Merge pull request #167 from nextcloud/enh/28/add-docs-for-arm64

add docs for arm64

.github/workflows/dependency-updates.yml

@@ -0,0 +1,40 @@
+name: dependency-updates
+
+on:
+  schedule:
+  - cron:  '00 12 * * *'
+
+jobs:
+  dependency_updates:
+    name: Run dependency update script
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - uses: nanasess/setup-php@master
+      with:
+        php-version: '8.0'
+    - name: Run dependency update script
+      run: |
+        curl -sS https://getcomposer.org/installer | php
+        mv composer.phar /usr/local/bin/composer
+        chmod +x /usr/local/bin/composer
+        cd ./php
+        composer update
+        ALL_LINES="$(composer outdated | grep -v "psr/container")"
+        while [ -n "$ALL_LINES" ]; do
+          CURRENT_LINE="$(echo "$ALL_LINES" | head -1)"
+          composer require "$(echo "$CURRENT_LINE" | awk '{print $1}')" "^$(echo "$CURRENT_LINE" | awk '{print $4}')"
+          ALL_LINES="$(echo "$ALL_LINES" | sed '1d')"
+        done
+        echo "outdated dependencies:
+        $(composer outdated)"
+    - name: Create Pull Request
+      uses: peter-evans/create-pull-request@v3
+      with:
+        commit-message: dependency updates
+        signoff: true
+        title: Dependency updates
+        body: Automated dependency updates since dependabot does not support grouped updates
+        labels: dependencies, enhancement
+        milestone: next
+        branch: aio-dependency-update

.github/workflows/nextcloud-update.yml

@@ -72,3 +72,4 @@ jobs:
         body: Automated Nextcloud container update
         labels: dependencies, enhancement
         milestone: next
+        branch: nextcloud-container-update

Containers/apache/Dockerfile

@@ -17,10 +17,12 @@ RUN set -ex; \
         ca-certificates \
         openssl \
         netcat \
+        dpkg-dev \
     ; \
     rm -rf /var/lib/apt/lists/*
 
-RUN wget "https://caddyserver.com/api/download?os=linux&arch=amd64" -O "/usr/bin/caddy" \
+RUN set -ex; \
+    wget "https://caddyserver.com/api/download?os=linux&arch=$(dpkg-architecture --query DEB_BUILD_ARCH)" -O "/usr/bin/caddy" \
     && chmod +x /usr/bin/caddy \
     && /usr/bin/caddy version
 

Containers/mastercontainer/Dockerfile

@@ -19,10 +19,12 @@ RUN apt-get update; \
         supervisor \
         openssl \
         sudo \
+        dpkg-dev \
     ; \
     rm -rf /var/lib/apt/lists/*
 
-RUN curl "https://caddyserver.com/api/download?os=linux&arch=amd64" -o "/usr/bin/caddy" \
+RUN set -ex; \
+    curl "https://caddyserver.com/api/download?os=linux&arch=$(dpkg-architecture --query DEB_BUILD_ARCH)" -o "/usr/bin/caddy" \
     && chmod +x /usr/bin/caddy \
     && /usr/bin/caddy version
 
@@ -67,8 +69,7 @@ RUN rm /etc/apache2/ports.conf; \
 
 RUN a2dissite 000-default && \
     a2dissite default-ssl && \
-    a2ensite mastercontainer.conf && \
-    service apache2 restart
+    a2ensite mastercontainer.conf
 
 RUN mkdir /var/log/supervisord; \
     mkdir /var/run/supervisord;

Containers/mastercontainer/start.sh

@@ -35,10 +35,14 @@ elif ! sudo -u www-data test -r /var/run/docker.sock; then
 fi
 
 # Check if api version is supported
+if ! docker info &>/dev/null; then
+    echo "Cannot connect to the docker socket. Cannot proceed."
+    exit 1
+fi
 API_VERSION_FILE="$(find ./ -name DockerActionManager.php | head -1)"
 API_VERSION="$(grep -oP 'const API_VERSION.*\;' "$API_VERSION_FILE" | grep -oP [0-9]+.[0-9]+ | head -1)"
 API_VERSION_NUMB="$(echo "$API_VERSION" | sed 's/\.//')"
-LOCAL_API_VERSION_NUMB="$(curl -s --unix-socket /var/run/docker.sock http://"$API_VERSION"/version | sed 's/,/\n/g' | grep ApiVersion | grep -oP [0-9]+.[0-9]+ | head -1 | sed 's/\.//')"
+LOCAL_API_VERSION_NUMB="$(docker version | grep -i "api version" | grep -oP [0-9]+.[0-9]+ | head -1 | sed 's/\.//')"
 if [ -n "$LOCAL_API_VERSION_NUMB" ] && [ -n "$API_VERSION_NUMB" ]; then
     if ! [ "$LOCAL_API_VERSION_NUMB" -ge "$API_VERSION_NUMB" ]; then
         echo "Docker v$API_VERSION is not supported by your docker engine. Cannot proceed."

