exit if rsync fails

Signed-off-by: Simon L. <szaimen@e.mail.de>

Containers/clamav/Dockerfile

@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:latest
 # Probably from this file: https://github.com/Cisco-Talos/clamav-docker/blob/main/clamav/1.3/alpine/Dockerfile
-FROM clamav/clamav:1.4.2-24
+FROM clamav/clamav:1.4.2-26
 
 COPY clamav.conf /clamav.conf
 COPY --chmod=775 start.script /start.script

Containers/collabora/Dockerfile

@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:latest
 # From a file located probably somewhere here: https://github.com/CollaboraOnline/online/tree/master/docker
-FROM collabora/code:24.04.12.1.1
+FROM collabora/code:24.04.12.3.1
 
 USER root
 ARG DEBIAN_FRONTEND=noninteractive

Containers/docker-socket-proxy/Dockerfile

@@ -1,5 +1,5 @@
 # syntax=docker/dockerfile:latest
-FROM haproxy:3.1.2-alpine
+FROM haproxy:3.1.3-alpine
 
 # hadolint ignore=DL3002
 USER root

Containers/imaginary/Dockerfile

@@ -1,5 +1,5 @@
 # syntax=docker/dockerfile:latest
-FROM golang:1.23.5-alpine3.21 AS go
+FROM golang:1.23.6-alpine3.21 AS go
 
 ENV IMAGINARY_HASH=1d4e251cfcd58ea66f8361f8721d7b8cc85002a3
 

Containers/nextcloud/entrypoint.sh

@@ -217,6 +217,8 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then
         fi
 
         echo "Initializing nextcloud $image_version ..."
+        # TODO: touch rsync file to track what happens so that the container does not continue restarting? (it is not known what happens if it fails here at this step)
+        set -e
         rsync -rlD --delete --exclude-from=/upgrade.exclude "$SOURCE_LOCATION/" /var/www/html/
 
         for dir in config data custom_apps themes; do
@@ -226,6 +228,7 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then
         done
         rsync -rlD --delete --include '/config/' --exclude '/*' --exclude '/config/CAN_INSTALL' --exclude '/config/config.sample.php' --exclude '/config/config.php' "$SOURCE_LOCATION/" /var/www/html/
         rsync -rlD --include '/version.php' --exclude '/*' "$SOURCE_LOCATION/" /var/www/html/
+        set +e
         echo "Initializing finished"
 
         #install

Containers/nextcloud/run-exec-commands.sh

@@ -2,7 +2,7 @@
 
 # Wait until the apache container is ready
 while ! nc -z "$APACHE_HOST" "$APACHE_PORT"; do
-    echo "Waiting for Apache to become available..."
+    echo "Waiting for $APACHE_HOST to become available..."
     sleep 15
 done
 

Containers/onlyoffice/Dockerfile

@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:latest
 # From https://github.com/ONLYOFFICE/Docker-DocumentServer/blob/master/Dockerfile
-FROM onlyoffice/documentserver:8.2.2.1
+FROM onlyoffice/documentserver:8.3.0.1
 
 # USER root is probably used
 

Containers/talk-recording/Dockerfile

@@ -1,5 +1,5 @@
 # syntax=docker/dockerfile:latest
-FROM python:3.13.1-alpine3.21
+FROM python:3.13.2-alpine3.21
 
 COPY --chmod=775 start.sh /start.sh
 COPY --chmod=775 healthcheck.sh /healthcheck.sh

community-containers/jellyseerr/jellyseerr.json

@@ -8,6 +8,7 @@
             "image_tag": "latest",
             "internal_port": "5055",
             "restart": "unless-stopped",
+            "init": false,
             "ports": [
                 {
                     "ip_binding": "%APACHE_IP_BINDING%",

