Merge pull request #255 from nextcloud/enh/76/add-docs

add some docs on how to allow the Nextcloud container to access direc…

.github/dependabot.yml

@@ -10,7 +10,97 @@ updates:
   - 3. to review
   - dependencies
 - package-ecosystem: "docker"
-  directory: "/Containers/"
+  directory: "/Containers/apache"
+  schedule:
+    interval: "daily"
+    time: "12:00"
+  open-pull-requests-limit: 10
+  labels:
+  - 3. to review
+  - dependencies
+- package-ecosystem: "docker"
+  directory: "/Containers/borgbackup"
+  schedule:
+    interval: "daily"
+    time: "12:00"
+  open-pull-requests-limit: 10
+  labels:
+  - 3. to review
+  - dependencies
+- package-ecosystem: "docker"
+  directory: "/Containers/collabora"
+  schedule:
+    interval: "daily"
+    time: "12:00"
+  open-pull-requests-limit: 10
+  labels:
+  - 3. to review
+  - dependencies
+- package-ecosystem: "docker"
+  directory: "/Containers/domaincheck"
+  schedule:
+    interval: "daily"
+    time: "12:00"
+  open-pull-requests-limit: 10
+  labels:
+  - 3. to review
+  - dependencies
+- package-ecosystem: "docker"
+  directory: "/Containers/mastercontainer"
+  schedule:
+    interval: "daily"
+    time: "12:00"
+  ignore:
+    - dependency-name: "php"
+      update-types: ["version-update:semver-major", "version-update:semver-minor"]
+  open-pull-requests-limit: 10
+  labels:
+  - 3. to review
+  - dependencies
+- package-ecosystem: "docker"
+  directory: "/Containers/nextcloud"
+  schedule:
+    interval: "daily"
+    time: "12:00"
+  ignore:
+    - dependency-name: "php"
+      update-types: ["version-update:semver-major", "version-update:semver-minor"]
+  open-pull-requests-limit: 10
+  labels:
+  - 3. to review
+  - dependencies
+- package-ecosystem: "docker"
+  directory: "/Containers/postgresql"
+  schedule:
+    interval: "daily"
+    time: "12:00"
+  ignore:
+    - dependency-name: "postgres"
+      update-types: ["version-update:semver-major"]
+  open-pull-requests-limit: 10
+  labels:
+  - 3. to review
+  - dependencies
+- package-ecosystem: "docker"
+  directory: "/Containers/redis"
+  schedule:
+    interval: "daily"
+    time: "12:00"
+  open-pull-requests-limit: 10
+  labels:
+  - 3. to review
+  - dependencies
+- package-ecosystem: "docker"
+  directory: "/Containers/talk"
+  schedule:
+    interval: "daily"
+    time: "12:00"
+  open-pull-requests-limit: 10
+  labels:
+  - 3. to review
+  - dependencies
+- package-ecosystem: "docker"
+  directory: "/Containers/watchtower"
   schedule:
     interval: "daily"
     time: "12:00"

Containers/collabora/Dockerfile

@@ -1,2 +1,2 @@
 # From a file located probably somewhere here: https://github.com/CollaboraOnline/online/tree/master/docker
-FROM collabora/code:21.11.1.4.1
+FROM collabora/code:21.11.2.2.1

Containers/mastercontainer/Dockerfile

@@ -2,7 +2,7 @@
 FROM docker:20.10.12-dind-alpine3.15 as dind
 
 # From https://github.com/docker-library/php/blob/master/8.0/bullseye/apache/Dockerfile
-FROM php:8.0.15-apache-bullseye
+FROM php:8.0.16-apache-bullseye
 
