chore: add AUTHORS.md with all contributors and their email addresses

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Co-authored-by: szaimen <42591237+szaimen@users.noreply.github.com>

.gitattributes

@@ -1 +1,4 @@
+# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 * text=auto

.github/ISSUE_TEMPLATE/Bug_report.md

@@ -1,3 +1,8 @@
+<!--
+SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+SPDX-License-Identifier: AGPL-3.0-or-later
+-->
+
 ---
 name: 🐛 Bug report - no questions and no support!
 about: Help us improving by reporting a bug - this category is not for questions and also not for support! Please use one of the options below for questions and support

.github/ISSUE_TEMPLATE/Feature_request.md

@@ -1,3 +1,8 @@
+<!--
+SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+SPDX-License-Identifier: AGPL-3.0-or-later
+-->
+
 ---
 name: 📖 Existing feature/documentation enhancement
 about: Suggest an enhancement of an existing feature/documentation - for other types, please use the feature request option below

.github/ISSUE_TEMPLATE/config.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 blank_issues_enabled: false
 contact_links:
     - name: 📘 Documentation on Nextcloud AIO

.github/dependabot.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 version: 2
 updates:
 - package-ecosystem: "github-actions"

.github/pull_request_template.md

@@ -1,3 +1,8 @@
+<!--
+SPDX-FileCopyrightText: 2026 Nextcloud GmbH and Nextcloud contributors
+SPDX-License-Identifier: AGPL-3.0-or-later
+-->
+
 <!--
   - 🚨 SECURITY INFO
   -

.github/release.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 changelog:
   categories:
     - title: 🏕 New features and other improvements

.github/workflows/codespell.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 name: 'Codespell'
 
 on:

.github/workflows/collabora.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 name: collabora-update
 
 on:

.github/workflows/community-containers.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 name: Validate community containers
 
 on:

.github/workflows/dependency-updates.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 name: dependency-updates
 
 on:

.github/workflows/docker-lint.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 name: Docker Lint
 
 on:

.github/workflows/fail-on-prerelease.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2026 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 name: Block if prerelease is present
 
 on:

.github/workflows/helm-release.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 
 name: Helm Chart Releaser
 

.github/workflows/imaginary-update.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 name: imaginary-update
 
 on:

.github/workflows/json-validator.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 name: Json Validator
 
 on:

.github/workflows/lint-helm.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 name: Lint Helm Charts
 
 on:

.github/workflows/lock-threads.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 name: 'Lock Threads'
 
 on:

.github/workflows/nextcloud-update.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 # Inspired by https://github.com/nextcloud/docker/blob/master/.github/workflows/update-sh.yml
 name: nextcloud-update
 

.github/workflows/php-deprecation-detector.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 name: PHP Deprecation Detector
 # See https://github.com/wapmorgan/PhpDeprecationDetector
 

.github/workflows/playwright-on-push.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 name: Playwright Tests on push
 
 on:
@@ -5,12 +8,14 @@ on:
     paths:
       - 'php/**'
       - 'Containers/mastercontainer/*.Caddyfile'
+      - 'Containers/mastercontainer/start.sh'
   push:
     branches:
       - main
     paths:
       - 'php/**'
       - 'Containers/mastercontainer/*.Caddyfile'
+      - 'Containers/mastercontainer/start.sh'
 
 concurrency:
   group: playwright-${{ github.head_ref || github.run_id }}
@@ -55,7 +60,7 @@ jobs:
           rm -r ./session
           composer install --no-dev
           composer clear-cache
-          sudo chmod 777 -R ./
+          sudo chmod 777 -R ../
 
       - name: Start fresh development server
         run: |
@@ -72,6 +77,7 @@ jobs:
             --volume ./php:/var/www/docker-aio/php \
             --volume ./Containers/mastercontainer/internal.Caddyfile:/internal.Caddyfile \
             --volume ./Containers/mastercontainer/headers.Caddyfile:/headers.Caddyfile \
+            --volume ./Containers/mastercontainer/start.sh:/start.sh \
             --volume /var/run/docker.sock:/var/run/docker.sock:ro \
             --env SKIP_DOMAIN_VALIDATION=true \
             --env APACHE_PORT=11000 \
@@ -103,6 +109,7 @@ jobs:
             --volume ./php:/var/www/docker-aio/php \
             --volume ./Containers/mastercontainer/internal.Caddyfile:/internal.Caddyfile \
             --volume ./Containers/mastercontainer/headers.Caddyfile:/headers.Caddyfile \
+            --volume ./Containers/mastercontainer/start.sh:/start.sh \
             --volume /var/run/docker.sock:/var/run/docker.sock:ro \
             --env SKIP_DOMAIN_VALIDATION=false \
             --env APACHE_PORT=11000 \

.github/workflows/playwright-on-workflow-dispatch.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 name: Playwright Tests
 
 on:

.github/workflows/psalm-update-baseline.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 name: Update Psalm baseline
 
 on:

.github/workflows/reuse.yml

@@ -0,0 +1,27 @@
+# This workflow is provided via the organization template repository
+#
+# https://github.com/nextcloud/.github
+# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
+
+# SPDX-FileCopyrightText: 2022 Free Software Foundation Europe e.V. <https://fsfe.org>
+#
+# SPDX-License-Identifier: CC0-1.0
+
+name: REUSE Compliance Check
+
+on: [pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  reuse-compliance-check:
+    runs-on: ubuntu-latest-low
+    steps:
+      - name: Checkout
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
+
+      - name: REUSE Compliance Check
+        uses: fsfe/reuse-action@676e2d560c9a403aa252096d99fcab3e1132b0f5 # v6.0.0

.github/workflows/shellcheck.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 name: Shellcheck
 
 on:

.github/workflows/talk.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 name: talk-update
 
 on:

.github/workflows/twig-lint.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 name: Twig Lint
 
 on:

.github/workflows/update-copyright.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 name: Update Copyright
 
 on:

.github/workflows/update-helm.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 name: Update Helm Chart
 
 on:

.github/workflows/update-yaml.yml

@@ -1,28 +1,31 @@
-name: Update Yaml files
-
-on:
-  workflow_dispatch:
-  schedule:
-  - cron:  '00 12 * * *'
-
-jobs:
-  update-yaml:
-    name: update yaml files
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout code
+# SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
+name: Update Yaml files
+
+on:
+  workflow_dispatch:
+  schedule:
+  - cron:  '00 12 * * *'
+
+jobs:
+  update-yaml:
+    name: update yaml files
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-      - name: update yaml files
-        run: |
-          sudo bash manual-install/update-yaml.sh
-      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v7
-        with:
-          commit-message: Yaml updates
-          signoff: true
-          title: Yaml updates
-          body: Automated yaml updates for the docker-compose files. Should only be merged shortly before the next latest release.
-          labels: dependencies, 3. to review
-          milestone: next
-          branch: aio-yaml-update
-          token: ${{ secrets.GITHUB_TOKEN }}
+      - name: update yaml files
+        run: |
+          sudo bash manual-install/update-yaml.sh
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v7
+        with:
+          commit-message: Yaml updates
+          signoff: true
+          title: Yaml updates
+          body: Automated yaml updates for the docker-compose files. Should only be merged shortly before the next latest release.
+          labels: dependencies, 3. to review
+          milestone: next
+          branch: aio-yaml-update
+          token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/watchtower-update.yml

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
 name: watchtower-update
 
 on:

.gitignore

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 .DS_Store
 .idea/
 *.iml

AUTHORS.md

@@ -0,0 +1,195 @@
+<!--
+SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+SPDX-License-Identifier: AGPL-3.0-or-later
+-->
+
+# Authors
+
+All contributors to the Nextcloud All-in-One project:
+
+- 41it <137164547+41it@users.noreply.github.com>
+- Adam Monsen <haircut@gmail.com>
+- Adrian Gebhart <adrian@pestotoast.de>
+- AiroPi <47398145+AiroPi@users.noreply.github.com>
+- Alan Savage <asavageiv@users.noreply.github.com>
+- Alexander Hörl <alexander.horl2@live.de>
+- Alexander Müller <28591861+alexanderdd@users.noreply.github.com>
+- Alexander Piskun <bigcat88@icloud.com>
+- alexenica <alexenica@live.com>
+- Alison McCue <gh@maladroit.me>
+- Andrey Borysenko <andrey18106x@gmail.com>
+- Andy George <andygeorge@users.noreply.github.com>
+- Anth0rx <pascal@dengconsult.systems>
+- Anton Podlozny <47890723+apodl1@users.noreply.github.com>
+- Anupam Kumar <kyteinsky@gmail.com>
+- Anvil5465 <119350594+Anvil5465@users.noreply.github.com>
+- Apoorv Parle <19315187+apparle@users.noreply.github.com>
+- Arman The Parman <77603167+ArmanTheParman@users.noreply.github.com>
+- autoantwort <Leander.schulten@rwth-aachen.de>
+- Aytsuqi <141279848+Aytsuqi@users.noreply.github.com>
+- Basti Qdoba <sebastian.chudoba@googlemail.com>
+- Bastian <48765834+Cloudboom@users.noreply.github.com>
+- Bastian Derigs <155444921+derigs@users.noreply.github.com>
+- Ben Iofel <1713819+benwaffle@users.noreply.github.com>
+- Benjamin Brahmer <info@b-brahmer.de>
+- bentongxyz <60358804+bentongxyz@users.noreply.github.com>
+- blu3acid <michael.muschner@mailbox.org>
+- BP <busta.pipes@gmail.com>
+- Braiden Psiuk <mail@braiden.dev>
+- Brian Philipp <66728496+BR14Nx@users.noreply.github.com>
+- Brouware <63195347+Brouware@users.noreply.github.com>
+- Caio Barros <cgbarros@users.noreply.github.com>
+- craigkh <74493036+craigkh@users.noreply.github.com>
+- Daniel Calviño Sánchez <danxuliu@gmail.com>
+- Daniel Hartmann <60435198+hartmann-daniel@users.noreply.github.com>
+- David <142408439+LinuxSpielKind@users.noreply.github.com>
+- David Bradette <87823519+DavidBradette@users.noreply.github.com>
+- David Hund <david.hund@gmail.com>
+- David Mehren <git@herrmehren.de>
+- Dennis R <dennis@elsysweyr.com>
+- -Denux <timon.klinkert@gmail.com>
+- derhagen <2806328+derhagen@users.noreply.github.com>
+- derStephan <derStephan@users.noreply.github.com>
+- dienteperro <dienteperro1207@yahoo.com>
+- Duvio <can2004kaya@gmail.com>
+- Emil Marklund <emil@btlcomputing.com>
+- ernolf <raphael.gradenwitz@googlemail.com>
+- Erwan Hervé <62173453+Erwan-loot@users.noreply.github.com>
+- esmith443 <119460913+esmith443@users.noreply.github.com>
+- FaySmash <30392780+FaySmash@users.noreply.github.com>
+- Felix Schäfer <felix@thegcat.net>
+- Felix Stupp <felix.stupp@banananet.work>
+- Fernando Ribeiro <fribeiro@fribeiro.org>
+- Florian Latifi <mail@florian-latifi.at>
+- Florian Wallner <asdf@walura.eu>
+- foegra <foegra@yahoo.com>
+- Francesco Saltori <francescosaltori@gmail.com>
+- Frederik Berg <fberg@posteo.de>
+- FreDTV <70434961+Fred-DTV@users.noreply.github.com>
+- Gerald Krause <gerald.d.krause@t-online.de>
+- gggeek <giunta.gaetano@gmail.com>
+- Gonçalo Pereira <goncalo_pereira@outlook.pt>
+- grossamos <email@amosgross.com>
+- Hannes Franke <hannes.franke@tu-dortmund.de>
+- HedgeShot <HedgeShot@users.noreply.github.com>
+- Hoang Pham <hoangmaths96@gmail.com>
+- hunhejj <hunhejj@gmail.com>
+- Ikko Eltociear Ashimine <eltociear@gmail.com>
+- iraklis10 <1414477+iraklis10@users.noreply.github.com>
+- ItsQuadrus <quadrus.yt@gmail.com>
+- jameskimmel <17176225+jameskimmel@users.noreply.github.com>
+- Jean-Yves <7360784+docjyJ@users.noreply.github.com>
+- Jehu Marcos Herrera Puentes <jehuherrerap@hotmail.com>
+- Jimmy Everling <jimmy@jimmyk.se>
+- JL102 <jordanlees@mailbox.org>
+- Jo <jonassauge@gmail.com>
+- Joas Schilling <coding@schilljs.com>
+- Joe Hanson <joe@veri.dev>
+- John Molakvoæ <skjnldsv@protonmail.com>
+- Jos Poortvliet <jospoortvliet@gmail.com>
+- Joseph <jturnism@gmail.com>
+- Josh <josh.t.richards@gmail.com>
+- Joshua Hesketh <josh@hesketh.net.au>
+- jr_blue_551 <johnrowe551@gmail.com>
+- Julius Härtl <jus@bitgrid.net>
+- Kai Biebel <38378574+seclution@users.noreply.github.com>
+- Kain <26943220+kaincenteno@users.noreply.github.com>
+- Kasim <kasim@rafique.co.uk>
+- Killiane Letellier <killiane.letellier@mailo.com>
+- Klaus15 <le_kluus@web.de>
+- kri164 <52274164+kri164@users.noreply.github.com>
+- kurt-mcrae <83569406+kurt-mcrae@users.noreply.github.com>
+- Lance <Gero3977@gmail.com>
+- lll <2844835+flll@users.noreply.github.com>
+- Lorenzo Marroccoli <lollo0296@gmail.com>
+- Lorenzo Moscati <lorenzo@moscati.page>
+- Lukas Reschke <lukas@statuscode.ch>
+- Luotio <juha@luotio.net>
+- ManOki <ManOki@users.noreply.github.com>
+- Marc <github@wuast24.de>
+- Marco Ambrosini <marcoambrosini@proton.me>
+- marekschneider <marek@kms.onl>
+- Marius Quabeck <marius.quabeck@nextcloud.com>
+- Martin Ligabue <martinligabue@gmail.com>
+- martin.mueller <martin.mueller@model-engineers.com>
+- Marvin von Papen <79196690+MarvvanPal@users.noreply.github.com>
+- masterwoot <company+github.com@maganti.se>
+- matiasdelellis <mati86dl@gmail.com>
+- Maximilian Jakob Maag <maximilian.maag@outlook.de>
+- Michael Keck <git@cr0ydon.com>
+- Miguel Guthridge <hdsq@outlook.com.au>
+- Mihai Coman <mihai.cmn@gmail.com>
+- MondoGao <mondogao@gmail.com>
+- Morrow Shore <97566823+MorrowShore@users.noreply.github.com>
+- MrAn0nym <63542658+MrAn0nym@users.noreply.github.com>
+- Mustapha Zorgati <15628173+mustaphazorgati@users.noreply.github.com>
+- ncguk <inglenook@duck.com>
+- Nikolas Rimikis <25266387+Leptopoda@users.noreply.github.com>
+- Nils K <24257556+septatrix@users.noreply.github.com>
+- ninoppp <101364396+ninoppp@users.noreply.github.com>
+- notEvil <not_evil@rappold1.at>
+- Oleksandr Piskun <oleksandr2088@icloud.com>
+- Oleksii Zolotarevskyi <15846984+roundoutandabout@users.noreply.github.com>
+- Pablo Zmdl <pablo@nextcloud.com>
+- pailloM <56462552+pailloM@users.noreply.github.com>
+- Paul <devnoname120@gmail.com>
+- Perlover <perlover@perlover.com>
+- Peter van Dijk <peter@7bits.nl>
+- ph00lt0 <15004290+ph00lt0@users.noreply.github.com>
+- ph818 <71797925+ph818@users.noreply.github.com>
+- Phil Mocek <pmocek-github@mocek.org>
+- Philipp Fruck <dev@p-fruck.de>
+- Pi-Farm <43029891+pi-farm@users.noreply.github.com>
+- PreciousChicken <hello@preciouschicken.com>
+- Prokop Schield <76836484+prokopschield@users.noreply.github.com>
+- pun kyard <59349105+punkyard@users.noreply.github.com>
+- Quentin Lemeasle <quentinlemcode@gmail.com>
+- Rahammetoela Toekiman <fusekai@outlook.com>
+- Richard Steinmetz <richard@steinmetz.cloud>
+- Robert Riemann <robert.riemann@edps.europa.eu>
+- Robert Zilke <robert@zilke.dev>
+- roelofz <11368363+roelofz@users.noreply.github.com>
+- roib20 <66280613+roib20@users.noreply.github.com>
+- Ruben D. <ruben@winterrific.net>
+- rugk <rugk+git@posteo.de>
+- S1m <git@sgougeon.fr>
+- Samuel Plumppu <6125097+Greenheart@users.noreply.github.com>
+- Sergio Casero Hernández <soy@sergiocasero.es>
+- Seth Deegan <jayandseth@gmail.com>
+- Shantanu Tushar <shaan7in@gmail.com>
+- Simon Lindner <szaimen@e.mail.de>
+- sjjh <2787214+sjjh@users.noreply.github.com>
+- SomeMichael <43578183+SomeMichael@users.noreply.github.com>
+- spatterlight <81454789+spatterIight@users.noreply.github.com>
+- stefano99 <falchi.stefi@gmail.com>
+- steffenmalisi <steffenmalisi@users.noreply.github.com>
+- sunjam <sunjam@users.noreply.github.com>
+- Surfict <allexandre@itis.swiss>
+- Syed Mishar Newaz <misharex.sezan@gmail.com>
+- ten0hira <85587841+ten0hira@users.noreply.github.com>
+- TheManchineel <37479927+TheManchineel@users.noreply.github.com>
+- thigg <thigg@users.noreply.github.com>
+- Thijs van der Woude <31108288+thijsvanderwoude@users.noreply.github.com>
+- thiswillbeyourgithub <26625900+thiswillbeyourgithub@users.noreply.github.com>
+- Thomas Lavocat <tlavocat@redhat.com>
+- Thor Galle <thorgalle@gmail.com>
+- Thorsten Schaefer <github@npath.de>
+- Tim Diels <tim@diels.me>
+- tofuwabohu <66644064+tofuwabohu@users.noreply.github.com>
+- Tomas (michnovka) <16553087+michnovka@users.noreply.github.com>
+- Tony F <goldstar611@hotmail.com>
+- turtleinarock <s.senn14@gmail.com>
+- tyleraharrison <tyleraharrison@gmail.com>
+- Valeriy Sotnikov <sotnikov.link@mail.ru>
+- Varun Patil <varunpatil@ucla.edu>
+- Verhoeckx <64807887+Verhoeckx@users.noreply.github.com>
+- William Wong <46506352+tar-xz@users.noreply.github.com>
+- xis <xis@schowek.net>
+- Yannik Buerkle <mail@yannik-buerkle.de>
+- Zakmaf <100925791+Zakmaf@users.noreply.github.com>
+- Zhao Guangyu <62810902+ZhaoGY-N@users.noreply.github.com>
+- Zoey <zoey@z0ey.de>
+- Zxhir <98621617+Imzxhir@users.noreply.github.com>
+- zybster <zybster@gmail.com>
+- |°_°| <grivel.theo@protonmail.com>
+- Álvaro Brey <alvaro.brey@nextcloud.com>

Containers/alpine/Dockerfile

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 # syntax=docker/dockerfile:latest
 FROM alpine:3.23.4
 

Containers/apache/Caddyfile

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+{
     auto_https disable_redirects
 
     storage file_system {

Containers/apache/Dockerfile

@@ -1,8 +1,11 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 # syntax=docker/dockerfile:latest
 FROM caddy:2.11.2-alpine AS caddy
 
 # From https://github.com/docker-library/httpd/blob/master/2.4/alpine/Dockerfile
-FROM httpd:2.4.66-alpine3.23
+FROM httpd:2.4.67-alpine3.23
 
 COPY --from=caddy /usr/bin/caddy /usr/bin/caddy
 

Containers/apache/healthcheck.sh

@@ -1,5 +1,12 @@
+# SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 nc -z "$NEXTCLOUD_HOST" 9000 || exit 0
 nc -z 127.0.0.1 8000 || exit 1
 nc -z 127.0.0.1 "$APACHE_PORT" || exit 1

