increase to 1.3.1

Signed-off-by: szaimen <szaimen@e.mail.de>

.github/dependabot.yml

@@ -3,7 +3,8 @@ updates:
 - package-ecosystem: "github-actions"
   directory: "/"
   schedule:
-    interval: "weekly"
+    interval: "daily"
+    time: "12:00"
   open-pull-requests-limit: 10
 - package-ecosystem: composer
   directory: "/php/"

.github/workflows/create-psalm-container.yml

@@ -31,21 +31,21 @@ jobs:
           APCU
 
       - name: Log in to GitHub Docker Registry
-        uses: docker/login-action@v1
+        uses: docker/login-action@v2
         with:
           registry: docker.pkg.github.com
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Log in to GitHub Container Registry
-        uses: docker/login-action@v1
+        uses: docker/login-action@v2
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Build container image
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v3
         with:
           push: true
           context: 'psalm-github-actions'

.github/workflows/json-validator.yml

@@ -0,0 +1,20 @@
+name: Json Validator
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+
+jobs:
+  psalm:
+    name: Json Validator
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - name: Validate Json
+        run: |
+          sudo apt install python3-pip --no-install-recommends
+          sudo pip3 install json-spec
+          json validate --schema-file=php/containers-schema.json --document-file=php/containers.json

.github/workflows/lint-php.yml

@@ -0,0 +1,48 @@
+# This workflow is provided via the organization template repository
+#
+# https://github.com/nextcloud/.github
+# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
+
+name: Lint
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+      - master
+      - stable*
+
+jobs:
+  php-lint:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        php-versions: ["8.0"]
+
+    name: php-lint
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Set up php ${{ matrix.php-versions }}
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php-versions }}
+          coverage: none
+
+      - name: Lint
+        run: cd php && composer run lint
+
+  summary:
+    runs-on: ubuntu-latest
+    needs: php-lint
+
+    if: always()
+
+    name: php-lint-summary
+
+    steps:
+      - name: Summary status
+        run: if ${{ needs.php-lint.result != 'success' && needs.php-lint.result != 'skipped' }}; then exit 1; fi

.github/workflows/psalm-analysis.yml

@@ -3,16 +3,26 @@ name: Psalm Analysis
 on:
   pull_request:
   push:
+    branches:
+      - main
 
 jobs:
   psalm:
     name: Psalm
     runs-on: ubuntu-latest
     steps:
-      - name: Checkout code
-        uses: actions/checkout@v3
-      - name: Psalm
-        uses: docker://ghcr.io/nextcloud/all-in-one-psalm
+      - uses: actions/checkout@v3
+      - name: Set up php8.0
+        uses: shivammathur/setup-php@v2
         with:
-          composer_ignore_platform_reqs: false
-          relative_dir: php
+          php-version: 8.0
+          extensions: apcu
+          coverage: none
+
+      - name: Run script
+        run: |
+          set -x
+          cd php
+          composer global require vimeo/psalm --prefer-dist --no-progress --dev
+          composer install
+          composer run psalm

.github/workflows/shellcheck.yml

@@ -3,6 +3,8 @@ name: Shellcheck
 on:
   pull_request:
   push:
+    branches:
+      - main
 
 jobs:
   shellcheck:

.github/workflows/spellcheck.yml

@@ -3,6 +3,8 @@ name: 'Spellcheck'
 on:
   pull_request:
   push:
+    branches:
+      - main
 
 jobs:
   spellcheck:

.github/workflows/update-yaml.yml

@@ -0,0 +1,27 @@
+name: Update Yaml files
+
+on:
+  workflow_dispatch:
+  schedule:
+  - cron:  '00 12 * * *'
+
+jobs:
+  psalm:
+    name: update yaml files
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - name: update yaml files
+        run: |
+          sudo bash manual-install/update-yaml.sh
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@v4
+        with:
+          commit-message: Yaml updates
+          signoff: true
+          title: Yaml updates
+          body: Automated yaml updates for the docker-compose files. Should only be merged shortly before the next latest release.
+          labels: dependencies
+          milestone: next
+          branch: aio-yaml-update

.gitignore

@@ -3,3 +3,6 @@
 /php/data/configuration.json
 /php/data/backupsecret.json
 /php/vendor
+/manual-install/*.conf
+!/manual-install/sample.conf
+/manual-install/docker-compose.yml

Containers/apache/Caddyfile

@@ -36,6 +36,7 @@
         uri strip_prefix /onlyoffice
         reverse_proxy {$ONLYOFFICE_HOST}:80 {
             header_up X-Forwarded-Host {http.request.host}/onlyoffice
+            header_up X-Forwarded-Proto https
         }
     }
 
@@ -44,7 +45,7 @@
         rewrite /.well-known/carddav /remote.php/dav
         rewrite /.well-known/caldav /remote.php/dav
         header Strict-Transport-Security max-age=31536000;
-        reverse_proxy localhost:80
+        reverse_proxy localhost:8000
     }
 
     # TLS options

Containers/apache/Dockerfile

@@ -1,7 +1,7 @@
 # Caddy is a requirement
 FROM caddy:2.5.1-alpine as caddy
 
-FROM debian:bullseye-20220418-slim
+FROM debian:bullseye-20220509-slim
 
 EXPOSE 80
 
@@ -40,6 +40,10 @@ RUN a2enmod rewrite \
 
 COPY nextcloud.conf /etc/apache2/sites-available/
 
+RUN rm /etc/apache2/ports.conf; \
+    sed -s -i -e "s/Include ports.conf//" /etc/apache2/apache2.conf; \
+    sed -i "/^Listen /d" /etc/apache2/apache2.conf
+
 RUN set -ex; \
     a2dissite 000-default && \
     a2dissite default-ssl && \

Containers/apache/nextcloud.conf

@@ -1,4 +1,5 @@
-<VirtualHost *:80>
+Listen 8000
+<VirtualHost *:8000>
     # PHP match
     <FilesMatch "\.php$">
         SetHandler "proxy:fcgi://nextcloud-aio-nextcloud:9000"

Containers/borgbackup/Dockerfile

@@ -1,4 +1,4 @@
-FROM debian:bullseye-20220418-slim
+FROM debian:bullseye-20220509-slim
 
 RUN set -ex; \
     \

Containers/clamav/Dockerfile

@@ -1,5 +1,6 @@
 # Probably from this file: https://github.com/Cisco-Talos/clamav/blob/main/Dockerfile
 FROM clamav/clamav:0.104.2-3
 
+RUN apk add --update --no-cache tzdata
 COPY clamav.conf /tmp/
 RUN cat /tmp/clamav.conf >> /etc/clamav/clamd.conf

Containers/collabora/Dockerfile

@@ -1,2 +1,15 @@
 # From a file located probably somewhere here: https://github.com/CollaboraOnline/online/tree/master/docker
-FROM collabora/code:21.11.4.2.1
+FROM collabora/code:21.11.4.2.1
+
+USER root
+
+RUN set -ex; \
+    \
+    apt-get update; \
+    export DEBIAN_FRONTEND=noninteractive; \
+    apt-get install -y --no-install-recommends \
+        tzdata \
+    ; \
+    rm -rf /var/lib/apt/lists/*
+
+USER 104

Containers/mastercontainer/Caddyfile

@@ -1,4 +1,6 @@
 {
+    # auto_https will create redirects for https://{host}:8443 instead of https://{host}
+    # https redirects are added manually in the http://:80 block
     auto_https disable_redirects
 
     storage file_system {
@@ -6,6 +8,10 @@
     }
 }
 
+http://:80 {
+  redir https://{host}{uri}
+}
+
 https://:8443 {
 
     reverse_proxy localhost:8000

Containers/mastercontainer/Dockerfile

@@ -1,11 +1,11 @@
 # Docker CLI is a requirement
-FROM docker:20.10.15-dind-alpine3.15 as dind
+FROM docker:20.10.16-dind-alpine3.15 as dind
 
 # Caddy is a requirement
 FROM caddy:2.5.1-alpine as caddy
 
 # From https://github.com/docker-library/php/blob/master/8.0/bullseye/apache/Dockerfile
-FROM php:8.0.18-apache-bullseye
+FROM php:8.0.19-apache-bullseye
 
 EXPOSE 80
 EXPOSE 8080

Containers/mastercontainer/start.sh

@@ -78,7 +78,9 @@ fi
 
 # Check for other options
 if [ -n "$NEXTCLOUD_DATADIR" ]; then
-    if ! echo "$NEXTCLOUD_DATADIR" | grep -q "^/" || [ "$NEXTCLOUD_DATADIR" = "/" ]; then
+    if [ "$NEXTCLOUD_DATADIR" = "nextcloud_aio_nextcloud_datadir" ]; then
+        echo "NEXTCLOUD_DATADIR is set to $NEXTCLOUD_DATADIR"
+    elif ! echo "$NEXTCLOUD_DATADIR" | grep -q "^/" || [ "$NEXTCLOUD_DATADIR" = "/" ]; then
         echo "You've set NEXTCLOUD_DATADIR but not to an allowed value.
 The string must start with '/' and must not be equal to '/'.
 It is set to '$NEXTCLOUD_DATADIR'."
@@ -140,16 +142,11 @@ chown root:root -R /mnt/docker-aio-config/certs/
 # Don't allow access to the AIO interface from the Nextcloud container
 # Probably more cosmetic than anything but at least an attempt
 if ! grep -q '# nextcloud-aio-block' /etc/apache2/apache2.conf; then
-    if ! NETWORK_GATEWAY="$(docker inspect nextcloud-aio-mastercontainer --format "{{.NetworkSettings.Gateway}}")" || [ -z "$NETWORK_GATEWAY" ]; then
-        echo "Could not get the gateway of the mastercontainer. Cannot continue."
-        exit 1
-    fi
     cat << APACHE_CONF >> /etc/apache2/apache2.conf
 # nextcloud-aio-block-start
 <Location />
 order allow,deny
 deny from nextcloud-aio-nextcloud.nextcloud-aio
-deny from $NETWORK_GATEWAY
 allow from all
 </Location>
 # nextcloud-aio-block-end

Containers/nextcloud/Dockerfile

@@ -1,5 +1,5 @@
 # From https://github.com/nextcloud/docker/blob/master/23/fpm-alpine/Dockerfile
-FROM php:8.0.18-fpm-alpine3.15
+FROM php:8.0.19-fpm-alpine3.15
 
 # Custom: change id of www-data user as it needs to be the same like on old installations
 RUN set -ex; \
@@ -105,7 +105,7 @@ RUN { \
 VOLUME /var/www/html
 
 
-ENV NEXTCLOUD_VERSION 23.0.4
+ENV NEXTCLOUD_VERSION 23.0.5
 
 RUN set -ex; \
     apk add --no-cache --virtual .fetch-deps \
@@ -198,6 +198,7 @@ RUN set -ex; \
         gnupg \
         git \
         postgresql-client \
+        tzdata \
     ; \
     rm -rf /var/lib/apt/lists/*
 
@@ -221,8 +222,6 @@ RUN set -ex; \
     chown www-data:root -R /usr/local/etc/php/conf.d && \
     chown www-data:root -R /var/log/supervisord/ && \
     chown www-data:root -R /var/run/supervisord/ && \
-    mkdir -p /var/log/nextcloud/ && \
-    chown -R www-data:root /var/log/nextcloud/ && \
     rm -r /usr/src/nextcloud/apps/updatenotification
 
 COPY start.sh /

Containers/nextcloud/entrypoint.sh

@@ -53,6 +53,7 @@ if [ -f "/var/www/html/lib/versioncheck.php" ] && ! php /var/www/html/lib/versio
     echo "It seems like your installed Nextcloud is not compatible with the by the container provided PHP version."
     echo "This most likely happened because you tried to restore an old Nextcloud version from backup that is not compatible with the PHP version that comes with the container."
     echo "Please try to restore a more recent backup which contains a Nextcloud version that is compatible with the PHP version that comes with the container."
+    echo "If you do not have a more recent backup, feel free to have a look at this documentation: https://github.com/nextcloud/all-in-one/blob/main/manual-upgrade.md"
     exit 1
 fi
 
@@ -169,10 +170,10 @@ if ! [ -f "/mnt/ncdata/skip.update" ]; then
             mkdir -p /var/www/html/data
             php /var/www/html/occ config:system:set loglevel --value=2
             php /var/www/html/occ config:system:set log_type --value=file
-            php /var/www/html/occ config:system:set logfile --value="/var/log/nextcloud/nextcloud.log"
+            php /var/www/html/occ config:system:set logfile --value="/var/www/html/data/nextcloud.log"
             php /var/www/html/occ config:system:set log_rotate_size --value="10485760"
             php /var/www/html/occ app:enable admin_audit
-            php /var/www/html/occ config:app:set admin_audit logfile --value="/var/log/nextcloud/audit.log"
+            php /var/www/html/occ config:app:set admin_audit logfile --value="/var/www/html/data/audit.log"
             php /var/www/html/occ config:system:set log.condition apps 0 --value="admin_audit"
 
             # Apply preview settings
@@ -271,6 +272,11 @@ echo "Applying one-click-instance settings..."
 php /var/www/html/occ config:system:set one-click-instance --value=true --type=bool
 php /var/www/html/occ config:system:set one-click-instance.user-limit --value=100 --type=int
 
+# Adjusting log files to be stored on a volume
+echo "Adjusting log files..."
+php /var/www/html/occ config:system:set logfile --value="/var/www/html/data/nextcloud.log"
+php /var/www/html/occ config:app:set admin_audit logfile --value="/var/www/html/data/audit.log"
+
 # Apply network settings
 echo "Applying network settings..."
 php /var/www/html/occ config:system:set trusted_domains 1 --value="$NC_DOMAIN"

