Merge pull request #1136 from nextcloud/enh/noid/add-tz-confirmation

add a confirmation for the timezone

.github/dependabot.yml

@@ -135,3 +135,24 @@ updates:
   labels:
   - 3. to review
   - dependencies
+- package-ecosystem: "docker"
+  directory: "/Containers/imaginary"
+  schedule:
+    interval: "daily"
+    time: "12:00"
+  open-pull-requests-limit: 10
+  labels:
+  - 3. to review
+  - dependencies
+- package-ecosystem: "docker"
+  directory: "/Containers/fulltextsearch"
+  schedule:
+    interval: "daily"
+    time: "12:00"
+  ignore:
+    - dependency-name: "elasticsearch"
+      update-types: ["version-update:semver-major"]
+  open-pull-requests-limit: 10
+  labels:
+  - 3. to review
+  - dependencies

.github/workflows/command-rebase.yml

@@ -0,0 +1,51 @@
+# This workflow is provided via the organization template repository
+#
+# https://github.com/nextcloud/.github
+# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
+
+name: Rebase command
+
+on:
+  issue_comment:
+    types: created
+
+permissions:
+  contents: read
+
+jobs:
+  rebase:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: none
+
+    # On pull requests and if the comment starts with `/rebase`
+    if: github.event.issue.pull_request != '' && startsWith(github.event.comment.body, '/rebase')
+
+    steps:
+      - name: Add reaction on start
+        uses: peter-evans/create-or-update-comment@v2
+        with:
+          token: ${{ secrets.COMMAND_BOT_PAT }}
+          repository: ${{ github.event.repository.full_name }}
+          comment-id: ${{ github.event.comment.id }}
+          reaction-type: "+1"
+
+      - name: Checkout the latest code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+          token: ${{ secrets.COMMAND_BOT_PAT }}
+
+      - name: Automatic Rebase
+        uses: cirrus-actions/rebase@1.7
+        env:
+          GITHUB_TOKEN: ${{ secrets.COMMAND_BOT_PAT }}
+
+      - name: Add reaction on failure
+        uses: peter-evans/create-or-update-comment@v2
+        if: failure()
+        with:
+          token: ${{ secrets.COMMAND_BOT_PAT }}
+          repository: ${{ github.event.repository.full_name }}
+          comment-id: ${{ github.event.comment.id }}
+          reaction-type: "-1"

.github/workflows/dependency-updates.yml

@@ -22,7 +22,7 @@ jobs:
         cd ./php
         composer update
         set +e
-        ALL_LINES="$(composer outdated | grep -v "psr/container")"
+        ALL_LINES="$(composer outdated | grep -v "psr/container\|^$\|Direct dependencies\|Everything up to date\|Transitive dependencies")"
         set -e
         while [ -n "$ALL_LINES" ]; do
           CURRENT_LINE="$(echo "$ALL_LINES" | head -1)"

Containers/apache/Dockerfile

@@ -1,7 +1,7 @@
 # Caddy is a requirement
 FROM caddy:2.5.2-alpine as caddy
 
-FROM debian:bullseye-20220801-slim
+FROM debian:bullseye-20220822-slim
 
 RUN mkdir -p /mnt/data; \
     chown www-data:www-data /mnt/data;
@@ -19,6 +19,7 @@ RUN set -ex; \
         openssl \
         netcat \
         dpkg-dev \
+        curl \
     ; \
     rm -rf /var/lib/apt/lists/*
 
@@ -60,8 +61,10 @@ RUN mkdir /var/log/supervisord; \
 COPY Caddyfile /
 
 COPY start.sh /usr/bin/
+COPY healthcheck.sh /usr/bin/
 COPY supervisord.conf /
 RUN chmod +x /usr/bin/start.sh; \
+    chmod +x /usr/bin/healthcheck.sh; \
     chmod +r /supervisord.conf; \
     chown www-data:www-data /Caddyfile; \
     chmod +r -R /etc/apache2
@@ -72,4 +75,6 @@ RUN echo "root:$(openssl rand -base64 12)" | chpasswd
 USER www-data
 
 ENTRYPOINT ["start.sh"]
-CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]
+CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]
+
+HEALTHCHECK CMD healthcheck.sh

Containers/apache/healthcheck.sh

@@ -0,0 +1,8 @@
+#!/bin/bash
+
+curl -skfI localhost:8000 || exit 1
+if [ "$APACHE_PORT" != '443' ]; then
+    curl -skfI localhost:"$APACHE_PORT" || exit 1
+else
+    curl -skfI https://"$NC_DOMAIN":"$APACHE_PORT" || exit 1
+fi

Containers/apache/nextcloud.conf

@@ -24,4 +24,7 @@ Listen 8000
     # Fix zero file sizes 
     # See https://github.com/nextcloud/server/issues/3056#issuecomment-954209565
     SetEnv proxy-sendcl 1
+
+    # See https://httpd.apache.org/docs/current/en/mod/core.html#limitrequestbody
+    LimitRequestBody 0
 </VirtualHost>

Containers/borgbackup/Dockerfile

@@ -1,4 +1,4 @@
-FROM debian:bullseye-20220801-slim
+FROM debian:bullseye-20220822-slim
 
 RUN set -ex; \
     \

Containers/borgbackup/backupscript.sh

@@ -87,10 +87,12 @@ if [ "$BORG_MODE" = backup ]; then
         # Don't initialize if already initialized
         if [ -f "/nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/borg.config" ]; then
             echo "Cannot initialize a new repository as that was already done at least one time."
+            echo "If you still want to do so, you may delete the 'borg.config' file that is stored in the mastercontainer volume manually, which will allow you to initialize a new borg repository in the chosen directory."
             exit 1
         fi
 
         echo "initializing repository..."
+        NEW_REPOSITORY=1
         if ! borg init --debug --encryption=repokey-blake2 "$BORG_BACKUP_DIRECTORY"; then
             echo "Could not initialize borg repository."
             rm -f "$BORG_BACKUP_DIRECTORY/config"
@@ -124,15 +126,19 @@ if [ "$BORG_MODE" = backup ]; then
     # Borg options
     # auto,zstd compression seems to has the best ratio based on:
     # https://forum.level1techs.com/t/optimal-compression-for-borg-backups/145870/6
-    BORG_OPTS=(--stats --progress --compression "auto,zstd" --exclude-caches --checkpoint-interval 86400)
+    BORG_OPTS=(--stats --compression "auto,zstd" --exclude-caches --checkpoint-interval 86400)
 
     # Create the backup
     echo "Starting the backup..."
     get_start_time
     if ! borg create "${BORG_OPTS[@]}" "$BORG_BACKUP_DIRECTORY::$CURRENT_DATE-nextcloud-aio" "/nextcloud_aio_volumes/"; then
         echo "Deleting the failed backup archive..."
-        borg delete --stats --progress "$BORG_BACKUP_DIRECTORY::$CURRENT_DATE-nextcloud-aio"
+        borg delete --stats "$BORG_BACKUP_DIRECTORY::$CURRENT_DATE-nextcloud-aio"
         echo "Backup failed!"
+        if [ "$NEW_REPOSITORY" = 1 ]; then
+            echo "Deleting borg.config file so that you can choose a different location for the backup."
+            rm "/nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/borg.config"
+        fi
         exit 1
     fi
 
@@ -140,7 +146,7 @@ if [ "$BORG_MODE" = backup ]; then
     rm -f "/nextcloud_aio_volumes/nextcloud_aio_nextcloud_data/skip.update"
 
     # Prune options
-    BORG_PRUNE_OPTS=(--stats --progress --keep-within=7d --keep-weekly=4 --keep-monthly=6 "$BORG_BACKUP_DIRECTORY")
+    BORG_PRUNE_OPTS=(--stats --keep-within=7d --keep-weekly=4 --keep-monthly=6 "$BORG_BACKUP_DIRECTORY")
 