Containers/nextcloud/Dockerfile

@@ -58,7 +58,7 @@ RUN set -ex; \
 # pecl will claim success even if one install fails, so we need to perform each install separately
     pecl install APCu-5.1.21; \
     pecl install memcached-3.1.5; \
-    pecl install redis-5.3.5; \
+    pecl install redis-5.3.6; \
     pecl install imagick-3.7.0; \
     \
     docker-php-ext-enable \
@@ -214,6 +214,7 @@ RUN set -ex; \
         gnupg \
         dirmngr \
         git \
+        postgresql-client \
     ; \
     rm -rf /var/lib/apt/lists/*
 

Containers/nextcloud/entrypoint.sh

@@ -83,6 +83,7 @@ if ! [ -f "/mnt/ncdata/skip.update" ]; then
                     break
                 else
                     echo "Curl didn't produce a 200 status, is appstore reachable?"
+                    sleep 5
                 fi
             done
 

Containers/nextcloud/start.sh

@@ -11,4 +11,13 @@ if ! bash /entrypoint.sh; then
     exit 1
 fi
 
+# Correctly set CPU_ARCH for notify_push
+export CPU_ARCH="$(uname -m)"
+if [ -z "$CPU_ARCH" ]; then
+    echo "Could not get processor architecture. Exiting."
+    exit 1
+elif [ "$CPU_ARCH" != "x86_64" ]; then
+    export CPU_ARCH="aarch64"
+fi
+
 exec "$@"

Containers/nextcloud/supervisord.conf

@@ -27,4 +27,4 @@ stdout_logfile=/dev/stdout
 stdout_logfile_maxbytes=0
 stderr_logfile=/dev/stderr
 stderr_logfile_maxbytes=0
-command=/var/www/html/custom_apps/notify_push/bin/x86_64/notify_push /var/www/html/config/config.php --port 7867 --redis-url redis://:%(ENV_REDIS_HOST_PASSWORD)s@%(ENV_REDIS_HOST)s
+command=/var/www/html/custom_apps/notify_push/bin/%(ENV_CPU_ARCH)s/notify_push /var/www/html/config/config.php --port 7867 --redis-url redis://:%(ENV_REDIS_HOST_PASSWORD)s@%(ENV_REDIS_HOST)s

develop.md

@@ -14,27 +14,24 @@ nextcloud/all-in-one:develop
 And you are done :)
 It will now also select the developer channel for all other containers automatically.
 
+## How to build new containers
+
+Go to https://github.com/nextcloud-releases/all-in-one/actions/workflows/repo-sync.yml and run the workflow that will first sync the repo and then build new container that automatically get published to `develop` and `develop-arm64`.
+
 ## How to promote builds from develop to latest
 
-You can use the Docker CLI to promote builds from develop to latest. Make sure to adjust:
-
-- $name
-- $digest
-
-```shell
-export AIO_NAME=$name
-export AIO_DIGEST=$digest
-docker pull nextcloud/$AIO_NAME@sha256:$AIO_DIGEST
-docker tag nextcloud/$AIO_NAME@sha256:$AIO_DIGEST nextcloud/$AIO_NAME\:latest
-docker push nextcloud/$AIO_NAME\:latest
-```
-
 To automatically promoted the latest develop version you can use the following script:
 
 **WARNING:** Make sure to verify that the latest develop tag is what you really want to deploy since someone could have pushed to main and created a new container in between.
 ```shell
+# Set the name of the container that you want to promote from the develop- to the latest channels
 export AIO_NAME=$name
+# x64
 docker pull nextcloud/$AIO_NAME\:develop
 docker tag nextcloud/$AIO_NAME\:develop nextcloud/$AIO_NAME\:latest
 docker push nextcloud/$AIO_NAME\:latest
+# arm64 
+docker pull nextcloud/$AIO_NAME\:develop-arm64
+docker tag nextcloud/$AIO_NAME\:develop-arm64 nextcloud/$AIO_NAME\:latest-arm64
+docker push nextcloud/$AIO_NAME\:latest-arm64
 ```

docker-compose.yml

@@ -1,4 +1,4 @@
-version: "3.1"
+version: "3.8"
 
 volumes:
   nextcloud_aio_mastercontainer:

migration.md

@@ -6,7 +6,7 @@ There are basically two ways how to migrate from an already existing Nextcloud i
 1. Migrate the files and the database which is much more complicated
 