Containers/onlyoffice/Dockerfile

@@ -1,2 +1,2 @@
 # From https://github.com/ONLYOFFICE/Docker-DocumentServer/blob/master/Dockerfile
-FROM onlyoffice/documentserver:7.0.1.37
+FROM onlyoffice/documentserver:7.1.0.215

Containers/postgresql/Dockerfile

@@ -1,5 +1,5 @@
 # From https://github.com/docker-library/postgres/blob/master/13/alpine/Dockerfile
-FROM postgres:14.2-alpine3.15
+FROM postgres:14.3-alpine3.15
 
 RUN apk add --update --no-cache bash openssl shadow netcat-openbsd
 

docker-compose.yml

@@ -18,8 +18,8 @@ services:
       - 8443:8443 # Can be removed when running behind a reverse proxy. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
     # environment: # Is needed when using any of the options below
       # - APACHE_PORT=11000 # Is needed when running behind a reverse proxy. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
-      # - NEXTCLOUD_DATADIR="/mnt/ncdata" # Allows to set the host directory for Nextcloud's datadir. See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir
-      # - NEXTCLOUD_MOUNT="/mnt/" # Allows the Nextcloud container to access the chosen directory on the host. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host
+      # - NEXTCLOUD_DATADIR=/mnt/ncdata # Allows to set the host directory for Nextcloud's datadir. See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir
+      # - NEXTCLOUD_MOUNT=/mnt/ # Allows the Nextcloud container to access the chosen directory on the host. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host
 
   # # Optional: Caddy reverse proxy. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
   # # You can find further examples here: https://github.com/nextcloud/all-in-one/discussions/588

manual-install/latest-arm64.yml

@@ -0,0 +1,136 @@
+version: "3.8"
+
+services:
+  nextcloud-aio-apache:
+    container_name: nextcloud-aio-apache
+    depends_on:
+      - nextcloud-aio-collabora
+      - nextcloud-aio-talk
+      - nextcloud-aio-nextcloud
+    image: nextcloud/aio-apache:latest-arm64
+    ports:
+      - ${APACHE_PORT}:${APACHE_PORT}/tcp
+    environment:
+      - NC_DOMAIN=${NC_DOMAIN}
+      - NEXTCLOUD_HOST=nextcloud-aio-nextcloud
+      - COLLABORA_HOST=nextcloud-aio-collabora
+      - TALK_HOST=nextcloud-aio-talk
+      - APACHE_PORT=${APACHE_PORT}
+      - TZ=${TIMEZONE}
+    volumes:
+      - nextcloud_aio_nextcloud:/var/www/html:ro
+      - nextcloud_aio_apache:/mnt/data:rw
+    stop_grace_period: 10s
+    restart: unless-stopped
+    networks:
+      - nextcloud-aio
+ 
+  nextcloud-aio-database:
+    container_name: nextcloud-aio-database
+    image: nextcloud/aio-postgresql:latest-arm64
+    volumes:
+      - nextcloud_aio_database:/var/lib/postgresql/data:rw
+      - nextcloud_aio_database_dump:/mnt/data:rw
+    environment:
+      - POSTGRES_PASSWORD=${DATABASE_PASSWORD}
+      - POSTGRES_DB=nextcloud_database
+      - POSTGRES_USER=nextcloud
+      - TZ=${TIMEZONE}
+      - PGTZ=${TIMEZONE}
+    stop_grace_period: 1800s
+    restart: unless-stopped
+    networks:
+      - nextcloud-aio
+ 
+  nextcloud-aio-nextcloud:
+    container_name: nextcloud-aio-nextcloud
+    depends_on:
+      - nextcloud-aio-database
+      - nextcloud-aio-redis
+    image: nextcloud/aio-nextcloud:latest-arm64
+    volumes:
+      - nextcloud_aio_nextcloud:/var/www/html:rw
+      - ${NEXTCLOUD_DATADIR}:/mnt/ncdata:rw
+      - ${NEXTCLOUD_MOUNT}:${NEXTCLOUD_MOUNT}:rw
+    environment:
+      - POSTGRES_HOST=nextcloud-aio-database
+      - POSTGRES_PASSWORD=${DATABASE_PASSWORD}
+      - POSTGRES_DB=nextcloud_database
+      - POSTGRES_USER=nextcloud
+      - REDIS_HOST=nextcloud-aio-redis
+      - REDIS_HOST_PASSWORD=${REDIS_PASSWORD}
+      - AIO_TOKEN=${AIO_TOKEN}
+      - NC_DOMAIN=${NC_DOMAIN}
+      - ADMIN_USER=admin
+      - ADMIN_PASSWORD=${NEXTCLOUD_PASSWORD}
+      - NEXTCLOUD_DATA_DIR=/mnt/ncdata
+      - OVERWRITEHOST=${NC_DOMAIN}
+      - OVERWRITEPROTOCOL=https
+      - TURN_SECRET=${TURN_SECRET}
+      - SIGNALING_SECRET=${SIGNALING_SECRET}
+      - AIO_URL=${AIO_URL}
+      - NEXTCLOUD_MOUNT=${NEXTCLOUD_MOUNT}
+      - COLLABORA_ENABLED=${COLLABORA_ENABLED}
+      - COLLABORA_HOST=nextcloud-aio-collabora
+      - TALK_ENABLED=${TALK_ENABLED}
+      - DAILY_BACKUP_RUNNING=${DAILY_BACKUP_RUNNING}
+      - TZ=${TIMEZONE}
+    stop_grace_period: 10s
+    restart: unless-stopped
+    networks:
+      - nextcloud-aio
+ 
+  nextcloud-aio-redis:
+    container_name: nextcloud-aio-redis
+    image: nextcloud/aio-redis:latest-arm64
+    environment:
+      - REDIS_HOST_PASSWORD=${REDIS_PASSWORD}
+      - TZ=${TIMEZONE}
+    stop_grace_period: 10s
+    restart: unless-stopped
+    networks:
+      - nextcloud-aio
+ 
+  nextcloud-aio-collabora:
+    container_name: nextcloud-aio-collabora
+    image: nextcloud/aio-collabora:latest-arm64
+    environment:
+      - aliasgroup1=https://${NC_DOMAIN}:443
+      - extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:logging.level=warning
+      - TZ=${TIMEZONE}
+    stop_grace_period: 10s
+    restart: unless-stopped
+    networks:
+      - nextcloud-aio
+ 
+  nextcloud-aio-talk:
+    container_name: nextcloud-aio-talk
+    image: nextcloud/aio-talk:latest-arm64
+    ports:
+      - 3478:3478/tcp
+      - 3478:3478/udp
+    environment:
+      - NC_DOMAIN=${NC_DOMAIN}
+      - TURN_SECRET=${TURN_SECRET}
+      - SIGNALING_SECRET=${SIGNALING_SECRET}
+      - JANUS_API_KEY=${JANUS_API_KEY}
+      - TZ=${TIMEZONE}
+    stop_grace_period: 10s
+    restart: unless-stopped
+    networks:
+      - nextcloud-aio
+ 
+volumes:
+  nextcloud_aio_apache:
+    name: nextcloud_aio_apache
+  nextcloud_aio_database:
+    name: nextcloud_aio_database
+  nextcloud_aio_database_dump:
+    name: nextcloud_aio_database_dump
+  nextcloud_aio_nextcloud:
+    name: nextcloud_aio_nextcloud
+  nextcloud_aio_nextcloud_data:
+    name: nextcloud_aio_nextcloud_data
+
+networks:
+  nextcloud-aio:

manual-install/latest.yml

@@ -0,0 +1,171 @@
+version: "3.8"
+
+services:
+  nextcloud-aio-apache:
+    container_name: nextcloud-aio-apache
+    depends_on:
+      - nextcloud-aio-onlyoffice
+      - nextcloud-aio-collabora
+      - nextcloud-aio-clamav
+      - nextcloud-aio-talk
+      - nextcloud-aio-nextcloud
+    image: nextcloud/aio-apache:latest
+    ports:
+      - ${APACHE_PORT}:${APACHE_PORT}/tcp
+    environment:
+      - NC_DOMAIN=${NC_DOMAIN}
+      - NEXTCLOUD_HOST=nextcloud-aio-nextcloud
+      - COLLABORA_HOST=nextcloud-aio-collabora
+      - TALK_HOST=nextcloud-aio-talk
+      - APACHE_PORT=${APACHE_PORT}
+      - ONLYOFFICE_HOST=nextcloud-aio-onlyoffice
+      - TZ=${TIMEZONE}
+    volumes:
+      - nextcloud_aio_nextcloud:/var/www/html:ro
+      - nextcloud_aio_apache:/mnt/data:rw
+    stop_grace_period: 10s
+    restart: unless-stopped
+    networks:
+      - nextcloud-aio
+ 
+  nextcloud-aio-database:
+    container_name: nextcloud-aio-database
+    image: nextcloud/aio-postgresql:latest
+    volumes:
+      - nextcloud_aio_database:/var/lib/postgresql/data:rw
+      - nextcloud_aio_database_dump:/mnt/data:rw
+    environment:
+      - POSTGRES_PASSWORD=${DATABASE_PASSWORD}
+      - POSTGRES_DB=nextcloud_database
+      - POSTGRES_USER=nextcloud
+      - TZ=${TIMEZONE}
+      - PGTZ=${TIMEZONE}
+    stop_grace_period: 1800s
+    restart: unless-stopped
+    networks:
+      - nextcloud-aio
+ 
+  nextcloud-aio-nextcloud:
+    container_name: nextcloud-aio-nextcloud
+    depends_on:
+      - nextcloud-aio-database
+      - nextcloud-aio-redis
+    image: nextcloud/aio-nextcloud:latest
+    volumes:
+      - nextcloud_aio_nextcloud:/var/www/html:rw
+      - ${NEXTCLOUD_DATADIR}:/mnt/ncdata:rw
+      - ${NEXTCLOUD_MOUNT}:${NEXTCLOUD_MOUNT}:rw
+    environment:
+      - POSTGRES_HOST=nextcloud-aio-database
+      - POSTGRES_PASSWORD=${DATABASE_PASSWORD}
+      - POSTGRES_DB=nextcloud_database
+      - POSTGRES_USER=nextcloud
+      - REDIS_HOST=nextcloud-aio-redis
+      - REDIS_HOST_PASSWORD=${REDIS_PASSWORD}
+      - AIO_TOKEN=${AIO_TOKEN}
+      - NC_DOMAIN=${NC_DOMAIN}
+      - ADMIN_USER=admin
+      - ADMIN_PASSWORD=${NEXTCLOUD_PASSWORD}
+      - NEXTCLOUD_DATA_DIR=/mnt/ncdata
+      - OVERWRITEHOST=${NC_DOMAIN}
+      - OVERWRITEPROTOCOL=https
+      - TURN_SECRET=${TURN_SECRET}
+      - SIGNALING_SECRET=${SIGNALING_SECRET}
+      - AIO_URL=${AIO_URL}
+      - NEXTCLOUD_MOUNT=${NEXTCLOUD_MOUNT}
+      - CLAMAV_ENABLED=${CLAMAV_ENABLED}
+      - CLAMAV_HOST=nextcloud-aio-clamav
+      - ONLYOFFICE_ENABLED=${ONLYOFFICE_ENABLED}
+      - COLLABORA_ENABLED=${COLLABORA_ENABLED}
+      - COLLABORA_HOST=nextcloud-aio-collabora
+      - TALK_ENABLED=${TALK_ENABLED}
+      - ONLYOFFICE_HOST=nextcloud-aio-onlyoffice
+      - DAILY_BACKUP_RUNNING=${DAILY_BACKUP_RUNNING}
+      - TZ=${TIMEZONE}
+    stop_grace_period: 10s
+    restart: unless-stopped
+    networks:
+      - nextcloud-aio
+ 
+  nextcloud-aio-redis:
+    container_name: nextcloud-aio-redis
+    image: nextcloud/aio-redis:latest
+    environment:
+      - REDIS_HOST_PASSWORD=${REDIS_PASSWORD}
+      - TZ=${TIMEZONE}
+    stop_grace_period: 10s
+    restart: unless-stopped
+    networks:
+      - nextcloud-aio
+ 
+  nextcloud-aio-collabora:
+    container_name: nextcloud-aio-collabora
+    image: nextcloud/aio-collabora:latest
+    environment:
+      - aliasgroup1=https://${NC_DOMAIN}:443
+      - extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:logging.level=warning
+      - TZ=${TIMEZONE}
+    stop_grace_period: 10s
+    restart: unless-stopped
+    networks:
+      - nextcloud-aio
+ 
+  nextcloud-aio-talk:
+    container_name: nextcloud-aio-talk
+    image: nextcloud/aio-talk:latest
+    ports:
+      - 3478:3478/tcp
+      - 3478:3478/udp
+    environment:
+      - NC_DOMAIN=${NC_DOMAIN}
+      - TURN_SECRET=${TURN_SECRET}
+      - SIGNALING_SECRET=${SIGNALING_SECRET}
+      - JANUS_API_KEY=${JANUS_API_KEY}
+      - TZ=${TIMEZONE}
+    stop_grace_period: 10s
+    restart: unless-stopped
+    networks:
+      - nextcloud-aio
+ 
+  nextcloud-aio-clamav:
+    container_name: nextcloud-aio-clamav
+    image: nextcloud/aio-clamav:latest
+    environment:
+      - TZ=${TIMEZONE}
+    volumes:
+      - nextcloud_aio_clamav:/var/lib/clamav:rw
+    stop_grace_period: 10s
+    restart: unless-stopped
+    networks:
+      - nextcloud-aio
+ 
+  nextcloud-aio-onlyoffice:
+    container_name: nextcloud-aio-onlyoffice
+    image: nextcloud/aio-onlyoffice:latest
+    environment:
+      - TZ=${TIMEZONE}
+    volumes:
+      - nextcloud_aio_onlyoffice:/var/lib/onlyoffice:rw
+    stop_grace_period: 10s
+    restart: unless-stopped
+    networks:
+      - nextcloud-aio
+
+volumes:
+  nextcloud_aio_apache:
+    name: nextcloud_aio_apache
+  nextcloud_aio_clamav:
+    name: nextcloud_aio_clamav
+  nextcloud_aio_database:
+    name: nextcloud_aio_database
+  nextcloud_aio_database_dump:
+    name: nextcloud_aio_database_dump
+  nextcloud_aio_nextcloud:
+    name: nextcloud_aio_nextcloud
+  nextcloud_aio_onlyoffice:
+    name: nextcloud_aio_onlyoffice
+  nextcloud_aio_nextcloud_data:
+    name: nextcloud_aio_nextcloud_data
+
+networks:
+  nextcloud-aio:

manual-install/readme.md

@@ -0,0 +1,41 @@
+# Manual installation
+
+You can run the containers that are build for AIO with docker-compose. This comes with a few downsides, that are discussed below.
+
+### Advantages
+- You can run it without a container having access to the docker socket
+- You can modify all values on your own
+
+### Disadvantages
+- You loose the AIO interface
+- You loose update notifications and automatic updates
+- You loose all AIO backup and restore features
+- You need to know what you are doing, especially when modifying the docker-compose file
+- Probably more
+
+## How to use this?
+First, install docker and docker-compose if not already done. Then simply run the following:
+```bash
+git clone https://github.com/nextcloud/all-in-one.git
+cd all-in-one/manual-install
+```
+Then copy the sample.conf to a new file, e.g. `cp sample.conf my.conf`, open the new conf file, e.g. with `nano my.conf`, edit all values that are marked with `# TODO!`, close and save the file.
+
+Now copy the provided yaml file to a docker-compose file by running on x64 `cp latest.yml docker-compose.yml` and on arm64 `cp latest-arm64.yml docker-compose.yml`.
+
+Now you should be ready to go with `sudo docker-compose --env-file my.conf up`.
+
+## How to update?
+Since the AIO containers may change in the future, it is highly recommended to strictly follow the following procedure whenever you want to upgrade your containers.
+1. Run `sudo docker-compose --env-file my.conf down` to stop all running containers
+1. Back up all important files and folders
+1. Run `git pull` in order to get the updated yaml files from the repository. Now bring your `docker-compose.yml` file up-to-date with the updated one from the repository. You can use `diff docker-compose.yml latest.yml` on x64 and `diff docker-compose.yml latest-arm64.yml` on arm64 for comparing.
+1. Also have a look at the `sample.conf` if any variable was added or renamed and add that to your conf file as well. Here may help the diff command as well.
+1. After the file update was successful, simply run `sudo docker-compose --env-file my.conf pull` to pull the new images.
+1. At the end run `sudo docker-compose --env-file my.conf up` in order to start and update the containers with the new configuration.
+
+## FAQ
+### Backup and restore?
+If you leave `NEXTLOUD_DATADIR` in your conf file at the default value of `nextcloud_aio_nextcloud_data` and don't modify the yaml file, all data will be stored inside docker volumes which are on Linux by default located here: `/var/lib/docker/volumes`. Simply backing up this location should be a valid backup solution. Then you can also easily restore in case something bad happens. However if you change `NEXTLOUD_DATADIR` to a path like `/mnt/ncdata`, you obviously need to back up this location, too because the Nextcloud data will be stored there. The same applies to any change to the yaml file. 
+
+Obviously you also need to back up the conf file and the yaml file if you modified it.

manual-install/sample.conf

@@ -0,0 +1,18 @@
+AIO_TOKEN=123456          # Has no function but needs to be set!
+AIO_URL=localhost          # Has no function but needs to be set!
+APACHE_PORT=443          # Changing this to a different value than 443 will allow you to run it behind a reverse proxy.
+CLAMAV_ENABLED=no          # Setting this to "yes" enables the option in Nextcloud automatically.
+COLLABORA_ENABLED=yes          # Setting this to "yes" enables the option in Nextcloud automatically.
+DAILY_BACKUP_RUNNING=no          # When setting to yes, it will automatically update all installed Nextcloud apps upon container startup.
+DATABASE_PASSWORD=          # TODO! This needs to be a unique and good password!
+JANUS_API_KEY=          # TODO! This needs to be a unique and good password!
+NC_DOMAIN=yourdomain.com          # TODO! Needs to be changed to the domain that you want to use for Nextcloud.
+NEXTCLOUD_DATADIR=nextcloud_aio_nextcloud_data          # You can change this to e.g. "/mnt/ncdata" to map it to a location on your host. It needs to be adjusted before the first startup and never afterwards!
+NEXTCLOUD_MOUNT=/mnt/          # This allows the Nextcloud container to access directories on the host. It must never be equal to the value of NEXTCLOUD_DATADIR!
+NEXTCLOUD_PASSWORD=          # TODO! This is the password of the initially created Nextcloud admin with username "admin".
+ONLYOFFICE_ENABLED=no          # Setting this to "yes" enables the option in Nextcloud automatically.
+REDIS_PASSWORD=          # TODO! This needs to be a unique and good password!
+SIGNALING_SECRET=          # TODO! This needs to be a unique and good password!
+TALK_ENABLED=yes          # Setting this to "yes" enables the option in Nextcloud automatically.
+TIMEZONE=Europe/Berlin          # TODO! This is the timezone that your containers will use.
+TURN_SECRET=          # TODO! This needs to be a unique and good password!

manual-install/update-yaml.sh

@@ -0,0 +1,123 @@
+#!/bin/bash
+
+jq -c . ./php/containers.json > /tmp/containers.json
+sed -i 's|","location":"|:|g' /tmp/containers.json
+sed -i 's|","writeable":false|:ro"|g' /tmp/containers.json
+sed -i 's|","writeable":true|:rw"|g' /tmp/containers.json
+OUTPUT="$(cat /tmp/containers.json)"
+OUTPUT="$(echo "$OUTPUT" | jq 'del(.production[].internalPorts)')"
+OUTPUT="$(echo "$OUTPUT" | jq 'del(.production[].secrets)')"
+OUTPUT="$(echo "$OUTPUT" | jq 'del(.production[] | select(.identifier == "nextcloud-aio-watchtower"))')"
+OUTPUT="$(echo "$OUTPUT" | jq 'del(.production[] | select(.identifier == "nextcloud-aio-domaincheck"))')"
+OUTPUT="$(echo "$OUTPUT" | jq 'del(.production[] | select(.identifier == "nextcloud-aio-borgbackup"))')"
+
+snap install yq
+mkdir -p ./manual-install
+echo "$OUTPUT" | yq -P > ./manual-install/containers.yml
+
+cd manual-install || exit
+sed -i "s|'||g" containers.yml
+sed -i 's|production:|services:|' containers.yml
+sed -i 's|- identifier:|  container_name:|' containers.yml
+sed -i 's|restartPolicy:|restart:|' containers.yml
+sed -i 's|environmentVariables:|environment:|' containers.yml
+sed -i '/displayName:/d' containers.yml
+sed -i 's|maxShutdownTime:|stop_grace_period:|' containers.yml
+sed -i '/stop_grace_period:/s/$/s/' containers.yml
+sed -i 's|containerName:|image:|' containers.yml
+sed -i '/: \[\]/d' containers.yml
+sed -i 's|dependsOn:|depends_on:|' containers.yml
+sed -i 's|- name: |- |' containers.yml
+
+TCP="$(grep -oP '[%A-Z0-9_]+/tcp' containers.yml | sort -u)"
+mapfile -t TCP <<< "$TCP"
+for port in "${TCP[@]}" 
+do
+    solve_port="${port%%/tcp}"
+    sed -i "s|$port|$solve_port:$solve_port/tcp|" containers.yml
+done
+
+UDP="$(grep -oP '[%A-Z0-9_]+/udp' containers.yml | sort -u)"
+mapfile -t UDP <<< "$UDP"
+for port in "${UDP[@]}"
+do
+    solve_port="${port%%/udp}"
+    sed -i "s|$port|$solve_port:$solve_port/udp|" containers.yml
+done
+
+rm -f sample.conf
+VARIABLES="$(grep -oP '%[A-Z_a-z0-6]+%' containers.yml | sort -u)"
+mapfile -t VARIABLES <<< "$VARIABLES"
+for variable in "${VARIABLES[@]}"
+do
+    # shellcheck disable=SC2001
+    sole_variable="$(echo "$variable" | sed 's|%||g')"
+    echo "$sole_variable=" >> sample.conf
+    sed -i "s|$variable|\${$sole_variable}|g" containers.yml
+done
+
+sed -i 's|_ENABLED=|_ENABLED=no          # Setting this to "yes" enables the option in Nextcloud automatically.|' sample.conf
+sed -i 's|TALK_ENABLED=no|TALK_ENABLED=yes|' sample.conf
+sed -i 's|COLLABORA_ENABLED=no|COLLABORA_ENABLED=yes|' sample.conf
+sed -i 's|NEXTCLOUD_DATADIR=|NEXTCLOUD_DATADIR=nextcloud_aio_nextcloud_data          # You can change this to e.g. "/mnt/ncdata" to map it to a location on your host. It needs to be adjusted before the first startup and never afterwards!|' sample.conf
+sed -i 's|NEXTCLOUD_MOUNT=|NEXTCLOUD_MOUNT=/mnt/          # This allows the Nextcloud container to access directories on the host. It must never be equal to the value of NEXTCLOUD_DATADIR!|' sample.conf
+sed -i 's|DAILY_BACKUP_RUNNING=|DAILY_BACKUP_RUNNING=no          # When setting to yes, it will automatically update all installed Nextcloud apps upon container startup.|' sample.conf
+sed -i 's|APACHE_PORT=|APACHE_PORT=443          # Changing this to a different value than 443 will allow you to run it behind a reverse proxy.|' sample.conf
+sed -i 's|AIO_TOKEN=|AIO_TOKEN=123456          # Has no function but needs to be set!|' sample.conf
+sed -i 's|AIO_URL=|AIO_URL=localhost          # Has no function but needs to be set!|' sample.conf
+sed -i 's|NC_DOMAIN=|NC_DOMAIN=yourdomain.com          # TODO! Needs to be changed to the domain that you want to use for Nextcloud.|' sample.conf
+sed -i 's|NEXTCLOUD_PASSWORD=|NEXTCLOUD_PASSWORD=          # TODO! This is the password of the initially created Nextcloud admin with username "admin".|' sample.conf
+sed -i 's|TIMEZONE=|TIMEZONE=Europe/Berlin          # TODO! This is the timezone that your containers will use.|' sample.conf
+sed -i 's|=$|=          # TODO! This needs to be a unique and good password!|' sample.conf
+
+cat sample.conf
+
+OUTPUT="$(cat containers.yml)"
+NAMES="$(grep -oP "container_name:.*" containers.yml | grep -oP 'nextcloud-aio.*')"
+mapfile -t NAMES <<< "$NAMES"
+for name in "${NAMES[@]}"
+do
+    OUTPUT="$(echo "$OUTPUT" | sed "/container_name.*$name/i\ \ $name:")"
+    if [ "$name" != "nextcloud-aio-apache" ]; then
+        OUTPUT="$(echo "$OUTPUT" | sed "/  $name:/i\ ")"
+    fi
+done
+
+OUTPUT="$(echo "$OUTPUT" | sed "/restart: /a\ \ \ \ networks:\n\ \ \ \ \ \ - nextcloud-aio")"
+
+echo 'version: "3.8"' > containers.yml
+echo "" >> containers.yml
+
+echo "$OUTPUT" >> containers.yml
+
+VOLUMES="$(grep -oP 'nextcloud_aio_[a-z_]+' containers.yml | sort -u)"
+mapfile -t VOLUMES <<< "$VOLUMES"
+echo "" >> containers.yml
+echo "volumes:" >> containers.yml
+for volume in "${VOLUMES[@]}" "nextcloud_aio_nextcloud_data"
+do
+    cat << VOLUMES >> containers.yml
+  $volume:
+    name: $volume
+VOLUMES
+done
+
+cat << NETWORK >> containers.yml
+
+networks:
+  nextcloud-aio:
+NETWORK
+
+cat containers.yml > latest.yml
+sed -i '/image:/s/$/:latest/' latest.yml
+
+cat containers.yml > latest-arm64.yml
+sed -i '/image:/s/$/:latest-arm64/' latest-arm64.yml
+sed -i '/  nextcloud-aio-clamav:/,/^$/d' latest-arm64.yml
+sed -i '/nextcloud[-_]aio[-_]clamav/d' latest-arm64.yml
+sed -i '/CLAMAV_ENABLED/d' latest-arm64.yml
+sed -i '/  nextcloud-aio-onlyoffice:/,/^$/d' latest-arm64.yml
+sed -i '/nextcloud[-_]aio[-_]onlyoffice/d' latest-arm64.yml
+sed -i '/ONLYOFFICE_ENABLED/d' latest-arm64.yml
+
+rm containers.yml