     # Prune archives
     echo "Pruning the archives..."
@@ -149,6 +155,54 @@ if [ "$BORG_MODE" = backup ]; then
         exit 1
     fi
 
+    # Back up additional directories of the host
+    if [ "$ADDITIONAL_DIRECTORIES_BACKUP" = 'yes' ]; then
+        if [ -d "/docker_volumes/" ]; then
+            DOCKER_VOLUME_DIRS="$(find /docker_volumes -mindepth 1 -maxdepth 1 -type d)"
+            mapfile -t DOCKER_VOLUME_DIRS <<< "$DOCKER_VOLUME_DIRS"
+            for directory in "${DOCKER_VOLUME_DIRS[@]}"; do
+                if [ -z "$(ls -A "$directory")" ]; then
+                    echo "$directory is empty which is not allowed."
+                    exit 1
+                fi
+            done
+            if ! borg create "${BORG_OPTS[@]}" "$BORG_BACKUP_DIRECTORY::$CURRENT_DATE-additional-docker-volumes" "/docker_volumes/"; then
+                echo "Deleting the failed backup archive..."
+                borg delete --stats "$BORG_BACKUP_DIRECTORY::$CURRENT_DATE-additional-docker-volumes"
+                echo "Backup of additional docker-volumes failed!"
+                exit 1
+            fi
+
+            if ! borg prune --prefix '*_*-additional-docker-volumes' "${BORG_PRUNE_OPTS[@]}"; then
+                echo "Failed to prune additional docker-volumes archives!"
+                exit 1
+            fi
+        fi
+        if [ -d "/host_mounts/" ]; then
+            EXCLUDED_DIRECTORIES=(home/*/.cache root/.cache var/cache lost+found run var/run dev tmp sys proc)
+            # Exclude borg backup cache
+            EXCLUDED_DIRECTORIES+=(var/lib/docker/volumes/nextcloud_aio_backup_cache/_data)
+            # Exclude target directory
+            if [ -n "$BORGBACKUP_HOST_LOCATION" ] && [ "$BORGBACKUP_HOST_LOCATION" != "nextcloud_aio_backupdir" ]; then
+                EXCLUDED_DIRECTORIES+=("$BORGBACKUP_HOST_LOCATION")
+            fi
+            for directory in "${EXCLUDED_DIRECTORIES[@]}"
+            do
+                EXCLUDE_DIRS+=(--exclude "/host_mounts/$directory/")
+            done
+            if ! borg create "${BORG_OPTS[@]}" "${EXCLUDE_DIRS[@]}" "$BORG_BACKUP_DIRECTORY::$CURRENT_DATE-additional-host-mounts" "/host_mounts/"; then
+                echo "Deleting the failed backup archive..."
+                borg delete --stats "$BORG_BACKUP_DIRECTORY::$CURRENT_DATE-additional-host-mounts"
+                echo "Backup of additional host-mounts failed!"
+                exit 1
+            fi
+            if ! borg prune --prefix '*_*-additional-host-mounts' "${BORG_PRUNE_OPTS[@]}"; then
+                echo "Failed to prune additional host-mount archives!"
+                exit 1
+            fi
+        fi
+    fi
+
     # Inform user
     get_expiration_time
     echo "Backup finished successfully on $END_DATE_READABLE ($DURATION_READABLE)"
@@ -177,6 +231,16 @@ if [ "$BORG_MODE" = restore ]; then
         exit 1
     fi
 
+    # Save Additional Backup dirs
+    if [ -f "/nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/additional_backup_directories" ]; then
+        ADDITIONAL_BACKUP_DIRECTORIES="$(cat /nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/additional_backup_directories)"
+    fi
+
+    # Save daily backup time
+    if [ -f "/nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/daily_backup_time" ]; then
+        DAILY_BACKUPTIME="$(cat /nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/daily_backup_time)"
+    fi
+
     # Restore everything except the configuration file
     if ! rsync --stats --archive --human-readable -vv --delete \
     --exclude "nextcloud_aio_mastercontainer/session/"** \
@@ -227,6 +291,20 @@ if [ "$BORG_MODE" = restore ]; then
     CONTENTS="$(jq ".nextcloud_datadir = $NEXTCLOUD_DATADIR" /nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/configuration.json)"
     echo -E "${CONTENTS}" > /nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/configuration.json
 
+    # Reset the additional backup directories
+    if [ -n "$ADDITIONAL_BACKUP_DIRECTORIES" ]; then
+        echo "$ADDITIONAL_BACKUP_DIRECTORIES" > "/nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/additional_backup_directories"
+        chown 33:0 "/nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/additional_backup_directories"
+        chmod 770 "/nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/additional_backup_directories"
+    fi
+
+    # Reset the additional backup directories
+    if [ -n "$DAILY_BACKUPTIME" ]; then
+        echo "$DAILY_BACKUPTIME" > "/nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/daily_backup_time"
+        chown 33:0 "/nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/daily_backup_time"
+        chmod 770 "/nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/daily_backup_time"
+    fi
+
     umount /tmp/borg
 
     # Inform user
@@ -248,7 +326,7 @@ if [ "$BORG_MODE" = check ]; then
     echo "Checking the backup integrity..."
 
     # Perform the check
-    if ! borg check --verify-data --progress "$BORG_BACKUP_DIRECTORY"; then
+    if ! borg check --verify-data "$BORG_BACKUP_DIRECTORY"; then
         echo "Some errors were found while checking the backup integrity!"
         exit 1
     fi

Containers/collabora/Dockerfile

@@ -1,5 +1,5 @@
 # From a file located probably somewhere here: https://github.com/CollaboraOnline/online/tree/master/docker
-FROM collabora/code:22.05.5.3.1
+FROM collabora/code:22.05.5.4.1
 
 USER root
 
@@ -13,3 +13,5 @@ RUN set -ex; \
     rm -rf /var/lib/apt/lists/*
 
 USER 104
+
+HEALTHCHECK CMD curl -skfI localhost:9980 || exit 1

Containers/domaincheck/Dockerfile

@@ -1,5 +1,5 @@
 FROM alpine:3.16.2
-RUN apk add --update --no-cache lighttpd bash
+RUN apk add --update --no-cache lighttpd bash curl
 
 RUN adduser -S www-data -G www-data
 RUN rm -rf /etc/lighttpd/lighttpd.conf
@@ -14,3 +14,5 @@ RUN chmod +x /start.sh
 USER www-data
 RUN mkdir -p /var/www/domaincheck/
 ENTRYPOINT ["/start.sh"]
+
+HEALTHCHECK CMD curl -skfI localhost:$APACHE_PORT || exit 1

Containers/fulltextsearch/Dockerfile

@@ -0,0 +1,6 @@
+# Probably from here https://github.com/elastic/elasticsearch/blob/main/distribution/docker/src/docker/Dockerfile
+FROM elasticsearch:7.17.6
+
+RUN elasticsearch-plugin install --batch ingest-attachment
+
+HEALTHCHECK CMD curl -skfI localhost:9200 || exit 1

Containers/imaginary/Dockerfile

@@ -0,0 +1,15 @@
+# From https://github.com/h2non/imaginary/blob/master/Dockerfile
+FROM nextcloud/imaginary:20220905
+
+USER root
+RUN set -ex; \
+    \
+    apt-get update; \
+    apt-get install -y --no-install-recommends \
+        ca-certificates \
+        curl \
+    ; \
+    rm -rf /var/lib/apt/lists/*
+USER nobody
+
+HEALTHCHECK CMD curl -skI 127.0.0.1:9000 || exit 1