 EXPOSE 80
 EXPOSE 8080

Containers/mastercontainer/start.sh

@@ -54,6 +54,21 @@ else
     sleep 10
 fi
 
+# Check for other options
+if [ -n "$NEXTCLOUD_MOUNT" ]; then
+    if ! echo "$NEXTCLOUD_MOUNT" | grep -q "^/mnt/" \
+    && ! echo "$NEXTCLOUD_MOUNT" | grep -q "^/media/" \
+    && ! echo "$NEXTCLOUD_MOUNT" | grep -q "^/var/backups$"
+    then
+        echo "You've set NEXCLOUD_MOUNT but not to an allowed value.
+The string must be equal to/start with '/mnt/' or '/media/' or be equal to '/var/backups'."
+        exit 1
+    elif [ "$NEXTCLOUD_MOUNT" = "/mnt/ncdata" ] || echo "$NEXTCLOUD_MOUNT" | grep -q "^/mnt/ncdata/"; then
+        echo "/mnt/ncdata and /mnt/ncdata/ are not allowed for NEXTCLOUD_MOUNT."
+        exit 1
+    fi
+fi
+
 # Add important folders
 mkdir -p /mnt/docker-aio-config/data/
 mkdir -p /mnt/docker-aio-config/session/

Containers/nextcloud/Dockerfile

@@ -1,5 +1,5 @@
 # From https://github.com/nextcloud/docker/blob/master/23/fpm-alpine/Dockerfile
-FROM php:8.0.15-fpm-alpine3.15
+FROM php:8.0.16-fpm-alpine3.15
 
 # Custom: change id of www-data user as it needs to be the same like on old installations
 RUN set -ex; \

Containers/nextcloud/config/reverse-proxy.config.php

@@ -18,8 +18,3 @@ $overwriteCondAddr = getenv('OVERWRITECONDADDR');
 if ($overwriteCondAddr) {
   $CONFIG['overwritecondaddr'] = $overwriteCondAddr;
 }
-
-$trustedProxies = getenv('TRUSTED_PROXIES');
-if ($trustedProxies) {
-  $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies)));
-}

Containers/nextcloud/entrypoint.sh

@@ -250,6 +250,7 @@ elif [ "$(php /var/www/html/occ config:app:get notify_push enabled)" = "no" ]; t
 else
     php /var/www/html/occ app:update notify_push
 fi
+php /var/www/html/occ config:system:set trusted_proxies 0 --value="127.0.0.1"
 php /var/www/html/occ config:app:set notify_push base_endpoint --value="https://$NC_DOMAIN/push"
 
 # Collabora

Containers/postgresql/Dockerfile

@@ -1,7 +1,7 @@
 # From https://github.com/docker-library/postgres/blob/master/13/alpine/Dockerfile
-FROM postgres:13.5-alpine3.15
+FROM postgres:13.6-alpine3.15
 
-RUN apk add --update --no-cache bash openssl shadow
+RUN apk add --update --no-cache bash openssl shadow netcat-openbsd
 
 # We need to use the same gid and uid as on old installations
 RUN set -ex; \

Containers/postgresql/start.sh

@@ -58,8 +58,11 @@ if ( [ -f "$DATADIR/PG_VERSION" ] && [ "$PG_MAJOR" != "$(cat "$DATADIR/PG_VERSIO
     # Create new database
     exec docker-entrypoint.sh postgres &
 
-    # Wait 10s for creation
-    sleep 10s
+    # Wait for creation
+    while ! nc -z localhost 11000; do
+        echo "Waiting for the database to start."
+        sleep 5
+    done
 
     # Set correct permissions
     if grep -q "Owner: oc_admin" "$DUMP_FILE" && ! grep -q "Owner: oc_$POSTGRES_USER" "$DUMP_FILE"; then

php/composer.lock

@@ -157,12 +157,12 @@
                 }
             },
             "autoload": {
-                "psr-4": {
-                    "GuzzleHttp\\Promise\\": "src/"
-                },
                 "files": [
                     "src/functions_include.php"
-                ]
+                ],
+                "psr-4": {
+                    "GuzzleHttp\\Promise\\": "src/"
+                }
             },
             "notification-url": "https://packagist.org/downloads/",
             "license": [

