Type for Closure argument

Signed-off-by: Pablo Zmdl <pablo@nextcloud.com>

.github/ISSUE_TEMPLATE/Bug_report.md

@@ -32,6 +32,10 @@ labels: 0. Needs triage
 
 #### Output of `sudo docker logs nextcloud-aio-mastercontainer`
 
+#### Output of `sudo docker inspect nextcloud-aio-mastercontainer`
+
+#### Output of `sudo docker ps -a`
+
 #### Other valuable info <!--- (like additional logs, screenshots & Co.) -->
 
 #### A picture of a cute animal <!--- (not mandatory but encouraged) -->

.github/dependabot.yml

@@ -10,6 +10,8 @@ updates:
   labels:
   - 3. to review
   - dependencies
+  cooldown:
+    default-days: 7
 - package-ecosystem: composer
   directory: "/php/"
   schedule:

.github/workflows/helm-release.yml

@@ -16,7 +16,7 @@ jobs:
         uses: actions/checkout@v6.0.1
 
       - name: Turnstyle
-        uses: softprops/turnstyle@15f9da4059166900981058ba251e0b652511c68f # v2
+        uses: softprops/turnstyle@e565d2d86403c5d23533937e95980570545e5586 # v2
         with:
           continue-after-seconds: 180
         env:

.github/workflows/playwright-on-push.yml

@@ -0,0 +1,123 @@
+name: Playwright Tests on push
+
+on:
+  pull_request:
+    paths:
+      - 'php/**'
+  push:
+    branches:
+      - main
+    paths:
+      - 'php/**'
+
+concurrency:
+  group: playwright-${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+
+env:
+  BASE_URL: https://localhost:8080
+
+jobs:
+  test:
+    timeout-minutes: 60
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v6.0.1
+
+      - uses: actions/setup-node@v6
+        with:
+          node-version: lts/*
+
+      - name: Install dependencies
+        run: cd php/tests && npm ci
+
+      - name: Install Playwright Browsers
+        run: cd php/tests && npx playwright install --with-deps chromium
+
+      - name: Set up php 8.4
+        uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2.36.0
+        with:
+          extensions: apcu
+          php-version: 8.4
+          coverage: none
+          ini-file: development
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Adjust some things and fix permissions
+        run: |
+          cd php
+          rm -r ./data
+          rm -r ./session
+          composer install --no-dev
+          composer clear-cache
+          sudo chmod 777 -R ./
+
+      - name: Start fresh development server
+        run: |
+          docker rm --force nextcloud-aio-{mastercontainer,apache,notify-push,nextcloud,redis,database,domaincheck,whiteboard,imaginary,talk,collabora,borgbackup} || true
+          docker volume rm nextcloud_aio_{mastercontainer,apache,database,database_dump,nextcloud,nextcloud_data,redis,backup_cache,elasticsearch} || true
+          docker pull ghcr.io/nextcloud-releases/all-in-one:develop
+          docker run \
+            -d \
+            --init \
+            --name nextcloud-aio-mastercontainer \
+            --restart always \
+            --publish 8080:8080 \
+            --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \
+            --volume ./php:/var/www/docker-aio/php \
+            --volume /var/run/docker.sock:/var/run/docker.sock:ro \
+            --env SKIP_DOMAIN_VALIDATION=true \
+            --env APACHE_PORT=11000 \
+            ghcr.io/nextcloud-releases/all-in-one:develop
+          echo Waiting for 10 seconds for the development container to start ...
+          sleep 10
+
+      - name: Run Playwright tests for initial setup
+        run: |
+          cd php/tests
+          export DEBUG=pw:api
+          if ! npx playwright test tests/initial-setup.spec.js; then
+            docker logs nextcloud-aio-mastercontainer
+            docker logs nextcloud-aio-borgbackup
+            exit 1
+          fi
+
+      - name: Start fresh development server
+        run: |
+          docker rm --force nextcloud-aio-{mastercontainer,apache,notify-push,nextcloud,redis,database,domaincheck,whiteboard,imaginary,talk,collabora,borgbackup} || true
+          docker volume rm nextcloud_aio_{mastercontainer,apache,database,database_dump,nextcloud,nextcloud_data,redis,backup_cache,elasticsearch} || true
+          docker run \
+            -d \
+            --init \
+            --name nextcloud-aio-mastercontainer \
+            --restart always \
+            --publish 8080:8080 \
+            --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \
+            --volume ./php:/var/www/docker-aio/php \
+            --volume /var/run/docker.sock:/var/run/docker.sock:ro \
+            --env SKIP_DOMAIN_VALIDATION=false \
+            --env APACHE_PORT=11000 \
+            ghcr.io/nextcloud-releases/all-in-one:develop
+          echo Waiting for 10 seconds for the development container to start ...
+          sleep 10
+
+      - name: Run Playwright tests for backup restore
+        run: |
+          cd php/tests 
+          export DEBUG=pw:api
+          if ! npx playwright test tests/restore-instance.spec.js; then
+            docker logs nextcloud-aio-mastercontainer
+            docker logs nextcloud-aio-borgbackup
+            exit 1
+          fi
+
+      - uses: actions/upload-artifact@v6
+        if: ${{ !cancelled() }}
+        with:
+          name: playwright-report
+          path: php/tests/playwright-report/
+          retention-days: 14
+          overwrite: true

Containers/fulltextsearch/Dockerfile

@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:latest
 # Probably from here https://github.com/elastic/elasticsearch/blob/main/distribution/docker/src/docker/Dockerfile
-FROM elasticsearch:8.19.9
+FROM elasticsearch:8.19.10
 
 USER root
 

Containers/mastercontainer/Dockerfile

@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:latest
 # Docker CLI is a requirement
-FROM docker:29.1.3-cli AS docker
+FROM docker:29.1.4-cli AS docker
 
 # Caddy is a requirement
 FROM caddy:2.10.2-alpine AS caddy

Containers/nextcloud/Dockerfile

@@ -8,7 +8,7 @@ ENV SOURCE_LOCATION=/usr/src/nextcloud
 ENV REDIS_DB_INDEX=0
 
 # AIO settings start # Do not remove or change this line!
-ENV NEXTCLOUD_VERSION=32.0.3
+ENV NEXTCLOUD_VERSION=32.0.4
 ENV AIO_TOKEN=123456
 ENV AIO_URL=localhost
 # AIO settings end # Do not remove or change this line!

Containers/nextcloud/config/postgres.config.php

@@ -10,7 +10,7 @@ if (getenv('NEXTCLOUD_TRUSTED_CERTIFICATES_POSTGRES')) {
 if (getenv('NEXTCLOUD_TRUSTED_CERTIFICATES_MYSQL')) {
   $CONFIG = array(
     'dbdriveroptions' => array(
-      'PDO::MYSQL_ATTR_SSL_CA' => '/var/www/html/data/certificates/ca-bundle.crt',
+      PDO::MYSQL_ATTR_SSL_CA => '/var/www/html/data/certificates/ca-bundle.crt',
     ),
   );
 }

Containers/nextcloud/config/s3.config.php

@@ -10,6 +10,7 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) {
       'class' => '\OC\Files\ObjectStore\S3',
       'arguments' => array(
         'multibucket' => $multibucket === 'true',
+        'num_buckets' => (int)getenv('OBJECTSTORE_S3_NUM_BUCKETS') ?: 64,
         'bucket' => getenv('OBJECTSTORE_S3_BUCKET'),
         'key' => getenv('OBJECTSTORE_S3_KEY') ?: '',
         'secret' => getenv('OBJECTSTORE_S3_SECRET') ?: '',

Containers/nextcloud/entrypoint.sh

@@ -65,14 +65,6 @@ if env | grep -q NEXTCLOUD_TRUSTED_CERTIFICATES_; then
 
     done
 
-    # Custom logic for ldap conf
-    if ! grep -q "TLS_" /etc/openldap/ldap.conf; then
-        cat << EOL >> /etc/openldap/ldap.conf
-TLS_CACERT $CERTIFICATE_BUNDLE
-TLS_REQCERT try
-EOL
-    fi
-
     # Backwards compatibility with older instances
     if [ -f "/var/www/html/config/postgres.config.php" ]; then
         sed -i "s|/var/www/html/data/certificates/POSTGRES|/var/www/html/data/certificates/ca-bundle.crt|" /var/www/html/config/postgres.config.php

Containers/whiteboard/Dockerfile

@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:latest
 # Probably from this file: https://github.com/nextcloud/whiteboard/blob/main/Dockerfile
-FROM ghcr.io/nextcloud-releases/whiteboard:v1.5.0
+FROM ghcr.io/nextcloud-releases/whiteboard:v1.5.1
 
 USER root
 RUN set -ex; \

community-containers/caddy/readme.md

@@ -17,6 +17,7 @@ This container bundles caddy and auto-configures it for you. It also covers [vau
 - After the container was started the first time, you should see a new `nextcloud-aio-caddy` folder and inside there an `allowed-countries.txt` file when you open the files app with the default `admin` user. In there you can adjust the allowed country codes for caddy by adding them to the first line, e.g. `IT FR` would allow access from italy and france. Private ip-ranges are always allowed. Additionally, in order to activate this config, you need to get an account at https://dev.maxmind.com/geoip/geolite2-free-geolocation-data and download the `GeoLite2-Country.mmdb` and upload it with this exact name into the `nextcloud-aio-caddy` folder. Afterwards restart all containers from the AIO interface and your new config should be active!
 - You can add your own Caddy configurations in `/data/caddy-imports/` inside the Caddy container (`sudo docker exec -it nextcloud-aio-caddy bash`). These will be imported on container startup. **Please note:** If you do not have CLI access to the server, you can now run docker commands via a web session by using this community container: https://github.com/nextcloud/all-in-one/tree/main/community-containers/container-management
 - See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack
+- If you want to remove the container again and revert back to the default, you need to disable the container via the AIO-interface and follow https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md#8-removing-the-reverse-proxy
 
 ### Repository
 https://github.com/szaimen/aio-caddy

local-instance.md

@@ -22,10 +22,11 @@ The normal way is the following:
 **Hint:** You may have a look at [this video](https://youtu.be/zk-y2wVkY4c) for a more complete but possibly outdated example.
 