Containers/mastercontainer/Dockerfile

@@ -5,7 +5,7 @@ FROM docker:20.10.17-dind-alpine3.16 as dind
 FROM caddy:2.5.2-alpine as caddy
 
 # From https://github.com/docker-library/php/blob/master/8.0/bullseye/apache/Dockerfile
-FROM php:8.0.22-apache-bullseye
+FROM php:8.0.23-apache-bullseye
 
 EXPOSE 80
 EXPOSE 8080
@@ -90,14 +90,18 @@ COPY session-deduplicator.sh /
 COPY cron.sh /
 COPY daily-backup.sh /
 COPY supervisord.conf /
+COPY healthcheck.sh /
 RUN chmod +x /usr/bin/start.sh; \
     chmod +x /cron.sh; \
     chmod +x /session-deduplicator.sh; \
     chmod +x /backup-time-file-watcher.sh; \
     chmod +x /daily-backup.sh; \
-    chmod a+r /Caddyfile
+    chmod a+r /Caddyfile; \
+    chmod +x /healthcheck.sh
 
 USER root
 
 ENTRYPOINT ["start.sh"]
 CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]
+
+HEALTHCHECK CMD /healthcheck.sh

Containers/mastercontainer/daily-backup.sh

@@ -1,10 +1,16 @@
 #!/bin/bash
 
-echo "Daily backup has started"
+echo "Daily backup script has started"
+
+# Daily backup and backup check cannot be run at the same time
+if [ "$DAILY_BACKUP" = 1 ] && [ "$CHECK_BACKUP" = 1 ]; then
+    echo "Daily backup and backup check cannot be run at the same time. Exiting..."
+    exit 1
+fi
 
 # Delete all active sessions and create a lock file
 # But don't kick out the user if the mastercontainer was just updated since we block the interface either way with the lock file
-if [ "$LOCK_FILE_PRESENT" = 0 ]; then
+if [ "$LOCK_FILE_PRESENT" = 0 ] || ! [ -f "/mnt/docker-aio-config/data/daily_backup_running" ]; then
     rm -f "/mnt/docker-aio-config/session/"*
 fi
 sudo -u www-data touch "/mnt/docker-aio-config/data/daily_backup_running"
@@ -26,6 +32,8 @@ done
 
 # Update the mastercontainer
 if [ "$AUTOMATIC_UPDATES" = 1 ]; then
+    echo "Starting mastercontainer update..." 
+    echo "(The script might get exited due to that. In order to update all the other containers correctly, you need to run this script with the same settings a second time.)"
     sudo -u www-data php /var/www/docker-aio/php/src/Cron/UpdateMastercontainer.php
 fi
 
@@ -40,20 +48,31 @@ else
 fi
 
 # Stop containers if required
-if [ "$DAILY_BACKUP" != 1 ] || [ "$STOP_CONTAINERS" = 1 ]; then
+# shellcheck disable=SC2235
+if [ "$CHECK_BACKUP" != 1 ] && ([ "$DAILY_BACKUP" != 1 ] || [ "$STOP_CONTAINERS" = 1 ]); then
+    echo "Stopping containers..."
     sudo -u www-data php /var/www/docker-aio/php/src/Cron/StopContainers.php
 fi
 
 # Execute the backup itself and some related tasks (also stops the containers)
 if [ "$DAILY_BACKUP" = 1 ]; then
+    echo "Creating daily backup..."
     sudo -u www-data php /var/www/docker-aio/php/src/Cron/CreateBackup.php
 fi
 
+# Execute backup check
+if [ "$CHECK_BACKUP" = 1 ]; then
+    echo "Starting backup check..."
+    sudo -u www-data php /var/www/docker-aio/php/src/Cron/CheckBackup.php
+fi
+
 # Start and/or update containers
 if [ "$AUTOMATIC_UPDATES" = 1 ]; then
+    echo "Starting and updating containers..."
     sudo -u www-data php /var/www/docker-aio/php/src/Cron/StartAndUpdateContainers.php
 else
     if [ "$START_CONTAINERS" = 1 ]; then
+        echo "Starting containers without updating them..."
         sudo -u www-data php /var/www/docker-aio/php/src/Cron/StartContainers.php
     fi
 fi
@@ -75,7 +94,8 @@ if [ "$DAILY_BACKUP" = 1 ]; then
             fi
         done
     fi
+    echo "Sending backup notification..."
     sudo -u www-data php /var/www/docker-aio/php/src/Cron/BackupNotification.php
 fi
 
-echo "Daily backup has finished"
+echo "Daily backup script has finished"

Containers/mastercontainer/healthcheck.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+if [ -f "/mnt/docker-aio-config/data/configuration.json" ]; then
+    curl -skfI https://localhost:8080 || exit 1
+fi

Containers/mastercontainer/session-deduplicator.sh

@@ -2,15 +2,18 @@
 
 while true; do
     while [ "$(find "/mnt/docker-aio-config/session/" -mindepth 1 -exec grep "aio_authenticated|[a-z]:1" {} \; | wc -l)" -gt 1 ]; do
+        # First delete all session files that are not authenticated
         unset SESSION_FILES
         SESSION_FILES="$(find "/mnt/docker-aio-config/session/" -mindepth 1)"
         unset SESSION_FILES_ARRAY
         mapfile -t SESSION_FILES_ARRAY <<< "$SESSION_FILES"
         for SESSION_FILE in "${SESSION_FILES_ARRAY[@]}"; do
-            if ! grep -q "aio_authenticated|[a-z]:1" "$SESSION_FILE"; then
+            if [ -f "$SESSION_FILE" ] && ! grep -q "aio_authenticated|[a-z]:1" "$SESSION_FILE"; then
                 rm "$SESSION_FILE"
             fi
         done
+
+        # Second clean up all sessions that are authenticated
         echo "Deleting duplicate sessions"
         unset OLDEST_FILE
         set -x

Containers/mastercontainer/start.sh

@@ -104,6 +104,22 @@ if [ -n "$NEXTCLOUD_DATADIR" ] && [ -n "$NEXTCLOUD_MOUNT" ]; then
         exit 1
     fi
 fi
+if [ -n "$NEXTCLOUD_UPLOAD_LIMIT" ]; then
+    if ! echo "$NEXTCLOUD_UPLOAD_LIMIT" | grep -q '^[0-9]\+G$'; then
+        echo "You've set NEXTCLOUD_UPLOAD_LIMIT but not to an allowed value.
+The string must start with a number and end with 'G'.
+It is set to '$NEXTCLOUD_UPLOAD_LIMIT'."
+        exit 1
+    fi
+fi
+if [ -n "$NEXTCLOUD_MAX_TIME" ]; then
+    if ! echo "$NEXTCLOUD_MAX_TIME" | grep -q '^[0-9]\+$'; then
+        echo "You've set NEXTCLOUD_MAX_TIME but not to an allowed value.
+The string must be a number. E.g. '3600'.
+It is set to '$NEXTCLOUD_MAX_TIME'."
+        exit 1
+    fi
+fi
 if [ -n "$APACHE_PORT" ]; then
     if ! check_if_number "$APACHE_PORT"; then
         echo "You provided an Apache port but did not only use numbers.
@@ -204,7 +220,7 @@ print_green "Initial startup of Nextcloud All In One complete!
 You should be able to open the Nextcloud AIO Interface now on port 8080 of this server!
 E.g. https://internal.ip.of.this.server:8080
 
-If your server has port 80 and 8443 open and you point a domain to your server, you can get a valid certificate automatially by opening the Nextcloud AIO Interface via:
+If your server has port 80 and 8443 open and you point a domain to your server, you can get a valid certificate automatically by opening the Nextcloud AIO Interface via:
 https://your-domain-that-points-to-this-server.tld:8443"
 