php/containers.json

@@ -98,6 +98,11 @@
           "name": "nextcloud_aio_nextcloud_data",
           "location": "/mnt/ncdata",
           "writeable": true
+        },
+        {
+          "name": "%NEXTCLOUD_MOUNT%",
+          "location": "%NEXTCLOUD_MOUNT%",
+          "writeable": true
         }
       ],
       "environmentVariables": [
@@ -114,7 +119,6 @@
         "NEXTCLOUD_DATA_DIR=/mnt/ncdata",
         "OVERWRITEHOST=%NC_DOMAIN%",
         "OVERWRITEPROTOCOL=https",
-        "TRUSTED_PROXIES=127.0.0.1",
         "TURN_SECRET=%TURN_SECRET%",
         "SIGNALING_SECRET=%SIGNALING_SECRET%",
         "AIO_URL=%AIO_URL%"

php/src/ContainerDefinitionFetcher.php

@@ -67,6 +67,18 @@ class ContainerDefinitionFetcher
                         continue;
                     }
                 }
+                if($value['name'] === '%NEXTCLOUD_MOUNT%') {
+                    $value['name'] = $this->configurationManager->GetNextcloudMount();
+                    if($value['name'] === '') {
+                        continue;
+                    }
+                }
+                if($value['location'] === '%NEXTCLOUD_MOUNT%') {
+                    $value['location'] = $this->configurationManager->GetNextcloudMount();
+                    if($value['location'] === '') {
+                        continue;
+                    }
+                }
                 $volumes->AddVolume(
                     new ContainerVolume(
                         $value['name'],

php/src/Controller/DockerController.php

@@ -133,7 +133,8 @@ class DockerController
             $this->PerformRecursiveContainerStop($dependency);
         }
 
-        $this->dockerActionManager->DisconnectContainerFromNetwork($container);
+        // Disconnecting is not needed. This also allows to start the containers manually via docker-cli
+        //$this->dockerActionManager->DisconnectContainerFromNetwork($container);
         $this->dockerActionManager->StopContainer($container);
     }
 

php/src/Data/ConfigurationManager.php

@@ -126,6 +126,11 @@ class ConfigurationManager
             throw new InvalidSettingConfigurationException("Domain is not in a valid format!");
         }
 
+        // Validate that it is not an IP-address
+        if(filter_var($domain, FILTER_VALIDATE_IP)) {
+            throw new InvalidSettingConfigurationException("Please enter a domain and not an IP-address!");
+        }
+
         $dnsRecordIP = gethostbyname($domain);
 
         // Validate IP
@@ -254,4 +259,27 @@ class ConfigurationManager
 
         return $config['backup-mode'];
     }
+
+    public function GetNextcloudMount() : string {
+        $mount = getenv('NEXTCLOUD_MOUNT');
+        if ($mount === false) {
+            $config = $this->GetConfig();
+            if (!isset($config['nextcloud_mount'])) {
+                $config['nextcloud_mount'] = '';
+            }
+            return $config['nextcloud_mount'];
+        } else {
+            if(file_exists(DataConst::GetConfigFile())) {
+                $config = $this->GetConfig();
+                if (!isset($config['nextcloud_mount'])) {
+                    $config['nextcloud_mount'] = '';
+                }
+                if ($mount !== $config['nextcloud_mount']) {
+                    $config['nextcloud_mount'] = $mount;
+                    $this->WriteConfig($config);
+                }
+            }
+            return $mount;
+        }
+    }
 }

php/templates/containers.twig

@@ -16,7 +16,7 @@
     </header>
 
     <div class="content">
-        <h1>Nextcloud AIO Beta v0.4.0</h1>
+        <h1>Nextcloud AIO Beta v0.5.0</h1>
         This is beta software and not production ready.<br><br>
 
