfigFile())) + if ($this->config === [] && file_exists(DataConst::GetConfigFile())) { $configContent = (string)file_get_contents(DataConst::GetConfigFile()); - return json_decode($configContent, true, 512, JSON_THROW_ON_ERROR); + $this->config = json_decode($configContent, true, 512, JSON_THROW_ON_ERROR); } - return []; + return $this->config; } public function GetPassword() : string { @@ -34,6 +38,34 @@ class ConfigurationManager $this->WriteConfig($config); } + private function get(string $key, mixed $fallbackValue = null) : mixed { + return $this->GetConfig()[$key] ?? $fallbackValue; + } + + private function set(string $key, mixed $value) : void { + $this->GetConfig(); + $this->config[$key] = $value; + // Only write if this isn't called via setMultiple(). + if ($this->noWrite !== true) { + $this->WriteConfig(); + } + } + + /** + * This allows to assign multiple attributes without saving the config to disk in between (as would + * calling set() do). + */ + public function setMultiple(\Closure $closure) : void { + $this->noWrite = true; + try { + $this->GetConfig(); + $closure($this); + $this->WriteConfig(); + } finally { + $this->noWrite = false; + } + } + public function GetAndGenerateSecret(string $secretId) : string { if ($secretId === '') { return ''; @@ -599,17 +631,25 @@ class ConfigurationManager /** * @throws InvalidSettingConfigurationException */ - public function WriteConfig(array $config) : void { + public function WriteConfig(?array $config) : void { + if ($config) { + $this->config = $config; + } if(!is_dir(DataConst::GetDataDirectory())) { throw new InvalidSettingConfigurationException(DataConst::GetDataDirectory() . " does not exist! Something was set up falsely!"); } + // Shouldn't happen, but as a precaution we won't write an empty config to disk. + if ($this->config === []) { + return; + } $df = disk_free_space(DataConst::GetDataDirectory()); - $content = json_encode($config, JSON_UNESCAPED_SLASHES|JSON_PRETTY_PRINT|JSON_THROW_ON_ERROR); + $content = json_encode($this->config, JSON_UNESCAPED_SLASHES|JSON_PRETTY_PRINT|JSON_THROW_ON_ERROR); $size = strlen($content) + 10240; if ($df !== false && (int)$df < $size) { throw new InvalidSettingConfigurationException(DataConst::GetDataDirectory() . " does not have enough space for writing the config file! Not writing it back!"); } file_put_contents(DataConst::GetConfigFile(), $content); + $this->config = []; } private function GetEnvironmentalVariableOrConfig(string $envVariableName, string $configName, string $defaultValue) : string { From 21b14a4a5df379f7ed457f9185faf94323c737fb Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 11:43:43 +0100 Subject: [PATCH 305/432] Adapt GetEnvironmentalVariableOrConfig() to get() and set() Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 3b09c5b3..0ee4bae2 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -654,23 +654,21 @@ class ConfigurationManager private function GetEnvironmentalVariableOrConfig(string $envVariableName, string $configName, string $defaultValue) : string { $envVariableOutput = getenv($envVariableName); + $configValue = $this->get($configName, ''); if ($envVariableOutput === false) { - $config = $this->GetConfig(); - if (!isset($config[$configName]) || $config[$configName] === '') { - $config[$configName] = $defaultValue; + if ($configValue === '') { + $this->set($configName, $defaultValue); + return $defaultValue; } - return $config[$configName]; + return $configValue; } - if(file_exists(DataConst::GetConfigFile())) { - $config = $this->GetConfig(); - if (!isset($config[$configName])) { - $config[$configName] = ''; - } - if ($envVariableOutput !== $config[$configName]) { - $config[$configName] = $envVariableOutput; - $this->WriteConfig($config); + + if (file_exists(DataConst::GetConfigFile())) { + if ($envVariableOutput !== $configValue) { + $this->set($configName, $envVariableOutput); } } + return $envVariableOutput; } From a9b648e18fcfd6bd973b13c2dbca19b2260054d8 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Tue, 20 Jan 2026 18:22:40 +0100 Subject: [PATCH 306/432] Adapt GetAndGenerateSecret() to get() and set() Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 0ee4bae2..27a98d03 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -71,17 +71,17 @@ class ConfigurationManager return ''; } - $config = $this->GetConfig(); - if(!isset($config['secrets'][$secretId])) { - $config['secrets'][$secretId] = bin2hex(random_bytes(24)); - $this->WriteConfig($config); + $secrets = $this->get('secrets', []); + if (!isset($secrets[$secretId])) { + $secrets[$secretId] = bin2hex(random_bytes(24)); + $this->set('secrets', $secrets); } if ($secretId === 'BORGBACKUP_PASSWORD' && !file_exists(DataConst::GetBackupSecretFile())) { - $this->DoubleSafeBackupSecret($config['secrets'][$secretId]); + $this->DoubleSafeBackupSecret($secrets[$secretId]); } - return $config['secrets'][$secretId]; + return $secrets[$secretId]; } public function GetRegisteredSecret(string $secretId) : string { From b2f992d955d26c10bba639bae89ff4156a74899c Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 12:37:36 +0100 Subject: [PATCH 307/432] Make `AIO_TOKEN` an attribute Signed-off-by: Pablo Zmdl --- php/src/Auth/AuthManager.php | 2 +- php/src/Controller/DockerController.php | 5 +---- php/src/Data/ConfigurationManager.php | 9 +++++---- php/src/Docker/DockerActionManager.php | 2 +- 4 files changed, 8 insertions(+), 10 deletions(-) diff --git a/php/src/Auth/AuthManager.php b/php/src/Auth/AuthManager.php index 925ff89f..b4533c1e 100644 --- a/php/src/Auth/AuthManager.php +++ b/php/src/Auth/AuthManager.php @@ -19,7 +19,7 @@ readonly class AuthManager { } public function CheckToken(string $token) : bool { - return hash_equals($this->configurationManager->GetToken(), $token); + return hash_equals($this->configurationManager->AIO_TOKEN, $token); } public function SetAuthState(bool $isLoggedIn) : void { diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index a924e61f..ab10d3c6 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -213,10 +213,7 @@ readonly class DockerController { } public function startTopContainer(bool $pullImage) : void { - $config = $this->configurationManager->GetConfig(); - // set AIO_TOKEN - $config['AIO_TOKEN'] = bin2hex(random_bytes(24)); - $this->configurationManager->WriteConfig($config); + $this->configurationManager->AIO_TOKEN = bin2hex(random_bytes(24)); // Stop domaincheck since apache would not be able to start otherwise $this->StopDomaincheckContainer(); diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 27a98d03..6b80c71b 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -13,6 +13,11 @@ class ConfigurationManager private bool $noWrite = false; + public string $AIO_TOKEN { + get => $this->get('AIO_TOKEN', ''); + set { $this->set('AIO_TOKEN', $value); } + } + public function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -28,10 +33,6 @@ class ConfigurationManager return $this->GetConfig()['password']; } - public function GetToken() : string { - return $this->GetConfig()['AIO_TOKEN']; - } - public function SetPassword(string $password) : void { $config = $this->GetConfig(); $config['password'] = $password; diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index fb3701a4..ae957d35 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -559,7 +559,7 @@ readonly class DockerActionManager { return match ($placeholder) { 'NC_DOMAIN' => $this->configurationManager->GetDomain(), 'NC_BASE_DN' => $this->configurationManager->GetBaseDN(), - 'AIO_TOKEN' => $this->configurationManager->GetToken(), + 'AIO_TOKEN' => $this->configurationManager->AIO_TOKEN, 'BORGBACKUP_REMOTE_REPO' => $this->configurationManager->GetBorgRemoteRepo(), 'BORGBACKUP_MODE' => $this->configurationManager->GetBackupMode(), 'AIO_URL' => $this->configurationManager->GetAIOURL(), From 4d8e959608c9c1be21b337bb19b89656e478d8ec Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 14:55:29 +0100 Subject: [PATCH 308/432] Make `password` an attribute Signed-off-by: Pablo Zmdl --- php/src/Auth/AuthManager.php | 2 +- php/src/Data/ConfigurationManager.php | 19 +++++++------------ php/src/Data/Setup.php | 2 +- 3 files changed, 9 insertions(+), 14 deletions(-) diff --git a/php/src/Auth/AuthManager.php b/php/src/Auth/AuthManager.php index b4533c1e..1d558aed 100644 --- a/php/src/Auth/AuthManager.php +++ b/php/src/Auth/AuthManager.php @@ -15,7 +15,7 @@ readonly class AuthManager { } public function CheckCredentials(string $password) : bool { - return hash_equals($this->configurationManager->GetPassword(), $password); + return hash_equals($this->configurationManager->password, $password); } public function CheckToken(string $token) : bool { diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 6b80c71b..1c40508f 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -18,6 +18,11 @@ class ConfigurationManager set { $this->set('AIO_TOKEN', $value); } } + public string $password { + get => $this->get('password', ''); + set { $this->set('password', $value); } + } + public function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -29,16 +34,6 @@ class ConfigurationManager return $this->config; } - public function GetPassword() : string { - return $this->GetConfig()['password']; - } - - public function SetPassword(string $password) : void { - $config = $this->GetConfig(); - $config['password'] = $password; - $this->WriteConfig($config); - } - private function get(string $key, mixed $fallbackValue = null) : mixed { return $this->GetConfig()[$key] ?? $fallbackValue; } @@ -586,7 +581,7 @@ class ConfigurationManager throw new InvalidSettingConfigurationException("Please enter your current password."); } - if ($currentPassword !== $this->GetPassword()) { + if ($currentPassword !== $this->password) { throw new InvalidSettingConfigurationException("The entered current password is not correct."); } @@ -603,7 +598,7 @@ class ConfigurationManager } // All checks pass so set the password - $this->SetPassword($newPassword); + $this->set('password', $newPassword); } public function GetApachePort() : string { diff --git a/php/src/Data/Setup.php b/php/src/Data/Setup.php index f8f43e4b..e409eef8 100644 --- a/php/src/Data/Setup.php +++ b/php/src/Data/Setup.php @@ -17,7 +17,7 @@ readonly class Setup { } $password = $this->passwordGenerator->GeneratePassword(8); - $this->configurationManager->SetPassword($password); + $this->configurationManager->password = $password; return $password; } From 484ff7994319838736570ad8e7b900bb9580c9e6 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 13:11:20 +0100 Subject: [PATCH 309/432] Make `wasStartButtonClicked` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Controller/DockerController.php | 6 +++--- php/src/Data/ConfigurationManager.php | 13 +++++-------- php/src/Docker/DockerActionManager.php | 2 +- 4 files changed, 10 insertions(+), 13 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index b57f65a5..59708627 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -105,7 +105,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'backup_exit_code' => $dockerActionManager->GetBackupcontainerExitCode(), 'is_instance_restore_attempt' => $configurationManager->isInstanceRestoreAttempt(), 'borg_backup_mode' => $configurationManager->GetBackupMode(), - 'was_start_button_clicked' => $configurationManager->wasStartButtonClicked(), + 'was_start_button_clicked' => $configurationManager->wasStartButtonClicked, 'has_update_available' => $dockerActionManager->isAnyUpdateAvailable(), 'last_backup_time' => $configurationManager->GetLastBackupTime(), 'backup_times' => $configurationManager->GetBackupTimes(), diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index ab10d3c6..e913349d 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -190,11 +190,11 @@ readonly class DockerController { $config = $this->configurationManager->GetConfig(); // set AIO_URL $config['AIO_URL'] = $host . ':' . (string)$port . $path; - // set wasStartButtonClicked - $config['wasStartButtonClicked'] = 1; // set install_latest_major $config['install_latest_major'] = $installLatestMajor; $this->configurationManager->WriteConfig($config); + // set wasStartButtonClicked + $this->configurationManager->wasStartButtonClicked = true; // Do not pull container images in case 'bypass_container_update' is set via url params // Needed for local testing @@ -274,7 +274,7 @@ readonly class DockerController { public function StartDomaincheckContainer() : void { # Don't start if domain is already set - if ($this->configurationManager->GetDomain() !== '' || $this->configurationManager->wasStartButtonClicked()) { + if ($this->configurationManager->GetDomain() !== '' || $this->configurationManager->wasStartButtonClicked) { return; } diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 1c40508f..18cdc46c 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -23,6 +23,11 @@ class ConfigurationManager set { $this->set('password', $value); } } + public bool $wasStartButtonClicked { + get => $this->get('wasStartButtonClicked', false); + set { $this->set('wasStartButtonClicked', $value); } + } + public function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -150,14 +155,6 @@ class ConfigurationManager return $backupTimes; } - public function wasStartButtonClicked() : bool { - if (isset($this->GetConfig()['wasStartButtonClicked'])) { - return true; - } else { - return false; - } - } - private function isx64Platform() : bool { if (php_uname('m') === 'x86_64') { return true; diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index ae957d35..42c2d5f0 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -621,7 +621,7 @@ readonly class DockerActionManager { public function isAnyUpdateAvailable(): bool { // return early if instance is not installed - if (!$this->configurationManager->wasStartButtonClicked()) { + if (!$this->configurationManager->wasStartButtonClicked) { return false; } $id = 'nextcloud-aio-apache'; From 06fdf31c8707b6edee57fc93efdbf16930434320 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 13:09:52 +0100 Subject: [PATCH 310/432] Make `AIO_URL` an attribute Signed-off-by: Pablo Zmdl --- php/src/Controller/DockerController.php | 4 ++-- php/src/Data/ConfigurationManager.php | 14 +++++--------- php/src/Docker/DockerActionManager.php | 2 +- 3 files changed, 8 insertions(+), 12 deletions(-) diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index e913349d..b8f89c46 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -188,11 +188,11 @@ readonly class DockerController { } $config = $this->configurationManager->GetConfig(); - // set AIO_URL - $config['AIO_URL'] = $host . ':' . (string)$port . $path; // set install_latest_major $config['install_latest_major'] = $installLatestMajor; $this->configurationManager->WriteConfig($config); + // set AIO_URL + $this->configurationManager->AIO_URL = $host . ':' . (string)$port . $path; // set wasStartButtonClicked $this->configurationManager->wasStartButtonClicked = true; diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 18cdc46c..c4032fea 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -23,6 +23,11 @@ class ConfigurationManager set { $this->set('password', $value); } } + public string $AIO_URL { + get => $this->get('AIO_URL', ''); + set { $this->set('AIO_URL', $value); } + } + public bool $wasStartButtonClicked { get => $this->get('wasStartButtonClicked', false); set { $this->set('wasStartButtonClicked', $value); } @@ -475,15 +480,6 @@ class ConfigurationManager return $config['restore-exclude-previews']; } - public function GetAIOURL() : string { - $config = $this->GetConfig(); - if(!isset($config['AIO_URL'])) { - $config['AIO_URL'] = ''; - } - - return $config['AIO_URL']; - } - /** * @throws InvalidSettingConfigurationException */ diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 42c2d5f0..7ef920e7 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -562,7 +562,7 @@ readonly class DockerActionManager { 'AIO_TOKEN' => $this->configurationManager->AIO_TOKEN, 'BORGBACKUP_REMOTE_REPO' => $this->configurationManager->GetBorgRemoteRepo(), 'BORGBACKUP_MODE' => $this->configurationManager->GetBackupMode(), - 'AIO_URL' => $this->configurationManager->GetAIOURL(), + 'AIO_URL' => $this->configurationManager->AIO_URL, 'SELECTED_RESTORE_TIME' => $this->configurationManager->GetSelectedRestoreTime(), 'RESTORE_EXCLUDE_PREVIEWS' => $this->configurationManager->GetRestoreExcludePreviews(), 'APACHE_PORT' => $this->configurationManager->GetApachePort(), From 1d11a4682b3f03200f2e22b413ffb76424464a78 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 13:06:59 +0100 Subject: [PATCH 311/432] Make `install_latest_major` an attribute Signed-off-by: Pablo Zmdl --- php/src/Controller/DockerController.php | 11 +---------- php/src/Data/ConfigurationManager.php | 13 +++++-------- php/src/Docker/DockerActionManager.php | 2 +- 3 files changed, 7 insertions(+), 19 deletions(-) diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index b8f89c46..f8f2896a 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -181,16 +181,7 @@ readonly class DockerController { $port = 443; } - if (isset($request->getParsedBody()['install_latest_major'])) { - $installLatestMajor = 32; - } else { - $installLatestMajor = ""; - } - - $config = $this->configurationManager->GetConfig(); - // set install_latest_major - $config['install_latest_major'] = $installLatestMajor; - $this->configurationManager->WriteConfig($config); + $this->configurationManager->install_latest_major = isset($request->getParsedBody()['install_latest_major']); // set AIO_URL $this->configurationManager->AIO_URL = $host . ':' . (string)$port . $path; // set wasStartButtonClicked diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index c4032fea..1fb03e68 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -33,6 +33,11 @@ class ConfigurationManager set { $this->set('wasStartButtonClicked', $value); } } + public bool $install_latest_major { + get => $this->get('install_latest_major', false); + set { $this->set('install_latest_major', $value); } + } + public function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -889,14 +894,6 @@ class ConfigurationManager } } - public function shouldLatestMajorGetInstalled() : bool { - $config = $this->GetConfig(); - if(!isset($config['install_latest_major'])) { - $config['install_latest_major'] = ''; - } - return $config['install_latest_major'] !== ''; - } - public function GetAdditionalBackupDirectoriesString() : string { if (!file_exists(DataConst::GetAdditionalBackupDirectoriesFile())) { return ''; diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 7ef920e7..1c6c418e 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -595,7 +595,7 @@ readonly class DockerActionManager { 'NEXTCLOUD_STARTUP_APPS' => $this->configurationManager->GetNextcloudStartupApps(), 'NEXTCLOUD_ADDITIONAL_APKS' => $this->configurationManager->GetNextcloudAdditionalApks(), 'NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS' => $this->configurationManager->GetNextcloudAdditionalPhpExtensions(), - 'INSTALL_LATEST_MAJOR' => $this->configurationManager->shouldLatestMajorGetInstalled() ? 'yes' : '', + 'INSTALL_LATEST_MAJOR' => $this->configurationManager->install_latest_major ? 'yes' : '', 'REMOVE_DISABLED_APPS' => $this->configurationManager->shouldDisabledAppsGetRemoved() ? 'yes' : '', // Allow to get local ip-address of database container which allows to talk to it even in host mode (the container that requires this needs to be started first then) 'AIO_DATABASE_HOST' => gethostbyname('nextcloud-aio-database'), From b8130958c557b05499736c32aaa6808a9bd5b8b1 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 13:05:10 +0100 Subject: [PATCH 312/432] Make `selectedRestoreTime` an attribute Signed-off-by: Pablo Zmdl --- php/src/Controller/DockerController.php | 4 +--- php/src/Data/ConfigurationManager.php | 14 +++++--------- php/src/Docker/DockerActionManager.php | 1 + 3 files changed, 7 insertions(+), 12 deletions(-) diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index f8f2896a..1848ccab 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -124,14 +124,12 @@ readonly class DockerController { public function StartBackupContainerRestore(Request $request, Response $response, array $args) : Response { $this->configurationManager->SetBackupMode('restore'); - $config = $this->configurationManager->GetConfig(); - $config['selected-restore-time'] = $request->getParsedBody()['selected_restore_time'] ?? ''; if (isset($request->getParsedBody()['restore-exclude-previews'])) { $config['restore-exclude-previews'] = 1; } else { $config['restore-exclude-previews'] = ''; } - $this->configurationManager->WriteConfig($config); + $this->configurationManager->selectedRestoreTime = $request->getParsedBody()['selected_restore_time'] ?? ''; $id = self::TOP_CONTAINER; $forceStopNextcloud = true; diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 1fb03e68..3e003e61 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -23,6 +23,11 @@ class ConfigurationManager set { $this->set('password', $value); } } + public string $selectedRestoreTime { + get => $this->get('selected-restore-time', ''); + set { $this->set('selected-restore-time', $value); } + } + public string $AIO_URL { get => $this->get('AIO_URL', ''); set { $this->set('AIO_URL', $value); } @@ -467,15 +472,6 @@ class ConfigurationManager $this->WriteConfig($config); } - public function GetSelectedRestoreTime() : string { - $config = $this->GetConfig(); - if(!isset($config['selected-restore-time'])) { - $config['selected-restore-time'] = ''; - } - - return $config['selected-restore-time']; - } - public function GetRestoreExcludePreviews() : string { $config = $this->GetConfig(); if(!isset($config['restore-exclude-previews'])) { diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 1c6c418e..8ce0749e 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -565,6 +565,7 @@ readonly class DockerActionManager { 'AIO_URL' => $this->configurationManager->AIO_URL, 'SELECTED_RESTORE_TIME' => $this->configurationManager->GetSelectedRestoreTime(), 'RESTORE_EXCLUDE_PREVIEWS' => $this->configurationManager->GetRestoreExcludePreviews(), + 'SELECTED_RESTORE_TIME' => $this->configurationManager->selectedRestoreTime, 'APACHE_PORT' => $this->configurationManager->GetApachePort(), 'APACHE_IP_BINDING' => $this->configurationManager->GetApacheIPBinding(), 'TALK_PORT' => $this->configurationManager->GetTalkPort(), From c968e9e310ad36d2529e9624abe07d6271b55c27 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 13:02:19 +0100 Subject: [PATCH 313/432] Make `restoreExcludePreviews` an attribute Signed-off-by: Pablo Zmdl --- php/src/Controller/DockerController.php | 6 +----- php/src/Data/ConfigurationManager.php | 14 +++++--------- php/src/Docker/DockerActionManager.php | 3 +-- 3 files changed, 7 insertions(+), 16 deletions(-) diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index 1848ccab..0ee4e522 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -124,12 +124,8 @@ readonly class DockerController { public function StartBackupContainerRestore(Request $request, Response $response, array $args) : Response { $this->configurationManager->SetBackupMode('restore'); - if (isset($request->getParsedBody()['restore-exclude-previews'])) { - $config['restore-exclude-previews'] = 1; - } else { - $config['restore-exclude-previews'] = ''; - } $this->configurationManager->selectedRestoreTime = $request->getParsedBody()['selected_restore_time'] ?? ''; + $this->configurationManager->restoreExcludePreviews = isset($request->getParsedBody()['restore-exclude-previews']); $id = self::TOP_CONTAINER; $forceStopNextcloud = true; diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 3e003e61..d216fedd 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -23,6 +23,11 @@ class ConfigurationManager set { $this->set('password', $value); } } + public bool $restoreExcludePreviews { + get => $this->get('restore-exclude-previews', false); + set { $this->set('restore-exclude-previews', $value); } + } + public string $selectedRestoreTime { get => $this->get('selected-restore-time', ''); set { $this->set('selected-restore-time', $value); } @@ -472,15 +477,6 @@ class ConfigurationManager $this->WriteConfig($config); } - public function GetRestoreExcludePreviews() : string { - $config = $this->GetConfig(); - if(!isset($config['restore-exclude-previews'])) { - $config['restore-exclude-previews'] = ''; - } - - return $config['restore-exclude-previews']; - } - /** * @throws InvalidSettingConfigurationException */ diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 8ce0749e..b04124f3 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -563,8 +563,7 @@ readonly class DockerActionManager { 'BORGBACKUP_REMOTE_REPO' => $this->configurationManager->GetBorgRemoteRepo(), 'BORGBACKUP_MODE' => $this->configurationManager->GetBackupMode(), 'AIO_URL' => $this->configurationManager->AIO_URL, - 'SELECTED_RESTORE_TIME' => $this->configurationManager->GetSelectedRestoreTime(), - 'RESTORE_EXCLUDE_PREVIEWS' => $this->configurationManager->GetRestoreExcludePreviews(), + 'RESTORE_EXCLUDE_PREVIEWS' => $this->configurationManager->restoreExcludePreviews ? '1' : '', 'SELECTED_RESTORE_TIME' => $this->configurationManager->selectedRestoreTime, 'APACHE_PORT' => $this->configurationManager->GetApachePort(), 'APACHE_IP_BINDING' => $this->configurationManager->GetApacheIPBinding(), From 881e77cca5d4b975f8ae2588dde4cd5a02898043 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 13:00:22 +0100 Subject: [PATCH 314/432] Make `isWhiteboardEnabled` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/ContainerDefinitionFetcher.php | 4 ++-- .../Controller/ConfigurationController.php | 6 +----- php/src/Data/ConfigurationManager.php | 20 +++++-------------- php/src/Docker/DockerActionManager.php | 2 +- 5 files changed, 10 insertions(+), 24 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 59708627..a0b45675 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -136,7 +136,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'is_nvidia_gpu_enabled' => $configurationManager->isNvidiaGpuEnabled(), 'is_talk_recording_enabled' => $configurationManager->isTalkRecordingEnabled(), 'is_docker_socket_proxy_enabled' => $configurationManager->isDockerSocketProxyEnabled(), - 'is_whiteboard_enabled' => $configurationManager->isWhiteboardEnabled(), + 'is_whiteboard_enabled' => $configurationManager->isWhiteboardEnabled, 'community_containers' => $configurationManager->listAvailableCommunityContainers(), 'community_containers_enabled' => $configurationManager->GetEnabledCommunityContainers(), 'bypass_container_update' => $bypass_container_update, diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index d7498047..ccca996f 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -91,7 +91,7 @@ readonly class ContainerDefinitionFetcher { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-whiteboard') { - if (!$this->configurationManager->isWhiteboardEnabled()) { + if (!$this->configurationManager->isWhiteboardEnabled) { continue; } } @@ -200,7 +200,7 @@ readonly class ContainerDefinitionFetcher { continue; } } elseif ($value === 'nextcloud-aio-whiteboard') { - if (!$this->configurationManager->isWhiteboardEnabled()) { + if (!$this->configurationManager->isWhiteboardEnabled) { continue; } } diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index b449db6a..62034681 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -119,11 +119,7 @@ readonly class ConfigurationController { } else { $this->configurationManager->SetDockerSocketProxyEnabledState(0); } - if (isset($request->getParsedBody()['whiteboard'])) { - $this->configurationManager->SetWhiteboardEnabledState(1); - } else { - $this->configurationManager->SetWhiteboardEnabledState(0); - } + $this->configurationManager->isWhiteboardEnabled = isset($request->getParsedBody()['whiteboard']); } if (isset($request->getParsedBody()['community-form'])) { diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index d216fedd..a6dd196a 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -23,6 +23,11 @@ class ConfigurationManager set { $this->set('password', $value); } } + public bool $isWhiteboardEnabled { + get => $this->get('isWhiteboardEnabled', true); + set { $this->set('isWhiteboardEnabled', $value); } + } + public bool $restoreExcludePreviews { get => $this->get('restore-exclude-previews', false); set { $this->set('restore-exclude-previews', $value); } @@ -207,21 +212,6 @@ class ConfigurationManager $this->WriteConfig($config); } - public function isWhiteboardEnabled() : bool { - $config = $this->GetConfig(); - if (isset($config['isWhiteboardEnabled']) && $config['isWhiteboardEnabled'] === 0) { - return false; - } else { - return true; - } - } - - public function SetWhiteboardEnabledState(int $value) : void { - $config = $this->GetConfig(); - $config['isWhiteboardEnabled'] = $value; - $this->WriteConfig($config); - } - public function SetClamavEnabledState(int $value) : void { $config = $this->GetConfig(); $config['isClamavEnabled'] = $value; diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index b04124f3..72abd49c 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -601,7 +601,7 @@ readonly class DockerActionManager { 'AIO_DATABASE_HOST' => gethostbyname('nextcloud-aio-database'), // Allow to get local ip-address of caddy container and add it to trusted proxies automatically 'CADDY_IP_ADDRESS' => in_array('caddy', $this->configurationManager->GetEnabledCommunityContainers(), true) ? gethostbyname('nextcloud-aio-caddy') : '', - 'WHITEBOARD_ENABLED' => $this->configurationManager->isWhiteboardEnabled() ? 'yes' : '', + 'WHITEBOARD_ENABLED' => $this->configurationManager->isWhiteboardEnabled ? 'yes' : '', default => $this->configurationManager->GetRegisteredSecret($placeholder), }; } From 6576d3c1e9e8e4d0c118dc3388ab8415152b7690 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 12:58:50 +0100 Subject: [PATCH 315/432] Make `backupMode` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Controller/DockerController.php | 14 +++++++------- php/src/Data/ConfigurationManager.php | 20 +++++--------------- 3 files changed, 13 insertions(+), 23 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index a0b45675..6abe1989 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -104,7 +104,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'is_backup_container_running' => $dockerActionManager->isBackupContainerRunning(), 'backup_exit_code' => $dockerActionManager->GetBackupcontainerExitCode(), 'is_instance_restore_attempt' => $configurationManager->isInstanceRestoreAttempt(), - 'borg_backup_mode' => $configurationManager->GetBackupMode(), + 'borg_backup_mode' => $configurationManager->backupMode, 'was_start_button_clicked' => $configurationManager->wasStartButtonClicked, 'has_update_available' => $dockerActionManager->isAnyUpdateAvailable(), 'last_backup_time' => $configurationManager->GetLastBackupTime(), diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index 0ee4e522..566f430a 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -89,7 +89,7 @@ readonly class DockerController { } public function startBackup(bool $forceStopNextcloud = false) : void { - $this->configurationManager->SetBackupMode('backup'); + $this->configurationManager->backupMode = 'backup'; $id = self::TOP_CONTAINER; $this->PerformRecursiveContainerStop($id, $forceStopNextcloud); @@ -109,21 +109,21 @@ readonly class DockerController { } public function checkBackup() : void { - $this->configurationManager->SetBackupMode('check'); + $this->configurationManager->backupMode = 'check'; $id = 'nextcloud-aio-borgbackup'; $this->PerformRecursiveContainerStart($id); } private function listBackup() : void { - $this->configurationManager->SetBackupMode('list'); + $this->configurationManager->backupMode = 'list'; $id = 'nextcloud-aio-borgbackup'; $this->PerformRecursiveContainerStart($id); } public function StartBackupContainerRestore(Request $request, Response $response, array $args) : Response { - $this->configurationManager->SetBackupMode('restore'); + $this->configurationManager->backupMode = 'restore'; $this->configurationManager->selectedRestoreTime = $request->getParsedBody()['selected_restore_time'] ?? ''; $this->configurationManager->restoreExcludePreviews = isset($request->getParsedBody()['restore-exclude-previews']); @@ -138,22 +138,22 @@ readonly class DockerController { } public function StartBackupContainerCheckRepair(Request $request, Response $response, array $args) : Response { - $this->configurationManager->SetBackupMode('check-repair'); + $this->configurationManager->backupMode = 'check-repair'; $id = 'nextcloud-aio-borgbackup'; $this->PerformRecursiveContainerStart($id); // Restore to backup check which is needed to make the UI logic work correctly - $this->configurationManager->SetBackupMode('check'); + $this->configurationManager->backupMode = 'check'; return $response->withStatus(201)->withHeader('Location', '.'); } public function StartBackupContainerTest(Request $request, Response $response, array $args) : Response { - $this->configurationManager->SetBackupMode('test'); $config = $this->configurationManager->GetConfig(); $config['instance_restore_attempt'] = 0; $this->configurationManager->WriteConfig($config); + $this->configurationManager->backupMode = 'test'; $id = self::TOP_CONTAINER; $this->PerformRecursiveContainerStop($id); diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index a6dd196a..e21984b6 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -38,6 +38,11 @@ class ConfigurationManager set { $this->set('selected-restore-time', $value); } } + public string $backupMode { + get => $this->get('backup-mode', ''); + set { $this->set('backup-mode', $value); } + } + public string $AIO_URL { get => $this->get('AIO_URL', ''); set { $this->set('AIO_URL', $value); } @@ -452,21 +457,6 @@ class ConfigurationManager return 'dc=' . implode(',dc=', explode('.', $domain)); } - public function GetBackupMode() : string { - $config = $this->GetConfig(); - if(!isset($config['backup-mode'])) { - $config['backup-mode'] = ''; - } - - return $config['backup-mode']; - } - - public function SetBackupMode(string $mode) : void { - $config = $this->GetConfig(); - $config['backup-mode'] = $mode; - $this->WriteConfig($config); - } - /** * @throws InvalidSettingConfigurationException */ From f235af29e33f7d84197a3861754fe3e5792a21bf Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 12:56:10 +0100 Subject: [PATCH 316/432] Make `isDockerSocketProxyEnabled` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/ContainerDefinitionFetcher.php | 4 ++-- .../Controller/ConfigurationController.php | 6 +----- php/src/Data/ConfigurationManager.php | 20 +++++-------------- php/src/Docker/DockerActionManager.php | 2 +- 5 files changed, 10 insertions(+), 24 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 6abe1989..caff178c 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -135,7 +135,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'is_dri_device_enabled' => $configurationManager->isDriDeviceEnabled(), 'is_nvidia_gpu_enabled' => $configurationManager->isNvidiaGpuEnabled(), 'is_talk_recording_enabled' => $configurationManager->isTalkRecordingEnabled(), - 'is_docker_socket_proxy_enabled' => $configurationManager->isDockerSocketProxyEnabled(), + 'is_docker_socket_proxy_enabled' => $configurationManager->isDockerSocketProxyEnabled, 'is_whiteboard_enabled' => $configurationManager->isWhiteboardEnabled, 'community_containers' => $configurationManager->listAvailableCommunityContainers(), 'community_containers_enabled' => $configurationManager->GetEnabledCommunityContainers(), diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index ccca996f..fe454fba 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -87,7 +87,7 @@ readonly class ContainerDefinitionFetcher { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-docker-socket-proxy') { - if (!$this->configurationManager->isDockerSocketProxyEnabled()) { + if (!$this->configurationManager->isDockerSocketProxyEnabled) { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-whiteboard') { @@ -196,7 +196,7 @@ readonly class ContainerDefinitionFetcher { continue; } } elseif ($value === 'nextcloud-aio-docker-socket-proxy') { - if (!$this->configurationManager->isDockerSocketProxyEnabled()) { + if (!$this->configurationManager->isDockerSocketProxyEnabled) { continue; } } elseif ($value === 'nextcloud-aio-whiteboard') { diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index 62034681..76eefae5 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -114,11 +114,7 @@ readonly class ConfigurationController { } else { $this->configurationManager->SetFulltextsearchEnabledState(0); } - if (isset($request->getParsedBody()['docker-socket-proxy'])) { - $this->configurationManager->SetDockerSocketProxyEnabledState(1); - } else { - $this->configurationManager->SetDockerSocketProxyEnabledState(0); - } + $this->configurationManager->isDockerSocketProxyEnabled = isset($request->getParsedBody()['docker-socket-proxy']); $this->configurationManager->isWhiteboardEnabled = isset($request->getParsedBody()['whiteboard']); } diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index e21984b6..a44751c4 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -23,6 +23,11 @@ class ConfigurationManager set { $this->set('password', $value); } } + public bool $isDockerSocketProxyEnabled { + get => $this->get('isDockerSocketProxyEnabled', false); + set { $this->set('isDockerSocketProxyEnabled', $value); } + } + public bool $isWhiteboardEnabled { get => $this->get('isWhiteboardEnabled', true); set { $this->set('isWhiteboardEnabled', $value); } @@ -202,21 +207,6 @@ class ConfigurationManager } } - public function isDockerSocketProxyEnabled() : bool { - $config = $this->GetConfig(); - if (isset($config['isDockerSocketProxyEnabled']) && $config['isDockerSocketProxyEnabled'] === 1) { - return true; - } else { - return false; - } - } - - public function SetDockerSocketProxyEnabledState(int $value) : void { - $config = $this->GetConfig(); - $config['isDockerSocketProxyEnabled'] = $value; - $this->WriteConfig($config); - } - public function SetClamavEnabledState(int $value) : void { $config = $this->GetConfig(); $config['isClamavEnabled'] = $value; diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 72abd49c..66368ca4 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -581,7 +581,7 @@ readonly class DockerActionManager { 'COLLABORA_DICTIONARIES' => $this->configurationManager->GetCollaboraDictionaries() === '' ? 'de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru' : $this->configurationManager->GetCollaboraDictionaries(), 'IMAGINARY_ENABLED' => $this->configurationManager->isImaginaryEnabled() ? 'yes' : '', 'FULLTEXTSEARCH_ENABLED' => $this->configurationManager->isFulltextsearchEnabled() ? 'yes' : '', - 'DOCKER_SOCKET_PROXY_ENABLED' => $this->configurationManager->isDockerSocketProxyEnabled() ? 'yes' : '', + 'DOCKER_SOCKET_PROXY_ENABLED' => $this->configurationManager->isDockerSocketProxyEnabled ? 'yes' : '', 'NEXTCLOUD_UPLOAD_LIMIT' => $this->configurationManager->GetNextcloudUploadLimit(), 'NEXTCLOUD_MEMORY_LIMIT' => $this->configurationManager->GetNextcloudMemoryLimit(), 'NEXTCLOUD_MAX_TIME' => $this->configurationManager->GetNextcloudMaxTime(), From bebae7069b41d4c49bc13fa6817ee1241cb4751c Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 12:52:03 +0100 Subject: [PATCH 317/432] Make `instance_restore_attempt` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Controller/DockerController.php | 4 +--- php/src/Data/ConfigurationManager.php | 22 +++++++++------------- 3 files changed, 11 insertions(+), 17 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index caff178c..235a3ffc 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -103,7 +103,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'has_backup_run_once' => $configurationManager->hasBackupRunOnce(), 'is_backup_container_running' => $dockerActionManager->isBackupContainerRunning(), 'backup_exit_code' => $dockerActionManager->GetBackupcontainerExitCode(), - 'is_instance_restore_attempt' => $configurationManager->isInstanceRestoreAttempt(), + 'is_instance_restore_attempt' => $configurationManager->instance_restore_attempt, 'borg_backup_mode' => $configurationManager->backupMode, 'was_start_button_clicked' => $configurationManager->wasStartButtonClicked, 'has_update_available' => $dockerActionManager->isAnyUpdateAvailable(), diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index 566f430a..df6fbe5d 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -150,10 +150,8 @@ readonly class DockerController { } public function StartBackupContainerTest(Request $request, Response $response, array $args) : Response { - $config = $this->configurationManager->GetConfig(); - $config['instance_restore_attempt'] = 0; - $this->configurationManager->WriteConfig($config); $this->configurationManager->backupMode = 'test'; + $this->configurationManager->instance_restore_attempt = false; $id = self::TOP_CONTAINER; $this->PerformRecursiveContainerStop($id); diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index a44751c4..12d4aef2 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -48,6 +48,11 @@ class ConfigurationManager set { $this->set('backup-mode', $value); } } + public bool $instance_restore_attempt { + get => $this->get('instance_restore_attempt', false); + set { $this->set('instance_restore_attempt', $value); } + } + public string $AIO_URL { get => $this->get('AIO_URL', ''); set { $this->set('AIO_URL', $value); } @@ -529,8 +534,11 @@ class ConfigurationManager $config['borg_backup_host_location'] = $location; $config['borg_remote_repo'] = $repo; $config['borg_restore_password'] = $password; - $config['instance_restore_attempt'] = 1; $this->WriteConfig($config); + + $this->setMultiple(function ($confManager) { + $confManager->instance_restore_attempt = true; + }); } /** @@ -663,18 +671,6 @@ class ConfigurationManager return $config['borg_restore_password']; } - public function isInstanceRestoreAttempt() : bool { - $config = $this->GetConfig(); - if(!isset($config['instance_restore_attempt'])) { - $config['instance_restore_attempt'] = ''; - } - - if ($config['instance_restore_attempt'] === 1) { - return true; - } - return false; - } - public function GetNextcloudMount() : string { $envVariableName = 'NEXTCLOUD_MOUNT'; $configName = 'nextcloud_mount'; From f8a244bee2e87c6a0bd46d61ee93b39fb4267b24 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 12:01:53 +0100 Subject: [PATCH 318/432] Make `isClamavEnabled` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/ContainerDefinitionFetcher.php | 4 ++-- .../Controller/ConfigurationController.php | 6 +----- php/src/Data/ConfigurationManager.php | 20 +++++-------------- php/src/Docker/DockerActionManager.php | 2 +- 5 files changed, 10 insertions(+), 24 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 235a3ffc..c213251d 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -110,7 +110,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'last_backup_time' => $configurationManager->GetLastBackupTime(), 'backup_times' => $configurationManager->GetBackupTimes(), 'current_channel' => $dockerActionManager->GetCurrentChannel(), - 'is_clamav_enabled' => $configurationManager->isClamavEnabled(), + 'is_clamav_enabled' => $configurationManager->isClamavEnabled, 'is_onlyoffice_enabled' => $configurationManager->isOnlyofficeEnabled(), 'is_collabora_enabled' => $configurationManager->isCollaboraEnabled(), 'is_talk_enabled' => $configurationManager->isTalkEnabled(), diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index fe454fba..639f6513 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -56,7 +56,7 @@ readonly class ContainerDefinitionFetcher { $containers = []; foreach ($data['aio_services_v1'] as $entry) { if ($entry['container_name'] === 'nextcloud-aio-clamav') { - if (!$this->configurationManager->isClamavEnabled()) { + if (!$this->configurationManager->isClamavEnabled) { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-onlyoffice') { @@ -168,7 +168,7 @@ readonly class ContainerDefinitionFetcher { } foreach ($valueDependsOn as $value) { if ($value === 'nextcloud-aio-clamav') { - if (!$this->configurationManager->isClamavEnabled()) { + if (!$this->configurationManager->isClamavEnabled) { continue; } } elseif ($value === 'nextcloud-aio-onlyoffice') { diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index 76eefae5..b8a4bb6c 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -88,11 +88,7 @@ readonly class ConfigurationController { $this->configurationManager->SetCollaboraEnabledState(0); $this->configurationManager->SetOnlyofficeEnabledState(0); } - - if (isset($request->getParsedBody()['clamav'])) { - $this->configurationManager->SetClamavEnabledState(1); - } else { - $this->configurationManager->SetClamavEnabledState(0); + $this->configurationManager->isClamavEnabled = isset($request->getParsedBody()['clamav']); } if (isset($request->getParsedBody()['talk'])) { $this->configurationManager->SetTalkEnabledState(1); diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 12d4aef2..485ca6ce 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -68,6 +68,11 @@ class ConfigurationManager set { $this->set('install_latest_major', $value); } } + public bool $isClamavEnabled { + get => $this->get('isClamavEnabled', false); + set { $this->set('isClamavEnabled', $value); } + } + public function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -203,21 +208,6 @@ class ConfigurationManager } } - public function isClamavEnabled() : bool { - $config = $this->GetConfig(); - if (isset($config['isClamavEnabled']) && $config['isClamavEnabled'] === 1) { - return true; - } else { - return false; - } - } - - public function SetClamavEnabledState(int $value) : void { - $config = $this->GetConfig(); - $config['isClamavEnabled'] = $value; - $this->WriteConfig($config); - } - public function isImaginaryEnabled() : bool { $config = $this->GetConfig(); if (isset($config['isImaginaryEnabled']) && $config['isImaginaryEnabled'] === 0) { diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 66368ca4..86401005 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -571,7 +571,7 @@ readonly class DockerActionManager { 'TURN_DOMAIN' => $this->configurationManager->GetTurnDomain(), 'NEXTCLOUD_MOUNT' => $this->configurationManager->GetNextcloudMount(), 'BACKUP_RESTORE_PASSWORD' => $this->configurationManager->GetBorgRestorePassword(), - 'CLAMAV_ENABLED' => $this->configurationManager->isClamavEnabled() ? 