Containers/apache/nextcloud.conf

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 Listen 8000
 <VirtualHost *:8000>
     ServerName localhost
@@ -7,7 +10,7 @@ Listen 8000
     LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
     ErrorLog /proc/self/fd/2
     ErrorLogFormat "[%t] [%l] [%E] [client: %{X-Forwarded-For}i] [%M] [%{User-Agent}i]"
-    LogLevel warn
+    LogLevel ${AIO_LOG_LEVEL}
 
     # KeepAlive On: allow the same TCP connection to carry multiple HTTP requests.
     # Without this each asset (JS, CSS, image) would require a full TCP handshake,

Containers/apache/start.sh

@@ -1,10 +1,23 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 if [ -z "$NC_DOMAIN" ]; then
     echo "NC_DOMAIN and NEXTCLOUD_HOST need to be provided. Exiting!"
     exit 1
 fi
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    export SUPERVISORD_STDOUT=/dev/stdout
+else
+    export SUPERVISORD_STDOUT=NONE
+fi
+
 # Need write access to /mnt/data
 if ! [ -w /mnt/data ]; then
     echo "Cannot write to /mnt/data"

Containers/apache/supervisord.conf

@@ -1,22 +1,25 @@
-[supervisord]
-nodaemon=true
-logfile=/var/log/supervisord/supervisord.log
-pidfile=/var/run/supervisord/supervisord.pid
-childlogdir=/var/log/supervisord/
-logfile_maxbytes=50MB                           
-logfile_backups=10                              
-loglevel=error
-
-[program:apache]
-# Stdout logging is disabled as otherwise the logs are spammed
-stdout_logfile=NONE
-stderr_logfile=/dev/stderr
-stderr_logfile_maxbytes=0
-command=apachectl -DFOREGROUND
-
-[program:caddy]
-stdout_logfile=/dev/stdout
-stdout_logfile_maxbytes=0
-stderr_logfile=/dev/stderr
-stderr_logfile_maxbytes=0
-command=/usr/bin/caddy run --config /tmp/Caddyfile
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+[supervisord]
+nodaemon=true
+logfile=/var/log/supervisord/supervisord.log
+pidfile=/var/run/supervisord/supervisord.pid
+childlogdir=/var/log/supervisord/
+logfile_maxbytes=50MB                           
+logfile_backups=10                              
+loglevel=%(ENV_AIO_LOG_LEVEL)s
+
+[program:apache]
+# Stdout logging is disabled as otherwise the logs are spammed
+stdout_logfile=%(ENV_SUPERVISORD_STDOUT)s
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+command=apachectl -DFOREGROUND
+
+[program:caddy]
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+command=/usr/bin/caddy run --config /tmp/Caddyfile

Containers/borgbackup/Dockerfile

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 # syntax=docker/dockerfile:latest
 FROM alpine:3.23.4
 

Containers/borgbackup/backupscript.sh

@@ -1,5 +1,12 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 # Functions
 get_start_time(){
     START_TIME=$(date +%s)
@@ -40,7 +47,7 @@ if [ -z "$BORG_REMOTE_REPO" ] && ! mountpoint -q "$MOUNT_DIR"; then
 fi
 
 # Check if repo is uninitialized
-if [ "$BORG_MODE" != backup ] && [ "$BORG_MODE" != test ] && ! borg info > /dev/null; then
+if [ "$BORG_MODE" != backup ] && [ "$BORG_MODE" != test ] && ! borg "$BORG_LOG_LEVEL_FLAG" info > /dev/null; then
     if [ -n "$BORG_REMOTE_REPO" ]; then
         echo "The repository is uninitialized or cannot connect to remote. Cannot perform check or restore."
     else
@@ -123,7 +130,7 @@ if [ "$BORG_MODE" = backup ]; then
     fi
 
     # Initialize the repository if can't get info from target
-    if ! borg info > /dev/null; then
+    if ! borg "$BORG_LOG_LEVEL_FLAG" info > /dev/null; then
         # Don't initialize if already initialized
         if [ -f "/nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/borg.config" ]; then
             if [ -n "$BORG_REMOTE_REPO" ]; then
@@ -140,14 +147,14 @@ if [ "$BORG_MODE" = backup ]; then
 
         echo "Initializing repository..."
         NEW_REPOSITORY=1
-        if ! borg init --debug --encryption=repokey-blake2; then
+        if ! borg "$BORG_LOG_LEVEL_FLAG" init --encryption=repokey-blake2; then
             echo "Could not initialize borg repository."
             exit 1
         fi
 
         if [ -z "$BORG_REMOTE_REPO" ]; then
             # borg config only works for local repos; it's up to the remote to ensure the disk isn't full
-            borg config :: additional_free_space 2G
+            borg "$BORG_LOG_LEVEL_FLAG" config :: additional_free_space 2G
 
             # Fix too large Borg cache
             # https://borgbackup.readthedocs.io/en/stable/faq.html#the-borg-cache-eats-way-too-much-disk-space-what-can-i-do
@@ -156,7 +163,7 @@ if [ "$BORG_MODE" = backup ]; then
             touch "/root/.cache/borg/$BORG_ID/chunks.archive.d"
         fi
 
-        if ! borg info > /dev/null; then
+        if ! borg "$BORG_LOG_LEVEL_FLAG" info > /dev/null; then
             echo "Borg can't get info from the repo it created. Something is wrong."
             exit 1
         fi
@@ -216,9 +223,9 @@ if [ "$BORG_MODE" = backup ]; then
     # Create the backup
     echo "Starting the backup..."
     get_start_time
-    if ! borg create "${BORG_OPTS[@]}" "${BORG_INCLUDE[@]}" "${BORG_EXCLUDE[@]}" "::$CURRENT_DATE-nextcloud-aio" "/nextcloud_aio_volumes/" --exclude-from /borg_excludes; then
+    if ! borg "$BORG_LOG_LEVEL_FLAG" create "${BORG_OPTS[@]}" "${BORG_INCLUDE[@]}" "${BORG_EXCLUDE[@]}" "::$CURRENT_DATE-nextcloud-aio" "/nextcloud_aio_volumes/" --exclude-from /borg_excludes; then
         echo "Deleting the failed backup archive..."
-        borg delete --stats "::$CURRENT_DATE-nextcloud-aio"
+        borg "$BORG_LOG_LEVEL_FLAG" delete --stats "::$CURRENT_DATE-nextcloud-aio"
         echo "Backup failed!"
         echo "You might want to check the backup integrity via the AIO interface."
         if [ "$NEW_REPOSITORY" = 1 ]; then
@@ -237,14 +244,14 @@ if [ "$BORG_MODE" = backup ]; then
 
     # Prune archives
     echo "Pruning the archives..."
-    if ! borg prune --stats --glob-archives '*_*-nextcloud-aio' "${BORG_PRUNE_OPTS[@]}"; then
+    if ! borg "$BORG_LOG_LEVEL_FLAG" prune --stats --glob-archives '*_*-nextcloud-aio' "${BORG_PRUNE_OPTS[@]}"; then
         echo "Failed to prune archives!"
         exit 1
     fi
 
     # Compact archives
     echo "Compacting the archives..."
-    if ! borg compact; then
+    if ! borg "$BORG_LOG_LEVEL_FLAG" compact; then
         echo "Failed to compact archives!"
         exit 1
     fi
@@ -261,19 +268,19 @@ if [ "$BORG_MODE" = backup ]; then
                 fi
             done
             echo "Starting the backup for additional volumes..."
-            if ! borg create "${BORG_OPTS[@]}" "::$CURRENT_DATE-additional-docker-volumes" "/docker_volumes/"; then
+            if ! borg "$BORG_LOG_LEVEL_FLAG" create "${BORG_OPTS[@]}" "::$CURRENT_DATE-additional-docker-volumes" "/docker_volumes/"; then
                 echo "Deleting the failed backup archive..."
-                borg delete --stats "::$CURRENT_DATE-additional-docker-volumes"
+                borg "$BORG_LOG_LEVEL_FLAG" delete --stats "::$CURRENT_DATE-additional-docker-volumes"
                 echo "Backup of additional docker-volumes failed!"
                 exit 1
             fi
             echo "Pruning additional volumes..."
-            if ! borg prune --stats --glob-archives '*_*-additional-docker-volumes' "${BORG_PRUNE_OPTS[@]}"; then
+            if ! borg "$BORG_LOG_LEVEL_FLAG" prune --stats --glob-archives '*_*-additional-docker-volumes' "${BORG_PRUNE_OPTS[@]}"; then
                 echo "Failed to prune additional docker-volumes archives!"
                 exit 1
             fi
             echo "Compacting additional volumes..."
-            if ! borg compact; then
+            if ! borg "$BORG_LOG_LEVEL_FLAG" compact; then
                 echo "Failed to compact additional docker-volume archives!"
                 exit 1
             fi
@@ -291,19 +298,19 @@ if [ "$BORG_MODE" = backup ]; then
                 EXCLUDE_DIRS+=(--exclude "/host_mounts/$directory/")
             done
             echo "Starting the backup for additional host mounts..."
-            if ! borg create "${BORG_OPTS[@]}" "${EXCLUDE_DIRS[@]}" "::$CURRENT_DATE-additional-host-mounts" "/host_mounts/"; then
+            if ! borg "$BORG_LOG_LEVEL_FLAG" create "${BORG_OPTS[@]}" "${EXCLUDE_DIRS[@]}" "::$CURRENT_DATE-additional-host-mounts" "/host_mounts/"; then
                 echo "Deleting the failed backup archive..."
-                borg delete --stats "::$CURRENT_DATE-additional-host-mounts"
+                borg "$BORG_LOG_LEVEL_FLAG" delete --stats "::$CURRENT_DATE-additional-host-mounts"
                 echo "Backup of additional host-mounts failed!"
                 exit 1
             fi
             echo "Pruning additional host mounts..."
-            if ! borg prune --stats --glob-archives '*_*-additional-host-mounts' "${BORG_PRUNE_OPTS[@]}"; then
+            if ! borg "$BORG_LOG_LEVEL_FLAG" prune --stats --glob-archives '*_*-additional-host-mounts' "${BORG_PRUNE_OPTS[@]}"; then
                 echo "Failed to prune additional host-mount archives!"
                 exit 1
             fi
             echo "Compacting additional host mounts..."
-            if ! borg compact; then
+            if ! borg "$BORG_LOG_LEVEL_FLAG" compact; then
                 echo "Failed to compact additional host-mount archives!"
                 exit 1
             fi
@@ -385,7 +392,7 @@ if [ "$BORG_MODE" = restore ]; then
 