manual-upgrade.md

@@ -0,0 +1,25 @@
+# Manual upgrade
+
+If you do not install any upgrade for around 6-12 months or longer, it can happen that your instance is so outdated that in the meantime the PHP version of the Nextcloud container got bumped to a version that is not compatible with your currently installed Nextcloud version which means that after doing an upgrade after this long time, Nextcloud will suddenly not work anymore. There is unfortunately no way to fix this from the maintainer side if you refrain from upgrading for so long.
+
+The only way to fix this on your side is upgrading regularly (e.g. by enabling daily backups which will also automatically upgrade all containers) and following the steps below:
+
+1. Start all containers from the aio interface (now, it will report that Nextcloud is restarting because it is not able to start due to the above mentioned problem)
+1. Do **not** click on `Stop containers` because you will need them running going forward, see below
+1. Stop the Nextcloud container and the Apache container by running `sudo docker stop nextcloud-aio-nextcloud && sudo docker stop nextcloud-aio-apache`.
+1. Find out with which PHP version your installed Nextcloud is compatible by running `sudo cat /var/lib/docker/volumes/nextcloud_aio_nextcloud/_data/lib/versioncheck.php`. (There you will find information about the max. supported PHP version.)
+1. Run the following commands in order to reverse engineer the Nextcloud container:
+    ```bash
+        sudo docker pull assaflavie/runlike
+        echo '#/bin/bash' > /tmp/nextcloud-aio-nextcloud
+        sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock assaflavie/runlike -p nextcloud-aio-nextcloud >> /tmp/nextcloud-aio-nextcloud
+        sudo chown root:root /tmp/nextcloud-aio-nextcloud
+    ```
+1. Now open the file with e.g. nano: `sudo nano /tmp/nextcloud-aio-nextcloud` and change the line that should probably be `nextcloud/aio-nextcloud:latest` on x64 or `nextcloud/aio-nextcloud:latest-arm64` on arm64 to the highest compatible PHP version: E.g. `nextcloud/aio-nextcloud:php8.0-latest` on x64 or `nextcloud/aio-nextcloud:php8.0-latest-arm64` on arm64. Then save the file and close it with `[Ctrl]+[o]` -> `[Enter]` and `[Ctrl]+[x]`.
+1. After doing so, remove the Nextcloud container with `sudo docker rm nextcloud-aio-nextcloud`.
+1. Now start the Nextcloud container with the new tag by simply running `sudo bash /tmp/nextcloud-aio-nextcloud` which at startup should automatically upgrade Nextcloud to a more recent version. If not, make sure that there is no `skip.update` file in the Nextcloud datadir. If there is such a file, simply delete the file and restart the container again.<br>
+**Info**: You can open the Nextcloud container logs with `sudo docker logs -f nextcloud-aio-nextcloud`.
+1. After the Nextcloud container is started (you can tell by looking at the logs), simply restart the container again with `sudo docker restart nextcloud-aio-nextcloud` until it does not install a new Nextcloud update anymore upon the container startup.
+1. Now, you should be able to use the AIO interface again by simply stopping the AIO containers and starting them again which should finally bring up your instance again.
+1. If not and if you get the same error again, you may repeat the process starting from the beginning again until your Nextcloud version is finally up-to-date.
+1. Now, if everything is finally running as usual again, it is recommended to create a backup in order to save the current state. Also you should think about enabling daily backups if doing regularl upgrades is too much effort for you.

migration.md

@@ -1,11 +1,11 @@
-## How to migrate from an already existing Nextcloud installation to Nextcloud AIO?
+# How to migrate from an already existing Nextcloud installation to Nextcloud AIO?
 
 There are basically two ways how to migrate from an already existing Nextcloud installation to Nextcloud AIO:
 
 1. Migrate only the files which is the easiest way
 1. Migrate the files and the database which is much more complicated
 
-### Migrate only the files 
+## Migrate only the files 
 **Please note**: If you used groupfolders or encrypted your files before, you will need to restore the database, as well!
 
 The procedure for migrating only the files works like this:
@@ -14,16 +14,16 @@ The procedure for migrating only the files works like this:
 1. Recreate all users that were present on your former installation
 1. Take a backup using Nextcloud AIO's built-in backup solution (so that you can easily restore to this state again) (Note: this will stop all containers and is expected: don't start the container again at this point!)
 1. Restore the datadirectory of your former instance into the following directory: `/var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/`
-1. Next, run `sudo chown -R 33:0 /var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/*` to apply the correct permissions
+1. Next, run `sudo chown -R 33:0 /var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/*` and `sudo chmod -R 750 /var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/*` to apply the correct permissions
 1. Start the containers again and wait until all containers are running
 1. Run `sudo docker exec -it nextcloud-aio-nextcloud php occ files:scan-app-data && sudo docker exec -it nextcloud-aio-nextcloud php occ files:scan --all` in order to scan all files in the datadirectory.
 
-### Migrate the files and the database
+## Migrate the files and the database
 **Please note**: this is much more complicated than migrating only the files and also not as failproof so be warned!<br>
 Also, you will currently not be able to use local external storage in Nextcloud AIO since that is not supported, yet. See https://github.com/nextcloud/all-in-one/issues/76
 
 The procedure for migrating the files and the database works like this:
-1. Make sure that your old instance is on exactly the same version like the version used in Nextcloud AIO. (e.g. 23.0.0) If not, simply upgrade your former installation to that version or wait until the version used in Nextcloud AIO got updated to the same version of your former installation or the other way around.
+1. Make sure that your old instance is on exactly the same version like the version used in Nextcloud AIO. (e.g. 23.0.0) You can find the used version here: [click here](https://github.com/nextcloud/all-in-one/search?l=Dockerfile&q=NEXTCLOUD_VERSION&type=). If not, simply upgrade your former installation to that version or wait until the version used in Nextcloud AIO got updated to the same version of your former installation or the other way around.
 1. Take a backup of your former instance (especially from your datadirectory and database)
 1. If your former installation didn't use Postgresql already, you will now need to convert your old installation to use Postgresql as database temporarily (in order to be able to perform a pg_dump afterwards):
     1. Install Postgresql on your former installation: on a Debian based OS should the following command work:
@@ -36,13 +36,13 @@ The procedure for migrating the files and the database works like this:
         export PG_PASSWORD="my-temporary-password"
         export PG_DATABASE="nextcloud_db"
         sudo -u postgres psql <<END
-        CREATE USER $PG_USER WITH PASSWORD '$PGDB_PASS';
+        CREATE USER $PG_USER WITH PASSWORD '$PG_PASSWORD';
         CREATE DATABASE $PG_DATABASE WITH OWNER $PG_USER TEMPLATE template0 ENCODING 'UTF8';
         END
         ```
     1. Run the following command to start the conversion:
         ```
-        occ db:convert-type --all-apps --password "$PGDB_PASS" pgsql "$PG_USER" 127.0.0.1 "$PG_DATABASE"
+        occ db:convert-type --all-apps --password "$PG_PASSWORD" pgsql "$PG_USER" 127.0.0.1 "$PG_DATABASE"
         ```
         **Please note:** You might need to change the ip-address `127.0.0.1` based on your exact installation.<br>
         Further information on the conversion is additionally available here: https://docs.nextcloud.com/server/stable/admin_manual/configuration_database/db_conversion.html#converting-database-type
@@ -54,7 +54,7 @@ The procedure for migrating the files and the database works like this:
     ```
     **Please note:** The exact name of the database export file is important! (`database-dump.sql`)<br>
     And of course you need to to use the correct name that the Postgresql database has for the export (if `$PG_DATABASE` doesn't work directly).
-1. At this point, you can finally install Nextcloud AIO on a new server/linux installation, enter your domain (use the same domain that you used on your former installation) and wait until all containers are running
+1. At this point, you can finally install Nextcloud AIO on a new server/linux installation, enter your domain in the AIO interface (use the same domain that you used on your former installation) and wait until all containers are running. Then you should check the included Nextcloud version by running `sudo docker inspect nextcloud-aio-nextcloud | grep NEXTCLOUD_VERSION`.
 1. Next, take a backup using Nextcloud AIO's built-in backup solution (so that you can easily restore to this state again) (Note: this will stop all containers and is expected: don't start the container again at this point!)
 1. Now, we are slowly starting to import your files and database. First, you need to modify the datadirectory that is stored inside the database export:
     1. Find out what the directory of your old Nextcloud installation is by e.g. opening the config.php file and looking at the value `datadirectory`.
@@ -73,7 +73,7 @@ The procedure for migrating the files and the database works like this:
     sudo rm -r /var/lib/docker/volumes/nextcloud_aio_database/_data/*
     ```
 1. If the commands above were executed successfully, restore the datadirectory of your former instance into the following directory: `/var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/`
-1. Next, run `sudo chown -R 33:0 /var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/*` to apply the correct permissions
+1. Next, run `sudo chown -R 33:0 /var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/*` and `sudo chmod -R 750 /var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/*`to apply the correct permissions
 1. Edit the Nextcloud AIO config.php file that is stored in `/var/lib/docker/volumes/nextcloud_aio_nextcloud/_data/config/config.php` and modify only `passwordsalt`, `secret`, `instanceid` and set it to the old values that you used on your old installation. If you are brave, feel free to modify further values e.g. add your old LDAP config or S3 storage config. (Some things like Mail server config can be added back using Nextcloud's webinterface later on).
 1. When you are done and saved your changes to the file, finally start the containers again and wait until all containers are running.
 1. Now run `sudo docker exec -it nextcloud-aio-nextcloud php occ maintenance:data-fingerprint`.

php/composer.json

@@ -20,6 +20,7 @@
     },
     "scripts": {
 		"psalm": "psalm --threads=1",
-		"psalm:update-baseline": "psalm --threads=1 --update-baseline"
+		"psalm:update-baseline": "psalm --threads=1 --update-baseline",
+        "lint": "find . -name \\*.php -not -path './vendor/*' -print0 | xargs -0 -n1 php -l"
 	}
 }

php/composer.lock

@@ -8,16 +8,16 @@
     "packages": [
         {
             "name": "guzzlehttp/guzzle",
-            "version": "7.4.2",
+            "version": "7.4.3",
             "source": {
                 "type": "git",
                 "url": "https://github.com/guzzle/guzzle.git",
-                "reference": "ac1ec1cd9b5624694c3a40be801d94137afb12b4"
+                "reference": "74a8602c6faec9ef74b7a9391ac82c5e65b1cdab"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/guzzle/guzzle/zipball/ac1ec1cd9b5624694c3a40be801d94137afb12b4",
-                "reference": "ac1ec1cd9b5624694c3a40be801d94137afb12b4",
+                "url": "https://api.github.com/repos/guzzle/guzzle/zipball/74a8602c6faec9ef74b7a9391ac82c5e65b1cdab",
+                "reference": "74a8602c6faec9ef74b7a9391ac82c5e65b1cdab",
                 "shasum": ""
             },
             "require": {
@@ -112,7 +112,7 @@
             ],
             "support": {
                 "issues": "https://github.com/guzzle/guzzle/issues",
-                "source": "https://github.com/guzzle/guzzle/tree/7.4.2"
+                "source": "https://github.com/guzzle/guzzle/tree/7.4.3"
             },
             "funding": [
                 {
@@ -128,7 +128,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2022-03-20T14:16:28+00:00"
+            "time": "2022-05-25T13:24:33+00:00"
         },
         {
             "name": "guzzlehttp/promises",
@@ -389,16 +389,16 @@
         },
         {
             "name": "laravel/serializable-closure",
-            "version": "v1.1.1",
+            "version": "v1.2.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/laravel/serializable-closure.git",
-                "reference": "9e4b005daa20b0c161f3845040046dc9ddc1d74e"
+                "reference": "09f0e9fb61829f628205b7c94906c28740ff9540"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/laravel/serializable-closure/zipball/9e4b005daa20b0c161f3845040046dc9ddc1d74e",
-                "reference": "9e4b005daa20b0c161f3845040046dc9ddc1d74e",
+                "url": "https://api.github.com/repos/laravel/serializable-closure/zipball/09f0e9fb61829f628205b7c94906c28740ff9540",
+                "reference": "09f0e9fb61829f628205b7c94906c28740ff9540",
                 "shasum": ""
             },
             "require": {
@@ -444,7 +444,7 @@
                 "issues": "https://github.com/laravel/serializable-closure/issues",
                 "source": "https://github.com/laravel/serializable-closure"
             },
-            "time": "2022-02-11T19:23:53+00:00"
+            "time": "2022-05-16T17:09:47+00:00"
         },
         {
             "name": "nikic/fast-route",
@@ -1366,25 +1366,25 @@
         },
         {
             "name": "symfony/deprecation-contracts",
-            "version": "v3.0.1",
+            "version": "v2.5.1",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/deprecation-contracts.git",
-                "reference": "26954b3d62a6c5fd0ea8a2a00c0353a14978d05c"
+                "reference": "e8b495ea28c1d97b5e0c121748d6f9b53d075c66"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/deprecation-contracts/zipball/26954b3d62a6c5fd0ea8a2a00c0353a14978d05c",
-                "reference": "26954b3d62a6c5fd0ea8a2a00c0353a14978d05c",
+                "url": "https://api.github.com/repos/symfony/deprecation-contracts/zipball/e8b495ea28c1d97b5e0c121748d6f9b53d075c66",
+                "reference": "e8b495ea28c1d97b5e0c121748d6f9b53d075c66",
                 "shasum": ""
             },
             "require": {
-                "php": ">=8.0.2"
+                "php": ">=7.1"
             },
             "type": "library",
             "extra": {
                 "branch-alias": {
-                    "dev-main": "3.0-dev"
+                    "dev-main": "2.5-dev"
                 },
                 "thanks": {
                     "name": "symfony/contracts",
@@ -1413,7 +1413,7 @@
             "description": "A generic function and convention to trigger deprecation notices",
             "homepage": "https://symfony.com",
             "support": {
-                "source": "https://github.com/symfony/deprecation-contracts/tree/v3.0.1"
+                "source": "https://github.com/symfony/deprecation-contracts/tree/v2.5.1"
             },
             "funding": [
                 {
@@ -1429,7 +1429,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2022-01-02T09:55:41+00:00"
+            "time": "2022-01-02T09:53:40+00:00"
         },
         {
             "name": "symfony/polyfill-ctype",
@@ -1677,16 +1677,16 @@
         },
         {
             "name": "twig/twig",
-            "version": "v3.3.10",
+            "version": "v3.4.1",
             "source": {
                 "type": "git",
                 "url": "https://github.com/twigphp/Twig.git",
-                "reference": "8442df056c51b706793adf80a9fd363406dd3674"
+                "reference": "e939eae92386b69b49cfa4599dd9bead6bf4a342"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/twigphp/Twig/zipball/8442df056c51b706793adf80a9fd363406dd3674",
-                "reference": "8442df056c51b706793adf80a9fd363406dd3674",
+                "url": "https://api.github.com/repos/twigphp/Twig/zipball/e939eae92386b69b49cfa4599dd9bead6bf4a342",
+                "reference": "e939eae92386b69b49cfa4599dd9bead6bf4a342",
                 "shasum": ""
             },
             "require": {
@@ -1701,7 +1701,7 @@
             "type": "library",
             "extra": {
                 "branch-alias": {
-                    "dev-master": "3.3-dev"
+                    "dev-master": "3.4-dev"
                 }
             },
             "autoload": {
@@ -1737,7 +1737,7 @@
             ],
             "support": {
                 "issues": "https://github.com/twigphp/Twig/issues",
-                "source": "https://github.com/twigphp/Twig/tree/v3.3.10"
+                "source": "https://github.com/twigphp/Twig/tree/v3.4.1"
             },
             "funding": [
                 {
@@ -1749,7 +1749,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2022-04-06T06:47:41+00:00"
+            "time": "2022-05-17T05:48:52+00:00"
         }
     ],
     "packages-dev": [],