'yes' : '', + 'CLAMAV_ENABLED' => $this->configurationManager->isClamavEnabled ? 'yes' : '', 'TALK_RECORDING_ENABLED' => $this->configurationManager->isTalkRecordingEnabled() ? 'yes' : '', 'ONLYOFFICE_ENABLED' => $this->configurationManager->isOnlyofficeEnabled() ? 'yes' : '', 'COLLABORA_ENABLED' => $this->configurationManager->isCollaboraEnabled() ? 'yes' : '', From 0c3d919618f5e61173a7c7b3533926fdd5bd4434 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 12:02:41 +0100 Subject: [PATCH 319/432] Make `isOnlyofficeEnabled` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/ContainerDefinitionFetcher.php | 4 ++-- .../Controller/ConfigurationController.php | 7 +++---- php/src/Data/ConfigurationManager.php | 20 +++++-------------- php/src/Docker/DockerActionManager.php | 2 +- 5 files changed, 12 insertions(+), 23 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index c213251d..75607e63 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -111,7 +111,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'backup_times' => $configurationManager->GetBackupTimes(), 'current_channel' => $dockerActionManager->GetCurrentChannel(), 'is_clamav_enabled' => $configurationManager->isClamavEnabled, - 'is_onlyoffice_enabled' => $configurationManager->isOnlyofficeEnabled(), + 'is_onlyoffice_enabled' => $configurationManager->isOnlyofficeEnabled, 'is_collabora_enabled' => $configurationManager->isCollaboraEnabled(), 'is_talk_enabled' => $configurationManager->isTalkEnabled(), 'borg_restore_password' => $configurationManager->GetBorgRestorePassword(), diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index 639f6513..d101178b 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -60,7 +60,7 @@ readonly class ContainerDefinitionFetcher { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-onlyoffice') { - if (!$this->configurationManager->isOnlyofficeEnabled()) { + if (!$this->configurationManager->isOnlyofficeEnabled) { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-collabora') { @@ -172,7 +172,7 @@ readonly class ContainerDefinitionFetcher { continue; } } elseif ($value === 'nextcloud-aio-onlyoffice') { - if (!$this->configurationManager->isOnlyofficeEnabled()) { + if (!$this->configurationManager->isOnlyofficeEnabled) { continue; } } elseif ($value === 'nextcloud-aio-collabora') { diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index b8a4bb6c..d39efd2a 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -80,16 +80,15 @@ readonly class ConfigurationController { if ($officeSuiteChoice === 'collabora') { $this->configurationManager->SetCollaboraEnabledState(1); - $this->configurationManager->SetOnlyofficeEnabledState(0); + $this->configurationManager->isOnlyofficeEnabled = false; } elseif ($officeSuiteChoice === 'onlyoffice') { $this->configurationManager->SetCollaboraEnabledState(0); - $this->configurationManager->SetOnlyofficeEnabledState(1); + $this->configurationManager->isOnlyofficeEnabled = true; } else { $this->configurationManager->SetCollaboraEnabledState(0); - $this->configurationManager->SetOnlyofficeEnabledState(0); + $this->configurationManager->isOnlyofficeEnabled = false; } $this->configurationManager->isClamavEnabled = isset($request->getParsedBody()['clamav']); - } if (isset($request->getParsedBody()['talk'])) { $this->configurationManager->SetTalkEnabledState(1); } else { diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 485ca6ce..36cea5e0 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -73,6 +73,11 @@ class ConfigurationManager set { $this->set('isClamavEnabled', $value); } } + public bool $isOnlyofficeEnabled { + get => $this->get('isOnlyofficeEnabled', false); + set { $this->set('isOnlyofficeEnabled', $value); } + } + public function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -243,21 +248,6 @@ class ConfigurationManager $this->WriteConfig($config); } - public function isOnlyofficeEnabled() : bool { - $config = $this->GetConfig(); - if (isset($config['isOnlyofficeEnabled']) && $config['isOnlyofficeEnabled'] === 1) { - return true; - } else { - return false; - } - } - - public function SetOnlyofficeEnabledState(int $value) : void { - $config = $this->GetConfig(); - $config['isOnlyofficeEnabled'] = $value; - $this->WriteConfig($config); - } - public function isCollaboraEnabled() : bool { $config = $this->GetConfig(); if (isset($config['isCollaboraEnabled']) && $config['isCollaboraEnabled'] === 0) { diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 86401005..16771c6c 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -573,7 +573,7 @@ readonly class DockerActionManager { 'BACKUP_RESTORE_PASSWORD' => $this->configurationManager->GetBorgRestorePassword(), 'CLAMAV_ENABLED' => $this->configurationManager->isClamavEnabled ? 'yes' : '', 'TALK_RECORDING_ENABLED' => $this->configurationManager->isTalkRecordingEnabled() ? 'yes' : '', - 'ONLYOFFICE_ENABLED' => $this->configurationManager->isOnlyofficeEnabled() ? 'yes' : '', + 'ONLYOFFICE_ENABLED' => $this->configurationManager->isOnlyofficeEnabled ? 'yes' : '', 'COLLABORA_ENABLED' => $this->configurationManager->isCollaboraEnabled() ? 'yes' : '', 'TALK_ENABLED' => $this->configurationManager->isTalkEnabled() ? 'yes' : '', 'UPDATE_NEXTCLOUD_APPS' => ($this->configurationManager->isDailyBackupRunning() && $this->configurationManager->areAutomaticUpdatesEnabled()) ? 'yes' : '', From cd1c2276e5ca2959ced114d881caf5dfa5bbc8d5 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 12:03:12 +0100 Subject: [PATCH 320/432] Make `isCollaboraEnabled` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/ContainerDefinitionFetcher.php | 4 ++-- .../Controller/ConfigurationController.php | 6 +++--- php/src/Controller/DockerController.php | 2 +- php/src/Data/ConfigurationManager.php | 20 +++++-------------- php/src/Docker/DockerActionManager.php | 2 +- 6 files changed, 13 insertions(+), 23 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 75607e63..adfd72d5 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -112,7 +112,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'current_channel' => $dockerActionManager->GetCurrentChannel(), 'is_clamav_enabled' => $configurationManager->isClamavEnabled, 'is_onlyoffice_enabled' => $configurationManager->isOnlyofficeEnabled, - 'is_collabora_enabled' => $configurationManager->isCollaboraEnabled(), + 'is_collabora_enabled' => $configurationManager->isCollaboraEnabled, 'is_talk_enabled' => $configurationManager->isTalkEnabled(), 'borg_restore_password' => $configurationManager->GetBorgRestorePassword(), 'daily_backup_time' => $configurationManager->GetDailyBackupTime(), diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index d101178b..e4e27f69 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -64,7 +64,7 @@ readonly class ContainerDefinitionFetcher { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-collabora') { - if (!$this->configurationManager->isCollaboraEnabled()) { + if (!$this->configurationManager->isCollaboraEnabled) { continue; } if ($this->configurationManager->isCollaboraSubscriptionEnabled()) { @@ -176,7 +176,7 @@ readonly class ContainerDefinitionFetcher { continue; } } elseif ($value === 'nextcloud-aio-collabora') { - if (!$this->configurationManager->isCollaboraEnabled()) { + if (!$this->configurationManager->isCollaboraEnabled) { continue; } } elseif ($value === 'nextcloud-aio-talk') { diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index d39efd2a..56621eee 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -79,13 +79,13 @@ readonly class ConfigurationController { $officeSuiteChoice = $request->getParsedBody()['office_suite_choice'] ?? ''; if ($officeSuiteChoice === 'collabora') { - $this->configurationManager->SetCollaboraEnabledState(1); + $this->configurationManager->isCollaboraEnabled = true; $this->configurationManager->isOnlyofficeEnabled = false; } elseif ($officeSuiteChoice === 'onlyoffice') { - $this->configurationManager->SetCollaboraEnabledState(0); + $this->configurationManager->isCollaboraEnabled = false; $this->configurationManager->isOnlyofficeEnabled = true; } else { - $this->configurationManager->SetCollaboraEnabledState(0); + $this->configurationManager->isCollaboraEnabled = false; $this->configurationManager->isOnlyofficeEnabled = false; } $this->configurationManager->isClamavEnabled = isset($request->getParsedBody()['clamav']); diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index df6fbe5d..ff73e29a 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -224,7 +224,7 @@ readonly class DockerController { // This is a hack but no better solution was found for the meantime // Stop Collabora first to make sure it force-saves // See https://github.com/nextcloud/richdocuments/issues/3799 - if ($id === self::TOP_CONTAINER && $this->configurationManager->isCollaboraEnabled()) { + if ($id === self::TOP_CONTAINER && $this->configurationManager->isCollaboraEnabled) { $this->PerformRecursiveContainerStop('nextcloud-aio-collabora'); } diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 36cea5e0..165f9c44 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -78,6 +78,11 @@ class ConfigurationManager set { $this->set('isOnlyofficeEnabled', $value); } } + public bool $isCollaboraEnabled { + get => $this->get('isCollaboraEnabled', true); + set { $this->set('isCollaboraEnabled', $value); } + } + public function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -248,21 +253,6 @@ class ConfigurationManager $this->WriteConfig($config); } - public function isCollaboraEnabled() : bool { - $config = $this->GetConfig(); - if (isset($config['isCollaboraEnabled']) && $config['isCollaboraEnabled'] === 0) { - return false; - } else { - return true; - } - } - - public function SetCollaboraEnabledState(int $value) : void { - $config = $this->GetConfig(); - $config['isCollaboraEnabled'] = $value; - $this->WriteConfig($config); - } - public function isTalkEnabled() : bool { $config = $this->GetConfig(); if (isset($config['isTalkEnabled']) && $config['isTalkEnabled'] === 0) { diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 16771c6c..7cb20ad6 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -574,7 +574,7 @@ readonly class DockerActionManager { 'CLAMAV_ENABLED' => $this->configurationManager->isClamavEnabled ? 'yes' : '', 'TALK_RECORDING_ENABLED' => $this->configurationManager->isTalkRecordingEnabled() ? 'yes' : '', 'ONLYOFFICE_ENABLED' => $this->configurationManager->isOnlyofficeEnabled ? 'yes' : '', - 'COLLABORA_ENABLED' => $this->configurationManager->isCollaboraEnabled() ? 'yes' : '', + 'COLLABORA_ENABLED' => $this->configurationManager->isCollaboraEnabled ? 'yes' : '', 'TALK_ENABLED' => $this->configurationManager->isTalkEnabled() ? 'yes' : '', 'UPDATE_NEXTCLOUD_APPS' => ($this->configurationManager->isDailyBackupRunning() && $this->configurationManager->areAutomaticUpdatesEnabled()) ? 'yes' : '', 'TIMEZONE' => $this->configurationManager->GetTimezone() === '' ? 'Etc/UTC' : $this->configurationManager->GetTimezone(), From e009abdd54030b654044f567fb88873b6365dc42 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 12:03:38 +0100 Subject: [PATCH 321/432] Make `isTalkEnabled` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/ContainerDefinitionFetcher.php | 4 ++-- .../Controller/ConfigurationController.php | 6 +----- php/src/Data/ConfigurationManager.php | 20 +++++-------------- php/src/Docker/DockerActionManager.php | 2 +- 5 files changed, 10 insertions(+), 24 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index adfd72d5..0481aceb 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -113,7 +113,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'is_clamav_enabled' => $configurationManager->isClamavEnabled, 'is_onlyoffice_enabled' => $configurationManager->isOnlyofficeEnabled, 'is_collabora_enabled' => $configurationManager->isCollaboraEnabled, - 'is_talk_enabled' => $configurationManager->isTalkEnabled(), + 'is_talk_enabled' => $configurationManager->isTalkEnabled, 'borg_restore_password' => $configurationManager->GetBorgRestorePassword(), 'daily_backup_time' => $configurationManager->GetDailyBackupTime(), 'is_daily_backup_running' => $configurationManager->isDailyBackupRunning(), diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index e4e27f69..9635c8cf 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -71,7 +71,7 @@ readonly class ContainerDefinitionFetcher { $entry['image'] = 'ghcr.io/nextcloud-releases/aio-collabora-online'; } } elseif ($entry['container_name'] === 'nextcloud-aio-talk') { - if (!$this->configurationManager->isTalkEnabled()) { + if (!$this->configurationManager->isTalkEnabled) { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-talk-recording') { @@ -180,7 +180,7 @@ readonly class ContainerDefinitionFetcher { continue; } } elseif ($value === 'nextcloud-aio-talk') { - if (!$this->configurationManager->isTalkEnabled()) { + if (!$this->configurationManager->isTalkEnabled) { continue; } } elseif ($value === 'nextcloud-aio-talk-recording') { diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index 56621eee..75ec29ae 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -89,11 +89,7 @@ readonly class ConfigurationController { $this->configurationManager->isOnlyofficeEnabled = false; } $this->configurationManager->isClamavEnabled = isset($request->getParsedBody()['clamav']); - if (isset($request->getParsedBody()['talk'])) { - $this->configurationManager->SetTalkEnabledState(1); - } else { - $this->configurationManager->SetTalkEnabledState(0); - } + $this->configurationManager->isTalkEnabled = isset($request->getParsedBody()['talk']); if (isset($request->getParsedBody()['talk-recording'])) { $this->configurationManager->SetTalkRecordingEnabledState(1); } else { diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 165f9c44..648d04c3 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -83,6 +83,11 @@ class ConfigurationManager set { $this->set('isCollaboraEnabled', $value); } } + public bool $isTalkEnabled { + get => $this->get('isTalkEnabled', true); + set { $this->set('isTalkEnabled', $value); } + } + public function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -253,21 +258,6 @@ class ConfigurationManager $this->WriteConfig($config); } - public function isTalkEnabled() : bool { - $config = $this->GetConfig(); - if (isset($config['isTalkEnabled']) && $config['isTalkEnabled'] === 0) { - return false; - } else { - return true; - } - } - - public function SetTalkEnabledState(int $value) : void { - $config = $this->GetConfig(); - $config['isTalkEnabled'] = $value; - $this->WriteConfig($config); - } - public function isTalkRecordingEnabled() : bool { if (!$this->isTalkEnabled()) { return false; diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 7cb20ad6..313de7b0 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -575,7 +575,7 @@ readonly class DockerActionManager { 'TALK_RECORDING_ENABLED' => $this->configurationManager->isTalkRecordingEnabled() ? 'yes' : '', 'ONLYOFFICE_ENABLED' => $this->configurationManager->isOnlyofficeEnabled ? 'yes' : '', 'COLLABORA_ENABLED' => $this->configurationManager->isCollaboraEnabled ? 'yes' : '', - 'TALK_ENABLED' => $this->configurationManager->isTalkEnabled() ? 'yes' : '', + 'TALK_ENABLED' => $this->configurationManager->isTalkEnabled ? 'yes' : '', 'UPDATE_NEXTCLOUD_APPS' => ($this->configurationManager->isDailyBackupRunning() && $this->configurationManager->areAutomaticUpdatesEnabled()) ? 'yes' : '', 'TIMEZONE' => $this->configurationManager->GetTimezone() === '' ? 'Etc/UTC' : $this->configurationManager->GetTimezone(), 'COLLABORA_DICTIONARIES' => $this->configurationManager->GetCollaboraDictionaries() === '' ? 'de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru' : $this->configurationManager->GetCollaboraDictionaries(), From 190d47810b8501f0788e5e65dc576ae0284f9554 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 12:04:04 +0100 Subject: [PATCH 322/432] Make `isTalkRecordingEnabled` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/ContainerDefinitionFetcher.php | 4 +-- .../Controller/ConfigurationController.php | 6 +---- php/src/Data/ConfigurationManager.php | 27 ++++--------------- php/src/Docker/DockerActionManager.php | 2 +- 5 files changed, 10 insertions(+), 31 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 0481aceb..34d7efe1 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -134,7 +134,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'nextcloud_memory_limit' => $configurationManager->GetNextcloudMemoryLimit(), 'is_dri_device_enabled' => $configurationManager->isDriDeviceEnabled(), 'is_nvidia_gpu_enabled' => $configurationManager->isNvidiaGpuEnabled(), - 'is_talk_recording_enabled' => $configurationManager->isTalkRecordingEnabled(), + 'is_talk_recording_enabled' => $configurationManager->isTalkRecordingEnabled, 'is_docker_socket_proxy_enabled' => $configurationManager->isDockerSocketProxyEnabled, 'is_whiteboard_enabled' => $configurationManager->isWhiteboardEnabled, 'community_containers' => $configurationManager->listAvailableCommunityContainers(), diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index 9635c8cf..851b2b4d 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -75,7 +75,7 @@ readonly class ContainerDefinitionFetcher { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-talk-recording') { - if (!$this->configurationManager->isTalkRecordingEnabled()) { + if (!$this->configurationManager->isTalkRecordingEnabled) { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-imaginary') { @@ -184,7 +184,7 @@ readonly class ContainerDefinitionFetcher { continue; } } elseif ($value === 'nextcloud-aio-talk-recording') { - if (!$this->configurationManager->isTalkRecordingEnabled()) { + if (!$this->configurationManager->isTalkRecordingEnabled) { continue; } } elseif ($value === 'nextcloud-aio-imaginary') { diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index 75ec29ae..cf8bf02b 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -90,11 +90,7 @@ readonly class ConfigurationController { } $this->configurationManager->isClamavEnabled = isset($request->getParsedBody()['clamav']); $this->configurationManager->isTalkEnabled = isset($request->getParsedBody()['talk']); - if (isset($request->getParsedBody()['talk-recording'])) { - $this->configurationManager->SetTalkRecordingEnabledState(1); - } else { - $this->configurationManager->SetTalkRecordingEnabledState(0); - } + $this->configurationManager->isTalkRecordingEnabled = isset($request->getParsedBody()['talk-recording']); if (isset($request->getParsedBody()['imaginary'])) { $this->configurationManager->SetImaginaryEnabledState(1); } else { diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 648d04c3..bd920a04 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -88,6 +88,11 @@ class ConfigurationManager set { $this->set('isTalkEnabled', $value); } } + public bool $isTalkRecordingEnabled { + get => $this->isTalkEnabled && $this->get('isTalkRecordingEnabled', false); + set { $this->set('isTalkRecordingEnabled', $this->isTalkEnabled && $value); } + } + public function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -258,28 +263,6 @@ class ConfigurationManager $this->WriteConfig($config); } - public function isTalkRecordingEnabled() : bool { - if (!$this->isTalkEnabled()) { - return false; - } - $config = $this->GetConfig(); - if (isset($config['isTalkRecordingEnabled']) && $config['isTalkRecordingEnabled'] === 1) { - return true; - } else { - return false; - } - } - - public function SetTalkRecordingEnabledState(int $value) : void { - if (!$this->isTalkEnabled()) { - $value = 0; - } - - $config = $this->GetConfig(); - $config['isTalkRecordingEnabled'] = $value; - $this->WriteConfig($config); - } - /** * @throws InvalidSettingConfigurationException */ diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 313de7b0..ebd1489d 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -572,7 +572,7 @@ readonly class DockerActionManager { 'NEXTCLOUD_MOUNT' => $this->configurationManager->GetNextcloudMount(), 'BACKUP_RESTORE_PASSWORD' => $this->configurationManager->GetBorgRestorePassword(), 'CLAMAV_ENABLED' => $this->configurationManager->isClamavEnabled ? 'yes' : '', - 'TALK_RECORDING_ENABLED' => $this->configurationManager->isTalkRecordingEnabled() ? 'yes' : '', + 'TALK_RECORDING_ENABLED' => $this->configurationManager->isTalkRecordingEnabled ? 'yes' : '', 'ONLYOFFICE_ENABLED' => $this->configurationManager->isOnlyofficeEnabled ? 'yes' : '', 'COLLABORA_ENABLED' => $this->configurationManager->isCollaboraEnabled ? 'yes' : '', 'TALK_ENABLED' => $this->configurationManager->isTalkEnabled ? 'yes' : '', From f16f5b233d72ab22e96bb40a65540a2e6ea7efba Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 12:04:24 +0100 Subject: [PATCH 323/432] Make `isImaginaryEnabled` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/ContainerDefinitionFetcher.php | 4 ++-- .../Controller/ConfigurationController.php | 6 +----- php/src/Data/ConfigurationManager.php | 20 +++++-------------- php/src/Docker/DockerActionManager.php | 2 +- 5 files changed, 10 insertions(+), 24 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 34d7efe1..27b2edad 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -124,7 +124,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'collabora_additional_options' => $configurationManager->GetAdditionalCollaboraOptions(), 'automatic_updates' => $configurationManager->areAutomaticUpdatesEnabled(), 'is_backup_section_enabled' => $configurationManager->isBackupSectionEnabled(), - 'is_imaginary_enabled' => $configurationManager->isImaginaryEnabled(), + 'is_imaginary_enabled' => $configurationManager->isImaginaryEnabled, 'is_fulltextsearch_enabled' => $configurationManager->isFulltextsearchEnabled(), 'additional_backup_directories' => $configurationManager->GetAdditionalBackupDirectoriesString(), 'nextcloud_datadir' => $configurationManager->GetNextcloudDatadirMount(), diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index 851b2b4d..75d47f83 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -79,7 +79,7 @@ readonly class ContainerDefinitionFetcher { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-imaginary') { - if (!$this->configurationManager->isImaginaryEnabled()) { + if (!$this->configurationManager->isImaginaryEnabled) { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-fulltextsearch') { @@ -188,7 +188,7 @@ readonly class ContainerDefinitionFetcher { continue; } } elseif ($value === 'nextcloud-aio-imaginary') { - if (!$this->configurationManager->isImaginaryEnabled()) { + if (!$this->configurationManager->isImaginaryEnabled) { continue; } } elseif ($value === 'nextcloud-aio-fulltextsearch') { diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index cf8bf02b..c7df757b 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -91,11 +91,7 @@ readonly class ConfigurationController { $this->configurationManager->isClamavEnabled = isset($request->getParsedBody()['clamav']); $this->configurationManager->isTalkEnabled = isset($request->getParsedBody()['talk']); $this->configurationManager->isTalkRecordingEnabled = isset($request->getParsedBody()['talk-recording']); - if (isset($request->getParsedBody()['imaginary'])) { - $this->configurationManager->SetImaginaryEnabledState(1); - } else { - $this->configurationManager->SetImaginaryEnabledState(0); - } + $this->configurationManager->isImaginaryEnabled = isset($request->getParsedBody()['imaginary']); if (isset($request->getParsedBody()['fulltextsearch'])) { $this->configurationManager->SetFulltextsearchEnabledState(1); } else { diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index bd920a04..65e83524 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -93,6 +93,11 @@ class ConfigurationManager set { $this->set('isTalkRecordingEnabled', $this->isTalkEnabled && $value); } } + public bool $isImaginaryEnabled { + get => $this->get('isImaginaryEnabled', true); + set { $this->set('isImaginaryEnabled', $value); } + } + public function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -228,21 +233,6 @@ class ConfigurationManager } } - public function isImaginaryEnabled() : bool { - $config = $this->GetConfig(); - if (isset($config['isImaginaryEnabled']) && $config['isImaginaryEnabled'] === 0) { - return false; - } else { - return true; - } - } - - public function SetImaginaryEnabledState(int $value) : void { - $config = $this->GetConfig(); - $config['isImaginaryEnabled'] = $value; - $this->WriteConfig($config); - } - public function isFulltextsearchEnabled() : bool { $config = $this->GetConfig(); if (isset($config['isFulltextsearchEnabled']) && $config['isFulltextsearchEnabled'] === 1) { diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index ebd1489d..a9f2c29e 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -579,7 +579,7 @@ readonly class DockerActionManager { 'UPDATE_NEXTCLOUD_APPS' => ($this->configurationManager->isDailyBackupRunning() && $this->configurationManager->areAutomaticUpdatesEnabled()) ? 'yes' : '', 'TIMEZONE' => $this->configurationManager->GetTimezone() === '' ? 'Etc/UTC' : $this->configurationManager->GetTimezone(), 'COLLABORA_DICTIONARIES' => $this->configurationManager->GetCollaboraDictionaries() === '' ? 'de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru' : $this->configurationManager->GetCollaboraDictionaries(), - 'IMAGINARY_ENABLED' => $this->configurationManager->isImaginaryEnabled() ? 'yes' : '', + 'IMAGINARY_ENABLED' => $this->configurationManager->isImaginaryEnabled ? 'yes' : '', 'FULLTEXTSEARCH_ENABLED' => $this->configurationManager->isFulltextsearchEnabled() ? 'yes' : '', 'DOCKER_SOCKET_PROXY_ENABLED' => $this->configurationManager->isDockerSocketProxyEnabled ? 'yes' : '', 'NEXTCLOUD_UPLOAD_LIMIT' => $this->configurationManager->GetNextcloudUploadLimit(), From f737d2f598032df2fd2df3ad9c4f7b4319e91d66 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 12:04:48 +0100 Subject: [PATCH 324/432] Make `isFulltextsearchEnabled` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/ContainerDefinitionFetcher.php | 4 +-- .../Controller/ConfigurationController.php | 6 +---- php/src/Data/ConfigurationManager.php | 26 +++++-------------- php/src/Docker/DockerActionManager.php | 2 +- 5 files changed, 11 insertions(+), 29 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 27b2edad..2b1d6af1 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -125,7 +125,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'automatic_updates' => $configurationManager->areAutomaticUpdatesEnabled(), 'is_backup_section_enabled' => $configurationManager->isBackupSectionEnabled(), 'is_imaginary_enabled' => $configurationManager->isImaginaryEnabled, - 'is_fulltextsearch_enabled' => $configurationManager->isFulltextsearchEnabled(), + 'is_fulltextsearch_enabled' => $configurationManager->isFulltextsearchEnabled, 'additional_backup_directories' => $configurationManager->GetAdditionalBackupDirectoriesString(), 'nextcloud_datadir' => $configurationManager->GetNextcloudDatadirMount(), 'nextcloud_mount' => $configurationManager->GetNextcloudMount(), diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index 75d47f83..4ac53258 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -83,7 +83,7 @@ readonly class ContainerDefinitionFetcher { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-fulltextsearch') { - if (!$this->configurationManager->isFulltextsearchEnabled()) { + if (!$this->configurationManager->isFulltextsearchEnabled) { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-docker-socket-proxy') { @@ -192,7 +192,7 @@ readonly class ContainerDefinitionFetcher { continue; } } elseif ($value === 'nextcloud-aio-fulltextsearch') { - if (!$this->configurationManager->isFulltextsearchEnabled()) { + if (!$this->configurationManager->isFulltextsearchEnabled) { continue; } } elseif ($value === 'nextcloud-aio-docker-socket-proxy') { diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index c7df757b..9688c5e9 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -92,11 +92,7 @@ readonly class ConfigurationController { $this->configurationManager->isTalkEnabled = isset($request->getParsedBody()['talk']); $this->configurationManager->isTalkRecordingEnabled = isset($request->getParsedBody()['talk-recording']); $this->configurationManager->isImaginaryEnabled = isset($request->getParsedBody()['imaginary']); - if (isset($request->getParsedBody()['fulltextsearch'])) { - $this->configurationManager->SetFulltextsearchEnabledState(1); - } else { - $this->configurationManager->SetFulltextsearchEnabledState(0); - } + $this->configurationManager->isFulltextsearchEnabled = isset($request->getParsedBody()['fulltextsearch']); $this->configurationManager->isDockerSocketProxyEnabled = isset($request->getParsedBody()['docker-socket-proxy']); $this->configurationManager->isWhiteboardEnabled = isset($request->getParsedBody()['whiteboard']); } diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 65e83524..43680ca9 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -98,6 +98,12 @@ class ConfigurationManager set { $this->set('isImaginaryEnabled', $value); } } + public bool $isFulltextsearchEnabled { + get => $this->get('isFulltextsearchEnabled', false); + // Elasticsearch does not work on kernels without seccomp anymore. See https://github.com/nextcloud/all-in-one/discussions/5768 + set { $this->set('isFulltextsearchEnabled', ($this->isSeccompDisabled() && $value)); } + } + public function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -233,26 +239,6 @@ class ConfigurationManager } } - public function isFulltextsearchEnabled() : bool { - $config = $this->GetConfig(); - if (isset($config['isFulltextsearchEnabled']) && $config['isFulltextsearchEnabled'] === 1) { - return true; - } else { - return false; - } - } - - public function SetFulltextsearchEnabledState(int $value) : void { - // Elasticsearch does not work on kernels without seccomp anymore. See https://github.com/nextcloud/all-in-one/discussions/5768 - if ($this->isSeccompDisabled()) { - $value = 0; - } - - $config = $this->GetConfig(); - $config['isFulltextsearchEnabled'] = $value; - $this->WriteConfig($config); - } - /** * @throws InvalidSettingConfigurationException */ diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index a9f2c29e..73f4bd9d 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -580,7 +580,7 @@ readonly class DockerActionManager { 'TIMEZONE' => $this->configurationManager->GetTimezone() === '' ? 'Etc/UTC' : $this->configurationManager->GetTimezone(), 'COLLABORA_DICTIONARIES' => $this->configurationManager->GetCollaboraDictionaries() === '' ? 'de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru' : $this->configurationManager->GetCollaboraDictionaries(), 'IMAGINARY_ENABLED' => $this->configurationManager->isImaginaryEnabled ? 'yes' : '', - 'FULLTEXTSEARCH_ENABLED' => $this->configurationManager->isFulltextsearchEnabled() ? 'yes' : '', + 'FULLTEXTSEARCH_ENABLED' => $this->configurationManager->isFulltextsearchEnabled ? 'yes' : '', 'DOCKER_SOCKET_PROXY_ENABLED' => $this->configurationManager->isDockerSocketProxyEnabled ? 'yes' : '', 'NEXTCLOUD_UPLOAD_LIMIT' => $this->configurationManager->GetNextcloudUploadLimit(), 'NEXTCLOUD_MEMORY_LIMIT' => $this->configurationManager->GetNextcloudMemoryLimit(), From 5b0b9ef8263e740fa854be09dc424d53ae1ad9ff Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 12:06:20 +0100 Subject: [PATCH 325/432] Make `domain` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Controller/DockerController.php | 2 +- php/src/Data/ConfigurationManager.php | 25 +++++++++++++------------ 3 files changed, 15 insertions(+), 14 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 2b1d6af1..f3e8f940 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -91,7 +91,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ $skip_domain_validation = isset($params['skip_domain_validation']); return $view->render($response, 'containers.twig', [ - 'domain' => $configurationManager->GetDomain(), + 'domain' => $configurationManager->domain, 'apache_port' => $configurationManager->GetApachePort(), 'borg_backup_host_location' => $configurationManager->GetBorgBackupHostLocation(), 'borg_remote_repo' => $configurationManager->GetBorgRemoteRepo(), diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index ff73e29a..4e6d52b7 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -257,7 +257,7 @@ readonly class DockerController { public function StartDomaincheckContainer() : void { # Don't start if domain is already set - if ($this->configurationManager->GetDomain() !== '' || $this->configurationManager->wasStartButtonClicked) { + if ($this->configurationManager->domain !== '' || $this->configurationManager->wasStartButtonClicked) { return; } diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 43680ca9..d276ebb7 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -104,6 +104,11 @@ class ConfigurationManager set { $this->set('isFulltextsearchEnabled', ($this->isSeccompDisabled() && $value)); } } + public string $domain { + get => $this->get('domain', ''); + set { $this->SetDomain($value); } + } + public function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -241,6 +246,8 @@ class ConfigurationManager /** * @throws InvalidSettingConfigurationException + * + * We can't turn this into a private validation method because of the second argument. */ public function SetDomain(string $domain, bool $skipDomainValidation) : void { // Validate that at least one dot is contained @@ -346,25 +353,19 @@ class ConfigurationManager } } - // Write domain $config = $this->GetConfig(); - $config['domain'] = $domain; // Reset the borg restore password when setting the domain $config['borg_restore_password'] = ''; $this->WriteConfig($config); - } - - public function GetDomain() : string { - $config = $this->GetConfig(); - if(!isset($config['domain'])) { - $config['domain'] = ''; - } - - return $config['domain']; + $this->setMultiple(function ($confManager) use ($domain) { + // Write domain + // Don't set the domain via the attribute, or we create a loop. + $confManager->set('domain', $domain); + }); } public function GetBaseDN() : string { - $domain = $this->GetDomain(); + $domain = $this->domain; if ($domain === "") { return ""; } From b4d198f72b14cc52e667bf782d3db51c4fd80c34 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 12:07:45 +0100 Subject: [PATCH 326/432] Make `borg_backup_host_location` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/ContainerDefinitionFetcher.php | 2 +- php/src/Data/ConfigurationManager.php | 26 +++++++++++++------------- php/src/Docker/DockerActionManager.php | 2 +- 4 files changed, 16 insertions(+), 16 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index f3e8f940..eb214eff 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -93,7 +93,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ return $view->render($response, 'containers.twig', [ 'domain' => $configurationManager->domain, 'apache_port' => $configurationManager->GetApachePort(), - 'borg_backup_host_location' => $configurationManager->GetBorgBackupHostLocation(), + 'borg_backup_host_location' => $configurationManager->borg_backup_host_location, 'borg_remote_repo' => $configurationManager->GetBorgRemoteRepo(), 'borg_public_key' => $configurationManager->GetBorgPublicKey(), 'nextcloud_password' => $configurationManager->GetAndGenerateSecret('NEXTCLOUD_PASSWORD'), diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index 4ac53258..e8244ddc 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -113,7 +113,7 @@ readonly class ContainerDefinitionFetcher { if (isset($entry['volumes'])) { foreach ($entry['volumes'] as $value) { if($value['source'] === '%BORGBACKUP_HOST_LOCATION%') { - $value['source'] = $this->configurationManager->GetBorgBackupHostLocation(); + $value['source'] = $this->configurationManager->borg_backup_host_location; if($value['source'] === '') { continue; } diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index d276ebb7..1c93f51b 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -109,6 +109,11 @@ class ConfigurationManager set { $this->SetDomain($value); } } + public string $borg_backup_host_location { + get => $this->get('borg_backup_host_location', ''); + set { $this->set('borg_backup_host_location', $value); } + } + public function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -379,9 +384,11 @@ class ConfigurationManager $this->ValidateBorgLocationVars($location, $repo); $config = $this->GetConfig(); - $config['borg_backup_host_location'] = $location; $config['borg_remote_repo'] = $repo; $this->WriteConfig($config); + $this->setMultiple(function ($confManager) use ($location) { + $confManager->borg_backup_host_location = $location; + }); } private function ValidateBorgLocationVars(string $location, string $repo) : void { @@ -428,9 +435,11 @@ class ConfigurationManager public function DeleteBorgBackupLocationItems() : void { // Delete the variables $config = $this->GetConfig(); - $config['borg_backup_host_location'] = ''; $config['borg_remote_repo'] = ''; $this->WriteConfig($config); + $this->setMultiple(function ($confManager) { + $confManager->borg_backup_host_location = ''; + }); // Also delete the borg config file to be able to start over if (file_exists(DataConst::GetBackupKeyFile())) { @@ -451,12 +460,12 @@ class ConfigurationManager } $config = $this->GetConfig(); - $config['borg_backup_host_location'] = $location; $config['borg_remote_repo'] = $repo; $config['borg_restore_password'] = $password; $this->WriteConfig($config); - $this->setMultiple(function ($confManager) { + $this->setMultiple(function ($confManager) use ($location) { + $confManager->borg_backup_host_location = $location; $confManager->instance_restore_attempt = true; }); } @@ -556,15 +565,6 @@ class ConfigurationManager return $envVariableOutput; } - public function GetBorgBackupHostLocation() : string { - $config = $this->GetConfig(); - if(!isset($config['borg_backup_host_location'])) { - $config['borg_backup_host_location'] = ''; - } - - return $config['borg_backup_host_location']; - } - public function GetBorgRemoteRepo() : string { $config = $this->GetConfig(); if(!isset($config['borg_remote_repo'])) { diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 73f4bd9d..a3ea0c9b 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -589,7 +589,7 @@ readonly class DockerActionManager { 'FULLTEXTSEARCH_JAVA_OPTIONS' => $this->configurationManager->GetFulltextsearchJavaOptions(), 'NEXTCLOUD_TRUSTED_CACERTS_DIR' => $this->configurationManager->GetTrustedCacertsDir(), 'ADDITIONAL_DIRECTORIES_BACKUP' => $this->configurationManager->GetAdditionalBackupDirectoriesString() !== '' ? 'yes' : '', - 'BORGBACKUP_HOST_LOCATION' => $this->configurationManager->GetBorgBackupHostLocation(), + 'BORGBACKUP_HOST_LOCATION' => $this->configurationManager->borg_backup_host_location, 'APACHE_MAX_SIZE' => (string)($this->configurationManager->GetApacheMaxSize()), 'COLLABORA_SECCOMP_POLICY' => $this->configurationManager->GetCollaboraSeccompPolicy(), 'NEXTCLOUD_STARTUP_APPS' => $this->configurationManager->GetNextcloudStartupApps(), From a361ab9d20f4cfc4c5c0fc071509756a734bdea1 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 12:14:39 +0100 Subject: [PATCH 327/432] Make `borg_remote_repo` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Data/ConfigurationManager.php | 24 ++++++++++-------------- php/src/Docker/DockerActionManager.php | 2 +- 3 files changed, 12 insertions(+), 16 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index eb214eff..16d274f9 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -94,7 +94,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'domain' => $configurationManager->domain, 'apache_port' => $configurationManager->GetApachePort(), 'borg_backup_host_location' => $configurationManager->borg_backup_host_location, - 'borg_remote_repo' => $configurationManager->GetBorgRemoteRepo(), + 'borg_remote_repo' => $configurationManager->borg_remote_repo, 'borg_public_key' => $configurationManager->GetBorgPublicKey(), 'nextcloud_password' => $configurationManager->GetAndGenerateSecret('NEXTCLOUD_PASSWORD'), 'containers' => (new \AIO\ContainerDefinitionFetcher($container->get(\AIO\Data\ConfigurationManager::class), $container))->FetchDefinition(), diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 1c93f51b..5dea0c6d 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -114,6 +114,11 @@ class ConfigurationManager set { $this->set('borg_backup_host_location', $value); } } + public string $borg_remote_repo { + get => $this->get('borg_remote_repo', ''); + set { $this->set('borg_remote_repo', $value); } + } + public function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -384,10 +389,10 @@ class ConfigurationManager $this->ValidateBorgLocationVars($location, $repo); $config = $this->GetConfig(); - $config['borg_remote_repo'] = $repo; $this->WriteConfig($config); - $this->setMultiple(function ($confManager) use ($location) { + $this->setMultiple(function ($confManager) use ($location, $repo) { $confManager->borg_backup_host_location = $location; + $confManager->borg_remote_repo = $repo; }); } @@ -435,10 +440,10 @@ class ConfigurationManager public function DeleteBorgBackupLocationItems() : void { // Delete the variables $config = $this->GetConfig(); - $config['borg_remote_repo'] = ''; $this->WriteConfig($config); $this->setMultiple(function ($confManager) { $confManager->borg_backup_host_location = ''; + $confManager->borg_remote_repo = ''; }); // Also delete the borg config file to be able to start over @@ -460,12 +465,12 @@ class ConfigurationManager } $config = $this->GetConfig(); - $config['borg_remote_repo'] = $repo; $config['borg_restore_password'] = $password; $this->WriteConfig($config); - $this->setMultiple(function ($confManager) use ($location) { + $this->setMultiple(function ($confManager) use ($location, $repo) { $confManager->borg_backup_host_location = $location; + $confManager->borg_remote_repo = $repo; $confManager->instance_restore_attempt = true; }); } @@ -565,15 +570,6 @@ class ConfigurationManager return $envVariableOutput; } - public function GetBorgRemoteRepo() : string { - $config = $this->GetConfig(); - if(!isset($config['borg_remote_repo'])) { - $config['borg_remote_repo'] = ''; - } - - return $config['borg_remote_repo']; - } - public function GetBorgPublicKey() : string { if (!file_exists(DataConst::GetBackupPublicKey())) { return ""; diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index a3ea0c9b..876dd805 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -560,7 +560,7 @@ readonly class DockerActionManager { 'NC_DOMAIN' => $this->configurationManager->GetDomain(), 'NC_BASE_DN' => $this->configurationManager->GetBaseDN(), 'AIO_TOKEN' => $this->configurationManager->AIO_TOKEN, - 'BORGBACKUP_REMOTE_REPO' => $this->configurationManager->GetBorgRemoteRepo(), + 'BORGBACKUP_REMOTE_REPO' => $this->configurationManager->borg_remote_repo, 'BORGBACKUP_MODE' => $this->configurationManager->GetBackupMode(), 'AIO_URL' => $this->configurationManager->AIO_URL, 'RESTORE_EXCLUDE_PREVIEWS' => $this->configurationManager->restoreExcludePreviews ? '1' : '', From 6033a4486c147eab303ba9f8120ab4663e348084 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 12:16:30 +0100 Subject: [PATCH 328/432] Make `borg_restore_password` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Data/ConfigurationManager.php | 23 +++++++++-------------- php/src/Docker/DockerActionManager.php | 2 +- 3 files changed, 11 insertions(+), 16 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 16d274f9..05c39f76 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -114,7 +114,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'is_onlyoffice_enabled' => $configurationManager->isOnlyofficeEnabled, 'is_collabora_enabled' => $configurationManager->isCollaboraEnabled, 'is_talk_enabled' => $configurationManager->isTalkEnabled, - 'borg_restore_password' => $configurationManager->GetBorgRestorePassword(), + 'borg_restore_password' => $configurationManager->borg_restore_password, 'daily_backup_time' => $configurationManager->GetDailyBackupTime(), 'is_daily_backup_running' => $configurationManager->isDailyBackupRunning(), 'timezone' => $configurationManager->GetTimezone(), diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 5dea0c6d..2091ddb5 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -119,6 +119,11 @@ class ConfigurationManager set { $this->set('borg_remote_repo', $value); } } + public string $borg_restore_password { + get => $this->get('borg_restore_password', ''); + set { $this->set('borg_restore_password', $value); } + } + public function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -364,13 +369,13 @@ class ConfigurationManager } $config = $this->GetConfig(); - // Reset the borg restore password when setting the domain - $config['borg_restore_password'] = ''; $this->WriteConfig($config); $this->setMultiple(function ($confManager) use ($domain) { // Write domain // Don't set the domain via the attribute, or we create a loop. $confManager->set('domain', $domain); + // Reset the borg restore password when setting the domain + $confManager->borg_restore_password = ''; }); } @@ -465,12 +470,11 @@ class ConfigurationManager } $config = $this->GetConfig(); - $config['borg_restore_password'] = $password; $this->WriteConfig($config); - - $this->setMultiple(function ($confManager) use ($location, $repo) { + $this->setMultiple(function ($confManager) use ($location, $repo, $password) { $confManager->borg_backup_host_location = $location; $confManager->borg_remote_repo = $repo; + $confManager->borg_restore_password = $password; $confManager->instance_restore_attempt = true; }); } @@ -578,15 +582,6 @@ class ConfigurationManager return trim((string)file_get_contents(DataConst::GetBackupPublicKey())); } - public function GetBorgRestorePassword() : string { - $config = $this->GetConfig(); - if(!isset($config['borg_restore_password'])) { - $config['borg_restore_password'] = ''; - } - - return $config['borg_restore_password']; - } - public function GetNextcloudMount() : string { $envVariableName = 'NEXTCLOUD_MOUNT'; $configName = 'nextcloud_mount'; diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 876dd805..8b9720fb 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -570,7 +570,7 @@ readonly class DockerActionManager { 'TALK_PORT' => $this->configurationManager->GetTalkPort(), 'TURN_DOMAIN' => $this->configurationManager->GetTurnDomain(), 'NEXTCLOUD_MOUNT' => $this->configurationManager->GetNextcloudMount(), - 'BACKUP_RESTORE_PASSWORD' => $this->configurationManager->GetBorgRestorePassword(), + 'BACKUP_RESTORE_PASSWORD' => $this->configurationManager->borg_restore_password, 'CLAMAV_ENABLED' => $this->configurationManager->isClamavEnabled ? 