 ## 3. Use the ACME DNS-challenge
-You can alternatively use the ACME DNS-challenge to get a valid certificate for Nextcloud. Here is described how to set it up: https://github.com/nextcloud/all-in-one#how-to-get-nextcloud-running-using-the-acme-dns-challenge
+You can alternatively use the ACME DNS-challenge to get a valid certificate for Nextcloud. Here is described how to set it up using an external caddy reverse proxy: https://github.com/nextcloud/all-in-one#how-to-get-nextcloud-running-using-the-acme-dns-challenge
 
 ## 4. Use Cloudflare
 If you do not have any control over the network, you may think about using Cloudflare Tunnel to get a valid certificate for your Nextcloud. However it will be opened to the public internet then. See https://github.com/nextcloud/all-in-one#how-to-run-nextcloud-behind-a-cloudflare-tunnel how to set this up.
 
 ## 5. Buy a certificate and use that
 If none of the above ways work for you, you may simply buy a certificate from an issuer for your domain. You then download the certificate onto your server, configure AIO in [reverse proxy mode](./reverse-proxy.md) and use the certificate for your domain in your reverse proxy config.
+

nextcloud-aio-helm-chart/Chart.yaml

@@ -1,6 +1,6 @@
 name: nextcloud-aio-helm-chart
 description: A generated Helm Chart for Nextcloud AIO from Skippbox Kompose
-version: 12.3.0
+version: 12.4.0
 apiVersion: v2
 keywords:
   - latest

nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml

@@ -61,7 +61,7 @@ spec:
               value: "{{ .Values.TIMEZONE }}"
             - name: WHITEBOARD_HOST
               value: nextcloud-aio-whiteboard
-          image: ghcr.io/nextcloud-releases/aio-apache:20251218_095503
+          image: ghcr.io/nextcloud-releases/aio-apache:20260114_114729
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml

@@ -36,7 +36,7 @@ spec:
         {{- end }}
       initContainers:
         - name: init-subpath
-          image: ghcr.io/nextcloud-releases/aio-alpine:20251218_095503
+          image: ghcr.io/nextcloud-releases/aio-alpine:20260114_114729
           command:
             - mkdir
             - "-p"
@@ -59,7 +59,7 @@ spec:
               value: "{{ .Values.NEXTCLOUD_UPLOAD_LIMIT }}"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: ghcr.io/nextcloud-releases/aio-clamav:20251218_095503
+          image: ghcr.io/nextcloud-releases/aio-clamav:20260114_114729
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml

@@ -36,9 +36,9 @@ spec:
             - name: server_name
               value: "{{ .Values.NC_DOMAIN }}"
           {{- if contains "--o:support_key=" (join " " (.Values.ADDITIONAL_COLLABORA_OPTIONS | default list)) }}
-          image: ghcr.io/nextcloud-releases/aio-collabora-online:20251218_095503
+          image: ghcr.io/nextcloud-releases/aio-collabora-online:20260114_114729
           {{- else }}
-          image: ghcr.io/nextcloud-releases/aio-collabora:20251218_095503
+          image: ghcr.io/nextcloud-releases/aio-collabora:20260114_114729
           {{- end }}
           readinessProbe:
             exec:

nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml

@@ -35,7 +35,7 @@ spec:
         {{- end }}
       initContainers:
         - name: init-subpath
-          image: ghcr.io/nextcloud-releases/aio-alpine:20251218_095503
+          image: ghcr.io/nextcloud-releases/aio-alpine:20260114_114729
           command:
             - mkdir
             - "-p"
@@ -64,7 +64,7 @@ spec:
               value: nextcloud
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: ghcr.io/nextcloud-releases/aio-postgresql:20251218_095503
+          image: ghcr.io/nextcloud-releases/aio-postgresql:20260114_114729
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml

@@ -24,7 +24,7 @@ spec:
     spec:
       initContainers:
         - name: init-volumes
-          image: ghcr.io/nextcloud-releases/aio-alpine:20251218_095503
+          image: ghcr.io/nextcloud-releases/aio-alpine:20260114_114729
           command:
             - chmod
             - "777"
@@ -54,7 +54,7 @@ spec:
               value: basic
             - name: xpack.security.enabled
               value: "false"
-          image: ghcr.io/nextcloud-releases/aio-fulltextsearch:20251218_095503
+          image: ghcr.io/nextcloud-releases/aio-fulltextsearch:20260114_114729
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml

@@ -38,7 +38,7 @@ spec:
               value: "{{ .Values.IMAGINARY_SECRET }}"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: ghcr.io/nextcloud-releases/aio-imaginary:20251218_095503
+          image: ghcr.io/nextcloud-releases/aio-imaginary:20260114_114729
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml

@@ -38,7 +38,7 @@ spec:
 # AIO settings start # Do not remove or change this line!
       initContainers:
         - name: init-volumes
-          image: ghcr.io/nextcloud-releases/aio-alpine:20251218_095503
+          image: ghcr.io/nextcloud-releases/aio-alpine:20260114_114729
           command:
             - chmod
             - "777"
@@ -190,7 +190,7 @@ spec:
               value: "{{ .Values.WHITEBOARD_ENABLED }}"
             - name: WHITEBOARD_SECRET
               value: "{{ .Values.WHITEBOARD_SECRET }}"
-          image: ghcr.io/nextcloud-releases/aio-nextcloud:20251218_095503
+          image: ghcr.io/nextcloud-releases/aio-nextcloud:20260114_114729
           {{- if eq (.Values.RPSS_ENABLED | default "no") "yes" }} # AIO-config - do not change this comment!
           securityContext:
             # The items below only work in container context

nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml

@@ -57,7 +57,7 @@ spec:
               value: "6379"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: ghcr.io/nextcloud-releases/aio-notify-push:20251218_095503
+          image: ghcr.io/nextcloud-releases/aio-notify-push:20260114_114729
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml

@@ -24,7 +24,7 @@ spec:
     spec:
       initContainers:
         - name: init-volumes
-          image: ghcr.io/nextcloud-releases/aio-alpine:20251218_095503
+          image: ghcr.io/nextcloud-releases/aio-alpine:20260114_114729
           command:
             - chmod
             - "777"
@@ -42,7 +42,7 @@ spec:
               value: "{{ .Values.ONLYOFFICE_SECRET }}"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: ghcr.io/nextcloud-releases/aio-onlyoffice:20251218_095503
+          image: ghcr.io/nextcloud-releases/aio-onlyoffice:20260114_114729
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml

@@ -39,7 +39,7 @@ spec:
               value: "{{ .Values.REDIS_PASSWORD }}"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: ghcr.io/nextcloud-releases/aio-redis:20251218_095503
+          image: ghcr.io/nextcloud-releases/aio-redis:20260114_114729
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml

@@ -52,7 +52,7 @@ spec:
               value: "{{ .Values.TURN_SECRET }}"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: ghcr.io/nextcloud-releases/aio-talk:20251218_095503
+          image: ghcr.io/nextcloud-releases/aio-talk:20260114_114729
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml

@@ -44,7 +44,7 @@ spec:
               value: "{{ .Values.RECORDING_SECRET }}"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: ghcr.io/nextcloud-releases/aio-talk-recording:20251218_095503
+          image: ghcr.io/nextcloud-releases/aio-talk-recording:20260114_114729
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml

@@ -50,7 +50,7 @@ spec:
               value: redis
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: ghcr.io/nextcloud-releases/aio-whiteboard:20251218_095503
+          image: ghcr.io/nextcloud-releases/aio-whiteboard:20260114_114729
           readinessProbe:
             exec:
               command:

php/composer.lock

@@ -391,16 +391,16 @@
         },
         {
             "name": "laravel/serializable-closure",
-            "version": "v2.0.7",
+            "version": "v2.0.8",
             "source": {
                 "type": "git",
                 "url": "https://github.com/laravel/serializable-closure.git",
-                "reference": "cb291e4c998ac50637c7eeb58189c14f5de5b9dd"
+                "reference": "7581a4407012f5f53365e11bafc520fd7f36bc9b"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/laravel/serializable-closure/zipball/cb291e4c998ac50637c7eeb58189c14f5de5b9dd",
-                "reference": "cb291e4c998ac50637c7eeb58189c14f5de5b9dd",
+                "url": "https://api.github.com/repos/laravel/serializable-closure/zipball/7581a4407012f5f53365e11bafc520fd7f36bc9b",
+                "reference": "7581a4407012f5f53365e11bafc520fd7f36bc9b",
                 "shasum": ""
             },
             "require": {
@@ -448,7 +448,7 @@
                 "issues": "https://github.com/laravel/serializable-closure/issues",
                 "source": "https://github.com/laravel/serializable-closure"
             },
-            "time": "2025-11-21T20:52:36+00:00"
+            "time": "2026-01-08T16:22:46+00:00"
         },
         {
             "name": "nikic/fast-route",
@@ -2755,22 +2755,22 @@
         },
         {
             "name": "danog/advanced-json-rpc",
-            "version": "v3.2.2",
+            "version": "v3.2.3",
             "source": {
                 "type": "git",
                 "url": "https://github.com/danog/php-advanced-json-rpc.git",
-                "reference": "aadb1c4068a88c3d0530cfe324b067920661efcb"
+                "reference": "ae703ea7b4811797a10590b6078de05b3b33dd91"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/danog/php-advanced-json-rpc/zipball/aadb1c4068a88c3d0530cfe324b067920661efcb",
-                "reference": "aadb1c4068a88c3d0530cfe324b067920661efcb",
+                "url": "https://api.github.com/repos/danog/php-advanced-json-rpc/zipball/ae703ea7b4811797a10590b6078de05b3b33dd91",
+                "reference": "ae703ea7b4811797a10590b6078de05b3b33dd91",
                 "shasum": ""
             },
             "require": {
                 "netresearch/jsonmapper": "^5",
                 "php": ">=8.1",
-                "phpdocumentor/reflection-docblock": "^4.3.4 || ^5.0.0"
+                "phpdocumentor/reflection-docblock": "^4.3.4 || ^5.0.0 || ^6"
             },
             "replace": {
                 "felixfbecker/php-advanced-json-rpc": "^3"
@@ -2801,9 +2801,9 @@
             "description": "A more advanced JSONRPC implementation",
             "support": {
                 "issues": "https://github.com/danog/php-advanced-json-rpc/issues",
-                "source": "https://github.com/danog/php-advanced-json-rpc/tree/v3.2.2"
+                "source": "https://github.com/danog/php-advanced-json-rpc/tree/v3.2.3"
             },
-            "time": "2025-02-14T10:55:15+00:00"
+            "time": "2026-01-12T21:07:10+00:00"
         },
         {
             "name": "daverandom/libdns",
@@ -3455,16 +3455,16 @@
         },
         {
             "name": "phpdocumentor/reflection-docblock",
-            "version": "5.6.6",
+            "version": "6.0.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/phpDocumentor/ReflectionDocBlock.git",
-                "reference": "5cee1d3dfc2d2aa6599834520911d246f656bcb8"
+                "reference": "02600c041e7d0f4b7d1fe1d260565ec525472fa9"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/5cee1d3dfc2d2aa6599834520911d246f656bcb8",
-                "reference": "5cee1d3dfc2d2aa6599834520911d246f656bcb8",
+                "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/02600c041e7d0f4b7d1fe1d260565ec525472fa9",
+                "reference": "02600c041e7d0f4b7d1fe1d260565ec525472fa9",
                 "shasum": ""
             },
             "require": {
@@ -3472,8 +3472,8 @@
                 "ext-filter": "*",
                 "php": "^7.4 || ^8.0",
                 "phpdocumentor/reflection-common": "^2.2",
-                "phpdocumentor/type-resolver": "^1.7",
-                "phpstan/phpdoc-parser": "^1.7|^2.0",
+                "phpdocumentor/type-resolver": "^2.0",
+                "phpstan/phpdoc-parser": "^2.0",
                 "webmozart/assert": "^1.9.1 || ^2"
             },
             "require-dev": {
@@ -3483,7 +3483,8 @@
                 "phpstan/phpstan-mockery": "^1.1",
                 "phpstan/phpstan-webmozart-assert": "^1.2",
                 "phpunit/phpunit": "^9.5",
-                "psalm/phar": "^5.26"
+                "psalm/phar": "^5.26",
+                "shipmonk/dead-code-detector": "^0.5.1"
             },
             "type": "library",
             "extra": {
@@ -3513,44 +3514,44 @@
             "description": "With this component, a library can provide support for annotations via DocBlocks or otherwise retrieve information that is embedded in a DocBlock.",
             "support": {
                 "issues": "https://github.com/phpDocumentor/ReflectionDocBlock/issues",
-                "source": "https://github.com/phpDocumentor/ReflectionDocBlock/tree/5.6.6"
+                "source": "https://github.com/phpDocumentor/ReflectionDocBlock/tree/6.0.0"
             },
-            "time": "2025-12-22T21:13:58+00:00"
+            "time": "2026-01-07T20:22:53+00:00"
         },
         {
             "name": "phpdocumentor/type-resolver",
-            "version": "1.12.0",
+            "version": "2.0.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/phpDocumentor/TypeResolver.git",
-                "reference": "92a98ada2b93d9b201a613cb5a33584dde25f195"
+                "reference": "327a05bbee54120d4786a0dc67aad30226ad4cf9"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/phpDocumentor/TypeResolver/zipball/92a98ada2b93d9b201a613cb5a33584dde25f195",
-                "reference": "92a98ada2b93d9b201a613cb5a33584dde25f195",
+                "url": "https://api.github.com/repos/phpDocumentor/TypeResolver/zipball/327a05bbee54120d4786a0dc67aad30226ad4cf9",
+                "reference": "327a05bbee54120d4786a0dc67aad30226ad4cf9",
                 "shasum": ""
             },
             "require": {
                 "doctrine/deprecations": "^1.0",
-                "php": "^7.3 || ^8.0",
+                "php": "^7.4 || ^8.0",
                 "phpdocumentor/reflection-common": "^2.0",
-                "phpstan/phpdoc-parser": "^1.18|^2.0"
+                "phpstan/phpdoc-parser": "^2.0"
             },
             "require-dev": {
                 "ext-tokenizer": "*",
                 "phpbench/phpbench": "^1.2",
-                "phpstan/extension-installer": "^1.1",
-                "phpstan/phpstan": "^1.8",
-                "phpstan/phpstan-phpunit": "^1.1",
+                "phpstan/extension-installer": "^1.4",
+                "phpstan/phpstan": "^2.1",
+                "phpstan/phpstan-phpunit": "^2.0",
                 "phpunit/phpunit": "^9.5",
-                "rector/rector": "^0.13.9",
-                "vimeo/psalm": "^4.25"
+                "psalm/phar": "^4"
             },
             "type": "library",
             "extra": {
                 "branch-alias": {
-                    "dev-1.x": "1.x-dev"
+                    "dev-1.x": "1.x-dev",
+                    "dev-2.x": "2.x-dev"
                 }
             },
             "autoload": {
@@ -3571,22 +3572,22 @@
             "description": "A PSR-5 based resolver of Class names, Types and Structural Element Names",
             "support": {
                 "issues": "https://github.com/phpDocumentor/TypeResolver/issues",
-                "source": "https://github.com/phpDocumentor/TypeResolver/tree/1.12.0"
+                "source": "https://github.com/phpDocumentor/TypeResolver/tree/2.0.0"
             },
-            "time": "2025-11-21T15:09:14+00:00"
+            "time": "2026-01-06T21:53:42+00:00"
         },
         {
             "name": "phpstan/phpdoc-parser",
-            "version": "2.3.0",
+            "version": "2.3.1",
             "source": {
                 "type": "git",
                 "url": "https://github.com/phpstan/phpdoc-parser.git",
-                "reference": "1e0cd5370df5dd2e556a36b9c62f62e555870495"
+                "reference": "16dbf9937da8d4528ceb2145c9c7c0bd29e26374"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/phpstan/phpdoc-parser/zipball/1e0cd5370df5dd2e556a36b9c62f62e555870495",
-                "reference": "1e0cd5370df5dd2e556a36b9c62f62e555870495",
+                "url": "https://api.github.com/repos/phpstan/phpdoc-parser/zipball/16dbf9937da8d4528ceb2145c9c7c0bd29e26374",
+                "reference": "16dbf9937da8d4528ceb2145c9c7c0bd29e26374",
                 "shasum": ""
             },
             "require": {
@@ -3618,9 +3619,9 @@
             "description": "PHPDoc parser with support for nullable, intersection and generic types",
             "support": {
                 "issues": "https://github.com/phpstan/phpdoc-parser/issues",
-                "source": "https://github.com/phpstan/phpdoc-parser/tree/2.3.0"
+                "source": "https://github.com/phpstan/phpdoc-parser/tree/2.3.1"
             },
-            "time": "2025-08-30T15:50:23+00:00"
+            "time": "2026-01-12T11:33:04+00:00"
         },
         {
             "name": "revolt/event-loop",
@@ -4735,16 +4736,16 @@
         },
         {
             "name": "webmozart/assert",
-            "version": "2.0.0",
+            "version": "2.1.2",
             "source": {
                 "type": "git",
                 "url": "https://github.com/webmozarts/assert.git",
-                "reference": "1b34b004e35a164bc5bb6ebd33c844b2d8069a54"
+                "reference": "ce6a2f100c404b2d32a1dd1270f9b59ad4f57649"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/webmozarts/assert/zipball/1b34b004e35a164bc5bb6ebd33c844b2d8069a54",
-                "reference": "1b34b004e35a164bc5bb6ebd33c844b2d8069a54",
+                "url": "https://api.github.com/repos/webmozarts/assert/zipball/ce6a2f100c404b2d32a1dd1270f9b59ad4f57649",
+                "reference": "ce6a2f100c404b2d32a1dd1270f9b59ad4f57649",
                 "shasum": ""
             },
             "require": {
@@ -4791,9 +4792,9 @@
             ],
             "support": {
                 "issues": "https://github.com/webmozarts/assert/issues",
-                "source": "https://github.com/webmozarts/assert/tree/2.0.0"
+                "source": "https://github.com/webmozarts/assert/tree/2.1.2"
             },
-            "time": "2025-12-16T21:36:00+00:00"
+            "time": "2026-01-13T14:02:24+00:00"
         }
     ],
     "aliases": [],

