fix database import

Signed-off-by: szaimen <szaimen@e.mail.de>

Containers/clamav/Dockerfile

@@ -1,5 +1,5 @@
 # Probably from this file: https://github.com/Cisco-Talos/clamav/blob/main/Dockerfile
-FROM clamav/clamav:0.104.2-3
+FROM clamav/clamav:0.105.0
 
 RUN apk add --update --no-cache tzdata
 COPY clamav.conf /tmp/

Containers/domaincheck/Dockerfile

@@ -1,4 +1,4 @@
-FROM alpine:3.15.4
+FROM alpine:3.16.1
 RUN apk add --update --no-cache lighttpd bash
 
 RUN adduser -S www-data -G www-data

Containers/nextcloud/Dockerfile

@@ -1,5 +1,5 @@
 # From https://github.com/nextcloud/docker/blob/master/23/fpm-alpine/Dockerfile
-FROM php:8.0.21-fpm-alpine3.15
+FROM php:8.0.21-fpm-alpine3.16
 
 # Custom: change id of www-data user as it needs to be the same like on old installations
 RUN set -ex; \
@@ -104,8 +104,7 @@ RUN { \
 
 VOLUME /var/www/html
 
-
-ENV NEXTCLOUD_VERSION 23.0.6
+ENV NEXTCLOUD_VERSION 24.0.3
 
 RUN set -ex; \
     apk add --no-cache --virtual .fetch-deps \

Containers/postgresql/Dockerfile

@@ -1,7 +1,7 @@
 # From https://github.com/docker-library/postgres/blob/master/13/alpine/Dockerfile
 FROM postgres:14.4-alpine
 
-RUN apk add --update --no-cache bash openssl shadow netcat-openbsd
+RUN apk add --update --no-cache bash openssl shadow netcat-openbsd grep
 
 # We need to use the same gid and uid as on old installations
 RUN set -ex; \

Containers/postgresql/start.sh

@@ -39,7 +39,7 @@ if ( [ -f "$DATADIR/PG_VERSION" ] && [ "$PG_MAJOR" != "$(cat "$DATADIR/PG_VERSIO
     # If database export was unsuccessful, skip update 
     if [ -f "$DUMP_DIR/export.failed" ]; then
         echo "Database export failed the last time. Most likely was the export time not high enough."
-        echo "Plese report this to https://github.com/nextcloud/all-in-one/issues. Thanks!"
+        echo "Please report this to https://github.com/nextcloud/all-in-one/issues. Thanks!"
         exit 1
     fi
 
@@ -64,12 +64,21 @@ if ( [ -f "$DATADIR/PG_VERSION" ] && [ "$PG_MAJOR" != "$(cat "$DATADIR/PG_VERSIO
         sleep 5
     done
 
-    # Set correct permissions
-    if grep -q "Owner: oc_admin" "$DUMP_FILE" && ! grep -q "Owner: oc_$POSTGRES_USER" "$DUMP_FILE"; then
-        OC_ADMIN_EXISTS=1
+    # Check if the line we grep for later on is there
+    GREP_STRING='Name: oc_appconfig; Type: TABLE; Schema: public; Owner:'
+    if ! grep -q "$GREP_STRING" "$DUMP_FILE"; then
+        echo "The needed oc_appconfig line is not there which is unexpected."
+        echo "Please report this to https://github.com/nextcloud/all-in-one/issues. Thanks!"
+        exit 1
+    fi
+
+    # Get the Owner
+    DB_OWNER="$(grep "$GREP_STRING" "$DUMP_FILE" | grep -oP 'Owner:.*$' | sed 's|Owner:||;s| ||g')"
+    if [ "$DB_OWNER" != "oc_$POSTGRES_USER" ]; then
+        DIFFERENT_DB_OWNER=1
         psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
-            CREATE USER oc_admin WITH PASSWORD '$POSTGRES_PASSWORD' CREATEDB;
-            ALTER DATABASE "$POSTGRES_DB" OWNER TO oc_admin;
+            CREATE USER "$DB_OWNER" WITH PASSWORD '$POSTGRES_PASSWORD' CREATEDB;
+            ALTER DATABASE "$POSTGRES_DB" OWNER TO "$DB_OWNER";
 EOSQL
     fi
 
@@ -78,10 +87,10 @@ EOSQL
     psql "$POSTGRES_DB" -U "$POSTGRES_USER" < "$DUMP_FILE"
 
     # Correct permissions
-    if [ -n "$OC_ADMIN_EXISTS" ]; then
+    if [ -n "$DIFFERENT_DB_OWNER" ]; then
         psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
             ALTER DATABASE "$POSTGRES_DB" OWNER TO "oc_$POSTGRES_USER";
-            REASSIGN OWNED BY oc_admin TO "oc_$POSTGRES_USER";
+            REASSIGN OWNED BY "$DB_OWNER" TO "oc_$POSTGRES_USER";
 EOSQL
     fi
 

Containers/watchtower/Dockerfile

@@ -1,7 +1,7 @@
 # From https://github.com/containrrr/watchtower/blob/main/dockerfiles/Dockerfile.self-contained
 FROM containrrr/watchtower:1.4.0 as watchtower
 
-FROM alpine:3.15.4
+FROM alpine:3.16.1
 
 RUN apk add --update --no-cache bash
 COPY --from=watchtower /watchtower /

app/appinfo/info.xml

@@ -5,7 +5,7 @@
 	<name>Nextcloud All In One</name>
 	<summary>Provides a login link for admins.</summary>
 	<description>Add a link to the admin settings that gives access to the Nextcloud All In One admin interface</description>
-	<version>0.1.0</version>
+	<version>0.2.0</version>
 	<licence>agpl</licence>
 	<author>Azul</author>
 	<namespace>AllInOne</namespace>
@@ -13,7 +13,7 @@
 	<category>monitoring</category>
 	<bugs>https://github.com/nextcloud/all-in-one/issues</bugs>
 	<dependencies>
-		<nextcloud min-version="22" max-version="23"/>
+		<nextcloud min-version="23" max-version="24"/>
 	</dependencies>
 
 	<settings>

docker-compose.yml

@@ -23,6 +23,7 @@ services:
       # - NEXTCLOUD_DATADIR=/mnt/ncdata # Allows to set the host directory for Nextcloud's datadir. See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir
       # - NEXTCLOUD_MOUNT=/mnt/ # Allows the Nextcloud container to access the chosen directory on the host. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host
       # - DOCKER_SOCKET_PATH=/var/run/docker.sock # Needs to be specified if the docker socket on the host is not located in the default '/var/run/docker.sock'. Otherwise mastercontainer updates will fail.
+      # - DISABLE_BACKUP_SECTION=true # Setting this to true allows to hide the backup section in the AIO interface.
 