'yes' : '', 'TALK_RECORDING_ENABLED' => $this->configurationManager->isTalkRecordingEnabled ? 'yes' : '', 'ONLYOFFICE_ENABLED' => $this->configurationManager->isOnlyofficeEnabled ? 'yes' : '', From 6e5237cd205f0dc6ef069b6026f43a77028d00e7 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 12:17:25 +0100 Subject: [PATCH 329/432] Make `timezone` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- .../Controller/ConfigurationController.php | 4 +-- php/src/Data/ConfigurationManager.php | 36 +++++++++---------- php/src/Docker/DockerActionManager.php | 2 +- 4 files changed, 22 insertions(+), 22 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 05c39f76..130d34d5 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -117,7 +117,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'borg_restore_password' => $configurationManager->borg_restore_password, 'daily_backup_time' => $configurationManager->GetDailyBackupTime(), 'is_daily_backup_running' => $configurationManager->isDailyBackupRunning(), - 'timezone' => $configurationManager->GetTimezone(), + 'timezone' => $configurationManager->timezone, 'skip_domain_validation' => $configurationManager->shouldDomainValidationBeSkipped($skip_domain_validation), 'talk_port' => $configurationManager->GetTalkPort(), 'collabora_dictionaries' => $configurationManager->GetCollaboraDictionaries(), diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index 9688c5e9..58337ef4 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -67,12 +67,12 @@ readonly class ConfigurationController { } if (isset($request->getParsedBody()['delete_timezone'])) { - $this->configurationManager->DeleteTimezone(); + $this->configurationManager->deleteTimezone(); } if (isset($request->getParsedBody()['timezone'])) { $timezone = $request->getParsedBody()['timezone'] ?? ''; - $this->configurationManager->SetTimezone($timezone); + $this->configurationManager->timezone = $timezone; } if (isset($request->getParsedBody()['options-form'])) { diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 2091ddb5..119e81ce 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -124,6 +124,18 @@ class ConfigurationManager set { $this->set('borg_restore_password', $value); } } + /** + * @throws InvalidSettingConfigurationException + */ + public string $timezone { + get => $this->get('timezone', ''); + set { + // This throws an exception if the validation fails. + $this->validateTimezone($value); + $this->set('timezone', $value); + } + } + public function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -784,19 +796,10 @@ class ConfigurationManager return false; } - public function GetTimezone() : string { - $config = $this->GetConfig(); - if(!isset($config['timezone'])) { - $config['timezone'] = ''; - } - - return $config['timezone']; - } - /** * @throws InvalidSettingConfigurationException */ - public function SetTimezone(string $timezone) : void { + private function validateTimezone(string $timezone) : void { if ($timezone === "") { throw new InvalidSettingConfigurationException("The timezone must not be empty!"); } @@ -804,16 +807,13 @@ class ConfigurationManager if (!preg_match("#^[a-zA-Z0-9_\-\/\+]+$#", $timezone)) { throw new InvalidSettingConfigurationException("The entered timezone does not seem to be a valid timezone!"); } - - $config = $this->GetConfig(); - $config['timezone'] = $timezone; - $this->WriteConfig($config); } - public function DeleteTimezone() : void { - $config = $this->GetConfig(); - $config['timezone'] = ''; - $this->WriteConfig($config); + /** + * Provide an extra method since our `timezone` attribute setter prevents setting an empty timezone. + */ + public function deleteTimezone() : void { + $this->set('timezone', ''); } public function shouldDomainValidationBeSkipped(bool $skipDomainValidation) : bool { diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 8b9720fb..ae8e9c83 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -577,7 +577,7 @@ readonly class DockerActionManager { 'COLLABORA_ENABLED' => $this->configurationManager->isCollaboraEnabled ? 'yes' : '', 'TALK_ENABLED' => $this->configurationManager->isTalkEnabled ? 'yes' : '', 'UPDATE_NEXTCLOUD_APPS' => ($this->configurationManager->isDailyBackupRunning() && $this->configurationManager->areAutomaticUpdatesEnabled()) ? 'yes' : '', - 'TIMEZONE' => $this->configurationManager->GetTimezone() === '' ? 'Etc/UTC' : $this->configurationManager->GetTimezone(), + 'TIMEZONE' => $this->configurationManager->timezone === '' ? 'Etc/UTC' : $this->configurationManager->timezone, 'COLLABORA_DICTIONARIES' => $this->configurationManager->GetCollaboraDictionaries() === '' ? 'de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru' : $this->configurationManager->GetCollaboraDictionaries(), 'IMAGINARY_ENABLED' => $this->configurationManager->isImaginaryEnabled ? 'yes' : '', 'FULLTEXTSEARCH_ENABLED' => $this->configurationManager->isFulltextsearchEnabled ? 'yes' : '', From ca35006a8595e6abbb0d6313b819ae98b8ea2068 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 12:18:45 +0100 Subject: [PATCH 330/432] Make `collabora_dictionaries` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- .../Controller/ConfigurationController.php | 2 +- php/src/Data/ConfigurationManager.php | 34 +++++++++---------- php/src/Docker/DockerActionManager.php | 2 +- 4 files changed, 20 insertions(+), 20 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 130d34d5..dc0151e2 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -120,7 +120,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'timezone' => $configurationManager->timezone, 'skip_domain_validation' => $configurationManager->shouldDomainValidationBeSkipped($skip_domain_validation), 'talk_port' => $configurationManager->GetTalkPort(), - 'collabora_dictionaries' => $configurationManager->GetCollaboraDictionaries(), + 'collabora_dictionaries' => $configurationManager->collabora_dictionaries, 'collabora_additional_options' => $configurationManager->GetAdditionalCollaboraOptions(), 'automatic_updates' => $configurationManager->areAutomaticUpdatesEnabled(), 'is_backup_section_enabled' => $configurationManager->isBackupSectionEnabled(), diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index 58337ef4..4a36ce5c 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -117,7 +117,7 @@ readonly class ConfigurationController { if (isset($request->getParsedBody()['collabora_dictionaries'])) { $collaboraDictionaries = $request->getParsedBody()['collabora_dictionaries'] ?? ''; - $this->configurationManager->SetCollaboraDictionaries($collaboraDictionaries); + $this->configurationManager->collabora_dictionaries = $collaboraDictionaries; } if (isset($request->getParsedBody()['delete_collabora_additional_options'])) { diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 119e81ce..9f037ec4 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -136,6 +136,18 @@ class ConfigurationManager } } + /** + * @throws InvalidSettingConfigurationException + */ + public string $collabora_dictionaries { + get => $this->get('collabora_dictionaries', ''); + set { + // This throws an exception if the validation fails. + $this->validateCollaboraDictionaries($value); + $this->set('collabora_dictionaries', $value); + } + } + public function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -831,19 +843,10 @@ class ConfigurationManager return 'deck twofactor_totp tasks calendar contacts notes'; } - public function GetCollaboraDictionaries() : string { - $config = $this->GetConfig(); - if(!isset($config['collabora_dictionaries'])) { - $config['collabora_dictionaries'] = ''; - } - - return $config['collabora_dictionaries']; - } - /** * @throws InvalidSettingConfigurationException */ - public function SetCollaboraDictionaries(string $CollaboraDictionaries) : void { + private function validateCollaboraDictionaries(string $CollaboraDictionaries) : void { if ($CollaboraDictionaries === "") { throw new InvalidSettingConfigurationException("The dictionaries must not be empty!"); } @@ -851,16 +854,13 @@ class ConfigurationManager if (!preg_match("#^[a-zA-Z_ ]+$#", $CollaboraDictionaries)) { throw new InvalidSettingConfigurationException("The entered dictionaries do not seem to be a valid!"); } - - $config = $this->GetConfig(); - $config['collabora_dictionaries'] = $CollaboraDictionaries; - $this->WriteConfig($config); } + /** + * Provide an extra method since the corresponding attribute setter prevents setting an empty value. + */ public function DeleteCollaboraDictionaries() : void { - $config = $this->GetConfig(); - $config['collabora_dictionaries'] = ''; - $this->WriteConfig($config); + $this->set('collabora_dictionaries', ''); } /** diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index ae8e9c83..3bbc37f1 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -578,7 +578,7 @@ readonly class DockerActionManager { 'TALK_ENABLED' => $this->configurationManager->isTalkEnabled ? 'yes' : '', 'UPDATE_NEXTCLOUD_APPS' => ($this->configurationManager->isDailyBackupRunning() && $this->configurationManager->areAutomaticUpdatesEnabled()) ? 'yes' : '', 'TIMEZONE' => $this->configurationManager->timezone === '' ? 'Etc/UTC' : $this->configurationManager->timezone, - 'COLLABORA_DICTIONARIES' => $this->configurationManager->GetCollaboraDictionaries() === '' ? 'de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru' : $this->configurationManager->GetCollaboraDictionaries(), + 'COLLABORA_DICTIONARIES' => $this->configurationManager->collabora_dictionaries === '' ? 'de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru' : $this->configurationManager->collabora_dictionaries, 'IMAGINARY_ENABLED' => $this->configurationManager->isImaginaryEnabled ? 'yes' : '', 'FULLTEXTSEARCH_ENABLED' => $this->configurationManager->isFulltextsearchEnabled ? 'yes' : '', 'DOCKER_SOCKET_PROXY_ENABLED' => $this->configurationManager->isDockerSocketProxyEnabled ? 'yes' : '', From 228440f2a8905aab4a2db54faa70fc8565776ffd Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 12:21:23 +0100 Subject: [PATCH 331/432] Make `collabora_additional_options` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- .../Controller/ConfigurationController.php | 4 +- php/src/Data/ConfigurationManager.php | 38 +++++++++---------- php/src/Docker/DockerActionManager.php | 4 +- 4 files changed, 24 insertions(+), 24 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index dc0151e2..83d1d878 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -121,7 +121,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'skip_domain_validation' => $configurationManager->shouldDomainValidationBeSkipped($skip_domain_validation), 'talk_port' => $configurationManager->GetTalkPort(), 'collabora_dictionaries' => $configurationManager->collabora_dictionaries, - 'collabora_additional_options' => $configurationManager->GetAdditionalCollaboraOptions(), + 'collabora_additional_options' => $configurationManager->collabora_additional_options, 'automatic_updates' => $configurationManager->areAutomaticUpdatesEnabled(), 'is_backup_section_enabled' => $configurationManager->isBackupSectionEnabled(), 'is_imaginary_enabled' => $configurationManager->isImaginaryEnabled, diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index 4a36ce5c..3147fda4 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -121,12 +121,12 @@ readonly class ConfigurationController { } if (isset($request->getParsedBody()['delete_collabora_additional_options'])) { - $this->configurationManager->DeleteAdditionalCollaboraOptions(); + $this->configurationManager->deleteAdditionalCollaboraOptions(); } if (isset($request->getParsedBody()['collabora_additional_options'])) { $additionalCollaboraOptions = $request->getParsedBody()['collabora_additional_options'] ?? ''; - $this->configurationManager->SetAdditionalCollaboraOptions($additionalCollaboraOptions); + $this->configurationManager->collabora_additional_options = $additionalCollaboraOptions; } if (isset($request->getParsedBody()['delete_borg_backup_location_vars'])) { diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 9f037ec4..3c176556 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -148,6 +148,18 @@ class ConfigurationManager } } + /** + * @throws InvalidSettingConfigurationException + */ + public string $collabora_additional_options { + get => $this->get('collabora_additional_options', ''); + set { + // This throws an exception if the validation fails. + $this->validateCollaboraAdditionalOptions($value); + $this->set('collabora_additional_options', $value); + } + } + public function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -866,7 +878,7 @@ class ConfigurationManager /** * @throws InvalidSettingConfigurationException */ - public function SetAdditionalCollaboraOptions(string $additionalCollaboraOptions) : void { + private function validateCollaboraAdditionalOptions(string $additionalCollaboraOptions) : void { if ($additionalCollaboraOptions === "") { throw new InvalidSettingConfigurationException("The additional options must not be empty!"); } @@ -874,32 +886,20 @@ class ConfigurationManager if (!preg_match("#^--o:#", $additionalCollaboraOptions)) { throw new InvalidSettingConfigurationException("The entered options must start with '--o:'. So the config does not seem to be a valid!"); } - - $config = $this->GetConfig(); - $config['collabora_additional_options'] = $additionalCollaboraOptions; - $this->WriteConfig($config); - } - - public function GetAdditionalCollaboraOptions() : string { - $config = $this->GetConfig(); - if(!isset($config['collabora_additional_options'])) { - $config['collabora_additional_options'] = ''; - } - - return $config['collabora_additional_options']; } public function isCollaboraSubscriptionEnabled() : bool { - if (str_contains($this->GetAdditionalCollaboraOptions(), '--o:support_key=')) { + if (str_contains($this->collabora_additional_options, '--o:support_key=')) { return true; } return false; } - public function DeleteAdditionalCollaboraOptions() : void { - $config = $this->GetConfig(); - $config['collabora_additional_options'] = ''; - $this->WriteConfig($config); + /** + * Provide an extra method since the corresponding attribute setter prevents setting an empty value. + */ + public function deleteAdditionalCollaboraOptions() : void { + $this->set('collabora_additional_options', ''); } public function GetApacheAdditionalNetwork() : string { diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 3bbc37f1..6afa46fe 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -427,8 +427,8 @@ readonly class DockerActionManager { } // Additional Collabora options - if ($this->configurationManager->GetAdditionalCollaboraOptions() !== '') { - $requestBody['Cmd'] = [$this->configurationManager->GetAdditionalCollaboraOptions()]; + if ($this->configurationManager->collabora_additional_options !== '') { + $requestBody['Cmd'] = [$this->configurationManager->collabora_additional_options]; } } From 6c04cd055f363dc52d4e1bcac7a317f428246ebb Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 15:44:22 +0100 Subject: [PATCH 332/432] Make `aio_community_containers` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/ContainerDefinitionFetcher.php | 2 +- .../Controller/ConfigurationController.php | 2 +- php/src/Data/ConfigurationManager.php | 26 ++++--------------- php/src/Docker/DockerActionManager.php | 2 +- 5 files changed, 9 insertions(+), 25 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 83d1d878..2d3e4f03 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -138,7 +138,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'is_docker_socket_proxy_enabled' => $configurationManager->isDockerSocketProxyEnabled, 'is_whiteboard_enabled' => $configurationManager->isWhiteboardEnabled, 'community_containers' => $configurationManager->listAvailableCommunityContainers(), - 'community_containers_enabled' => $configurationManager->GetEnabledCommunityContainers(), + 'community_containers_enabled' => $configurationManager->aio_community_containers, 'bypass_container_update' => $bypass_container_update, ]); })->setName('profile'); diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index e8244ddc..6f96d480 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -41,7 +41,7 @@ readonly class ContainerDefinitionFetcher { $data = json_decode((string)file_get_contents(DataConst::GetContainersDefinitionPath()), true, 512, JSON_THROW_ON_ERROR); $additionalContainerNames = []; - foreach ($this->configurationManager->GetEnabledCommunityContainers() as $communityContainer) { + foreach ($this->configurationManager->aio_community_containers as $communityContainer) { if ($communityContainer !== '') { $path = DataConst::GetCommunityContainersDirectory() . '/' . $communityContainer . '/' . $communityContainer . '.json'; $additionalData = json_decode((string)file_get_contents($path), true, 512, JSON_THROW_ON_ERROR); diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index 3147fda4..a1132981 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -108,7 +108,7 @@ readonly class ConfigurationController { $enabledCC[] = $item; } } - $this->configurationManager->SetEnabledCommunityContainers($enabledCC); + $this->configurationManager->aio_community_containers = $enabledCC; } if (isset($request->getParsedBody()['delete_collabora_dictionaries'])) { diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 3c176556..72f69086 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -160,6 +160,11 @@ class ConfigurationManager } } + public array $aio_community_containers { + get => explode(' ', $this->get('aio_community_containers', '')); + set { $this->set('aio_community_containers', implode(' ', $value)); } + } + public function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -931,16 +936,6 @@ class ConfigurationManager } } - private function GetCommunityContainers() : string { - $config = $this->GetConfig(); - if(!isset($config['aio_community_containers'])) { - $config['aio_community_containers'] = ''; - } - - return $config['aio_community_containers']; - } - - public function listAvailableCommunityContainers() : array { $cc = []; $dir = scandir(DataConst::GetCommunityContainersDirectory()); @@ -976,17 +971,6 @@ class ConfigurationManager return $cc; } - /** @return list */ - public function GetEnabledCommunityContainers(): array { - return explode(' ', $this->GetCommunityContainers()); - } - - public function SetEnabledCommunityContainers(array $enabledCommunityContainers) : void { - $config = $this->GetConfig(); - $config['aio_community_containers'] = implode(' ', $enabledCommunityContainers); - $this->WriteConfig($config); - } - private function GetEnabledDriDevice() : string { $envVariableName = 'NEXTCLOUD_ENABLE_DRI_DEVICE'; $configName = 'nextcloud_enable_dri_device'; diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 6afa46fe..08cbf9b1 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -600,7 +600,7 @@ readonly class DockerActionManager { // Allow to get local ip-address of database container which allows to talk to it even in host mode (the container that requires this needs to be started first then) 'AIO_DATABASE_HOST' => gethostbyname('nextcloud-aio-database'), // Allow to get local ip-address of caddy container and add it to trusted proxies automatically - 'CADDY_IP_ADDRESS' => in_array('caddy', $this->configurationManager->GetEnabledCommunityContainers(), true) ? gethostbyname('nextcloud-aio-caddy') : '', + 'CADDY_IP_ADDRESS' => in_array('caddy', $this->configurationManager->aio_community_containers, true) ? gethostbyname('nextcloud-aio-caddy') : '', 'WHITEBOARD_ENABLED' => $this->configurationManager->isWhiteboardEnabled ? 'yes' : '', default => $this->configurationManager->GetRegisteredSecret($placeholder), }; From 0a22384cd90127a14f11dc55b1e73c83daf485c4 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 12:23:22 +0100 Subject: [PATCH 333/432] Make `turn_domain` an attribute Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 14 +++++--------- php/src/Docker/DockerActionManager.php | 2 +- 2 files changed, 6 insertions(+), 10 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 72f69086..9362815a 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -165,6 +165,11 @@ class ConfigurationManager set { $this->set('aio_community_containers', implode(' ', $value)); } } + public string $turn_domain { + get => $this->get('turn_domain', ''); + set { $this->set('turn_domain', $value); } + } + public function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -562,15 +567,6 @@ class ConfigurationManager return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); } - public function GetTurnDomain() : string { - $config = $this->GetConfig(); - if(!isset($config['turn_domain'])) { - $config['turn_domain'] = ''; - } - - return $config['turn_domain']; - } - /** * @throws InvalidSettingConfigurationException */ diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 08cbf9b1..367b7eb4 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -568,7 +568,7 @@ readonly class DockerActionManager { 'APACHE_PORT' => $this->configurationManager->GetApachePort(), 'APACHE_IP_BINDING' => $this->configurationManager->GetApacheIPBinding(), 'TALK_PORT' => $this->configurationManager->GetTalkPort(), - 'TURN_DOMAIN' => $this->configurationManager->GetTurnDomain(), + 'TURN_DOMAIN' => $this->configurationManager->turn_domain, 'NEXTCLOUD_MOUNT' => $this->configurationManager->GetNextcloudMount(), 'BACKUP_RESTORE_PASSWORD' => $this->configurationManager->borg_restore_password, 'CLAMAV_ENABLED' => $this->configurationManager->isClamavEnabled ? 'yes' : '', From 4e373cb2f8a0be7e809f0a6d2cdc3700e5b8abf2 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Tue, 20 Jan 2026 12:45:00 +0100 Subject: [PATCH 334/432] Make `apache_ip_binding` an attribute Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 12 +++++------- php/src/Docker/DockerActionManager.php | 4 ++-- 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 9362815a..7182602e 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -124,6 +124,11 @@ class ConfigurationManager set { $this->set('borg_restore_password', $value); } } + public string $apache_ip_binding { + get => $this->GetEnvironmentalVariableOrConfig('APACHE_IP_BINDING', 'apache_ip_binding', ''); + set { $this->set('apache_ip_binding', $value); } + } + /** * @throws InvalidSettingConfigurationException */ @@ -910,13 +915,6 @@ class ConfigurationManager return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); } - public function GetApacheIPBinding() : string { - $envVariableName = 'APACHE_IP_BINDING'; - $configName = 'apache_ip_binding'; - $defaultValue = ''; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); - } - private function GetDisableBackupSection() : string { $envVariableName = 'AIO_DISABLE_BACKUP_SECTION'; $configName = 'disable_backup_section'; diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 367b7eb4..b1bf847e 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -297,7 +297,7 @@ readonly class DockerActionManager { } $ipBinding = $value->ipBinding; if ($ipBinding === '%APACHE_IP_BINDING%') { - $ipBinding = $this->configurationManager->GetApacheIPBinding(); + $ipBinding = $this->configurationManager->apache_ip_binding; // Do not expose if AIO is in internal network mode if ($ipBinding === '@INTERNAL') { continue; @@ -566,7 +566,7 @@ readonly class DockerActionManager { 'RESTORE_EXCLUDE_PREVIEWS' => $this->configurationManager->restoreExcludePreviews ? '1' : '', 'SELECTED_RESTORE_TIME' => $this->configurationManager->selectedRestoreTime, 'APACHE_PORT' => $this->configurationManager->GetApachePort(), - 'APACHE_IP_BINDING' => $this->configurationManager->GetApacheIPBinding(), + 'APACHE_IP_BINDING' => $this->configurationManager->apache_ip_binding, 'TALK_PORT' => $this->configurationManager->GetTalkPort(), 'TURN_DOMAIN' => $this->configurationManager->turn_domain, 'NEXTCLOUD_MOUNT' => $this->configurationManager->GetNextcloudMount(), From dc28eb67372be8bc6848eb17c27673c1ae382bb4 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Tue, 20 Jan 2026 12:47:45 +0100 Subject: [PATCH 335/432] Make `apache_port` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Data/ConfigurationManager.php | 10 ++++------ php/src/Docker/DockerActionManager.php | 8 ++++---- 3 files changed, 9 insertions(+), 11 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 2d3e4f03..27364a98 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -92,7 +92,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ return $view->render($response, 'containers.twig', [ 'domain' => $configurationManager->domain, - 'apache_port' => $configurationManager->GetApachePort(), + 'apache_port' => $configurationManager->apache_port, 'borg_backup_host_location' => $configurationManager->borg_backup_host_location, 'borg_remote_repo' => $configurationManager->borg_remote_repo, 'borg_public_key' => $configurationManager->GetBorgPublicKey(), diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 7182602e..aaef8e08 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -363,7 +363,7 @@ class ConfigurationManager } // Get the apache port - $port = $this->GetApachePort(); + $port = $this->apache_port; if (!filter_var($dnsRecordIP, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) { if ($port === '443') { @@ -558,11 +558,9 @@ class ConfigurationManager $this->set('password', $newPassword); } - public function GetApachePort() : string { - $envVariableName = 'APACHE_PORT'; - $configName = 'apache_port'; - $defaultValue = '443'; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); + public string $apache_port { + get => $this->GetEnvironmentalVariableOrConfig('APACHE_PORT', 'apache_port', '443'); + set { $this->set('apache_port', $value); } } public function GetTalkPort() : string { diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index b1bf847e..0db11ade 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -115,7 +115,7 @@ readonly class DockerActionManager { $containerName = $container->identifier; $internalPort = $container->internalPorts; if ($internalPort === '%APACHE_PORT%') { - $internalPort = $this->configurationManager->GetApachePort(); + $internalPort = $this->configurationManager->apache_port; } elseif ($internalPort === '%TALK_PORT%') { $internalPort = $this->configurationManager->GetTalkPort(); } @@ -261,7 +261,7 @@ readonly class DockerActionManager { $port = $value->port; $protocol = $value->protocol; if ($port === '%APACHE_PORT%') { - $port = $this->configurationManager->GetApachePort(); + $port = $this->configurationManager->apache_port; // Do not expose udp if AIO is in reverse proxy mode if ($port !== '443' && $protocol === 'udp') { continue; @@ -283,7 +283,7 @@ readonly class DockerActionManager { $port = $value->port; $protocol = $value->protocol; if ($port === '%APACHE_PORT%') { - $port = $this->configurationManager->GetApachePort(); + $port = $this->configurationManager->apache_port; // Do not expose udp if AIO is in reverse proxy mode if ($port !== '443' && $protocol === 'udp') { continue; @@ -565,7 +565,7 @@ readonly class DockerActionManager { 'AIO_URL' => $this->configurationManager->AIO_URL, 'RESTORE_EXCLUDE_PREVIEWS' => $this->configurationManager->restoreExcludePreviews ? '1' : '', 'SELECTED_RESTORE_TIME' => $this->configurationManager->selectedRestoreTime, - 'APACHE_PORT' => $this->configurationManager->GetApachePort(), + 'APACHE_PORT' => $this->configurationManager->apache_port, 'APACHE_IP_BINDING' => $this->configurationManager->apache_ip_binding, 'TALK_PORT' => $this->configurationManager->GetTalkPort(), 'TURN_DOMAIN' => $this->configurationManager->turn_domain, From 96c9c1a6f91befbba4150d9312bc00173044ade9 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Tue, 20 Jan 2026 12:52:24 +0100 Subject: [PATCH 336/432] Make `talk_port` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Data/ConfigurationManager.php | 10 ++++------ php/src/Docker/DockerActionManager.php | 8 ++++---- 3 files changed, 9 insertions(+), 11 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 27364a98..718ad0ca 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -119,7 +119,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'is_daily_backup_running' => $configurationManager->isDailyBackupRunning(), 'timezone' => $configurationManager->timezone, 'skip_domain_validation' => $configurationManager->shouldDomainValidationBeSkipped($skip_domain_validation), - 'talk_port' => $configurationManager->GetTalkPort(), + 'talk_port' => $configurationManager->talk_port, 'collabora_dictionaries' => $configurationManager->collabora_dictionaries, 'collabora_additional_options' => $configurationManager->collabora_additional_options, 'automatic_updates' => $configurationManager->areAutomaticUpdatesEnabled(), diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index aaef8e08..fca733e9 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -562,12 +562,10 @@ class ConfigurationManager get => $this->GetEnvironmentalVariableOrConfig('APACHE_PORT', 'apache_port', '443'); set { $this->set('apache_port', $value); } } - - public function GetTalkPort() : string { - $envVariableName = 'TALK_PORT'; - $configName = 'talk_port'; - $defaultValue = '3478'; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); + + public string $talk_port { + get => $this->GetEnvironmentalVariableOrConfig('TALK_PORT', 'talk_port', '3478'); + set { $this->set('talk_port', $value); } } /** diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 0db11ade..8cfbe399 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -117,7 +117,7 @@ readonly class DockerActionManager { if ($internalPort === '%APACHE_PORT%') { $internalPort = $this->configurationManager->apache_port; } elseif ($internalPort === '%TALK_PORT%') { - $internalPort = $this->configurationManager->GetTalkPort(); + $internalPort = $this->configurationManager->talk_port; } if ($internalPort !== "" && $internalPort !== 'host') { @@ -267,7 +267,7 @@ readonly class DockerActionManager { continue; } } else if ($port === '%TALK_PORT%') { - $port = $this->configurationManager->GetTalkPort(); + $port = $this->configurationManager->talk_port; } $portWithProtocol = $port . '/' . $protocol; $exposedPorts[$portWithProtocol] = null; @@ -289,7 +289,7 @@ readonly class DockerActionManager { continue; } } else if ($port === '%TALK_PORT%') { - $port = $this->configurationManager->GetTalkPort(); + $port = $this->configurationManager->talk_port; // Skip publishing talk tcp port if it is set to 443 if ($port === '443' && $protocol === 'tcp') { continue; @@ -567,7 +567,7 @@ readonly class DockerActionManager { 'SELECTED_RESTORE_TIME' => $this->configurationManager->selectedRestoreTime, 'APACHE_PORT' => $this->configurationManager->apache_port, 'APACHE_IP_BINDING' => $this->configurationManager->apache_ip_binding, - 'TALK_PORT' => $this->configurationManager->GetTalkPort(), + 'TALK_PORT' => $this->configurationManager->talk_port, 'TURN_DOMAIN' => $this->configurationManager->turn_domain, 'NEXTCLOUD_MOUNT' => $this->configurationManager->GetNextcloudMount(), 'BACKUP_RESTORE_PASSWORD' => $this->configurationManager->borg_restore_password, From 903aed1e34797c0fcaaa6bde13fe83b9cd77000f Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Tue, 20 Jan 2026 12:54:14 +0100 Subject: [PATCH 337/432] Make `nextcloud_upload_limit` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Data/ConfigurationManager.php | 11 ++++------- php/src/Docker/DockerActionManager.php | 2 +- 3 files changed, 6 insertions(+), 9 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 718ad0ca..b14bb449 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -129,7 +129,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'additional_backup_directories' => $configurationManager->GetAdditionalBackupDirectoriesString(), 'nextcloud_datadir' => $configurationManager->GetNextcloudDatadirMount(), 'nextcloud_mount' => $configurationManager->GetNextcloudMount(), - 'nextcloud_upload_limit' => $configurationManager->GetNextcloudUploadLimit(), + 'nextcloud_upload_limit' => $configurationManager->nextcloud_upload_limit, 'nextcloud_max_time' => $configurationManager->GetNextcloudMaxTime(), 'nextcloud_memory_limit' => $configurationManager->GetNextcloudMemoryLimit(), 'is_dri_device_enabled' => $configurationManager->isDriDeviceEnabled(), diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index fca733e9..f9525c09 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -634,13 +634,10 @@ class ConfigurationManager return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); } - public function GetNextcloudUploadLimit() : string { - $envVariableName = 'NEXTCLOUD_UPLOAD_LIMIT'; - $configName = 'nextcloud_upload_limit'; - $defaultValue = '16G'; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); + public string $nextcloud_upload_limit { + get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_UPLOAD_LIMIT', 'nextcloud_upload_limit', '16G'); + set { $this->set('nextcloud_upload_limit', $value); } } - public function GetNextcloudMemoryLimit() : string { $envVariableName = 'NEXTCLOUD_MEMORY_LIMIT'; $configName = 'nextcloud_memory_limit'; @@ -649,7 +646,7 @@ class ConfigurationManager } public function GetApacheMaxSize() : int { - $uploadLimit = (int)rtrim($this->GetNextcloudUploadLimit(), 'G'); + $uploadLimit = (int)rtrim($this->nextcloud_upload_limit, 'G'); return $uploadLimit * 1024 * 1024 * 1024; } diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 8cfbe399..d42678a7 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -582,7 +582,7 @@ readonly class DockerActionManager { 'IMAGINARY_ENABLED' => $this->configurationManager->isImaginaryEnabled ? 'yes' : '', 'FULLTEXTSEARCH_ENABLED' => $this->configurationManager->isFulltextsearchEnabled ? 'yes' : '', 'DOCKER_SOCKET_PROXY_ENABLED' => $this->configurationManager->isDockerSocketProxyEnabled ? 'yes' : '', - 'NEXTCLOUD_UPLOAD_LIMIT' => $this->configurationManager->GetNextcloudUploadLimit(), + 'NEXTCLOUD_UPLOAD_LIMIT' => $this->configurationManager->nextcloud_upload_limit, 'NEXTCLOUD_MEMORY_LIMIT' => $this->configurationManager->GetNextcloudMemoryLimit(), 'NEXTCLOUD_MAX_TIME' => $this->configurationManager->GetNextcloudMaxTime(), 'BORG_RETENTION_POLICY' => $this->configurationManager->GetBorgRetentionPolicy(), From 4de73dd75b865b6e5a1e0488ca0e92d30efbbbd8 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Tue, 20 Jan 2026 12:53:22 +0100 Subject: [PATCH 338/432] Make `nextcloud_mount` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/ContainerDefinitionFetcher.php | 4 ++-- php/src/Data/ConfigurationManager.php | 8 +++----- php/src/Docker/DockerActionManager.php | 6 +++--- 4 files changed, 9 insertions(+), 11 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index b14bb449..a87449fc 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -128,7 +128,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'is_fulltextsearch_enabled' => $configurationManager->isFulltextsearchEnabled, 'additional_backup_directories' => $configurationManager->GetAdditionalBackupDirectoriesString(), 'nextcloud_datadir' => $configurationManager->GetNextcloudDatadirMount(), - 'nextcloud_mount' => $configurationManager->GetNextcloudMount(), + 'nextcloud_mount' => $configurationManager->nextcloud_mount, 'nextcloud_upload_limit' => $configurationManager->nextcloud_upload_limit, 'nextcloud_max_time' => $configurationManager->GetNextcloudMaxTime(), 'nextcloud_memory_limit' => $configurationManager->GetNextcloudMemoryLimit(), diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index 6f96d480..c81989f2 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -119,7 +119,7 @@ readonly class ContainerDefinitionFetcher { } } if($value['source'] === '%NEXTCLOUD_MOUNT%') { - $value['source'] = $this->configurationManager->GetNextcloudMount(); + $value['source'] = $this->configurationManager->nextcloud_mount; if($value['source'] === '') { continue; } @@ -140,7 +140,7 @@ readonly class ContainerDefinitionFetcher { } } if ($value['destination'] === '%NEXTCLOUD_MOUNT%') { - $value['destination'] = $this->configurationManager->GetNextcloudMount(); + $value['destination'] = $this->configurationManager->nextcloud_mount; if($value['destination'] === '') { continue; } diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index f9525c09..da823439 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -620,11 +620,9 @@ class ConfigurationManager return trim((string)file_get_contents(DataConst::GetBackupPublicKey())); } - public function GetNextcloudMount() : string { - $envVariableName = 'NEXTCLOUD_MOUNT'; - $configName = 'nextcloud_mount'; - $defaultValue = ''; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); + public string $nextcloud_mount { + get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_MOUNT', 'nextcloud_mount', ''); + set { $this->set('nextcloud_mount', $value); } } public function GetNextcloudDatadirMount() : string { diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index d42678a7..7ab3bc23 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -205,7 +205,7 @@ readonly class DockerActionManager { foreach ($container->volumes->GetVolumes() as $volume) { // // NEXTCLOUD_MOUNT gets added via bind-mount later on // if ($container->identifier === 'nextcloud-aio-nextcloud') { - // if ($volume->name === $this->configurationManager->GetNextcloudMount()) { + // if ($volume->name === $this->configurationManager->nextcloud_mount) { // continue; // } // } @@ -408,7 +408,7 @@ readonly class DockerActionManager { // // Special things for the nextcloud container which should not be exposed in the containers.json // } elseif ($container->identifier === 'nextcloud-aio-nextcloud') { // foreach ($container->volumes->GetVolumes() as $volume) { - // if ($volume->name !== $this->configurationManager->GetNextcloudMount()) { + // if ($volume->name !== $this->configurationManager->nextcloud_mount) { // continue; // } // $mounts[] = ["Type" => "bind", "Source" => $volume->name, "Target" => $volume->mountPoint, "ReadOnly" => !$volume->isWritable, "BindOptions" => [ "Propagation" => "rshared"]]; @@ -569,7 +569,7 @@ readonly class DockerActionManager { 'APACHE_IP_BINDING' => $this->configurationManager->apache_ip_binding, 'TALK_PORT' => $this->configurationManager->talk_port, 'TURN_DOMAIN' => $this->configurationManager->turn_domain, - 'NEXTCLOUD_MOUNT' => $this->configurationManager->GetNextcloudMount(), + 'NEXTCLOUD_MOUNT' => $this->configurationManager->nextcloud_mount, 'BACKUP_RESTORE_PASSWORD' => $this->configurationManager->borg_restore_password, 'CLAMAV_ENABLED' => $this->configurationManager->isClamavEnabled ? 'yes' : '', 'TALK_RECORDING_ENABLED' => $this->configurationManager->isTalkRecordingEnabled ? 'yes' : '', From 3e19fa66d0271eb3b656a0aebab90e17383f6406 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Tue, 20 Jan 2026 12:51:30 +0100 Subject: [PATCH 339/432] Make `nextcloud_datadir_mount` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/ContainerDefinitionFetcher.php | 2 +- php/src/Data/ConfigurationManager.php | 13 ++++++------- 3 files changed, 8 insertions(+), 9 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index a87449fc..e312a7df 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -127,7 +127,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'is_imaginary_enabled' => $configurationManager->isImaginaryEnabled, 'is_fulltextsearch_enabled' => $configurationManager->isFulltextsearchEnabled, 'additional_backup_directories' => $configurationManager->GetAdditionalBackupDirectoriesString(), - 'nextcloud_datadir' => $configurationManager->GetNextcloudDatadirMount(), + 'nextcloud_datadir' => $configurationManager->nextcloud_datadir_mount, 'nextcloud_mount' => $configurationManager->nextcloud_mount, 'nextcloud_upload_limit' => $configurationManager->nextcloud_upload_limit, 'nextcloud_max_time' => $configurationManager->GetNextcloudMaxTime(), diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index c81989f2..22309da8 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -124,7 +124,7 @@ readonly class ContainerDefinitionFetcher { continue; } } elseif ($value['source'] === '%NEXTCLOUD_DATADIR%') { - $value['source'] = $this->configurationManager->GetNextcloudDatadirMount(); + $value['source'] = $this->configurationManager->nextcloud_datadir_mount; if ($value['source'] === '') { continue; } diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index da823439..b2dd40fb 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -473,8 +473,8 @@ class ConfigurationManager // Prevent backup to be contained in Nextcloud Datadir as this will delete the backup archive upon restore // See https://github.com/nextcloud/all-in-one/issues/6607 - if (str_starts_with($location . '/', rtrim($this->GetNextcloudDatadirMount(), '/') . '/')) { - throw new InvalidSettingConfigurationException("The path must not be a children of or equal to NEXTCLOUD_DATADIR, which is currently set to " . $this->GetNextcloudDatadirMount()); + if (str_starts_with($location . '/', rtrim($this->nextcloud_datadir_mount, '/') . '/')) { + throw new InvalidSettingConfigurationException("The path must not be a children of or equal to NEXTCLOUD_DATADIR, which is currently set to " . $this->nextcloud_datadir_mount); } } else { @@ -625,11 +625,10 @@ class ConfigurationManager set { $this->set('nextcloud_mount', $value); } } - public function GetNextcloudDatadirMount() : string { - $envVariableName = 'NEXTCLOUD_DATADIR'; - $configName = 'nextcloud_datadir'; - $defaultValue = 'nextcloud_aio_nextcloud_data'; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); + + public string $nextcloud_datadir_mount { + get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_DATADIR', 'nextcloud_datadir', 'nextcloud_aio_nextcloud_data'); + set { $this->set('nextcloud_datadir_mount', $value); } } public string $nextcloud_upload_limit { From c1f8ac6989e9a0064c6012546f0f6060fccac190 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Tue, 20 Jan 2026 12:54:54 +0100 Subject: [PATCH 340/432] Make `nextcloud_memory_limit` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Data/ConfigurationManager.php | 9 ++++----- php/src/Docker/DockerActionManager.php | 2 +- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index e312a7df..7bace4ac 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -131,7 +131,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'nextcloud_mount' => $configurationManager->nextcloud_mount, 'nextcloud_upload_limit' => $configurationManager->nextcloud_upload_limit, 'nextcloud_max_time' => $configurationManager->GetNextcloudMaxTime(), - 'nextcloud_memory_limit' => $configurationManager->GetNextcloudMemoryLimit(), + 'nextcloud_memory_limit' => $configurationManager->nextcloud_memory_limit, 'is_dri_device_enabled' => $configurationManager->isDriDeviceEnabled(), 'is_nvidia_gpu_enabled' => $configurationManager->isNvidiaGpuEnabled(), 'is_talk_recording_enabled' => $configurationManager->isTalkRecordingEnabled, diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index b2dd40fb..c466bb3c 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -635,11 +635,10 @@ class ConfigurationManager get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_UPLOAD_LIMIT', 'nextcloud_upload_limit', '16G'); set { $this->set('nextcloud_upload_limit', $value); } } - public function GetNextcloudMemoryLimit() : string { - $envVariableName = 'NEXTCLOUD_MEMORY_LIMIT'; - $configName = 'nextcloud_memory_limit'; - $defaultValue = '512M'; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); + + public string $nextcloud_memory_limit { + get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_MEMORY_LIMIT', 'nextcloud_memory_limit', '512M'); + set { $this->set('nextcloud_memory_limit', $value); } } public function GetApacheMaxSize() : int { diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 7ab3bc23..ee3cee60 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -583,7 +583,7 @@ readonly class DockerActionManager { 'FULLTEXTSEARCH_ENABLED' => $this->configurationManager->isFulltextsearchEnabled ? 'yes' : '', 'DOCKER_SOCKET_PROXY_ENABLED' => $this->configurationManager->isDockerSocketProxyEnabled ? 'yes' : '', 'NEXTCLOUD_UPLOAD_LIMIT' => $this->configurationManager->nextcloud_upload_limit, - 'NEXTCLOUD_MEMORY_LIMIT' => $this->configurationManager->GetNextcloudMemoryLimit(), + 'NEXTCLOUD_MEMORY_LIMIT' => $this->configurationManager->nextcloud_memory_limit, 'NEXTCLOUD_MAX_TIME' => $this->configurationManager->GetNextcloudMaxTime(), 'BORG_RETENTION_POLICY' => $this->configurationManager->GetBorgRetentionPolicy(), 'FULLTEXTSEARCH_JAVA_OPTIONS' => $this->configurationManager->GetFulltextsearchJavaOptions(), From 367e847cc813a674c8977c3b0e7e635588838dda Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Tue, 20 Jan 2026 12:55:58 +0100 Subject: [PATCH 341/432] Make `nextcloud_max_time` an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Data/ConfigurationManager.php | 8 +++----- php/src/Docker/DockerActionManager.php | 2 +- 3 files changed, 5 insertions(+), 7 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 7bace4ac..d4f4799f 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -130,7 +130,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'nextcloud_datadir' => $configurationManager->nextcloud_datadir_mount, 'nextcloud_mount' => $configurationManager->nextcloud_mount, 'nextcloud_upload_limit' => $configurationManager->nextcloud_upload_limit, - 'nextcloud_max_time' => $configurationManager->GetNextcloudMaxTime(), + 'nextcloud_max_time' => $configurationManager->nextcloud_max_time, 'nextcloud_memory_limit' => $configurationManager->nextcloud_memory_limit, 'is_dri_device_enabled' => $configurationManager->isDriDeviceEnabled(), 'is_nvidia_gpu_enabled' => $configurationManager->isNvidiaGpuEnabled(), diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index c466bb3c..44c8cc62 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -646,11 +646,9 @@ class ConfigurationManager return $uploadLimit * 1024 * 1024 * 1024; } - public function GetNextcloudMaxTime() : string { - $envVariableName = 'NEXTCLOUD_MAX_TIME'; - $configName = 'nextcloud_max_time'; - $defaultValue = '3600'; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); + public string $nextcloud_max_time { + get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_MAX_TIME', 'nextcloud_max_time', '3600'); + set { $this->set('nextcloud_max_time', $value); } } public function GetBorgRetentionPolicy() : string { diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index ee3cee60..b14e31db 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -584,7 +584,7 @@ readonly class DockerActionManager { 'DOCKER_SOCKET_PROXY_ENABLED' => $this->configurationManager->isDockerSocketProxyEnabled ? 