increase to 11.2.1

Signed-off-by: Simon L. <szaimen@e.mail.de>

Containers/collabora/Dockerfile

@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:latest
 # From a file located probably somewhere here: https://github.com/CollaboraOnline/online/blob/master/docker/from-packages/Dockerfile
-FROM collabora/code:25.04.2.2.1
+FROM collabora/code:25.04.3.1.1
 
 USER root
 ARG DEBIAN_FRONTEND=noninteractive

Containers/mastercontainer/Dockerfile

@@ -8,6 +8,9 @@ FROM caddy:2.10.0-alpine AS caddy
 # From https://github.com/docker-library/php/blob/master/8.4/alpine3.21/fpm/Dockerfile
 FROM php:8.4.8-fpm-alpine3.21
 
+ARG AIO_GIT_URL="https://github.com/nextcloud-releases/all-in-one.git"
+ARG AIO_GIT_BRANCH="main"
+
 EXPOSE 80
 EXPOSE 8080
 EXPOSE 8443
@@ -64,7 +67,7 @@ RUN set -ex; \
     wget https://getcomposer.org/installer -O - | php -- --install-dir=/usr/local/bin --filename=composer; \
     chmod +x /usr/local/bin/composer; \
     cd /var/www/docker-aio; \
-    git clone https://github.com/nextcloud-releases/all-in-one.git --depth 1 .; \
+    git clone "$AIO_GIT_URL" --depth 1 --single-branch --branch "$AIO_GIT_BRANCH" .; \
     find ./ -maxdepth 1 -mindepth 1 -not -path ./php -not -path ./community-containers -exec rm -r {} \; ; \
     rm -r ./php/tests; \
     chown www-data:www-data -R /var/www/docker-aio; \

Containers/mastercontainer/daily-backup.sh

@@ -2,6 +2,13 @@
 
 echo "Daily backup script has started"
 
+# Check if initial configuration has been done, otherwise this script should do nothing.
+CONFIG_FILE=/mnt/docker-aio-config/data/configuration.json
+if ! [ -f "$CONFIG_FILE" ] || ! grep -q "wasStartButtonClicked.*1" "$CONFIG_FILE"; then
+    echo "Initial configuration via AIO interface not done yet. Exiting..."
+    exit 0
+fi
+
 # Daily backup and backup check cannot be run at the same time
 if [ "$DAILY_BACKUP" = 1 ] && [ "$CHECK_BACKUP" = 1 ]; then
     echo "Daily backup and backup check cannot be run at the same time. Exiting..."

Containers/nextcloud/entrypoint.sh

@@ -676,7 +676,12 @@ fi
 
 # OnlyOffice
 if [ "$ONLYOFFICE_ENABLED" = 'yes' ]; then
-    while ! nc -z "$ONLYOFFICE_HOST" 80; do
+    if echo "$ONLYOFFICE_HOST" | grep -q "nextcloud-.*-onlyoffice"; then
+        ONLYOFFICE_PORT=80
+    else
+        ONLYOFFICE_PORT=443
+    fi
+    while ! nc -z "$ONLYOFFICE_HOST" "$ONLYOFFICE_PORT"; do
         echo "waiting for OnlyOffice to become available..."
         sleep 5
     done
@@ -690,7 +695,11 @@ if [ "$ONLYOFFICE_ENABLED" = 'yes' ]; then
     php /var/www/html/occ config:system:set onlyoffice jwt_secret --value="$ONLYOFFICE_SECRET"
     php /var/www/html/occ config:app:set onlyoffice jwt_secret --value="$ONLYOFFICE_SECRET"
     php /var/www/html/occ config:system:set onlyoffice jwt_header --value="AuthorizationJwt"
-    php /var/www/html/occ config:app:set onlyoffice DocumentServerUrl --value="https://$NC_DOMAIN/onlyoffice"
+    if echo "$ONLYOFFICE_HOST" | grep -q "nextcloud-.*-onlyoffice"; then
+        ONLYOFFICE_HOST="$NC_DOMAIN/onlyoffice"
+        export ONLYOFFICE_HOST
+    fi
+    php /var/www/html/occ config:app:set onlyoffice DocumentServerUrl --value="https://$ONLYOFFICE_HOST"
 else
     if [ "$REMOVE_DISABLED_APPS" = yes ] && [ -d "/var/www/html/custom_apps/onlyoffice" ] && [ -n "$ONLYOFFICE_SECRET" ] && [ "$(php /var/www/html/occ config:system:get onlyoffice jwt_secret)" = "$ONLYOFFICE_SECRET" ]; then
         php /var/www/html/occ app:remove onlyoffice

Containers/nextcloud/run-exec-commands.sh

@@ -26,4 +26,11 @@ else
     fi
 fi
 
-sleep inf
+signal_handler() {
+    exit 0
+}
+
+trap signal_handler SIGINT SIGTERM
+
+sleep inf &
+wait $!