   # # Optional: Caddy reverse proxy. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
   # # You can find further examples here: https://github.com/nextcloud/all-in-one/discussions/588

docker-rootless.md

@@ -6,6 +6,7 @@ You can run AIO with docker rootless by following the steps below.
 1. Install docker rootless by following the official documentation: https://docs.docker.com/engine/security/rootless/#install. The easiest way is installing it **Without packages** (`curl -fsSL https://get.docker.com/rootless | sh`). Further limitations, distribution specific hints, etc. are discussed on the same site. Also do not forget to enable the systemd service, which may not be enabled always by default. See https://docs.docker.com/engine/security/rootless/#usage. (`systemctl --user enable docker`)
 1. If you need ipv6 support, you should enable it by following https://docs.docker.com/config/daemon/ipv6/. The daemon.json file is most likely stored in `~/.config/docker/daemon.json`.
 1. Do not forget to set the mentioned environmental variables and in best case add them to your `~/.bashrc` file as shown!
+1. Also do not forget to run `loginctl enable-linger USERNAME` (and substitute USERNAME with the correct one) in order to make sure that user services are automatically started after every reboot.
 1. Expose the privileged ports by following https://docs.docker.com/engine/security/rootless/#exposing-privileged-ports. (`sudo setcap cap_net_bind_service=ep $(which rootlesskit); systemctl --user restart docker`)
 1. Use the official AIO startup command but use `--volume $XDG_RUNTIME_DIR/docker.sock:/var/run/docker.sock:ro` instead of `--volume /var/run/docker.sock:/var/run/docker.sock:ro` and also add `-e DOCKER_SOCKET_PATH=$XDG_RUNTIME_DIR/docker.sock` to the initial container startup (which is needed for mastercontainer updates to work correctly).
 1. Now everything should work like without docker rootless. You can consider using docker-compose for this or running it behind a reverse proxy. Basically the only thing that needs to be adjusted always in the startup command or docker-compose file (after installing docker rootles) are things that are mentioned in point 3.

local-instance.md

@@ -0,0 +1,16 @@
+# Local instance
+It is possible due to several reasons that you do not want or cannot open Nextcloud to the public internet. However AIO usually requires a valid certificate to work correctly. Below is discussed how you can achieve both: Having a valid certificate for Nextcloud and only using it locally.
+
+## 1. The recommended way
+The recommended way is the following:
+1. Set up your domain correctly to point to your home network
+1. Set up a reverse proxy by following the [reverse proxy documentation](./reverse-proxy.md) but only open port 80 (which is needed for the ACME challenge to work - however no real traffic will use this port).
+1. Set up a local DNS-server like a pi-hole and configure it to be your local DNS-server for the whole network. Then in the Pi-hole interface, add a custom DNS-record for your domain and overwrite the A-record (and possibly the AAAA-record, too) to point to the local ip-address of your reverse proxy 
+1. Enter the the ip-address of your local dns-server in the deamon.json file for docker so that you are sure that all docker containers use the correct local dns-server.
+1. Now, entering the domain in the AIO-interface should work as expected and should allow you to continue with the setup
+
+## 2. Use the ACME DNS-challenge
+You can alternatively use the ACME DNS-challenge to get a valid certificate for Nextcloud. Here is described how to set it up: https://github.com/nextcloud/all-in-one#how-to-get-nextcloud-running-using-the-acme-dns-challenge
+
+## 3. Use Cloudflare
+If you do not have any contol over the network, you may think about using Cloudflare Argo Tunnel to get a valid certificate for your Nextcloud. However it will be opened to the public internet then. See https://github.com/nextcloud/all-in-one#how-to-run-nextcloud-behind-a-cloudflare-argo-tunnel how to set this up.

manual-install/latest-arm64.yml

@@ -73,7 +73,7 @@ services:
       - COLLABORA_ENABLED=${COLLABORA_ENABLED}
       - COLLABORA_HOST=nextcloud-aio-collabora
       - TALK_ENABLED=${TALK_ENABLED}
-      - DAILY_BACKUP_RUNNING=${DAILY_BACKUP_RUNNING}
+      - UPDATE_NEXTCLOUD_APPS=${UPDATE_NEXTCLOUD_APPS}
       - TZ=${TIMEZONE}
       - TALK_PORT=${TALK_PORT}
     stop_grace_period: 10s

manual-install/latest.yml

@@ -81,7 +81,7 @@ services:
       - COLLABORA_HOST=nextcloud-aio-collabora
       - TALK_ENABLED=${TALK_ENABLED}
       - ONLYOFFICE_HOST=nextcloud-aio-onlyoffice
-      - DAILY_BACKUP_RUNNING=${DAILY_BACKUP_RUNNING}
+      - UPDATE_NEXTCLOUD_APPS=${UPDATE_NEXTCLOUD_APPS}
       - TZ=${TIMEZONE}
       - TALK_PORT=${TALK_PORT}
     stop_grace_period: 10s

manual-install/sample.conf

@@ -4,7 +4,6 @@ APACHE_PORT=443          # Changing this to a different value than 443 will allo
 CLAMAV_ENABLED=no          # Setting this to "yes" enables the option in Nextcloud automatically.
 COLLABORA_DICTIONARIES=de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru        # You can change this in order to enable other dictionaries for collabora
 COLLABORA_ENABLED=yes          # Setting this to "yes" enables the option in Nextcloud automatically.
-DAILY_BACKUP_RUNNING=no          # When setting to yes, it will automatically update all installed Nextcloud apps upon container startup.
 DATABASE_PASSWORD=          # TODO! This needs to be a unique and good password!
 JANUS_API_KEY=          # TODO! This needs to be a unique and good password!
 NC_DOMAIN=yourdomain.com          # TODO! Needs to be changed to the domain that you want to use for Nextcloud.
@@ -19,3 +18,4 @@ TALK_ENABLED=yes          # Setting this to "yes" enables the option in Nextclou
 TALK_PORT=3478          # This allows to adjust the port that the talk container is using.
 TIMEZONE=Europe/Berlin          # TODO! This is the timezone that your containers will use.
 TURN_SECRET=          # TODO! This needs to be a unique and good password!
+UPDATE_NEXTCLOUD_APPS=no          # When setting to yes, it will automatically update all installed Nextcloud apps upon container startup on saturdays.