php/containers-schema.json

@@ -0,0 +1,79 @@
+{
+	"type": "object",
+	"description": "AIO containers definition schema",
+	"additionalProperties": false,
+	"minProperties": 1,
+	"properties": {
+		"production": {
+			"type": "array",
+			"items": {
+				"type": "object",
+				"additionalProperties": false,
+				"minProperties": 11,
+				"properties": {
+					"containerName": {
+						"type": "string"
+					},
+					"dependsOn": {
+						"type": "array",
+						"items": {
+							"type": "string"
+						}
+					},
+					"displayName": {
+						"type": "string"
+					},
+					"environmentVariables": {
+						"type": "array",
+						"items": {
+							"type": "string"
+						}
+					},
+					"identifier": {
+						"type": "string"
+					},
+					"internalPorts": {
+						"type": "array",
+						"items": {
+							"type": "string"
+						}
+					},
+					"maxShutdownTime": {
+						"type": "integer"
+					},
+					"ports": {
+						"type": "array",
+						"items": {
+							"type": "string"
+						}
+					},
+					"restartPolicy": {
+						"type": "string"
+					},
+					"secrets": {
+						"type": "array"
+					},
+					"volumes": {
+						"type": "array",
+						"items": {
+							"type": "object",
+							"additionalProperties": false,
+							"minProperties": 3,
+							"properties": {
+								"location": {
+									"type": "string"
+								},
+								"name": {
+									"type": "string"
+								},
+								"writeable": {
+									"type": "boolean"
+								}
+							}
+						}
+					}
+				}
+			}
+		}
+	}
+}

php/containers.json

@@ -1,6 +1,7 @@
 {
   "production": [
     {
+      "identifier": "nextcloud-aio-apache",
       "dependsOn": [
         "nextcloud-aio-onlyoffice",
         "nextcloud-aio-collabora",
@@ -8,7 +9,6 @@
         "nextcloud-aio-talk",
         "nextcloud-aio-nextcloud"
       ],
-      "identifier": "nextcloud-aio-apache",
       "displayName": "Apache",
       "containerName": "nextcloud/aio-apache",
       "ports": [
@@ -24,7 +24,8 @@
         "COLLABORA_HOST=nextcloud-aio-collabora",
         "TALK_HOST=nextcloud-aio-talk",
         "APACHE_PORT=%APACHE_PORT%",
-        "ONLYOFFICE_HOST=nextcloud-aio-onlyoffice"
+        "ONLYOFFICE_HOST=nextcloud-aio-onlyoffice",
+        "TZ=%TIMEZONE%"
       ],
       "volumes": [
         {
@@ -42,8 +43,8 @@
       "restartPolicy": "unless-stopped"
     },
     {
-      "dependsOn": [],
       "identifier": "nextcloud-aio-database",
+      "dependsOn": [],
       "displayName": "Database",
       "containerName": "nextcloud/aio-postgresql",
       "ports": [],
@@ -68,17 +69,19 @@
       "environmentVariables": [
         "POSTGRES_PASSWORD=%DATABASE_PASSWORD%",
         "POSTGRES_DB=nextcloud_database",
-        "POSTGRES_USER=nextcloud"
+        "POSTGRES_USER=nextcloud",
+        "TZ=%TIMEZONE%",
+        "PGTZ=%TIMEZONE%"
       ],
       "maxShutdownTime": 1800,
       "restartPolicy": "unless-stopped"
     },
     {
+      "identifier": "nextcloud-aio-nextcloud",
       "dependsOn": [
         "nextcloud-aio-database",
         "nextcloud-aio-redis"
       ],
-      "identifier": "nextcloud-aio-nextcloud",
       "displayName": "Nextcloud",
       "containerName": "nextcloud/aio-nextcloud",
       "ports": [],
@@ -134,14 +137,15 @@
         "COLLABORA_HOST=nextcloud-aio-collabora",
         "TALK_ENABLED=%TALK_ENABLED%",
         "ONLYOFFICE_HOST=nextcloud-aio-onlyoffice",
-        "DAILY_BACKUP_RUNNING=%DAILY_BACKUP_RUNNING%"
+        "DAILY_BACKUP_RUNNING=%DAILY_BACKUP_RUNNING%",
+        "TZ=%TIMEZONE%"
       ],
       "maxShutdownTime": 10,
       "restartPolicy": "unless-stopped"
     },
     {
-      "dependsOn": [],
       "identifier": "nextcloud-aio-redis",
+      "dependsOn": [],
       "displayName": "Redis",
       "containerName": "nextcloud/aio-redis",
       "ports": [],
@@ -149,7 +153,8 @@
         "6379"
       ],
       "environmentVariables": [
-        "REDIS_HOST_PASSWORD=%REDIS_PASSWORD%"
+        "REDIS_HOST_PASSWORD=%REDIS_PASSWORD%",
+        "TZ=%TIMEZONE%"
       ],
       "volumes": [],
       "secrets": [
@@ -159,8 +164,8 @@
       "restartPolicy": "unless-stopped"
     },
     {
-      "dependsOn": [],
       "identifier": "nextcloud-aio-collabora",
+      "dependsOn": [],
       "displayName": "Collabora",
       "containerName": "nextcloud/aio-collabora",
       "ports": [],
@@ -169,7 +174,8 @@
       ],
       "environmentVariables": [
         "aliasgroup1=https://%NC_DOMAIN%:443",
-        "extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:logging.level=warning"
+        "extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:logging.level=warning",
+        "TZ=%TIMEZONE%"
       ],
       "volumes": [],
       "secrets": [],
@@ -177,8 +183,8 @@
       "restartPolicy": "unless-stopped"
     },
     {
-      "dependsOn": [],
       "identifier": "nextcloud-aio-talk",
+      "dependsOn": [],
       "displayName": "Talk",
       "containerName": "nextcloud/aio-talk",
       "ports": [
@@ -192,7 +198,8 @@
         "NC_DOMAIN=%NC_DOMAIN%",
         "TURN_SECRET=%TURN_SECRET%",
         "SIGNALING_SECRET=%SIGNALING_SECRET%",
-        "JANUS_API_KEY=%JANUS_API_KEY%"
+        "JANUS_API_KEY=%JANUS_API_KEY%",
+        "TZ=%TIMEZONE%"
       ],
       "volumes": [],
       "secrets": [
@@ -204,8 +211,8 @@
       "restartPolicy": "unless-stopped"
     },
     {
-      "dependsOn": [],
       "identifier": "nextcloud-aio-borgbackup",
+      "dependsOn": [],
       "displayName": "Borgbackup",
       "containerName": "nextcloud/aio-borgbackup",
       "ports": [],
@@ -265,8 +272,8 @@
       "restartPolicy": ""
     },
     {
-      "dependsOn": [],
       "identifier": "nextcloud-aio-watchtower",
+      "dependsOn": [],
       "displayName": "Watchtower",
       "containerName": "nextcloud/aio-watchtower",
       "ports": [],
@@ -306,15 +313,17 @@
       "restartPolicy": ""
     },
     {
-      "dependsOn": [],
       "identifier": "nextcloud-aio-clamav",
+      "dependsOn": [],
       "displayName": "ClamAV",
       "containerName": "nextcloud/aio-clamav",
       "ports": [],
       "internalPorts": [
         "3310"
       ],
-      "environmentVariables": [],
+      "environmentVariables": [
+        "TZ=%TIMEZONE%"
+      ],
       "volumes": [
         {
           "name": "nextcloud_aio_clamav",
@@ -327,15 +336,17 @@
       "restartPolicy": "unless-stopped"
     },
     {
-      "dependsOn": [],
       "identifier": "nextcloud-aio-onlyoffice",
+      "dependsOn": [],
       "displayName": "OnlyOffice",
       "containerName": "nextcloud/aio-onlyoffice",
       "ports": [],
       "internalPorts": [
         "80"
       ],
-      "environmentVariables": [],
+      "environmentVariables": [
+        "TZ=%TIMEZONE%"
+      ],
       "volumes": [
         {
           "name": "nextcloud_aio_onlyoffice",

php/public/forms.js

@@ -12,7 +12,7 @@
     }
     lastError = toast
     body.prepend(toast)
-    setTimeout(toast.remove.bind(toast), 7000)
+    setTimeout(toast.remove.bind(toast), 10000)
   }
 
   function handleEvent(e) {

php/public/index.php

@@ -96,6 +96,7 @@ $app->get('/containers', function ($request, $response, $args) use ($container)
         'borg_restore_password' => $configurationManager->GetBorgRestorePassword(),
         'daily_backup_time' => $configurationManager->GetDailyBackupTime(),
         'is_daily_backup_running' => $configurationManager->isDailyBackupRunning(),
+        'timezone' => $configurationManager->GetTimezone(),
     ]);
 })->setName('profile');
 $app->get('/login', function ($request, $response, $args) use ($container) {

php/src/Auth/PasswordGenerator.php

@@ -7792,7 +7792,7 @@ class PasswordGenerator
             if($password !== '') {
                 $password = $password . ' ';
             }
-            $password = $password . $this->words[random_int(0, 2047)];
+            $password = $password . $this->words[random_int(0, 7775)];
         }
 
         return $password;

php/src/Controller/ConfigurationController.php

@@ -52,6 +52,15 @@ class ConfigurationController
                 $this->configurationManager->DeleteDailyBackupTime();
             }
 
+            if (isset($request->getParsedBody()['delete_timezone'])) {
+                $this->configurationManager->DeleteTimezone();
+            }
+
+            if (isset($request->getParsedBody()['timezone'])) {
+                $timezone = $request->getParsedBody()['timezone'] ?? '';
+                $this->configurationManager->SetTimezone($timezone);
+            }
+
             if (isset($request->getParsedBody()['options-form'])) {
                 if (isset($request->getParsedBody()['collabora']) && isset($request->getParsedBody()['onlyoffice'])) {
                     throw new InvalidSettingConfigurationException("Collabora and Onlyoffice are not allowed to be enabled at the same time!");

php/src/Controller/DockerController.php

@@ -132,6 +132,10 @@ class DockerController
         $uri = $request->getUri();
         $host = $uri->getHost();
         $port = $uri->getPort();
+        if ($port === 8000) {
+            error_log('The AIO_URL-port was discovered to be 8000 which is not expected. It is now set to 443.');
+            $port = 443;
+        }
 
         $config = $this->configurationManager->GetConfig();
         // set AIO_URL

php/src/Data/ConfigurationManager.php

@@ -190,7 +190,7 @@ class ConfigurationManager
     public function SetDomain(string $domain) : void {
         // Validate domain
         if (!filter_var($domain, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME)) {
-            throw new InvalidSettingConfigurationException("Domain is not in a valid format!");
+            throw new InvalidSettingConfigurationException("Domain is not a valid domain!");
         }
 
         // Validate that it is not an IP-address
@@ -202,14 +202,15 @@ class ConfigurationManager
 
         // Validate IP
         if(!filter_var($dnsRecordIP, FILTER_VALIDATE_IP)) {
-            throw new InvalidSettingConfigurationException("DNS config is not set or domain is not in a valid format!");
+            throw new InvalidSettingConfigurationException("DNS config is not set for this domain or the domain is not a valid domain! (It was found to be set to '" . $dnsRecordIP . "')");
         }
 
-        $connection = @fsockopen($domain, 443, $errno, $errstr, 0.1);
+        // Check if port 443 is open
+        $connection = @fsockopen($domain, 443, $errno, $errstr, 10);
         if ($connection) {
             fclose($connection);
         } else {
-            throw new InvalidSettingConfigurationException("The server is not reachable on Port 443.");
+            throw new InvalidSettingConfigurationException("The server is not reachable on Port 443. You can verify this e.g. with 'https://portchecker.co/' by entering your domain there as ip-address and port 443 as port.");
         }
 
         // Get Instance ID
@@ -223,15 +224,18 @@ class ConfigurationManager
             $protocol = 'http://';
         }
 
+        // Check if response is correct
         $ch = curl_init();
-        curl_setopt($ch, CURLOPT_URL, $protocol . $domain . ':443');
+        $testUrl = $protocol . $domain . ':443';
+        curl_setopt($ch, CURLOPT_URL, $testUrl);
         curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
         $response = (string)curl_exec($ch);
         # Get rid of trailing \n
         $response = str_replace("\n", "", $response);
 
-        if($response !== $instanceID) {
-            throw new InvalidSettingConfigurationException("Domain does not point to this server or reverse proxy not configured correctly.");
+        if ($response !== $instanceID) {
+            error_log('The response of the connection attempt to "' . $testUrl . '" was: ' . $response);
+            throw new InvalidSettingConfigurationException("Domain does not point to this server or the reverse proxy is not configured correctly. See the mastercontainer logs for more details. ('sudo docker logs -f nextcloud-aio-mastercontainer')");
         }
 