 ### Migrate only the files 
-**Please note**: If you used groupfolders before, you will need to restore the database, as well!
+**Please note**: If you used groupfolders or encrypted your files before, you will need to restore the database, as well!
 
 The procedure for migrating only the files works like this:
 1. Take a backup of your former instance (especially from your datadirectory)
@@ -20,7 +20,7 @@ The procedure for migrating only the files works like this:
 
 ### Migrate the files and the database
 **Please note**: this is much more complicated than migrating only the files and also not as failproof so be warned!<br>
-Also, some special apps that e.g. implement custom user backends like the `user_sql` app will most likely not work in Nextcloud AIO. Additionally, you will currently not be able to use local external storage in Nextcloud AIO since that is not supported, yet. See https://github.com/nextcloud/all-in-one/issues/76
+Also, you will currently not be able to use local external storage in Nextcloud AIO since that is not supported, yet. See https://github.com/nextcloud/all-in-one/issues/76
 
 The procedure for migrating the files and the database works like this:
 1. Make sure that your old instance is on exactly the same version like the version used in Nextcloud AIO. (e.g. 23.0.0) If not, simply upgrade your former installation to that version or wait until the version used in Nextcloud AIO got updated to the same version of your former installation or the other way around.
@@ -37,7 +37,7 @@ The procedure for migrating the files and the database works like this:
         export PG_DATABASE="nextcloud_db"
         sudo -u postgres psql <<END
         CREATE USER $PG_USER WITH PASSWORD '$PGDB_PASS';
-        CREATE DATABASE $PG_DATABASE WITH OWNER $NCUSER TEMPLATE template0 ENCODING 'UTF8';
+        CREATE DATABASE $PG_DATABASE WITH OWNER $PG_USER TEMPLATE template0 ENCODING 'UTF8';
         END
         ```
     1. Run the following command to start the conversion:

php/composer.json

@@ -5,6 +5,7 @@
         }
     },
     "require": {
+        "php": "^8.0",
         "ext-json": "*",
         "ext-sodium": "*",
         "ext-curl": "*",

php/public/index.php

@@ -89,9 +89,13 @@ $app->get('/containers', function ($request, $response, $args) use ($container)
         'last_backup_time' => $configurationManager->GetLastBackupTime(),
     ]);
 })->setName('profile');
-$app->get('/login', function ($request, $response, $args) {
+$app->get('/login', function ($request, $response, $args) use ($container) {
     $view = Twig::fromRequest($request);
-    return $view->render($response, 'login.twig');
+    /** @var \AIO\Docker\DockerActionManager $dockerActionManger */
+    $dockerActionManger = $container->get(\AIO\Docker\DockerActionManager::class);
+    return $view->render($response, 'login.twig', [
+        'is_login_allowed' => $dockerActionManger->isLoginAllowed(),
+    ]);
 });
 $app->get('/setup', function ($request, $response, $args) use ($container) {
     $view = Twig::fromRequest($request);

php/src/Controller/LoginController.php

@@ -12,12 +12,17 @@ use Psr\Http\Message\ServerRequestInterface as Request;
 class LoginController
 {
     private AuthManager $authManager;
+    private DockerActionManager $dockerActionManager;
 
-    public function __construct(AuthManager $authManager) {
+    public function __construct(AuthManager $authManager, DockerActionManager $dockerActionManager) {
         $this->authManager = $authManager;
+        $this->dockerActionManager = $dockerActionManager;
     }
 
     public function TryLogin(Request $request, Response $response, $args) : Response {
+        if (!$this->dockerActionManager->isLoginAllowed()) {
+            return $response->withHeader('Location', '/')->withStatus(302);
+        }
         $password = $request->getParsedBody()['password'];
         if($this->authManager->CheckCredentials($password)) {
             $this->authManager->SetAuthState(true);