manual-install/update-yaml.sh

@@ -62,7 +62,7 @@ sed -i 's|COLLABORA_ENABLED=no|COLLABORA_ENABLED=yes|' sample.conf
 sed -i 's|COLLABORA_DICTIONARIES=|COLLABORA_DICTIONARIES=de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru        # You can change this in order to enable other dictionaries for collabora|' sample.conf
 sed -i 's|NEXTCLOUD_DATADIR=|NEXTCLOUD_DATADIR=nextcloud_aio_nextcloud_data          # You can change this to e.g. "/mnt/ncdata" to map it to a location on your host. It needs to be adjusted before the first startup and never afterwards!|' sample.conf
 sed -i 's|NEXTCLOUD_MOUNT=|NEXTCLOUD_MOUNT=/mnt/          # This allows the Nextcloud container to access directories on the host. It must never be equal to the value of NEXTCLOUD_DATADIR!|' sample.conf
-sed -i 's|UPDATE_NEXTCLOUD_APPS=|UPDATE_NEXTCLOUD_APPS=no          # When setting to yes, it will automatically update all installed Nextcloud apps upon container startup.|' sample.conf
+sed -i 's|UPDATE_NEXTCLOUD_APPS=|UPDATE_NEXTCLOUD_APPS=no          # When setting to yes, it will automatically update all installed Nextcloud apps upon container startup on saturdays.|' sample.conf
 sed -i 's|APACHE_PORT=|APACHE_PORT=443          # Changing this to a different value than 443 will allow you to run it behind a reverse proxy.|' sample.conf
 sed -i 's|TALK_PORT=|TALK_PORT=3478          # This allows to adjust the port that the talk container is using.|' sample.conf
 sed -i 's|AIO_TOKEN=|AIO_TOKEN=123456          # Has no function but needs to be set!|' sample.conf

migration.md

@@ -19,8 +19,7 @@ The procedure for migrating only the files works like this:
 1. Run `sudo docker exec -it nextcloud-aio-nextcloud php occ files:scan-app-data && sudo docker exec -it nextcloud-aio-nextcloud php occ files:scan --all` in order to scan all files in the datadirectory.
 
 ## Migrate the files and the database
-**Please note**: this is much more complicated than migrating only the files and also not as failproof so be warned!<br>
-Also, you will currently not be able to use local external storage in Nextcloud AIO since that is not supported, yet. See https://github.com/nextcloud/all-in-one/issues/76
+**Please note**: this is much more complicated than migrating only the files and also not as failproof so be warned!
 
 The procedure for migrating the files and the database works like this:
 1. Make sure that your old instance is on exactly the same version like the version used in Nextcloud AIO. (e.g. 23.0.0) You can find the used version here: [click here](https://github.com/nextcloud/all-in-one/search?l=Dockerfile&q=NEXTCLOUD_VERSION&type=). If not, simply upgrade your former installation to that version or wait until the version used in Nextcloud AIO got updated to the same version of your former installation or the other way around.
@@ -70,13 +69,12 @@ The procedure for migrating the files and the database works like this:
     sudo rm /var/lib/docker/volumes/nextcloud_aio_database_dump/_data/database-dump.sql
     sudo cp database-dump.sql /var/lib/docker/volumes/nextcloud_aio_database_dump/_data/
     sudo chmod 777 /var/lib/docker/volumes/nextcloud_aio_database_dump/_data/database-dump.sql
-    sudo rm -r /var/lib/docker/volumes/nextcloud_aio_database/_data/*
+    sudo rm /var/lib/docker/volumes/nextcloud_aio_database_dump/_data/initial-cleanup-done
     ```
 1. If the commands above were executed successfully, restore the datadirectory of your former instance into the following directory: `/var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/`
 1. Next, run `sudo chown -R 33:0 /var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/*` and `sudo chmod -R 750 /var/lib/docker/volumes/nextcloud_aio_nextcloud_data/_data/*`to apply the correct permissions
 1. Edit the Nextcloud AIO config.php file that is stored in `/var/lib/docker/volumes/nextcloud_aio_nextcloud/_data/config/config.php` and modify only `passwordsalt`, `secret`, `instanceid` and set it to the old values that you used on your old installation. If you are brave, feel free to modify further values e.g. add your old LDAP config or S3 storage config. (Some things like Mail server config can be added back using Nextcloud's webinterface later on).
 1. When you are done and saved your changes to the file, finally start the containers again and wait until all containers are running.
-1. Now run `sudo docker exec -it nextcloud-aio-nextcloud php occ maintenance:data-fingerprint`.
 1. As last step, install all apps again that were installed before on your old instance by using the webinterface.
 
 Now the whole Nextcloud instance should work again.<br>

multiple-instances.md

@@ -0,0 +1,19 @@
+# Multiple AIO instances
+It is possible to run multiple instances of AIO on one server.
+
+There are two ways to achieve this: The normal way is creating multiple VMs, installing AIO in [reverse proxy mode](./reverse-proxy.md) in each of them and having one reverse proxy in front of them that points to each VM (you also need to use a different `TALK_PORT` for each of them). The second and more advanced way is creating multiple users on the server and using docker rootless for each of them in order to install multiple instances on the same server. 
+
+Below is described more in detail how the the second way works.
+
+## Run multiple AIO instances on the same server with docker rootless
+1. Create as many linux users as you need first. The easiest way is to use `sudo adduser` and follow the setup for that. Make sure to create a strong unique password for each of them and write it down!
+1. Log in as each of the users e.g. by opening a new SSH connection and install docker rootless for each of them by following step 0-4 of the [docker rootless documentation](./docker-rootless.md).
+1. Then install AIO in reverse proxy mode by using the command that is descriebed in step 2 and 3 of the [reverse proxy documentation](./reverse-proxy.md) but use a different `APACHE_PORT` and `TALK_PORT` for each instance as otherwise it will bug out. Also make sure to adjust the docker socket and `DOCKER_SOCKET_PATH` correctly for each of them by following step 6 of the [docker rootless documentation](./docker-rootless.md). Additionally, modify `-p 8080:8080` to a different port for each container, e.g. `8081:8080` as otherwise it will not work.<br>
+**⚠️ Please note:** If you want to adjust the `NEXTCLOUD_DATADIR`, make sure to apply the correct permissions to the chosen path as documented at the bottom of the [docker rootless documentation](./docker-rootless.md). Also for the built-in backup to work, the target path needs to have the correct permissions as documented there, too.
+1. Now install your webserver of choice on the host system. It is recommended to use caddy for this as it is by far the easiest solution. You can do so by following https://caddyserver.com/docs/install#debian-ubuntu-raspbian or below. (It needs to be installed directly on the host or on a different server in the same network).
+1. Next create your Caddyfile with multiple entries and domains for the different instances like described in step 1 of the [reverse proxy documentation](./reverse-proxy.md). Obviously each domain needs to point correctly to the chosen `APACHE_PORT` that you've configured before. Then start Caddy which should automatically get the needed certificates for you if your domains are configured correctly and ports 80 and 443 are forwarded to your server.
+1. Now open each of the AIO interfaces by opening `https://ip.address.of.this.server:8080` or e.g. `https://ip.address.of.this.server:8081` or as chosen during step 3 of this documentation. 
+1. Finally type in the domain that you've configured for each of the instances during step 5 of this documentation and you are done.
+1. Please also do not forget to open each chosen `TALK_PORT` UPD and TCP in your firewall/router as otherwise Talk will not work correctly!
+
+Now everything should be set up correctly and you should have created multiple working instances of AIO on the same server!