         {% set isAnyRunning = false %}
@@ -48,19 +48,29 @@
         {% endfor %}
 
         {% if isWatchtowerRunning == true %}
-            Mastercontainer updpate currently running. It will restart the mastercontainer soon which will make it unavailable for a moment. Please wait until thats done.<br /><br />
+            Mastercontainer update currently running. It will restart the mastercontainer soon which will make it unavailable for a moment. Please wait until that's done.<br /><br />
             <a href="" class="button reload">Reload ↻</a><br/>
         {% else %}
             {% if isBackupOrRestoreRunning == false and domain == "" %}
-                Please type in the domain that will be used for Nextcloud:<br><br />
-                <form method="POST" action="/api/configuration" class="xhr">
-                    <input type="text" name="domain" value="{{ domain }}" placeholder="nextcloud.yourdomain.com"/>
-                    <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
-                    <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
-                    <input class="button" type="submit" value="Submit" />
-                </form>
-                Make sure that this server is reachable on Port 443 and you've correctly set up the DNS config for the domain that you enter. <br><br>
-                If you have a dynamic IP-address, you can use e.g. <a href="https://ddclient.net/">DDclient</a> with a compatible domain provider for DNS updates. 
+                {% if is_mastercontainer_update_available == true %}
+                    <h2>Mastercontainer update</h2>
+                    ⚠ A mastercontainer update is available. Please click on the button below to update it. Afterwards, you will be able to proceed with the setup.<br><br>
+                    <form method="POST" action="/api/docker/watchtower" class="xhr">
+                        <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
+                        <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
+                        <input class="button" type="submit" value="Update mastercontainer" />
+                    </form>
+                {% else %}
+                    Please type in the domain that will be used for Nextcloud:<br><br />
+                    <form method="POST" action="/api/configuration" class="xhr">
+                        <input type="text" name="domain" value="{{ domain }}" placeholder="nextcloud.yourdomain.com"/>
+                        <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
+                        <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
+                        <input class="button" type="submit" value="Submit" />
+                    </form>
+                    Make sure that this server is reachable on Port 443 and you've correctly set up the DNS config for the domain that you enter. <br><br>
+                    If you have a dynamic IP-address, you can use e.g. <a href="https://ddclient.net/">DDclient</a> with a compatible domain provider for DNS updates. 
+                {% endif %}
             {% endif %}
 
             {% if domain != "" %}
@@ -99,18 +109,21 @@
                     </ul>
 
                     {% if has_update_available == true %}
-                        ⚠ Container updates are available. Click on `Stop Containers` and `Start Containers` to update them. You should consider creating a backup first. The mastercontainer gets updated with a different procedure though and has its own update button which is visible if an update is available.<br><br>
+                        {% if is_mastercontainer_update_available == false %}
+                            ⚠ Container updates are available. Click on `Stop Containers` and `Start Containers` to update them. You should consider creating a backup first.<br><br>
+                        {% endif %}
                     {% else %}
                         {% if is_mastercontainer_update_available == false %}
                             Your containers are up-to-date.<br><br>
-                        {% else %}
-                            Your containers are up-to-date. (Except the mastercontainer. See the section below.)<br><br>
                         {% endif %}
                     {% endif %}
                 {% endif %}
 
                 {% if isAnyRunning == true %}
                     {% if isApacheStarting != true %}
+                        {% if is_mastercontainer_update_available == true %}
+                            ⚠ A mastercontainer update is available. Please click on the button below to stop your containers in order to be able to update the mastercontainer.<br /><br />
+                        {% endif %}
                         <form method="POST" action="/api/docker/stop" class="xhr">
                             <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
                             <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
@@ -126,18 +139,22 @@
                         {% if was_start_button_clicked == false %}
                             Clicking on the button below will download all docker containers and start them. This can take a lot of time depending on your internect connection. Since the overall size is a few GB, this will take around 5-10 min or more. So be aware and patient!<br><br>
                         {% endif %}
-                        {% if was_start_button_clicked == false or has_update_available == false %}
-                            <form method="POST" action="/api/docker/start" class="xhr">
-                                <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
-                                <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
-                                <input class="button" type="submit" value="Start containers" />
-                            </form>
+                        {% if is_mastercontainer_update_available == true %}
+                            ⚠ Please update your mastercontainer. Afterwards, you will be able to start your containers again.<br><br>
                         {% else %}
-                            <form method="POST" action="/api/docker/start" class="xhr">
-                                <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
-                                <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
-                                <input class="button " type="submit" value="Start and update containers" onclick="return confirm('Start and update containers? You should consider creating a backup first.')" />
-                            </form>
+                            {% if was_start_button_clicked == false or has_update_available == false %}
+                                <form method="POST" action="/api/docker/start" class="xhr">
+                                    <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
+                                    <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
+                                    <input class="button" type="submit" value="Start containers" />
+                                </form>
+                            {% else %}
+                                <form method="POST" action="/api/docker/start" class="xhr">
+                                    <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
+                                    <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
+                                    <input class="button " type="submit" value="Start and update containers" onclick="return confirm('Start and update containers? You should consider creating a backup first.')" />
+                                </form>
+                            {% endif %}
                         {% endif %}
                     {% endif %}
                 {% endif %}
@@ -145,13 +162,16 @@
                 {% if is_mastercontainer_update_available == true %}
                     {% if isBackupOrRestoreRunning == false %}
                         <h2>Mastercontainer update</h2>
-
-                        ⚠ A mastercontainer update is available. Please click on the button below to update it. All other containers get updated independently from the mastercontainer by simply clicking on `Stop containers` and clicking on `Start containers` if a new update is available.<br><br>
-                        <form method="POST" action="/api/docker/watchtower" class="xhr">
-                            <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
-                            <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
-                            <input class="button" type="submit" value="Update mastercontainer" />
-                        </form>
+                        {% if isAnyRunning == false %}
+                            ⚠ A mastercontainer update is available. Please click on the button below to update it.<br><br>
+                            <form method="POST" action="/api/docker/watchtower" class="xhr">
+                                <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
+                                <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
+                                <input class="button" type="submit" value="Update mastercontainer" />
+                            </form>
+                        {% else %}
+                            ⚠ A mastercontainer update is available. Please stop your containers in order to be able to update the mastercontainer.
+                        {% endif %}
                     {% endif %}
                 {% endif %}
 