     if [ -z "$BORG_REMOTE_REPO" ]; then
         mkdir -p /tmp/borg
-        if ! borg mount "::$SELECTED_ARCHIVE" /tmp/borg; then
+        if ! borg "$BORG_LOG_LEVEL_FLAG" mount "::$SELECTED_ARCHIVE" /tmp/borg; then
             echo "Could not mount the backup!"
             exit 1
         fi
@@ -432,7 +439,7 @@ if [ "$BORG_MODE" = restore ]; then
         #
         # Older backups may still contain files we've since excluded, so we have to exclude on extract as well.
         cd /  # borg extract has no destination arg and extracts to CWD
-        if ! borg extract "::$SELECTED_ARCHIVE" --progress --exclude-from /borg_excludes "${ADDITIONAL_BORG_EXCLUDES[@]}" --pattern '+nextcloud_aio_volumes/**'
+        if ! borg "$BORG_LOG_LEVEL_FLAG" extract "::$SELECTED_ARCHIVE" --progress --exclude-from /borg_excludes "${ADDITIONAL_BORG_EXCLUDES[@]}" --pattern '+nextcloud_aio_volumes/**'
         then
             RESTORE_FAILED=1
             echo "Failed to extract backup archive."
@@ -464,7 +471,7 @@ if [ "$BORG_MODE" = restore ]; then
                     \) \
                     | LC_ALL=C sort \
                     | LC_ALL=C comm -23 - \
-                        <(borg list "::$SELECTED_ARCHIVE" --short --exclude-from /borg_excludes  --pattern '+nextcloud_aio_volumes/**' | LC_ALL=C sort) \
+                        <(borg "$BORG_LOG_LEVEL_FLAG" list "::$SELECTED_ARCHIVE" --short --exclude-from /borg_excludes  --pattern '+nextcloud_aio_volumes/**' | LC_ALL=C sort) \
                     > /tmp/local_files_not_in_backup
             then
                 RESTORE_FAILED=1
@@ -552,7 +559,7 @@ if [ "$BORG_MODE" = check ]; then
     echo "Checking the backup integrity..."
 
     # Perform the check
-    if ! borg check -v --verify-data; then
+    if ! borg "$BORG_LOG_LEVEL_FLAG" check -v --verify-data; then
         echo "Some errors were found while checking the backup integrity!"
         echo "Check the AIO interface for advice on how to proceed now!"
         exit 1
@@ -570,7 +577,7 @@ if [ "$BORG_MODE" = "check-repair" ]; then
     echo "Checking the backup integrity and repairing it..."
 
     # Perform the check-repair
-    if ! echo YES | borg check -v --repair; then
+    if ! echo YES | borg "$BORG_LOG_LEVEL_FLAG" check -v --repair; then
         echo "Some errors were found while checking and repairing the backup integrity!"
         exit 1
     fi
@@ -584,7 +591,7 @@ fi
 # Do the backup test
 if [ "$BORG_MODE" = test ]; then
     if [ -n "$BORG_REMOTE_REPO" ]; then
-        if ! borg info > /dev/null; then
+        if ! borg "$BORG_LOG_LEVEL_FLAG" info > /dev/null; then
             echo "Borg could not get info from the remote repo."
             echo "See the above borg info output for details."
             exit 1
@@ -605,12 +612,12 @@ if [ "$BORG_MODE" = test ]; then
         fi
     fi
 
-    if ! borg list >/dev/null; then
+    if ! borg "$BORG_LOG_LEVEL_FLAG" list >/dev/null; then
         echo "The entered path seems to be valid but could not open the backup archive."
         echo "Most likely the entered password was wrong so please adjust it accordingly!"
         exit 1
     else
-        if ! borg list | grep "nextcloud-aio"; then
+        if ! borg "$BORG_LOG_LEVEL_FLAG" list | grep "nextcloud-aio"; then
             echo "The backup archive does not contain a valid Nextcloud AIO backup."
             echo "Most likely was the archive not created via Nextcloud AIO."
             exit 1
@@ -623,7 +630,7 @@ fi
 
 if [ "$BORG_MODE" = list ]; then
     echo "Updating backup list..."
-    if ! borg info > /dev/null; then
+    if ! borg "$BORG_LOG_LEVEL_FLAG" info > /dev/null; then
         echo "Could not update the backup list."
         exit 1
     fi

Containers/borgbackup/borg_excludes

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 # These patterns need to be kept in sync with rsync and find excludes in backupscript.sh,
 # which use a different syntax (patterns appear in 3 places in total)
 nextcloud_aio_volumes/nextcloud_aio_apache/caddy/

Containers/borgbackup/start.sh

@@ -1,5 +1,19 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
+if [ "$AIO_LOG_LEVEL" = "warn" ]; then
+    BORG_LOG_LEVEL_FLAG="--warning"
+else
+    BORG_LOG_LEVEL_FLAG="--$AIO_LOG_LEVEL"
+fi
+export BORG_LOG_LEVEL_FLAG
+
 # Variables
 export MOUNT_DIR="/mnt/borgbackup"
 export BORG_BACKUP_DIRECTORY="$MOUNT_DIR/borg"  # necessary even when remote to store the aio-lockfile
@@ -48,7 +62,7 @@ fi
 rm -f "/nextcloud_aio_volumes/nextcloud_aio_database_dump/backup-is-running"
 
 # Get a list of all available borg archives
-if borg list &>/dev/null; then
+if borg "$BORG_LOG_LEVEL_FLAG" list &>/dev/null; then
     borg list | grep "nextcloud-aio" | awk -F " " '{print $1","$3,$4}' > "/nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/backup_archives.list"
 else
     echo "" > "/nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/backup_archives.list"

Containers/clamav/Dockerfile

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 # syntax=docker/dockerfile:latest
 FROM alpine:3.23.4
 

Containers/clamav/healthcheck.sh

@@ -1,5 +1,12 @@
+# SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 if [ "$(echo "PING" | nc 127.0.0.1 3310)" != "PONG" ]; then
 	echo "ERROR: Unable to contact server"
 	exit 1

Containers/clamav/start.sh

@@ -1,5 +1,12 @@
+# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+	set -x
+fi
+
 # Print out clamav version for compliance reasons
 clamscan --version
 

Containers/clamav/supervisord.conf

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 [supervisord]
 nodaemon=true
 logfile=/var/log/supervisord/supervisord.log
@@ -5,7 +8,7 @@ pidfile=/var/run/supervisord/supervisord.pid
 childlogdir=/var/log/supervisord/
 logfile_maxbytes=50MB                           
 logfile_backups=10                              
-loglevel=error
+loglevel=%(ENV_AIO_LOG_LEVEL)s
 
 [program:freshclam]
 stdout_logfile=/dev/stdout

Containers/collabora-online/Dockerfile

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 # syntax=docker/dockerfile:latest
 # From https://gitlab.collabora.com/collabora-online/docker
 # hadolint ignore=DL3007

Containers/collabora-online/healthcheck.sh

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
 # Unfortunately, no curl and no nc is installed in the container 

Containers/collabora/Dockerfile

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 # syntax=docker/dockerfile:latest
 # From a file located probably somewhere here: https://github.com/CollaboraOnline/online/blob/master/docker/from-packages/Dockerfile
 FROM collabora/code:25.04.9.4.1
@@ -5,6 +8,7 @@ FROM collabora/code:25.04.9.4.1
 USER root
 ARG DEBIAN_FRONTEND=noninteractive
 
+COPY --chmod=775 start.sh /start.sh
 COPY --chmod=775 healthcheck.sh /healthcheck.sh
 
 USER 1001
@@ -18,3 +22,5 @@ LABEL com.centurylinklabs.watchtower.enable="false" \
     org.opencontainers.image.source="https://github.com/nextcloud/all-in-one" \
     org.opencontainers.image.vendor="Nextcloud" \
     org.opencontainers.image.documentation="https://github.com/nextcloud/all-in-one/blob/main/readme.md"
+
+ENTRYPOINT ["/start.sh"]

Containers/collabora/healthcheck.sh

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
 # Unfortunately, no curl and no nc is installed in the container 

Containers/collabora/start.sh

@@ -0,0 +1,22 @@
+# SPDX-FileCopyrightText: 2026 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+#!/bin/bash
+
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
+if [ "$AIO_LOG_LEVEL" = "warn" ]; then
+    COLLABORA_LOG_LEVEL="warning"
+elif [ "$AIO_LOG_LEVEL" = "info" ]; then
+    COLLABORA_LOG_LEVEL="notice"
+else
+    COLLABORA_LOG_LEVEL="$AIO_LOG_LEVEL"
+fi
+
+# Replace the hardcoded log level in extra_params with the translated one
+extra_params+=" --o:logging.level=$COLLABORA_LOG_LEVEL --o:logging.level_startup=$COLLABORA_LOG_LEVEL"
+export extra_params
+
+exec /start-collabora-online.sh "$@"

Containers/docker-socket-proxy/Dockerfile

@@ -1,5 +1,8 @@
+# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 # syntax=docker/dockerfile:latest
-FROM haproxy:3.3.6-alpine
+FROM haproxy:3.3.8-alpine
 
 # hadolint ignore=DL3002
 USER root

Containers/docker-socket-proxy/haproxy.cfg

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 # Inspiration: https://github.com/Tecnativa/docker-socket-proxy/blob/master/haproxy.cfg
 
 global

Containers/docker-socket-proxy/healthcheck.sh

@@ -1,4 +1,11 @@
+# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 nc -z "$NEXTCLOUD_HOST" 9001 || exit 0
 nc -z 127.0.0.1 2375 || exit 1