php/psalm.xml

@@ -20,5 +20,10 @@
 	</extraFiles>
 	<issueHandlers>
   		<ClassMustBeFinal errorLevel="suppress" />
+        <MissingConstructor>
+            <errorLevel type="suppress">
+                <file name="src/Data/ConfigurationManager.php" />  <!-- We're using property hooks with virtual properties in that file, which Psalm wrongly complains about. See <https://github.com/vimeo/psalm/issues/11435>.  -->
+            </errorLevel>
+        </MissingConstructor>
 	</issueHandlers>
 </psalm>

php/public/index.php

@@ -91,10 +91,10 @@ $app->get('/containers', function (Request $request, Response $response, array $
     $skip_domain_validation = isset($params['skip_domain_validation']);
 
     return $view->render($response, 'containers.twig', [
-        'domain' => $configurationManager->GetDomain(),
-        'apache_port' => $configurationManager->GetApachePort(),
-        'borg_backup_host_location' => $configurationManager->GetBorgBackupHostLocation(),
-        'borg_remote_repo' => $configurationManager->GetBorgRemoteRepo(),
+        'domain' => $configurationManager->domain,
+        'apache_port' => $configurationManager->apache_port,
+        'borg_backup_host_location' => $configurationManager->borg_backup_host_location,
+        'borg_remote_repo' => $configurationManager->borg_remote_repo,
         'borg_public_key' => $configurationManager->GetBorgPublicKey(),
         'nextcloud_password' => $configurationManager->GetAndGenerateSecret('NEXTCLOUD_PASSWORD'),
         'containers' => (new \AIO\ContainerDefinitionFetcher($container->get(\AIO\Data\ConfigurationManager::class), $container))->FetchDefinition(),
@@ -103,42 +103,42 @@ $app->get('/containers', function (Request $request, Response $response, array $
         'has_backup_run_once' => $configurationManager->hasBackupRunOnce(),
         'is_backup_container_running' => $dockerActionManager->isBackupContainerRunning(),
         'backup_exit_code' => $dockerActionManager->GetBackupcontainerExitCode(),
-        'is_instance_restore_attempt' => $configurationManager->isInstanceRestoreAttempt(),
-        'borg_backup_mode' => $configurationManager->GetBackupMode(),
-        'was_start_button_clicked' => $configurationManager->wasStartButtonClicked(),
+        'is_instance_restore_attempt' => $configurationManager->instance_restore_attempt,
+        'borg_backup_mode' => $configurationManager->backupMode,
+        'was_start_button_clicked' => $configurationManager->wasStartButtonClicked,
         'has_update_available' => $dockerActionManager->isAnyUpdateAvailable(),
         'last_backup_time' => $configurationManager->GetLastBackupTime(),
         'backup_times' => $configurationManager->GetBackupTimes(),
         'current_channel' => $dockerActionManager->GetCurrentChannel(),
-        'is_clamav_enabled' => $configurationManager->isClamavEnabled(),
-        'is_onlyoffice_enabled' => $configurationManager->isOnlyofficeEnabled(),
-        'is_collabora_enabled' => $configurationManager->isCollaboraEnabled(),
-        'is_talk_enabled' => $configurationManager->isTalkEnabled(),
-        'borg_restore_password' => $configurationManager->GetBorgRestorePassword(),
+        'is_clamav_enabled' => $configurationManager->isClamavEnabled,
+        'is_onlyoffice_enabled' => $configurationManager->isOnlyofficeEnabled,
+        'is_collabora_enabled' => $configurationManager->isCollaboraEnabled,
+        'is_talk_enabled' => $configurationManager->isTalkEnabled,
+        'borg_restore_password' => $configurationManager->borg_restore_password,
         'daily_backup_time' => $configurationManager->GetDailyBackupTime(),
         'is_daily_backup_running' => $configurationManager->isDailyBackupRunning(),
-        'timezone' => $configurationManager->GetTimezone(),
+        'timezone' => $configurationManager->timezone,
         'skip_domain_validation' => $configurationManager->shouldDomainValidationBeSkipped($skip_domain_validation),
-        'talk_port' => $configurationManager->GetTalkPort(),
-        'collabora_dictionaries' => $configurationManager->GetCollaboraDictionaries(),
-        'collabora_additional_options' => $configurationManager->GetAdditionalCollaboraOptions(),
+        'talk_port' => $configurationManager->talk_port,
+        'collabora_dictionaries' => $configurationManager->collabora_dictionaries,
+        'collabora_additional_options' => $configurationManager->collabora_additional_options,
         'automatic_updates' => $configurationManager->areAutomaticUpdatesEnabled(),
         'is_backup_section_enabled' => $configurationManager->isBackupSectionEnabled(),
-        'is_imaginary_enabled' => $configurationManager->isImaginaryEnabled(),
-        'is_fulltextsearch_enabled' => $configurationManager->isFulltextsearchEnabled(),
+        'is_imaginary_enabled' => $configurationManager->isImaginaryEnabled,
+        'is_fulltextsearch_enabled' => $configurationManager->isFulltextsearchEnabled,
         'additional_backup_directories' => $configurationManager->GetAdditionalBackupDirectoriesString(),
-        'nextcloud_datadir' => $configurationManager->GetNextcloudDatadirMount(),
-        'nextcloud_mount' => $configurationManager->GetNextcloudMount(),
-        'nextcloud_upload_limit' => $configurationManager->GetNextcloudUploadLimit(),
-        'nextcloud_max_time' => $configurationManager->GetNextcloudMaxTime(),
-        'nextcloud_memory_limit' => $configurationManager->GetNextcloudMemoryLimit(),
+        'nextcloud_datadir' => $configurationManager->nextcloud_datadir_mount,
+        'nextcloud_mount' => $configurationManager->nextcloud_mount,
+        'nextcloud_upload_limit' => $configurationManager->nextcloud_upload_limit,
+        'nextcloud_max_time' => $configurationManager->nextcloud_max_time,
+        'nextcloud_memory_limit' => $configurationManager->nextcloud_memory_limit,
         'is_dri_device_enabled' => $configurationManager->isDriDeviceEnabled(),
         'is_nvidia_gpu_enabled' => $configurationManager->isNvidiaGpuEnabled(),
-        'is_talk_recording_enabled' => $configurationManager->isTalkRecordingEnabled(),
-        'is_docker_socket_proxy_enabled' => $configurationManager->isDockerSocketProxyEnabled(),
-        'is_whiteboard_enabled' => $configurationManager->isWhiteboardEnabled(),
+        'is_talk_recording_enabled' => $configurationManager->isTalkRecordingEnabled,
+        'is_docker_socket_proxy_enabled' => $configurationManager->isDockerSocketProxyEnabled,
+        'is_whiteboard_enabled' => $configurationManager->isWhiteboardEnabled,
         'community_containers' => $configurationManager->listAvailableCommunityContainers(),
-        'community_containers_enabled' => $configurationManager->GetEnabledCommunityContainers(),
+        'community_containers_enabled' => $configurationManager->aio_community_containers,
         'bypass_container_update' => $bypass_container_update,
     ]);
 })->setName('profile');

php/src/Auth/AuthManager.php

@@ -15,11 +15,11 @@ readonly class AuthManager {
     }
 
     public function CheckCredentials(string $password) : bool {
-        return hash_equals($this->configurationManager->GetPassword(), $password);
+        return hash_equals($this->configurationManager->password, $password);
     }
 
     public function CheckToken(string $token) : bool {
-        return hash_equals($this->configurationManager->GetToken(), $token);
+        return hash_equals($this->configurationManager->AIO_TOKEN, $token);
     }
 
     public function SetAuthState(bool $isLoggedIn) : void {

php/src/ContainerDefinitionFetcher.php

@@ -41,7 +41,7 @@ readonly class ContainerDefinitionFetcher {
         $data = json_decode((string)file_get_contents(DataConst::GetContainersDefinitionPath()), true, 512, JSON_THROW_ON_ERROR);
 