 # Set the timezone to UTC

Containers/nextcloud/Dockerfile

@@ -1,5 +1,5 @@
 # From https://github.com/nextcloud/docker/blob/master/23/fpm-alpine/Dockerfile
-FROM php:8.0.22-fpm-alpine3.16
+FROM php:8.0.23-fpm-alpine3.16
 
 # Custom: change id of www-data user as it needs to be the same like on old installations
 RUN set -ex; \
@@ -21,6 +21,7 @@ RUN set -ex; \
 # see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html
 ENV PHP_MEMORY_LIMIT 512M
 ENV PHP_UPLOAD_LIMIT 10G
+ENV PHP_MAX_TIME 3600
 RUN set -ex; \
     \
     apk add --no-cache --virtual .build-deps \
@@ -96,6 +97,8 @@ RUN { \
         echo 'memory_limit=${PHP_MEMORY_LIMIT}'; \
         echo 'upload_max_filesize=${PHP_UPLOAD_LIMIT}'; \
         echo 'post_max_size=${PHP_UPLOAD_LIMIT}'; \
+        echo 'max_execution_time=${PHP_MAX_TIME}'; \
+        echo 'max_input_time=${PHP_MAX_TIME}'; \
     } > /usr/local/etc/php/conf.d/nextcloud.ini; \
     \
     mkdir /var/www/data; \
@@ -104,7 +107,7 @@ RUN { \
 
 VOLUME /var/www/html
 
-ENV NEXTCLOUD_VERSION 24.0.4
+ENV NEXTCLOUD_VERSION 24.0.5
 
 RUN set -ex; \
     apk add --no-cache --virtual .fetch-deps \
@@ -198,15 +201,17 @@ RUN set -ex; \
         git \
         postgresql-client \
         tzdata \
+        mawk \
     ; \
     rm -rf /var/lib/apt/lists/*
 
 RUN set -ex; \
     grep -q '^pm = dynamic' /usr/local/etc/php-fpm.d/www.conf; \
-    sed -i 's/^pm.max_children =.*/pm.max_children = 100/' /usr/local/etc/php-fpm.d/www.conf; \
-    sed -i 's/^pm.start_servers =.*/pm.start_servers = 25/' /usr/local/etc/php-fpm.d/www.conf; \
-    sed -i 's/^pm.min_spare_servers =.*/pm.min_spare_servers = 25/' /usr/local/etc/php-fpm.d/www.conf; \
-    sed -i 's/^pm.max_spare_servers =.*/pm.max_spare_servers = 75/' /usr/local/etc/php-fpm.d/www.conf
+    sed -i 's/^pm = dynamic/pm = ondemand/' /usr/local/etc/php-fpm.d/www.conf; \
+    sed -i 's/^pm.max_children =.*/pm.max_children = 80/' /usr/local/etc/php-fpm.d/www.conf; \
+    sed -i 's/^pm.start_servers =.*/pm.start_servers = 2/' /usr/local/etc/php-fpm.d/www.conf; \
+    sed -i 's/^pm.min_spare_servers =.*/pm.min_spare_servers = 1/' /usr/local/etc/php-fpm.d/www.conf; \
+    sed -i 's/^pm.max_spare_servers =.*/pm.max_spare_servers = 3/' /usr/local/etc/php-fpm.d/www.conf
 
 RUN set -ex; \
     rm -rf /tmp/nextcloud-aio && \
@@ -219,6 +224,7 @@ RUN set -ex; \
 RUN set -ex; \
     chown www-data:root -R /usr/src && \
     chown www-data:root -R /usr/local/etc/php/conf.d && \
+    chown www-data:root -R /usr/local/etc/php-fpm.d && \
     chown www-data:root -R /var/log/supervisord/ && \
     chown www-data:root -R /var/run/supervisord/ && \
     rm -r /usr/src/nextcloud/apps/updatenotification
@@ -245,3 +251,5 @@ RUN echo "root:$(openssl rand -base64 12)" | chpasswd
 
 USER www-data
 ENTRYPOINT ["/start.sh"]
+
+HEALTHCHECK CMD (nc -z localhost 9000 && curl -skI localhost:7867) || exit 1

Containers/nextcloud/activate-collabora.sh

@@ -1,20 +1,13 @@
 #!/bin/bash
 
-COLLABORA_ACTIVATED=0
-
-while true; do
-    if [ "$COLLABORA_ENABLED" != yes ]; then
-        # Basically sleep for forever if collabora is not enabled
-        sleep 365d
-    fi
-    if [ "$COLLABORA_ACTIVATED" != 0 ]; then
-        # Basically sleep for forever if collabora was activated
-        sleep 365d
-    fi
-    while ! nc -z "$NC_DOMAIN" 443; do
-        sleep 5
-    done
-    echo "Activating collabora config"
-    php /var/www/html/occ richdocuments:activate-config
-    COLLABORA_ACTIVATED=1
+if [ "$COLLABORA_ENABLED" != yes ]; then
+    # Basically sleep for forever if collabora is not enabled
+    sleep inf
+fi
+while ! nc -z "$NC_DOMAIN" 443; do
+    sleep 5
 done
+sleep 10
+echo "Activating collabora config..."
+php /var/www/html/occ richdocuments:activate-config
+sleep inf

Containers/nextcloud/config/s3.config.php

@@ -0,0 +1,27 @@
+<?php
+if (getenv('OBJECTSTORE_S3_BUCKET')) {
+  $use_ssl = getenv('OBJECTSTORE_S3_SSL');
+  $use_path = getenv('OBJECTSTORE_S3_USEPATH_STYLE');
+  $use_legacyauth = getenv('OBJECTSTORE_S3_LEGACYAUTH');
+  $autocreate = getenv('OBJECTSTORE_S3_AUTOCREATE');
+  $CONFIG = array(
+    'objectstore' => array(
+      'class' => '\OC\Files\ObjectStore\S3',
+      'arguments' => array(
+        'bucket' => getenv('OBJECTSTORE_S3_BUCKET'),
+        'key' => getenv('OBJECTSTORE_S3_KEY') ?: '',
+        'secret' => getenv('OBJECTSTORE_S3_SECRET') ?: '',
+        'region' => getenv('OBJECTSTORE_S3_REGION') ?: '',
+        'hostname' => getenv('OBJECTSTORE_S3_HOST') ?: '',
+        'port' => getenv('OBJECTSTORE_S3_PORT') ?: '',
+        'objectPrefix' => getenv("OBJECTSTORE_S3_OBJECT_PREFIX") ? getenv("OBJECTSTORE_S3_OBJECT_PREFIX") : "urn:oid:",
+        'autocreate' => (strtolower($autocreate) === 'false' || $autocreate == false) ? false : true,
+        'use_ssl' => (strtolower($use_ssl) === 'false' || $use_ssl == false) ? false : true,
+        // required for some non Amazon S3 implementations
+        'use_path_style' => $use_path == true && strtolower($use_path) !== 'false',
+        // required for older protocol versions
+        'legacy_auth' => $use_legacyauth == true && strtolower($use_legacyauth) !== 'false'
+      )
+    )
+  );
+} 