Containers/docker-socket-proxy/start.sh

@@ -1,5 +1,12 @@
+# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/sh
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 # Only start container if nextcloud is accessible
 while ! nc -z "$NEXTCLOUD_HOST" 9001; do
     echo "Waiting for Nextcloud to start..."
@@ -18,6 +25,8 @@ else
     HAPROXYFILE="$(sed "s# || { src NC_IPV6_PLACEHOLDER }##g" /tmp/haproxy.cfg)"
 fi
 echo "$HAPROXYFILE" > /tmp/haproxy.cfg
-set +x
+if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
+    set +x
+fi
 
 haproxy -f /tmp/haproxy.cfg -db

Containers/domaincheck/Dockerfile

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 # syntax=docker/dockerfile:latest
 FROM alpine:3.23.4
 RUN set -ex; \

Containers/domaincheck/lighttpd.conf

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 server.document-root = "/var/www/domaincheck/" 
 
 server.port = env.APACHE_PORT

Containers/domaincheck/start.sh

@@ -1,5 +1,12 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 if [ -z "$INSTANCE_ID" ]; then
     echo "You need to provide an instance id."
     exit 1
@@ -14,6 +21,20 @@ fi
 CONF_FILE="$(sed "s|ipv6-placeholder|\[::\]:$APACHE_PORT|" /lighttpd.conf)"
 echo "$CONF_FILE" > /etc/lighttpd/lighttpd.conf
 
+# shellcheck disable=SC2235
+if ([ "$AIO_LOG_LEVEL" = 'debug' ] || [ "$AIO_LOG_LEVEL" = 'info' ]) && ! grep -q debug.log-request-handling /etc/lighttpd/lighttpd.conf; then
+    cat << CONF_FILE >> /etc/lighttpd/lighttpd.conf
+debug.log-request-handling = "enable"
+CONF_FILE
+fi
+
+if [ "$AIO_LOG_LEVEL" = 'debug' ] && ! grep -q debug.log-request-header /etc/lighttpd/lighttpd.conf; then
+    cat << CONF_FILE >> /etc/lighttpd/lighttpd.conf
+debug.log-request-header = "enable"
+debug.log-response-header = "enable"
+CONF_FILE
+fi
+
 # Check config file
 lighttpd -tt -f /etc/lighttpd/lighttpd.conf
 

Containers/fulltextsearch/Dockerfile

@@ -1,32 +1,35 @@
-# syntax=docker/dockerfile:latest
-# Probably from here https://github.com/elastic/elasticsearch/blob/main/distribution/docker/src/docker/Dockerfile
-FROM elasticsearch:8.19.14
-
-USER root
-
-ARG DEBIAN_FRONTEND=noninteractive
-
-# hadolint ignore=DL3008
-RUN set -ex; \
-    \
-    apt-get update; \
-    apt-get upgrade -y; \
-    apt-get install -y --no-install-recommends \
-        tzdata \
-    ; \
-    rm -rf /var/lib/apt/lists/*;
-
-COPY --chmod=775 healthcheck.sh /healthcheck.sh
-
-USER 1000:0
-
-HEALTHCHECK --interval=10s --timeout=5s --start-period=1m --retries=5 CMD /healthcheck.sh
-LABEL com.centurylinklabs.watchtower.enable="false" \
-    wud.watch="false" \
-    org.opencontainers.image.title="Full Text Search for Nextcloud AIO" \
-    org.opencontainers.image.description="Elasticsearch-based full-text search for Nextcloud All-in-One" \
-    org.opencontainers.image.url="https://github.com/nextcloud/all-in-one" \
-    org.opencontainers.image.source="https://github.com/nextcloud/all-in-one" \
-    org.opencontainers.image.vendor="Nextcloud" \
-    org.opencontainers.image.documentation="https://github.com/nextcloud/all-in-one/blob/main/readme.md"
-ENV ES_JAVA_OPTS="-Xms512M -Xmx512M"
+# SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+# syntax=docker/dockerfile:latest
+# Probably from here https://github.com/elastic/dockerfiles/blob/9.3/elasticsearch/Dockerfile
+FROM elasticsearch:9.4.0
+
+USER root
+
+# hadolint ignore=DL3041
+RUN set -ex; \
+    \
+    microdnf update -y; \
+    microdnf install -y --setopt=tsflags=nodocs \
+        tzdata \
+    ; \
+    microdnf clean all;
+
+COPY --chmod=775 start.sh /start.sh
+COPY --chmod=775 healthcheck.sh /healthcheck.sh
+
+USER 1000:0
+
+HEALTHCHECK --interval=10s --timeout=5s --start-period=1m --retries=5 CMD /healthcheck.sh
+LABEL com.centurylinklabs.watchtower.enable="false" \
+    wud.watch="false" \
+    org.opencontainers.image.title="Full Text Search for Nextcloud AIO" \
+    org.opencontainers.image.description="Elasticsearch-based full-text search for Nextcloud All-in-One" \
+    org.opencontainers.image.url="https://github.com/nextcloud/all-in-one" \
+    org.opencontainers.image.source="https://github.com/nextcloud/all-in-one" \
+    org.opencontainers.image.vendor="Nextcloud" \
+    org.opencontainers.image.documentation="https://github.com/nextcloud/all-in-one/blob/main/readme.md"
+ENV ES_JAVA_OPTS="-Xms512M -Xmx512M"
+
+ENTRYPOINT ["/start.sh"]

Containers/fulltextsearch/healthcheck.sh

@@ -1,3 +1,10 @@
+# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 curl -fs "http://127.0.0.1:9200/_cluster/health?filter_path=status" | grep -qE '"status":"(green|yellow)"' || exit 1

Containers/fulltextsearch/start.sh

@@ -0,0 +1,12 @@
+# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+#!/bin/bash
+
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
+ELASTIC_LOG_LEVEL="$(echo "$AIO_LOG_LEVEL" | tr '[:lower:]' '[:upper:]')"
+
+exec env "logger.level=$ELASTIC_LOG_LEVEL" /usr/local/bin/docker-entrypoint.sh "$@"

Containers/imaginary/Dockerfile

@@ -1,52 +1,56 @@
-# syntax=docker/dockerfile:latest
-FROM golang:1.26.2-alpine3.23 AS go
-
+# SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+# syntax=docker/dockerfile:latest
+FROM golang:1.26.2-alpine3.23 AS go
+
 ENV IMAGINARY_HASH=6a274b488759a896aff02f52afee6e50b5e3a3ee
-
-RUN set -ex; \
-    apk upgrade --no-cache -a; \
-    apk add --no-cache \
-        vips-dev \
-        vips-magick \
-        vips-heif \
-        vips-jxl \
-        vips-poppler \
-        build-base; \
-    go install github.com/h2non/imaginary@"$IMAGINARY_HASH";
-
-FROM alpine:3.23.4
-RUN set -ex; \
-    apk upgrade --no-cache -a; \
-    apk add --no-cache \
-        tzdata \
-        ca-certificates \
-        netcat-openbsd \
-        vips \
-        vips-magick \
-        vips-heif \
-        vips-jxl \
-        vips-poppler \
-        ttf-dejavu \
-        bash
-
-COPY --from=go /go/bin/imaginary /usr/local/bin/imaginary
-COPY --chmod=775 start.sh /start.sh
-COPY --chmod=775 healthcheck.sh /healthcheck.sh
-
-ENV PORT=9000
-
-USER 65534
-
-# https://github.com/h2non/imaginary#memory-issues
-ENV MALLOC_ARENA_MAX=2
-ENTRYPOINT ["/start.sh"]
-
-HEALTHCHECK CMD /healthcheck.sh
-LABEL com.centurylinklabs.watchtower.enable="false" \
-    wud.watch="false" \
-    org.opencontainers.image.title="Imaginary for Nextcloud AIO" \
-    org.opencontainers.image.description="High-performance image processing service for Nextcloud All-in-One" \
-    org.opencontainers.image.url="https://github.com/nextcloud/all-in-one" \
-    org.opencontainers.image.source="https://github.com/nextcloud/all-in-one" \
-    org.opencontainers.image.vendor="Nextcloud" \
-    org.opencontainers.image.documentation="https://github.com/nextcloud/all-in-one/blob/main/readme.md"
+
+RUN set -ex; \
+    apk upgrade --no-cache -a; \
+    apk add --no-cache \
+        vips-dev \
+        vips-magick \
+        vips-heif \
+        vips-jxl \
+        vips-poppler \
+        build-base; \
+    go install github.com/h2non/imaginary@"$IMAGINARY_HASH";
+
+FROM alpine:3.23.4
+RUN set -ex; \
+    apk upgrade --no-cache -a; \
+    apk add --no-cache \
+        tzdata \
+        ca-certificates \
+        netcat-openbsd \
+        vips \
+        vips-magick \
+        vips-heif \
+        vips-jxl \
+        vips-poppler \
+        ttf-dejavu \
+        bash
+
+COPY --from=go /go/bin/imaginary /usr/local/bin/imaginary
+COPY --chmod=775 start.sh /start.sh
+COPY --chmod=775 healthcheck.sh /healthcheck.sh
+
+ENV PORT=9000 \
+    AIO_LOG_LEVEL=warn
+
+USER 65534
+
+# https://github.com/h2non/imaginary#memory-issues
+ENV MALLOC_ARENA_MAX=2
+ENTRYPOINT ["/start.sh"]
+
+HEALTHCHECK CMD /healthcheck.sh
+LABEL com.centurylinklabs.watchtower.enable="false" \
+    wud.watch="false" \
+    org.opencontainers.image.title="Imaginary for Nextcloud AIO" \
+    org.opencontainers.image.description="High-performance image processing service for Nextcloud All-in-One" \
+    org.opencontainers.image.url="https://github.com/nextcloud/all-in-one" \
+    org.opencontainers.image.source="https://github.com/nextcloud/all-in-one" \
+    org.opencontainers.image.vendor="Nextcloud" \
+    org.opencontainers.image.documentation="https://github.com/nextcloud/all-in-one/blob/main/readme.md"

Containers/imaginary/healthcheck.sh

@@ -1,3 +1,10 @@
+# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 nc -z 127.0.0.1 "$PORT" || exit 1