community-containers/jellyseerr/readme.md

@@ -4,8 +4,8 @@ This container bundles Jellyseerr and auto-configures it for you.
 ### Notes
 - This container is only intended to be used inside home networks as it uses http for its management page by default.
 - After adding and starting the container, you can directly visit `http://ip.address.of.server:5055` and access your new Jellyseerr instance, which can be used to manage Plex, Jellyfin, and Emby.
-- In order to access your Jellyseerr outside the local network, you have to set up your own reverse proxy. You can set up a reverse proxy following [these instructions](https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md) and [Jellyseerr's reverse proxy documentation.](https://docs.jellyseerr.dev/extending-jellyseerr/reverse-proxy), OR use the Caddy community container that will automatically configure requests.$NC_DOMAIN to redirect to your Jellyseerr.
-- If you want to secure the installation with fail2ban, you might want to check out https://github.com/nextcloud/all-in-one/tree/main/community-containers/fail2ban
+- In order to access your Jellyseerr outside the local network, you have to set up your own reverse proxy. You can set up a reverse proxy following [these instructions](https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md) and [Jellyseerr's reverse proxy documentation.](https://docs.jellyseerr.dev/extending-jellyseerr/reverse-proxy), OR use the Caddy community container that will automatically configure requests.$NC_DOMAIN to redirect to your Jellyseerr. Note that it is recommended to [enable CSRF protection in Jellyseerr](https://docs.jellyseerr.dev/using-jellyseerr/settings/general#enable-csrf-protection) for added security if you plan to use Jellyseerr outside the local network, but make sure to read up on it and understand the caveats first.
+- If you want to secure the installation with fail2ban, you might want to check out https://github.com/nextcloud/all-in-one/tree/main/community-containers/fail2ban. Note that [enabling the proxy support option in Jellyseerr](https://docs.jellyseerr.dev/using-jellyseerr/settings/general#enable-proxy-support) is required for this to work properly.
 - The config of Jellyseerr will be automatically included in AIO's backup solution!
 - See [here](https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers) how to add it to the AIO stack.
 

community-containers/pi-hole/pi-hole.json

@@ -48,6 +48,7 @@
                 "nextcloud_aio_pihole",
                 "nextcloud_aio_pihole_dnsmasq"
             ],
+            "ui_secret": "PIHOLE_WEBPASSWORD",
             "secrets": [
                 "PIHOLE_WEBPASSWORD"
             ]

community-containers/pi-hole/readme.md

@@ -6,7 +6,7 @@ This container bundles pi-hole and auto-configures it for you.
 - Make sure that no dns server is already running by checking with `sudo netstat -tulpn | grep 53`. Otherwise the container will not be able to start!
 - The DHCP functionality of Pi-hole has been disabled!
 - The data of pi-hole will be automatically included in AIOs backup solution!
-- After adding and starting the container, you can visit `http://ip.address.of.this.server:8573/admin` in order to log in with the admin key that you can retrieve when running `sudo docker inspect nextcloud-aio-pihole | grep WEBPASSWORD`. There you can configure the pi-hole setup. Also you can add local dns records.
+- After adding and starting the container, you can visit `http://ip.address.of.this.server:8573/admin` in order to log in with the admin key that you can see next to the container in the AIO interface. There you can configure the pi-hole setup. Also you can add local dns records.
 - You can configure your home network now to use pi-hole as its dns server by configuring your router.
 - Additionally, you can configure the docker daemon to use that by editing `/etc/docker/daemon.json` and adding ` { "dns" : [ "ip.address.of.this.server" , "8.8.8.8" ] } `.
 - See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack

community-containers/scrutiny/readme.md

@@ -1,11 +1,12 @@
 ## Scrutiny
-This container bundles Scrutiny and auto-configures it for you.
+This container bundles Scrutiny which is a frontend for SMART stats and auto-configures it for you.
 
 ### Notes
 - This container should only be run in home networks
 - ⚠️ This container mounts all devices from the host inside the container in order to be able to access the drives and smartctl stats which is a security issue. However no better solution was found for the time being.
 - This container only works on Linux and not on Docker-Desktop.
 - After adding and starting the container, you need to visit `http://internal.ip.of.server:8000` which will show the dashboard for your drives.
+- It currently does not support sending notifications as no good solution was found yet that makes this possible. See https://github.com/szaimen/aio-scrutiny/issues/3
 - See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack
 