Containers/nextcloud/config/swift.config.php

@@ -0,0 +1,31 @@
+<?php
+if (getenv('OBJECTSTORE_SWIFT_URL')) {
+    $autocreate = getenv('OBJECTSTORE_SWIFT_AUTOCREATE');
+  $CONFIG = array(
+    'objectstore' => [
+      'class' => 'OC\\Files\\ObjectStore\\Swift',
+      'arguments' => [
+        'autocreate' => $autocreate == true && strtolower($autocreate) !== 'false',
+        'user' => [
+          'name' => getenv('OBJECTSTORE_SWIFT_USER_NAME'),
+          'password' => getenv('OBJECTSTORE_SWIFT_USER_PASSWORD'),
+          'domain' => [
+            'name' => (getenv('OBJECTSTORE_SWIFT_USER_DOMAIN')) ?: 'Default',
+          ],
+        ],
+        'scope' => [
+          'project' => [
+            'name' => getenv('OBJECTSTORE_SWIFT_PROJECT_NAME'),
+            'domain' => [
+              'name' => (getenv('OBJECTSTORE_SWIFT_PROJECT_DOMAIN')) ?: 'Default',
+            ],
+          ],
+        ],
+        'serviceName' => (getenv('OBJECTSTORE_SWIFT_SERVICE_NAME')) ?: 'swift',
+        'region' => getenv('OBJECTSTORE_SWIFT_REGION'),
+        'url' => getenv('OBJECTSTORE_SWIFT_URL'),
+        'bucket' => getenv('OBJECTSTORE_SWIFT_CONTAINER_NAME'),
+      ]
+    ]
+  );
+}

Containers/nextcloud/entrypoint.sh

@@ -10,7 +10,7 @@ directory_empty() {
     [ -z "$(ls -A "$1/")" ]
 }
 
-echo "Configuring Redis as session handler"
+echo "Configuring Redis as session handler..."
 cat << REDIS_CONF > /usr/local/etc/php/conf.d/redis-session.ini
 session.save_handler = redis
 session.save_path = "tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}?auth=${REDIS_HOST_PASSWORD}"
@@ -21,6 +21,13 @@ redis.session.lock_retries = -1
 redis.session.lock_wait_time = 10000
 REDIS_CONF
 
+echo "Setting php max children..."
+MEMORY=$(mawk '/MemTotal/ {printf "%d", $2/1024}' /proc/meminfo)
+PHP_MAX_CHILDREN=$((MEMORY/50))
+if [ -n "$PHP_MAX_CHILDREN" ]; then
+    sed -i "s/^pm.max_children =.*/pm.max_children = $PHP_MAX_CHILDREN/" /usr/local/etc/php-fpm.d/www.conf
+fi
+
 # Check permissions in ncdata
 touch "/mnt/ncdata/this-is-a-test-file"
 if ! [ -f "/mnt/ncdata/this-is-a-test-file" ]; then
@@ -271,6 +278,15 @@ if [ -z "$(find "/mnt/ncdata/" -maxdepth 1 -mindepth 1 -type d -name "appdata_*"
     exit 1
 fi
 
+# Configure tempdirectory
+if [ -z "$OBJECTSTORE_S3_BUCKET" ] && [ -z "$OBJECTSTORE_SWIFT_URL" ]; then
+    mkdir -p "/mnt/ncdata/tmp/"
+    if ! grep -q upload_tmp_dir /usr/local/etc/php/conf.d/nextcloud.ini; then
+        echo "upload_tmp_dir = /mnt/ncdata/tmp/" >> /usr/local/etc/php/conf.d/nextcloud.ini
+    fi
+    php /var/www/html/occ config:system:set tempdirectory --value="/mnt/ncdata/tmp/"
+fi
+
 # Perform fingerprint update if instance was restored
 if [ -f "/mnt/ncdata/fingerprint.update" ]; then
     php /var/www/html/occ maintenance:data-fingerprint
@@ -407,5 +423,70 @@ else
     fi
 fi
 
+# Imaginary
+if version_greater "$installed_version" "24.0.0.0"; then
+    if [ "$IMAGINARY_ENABLED" = 'yes' ]; then
+        php /var/www/html/occ config:system:set enabledPreviewProviders 0 --value="OC\\Preview\\Imaginary"
+        php /var/www/html/occ config:system:set preview_imaginary_url --value="http://$IMAGINARY_HOST:9000"
+    else
+        php /var/www/html/occ config:system:delete enabledPreviewProviders 0
+        php /var/www/html/occ config:system:delete preview_imaginary_url
+    fi
+fi
+
+# Fulltextsearch
+if [ "$FULLTEXTSEARCH_ENABLED" = 'yes' ]; then
+    while ! nc -z "$FULLTEXTSEARCH_HOST" 9200; do
+        echo "waiting for Fulltextsearch to become available..."
+        sleep 5
+    done
+    if ! [ -d "/var/www/html/custom_apps/fulltextsearch" ]; then
+        php /var/www/html/occ app:install fulltextsearch
+    elif [ "$(php /var/www/html/occ config:app:get fulltextsearch enabled)" = "no" ]; then
+        php /var/www/html/occ app:enable fulltextsearch
+    else
+        php /var/www/html/occ app:update fulltextsearch
+    fi    
+    if ! [ -d "/var/www/html/custom_apps/fulltextsearch_elasticsearch" ]; then
+        php /var/www/html/occ app:install fulltextsearch_elasticsearch
+    elif [ "$(php /var/www/html/occ config:app:get fulltextsearch_elasticsearch enabled)" = "no" ]; then
+        php /var/www/html/occ app:enable fulltextsearch_elasticsearch
+    else
+        php /var/www/html/occ app:update fulltextsearch_elasticsearch
+    fi    
+    if ! [ -d "/var/www/html/custom_apps/files_fulltextsearch" ]; then
+        php /var/www/html/occ app:install files_fulltextsearch
+    elif [ "$(php /var/www/html/occ config:app:get files_fulltextsearch enabled)" = "no" ]; then
+        php /var/www/html/occ app:enable files_fulltextsearch
+    else
+        php /var/www/html/occ app:update files_fulltextsearch
+    fi
+    php /var/www/html/occ fulltextsearch:configure '{"search_platform":"OCA\\FullTextSearch_Elasticsearch\\Platform\\ElasticSearchPlatform"}'
+    php /var/www/html/occ fulltextsearch_elasticsearch:configure "{\"elastic_host\":\"http://$FULLTEXTSEARCH_HOST:9200\",\"elastic_index\":\"nextcloud-aio\"}"
+    php /var/www/html/occ files_fulltextsearch:configure "{\"files_pdf\":\"1\",\"files_office\":\"1\"}"
+
+    # Do the index
+    if ! [ -f "/mnt/ncdata/fts-index.done" ]; then
+        echo "Waiting 10s before activating FTS..."
+        sleep 10
+        echo "Activating fulltextsearch..."
+        if php /var/www/html/occ fulltextsearch:test && php /var/www/html/occ fulltextsearch:index; then
+            touch "/mnt/ncdata/fts-index.done"
+        else
+            echo "Fulltextsearch failed. Could not index."
+        fi
+    fi
+else
+    if [ -d "/var/www/html/custom_apps/fulltextsearch" ]; then
+        php /var/www/html/occ app:remove fulltextsearch
+    fi
+    if [ -d "/var/www/html/custom_apps/fulltextsearch_elasticsearch" ]; then
+        php /var/www/html/occ app:remove fulltextsearch_elasticsearch
+    fi
+    if [ -d "/var/www/html/custom_apps/files_fulltextsearch" ]; then
+        php /var/www/html/occ app:remove files_fulltextsearch
+    fi
+fi
+
 # Remove the update skip file always
 rm -f /mnt/ncdata/skip.update

Containers/nextcloud/start.sh

@@ -17,8 +17,9 @@ if [ -f "/var/www/html/config/config.php" ]; then
         echo "Waiting for the database to start..."
         sleep 5
     done
-    sed -i "s|'dbuser'.*=>.*$|'dbuser' => '$POSTGRES_USER',|" /var/www/html/config/config.php
-    sed -i "s|'dbpassword'.*=>.*$|'dbpassword' => '$POSTGRES_PASSWORD',|" /var/www/html/config/config.php
+    # The code below is hopefully not needed anymore. Was introduced with https://github.com/nextcloud/all-in-one/pull/218
+    # sed -i "s|'dbuser'.*=>.*$|'dbuser' => '$POSTGRES_USER',|" /var/www/html/config/config.php
+    # sed -i "s|'dbpassword'.*=>.*$|'dbpassword' => '$POSTGRES_PASSWORD',|" /var/www/html/config/config.php
 fi
 