'yes' : '', 'NEXTCLOUD_UPLOAD_LIMIT' => $this->configurationManager->nextcloud_upload_limit, 'NEXTCLOUD_MEMORY_LIMIT' => $this->configurationManager->nextcloud_memory_limit, - 'NEXTCLOUD_MAX_TIME' => $this->configurationManager->GetNextcloudMaxTime(), + 'NEXTCLOUD_MAX_TIME' => $this->configurationManager->nextcloud_max_time, 'BORG_RETENTION_POLICY' => $this->configurationManager->GetBorgRetentionPolicy(), 'FULLTEXTSEARCH_JAVA_OPTIONS' => $this->configurationManager->GetFulltextsearchJavaOptions(), 'NEXTCLOUD_TRUSTED_CACERTS_DIR' => $this->configurationManager->GetTrustedCacertsDir(), From f1ffd0771ce86e253e40e16ef4996fe16a960c76 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 14:28:15 +0100 Subject: [PATCH 342/432] Privatize GetConfig() and WriteConfig() Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 44c8cc62..e172d19b 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -175,7 +175,7 @@ class ConfigurationManager set { $this->set('turn_domain', $value); } } - public function GetConfig() : array + private function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) { @@ -571,10 +571,7 @@ class ConfigurationManager /** * @throws InvalidSettingConfigurationException */ - public function WriteConfig(?array $config) : void { - if ($config) { - $this->config = $config; - } + private function WriteConfig() : void { if(!is_dir(DataConst::GetDataDirectory())) { throw new InvalidSettingConfigurationException(DataConst::GetDataDirectory() . " does not exist! Something was set up falsely!"); } From c997332e47e26473536fbffa5e6881293814f369 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Tue, 20 Jan 2026 18:28:58 +0100 Subject: [PATCH 343/432] Remove residue code Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 9 --------- 1 file changed, 9 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index e172d19b..b30e6fc3 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -419,8 +419,6 @@ class ConfigurationManager } } - $config = $this->GetConfig(); - $this->WriteConfig($config); $this->setMultiple(function ($confManager) use ($domain) { // Write domain // Don't set the domain via the attribute, or we create a loop. @@ -443,9 +441,6 @@ class ConfigurationManager */ public function SetBorgLocationVars(string $location, string $repo) : void { $this->ValidateBorgLocationVars($location, $repo); - - $config = $this->GetConfig(); - $this->WriteConfig($config); $this->setMultiple(function ($confManager) use ($location, $repo) { $confManager->borg_backup_host_location = $location; $confManager->borg_remote_repo = $repo; @@ -495,8 +490,6 @@ class ConfigurationManager public function DeleteBorgBackupLocationItems() : void { // Delete the variables - $config = $this->GetConfig(); - $this->WriteConfig($config); $this->setMultiple(function ($confManager) { $confManager->borg_backup_host_location = ''; $confManager->borg_remote_repo = ''; @@ -520,8 +513,6 @@ class ConfigurationManager throw new InvalidSettingConfigurationException("Please enter the password!"); } - $config = $this->GetConfig(); - $this->WriteConfig($config); $this->setMultiple(function ($confManager) use ($location, $repo, $password) { $confManager->borg_backup_host_location = $location; $confManager->borg_remote_repo = $repo; From 9c9ad02f8a830f210494ea141fbcf400bb87fbd7 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 16:31:29 +0100 Subject: [PATCH 344/432] Set multiple attributes at once Signed-off-by: Pablo Zmdl --- php/src/Controller/DockerController.php | 27 +++++++++++++++---------- 1 file changed, 16 insertions(+), 11 deletions(-) diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index 4e6d52b7..f1c5400d 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -123,9 +123,11 @@ readonly class DockerController { } public function StartBackupContainerRestore(Request $request, Response $response, array $args) : Response { - $this->configurationManager->backupMode = 'restore'; - $this->configurationManager->selectedRestoreTime = $request->getParsedBody()['selected_restore_time'] ?? ''; - $this->configurationManager->restoreExcludePreviews = isset($request->getParsedBody()['restore-exclude-previews']); + $this->configurationManager->setMultiple(function ($confManager) use ($request) { + $confManager->backupMode = 'restore'; + $confManager->selectedRestoreTime = $request->getParsedBody()['selected_restore_time'] ?? ''; + $confManager->restoreExcludePreviews = isset($request->getParsedBody()['restore-exclude-previews']); + }); $id = self::TOP_CONTAINER; $forceStopNextcloud = true; @@ -150,8 +152,10 @@ readonly class DockerController { } public function StartBackupContainerTest(Request $request, Response $response, array $args) : Response { - $this->configurationManager->backupMode = 'test'; - $this->configurationManager->instance_restore_attempt = false; + $this->configurationManager->setMultiple(function ($confManager) { + $confManager->backupMode = 'test'; + $confManager->instance_restore_attempt = false; + }); $id = self::TOP_CONTAINER; $this->PerformRecursiveContainerStop($id); @@ -173,12 +177,13 @@ readonly class DockerController { $port = 443; } - $this->configurationManager->install_latest_major = isset($request->getParsedBody()['install_latest_major']); - // set AIO_URL - $this->configurationManager->AIO_URL = $host . ':' . (string)$port . $path; - // set wasStartButtonClicked - $this->configurationManager->wasStartButtonClicked = true; - + $this->configurationManager->setMultiple(function ($confManager) use ($request, $host, $port, $path) { + $confManager->install_latest_major = isset($request->getParsedBody()['install_latest_major']); + // set AIO_URL + $confManager->AIO_URL = $host . ':' . (string)$port . $path; + // set wasStartButtonClicked + $confManager->wasStartButtonClicked = true; + }); // Do not pull container images in case 'bypass_container_update' is set via url params // Needed for local testing $pullImage = !isset($request->getParsedBody()['bypass_container_update']); From 844831a899fd075adcd820b307faac0c81b20eb8 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Tue, 20 Jan 2026 09:27:43 +0100 Subject: [PATCH 345/432] Move handling ENV-var replacement into ConfigurationManger It's the more appropriate place to have this code, and we had to touch it anyways to make it assign the values to the attributes. Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 93 ++++++++++++++++++++++++++ php/src/Docker/DockerActionManager.php | 88 +----------------------- 2 files changed, 95 insertions(+), 86 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index b30e6fc3..2cbae5cc 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -980,4 +980,97 @@ class ConfigurationManager return true; } } + + public function setAioVariables(array $input) : void { + if ($input === []) { + return; + } + $this->setMultiple(function($confManager) use ($input) { + foreach ($input as $variable) { + $keyWithValue = $confManager->replaceEnvPlaceholders($variable); + [$key, $value] = explode('=', $keyWithValue, 2); + // Set if there's an attribute corresponding to the key. + if (isset($key, $confManager->$key)) { + $confManager->$key = $value; + } + } + }); + } + + // + // Replaces placeholders in $envValue with their values. + // E.g. "%NC_DOMAIN%:%APACHE_PORT" becomes "my.nextcloud.com:11000" + public function replaceEnvPlaceholders(string $envValue): string { + // $pattern breaks down as: + // % - matches a literal percent sign + // ([^%]+) - capture group that matches one or more characters that are NOT percent signs + // % - matches the closing percent sign + // + // Assumes literal percent signs are always matched and there is no + // escaping. + $pattern = '/%([^%]+)%/'; + $matchCount = preg_match_all($pattern, $envValue, $matches); + + if ($matchCount === 0) { + return $envValue; + } + + $placeholders = $matches[0]; // ["%PLACEHOLDER1%", "%PLACEHOLDER2%", ...] + $placeholderNames = $matches[1]; // ["PLACEHOLDER1", "PLACEHOLDER2", ...] + $placeholderPatterns = array_map(static fn(string $p) => '/' . preg_quote($p) . '/', $placeholders); // ["/%PLACEHOLDER1%/", ...] + $placeholderValues = array_map($this->getPlaceholderValue(...), $placeholderNames); // ["val1", "val2"] + // Guaranteed to be non-null because we found the placeholders in the preg_match_all. + return (string) preg_replace($placeholderPatterns, $placeholderValues, $envValue); + } + + private function getPlaceholderValue(string $placeholder) : string { + return match ($placeholder) { + 'NC_DOMAIN' => $this->domain, + 'NC_BASE_DN' => $this->GetBaseDN(), + 'AIO_TOKEN' => $this->AIO_TOKEN, + 'BORGBACKUP_REMOTE_REPO' => $this->borg_remote_repo, + 'BORGBACKUP_MODE' => $this->backupMode, + 'AIO_URL' => $this->AIO_URL, + 'SELECTED_RESTORE_TIME' => $this->selectedRestoreTime, + 'RESTORE_EXCLUDE_PREVIEWS' => $this->restoreExcludePreviews ? '1' : '', + 'APACHE_PORT' => $this->apache_port, + 'APACHE_IP_BINDING' => $this->apache_ip_binding, + 'TALK_PORT' => $this->talk_port, + 'TURN_DOMAIN' => $this->turn_domain, + 'NEXTCLOUD_MOUNT' => $this->nextcloud_mount, + 'BACKUP_RESTORE_PASSWORD' => $this->borg_restore_password, + 'CLAMAV_ENABLED' => $this->isClamavEnabled ? 'yes' : '', + 'TALK_RECORDING_ENABLED' => $this->isTalkRecordingEnabled ? 'yes' : '', + 'ONLYOFFICE_ENABLED' => $this->isOnlyofficeEnabled ? 'yes' : '', + 'COLLABORA_ENABLED' => $this->isCollaboraEnabled ? 'yes' : '', + 'TALK_ENABLED' => $this->isTalkEnabled ? 'yes' : '', + 'UPDATE_NEXTCLOUD_APPS' => ($this->isDailyBackupRunning() && $this->areAutomaticUpdatesEnabled()) ? 'yes' : '', + 'TIMEZONE' => $this->timezone === '' ? 'Etc/UTC' : $this->timezone, + 'COLLABORA_DICTIONARIES' => $this->collabora_dictionaries === '' ? 'de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru' : $this->collabora_dictionaries, + 'IMAGINARY_ENABLED' => $this->isImaginaryEnabled ? 'yes' : '', + 'FULLTEXTSEARCH_ENABLED' => $this->isFulltextsearchEnabled ? 'yes' : '', + 'DOCKER_SOCKET_PROXY_ENABLED' => $this->isDockerSocketProxyEnabled ? 'yes' : '', + 'NEXTCLOUD_UPLOAD_LIMIT' => $this->nextcloud_upload_limit, + 'NEXTCLOUD_MEMORY_LIMIT' => $this->nextcloud_memory_limit, + 'NEXTCLOUD_MAX_TIME' => $this->nextcloud_max_time, + 'BORG_RETENTION_POLICY' => $this->GetBorgRetentionPolicy(), + 'FULLTEXTSEARCH_JAVA_OPTIONS' => $this->GetFulltextsearchJavaOptions(), + 'NEXTCLOUD_TRUSTED_CACERTS_DIR' => $this->GetTrustedCacertsDir(), + 'ADDITIONAL_DIRECTORIES_BACKUP' => $this->GetAdditionalBackupDirectoriesString() !== '' ? 'yes' : '', + 'BORGBACKUP_HOST_LOCATION' => $this->borg_backup_host_location, + 'APACHE_MAX_SIZE' => (string)($this->GetApacheMaxSize()), + 'COLLABORA_SECCOMP_POLICY' => $this->GetCollaboraSeccompPolicy(), + 'NEXTCLOUD_STARTUP_APPS' => $this->GetNextcloudStartupApps(), + 'NEXTCLOUD_ADDITIONAL_APKS' => $this->GetNextcloudAdditionalApks(), + 'NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS' => $this->GetNextcloudAdditionalPhpExtensions(), + 'INSTALL_LATEST_MAJOR' => $this->install_latest_major ? 'yes' : '', + 'REMOVE_DISABLED_APPS' => $this->shouldDisabledAppsGetRemoved() ? 'yes' : '', + // Allow to get local ip-address of database container which allows to talk to it even in host mode (the container that requires this needs to be started first then) + 'AIO_DATABASE_HOST' => gethostbyname('nextcloud-aio-database'), + // Allow to get local ip-address of caddy container and add it to trusted proxies automatically + 'CADDY_IP_ADDRESS' => in_array('caddy', $this->aio_community_containers, true) ? gethostbyname('nextcloud-aio-caddy') : '', + 'WHITEBOARD_ENABLED' => $this->isWhiteboardEnabled ? 'yes' : '', + default => $this->GetRegisteredSecret($placeholder), + }; + } } diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index b14e31db..832480c2 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -228,15 +228,7 @@ readonly class DockerActionManager { $requestBody['HostConfig']['Binds'] = $volumes; } - $aioVariables = $container->aioVariables->GetVariables(); - foreach ($aioVariables as $variable) { - $config = $this->configurationManager->GetConfig(); - $variable = $this->replaceEnvPlaceholders($variable); - $variableArray = explode('=', $variable); - $config[$variableArray[0]] = $variableArray[1]; - $this->configurationManager->WriteConfig($config); - sleep(1); - } + $this->configurationManager->setAioVariables($container->aioVariables->GetVariables()); $envs = $container->containerEnvironmentVariables->GetVariables(); // Special thing for the nextcloud container @@ -244,7 +236,7 @@ readonly class DockerActionManager { $envs[] = $this->GetAllNextcloudExecCommands(); } foreach ($envs as $key => $env) { - $envs[$key] = $this->replaceEnvPlaceholders($env); + $envs[$key] = $this->configurationManager->replaceEnvPlaceholders($env); } if (count($envs) > 0) { @@ -530,82 +522,6 @@ readonly class DockerActionManager { } } - // Replaces placeholders in $envValue with their values. - // E.g. "%NC_DOMAIN%:%APACHE_PORT" becomes "my.nextcloud.com:11000" - private function replaceEnvPlaceholders(string $envValue): string { - // $pattern breaks down as: - // % - matches a literal percent sign - // ([^%]+) - capture group that matches one or more characters that are NOT percent signs - // % - matches the closing percent sign - // - // Assumes literal percent signs are always matched and there is no - // escaping. - $pattern = '/%([^%]+)%/'; - $matchCount = preg_match_all($pattern, $envValue, $matches); - - if ($matchCount === 0) { - return $envValue; - } - - $placeholders = $matches[0]; // ["%PLACEHOLDER1%", "%PLACEHOLDER2%", ...] - $placeholderNames = $matches[1]; // ["PLACEHOLDER1", "PLACEHOLDER2", ...] - $placeholderPatterns = array_map(static fn(string $p) => '/' . preg_quote($p) . '/', $placeholders); // ["/%PLACEHOLDER1%/", ...] - $placeholderValues = array_map($this->getPlaceholderValue(...), $placeholderNames); // ["val1", "val2"] - // Guaranteed to be non-null because we found the placeholders in the preg_match_all. - return (string) preg_replace($placeholderPatterns, $placeholderValues, $envValue); - } - - private function getPlaceholderValue(string $placeholder) : string { - return match ($placeholder) { - 'NC_DOMAIN' => $this->configurationManager->GetDomain(), - 'NC_BASE_DN' => $this->configurationManager->GetBaseDN(), - 'AIO_TOKEN' => $this->configurationManager->AIO_TOKEN, - 'BORGBACKUP_REMOTE_REPO' => $this->configurationManager->borg_remote_repo, - 'BORGBACKUP_MODE' => $this->configurationManager->GetBackupMode(), - 'AIO_URL' => $this->configurationManager->AIO_URL, - 'RESTORE_EXCLUDE_PREVIEWS' => $this->configurationManager->restoreExcludePreviews ? '1' : '', - 'SELECTED_RESTORE_TIME' => $this->configurationManager->selectedRestoreTime, - 'APACHE_PORT' => $this->configurationManager->apache_port, - 'APACHE_IP_BINDING' => $this->configurationManager->apache_ip_binding, - 'TALK_PORT' => $this->configurationManager->talk_port, - 'TURN_DOMAIN' => $this->configurationManager->turn_domain, - 'NEXTCLOUD_MOUNT' => $this->configurationManager->nextcloud_mount, - 'BACKUP_RESTORE_PASSWORD' => $this->configurationManager->borg_restore_password, - 'CLAMAV_ENABLED' => $this->configurationManager->isClamavEnabled ? 'yes' : '', - 'TALK_RECORDING_ENABLED' => $this->configurationManager->isTalkRecordingEnabled ? 'yes' : '', - 'ONLYOFFICE_ENABLED' => $this->configurationManager->isOnlyofficeEnabled ? 'yes' : '', - 'COLLABORA_ENABLED' => $this->configurationManager->isCollaboraEnabled ? 'yes' : '', - 'TALK_ENABLED' => $this->configurationManager->isTalkEnabled ? 'yes' : '', - 'UPDATE_NEXTCLOUD_APPS' => ($this->configurationManager->isDailyBackupRunning() && $this->configurationManager->areAutomaticUpdatesEnabled()) ? 'yes' : '', - 'TIMEZONE' => $this->configurationManager->timezone === '' ? 'Etc/UTC' : $this->configurationManager->timezone, - 'COLLABORA_DICTIONARIES' => $this->configurationManager->collabora_dictionaries === '' ? 'de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru' : $this->configurationManager->collabora_dictionaries, - 'IMAGINARY_ENABLED' => $this->configurationManager->isImaginaryEnabled ? 'yes' : '', - 'FULLTEXTSEARCH_ENABLED' => $this->configurationManager->isFulltextsearchEnabled ? 'yes' : '', - 'DOCKER_SOCKET_PROXY_ENABLED' => $this->configurationManager->isDockerSocketProxyEnabled ? 'yes' : '', - 'NEXTCLOUD_UPLOAD_LIMIT' => $this->configurationManager->nextcloud_upload_limit, - 'NEXTCLOUD_MEMORY_LIMIT' => $this->configurationManager->nextcloud_memory_limit, - 'NEXTCLOUD_MAX_TIME' => $this->configurationManager->nextcloud_max_time, - 'BORG_RETENTION_POLICY' => $this->configurationManager->GetBorgRetentionPolicy(), - 'FULLTEXTSEARCH_JAVA_OPTIONS' => $this->configurationManager->GetFulltextsearchJavaOptions(), - 'NEXTCLOUD_TRUSTED_CACERTS_DIR' => $this->configurationManager->GetTrustedCacertsDir(), - 'ADDITIONAL_DIRECTORIES_BACKUP' => $this->configurationManager->GetAdditionalBackupDirectoriesString() !== '' ? 'yes' : '', - 'BORGBACKUP_HOST_LOCATION' => $this->configurationManager->borg_backup_host_location, - 'APACHE_MAX_SIZE' => (string)($this->configurationManager->GetApacheMaxSize()), - 'COLLABORA_SECCOMP_POLICY' => $this->configurationManager->GetCollaboraSeccompPolicy(), - 'NEXTCLOUD_STARTUP_APPS' => $this->configurationManager->GetNextcloudStartupApps(), - 'NEXTCLOUD_ADDITIONAL_APKS' => $this->configurationManager->GetNextcloudAdditionalApks(), - 'NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS' => $this->configurationManager->GetNextcloudAdditionalPhpExtensions(), - 'INSTALL_LATEST_MAJOR' => $this->configurationManager->install_latest_major ? 'yes' : '', - 'REMOVE_DISABLED_APPS' => $this->configurationManager->shouldDisabledAppsGetRemoved() ? 'yes' : '', - // Allow to get local ip-address of database container which allows to talk to it even in host mode (the container that requires this needs to be started first then) - 'AIO_DATABASE_HOST' => gethostbyname('nextcloud-aio-database'), - // Allow to get local ip-address of caddy container and add it to trusted proxies automatically - 'CADDY_IP_ADDRESS' => in_array('caddy', $this->configurationManager->aio_community_containers, true) ? gethostbyname('nextcloud-aio-caddy') : '', - 'WHITEBOARD_ENABLED' => $this->configurationManager->isWhiteboardEnabled ? 'yes' : '', - default => $this->configurationManager->GetRegisteredSecret($placeholder), - }; - } - private function isContainerUpdateAvailable(string $id): string { $container = $this->containerDefinitionFetcher->GetContainerById($id); From fd308d4b802c31169fb2df2189daad638c32a7ce Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 19 Jan 2026 15:18:13 +0100 Subject: [PATCH 346/432] Simplify some code a little bit Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 2cbae5cc..19ff0b74 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -697,10 +697,7 @@ class ConfigurationManager } public function isSeccompDisabled() : bool { - if ($this->GetCollaboraSeccompDisabledState() === 'true') { - return true; - } - return false; + return $this->GetCollaboraSeccompDisabledState() === 'true'; } /** @@ -795,10 +792,7 @@ class ConfigurationManager } public function isDailyBackupRunning() : bool { - if (file_exists(DataConst::GetDailyBackupBlockFile())) { - return true; - } - return false; + return file_exists(DataConst::GetDailyBackupBlockFile()); } /** @@ -870,10 +864,7 @@ class ConfigurationManager } public function isCollaboraSubscriptionEnabled() : bool { - if (str_contains($this->collabora_additional_options, '--o:support_key=')) { - return true; - } - return false; + return str_contains($this->collabora_additional_options, '--o:support_key='); } /** From 662840bc25444fb1081af602a0143c6cea2f75ae Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Tue, 20 Jan 2026 19:36:39 +0100 Subject: [PATCH 347/432] Make psalm accept the property-hooks for virtual attributes Signed-off-by: Pablo Zmdl --- php/psalm.xml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/php/psalm.xml b/php/psalm.xml index d7ce38c9..576d82d2 100644 --- a/php/psalm.xml +++ b/php/psalm.xml @@ -20,5 +20,10 @@ + + + + + From 77bec5898f84de1e0f9dd66bf3e0ceef8919abf5 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Tue, 20 Jan 2026 19:34:52 +0100 Subject: [PATCH 348/432] Type for Closure argument Signed-off-by: Pablo Zmdl --- php/src/Controller/DockerController.php | 6 +++--- php/src/Data/ConfigurationManager.php | 10 +++++----- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index f1c5400d..c60efda5 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -123,7 +123,7 @@ readonly class DockerController { } public function StartBackupContainerRestore(Request $request, Response $response, array $args) : Response { - $this->configurationManager->setMultiple(function ($confManager) use ($request) { + $this->configurationManager->setMultiple(function (ConfigurationManager $confManager) use ($request) { $confManager->backupMode = 'restore'; $confManager->selectedRestoreTime = $request->getParsedBody()['selected_restore_time'] ?? ''; $confManager->restoreExcludePreviews = isset($request->getParsedBody()['restore-exclude-previews']); @@ -152,7 +152,7 @@ readonly class DockerController { } public function StartBackupContainerTest(Request $request, Response $response, array $args) : Response { - $this->configurationManager->setMultiple(function ($confManager) { + $this->configurationManager->setMultiple(function (ConfigurationManager $confManager) { $confManager->backupMode = 'test'; $confManager->instance_restore_attempt = false; }); @@ -177,7 +177,7 @@ readonly class DockerController { $port = 443; } - $this->configurationManager->setMultiple(function ($confManager) use ($request, $host, $port, $path) { + $this->configurationManager->setMultiple(function (ConfigurationManager $confManager) use ($request, $host, $port, $path) { $confManager->install_latest_major = isset($request->getParsedBody()['install_latest_major']); // set AIO_URL $confManager->AIO_URL = $host . ':' . (string)$port . $path; diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 19ff0b74..2fb0a413 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -419,7 +419,7 @@ class ConfigurationManager } } - $this->setMultiple(function ($confManager) use ($domain) { + $this->setMultiple(function (ConfigurationManager $confManager) use ($domain) { // Write domain // Don't set the domain via the attribute, or we create a loop. $confManager->set('domain', $domain); @@ -441,7 +441,7 @@ class ConfigurationManager */ public function SetBorgLocationVars(string $location, string $repo) : void { $this->ValidateBorgLocationVars($location, $repo); - $this->setMultiple(function ($confManager) use ($location, $repo) { + $this->setMultiple(function (ConfigurationManager $confManager) use ($location, $repo) { $confManager->borg_backup_host_location = $location; $confManager->borg_remote_repo = $repo; }); @@ -490,7 +490,7 @@ class ConfigurationManager public function DeleteBorgBackupLocationItems() : void { // Delete the variables - $this->setMultiple(function ($confManager) { + $this->setMultiple(function (ConfigurationManager $confManager) { $confManager->borg_backup_host_location = ''; $confManager->borg_remote_repo = ''; }); @@ -513,7 +513,7 @@ class ConfigurationManager throw new InvalidSettingConfigurationException("Please enter the password!"); } - $this->setMultiple(function ($confManager) use ($location, $repo, $password) { + $this->setMultiple(function (ConfigurationManager $confManager) use ($location, $repo, $password) { $confManager->borg_backup_host_location = $location; $confManager->borg_remote_repo = $repo; $confManager->borg_restore_password = $password; @@ -976,7 +976,7 @@ class ConfigurationManager if ($input === []) { return; } - $this->setMultiple(function($confManager) use ($input) { + $this->setMultiple(function(ConfigurationManager $confManager) use ($input) { foreach ($input as $variable) { $keyWithValue = $confManager->replaceEnvPlaceholders($variable); [$key, $value] = explode('=', $keyWithValue, 2); From c65ccd2db02f7dfbf664ce17b7ca07036d5d4516 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Wed, 21 Jan 2026 09:54:29 +0100 Subject: [PATCH 349/432] Make aio-variables code more robust and psalm-compatible Now the input gets checked for being useful. It's user-generated data in the end, which might be "funny" in curious ways. psalm complained about the possibly unset second array key in the destructuring assignment of `$key` and `$value`, which won't happen due to the check for a present equal sign earlier, but nonetheless this way the code is more robust. Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 2fb0a413..2863d6e8 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -978,10 +978,19 @@ class ConfigurationManager } $this->setMultiple(function(ConfigurationManager $confManager) use ($input) { foreach ($input as $variable) { + if (!is_string($variable) || !str_contains($variable, '=')) { + error_log("Invalid input: '$variable' is not a string or does not contain an equal sign ('=')"); + continue; + } $keyWithValue = $confManager->replaceEnvPlaceholders($variable); - [$key, $value] = explode('=', $keyWithValue, 2); - // Set if there's an attribute corresponding to the key. - if (isset($key, $confManager->$key)) { + // Pad the result with nulls so psalm is happy (and we don't risk to run into warnings in case + // the check for an equal sign from above gets changed). + [$key, $value] = explode('=', $keyWithValue, 2) + [null, null]; + if ($value === null) { + error_log("Invalid input: '$keyWithValue' has no value after the equal sign"); + } else if (!property_exists($confManager, $key)) { + error_log("Error: '$key' is not a valid configuration key (in '$keyWithValue')"); + } else { $confManager->$key = $value; } } From 6bf45fb5072788a4926a4c3175f996b97b10fc10 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Wed, 21 Jan 2026 13:11:45 +0100 Subject: [PATCH 350/432] A script to list AIO variables that are configurable through `aio_variables` in community containers Signed-off-by: Pablo Zmdl --- get-configurable-aio-variables.sh | 3 +++ 1 file changed, 3 insertions(+) create mode 100755 get-configurable-aio-variables.sh diff --git a/get-configurable-aio-variables.sh b/get-configurable-aio-variables.sh new file mode 100755 index 00000000..44536bd3 --- /dev/null +++ b/get-configurable-aio-variables.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +awk '/^ public [^f][^u][^n]/ { sub(/\$/, "", $3); print $3 }' php/src/Data/ConfigurationManager.php | sort From 76d475f2b249aa6447b96d89a1eae56875fb8b34 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 16:40:45 +0100 Subject: [PATCH 351/432] Replace setMultiple() by startTransaction() and commitTransaction() Signed-off-by: Pablo Zmdl --- php/src/Controller/DockerController.php | 33 ++++----- php/src/Data/ConfigurationManager.php | 96 +++++++++++++------------ 2 files changed, 68 insertions(+), 61 deletions(-) diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index c60efda5..7078b71f 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -123,11 +123,11 @@ readonly class DockerController { } public function StartBackupContainerRestore(Request $request, Response $response, array $args) : Response { - $this->configurationManager->setMultiple(function (ConfigurationManager $confManager) use ($request) { - $confManager->backupMode = 'restore'; - $confManager->selectedRestoreTime = $request->getParsedBody()['selected_restore_time'] ?? ''; - $confManager->restoreExcludePreviews = isset($request->getParsedBody()['restore-exclude-previews']); - }); + $this->configurationManager->startTransaction(); + $this->configurationManager->backupMode = 'restore'; + $this->configurationManager->selectedRestoreTime = $request->getParsedBody()['selected_restore_time'] ?? ''; + $this->configurationManager->restoreExcludePreviews = isset($request->getParsedBody()['restore-exclude-previews']); + $this->configurationManager->commitTransaction(); $id = self::TOP_CONTAINER; $forceStopNextcloud = true; @@ -152,10 +152,10 @@ readonly class DockerController { } public function StartBackupContainerTest(Request $request, Response $response, array $args) : Response { - $this->configurationManager->setMultiple(function (ConfigurationManager $confManager) { - $confManager->backupMode = 'test'; - $confManager->instance_restore_attempt = false; - }); + $this->configurationManager->startTransaction(); + $this->configurationManager->backupMode = 'test'; + $this->configurationManager->instance_restore_attempt = false; + $this->configurationManager->commitTransaction(); $id = self::TOP_CONTAINER; $this->PerformRecursiveContainerStop($id); @@ -177,13 +177,14 @@ readonly class DockerController { $port = 443; } - $this->configurationManager->setMultiple(function (ConfigurationManager $confManager) use ($request, $host, $port, $path) { - $confManager->install_latest_major = isset($request->getParsedBody()['install_latest_major']); - // set AIO_URL - $confManager->AIO_URL = $host . ':' . (string)$port . $path; - // set wasStartButtonClicked - $confManager->wasStartButtonClicked = true; - }); + $this->configurationManager->startTransaction(); + $this->configurationManager->install_latest_major = isset($request->getParsedBody()['install_latest_major']); + // set AIO_URL + $this->configurationManager->AIO_URL = $host . ':' . (string)$port . $path; + // set wasStartButtonClicked + $this->configurationManager->wasStartButtonClicked = true; + $this->configurationManager->commitTransaction(); + // Do not pull container images in case 'bypass_container_update' is set via url params // Needed for local testing $pullImage = !isset($request->getParsedBody()['bypass_container_update']); diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 2863d6e8..2caf7849 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -193,21 +193,26 @@ class ConfigurationManager private function set(string $key, mixed $value) : void { $this->GetConfig(); $this->config[$key] = $value; - // Only write if this isn't called via setMultiple(). + // Only write if this isn't called in between startTransaction() and commitTransaction(). if ($this->noWrite !== true) { $this->WriteConfig(); } } /** - * This allows to assign multiple attributes without saving the config to disk in between (as would - * calling set() do). + * This allows to assign multiple attributes without saving the config to disk in between. It must be + * followed by a call to commitTransaction(), which then writes all changes to disk. */ - public function setMultiple(\Closure $closure) : void { + public function startTransaction() : void { + $this->GetConfig(); $this->noWrite = true; + } + + /** + * This allows to assign multiple attributes without saving the config to disk in between. + */ + public function commitTransaction() : void { try { - $this->GetConfig(); - $closure($this); $this->WriteConfig(); } finally { $this->noWrite = false; @@ -419,13 +424,14 @@ class ConfigurationManager } } - $this->setMultiple(function (ConfigurationManager $confManager) use ($domain) { - // Write domain - // Don't set the domain via the attribute, or we create a loop. - $confManager->set('domain', $domain); - // Reset the borg restore password when setting the domain - $confManager->borg_restore_password = ''; - }); + $this->startTransaction(); + // Write domain + // Don't set the domain via the attribute, or we create a loop. + $this->set('domain', $domain); + // Reset the borg restore password when setting the domain + $this->borg_restore_password = ''; + $this->startTransaction(); + $this->commitTransaction(); } public function GetBaseDN() : string { @@ -441,10 +447,10 @@ class ConfigurationManager */ public function SetBorgLocationVars(string $location, string $repo) : void { $this->ValidateBorgLocationVars($location, $repo); - $this->setMultiple(function (ConfigurationManager $confManager) use ($location, $repo) { - $confManager->borg_backup_host_location = $location; - $confManager->borg_remote_repo = $repo; - }); + $this->startTransaction(); + $this->borg_backup_host_location = $location; + $this->borg_remote_repo = $repo; + $this->commitTransaction(); } private function ValidateBorgLocationVars(string $location, string $repo) : void { @@ -490,10 +496,10 @@ class ConfigurationManager public function DeleteBorgBackupLocationItems() : void { // Delete the variables - $this->setMultiple(function (ConfigurationManager $confManager) { - $confManager->borg_backup_host_location = ''; - $confManager->borg_remote_repo = ''; - }); + $this->startTransaction(); + $this->borg_backup_host_location = ''; + $this->borg_remote_repo = ''; + $this->commitTransaction(); // Also delete the borg config file to be able to start over if (file_exists(DataConst::GetBackupKeyFile())) { @@ -513,12 +519,12 @@ class ConfigurationManager throw new InvalidSettingConfigurationException("Please enter the password!"); } - $this->setMultiple(function (ConfigurationManager $confManager) use ($location, $repo, $password) { - $confManager->borg_backup_host_location = $location; - $confManager->borg_remote_repo = $repo; - $confManager->borg_restore_password = $password; - $confManager->instance_restore_attempt = true; - }); + $this->startTransaction(); + $this->borg_backup_host_location = $location; + $this->borg_remote_repo = $repo; + $this->borg_restore_password = $password; + $this->instance_restore_attempt = true; + $this->commitTransaction(); } /** @@ -976,25 +982,25 @@ class ConfigurationManager if ($input === []) { return; } - $this->setMultiple(function(ConfigurationManager $confManager) use ($input) { - foreach ($input as $variable) { - if (!is_string($variable) || !str_contains($variable, '=')) { - error_log("Invalid input: '$variable' is not a string or does not contain an equal sign ('=')"); - continue; - } - $keyWithValue = $confManager->replaceEnvPlaceholders($variable); - // Pad the result with nulls so psalm is happy (and we don't risk to run into warnings in case - // the check for an equal sign from above gets changed). - [$key, $value] = explode('=', $keyWithValue, 2) + [null, null]; - if ($value === null) { - error_log("Invalid input: '$keyWithValue' has no value after the equal sign"); - } else if (!property_exists($confManager, $key)) { - error_log("Error: '$key' is not a valid configuration key (in '$keyWithValue')"); - } else { - $confManager->$key = $value; - } + $this->startTransaction(); + foreach ($input as $variable) { + if (!is_string($variable) || !str_contains($variable, '=')) { + error_log("Invalid input: '$variable' is not a string or does not contain an equal sign ('=')"); + continue; } - }); + $keyWithValue = $confManager->replaceEnvPlaceholders($variable); + // Pad the result with nulls so psalm is happy (and we don't risk to run into warnings in case + // the check for an equal sign from above gets changed). + [$key, $value] = explode('=', $keyWithValue, 2) + [null, null]; + if ($value === null) { + error_log("Invalid input: '$keyWithValue' has no value after the equal sign"); + } else if (!property_exists($confManager, $key)) { + error_log("Error: '$key' is not a valid configuration key (in '$keyWithValue')"); + } else { + $confManager->$key = $value; + } + } + $this->commitTransaction(); } // From dac5cfd917b8d7f7b748facf20874679e886cb36 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 16:43:41 +0100 Subject: [PATCH 352/432] Don't write the default value to disk This matches the previous behaviour and should not be changed silently. Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 1 - 1 file changed, 1 deletion(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 2caf7849..d25e4a91 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -591,7 +591,6 @@ class ConfigurationManager $configValue = $this->get($configName, ''); if ($envVariableOutput === false) { if ($configValue === '') { - $this->set($configName, $defaultValue); return $defaultValue; } return $configValue; From 3bb2ce6e4cc979dc772c410e9ac568ed515f1271 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 16:55:15 +0100 Subject: [PATCH 353/432] Type-cast get values to fix handling old config data Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 36 ++++++++++++++++++--------- 1 file changed, 24 insertions(+), 12 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index d25e4a91..b7916b16 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -24,17 +24,20 @@ class ConfigurationManager } public bool $isDockerSocketProxyEnabled { - get => $this->get('isDockerSocketProxyEnabled', false); + // Type-cast because old configs could have 1/0 for this key. + get => (bool) $this->get('isDockerSocketProxyEnabled', false); set { $this->set('isDockerSocketProxyEnabled', $value); } } public bool $isWhiteboardEnabled { - get => $this->get('isWhiteboardEnabled', true); + // Type-cast because old configs could have 1/0 for this key. + get => (bool) $this->get('isWhiteboardEnabled', true); set { $this->set('isWhiteboardEnabled', $value); } } public bool $restoreExcludePreviews { - get => $this->get('restore-exclude-previews', false); + // Type-cast because old configs could have '1'/'' for this key. + get => (bool) $this->get('restore-exclude-previews', false); set { $this->set('restore-exclude-previews', $value); } } @@ -49,7 +52,8 @@ class ConfigurationManager } public bool $instance_restore_attempt { - get => $this->get('instance_restore_attempt', false); + // Type-cast because old configs could have 1/'' for this key. + get => (bool) $this->get('instance_restore_attempt', false); set { $this->set('instance_restore_attempt', $value); } } @@ -59,7 +63,8 @@ class ConfigurationManager } public bool $wasStartButtonClicked { - get => $this->get('wasStartButtonClicked', false); + // Type-cast because old configs could have 1/0 for this key. + get => (bool) $this->get('wasStartButtonClicked', false); set { $this->set('wasStartButtonClicked', $value); } } @@ -69,37 +74,44 @@ class ConfigurationManager } public bool $isClamavEnabled { - get => $this->get('isClamavEnabled', false); + // Type-cast because old configs could have 1/0 for this key. + get => (bool) $this->get('isClamavEnabled', false); set { $this->set('isClamavEnabled', $value); } } public bool $isOnlyofficeEnabled { - get => $this->get('isOnlyofficeEnabled', false); + // Type-cast because old configs could have 1/0 for this key. + get => (bool) $this->get('isOnlyofficeEnabled', false); set { $this->set('isOnlyofficeEnabled', $value); } } public bool $isCollaboraEnabled { - get => $this->get('isCollaboraEnabled', true); + // Type-cast because old configs could have 1/0 for this key. + get => (bool) $this->get('isCollaboraEnabled', true); set { $this->set('isCollaboraEnabled', $value); } } public bool $isTalkEnabled { - get => $this->get('isTalkEnabled', true); + // Type-cast because old configs could have 1/0 for this key. + get => (bool) $this->get('isTalkEnabled', true); set { $this->set('isTalkEnabled', $value); } } public bool $isTalkRecordingEnabled { - get => $this->isTalkEnabled && $this->get('isTalkRecordingEnabled', false); + // Type-cast because old configs could have 1/0 for this key. + get => (bool) $this->isTalkEnabled && $this->get('isTalkRecordingEnabled', false); set { $this->set('isTalkRecordingEnabled', $this->isTalkEnabled && $value); } } public bool $isImaginaryEnabled { - get => $this->get('isImaginaryEnabled', true); + // Type-cast because old configs could have 1/0 for this key. + get => (bool) $this->get('isImaginaryEnabled', true); set { $this->set('isImaginaryEnabled', $value); } } public bool $isFulltextsearchEnabled { - get => $this->get('isFulltextsearchEnabled', false); + // Type-cast because old configs could have 1/0 for this key. + get => (bool) $this->get('isFulltextsearchEnabled', false); // Elasticsearch does not work on kernels without seccomp anymore. See https://github.com/nextcloud/all-in-one/discussions/5768 set { $this->set('isFulltextsearchEnabled', ($this->isSeccompDisabled() && $value)); } } From 27fd1e82ab74ffa7acf74eefae7b26f1ec7d8724 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:10:21 +0100 Subject: [PATCH 354/432] Turn install_latest_major property into a string so we can save a version string or number I chose a string instead of an integer so we have more freedom what to actually save (maybe we want to include minor version digits at one point). Signed-off-by: Pablo Zmdl --- php/src/Controller/DockerController.php | 8 +++++++- php/src/Data/ConfigurationManager.php | 7 ++++--- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index 7078b71f..47c6c259 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -177,8 +177,14 @@ readonly class DockerController { $port = 443; } + if (isset($request->getParsedBody()['install_latest_major'])) { + $install_latest_major = '32'; + } else { + $install_latest_major = ''; + } + $this->configurationManager->startTransaction(); - $this->configurationManager->install_latest_major = isset($request->getParsedBody()['install_latest_major']); + $this->configurationManager->install_latest_major = $install_latest_major; // set AIO_URL $this->configurationManager->AIO_URL = $host . ':' . (string)$port . $path; // set wasStartButtonClicked diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index b7916b16..7ca0f8bc 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -68,8 +68,9 @@ class ConfigurationManager set { $this->set('wasStartButtonClicked', $value); } } - public bool $install_latest_major { - get => $this->get('install_latest_major', false); + public string $install_latest_major { + // Type-cast because old configs could have integers for this key. + get => (string) $this->get('install_latest_major', ''); set { $this->set('install_latest_major', $value); } } @@ -1080,7 +1081,7 @@ class ConfigurationManager 'NEXTCLOUD_STARTUP_APPS' => $this->GetNextcloudStartupApps(), 'NEXTCLOUD_ADDITIONAL_APKS' => $this->GetNextcloudAdditionalApks(), 'NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS' => $this->GetNextcloudAdditionalPhpExtensions(), - 'INSTALL_LATEST_MAJOR' => $this->install_latest_major ? 'yes' : '', + 'INSTALL_LATEST_MAJOR' => $this->install_latest_major, 'REMOVE_DISABLED_APPS' => $this->shouldDisabledAppsGetRemoved() ? 'yes' : '', // Allow to get local ip-address of database container which allows to talk to it even in host mode (the container that requires this needs to be started first then) 'AIO_DATABASE_HOST' => gethostbyname('nextcloud-aio-database'), From dd5d51cb2a1ef50944e161f2c9e5b4f02808d926 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:12:45 +0100 Subject: [PATCH 355/432] Camelize property AIO_TOKEN => aioToken Signed-off-by: Pablo Zmdl --- php/src/Auth/AuthManager.php | 2 +- php/src/Controller/DockerController.php | 2 +- php/src/Data/ConfigurationManager.php | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/php/src/Auth/AuthManager.php b/php/src/Auth/AuthManager.php index 1d558aed..f6ab0d10 100644 --- a/php/src/Auth/AuthManager.php +++ b/php/src/Auth/AuthManager.php @@ -19,7 +19,7 @@ readonly class AuthManager { } public function CheckToken(string $token) : bool { - return hash_equals($this->configurationManager->AIO_TOKEN, $token); + return hash_equals($this->configurationManager->aioToken, $token); } public function SetAuthState(bool $isLoggedIn) : void { diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index 47c6c259..862665c3 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -208,7 +208,7 @@ readonly class DockerController { } public function startTopContainer(bool $pullImage) : void { - $this->configurationManager->AIO_TOKEN = bin2hex(random_bytes(24)); + $this->configurationManager->aioToken = bin2hex(random_bytes(24)); // Stop domaincheck since apache would not be able to start otherwise $this->StopDomaincheckContainer(); diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 7ca0f8bc..340e59d9 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -13,7 +13,7 @@ class ConfigurationManager private bool $noWrite = false; - public string $AIO_TOKEN { + public string $aioToken { get => $this->get('AIO_TOKEN', ''); set { $this->set('AIO_TOKEN', $value); } } @@ -1045,7 +1045,7 @@ class ConfigurationManager return match ($placeholder) { 'NC_DOMAIN' => $this->domain, 'NC_BASE_DN' => $this->GetBaseDN(), - 'AIO_TOKEN' => $this->AIO_TOKEN, + 'AIO_TOKEN' => $this->aioToken, 'BORGBACKUP_REMOTE_REPO' => $this->borg_remote_repo, 'BORGBACKUP_MODE' => $this->backupMode, 'AIO_URL' => $this->AIO_URL, From 62a21dd34a1bf8f9c346d92c585c8653b37c9a4d Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:16:02 +0100 Subject: [PATCH 356/432] Camelize property instance_restore_attempt => instanceRestoreAttempt Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Controller/DockerController.php | 2 +- php/src/Data/ConfigurationManager.php | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index d4f4799f..7037946a 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -103,7 +103,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'has_backup_run_once' => $configurationManager->hasBackupRunOnce(), 'is_backup_container_running' => $dockerActionManager->isBackupContainerRunning(), 'backup_exit_code' => $dockerActionManager->GetBackupcontainerExitCode(), - 'is_instance_restore_attempt' => $configurationManager->instance_restore_attempt, + 'is_instance_restore_attempt' => $configurationManager->instanceRestoreAttempt, 'borg_backup_mode' => $configurationManager->backupMode, 'was_start_button_clicked' => $configurationManager->wasStartButtonClicked, 'has_update_available' => $dockerActionManager->isAnyUpdateAvailable(), diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index 862665c3..c420bba3 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -154,7 +154,7 @@ readonly class DockerController { public function StartBackupContainerTest(Request $request, Response $response, array $args) : Response { $this->configurationManager->startTransaction(); $this->configurationManager->backupMode = 'test'; - $this->configurationManager->instance_restore_attempt = false; + $this->configurationManager->instanceRestoreAttempt = false; $this->configurationManager->commitTransaction(); $id = self::TOP_CONTAINER; diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 340e59d9..94e8ae71 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -51,7 +51,7 @@ class ConfigurationManager set { $this->set('backup-mode', $value); } } - public bool $instance_restore_attempt { + public bool $instanceRestoreAttempt { // Type-cast because old configs could have 1/'' for this key. get => (bool) $this->get('instance_restore_attempt', false); set { $this->set('instance_restore_attempt', $value); } @@ -536,7 +536,7 @@ class ConfigurationManager $this->borg_backup_host_location = $location; $this->borg_remote_repo = $repo; $this->borg_restore_password = $password; - $this->instance_restore_attempt = true; + $this->instanceRestoreAttempt = true; $this->commitTransaction(); } From 68f811b25f690af648d5c178238791d76b561719 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:17:54 +0100 Subject: [PATCH 357/432] Camelize property AIO_URL => aioUrl Signed-off-by: Pablo Zmdl --- php/src/Controller/DockerController.php | 2 +- php/src/Data/ConfigurationManager.