Containers/talk-recording/Dockerfile

@@ -1,5 +1,5 @@
 # syntax=docker/dockerfile:latest
-FROM python:3.13.4-alpine3.21
+FROM python:3.13.5-alpine3.21
 
 COPY --chmod=775 start.sh /start.sh
 COPY --chmod=775 healthcheck.sh /healthcheck.sh

Containers/watchtower/Dockerfile

@@ -1,11 +1,5 @@
 # syntax=docker/dockerfile:latest
-FROM golang:1.24.4-alpine3.21 AS go
-
-RUN set -ex; \
-    apk upgrade --no-cache -a; \
-    apk add --no-cache \
-        build-base; \
-    go install github.com/containrrr/watchtower@76f9cea516593fabb8ca91ff13de55caa6aa0a8b;
+FROM ghcr.io/nicholas-fedor/watchtower:1.11.3 AS watchtower
 
 FROM alpine:3.21.3
 
@@ -13,7 +7,7 @@ RUN set -ex; \
     apk upgrade --no-cache -a; \
     apk add --no-cache bash ca-certificates tzdata
 
-COPY --from=go /go/bin/watchtower /watchtower
+COPY --from=watchtower /watchtower /watchtower
 
 COPY --chmod=775 start.sh /start.sh
 

Containers/watchtower/start.sh

@@ -9,6 +9,13 @@ elif ! test -r /var/run/docker.sock; then
     exit 1
 fi
 
+if [ -f /run/.containerenv ]; then
+    # If running under podman disable memory_swappiness setting in watchtower.
+    # It is a necessary workaround until https://github.com/containers/podman/issues/23824 gets fixed.
+    echo "Running under Podman. Setting WATCHTOWER_DISABLE_MEMORY_SWAPPINESS to 1."
+    export WATCHTOWER_DISABLE_MEMORY_SWAPPINESS=1
+fi
+
 if [ -n "$CONTAINER_TO_UPDATE" ]; then
     exec /watchtower --cleanup --debug --run-once "$CONTAINER_TO_UPDATE"
 else

Containers/whiteboard/Dockerfile

@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:latest
 # Probably from this file: https://github.com/nextcloud/whiteboard/blob/main/Dockerfile
-FROM ghcr.io/nextcloud-releases/whiteboard:v1.0.5
+FROM ghcr.io/nextcloud-releases/whiteboard:v1.1.2
 
 USER root
 RUN set -ex; \

app/templates/admin.php

@@ -10,7 +10,7 @@ declare(strict_types=1);
  */
 	/** @var array $_ */ ?>
 <div id="allinone" class="section">
-	<h2><?php p($l->t('Nextcloud All-in-One'));?></h2>
+	<h2><?php p($l->t('Nextcloud All-in-One'));?></h2><br/>
 	<a href="<?php p($_['AIOLoginUrl']);?>" class="button" target="_blank">Open Nextcloud AIO Interface ↗</a><br><br>
 	<p><a href="https://github.com/nextcloud/all-in-one#how-to-easily-log-in-to-the-aio-interface">Click here for more infos on this feature (e.g. also on how to change the link in the button)</a></p>
 </div>