         // Write domain
@@ -285,6 +289,8 @@ class ConfigurationManager
         $isValidPath = false;
         if (str_starts_with($location, '/') && !str_ends_with($location, '/')) {
             $isValidPath = true;
+        } elseif ($location === 'nextcloud_aio_backupdir') {
+            $isValidPath = true;
         }
 
         if (!$isValidPath) {
@@ -308,6 +314,8 @@ class ConfigurationManager
         $isValidPath = false;
         if (str_starts_with($location, '/') && !str_ends_with($location, '/')) {
             $isValidPath = true;
+        } elseif ($location === 'nextcloud_aio_backupdir') {
+            $isValidPath = true;
         }
 
         if (!$isValidPath) {
@@ -479,4 +487,36 @@ class ConfigurationManager
         }
         return false;
     }
+
+    public function GetTimezone() : string {
+        $config = $this->GetConfig();
+        if(!isset($config['timezone'])) {
+            $config['timezone'] = '';
+        }
+
+        return $config['timezone'];
+    }
+
+    /**
+     * @throws InvalidSettingConfigurationException
+     */
+    public function SetTimezone(string $timezone) : void {
+        if ($timezone === "") {
+            throw new InvalidSettingConfigurationException("The timezone must not be empty!");
+        }
+
+        if (!preg_match("#^[a-zA-Z0-9_\-\/\+]+$#", $timezone)) {
+            throw new InvalidSettingConfigurationException("The entered timezone does not seem to be a valid timezone!");
+        }
+
+        $config = $this->GetConfig();
+        $config['timezone'] = $timezone;
+        $this->WriteConfig($config);
+    }
+
+    public function DeleteTimezone() : void {
+        $config = $this->GetConfig();
+        $config['timezone'] = '';
+        $this->WriteConfig($config);
+    }
 }

php/src/Docker/DockerActionManager.php

@@ -185,6 +185,10 @@ class DockerActionManager
                 '/',
             ];
 
+            if ($volume->name === 'nextcloud_aio_nextcloud_datadir' || $volume->name === 'nextcloud_aio_backupdir') {
+                return;
+            }
+
             $firstChar = substr($volume->name, 0, 1);
             if(!in_array($firstChar, $forbiddenChars)) {
                 $this->guzzleClient->request(
@@ -280,6 +284,12 @@ class DockerActionManager
                     } else {
                         $replacements[1] = '';
                     }
+                } elseif ($out[1] === 'TIMEZONE') {
+                    if ($this->configurationManager->GetTimezone() === '') {
+                        $replacements[1] = 'UTC';
+                    } else {
+                        $replacements[1] = $this->configurationManager->GetTimezone();
+                    }
                 } else {
                     $replacements[1] = $this->configurationManager->GetSecret($out[1]);
                 }
@@ -530,9 +540,13 @@ class DockerActionManager
                 $url,
                 [
                     'json' => [
-                        'name' => 'nextcloud-aio',
-                        'checkDuplicate' => true,
-                        'internal' => true,
+                        'Name' => 'nextcloud-aio',
+                        'CheckDuplicate' => true,
+                        'Driver' => 'bridge',
+                        'Internal' => false,
+                        'Options' => [
+                            'com.docker.network.bridge.enable_icc' => 'true'
+                        ]
                     ]
                 ]
             );

php/templates/containers.twig

@@ -16,7 +16,7 @@
     </header>
 
     <div class="content">
-        <h1>Nextcloud AIO v1.2.0</h1>
+        <h1>Nextcloud AIO v1.3.1</h1>
 
         {% set isAnyRunning = false %}
         {% set isAnyRestarting = false %}
@@ -68,7 +68,7 @@
             {% if is_backup_container_running == false and domain == "" %}
                 {% if is_mastercontainer_update_available == true %}
                     <h2>Mastercontainer update</h2>
-                    ⚠ A mastercontainer update is available. Please click on the button below to update it. Afterwards, you will be able to proceed with the setup.<br><br>
+                    ⚠️ A mastercontainer update is available. Please click on the button below to update it. Afterwards, you will be able to proceed with the setup.<br><br>
                     <form method="POST" action="/api/docker/watchtower" class="xhr">
                         <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
                         <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
@@ -144,8 +144,8 @@
                             The folder path that you enter must start with <b>/</b> and must <b>not</b> end with <b>/</b>.<br><br>
                             An example for Linux is <b>/mnt/backup</b>.<br>
                             For macOS it may be <b>/var/backup</b>.<br>
-                            On Windows it might be <b>/host_mnt/c/backup</b>. (This Windows example would be equivalent to 'C:\backup' on the Windows host. So you need to translate the path that you want to use into the correct format.)<br><br>
-                            ⚠ Note that the backup archive must be located in a subfolder of the folder that you enter here and the subfolder which contains the archive must be named 'borg'. Otherwise will the backup container not find the backup archive!<br><br>
+                            On Windows it must be <b>nextcloud_aio_backupdir</b>. You need to create the 'nextcloud_aio_backupdir' volume beforehand by following this documentation: <a href="https://github.com/nextcloud/all-in-one#how-to-run-it-on-windows"><b>click here</b></a><br><br>
+                            ⚠️ Note that the backup archive must be located in a subfolder of the folder that you enter here and the subfolder which contains the archive must be named 'borg'. Otherwise will the backup container not find the backup archive!<br><br>
                         {% endif %}
                     {% else %}
                         <b>Everything set!</b> Click on the button below to test the path and password:<br/><br/>
@@ -175,11 +175,12 @@
                             <summary>Click here to reveal the initial Nextcloud credentials</summary><br />
                         {% endif %}
                                 Initial Nextcloud username: <b>admin</b><br />
-                                Initial Nextcloud password: <b>{{ nextcloud_password }}</b>
+                                Initial Nextcloud password: 
                         {% if borg_backup_host_location != '' %}
-                            </details><br /><br />
+                            {# nextcloud_password needs to be duplicated due to a bug in Firefox. See https://github.com/nextcloud/all-in-one/issues/638. #}
+                            <b>{{ nextcloud_password }}</b></details><br /><br />
                         {% else %}
-                            <br><br>
+                            <b>{{ nextcloud_password }}</b><br><br>
                         {% endif %}
                         <a href="https://{{ domain }}" class="button" target="_blank" rel="noopener">Open your Nextcloud ↗</a><br/>
                     {% else %}
@@ -222,7 +223,7 @@
 
                     {% if has_update_available == true %}
                         {% if is_mastercontainer_update_available == false %}
-                            ⚠ Container updates are available. Click on 'Stop Containers' and 'Start Containers' to update them. You should consider creating a backup first.<br><br>
+                            ⚠️ Container updates are available. Click on 'Stop Containers' and 'Start Containers' to update them. You should consider creating a backup first.<br><br>
                         {% endif %}
                     {% else %}
                         {% if is_mastercontainer_update_available == false %}
@@ -234,7 +235,7 @@
                 {% if isAnyRunning == true %}
                     {% if isApacheStarting != true %}
                         {% if is_mastercontainer_update_available == true %}
-                            ⚠ A mastercontainer update is available. Please click on the button below to stop your containers in order to be able to update the mastercontainer.<br /><br />
+                            ⚠️ A mastercontainer update is available. Please click on the button below to stop your containers in order to be able to update the mastercontainer.<br /><br />
                             {% if current_channel starts with 'latest' %}
                                 You can find the changelog <a href="https://github.com/nextcloud/all-in-one/releases/latest"><b>here</b></a><br><br>
                             {% elseif current_channel starts with 'beta' %}
@@ -259,7 +260,7 @@
                             Clicking on the button below will download all docker containers and start them. This can take a lot of time depending on your internect connection. Since the overall size is a few GB, this will take around 5-10 min or more. So be aware and patient!<br><br>
                         {% endif %}
                         {% if is_mastercontainer_update_available == true %}
-                            ⚠ A mastercontainer update is available. Please click on the button below to update it.<br><br>
+                            ⚠️ A mastercontainer update is available. Please click on the button below to update it.<br><br>
                             <form method="POST" action="/api/docker/watchtower" class="xhr">
                                 <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
                                 <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
@@ -297,7 +298,7 @@
                             The folder path that you enter must start with <b>/</b> and must <b>not</b> end with <b>/</b>.<br><br>
                             An example for Linux is <b>/mnt/backup</b>.<br>
                             For macOS it may be <b>/var/backup</b>.<br>
-                            On Windows it might be <b>/host_mnt/c/backup</b>. (This Windows example would be equivalent to 'C:\backup' on the Windows host. So you need to translate the path that you want to use into the correct format.)<br><br>
+                            On Windows it must be <b>nextcloud_aio_backupdir</b>. You need to create the 'nextcloud_aio_backupdir' volume beforehand by following this documentation: <a href="https://github.com/nextcloud/all-in-one#how-to-run-it-on-windows"><b>click here</b></a><br><br>
                     {% endif %}
 
                     {% if borg_backup_host_location != "" %}
@@ -358,7 +359,7 @@
                                         <input class="button" type="submit" value="Restore selected backup" onclick="return confirm('Restore the selected backup? Are you sure that you want to restore the selected backup? This will stop all running containers and restore the selected backup. It is recommended to create a backup first. You might also want to check the backup integrity.')" />
                                     </form>
 
-                                    <h3>Daily backup</h3>
+                                    <h3>Daily backup and automatic updates</h3>
                                     {% if daily_backup_time == "" %}
                                         By entering a time below, you can enable daily backups. It will create them at the entered time in 24h format. E.g. <b>04:00</b> will create backups at 4 am UTC and <b>16:00</b> at 4 pm UTC.<br><br/>
                                         <form method="POST" action="/api/configuration" class="xhr">
@@ -398,7 +399,7 @@
                                 <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
                                 <input class="button" type="submit" value="Submit" />
                             </form>
-                            The new password needs to be at least 24 characters long. Allowed characters are the <a href="https://en.wikipedia.org/wiki/Latin_alphabet#/media/File:Abecedarium.png"><b>latin characters</b></a> <b>a-z</b>, <b>A-Z</b>, <b>0-9</b> and <b>spaces</b>.
+                            The new password needs to be at least 24 characters long. Allowed characters are the <a href="https://en.wikipedia.org/wiki/Latin_alphabet#/media/File:Abecedarium.png"><b>latin characters</b></a> <b>a-z</b>, <b>A-Z</b>, <b>0-9</b> and <b>spaces</b>.<br><br>
                         {% endif %}
                     {% endif %}
                 {% endif %}
@@ -443,6 +444,34 @@
                         <script type="text/javascript" src="disable-talk.js"></script>
                         <script type="text/javascript" src="disable-collabora.js"></script>
                     {% endif %}
+
+                    <h2>Timezone change</h2>
+                    {% if isAnyRunning == true %}
+                        {% if timezone != "" %}
+                            The timezone for Nextcloud is currently set to <b>{{ timezone }}</b>.<br><br>
+                        {% endif %}
+                        <b>Note:</b> You can change the timezone when your containers are stopped.<br><br>
+                    {% else %}
+                        {% if timezone == "" %}
+                            In order to get the correct time values for certain Nextcloud features, it makes sense to set the timezone for Nextcloud to the one that your users mainly use. Please note that this setting does not apply to the mastercontainer and any backup option.<br><br>
+                            You can configure the timezone for Nextcloud below:<br><br>
+                            <form method="POST" action="/api/configuration" class="xhr">
+                                <input type="text" name="timezone" placeholder="Europe/Berlin" />
+                                <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
+                                <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
+                                <input class="button" type="submit" value="Submit" />
+                            </form>
+                            You need to make sure that the timezone that you enter is valid. An example is <b>Europe/Berlin</b>. You can get valid values by looking at the 'TZ database name' column of this list: <a href="https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List"><b>click here</b></a>.<br><br>
+                        {% else %}
+                            The timezone for Nextcloud is currently set to <b>{{ timezone }}</b>. You can reset the timezone again by clicking on the button below.<br><br/>
+                            <form method="POST" action="/api/configuration" class="xhr">
+                                <input type="hidden" name="delete_timezone" value="yes"/>
+                                <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
+                                <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
+                                <input class="button" type="submit" value="Reset the timezone" />
+                            </form>
+                        {% endif %}
+                    {% endif %}
                 {% endif %}
             {% endif %}
         {% endif %}

readme.md

@@ -17,8 +17,8 @@ The following instructions are especially meant for Linux. For macOS see [this](
     curl -fsSL get.docker.com | sudo sh
     ```
 
-2. Run the following command in order to start the container:<br>
-    (For people that cannot use ports 80 and/or 443 on this server, please follow [this documentation](https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md). Otherwise please run the command below!)
+2. Run the command below in order to start the container:<br><br>
+    (For people that cannot use ports 80 and/or 443 on this server, please follow the [reverse proxy documentation](https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md) because port 443 is used by this project and opened on the host by default even though it does not look like this is the case. Otherwise please run the command below!)
     ```
     # For x64 CPUs:
     sudo docker run -it \
@@ -50,8 +50,8 @@ The following instructions are especially meant for Linux. For macOS see [this](
     </details>
 
 3. After the initial startup, you should be able to open the Nextcloud AIO Interface now on port 8080 of this server.<br>
-E.g. `https://ip.address.of.this.server:8080`<br>
-If your firewall/router has port 80 and 8443 open and you point a domain to your server, you can get a valid certificate automatially by opening the Nextcloud AIO Interface via:<br>
+E.g. `https://ip.address.of.this.server:8080`<br><br>
+If your firewall/router has port 80 and 8443 open and you point a domain to your server, you can get a valid certificate automatically by opening the Nextcloud AIO Interface via:<br>
 `https://your-domain-that-points-to-this-server.tld:8443`
 4. Please do not forget to open port `3478/TCP` and `3478/UDP` in your firewall/router for the Talk container!
 