         $additionalContainerNames = [];
-        foreach ($this->configurationManager->GetEnabledCommunityContainers() as $communityContainer) {
+        foreach ($this->configurationManager->aio_community_containers as $communityContainer) {
             if ($communityContainer !== '') {
                 $path = DataConst::GetCommunityContainersDirectory() . '/' . $communityContainer . '/' . $communityContainer . '.json';
                 $additionalData = json_decode((string)file_get_contents($path), true, 512, JSON_THROW_ON_ERROR);
@@ -56,42 +56,42 @@ readonly class ContainerDefinitionFetcher {
         $containers = [];
         foreach ($data['aio_services_v1'] as $entry) {
             if ($entry['container_name'] === 'nextcloud-aio-clamav') {
-                if (!$this->configurationManager->isClamavEnabled()) {
+                if (!$this->configurationManager->isClamavEnabled) {
                     continue;
                 }
             } elseif ($entry['container_name'] === 'nextcloud-aio-onlyoffice') {
-                if (!$this->configurationManager->isOnlyofficeEnabled()) {
+                if (!$this->configurationManager->isOnlyofficeEnabled) {
                     continue;
                 }
             } elseif ($entry['container_name'] === 'nextcloud-aio-collabora') {
-                if (!$this->configurationManager->isCollaboraEnabled()) {
+                if (!$this->configurationManager->isCollaboraEnabled) {
                     continue;
                 }
                 if ($this->configurationManager->isCollaboraSubscriptionEnabled()) {
                     $entry['image'] = 'ghcr.io/nextcloud-releases/aio-collabora-online';
                 }
             } elseif ($entry['container_name'] === 'nextcloud-aio-talk') {
-                if (!$this->configurationManager->isTalkEnabled()) {
+                if (!$this->configurationManager->isTalkEnabled) {
                     continue;
                 }
             } elseif ($entry['container_name'] === 'nextcloud-aio-talk-recording') {
-                if (!$this->configurationManager->isTalkRecordingEnabled()) {
+                if (!$this->configurationManager->isTalkRecordingEnabled) {
                     continue;
                 }
             } elseif ($entry['container_name'] === 'nextcloud-aio-imaginary') {
-                if (!$this->configurationManager->isImaginaryEnabled()) {
+                if (!$this->configurationManager->isImaginaryEnabled) {
                     continue;
                 }
             } elseif ($entry['container_name'] === 'nextcloud-aio-fulltextsearch') {
-                if (!$this->configurationManager->isFulltextsearchEnabled()) {
+                if (!$this->configurationManager->isFulltextsearchEnabled) {
                     continue;
                 }
             } elseif ($entry['container_name'] === 'nextcloud-aio-docker-socket-proxy') {
-                if (!$this->configurationManager->isDockerSocketProxyEnabled()) {
+                if (!$this->configurationManager->isDockerSocketProxyEnabled) {
                     continue;
                 }
             } elseif ($entry['container_name'] === 'nextcloud-aio-whiteboard') {
-                if (!$this->configurationManager->isWhiteboardEnabled()) {
+                if (!$this->configurationManager->isWhiteboardEnabled) {
                     continue;
                 }
             }
@@ -113,18 +113,18 @@ readonly class ContainerDefinitionFetcher {
             if (isset($entry['volumes'])) {
                 foreach ($entry['volumes'] as $value) {
                     if($value['source'] === '%BORGBACKUP_HOST_LOCATION%') {
-                        $value['source'] = $this->configurationManager->GetBorgBackupHostLocation();
+                        $value['source'] = $this->configurationManager->borg_backup_host_location;
                         if($value['source'] === '') {
                             continue;
                         }
                     }
                     if($value['source'] === '%NEXTCLOUD_MOUNT%') {
-                        $value['source'] = $this->configurationManager->GetNextcloudMount();
+                        $value['source'] = $this->configurationManager->nextcloud_mount;
                         if($value['source'] === '') {
                             continue;
                         }
                     } elseif ($value['source'] === '%NEXTCLOUD_DATADIR%') {
-                        $value['source'] = $this->configurationManager->GetNextcloudDatadirMount();
+                        $value['source'] = $this->configurationManager->nextcloud_datadir_mount;
                         if ($value['source'] === '') {
                             continue;
                         }
@@ -140,7 +140,7 @@ readonly class ContainerDefinitionFetcher {
                         }
                     }
                     if ($value['destination'] === '%NEXTCLOUD_MOUNT%') {
-                        $value['destination'] = $this->configurationManager->GetNextcloudMount();
+                        $value['destination'] = $this->configurationManager->nextcloud_mount;
                         if($value['destination'] === '') {
                             continue;
                         }
@@ -168,39 +168,39 @@ readonly class ContainerDefinitionFetcher {
                 }
                 foreach ($valueDependsOn as $value) {
                     if ($value === 'nextcloud-aio-clamav') {
-                        if (!$this->configurationManager->isClamavEnabled()) {
+                        if (!$this->configurationManager->isClamavEnabled) {
                             continue;
                         }
                     } elseif ($value === 'nextcloud-aio-onlyoffice') {
-                        if (!$this->configurationManager->isOnlyofficeEnabled()) {
+                        if (!$this->configurationManager->isOnlyofficeEnabled) {
                             continue;
                         }
                     } elseif ($value === 'nextcloud-aio-collabora') {
-                        if (!$this->configurationManager->isCollaboraEnabled()) {
+                        if (!$this->configurationManager->isCollaboraEnabled) {
                             continue;
                         }
                     } elseif ($value === 'nextcloud-aio-talk') {
-                        if (!$this->configurationManager->isTalkEnabled()) {
+                        if (!$this->configurationManager->isTalkEnabled) {
                             continue;
                         }
                     } elseif ($value === 'nextcloud-aio-talk-recording') {
-                        if (!$this->configurationManager->isTalkRecordingEnabled()) {
+                        if (!$this->configurationManager->isTalkRecordingEnabled) {
                             continue;
                         }
                     } elseif ($value === 'nextcloud-aio-imaginary') {
-                        if (!$this->configurationManager->isImaginaryEnabled()) {
+                        if (!$this->configurationManager->isImaginaryEnabled) {
                             continue;
                         }
                     } elseif ($value === 'nextcloud-aio-fulltextsearch') {
-                        if (!$this->configurationManager->isFulltextsearchEnabled()) {
+                        if (!$this->configurationManager->isFulltextsearchEnabled) {
                             continue;
                         }
                     } elseif ($value === 'nextcloud-aio-docker-socket-proxy') {
-                        if (!$this->configurationManager->isDockerSocketProxyEnabled()) {
+                        if (!$this->configurationManager->isDockerSocketProxyEnabled) {
                             continue;
                         }
                     } elseif ($value === 'nextcloud-aio-whiteboard') {
-                        if (!$this->configurationManager->isWhiteboardEnabled()) {
+                        if (!$this->configurationManager->isWhiteboardEnabled) {
                             continue;
                         }
                     }

php/src/Controller/ConfigurationController.php

@@ -67,63 +67,27 @@ readonly class ConfigurationController {
             }
 
             if (isset($request->getParsedBody()['delete_timezone'])) {
-                $this->configurationManager->DeleteTimezone();
+                $this->configurationManager->deleteTimezone();
             }
 
             if (isset($request->getParsedBody()['timezone'])) {
                 $timezone = $request->getParsedBody()['timezone'] ?? '';
-                $this->configurationManager->SetTimezone($timezone);
+                $this->configurationManager->timezone = $timezone;
             }
 