php/public/index.php

@@ -101,6 +101,7 @@ $app->get('/containers', function ($request, $response, $args) use ($container)
         'talk_port' => $configurationManager->GetTalkPort(),
         'collabora_dictionaries' => $configurationManager->GetCollaboraDictionaries(),
         'automatic_updates' => $configurationManager->areAutomaticUpdatesEnabled(),
+        'is_backup_section_enabled' => $configurationManager->isBackupSectionEnabled(),
     ]);
 })->setName('profile');
 $app->get('/login', function ($request, $response, $args) use ($container) {

php/src/Data/ConfigurationManager.php

@@ -624,4 +624,19 @@ class ConfigurationManager
         $defaultValue = '';
         return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue);
     }
+
+    private function GetDisableBackupSection() : string {
+        $envVariableName = 'DISABLE_BACKUP_SECTION';
+        $configName = 'disable_backup_section';
+        $defaultValue = '';
+        return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue);
+    }
+
+    public function isBackupSectionEnabled() : bool {
+        if ($this->GetDisableBackupSection() === 'true') {
+            return false;
+        } else {
+            return true;
+        }
+    }
 }

php/templates/containers.twig

@@ -16,7 +16,7 @@
     </header>
 
     <div class="content">
-        <h1>Nextcloud AIO v1.6.0</h1>
+        <h1>Nextcloud AIO v1.7.0</h1>
 
         {% set isAnyRunning = false %}
         {% set isAnyRestarting = false %}
@@ -151,7 +151,7 @@
                             The folder path that you enter must start with <b>/</b> and must <b>not</b> end with <b>/</b>.<br><br>
                             An example for Linux is <b>/mnt/backup</b>.<br>
                             For macOS it may be <b>/var/backup</b>.<br>
-                            On Windows it must be <b>nextcloud_aio_backupdir</b>. You need to create the 'nextcloud_aio_backupdir' volume beforehand by following this documentation: <a href="https://github.com/nextcloud/all-in-one#how-to-run-it-on-windows"><b>click here</b></a><br><br>
+                            On Windows it must be <b>nextcloud_aio_backupdir</b>. You need to create the 'nextcloud_aio_backupdir' volume beforehand by following this documentation: <a href="https://github.com/nextcloud/all-in-one#how-to-run-aio-on-windows"><b>click here</b></a><br><br>
                             ⚠️ Note that the backup archive must be located in a subfolder of the folder that you enter here and the subfolder which contains the archive must be named 'borg'. Otherwise will the backup container not find the backup archive!<br><br>
                         {% endif %}
                     {% else %}
@@ -293,117 +293,125 @@
 
                 {% if was_start_button_clicked == true %}
 
-                    {% if is_backup_container_running == false and borg_backup_host_location == "" and isApacheStarting != true %}
+                    {% if is_backup_section_enabled == false %}
                         <h2>Backup and restore</h2>
-                        Please type in the directory where backups will get created on the host system:<br><br>
-                        <form method="POST" action="/api/configuration" class="xhr">
-                            <input type="text" name="borg_backup_host_location" placeholder="/mnt/backup"/>
-                            <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
-                            <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
-                            <input class="button" type="submit" value="Submit" />
-                        </form>
+                        The backup section is disabled via environmental variable.<br><br>
+                    {% else %}
+                        {% if is_backup_container_running == false and borg_backup_host_location == "" and isApacheStarting != true %}
+                            <h2>Backup and restore</h2>
+                            Please type in the directory where backups will get created on the host system:<br><br>
+                            <form method="POST" action="/api/configuration" class="xhr">
+                                <input type="text" name="borg_backup_host_location" placeholder="/mnt/backup"/>
+                                <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
+                                <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
+                                <input class="button" type="submit" value="Submit" />
+                            </form>
                             The folder path that you enter must start with <b>/</b> and must <b>not</b> end with <b>/</b>.<br><br>
                             An example for Linux is <b>/mnt/backup</b>.<br>
                             For macOS it may be <b>/var/backup</b>.<br>
-                            On Windows it must be <b>nextcloud_aio_backupdir</b>. You need to create the 'nextcloud_aio_backupdir' volume beforehand by following this documentation: <a href="https://github.com/nextcloud/all-in-one#how-to-run-it-on-windows"><b>click here</b></a><br><br>
+                            On Windows it must be <b>nextcloud_aio_backupdir</b>. You need to create the 'nextcloud_aio_backupdir' volume beforehand by following this documentation: <a href="https://github.com/nextcloud/all-in-one#how-to-run-aio-on-windows"><b>click here</b></a><br><br>
+                        {% endif %}
                     {% endif %}
 
-                    {% if borg_backup_host_location != "" %}
-                        {% if is_backup_container_running == false %}
-                            <h2>Backup and restore</h2>
-                            {% if backup_exit_code > 0 %}
-                                <span class="status error"></span> Last {{ borg_backup_mode }} failed! (<a href="/api/docker/logs?id=nextcloud-aio-borgbackup">Logs</a>)<br /><br />
-                                {% if has_backup_run_once == false %}
-                                    You may change the backup path again since the initial backup was not successful. After submitting the new value, you need to click on 'Create Backup' for testing the new value.<br /><br />
-                                    <form method="POST" action="/api/configuration" class="xhr">
-                                        <input type="text" value="{{borg_backup_host_location}}" name="borg_backup_host_location" placeholder="/mnt/backup"/>
-                                        <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
-                                        <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
-                                        <input class="button" type="submit" value="Submit" />
-                                    </form>
-                                {% endif %}
-                            {% elseif backup_exit_code == 0 %}
-                                {% if borg_backup_mode == "backup" %}
-                                    <span class="status success"></span> Last {{ borg_backup_mode }} successful on {{ last_backup_time }} UTC! (<a href="/api/docker/logs?id=nextcloud-aio-borgbackup">Logs</a>)<br /><br />
-                                {% else %}
-                                    <span class="status success"></span> Last {{ borg_backup_mode }} successful! (<a href="/api/docker/logs?id=nextcloud-aio-borgbackup">Logs</a>)<br /><br />
-                                {% endif %}
-                            {% endif %}
-                        {% endif %}
+                    {% if is_backup_section_enabled == true %}
 