@@ -63,7 +63,7 @@ Nextcloud AIO is inspired by projects like Portainer that manage the docker daem
 Yes. Please refer to the following documentation on this: [reverse-proxy.md](https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md)
 
 ### Which ports are mandatory to be open in your firewall/router?
-Only those (if you acces the Mastercontainer Interface internally via port 8080):
+Only those (if you access the Mastercontainer Interface internally via port 8080):
 - `443/TCP` for the Apache container
 - `3478/TCP` and `3478/UDP` for the Talk container
 
@@ -79,8 +79,6 @@ On macOS, there is one specialty in comparison to Linux: instead of using `--vol
 
 ### How to run it on Windows?
 On Windows, the following command should work after you installed [Docker Desktop](https://www.docker.com/products/docker-desktop/):
-<details>
-<summary>Click here to show it</summary>
 
 ```
 docker run -it ^
@@ -94,9 +92,26 @@ docker run -it ^
 nextcloud/all-in-one:latest
 ```
 
-**Please note:** AIO works on Windows in general but due to a bug in `Docker for Windows`, it currently does not support mounting directories from the host into AIO which means that `NEXTCLOUD_DATADIR`, `NEXTCLOUD_MOUNT` do not work and the built-in backup solution is not able to write to the host OS. See https://github.com/nextcloud/all-in-one/discussions/600.
+**Please note:** In order to make the built-in backup solution able to back up to the host system, you need to create a volume with the name `nextcloud_aio_backupdir` beforehand:
+```
+docker volume create ^
+--driver local ^
+--name nextcloud_aio_backupdir ^
+-o device="/host_mnt/c/your/backup/path" ^
+-o type="none" ^
+-o o="bind"
+```
+(The value `/host_mnt/c/your/backup/path` in this example would be equivalent to `C:\your\backup\path` on the Windows host. So you need to translate the path that you want to use into the correct format.) ⚠️️ **Attention**: Make sure that the path exists on the host before you create the volume! Otherwise everything will bug out!
 
-</details>
+### How to resolve firewall problems with Fedora Linux, RHEL OS, CentOS, SUSE Linux and others?
+It is known that Linux distros that use [firewalld](https://firewalld.org) as their firewall daemon have problems with docker networks. In case the containers are not able to communicate with each other, you may change your firewalld to use the iptables backend by running:
+```
+sudo sed -i 's/FirewallBackend=nftables/FirewallBackend=iptables/g' /etc/firewalld/firewalld.conf
+sudo systemctl restart firewalld docker
+```
+Afterwards it should work.<br>
+
+See https://dev.to/ozorest/fedora-32-how-to-solve-docker-internal-network-issue-22me for more details on this. This limitation is even mentioned on the official firewalld website: https://firewalld.org/#who-is-using-it
 
 ### How to run `occ` commands?
 Simply run the following: `sudo docker exec -it nextcloud-aio-nextcloud php occ your-command`. Of course `your-command` needs to be exchanged with the command that you want to run.
@@ -120,6 +135,23 @@ Additionally, there is a cronjob that runs once a day that checks for container
 ### How to easily log in to the AIO interface?
 If your Nextcloud is running and you are logged in as admin in your Nextcloud, you can easily log in to the AIO interface by opening `https://yourdomain.tld/settings/admin/overview` which will show a button on top that enables you to log in to the AIO interface by just clicking on this button. **Note:** You can change the domain/ip-address/port of the button by simply stopping the containers, visiting the AIO interface from the correct and desired domain/ip-address/port and clicking once on `Start containers`.
 
+### How to properly reset the instance?
+If something goes unexpected routes during the initial installation, you might want to reset the AIO installation to be able to start from scratch.
+
+**Please note**: if you already have it running and have data on your instance, you should not follow these instructions as it will delete all data that is coupled to your AIO instance.
+
+Here is how to reset the AIO instance properly:
+1. Stop all containers if they are running from the AIO interface
+1. Stop the mastercontainer with `sudo docker stop nextcloud-aio-mastercontainer`
+1. If the domaincheck container is still running, stop it with `sudo docker stop nextcloud-aio-domaincheck`
+1. Check which containers are stopped: `sudo docker ps --filter "status=exited"`
+1. Now remove all these stopped containers with `sudo docker container prune`
+1. Delete the docker network with `sudo docker network rm nextcloud-aio`
+1. Check which volumes are dangling with `sudo docker volume ls --filter "dangling=true"`
+1. Now remove all these dangling volumes: `sudo docker volume prune` (on Windows you might need to remove some volumes afterwards manually with `docker volume rm nextcloud_aio_backupdir`, `docker volume rm nextcloud_aio_nextcloud_datadir`)
+1. Optional: You can remove all docker images with `sudo docker image prune -a`.
+1. And you are done! Now feel free to start over with the recommended docker run command!
+
 ### Backup solution
 Nextcloud AIO provides a local backup solution based on [BorgBackup](https://github.com/borgbackup/borg#what-is-borgbackup). These backups act as a local restore point in case the installation gets corrupted. 
 
@@ -278,40 +310,49 @@ fi
 
 </details>
 
-You can simply copy and past the script into a file e.g. named `backup-script.sh` e.g. here: `/root/backup-script.sh`. Do not forget to modify the variables to your needings though!
+You can simply copy and past the script into a file e.g. named `backup-script.sh` e.g. here: `/root/backup-script.sh`. Do not forget to modify the variables to your requirements!
 
-Afterwards apply the correct permissions with `sudo chown root:root /root/backup-script.sh` and `sudo chmod 700 /root/backup-script.sh`. Then you can create a cronjob that runs e.g. at `20:00` each week on sundays like this: 
+Afterwards apply the correct permissions with `sudo chown root:root /root/backup-script.sh` and `sudo chmod 700 /root/backup-script.sh`. Then you can create a cronjob that runs e.g. at `20:00` each week on Sundays like this: 
 1. Open the cronjob with `sudo crontab -u root -e` (and choose your editor of choice if not already done. I'd recommend nano). 
-1. Add the following new line to the crontab if not alreaddy present: `0 20 * * 7 /root/backup-script.sh` which will run the script at 20:00 on sundays each week. 
-1. save and close the crontab (when using nano are the shortcouts for this `Ctrl + o` -> `Enter` and close the editor with `Ctrl + x`).
+1. Add the following new line to the crontab if not already present: `0 20 * * 7 /root/backup-script.sh` which will run the script at 20:00 on Sundays each week. 
+1. save and close the crontab (when using nano are the shortcuts for this `Ctrl + o` -> `Enter` and close the editor with `Ctrl + x`).
 
-⚠ **Attention:** Make sure that the execution of the script does not collidate with the daily backups from AIO (if configured) since the target backup repository might get into an inconsistent state. (There is no check in place that checks this.)
+⚠️ **Attention:** Make sure that the execution of the script does not collide with the daily backups from AIO (if configured) since the target backup repository might get into an inconsistent state. (There is no check in place that checks this.)
 
 ### How to change the default location of Nextcloud's Datadir?
 You can configure the Nextcloud container to use a specific directory on your host as data directory. You can do so by adding the environmental variable `NEXTCLOUD_DATADIR` to the initial startup of the mastercontainer. Allowed values for that variable are strings that start with `/` and are not equal to `/`.
 
 - An example for Linux is `-e NEXTCLOUD_DATADIR="/mnt/ncdata"`.
 - On macOS it might be `-e NEXTCLOUD_DATADIR="/var/nextcloud-data"`
-- For Synology it may be `/volume1/docker/nextcloud/data`. 
-- On Windows it might be `-e NEXTCLOUD_DATADIR="/host_mnt/c/your/data/path"` (This Windows example would be equivalent to `C:\your\data\path` on the Windows host. So you need to translate the path that you want to use into the correct format.) 
+- For Synology it may be `-e NEXTCLOUD_DATADIR="/volume1/docker/nextcloud/data"`. 
+- On Windows it must be `-e NEXTCLOUD_DATADIR="nextcloud_aio_nextcloud_datadir"`. In order to use this, you need to create the `nextcloud_aio_nextcloud_datadir` volume beforehand:
+    ```
+    docker volume create ^
+    --driver local ^
+    --name nextcloud_aio_nextcloud_datadir ^
+    -o device="/host_mnt/c/your/data/path" ^
+    -o type="none" ^
+    -o o="bind"
+    ```
+    (The value `/host_mnt/c/your/data/path` in this example would be equivalent to `C:\your\data\path` on the Windows host. So you need to translate the path that you want to use into the correct format.) ⚠️️ **Attention**: Make sure that the path exists on the host before you create the volume! Otherwise everything will bug out!
 
-⚠ Please make sure to apply the correct permissions to the chosen directory before starting Nextcloud the first time (not needed on Windows). 
+⚠️ Please make sure to apply the correct permissions to the chosen directory before starting Nextcloud the first time (not needed on Windows). 
 
-- In this example for Linux, the command for this would be `sudo chown -R 33:0 /mnt/ncdata`. 
-- On macOS, the command for this would be `sudo chown -R 33:0 /var/nextcloud-data`.
-- For Synology, the command for this example would be `sudo chown -R 33:0 /volume1/docker/nextcloud/data` 
+- In this example for Linux, the command for this would be `sudo chown -R 33:0 /mnt/ncdata` and `sudo chmod -R 750 /mnt/ncdata`. 
+- On macOS, the command for this would be `sudo chown -R 33:0 /var/nextcloud-data` and `sudo chmod -R 750 /var/nextcloud-data`.
+- For Synology, the command for this example would be `sudo chown -R 33:0 /volume1/docker/nextcloud/data` and `sudo chmod -R 750 /volume1/docker/nextcloud/data`
 - On Windows, this command is not needed.
 
-⚠ **Attention:** It is very important to change the datadir **before** Nextcloud is installed/started the first time and not to change it afterwards!
+⚠️ **Attention:** It is very important to change the datadir **before** Nextcloud is installed/started the first time and not to change it afterwards!
 
 ### How to allow the Nextcloud container to access directories on the host?
 By default, the Nextcloud container is confined and cannot access directories on the host OS. You might want to change this when you are planning to use local external storage in Nextcloud to store some files outside the data directory and can do so by adding the environmental variable `NEXTCLOUD_MOUNT` to the initial startup of the mastercontainer. Allowed values for that variable are strings that start with `/` and are not equal to `/`.
 
 - Two examples for Linux are `-e NEXTCLOUD_MOUNT="/mnt/"` and `-e NEXTCLOUD_MOUNT="/media/"`.
-- For Synology it may be `/volume1/`.
-- On Windows it might be `-e NEXTCLOUD_MOUNT="/host_mnt/c"` (This Windows example would be equivalent to `C:\` on the Windows host. So you need to translate the path that you want to use into the correct format.) 
+- For Synology it may be `-e NEXTCLOUD_MOUNT="/volume1/"`.
+- On Windows is this option not supported.
 
-After using this option, please make sure to apply the correct permissions to the directories that you want to use in Nextcloud (not needed on Windows). E.g. `sudo chown -R 33:0 /mnt/your-drive-mountpoint` should make it work on Linux when you have used `-e NEXTCLOUD_MOUNT="/mnt/"`. 
+After using this option, please make sure to apply the correct permissions to the directories that you want to use in Nextcloud. E.g. `sudo chown -R 33:0 /mnt/your-drive-mountpoint` and `sudo chmod -R 750 /mnt/your-drive-mountpoint` should make it work on Linux when you have used `-e NEXTCLOUD_MOUNT="/mnt/"`. 
 
 You can then navigate to the apps management page, activate the external storage app, navigate to `https://your-nc-domain.com/settings/admin/externalstorages` and add a local external storage directory that will be accessible inside the container at the same place that you've entered. E.g. `/mnt/your-drive-mountpoint` will be mounted to `/mnt/your-drive-mountpoint` inside the container, etc. 
 
@@ -323,7 +364,7 @@ When your containers run for a few days without a restart, the container logs th
 ### Access/Edit Nextcloud files/folders manually
 The files and folders that you add to Nextcloud are by default stored in the following directory: `/var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/` on the host. If needed, you can modify/add/delete files/folders there but **ATTENTION**: be very careful when doing so because you might corrupt your AIO installation! Best is to create a backup using the built-in backup solution before editing/changing files/folders in there because you will then be able to restore your instance to the backed up state.
 
-After you are done modifying/adding/deleting files/folders, don't forget to apply the correct permissions by running: `sudo chown -R 33:0 /var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/*` and rescan the files with `sudo docker exec -it nextcloud-aio-nextcloud php occ files:scan --all`.
+After you are done modifying/adding/deleting files/folders, don't forget to apply the correct permissions by running: `sudo chown -R 33:0 /var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/*` and `sudo chmod -R 750 /var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/*` and rescan the files with `sudo docker exec -it nextcloud-aio-nextcloud php occ files:scan --all`.
 
 ### How to store the files/installation on a separate drive?
 You can move the whole docker library and all its files including all Nextcloud AIO files and folders to a separate drive by first mounting the drive in the host OS (NTFS is not supported) and then following this tutorial: https://www.guguweb.com/2019/02/07/how-to-move-docker-data-directory-to-another-location-on-ubuntu/<br>
@@ -333,7 +374,7 @@ You can move the whole docker library and all its files including all Nextcloud
 You can edit Nextclouds config.php file directly from the host with your favorite text editor. E.g. like this: `sudo nano /var/lib/docker/volumes/nextcloud_aio_nextcloud/_data/config/config.php`. Make sure to not break the file though which might corrupt your Nextcloud instance otherwise. In best case, create a backup using the built-in backup solution before editing the file.
 