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index c420bba3..2bff0295 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -186,7 +186,7 @@ readonly class DockerController { $this->configurationManager->startTransaction(); $this->configurationManager->install_latest_major = $install_latest_major; // set AIO_URL - $this->configurationManager->AIO_URL = $host . ':' . (string)$port . $path; + $this->configurationManager->aioUrl = $host . ':' . (string)$port . $path; // set wasStartButtonClicked $this->configurationManager->wasStartButtonClicked = true; $this->configurationManager->commitTransaction(); diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 94e8ae71..eaf944af 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -57,7 +57,7 @@ class ConfigurationManager set { $this->set('instance_restore_attempt', $value); } } - public string $AIO_URL { + public string $aioUrl { get => $this->get('AIO_URL', ''); set { $this->set('AIO_URL', $value); } } @@ -1048,7 +1048,7 @@ class ConfigurationManager 'AIO_TOKEN' => $this->aioToken, 'BORGBACKUP_REMOTE_REPO' => $this->borg_remote_repo, 'BORGBACKUP_MODE' => $this->backupMode, - 'AIO_URL' => $this->AIO_URL, + 'AIO_URL' => $this->aioUrl, 'SELECTED_RESTORE_TIME' => $this->selectedRestoreTime, 'RESTORE_EXCLUDE_PREVIEWS' => $this->restoreExcludePreviews ? '1' : '', 'APACHE_PORT' => $this->apache_port, From 2425a0777234a341337af57c347094eebef7712e Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:19:10 +0100 Subject: [PATCH 358/432] Camelize property install_latest_major => installLatestMajor Signed-off-by: Pablo Zmdl --- php/src/Controller/DockerController.php | 6 +++--- php/src/Data/ConfigurationManager.php | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index 2bff0295..81b920d0 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -178,13 +178,13 @@ readonly class DockerController { } if (isset($request->getParsedBody()['install_latest_major'])) { - $install_latest_major = '32'; + $installLatestMajor = '32'; } else { - $install_latest_major = ''; + $installLatestMajor = ''; } $this->configurationManager->startTransaction(); - $this->configurationManager->install_latest_major = $install_latest_major; + $this->configurationManager->installLatestMajor = $installLatestMajor; // set AIO_URL $this->configurationManager->aioUrl = $host . ':' . (string)$port . $path; // set wasStartButtonClicked diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index eaf944af..5ccf4b88 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -68,7 +68,7 @@ class ConfigurationManager set { $this->set('wasStartButtonClicked', $value); } } - public string $install_latest_major { + public string $installLatestMajor { // Type-cast because old configs could have integers for this key. get => (string) $this->get('install_latest_major', ''); set { $this->set('install_latest_major', $value); } @@ -1081,7 +1081,7 @@ class ConfigurationManager 'NEXTCLOUD_STARTUP_APPS' => $this->GetNextcloudStartupApps(), 'NEXTCLOUD_ADDITIONAL_APKS' => $this->GetNextcloudAdditionalApks(), 'NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS' => $this->GetNextcloudAdditionalPhpExtensions(), - 'INSTALL_LATEST_MAJOR' => $this->install_latest_major, + 'INSTALL_LATEST_MAJOR' => $this->installLatestMajor, 'REMOVE_DISABLED_APPS' => $this->shouldDisabledAppsGetRemoved() ? 'yes' : '', // Allow to get local ip-address of database container which allows to talk to it even in host mode (the container that requires this needs to be started first then) 'AIO_DATABASE_HOST' => gethostbyname('nextcloud-aio-database'), From 62856e78bbaee7584a9ad9e6a255e6ec33aed06a Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:21:07 +0100 Subject: [PATCH 359/432] Camelize property borg_backup_host_location => borgBackupHostLocation Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/ContainerDefinitionFetcher.php | 2 +- php/src/Data/ConfigurationManager.php | 10 +++++----- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 7037946a..7e3a3842 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -93,7 +93,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ return $view->render($response, 'containers.twig', [ 'domain' => $configurationManager->domain, 'apache_port' => $configurationManager->apache_port, - 'borg_backup_host_location' => $configurationManager->borg_backup_host_location, + 'borg_backup_host_location' => $configurationManager->borgBackupHostLocation, 'borg_remote_repo' => $configurationManager->borg_remote_repo, 'borg_public_key' => $configurationManager->GetBorgPublicKey(), 'nextcloud_password' => $configurationManager->GetAndGenerateSecret('NEXTCLOUD_PASSWORD'), diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index 22309da8..84cd4d89 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -113,7 +113,7 @@ readonly class ContainerDefinitionFetcher { if (isset($entry['volumes'])) { foreach ($entry['volumes'] as $value) { if($value['source'] === '%BORGBACKUP_HOST_LOCATION%') { - $value['source'] = $this->configurationManager->borg_backup_host_location; + $value['source'] = $this->configurationManager->borgBackupHostLocation; if($value['source'] === '') { continue; } diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 5ccf4b88..e7e830cc 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -122,7 +122,7 @@ class ConfigurationManager set { $this->SetDomain($value); } } - public string $borg_backup_host_location { + public string $borgBackupHostLocation { get => $this->get('borg_backup_host_location', ''); set { $this->set('borg_backup_host_location', $value); } } @@ -461,7 +461,7 @@ class ConfigurationManager public function SetBorgLocationVars(string $location, string $repo) : void { $this->ValidateBorgLocationVars($location, $repo); $this->startTransaction(); - $this->borg_backup_host_location = $location; + $this->borgBackupHostLocation = $location; $this->borg_remote_repo = $repo; $this->commitTransaction(); } @@ -510,7 +510,7 @@ class ConfigurationManager public function DeleteBorgBackupLocationItems() : void { // Delete the variables $this->startTransaction(); - $this->borg_backup_host_location = ''; + $this->borgBackupHostLocation = ''; $this->borg_remote_repo = ''; $this->commitTransaction(); @@ -533,7 +533,7 @@ class ConfigurationManager } $this->startTransaction(); - $this->borg_backup_host_location = $location; + $this->borgBackupHostLocation = $location; $this->borg_remote_repo = $repo; $this->borg_restore_password = $password; $this->instanceRestoreAttempt = true; @@ -1075,7 +1075,7 @@ class ConfigurationManager 'FULLTEXTSEARCH_JAVA_OPTIONS' => $this->GetFulltextsearchJavaOptions(), 'NEXTCLOUD_TRUSTED_CACERTS_DIR' => $this->GetTrustedCacertsDir(), 'ADDITIONAL_DIRECTORIES_BACKUP' => $this->GetAdditionalBackupDirectoriesString() !== '' ? 'yes' : '', - 'BORGBACKUP_HOST_LOCATION' => $this->borg_backup_host_location, + 'BORGBACKUP_HOST_LOCATION' => $this->borgBackupHostLocation, 'APACHE_MAX_SIZE' => (string)($this->GetApacheMaxSize()), 'COLLABORA_SECCOMP_POLICY' => $this->GetCollaboraSeccompPolicy(), 'NEXTCLOUD_STARTUP_APPS' => $this->GetNextcloudStartupApps(), From 284411c3695bf10c81d24bc8c16d36263578ce0c Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:22:14 +0100 Subject: [PATCH 360/432] Camelize property borg_remote_repo => borgRemoteRepo Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Data/ConfigurationManager.php | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 7e3a3842..eafa994b 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -94,7 +94,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'domain' => $configurationManager->domain, 'apache_port' => $configurationManager->apache_port, 'borg_backup_host_location' => $configurationManager->borgBackupHostLocation, - 'borg_remote_repo' => $configurationManager->borg_remote_repo, + 'borg_remote_repo' => $configurationManager->borgRemoteRepo, 'borg_public_key' => $configurationManager->GetBorgPublicKey(), 'nextcloud_password' => $configurationManager->GetAndGenerateSecret('NEXTCLOUD_PASSWORD'), 'containers' => (new \AIO\ContainerDefinitionFetcher($container->get(\AIO\Data\ConfigurationManager::class), $container))->FetchDefinition(), diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index e7e830cc..08924d14 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -127,7 +127,7 @@ class ConfigurationManager set { $this->set('borg_backup_host_location', $value); } } - public string $borg_remote_repo { + public string $borgRemoteRepo { get => $this->get('borg_remote_repo', ''); set { $this->set('borg_remote_repo', $value); } } @@ -462,7 +462,7 @@ class ConfigurationManager $this->ValidateBorgLocationVars($location, $repo); $this->startTransaction(); $this->borgBackupHostLocation = $location; - $this->borg_remote_repo = $repo; + $this->borgRemoteRepo = $repo; $this->commitTransaction(); } @@ -511,7 +511,7 @@ class ConfigurationManager // Delete the variables $this->startTransaction(); $this->borgBackupHostLocation = ''; - $this->borg_remote_repo = ''; + $this->borgRemoteRepo = ''; $this->commitTransaction(); // Also delete the borg config file to be able to start over @@ -534,7 +534,7 @@ class ConfigurationManager $this->startTransaction(); $this->borgBackupHostLocation = $location; - $this->borg_remote_repo = $repo; + $this->borgRemoteRepo = $repo; $this->borg_restore_password = $password; $this->instanceRestoreAttempt = true; $this->commitTransaction(); @@ -1046,7 +1046,7 @@ class ConfigurationManager 'NC_DOMAIN' => $this->domain, 'NC_BASE_DN' => $this->GetBaseDN(), 'AIO_TOKEN' => $this->aioToken, - 'BORGBACKUP_REMOTE_REPO' => $this->borg_remote_repo, + 'BORGBACKUP_REMOTE_REPO' => $this->borgRemoteRepo, 'BORGBACKUP_MODE' => $this->backupMode, 'AIO_URL' => $this->aioUrl, 'SELECTED_RESTORE_TIME' => $this->selectedRestoreTime, From 5cac2dcf12531b9631f06ba321a203059f5bd44c Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:23:21 +0100 Subject: [PATCH 361/432] Camelize property borg_restore_password => borgRestorePassword Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Data/ConfigurationManager.php | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index eafa994b..5e8ddbb8 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -114,7 +114,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'is_onlyoffice_enabled' => $configurationManager->isOnlyofficeEnabled, 'is_collabora_enabled' => $configurationManager->isCollaboraEnabled, 'is_talk_enabled' => $configurationManager->isTalkEnabled, - 'borg_restore_password' => $configurationManager->borg_restore_password, + 'borg_restore_password' => $configurationManager->borgRestorePassword, 'daily_backup_time' => $configurationManager->GetDailyBackupTime(), 'is_daily_backup_running' => $configurationManager->isDailyBackupRunning(), 'timezone' => $configurationManager->timezone, diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 08924d14..a2dd399d 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -132,7 +132,7 @@ class ConfigurationManager set { $this->set('borg_remote_repo', $value); } } - public string $borg_restore_password { + public string $borgRestorePassword { get => $this->get('borg_restore_password', ''); set { $this->set('borg_restore_password', $value); } } @@ -442,7 +442,7 @@ class ConfigurationManager // Don't set the domain via the attribute, or we create a loop. $this->set('domain', $domain); // Reset the borg restore password when setting the domain - $this->borg_restore_password = ''; + $this->borgRestorePassword = ''; $this->startTransaction(); $this->commitTransaction(); } @@ -535,7 +535,7 @@ class ConfigurationManager $this->startTransaction(); $this->borgBackupHostLocation = $location; $this->borgRemoteRepo = $repo; - $this->borg_restore_password = $password; + $this->borgRestorePassword = $password; $this->instanceRestoreAttempt = true; $this->commitTransaction(); } @@ -1056,7 +1056,7 @@ class ConfigurationManager 'TALK_PORT' => $this->talk_port, 'TURN_DOMAIN' => $this->turn_domain, 'NEXTCLOUD_MOUNT' => $this->nextcloud_mount, - 'BACKUP_RESTORE_PASSWORD' => $this->borg_restore_password, + 'BACKUP_RESTORE_PASSWORD' => $this->borgRestorePassword, 'CLAMAV_ENABLED' => $this->isClamavEnabled ? 'yes' : '', 'TALK_RECORDING_ENABLED' => $this->isTalkRecordingEnabled ? 'yes' : '', 'ONLYOFFICE_ENABLED' => $this->isOnlyofficeEnabled ? 'yes' : '', From f17db4fac17b4051e24650b9fd1007ddaac3e6c5 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:25:14 +0100 Subject: [PATCH 362/432] Camelize property apache_ip_binding => apacheIpBinding Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 4 ++-- php/src/Docker/DockerActionManager.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index a2dd399d..e80073c3 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -137,7 +137,7 @@ class ConfigurationManager set { $this->set('borg_restore_password', $value); } } - public string $apache_ip_binding { + public string $apacheIpBinding { get => $this->GetEnvironmentalVariableOrConfig('APACHE_IP_BINDING', 'apache_ip_binding', ''); set { $this->set('apache_ip_binding', $value); } } @@ -1052,7 +1052,7 @@ class ConfigurationManager 'SELECTED_RESTORE_TIME' => $this->selectedRestoreTime, 'RESTORE_EXCLUDE_PREVIEWS' => $this->restoreExcludePreviews ? '1' : '', 'APACHE_PORT' => $this->apache_port, - 'APACHE_IP_BINDING' => $this->apache_ip_binding, + 'APACHE_IP_BINDING' => $this->apacheIpBinding, 'TALK_PORT' => $this->talk_port, 'TURN_DOMAIN' => $this->turn_domain, 'NEXTCLOUD_MOUNT' => $this->nextcloud_mount, diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 832480c2..5ae45044 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -289,7 +289,7 @@ readonly class DockerActionManager { } $ipBinding = $value->ipBinding; if ($ipBinding === '%APACHE_IP_BINDING%') { - $ipBinding = $this->configurationManager->apache_ip_binding; + $ipBinding = $this->configurationManager->apacheIpBinding; // Do not expose if AIO is in internal network mode if ($ipBinding === '@INTERNAL') { continue; From 41c92b814fde85bc509a7c51849b3c79dbbd87b6 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:33:24 +0100 Subject: [PATCH 363/432] Camelize key names from aio_variables from container specs Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index e80073c3..3eba45f5 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -989,6 +989,11 @@ class ConfigurationManager return true; } } + + private function camelize(string $input, string $delimiter = '_') : string { + return lcfirst(implode("", array_map('ucfirst', explode($delimiter, strtolower($input))))); + + } public function setAioVariables(array $input) : void { if ($input === []) { @@ -1004,6 +1009,7 @@ class ConfigurationManager // Pad the result with nulls so psalm is happy (and we don't risk to run into warnings in case // the check for an equal sign from above gets changed). [$key, $value] = explode('=', $keyWithValue, 2) + [null, null]; + $key = $this->camelize($key); if ($value === null) { error_log("Invalid input: '$keyWithValue' has no value after the equal sign"); } else if (!property_exists($confManager, $key)) { From efe8317446c5020c131e2b9a402439b1ccfab688 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:34:33 +0100 Subject: [PATCH 364/432] Camelize property nextcloud_max_time => nextcloudMaxTime Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Data/ConfigurationManager.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 5e8ddbb8..a9758b24 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -130,7 +130,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'nextcloud_datadir' => $configurationManager->nextcloud_datadir_mount, 'nextcloud_mount' => $configurationManager->nextcloud_mount, 'nextcloud_upload_limit' => $configurationManager->nextcloud_upload_limit, - 'nextcloud_max_time' => $configurationManager->nextcloud_max_time, + 'nextcloud_max_time' => $configurationManager->nextcloudMaxTime, 'nextcloud_memory_limit' => $configurationManager->nextcloud_memory_limit, 'is_dri_device_enabled' => $configurationManager->isDriDeviceEnabled(), 'is_nvidia_gpu_enabled' => $configurationManager->isNvidiaGpuEnabled(), diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 3eba45f5..ff30751c 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -652,7 +652,7 @@ class ConfigurationManager return $uploadLimit * 1024 * 1024 * 1024; } - public string $nextcloud_max_time { + public string $nextcloudMaxTime { get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_MAX_TIME', 'nextcloud_max_time', '3600'); set { $this->set('nextcloud_max_time', $value); } } @@ -1076,7 +1076,7 @@ class ConfigurationManager 'DOCKER_SOCKET_PROXY_ENABLED' => $this->isDockerSocketProxyEnabled ? 'yes' : '', 'NEXTCLOUD_UPLOAD_LIMIT' => $this->nextcloud_upload_limit, 'NEXTCLOUD_MEMORY_LIMIT' => $this->nextcloud_memory_limit, - 'NEXTCLOUD_MAX_TIME' => $this->nextcloud_max_time, + 'NEXTCLOUD_MAX_TIME' => $this->nextcloudMaxTime, 'BORG_RETENTION_POLICY' => $this->GetBorgRetentionPolicy(), 'FULLTEXTSEARCH_JAVA_OPTIONS' => $this->GetFulltextsearchJavaOptions(), 'NEXTCLOUD_TRUSTED_CACERTS_DIR' => $this->GetTrustedCacertsDir(), From 5373471ed8f5671f59010f3ed6f9b16ed79dba67 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:35:52 +0100 Subject: [PATCH 365/432] Camelize property collabora_dictionaries => collaboraDictionaries Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Controller/ConfigurationController.php | 2 +- php/src/Data/ConfigurationManager.php | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index a9758b24..3aded9d0 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -120,7 +120,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'timezone' => $configurationManager->timezone, 'skip_domain_validation' => $configurationManager->shouldDomainValidationBeSkipped($skip_domain_validation), 'talk_port' => $configurationManager->talk_port, - 'collabora_dictionaries' => $configurationManager->collabora_dictionaries, + 'collabora_dictionaries' => $configurationManager->collaboraDictionaries, 'collabora_additional_options' => $configurationManager->collabora_additional_options, 'automatic_updates' => $configurationManager->areAutomaticUpdatesEnabled(), 'is_backup_section_enabled' => $configurationManager->isBackupSectionEnabled(), diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index a1132981..27c83e11 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -117,7 +117,7 @@ readonly class ConfigurationController { if (isset($request->getParsedBody()['collabora_dictionaries'])) { $collaboraDictionaries = $request->getParsedBody()['collabora_dictionaries'] ?? ''; - $this->configurationManager->collabora_dictionaries = $collaboraDictionaries; + $this->configurationManager->collaboraDictionaries = $collaboraDictionaries; } if (isset($request->getParsedBody()['delete_collabora_additional_options'])) { diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index ff30751c..71238c4c 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -157,7 +157,7 @@ class ConfigurationManager /** * @throws InvalidSettingConfigurationException */ - public string $collabora_dictionaries { + public string $collaboraDictionaries { get => $this->get('collabora_dictionaries', ''); set { // This throws an exception if the validation fails. @@ -1070,7 +1070,7 @@ class ConfigurationManager 'TALK_ENABLED' => $this->isTalkEnabled ? 'yes' : '', 'UPDATE_NEXTCLOUD_APPS' => ($this->isDailyBackupRunning() && $this->areAutomaticUpdatesEnabled()) ? 'yes' : '', 'TIMEZONE' => $this->timezone === '' ? 'Etc/UTC' : $this->timezone, - 'COLLABORA_DICTIONARIES' => $this->collabora_dictionaries === '' ? 'de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru' : $this->collabora_dictionaries, + 'COLLABORA_DICTIONARIES' => $this->collaboraDictionaries === '' ? 'de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru' : $this->collaboraDictionaries, 'IMAGINARY_ENABLED' => $this->isImaginaryEnabled ? 'yes' : '', 'FULLTEXTSEARCH_ENABLED' => $this->isFulltextsearchEnabled ? 'yes' : '', 'DOCKER_SOCKET_PROXY_ENABLED' => $this->isDockerSocketProxyEnabled ? 'yes' : '', From b49900150180786735ad66b0e35793f7e672cd5b Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:36:45 +0100 Subject: [PATCH 366/432] Camelize property collabora_additional_options => collaboraAdditionalOptions Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Controller/ConfigurationController.php | 2 +- php/src/Data/ConfigurationManager.php | 4 ++-- php/src/Docker/DockerActionManager.php | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 3aded9d0..cf17e612 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -121,7 +121,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'skip_domain_validation' => $configurationManager->shouldDomainValidationBeSkipped($skip_domain_validation), 'talk_port' => $configurationManager->talk_port, 'collabora_dictionaries' => $configurationManager->collaboraDictionaries, - 'collabora_additional_options' => $configurationManager->collabora_additional_options, + 'collabora_additional_options' => $configurationManager->collaboraAdditionalOptions, 'automatic_updates' => $configurationManager->areAutomaticUpdatesEnabled(), 'is_backup_section_enabled' => $configurationManager->isBackupSectionEnabled(), 'is_imaginary_enabled' => $configurationManager->isImaginaryEnabled, diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index 27c83e11..c396a508 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -126,7 +126,7 @@ readonly class ConfigurationController { if (isset($request->getParsedBody()['collabora_additional_options'])) { $additionalCollaboraOptions = $request->getParsedBody()['collabora_additional_options'] ?? ''; - $this->configurationManager->collabora_additional_options = $additionalCollaboraOptions; + $this->configurationManager->collaboraAdditionalOptions = $additionalCollaboraOptions; } if (isset($request->getParsedBody()['delete_borg_backup_location_vars'])) { diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 71238c4c..1dcc147d 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -169,7 +169,7 @@ class ConfigurationManager /** * @throws InvalidSettingConfigurationException */ - public string $collabora_additional_options { + public string $collaboraAdditionalOptions { get => $this->get('collabora_additional_options', ''); set { // This throws an exception if the validation fails. @@ -882,7 +882,7 @@ class ConfigurationManager } public function isCollaboraSubscriptionEnabled() : bool { - return str_contains($this->collabora_additional_options, '--o:support_key='); + return str_contains($this->collaboraAdditionalOptions, '--o:support_key='); } /** diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 5ae45044..9e52fb5b 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -419,8 +419,8 @@ readonly class DockerActionManager { } // Additional Collabora options - if ($this->configurationManager->collabora_additional_options !== '') { - $requestBody['Cmd'] = [$this->configurationManager->collabora_additional_options]; + if ($this->configurationManager->collaboraAdditionalOptions !== '') { + $requestBody['Cmd'] = [$this->configurationManager->collaboraAdditionalOptions]; } } From c4aa148bff296e87edf7ff810d3973dfc4690375 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:37:36 +0100 Subject: [PATCH 367/432] Camelize property aio_community_containers => aioCommunityContainers Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/ContainerDefinitionFetcher.php | 2 +- php/src/Controller/ConfigurationController.php | 2 +- php/src/Data/ConfigurationManager.php | 4 ++-- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index cf17e612..fedd7c2e 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -138,7 +138,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'is_docker_socket_proxy_enabled' => $configurationManager->isDockerSocketProxyEnabled, 'is_whiteboard_enabled' => $configurationManager->isWhiteboardEnabled, 'community_containers' => $configurationManager->listAvailableCommunityContainers(), - 'community_containers_enabled' => $configurationManager->aio_community_containers, + 'community_containers_enabled' => $configurationManager->aioCommunityContainers, 'bypass_container_update' => $bypass_container_update, ]); })->setName('profile'); diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index 84cd4d89..2884aa32 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -41,7 +41,7 @@ readonly class ContainerDefinitionFetcher { $data = json_decode((string)file_get_contents(DataConst::GetContainersDefinitionPath()), true, 512, JSON_THROW_ON_ERROR); $additionalContainerNames = []; - foreach ($this->configurationManager->aio_community_containers as $communityContainer) { + foreach ($this->configurationManager->aioCommunityContainers as $communityContainer) { if ($communityContainer !== '') { $path = DataConst::GetCommunityContainersDirectory() . '/' . $communityContainer . '/' . $communityContainer . '.json'; $additionalData = json_decode((string)file_get_contents($path), true, 512, JSON_THROW_ON_ERROR); diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index c396a508..8bf193e0 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -108,7 +108,7 @@ readonly class ConfigurationController { $enabledCC[] = $item; } } - $this->configurationManager->aio_community_containers = $enabledCC; + $this->configurationManager->aioCommunityContainers = $enabledCC; } if (isset($request->getParsedBody()['delete_collabora_dictionaries'])) { diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 1dcc147d..9dc6589f 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -178,7 +178,7 @@ class ConfigurationManager } } - public array $aio_community_containers { + public array $aioCommunityContainers { get => explode(' ', $this->get('aio_community_containers', '')); set { $this->set('aio_community_containers', implode(' ', $value)); } } @@ -1092,7 +1092,7 @@ class ConfigurationManager // Allow to get local ip-address of database container which allows to talk to it even in host mode (the container that requires this needs to be started first then) 'AIO_DATABASE_HOST' => gethostbyname('nextcloud-aio-database'), // Allow to get local ip-address of caddy container and add it to trusted proxies automatically - 'CADDY_IP_ADDRESS' => in_array('caddy', $this->aio_community_containers, true) ? gethostbyname('nextcloud-aio-caddy') : '', + 'CADDY_IP_ADDRESS' => in_array('caddy', $this->aioCommunityContainers, true) ? gethostbyname('nextcloud-aio-caddy') : '', 'WHITEBOARD_ENABLED' => $this->isWhiteboardEnabled ? 'yes' : '', default => $this->GetRegisteredSecret($placeholder), }; From 00ce78d703c8f7824eb76ba510f0a4f6c83da2c7 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:38:20 +0100 Subject: [PATCH 368/432] Camelize property turn_domain => turnDomain Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 9dc6589f..bfdcd689 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -183,7 +183,7 @@ class ConfigurationManager set { $this->set('aio_community_containers', implode(' ', $value)); } } - public string $turn_domain { + public string $turnDomain { get => $this->get('turn_domain', ''); set { $this->set('turn_domain', $value); } } @@ -1060,7 +1060,7 @@ class ConfigurationManager 'APACHE_PORT' => $this->apache_port, 'APACHE_IP_BINDING' => $this->apacheIpBinding, 'TALK_PORT' => $this->talk_port, - 'TURN_DOMAIN' => $this->turn_domain, + 'TURN_DOMAIN' => $this->turnDomain, 'NEXTCLOUD_MOUNT' => $this->nextcloud_mount, 'BACKUP_RESTORE_PASSWORD' => $this->borgRestorePassword, 'CLAMAV_ENABLED' => $this->isClamavEnabled ? 'yes' : '', From 567f072ee061a91cef464d52c39d85a63e5455d4 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:39:17 +0100 Subject: [PATCH 369/432] Camelize property apache_port => apachePort Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Data/ConfigurationManager.php | 6 +++--- php/src/Docker/DockerActionManager.php | 6 +++--- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index fedd7c2e..b7d07f6a 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -92,7 +92,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ return $view->render($response, 'containers.twig', [ 'domain' => $configurationManager->domain, - 'apache_port' => $configurationManager->apache_port, + 'apache_port' => $configurationManager->apachePort, 'borg_backup_host_location' => $configurationManager->borgBackupHostLocation, 'borg_remote_repo' => $configurationManager->borgRemoteRepo, 'borg_public_key' => $configurationManager->GetBorgPublicKey(), diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index bfdcd689..984943db 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -381,7 +381,7 @@ class ConfigurationManager } // Get the apache port - $port = $this->apache_port; + $port = $this->apachePort; if (!filter_var($dnsRecordIP, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) { if ($port === '443') { @@ -568,7 +568,7 @@ class ConfigurationManager $this->set('password', $newPassword); } - public string $apache_port { + public string $apachePort { get => $this->GetEnvironmentalVariableOrConfig('APACHE_PORT', 'apache_port', '443'); set { $this->set('apache_port', $value); } } @@ -1057,7 +1057,7 @@ class ConfigurationManager 'AIO_URL' => $this->aioUrl, 'SELECTED_RESTORE_TIME' => $this->selectedRestoreTime, 'RESTORE_EXCLUDE_PREVIEWS' => $this->restoreExcludePreviews ? '1' : '', - 'APACHE_PORT' => $this->apache_port, + 'APACHE_PORT' => $this->apachePort, 'APACHE_IP_BINDING' => $this->apacheIpBinding, 'TALK_PORT' => $this->talk_port, 'TURN_DOMAIN' => $this->turnDomain, diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 9e52fb5b..d4eac6b7 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -115,7 +115,7 @@ readonly class DockerActionManager { $containerName = $container->identifier; $internalPort = $container->internalPorts; if ($internalPort === '%APACHE_PORT%') { - $internalPort = $this->configurationManager->apache_port; + $internalPort = $this->configurationManager->apachePort; } elseif ($internalPort === '%TALK_PORT%') { $internalPort = $this->configurationManager->talk_port; } @@ -253,7 +253,7 @@ readonly class DockerActionManager { $port = $value->port; $protocol = $value->protocol; if ($port === '%APACHE_PORT%') { - $port = $this->configurationManager->apache_port; + $port = $this->configurationManager->apachePort; // Do not expose udp if AIO is in reverse proxy mode if ($port !== '443' && $protocol === 'udp') { continue; @@ -275,7 +275,7 @@ readonly class DockerActionManager { $port = $value->port; $protocol = $value->protocol; if ($port === '%APACHE_PORT%') { - $port = $this->configurationManager->apache_port; + $port = $this->configurationManager->apachePort; // Do not expose udp if AIO is in reverse proxy mode if ($port !== '443' && $protocol === 'udp') { continue; From f7c5115c7015083f273eb3930e13518fb12b50f1 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:40:23 +0100 Subject: [PATCH 370/432] Camelize property talk_port => talkPort Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Data/ConfigurationManager.php | 4 ++-- php/src/Docker/DockerActionManager.php | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index b7d07f6a..16e2918e 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -119,7 +119,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'is_daily_backup_running' => $configurationManager->isDailyBackupRunning(), 'timezone' => $configurationManager->timezone, 'skip_domain_validation' => $configurationManager->shouldDomainValidationBeSkipped($skip_domain_validation), - 'talk_port' => $configurationManager->talk_port, + 'talk_port' => $configurationManager->talkPort, 'collabora_dictionaries' => $configurationManager->collaboraDictionaries, 'collabora_additional_options' => $configurationManager->collaboraAdditionalOptions, 'automatic_updates' => $configurationManager->areAutomaticUpdatesEnabled(), diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 984943db..d0c0020f 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -573,7 +573,7 @@ class ConfigurationManager set { $this->set('apache_port', $value); } } - public string $talk_port { + public string $talkPort { get => $this->GetEnvironmentalVariableOrConfig('TALK_PORT', 'talk_port', '3478'); set { $this->set('talk_port', $value); } } @@ -1059,7 +1059,7 @@ class ConfigurationManager 'RESTORE_EXCLUDE_PREVIEWS' => $this->restoreExcludePreviews ? '1' : '', 'APACHE_PORT' => $this->apachePort, 'APACHE_IP_BINDING' => $this->apacheIpBinding, - 'TALK_PORT' => $this->talk_port, + 'TALK_PORT' => $this->talkPort, 'TURN_DOMAIN' => $this->turnDomain, 'NEXTCLOUD_MOUNT' => $this->nextcloud_mount, 'BACKUP_RESTORE_PASSWORD' => $this->borgRestorePassword, diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index d4eac6b7..e66989ca 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -117,7 +117,7 @@ readonly class DockerActionManager { if ($internalPort === '%APACHE_PORT%') { $internalPort = $this->configurationManager->apachePort; } elseif ($internalPort === '%TALK_PORT%') { - $internalPort = $this->configurationManager->talk_port; + $internalPort = $this->configurationManager->talkPort; } if ($internalPort !== "" && $internalPort !== 'host') { @@ -259,7 +259,7 @@ readonly class DockerActionManager { continue; } } else if ($port === '%TALK_PORT%') { - $port = $this->configurationManager->talk_port; + $port = $this->configurationManager->talkPort; } $portWithProtocol = $port . '/' . $protocol; $exposedPorts[$portWithProtocol] = null; @@ -281,7 +281,7 @@ readonly class DockerActionManager { continue; } } else if ($port === '%TALK_PORT%') { - $port = $this->configurationManager->talk_port; + $port = $this->configurationManager->talkPort; // Skip publishing talk tcp port if it is set to 443 if ($port === '443' && $protocol === 'tcp') { continue; From f35a0b43679feceae4fee98876a7cf17c5eb2881 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:41:26 +0100 Subject: [PATCH 371/432] Camelize property nextcloud_mount => nextcloudMount Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/ContainerDefinitionFetcher.php | 4 ++-- php/src/Data/ConfigurationManager.php | 4 ++-- php/src/Docker/DockerActionManager.php | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 16e2918e..6319f632 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -128,7 +128,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'is_fulltextsearch_enabled' => $configurationManager->isFulltextsearchEnabled, 'additional_backup_directories' => $configurationManager->GetAdditionalBackupDirectoriesString(), 'nextcloud_datadir' => $configurationManager->nextcloud_datadir_mount, - 'nextcloud_mount' => $configurationManager->nextcloud_mount, + 'nextcloud_mount' => $configurationManager->nextcloudMount, 'nextcloud_upload_limit' => $configurationManager->nextcloud_upload_limit, 'nextcloud_max_time' => $configurationManager->nextcloudMaxTime, 'nextcloud_memory_limit' => $configurationManager->nextcloud_memory_limit, diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index 2884aa32..7ef6827f 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -119,7 +119,7 @@ readonly class ContainerDefinitionFetcher { } } if($value['source'] === '%NEXTCLOUD_MOUNT%') { - $value['source'] = $this->configurationManager->nextcloud_mount; + $value['source'] = $this->configurationManager->nextcloudMount; if($value['source'] === '') { continue; } @@ -140,7 +140,7 @@ readonly class ContainerDefinitionFetcher { } } if ($value['destination'] === '%NEXTCLOUD_MOUNT%') { - $value['destination'] = $this->configurationManager->nextcloud_mount; + $value['destination'] = $this->configurationManager->nextcloudMount; if($value['destination'] === '') { continue; } diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index d0c0020f..d5ce251d 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -626,7 +626,7 @@ class ConfigurationManager return trim((string)file_get_contents(DataConst::GetBackupPublicKey())); } - public string $nextcloud_mount { + public string $nextcloudMount { get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_MOUNT', 'nextcloud_mount', ''); set { $this->set('nextcloud_mount', $value); } } @@ -1061,7 +1061,7 @@ class ConfigurationManager 'APACHE_IP_BINDING' => $this->apacheIpBinding, 'TALK_PORT' => $this->talkPort, 'TURN_DOMAIN' => $this->turnDomain, - 'NEXTCLOUD_MOUNT' => $this->nextcloud_mount, + 'NEXTCLOUD_MOUNT' => $this->nextcloudMount, 'BACKUP_RESTORE_PASSWORD' => $this->borgRestorePassword, 'CLAMAV_ENABLED' => $this->isClamavEnabled ? 'yes' : '', 'TALK_RECORDING_ENABLED' => $this->isTalkRecordingEnabled ? 'yes' : '', diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index e66989ca..12dd70ae 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -205,7 +205,7 @@ readonly class DockerActionManager { foreach ($container->volumes->GetVolumes() as $volume) { // // NEXTCLOUD_MOUNT gets added via bind-mount later on // if ($container->identifier === 'nextcloud-aio-nextcloud') { - // if ($volume->name === $this->configurationManager->nextcloud_mount) { + // if ($volume->name === $this->configurationManager->nextcloudMount) { // continue; // } // } From f5cf7903adfb4eec6e1906a86eb2aa7bdaad61d5 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:42:15 +0100 Subject: [PATCH 372/432] Camelize property nextcloud_datadir_mount => nextcloudDatadirMount Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/ContainerDefinitionFetcher.php | 2 +- php/src/Data/ConfigurationManager.php | 6 +++--- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 6319f632..0db30a1b 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -127,7 +127,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'is_imaginary_enabled' => $configurationManager->isImaginaryEnabled, 'is_fulltextsearch_enabled' => $configurationManager->isFulltextsearchEnabled, 'additional_backup_directories' => $configurationManager->GetAdditionalBackupDirectoriesString(), - 'nextcloud_datadir' => $configurationManager->nextcloud_datadir_mount, + 'nextcloud_datadir' => $configurationManager->nextcloudDatadirMount, 'nextcloud_mount' => $configurationManager->nextcloudMount, 'nextcloud_upload_limit' => $configurationManager->nextcloud_upload_limit, 'nextcloud_max_time' => $configurationManager->nextcloudMaxTime, diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index 7ef6827f..3bbc37e2 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -124,7 +124,7 @@ readonly class ContainerDefinitionFetcher { continue; } } elseif ($value['source'] === '%NEXTCLOUD_DATADIR%') { - $value['source'] = $this->configurationManager->nextcloud_datadir_mount; + $value['source'] = $this->configurationManager->nextcloudDatadirMount; if ($value['source'] === '') { continue; } diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index d5ce251d..d1701a39 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -487,8 +487,8 @@ class ConfigurationManager // Prevent backup to be contained in Nextcloud Datadir as this will delete the backup archive upon restore // See https://github.com/nextcloud/all-in-one/issues/6607 - if (str_starts_with($location . '/', rtrim($this->nextcloud_datadir_mount, '/') . '/')) { - throw new InvalidSettingConfigurationException("The path must not be a children of or equal to NEXTCLOUD_DATADIR, which is currently set to " . $this->nextcloud_datadir_mount); + if (str_starts_with($location . '/', rtrim($this->nextcloudDatadirMount, '/') . '/')) { + throw new InvalidSettingConfigurationException("The path must not be a children of or equal to NEXTCLOUD_DATADIR, which is currently set to " . $this->nextcloudDatadirMount); } } else { @@ -632,7 +632,7 @@ class ConfigurationManager } - public string $nextcloud_datadir_mount { + public string $nextcloudDatadirMount { get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_DATADIR', 'nextcloud_datadir', 'nextcloud_aio_nextcloud_data'); set { $this->set('nextcloud_datadir_mount', $value); } } From bbf41cfdd37b29d54b76dff4d67efe1e3df54b74 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:42:50 +0100 Subject: [PATCH 373/432] Camelize property nextcloud_upload_limit => nextcloudUploadLimit Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Data/ConfigurationManager.php | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 0db30a1b..209f1d6d 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -129,7 +129,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'additional_backup_directories' => $configurationManager->GetAdditionalBackupDirectoriesString(), 'nextcloud_datadir' => $configurationManager->nextcloudDatadirMount, 'nextcloud_mount' => $configurationManager->nextcloudMount, - 'nextcloud_upload_limit' => $configurationManager->nextcloud_upload_limit, + 'nextcloud_upload_limit' => $configurationManager->nextcloudUploadLimit, 'nextcloud_max_time' => $configurationManager->nextcloudMaxTime, 'nextcloud_memory_limit' => $configurationManager->nextcloud_memory_limit, 'is_dri_device_enabled' => $configurationManager->isDriDeviceEnabled(), diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index d1701a39..ce547bf8 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -637,7 +637,7 @@ class ConfigurationManager set { $this->set('nextcloud_datadir_mount', $value); } } - public string $nextcloud_upload_limit { + public string $nextcloudUploadLimit { get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_UPLOAD_LIMIT', 'nextcloud_upload_limit', '16G'); set { $this->set('nextcloud_upload_limit', $value); } } @@ -648,7 +648,7 @@ class ConfigurationManager } public function GetApacheMaxSize() : int { - $uploadLimit = (int)rtrim($this->nextcloud_upload_limit, 'G'); + $uploadLimit = (int)rtrim($this->nextcloudUploadLimit, 'G'); return $uploadLimit * 1024 * 1024 * 1024; } @@ -1074,7 +1074,7 @@ class ConfigurationManager 'IMAGINARY_ENABLED' => $this->isImaginaryEnabled ? 'yes' : '', 'FULLTEXTSEARCH_ENABLED' => $this->isFulltextsearchEnabled ? 'yes' : '', 'DOCKER_SOCKET_PROXY_ENABLED' => $this->isDockerSocketProxyEnabled ? 'yes' : '', - 'NEXTCLOUD_UPLOAD_LIMIT' => $this->nextcloud_upload_limit, + 'NEXTCLOUD_UPLOAD_LIMIT' => $this->nextcloudUploadLimit, 'NEXTCLOUD_MEMORY_LIMIT' => $this->nextcloud_memory_limit, 'NEXTCLOUD_MAX_TIME' => $this->nextcloudMaxTime, 'BORG_RETENTION_POLICY' => $this->GetBorgRetentionPolicy(), From 8b8f60f76bf5595c7ff606510d7f05213cf8a47d Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:43:22 +0100 Subject: [PATCH 374/432] Camelize property nextcloud_memory_limit => nextcloudMemoryLimit Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Data/ConfigurationManager.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 209f1d6d..47c6bb7b 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -131,7 +131,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'nextcloud_mount' => $configurationManager->nextcloudMount, 'nextcloud_upload_limit' => $configurationManager->nextcloudUploadLimit, 'nextcloud_max_time' => $configurationManager->nextcloudMaxTime, - 'nextcloud_memory_limit' => $configurationManager->nextcloud_memory_limit, + 'nextcloud_memory_limit' => $configurationManager->nextcloudMemoryLimit, 'is_dri_device_enabled' => $configurationManager->isDriDeviceEnabled(), 'is_nvidia_gpu_enabled' => $configurationManager->isNvidiaGpuEnabled(), 'is_talk_recording_enabled' => $configurationManager->isTalkRecordingEnabled, diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index ce547bf8..1530708a 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -642,7 +642,7 @@ class ConfigurationManager set { $this->set('nextcloud_upload_limit', $value); } } - public string $nextcloud_memory_limit { + public string $nextcloudMemoryLimit { get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_MEMORY_LIMIT', 'nextcloud_memory_limit', '512M'); set { $this->set('nextcloud_memory_limit', $value); } } @@ -1075,7 +1075,7 @@ class ConfigurationManager 'FULLTEXTSEARCH_ENABLED' => $this->isFulltextsearchEnabled ? 'yes' : '', 'DOCKER_SOCKET_PROXY_ENABLED' => $this->isDockerSocketProxyEnabled ? 'yes' : '', 'NEXTCLOUD_UPLOAD_LIMIT' => $this->nextcloudUploadLimit, - 'NEXTCLOUD_MEMORY_LIMIT' => $this->nextcloud_memory_limit, + 'NEXTCLOUD_MEMORY_LIMIT' => $this->nextcloudMemoryLimit, 'NEXTCLOUD_MAX_TIME' => $this->nextcloudMaxTime, 'BORG_RETENTION_POLICY' => $this->GetBorgRetentionPolicy(), 'FULLTEXTSEARCH_JAVA_OPTIONS' => $this->GetFulltextsearchJavaOptions(), From 0ed83c52588f9ebaffcce44a17365fb81b1ae9ff Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Fri, 23 Jan 2026 17:45:19 +0100 Subject: [PATCH 375/432] Move get-configurable-aio-variables.sh into php/ folder Signed-off-by: Pablo Zmdl --- .../get-configurable-aio-variables.