-                        {% if is_backup_container_running == false and isApacheStarting == false %}
-                            {% if has_backup_run_once == true %}
-                                <details>
-                                <summary>Click here to reveal all backup options (it also includes an option for automatic updates)</summary><br />
-                            {% endif %}
-                            <h3>Backup information</h3>
-                            This is your encryption password for backups: <b>{{ borgbackup_password }}</b><br /><br/>
-                            Please save it at a safe place since you won't be able to restore from backup if you loose this password! <br /><br/>
-                            Backed up will get all important data of your Nextcloud AIO instance like the database, your files and configuration files of the mastercontainer and else. <br /><br/>
-                            The backup itself will use a tool that is called <a href="https://github.com/borgbackup/borg#what-is-borgbackup"><b>BorgBackup</b><a/> which is a well-known server backup tool that efficiently backs up your files and encrypts them on the fly. <br /><br/>
-                            Backups get created in the following directory on the host: <b>{{ borg_backup_host_location }}/borg</b> <br /><br/>
-                            Be aware that this solution does not back up files and folders that are mounted into Nextcloud using the external storage app.
-
-                            {% if isApacheStarting != true %}
-                                <h3>Backup creation</h3>
-                                Clicking on the button below will create a backup.<br><br/>
-                                <form method="POST" action="/api/docker/backup" class="xhr">
-                                    <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
-                                    <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
-                                    <input class="button" type="submit" value="Create backup" onclick="return confirm('Create backup? Are you sure that you want to create a backup? This will stop all running containers and create the backup.')" />
-                                </form>
-
-                                {% if has_backup_run_once == true %}
-                                    <h3>Backup check</h3>
-                                    Click on the button below to perform a backup integrity check. This is an option that verifies that your backup is intact but it should't be needed in most situtations.<br><br/>
-                                    <form method="POST" action="/api/docker/backup-check" class="xhr">
-                                        <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
-                                        <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
-                                        <input class="button" type="submit" value="Check backup integrity" onclick="return confirm('Check backup integrity? Are you sure that you want to check the backup? This can take a long time depending on the size of your backup.')" /><br/>
-                                    </form>
-
-                                    <h3>Backup restore</h3>
-                                    Choose the backup that you want to restore and click on the button below to restore the selected backup. This will overwrite all your files with the state of the backup so you should consider creating a backup first. It also makes sense to run an integrity check before restoring your files but is not mandatory since it shouldn't be needed in most situations.<br><br>
-                                    <form method="POST" action="/api/docker/restore" class="xhr" id="restore_selection">
-                                        <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
-                                        <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
-                                        <select id="selected_restore_time" name="selected_restore_time" form="restore_selection">
-                                            {% for restore_time in backup_times %}
-                                                <option value="{{ restore_time }}">{{ restore_time }} UTC</option>
-                                            {% endfor %}
-                                        </select>
-                                        <input class="button" type="submit" value="Restore selected backup" onclick="return confirm('Restore the selected backup? Are you sure that you want to restore the selected backup? This will stop all running containers and restore the selected backup. It is recommended to create a backup first. You might also want to check the backup integrity.')" />
-                                    </form>
-
-                                    <h3>Daily backup and automatic updates</h3>
-                                    {% if daily_backup_time == "" %}
-                                        By entering a time below, you can enable daily backups. It will create them at the entered time in 24h format. E.g. <b>04:00</b> will create backups at 4 am UTC and <b>16:00</b> at 4 pm UTC.<br><br/>
+                        {% if borg_backup_host_location != "" %}
+                            {% if is_backup_container_running == false %}
+                                <h2>Backup and restore</h2>
+                                {% if backup_exit_code > 0 %}
+                                    <span class="status error"></span> Last {{ borg_backup_mode }} failed! (<a href="/api/docker/logs?id=nextcloud-aio-borgbackup">Logs</a>)<br /><br />
+                                    {% if has_backup_run_once == false %}
+                                        You may change the backup path again since the initial backup was not successful. After submitting the new value, you need to click on 'Create Backup' for testing the new value.<br /><br />
                                         <form method="POST" action="/api/configuration" class="xhr">
-                                            <input type="text" name="daily_backup_time" value="04:00" placeholder="04:00"/>
+                                            <input type="text" value="{{borg_backup_host_location}}" name="borg_backup_host_location" placeholder="/mnt/backup"/>
                                             <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
                                             <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
-                                            <input class="button" type="submit" value="Submit" /><br>
-                                            <input type="checkbox" id="automatic_updates" name="automatic_updates" checked="checked"><label for="automatic_updates">Automatically update all containers, the mastercontainer and on saturdays your Nextcloud apps</label><br>
+                                            <input class="button" type="submit" value="Submit" />
                                         </form>
+                                    {% endif %}
+                                {% elseif backup_exit_code == 0 %}
+                                    {% if borg_backup_mode == "backup" %}
+                                        <span class="status success"></span> Last {{ borg_backup_mode }} successful on {{ last_backup_time }} UTC! (<a href="/api/docker/logs?id=nextcloud-aio-borgbackup">Logs</a>)<br /><br />
                                     {% else %}
-                                        Daily backups will be created at <b>{{ daily_backup_time }} UTC</b> which includes a notification about the result of the backup.
-                                        {% if automatic_updates == true %}
-                                            Also your containers, the mastercontainer and on saturdays your Nextcloud apps will be automatically updated. 
-                                        {% endif %}
-                                        You can disable this option again by clicking on the button below.<br><br/>
-                                        <form method="POST" action="/api/configuration" class="xhr">
-                                            <input type="hidden" name="delete_daily_backup_time" value="yes"/>
-                                            <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
-                                            <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
-                                            <input class="button" type="submit" value="Disable daily backups" />
-                                        </form>
+                                        <span class="status success"></span> Last {{ borg_backup_mode }} successful! (<a href="/api/docker/logs?id=nextcloud-aio-borgbackup">Logs</a>)<br /><br />
                                     {% endif %}
                                 {% endif %}
                             {% endif %}
-                            {% if has_backup_run_once == false %}
-                                <br /><br />
-                            {% else %}
-                                </details><br /><br />
+
+                            {% if is_backup_container_running == false and isApacheStarting == false %}
+                                {% if has_backup_run_once == true %}
+                                    <details>
+                                    <summary>Click here to reveal all backup options (it also includes an option for automatic updates)</summary><br />
+                                {% endif %}
+                                <h3>Backup information</h3>
+                                This is your encryption password for backups: <b>{{ borgbackup_password }}</b><br /><br/>
+                                Please save it at a safe place since you won't be able to restore from backup if you loose this password! <br /><br/>
+                                Backed up will get all important data of your Nextcloud AIO instance like the database, your files and configuration files of the mastercontainer and else. <br /><br/>
+                                The backup itself will use a tool that is called <a href="https://github.com/borgbackup/borg#what-is-borgbackup"><b>BorgBackup</b><a/> which is a well-known server backup tool that efficiently backs up your files and encrypts them on the fly. <br /><br/>
+                                Backups get created in the following directory on the host: <b>{{ borg_backup_host_location }}/borg</b> <br /><br/>
+                                Be aware that this solution does not back up files and folders that are mounted into Nextcloud using the external storage app.
+
+                                {% if isApacheStarting != true %}
+                                    <h3>Backup creation</h3>
+                                    Clicking on the button below will create a backup.<br><br/>
+                                    <form method="POST" action="/api/docker/backup" class="xhr">
+                                        <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
+                                        <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
+                                        <input class="button" type="submit" value="Create backup" onclick="return confirm('Create backup? Are you sure that you want to create a backup? This will stop all running containers and create the backup.')" />
+                                    </form>
+
+                                    {% if has_backup_run_once == true %}
+                                        <h3>Backup check</h3>
+                                        Click on the button below to perform a backup integrity check. This is an option that verifies that your backup is intact but it should't be needed in most situtations.<br><br/>
+                                        <form method="POST" action="/api/docker/backup-check" class="xhr">
+                                            <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
+                                            <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
+                                            <input class="button" type="submit" value="Check backup integrity" onclick="return confirm('Check backup integrity? Are you sure that you want to check the backup? This can take a long time depending on the size of your backup.')" /><br/>
+                                        </form>
+
+                                        <h3>Backup restore</h3>
+                                        Choose the backup that you want to restore and click on the button below to restore the selected backup. This will overwrite all your files with the state of the backup so you should consider creating a backup first. It also makes sense to run an integrity check before restoring your files but is not mandatory since it shouldn't be needed in most situations.<br><br>
+                                        <form method="POST" action="/api/docker/restore" class="xhr" id="restore_selection">
+                                            <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
+                                            <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
+                                            <select id="selected_restore_time" name="selected_restore_time" form="restore_selection">
+                                                {% for restore_time in backup_times %}
+                                                    <option value="{{ restore_time }}">{{ restore_time }} UTC</option>
+                                                {% endfor %}
+                                            </select>
+                                            <input class="button" type="submit" value="Restore selected backup" onclick="return confirm('Restore the selected backup? Are you sure that you want to restore the selected backup? This will stop all running containers and restore the selected backup. It is recommended to create a backup first. You might also want to check the backup integrity.')" />
+                                        </form>
+
+                                        <h3>Daily backup and automatic updates</h3>
+                                        {% if daily_backup_time == "" %}
+                                            By entering a time below, you can enable daily backups. It will create them at the entered time in 24h format. E.g. <b>04:00</b> will create backups at 4 am UTC and <b>16:00</b> at 4 pm UTC.<br><br/>
+                                            <form method="POST" action="/api/configuration" class="xhr">
+                                                <input type="text" name="daily_backup_time" value="04:00" placeholder="04:00"/>
+                                                <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
+                                                <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
+                                                <input class="button" type="submit" value="Submit" /><br>
+                                                <input type="checkbox" id="automatic_updates" name="automatic_updates" checked="checked"><label for="automatic_updates">Automatically update all containers, the mastercontainer and on saturdays your Nextcloud apps</label><br>
+                                            </form>
+                                        {% else %}
+                                            Daily backups will be created at <b>{{ daily_backup_time }} UTC</b> which includes a notification about the result of the backup.
+                                            {% if automatic_updates == true %}
+                                                Also your containers, the mastercontainer and on saturdays your Nextcloud apps will be automatically updated. 
+                                            {% endif %}
+                                            You can disable this option again by clicking on the button below.<br><br/>
+                                            <form method="POST" action="/api/configuration" class="xhr">
+                                                <input type="hidden" name="delete_daily_backup_time" value="yes"/>
+                                                <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
+                                                <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
+                                                <input class="button" type="submit" value="Disable daily backups" />
+                                            </form>
+                                        {% endif %}
+                                    {% endif %}
+                                {% endif %}
+                                {% if has_backup_run_once == false %}
+                                    <br /><br />
+                                {% else %}
+                                    </details><br /><br />
+                                {% endif %}
                             {% endif %}
                         {% endif %}
                     {% endif %}