Containers/imaginary/start.sh

@@ -1,5 +1,23 @@
+# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
+GOLANG_LOG="$(case "$AIO_LOG_LEVEL" in
+    debug) printf 'info' ;;
+    info) printf 'info' ;;
+    warn) printf 'warning' ;;
+    error) printf 'error' ;;
+esac)"
+export GOLANG_LOG
+if [ "$AIO_LOG_LEVEL" = "debug" ]; then
+    export DEBUG='*'
+fi
+
 echo "Imaginary has started"
 
 IMAGINARY_ARGS=(-return-size -max-allowed-resolution 222.2)

Containers/mastercontainer/Dockerfile

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 # syntax=docker/dockerfile:latest
 # Docker CLI is a requirement
 FROM docker:29.4.1-cli AS docker

Containers/mastercontainer/README.md

@@ -1,3 +1,8 @@
+<!--
+SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
+SPDX-License-Identifier: AGPL-3.0-or-later
+-->
+
 # Nextcloud All-in-One `mastercontainer`
 
 This folder contains the OCI/Docker container definition, along with associated resources and

Containers/mastercontainer/acme.Caddyfile

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2026 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 {
 	admin off
 

Containers/mastercontainer/backup-time-file-watcher.sh

@@ -1,5 +1,12 @@
+# SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 restart_process() {
     echo "Restarting cron.sh because daily backup time was set, changed or unset."
     pkill cron.sh

Containers/mastercontainer/cron.sh

@@ -1,5 +1,12 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 while true; do
     if [ -f "/mnt/docker-aio-config/data/daily_backup_time" ]; then
         set -x
@@ -17,7 +24,9 @@ while true; do
         else
             export SEND_SUCCESS_NOTIFICATIONS=0
         fi
-        set +x
+        if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
+            set +x
+        fi
         if [ -f "/mnt/docker-aio-config/data/daily_backup_running" ]; then
             export LOCK_FILE_PRESENT=1
         else

Containers/mastercontainer/daily-backup.sh

@@ -1,5 +1,12 @@
+# SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 echo "Daily backup script has started"
 
 # Check if initial configuration has been done, otherwise this script should do nothing.

Containers/mastercontainer/headers.Caddyfile

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2026 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 header {
     # CSP limits which features can be used. By default we allow nothing and only allow required options. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Content-Security-Policy
     # default-src 'none'; Allow nothing by default
@@ -18,9 +21,9 @@ header {
     Referrer-Policy "no-referrer" # Tells the browser to never sent a Referer header. See https://developer.mozilla.org/de/docs/Web/HTTP/Reference/Headers/Referrer-Policy
     X-Robots-Tag "noindex, nofollow" # Tells web crawlers to not index this page. See https://developer.mozilla.org/de/docs/Web/HTTP/Reference/Headers/X-Robots-Tag
     Origin-Agent-Cluster "?1" # Isolates AIO from other same site pages. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Origin-Agent-Cluster
-    Cross-Origin-Opener-Policy "same-origin"; # AIO does not use any popup, still we can isolate its BCG if it is opened as a pop up by another page. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Cross-Origin-Opener-Policy
-    Cross-Origin-Embedder-Policy "require-corp"; # Harder rules for cross origin embeds. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Cross-Origin-Embedder-Policy
-    Cross-Origin-Resource-Policy "same-origin"; # Only allow the same origin to load resources. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/Cross-Origin_Resource_Policy
+    Cross-Origin-Opener-Policy "same-origin" # AIO does not use any popup, still we can isolate its BCG if it is opened as a pop up by another page. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Cross-Origin-Opener-Policy
+    Cross-Origin-Embedder-Policy "require-corp" # Harder rules for cross origin embeds. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Cross-Origin-Embedder-Policy
+    Cross-Origin-Resource-Policy "same-origin" # Only allow the same origin to load resources. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/Cross-Origin_Resource_Policy
 
     # Permissions-Policy disables browser features that AIO does not use. Since there is no "deny all" option, all known features need to be listed explicitly. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Permissions-Policy
     Permissions-Policy "accelerometer=(), ambient-light-sensor=(), aria-notify=(), attribution-reporting=(), autoplay=(), bluetooth=(), browsing-topics=(), camera=(), captured-surface-control=(), ch-ua-high-entropy-values=(), compute-pressure=(), cross-origin-isolated=(), deferred-fetch=(), deferred-fetch-minimal=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), identity-credentials-get=(), idle-detection=(), local-fonts=(), local-network=(), local-network-access=(), loopback-network=(), magnetometer=(), microphone=(), midi=(), on-device-speech-recognition=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), private-state-token-redemption=(), publickey-credentials-create=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), storage-access=(), summarizer=(), usb=(), web-share=(), window-management=(), xr-spatial-tracking=()"

Containers/mastercontainer/healthcheck.sh

@@ -1,5 +1,12 @@
+# SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 if [ -f "/mnt/docker-aio-config/data/configuration.json" ]; then
     nc -z 127.0.0.1 80 || exit 1
     nc -z 127.0.0.1 8080 || exit 1

Containers/mastercontainer/internal.Caddyfile

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2026 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 {
 	admin off
 

Containers/mastercontainer/session-deduplicator.sh

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
 deduplicate_sessions() {
@@ -16,6 +19,10 @@ compare_times() {
     fi
 }
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 while true; do
     compare_times
     sleep 2

Containers/mastercontainer/start.sh

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
 # Function to show text in green
@@ -20,6 +23,10 @@ case "${1}" in
 esac
 }
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 # Check if running as root user
 if [ "$EUID" != "0" ]; then
     print_red "Container does not run as root user. This is not supported."
@@ -333,6 +340,22 @@ else
     export NEXTCLOUD_DRI_GID=""
 fi
 
+# Log level logics
+if [ -n "$AIO_LOG_LEVEL" ] && ! echo "$AIO_LOG_LEVEL" | grep -q "^debug$\|^info$\|^warn$\|^error$"; then
+    print_red "AIO_LOG_LEVEL must be one of 'debug', 'info', 'warn' or 'error'.
+It is set to '$AIO_LOG_LEVEL'".
+    exit 1
+fi
+if [ -z "$AIO_LOG_LEVEL" ]; then
+    export AIO_LOG_LEVEL="warn"
+fi
+
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    export SUPERVISORD_STDOUT=/dev/stdout
+else
+    export SUPERVISORD_STDOUT=NONE
+fi
+
 # Check if ghcr.io is reachable
 # Solves issues like https://github.com/nextcloud/all-in-one/discussions/5268
 if ! curl --no-progress-meter https://ghcr.io/v2/ >/dev/null; then

Containers/mastercontainer/supervisord.conf

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 [supervisord]
 nodaemon=true
 logfile=/var/log/supervisord/supervisord.log
@@ -5,12 +8,12 @@ pidfile=/var/run/supervisord/supervisord.pid
 childlogdir=/var/log/supervisord/
 logfile_maxbytes=50MB                           
 logfile_backups=10                 
-loglevel=error
+loglevel=%(ENV_AIO_LOG_LEVEL)s
 user=root
 
 [program:php-fpm]
 # Stdout logging is disabled as otherwise the logs are spammed
-stdout_logfile=NONE
+stdout_logfile=%(ENV_SUPERVISORD_STDOUT)s
 stderr_logfile=/dev/stderr
 stderr_logfile_maxbytes=0
 command=php-fpm
@@ -58,7 +61,7 @@ user=root
 
 [program:domain-validator]
 # Logging is disabled as otherwise all attempts will be logged which spams the logs
-stdout_logfile=NONE
-stderr_logfile=NONE
+stdout_logfile=%(ENV_SUPERVISORD_STDOUT)s
+stderr_logfile=%(ENV_SUPERVISORD_STDOUT)s
 command=php -S 127.0.0.1:9876 /var/www/docker-aio/php/domain-validator.php
 user=www-data

Containers/nextcloud/Dockerfile

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 # syntax=docker/dockerfile:latest
 FROM php:8.3.30-fpm-alpine3.23
 
@@ -8,7 +11,7 @@ ENV SOURCE_LOCATION=/usr/src/nextcloud
 ENV REDIS_DB_INDEX=0
 
 # AIO settings start # Do not remove or change this line!
-ENV NEXTCLOUD_VERSION=33.0.2
+ENV NEXTCLOUD_VERSION=33.0.3
 ENV AIO_TOKEN=123456
 ENV AIO_URL=localhost
 # AIO settings end # Do not remove or change this line!
@@ -250,6 +253,21 @@ RUN set -ex; \
 # We don't actually expect so many children but don't want to limit it artificially because people will report issues otherwise.
 # Also children will usually be terminated again after the process is done due to the ondemand setting
     sed -i 's/^pm.max_children =.*/pm.max_children = 5000/' /usr/local/etc/php-fpm.d/www.conf; \
+# With pm = ondemand, workers are killed after pm.process_idle_timeout seconds
+# of inactivity.  The upstream default is 10 s, which is aggressive: after a
+# brief quiet period (e.g. desktop-sync clients polling every few seconds), all
+# workers are reaped and the next request burst must wait for fresh forks.  On
+# a loaded host that spawn latency can push Apache past its FastCGI timeout and
+# produce a 502.  300 s (5 min) keeps a warm pool through normal sync-client
+# polling cycles while still reclaiming memory during genuinely idle periods.
+    sed -i 's/^;*pm.process_idle_timeout\s*=.*/pm.process_idle_timeout = 300s/' /usr/local/etc/php-fpm.d/www.conf; \
+# Set request_terminate_timeout so that PHP-FPM forcibly kills workers that
+# exceed the wall-clock limit.  Without this (default = 0 = disabled) a worker
+# stuck on a slow DB query, a stalled Redis connection, or a hung syscall is
+# never reaped.  Over time these zombies fill up pm.max_children, leaving no
+# free slots for legitimate requests and causing Apache to return 502 Bad
+# Gateway upstream.
+    sed -i "s|^;*request_terminate_timeout = .*|request_terminate_timeout = \${PHP_MAX_TIME}|" /usr/local/etc/php-fpm.d/www.conf; \
     sed -i 's|access.log = /proc/self/fd/2|access.log = /proc/self/fd/1|' /usr/local/etc/php-fpm.d/docker.conf; \
     \
     echo "[ -n \"\$TERM\" ] && [ -f /root.motd ] && cat /root.motd" >> /root/.bashrc; \

Containers/nextcloud/README.md

@@ -1,3 +1,8 @@
+<!--
+SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
+SPDX-License-Identifier: AGPL-3.0-or-later
+-->
+
 # Nextcloud All-in-One ``nextcloud`` Container
 
 This folder contains the OCI/Docker container definition, along with associated resources and configuration files, for building the `nextcloud` container as part of the [Nextcloud All-in-One](https://github.com/nextcloud/all-in-one) project. This container hosts PHP and the Nextcloud Server application.