             if (isset($request->getParsedBody()['options-form'])) {
                 if (isset($request->getParsedBody()['collabora']) && isset($request->getParsedBody()['onlyoffice'])) {
                     throw new InvalidSettingConfigurationException("Collabora and Onlyoffice are not allowed to be enabled at the same time!");
                 }
-                if (isset($request->getParsedBody()['clamav'])) {
-                    $this->configurationManager->SetClamavEnabledState(1);
-                } else {
-                    $this->configurationManager->SetClamavEnabledState(0);
-                }
-                if (isset($request->getParsedBody()['onlyoffice'])) {
-                    $this->configurationManager->SetOnlyofficeEnabledState(1);
-                } else {
-                    $this->configurationManager->SetOnlyofficeEnabledState(0);
-                }
-                if (isset($request->getParsedBody()['collabora'])) {
-                    $this->configurationManager->SetCollaboraEnabledState(1);
-                } else {
-                    $this->configurationManager->SetCollaboraEnabledState(0);
-                }
-                if (isset($request->getParsedBody()['talk'])) {
-                    $this->configurationManager->SetTalkEnabledState(1);
-                } else {
-                    $this->configurationManager->SetTalkEnabledState(0);
-                }
-                if (isset($request->getParsedBody()['talk-recording'])) {
-                    $this->configurationManager->SetTalkRecordingEnabledState(1);
-                } else {
-                    $this->configurationManager->SetTalkRecordingEnabledState(0);
-                }
-                if (isset($request->getParsedBody()['imaginary'])) {
-                    $this->configurationManager->SetImaginaryEnabledState(1);
-                } else {
-                    $this->configurationManager->SetImaginaryEnabledState(0);
-                }
-                if (isset($request->getParsedBody()['fulltextsearch'])) {
-                    $this->configurationManager->SetFulltextsearchEnabledState(1);
-                } else {
-                    $this->configurationManager->SetFulltextsearchEnabledState(0);
-                }
-                if (isset($request->getParsedBody()['docker-socket-proxy'])) {
-                    $this->configurationManager->SetDockerSocketProxyEnabledState(1);
-                } else {
-                    $this->configurationManager->SetDockerSocketProxyEnabledState(0);
-                }
-                if (isset($request->getParsedBody()['whiteboard'])) {
-                    $this->configurationManager->SetWhiteboardEnabledState(1);
-                } else {
-                    $this->configurationManager->SetWhiteboardEnabledState(0);
-                }
+                $this->configurationManager->isClamavEnabled = isset($request->getParsedBody()['clamav']);
+                $this->configurationManager->isOnlyofficeEnabled = isset($request->getParsedBody()['onlyoffice']);
+                $this->configurationManager->isCollaboraEnabled = isset($request->getParsedBody()['collabora']);
+                $this->configurationManager->isTalkEnabled = isset($request->getParsedBody()['talk']);
+                $this->configurationManager->isTalkRecordingEnabled = isset($request->getParsedBody()['talk-recording']);
+                $this->configurationManager->isImaginaryEnabled = isset($request->getParsedBody()['imaginary']);
+                $this->configurationManager->isFulltextsearchEnabled = isset($request->getParsedBody()['fulltextsearch']);
+                $this->configurationManager->isDockerSocketProxyEnabled = isset($request->getParsedBody()['docker-socket-proxy']);
+                $this->configurationManager->isWhiteboardEnabled = isset($request->getParsedBody()['whiteboard']);
             }
 
             if (isset($request->getParsedBody()['community-form'])) {
@@ -137,7 +101,7 @@ readonly class ConfigurationController {
                         $enabledCC[] = $item;
                     }
                 }
-                $this->configurationManager->SetEnabledCommunityContainers($enabledCC);
+                $this->configurationManager->aio_community_containers = $enabledCC;
             }
 
             if (isset($request->getParsedBody()['delete_collabora_dictionaries'])) {
@@ -146,16 +110,16 @@ readonly class ConfigurationController {
 
             if (isset($request->getParsedBody()['collabora_dictionaries'])) {
                 $collaboraDictionaries = $request->getParsedBody()['collabora_dictionaries'] ?? '';
-                $this->configurationManager->SetCollaboraDictionaries($collaboraDictionaries);
+                $this->configurationManager->collabora_dictionaries = $collaboraDictionaries;
             }
 
             if (isset($request->getParsedBody()['delete_collabora_additional_options'])) {
-                $this->configurationManager->DeleteAdditionalCollaboraOptions();
+                $this->configurationManager->deleteAdditionalCollaboraOptions();
             }
 
             if (isset($request->getParsedBody()['collabora_additional_options'])) {
                 $additionalCollaboraOptions = $request->getParsedBody()['collabora_additional_options'] ?? '';
-                $this->configurationManager->SetAdditionalCollaboraOptions($additionalCollaboraOptions);
+                $this->configurationManager->collabora_additional_options = $additionalCollaboraOptions;
             }
 
             if (isset($request->getParsedBody()['delete_borg_backup_location_vars'])) {

php/src/Controller/DockerController.php

@@ -89,7 +89,7 @@ readonly class DockerController {
     }
 
     public function startBackup(bool $forceStopNextcloud = false) : void {
-        $this->configurationManager->SetBackupMode('backup');
+        $this->configurationManager->backupMode = 'backup';
 
         $id = self::TOP_CONTAINER;
         $this->PerformRecursiveContainerStop($id, $forceStopNextcloud);
@@ -109,29 +109,25 @@ readonly class DockerController {
     }
 
     public function checkBackup() : void {
-        $this->configurationManager->SetBackupMode('check');
+        $this->configurationManager->backupMode = 'check';
 
         $id = 'nextcloud-aio-borgbackup';
         $this->PerformRecursiveContainerStart($id);
     }
 
     private function listBackup() : void {
-        $this->configurationManager->SetBackupMode('list');
+        $this->configurationManager->backupMode = 'list';
 
         $id = 'nextcloud-aio-borgbackup';
         $this->PerformRecursiveContainerStart($id);
     }
 
     public function StartBackupContainerRestore(Request $request, Response $response, array $args) : Response {
-        $this->configurationManager->SetBackupMode('restore');
-        $config = $this->configurationManager->GetConfig();
-        $config['selected-restore-time'] = $request->getParsedBody()['selected_restore_time'] ?? '';
-        if (isset($request->getParsedBody()['restore-exclude-previews'])) {
-            $config['restore-exclude-previews'] = 1;
-        } else {
-            $config['restore-exclude-previews'] = '';
-        }
-        $this->configurationManager->WriteConfig($config);
+        $this->configurationManager->setMultiple(function (ConfigurationManager $confManager) use ($request) {
+            $confManager->backupMode = 'restore';
+            $confManager->selectedRestoreTime = $request->getParsedBody()['selected_restore_time'] ?? '';
+            $confManager->restoreExcludePreviews = isset($request->getParsedBody()['restore-exclude-previews']);
+        });
 
         $id = self::TOP_CONTAINER;
         $forceStopNextcloud = true;
@@ -144,22 +140,22 @@ readonly class DockerController {
     }
 
     public function StartBackupContainerCheckRepair(Request $request, Response $response, array $args) : Response {
-        $this->configurationManager->SetBackupMode('check-repair');
+        $this->configurationManager->backupMode = 'check-repair';
 
         $id = 'nextcloud-aio-borgbackup';
         $this->PerformRecursiveContainerStart($id);
 
         // Restore to backup check which is needed to make the UI logic work correctly
-        $this->configurationManager->SetBackupMode('check');
+        $this->configurationManager->backupMode = 'check';
 
         return $response->withStatus(201)->withHeader('Location', '.');
     }
 
     public function StartBackupContainerTest(Request $request, Response $response, array $args) : Response {
-        $this->configurationManager->SetBackupMode('test');
-        $config = $this->configurationManager->GetConfig();
-        $config['instance_restore_attempt'] = 0;
-        $this->configurationManager->WriteConfig($config);
+        $this->configurationManager->setMultiple(function (ConfigurationManager $confManager) {
+            $confManager->backupMode = 'test';
+            $confManager->instance_restore_attempt = false;
+        });
 
         $id = self::TOP_CONTAINER;
         $this->PerformRecursiveContainerStop($id);
@@ -181,21 +177,13 @@ readonly class DockerController {
             $port = 443;
         }
 
-        if (isset($request->getParsedBody()['install_latest_major'])) {
-            $installLatestMajor = 32;
-        } else {
-            $installLatestMajor = "";
-        }
-
-        $config = $this->configurationManager->GetConfig();
-        // set AIO_URL
-        $config['AIO_URL'] = $host . ':' . (string)$port . $path;
-        // set wasStartButtonClicked
-        $config['wasStartButtonClicked'] = 1;
-        // set install_latest_major
-        $config['install_latest_major'] = $installLatestMajor;
-        $this->configurationManager->WriteConfig($config);
-
+        $this->configurationManager->setMultiple(function (ConfigurationManager $confManager) use ($request, $host, $port, $path) {
+            $confManager->install_latest_major = isset($request->getParsedBody()['install_latest_major']);
+            // set AIO_URL
+            $confManager->AIO_URL = $host . ':' . (string)$port . $path;
+            // set wasStartButtonClicked
+            $confManager->wasStartButtonClicked = true;
+        });
         // Do not pull container images in case 'bypass_container_update' is set via url params
         // Needed for local testing
         $pullImage = !isset($request->getParsedBody()['bypass_container_update']);
@@ -213,10 +201,7 @@ readonly class DockerController {
     }
 
     public function startTopContainer(bool $pullImage) : void {
-        $config = $this->configurationManager->GetConfig();
-        // set AIO_TOKEN
-        $config['AIO_TOKEN'] = bin2hex(random_bytes(24));
-        $this->configurationManager->WriteConfig($config);
+        $this->configurationManager->AIO_TOKEN = bin2hex(random_bytes(24));
 