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename get-configurable-aio-variables.sh => php/get-configurable-aio-variables.sh (100%) diff --git a/get-configurable-aio-variables.sh b/php/get-configurable-aio-variables.sh similarity index 100% rename from get-configurable-aio-variables.sh rename to php/get-configurable-aio-variables.sh From 365e1e34e4bc27fd2f8b4fd959e4cfb453cb4f08 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 26 Jan 2026 10:06:53 +0100 Subject: [PATCH 376/432] Make 'borgRetentionPolicy' an attribute Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 1530708a..ce3d321d 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -657,11 +657,9 @@ class ConfigurationManager set { $this->set('nextcloud_max_time', $value); } } - public function GetBorgRetentionPolicy() : string { - $envVariableName = 'BORG_RETENTION_POLICY'; - $configName = 'borg_retention_policy'; - $defaultValue = '--keep-within=7d --keep-weekly=4 --keep-monthly=6'; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); + public string $borgRetentionPolicy { + get => $this->GetEnvironmentalVariableOrConfig('BORG_RETENTION_POLICY', 'borg_retention_policy', '--keep-within=7d --keep-weekly=4 --keep-monthly=6'); + set { $this->set('borg_retention_policy', $value); } } public function GetFulltextsearchJavaOptions() : string { @@ -1077,7 +1075,7 @@ class ConfigurationManager 'NEXTCLOUD_UPLOAD_LIMIT' => $this->nextcloudUploadLimit, 'NEXTCLOUD_MEMORY_LIMIT' => $this->nextcloudMemoryLimit, 'NEXTCLOUD_MAX_TIME' => $this->nextcloudMaxTime, - 'BORG_RETENTION_POLICY' => $this->GetBorgRetentionPolicy(), + 'BORG_RETENTION_POLICY' => $this->borgRetentionPolicy, 'FULLTEXTSEARCH_JAVA_OPTIONS' => $this->GetFulltextsearchJavaOptions(), 'NEXTCLOUD_TRUSTED_CACERTS_DIR' => $this->GetTrustedCacertsDir(), 'ADDITIONAL_DIRECTORIES_BACKUP' => $this->GetAdditionalBackupDirectoriesString() !== '' ? 'yes' : '', From bfa2b64674843ea14a6542a0078fbe8576776e25 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 26 Jan 2026 10:07:53 +0100 Subject: [PATCH 377/432] Make 'fulltextsearchJavaOptions' an attribute Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index ce3d321d..41097c8d 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -662,11 +662,9 @@ class ConfigurationManager set { $this->set('borg_retention_policy', $value); } } - public function GetFulltextsearchJavaOptions() : string { - $envVariableName = 'FULLTEXTSEARCH_JAVA_OPTIONS'; - $configName = 'fulltextsearch_java_options'; - $defaultValue = '-Xms512M -Xmx512M'; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); + public string $fulltextsearchJavaOptions { + get => $this->GetEnvironmentalVariableOrConfig('FULLTEXTSEARCH_JAVA_OPTIONS', 'fulltextsearch_java_options', '-Xms512M -Xmx512M'); + set { $this->set('fulltextsearch_java_options', $value); } } public function GetDockerSocketPath() : string { @@ -1076,7 +1074,7 @@ class ConfigurationManager 'NEXTCLOUD_MEMORY_LIMIT' => $this->nextcloudMemoryLimit, 'NEXTCLOUD_MAX_TIME' => $this->nextcloudMaxTime, 'BORG_RETENTION_POLICY' => $this->borgRetentionPolicy, - 'FULLTEXTSEARCH_JAVA_OPTIONS' => $this->GetFulltextsearchJavaOptions(), + 'FULLTEXTSEARCH_JAVA_OPTIONS' => $this->fulltextsearchJavaOptions, 'NEXTCLOUD_TRUSTED_CACERTS_DIR' => $this->GetTrustedCacertsDir(), 'ADDITIONAL_DIRECTORIES_BACKUP' => $this->GetAdditionalBackupDirectoriesString() !== '' ? 'yes' : '', 'BORGBACKUP_HOST_LOCATION' => $this->borgBackupHostLocation, From 63245430efa417d88ea7c13ffea433ea9bb069fe Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 26 Jan 2026 10:08:44 +0100 Subject: [PATCH 378/432] Make 'dockerSocketPath' an attribute Signed-off-by: Pablo Zmdl --- php/src/ContainerDefinitionFetcher.php | 2 +- php/src/Data/ConfigurationManager.php | 8 +++----- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index 3bbc37e2..ead82363 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -129,7 +129,7 @@ readonly class ContainerDefinitionFetcher { continue; } } elseif ($value['source'] === '%WATCHTOWER_DOCKER_SOCKET_PATH%') { - $value['source'] = $this->configurationManager->GetDockerSocketPath(); + $value['source'] = $this->configurationManager->dockerSocketPath; if($value['source'] === '') { continue; } diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 41097c8d..090762ae 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -667,11 +667,9 @@ class ConfigurationManager set { $this->set('fulltextsearch_java_options', $value); } } - public function GetDockerSocketPath() : string { - $envVariableName = 'WATCHTOWER_DOCKER_SOCKET_PATH'; - $configName = 'docker_socket_path'; - $defaultValue = '/var/run/docker.sock'; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); + public string $dockerSocketPath { + get => $this->GetEnvironmentalVariableOrConfig('WATCHTOWER_DOCKER_SOCKET_PATH', 'docker_socket_path', '/var/run/docker.sock'); + set { $this->set('docker_socket_path', $value); } } public function GetTrustedCacertsDir() : string { From 4ad8fcf2581f7d39b2dda9912cd4f89e511fd328 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 26 Jan 2026 10:09:32 +0100 Subject: [PATCH 379/432] Make 'trustedCacertsDir' an attribute Signed-off-by: Pablo Zmdl --- php/src/ContainerDefinitionFetcher.php | 2 +- php/src/Data/ConfigurationManager.php | 10 ++++------ 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index ead82363..831a7bc5 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -134,7 +134,7 @@ readonly class ContainerDefinitionFetcher { continue; } } elseif ($value['source'] === '%NEXTCLOUD_TRUSTED_CACERTS_DIR%') { - $value['source'] = $this->configurationManager->GetTrustedCacertsDir(); + $value['source'] = $this->configurationManager->trustedCacertsDir; if($value['source'] === '') { continue; } diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 090762ae..63862c91 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -672,11 +672,9 @@ class ConfigurationManager set { $this->set('docker_socket_path', $value); } } - public function GetTrustedCacertsDir() : string { - $envVariableName = 'NEXTCLOUD_TRUSTED_CACERTS_DIR'; - $configName = 'trusted_cacerts_dir'; - $defaultValue = ''; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); + public string $trustedCacertsDir { + get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_TRUSTED_CACERTS_DIR', 'trusted_cacerts_dir', ''); + set { $this->set('trusted_cacerts_dir', $value); } } public function GetNextcloudAdditionalApks() : string { @@ -1073,7 +1071,7 @@ class ConfigurationManager 'NEXTCLOUD_MAX_TIME' => $this->nextcloudMaxTime, 'BORG_RETENTION_POLICY' => $this->borgRetentionPolicy, 'FULLTEXTSEARCH_JAVA_OPTIONS' => $this->fulltextsearchJavaOptions, - 'NEXTCLOUD_TRUSTED_CACERTS_DIR' => $this->GetTrustedCacertsDir(), + 'NEXTCLOUD_TRUSTED_CACERTS_DIR' => $this->trustedCacertsDir, 'ADDITIONAL_DIRECTORIES_BACKUP' => $this->GetAdditionalBackupDirectoriesString() !== '' ? 'yes' : '', 'BORGBACKUP_HOST_LOCATION' => $this->borgBackupHostLocation, 'APACHE_MAX_SIZE' => (string)($this->GetApacheMaxSize()), From d50dc2db1de2a7fe741db56db2f8dc9f6ae7c62b Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 26 Jan 2026 10:10:08 +0100 Subject: [PATCH 380/432] Make 'nextcloudAdditionalApks' an attribute Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 63862c91..6e62be77 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -677,11 +677,9 @@ class ConfigurationManager set { $this->set('trusted_cacerts_dir', $value); } } - public function GetNextcloudAdditionalApks() : string { - $envVariableName = 'NEXTCLOUD_ADDITIONAL_APKS'; - $configName = 'nextcloud_additional_apks'; - $defaultValue = 'imagemagick'; - return trim($this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue)); + public string $nextcloudAdditionalApks { + get => trim($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ADDITIONAL_APKS', 'nextcloud_additional_apks', 'imagemagick')); + set { $this->set('nextcloud_addtional_apks', $value); } } public function GetNextcloudAdditionalPhpExtensions() : string { @@ -1077,7 +1075,7 @@ class ConfigurationManager 'APACHE_MAX_SIZE' => (string)($this->GetApacheMaxSize()), 'COLLABORA_SECCOMP_POLICY' => $this->GetCollaboraSeccompPolicy(), 'NEXTCLOUD_STARTUP_APPS' => $this->GetNextcloudStartupApps(), - 'NEXTCLOUD_ADDITIONAL_APKS' => $this->GetNextcloudAdditionalApks(), + 'NEXTCLOUD_ADDITIONAL_APKS' => $this->nextcloudAdditionalApks, 'NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS' => $this->GetNextcloudAdditionalPhpExtensions(), 'INSTALL_LATEST_MAJOR' => $this->installLatestMajor, 'REMOVE_DISABLED_APPS' => $this->shouldDisabledAppsGetRemoved() ? 'yes' : '', From c3477a7eb206aff3653a036395c4591068e85e96 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 26 Jan 2026 10:10:35 +0100 Subject: [PATCH 381/432] Make 'nextcloudAdditionalPhpExtensions' an attribute Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 6e62be77..c3f32f02 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -682,11 +682,9 @@ class ConfigurationManager set { $this->set('nextcloud_addtional_apks', $value); } } - public function GetNextcloudAdditionalPhpExtensions() : string { - $envVariableName = 'NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS'; - $configName = 'nextcloud_additional_php_extensions'; - $defaultValue = 'imagick'; - return trim($this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue)); + public string $nextcloudAdditionalPhpExtensions { + get => trim($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS', 'nextcloud_additional_php_extensions', 'imagick')); + set { $this->set('nextcloud_additional_php_extensions', $value); } } public function GetCollaboraSeccompPolicy() : string { @@ -1076,7 +1074,7 @@ class ConfigurationManager 'COLLABORA_SECCOMP_POLICY' => $this->GetCollaboraSeccompPolicy(), 'NEXTCLOUD_STARTUP_APPS' => $this->GetNextcloudStartupApps(), 'NEXTCLOUD_ADDITIONAL_APKS' => $this->nextcloudAdditionalApks, - 'NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS' => $this->GetNextcloudAdditionalPhpExtensions(), + 'NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS' => $this->nextcloudAdditionalPhpExtensions, 'INSTALL_LATEST_MAJOR' => $this->installLatestMajor, 'REMOVE_DISABLED_APPS' => $this->shouldDisabledAppsGetRemoved() ? 'yes' : '', // Allow to get local ip-address of database container which allows to talk to it even in host mode (the container that requires this needs to be started first then) From 22a26268e07308af0419739a56e0ad1f7d5517f3 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 26 Jan 2026 10:27:55 +0100 Subject: [PATCH 382/432] Helper to booleanize environment-or-config-values Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index c3f32f02..c35f7ff9 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -1085,4 +1085,8 @@ class ConfigurationManager default => $this->GetRegisteredSecret($placeholder), }; } + + private function booleanize(mixed $value) : bool { + return in_array($value, [true, 'true'], true); + } } From dc5dc0215c1d304dc45e621f124fe3e2960d5389 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 26 Jan 2026 10:12:01 +0100 Subject: [PATCH 383/432] Make 'collaboraSeccompDisabled' an attribute Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 16 +++++----------- php/src/Docker/DockerActionManager.php | 2 +- 2 files changed, 6 insertions(+), 12 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index c35f7ff9..8e316b19 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -114,7 +114,7 @@ class ConfigurationManager // Type-cast because old configs could have 1/0 for this key. get => (bool) $this->get('isFulltextsearchEnabled', false); // Elasticsearch does not work on kernels without seccomp anymore. See https://github.com/nextcloud/all-in-one/discussions/5768 - set { $this->set('isFulltextsearchEnabled', ($this->isSeccompDisabled() && $value)); } + set { $this->set('isFulltextsearchEnabled', ($this->collaboraSeccompDisabled && $value)); } } public string $domain { @@ -689,21 +689,15 @@ class ConfigurationManager public function GetCollaboraSeccompPolicy() : string { $defaultString = '--o:security.seccomp='; - if (!$this->isSeccompDisabled()) { + if (!$this->collaboraSeccompDisabled) { return $defaultString . 'true'; } return $defaultString . 'false'; } - private function GetCollaboraSeccompDisabledState() : string { - $envVariableName = 'COLLABORA_SECCOMP_DISABLED'; - $configName = 'collabora_seccomp_disabled'; - $defaultValue = 'false'; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); - } - - public function isSeccompDisabled() : bool { - return $this->GetCollaboraSeccompDisabledState() === 'true'; + public bool $collaboraSeccompDisabled { + get => booleanize($this->GetEnvironmentalVariableOrConfig('COLLABORA_SECCOMP_DISABLED', 'collabora_seccomp_disabled', '')); + set { $this->set('collabora_seccomp_disabled', $value); } } /** diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 12dd70ae..47522e23 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -412,7 +412,7 @@ readonly class DockerActionManager { // Special things for the collabora container which should not be exposed in the containers.json } elseif ($container->identifier === 'nextcloud-aio-collabora') { - if (!$this->configurationManager->isSeccompDisabled()) { + if (!$this->configurationManager->collaboraSeccompDisabled) { // Load reference seccomp profile for collabora $seccompProfile = (string)file_get_contents(DataConst::GetCollaboraSeccompProfilePath()); $requestBody['HostConfig']['SecurityOpt'] = ["label:disable", "seccomp=$seccompProfile"]; From 08438aff4259eee999c4f3e1c380190f024ec28d Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 26 Jan 2026 10:12:41 +0100 Subject: [PATCH 384/432] Make 'apacheAdditionalNetwork' an attribute Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 8 +++----- php/src/Docker/DockerActionManager.php | 2 +- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 8e316b19..d5a5e4f0 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -874,11 +874,9 @@ class ConfigurationManager $this->set('collabora_additional_options', ''); } - public function GetApacheAdditionalNetwork() : string { - $envVariableName = 'APACHE_ADDITIONAL_NETWORK'; - $configName = 'apache_additional_network'; - $defaultValue = ''; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); + public string $apacheAdditionalNetwork { + get => $this->GetEnvironmentalVariableOrConfig('APACHE_ADDITIONAL_NETWORK', 'apache_additional_network', ''); + set { $this->set('apache_additional_network', $value); } } private function GetDisableBackupSection() : string { diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 47522e23..fd6334c6 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -837,7 +837,7 @@ readonly class DockerActionManager { $this->ConnectContainerIdToNetwork($container->identifier, $container->internalPorts, alias: $alias); if ($container->identifier === 'nextcloud-aio-apache' || $container->identifier === 'nextcloud-aio-domaincheck') { - $apacheAdditionalNetwork = $this->configurationManager->GetApacheAdditionalNetwork(); + $apacheAdditionalNetwork = $this->configurationManager->apacheAdditionalNetwork; if ($apacheAdditionalNetwork !== '') { $this->ConnectContainerIdToNetwork($container->identifier, $container->internalPorts, $apacheAdditionalNetwork, false, $alias); } From 0cb79a387fe128b158f6d7e784b3f47ff5c083be Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 26 Jan 2026 10:19:57 +0100 Subject: [PATCH 385/432] Make 'disableBackupSection' an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Data/ConfigurationManager.php | 16 +++------------- 2 files changed, 4 insertions(+), 14 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 47c6bb7b..07837125 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -123,7 +123,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'collabora_dictionaries' => $configurationManager->collaboraDictionaries, 'collabora_additional_options' => $configurationManager->collaboraAdditionalOptions, 'automatic_updates' => $configurationManager->areAutomaticUpdatesEnabled(), - 'is_backup_section_enabled' => $configurationManager->isBackupSectionEnabled(), + 'is_backup_section_enabled' => !$configurationManager->disableBackupSection, 'is_imaginary_enabled' => $configurationManager->isImaginaryEnabled, 'is_fulltextsearch_enabled' => $configurationManager->isFulltextsearchEnabled, 'additional_backup_directories' => $configurationManager->GetAdditionalBackupDirectoriesString(), diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index d5a5e4f0..d1825552 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -879,19 +879,9 @@ class ConfigurationManager set { $this->set('apache_additional_network', $value); } } - private function GetDisableBackupSection() : string { - $envVariableName = 'AIO_DISABLE_BACKUP_SECTION'; - $configName = 'disable_backup_section'; - $defaultValue = ''; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); - } - - public function isBackupSectionEnabled() : bool { - if ($this->GetDisableBackupSection() === 'true') { - return false; - } else { - return true; - } + public bool $disableBackupSection { + get => booleanize($this->GetEnvironmentalVariableOrConfig('AIO_DISABLE_BACKUP_SECTION', 'disable_backup_section', '')); + set { $this->set('disable_backup_section', $value); } } public function listAvailableCommunityContainers() : array { From 5fc4951ba0d4ecfb56bf6f0cfe3c983cef89ad2c Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 26 Jan 2026 10:26:39 +0100 Subject: [PATCH 386/432] Make 'nextcloudEnableDriDevice' an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Data/ConfigurationManager.php | 16 +++------------- php/src/Docker/DockerActionManager.php | 2 +- 3 files changed, 5 insertions(+), 15 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 07837125..519ec71a 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -132,7 +132,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'nextcloud_upload_limit' => $configurationManager->nextcloudUploadLimit, 'nextcloud_max_time' => $configurationManager->nextcloudMaxTime, 'nextcloud_memory_limit' => $configurationManager->nextcloudMemoryLimit, - 'is_dri_device_enabled' => $configurationManager->isDriDeviceEnabled(), + 'is_dri_device_enabled' => $configurationManager->nextcloudEnableDriDevice, 'is_nvidia_gpu_enabled' => $configurationManager->isNvidiaGpuEnabled(), 'is_talk_recording_enabled' => $configurationManager->isTalkRecordingEnabled, 'is_docker_socket_proxy_enabled' => $configurationManager->isDockerSocketProxyEnabled, diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index d1825552..afbe9fbc 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -919,19 +919,9 @@ class ConfigurationManager return $cc; } - private function GetEnabledDriDevice() : string { - $envVariableName = 'NEXTCLOUD_ENABLE_DRI_DEVICE'; - $configName = 'nextcloud_enable_dri_device'; - $defaultValue = ''; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); - } - - public function isDriDeviceEnabled() : bool { - if ($this->GetEnabledDriDevice() === 'true') { - return true; - } else { - return false; - } + public bool $nextcloudEnableDriDevice{ + get => booleanize($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ENABLE_DRI_DEVICE', 'nextcloud_enable_dri_device', '')); + set { $this->set('nextcloud_enable_dri_device', $value); } } private function GetEnabledNvidiaGpu() : string { diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index fd6334c6..31ad2371 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -307,7 +307,7 @@ readonly class DockerActionManager { $devices = []; foreach ($container->devices as $device) { - if ($device === '/dev/dri' && !$this->configurationManager->isDriDeviceEnabled()) { + if ($device === '/dev/dri' && !$this->configurationManager->nextcloudEnableDriDevice) { continue; } $devices[] = ["PathOnHost" => $device, "PathInContainer" => $device, "CgroupPermissions" => "rwm"]; From 5bdcfd67eb54aa14401a75bb54d92466c73896fe Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 26 Jan 2026 10:27:31 +0100 Subject: [PATCH 387/432] Make 'enableNvidiaGpu' an attribute Signed-off-by: Pablo Zmdl --- php/public/index.php | 2 +- php/src/Data/ConfigurationManager.php | 14 ++++---------- php/src/Docker/DockerActionManager.php | 2 +- 3 files changed, 6 insertions(+), 12 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 519ec71a..1ec42949 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -133,7 +133,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'nextcloud_max_time' => $configurationManager->nextcloudMaxTime, 'nextcloud_memory_limit' => $configurationManager->nextcloudMemoryLimit, 'is_dri_device_enabled' => $configurationManager->nextcloudEnableDriDevice, - 'is_nvidia_gpu_enabled' => $configurationManager->isNvidiaGpuEnabled(), + 'is_nvidia_gpu_enabled' => $configurationManager->enableNvidiaGpu, 'is_talk_recording_enabled' => $configurationManager->isTalkRecordingEnabled, 'is_docker_socket_proxy_enabled' => $configurationManager->isDockerSocketProxyEnabled, 'is_whiteboard_enabled' => $configurationManager->isWhiteboardEnabled, diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index afbe9fbc..e03e2bfb 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -923,16 +923,10 @@ class ConfigurationManager get => booleanize($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ENABLE_DRI_DEVICE', 'nextcloud_enable_dri_device', '')); set { $this->set('nextcloud_enable_dri_device', $value); } } - - private function GetEnabledNvidiaGpu() : string { - $envVariableName = 'NEXTCLOUD_ENABLE_NVIDIA_GPU'; - $configName = 'enable_nvidia_gpu'; - $defaultValue = ''; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); - } - - public function isNvidiaGpuEnabled() : bool { - return $this->GetEnabledNvidiaGpu() === 'true'; + + public bool $enableNvidiaGpu { + get => booleanize($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ENABLE_NVIDIA_GPU', 'enable_nvidia_gpu', '')); + set { $this->set('enable_nvidia_gpu', $value); } } private function GetKeepDisabledApps() : string { diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 31ad2371..509f4c28 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -317,7 +317,7 @@ readonly class DockerActionManager { $requestBody['HostConfig']['Devices'] = $devices; } - if ($container->enableNvidiaGpu && $this->configurationManager->isNvidiaGpuEnabled()) { + if ($container->enableNvidiaGpu && $this->configurationManager->enableNvidiaGpu) { $requestBody['HostConfig']['Runtime'] = 'nvidia'; $requestBody['HostConfig']['DeviceRequests'] = [ [ From 3cfe307a5cb7651cb0b54bb7db5f4fac28c64b7c Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 26 Jan 2026 10:39:40 +0100 Subject: [PATCH 388/432] Make `nextcloudKeepDisabledApps` an attribute Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 18 ++++-------------- 1 file changed, 4 insertions(+), 14 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index e03e2bfb..57071d91 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -929,21 +929,11 @@ class ConfigurationManager set { $this->set('enable_nvidia_gpu', $value); } } - private function GetKeepDisabledApps() : string { - $envVariableName = 'NEXTCLOUD_KEEP_DISABLED_APPS'; - $configName = 'nextcloud_keep_disabled_apps'; - $defaultValue = ''; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); + public bool $nextcloudKeepDisabledApps { + get => booleanize($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_KEEP_DISABLED_APPS', 'nextcloud_keep_disabled_apps', '')); + set { $this->set('nextcloud_keep_disabled_apps', $value); } } - public function shouldDisabledAppsGetRemoved() : bool { - if ($this->GetKeepDisabledApps() === 'true') { - return false; - } else { - return true; - } - } - private function camelize(string $input, string $delimiter = '_') : string { return lcfirst(implode("", array_map('ucfirst', explode($delimiter, strtolower($input))))); @@ -1042,7 +1032,7 @@ class ConfigurationManager 'NEXTCLOUD_ADDITIONAL_APKS' => $this->nextcloudAdditionalApks, 'NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS' => $this->nextcloudAdditionalPhpExtensions, 'INSTALL_LATEST_MAJOR' => $this->installLatestMajor, - 'REMOVE_DISABLED_APPS' => $this->shouldDisabledAppsGetRemoved() ? 'yes' : '', + 'REMOVE_DISABLED_APPS' => $this->nextcloudKeepDisabledApps ? '' : 'yes', // Allow to get local ip-address of database container which allows to talk to it even in host mode (the container that requires this needs to be started first then) 'AIO_DATABASE_HOST' => gethostbyname('nextcloud-aio-database'), // Allow to get local ip-address of caddy container and add it to trusted proxies automatically From 078f3caf8aa180ff74ad906652d11757823576f2 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 26 Jan 2026 10:48:33 +0100 Subject: [PATCH 389/432] Move all properties to the top of the file Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 201 +++++++++++++------------- 1 file changed, 100 insertions(+), 101 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 57071d91..19b0a7bb 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -188,6 +188,106 @@ class ConfigurationManager set { $this->set('turn_domain', $value); } } + public string $apachePort { + get => $this->GetEnvironmentalVariableOrConfig('APACHE_PORT', 'apache_port', '443'); + set { $this->set('apache_port', $value); } + } + + public string $talkPort { + get => $this->GetEnvironmentalVariableOrConfig('TALK_PORT', 'talk_port', '3478'); + set { $this->set('talk_port', $value); } + } + + public string $nextcloudMount { + get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_MOUNT', 'nextcloud_mount', ''); + set { $this->set('nextcloud_mount', $value); } + } + + public string $nextcloudDatadirMount { + get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_DATADIR', 'nextcloud_datadir', 'nextcloud_aio_nextcloud_data'); + set { $this->set('nextcloud_datadir_mount', $value); } + } + + public string $nextcloudUploadLimit { + get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_UPLOAD_LIMIT', 'nextcloud_upload_limit', '16G'); + set { $this->set('nextcloud_upload_limit', $value); } + } + + public string $nextcloudMemoryLimit { + get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_MEMORY_LIMIT', 'nextcloud_memory_limit', '512M'); + set { $this->set('nextcloud_memory_limit', $value); } + } + + public function GetApacheMaxSize() : int { + $uploadLimit = (int)rtrim($this->nextcloudUploadLimit, 'G'); + return $uploadLimit * 1024 * 1024 * 1024; + } + + public string $nextcloudMaxTime { + get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_MAX_TIME', 'nextcloud_max_time', '3600'); + set { $this->set('nextcloud_max_time', $value); } + } + + public string $borgRetentionPolicy { + get => $this->GetEnvironmentalVariableOrConfig('BORG_RETENTION_POLICY', 'borg_retention_policy', '--keep-within=7d --keep-weekly=4 --keep-monthly=6'); + set { $this->set('borg_retention_policy', $value); } + } + + public string $fulltextsearchJavaOptions { + get => $this->GetEnvironmentalVariableOrConfig('FULLTEXTSEARCH_JAVA_OPTIONS', 'fulltextsearch_java_options', '-Xms512M -Xmx512M'); + set { $this->set('fulltextsearch_java_options', $value); } + } + + public string $dockerSocketPath { + get => $this->GetEnvironmentalVariableOrConfig('WATCHTOWER_DOCKER_SOCKET_PATH', 'docker_socket_path', '/var/run/docker.sock'); + set { $this->set('docker_socket_path', $value); } + } + + public string $trustedCacertsDir { + get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_TRUSTED_CACERTS_DIR', 'trusted_cacerts_dir', ''); + set { $this->set('trusted_cacerts_dir', $value); } + } + + public string $nextcloudAdditionalApks { + get => trim($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ADDITIONAL_APKS', 'nextcloud_additional_apks', 'imagemagick')); + set { $this->set('nextcloud_addtional_apks', $value); } + } + + public string $nextcloudAdditionalPhpExtensions { + get => trim($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS', 'nextcloud_additional_php_extensions', 'imagick')); + set { $this->set('nextcloud_additional_php_extensions', $value); } + } + + public bool $collaboraSeccompDisabled { + get => booleanize($this->GetEnvironmentalVariableOrConfig('COLLABORA_SECCOMP_DISABLED', 'collabora_seccomp_disabled', '')); + set { $this->set('collabora_seccomp_disabled', $value); } + } + + public string $apacheAdditionalNetwork { + get => $this->GetEnvironmentalVariableOrConfig('APACHE_ADDITIONAL_NETWORK', 'apache_additional_network', ''); + set { $this->set('apache_additional_network', $value); } + } + + public bool $disableBackupSection { + get => booleanize($this->GetEnvironmentalVariableOrConfig('AIO_DISABLE_BACKUP_SECTION', 'disable_backup_section', '')); + set { $this->set('disable_backup_section', $value); } + } + + public bool $nextcloudEnableDriDevice{ + get => booleanize($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ENABLE_DRI_DEVICE', 'nextcloud_enable_dri_device', '')); + set { $this->set('nextcloud_enable_dri_device', $value); } + } + + public bool $enableNvidiaGpu { + get => booleanize($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ENABLE_NVIDIA_GPU', 'enable_nvidia_gpu', '')); + set { $this->set('enable_nvidia_gpu', $value); } + } + + public bool $nextcloudKeepDisabledApps { + get => booleanize($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_KEEP_DISABLED_APPS', 'nextcloud_keep_disabled_apps', '')); + set { $this->set('nextcloud_keep_disabled_apps', $value); } + } + private function GetConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) @@ -568,16 +668,6 @@ class ConfigurationManager $this->set('password', $newPassword); } - public string $apachePort { - get => $this->GetEnvironmentalVariableOrConfig('APACHE_PORT', 'apache_port', '443'); - set { $this->set('apache_port', $value); } - } - - public string $talkPort { - get => $this->GetEnvironmentalVariableOrConfig('TALK_PORT', 'talk_port', '3478'); - set { $this->set('talk_port', $value); } - } - /** * @throws InvalidSettingConfigurationException */ @@ -626,67 +716,6 @@ class ConfigurationManager return trim((string)file_get_contents(DataConst::GetBackupPublicKey())); } - public string $nextcloudMount { - get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_MOUNT', 'nextcloud_mount', ''); - set { $this->set('nextcloud_mount', $value); } - } - - - public string $nextcloudDatadirMount { - get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_DATADIR', 'nextcloud_datadir', 'nextcloud_aio_nextcloud_data'); - set { $this->set('nextcloud_datadir_mount', $value); } - } - - public string $nextcloudUploadLimit { - get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_UPLOAD_LIMIT', 'nextcloud_upload_limit', '16G'); - set { $this->set('nextcloud_upload_limit', $value); } - } - - public string $nextcloudMemoryLimit { - get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_MEMORY_LIMIT', 'nextcloud_memory_limit', '512M'); - set { $this->set('nextcloud_memory_limit', $value); } - } - - public function GetApacheMaxSize() : int { - $uploadLimit = (int)rtrim($this->nextcloudUploadLimit, 'G'); - return $uploadLimit * 1024 * 1024 * 1024; - } - - public string $nextcloudMaxTime { - get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_MAX_TIME', 'nextcloud_max_time', '3600'); - set { $this->set('nextcloud_max_time', $value); } - } - - public string $borgRetentionPolicy { - get => $this->GetEnvironmentalVariableOrConfig('BORG_RETENTION_POLICY', 'borg_retention_policy', '--keep-within=7d --keep-weekly=4 --keep-monthly=6'); - set { $this->set('borg_retention_policy', $value); } - } - - public string $fulltextsearchJavaOptions { - get => $this->GetEnvironmentalVariableOrConfig('FULLTEXTSEARCH_JAVA_OPTIONS', 'fulltextsearch_java_options', '-Xms512M -Xmx512M'); - set { $this->set('fulltextsearch_java_options', $value); } - } - - public string $dockerSocketPath { - get => $this->GetEnvironmentalVariableOrConfig('WATCHTOWER_DOCKER_SOCKET_PATH', 'docker_socket_path', '/var/run/docker.sock'); - set { $this->set('docker_socket_path', $value); } - } - - public string $trustedCacertsDir { - get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_TRUSTED_CACERTS_DIR', 'trusted_cacerts_dir', ''); - set { $this->set('trusted_cacerts_dir', $value); } - } - - public string $nextcloudAdditionalApks { - get => trim($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ADDITIONAL_APKS', 'nextcloud_additional_apks', 'imagemagick')); - set { $this->set('nextcloud_addtional_apks', $value); } - } - - public string $nextcloudAdditionalPhpExtensions { - get => trim($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS', 'nextcloud_additional_php_extensions', 'imagick')); - set { $this->set('nextcloud_additional_php_extensions', $value); } - } - public function GetCollaboraSeccompPolicy() : string { $defaultString = '--o:security.seccomp='; if (!$this->collaboraSeccompDisabled) { @@ -695,11 +724,6 @@ class ConfigurationManager return $defaultString . 'false'; } - public bool $collaboraSeccompDisabled { - get => booleanize($this->GetEnvironmentalVariableOrConfig('COLLABORA_SECCOMP_DISABLED', 'collabora_seccomp_disabled', '')); - set { $this->set('collabora_seccomp_disabled', $value); } - } - /** * @throws InvalidSettingConfigurationException */ @@ -874,16 +898,6 @@ class ConfigurationManager $this->set('collabora_additional_options', ''); } - public string $apacheAdditionalNetwork { - get => $this->GetEnvironmentalVariableOrConfig('APACHE_ADDITIONAL_NETWORK', 'apache_additional_network', ''); - set { $this->set('apache_additional_network', $value); } - } - - public bool $disableBackupSection { - get => booleanize($this->GetEnvironmentalVariableOrConfig('AIO_DISABLE_BACKUP_SECTION', 'disable_backup_section', '')); - set { $this->set('disable_backup_section', $value); } - } - public function listAvailableCommunityContainers() : array { $cc = []; $dir = scandir(DataConst::GetCommunityContainersDirectory()); @@ -919,21 +933,6 @@ class ConfigurationManager return $cc; } - public bool $nextcloudEnableDriDevice{ - get => booleanize($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ENABLE_DRI_DEVICE', 'nextcloud_enable_dri_device', '')); - set { $this->set('nextcloud_enable_dri_device', $value); } - } - - public bool $enableNvidiaGpu { - get => booleanize($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ENABLE_NVIDIA_GPU', 'enable_nvidia_gpu', '')); - set { $this->set('enable_nvidia_gpu', $value); } - } - - public bool $nextcloudKeepDisabledApps { - get => booleanize($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_KEEP_DISABLED_APPS', 'nextcloud_keep_disabled_apps', '')); - set { $this->set('nextcloud_keep_disabled_apps', $value); } - } - private function camelize(string $input, string $delimiter = '_') : string { return lcfirst(implode("", array_map('ucfirst', explode($delimiter, strtolower($input))))); From ec66b359e0d3aaa1324abc172df9645c07a89ba4 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Tue, 27 Jan 2026 10:52:20 +0100 Subject: [PATCH 390/432] Check arguments to camelize() for usefulness Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 19b0a7bb..06122839 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -934,6 +934,12 @@ class ConfigurationManager } private function camelize(string $input, string $delimiter = '_') : string { + if ($input === '') { + throw new InvalidSettingConfigurationException('input cannot be empty!'); + } + if ($delimiter === '') { + $delimiter = '_'; + } return lcfirst(implode("", array_map('ucfirst', explode($delimiter, strtolower($input))))); } From 659b1ca383c575d27fba77f1b0d9d1f4624a6281 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Tue, 27 Jan 2026 10:58:25 +0100 Subject: [PATCH 391/432] Fix calling booleanize Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 06122839..e592286c 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -259,7 +259,7 @@ class ConfigurationManager } public bool $collaboraSeccompDisabled { - get => booleanize($this->GetEnvironmentalVariableOrConfig('COLLABORA_SECCOMP_DISABLED', 'collabora_seccomp_disabled', '')); + get => $this->booleanize($this->GetEnvironmentalVariableOrConfig('COLLABORA_SECCOMP_DISABLED', 'collabora_seccomp_disabled', '')); set { $this->set('collabora_seccomp_disabled', $value); } } @@ -269,22 +269,22 @@ class ConfigurationManager } public bool $disableBackupSection { - get => booleanize($this->GetEnvironmentalVariableOrConfig('AIO_DISABLE_BACKUP_SECTION', 'disable_backup_section', '')); + get => $this->booleanize($this->GetEnvironmentalVariableOrConfig('AIO_DISABLE_BACKUP_SECTION', 'disable_backup_section', '')); set { $this->set('disable_backup_section', $value); } } public bool $nextcloudEnableDriDevice{ - get => booleanize($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ENABLE_DRI_DEVICE', 'nextcloud_enable_dri_device', '')); + get => $this->booleanize($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ENABLE_DRI_DEVICE', 'nextcloud_enable_dri_device', '')); set { $this->set('nextcloud_enable_dri_device', $value); } } public bool $enableNvidiaGpu { - get => booleanize($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ENABLE_NVIDIA_GPU', 'enable_nvidia_gpu', '')); + get => $this->booleanize($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ENABLE_NVIDIA_GPU', 'enable_nvidia_gpu', '')); set { $this->set('enable_nvidia_gpu', $value); } } public bool $nextcloudKeepDisabledApps { - get => booleanize($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_KEEP_DISABLED_APPS', 'nextcloud_keep_disabled_apps', '')); + get => $this->booleanize($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_KEEP_DISABLED_APPS', 'nextcloud_keep_disabled_apps', '')); set { $this->set('nextcloud_keep_disabled_apps', $value); } } From d9d4e3680f94ec14bb32ee534e019868ca7e8db7 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Tue, 27 Jan 2026 11:55:24 +0100 Subject: [PATCH 392/432] Fix residue from change to use start/commitTransaction() Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index e592286c..c8f09890 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -954,17 +954,17 @@ class ConfigurationManager error_log("Invalid input: '$variable' is not a string or does not contain an equal sign ('=')"); continue; } - $keyWithValue = $confManager->replaceEnvPlaceholders($variable); + $keyWithValue = $this->replaceEnvPlaceholders($variable); // Pad the result with nulls so psalm is happy (and we don't risk to run into warnings in case // the check for an equal sign from above gets changed). [$key, $value] = explode('=', $keyWithValue, 2) + [null, null]; $key = $this->camelize($key); if ($value === null) { error_log("Invalid input: '$keyWithValue' has no value after the equal sign"); - } else if (!property_exists($confManager, $key)) { + } else if (!property_exists($this, $key)) { error_log("Error: '$key' is not a valid configuration key (in '$keyWithValue')"); } else { - $confManager->$key = $value; + $this->$key = $value; } } $this->commitTransaction(); From 5b6e0f30a6de38e1ec281443d8b0ce1121fcc0ed Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Tue, 27 Jan 2026 12:04:55 +0100 Subject: [PATCH 393/432] Fix assignment of INSTALL_LATEST_MAJOR from env replacement Signed-off-by: Pablo Zmdl --- php/src/Data/ConfigurationManager.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index c8f09890..25263b50 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -1036,7 +1036,7 @@ class ConfigurationManager 'NEXTCLOUD_STARTUP_APPS' => $this->GetNextcloudStartupApps(), 'NEXTCLOUD_ADDITIONAL_APKS' => $this->nextcloudAdditionalApks, 'NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS' => $this->nextcloudAdditionalPhpExtensions, - 'INSTALL_LATEST_MAJOR' => $this->installLatestMajor, + 'INSTALL_LATEST_MAJOR' => $this->installLatestMajor ? 'yes' : '', 'REMOVE_DISABLED_APPS' => $this->nextcloudKeepDisabledApps ? '' : 'yes', // Allow to get local ip-address of database container which allows to talk to it even in host mode (the container that requires this needs to be started first then) 'AIO_DATABASE_HOST' => gethostbyname('nextcloud-aio-database'), From 5ba678c0820e748bad54a6748ad65f693b5a40bd Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Wed, 28 Jan 2026 12:08:07 +0100 Subject: [PATCH 394/432] Non-functional addition to camelizing nextcloud_mount to nextcloudMount Signed-off-by: Pablo Zmdl --- php/src/Docker/DockerActionManager.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 509f4c28..db48dc2c 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -400,7 +400,7 @@ readonly class DockerActionManager { // // Special things for the nextcloud container which should not be exposed in the containers.json // } elseif ($container->identifier === 'nextcloud-aio-nextcloud') { // foreach ($container->volumes->GetVolumes() as $volume) { - // if ($volume->name !== $this->configurationManager->nextcloud_mount) { + // if ($volume->name !== $this->configurationManager->nextcloudMount) { // continue; // } // $mounts[] = ["Type" => "bind", "Source" => $volume->name, "Target" => $volume->mountPoint, "ReadOnly" => !$volume->isWritable, "BindOptions" => [ "Propagation" => "rshared"]]; From 0ee76078ad32f2d7dd46c38c839965c083b6527b Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Wed, 28 Jan 2026 12:03:53 +0000 Subject: [PATCH 395/432] php dependency updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- php/composer.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/php/composer.lock b/php/composer.lock index ee344d52..77403624 100644 --- a/php/composer.lock +++ b/php/composer.lock @@ -4058,16 +4058,16 @@ }, { "name": "symfony/finder", - "version": "v6.4.32", + "version": "v6.4.33", "source": { "type": "git", "url": "https://github.com/symfony/finder.git", - "reference": "3ec24885c1d9ababbb9c8f63bb42fea3c8c9b6de" + "reference": "24965ca011dac87431729640feef8bcf7b5523e0" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/finder/zipball/3ec24885c1d9ababbb9c8f63bb42fea3c8c9b6de", - "reference": "3ec24885c1d9ababbb9c8f63bb42fea3c8c9b6de", + "url": "https://api.github.com/repos/symfony/finder/zipball/24965ca011dac87431729640feef8bcf7b5523e0", + "reference": "24965ca011dac87431729640feef8bcf7b5523e0", "shasum": "" }, "require": { @@ -4102,7 +4102,7 @@ "description": "Finds files and directories via an intuitive fluent interface", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/finder/tree/v6.4.32" + "source": "https://github.com/symfony/finder/tree/v6.4.33" }, "funding": [ { @@ -4122,7 +4122,7 @@ "type": "tidelift" } ], - "time": "2026-01-10T14:09:00+00:00" + "time": "2026-01-26T13:03:48+00:00" }, { "name": "symfony/polyfill-intl-grapheme", From 27020e608de07b035ff53eb508a41e680b06db2c Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 28 Jan 2026 13:28:07 +0100 Subject: [PATCH 396/432] fix get-configurable-aio-variables.sh script Signed-off-by: Simon L. Signed-off-by: Simon L. --- php/get-configurable-aio-variables.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/get-configurable-aio-variables.sh b/php/get-configurable-aio-variables.sh index 44536bd3..3093e1e0 100755 --- a/php/get-configurable-aio-variables.sh +++ b/php/get-configurable-aio-variables.sh @@ -1,3 +1,3 @@ #!/usr/bin/env bash -awk '/^ public [^f][^u][^n]/ { sub(/\$/, "", $3); print $3 }' php/src/Data/ConfigurationManager.php | sort +awk '/^ public [^f][^u][^n]/ { sub(/\$/, "", $3); print $3 }' src/Data/ConfigurationManager.php | sort From 9871a3eb9a75910d32e5aa4c806a5e3ed1264f05 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Fri, 16 Jan 2026 15:22:18 +0100 Subject: [PATCH 397/432] insert the AIO version into Nextcloud's system config Signed-off-by: Simon L. --- php/containers.json | 1 + php/src/Data/ConfigurationManager.php | 9 +++++++++ php/src/Data/DataConst.php | 4 ++++ 3 files changed, 14 insertions(+) diff --git a/php/containers.json b/php/containers.json index 8c507f91..8e9218ac 100644 --- a/php/containers.json +++ b/php/containers.json @@ -219,6 +219,7 @@ "SIGNALING_SECRET=%SIGNALING_SECRET%", "ONLYOFFICE_SECRET=%ONLYOFFICE_SECRET%", "AIO_URL=%AIO_URL%", + "NC_AIO_VERSION=v%AIO_VERSION%", "NEXTCLOUD_MOUNT=%NEXTCLOUD_MOUNT%", "CLAMAV_ENABLED=%CLAMAV_ENABLED%", "CLAMAV_HOST=nextcloud-aio-clamav", diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 25263b50..124e78c6 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -420,6 +420,14 @@ class ConfigurationManager return $backupTimes; } + public function getAioVersion() : string { + $path = DataConst::GetAioVersionFile(); + if ($path !== '' && file_exists($path)) { + return trim((string)file_get_contents($path)); + } + return ''; + } + private function isx64Platform() : bool { if (php_uname('m') === 'x86_64') { return true; @@ -1043,6 +1051,7 @@ class ConfigurationManager // Allow to get local ip-address of caddy container and add it to trusted proxies automatically 'CADDY_IP_ADDRESS' => in_array('caddy', $this->aioCommunityContainers, true) ? gethostbyname('nextcloud-aio-caddy') : '', 'WHITEBOARD_ENABLED' => $this->isWhiteboardEnabled ? 'yes' : '', + 'AIO_VERSION' => $this->getAioVersion(), default => $this->GetRegisteredSecret($placeholder), }; } diff --git a/php/src/Data/DataConst.php b/php/src/Data/DataConst.php index 9111a98a..9272e3d4 100644 --- a/php/src/Data/DataConst.php +++ b/php/src/Data/DataConst.php @@ -66,4 +66,8 @@ class DataConst { public static function GetContainersDefinitionPath() : string { return (string)realpath(__DIR__ . '/../../containers.json'); } + + public static function GetAioVersionFile() : string { + return (string)realpath(__DIR__ . '/../../templates/includes/aio-version.twig'); + } } From bf43a6dae6e1a760f79ca33f800991e355c6c061 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Wed, 28 Jan 2026 16:51:36 +0100 Subject: [PATCH 398/432] Lower case method names in ConfigurationManager Signed-off-by: Pablo Zmdl --- php/public/index.php | 14 +- php/src/ContainerDefinitionFetcher.php | 2 +- .../Controller/ConfigurationController.php | 18 +-- php/src/Data/ConfigurationManager.php | 134 +++++++++--------- php/src/Docker/DockerActionManager.php | 4 +- 5 files changed, 86 insertions(+), 86 deletions(-) diff --git a/php/public/index.php b/php/public/index.php index 1ec42949..cc06bb90 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -95,10 +95,10 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'apache_port' => $configurationManager->apachePort, 'borg_backup_host_location' => $configurationManager->borgBackupHostLocation, 'borg_remote_repo' => $configurationManager->borgRemoteRepo, - 'borg_public_key' => $configurationManager->GetBorgPublicKey(), - 'nextcloud_password' => $configurationManager->GetAndGenerateSecret('NEXTCLOUD_PASSWORD'), + 'borg_public_key' => $configurationManager->getBorgPublicKey(), + 'nextcloud_password' => $configurationManager->getAndGenerateSecret('NEXTCLOUD_PASSWORD'), 'containers' => (new \AIO\ContainerDefinitionFetcher($container->get(\AIO\Data\ConfigurationManager::class), $container))->FetchDefinition(), - 'borgbackup_password' => $configurationManager->GetAndGenerateSecret('BORGBACKUP_PASSWORD'), + 'borgbackup_password' => $configurationManager->getAndGenerateSecret('BORGBACKUP_PASSWORD'), 'is_mastercontainer_update_available' => ( $bypass_mastercontainer_update ? false : $dockerActionManager->IsMastercontainerUpdateAvailable() ), 'has_backup_run_once' => $configurationManager->hasBackupRunOnce(), 'is_backup_container_running' => $dockerActionManager->isBackupContainerRunning(), @@ -107,15 +107,15 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'borg_backup_mode' => $configurationManager->backupMode, 'was_start_button_clicked' => $configurationManager->wasStartButtonClicked, 'has_update_available' => $dockerActionManager->isAnyUpdateAvailable(), - 'last_backup_time' => $configurationManager->GetLastBackupTime(), - 'backup_times' => $configurationManager->GetBackupTimes(), + 'last_backup_time' => $configurationManager->getLastBackupTime(), + 'backup_times' => $configurationManager->getBackupTimes(), 'current_channel' => $dockerActionManager->GetCurrentChannel(), 'is_clamav_enabled' => $configurationManager->isClamavEnabled, 'is_onlyoffice_enabled' => $configurationManager->isOnlyofficeEnabled, 'is_collabora_enabled' => $configurationManager->isCollaboraEnabled, 'is_talk_enabled' => $configurationManager->isTalkEnabled, 'borg_restore_password' => $configurationManager->borgRestorePassword, - 'daily_backup_time' => $configurationManager->GetDailyBackupTime(), + 'daily_backup_time' => $configurationManager->getDailyBackupTime(), 'is_daily_backup_running' => $configurationManager->isDailyBackupRunning(), 'timezone' => $configurationManager->timezone, 'skip_domain_validation' => $configurationManager->shouldDomainValidationBeSkipped($skip_domain_validation), @@ -126,7 +126,7 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'is_backup_section_enabled' => !