Containers/nextcloud/config/aio.config.php

@@ -1,4 +1,8 @@
 <?php
+
+// SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+// SPDX-License-Identifier: AGPL-3.0-or-later
+
 $CONFIG = array (
   'one-click-instance' => true,
   'one-click-instance.user-limit' => 100,

Containers/nextcloud/config/apcu.config.php

@@ -1,4 +1,8 @@
 <?php
+
+// SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+// SPDX-License-Identifier: AGPL-3.0-or-later
+
 $CONFIG = array (
   'memcache.local' => '\OC\Memcache\APCu',
 );

Containers/nextcloud/config/apps.config.php

@@ -1,4 +1,8 @@
 <?php
+
+// SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+// SPDX-License-Identifier: AGPL-3.0-or-later
+
 $CONFIG = array (
   'apps_paths' => array (
       0 => array (

Containers/nextcloud/config/certificates-bundle.config.php

@@ -1,4 +1,8 @@
 <?php
+
+// SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
+// SPDX-License-Identifier: AGPL-3.0-or-later
+
 // Check if NEXTCLOUD_TRUSTED_CERTIFICATES_ are configured
 if (str_contains(implode(' ', array_keys(getenv())), 'NEXTCLOUD_TRUSTED_CERTIFICATES_')) {
   $CONFIG['default_certificates_bundle_path'] = '/var/www/html/data/certificates/ca-bundle.crt';

Containers/nextcloud/config/postgres.config.php

@@ -1,4 +1,8 @@
 <?php
+
+// SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
+// SPDX-License-Identifier: AGPL-3.0-or-later
+
 if (getenv('NEXTCLOUD_TRUSTED_CERTIFICATES_POSTGRES')) {
   $CONFIG = array(
     'pgsql_ssl' => array(

Containers/nextcloud/config/proxy.config.php

@@ -1,4 +1,8 @@
 <?php
+
+// SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+// SPDX-License-Identifier: AGPL-3.0-or-later
+
 if (getenv('HTTP_PROXY')) {
     $CONFIG['proxy'] = getenv('HTTP_PROXY');
 }

Containers/nextcloud/config/redis.config.php

@@ -1,4 +1,8 @@
 <?php
+
+// SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+// SPDX-License-Identifier: AGPL-3.0-or-later
+
 if (getenv('REDIS_MODE') !== 'rediscluster') {
   $CONFIG = array(
     'memcache.distributed' => '\OC\Memcache\Redis',

Containers/nextcloud/config/reverse-proxy.config.php

@@ -1,4 +1,8 @@
 <?php
+
+// SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+// SPDX-License-Identifier: AGPL-3.0-or-later
+
 $overwriteHost = getenv('OVERWRITEHOST');
 if ($overwriteHost) {
   $CONFIG['overwritehost'] = $overwriteHost;

Containers/nextcloud/config/s3.config.php

@@ -1,47 +1,51 @@
-<?php
-if (getenv('OBJECTSTORE_S3_BUCKET')) {
-  $use_ssl = getenv('OBJECTSTORE_S3_SSL');
-  $use_path = getenv('OBJECTSTORE_S3_USEPATH_STYLE');
-  $use_legacyauth = getenv('OBJECTSTORE_S3_LEGACYAUTH');
-  $autocreate = getenv('OBJECTSTORE_S3_AUTOCREATE');
-  $multibucket = getenv('OBJECTSTORE_S3_MULTIBUCKET');
-  $CONFIG = array(
-    'objectstore' => array(
-      'class' => '\OC\Files\ObjectStore\S3',
-      'arguments' => array(
-        'multibucket' => $multibucket === 'true',
-        'num_buckets' => (int)getenv('OBJECTSTORE_S3_NUM_BUCKETS') ?: 64,
-        'bucket' => getenv('OBJECTSTORE_S3_BUCKET'),
-        'key' => getenv('OBJECTSTORE_S3_KEY') ?: '',
-        'secret' => getenv('OBJECTSTORE_S3_SECRET') ?: '',
-        'region' => getenv('OBJECTSTORE_S3_REGION') ?: '',
-        'hostname' => getenv('OBJECTSTORE_S3_HOST') ?: '',
-        'port' => getenv('OBJECTSTORE_S3_PORT') ?: '',
-        'storageClass' => getenv('OBJECTSTORE_S3_STORAGE_CLASS') ?: '',
-        'objectPrefix' => getenv("OBJECTSTORE_S3_OBJECT_PREFIX") ? getenv("OBJECTSTORE_S3_OBJECT_PREFIX") : "urn:oid:",
-        'autocreate' => strtolower($autocreate) !== 'false',
-        'use_ssl' => strtolower($use_ssl) !== 'false',
-        // required for some non Amazon S3 implementations
-        'use_path_style' => strtolower($use_path) === 'true',
-        // required for older protocol versions
-        'legacy_auth' => strtolower($use_legacyauth) === 'true',
-        'use_nextcloud_bundle' => 1,
-      )
-    )
-  );
-
-  $sse_c_key = getenv('OBJECTSTORE_S3_SSE_C_KEY');
-  if ($sse_c_key) {
-    $CONFIG['objectstore']['arguments']['sse_c_key'] = $sse_c_key;
-  }
-
-  $requestChecksumValidation = getenv('OBJECTSTORE_S3_REQUEST_CHECKSUM_VALIDATION');
-  if ($requestChecksumValidation) {
-    $CONFIG['objectstore']['arguments']['request_checksum_calculation'] = $requestChecksumValidation;
-  }
-
-  $responseChecksumValidation = getenv('OBJECTSTORE_S3_RESPONSE_CHECKSUM_VALIDATION');
-  if ($responseChecksumValidation) {
-    $CONFIG['objectstore']['arguments']['response_checksum_validation'] = $responseChecksumValidation;
-  }
-}
+<?php
+
+// SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+// SPDX-License-Identifier: AGPL-3.0-or-later
+
+if (getenv('OBJECTSTORE_S3_BUCKET')) {
+  $use_ssl = getenv('OBJECTSTORE_S3_SSL');
+  $use_path = getenv('OBJECTSTORE_S3_USEPATH_STYLE');
+  $use_legacyauth = getenv('OBJECTSTORE_S3_LEGACYAUTH');
+  $autocreate = getenv('OBJECTSTORE_S3_AUTOCREATE');
+  $multibucket = getenv('OBJECTSTORE_S3_MULTIBUCKET');
+  $CONFIG = array(
+    'objectstore' => array(
+      'class' => '\OC\Files\ObjectStore\S3',
+      'arguments' => array(
+        'multibucket' => $multibucket === 'true',
+        'num_buckets' => (int)getenv('OBJECTSTORE_S3_NUM_BUCKETS') ?: 64,
+        'bucket' => getenv('OBJECTSTORE_S3_BUCKET'),
+        'key' => getenv('OBJECTSTORE_S3_KEY') ?: '',
+        'secret' => getenv('OBJECTSTORE_S3_SECRET') ?: '',
+        'region' => getenv('OBJECTSTORE_S3_REGION') ?: '',
+        'hostname' => getenv('OBJECTSTORE_S3_HOST') ?: '',
+        'port' => getenv('OBJECTSTORE_S3_PORT') ?: '',
+        'storageClass' => getenv('OBJECTSTORE_S3_STORAGE_CLASS') ?: '',
+        'objectPrefix' => getenv("OBJECTSTORE_S3_OBJECT_PREFIX") ? getenv("OBJECTSTORE_S3_OBJECT_PREFIX") : "urn:oid:",
+        'autocreate' => strtolower($autocreate) !== 'false',
+        'use_ssl' => strtolower($use_ssl) !== 'false',
+        // required for some non Amazon S3 implementations
+        'use_path_style' => strtolower($use_path) === 'true',
+        // required for older protocol versions
+        'legacy_auth' => strtolower($use_legacyauth) === 'true',
+        'use_nextcloud_bundle' => 1,
+      )
+    )
+  );
+
+  $sse_c_key = getenv('OBJECTSTORE_S3_SSE_C_KEY');
+  if ($sse_c_key) {
+    $CONFIG['objectstore']['arguments']['sse_c_key'] = $sse_c_key;
+  }
+
+  $requestChecksumValidation = getenv('OBJECTSTORE_S3_REQUEST_CHECKSUM_VALIDATION');
+  if ($requestChecksumValidation) {
+    $CONFIG['objectstore']['arguments']['request_checksum_calculation'] = $requestChecksumValidation;
+  }
+
+  $responseChecksumValidation = getenv('OBJECTSTORE_S3_RESPONSE_CHECKSUM_VALIDATION');
+  if ($responseChecksumValidation) {
+    $CONFIG['objectstore']['arguments']['response_checksum_validation'] = $responseChecksumValidation;
+  }
+}

Containers/nextcloud/config/server.config.php

@@ -1,4 +1,8 @@
 <?php
+
+// SPDX-FileCopyrightText: 2026 Nextcloud GmbH and Nextcloud contributors
+// SPDX-License-Identifier: AGPL-3.0-or-later
+
 $CONFIG = array (
   'serverid' => crc32(gethostname()) % 512,
 );

Containers/nextcloud/config/smtp.config.php

@@ -1,4 +1,8 @@
 <?php
+
+// SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+// SPDX-License-Identifier: AGPL-3.0-or-later
+
 if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) {
   $CONFIG = array (
     'mail_smtpmode' => 'smtp',