php/templates/login.twig

@@ -11,7 +11,7 @@
                     <input type="text" autocomplete="off" name="password" placeholder="Password" />
                     <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
                     <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
-                    <input type="submit" class="button" value="Login" />
+                    <input type="submit" class="button" value="Log in" />
                 </form>
             {% else %}
                 <p>The login is blocked since Nextcloud is running. Please use the automatic login from your Nextcloud.<br><br>

readme.md

@@ -11,7 +11,7 @@ Included are:
 - ClamAV
 
 ## How to use this?
-The following instructions are especially meant for Linux. For macOS see [this](#how-to-run-it-on-macos), for Windows see [this](#how-to-run-it-on-windows).
+The following instructions are especially meant for Linux. For macOS see [this](#how-to-run-aio-on-macos), for Windows see [this](#how-to-run-aio-on-windows).
 1. Install Docker on your Linux installation using:
     ```
     curl -fsSL get.docker.com | sudo sh
@@ -74,10 +74,10 @@ Only those (if you access the Mastercontainer Interface internally via port 8080
 - `443/TCP`: will be used by the Apache container later on and needs to be open in your firewall/router
 - `3478/TCP` and `3478/UDP`: will be used by the Turnserver inside the Talk container and needs to be open in your firewall/router
 
-### How to run it on macOS?
+### How to run AIO on macOS?
 On macOS, there are two things different in comparison to Linux: instead of using `--volume /var/run/docker.sock:/var/run/docker.sock:ro`, you need to use `--volume /var/run/docker.sock.raw:/var/run/docker.sock:ro` to run it after you installed [Docker Desktop](https://www.docker.com/products/docker-desktop/). You also need to add `-e DOCKER_SOCKET_PATH="/var/run/docker.sock.raw"`to the startup command. Apart from that it should work and behave the same like on Linux.
 
-### How to run it on Windows?
+### How to run AIO on Windows?
 On Windows, the following command should work in the command prompt after you installed [Docker Desktop](https://www.docker.com/products/docker-desktop/):
 
 ```
@@ -103,12 +103,35 @@ docker volume create ^
 ```
 (The value `/host_mnt/c/your/backup/path` in this example would be equivalent to `C:\your\backup\path` on the Windows host. So you need to translate the path that you want to use into the correct format.) ⚠️️ **Attention**: Make sure that the path exists on the host before you create the volume! Otherwise everything will bug out!
 
-### How to run it with Portainer?
+Also, you may be interested in adjusting Nextcloud's Datadir to store the files on the host system. See [this documentation](https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir) on how to do it.
+
+### How to run AIO with Portainer?
 The easiest way to run it with Portainer on Linux is to use Portainer's stacks feature and use [this docker-compose file](./docker-compose.yml) in order to start AIO correctly. 
 
-### How to run it behind a Cloudflare Argo Tunnel?
+### How to run Nextcloud behind a Cloudflare Argo Tunnel?
 Although it does not seems like it is the case but from AIO perspective a Cloudflare Argo Tunnel works like a reverse proxy. So please follow the [reverse proxy documentation](./reverse-proxy.md) where is documented how to make it run behind a Cloudflare Argo Tunnel.
 