 # Run original entrypoint

Containers/onlyoffice/Dockerfile

@@ -1,2 +1,4 @@
 # From https://github.com/ONLYOFFICE/Docker-DocumentServer/blob/master/Dockerfile
 FROM onlyoffice/documentserver:7.1.1.23
+
+HEALTHCHECK CMD curl -skfI localhost || exit 1

Containers/postgresql/Dockerfile

@@ -1,7 +1,7 @@
 # From https://github.com/docker-library/postgres/blob/master/13/alpine/Dockerfile
 FROM postgres:14.5-alpine
 
-RUN apk add --update --no-cache bash openssl shadow netcat-openbsd grep
+RUN apk add --update --no-cache bash openssl shadow netcat-openbsd grep mawk
 
 # We need to use the same gid and uid as on old installations
 RUN set -ex; \
@@ -31,3 +31,5 @@ RUN echo "root:$(openssl rand -base64 12)" | chpasswd
 
 USER postgres
 ENTRYPOINT ["start.sh"]
+
+HEALTHCHECK CMD psql -d "postgresql://$POSTGRES_USER:$POSTGRES_PASSWORD@localhost:5432/$POSTGRES_DB" -c "select now()" || exit 1

Containers/postgresql/start.sh

@@ -110,6 +110,13 @@ if ! [ -f "$DATADIR/PG_VERSION" ] && ! [ -f "$DUMP_FILE" ]; then
     rm -rf "${DATADIR:?}/"*
 fi
 
+echo "Setting max connections..."
+MEMORY=$(mawk '/MemTotal/ {printf "%d", $2/1024}' /proc/meminfo)
+MAX_CONNECTIONS=$((MEMORY/50+3))
+if [ -n "$MAX_CONNECTIONS" ]; then
+    sed -i "s|^max_connections =.*|max_connections = $MAX_CONNECTIONS|" "/var/lib/postgresql/data/postgresql.conf"
+fi
+
 # Catch docker stop attempts
 trap 'true' SIGINT SIGTERM
 

Containers/redis/Dockerfile

@@ -11,3 +11,5 @@ RUN echo "root:$(openssl rand -base64 12)" | chpasswd
 
 USER redis
 ENTRYPOINT ["start.sh"]
+
+HEALTHCHECK CMD redis-cli -a $REDIS_HOST_PASSWORD PING || exit 1

Containers/talk/Dockerfile

@@ -1,4 +1,4 @@
-FROM ubuntu:focal-20220801
+FROM ubuntu:focal-20220826
 
 RUN set -ex; \
     \
@@ -9,6 +9,7 @@ RUN set -ex; \
         supervisor \
         curl \
         ca-certificates \
+        netcat \
     ; \
     rm -rf /var/lib/apt/lists/*
 
@@ -61,6 +62,11 @@ RUN mkdir -p /etc/nats; \
 # Give root a random password
 RUN echo "root:$(openssl rand -base64 12)" | chpasswd
 
+# Set default talk port https://github.com/nextcloud/all-in-one/issues/1011
+ENV TALK_PORT=3478
+
 USER talk
 ENTRYPOINT ["start.sh"]
 CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]
+
+HEALTHCHECK CMD (curl -skI localhost:8081 && curl -skI localhost:8188 && curl -skf --http0.9 localhost:4222 && nc -z localhost $TALK_PORT) || exit 1

Containers/talk/start.sh

@@ -11,7 +11,7 @@ elif [ -z "$JANUS_API_KEY" ]; then
     echo "You need to provide the JANUS_API_KEY."
     exit 1
 elif [ -z "$SIGNALING_SECRET" ]; then
-    echo "You need to provide the JANUS_API_KEY."
+    echo "You need to provide the SIGNALING_SECRET."
     exit 1
 fi
 
@@ -23,7 +23,7 @@ lt-cred-mech
 use-auth-secret
 static-auth-secret=$TURN_SECRET
 realm=$NC_DOMAIN
-total-quota=100
+total-quota=0
 bps-capacity=0
 stale-nonce
 no-multicast-peers