community-containers/caddy/readme.md

@@ -1,5 +1,5 @@
 ## Caddy with geoblocking
-This container bundles caddy and auto-configures it for you. It also covers [vaultwarden](https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden) by listening on `bw.$NC_DOMAIN`, if installed. It also covers [stalwart](https://github.com/nextcloud/all-in-one/tree/main/community-containers/stalwart) by listening on `mail.$NC_DOMAIN`, if installed. It also covers [jellyfin](https://github.com/nextcloud/all-in-one/tree/main/community-containers/jellyfin) by listening on `media.$NC_DOMAIN`, if installed. It also covers [lldap](https://github.com/nextcloud/all-in-one/tree/main/community-containers/lldap) by listening on `ldap.$NC_DOMAIN`, if installed. It also covers [nocodb](https://github.com/nextcloud/all-in-one/tree/main/community-containers/nocodb) by listening on `tables.$NC_DOMAIN`, if installed. It also covers [jellyseerr](https://github.com/nextcloud/all-in-one/tree/main/community-containers/jellyseerr) by listening on `requests.$NC_DOMAIN`, if installed. It also covers [mollysocket](https://github.com/nextcloud/all-in-one/tree/main/community-containers/mollysocket) by listening on `mollysocket.$NC_DOMAIN`, if installed.
+This container bundles caddy and auto-configures it for you. It also covers [vaultwarden](https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden) by listening on `bw.$NC_DOMAIN`, if installed. It also covers [stalwart](https://github.com/nextcloud/all-in-one/tree/main/community-containers/stalwart) by listening on `mail.$NC_DOMAIN`, if installed. It also covers [jellyfin](https://github.com/nextcloud/all-in-one/tree/main/community-containers/jellyfin) by listening on `media.$NC_DOMAIN`, if installed. It also covers [lldap](https://github.com/nextcloud/all-in-one/tree/main/community-containers/lldap) by listening on `ldap.$NC_DOMAIN`, if installed. It also covers [nocodb](https://github.com/nextcloud/all-in-one/tree/main/community-containers/nocodb) by listening on `tables.$NC_DOMAIN`, if installed. It also covers [jellyseerr](https://github.com/nextcloud/all-in-one/tree/main/community-containers/jellyseerr) by listening on `requests.$NC_DOMAIN`, if installed.
 
 ### Notes
 - This container is incompatible with the [npmplus](https://github.com/nextcloud/all-in-one/tree/main/community-containers/npmplus) community container. So make sure that you do not enable both at the same time!
@@ -10,7 +10,6 @@ This container bundles caddy and auto-configures it for you. It also covers [vau
 - If you want to use this with [lldap](https://github.com/nextcloud/all-in-one/tree/main/community-containers/lldap), make sure that you point `ldap.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for lldap.
 - If you want to use this with [nocodb](https://github.com/nextcloud/all-in-one/tree/main/community-containers/nocodb), make sure that you point `tables.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for nocodb.
 - If you want to use this with [jellyseerr](https://github.com/nextcloud/all-in-one/tree/main/community-containers/jellyseerr), make sure that you point `requests.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for jellyseerr.
-- If you want to use this with [mollysocket](https://github.com/nextcloud/all-in-one/tree/main/community-containers/mollysocket), make sure that you point `mollysocket.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for mollysocket.
 - After the container was started the first time, you should see a new `nextcloud-aio-caddy` folder and inside there an `allowed-countries.txt` file when you open the files app with the default `admin` user. In there you can adjust the allowed country codes for caddy by adding them to the first line, e.g. `IT FR` would allow access from italy and france. Private ip-ranges are always allowed. Additionally, in order to activate this config, you need to get an account at https://dev.maxmind.com/geoip/geolite2-free-geolocation-data and download the `GeoLite2-Country.mmdb` and upload it with this exact name into the `nextcloud-aio-caddy` folder. Afterwards restart all containers from the AIO interface and your new config should be active!
 - You can add your own Caddy configurations in `/data/caddy-imports/` inside the Caddy container (`sudo docker exec -it nextcloud-aio-caddy bash`). These will be imported on container startup.
 - See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack

community-containers/mollysocket/mollysocket.json

@@ -1,37 +0,0 @@
-{
-    "aio_services_v1": [
-        {
-            "container_name": "nextcloud-aio-mollysocket",
-            "display_name": "MollySocket",
-            "documentation": "https://github.com/nextcloud/all-in-one/tree/main/community-containers/mollysocket",
-            "image": "ghcr.io/mollyim/mollysocket",
-            "image_tag": "1",
-            "restart": "unless-stopped",
-            "ports": [
-                { 
-                   "ip_binding": "%APACHE_IP_BINDING%", 
-                   "port_number": "8020", 
-                   "protocol": "tcp" 
-                 }  
-            ],
-            "volumes": [
-                {
-                    "source": "nextcloud_aio_mollysocket",
-                    "destination": "/data",
-                    "writeable": true
-                }
-            ],
-            "working_dir": "/data",
-            "command": "server",
-            "environment": [
-                "TZ=%TIMEZONE%",
-                "MOLLY_DB=/data/mollysocket.db",
-                "MOLLY_ALLOWED_ENDPOINTS=[\"*\",\"https://mollysocket.%NC_DOMAIN%\"]",
-                "MOLLY_ALLOWED_UUIDS=[\"*\"]",
-                "MOLLY_HOST=0.0.0.0",
-                "MOLLY_PORT=8020",
-                "RUST_LOG=error"
-            ]
-        }
-    ]
-}

community-containers/mollysocket/readme.md

@@ -1,13 +0,0 @@
-## MollySocket
-This container bundles MollySocket and auto-configures it for you.
-
-### Notes
-- This container is only intended to be used over https behind a reverse proxy. You can You can set up a reverse proxy following [these instructions](https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md) OR use the [Caddy community container](https://github.com/nextcloud/all-in-one/tree/main/community-containers/caddy) that will automatically configure mollysocket.$NC_DOMAIN to redirect to your MollySocket.
-- This will work with a locally hosted UnifiedPush provider such as [NextPush](https://codeberg.org/NextPush/uppush) if it is hosted at https://mollysocket.$NC_DOMAIN.
-- See [here](https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers) how to add it to the AIO stack.
-
-### Repository
-https://github.com/mollyim/mollysocket
-
-### Maintainer
-https://github.com/Anvil5465

develop.md

@@ -47,3 +47,13 @@ This is documented here: https://github.com/nextcloud-releases/all-in-one/tree/m
 
 ## How to connect to the database?
 Simply run `sudo docker exec -it nextcloud-aio-database psql -U oc_nextcloud nextcloud_database` and you should be in.
+
+## How to locally build and test changes to mastercontainer?
+1. Push changes to your own git fork and branch.
+1. Use below commands to build mastercontainer image for a custom git url and branch:
+```
+cd Containers/mastercontainer
+docker buildx build -t ghcr.io/nextcloud-releases/all-in-one:latest --build-arg AIO_GIT_URL="https://github.com/my-fork-repo/all-in-one.git" --build-arg AIO_GIT_BRANCH="my-feature-branch" --load .
+```
+1. Start a container with above built image.
+1. Since the hash of a locally built image doesn't match the latest release mastercontainer, it prompts for a mandatory update. To temporarily bypass the update suffix `?bypass_mastercontainer_update` to the URL. Eg: `https://localhost:8080/containers?bypass_mastercontainer_update`

docker-ipv6-support.md

@@ -4,19 +4,23 @@
 First of all upgrade your docker installation to v27.0.1 or higher.
 1. Then edit `/etc/docker/daemon.json` (or `~/.config/docker/daemon.json` in case of docker-rootless), add the below json:
 
-    ```json
-    {
-      "default-network-opts": {"bridge":{"com.docker.network.enable_ipv6":"true"}}
-    }
-    ```
+> [!WARNING]
+> This will enable ipv6 for all new docker networks by default! You can alternatively create the `nextcloud-aio` network with ipv6 support by hand manually via docker network create or via compose.yaml.
 
-    Save the file.
+```json
+{
+    "default-network-opts": {"bridge":{"com.docker.network.enable_ipv6":"true"}}
+}
+```
+
+And save the file.
 
 2.  Reload the Docker configuration file.
 
-    ```console
-    sudo systemctl restart docker
-    ```
+```console
+sudo systemctl restart docker
+```
+
 3. Make sure that ipv6 is enabled for the internal `nextcloud-aio` network by running `sudo docker network inspect nextcloud-aio | grep EnableIPv6`. On a new instance, this command should return that it did not find a network with this name. Then you can run `sudo docker network create nextcloud-aio` in order to create the network with ipv6-support. However if it finds the network and its value `EnableIPv6` is set to false, make sure to follow https://github.com/nextcloud/all-in-one/discussions/4989 in order to recreate the network and enable ipv6 for it.
 