$configurationManager->disableBackupSection, 'is_imaginary_enabled' => $configurationManager->isImaginaryEnabled, 'is_fulltextsearch_enabled' => $configurationManager->isFulltextsearchEnabled, - 'additional_backup_directories' => $configurationManager->GetAdditionalBackupDirectoriesString(), + 'additional_backup_directories' => $configurationManager->getAdditionalBackupDirectoriesString(), 'nextcloud_datadir' => $configurationManager->nextcloudDatadirMount, 'nextcloud_mount' => $configurationManager->nextcloudMount, 'nextcloud_upload_limit' => $configurationManager->nextcloudUploadLimit, diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index 831a7bc5..d2519ed7 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -246,7 +246,7 @@ readonly class ContainerDefinitionFetcher { // All secrets are registered with the configuration when they // are discovered so they can be later generated at time-of-use. foreach ($entry['secrets'] as $secret) { - $this->configurationManager->RegisterSecret($secret); + $this->configurationManager->registerSecret($secret); } } diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index 8bf193e0..bb55e10f 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -20,26 +20,26 @@ readonly class ConfigurationController { if (isset($request->getParsedBody()['domain'])) { $domain = $request->getParsedBody()['domain'] ?? ''; $skipDomainValidation = isset($request->getParsedBody()['skip_domain_validation']); - $this->configurationManager->SetDomain($domain, $skipDomainValidation); + $this->configurationManager->setDomain($domain, $skipDomainValidation); } if (isset($request->getParsedBody()['current-master-password']) || isset($request->getParsedBody()['new-master-password'])) { $currentMasterPassword = $request->getParsedBody()['current-master-password'] ?? ''; $newMasterPassword = $request->getParsedBody()['new-master-password'] ?? ''; - $this->configurationManager->ChangeMasterPassword($currentMasterPassword, $newMasterPassword); + $this->configurationManager->changeMasterPassword($currentMasterPassword, $newMasterPassword); } if (isset($request->getParsedBody()['borg_backup_host_location']) || isset($request->getParsedBody()['borg_remote_repo'])) { $location = $request->getParsedBody()['borg_backup_host_location'] ?? ''; $borgRemoteRepo = $request->getParsedBody()['borg_remote_repo'] ?? ''; - $this->configurationManager->SetBorgLocationVars($location, $borgRemoteRepo); + $this->configurationManager->setBorgLocationVars($location, $borgRemoteRepo); } if (isset($request->getParsedBody()['borg_restore_host_location']) || isset($request->getParsedBody()['borg_restore_remote_repo']) || isset($request->getParsedBody()['borg_restore_password'])) { $restoreLocation = $request->getParsedBody()['borg_restore_host_location'] ?? ''; $borgRemoteRepo = $request->getParsedBody()['borg_restore_remote_repo'] ?? ''; $borgPassword = $request->getParsedBody()['borg_restore_password'] ?? ''; - $this->configurationManager->SetBorgRestoreLocationVarsAndPassword($restoreLocation, $borgRemoteRepo, $borgPassword); + $this->configurationManager->setBorgRestoreLocationVarsAndPassword($restoreLocation, $borgRemoteRepo, $borgPassword); } if (isset($request->getParsedBody()['daily_backup_time'])) { @@ -54,16 +54,16 @@ readonly class ConfigurationController { $successNotification = false; } $dailyBackupTime = $request->getParsedBody()['daily_backup_time'] ?? ''; - $this->configurationManager->SetDailyBackupTime($dailyBackupTime, $enableAutomaticUpdates, $successNotification); + $this->configurationManager->setDailyBackupTime($dailyBackupTime, $enableAutomaticUpdates, $successNotification); } if (isset($request->getParsedBody()['delete_daily_backup_time'])) { - $this->configurationManager->DeleteDailyBackupTime(); + $this->configurationManager->deleteDailyBackupTime(); } if (isset($request->getParsedBody()['additional_backup_directories'])) { $additionalBackupDirectories = $request->getParsedBody()['additional_backup_directories'] ?? ''; - $this->configurationManager->SetAdditionalBackupDirectories($additionalBackupDirectories); + $this->configurationManager->setAdditionalBackupDirectories($additionalBackupDirectories); } if (isset($request->getParsedBody()['delete_timezone'])) { @@ -112,7 +112,7 @@ readonly class ConfigurationController { } if (isset($request->getParsedBody()['delete_collabora_dictionaries'])) { - $this->configurationManager->DeleteCollaboraDictionaries(); + $this->configurationManager->deleteCollaboraDictionaries(); } if (isset($request->getParsedBody()['collabora_dictionaries'])) { @@ -130,7 +130,7 @@ readonly class ConfigurationController { } if (isset($request->getParsedBody()['delete_borg_backup_location_vars'])) { - $this->configurationManager->DeleteBorgBackupLocationItems(); + $this->configurationManager->deleteBorgBackupLocationItems(); } return $response->withStatus(201)->withHeader('Location', '.'); diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 124e78c6..e65d5504 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -119,7 +119,7 @@ class ConfigurationManager public string $domain { get => $this->get('domain', ''); - set { $this->SetDomain($value); } + set { $this->setDomain($value); } } public string $borgBackupHostLocation { @@ -138,7 +138,7 @@ class ConfigurationManager } public string $apacheIpBinding { - get => $this->GetEnvironmentalVariableOrConfig('APACHE_IP_BINDING', 'apache_ip_binding', ''); + get => $this->getEnvironmentalVariableOrConfig('APACHE_IP_BINDING', 'apache_ip_binding', ''); set { $this->set('apache_ip_binding', $value); } } @@ -189,106 +189,106 @@ class ConfigurationManager } public string $apachePort { - get => $this->GetEnvironmentalVariableOrConfig('APACHE_PORT', 'apache_port', '443'); + get => $this->getEnvironmentalVariableOrConfig('APACHE_PORT', 'apache_port', '443'); set { $this->set('apache_port', $value); } } public string $talkPort { - get => $this->GetEnvironmentalVariableOrConfig('TALK_PORT', 'talk_port', '3478'); + get => $this->getEnvironmentalVariableOrConfig('TALK_PORT', 'talk_port', '3478'); set { $this->set('talk_port', $value); } } public string $nextcloudMount { - get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_MOUNT', 'nextcloud_mount', ''); + get => $this->getEnvironmentalVariableOrConfig('NEXTCLOUD_MOUNT', 'nextcloud_mount', ''); set { $this->set('nextcloud_mount', $value); } } public string $nextcloudDatadirMount { - get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_DATADIR', 'nextcloud_datadir', 'nextcloud_aio_nextcloud_data'); + get => $this->getEnvironmentalVariableOrConfig('NEXTCLOUD_DATADIR', 'nextcloud_datadir', 'nextcloud_aio_nextcloud_data'); set { $this->set('nextcloud_datadir_mount', $value); } } public string $nextcloudUploadLimit { - get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_UPLOAD_LIMIT', 'nextcloud_upload_limit', '16G'); + get => $this->getEnvironmentalVariableOrConfig('NEXTCLOUD_UPLOAD_LIMIT', 'nextcloud_upload_limit', '16G'); set { $this->set('nextcloud_upload_limit', $value); } } public string $nextcloudMemoryLimit { - get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_MEMORY_LIMIT', 'nextcloud_memory_limit', '512M'); + get => $this->getEnvironmentalVariableOrConfig('NEXTCLOUD_MEMORY_LIMIT', 'nextcloud_memory_limit', '512M'); set { $this->set('nextcloud_memory_limit', $value); } } - public function GetApacheMaxSize() : int { + public function getApacheMaxSize() : int { $uploadLimit = (int)rtrim($this->nextcloudUploadLimit, 'G'); return $uploadLimit * 1024 * 1024 * 1024; } public string $nextcloudMaxTime { - get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_MAX_TIME', 'nextcloud_max_time', '3600'); + get => $this->getEnvironmentalVariableOrConfig('NEXTCLOUD_MAX_TIME', 'nextcloud_max_time', '3600'); set { $this->set('nextcloud_max_time', $value); } } public string $borgRetentionPolicy { - get => $this->GetEnvironmentalVariableOrConfig('BORG_RETENTION_POLICY', 'borg_retention_policy', '--keep-within=7d --keep-weekly=4 --keep-monthly=6'); + get => $this->getEnvironmentalVariableOrConfig('BORG_RETENTION_POLICY', 'borg_retention_policy', '--keep-within=7d --keep-weekly=4 --keep-monthly=6'); set { $this->set('borg_retention_policy', $value); } } public string $fulltextsearchJavaOptions { - get => $this->GetEnvironmentalVariableOrConfig('FULLTEXTSEARCH_JAVA_OPTIONS', 'fulltextsearch_java_options', '-Xms512M -Xmx512M'); + get => $this->getEnvironmentalVariableOrConfig('FULLTEXTSEARCH_JAVA_OPTIONS', 'fulltextsearch_java_options', '-Xms512M -Xmx512M'); set { $this->set('fulltextsearch_java_options', $value); } } public string $dockerSocketPath { - get => $this->GetEnvironmentalVariableOrConfig('WATCHTOWER_DOCKER_SOCKET_PATH', 'docker_socket_path', '/var/run/docker.sock'); + get => $this->getEnvironmentalVariableOrConfig('WATCHTOWER_DOCKER_SOCKET_PATH', 'docker_socket_path', '/var/run/docker.sock'); set { $this->set('docker_socket_path', $value); } } public string $trustedCacertsDir { - get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_TRUSTED_CACERTS_DIR', 'trusted_cacerts_dir', ''); + get => $this->getEnvironmentalVariableOrConfig('NEXTCLOUD_TRUSTED_CACERTS_DIR', 'trusted_cacerts_dir', ''); set { $this->set('trusted_cacerts_dir', $value); } } public string $nextcloudAdditionalApks { - get => trim($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ADDITIONAL_APKS', 'nextcloud_additional_apks', 'imagemagick')); + get => trim($this->getEnvironmentalVariableOrConfig('NEXTCLOUD_ADDITIONAL_APKS', 'nextcloud_additional_apks', 'imagemagick')); set { $this->set('nextcloud_addtional_apks', $value); } } public string $nextcloudAdditionalPhpExtensions { - get => trim($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS', 'nextcloud_additional_php_extensions', 'imagick')); + get => trim($this->getEnvironmentalVariableOrConfig('NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS', 'nextcloud_additional_php_extensions', 'imagick')); set { $this->set('nextcloud_additional_php_extensions', $value); } } public bool $collaboraSeccompDisabled { - get => $this->booleanize($this->GetEnvironmentalVariableOrConfig('COLLABORA_SECCOMP_DISABLED', 'collabora_seccomp_disabled', '')); + get => $this->booleanize($this->getEnvironmentalVariableOrConfig('COLLABORA_SECCOMP_DISABLED', 'collabora_seccomp_disabled', '')); set { $this->set('collabora_seccomp_disabled', $value); } } public string $apacheAdditionalNetwork { - get => $this->GetEnvironmentalVariableOrConfig('APACHE_ADDITIONAL_NETWORK', 'apache_additional_network', ''); + get => $this->getEnvironmentalVariableOrConfig('APACHE_ADDITIONAL_NETWORK', 'apache_additional_network', ''); set { $this->set('apache_additional_network', $value); } } public bool $disableBackupSection { - get => $this->booleanize($this->GetEnvironmentalVariableOrConfig('AIO_DISABLE_BACKUP_SECTION', 'disable_backup_section', '')); + get => $this->booleanize($this->getEnvironmentalVariableOrConfig('AIO_DISABLE_BACKUP_SECTION', 'disable_backup_section', '')); set { $this->set('disable_backup_section', $value); } } public bool $nextcloudEnableDriDevice{ - get => $this->booleanize($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ENABLE_DRI_DEVICE', 'nextcloud_enable_dri_device', '')); + get => $this->booleanize($this->getEnvironmentalVariableOrConfig('NEXTCLOUD_ENABLE_DRI_DEVICE', 'nextcloud_enable_dri_device', '')); set { $this->set('nextcloud_enable_dri_device', $value); } } public bool $enableNvidiaGpu { - get => $this->booleanize($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_ENABLE_NVIDIA_GPU', 'enable_nvidia_gpu', '')); + get => $this->booleanize($this->getEnvironmentalVariableOrConfig('NEXTCLOUD_ENABLE_NVIDIA_GPU', 'enable_nvidia_gpu', '')); set { $this->set('enable_nvidia_gpu', $value); } } public bool $nextcloudKeepDisabledApps { - get => $this->booleanize($this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_KEEP_DISABLED_APPS', 'nextcloud_keep_disabled_apps', '')); + get => $this->booleanize($this->getEnvironmentalVariableOrConfig('NEXTCLOUD_KEEP_DISABLED_APPS', 'nextcloud_keep_disabled_apps', '')); set { $this->set('nextcloud_keep_disabled_apps', $value); } } - private function GetConfig() : array + private function getConfig() : array { if ($this->config === [] && file_exists(DataConst::GetConfigFile())) { @@ -300,15 +300,15 @@ class ConfigurationManager } private function get(string $key, mixed $fallbackValue = null) : mixed { - return $this->GetConfig()[$key] ?? $fallbackValue; + return $this->getConfig()[$key] ?? $fallbackValue; } private function set(string $key, mixed $value) : void { - $this->GetConfig(); + $this->getConfig(); $this->config[$key] = $value; // Only write if this isn't called in between startTransaction() and commitTransaction(). if ($this->noWrite !== true) { - $this->WriteConfig(); + $this->writeConfig(); } } @@ -317,7 +317,7 @@ class ConfigurationManager * followed by a call to commitTransaction(), which then writes all changes to disk. */ public function startTransaction() : void { - $this->GetConfig(); + $this->getConfig(); $this->noWrite = true; } @@ -326,13 +326,13 @@ class ConfigurationManager */ public function commitTransaction() : void { try { - $this->WriteConfig(); + $this->writeConfig(); } finally { $this->noWrite = false; } } - public function GetAndGenerateSecret(string $secretId) : string { + public function getAndGenerateSecret(string $secretId) : string { if ($secretId === '') { return ''; } @@ -344,24 +344,24 @@ class ConfigurationManager } if ($secretId === 'BORGBACKUP_PASSWORD' && !file_exists(DataConst::GetBackupSecretFile())) { - $this->DoubleSafeBackupSecret($secrets[$secretId]); + $this->doubleSafeBackupSecret($secrets[$secretId]); } return $secrets[$secretId]; } - public function GetRegisteredSecret(string $secretId) : string { + public function getRegisteredSecret(string $secretId) : string { if ($this->secrets[$secretId]) { - return $this->GetAndGenerateSecret($secretId); + return $this->getAndGenerateSecret($secretId); } throw new \Exception("The secret " . $secretId . " was not registered. Please check if it is defined in secrets of containers.json."); } - public function RegisterSecret(string $secretId) : void { + public function registerSecret(string $secretId) : void { $this->secrets[$secretId] = true; } - private function DoubleSafeBackupSecret(string $borgBackupPassword) : void { + private function doubleSafeBackupSecret(string $borgBackupPassword) : void { file_put_contents(DataConst::GetBackupSecretFile(), $borgBackupPassword); } @@ -373,7 +373,7 @@ class ConfigurationManager } } - public function GetLastBackupTime() : string { + public function getLastBackupTime() : string { if (!file_exists(DataConst::GetBackupArchivesList())) { return ''; } @@ -398,7 +398,7 @@ class ConfigurationManager return $lastBackupTime; } - public function GetBackupTimes() : array { + public function getBackupTimes() : array { if (!file_exists(DataConst::GetBackupArchivesList())) { return []; } @@ -441,7 +441,7 @@ class ConfigurationManager * * We can't turn this into a private validation method because of the second argument. */ - public function SetDomain(string $domain, bool $skipDomainValidation) : void { + public function setDomain(string $domain, bool $skipDomainValidation) : void { // Validate that at least one dot is contained if (!str_contains($domain, '.')) { throw new InvalidSettingConfigurationException("Domain must contain at least one dot!"); @@ -508,7 +508,7 @@ class ConfigurationManager } // Get Instance ID - $instanceID = $this->GetAndGenerateSecret('INSTANCE_ID'); + $instanceID = $this->getAndGenerateSecret('INSTANCE_ID'); // set protocol if ($port !== '443') { @@ -555,7 +555,7 @@ class ConfigurationManager $this->commitTransaction(); } - public function GetBaseDN() : string { + public function getBaseDN() : string { $domain = $this->domain; if ($domain === "") { return ""; @@ -566,15 +566,15 @@ class ConfigurationManager /** * @throws InvalidSettingConfigurationException */ - public function SetBorgLocationVars(string $location, string $repo) : void { - $this->ValidateBorgLocationVars($location, $repo); + public function setBorgLocationVars(string $location, string $repo) : void { + $this->validateBorgLocationVars($location, $repo); $this->startTransaction(); $this->borgBackupHostLocation = $location; $this->borgRemoteRepo = $repo; $this->commitTransaction(); } - private function ValidateBorgLocationVars(string $location, string $repo) : void { + private function validateBorgLocationVars(string $location, string $repo) : void { if ($location === '' && $repo === '') { throw new InvalidSettingConfigurationException("Please enter a path or a remote repo url!"); } elseif ($location !== '' && $repo !== '') { @@ -600,11 +600,11 @@ class ConfigurationManager } } else { - $this->ValidateBorgRemoteRepo($repo); + $this->validateBorgRemoteRepo($repo); } } - private function ValidateBorgRemoteRepo(string $repo) : void { + private function validateBorgRemoteRepo(string $repo) : void { $commonMsg = "For valid urls, see the remote examples at https://borgbackup.readthedocs.io/en/stable/usage/general.html#repository-urls"; if ($repo === "") { // Ok, remote repo is optional @@ -615,7 +615,7 @@ class ConfigurationManager } } - public function DeleteBorgBackupLocationItems() : void { + public function deleteBorgBackupLocationItems() : void { // Delete the variables $this->startTransaction(); $this->borgBackupHostLocation = ''; @@ -633,8 +633,8 @@ class ConfigurationManager /** * @throws InvalidSettingConfigurationException */ - public function SetBorgRestoreLocationVarsAndPassword(string $location, string $repo, string $password) : void { - $this->ValidateBorgLocationVars($location, $repo); + public function setBorgRestoreLocationVarsAndPassword(string $location, string $repo, string $password) : void { + $this->validateBorgLocationVars($location, $repo); if ($password === '') { throw new InvalidSettingConfigurationException("Please enter the password!"); @@ -651,7 +651,7 @@ class ConfigurationManager /** * @throws InvalidSettingConfigurationException */ - public function ChangeMasterPassword(string $currentPassword, string $newPassword) : void { + public function changeMasterPassword(string $currentPassword, string $newPassword) : void { if ($currentPassword === '') { throw new InvalidSettingConfigurationException("Please enter your current password."); } @@ -679,7 +679,7 @@ class ConfigurationManager /** * @throws InvalidSettingConfigurationException */ - private function WriteConfig() : void { + private function writeConfig() : void { if(!is_dir(DataConst::GetDataDirectory())) { throw new InvalidSettingConfigurationException(DataConst::GetDataDirectory() . " does not exist! Something was set up falsely!"); } @@ -697,7 +697,7 @@ class ConfigurationManager $this->config = []; } - private function GetEnvironmentalVariableOrConfig(string $envVariableName, string $configName, string $defaultValue) : string { + private function getEnvironmentalVariableOrConfig(string $envVariableName, string $configName, string $defaultValue) : string { $envVariableOutput = getenv($envVariableName); $configValue = $this->get($configName, ''); if ($envVariableOutput === false) { @@ -716,7 +716,7 @@ class ConfigurationManager return $envVariableOutput; } - public function GetBorgPublicKey() : string { + public function getBorgPublicKey() : string { if (!file_exists(DataConst::GetBackupPublicKey())) { return ""; } @@ -724,7 +724,7 @@ class ConfigurationManager return trim((string)file_get_contents(DataConst::GetBackupPublicKey())); } - public function GetCollaboraSeccompPolicy() : string { + public function getCollaboraSeccompPolicy() : string { $defaultString = '--o:security.seccomp='; if (!$this->collaboraSeccompDisabled) { return $defaultString . 'true'; @@ -735,7 +735,7 @@ class ConfigurationManager /** * @throws InvalidSettingConfigurationException */ - public function SetDailyBackupTime(string $time, bool $enableAutomaticUpdates, bool $successNotification) : void { + public function setDailyBackupTime(string $time, bool $enableAutomaticUpdates, bool $successNotification) : void { if ($time === "") { throw new InvalidSettingConfigurationException("The daily backup time must not be empty!"); } @@ -757,7 +757,7 @@ class ConfigurationManager file_put_contents(DataConst::GetDailyBackupTimeFile(), $time); } - public function GetDailyBackupTime() : string { + public function getDailyBackupTime() : string { if (!file_exists(DataConst::GetDailyBackupTimeFile())) { return ''; } @@ -779,7 +779,7 @@ class ConfigurationManager } } - public function DeleteDailyBackupTime() : void { + public function deleteDailyBackupTime() : void { if (file_exists(DataConst::GetDailyBackupTimeFile())) { unlink(DataConst::GetDailyBackupTimeFile()); } @@ -788,7 +788,7 @@ class ConfigurationManager /** * @throws InvalidSettingConfigurationException */ - public function SetAdditionalBackupDirectories(string $additionalBackupDirectories) : void { + public function setAdditionalBackupDirectories(string $additionalBackupDirectories) : void { $additionalBackupDirectoriesArray = explode("\n", $additionalBackupDirectories); $validDirectories = ''; foreach($additionalBackupDirectoriesArray as $entry) { @@ -809,15 +809,15 @@ class ConfigurationManager } } - public function GetAdditionalBackupDirectoriesString() : string { + public function getAdditionalBackupDirectoriesString() : string { if (!file_exists(DataConst::GetAdditionalBackupDirectoriesFile())) { return ''; } return (string)file_get_contents(DataConst::GetAdditionalBackupDirectoriesFile()); } - public function GetAdditionalBackupDirectoriesArray() : array { - $additionalBackupDirectories = $this->GetAdditionalBackupDirectoriesString(); + public function getAdditionalBackupDirectoriesArray() : array { + $additionalBackupDirectories = $this->getAdditionalBackupDirectoriesString(); $additionalBackupDirectoriesArray = explode("\n", $additionalBackupDirectories); $additionalBackupDirectoriesArray = array_unique($additionalBackupDirectoriesArray, SORT_REGULAR); return $additionalBackupDirectoriesArray; @@ -854,7 +854,7 @@ class ConfigurationManager return false; } - public function GetNextcloudStartupApps() : string { + public function getNextcloudStartupApps() : string { $apps = getenv('NEXTCLOUD_STARTUP_APPS'); if (is_string($apps)) { return trim($apps); @@ -878,7 +878,7 @@ class ConfigurationManager /** * Provide an extra method since the corresponding attribute setter prevents setting an empty value. */ - public function DeleteCollaboraDictionaries() : void { + public function deleteCollaboraDictionaries() : void { $this->set('collabora_dictionaries', ''); } @@ -1007,7 +1007,7 @@ class ConfigurationManager private function getPlaceholderValue(string $placeholder) : string { return match ($placeholder) { 'NC_DOMAIN' => $this->domain, - 'NC_BASE_DN' => $this->GetBaseDN(), + 'NC_BASE_DN' => $this->getBaseDN(), 'AIO_TOKEN' => $this->aioToken, 'BORGBACKUP_REMOTE_REPO' => $this->borgRemoteRepo, 'BORGBACKUP_MODE' => $this->backupMode, @@ -1037,11 +1037,11 @@ class ConfigurationManager 'BORG_RETENTION_POLICY' => $this->borgRetentionPolicy, 'FULLTEXTSEARCH_JAVA_OPTIONS' => $this->fulltextsearchJavaOptions, 'NEXTCLOUD_TRUSTED_CACERTS_DIR' => $this->trustedCacertsDir, - 'ADDITIONAL_DIRECTORIES_BACKUP' => $this->GetAdditionalBackupDirectoriesString() !== '' ? 'yes' : '', + 'ADDITIONAL_DIRECTORIES_BACKUP' => $this->getAdditionalBackupDirectoriesString() !== '' ? 'yes' : '', 'BORGBACKUP_HOST_LOCATION' => $this->borgBackupHostLocation, - 'APACHE_MAX_SIZE' => (string)($this->GetApacheMaxSize()), - 'COLLABORA_SECCOMP_POLICY' => $this->GetCollaboraSeccompPolicy(), - 'NEXTCLOUD_STARTUP_APPS' => $this->GetNextcloudStartupApps(), + 'APACHE_MAX_SIZE' => (string)($this->getApacheMaxSize()), + 'COLLABORA_SECCOMP_POLICY' => $this->getCollaboraSeccompPolicy(), + 'NEXTCLOUD_STARTUP_APPS' => $this->getNextcloudStartupApps(), 'NEXTCLOUD_ADDITIONAL_APKS' => $this->nextcloudAdditionalApks, 'NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS' => $this->nextcloudAdditionalPhpExtensions, 'INSTALL_LATEST_MAJOR' => $this->installLatestMajor ? 'yes' : '', @@ -1052,7 +1052,7 @@ class ConfigurationManager 'CADDY_IP_ADDRESS' => in_array('caddy', $this->aioCommunityContainers, true) ? gethostbyname('nextcloud-aio-caddy') : '', 'WHITEBOARD_ENABLED' => $this->isWhiteboardEnabled ? 'yes' : '', 'AIO_VERSION' => $this->getAioVersion(), - default => $this->GetRegisteredSecret($placeholder), + default => $this->getRegisteredSecret($placeholder), }; } diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index db48dc2c..6fea395f 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -383,7 +383,7 @@ readonly class DockerActionManager { // Make volumes read only in case of borgbackup container. The viewer makes them writeable $isReadOnly = $container->identifier === 'nextcloud-aio-borgbackup'; - foreach ($this->configurationManager->GetAdditionalBackupDirectoriesArray() as $additionalBackupDirectories) { + foreach ($this->configurationManager->getAdditionalBackupDirectoriesArray() as $additionalBackupDirectories) { if ($additionalBackupDirectories !== '') { if (!str_starts_with($additionalBackupDirectories, '/')) { $mounts[] = ["Type" => "volume", "Source" => $additionalBackupDirectories, "Target" => "/docker_volumes/" . $additionalBackupDirectories, "ReadOnly" => $isReadOnly]; @@ -940,7 +940,7 @@ readonly class DockerActionManager { } public function GetAndGenerateSecretWrapper(string $secretId): string { - return $this->configurationManager->GetAndGenerateSecret($secretId); + return $this->configurationManager->getAndGenerateSecret($secretId); } public function isNextcloudImageOutdated(): bool { From caac0443b3c2639761336d2e9cb639b3a6600d25 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 29 Jan 2026 04:07:36 +0000 Subject: [PATCH 399/432] build(deps): bump alpine from 3.23.2 to 3.23.3 in /Containers/alpine Bumps alpine from 3.23.2 to 3.23.3. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/alpine/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/alpine/Dockerfile b/Containers/alpine/Dockerfile index 718c5510..1098b4c4 100644 --- a/Containers/alpine/Dockerfile +++ b/Containers/alpine/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM alpine:3.23.2 +FROM alpine:3.23.3 RUN set -ex; \ apk upgrade --no-cache -a From 120c9ba9274649e141eea4c5e39c04b8bd2cd804 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 29 Jan 2026 04:07:42 +0000 Subject: [PATCH 400/432] build(deps): bump alpine from 3.23.2 to 3.23.3 in /Containers/borgbackup Bumps alpine from 3.23.2 to 3.23.3. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/borgbackup/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/borgbackup/Dockerfile b/Containers/borgbackup/Dockerfile index 97d6198b..6e3180cb 100644 --- a/Containers/borgbackup/Dockerfile +++ b/Containers/borgbackup/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM alpine:3.23.2 +FROM alpine:3.23.3 RUN set -ex; \ \ From da70dafa3d96799bbcef956d5bfda5a88e02298e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 29 Jan 2026 04:07:45 +0000 Subject: [PATCH 401/432] build(deps): bump alpine from 3.23.2 to 3.23.3 in /Containers/clamav Bumps alpine from 3.23.2 to 3.23.3. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/clamav/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/clamav/Dockerfile b/Containers/clamav/Dockerfile index e81fb06e..6910ae1c 100644 --- a/Containers/clamav/Dockerfile +++ b/Containers/clamav/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM alpine:3.23.2 +FROM alpine:3.23.3 RUN set -ex; \ apk upgrade --no-cache -a; \ From b3a4eda249f570ef1c7318615f46b11c5f05ab10 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 29 Jan 2026 04:07:46 +0000 Subject: [PATCH 402/432] build(deps): bump collabora/code in /Containers/collabora Bumps collabora/code from 25.04.8.1.1 to 25.04.8.2.1. --- updated-dependencies: - dependency-name: collabora/code dependency-version: 25.04.8.2.1 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Containers/collabora/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/collabora/Dockerfile b/Containers/collabora/Dockerfile index 976360cb..d1693da0 100644 --- a/Containers/collabora/Dockerfile +++ b/Containers/collabora/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # From a file located probably somewhere here: https://github.com/CollaboraOnline/online/blob/master/docker/from-packages/Dockerfile -FROM collabora/code:25.04.8.1.1 +FROM collabora/code:25.04.8.2.1 USER root ARG DEBIAN_FRONTEND=noninteractive From abdcc9f551c30ae01366c6757a9a0d5550607a03 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 29 Jan 2026 04:07:52 +0000 Subject: [PATCH 403/432] build(deps): bump alpine in /Containers/domaincheck Bumps alpine from 3.23.2 to 3.23.3. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/domaincheck/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/domaincheck/Dockerfile b/Containers/domaincheck/Dockerfile index 8122f315..374aba4a 100644 --- a/Containers/domaincheck/Dockerfile +++ b/Containers/domaincheck/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM alpine:3.23.2 +FROM alpine:3.23.3 RUN set -ex; \ apk upgrade --no-cache -a; \ apk add --no-cache bash lighttpd netcat-openbsd; \ From 8e48e92ebcfbdd0a88f1fda6d8680cb694c99dda Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 29 Jan 2026 04:07:58 +0000 Subject: [PATCH 404/432] build(deps): bump alpine from 3.23.2 to 3.23.3 in /Containers/imaginary Bumps alpine from 3.23.2 to 3.23.3. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/imaginary/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/imaginary/Dockerfile b/Containers/imaginary/Dockerfile index 650c4c67..b108ac18 100644 --- a/Containers/imaginary/Dockerfile +++ b/Containers/imaginary/Dockerfile @@ -14,7 +14,7 @@ RUN set -ex; \ build-base; \ go install github.com/h2non/imaginary@"$IMAGINARY_HASH"; -FROM alpine:3.23.2 +FROM alpine:3.23.3 RUN set -ex; \ apk upgrade --no-cache -a; \ apk add --no-cache \ From d6f1bdd8d39b3d00d2a0bad2a29d7aed67daf0fd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 29 Jan 2026 04:08:35 +0000 Subject: [PATCH 405/432] build(deps): bump alpine in /Containers/notify-push Bumps alpine from 3.23.2 to 3.23.3. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/notify-push/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/notify-push/Dockerfile b/Containers/notify-push/Dockerfile index 425115c4..838c847c 100644 --- a/Containers/notify-push/Dockerfile +++ b/Containers/notify-push/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM alpine:3.23.2 +FROM alpine:3.23.3 COPY --chmod=775 start.sh /start.sh COPY --chmod=775 healthcheck.sh /healthcheck.sh From 3ba704b233f89ba00099e2d5db11b31a5a737c5c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 29 Jan 2026 04:08:41 +0000 Subject: [PATCH 406/432] build(deps): bump alpine from 3.23.2 to 3.23.3 in /Containers/talk Bumps alpine from 3.23.2 to 3.23.3. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/talk/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Containers/talk/Dockerfile b/Containers/talk/Dockerfile index fc8cc54a..e8d3d72f 100644 --- a/Containers/talk/Dockerfile +++ b/Containers/talk/Dockerfile @@ -2,7 +2,7 @@ FROM nats:2.12.4-scratch AS nats FROM eturnal/eturnal:1.12.2-alpine AS eturnal FROM strukturag/nextcloud-spreed-signaling:2.0.4 AS signaling -FROM alpine:3.23.2 AS janus +FROM alpine:3.23.3 AS janus ARG JANUS_VERSION=v1.3.3 WORKDIR /src @@ -35,7 +35,7 @@ RUN set -ex; \ make configs; \ rename -v ".jcfg.sample" ".jcfg" /usr/local/etc/janus/*.jcfg.sample -FROM alpine:3.23.2 +FROM alpine:3.23.3 ENV ETURNAL_ETC_DIR="/conf" ENV SKIP_CERT_VERIFY=false COPY --from=janus --chmod=777 --chown=1000:1000 /usr/local /usr/local From a72b79f63bad3f1c3613692b728d2ba74128e46b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 29 Jan 2026 04:08:55 +0000 Subject: [PATCH 407/432] build(deps): bump alpine from 3.23.2 to 3.23.3 in /Containers/watchtower Bumps alpine from 3.23.2 to 3.23.3. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/watchtower/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/watchtower/Dockerfile b/Containers/watchtower/Dockerfile index 83bccc07..fc9ea093 100644 --- a/Containers/watchtower/Dockerfile +++ b/Containers/watchtower/Dockerfile @@ -9,7 +9,7 @@ RUN set -ex; \ build-base; \ go install github.com/nicholas-fedor/watchtower@$WATCHTOWER_COMMIT_HASH # v1.14.0 -FROM alpine:3.23.2 +FROM alpine:3.23.3 RUN set -ex; \ apk upgrade --no-cache -a; \ From 7de7ee1244bd19107da284ce0427bc0415d1b58a Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Thu, 29 Jan 2026 09:47:21 +0100 Subject: [PATCH 408/432] apply suggestion Signed-off-by: Simon L. --- .github/pull_request_template.md | 19 +------------------ 1 file changed, 1 insertion(+), 18 deletions(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 7958ceab..0350cecc 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -5,21 +5,4 @@ --> * Resolves: # - -## Summary - - -## TODO - -- [ ] ... - -## Checklist - -- Code is [properly formatted](https://docs.nextcloud.com/server/latest/developer_manual/digging_deeper/continuous_integration.html#linting) -- [Sign-off message](https://github.com/src-d/guide/blob/master/developer-community/fix-DCO.md) is added to all commits -- [ ] Tests ([unit](https://docs.nextcloud.com/server/latest/developer_manual/app_development/tutorial.html#unit-tests), [integration](https://docs.nextcloud.com/server/latest/developer_manual/app_development/tutorial.html#integration-tests), api and/or acceptance) are included -- [ ] Screenshots before/after for front-end changes -- [ ] Documentation ([manuals](https://github.com/nextcloud/documentation/) or wiki) has been updated or is not required -- [ ] [Backports requested](https://github.com/nextcloud/backportbot/#usage) where applicable (ex: critical bugfixes) -- [ ] [Labels added](https://github.com/nextcloud/server/labels) where applicable (ex: bug/enhancement, `3. to review`, feature component) -- [ ] [Milestone added](https://github.com/nextcloud/server/milestones) for target branch/version (ex: 32.x for `stable32`) +* [Sign-off message](https://github.com/src-d/guide/blob/master/developer-community/fix-DCO.md) is added to all commits From b47e89468157cba66f2c1d3f78a344bf38abc199 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Thu, 29 Jan 2026 09:54:34 +0100 Subject: [PATCH 409/432] increase timeout for backup restore Signed-off-by: Simon L. --- php/tests/tests/restore-instance.spec.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/tests/tests/restore-instance.spec.js b/php/tests/tests/restore-instance.spec.js index e93cf340..696a4376 100644 --- a/php/tests/tests/restore-instance.spec.js +++ b/php/tests/tests/restore-instance.spec.js @@ -74,7 +74,7 @@ test('Restore instance', async ({ page: setupPage }) => { dialog.accept() }); await containersPage.getByRole('button', { name: 'Start and update containers' }).click(); - await expect(containersPage.getByRole('link', { name: 'Open your Nextcloud ↗' })).toBeVisible({ timeout: 5 * 60 * 1000 }); + await expect(containersPage.getByRole('link', { name: 'Open your Nextcloud ↗' })).toBeVisible({ timeout: 8 * 60 * 1000 }); await expect(containersPage.getByRole('main')).toContainText(initialNextcloudPassword); // Verify that containers are all stopped From ff3fb24fa772f02825351af5adda03364c77195b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 29 Jan 2026 12:10:04 +0000 Subject: [PATCH 410/432] build(deps): bump peter-evans/create-pull-request in /.github/workflows Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.11 to 8.1.0. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/22a9089034f40e5a961c8808d113e2c98fb63676...c0f553fe549906ede9cf27b5156039d195d2ece0) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-version: 8.1.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/collabora.yml | 2 +- .github/workflows/dependency-updates.yml | 2 +- .github/workflows/imaginary-update.yml | 2 +- .github/workflows/nextcloud-update.yml | 2 +- .github/workflows/psalm-update-baseline.yml | 2 +- .github/workflows/talk.yml | 2 +- .github/workflows/update-helm.yml | 2 +- .github/workflows/update-yaml.yml | 2 +- .github/workflows/watchtower-update.yml | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/collabora.yml b/.github/workflows/collabora.yml index 81ea8ff1..a61067f3 100644 --- a/.github/workflows/collabora.yml +++ b/.github/workflows/collabora.yml @@ -18,7 +18,7 @@ jobs: mv cool-seccomp-profile.json php/ - name: Create Pull Request - uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 + uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v7 with: commit-message: collabora-seccomp-update automated change signoff: true diff --git a/.github/workflows/dependency-updates.yml b/.github/workflows/dependency-updates.yml index 7bdc5d1a..3805a0d0 100644 --- a/.github/workflows/dependency-updates.yml +++ b/.github/workflows/dependency-updates.yml @@ -44,7 +44,7 @@ jobs: )" sed -i "s|pecl install APCu.*\;|pecl install APCu-$apcu_version\;|" ./Containers/mastercontainer/Dockerfile - name: Create Pull Request - uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 + uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v7 with: commit-message: php dependency updates signoff: true diff --git a/.github/workflows/imaginary-update.yml b/.github/workflows/imaginary-update.yml index 171fb132..05050a20 100644 --- a/.github/workflows/imaginary-update.yml +++ b/.github/workflows/imaginary-update.yml @@ -22,7 +22,7 @@ jobs: sed -i "s|^ENV IMAGINARY_HASH.*$|ENV IMAGINARY_HASH=$imaginary_version|" ./Containers/imaginary/Dockerfile - name: Create Pull Request - uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 + uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v7 with: commit-message: imaginary-update automated change signoff: true diff --git a/.github/workflows/nextcloud-update.yml b/.github/workflows/nextcloud-update.yml index 5b420c20..b2475290 100644 --- a/.github/workflows/nextcloud-update.yml +++ b/.github/workflows/nextcloud-update.yml @@ -79,7 +79,7 @@ jobs: fi - name: Create Pull Request - uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 + uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v7 with: commit-message: nextcloud-update automated change signoff: true diff --git a/.github/workflows/psalm-update-baseline.yml b/.github/workflows/psalm-update-baseline.yml index 0c2f8aee..bcbb12c3 100644 --- a/.github/workflows/psalm-update-baseline.yml +++ b/.github/workflows/psalm-update-baseline.yml @@ -30,7 +30,7 @@ jobs: continue-on-error: true - name: Create Pull Request - uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 + uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v7 with: token: ${{ secrets.COMMAND_BOT_PAT }} commit-message: Update psalm baseline diff --git a/.github/workflows/talk.yml b/.github/workflows/talk.yml index 28f9fef7..b19e1cb5 100644 --- a/.github/workflows/talk.yml +++ b/.github/workflows/talk.yml @@ -45,7 +45,7 @@ jobs: sed -i "s|^ARG JANUS_VERSION=.*$|ARG JANUS_VERSION=$janus_version|" ./Containers/talk/Dockerfile - name: Create Pull Request - uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 + uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v7 with: commit-message: talk-update automated change signoff: true diff --git a/.github/workflows/update-helm.yml b/.github/workflows/update-helm.yml index 2dcd2e73..92cbb978 100644 --- a/.github/workflows/update-helm.yml +++ b/.github/workflows/update-helm.yml @@ -23,7 +23,7 @@ jobs: sudo bash nextcloud-aio-helm-chart/update-helm.sh "$DOCKER_TAG" fi - name: Create Pull Request - uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 + uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v7 with: commit-message: Helm Chart updates signoff: true diff --git a/.github/workflows/update-yaml.yml b/.github/workflows/update-yaml.yml index a60ea1c6..6e150261 100644 --- a/.github/workflows/update-yaml.yml +++ b/.github/workflows/update-yaml.yml @@ -16,7 +16,7 @@ jobs: run: | sudo bash manual-install/update-yaml.sh - name: Create Pull Request - uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 + uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v7 with: commit-message: Yaml updates signoff: true diff --git a/.github/workflows/watchtower-update.yml b/.github/workflows/watchtower-update.yml index c04657be..ecd82a69 100644 --- a/.github/workflows/watchtower-update.yml +++ b/.github/workflows/watchtower-update.yml @@ -26,7 +26,7 @@ jobs: sed -i "s|\$WATCHTOWER_COMMIT_HASH.*$|\$WATCHTOWER_COMMIT_HASH # $watchtower_version|" ./Containers/watchtower/Dockerfile - name: Create Pull Request - uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 + uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v7 with: commit-message: watchtower-update automated change signoff: true From c64ecba63c3ce3e5b07b1ffb566b5a9a5811ac6b Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 28 Jan 2026 18:46:01 +0100 Subject: [PATCH 411/432] Update GPG key import method in entrypoint.sh Signed-off-by: Simon L. --- Containers/nextcloud/entrypoint.sh | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/Containers/nextcloud/entrypoint.sh b/Containers/nextcloud/entrypoint.sh index 5f47a0f4..d4b4f253 100644 --- a/Containers/nextcloud/entrypoint.sh +++ b/Containers/nextcloud/entrypoint.sh @@ -182,8 +182,11 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/latest-${NEXT_MAJOR}.tar.bz2.asc" GNUPGHOME="$(mktemp -d)" export GNUPGHOME - # gpg key from https://nextcloud.com/nextcloud.asc - gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A + if ! gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; then + if ! gpg --batch --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 28806A878AE423A28372792ED75899B9A724937A; then + curl -sSL https://nextcloud.com/nextcloud.asc | gpg --import + fi + fi gpg --batch --verify nextcloud.tar.bz2.asc nextcloud.tar.bz2 mkdir -p /usr/src/tmp tar -xjf nextcloud.tar.bz2 -C /usr/src/tmp/ From a5efaafef20f1b60116021489db566807a7deb71 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Thu, 29 Jan 2026 13:54:31 +0100 Subject: [PATCH 412/432] update-yaml.sh: remove the `NC_AIO_VERSION` Signed-off-by: Simon L. --- manual-install/update-yaml.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/manual-install/update-yaml.sh b/manual-install/update-yaml.sh index af746aee..928275da 100644 --- a/manual-install/update-yaml.sh +++ b/manual-install/update-yaml.sh @@ -47,6 +47,7 @@ sed -i '/AIO_URL/d' containers.yml sed -i '/DOCKER_SOCKET_PROXY_ENABLED/d' containers.yml sed -i '/ADDITIONAL_TRUSTED_PROXY/d' containers.yml sed -i '/TURN_DOMAIN/d' containers.yml +sed -i '/NC_AIO_VERSION/d' containers.yml TCP="$(grep -oP '[%A-Z0-9_]+/tcp' containers.yml | sort -u)" mapfile -t TCP <<< "$TCP" From ffd8dac1b4e95c05e7c0c27d66653576d0ffeb6e Mon Sep 17 00:00:00 2001 From: MrAn0nym <63542658+MrAn0nym@users.noreply.github.com> Date: Thu, 29 Jan 2026 14:29:15 +0100 Subject: [PATCH 413/432] Fix: Additional Collabora options not working correctly (#7481) Signed-off-by: MrAn0nym <63542658+MrAn0nym@users.noreply.github.com> Signed-off-by: Simon L. Co-authored-by: Simon L. Co-authored-by: Pablo Zmdl <57864086+pabzm@users.noreply.github.com> --- php/src/Docker/DockerActionManager.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 6fea395f..a8891c3c 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -420,7 +420,13 @@ readonly class DockerActionManager { // Additional Collabora options if ($this->configurationManager->collaboraAdditionalOptions !== '') { - $requestBody['Cmd'] = [$this->configurationManager->collaboraAdditionalOptions]; + // Split the list of Collabora options, which are stored as a string but must be assigned as an array. + // To avoid problems with whitespace or dashes in option arguments we use a regular expression + // that splits the string at every position where a whitespace is followed by '--o:'. + // The leading whitespace is removed in the split but the following characters are not. + // Example: "--o:example_config1='some thing' --o:example_config2=something-else" -> ["--o:example_config1='some thing'", "--o:example_config2=something-else"] + $regEx = '/\s+(?=--o:)/'; + $requestBody['Cmd'] = preg_split($regEx, rtrim($this->configurationManager->collaboraAdditionalOptions)); } } From ec6850be6371249654f5834bfe85182d0450b2f7 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Thu, 29 Jan 2026 15:04:23 +0100 Subject: [PATCH 414/432] aio-interface: rename Collabora everywhere to Nextcloud Office Signed-off-by: Simon L. --- .../includes/optional-containers.twig | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/php/templates/includes/optional-containers.twig b/php/templates/includes/optional-containers.twig index dcf59bfb..68c8689d 100644 --- a/php/templates/includes/optional-containers.twig +++ b/php/templates/includes/optional-containers.twig @@ -228,10 +228,10 @@ {% endif %} {% if is_collabora_enabled == true and isAnyRunning == false and was_start_button_clicked == true %} -