develop.md

@@ -1,12 +1,13 @@
 ## Developer channel
 If you want to switch to the develop channel, you simply stop and delete the mastercontainer and create a new one with a changed tag to develop:
 ```shell
-sudo docker run -it \
+sudo docker run \
+--sig-proxy=false \
 --name nextcloud-aio-mastercontainer \
 --restart always \
--p 80:80 \
--p 8080:8080 \
--p 8443:8443 \
+--publish 80:80 \
+--publish 8080:8080 \
+--publish 8443:8443 \
 --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \
 --volume /var/run/docker.sock:/var/run/docker.sock:ro \
 nextcloud/all-in-one:develop

docker-compose.yml

@@ -24,6 +24,8 @@ services:
       # - NEXTCLOUD_MOUNT=/mnt/ # Allows the Nextcloud container to access the chosen directory on the host. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host
       # - DOCKER_SOCKET_PATH=/var/run/docker.sock # Needs to be specified if the docker socket on the host is not located in the default '/var/run/docker.sock'. Otherwise mastercontainer updates will fail.
       # - DISABLE_BACKUP_SECTION=true # Setting this to true allows to hide the backup section in the AIO interface.
+      # - NEXTCLOUD_UPLOAD_LIMIT=10G # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-upload-limit-for-nextcloud
+      # - NEXTCLOUD_MAX_TIME=3600 # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-max-execution-time-for-nextcloud
 
   # # Optional: Caddy reverse proxy. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
   # # You can find further examples here: https://github.com/nextcloud/all-in-one/discussions/588

local-instance.md

@@ -1,5 +1,5 @@
 # Local instance
-It is possible due to several reasons that you do not want or cannot open Nextcloud to the public internet. However AIO usually requires a valid certificate to work correctly. Below is discussed how you can achieve both: Having a valid certificate for Nextcloud and only using it locally.
+It is possible due to several reasons that you do not want or cannot open Nextcloud to the public internet. However AIO requires a valid certificate to work correctly. Below is discussed how you can achieve both: Having a valid certificate for Nextcloud and only using it locally.
 
 ## 1. The recommended way
 The recommended way is the following:

manual-install/latest-arm64.yml

@@ -47,6 +47,8 @@ services:
     depends_on:
       - nextcloud-aio-database
       - nextcloud-aio-redis
+      - nextcloud-aio-fulltextsearch
+      - nextcloud-aio-imaginary
     image: nextcloud/aio-nextcloud:latest-arm64
     volumes:
       - nextcloud_aio_nextcloud:/var/www/html:rw
@@ -76,6 +78,12 @@ services:
       - UPDATE_NEXTCLOUD_APPS=${UPDATE_NEXTCLOUD_APPS}
       - TZ=${TIMEZONE}
       - TALK_PORT=${TALK_PORT}
+      - IMAGINARY_ENABLED=${IMAGINARY_ENABLED}
+      - IMAGINARY_HOST=nextcloud-aio-imaginary
+      - PHP_UPLOAD_LIMIT=${NEXTCLOUD_UPLOAD_LIMIT}
+      - FULLTEXTSEARCH_ENABLED=${FULLTEXTSEARCH_ENABLED}
+      - FULLTEXTSEARCH_HOST=nextcloud-aio-fulltextsearch
+      - PHP_MAX_TIME=${NEXTCLOUD_MAX_TIME}
     stop_grace_period: 10s
     restart: unless-stopped
     networks:
@@ -97,7 +105,7 @@ services:
     image: nextcloud/aio-collabora:latest-arm64
     environment:
       - aliasgroup1=https://${NC_DOMAIN}:443
-      - extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:logging.level=warning
+      - extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:logging.level=warning --o:home_mode.enable=true
       - dictionaries=${COLLABORA_DICTIONARIES}
       - TZ=${TIMEZONE}
     stop_grace_period: 10s
@@ -123,6 +131,30 @@ services:
     networks:
       - nextcloud-aio
  
+  nextcloud-aio-imaginary:
+    container_name: nextcloud-aio-imaginary
+    image: nextcloud/aio-imaginary:latest-arm64
+    environment:
+      - TZ=${TIMEZONE}
+    stop_grace_period: 10s
+    restart: unless-stopped
+    networks:
+      - nextcloud-aio
+ 
+  nextcloud-aio-fulltextsearch:
+    container_name: nextcloud-aio-fulltextsearch
+    image: nextcloud/aio-fulltextsearch:latest-arm64
+    environment:
+      - TZ=${TIMEZONE}
+      - discovery.type=single-node
+      - ES_JAVA_OPTS=-Xms1024M -Xmx1024M
+    volumes:
+      - nextcloud_aio_elasticsearch:/usr/share/elasticsearch/data:rw
+    stop_grace_period: 10s
+    restart: unless-stopped
+    networks:
+      - nextcloud-aio
+
 volumes:
   nextcloud_aio_apache:
     name: nextcloud_aio_apache
@@ -130,6 +162,8 @@ volumes:
     name: nextcloud_aio_database
   nextcloud_aio_database_dump:
     name: nextcloud_aio_database_dump
+  nextcloud_aio_elasticsearch:
+    name: nextcloud_aio_elasticsearch
   nextcloud_aio_nextcloud:
     name: nextcloud_aio_nextcloud
   nextcloud_aio_nextcloud_data:

manual-install/latest.yml

@@ -6,7 +6,6 @@ services:
     depends_on:
       - nextcloud-aio-onlyoffice
       - nextcloud-aio-collabora
-      - nextcloud-aio-clamav
       - nextcloud-aio-talk
       - nextcloud-aio-nextcloud
     image: nextcloud/aio-apache:latest
@@ -50,6 +49,9 @@ services:
     depends_on:
       - nextcloud-aio-database
       - nextcloud-aio-redis
+      - nextcloud-aio-clamav
+      - nextcloud-aio-fulltextsearch
+      - nextcloud-aio-imaginary
     image: nextcloud/aio-nextcloud:latest
     volumes:
       - nextcloud_aio_nextcloud:/var/www/html:rw
@@ -84,6 +86,12 @@ services:
       - UPDATE_NEXTCLOUD_APPS=${UPDATE_NEXTCLOUD_APPS}
       - TZ=${TIMEZONE}
       - TALK_PORT=${TALK_PORT}
+      - IMAGINARY_ENABLED=${IMAGINARY_ENABLED}
+      - IMAGINARY_HOST=nextcloud-aio-imaginary
+      - PHP_UPLOAD_LIMIT=${NEXTCLOUD_UPLOAD_LIMIT}
+      - FULLTEXTSEARCH_ENABLED=${FULLTEXTSEARCH_ENABLED}
+      - FULLTEXTSEARCH_HOST=nextcloud-aio-fulltextsearch
+      - PHP_MAX_TIME=${NEXTCLOUD_MAX_TIME}
     stop_grace_period: 10s
     restart: unless-stopped
     networks:
@@ -105,7 +113,7 @@ services:
     image: nextcloud/aio-collabora:latest
     environment:
       - aliasgroup1=https://${NC_DOMAIN}:443
-      - extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:logging.level=warning
+      - extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:logging.level=warning --o:home_mode.enable=true
       - dictionaries=${COLLABORA_DICTIONARIES}
       - TZ=${TIMEZONE}
     stop_grace_period: 10s
@@ -157,6 +165,30 @@ services:
     restart: unless-stopped
     networks:
       - nextcloud-aio
+ 
+  nextcloud-aio-imaginary:
+    container_name: nextcloud-aio-imaginary
+    image: nextcloud/aio-imaginary:latest
+    environment:
+      - TZ=${TIMEZONE}
+    stop_grace_period: 10s
+    restart: unless-stopped
+    networks:
+      - nextcloud-aio
+ 
+  nextcloud-aio-fulltextsearch:
+    container_name: nextcloud-aio-fulltextsearch
+    image: nextcloud/aio-fulltextsearch:latest
+    environment:
+      - TZ=${TIMEZONE}
+      - discovery.type=single-node
+      - ES_JAVA_OPTS=-Xms1024M -Xmx1024M
+    volumes:
+      - nextcloud_aio_elasticsearch:/usr/share/elasticsearch/data:rw
+    stop_grace_period: 10s
+    restart: unless-stopped
+    networks:
+      - nextcloud-aio
 
 volumes:
   nextcloud_aio_apache:
@@ -167,6 +199,8 @@ volumes:
     name: nextcloud_aio_database
   nextcloud_aio_database_dump:
     name: nextcloud_aio_database_dump
+  nextcloud_aio_elasticsearch:
+    name: nextcloud_aio_elasticsearch
   nextcloud_aio_nextcloud:
     name: nextcloud_aio_nextcloud
   nextcloud_aio_onlyoffice:

manual-install/sample.conf

@@ -5,11 +5,15 @@ CLAMAV_ENABLED=no          # Setting this to "yes" enables the option in Nextclo
 COLLABORA_DICTIONARIES=de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru        # You can change this in order to enable other dictionaries for collabora
 COLLABORA_ENABLED=yes          # Setting this to "yes" enables the option in Nextcloud automatically.
 DATABASE_PASSWORD=          # TODO! This needs to be a unique and good password!
+FULLTEXTSEARCH_ENABLED=no          # Setting this to "yes" enables the option in Nextcloud automatically.
+IMAGINARY_ENABLED=no          # Setting this to "yes" enables the option in Nextcloud automatically.
 JANUS_API_KEY=          # TODO! This needs to be a unique and good password!
 NC_DOMAIN=yourdomain.com          # TODO! Needs to be changed to the domain that you want to use for Nextcloud.
 NEXTCLOUD_DATADIR=nextcloud_aio_nextcloud_data          # You can change this to e.g. "/mnt/ncdata" to map it to a location on your host. It needs to be adjusted before the first startup and never afterwards!
+NEXTCLOUD_MAX_TIME=3600          # This allows to change the upload time limit of the Nextcloud container