Containers/nextcloud/config/swift.config.php

@@ -1,31 +1,35 @@
-<?php
-if (getenv('OBJECTSTORE_SWIFT_URL')) {
-    $autocreate = getenv('OBJECTSTORE_SWIFT_AUTOCREATE');
-  $CONFIG = array(
-    'objectstore' => [
-      'class' => 'OC\\Files\\ObjectStore\\Swift',
-      'arguments' => [
-        'autocreate' => $autocreate == true && strtolower($autocreate) !== 'false',
-        'user' => [
-          'name' => getenv('OBJECTSTORE_SWIFT_USER_NAME'),
-          'password' => getenv('OBJECTSTORE_SWIFT_USER_PASSWORD'),
-          'domain' => [
-            'name' => (getenv('OBJECTSTORE_SWIFT_USER_DOMAIN')) ?: 'Default',
-          ],
-        ],
-        'scope' => [
-          'project' => [
-            'name' => getenv('OBJECTSTORE_SWIFT_PROJECT_NAME'),
-            'domain' => [
-              'name' => (getenv('OBJECTSTORE_SWIFT_PROJECT_DOMAIN')) ?: 'Default',
-            ],
-          ],
-        ],
-        'serviceName' => (getenv('OBJECTSTORE_SWIFT_SERVICE_NAME')) ?: 'swift',
-        'region' => getenv('OBJECTSTORE_SWIFT_REGION'),
-        'url' => getenv('OBJECTSTORE_SWIFT_URL'),
-        'bucket' => getenv('OBJECTSTORE_SWIFT_CONTAINER_NAME'),
-      ]
-    ]
-  );
-}
+<?php
+
+// SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+// SPDX-License-Identifier: AGPL-3.0-or-later
+
+if (getenv('OBJECTSTORE_SWIFT_URL')) {
+    $autocreate = getenv('OBJECTSTORE_SWIFT_AUTOCREATE');
+  $CONFIG = array(
+    'objectstore' => [
+      'class' => 'OC\\Files\\ObjectStore\\Swift',
+      'arguments' => [
+        'autocreate' => $autocreate == true && strtolower($autocreate) !== 'false',
+        'user' => [
+          'name' => getenv('OBJECTSTORE_SWIFT_USER_NAME'),
+          'password' => getenv('OBJECTSTORE_SWIFT_USER_PASSWORD'),
+          'domain' => [
+            'name' => (getenv('OBJECTSTORE_SWIFT_USER_DOMAIN')) ?: 'Default',
+          ],
+        ],
+        'scope' => [
+          'project' => [
+            'name' => getenv('OBJECTSTORE_SWIFT_PROJECT_NAME'),
+            'domain' => [
+              'name' => (getenv('OBJECTSTORE_SWIFT_PROJECT_DOMAIN')) ?: 'Default',
+            ],
+          ],
+        ],
+        'serviceName' => (getenv('OBJECTSTORE_SWIFT_SERVICE_NAME')) ?: 'swift',
+        'region' => getenv('OBJECTSTORE_SWIFT_REGION'),
+        'url' => getenv('OBJECTSTORE_SWIFT_URL'),
+        'bucket' => getenv('OBJECTSTORE_SWIFT_CONTAINER_NAME'),
+      ]
+    ]
+  );
+}

Containers/nextcloud/cron.sh

@@ -1,4 +1,12 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
+
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 wait_for_cron() {
     set -x
     while [ -n "$(pgrep -f /var/www/html/cron.php)" ]; do

Containers/nextcloud/entrypoint.sh

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
 # version_greater A B returns whether A > B
@@ -10,6 +13,10 @@ directory_empty() {
     [ -z "$(ls -A "$1/")" ]
 }
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 run_upgrade_if_needed_due_to_app_update() {
     if php /var/www/html/occ status | grep maintenance | grep -q true; then
         php /var/www/html/occ maintenance:mode --off
@@ -20,6 +27,14 @@ run_upgrade_if_needed_due_to_app_update() {
     fi
 }
 
+NEXTCLOUD_LOG_LEVEL="$(case "$AIO_LOG_LEVEL" in
+    debug) printf '0' ;;
+    info) printf '1' ;;
+    warn) printf '2' ;;
+    error) printf '3' ;;
+esac)"
+export NEXTCLOUD_LOG_LEVEL
+
 # Create cert bundle
 if env | grep -q NEXTCLOUD_TRUSTED_CERTIFICATES_; then
 
@@ -75,7 +90,9 @@ if env | grep -q NEXTCLOUD_TRUSTED_CERTIFICATES_; then
     cat "$CERTIFICATE_BUNDLE"
 
     # Disable debug mode
-    set +x
+    if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
+        set +x
+    fi
 fi
 
 # Adjust DATABASE_TYPE to by Nextcloud supported value
@@ -222,7 +239,9 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then
                 if grep -q appstoreurl /var/www/html/config/config.php; then
                     set -x
                     APPSTORE_URL="$(grep appstoreurl /var/www/html/config/config.php | grep -oP 'https://.*v[0-9]+')"
-                    set +x
+                    if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
+                        set +x
+                    fi
                 fi
                 # Default appstoreurl parameter in config.php defaults to 'https://apps.nextcloud.com/api/v1' so we check for the apps.json file stored in there
                 CURL_STATUS="$(curl -LI "$APPSTORE_URL"/apps.json -o /dev/null -w '%{http_code}\n' -s)"
@@ -289,7 +308,9 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then
                     "$SOURCE_LOCATION/custom_apps/" \
                     /var/www/html/custom_apps/
             done
-            set +x
+            if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
+                set +x
+            fi
         fi
 
         # Copy these from Nextcloud archive if they don't exist yet (i.e. new install)
@@ -442,7 +463,7 @@ EOF
             # Apply log settings
             echo "Applying default settings..."
             mkdir -p /var/www/html/data
-            php /var/www/html/occ config:system:set loglevel --value="2" --type=integer
+            php /var/www/html/occ config:system:set loglevel --value="$NEXTCLOUD_LOG_LEVEL" --type=integer
             if [ "$NEXTCLOUD_LOG_TYPE" = "errorlog" ]; then
                 php /var/www/html/occ config:system:set log_type --value="errorlog"
                 php /var/www/html/occ config:system:set log_type_audit --value="errorlog"
@@ -653,6 +674,7 @@ fi
 # Adjusting log files to be stored on a volume
 echo "Adjusting log files..."
 php /var/www/html/occ config:system:set upgrade.cli-upgrade-link --value="https://github.com/nextcloud/all-in-one/discussions/2726"
+php /var/www/html/occ config:system:set loglevel --value="$NEXTCLOUD_LOG_LEVEL" --type=integer
 if [ "$NEXTCLOUD_LOG_TYPE" = "errorlog" ]; then
     php /var/www/html/occ config:system:set log_type --value="errorlog"
     php /var/www/html/occ config:system:set log_type_audit --value="errorlog"
@@ -764,7 +786,9 @@ if [ "$COLLABORA_ENABLED" = 'yes' ]; then
     if echo "$COLLABORA_HOST" | grep -q "nextcloud-.*-collabora"; then
         COLLABORA_HOST="$NC_DOMAIN"
     fi
-    set +x
+    if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
+        set +x
+    fi
     # Remove richdcoumentscode if it should be incorrectly installed
     if [ -d "/var/www/html/custom_apps/richdocumentscode" ]; then
         php /var/www/html/occ app:remove richdocumentscode
@@ -885,7 +909,9 @@ if [ "$TALK_ENABLED" = 'yes' ]; then
     if [ -z "$TURN_DOMAIN" ]; then
         TURN_DOMAIN="$TALK_HOST"
     fi
-    set +x
+    if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
+        set +x
+    fi
     if ! [ -d "/var/www/html/custom_apps/spreed" ]; then
         php /var/www/html/occ app:install spreed
     elif [ "$(php /var/www/html/occ config:app:get spreed enabled)" != "yes" ]; then

Containers/nextcloud/healthcheck.sh

@@ -1,5 +1,12 @@
+# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 # Set a default value for POSTGRES_PORT
 if [ -z "$POSTGRES_PORT" ]; then
     POSTGRES_PORT=5432

Containers/nextcloud/notify-all.sh

@@ -1,5 +1,12 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 if [[ "$EUID" = 0 ]]; then
     COMMAND=(sudo -E -u www-data php /var/www/html/occ)
 else

Containers/nextcloud/notify.sh

@@ -1,5 +1,12 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 if [[ "$EUID" = 0 ]]; then
     COMMAND=(sudo -E -u www-data php /var/www/html/occ)
 else

Containers/nextcloud/root.motd

@@ -1,3 +1,6 @@
+# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 Warning: You have logged in into the Nextcloud container as root user.
 See https://github.com/nextcloud/all-in-one#how-to-run-occ-commands if you want to run occ commands.
 Apart from that, you can use 'sudo -E -u www-data php occ <your-command>' in order to run occ commands.

Containers/nextcloud/run-exec-commands.sh

@@ -1,5 +1,12 @@
+# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 # Wait until the apache container is ready
 while ! nc -z "$APACHE_HOST" "$APACHE_PORT"; do
     echo "Waiting for $APACHE_HOST to become available..."

Containers/nextcloud/start.sh

@@ -1,5 +1,12 @@
+# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 #!/bin/bash
 
+if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
+    set -x
+fi
+
 # Set a default value for POSTGRES_PORT
 if [ -z "$POSTGRES_PORT" ]; then
     POSTGRES_PORT=5432
@@ -53,7 +60,9 @@ if ! [ -f "/dev-dri-group-was-added" ] && [ -n "$(find /dev -maxdepth 1 -mindept
     usermod -aG "$GROUP" www-data
     touch "/dev-dri-group-was-added"
 fi
-set +x
+if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
+    set +x
+fi
 
 # Check datadir permissions
 sudo -E -u www-data touch "$NEXTCLOUD_DATA_DIR/this-is-a-test-file" &>/dev/null
@@ -170,6 +179,8 @@ if [ "$THIS_IS_AIO" = "true" ] && [ "$APACHE_PORT" = 443 ]; then
     sed -i "/^listen.allowed_clients/s/,$//" /usr/local/etc/php-fpm.d/www.conf
     grep listen.allowed_clients /usr/local/etc/php-fpm.d/www.conf
 fi
-set +x
+if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
+    set +x
+fi
 
 exec "$@"