 ### Repository

community-containers/vaultwarden/readme.md

@@ -6,7 +6,7 @@ This container bundles vaultwarden and auto-configures it for you.
 - Currently, only `bw.$NC_DOMAIN` is supported as subdomain! So if Nextcloud is using `your-domain.com`, vaultwarden will use `bw.your-domain.com`. The reverse proxy and domain must be configured accordingly!
 - If you want to secure the installation with fail2ban, you might want to check out https://github.com/nextcloud/all-in-one/tree/main/community-containers/fail2ban
 - The data of Vaultwarden will be automatically included in AIOs backup solution!
-- After adding and starting the container, you need to visit `https://bw.your-domain.com/admin` in order to log in with the admin key that you can retrieve when running `sudo docker inspect nextcloud-aio-vaultwarden | grep ADMIN_TOKEN`. There you can configure smtp first and then invite users via mail. After this is done, you might disable the admin panel via the reverse proxy by blocking connections to the subdirectory.
+- After adding and starting the container, you need to visit `https://bw.your-domain.com/admin` in order to log in with the admin key that you can see next to the container in the AIO interface. There you can configure smtp first and then invite users via mail. After this is done, you might disable the admin panel via the reverse proxy by blocking connections to the subdirectory.
 - If using the caddy community container, the vaultwarden admin interface can be disabled by creating a `block-vaultwarden-admin` file in the `nextcloud-aio-caddy` folder when you open the Nextcloud files app with the default `admin` user. Afterwards restart all containers from the AIO interface and the admin interface should be disabled! You can unlock the admin interface by removing the file again and afterwards restarting the containers via the AIO interface.
 - See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack
 

community-containers/vaultwarden/vaultwarden.json

@@ -40,6 +40,7 @@
             "backup_volumes": [
                 "nextcloud_aio_vaultwarden"
             ],
+            "ui_secret": "VAULTWARDEN_ADMIN_TOKEN",
             "secrets": [
                 "VAULTWARDEN_ADMIN_TOKEN"
             ]

manual-upgrade.md

@@ -7,7 +7,11 @@ The only way to fix this on your side is upgrading regularly (e.g. by enabling d
 
 ---
 
-## Method 1
+## Method 1 using `assaflavie/runlike`
+
+> [!Warning]
+> Please note that this method is apparently currently broken. See https://help.nextcloud.com/t/manual-upgrade-keeps-failing/217164/10
+> So please refer to method 2 using Portainer.
 
 1. Start all containers from the AIO interface 
     - Now, it will report that Nextcloud is restarting because it is not able to start due to the above mentioned problem
@@ -54,14 +58,11 @@ The only way to fix this on your side is upgrading regularly (e.g. by enabling d
 
 ---
 
-## Method 2
+## Method 2 using Portainer
 #### *Approach using portainer if method 1 does not work for you*
 
 Prerequisite: have all containers from AIO interface running.
 
-<details>
-<summary>Click to expand</summary>
-
 ##### 1. Install portainer if not installed:
 ```bash
 docker volume create portainer_data
@@ -119,5 +120,3 @@ docker rm portainer
 docker volume rm portainer_data
 ```
 - Make sure you close port 9443 on your firewall and delete any necessary reverse proxy hosts.
-
-</details>

nextcloud-aio-helm-chart/Chart.yaml

@@ -1,6 +1,6 @@
 name: nextcloud-aio-helm-chart
 description: A generated Helm Chart for Nextcloud AIO from Skippbox Kompose
-version: 10.4.0
+version: 10.5.0
 apiVersion: v2
 keywords:
   - latest

nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml

@@ -61,7 +61,7 @@ spec:
               value: "{{ .Values.TIMEZONE }}"
             - name: WHITEBOARD_HOST
               value: nextcloud-aio-whiteboard
-          image: nextcloud/aio-apache:20250122_091948
+          image: nextcloud/aio-apache:20250204_102259
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml

@@ -61,7 +61,7 @@ spec:
               value: "{{ .Values.NEXTCLOUD_UPLOAD_LIMIT }}"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: nextcloud/aio-clamav:20250122_091948
+          image: nextcloud/aio-clamav:20250204_102259
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml

@@ -34,7 +34,7 @@ spec:
               value: --o:ssl.enable=false --o:ssl.termination=true --o:mount_jail_tree=false --o:logging.level=warning --o:home_mode.enable=true {{ .Values.COLLABORA_SECCOMP_POLICY }} --o:remote_font_config.url=https://{{ .Values.NC_DOMAIN }}/apps/richdocuments/settings/fonts.json --o:net.post_allow.host[0]=.+
             - name: server_name
               value: "{{ .Values.NC_DOMAIN }}"
-          image: nextcloud/aio-collabora:20250122_091948
+          image: nextcloud/aio-collabora:20250204_102259
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml

@@ -64,7 +64,7 @@ spec:
               value: nextcloud
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: nextcloud/aio-postgresql:20250122_091948
+          image: nextcloud/aio-postgresql:20250204_102259
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml

@@ -54,7 +54,7 @@ spec:
               value: basic
             - name: xpack.security.enabled
               value: "false"
-          image: nextcloud/aio-fulltextsearch:20250122_091948
+          image: nextcloud/aio-fulltextsearch:20250204_102259
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml

@@ -38,7 +38,7 @@ spec:
               value: "{{ .Values.IMAGINARY_SECRET }}"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: nextcloud/aio-imaginary:20250122_091948
+          image: nextcloud/aio-imaginary:20250204_102259
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml

@@ -180,7 +180,7 @@ spec:
               value: "{{ .Values.WHITEBOARD_ENABLED }}"
             - name: WHITEBOARD_SECRET
               value: "{{ .Values.WHITEBOARD_SECRET }}"
-          image: nextcloud/aio-nextcloud:20250122_091948
+          image: nextcloud/aio-nextcloud:20250204_102259
           {{- if eq (.Values.RPSS_ENABLED | default "no") "yes" }} # AIO-config - do not change this comment!
           securityContext:
             # The items below only work in container context

nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml

@@ -53,7 +53,7 @@ spec:
               value: nextcloud-aio-redis
             - name: REDIS_HOST_PASSWORD
               value: "{{ .Values.REDIS_PASSWORD }}"
-          image: nextcloud/aio-notify-push:20250122_091948
+          image: nextcloud/aio-notify-push:20250204_102259
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml

@@ -42,7 +42,7 @@ spec:
               value: "{{ .Values.ONLYOFFICE_SECRET }}"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: nextcloud/aio-onlyoffice:20250122_091948
+          image: nextcloud/aio-onlyoffice:20250204_102259
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml

@@ -39,7 +39,7 @@ spec:
               value: "{{ .Values.REDIS_PASSWORD }}"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: nextcloud/aio-redis:20250122_091948
+          image: nextcloud/aio-redis:20250204_102259
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml

@@ -52,7 +52,7 @@ spec:
               value: "{{ .Values.TURN_SECRET }}"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: nextcloud/aio-talk:20250122_091948
+          image: nextcloud/aio-talk:20250204_102259
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml

@@ -44,7 +44,7 @@ spec:
               value: "{{ .Values.RECORDING_SECRET }}"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: nextcloud/aio-talk-recording:20250122_091948
+          image: nextcloud/aio-talk-recording:20250204_102259
           readinessProbe:
             exec:
               command:

nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml

@@ -34,6 +34,8 @@ spec:
         {{- end }}
       containers:
         - env:
+            - name: BACKUP_DIR
+              value: /tmp
             - name: JWT_SECRET_KEY
               value: "{{ .Values.WHITEBOARD_SECRET }}"
             - name: NEXTCLOUD_URL
@@ -46,7 +48,7 @@ spec:
               value: redis
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: nextcloud/aio-whiteboard:20250122_091948
+          image: nextcloud/aio-whiteboard:20250204_102259
           readinessProbe:
             exec:
               command:

php/composer.lock

@@ -391,32 +391,32 @@
         },
         {
             "name": "laravel/serializable-closure",
-            "version": "v1.3.7",
+            "version": "v2.0.2",
             "source": {
                 "type": "git",
                 "url": "https://github.com/laravel/serializable-closure.git",
-                "reference": "4f48ade902b94323ca3be7646db16209ec76be3d"
+                "reference": "2e1a362527783bcab6c316aad51bf36c5513ae44"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/laravel/serializable-closure/zipball/4f48ade902b94323ca3be7646db16209ec76be3d",
-                "reference": "4f48ade902b94323ca3be7646db16209ec76be3d",
+                "url": "https://api.github.com/repos/laravel/serializable-closure/zipball/2e1a362527783bcab6c316aad51bf36c5513ae44",
+                "reference": "2e1a362527783bcab6c316aad51bf36c5513ae44",
                 "shasum": ""
             },
             "require": {
-                "php": "^7.3|^8.0"
+                "php": "^8.1"
             },
             "require-dev": {
-                "illuminate/support": "^8.0|^9.0|^10.0|^11.0",
-                "nesbot/carbon": "^2.61|^3.0",
-                "pestphp/pest": "^1.21.3",
-                "phpstan/phpstan": "^1.8.2",
-                "symfony/var-dumper": "^5.4.11|^6.2.0|^7.0.0"
+                "illuminate/support": "^10.0|^11.0|^12.0",
+                "nesbot/carbon": "^2.67|^3.0",
+                "pestphp/pest": "^2.36|^3.0",
+                "phpstan/phpstan": "^2.0",
+                "symfony/var-dumper": "^6.2.0|^7.0.0"
             },
             "type": "library",
             "extra": {
                 "branch-alias": {
-                    "dev-master": "1.x-dev"
+                    "dev-master": "2.x-dev"
                 }
             },
             "autoload": {
@@ -448,7 +448,7 @@
                 "issues": "https://github.com/laravel/serializable-closure/issues",
                 "source": "https://github.com/laravel/serializable-closure"
             },
-            "time": "2024-11-14T18:34:49+00:00"
+            "time": "2025-01-24T15:42:37+00:00"
         },
         {
             "name": "nikic/fast-route",
@@ -557,20 +557,20 @@
         },
         {
             "name": "php-di/php-di",
-            "version": "7.0.7",
+            "version": "7.0.8",
             "source": {
                 "type": "git",
                 "url": "https://github.com/PHP-DI/PHP-DI.git",
-                "reference": "e87435e3c0e8f22977adc5af0d5cdcc467e15cf1"
+                "reference": "98ddc81f8f768a2ad39e4cbe737285eaeabe577a"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/PHP-DI/PHP-DI/zipball/e87435e3c0e8f22977adc5af0d5cdcc467e15cf1",
-                "reference": "e87435e3c0e8f22977adc5af0d5cdcc467e15cf1",
+                "url": "https://api.github.com/repos/PHP-DI/PHP-DI/zipball/98ddc81f8f768a2ad39e4cbe737285eaeabe577a",
+                "reference": "98ddc81f8f768a2ad39e4cbe737285eaeabe577a",
                 "shasum": ""
             },
             "require": {
-                "laravel/serializable-closure": "^1.0",
+                "laravel/serializable-closure": "^1.0 || ^2.0",
                 "php": ">=8.0",
                 "php-di/invoker": "^2.0",
                 "psr/container": "^1.1 || ^2.0"
@@ -582,7 +582,7 @@
                 "friendsofphp/php-cs-fixer": "^3",
                 "friendsofphp/proxy-manager-lts": "^1",
                 "mnapoli/phpunit-easymock": "^1.3",
-                "phpunit/phpunit": "^9.5",
+                "phpunit/phpunit": "^9.6",
                 "vimeo/psalm": "^4.6"
             },
             "suggest": {
@@ -614,7 +614,7 @@
             ],
             "support": {
                 "issues": "https://github.com/PHP-DI/PHP-DI/issues",
-                "source": "https://github.com/PHP-DI/PHP-DI/tree/7.0.7"
+                "source": "https://github.com/PHP-DI/PHP-DI/tree/7.0.8"
             },
             "funding": [
                 {
@@ -626,7 +626,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2024-07-21T15:55:45+00:00"
+            "time": "2025-01-28T21:02:46+00:00"
         },
         {
             "name": "php-di/slim-bridge",
@@ -1633,16 +1633,16 @@
         },
         {
             "name": "twig/twig",
-            "version": "v3.18.0",
+            "version": "v3.19.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/twigphp/Twig.git",
-                "reference": "acffa88cc2b40dbe42eaf3a5025d6c0d4600cc50"
+                "reference": "d4f8c2b86374f08efc859323dbcd95c590f7124e"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/twigphp/Twig/zipball/acffa88cc2b40dbe42eaf3a5025d6c0d4600cc50",
-                "reference": "acffa88cc2b40dbe42eaf3a5025d6c0d4600cc50",
+                "url": "https://api.github.com/repos/twigphp/Twig/zipball/d4f8c2b86374f08efc859323dbcd95c590f7124e",
+                "reference": "d4f8c2b86374f08efc859323dbcd95c590f7124e",
                 "shasum": ""
             },
             "require": {
@@ -1697,7 +1697,7 @@
             ],
             "support": {
                 "issues": "https://github.com/twigphp/Twig/issues",
-                "source": "https://github.com/twigphp/Twig/tree/v3.18.0"
+                "source": "https://github.com/twigphp/Twig/tree/v3.19.0"
             },
             "funding": [
                 {
@@ -1709,7 +1709,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2024-12-29T10:51:50+00:00"
+            "time": "2025-01-29T07:06:14+00:00"
         }
     ],
     "packages-dev": [