    Collabora dictionaries

    +

    Nextcloud Office dictionaries

    {% if collabora_dictionaries == "" %} -

    In order to get the correct dictionaries in Collabora, you may configure the dictionaries below:

    +

    In order to get the correct dictionaries in Nextcloud Office, you may configure the dictionaries below:

    @@ -240,34 +240,34 @@

    You need to make sure that the dictionaries that you enter are valid. An example is de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru.

    {% else %} -

    The dictionaries for Collabora are currently set to {{ collabora_dictionaries }}. You can reset them again by clicking on the button below.

    +

    The dictionaries for Nextcloud Office are currently set to {{ collabora_dictionaries }}. You can reset them again by clicking on the button below.

    - +
    {% endif %} -

    Additional Collabora options

    +

    Additional Nextcloud Office options

    {% if collabora_additional_options == "" %} -

    You can configure additional options for collabora below.

    +

    You can configure additional options for Nextcloud Office below.

    (This can be used for configuring the net.content_security_policy and more. Make sure to submit the value!)

    - +

    You need to make sure that the options that you enter are valid. An example is --o:net.content_security_policy=frame-ancestors *.example.com:*;.

    {% else %} -

    The additioinal options for Collabora are currently set to {{ collabora_additional_options }}. You can reset them again by clicking on the button below.

    +

    The additioinal options for Nextcloud Office are currently set to {{ collabora_additional_options }}. You can reset them again by clicking on the button below.

    - +
    {% endif %} {% endif %} From 12b065f9b629fc094a80125ec3263594d7343cd5 Mon Sep 17 00:00:00 2001 From: Jean-Yves <7360784+docjyJ@users.noreply.github.com> Date: Thu, 29 Jan 2026 16:11:04 +0100 Subject: [PATCH 415/432] Adjust local-ai community container to add Vulkan support (#5797) Signed-off-by: Jean-Yves <7360784+docjyJ@users.noreply.github.com> Co-authored-by: Simon L. --- community-containers/caddy/readme.md | 3 +- community-containers/local-ai/local-ai.json | 49 ++++++++++++++------- community-containers/local-ai/readme.md | 19 +++----- 3 files changed, 42 insertions(+), 29 deletions(-) diff --git a/community-containers/caddy/readme.md b/community-containers/caddy/readme.md index 803bbec2..fd2f30ef 100644 --- a/community-containers/caddy/readme.md +++ b/community-containers/caddy/readme.md @@ -1,5 +1,5 @@ ## Caddy with geoblocking -This container bundles caddy and auto-configures it for you. It also covers [vaultwarden](https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden) by listening on `bw.$NC_DOMAIN`, if installed. It also covers [stalwart](https://github.com/nextcloud/all-in-one/tree/main/community-containers/stalwart) by listening on `mail.$NC_DOMAIN`, if installed. It also covers [jellyfin](https://github.com/nextcloud/all-in-one/tree/main/community-containers/jellyfin) by listening on `media.$NC_DOMAIN`, if installed. It also covers [lldap](https://github.com/nextcloud/all-in-one/tree/main/community-containers/lldap) by listening on `ldap.$NC_DOMAIN`, if installed. It also covers [nocodb](https://github.com/nextcloud/all-in-one/tree/main/community-containers/nocodb) by listening on `tables.$NC_DOMAIN`, if installed. It also covers [jellyseerr](https://github.com/nextcloud/all-in-one/tree/main/community-containers/jellyseerr) by listening on `requests.$NC_DOMAIN`, if installed. It also covers [nextcloud-exporter](https://github.com/nextcloud/all-in-one/tree/main/community-containers/nextcloud-exporter) by listening on `metrics.$NC_DOMAIN`, if installed. +This container bundles caddy and auto-configures it for you. It also covers [vaultwarden](https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden) by listening on `bw.$NC_DOMAIN`, if installed. It also covers [stalwart](https://github.com/nextcloud/all-in-one/tree/main/community-containers/stalwart) by listening on `mail.$NC_DOMAIN`, if installed. It also covers [jellyfin](https://github.com/nextcloud/all-in-one/tree/main/community-containers/jellyfin) by listening on `media.$NC_DOMAIN`, if installed. It also covers [lldap](https://github.com/nextcloud/all-in-one/tree/main/community-containers/lldap) by listening on `ldap.$NC_DOMAIN`, if installed. It also covers [nocodb](https://github.com/nextcloud/all-in-one/tree/main/community-containers/nocodb) by listening on `tables.$NC_DOMAIN`, if installed. It also covers [jellyseerr](https://github.com/nextcloud/all-in-one/tree/main/community-containers/jellyseerr) by listening on `requests.$NC_DOMAIN`, if installed. It also covers [nextcloud-exporter](https://github.com/nextcloud/all-in-one/tree/main/community-containers/nextcloud-exporter) by listening on `metrics.$NC_DOMAIN`, if installed. It also covers [LocalAI](https://github.com/nextcloud/all-in-one/tree/main/community-containers/local-ai) by listening on `ai.$NC_DOMAIN`, if installed. ### Notes - This container is incompatible with the [npmplus](https://github.com/nextcloud/all-in-one/tree/main/community-containers/npmplus) community container. So make sure that you do not enable both at the same time! @@ -14,6 +14,7 @@ This container bundles caddy and auto-configures it for you. It also covers [vau - If you want to use this with [nocodb](https://github.com/nextcloud/all-in-one/tree/main/community-containers/nocodb), make sure that you point `tables.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for nocodb. - If you want to use this with [jellyseerr](https://github.com/nextcloud/all-in-one/tree/main/community-containers/jellyseerr), make sure that you point `requests.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for jellyseerr. - If you want to use this with [nextcloud-exporter](https://github.com/nextcloud/all-in-one/tree/main/community-containers/nextcloud-exporter), make sure that you point `metrics.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for nextcloud-exporter. +- If you want to use this with [local AI](https://github.com/nextcloud/all-in-one/tree/main/community-containers/local-ai), make sure that you point `ai.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for local AI. - After the container was started the first time, you should see a new `nextcloud-aio-caddy` folder and inside there an `allowed-countries.txt` file when you open the files app with the default `admin` user. In there you can adjust the allowed country codes for caddy by adding them to the first line, e.g. `IT FR` would allow access from italy and france. Private ip-ranges are always allowed. Additionally, in order to activate this config, you need to get an account at https://dev.maxmind.com/geoip/geolite2-free-geolocation-data and download the `GeoLite2-Country.mmdb` and upload it with this exact name into the `nextcloud-aio-caddy` folder. Afterwards restart all containers from the AIO interface and your new config should be active! - You can add your own Caddy configurations in `/data/caddy-imports/` inside the Caddy container (`sudo docker exec -it nextcloud-aio-caddy bash`). These will be imported on container startup. **Please note:** If you do not have CLI access to the server, you can now run docker commands via a web session by using this community container: https://github.com/nextcloud/all-in-one/tree/main/community-containers/container-management - See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack diff --git a/community-containers/local-ai/local-ai.json b/community-containers/local-ai/local-ai.json index 8e2aedb3..fceb4394 100644 --- a/community-containers/local-ai/local-ai.json +++ b/community-containers/local-ai/local-ai.json @@ -4,42 +4,59 @@ "container_name": "nextcloud-aio-local-ai", "display_name": "Local AI", "documentation": "https://github.com/nextcloud/all-in-one/tree/main/community-containers/local-ai", - "image": "ghcr.io/szaimen/aio-local-ai", - "image_tag": "v2", - "internal_port": "8080", + "image": "ghcr.io/docjyj/aio-local-ai-vulkan", + "image_tag": "v1", + "internal_port": "10078", "restart": "unless-stopped", "environment": [ "TZ=%TIMEZONE%", - "MODELS_PATH=/models" + "LOCALAI_API_KEY=%LOCALAI_API_KEY%", + "LOCALAI_ADDRESS=:10078", + "LOCALAI_CONFIG_DIR=/configuration", + "LOCALAI_MODEL_PATH=/models", + "LOCALAI_BACKEND_PATH=/backends" + ], + "ports": [ + { + "ip_binding": "%APACHE_IP_BINDING%", + "port_number": "10078", + "protocol": "tcp" + } ], "volumes": [ + { + "source": "nextcloud_aio_localai_configuration", + "destination": "/configuration", + "writeable": true + }, { "source": "nextcloud_aio_localai_models", "destination": "/models", "writeable": true }, { - "source": "nextcloud_aio_localai_images", - "destination": "/tmp/generated/images/", + "source": "nextcloud_aio_localai_backends", + "destination": "/backends", "writeable": true - }, - { - "source": "%NEXTCLOUD_DATADIR%", - "destination": "/nextcloud", - "writeable": false } ], - "enable_nvidia_gpu": false, + "secrets": [ + "LOCALAI_API_KEY" + ], + "ui_secret": "LOCALAI_API_KEY", + "devices": [ + "/dev/dri" + ], "nextcloud_exec_commands": [ - "mkdir '/mnt/ncdata/admin/files/nextcloud-aio-local-ai'", - "touch '/mnt/ncdata/admin/files/nextcloud-aio-local-ai/models.yaml'", - "echo 'Scanning nextcloud-aio-local-ai folder for admin user...'", - "php /var/www/html/occ files:scan --path='/admin/files/nextcloud-aio-local-ai'", "php /var/www/html/occ app:install integration_openai", "php /var/www/html/occ app:enable integration_openai", "php /var/www/html/occ config:app:set integration_openai url --value http://nextcloud-aio-local-ai:8080", + "php /var/www/html/occ config:app:set integration_openai api_key --value %LOCALAI_API_KEY%", "php /var/www/html/occ app:install assistant", "php /var/www/html/occ app:enable assistant" + ], + "backup_volumes": [ + "nextcloud_aio_localai_configuration" ] } ] diff --git a/community-containers/local-ai/readme.md b/community-containers/local-ai/readme.md index 2ab05996..02722bd0 100644 --- a/community-containers/local-ai/readme.md +++ b/community-containers/local-ai/readme.md @@ -1,21 +1,16 @@ ## Local AI -This container bundles Local AI and auto-configures it for you. +This container bundles Local AI and auto-configures it for you. It support hardware acceleration with Vulkan. ### Notes -- Make sure to have enough storage space available. This container alone needs ~7GB storage. Every model that you add to `models.yaml` will of course use additional space which adds up quite fast. -- After the container was started the first time, you should see a new `nextcloud-aio-local-ai` folder when you open the files app with the default `admin` user. In there you should see a `models.yaml` config file. You can now add models in there. Please refer [here](https://github.com/mudler/LocalAI/blob/master/gallery/index.yaml) where you can get further urls that you can put in there. Afterwards restart all containers from the AIO interface and the models should automatically get downloaded by the local-ai container and activated. -- Example for content of `models.yaml` (if you add all of them, it takes around 10GB additional space): -```yaml -# Stable Diffusion in NCNN with c++, supported txt2img and img2img -- url: github:mudler/LocalAI/blob/master/gallery/stablediffusion.yaml - name: Stable_diffusion -``` -- To make it work, you first need to browse `https://your-nc-domain.com/settings/admin/ai` and enable or disable specific features for your models in the openAI settings. Afterwards using the Nextcloud Assistant should work. +Documentation is available on the container repository. This documentation is regularly updated and is intended to be as simple and detailed as possible. Thanks for all your feedback! + +- See https://github.com/docjyJ/aio-local-ai-vulkan#getting-started for getting start with this container. - See [this guide](https://github.com/nextcloud/all-in-one/discussions/5430) for how to improve AI task pickup speed +- Note that Nextcloud supports only one server for AI queries, so this container cannot be used at the same time as other AI containers. - See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack ### Repository -https://github.com/szaimen/aio-local-ai +https://github.com/docjyJ/aio-local-ai-vulkan ### Maintainer -https://github.com/szaimen +https://github.com/docjyJ From b55260842d10195d104193cbb0d708a49f519b96 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 30 Jan 2026 04:07:42 +0000 Subject: [PATCH 416/432] build(deps): bump haproxy in /Containers/docker-socket-proxy Bumps haproxy from 3.3.1-alpine to 3.3.2-alpine. --- updated-dependencies: - dependency-name: haproxy dependency-version: 3.3.2-alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/docker-socket-proxy/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/docker-socket-proxy/Dockerfile b/Containers/docker-socket-proxy/Dockerfile index 62590f6f..ffc867a8 100644 --- a/Containers/docker-socket-proxy/Dockerfile +++ b/Containers/docker-socket-proxy/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM haproxy:3.3.1-alpine +FROM haproxy:3.3.2-alpine # hadolint ignore=DL3002 USER root From 716d3b0f17e6ce3805d0c94bfa7c5bcbc112550b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 30 Jan 2026 04:08:51 +0000 Subject: [PATCH 417/432] build(deps): bump nextcloud-releases/whiteboard Bumps nextcloud-releases/whiteboard from v1.5.3 to v1.5.4. --- updated-dependencies: - dependency-name: nextcloud-releases/whiteboard dependency-version: v1.5.4 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Containers/whiteboard/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/whiteboard/Dockerfile b/Containers/whiteboard/Dockerfile index 3a3c5542..c83dd46b 100644 --- a/Containers/whiteboard/Dockerfile +++ b/Containers/whiteboard/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Probably from this file: https://github.com/nextcloud/whiteboard/blob/main/Dockerfile -FROM ghcr.io/nextcloud-releases/whiteboard:v1.5.3 +FROM ghcr.io/nextcloud-releases/whiteboard:v1.5.4 USER root RUN set -ex; \ From 748b2cc73b6182c2df4ac2f16f54d84ad665f7a2 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Fri, 30 Jan 2026 09:20:00 +0100 Subject: [PATCH 418/432] only allow to set `APACHE_ADDITIONAL_NETWORK` via environmental variable and do not restore it on backup restore Signed-off-by: Simon L. --- php/src/Data/ConfigurationManager.php | 13 ++++++++----- php/src/Docker/DockerActionManager.php | 2 +- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index e65d5504..7534acda 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -263,11 +263,6 @@ class ConfigurationManager set { $this->set('collabora_seccomp_disabled', $value); } } - public string $apacheAdditionalNetwork { - get => $this->getEnvironmentalVariableOrConfig('APACHE_ADDITIONAL_NETWORK', 'apache_additional_network', ''); - set { $this->set('apache_additional_network', $value); } - } - public bool $disableBackupSection { get => $this->booleanize($this->getEnvironmentalVariableOrConfig('AIO_DISABLE_BACKUP_SECTION', 'disable_backup_section', '')); set { $this->set('disable_backup_section', $value); } @@ -854,6 +849,14 @@ class ConfigurationManager return false; } + public function getApacheAdditionalNetwork() : string { + $network = getenv('APACHE_ADDITIONAL_NETWORK'); + if (is_string($network)) { + return trim($network); + } + return ''; + } + public function getNextcloudStartupApps() : string { $apps = getenv('NEXTCLOUD_STARTUP_APPS'); if (is_string($apps)) { diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index a8891c3c..86b36619 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -843,7 +843,7 @@ readonly class DockerActionManager { $this->ConnectContainerIdToNetwork($container->identifier, $container->internalPorts, alias: $alias); if ($container->identifier === 'nextcloud-aio-apache' || $container->identifier === 'nextcloud-aio-domaincheck') { - $apacheAdditionalNetwork = $this->configurationManager->apacheAdditionalNetwork; + $apacheAdditionalNetwork = $this->configurationManager->getApacheAdditionalNetwork(); if ($apacheAdditionalNetwork !== '') { $this->ConnectContainerIdToNetwork($container->identifier, $container->internalPorts, $apacheAdditionalNetwork, false, $alias); } From a037be95c73fed8bca8f73482a3b311c5196c3e4 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Fri, 30 Jan 2026 09:51:08 +0100 Subject: [PATCH 419/432] fix remaining rename of collabora to Nextcloud Office Signed-off-by: Simon L. --- php/templates/includes/optional-containers.twig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/templates/includes/optional-containers.twig b/php/templates/includes/optional-containers.twig index 68c8689d..eabcb139 100644 --- a/php/templates/includes/optional-containers.twig +++ b/php/templates/includes/optional-containers.twig @@ -236,7 +236,7 @@ - +

    You need to make sure that the dictionaries that you enter are valid. An example is de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru.

    {% else %} From b1cea36dfa47ffcf3e631b274f702ca160322371 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Fri, 30 Jan 2026 11:30:59 +0100 Subject: [PATCH 420/432] add a workflow that blocks merging if a pre-release was published Signed-off-by: Simon L. --- .github/workflows/fail-on-prerelease.yml | 50 ++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 .github/workflows/fail-on-prerelease.yml diff --git a/.github/workflows/fail-on-prerelease.yml b/.github/workflows/fail-on-prerelease.yml new file mode 100644 index 00000000..5efbe242 --- /dev/null +++ b/.github/workflows/fail-on-prerelease.yml @@ -0,0 +1,50 @@ +name: Fail on prerelease + +on: + pull_request: + +permissions: + contents: read + +jobs: + check-latest-release: + runs-on: ubuntu-latest + steps: + - name: "Check latest published release isn't a prerelease" + uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6 + with: + script: | + const tags = await github.rest.repos.listTags({ + owner: context.repo.owner, + repo: context.repo.repo, + per_page: 1 + }); + + if (!tags.data || tags.data.length === 0) { + core.info('No tags found for this repository; skipping prerelease check.'); + return; + } + + const latestTag = tags.data[0].name; + core.info(`Latest tag found: ${latestTag}`); + + try { + const { data } = await github.rest.repos.getReleaseByTag({ + owner: context.repo.owner, + repo: context.repo.repo, + tag: latestTag + }); + + if (data.prerelease) { + core.setFailed(`Release for tag ${latestTag} (${data.tag_name}) is a prerelease. Blocking merges to main as we need to wait for the prerelease to become stable.`); + } else { + core.info(`Release for tag ${latestTag} (${data.tag_name}) is not a prerelease.`); + } + + } catch (err) { + if (err.status === 404) { + core.info(`No release found for tag ${latestTag}; skipping prerelease check.`); + } else { + throw err; + } + } From dae8102088335542bcb789bcd9fbfe5d9e085512 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Fri, 30 Jan 2026 15:00:48 +0100 Subject: [PATCH 421/432] rename name of workflow Signed-off-by: Simon L. --- .github/workflows/fail-on-prerelease.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/fail-on-prerelease.yml b/.github/workflows/fail-on-prerelease.yml index 5efbe242..12a288bb 100644 --- a/.github/workflows/fail-on-prerelease.yml +++ b/.github/workflows/fail-on-prerelease.yml @@ -1,4 +1,4 @@ -name: Fail on prerelease +name: Block if prerelease is present on: pull_request: From 88b2121eaad9b47490f857ff26492054410f86e6 Mon Sep 17 00:00:00 2001 From: Jean-Yves <7360784+docjyJ@users.noreply.github.com> Date: Sun, 1 Feb 2026 11:37:51 +0100 Subject: [PATCH 422/432] hotfix: Update Nextcloud integration URL for local AI Signed-off-by: Jean-Yves <7360784+docjyJ@users.noreply.github.com> --- community-containers/local-ai/local-ai.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/community-containers/local-ai/local-ai.json b/community-containers/local-ai/local-ai.json index fceb4394..e906b5a7 100644 --- a/community-containers/local-ai/local-ai.json +++ b/community-containers/local-ai/local-ai.json @@ -50,7 +50,7 @@ "nextcloud_exec_commands": [ "php /var/www/html/occ app:install integration_openai", "php /var/www/html/occ app:enable integration_openai", - "php /var/www/html/occ config:app:set integration_openai url --value http://nextcloud-aio-local-ai:8080", + "php /var/www/html/occ config:app:set integration_openai url --value http://nextcloud-aio-local-ai:10078", "php /var/www/html/occ config:app:set integration_openai api_key --value %LOCALAI_API_KEY%", "php /var/www/html/occ app:install assistant", "php /var/www/html/occ app:enable assistant" From cba66dec0b956ce10742f0285f6adf915795fbf8 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 2 Feb 2026 10:11:00 +0100 Subject: [PATCH 423/432] daily-backup.sh: continue with script if wasStartButtonClicked=true was found Signed-off-by: Simon L. --- Containers/mastercontainer/daily-backup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/mastercontainer/daily-backup.sh b/Containers/mastercontainer/daily-backup.sh index d11f3e85..fd68e981 100644 --- a/Containers/mastercontainer/daily-backup.sh +++ b/Containers/mastercontainer/daily-backup.sh @@ -4,7 +4,7 @@ echo "Daily backup script has started" # Check if initial configuration has been done, otherwise this script should do nothing. CONFIG_FILE=/mnt/docker-aio-config/data/configuration.json -if ! [ -f "$CONFIG_FILE" ] || ! grep -q "wasStartButtonClicked.*1" "$CONFIG_FILE"; then +if ! [ -f "$CONFIG_FILE" ] || ! grep -q "wasStartButtonClicked.*true" "$CONFIG_FILE"; then echo "Initial configuration via AIO interface not done yet. Exiting..." exit 0 fi From 82cbbe1829b15dcf3884b33be739133127e8c364 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 2 Feb 2026 07:28:42 +0100 Subject: [PATCH 424/432] Wrap ConfigurationController#SetConfig into a "transaction" This avoids a lot of subsequent writes and reads from the file system, because now only commitTransaction() actually writes the config file. Signed-off-by: Pablo Zmdl Signed-off-by: Simon L. --- php/src/Controller/ConfigurationController.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index bb55e10f..c40ee98c 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -17,6 +17,7 @@ readonly class ConfigurationController { public function SetConfig(Request $request, Response $response, array $args): Response { try { + $this->configurationManager->startTransaction(); if (isset($request->getParsedBody()['domain'])) { $domain = $request->getParsedBody()['domain'] ?? ''; $skipDomainValidation = isset($request->getParsedBody()['skip_domain_validation']); @@ -137,6 +138,8 @@ readonly class ConfigurationController { } catch (InvalidSettingConfigurationException $ex) { $response->getBody()->write($ex->getMessage()); return $response->withStatus(422); + } finally { + $this->configurationManager->commitTransaction(); } } } From cfff44954bcb19b968612ae70c603d97c99d0611 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 2 Feb 2026 10:28:57 +0100 Subject: [PATCH 425/432] increase version to 12.6.1 Signed-off-by: Simon L. --- php/templates/includes/aio-version.twig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/templates/includes/aio-version.twig b/php/templates/includes/aio-version.twig index 062985d4..1b62f917 100644 --- a/php/templates/includes/aio-version.twig +++ b/php/templates/includes/aio-version.twig @@ -1 +1 @@ -12.6.0 +12.6.1 From c84416df5df8f5efa41be0aadd57b93938914846 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 2 Feb 2026 11:06:08 +0100 Subject: [PATCH 426/432] fix daily-backup.sh edge case Signed-off-by: Simon L. --- Containers/mastercontainer/daily-backup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/mastercontainer/daily-backup.sh b/Containers/mastercontainer/daily-backup.sh index fd68e981..cd6e54b3 100644 --- a/Containers/mastercontainer/daily-backup.sh +++ b/Containers/mastercontainer/daily-backup.sh @@ -4,7 +4,7 @@ echo "Daily backup script has started" # Check if initial configuration has been done, otherwise this script should do nothing. CONFIG_FILE=/mnt/docker-aio-config/data/configuration.json -if ! [ -f "$CONFIG_FILE" ] || ! grep -q "wasStartButtonClicked.*true" "$CONFIG_FILE"; then +if ! [ -f "$CONFIG_FILE" ] && (! grep -q "wasStartButtonClicked.*1" "$CONFIG_FILE" || ! grep -q "wasStartButtonClicked.*true" "$CONFIG_FILE"); then echo "Initial configuration via AIO interface not done yet. Exiting..." exit 0 fi From b8f594b09a2fa97e998ccd195cf4628f530d6972 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 2 Feb 2026 11:22:43 +0100 Subject: [PATCH 427/432] fix logic detail Signed-off-by: Simon L. --- Containers/mastercontainer/daily-backup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/mastercontainer/daily-backup.sh b/Containers/mastercontainer/daily-backup.sh index cd6e54b3..89ef3cd5 100644 --- a/Containers/mastercontainer/daily-backup.sh +++ b/Containers/mastercontainer/daily-backup.sh @@ -4,7 +4,7 @@ echo "Daily backup script has started" # Check if initial configuration has been done, otherwise this script should do nothing. CONFIG_FILE=/mnt/docker-aio-config/data/configuration.json -if ! [ -f "$CONFIG_FILE" ] && (! grep -q "wasStartButtonClicked.*1" "$CONFIG_FILE" || ! grep -q "wasStartButtonClicked.*true" "$CONFIG_FILE"); then +if ! [ -f "$CONFIG_FILE" ] || (! grep -q "wasStartButtonClicked.*1" "$CONFIG_FILE" && ! grep -q "wasStartButtonClicked.*true" "$CONFIG_FILE"); then echo "Initial configuration via AIO interface not done yet. Exiting..." exit 0 fi From e95f5cc590f162f2c3c9ac359b5961d1355aca9a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Feb 2026 13:26:38 +0000 Subject: [PATCH 428/432] build(deps): bump actions/github-script in /.github/workflows Bumps [actions/github-script](https://github.com/actions/github-script) from 6.4.1 to 8.0.0. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/d7906e4ad0b1822421a7e6a35d5ca353c962f410...ed597411d8f924073f98dfc5c65a23a2325f34cd) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/fail-on-prerelease.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/fail-on-prerelease.yml b/.github/workflows/fail-on-prerelease.yml index 12a288bb..a5b876c3 100644 --- a/.github/workflows/fail-on-prerelease.yml +++ b/.github/workflows/fail-on-prerelease.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: "Check latest published release isn't a prerelease" - uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6 + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v6 with: script: | const tags = await github.rest.repos.listTags({ From c6c9d8ab9cc8b1fa0267abcf22964abd6112ef8e Mon Sep 17 00:00:00 2001 From: Zoey Date: Fri, 17 Oct 2025 21:01:58 +0200 Subject: [PATCH 429/432] replace apache with a second caddy Signed-off-by: Zoey --- Containers/mastercontainer/Caddyfile | 37 ----------- Containers/mastercontainer/Dockerfile | 52 ++-------------- Containers/mastercontainer/acme.Caddyfile | 39 ++++++++++++ Containers/mastercontainer/healthcheck.sh | 3 +- Containers/mastercontainer/internal.Caddyfile | 29 +++++++++ .../mastercontainer/mastercontainer.conf | 62 ------------------- Containers/mastercontainer/start.sh | 36 +---------- Containers/mastercontainer/supervisord.conf | 20 +++--- php/domain-validator.php | 10 +-- 9 files changed, 92 insertions(+), 196 deletions(-) delete mode 100644 Containers/mastercontainer/Caddyfile create mode 100644 Containers/mastercontainer/acme.Caddyfile create mode 100644 Containers/mastercontainer/internal.Caddyfile delete mode 100644 Containers/mastercontainer/mastercontainer.conf diff --git a/Containers/mastercontainer/Caddyfile b/Containers/mastercontainer/Caddyfile deleted file mode 100644 index da0e222d..00000000 --- a/Containers/mastercontainer/Caddyfile +++ /dev/null @@ -1,37 +0,0 @@ -{ - # auto_https will create redirects for https://{host}:8443 instead of https://{host} - # https redirects are added manually in the http://:80 block - auto_https disable_redirects - - storage file_system { - root /mnt/docker-aio-config/caddy/ - } - - log { - level ERROR - } - - servers { - protocols h1 h2 h2c - } - - on_demand_tls { - ask http://127.0.0.1:9876/ - } -} - -http://:80 { - redir https://{host}{uri} permanent -} - -https://:8443 { - - reverse_proxy 127.0.0.1:8000 - - tls { - on_demand - issuer acme { - disable_tlsalpn_challenge - } - } -} diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile index f3079ca7..ef93600a 100644 --- a/Containers/mastercontainer/Dockerfile +++ b/Containers/mastercontainer/Dockerfile @@ -21,9 +21,8 @@ COPY --from=docker /usr/local/bin/docker /usr/local/bin/docker COPY community-containers /var/www/docker-aio/community-containers COPY php /var/www/docker-aio/php COPY --chmod=775 Containers/mastercontainer/*.sh / -COPY --chmod=664 Containers/mastercontainer/Caddyfile /Caddyfile +COPY --chmod=664 Containers/mastercontainer/*.Caddyfile / COPY --chmod=664 Containers/mastercontainer/supervisord.conf /supervisord.conf -COPY Containers/mastercontainer/mastercontainer.conf /etc/apache2/sites-available/mastercontainer.conf WORKDIR /var/www/docker-aio @@ -37,13 +36,8 @@ RUN set -ex; \ apk add --no-cache \ util-linux-misc \ ca-certificates \ - wget \ bash \ - apache2 \ - apache2-proxy \ - apache2-ssl \ supervisor \ - openssl \ sudo \ netcat-openbsd \ curl \ @@ -67,11 +61,13 @@ RUN set -ex; \ sed -i 's/^pm = dynamic/pm = ondemand/' /usr/local/etc/php-fpm.d/www.conf; \ sed -i 's/^pm.max_children =.*/pm.max_children = 80/' /usr/local/etc/php-fpm.d/www.conf; \ sed -i 's|access.log = /proc/self/fd/2|access.log = /proc/self/fd/1|' /usr/local/etc/php-fpm.d/docker.conf; \ - grep -q ';listen.allowed_clients' /usr/local/etc/php-fpm.d/www.conf; \ - sed -i 's|;listen.allowed_clients.*|listen.allowed_clients = 127.0.0.1,::1|' /usr/local/etc/php-fpm.d/www.conf; \ + grep -q 'listen =' /usr/local/etc/php-fpm.d/www.conf; \ + sed -i 's|listen =.*|;listen = /run/php.sock # handled in zz-docker.conf|' /usr/local/etc/php-fpm.d/www.conf; \ + grep -q 'listen =' /usr/local/etc/php-fpm.d/zz-docker.conf; \ + sed -i 's|listen =.*|listen = /run/php.sock|' /usr/local/etc/php-fpm.d/zz-docker.conf; \ \ apk add --no-cache git; \ - wget https://getcomposer.org/installer -O - | php -- --install-dir=/usr/local/bin --filename=composer; \ + curl https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer; \ chmod +x /usr/local/bin/composer; \ cd /var/www/docker-aio; \ rm -r ./php/tests; \ @@ -86,42 +82,6 @@ RUN set -ex; \ rm -r php/data; \ rm -r php/session; \ \ - mkdir -p /etc/apache2/certs; \ - cd /etc/apache2/certs; \ - openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=DE/ST=BE/L=Local/O=Dev/CN=nextcloud.local" -keyout /etc/apache2/certs/ssl.key -out /etc/apache2/certs/ssl.crt; \ - \ - sed -i \ - -e '/^Listen /d' \ - -e 's/^LogLevel .*/LogLevel error/' \ - -e 's|^ErrorLog .*|ErrorLog /proc/self/fd/2|' \ - -e 's/User apache/User www-data/g' \ - -e 's/Group apache/Group www-data/g' \ - -e 's/^#\(LoadModule .*mod_rewrite.so\)/\1/' \ - -e 's/^#\(LoadModule .*mod_headers.so\)/\1/' \ - -e 's/^#\(LoadModule .*mod_env.so\)/\1/' \ - -e 's/^#\(LoadModule .*mod_mime.so\)/\1/' \ - -e 's/^#\(LoadModule .*mod_dir.so\)/\1/' \ - -e 's/^#\(LoadModule .*mod_authz_core.so\)/\1/' \ - -e 's/^#\(LoadModule .*mod_mpm_event.so\)/\1/' \ - -e 's/\(LoadModule .*mod_mpm_worker.so\)/#\1/' \ - -e 's/\(LoadModule .*mod_mpm_prefork.so\)/#\1/' \ - -e 's/\(ScriptAlias \)/#\1/' \ - /etc/apache2/httpd.conf; \ - mkdir -p /etc/apache2/logs; \ - rm /etc/apache2/conf.d/ssl.conf; \ - echo "ServerName localhost" | tee -a /etc/apache2/httpd.conf; \ - grep -q '^LoadModule lbmethod_heartbeat_module' /etc/apache2/conf.d/proxy.conf; \ - sed -i 's|^LoadModule lbmethod_heartbeat_module.*|#LoadModule lbmethod_heartbeat_module|' /etc/apache2/conf.d/proxy.conf; \ - echo "SSLSessionCache nonenotnull" | tee -a /etc/apache2/httpd.conf; \ - echo "LoadModule ssl_module modules/mod_ssl.so" | tee -a /etc/apache2/httpd.conf; \ - echo "LoadModule socache_shmcb_module modules/mod_socache_shmcb.so" | tee -a /etc/apache2/httpd.conf; \ - echo "Include /etc/apache2/sites-available/mastercontainer.conf" | tee -a /etc/apache2/httpd.conf; \ - \ - rm -f /etc/apache2/conf.d/default.conf \ - /etc/apache2/conf.d/userdir.conf \ - /etc/apache2/conf.d/info.conf; \ - \ - rm -rf /var/www/localhost/cgi-bin/; \ mkdir /var/log/supervisord; \ mkdir /var/run/supervisord; diff --git a/Containers/mastercontainer/acme.Caddyfile b/Containers/mastercontainer/acme.Caddyfile new file mode 100644 index 00000000..61eae552 --- /dev/null +++ b/Containers/mastercontainer/acme.Caddyfile @@ -0,0 +1,39 @@ +{ + # auto_https will create redirects for https://{host}:8443 instead of https://{host} + # https redirects are added manually in the http://:80 block + auto_https disable_redirects + + storage file_system { + root /mnt/docker-aio-config/caddy/ + } + + log { + level ERROR + } + + servers { + protocols h1 h2 h2c + } + + on_demand_tls { + ask http://127.0.0.1:9876/ + } +} + +http://:80 { + redir https://{host}{uri} permanent +} + +https://:8443 { + root * /var/www/docker-aio/php/public + encode + php_fastcgi unix//run/php.sock + file_server + + tls { + on_demand + issuer acme { + disable_tlsalpn_challenge + } + } +} diff --git a/Containers/mastercontainer/healthcheck.sh b/Containers/mastercontainer/healthcheck.sh index 72187591..29ad40a6 100644 --- a/Containers/mastercontainer/healthcheck.sh +++ b/Containers/mastercontainer/healthcheck.sh @@ -2,9 +2,8 @@ if [ -f "/mnt/docker-aio-config/data/configuration.json" ]; then nc -z 127.0.0.1 80 || exit 1 - nc -z 127.0.0.1 8000 || exit 1 nc -z 127.0.0.1 8080 || exit 1 nc -z 127.0.0.1 8443 || exit 1 - nc -z 127.0.0.1 9000 || exit 1 + [ -f /run/php.sock ] || exit 1 nc -z 127.0.0.1 9876 || exit 1 fi diff --git a/Containers/mastercontainer/internal.Caddyfile b/Containers/mastercontainer/internal.Caddyfile new file mode 100644 index 00000000..8e8ea311 --- /dev/null +++ b/Containers/mastercontainer/internal.Caddyfile @@ -0,0 +1,29 @@ +{ + auto_https off + + storage file_system { + root /mnt/docker-aio-config/caddy/ + } + + log { + level ERROR + } + + servers { + protocols h1 h2 + } + + skip_install_trust +} + +https://:8080 { + root * /var/www/docker-aio/php/public + encode + php_fastcgi unix//run/php.sock + file_server + + tls { + on_demand + issuer internal + } +} diff --git a/Containers/mastercontainer/mastercontainer.conf b/Containers/mastercontainer/mastercontainer.conf deleted file mode 100644 index 7d294694..00000000 --- a/Containers/mastercontainer/mastercontainer.conf +++ /dev/null @@ -1,62 +0,0 @@ -Listen 127.0.0.1:8000 -Listen 8080 https - -# Deny access to .ht files - - Require all denied - - -# Http host - - ServerName 127.0.0.1 - - # Add error log - CustomLog /proc/self/fd/1 proxy - LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy - ErrorLog /proc/self/fd/2 - ErrorLogFormat "[%t] [%l] [%E] [client: %{X-Forwarded-For}i] [%M] [%{User-Agent}i]" - LogLevel warn - - # PHP match - - SetHandler "proxy:fcgi://127.0.0.1:9000" - - # Master dir - DocumentRoot /var/www/docker-aio/php/public/ - - RewriteEngine On - RewriteCond %{REQUEST_FILENAME} !-f - RewriteRule ^ index.php [QSA,L] - Options Indexes FollowSymLinks - Require all granted - AllowOverride All - Options FollowSymLinks MultiViews - Satisfy Any - - Dav off - - - - -# Https host - - # Proxy to https - ProxyPass / http://127.0.0.1:8000/ - ProxyPassReverse / http://127.0.0.1:8000/ - ProxyPreserveHost On - # SSL - SSLCertificateKeyFile /etc/apache2/certs/ssl.key - SSLCertificateFile /etc/apache2/certs/ssl.crt - SSLEngine on - SSLProtocol -all +TLSv1.2 +TLSv1.3 - SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305 - SSLHonorCipherOrder off - SSLSessionTickets off - - -# Increase timeout in case e.g. the initial download takes a long time -Timeout 7200 -ProxyTimeout 7200 - -# See https://httpd.apache.org/docs/trunk/mod/core.html#traceenable -TraceEnable Off diff --git a/Containers/mastercontainer/start.sh b/Containers/mastercontainer/start.sh index a65e29ae..f936bf5d 100644 --- a/Containers/mastercontainer/start.sh +++ b/Containers/mastercontainer/start.sh @@ -371,36 +371,6 @@ chown www-data:www-data -R /mnt/docker-aio-config/session/ chown www-data:www-data -R /mnt/docker-aio-config/caddy/ chown root:root -R /mnt/docker-aio-config/certs/ -# Don't allow access to the AIO interface from the Nextcloud container -# Probably more cosmetic than anything but at least an attempt -if ! grep -q '# nextcloud-aio-block' /etc/apache2/httpd.conf; then - cat << APACHE_CONF >> /etc/apache2/httpd.conf -# nextcloud-aio-block-start - -order allow,deny -deny from nextcloud-aio-nextcloud.nextcloud-aio -allow from all - -# nextcloud-aio-block-end -APACHE_CONF -fi - -# Adjust certs -GENERATED_CERTS="/mnt/docker-aio-config/certs" -TMP_CERTS="/etc/apache2/certs" -mkdir -p "$GENERATED_CERTS" -cd "$GENERATED_CERTS" || exit 1 -if ! [ -f ./ssl.crt ] && ! [ -f ./ssl.key ]; then - openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=DE/ST=BE/L=Local/O=Dev/CN=nextcloud.local" -keyout ./ssl.key -out ./ssl.crt -fi -if [ -f ./ssl.crt ] && [ -f ./ssl.key ]; then - cd "$TMP_CERTS" || exit 1 - rm ./ssl.crt - rm ./ssl.key - cp "$GENERATED_CERTS/ssl.crt" ./ - cp "$GENERATED_CERTS/ssl.key" ./ -fi - print_green "Initial startup of Nextcloud All-in-One complete! You should be able to open the Nextcloud AIO Interface now on port 8080 of this server! E.g. https://internal.ip.of.this.server:8080 @@ -412,16 +382,14 @@ https://your-domain-that-points-to-this-server.tld:8443" # Set the timezone to Etc/UTC export TZ=Etc/UTC -# Fix apache startup -rm -f /var/run/apache2/httpd.pid - # Fix caddy startup if [ -d "/mnt/docker-aio-config/caddy/locks" ]; then rm -rf /mnt/docker-aio-config/caddy/locks/* fi # Fix the Caddyfile format -caddy fmt --overwrite /Caddyfile +caddy fmt --overwrite /acme.Caddyfile +caddy fmt --overwrite /internal.Caddyfile # Fix caddy log chmod 777 /root diff --git a/Containers/mastercontainer/supervisord.conf b/Containers/mastercontainer/supervisord.conf index fa5d0845..9fbb9516 100644 --- a/Containers/mastercontainer/supervisord.conf +++ b/Containers/mastercontainer/supervisord.conf @@ -16,20 +16,20 @@ stderr_logfile_maxbytes=0 command=php-fpm user=root -[program:apache] -# Stdout logging is disabled as otherwise the logs are spammed -stdout_logfile=NONE -stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 -command=httpd -DFOREGROUND -user=root - -[program:caddy] +[program:caddy-internal] stdout_logfile=/dev/stdout stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 -command=/usr/bin/caddy run --config /Caddyfile +command=/usr/bin/caddy run --config /internal.Caddyfile +user=www-data + +[program:caddy-acme] +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 +command=/usr/bin/caddy run --config /acme.Caddyfile user=www-data [program:cron] diff --git a/php/domain-validator.php b/php/domain-validator.php index 57506b8a..4ac92690 100644 --- a/php/domain-validator.php +++ b/php/domain-validator.php @@ -3,15 +3,15 @@ $domain = $_GET['domain'] ?? ''; if (!str_contains($domain, '.')) { - http_response_code(400); + http_response_code(400); } elseif (str_contains($domain, '/')) { - http_response_code(400); + http_response_code(400); } elseif (str_contains($domain, ':')) { - http_response_code(400); + http_response_code(400); } elseif (filter_var($domain, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME) === false) { - http_response_code(400); + http_response_code(400); } elseif (filter_var($domain, FILTER_VALIDATE_IP)) { - http_response_code(400); + http_response_code(400); } else { // Commented because logging is disabled as otherwise all attempts will be logged which spams the logs // error_log($domain . ' was accepted as valid domain.'); From dc03f9515a69ae2784416d78aeb4ef0aa1929229 Mon Sep 17 00:00:00 2001 From: Zoey Date: Mon, 20 Oct 2025 18:39:06 +0200 Subject: [PATCH 430/432] mastercontainer/README.md: apache=>caddy Signed-off-by: Zoey --- Containers/mastercontainer/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Containers/mastercontainer/README.md b/Containers/mastercontainer/README.md index de6b535d..7206a5f3 100644 --- a/Containers/mastercontainer/README.md +++ b/Containers/mastercontainer/README.md @@ -12,8 +12,8 @@ The mastercontainer acts as the central orchestration service for the deployment of all other containers in the Nextcloud All-in-One stack. It hosts: - A dedicated PHP SAPI/backend (php-fpm) for AIO itself (not Nextcloud Server) -- An Apache service for accessing the AIO interface via a self-signed HTTPS VirtualHost on 8080/tcp -- A Caddy reverse proxy service enabling HTTPS access to the AIO frontend on port 8443/tcp. +- A Caddy server enabling self-signed HTTPS access to the AIO frontend on port 8080/tcp. +- A Caddy server enabling trusted HTTPS access to the AIO frontend on port 8443/tcp. - Caddy will automatically issue a Let's Encrypt issued certificate if port 80 and 8443 is open/forwarded and a domain pointer is in place; then, simply open the Nextcloud AIO interface using the domain (`https://your-domain-that-points-to-this-server.tld:8443`). The Let's Encrypt certificate request will From 7351fc1fd5a14837680d145dd52f338b3675692e Mon Sep 17 00:00:00 2001 From: Zoey Date: Mon, 20 Oct 2025 18:41:27 +0200 Subject: [PATCH 431/432] Remove unused certs from docker-aio-config Signed-off-by: Zoey --- Containers/mastercontainer/start.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Containers/mastercontainer/start.sh b/Containers/mastercontainer/start.sh index f936bf5d..a1eec5e2 100644 --- a/Containers/mastercontainer/start.sh +++ b/Containers/mastercontainer/start.sh @@ -382,6 +382,9 @@ https://your-domain-that-points-to-this-server.tld:8443" # Set the timezone to Etc/UTC export TZ=Etc/UTC +# Remove unused certs +rm -vrf /mnt/docker-aio-config/certs + # Fix caddy startup if [ -d "/mnt/docker-aio-config/caddy/locks" ]; then rm -rf /mnt/docker-aio-config/caddy/locks/* From 7c093f39e7846077ec00ca6bcc292b3e7fa07a57 Mon Sep 17 00:00:00 2001 From: Zoey Date: Thu, 23 Oct 2025 14:45:58 +0200 Subject: [PATCH 432/432] set skip_install_trust in all Caddyfiles Signed-off-by: Zoey --- Containers/mastercontainer/acme.Caddyfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Containers/mastercontainer/acme.Caddyfile b/Containers/mastercontainer/acme.Caddyfile index 61eae552..25fa6ab9 100644 --- a/Containers/mastercontainer/acme.Caddyfile +++ b/Containers/mastercontainer/acme.Caddyfile @@ -18,6 +18,8 @@ on_demand_tls { ask http://127.0.0.1:9876/ } + + skip_install_trust } http://:80 {