+### How to get Nextcloud running using the ACME DNS-challenge?
+You can install AIO in reverse proxy mode where is also documented how to get it running using the ACME DNS-challenge for getting a valid certificate for AIO. See the [reverse proxy documentation](./reverse-proxy.md). (Meant is the `Caddy with ACME DNS-challenge` section).
+
+### How to run Nextcloud locally?
+If you do not want to open Nextcloud to the public internet, you may have a look at the following documentation how to set it up locally: [local-instance.md](./local-instance.md)
+
+### Are self-signed certificates supported for Nextcloud?
+No and they will not be. If you want to run it locally, without opening Nextcloud to the public internet, please have a look at the [local instance documentation](./local-instance.md).
+
+### Can I use an ip-address for Nextcloud instead of a domain?
+No and it will not be added. If you only want to run it locally, you may have a look at the following documentation: [local-instance.md](./local-instance.md)
+
+### Are other ports than then default 443 for Nextcloud supported?
+No and they will not be. Please use a dedicated domain for Nextcloud and set it up correctly by following the [reverse proxy documentation](./reverse-proxy.md). If port 443 and/or 80 is blocked for you, you may use the ACME DNS-challenge or a Cloudflare Argo Tunnel.
+
+### Can I run Nextcloud in a subdirectory on my domain?
+No and it will not be added. Please use a dedicated domain for Nextcloud and set it up correctly by following the [reverse proxy documentation](./reverse-proxy.md).
+
+### How can I access Nextcloud locally?
+The recommended way is to set up a local dns-server like a pi-hole and set up a custom dns-record for that domain that points to the internal ip-adddress of your server that runs Nextcloud AIO.
+
 ### How to resolve firewall problems with Fedora Linux, RHEL OS, CentOS, SUSE Linux and others?
 It is known that Linux distros that use [firewalld](https://firewalld.org) as their firewall daemon have problems with docker networks. In case the containers are not able to communicate with each other, you may change your firewalld to use the iptables backend by running:
 ```
@@ -125,6 +148,9 @@ Simply run the following: `sudo docker exec -it nextcloud-aio-nextcloud php occ
 ### How to resolve `Security & setup warnings displays the "missing default phone region" after initial install`?
 Simply run the following command: `sudo docker exec -it nextcloud-aio-nextcloud php occ config:system:set default_phone_region --value="yourvalue"`. Of course you need to modify `yourvalue` based on your location. Examples are `DE`, `EN` and `GB`. See this list for more codes: https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements
 
+### How to run multiple AIO instances on one server?
+See [multiple-instances.md](./multiple-instances.md) for some documentation on this.
+
 ### Bruteforce protection FAQ
 Nextcloud features a built-in bruteforce protection which may get triggered and will block an ip-address or disable a user. You can unblock an ip-address by running `sudo docker exec -it nextcloud-aio-nextcloud php occ security:bruteforce:reset <ip-address>` and enable a disabled user by running `sudo docker exec -it nextcloud-aio-nextcloud php occ user:enable <name of user>`. See https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/occ_command.html#security for further information.
 
@@ -351,6 +377,9 @@ You can do so by running the `/daily-backup.sh` script that is stored in the mas
 
 One example for this would be `sudo docker exec -it nextcloud-aio-mastercontainer DAILY_BACKUP=1 /daily-backup.sh`, which you can run via a cronjob or put it in a script.
 
+### How to disable the backup section?
+If you already have a backup solution in place, you may want to hide the backup section. You can do so by adding `-e DISABLE_BACKUP_SECTION=true` to the initial startup of the mastercontainer.
+
 ### How to change the default location of Nextcloud's Datadir?
 You can configure the Nextcloud container to use a specific directory on your host as data directory. You can do so by adding the environmental variable `NEXTCLOUD_DATADIR` to the initial startup of the mastercontainer. Allowed values for that variable are strings that start with `/` and are not equal to `/`.
 
@@ -375,7 +404,7 @@ You can configure the Nextcloud container to use a specific directory on your ho
 - For Synology, the command for this example would be `sudo chown -R 33:0 /volume1/docker/nextcloud/data` and `sudo chmod -R 750 /volume1/docker/nextcloud/data`
 - On Windows, this command is not needed.
 
-⚠️ **Attention:** It is very important to change the datadir **before** Nextcloud is installed/started the first time and not to change it afterwards!
+⚠️ **Attention:** It is very important to change the datadir **before** Nextcloud is installed/started the first time and not to change it afterwards! If you still want to do it afterwards, see [this](https://github.com/nextcloud/all-in-one/discussions/890#discussioncomment-3089903) on how to do it.
 
 ### How to allow the Nextcloud container to access directories on the host?
 By default, the Nextcloud container is confined and cannot access directories on the host OS. You might want to change this when you are planning to use local external storage in Nextcloud to store some files outside the data directory and can do so by adding the environmental variable `NEXTCLOUD_MOUNT` to the initial startup of the mastercontainer. Allowed values for that variable are strings that start with `/` and are not equal to `/`.
@@ -429,6 +458,9 @@ If you want to use the user_sql app, the easiest way is to create an additional
 ### phpMyAdmin, Adminer or pgAdmin
 It is possible to install any of these to get a GUI for your AIO database. The pgAdmin container is recommended. You can get some docs on it here: https://www.pgadmin.org/docs/pgadmin4/latest/container_deployment.html. For the container to connect to the aio-database, you need to connect the container to the docker network `nextcloud-aio` and use `nextcloud-aio-database` as database host, `oc_nextcloud` as database username and the password that you get when running `sudo grep dbpassword /var/lib/docker/volumes/nextcloud_aio_nextcloud/_data/config/config.php` as the password. 
 
+### Mail server
+You can configure one yourself by using either of these three recommended projects: [Docker Mailserver](https://github.com/docker-mailserver/docker-mailserver/#docker-mailserver), [Maddy Mail Server](https://github.com/foxcpp/maddy#maddy-mail-server) or [Mailcow](https://github.com/mailcow/mailcow-dockerized#mailcow-dockerized-------). Docker Mailserver and Maddy Mail Server are probably a bit easier to set up as it is possible to run them using only one container but Mailcow has much more features.
+
 ### How to migrate from an already existing Nextcloud installation to Nextcloud AIO?
 Please see the following documentation on this: [migration.md](https://github.com/nextcloud/all-in-one/blob/main/migration.md)
 

reverse-proxy.md

@@ -90,6 +90,33 @@ https://<your-nc-domain>:443 {
 
 Of course you need to modify `<your-nc-domain>` to the domain on which you want to run Nextcloud. Also make sure to adjust the port 11000 to match the chosen APACHE_PORT. **Please note:** The above configuration will only work if your reverse proxy is running directly on the host that is running the docker daemon. If the reverse proxy is running in a docker container, you can use the `--network host` option (or `network_mode: host` for docker-compose) when starting the reverse proxy container in order to connect the reverse proxy container to the host network. If that is not an option for you, you can alternatively instead of `localhost` use the ip-address that is displayed after running the following command on the host OS: `ip a | grep "scope global" | head -1 | awk '{print $2}' | sed 's|/.*||'` (the command only works on Linux)
 
+**Advice:** You may have a look at [this](https://github.com/nextcloud/all-in-one/discussions/575#discussion-4055615) for a more complete example.
+
+</details>
+
+### Caddy with ACME DNS-challenge
+
+<details>
+
+<summary>click here to expand</summary>
+
+You can get AIO running using the ACME DNS-challenge. Here is how to do it.
+