php/containers.json

@@ -300,6 +300,7 @@
       "environment": [
         "NC_DOMAIN=%NC_DOMAIN%",
         "NEXTCLOUD_HOST=nextcloud-aio-nextcloud",
+        "TZ=%TIMEZONE%",
         "REDIS_HOST=nextcloud-aio-redis",
         "REDIS_HOST_PASSWORD=%REDIS_PASSWORD%",
         "POSTGRES_HOST=nextcloud-aio-database",

readme.md

@@ -138,6 +138,101 @@ If your firewall/router has port 80 and 8443 open/forwarded and you point a doma
 5. Please do not forget to open port `3478/TCP` and `3478/UDP` in your firewall/router for the Talk container!
 
 ## FAQ
+- [Where can I find additional documentation?](#where-can-i-find-additional-documentation)
+- [How does it work?](#how-does-it-work)
+- [How to contribute?](#how-to-contribute)
+- [How many users are possible?](#how-many-users-are-possible)
+- [Are reverse proxies supported?](#are-reverse-proxies-supported)
+- [Which CPU architectures are supported?](#which-cpu-architectures-are-supported)
+- [Which ports are mandatory to be open in your firewall/router?](#which-ports-are-mandatory-to-be-open-in-your-firewallrouter)
+- [Explanation of used ports:](#explanation-of-used-ports)
+- [How to run AIO on macOS?](#how-to-run-aio-on-macos)
+- [How to run AIO on Windows?](#how-to-run-aio-on-windows)
+- [How to run AIO on Synology DSM](#how-to-run-aio-on-synology-dsm)
+- [How to run AIO with Portainer?](#how-to-run-aio-with-portainer)
+- [Can I run AIO on TrueNAS SCALE?](#can-i-run-aio-on-truenas-scale)
+- [Notes on Cloudflare (proxy/tunnel)](#notes-on-cloudflare-proxytunnel)
+- [How to run Nextcloud behind a Cloudflare Tunnel?](#how-to-run-nextcloud-behind-a-cloudflare-tunnel)
+- [How to run Nextcloud via Tailscale?](#how-to-run-nextcloud-via-tailscale)
+- [Disrecommended VPS providers](#disrecommended-vps-providers)
+- [Recommended VPS](#recommended-vps)
+- [Note on storage options](#note-on-storage-options)
+- [How to get Nextcloud running using the ACME DNS-challenge?](#how-to-get-nextcloud-running-using-the-acme-dns-challenge)
+- [How to run Nextcloud locally? No domain wanted, or wanting intranet access within your LAN.](#how-to-run-nextcloud-locally-no-domain-wanted-or-wanting-intranet-access-within-your-lan)
+- [Can I use an ip-address for Nextcloud instead of a domain?](#can-i-use-an-ip-address-for-nextcloud-instead-of-a-domain)
+- [Can I run AIO offline or in an airgapped system?](#can-i-run-aio-offline-or-in-an-airgapped-system)
+- [Are self-signed certificates supported for Nextcloud?](#are-self-signed-certificates-supported-for-nextcloud)
+- [Can I use AIO with multiple domains?](#can-i-use-aio-with-multiple-domains)
+- [Are other ports than the default 443 for Nextcloud supported?](#are-other-ports-than-the-default-443-for-nextcloud-supported)
+- [Can I run Nextcloud in a subdirectory on my domain?](#can-i-run-nextcloud-in-a-subdirectory-on-my-domain)
+- [How can I access Nextcloud locally?](#how-can-i-access-nextcloud-locally)
+- [How to skip the domain validation?](#how-to-skip-the-domain-validation)
+- [How to resolve firewall problems with Fedora Linux, RHEL OS, CentOS, SUSE Linux and others?](#how-to-resolve-firewall-problems-with-fedora-linux-rhel-os-centos-suse-linux-and-others)
+- [Are there known problems when SELinux is enabled?](#are-there-known-problems-when-selinux-is-enabled)
+- [How to run `occ` commands?](#how-to-run-occ-commands)
+- [How to resolve `Security & setup warnings displays the "missing default phone region" after initial install`?](#how-to-resolve-security--setup-warnings-displays-the-missing-default-phone-region-after-initial-install)
+- [How to run multiple AIO instances on one server?](#how-to-run-multiple-aio-instances-on-one-server)
+- [Bruteforce protection FAQ](#bruteforce-protection-faq)
+- [Update policy](#update-policy)
+- [How to switch the channel?](#how-to-switch-the-channel)
+- [How to update the containers?](#how-to-update-the-containers)
+    - [How often are update notifications sent?](#how-often-are-update-notifications-sent)
+- [How to easily log in to the AIO interface?](#how-to-easily-log-in-to-the-aio-interface)
+- [How to change the domain?](#how-to-change-the-domain)
+- [How to properly reset the instance?](#how-to-properly-reset-the-instance)
+- [Backup solution](#backup-solution)
+    - [What is getting backed up by AIO's backup solution?](#what-is-getting-backed-up-by-aios-backup-solution)
+    - [How to adjust borgs retention policy?](#how-to-adjust-borgs-retention-policy)
+    - [How to migrate from AIO to AIO?](#how-to-migrate-from-aio-to-aio)
+    - [Are remote borg backups supported?](#are-remote-borg-backups-supported)
+    - [Failure of the backup container in LXC containers](#failure-of-the-backup-container-in-lxc-containers)
+    - [How to create the backup volume on Windows?](#how-to-create-the-backup-volume-on-windows)
+    - [Pro-tip: Backup archives access](#pro-tip-backup-archives-access)
+    - [Delete backup archives manually](#delete-backup-archives-manually)