php/src/Data/ConfigurationManager.php

@@ -172,14 +172,18 @@ class ConfigurationManager
 
         $isValidPath = false;
         foreach($allowedPrefixes as $allowedPrefix) {
-            if(str_starts_with($location, $allowedPrefix)) {
+            if(str_starts_with($location, $allowedPrefix) && !str_ends_with($location, '/')) {
+                $isValidPath = true;
+                break;
+            }
+            if ($location === '/var/backups') {
                 $isValidPath = true;
                 break;
             }
         }
 
         if(!$isValidPath) {
-            throw new InvalidSettingConfigurationException("Path must start with /mnt/ or /media/.");
+            throw new InvalidSettingConfigurationException("The path must start with '/mnt/' or '/media/' or be equal to '/var/backups'.");
         }
 
 

php/src/Docker/DockerActionManager.php

@@ -11,8 +11,7 @@ use AIO\Container\State\VersionDifferentState;
 use AIO\Container\State\StoppedState;
 use AIO\Container\State\VersionEqualState;
 use AIO\Data\ConfigurationManager;
-use GuzzleHttp\Exception\ClientException;
-use GuzzleHttp\Exception\ServerException;
+use GuzzleHttp\Exception\RequestException;
 use AIO\ContainerDefinitionFetcher;
 use http\Env\Response;
 
@@ -47,12 +46,7 @@ class DockerActionManager
     }
 
     private function BuildImageName(Container $container) : string {
-        $channel = $this->GetCurrentChannel();
-        if ($channel === 'develop') {
-            return $container->GetContainerName() . ':develop';
-        } else {
-            return $container->GetContainerName() . ':latest';
-        }
+        return $container->GetContainerName() . ':' . $this->GetCurrentChannel();
     }
 
     public function GetContainerRunningState(Container $container) : IContainerState
@@ -60,12 +54,11 @@ class DockerActionManager
         $url = $this->BuildApiUrl(sprintf('containers/%s/json', urlencode($container->GetIdentifier())));
         try {
             $response = $this->guzzleClient->get($url);
-        } catch (ClientException $ex) {
-            if($ex->getCode() === 404) {
+        } catch (RequestException $e) {
+            if ($e->getCode() === 404) {
                 return new ImageDoesNotExistState();
             }
-
-            throw $ex;
+            throw $e;
         }
 
         $responseBody = json_decode((string)$response->getBody(), true);
@@ -79,12 +72,7 @@ class DockerActionManager
 
     public function GetContainerUpdateState(Container $container) : IContainerState
     {
-        $channel = $this->GetCurrentChannel();
-        if ($channel === 'develop') {
-            $tag = 'develop';
-        } else {
-            $tag = 'latest';
-        }
+        $tag = $this->GetCurrentChannel();
 
         $runningDigest = $this->GetRepoDigestOfContainer($container->GetIdentifier());
         $remoteDigest = $this->dockerHubManager->GetLatestDigestOfTag($container->GetContainerName(), $tag);
@@ -122,10 +110,10 @@ class DockerActionManager
     }
 
     public function DeleteContainer(Container $container) {
-        $url = $this->BuildApiUrl(sprintf('containers/%s', urlencode($container->GetIdentifier())));
+        $url = $this->BuildApiUrl(sprintf('containers/%s?v=true', urlencode($container->GetIdentifier())));
         try {
             $this->guzzleClient->delete($url);
-        } catch (\GuzzleHttp\Exception\RequestException $e) {
+        } catch (RequestException $e) {
             if ($e->getCode() !== 404) {
                 throw $e;
             }
@@ -272,8 +260,8 @@ class DockerActionManager
         $url = $this->BuildApiUrl(sprintf('images/create?fromImage=%s', urlencode($this->BuildImageName($container))));
         try {
             $this->guzzleClient->post($url);
-        } catch (ClientException $ex) {
-            throw $ex;
+        } catch (RequestException $e) {
+            throw $e;
         }
     }
 
@@ -339,7 +327,7 @@ class DockerActionManager
             $tag = $tagArray[1];
             apcu_add($cacheKey, $tag);
             return $tag;
-        } catch (\Exception $ex) {
+        } catch (\Exception $e) {
         }
 
         return 'latest';
@@ -350,12 +338,7 @@ class DockerActionManager
         $imageName = 'nextcloud/all-in-one';
         $containerName = 'nextcloud-aio-mastercontainer';
 