readme.md

@@ -81,14 +81,14 @@ You might investigate yourself though how it could made work behind reverse prox
 ### Which ports are mandatory to be open?
 Only those (if you acces the Mastercontainer Interface internally via port 8080):
 - `443/TCP` for the Nextcloud container
-- `3478/TCP` and `3478/UPD` for the Talk container
+- `3478/TCP` and `3478/UDP` for the Talk container
 
 ### Explanation of used ports:
 - `8080/TCP`: Mastercontainer Interface with self-signed certificate (works always, also if only access via IP-address is possible, e.g. `https://internal.ip.address:8080/`)
 - `80/TCP`: redirects to Nextcloud (is used for getting the certificate via ACME http-challenge for the Mastercontainer)
 - `8443/TCP`: Mastercontainer Interface with valid certificate (only works if port 80 and 8443 are open and you point a domain to your server. It generates a valid certificate then automatically and access via e.g. `https://public.domain.com:8443/` is possible.)
 - `443/TCP`: will be used by the Nextcloud container later on and needs to be open
-- `3478/TCP` and `3478/UPD`: will be used by the Turnserver inside the Talk container and needs to be open
+- `3478/TCP` and `3478/UDP`: will be used by the Turnserver inside the Talk container and needs to be open
 
 ### How to run `occ` commands?
 Simply run the following: `sudo docker exec -it nextcloud-aio-nextcloud php occ your-command`. Of course `your-command` needs to be exchanged with the command that you want to run.
@@ -113,11 +113,34 @@ It is recommended to create a backup before any container update. By doing this,
 
 If you connect an external drive to your host, and choose the backup directory to be on that drive, you are also kind of save against drive failures of the drive where the docker volumes are stored on. 
 
-Backups can be created and restored in the AIO interface using the buttons `Create Backup` and `Restore last backup`. Additionally, a backup check is provided that checks the integrity of your backups but it shouldn't be needed in most situations. 
+Backups can be created and restored in the AIO interface using the buttons `Create Backup` and `Restore selected backup`. Additionally, a backup check is provided that checks the integrity of your backups but it shouldn't be needed in most situations. 
 
 The backups itself get encrypted with an encryption key that gets shown to you in the AIO interface. Please save that at a safe place as you will not be able to restore from backup without this key.
 