+    - [Sync local backups regularly to another drive](#sync-local-backups-regularly-to-another-drive)
+- [How to stop/start/update containers or trigger the daily backup from a script externally?](#how-to-stopstartupdate-containers-or-trigger-the-daily-backup-from-a-script-externally)
+- [How to disable the backup section?](#how-to-disable-the-backup-section)
+- [How to change the default location of Nextcloud's Datadir?](#how-to-change-the-default-location-of-nextclouds-datadir)
+- [Can I use a CIFS/SMB share as Nextcloud's datadir?](#can-i-use-a-cifssmb-share-as-nextclouds-datadir)
+- [How to allow the Nextcloud container to access directories on the host?](#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host)
+- [How to adjust the Talk port?](#how-to-adjust-the-talk-port)
+- [How to adjust the upload limit for Nextcloud?](#how-to-adjust-the-upload-limit-for-nextcloud)
+- [How to adjust the max execution time for Nextcloud?](#how-to-adjust-the-max-execution-time-for-nextcloud)
+- [How to adjust the PHP memory limit for Nextcloud?](#how-to-adjust-the-php-memory-limit-for-nextcloud)
+- [What can I do to fix the internal or reserved ip-address error?](#what-can-i-do-to-fix-the-internal-or-reserved-ip-address-error)
+- [Can I run this with Docker swarm?](#can-i-run-this-with-docker-swarm)
+- [Can I run this with Kubernetes?](#can-i-run-this-with-kubernetes)
+- [How to run this with Docker rootless?](#can-i-run-this-with-podman-instead-of-docker)
+- [How to change the Nextcloud apps that are installed on the first startup?](#how-to-change-the-nextcloud-apps-that-are-installed-on-the-first-startup)
+- [How to add OS packages permanently to the Nextcloud container?](#how-to-add-os-packages-permanently-to-the-nextcloud-container)
+- [How to add PHP extensions permanently to the Nextcloud container?](#how-to-add-php-extensions-permanently-to-the-nextcloud-container)
+- [What about the pdlib PHP extension for the facerecognition app?](#what-about-the-pdlib-php-extension-for-the-facerecognition-app)
+- [How to enable hardware acceleration for Nextcloud?](#how-to-enable-hardware-acceleration-for-nextcloud)
+    - [With open source drivers MESA for AMD, Intel and **new** drivers `Nouveau` for Nvidia](#with-open-source-drivers-mesa-for-amd-intel-and-new-drivers-nouveau-for-nvidia)
+    - [With proprietary drivers for Nvidia :warning: BETA](#with-proprietary-drivers-for-nvidia-warning-beta)
+- [How to keep disabled apps?](#how-to-keep-disabled-apps)
+- [Huge docker logs](#huge-docker-logs)
+- [Access/Edit Nextcloud files/folders manually](#accessedit-nextcloud-filesfolders-manually)
+- [How to store the files/installation on a separate drive?](#how-to-store-the-filesinstallation-on-a-separate-drive)
+- [How to edit Nextclouds config.php file with a texteditor?](#how-to-edit-nextclouds-configphp-file-with-a-texteditor)
+- [How to change default files by creating a custom skeleton directory?](#how-to-change-default-files-by-creating-a-custom-skeleton-directory)
+- [How to adjust the version retention policy and trashbin retention policy?](#how-to-adjust-the-version-retention-policy-and-trashbin-retention-policy)
+- [Fail2ban](#fail2ban)
+- [LDAP](#ldap)
+- [Netdata](#netdata)
+- [USER_SQL](#user_sql)
+- [phpMyAdmin, Adminer or pgAdmin](#phpmyadmin-adminer-or-pgadmin)
+- [Mail server](#mail-server)
+- [How to migrate from an already existing Nextcloud installation to Nextcloud AIO?](#how-to-migrate-from-an-already-existing-nextcloud-installation-to-nextcloud-aio)
+- [Requirements for integrating new containers](#requirements-for-integrating-new-containers)
+- [How to trust user-defined Certification Authorities (CA)?](#how-to-trust-user-defined-certification-authorities-ca)
+- [How to disable Collabora's Seccomp feature?](#how-to-disable-collaboras-seccomp-feature)
+- [How to enable automatic updates without creating a backup beforehand?](#how-to-enable-automatic-updates-without-creating-a-backup-beforehand)
+- [Securing the AIO interface from unauthorized ACME challenges](#securing-the-aio-interface-from-unauthorized-acme-challenges)
+
+### Where can I find additional documentation?
+Some of the documentation is available on [GitHub Discussions](https://github.com/nextcloud/all-in-one/discussions/categories/wiki).
+
 ### How does it work?
 Nextcloud AIO is inspired by projects like Portainer that manage the docker daemon by talking to it through the docker socket directly. This concept allows a user to install only one container with a single command that does the heavy lifting of creating and managing all containers that are needed in order to provide a Nextcloud installation with most features included. It also makes updating a breeze and is not bound to the host system (and its slow updates) anymore as everything is in containers. Additionally, it is very easy to handle from a user perspective because a simple interface for managing your Nextcloud AIO installation is provided.
 