+1. Follow [this documentation](https://caddy.community/t/how-to-use-dns-provider-modules-in-caddy-2/8148) in order to get a Caddy build that is compatible with your domain provider's DNS challenge.
+1. Add this to your Caddyfile:
+    ```
+    https://<your-nc-domain>:443 {
+        reverse_proxy localhost:11000
+        tls {
+            dns <provider> <key>
+        }
+    }
+    ```
+    Of course you need to modify `<your-nc-domain>` to the domain on which you want to run Nextcloud. You also need to adjust `<provider>` and `<key>` to match your case. Also make sure to adjust the port 11000 to match the chosen APACHE_PORT. **Please note:** The above configuration will only work if your reverse proxy is running directly on the host that is running the docker daemon. If the reverse proxy is running in a docker container, you can use the `--network host` option (or `network_mode: host` for docker-compose) when starting the reverse proxy container in order to connect the reverse proxy container to the host network. If that is not an option for you, you can alternatively instead of `localhost` use the ip-address that is displayed after running the following command on the host OS: `ip a | grep "scope global" | head -1 | awk '{print $2}' | sed 's|/.*||'` (the command only works on Linux)
+1. Now continue with [point 2](#2-use-this-startup-command) but additionally, add `-e SKIP_DOMAIN_VALIDATION=true` to the docker run command which will disable the dommain validation (because it is known that the domain validation will not when using the DNS-challenge since no port is publicly opened.
+
+**Advice:** In order to make it work in your home network, you may add the internal ipv4-address of your reverse proxy as A DNS-record to your domain and disable the dns-rebind-protection in your router. Another way it to set up a local dns-server like a pi-hole and set up a custom dns-record for that domain that points to the internal ip-adddress of your reverse proxy. If both is not possible, you may add the domain to the hosts file which is needed then for any devices that shall use the server.
+
 </details>
 
 ### Cloudflare Argo Tunnel
@@ -101,7 +128,7 @@ Of course you need to modify `<your-nc-domain>` to the domain on which you want
 Although it does not seems like it is the case but from AIO perspective a Cloudflare Argo Tunnel works like a reverse proxy. Here is how to make it work:
 
 1. Install the Cloudflare Argo Tunnel on the same machine where AIO will be running on and point the Argo Tunnel with the domain that you want to use for AIO to `http://localhost:11000`. If the Argo Tunnel is running on a different machine, you can alternatively instead of `localhost` use the ip-address that is displayed after running the following command on the host OS: `ip a | grep "scope global" | head -1 | awk '{print $2}' | sed 's|/.*||'` (the command only works on Linux)
-2. Now continue with [point 2](#2-use-this-startup-command) but additionally, add `-e SKIP_DOMAIN_VALIDATION=true` to the docker run command which will disable the dommain validation (because it is known that the domain validation will not work behind a Cloudflare Argo Tunnel). So you need to ensure yourself that you've configured everything correctly.
+1. Now continue with [point 2](#2-use-this-startup-command) but additionally, add `-e SKIP_DOMAIN_VALIDATION=true` to the docker run command which will disable the dommain validation (because it is known that the domain validation will not work behind a Cloudflare Argo Tunnel). So you need to ensure yourself that you've configured everything correctly.
 
 </details>
 
@@ -132,6 +159,8 @@ location / {
 
 Of course you need to modify `<your-nc-domain>` to the domain on which you want to run Nextcloud. Also make sure to adjust the port 11000 to match the chosen APACHE_PORT. **Please note:** The above configuration will only work if your reverse proxy is running directly on the host that is running the docker daemon. If the reverse proxy is running in a docker container, you can use the `--network host` option (or `network_mode: host` for docker-compose) when starting the reverse proxy container in order to connect the reverse proxy container to the host network. If that is not an option for you, you can alternatively instead of `localhost` use the ip-address that is displayed after running the following command on the host OS: `ip a | grep "scope global" | head -1 | awk '{print $2}' | sed 's|/.*||'` (the command only works on Linux)
 
+**Advice:** You may have a look at [this](https://github.com/nextcloud/all-in-one/discussions/588#discussioncomment-2811152) for a more complete example.
+
 </details>
 
 ### Nginx-Proxy
@@ -167,6 +196,8 @@ See these screenshots for a working config:
 
 Of course you need to modify `<your-nc-domain>` to the domain on which you want to run Nextcloud. Also change `<you>@<your-mail-provider-domain>` to a mail address of yours. Also make sure to adjust the port 11000 to match the chosen APACHE_PORT. **Please note:** The above configuration will only work if your reverse proxy is running directly on the host that is running the docker daemon. If the reverse proxy is running in a docker container, you can use the `--network host` option (or `network_mode: host` for docker-compose) when starting the reverse proxy container in order to connect the reverse proxy container to the host network. If that is not an option for you, you can alternatively instead of `localhost` use the ip-address that is displayed after running the following command on the host OS: `ip a | grep "scope global" | head -1 | awk '{print $2}' | sed 's|/.*||'` (the command only works on Linux)
 
+**Advice:** You may have a look at [this](https://github.com/nextcloud/all-in-one/discussions/588#discussioncomment-3040493) for a more complete example.
+
 </details>
 
 ### Traefik 2
@@ -270,7 +301,7 @@ nextcloud/all-in-one:latest-arm64
 
 </details>
 
-On macOS see https://github.com/nextcloud/all-in-one#how-to-run-it-on-macos.
+On macOS see https://github.com/nextcloud/all-in-one#how-to-run-aio-on-macos.
 
 <details>
 
@@ -300,7 +331,7 @@ After using the above command, you should be able to access the AIO Interface vi
 
 ## 3. If the reverse proxy is installed on the same host, you should configure the apache container to only listen on localhost.
 
-Use this envorinmental variable during the initial startup of the mastercontainer to make the apache container only listen on localhost: `-e APACHE_IP_BINDING=127.0.0.1`
+Use this envorinmental variable during the initial startup of the mastercontainer to make the apache container only listen on localhost: `-e APACHE_IP_BINDING=127.0.0.1`. **Attention:** This is only recommended to be set if you use `localhost` in your reverse proxy config to connect to your AIO instance. If you use an ip-address, you can either simply skip this step or set it to `0.0.0.0` if you are unsure what the correct value is.
 
 ## 4. Optional: get a valid certificate for the AIO interface
 

tests/QA/060-environmental-variables.md

@@ -8,5 +8,6 @@
 - [ ] When starting the mastercontainer with `-e NEXTCLOUD_DATADIR="/mnt/testdata"` it should map that location from `/mnt/testdata` to `/mnt/ncdata` inside the Nextcloud container. Not having adjusted the permissions correctly before starting the Nextcloud container the first time will not allow the Nextcloud container to start correctly. See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir for allowed values.
 - [ ] When starting the mastercontainer with `-e NEXTCLOUD_MOUNT="/mnt/"` it should map `/mnt/` to `/mnt/` inside the Nextcloud container. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host for allowed values.
 - [ ] When starting the mastercontainer with `-e DOCKER_SOCKET_PATH="/var/run/docker.sock.raw"` it should map `/var/run/docker.sock.raw` to `/var/run/docker.sock` inside the watchtower container which allow to update the mastercontainer on macos and with docker rootless.
+- [ ] When starting the mastercontainer with `-e DISABLE_BACKUP_SECTION=true` it should hide the backup section that gets shown after AIO is set up (everything of [020-backup-and-restore](./020-backup-and-restore.md)) and simply show that the backup section is disabled.
 
 You can now continue with [070-timezone-change.md](./070-timezone-change.md)