-Note that this implementation does not provide remote backups, for this you can use the [backup app](https://apps.nextcloud.com/apps/backup). 
+Note that this implementation does not provide remote backups, for this you can use the [backup app](https://apps.nextcloud.com/apps/backup).
+
+---
+
+**Pro-tip**: you can open the BorgBackup archives on your host by following these steps:<br>
+(instructions for Ubuntu Desktop)
+```bash
+# Install borgbackup on the host
+sudo apt update && sudo apt install borgbackup
+
+# Mount the archives to /tmp/borg (if you are using the default backup location /mnt/backup/borg)
+sudo mkdir -p /tmp/borg && sudo borg mount "/mnt/backup/borg" /tmp/borg
+
+# After entering your repository key successfully, you should be able to access all archives in /tmp/borg
+# You can now do whatever you want by syncing them to a different place using rsync or doing other things
+# E.g. you can open the file manager on that location by running:
+xhost +si:localuser:root && sudo nautilus /tmp/borg
+
+# When you are done, simply close the file manager and run the following command to unmount the backup archives:
+sudo umount /tmp/borg
+```
+
+### How to allow the Nextcloud container to access directories on the host?
+By default, the Nextcloud container is confined and cannot access directories on the host OS. You might want to change this when you are planning to use local external storage in Nextcloud to store some files outside the data directory and can do so by adding the environmental variable `NEXTCLOUD_MOUNT` to the initial startup of the mastercontainer. Allowed values for that variable are strings that are equal to or start with `/mnt/` or `/media/` or are equal to `/var/backups` and unequal to `/mnt/ncdata`. Two examples for this are: `-e NEXTCLOUD_MOUNT="/mnt/"` or `-e NEXTCLOUD_MOUNT="/media/"`. After doing so, please make sure to apply the correct permissions to the directories that you want to use in Nextcloud. E.g. `sudo chown -R 33:0 /mnt/your-drive-mountpoint` should make it work. You can then navigate to the apps management page, activate the external storage app, navigate to `https://your-nc-domain.com/settings/admin/externalstorages` and add a local external storage directory that will be accessible inside the container at the same place that you've entered. E.g. `/mnt/your-drive-mountpoint` will be mounted to `/mnt/your-drive-mountpoint` inside the container, etc.
 
 ### Huge docker logs
 When your containers run for a few days without a restart, the container logs that you can view from the AIO interface can get really huge. You can limit the loge sizes by enabling logrotate for docker container logs. Feel free to enable this by following those instructions: https://sandro-keil.de/blog/logrotate-for-docker-container/
@@ -134,6 +157,9 @@ You can move the whole docker library and all its files including all Nextcloud
 ### How to edit Nextclouds config.php file with a texteditor?
 You can edit Nextclouds config.php file directly from the host with your favorite text editor. E.g. like this: `sudo nano /var/lib/docker/volumes/nextcloud_aio_nextcloud/_data/config/config.php`. Make sure to not break the file though which might corrupt your Nextcloud instance otherwise. In best case, create a backup using the built-in backup solution before editing the file.
 
+### Custom skeleton directory
+If you want to define a custom skeleton directory, you can do so by putting your skeleton files into `/var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/skeleton/`, applying the correct permissions with `sudo chown -R 33:0 /var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/skeleton` and setting the skeleton directory option with `sudo docker exec -it nextcloud-aio-nextcloud php occ config:system:set skeletondirectory --value="/mnt/ncdata/skeleton"`. You can read further on this option here: [click here](https://docs.nextcloud.com/server/stable/admin_manual/configuration_server/config_sample_php_parameters.html?highlight=skeletondir#:~:text=adding%20%3Fdirect%3D1-,'skeletondirectory',-%3D%3E%20'%2Fpath%2Fto%2Fnextcloud)
+
 ### LDAP
 It is possible to connect to an existing LDAP server. You need to make sure that the LDAP server is reachable from the Nextcloud container. Then you can enable the LDAP app and configure LDAP in Nextcloud manually. If you don't have a LDAP server yet, recommended is to use this docker container: https://hub.docker.com/r/osixia/openldap/. Make sure here as well that Nextcloud can talk to the LDAP server. The easiest way is by adding the LDAP docker container to the docker network `nextcloud-aio`. Then you can connect to the LDAP container by its name from the Nextcloud container. **Pro-tip**: You will probably find this app useful: https://apps.nextcloud.com/apps/ldap_write_support