 ## Docker Desktop (Windows and macOS)
@@ -25,9 +29,12 @@ Then, on Windows and macOS which use Docker Desktop, you need to go into the set
 
 1. You need to now adjust this json file:
 
-    ```
-    "default-network-opts": {"bridge":{"com.docker.network.enable_ipv6":"true"}}
-    ```
+> [!WARNING]
+> This will enable ipv6 for all new docker networks by default! You can alternatively create the `nextcloud-aio` network with ipv6 support by hand manually via docker network create or via compose.yaml.
+
+```json
+"default-network-opts": {"bridge":{"com.docker.network.enable_ipv6":"true"}}
+```
 
 2. Add these values to the json and make sure to keep the other currently values and that you don't see `Unexpected token in JSON at position ...` before attempting to restart by clicking on `Apply & restart`.
 3. Make sure that ipv6 is enabled for the internal `nextcloud-aio` network by running `sudo docker network inspect nextcloud-aio | grep EnableIPv6`. On a new instance, this command should return that it did not find a network with this name. Then you can run `sudo docker network create nextcloud-aio` in order to create the network with ipv6-support. However if it finds the network and its value `EnableIPv6` is set to false, make sure to follow https://github.com/nextcloud/all-in-one/discussions/4989 in order to recreate the network and enable ipv6 for it.

php/public/index.php

@@ -82,6 +82,11 @@ $app->get('/containers', function (Request $request, Response $response, array $
     $dockerController = $container->get(\AIO\Controller\DockerController::class);
     $dockerActionManger->ConnectMasterContainerToNetwork();
     $dockerController->StartDomaincheckContainer();
+
+    // Check if bypass_mastercontainer_update is provided on the URL, a special developer mode to bypass a mastercontainer update and use local image.
+    $params = $request->getQueryParams();
+    $bypass_mastercontainer_update = isset($params['bypass_mastercontainer_update']);
+
     return $view->render($response, 'containers.twig', [
         'domain' => $configurationManager->GetDomain(),
         'apache_port' => $configurationManager->GetApachePort(),
@@ -91,7 +96,7 @@ $app->get('/containers', function (Request $request, Response $response, array $
         'nextcloud_password' => $configurationManager->GetAndGenerateSecret('NEXTCLOUD_PASSWORD'),
         'containers' => (new \AIO\ContainerDefinitionFetcher($container->get(\AIO\Data\ConfigurationManager::class), $container))->FetchDefinition(),
         'borgbackup_password' => $configurationManager->GetAndGenerateSecret('BORGBACKUP_PASSWORD'),
-        'is_mastercontainer_update_available' => $dockerActionManger->IsMastercontainerUpdateAvailable(),
+        'is_mastercontainer_update_available' => ( $bypass_mastercontainer_update ? false : $dockerActionManger->IsMastercontainerUpdateAvailable() ),
         'has_backup_run_once' => $configurationManager->hasBackupRunOnce(),
         'is_backup_container_running' => $dockerActionManger->isBackupContainerRunning(),
         'backup_exit_code' => $dockerActionManger->GetBackupcontainerExitCode(),

php/templates/containers.twig

@@ -17,7 +17,7 @@
 
     <div class="container">
         <main>
-            <h1>Nextcloud AIO v11.1.0</h1>
+            <h1>Nextcloud AIO v11.2.1</h1>
 
             {# Add 2nd tab warning #}
             <script type="text/javascript" src="second-tab-warning.js"></script>

readme.md

@@ -801,7 +801,7 @@ If you have the borg backup feature enabled, you can copy it over to the new hos
     1. Note the path where the backups are stored and the encryption password
 1. Navigate to the backup folder
 1. Create archive of the backup so it's easier to copy: `tar -czvf borg.tar.gz borg`
-1. Copy the archive over to the new host: `cp borg.tar.gz user@new.host:/mnt`. Make sure to replace `user` with your actual user and `new.host` with the IP or domain of the actual host. You can also use another way to copy the archive.
+1. Copy the archive over to the new host: `scp borg.tar.gz user@new.host:/mnt`. Make sure to replace `user` with your actual user and `new.host` with the IP or domain of the actual host. You can also use another way to copy the archive.
 1. Switch to the new host
 1. Go to the folder you put the backup archive and extract it with `tar -xf borg.tar.gz`
 1. Follow the installation guide to create a new aio instance, but do not start the containers yet (the `docker run` or `docker compose up -d` command)