         // Stop domaincheck since apache would not be able to start otherwise
         $this->StopDomaincheckContainer();
@@ -244,7 +229,7 @@ readonly class DockerController {
         // This is a hack but no better solution was found for the meantime
         // Stop Collabora first to make sure it force-saves
         // See https://github.com/nextcloud/richdocuments/issues/3799
-        if ($id === self::TOP_CONTAINER && $this->configurationManager->isCollaboraEnabled()) {
+        if ($id === self::TOP_CONTAINER && $this->configurationManager->isCollaboraEnabled) {
             $this->PerformRecursiveContainerStop('nextcloud-aio-collabora');
         }
 
@@ -277,7 +262,7 @@ readonly class DockerController {
     public function StartDomaincheckContainer() : void
     {
         # Don't start if domain is already set
-        if ($this->configurationManager->GetDomain() !== '' || $this->configurationManager->wasStartButtonClicked()) {
+        if ($this->configurationManager->domain !== '' || $this->configurationManager->wasStartButtonClicked) {
             return;
         }
 

php/src/Data/Setup.php

@@ -17,7 +17,7 @@ readonly class Setup {
         }
 
         $password = $this->passwordGenerator->GeneratePassword(8);
-        $this->configurationManager->SetPassword($password);
+        $this->configurationManager->password = $password;
         return $password;
     }
 

php/src/Docker/DockerActionManager.php

@@ -115,9 +115,9 @@ readonly class DockerActionManager {
         $containerName = $container->GetIdentifier();
         $internalPort = $container->GetInternalPort();
         if ($internalPort === '%APACHE_PORT%') {
-            $internalPort = $this->configurationManager->GetApachePort();
+            $internalPort = $this->configurationManager->apache_port;
         } elseif ($internalPort === '%TALK_PORT%') {
-            $internalPort = $this->configurationManager->GetTalkPort();
+            $internalPort = $this->configurationManager->talk_port;
         }
 
         if ($internalPort !== "" && $internalPort !== 'host') {
@@ -205,7 +205,7 @@ readonly class DockerActionManager {
         foreach ($container->GetVolumes()->GetVolumes() as $volume) {
             // // NEXTCLOUD_MOUNT gets added via bind-mount later on
             // if ($container->GetIdentifier() === 'nextcloud-aio-nextcloud') {
-            //     if ($volume->name === $this->configurationManager->GetNextcloudMount()) {
+            //     if ($volume->name === $this->configurationManager->nextcloud_mount) {
             //         continue;
             //     }
             // }
@@ -228,15 +228,7 @@ readonly class DockerActionManager {
             $requestBody['HostConfig']['Binds'] = $volumes;
         }
 
-        $aioVariables = $container->GetAioVariables()->GetVariables();
-        foreach ($aioVariables as $variable) {
-            $config = $this->configurationManager->GetConfig();
-            $variable = $this->replaceEnvPlaceholders($variable);
-            $variableArray = explode('=', $variable);
-            $config[$variableArray[0]] = $variableArray[1];
-            $this->configurationManager->WriteConfig($config);
-            sleep(1);
-        }
+        $this->configurationManager->setAioVariables($container->GetAioVariables()->GetVariables());
 
         $envs = $container->GetEnvironmentVariables()->GetVariables();
         // Special thing for the nextcloud container
@@ -244,7 +236,7 @@ readonly class DockerActionManager {
             $envs[] = $this->GetAllNextcloudExecCommands();
         }
         foreach ($envs as $key => $env) {
-            $envs[$key] = $this->replaceEnvPlaceholders($env);
+            $envs[$key] = $this->configurationManager->replaceEnvPlaceholders($env);
         }
 
         if (count($envs) > 0) {
@@ -261,13 +253,13 @@ readonly class DockerActionManager {
                 $port = $value->port;
                 $protocol = $value->protocol;
                 if ($port === '%APACHE_PORT%') {
-                    $port = $this->configurationManager->GetApachePort();
+                    $port = $this->configurationManager->apache_port;
                     // Do not expose udp if AIO is in reverse proxy mode
                     if ($port !== '443' && $protocol === 'udp') {
                         continue;
                     }
                 } else if ($port === '%TALK_PORT%') {
-                    $port = $this->configurationManager->GetTalkPort();
+                    $port = $this->configurationManager->talk_port;
                 }
                 $portWithProtocol = $port . '/' . $protocol;
                 $exposedPorts[$portWithProtocol] = null;
@@ -283,13 +275,13 @@ readonly class DockerActionManager {
                 $port = $value->port;
                 $protocol = $value->protocol;
                 if ($port === '%APACHE_PORT%') {
-                    $port = $this->configurationManager->GetApachePort();
+                    $port = $this->configurationManager->apache_port;
                     // Do not expose udp if AIO is in reverse proxy mode
                     if ($port !== '443' && $protocol === 'udp') {
                         continue;
                     }
                 } else if ($port === '%TALK_PORT%') {
-                    $port = $this->configurationManager->GetTalkPort();
+                    $port = $this->configurationManager->talk_port;
                     // Skip publishing talk tcp port if it is set to 443
                     if ($port === '443' && $protocol === 'tcp') {
                         continue;
@@ -297,7 +289,7 @@ readonly class DockerActionManager {
                 }
                 $ipBinding = $value->ipBinding;
                 if ($ipBinding === '%APACHE_IP_BINDING%') {
-                    $ipBinding = $this->configurationManager->GetApacheIPBinding();
+                    $ipBinding = $this->configurationManager->apache_ip_binding;
                     // Do not expose if AIO is in internal network mode
                     if ($ipBinding === '@INTERNAL') {
                         continue;
@@ -403,7 +395,7 @@ readonly class DockerActionManager {
             // // Special things for the nextcloud container which should not be exposed in the containers.json
             // } elseif ($container->GetIdentifier() === 'nextcloud-aio-nextcloud') {
             //     foreach ($container->GetVolumes()->GetVolumes() as $volume) {
-            //         if ($volume->name !== $this->configurationManager->GetNextcloudMount()) {
+            //         if ($volume->name !== $this->configurationManager->nextcloud_mount) {
             //             continue;
             //         }
             //         $mounts[] = ["Type" => "bind", "Source" => $volume->name, "Target" => $volume->mountPoint, "ReadOnly" => !$volume->isWritable, "BindOptions" => [ "Propagation" => "rshared"]];
@@ -422,8 +414,8 @@ readonly class DockerActionManager {
             }
 
             // Additional Collabora options
-            if ($this->configurationManager->GetAdditionalCollaboraOptions() !== '') {
-                $requestBody['Cmd'] = [$this->configurationManager->GetAdditionalCollaboraOptions()];
+            if ($this->configurationManager->collabora_additional_options !== '') {
+                $requestBody['Cmd'] = [$this->configurationManager->collabora_additional_options];
             }
         }
 