@@ -832,6 +927,9 @@ You can edit Nextclouds config.php file directly from the host with your favorit
 ### How to change default files by creating a custom skeleton directory?
 All users see a set of [default files and folders](https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/default_files_configuration.html) as dictated by Nextcloud's configuration.  To change these default files and folders a custom skeleton directory must first be created; this can be accomplished by copying your skeleton files `sudo docker cp --follow-link /path/to/nextcloud/skeleton/ nextcloud-aio-nextcloud:/mnt/ncdata/skeleton/`, applying the correct permissions with `sudo docker exec nextcloud-aio-nextcloud chown -R 33:0 /mnt/ncdata/skeleton/` and `sudo docker exec nextcloud-aio-nextcloud chmod -R 750 /mnt/ncdata/skeleton/` and setting the skeleton directory option with `sudo docker exec --user www-data -it nextcloud-aio-nextcloud php occ config:system:set skeletondirectory --value="/mnt/ncdata/skeleton"`.  Further information is available in the Nextcloud documentation on [configuration parameters for the skeleton directory](https://docs.nextcloud.com/server/stable/admin_manual/configuration_server/config_sample_php_parameters.html#skeletondirectory).
 
+### How to adjust the version retention policy and trashbin retention policy?
+By default, AIO sets the `versions_retention_obligation` and `versions_retention_obligation` both to `auto, 30` which means that versions and items in the trashbin get deleted after 30 days. If you want to change this, see https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/file_versioning.html.
+
 ### Fail2ban
 You can configure your server to block certain ip-addresses using fail2ban as bruteforce protection. Here is how to set it up: https://docs.nextcloud.com/server/stable/admin_manual/installation/harden_server.html#setup-fail2ban. The logpath of AIO is by default `/var/lib/docker/volumes/nextcloud_aio_nextcloud/_data/data/nextcloud.log`. Do not forget to add `chain=DOCKER-USER` to your nextcloud jail config (`nextcloud.local`) otherwise the nextcloud service running on docker will still be accessible even if the IP is banned. Also, you may change the blocked ports to cover all AIO ports: by default `80,443,8080,8443,3478` (see [this](https://github.com/nextcloud/all-in-one#explanation-of-used-ports)). Apart from that there is now a community container that can be added to the AIO stack: https://github.com/nextcloud/all-in-one/tree/main/community-containers/fail2ban