-        $channel = $this->GetCurrentChannel();
-        if ($channel === 'develop') {
-            $tag = 'develop';
-        } else {
-            $tag = 'latest';
-        }
+        $tag = $this->GetCurrentChannel();
 
         $runningDigest = $this->GetRepoDigestOfContainer($containerName);
         $remoteDigest = $this->dockerHubManager->GetLatestDigestOfTag($imageName, $tag);
@@ -430,7 +413,8 @@ class DockerActionManager
                     ],
                 ]
             );
-        } catch (\GuzzleHttp\Exception\RequestException $e) {}
+        } catch (RequestException $e) {
+        }
     }
 
     private function ConnectContainerIdToNetwork(string $id)
@@ -448,8 +432,9 @@ class DockerActionManager
                     ]
                 ]
             );
-        } catch (ClientException $e) {
-            if($e->getCode() !== 409) {
+        } catch (RequestException $e) {
+            // 409 is undocumented and gets thrown if the network already exists.
+            if ($e->getCode() !== 409) {
                 throw $e;
             }
         }
@@ -467,8 +452,9 @@ class DockerActionManager
                     ]
                 ]
             );
-        } catch (ClientException $e) {
-            if($e->getCode() !== 403) {
+        } catch (RequestException $e) {
+            // 403 is undocumented and gets thrown if a specific container is already part of a network
+            if ($e->getCode() !== 403) {
                 throw $e;
             }
         }
@@ -488,7 +474,7 @@ class DockerActionManager
         $url = $this->BuildApiUrl(sprintf('containers/%s/stop?t=%s', urlencode($container->GetIdentifier()), $container->GetMaxShutdownTime()));
         try {
             $this->guzzleClient->post($url);
-        } catch (\GuzzleHttp\Exception\RequestException $e) {
+        } catch (RequestException $e) {
             if ($e->getCode() !== 404 && $e->getCode() !== 304) {
                 throw $e;
             }
@@ -501,11 +487,11 @@ class DockerActionManager
         $url = $this->BuildApiUrl(sprintf('containers/%s/json', urlencode($containerName)));
         try {
             $response = $this->guzzleClient->get($url);
-        } catch (ClientException $ex) {
-            if ($ex->getCode() === 404) {
+        } catch (RequestException $e) {
+            if ($e->getCode() === 404) {
                 return -1;
             }
-            throw $ex;
+            throw $e;
         }
 
         $responseBody = json_decode((string)$response->getBody(), true);
@@ -517,4 +503,13 @@ class DockerActionManager
             return -1;
         }
     }
+
+    public function isLoginAllowed() : bool {
+        $id = 'nextcloud-aio-apache';
+        $apacheContainer = $this->containerDefinitionFetcher->GetContainerById($id);
+        if ($this->GetContainerStartingState($apacheContainer) instanceof RunningState) {
+            return false;
+        }
+        return true;
+    }
 }

php/templates/containers.twig

@@ -16,7 +16,7 @@
     </header>
 
     <div class="content">
-        <h1>Nextcloud AIO Beta v0.1.0</h1>
+        <h1>Nextcloud AIO Beta v0.2.0</h1>
         This is beta software and not production ready.<br><br>
 
         {% set isAnyRunning = false %}
@@ -167,7 +167,7 @@
                             <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
                             <input class="button" type="submit" value="Submit" />
                         </form>
-                        The folder path that you enter must start with /mnt/ or /media/ so e.g. /mnt/backup
+                        The folder path that you enter must start with <b>/mnt/</b> or <b>/media/</b> or be equal to <b>/var/backups</b>. So e.g. <b>/mnt/backup</b> or <b>/var/backups</b>
                     {% endif %}
 
                     {% if borg_backup_host_location != "" %}

php/templates/login.twig

@@ -5,13 +5,18 @@
         <div class="login">
             <img src="/img/logo-blue.svg" style="margin-left: auto;margin-right: auto;display: block;">
             <h1>Nextcloud AIO Login</h1>
-            <p>Log in using your Nextcloud AIO password. If you don't have it, you can also use the automatic login from your Nextcloud.</p>
-            <form method="POST" action="/api/auth/login">
-                <input type="text" name="password" placeholder="Password" />
-                <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
-                <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
-                <input type="submit" class="button" value="Login" />
-            </form>
+            {% if is_login_allowed == true %}
+                <p>Log in using your Nextcloud AIO password.</p>
+                <form method="POST" action="/api/auth/login">
+                    <input type="text" name="password" placeholder="Password" />
+                    <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
+                    <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
+                    <input type="submit" class="button" value="Login" />
+                </form>
+            {% else %}
+                <p>The login is blocked since Nextcloud is running. Please use the automatic login from your Nextcloud.<br><br>
+                You can unblock the login by running 'sudo docker stop nextcloud-aio-apache'.</p>
+            {% endif %}
         </div>
     </div>
 {% endblock %}

readme.md

@@ -15,29 +15,56 @@ Included are:
 **Found a bug?** Please file an issue at https://github.com/nextcloud/all-in-one
 