@@ -515,82 +507,6 @@ readonly class DockerActionManager {
         }
     }
 
-    // Replaces placeholders in $envValue with their values.
-    // E.g. "%NC_DOMAIN%:%APACHE_PORT" becomes "my.nextcloud.com:11000"
-    private function replaceEnvPlaceholders(string $envValue): string {
-        // $pattern breaks down as:
-        // % - matches a literal percent sign
-        // ([^%]+) - capture group that matches one or more characters that are NOT percent signs
-        // % - matches the closing percent sign
-        //
-        // Assumes literal percent signs are always matched and there is no
-        // escaping.
-        $pattern = '/%([^%]+)%/';
-        $matchCount = preg_match_all($pattern, $envValue, $matches);
-
-        if ($matchCount === 0) {
-            return $envValue;
-        }
-
-        $placeholders = $matches[0]; // ["%PLACEHOLDER1%", "%PLACEHOLDER2%", ...]
-        $placeholderNames = $matches[1]; // ["PLACEHOLDER1", "PLACEHOLDER2", ...]
-        $placeholderPatterns = array_map(static fn(string $p) => '/' . preg_quote($p) . '/', $placeholders); // ["/%PLACEHOLDER1%/", ...]
-        $placeholderValues = array_map($this->getPlaceholderValue(...), $placeholderNames); // ["val1", "val2"]
-        // Guaranteed to be non-null because we found the placeholders in the preg_match_all.
-        return (string) preg_replace($placeholderPatterns, $placeholderValues, $envValue);
-    }
-
-    private function getPlaceholderValue(string $placeholder) : string {
-        return match ($placeholder) {
-            'NC_DOMAIN' => $this->configurationManager->GetDomain(),
-            'NC_BASE_DN' => $this->configurationManager->GetBaseDN(),
-            'AIO_TOKEN' => $this->configurationManager->GetToken(),
-            'BORGBACKUP_REMOTE_REPO' => $this->configurationManager->GetBorgRemoteRepo(),
-            'BORGBACKUP_MODE' => $this->configurationManager->GetBackupMode(),
-            'AIO_URL' => $this->configurationManager->GetAIOURL(),
-            'SELECTED_RESTORE_TIME' => $this->configurationManager->GetSelectedRestoreTime(),
-            'RESTORE_EXCLUDE_PREVIEWS' => $this->configurationManager->GetRestoreExcludePreviews(),
-            'APACHE_PORT' => $this->configurationManager->GetApachePort(),
-            'APACHE_IP_BINDING' => $this->configurationManager->GetApacheIPBinding(),
-            'TALK_PORT' => $this->configurationManager->GetTalkPort(),
-            'TURN_DOMAIN' => $this->configurationManager->GetTurnDomain(),
-            'NEXTCLOUD_MOUNT' => $this->configurationManager->GetNextcloudMount(),
-            'BACKUP_RESTORE_PASSWORD' => $this->configurationManager->GetBorgRestorePassword(),
-            'CLAMAV_ENABLED' => $this->configurationManager->isClamavEnabled() ? 'yes' : '',
-            'TALK_RECORDING_ENABLED' => $this->configurationManager->isTalkRecordingEnabled() ? 'yes' : '',
-            'ONLYOFFICE_ENABLED' => $this->configurationManager->isOnlyofficeEnabled() ? 'yes' : '',
-            'COLLABORA_ENABLED' => $this->configurationManager->isCollaboraEnabled() ? 'yes' : '',
-            'TALK_ENABLED' => $this->configurationManager->isTalkEnabled() ? 'yes' : '',
-            'UPDATE_NEXTCLOUD_APPS' => ($this->configurationManager->isDailyBackupRunning() && $this->configurationManager->areAutomaticUpdatesEnabled()) ? 'yes' : '',
-            'TIMEZONE' => $this->configurationManager->GetTimezone() === '' ? 'Etc/UTC' : $this->configurationManager->GetTimezone(),
-            'COLLABORA_DICTIONARIES' => $this->configurationManager->GetCollaboraDictionaries() === '' ? 'de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru' : $this->configurationManager->GetCollaboraDictionaries(),
-            'IMAGINARY_ENABLED' => $this->configurationManager->isImaginaryEnabled() ? 'yes' : '',
-            'FULLTEXTSEARCH_ENABLED' => $this->configurationManager->isFulltextsearchEnabled() ? 'yes' : '',
-            'DOCKER_SOCKET_PROXY_ENABLED' => $this->configurationManager->isDockerSocketProxyEnabled() ? 'yes' : '',
-            'NEXTCLOUD_UPLOAD_LIMIT' => $this->configurationManager->GetNextcloudUploadLimit(),
-            'NEXTCLOUD_MEMORY_LIMIT' => $this->configurationManager->GetNextcloudMemoryLimit(),
-            'NEXTCLOUD_MAX_TIME' => $this->configurationManager->GetNextcloudMaxTime(),
-            'BORG_RETENTION_POLICY' => $this->configurationManager->GetBorgRetentionPolicy(),
-            'FULLTEXTSEARCH_JAVA_OPTIONS' => $this->configurationManager->GetFulltextsearchJavaOptions(),
-            'NEXTCLOUD_TRUSTED_CACERTS_DIR' => $this->configurationManager->GetTrustedCacertsDir(),
-            'ADDITIONAL_DIRECTORIES_BACKUP' => $this->configurationManager->GetAdditionalBackupDirectoriesString() !== '' ? 'yes' : '',
-            'BORGBACKUP_HOST_LOCATION' => $this->configurationManager->GetBorgBackupHostLocation(),
-            'APACHE_MAX_SIZE' => (string)($this->configurationManager->GetApacheMaxSize()),
-            'COLLABORA_SECCOMP_POLICY' => $this->configurationManager->GetCollaboraSeccompPolicy(),
-            'NEXTCLOUD_STARTUP_APPS' => $this->configurationManager->GetNextcloudStartupApps(),
-            'NEXTCLOUD_ADDITIONAL_APKS' => $this->configurationManager->GetNextcloudAdditionalApks(),
-            'NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS' => $this->configurationManager->GetNextcloudAdditionalPhpExtensions(),
-            'INSTALL_LATEST_MAJOR' => $this->configurationManager->shouldLatestMajorGetInstalled() ? 'yes' : '',
-            'REMOVE_DISABLED_APPS' => $this->configurationManager->shouldDisabledAppsGetRemoved() ? 'yes' : '',
-            // Allow to get local ip-address of database container which allows to talk to it even in host mode (the container that requires this needs to be started first then)
-            'AIO_DATABASE_HOST' => gethostbyname('nextcloud-aio-database'),
-            // Allow to get local ip-address of caddy container and add it to trusted proxies automatically
-            'CADDY_IP_ADDRESS' => in_array('caddy', $this->configurationManager->GetEnabledCommunityContainers(), true) ? gethostbyname('nextcloud-aio-caddy') : '',
-            'WHITEBOARD_ENABLED' => $this->configurationManager->isWhiteboardEnabled() ? 'yes' : '',
-            default => $this->configurationManager->GetRegisteredSecret($placeholder),
-        };
-    }
-
     private function isContainerUpdateAvailable(string $id): string {
         $container = $this->containerDefinitionFetcher->GetContainerById($id);
 
@@ -606,7 +522,7 @@ readonly class DockerActionManager {
 
     public function isAnyUpdateAvailable(): bool {
         // return early if instance is not installed
-        if (!$this->configurationManager->wasStartButtonClicked()) {
+        if (!$this->configurationManager->wasStartButtonClicked) {
             return false;
         }
         $id = 'nextcloud-aio-apache';

php/templates/containers.twig

@@ -17,7 +17,7 @@
 
     <div class="container">
         <main>
-            <h1>Nextcloud AIO v12.4.0</h1>
+            <h1>Nextcloud AIO v12.5.0</h1>
 
             {# Add 2nd tab warning #}
             <script type="text/javascript" src="second-tab-warning.js"></script>

readme.md

@@ -340,7 +340,7 @@ Although it does not seems like it is the case but from AIO perspective a Cloudf
 For a reverse proxy example guide for Tailscale, see this guide by [@Perseus333](https://github.com/Perseus333): https://github.com/nextcloud/all-in-one/discussions/6817
 
 ### How to get Nextcloud running using the ACME DNS-challenge?
-You can install AIO in reverse proxy mode where is also documented how to get it running using the ACME DNS-challenge for getting a valid certificate for AIO. See the [reverse proxy documentation](./reverse-proxy.md). (Meant is the `Caddy with ACME DNS-challenge` section). Also see https://github.com/dani-garcia/vaultwarden/wiki/Running-a-private-vaultwarden-instance-with-Let%27s-Encrypt-certs#getting-a-custom-caddy-build for additional docs on this topic.
+You can install AIO behind an external reverse proxy where is also documented how to get it running using the ACME DNS-challenge for getting a valid certificate for AIO. See the [reverse proxy documentation](./reverse-proxy.md). (Meant is the `Caddy with ACME DNS-challenge` section). Also see https://github.com/dani-garcia/vaultwarden/wiki/Running-a-private-vaultwarden-instance-with-Let%27s-Encrypt-certs#getting-a-custom-caddy-build for additional docs on this topic.
 
 ### How to run Nextcloud locally? No domain wanted, or wanting intranet access within your LAN.
 If you do not want to open Nextcloud to the public internet, you may have a look at the following documentation on how to set it up locally: [local-instance.md](./local-instance.md), but keep in mind you're still required to have https working properly.

reverse-proxy.md

@@ -564,19 +564,14 @@ Note: this will cause that a non root user can bind privileged ports.
 
 Second, see these screenshots for a working config:
 
-![grafik](https://github.com/user-attachments/assets/c32c8fe8-7417-4f8f-9625-24b95651e630)
+<img width="675" height="695" alt="image" src="https://github.com/user-attachments/assets/196f53f9-ff86-4da2-960e-f7b7a2ceac0c" />
 
-![grafik](https://github.com/user-attachments/assets/f14bba5c-69ce-4514-a2ac-5e5d7fb97792)
+<img width="675" height="355" alt="image" src="https://github.com/user-attachments/assets/8a45a6d8-fbaf-4519-86f7-c7424ed780da" />
 
-<!-- ![grafik](https://github.com/user-attachments/assets/a26c53fd-6cc8-4a6b-a86f-c2f94b70088f) -->
+<img width="675" height="542" alt="image" src="https://github.com/user-attachments/assets/7e880d02-0f4f-459a-a3f6-216bcb1b04ca" />
 
-![grafik](https://github.com/user-attachments/assets/75d7f539-35d1-4a3e-8c51-43123f698893)
+<img width="675" height="570" alt="image" src="https://github.com/user-attachments/assets/2812ecc1-ecf0-44bd-9249-b76b30f8c25e" />
 
-![grafik](https://github.com/user-attachments/assets/e494edb5-8b70-4d45-bc9b-374219230041)
-
-`proxy_set_header Accept-Encoding $http_accept_encoding;`
-
-⚠️ **Please note:** Nextcloud will complain that X-XXS-Protection is set to the wrong value, this is intended by NPMplus. <br>
 ⚠️ **Please note:** look into [this](#adapting-the-sample-web-server-configurations-below) to adapt the above example configuration.
 
 </details>