 ### Custom skeleton directory
-If you want to define a custom skeleton directory, you can do so by putting your skeleton files into `/var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/skeleton/`, applying the correct permissions with `sudo chown -R 33:0 /var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/skeleton` and setting the skeleton directory option with `sudo docker exec -it nextcloud-aio-nextcloud php occ config:system:set skeletondirectory --value="/mnt/ncdata/skeleton"`. You can read further on this option here: [click here](https://docs.nextcloud.com/server/stable/admin_manual/configuration_server/config_sample_php_parameters.html?highlight=skeletondir#:~:text=adding%20%3Fdirect%3D1-,'skeletondirectory',-%3D%3E%20'%2Fpath%2Fto%2Fnextcloud)
+If you want to define a custom skeleton directory, you can do so by putting your skeleton files into `/var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/skeleton/`, applying the correct permissions with `sudo chown -R 33:0 /var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/skeleton` and and `sudo chmod -R 750 /var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/*` and setting the skeleton directory option with `sudo docker exec -it nextcloud-aio-nextcloud php occ config:system:set skeletondirectory --value="/mnt/ncdata/skeleton"`. You can read further on this option here: [click here](https://docs.nextcloud.com/server/stable/admin_manual/configuration_server/config_sample_php_parameters.html?highlight=skeletondir#:~:text=adding%20%3Fdirect%3D1-,'skeletondirectory',-%3D%3E%20'%2Fpath%2Fto%2Fnextcloud)
 
 ### LDAP
 It is possible to connect to an existing LDAP server. You need to make sure that the LDAP server is reachable from the Nextcloud container. Then you can enable the LDAP app and configure LDAP in Nextcloud manually. If you don't have a LDAP server yet, recommended is to use this docker container: https://hub.docker.com/r/osixia/openldap/. Make sure here as well that Nextcloud can talk to the LDAP server. The easiest way is by adding the LDAP docker container to the docker network `nextcloud-aio`. Then you can connect to the LDAP container by its name from the Nextcloud container. **Pro-tip**: You will probably find this app useful: https://apps.nextcloud.com/apps/ldap_write_support

reverse-proxy.md

@@ -1,4 +1,4 @@
-## Reverse Proxy Documentation
+# Reverse Proxy Documentation
 
 **Please note:** Publishing the AIO interface with a valid certificate to the public internet is **not** the goal of this documentation! Instead, the main goal is to publish Nextcloud with a valid certificate to the public internet which is **not** running inside the mastercontainer but in a different container! If you need a valid certificate for the AIO interface, see [point 3](#3-optional-get-a-valid-certificate-for-the-aio-interface). 
 
@@ -10,11 +10,11 @@ In order to run Nextcloud behind a reverse proxy, you need to specify the port t
 - Optional: get a valid certificate for the AIO interface! See [point 3](#3-optional-get-a-valid-certificate-for-the-aio-interface)
 - How to debug things? See [point 4](#4-how-to-debug-things)
 
-### 1. Add this to your reverse proxy config
+## 1. Add this to your reverse proxy config
 
 **Please note:** Since the Apache container gets spawned by the mastercontainer, there is **NO** way to provide custom docker labels or custom environmental variables for the Apache container. So please do not attempt to do this because you will fail! Only the documented way will work!
 
-#### Caddy
+### Caddy
 
 <details>
 
@@ -29,11 +29,11 @@ https://<your-nc-domain>:443 {
 }
 ```
 
-Of course you need to modify `<your-nc-domain>` to the domain on which you want to run Nextcloud. **Please note:** The above configuration will only work if your reverse proxy is running directly on the host that is running the docker daemon. If the reverse proxy is running in a docker container, you can use the `--network host` when starting the reverse proxy container in order to connect the reverse proxy container to the host network. If that is not an option for you, you can alternatively instead of `locahost` use the ip-address that is displayed after running the following command on the host OS: `ip a | grep "scope global" | head -1 | awk '{print $2}' | sed 's|/.*||'` (the command only works on Linux)
+Of course you need to modify `<your-nc-domain>` to the domain on which you want to run Nextcloud. **Please note:** The above configuration will only work if your reverse proxy is running directly on the host that is running the docker daemon. If the reverse proxy is running in a docker container, you can use the `--network host` option (or `network_mode: host` for docker-compose) when starting the reverse proxy container in order to connect the reverse proxy container to the host network. If that is not an option for you, you can alternatively instead of `locahost` use the ip-address that is displayed after running the following command on the host OS: `ip a | grep "scope global" | head -1 | awk '{print $2}' | sed 's|/.*||'` (the command only works on Linux)
 
 </details>
 
-#### Nginx
+### Nginx
 
 <details>
 
@@ -58,11 +58,11 @@ location / {
     }
 ```
 
-Of course you need to modify `<your-nc-domain>` to the domain on which you want to run Nextcloud. **Please note:** The above configuration will only work if your reverse proxy is running directly on the host that is running the docker daemon. If the reverse proxy is running in a docker container, you can use the `--network host` when starting the reverse proxy container in order to connect the reverse proxy container to the host network. If that is not an option for you, you can alternatively instead of `locahost` use the ip-address that is displayed after running the following command on the host OS: `ip a | grep "scope global" | head -1 | awk '{print $2}' | sed 's|/.*||'` (the command only works on Linux)
+Of course you need to modify `<your-nc-domain>` to the domain on which you want to run Nextcloud. **Please note:** The above configuration will only work if your reverse proxy is running directly on the host that is running the docker daemon. If the reverse proxy is running in a docker container, you can use the `--network host` option (or `network_mode: host` for docker-compose) when starting the reverse proxy container in order to connect the reverse proxy container to the host network. If that is not an option for you, you can alternatively instead of `locahost` use the ip-address that is displayed after running the following command on the host OS: `ip a | grep "scope global" | head -1 | awk '{print $2}' | sed 's|/.*||'` (the command only works on Linux)
 
 </details>
 
-#### Nginx-Proxy
+### Nginx-Proxy
 
 <details>
 
@@ -73,12 +73,31 @@ Unfortunately it is not possible to configure nginx-proxy in a way that works be
 If you really want to use AIO, we recommend you to switch to caddy. It is simply amazing!<br>
 Of course understandable if that is not possible for you.
 
-Apart from that, there is this idea: https://github.com/nextcloud/all-in-one/issues/557<br>
-Pull requests are very welcome!
+Apart from that, there is this: [manual-install](https://github.com/nextcloud/all-in-one/tree/main/manual-install)
 
 </details>
 
-#### Traefik 2
+### Nginx-Proxy-Manager
+
+<details>
+
+<summary>click here to expand</summary>
+
+See these screenshots for a working config:
+
+![image](https://user-images.githubusercontent.com/75573284/169556183-2999a733-de42-4008-af09-d4151719a474.png)
+
+![image](https://user-images.githubusercontent.com/75573284/169555356-71f32be5-99b5-43ea-8aa7-632c8ef8fad3.png)
+
+![image](https://user-images.githubusercontent.com/75573284/169557664-52db8713-f0ef-42ac-a161-de40280232a3.png)
+
+![image](https://user-images.githubusercontent.com/75573284/169555441-dd9a42f5-aea5-4082-8e26-7adcfa4e6cfa.png)
+
+Of course you need to modify `<your-nc-domain>` to the domain on which you want to run Nextcloud. Also change `<you>@<your-mail-provider-domain>` to a mail address of yours. **Please note:** The above configuration will only work if your reverse proxy is running directly on the host that is running the docker daemon. If the reverse proxy is running in a docker container, you can use the `--network host` option (or `network_mode: host` for docker-compose) when starting the reverse proxy container in order to connect the reverse proxy container to the host network. If that is not an option for you, you can alternatively instead of `localhost` use the ip-address that is displayed after running the following command on the host OS: `ip a | grep "scope global" | head -1 | awk '{print $2}' | sed 's|/.*||'` (the command only works on Linux)
+
+</details>
+
+### Traefik 2
 
 <details>
 
@@ -131,11 +150,21 @@ Pull requests are very welcome!
 
 ---
 
-Of course you need to modify `<your-nc-domain>` in the nextcloud.toml to the domain on which you want to run Nextcloud. **Please note:** The above configuration will only work if your reverse proxy is running directly on the host that is running the docker daemon. If the reverse proxy is running in a docker container, you can use the `--network host` when starting the reverse proxy container in order to connect the reverse proxy container to the host network. If that is not an option for you, you can alternatively instead of `locahost` use the ip-address that is displayed after running the following command on the host OS: `ip a | grep "scope global" | head -1 | awk '{print $2}' | sed 's|/.*||'` (the command only works on Linux)
+Of course you need to modify `<your-nc-domain>` in the nextcloud.toml to the domain on which you want to run Nextcloud. **Please note:** The above configuration will only work if your reverse proxy is running directly on the host that is running the docker daemon. If the reverse proxy is running in a docker container, you can use the `--network host` option (or `network_mode: host` for docker-compose) when starting the reverse proxy container in order to connect the reverse proxy container to the host network. If that is not an option for you, you can alternatively instead of `locahost` use the ip-address that is displayed after running the following command on the host OS: `ip a | grep "scope global" | head -1 | awk '{print $2}' | sed 's|/.*||'` (the command only works on Linux)
 
 </details>
 
-### 2. Use this startup command
+### Others
+
+<details>
+
+<summary>click here to expand</summary>
+
+Config examples for other reverse proxies are currently not documented. Pull requests are welcome!
+
+</details>
+
+## 2. Use this startup command
 
 After adjusting your reverse proxy config, use the following command to start AIO:<br>
 
@@ -190,16 +219,16 @@ nextcloud/all-in-one:latest
 
 </details>
 
-#### Inspiration for a docker-compose file
+### Inspiration for a docker-compose file
 
 Simply translate the docker run command into a docker-compose file. You can have a look at [this file](https://github.com/nextcloud/all-in-one/blob/main/docker-compose.yml) for some inspiration but you will need to modify it either way. You can find further examples here: https://github.com/nextcloud/all-in-one/discussions/588
 
 ---
 
-#### How to continue? 
+### How to continue? 
 After using the above command, you should be able to access the AIO Interface via `https://ip.address.of.the.host:8080`. Enter your domain that you've entered in the reverse proxy config and you should be done. Please do not forget to open port `3478/TCP` and `3478/UDP` in your firewall/router for the Talk container!
 
-### 3. Optional: get a valid certificate for the AIO interface
+## 3. Optional: get a valid certificate for the AIO interface
 
 If you want to also access your AIO interface publicly with a valid certificate, you can add e.g. the following config to your Caddyfile:
 
@@ -217,7 +246,7 @@ Of course you need to modify `<your-nc-domain>` in the nextcloud.toml to the dom
 
 Afterwards should the AIO interface be accessible via `https://ip.address.of.the.host:8443`. You can alternatively change the domain to a different subdomain by using `https://<your-alternative-domain>:443` instead of `https://<your-nc-domain>:8443` in the Caddyfile and use that to access the AIO interface.
 
-### 4. How to debug things?
+## 4. How to debug things?
 If something does not work, follow the steps below:
 1. Make sure to exactly follow the whole reverse proxy documentation step-for-step from top to bottom!
 1. Make sure that the reverse proxy is running on the host OS or if running in a container, connected to the host network. If that is not possible, substitute `localhost` in the default configurations by the ip-address that you can easily get when running the following command on the host OS: `ip a | grep "scope global" | head -1 | awk '{print $2}' | sed 's|/.*||'` (The command only works on Linux)

tests/QA/050-optional-addons.md

@@ -1,6 +1,6 @@
 # Optional addons
 
-- [ ] At the bottom of the page in the AIO interface, you should see the optional addons section
+- [ ] Close to the bottom of the page in the AIO interface, you should see the optional addons section
 - [ ] You should be able to change optional addons when containers are stopped and not change them when containers are running
 - [ ] Enabling either of the options should start a new container with the same or comparable name and should also list them in the containers section
 - [ ] After all containers are started with the new config active, you should verify that the options were automatically activated/deactivated.

tests/QA/060-environmental-variables.md

@@ -3,4 +3,6 @@
 - [ ] When starting the mastercontainer with `-e APACHE_PORT=11000` on a clean instance, the domaincheck container should be started with that same port published. That makes sure that also the Apache container will use that port later on. Using a value here that is not a port will not allow the mastercontainer to start correctly.
 - [ ] Make also sure that reverse proxies work by following https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md#reverse-proxy-documentation and following [001-initial-setup.md](./001-initial-setup.md) and [002-new-instance.md](./002-new-instance.md)
 - [ ] When starting the mastercontainer with `-e NEXTCLOUD_DATADIR="/mnt/testdata"` it should map that location from `/mnt/testdata` to `/mnt/ncdata` inside the Nextcloud container. Not having adjusted the permissions correctly before starting the Nextcloud container the first time will not allow the Nextcloud container to start correctly. See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir for allowed values.
-- [ ] When starting the mastercontainer with `-e NEXTCLOUD_MOUNT="/mnt/"` it should map `/mnt/` to `/mnt/` inside the Nextcloud container. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host for allowed values.
+- [ ] When starting the mastercontainer with `-e NEXTCLOUD_MOUNT="/mnt/"` it should map `/mnt/` to `/mnt/` inside the Nextcloud container. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host for allowed values.
+
+You can now continue with [070-timezone-change.md](./070-timezone-change.md)

tests/QA/070-timezone-change.md

@@ -0,0 +1,8 @@
+# Timezone change
+
+- [ ] At the very bottom of the page you should see the timezone change section
+- [ ] When the containers are stopped, you should be able to change it and set/reset it
+- [ ] If not already set, it should show an input field where you can enter a timezone
+- [ ] `Europe/Berlin` should be accepted, e.g. `Europe Berlin` not
+- [ ] When it is set, it should show that it is set to which timezone and display a button that allows to reset it again which does this on a press
+- [ ] When it is set, running `date` inside Nextcloud releated containers should return the correct timezone