 ## How to use this?
-1. Install Docker on your Linux installations using:
-
-```
-curl -fsSL get.docker.com | sudo sh
-```
+1. Install Docker on your Linux installation using:
+    ```
+    curl -fsSL get.docker.com | sudo sh
+    ```
 2. Make sure to pull the latest image:
+    ```
+    # For x64 CPUs:
+    sudo docker pull nextcloud/all-in-one:latest
+    ```
+    <details>
+    <summary>Command for arm64 CPUs like the Raspberry Pi 4</summary>
+
+    ```
+    # For arm64 CPUs:
+    sudo docker pull nextcloud/all-in-one:latest-arm64
+    ```
+
+    </details>
 
-```
-sudo docker pull nextcloud/all-in-one:latest
-```
 3. Run the following command in order to start the container:
+    ```
+    # For x64 CPUs:
+    sudo docker run -it \
+    --name nextcloud-aio-mastercontainer \
+    --restart always \
+    -p 80:80 \
+    -p 8080:8080 \
+    -p 8443:8443 \
+    --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \
+    --volume /var/run/docker.sock:/var/run/docker.sock:ro \
+    nextcloud/all-in-one:latest
+    ```
+    <details>
+    <summary>Command for arm64 CPUs like the Raspberry Pi 4</summary>
+
+    ```
+    # For arm64 CPUs:
+    sudo docker run -it \
+    --name nextcloud-aio-mastercontainer \
+    --restart always \
+    -p 80:80 \
+    -p 8080:8080 \
+    -p 8443:8443 \
+    --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \
+    --volume /var/run/docker.sock:/var/run/docker.sock:ro \
+    nextcloud/all-in-one:latest-arm64
+    ```
+
+    </details>
 
-```
-sudo docker run -it \
---name nextcloud-aio-mastercontainer \
---restart always \
--p 80:80 \
--p 8080:8080 \
--p 8443:8443 \
---volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \
---volume /var/run/docker.sock:/var/run/docker.sock:ro \
-nextcloud/all-in-one:latest
-```
 4. After the initial startup, you should be able to open the Nextcloud AIO Interface now on port 8080 of this server.<br>
 E.g. https://internal.ip.of.this.server:8080<br>
 If your server has port 80 and 8443 open and you point a domain to your server, you can get a valid certificate automatially by opening the Nextcloud AIO Interface via:<br>
@@ -104,5 +131,11 @@ You can move the whole docker library and all its files including all Nextcloud
 ### How to edit Nextclouds config.php file with a texteditor?
 You can edit Nextclouds config.php file directly from the host with your favorite text editor. E.g. like this: `sudo nano /var/lib/docker/volumes/nextcloud_aio_nextcloud/_data/config/config.php`. Make sure to not break the file though which might corrupt your Nextcloud instance otherwise. In best case, create a backup using the built-in backup solution before editing the file.
 
+### LDAP
+It is possible to connect to an existing LDAP server. You need to make sure that the LDAP server is reachable from the Nextcloud container. Then you can enable the LDAP app and configure LDAP in Nextcloud manually. If you don't have a LDAP server yet, recommended is to use this docker container: https://hub.docker.com/r/osixia/openldap/. Make sure here as well that Nextcloud can talk to the LDAP server. The easiest way is by adding the LDAP docker container to the docker network `nextcloud-aio`. Then you can connect to the LDAP container by its name from the Nextcloud container. **Pro-tip**: You will probably find this app useful: https://apps.nextcloud.com/apps/ldap_write_support
+
+### USER_SQL
+If you want to use the user_sql app, the easiest way is to create an additional database container and add it to the docker network `nextcloud-aio`. Then the Nextcloud container should be able to talk to the database container using its name.
+
 ### How to migrate from an already existing Nextcloud installation to Nextcloud AIO?
 Please see the following documentation on this: [migration.md](https://github.com/nextcloud/all-in-one/blob/main/migration.md)