 NEXTCLOUD_MOUNT=/mnt/          # This allows the Nextcloud container to access directories on the host. It must never be equal to the value of NEXTCLOUD_DATADIR!
 NEXTCLOUD_PASSWORD=          # TODO! This is the password of the initially created Nextcloud admin with username "admin".
+NEXTCLOUD_UPLOAD_LIMIT=10G          # This allows to change the upload limit of the Nextcloud container
 ONLYOFFICE_ENABLED=no          # Setting this to "yes" enables the option in Nextcloud automatically.
 ONLYOFFICE_SECRET=          # TODO! This needs to be a unique and good password!
 REDIS_PASSWORD=          # TODO! This needs to be a unique and good password!

manual-install/update-yaml.sh

@@ -62,6 +62,8 @@ sed -i 's|COLLABORA_ENABLED=no|COLLABORA_ENABLED=yes|' sample.conf
 sed -i 's|COLLABORA_DICTIONARIES=|COLLABORA_DICTIONARIES=de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru        # You can change this in order to enable other dictionaries for collabora|' sample.conf
 sed -i 's|NEXTCLOUD_DATADIR=|NEXTCLOUD_DATADIR=nextcloud_aio_nextcloud_data          # You can change this to e.g. "/mnt/ncdata" to map it to a location on your host. It needs to be adjusted before the first startup and never afterwards!|' sample.conf
 sed -i 's|NEXTCLOUD_MOUNT=|NEXTCLOUD_MOUNT=/mnt/          # This allows the Nextcloud container to access directories on the host. It must never be equal to the value of NEXTCLOUD_DATADIR!|' sample.conf
+sed -i 's|NEXTCLOUD_UPLOAD_LIMIT=|NEXTCLOUD_UPLOAD_LIMIT=10G          # This allows to change the upload limit of the Nextcloud container|' sample.conf
+sed -i 's|NEXTCLOUD_MAX_TIME=|NEXTCLOUD_MAX_TIME=3600          # This allows to change the upload time limit of the Nextcloud container|' sample.conf
 sed -i 's|UPDATE_NEXTCLOUD_APPS=|UPDATE_NEXTCLOUD_APPS=no          # When setting to yes, it will automatically update all installed Nextcloud apps upon container startup on saturdays.|' sample.conf
 sed -i 's|APACHE_PORT=|APACHE_PORT=443          # Changing this to a different value than 443 will allow you to run it behind a reverse proxy.|' sample.conf
 sed -i 's|TALK_PORT=|TALK_PORT=3478          # This allows to adjust the port that the talk container is using.|' sample.conf
@@ -115,10 +117,10 @@ sed -i '/image:/s/$/:latest/' latest.yml
 
 cat containers.yml > latest-arm64.yml
 sed -i '/image:/s/$/:latest-arm64/' latest-arm64.yml
-sed -i '/  nextcloud-aio-clamav:/,/^$/d' latest-arm64.yml
+sed -i '/  nextcloud-aio-clamav:/,/^ $/d' latest-arm64.yml
 sed -i '/nextcloud[-_]aio[-_]clamav/d' latest-arm64.yml
 sed -i '/CLAMAV_ENABLED/d' latest-arm64.yml
-sed -i '/  nextcloud-aio-onlyoffice:/,/^$/d' latest-arm64.yml
+sed -i '/  nextcloud-aio-onlyoffice:/,/^ $/d' latest-arm64.yml
 sed -i '/nextcloud[-_]aio[-_]onlyoffice/d' latest-arm64.yml
 sed -i '/ONLYOFFICE_ENABLED/d' latest-arm64.yml
 sed -i '/ONLYOFFICE_SECRET/d' latest-arm64.yml

multiple-instances.md

@@ -8,7 +8,7 @@ Below is described more in detail how the the second way works.
 ## Run multiple AIO instances on the same server with docker rootless
 1. Create as many linux users as you need first. The easiest way is to use `sudo adduser` and follow the setup for that. Make sure to create a strong unique password for each of them and write it down!
 1. Log in as each of the users e.g. by opening a new SSH connection and install docker rootless for each of them by following step 0-4 of the [docker rootless documentation](./docker-rootless.md).
-1. Then install AIO in reverse proxy mode by using the command that is descriebed in step 2 and 3 of the [reverse proxy documentation](./reverse-proxy.md) but use a different `APACHE_PORT` and [`TALK_PORT`](https://github.com/nextcloud/all-in-one#how-to-adjust-the-talk-port) for each instance as otherwise it will bug out. Also make sure to adjust the docker socket and `DOCKER_SOCKET_PATH` correctly for each of them by following step 6 of the [docker rootless documentation](./docker-rootless.md). Additionally, modify `-p 8080:8080` to a different port for each container, e.g. `8081:8080` as otherwise it will not work.<br>
+1. Then install AIO in reverse proxy mode by using the command that is descriebed in step 2 and 3 of the [reverse proxy documentation](./reverse-proxy.md) but use a different `APACHE_PORT` and [`TALK_PORT`](https://github.com/nextcloud/all-in-one#how-to-adjust-the-talk-port) for each instance as otherwise it will bug out. Also make sure to adjust the docker socket and `DOCKER_SOCKET_PATH` correctly for each of them by following step 6 of the [docker rootless documentation](./docker-rootless.md). Additionally, modify `--publish 8080:8080` to a different port for each container, e.g. `8081:8080` as otherwise it will not work.<br>
 **⚠️ Please note:** If you want to adjust the `NEXTCLOUD_DATADIR`, make sure to apply the correct permissions to the chosen path as documented at the bottom of the [docker rootless documentation](./docker-rootless.md). Also for the built-in backup to work, the target path needs to have the correct permissions as documented there, too.
 1. Now install your webserver of choice on the host system. It is recommended to use caddy for this as it is by far the easiest solution. You can do so by following https://caddyserver.com/docs/install#debian-ubuntu-raspbian or below. (It needs to be installed directly on the host or on a different server in the same network).
 1. Next create your Caddyfile with multiple entries and domains for the different instances like described in step 1 of the [reverse proxy documentation](./reverse-proxy.md). Obviously each domain needs to point correctly to the chosen `APACHE_PORT` that you've configured before. Then start Caddy which should automatically get the needed certificates for you if your domains are configured correctly and ports 80 and 443 are forwarded to your server.

php/composer.lock

@@ -8,16 +8,16 @@
     "packages": [
         {
             "name": "guzzlehttp/guzzle",
-            "version": "7.4.5",
+            "version": "7.5.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/guzzle/guzzle.git",
-                "reference": "1dd98b0564cb3f6bd16ce683cb755f94c10fbd82"
+                "reference": "b50a2a1251152e43f6a37f0fa053e730a67d25ba"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/guzzle/guzzle/zipball/1dd98b0564cb3f6bd16ce683cb755f94c10fbd82",
-                "reference": "1dd98b0564cb3f6bd16ce683cb755f94c10fbd82",
+                "url": "https://api.github.com/repos/guzzle/guzzle/zipball/b50a2a1251152e43f6a37f0fa053e730a67d25ba",
+                "reference": "b50a2a1251152e43f6a37f0fa053e730a67d25ba",
                 "shasum": ""
             },
             "require": {
@@ -32,10 +32,10 @@
                 "psr/http-client-implementation": "1.0"
             },
             "require-dev": {
-                "bamarni/composer-bin-plugin": "^1.4.1",
+                "bamarni/composer-bin-plugin": "^1.8.1",
                 "ext-curl": "*",
                 "php-http/client-integration-tests": "^3.0",
-                "phpunit/phpunit": "^8.5.5 || ^9.3.5",
+                "phpunit/phpunit": "^8.5.29 || ^9.5.23",
                 "psr/log": "^1.1 || ^2.0 || ^3.0"
             },
             "suggest": {
@@ -45,8 +45,12 @@
             },
             "type": "library",
             "extra": {
+                "bamarni-bin": {
+                    "bin-links": true,
+                    "forward-command": false
+                },
                 "branch-alias": {
-                    "dev-master": "7.4-dev"
+                    "dev-master": "7.5-dev"
                 }
             },
             "autoload": {
@@ -112,7 +116,7 @@
             ],
             "support": {
                 "issues": "https://github.com/guzzle/guzzle/issues",
-                "source": "https://github.com/guzzle/guzzle/tree/7.4.5"
+                "source": "https://github.com/guzzle/guzzle/tree/7.5.0"
             },
             "funding": [
                 {
@@ -128,20 +132,20 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2022-06-20T22:16:13+00:00"
+            "time": "2022-08-28T15:39:27+00:00"
         },
         {
             "name": "guzzlehttp/promises",
-            "version": "1.5.1",
+            "version": "1.5.2",
             "source": {
                 "type": "git",
                 "url": "https://github.com/guzzle/promises.git",
-                "reference": "fe752aedc9fd8fcca3fe7ad05d419d32998a06da"
+                "reference": "b94b2807d85443f9719887892882d0329d1e2598"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/guzzle/promises/zipball/fe752aedc9fd8fcca3fe7ad05d419d32998a06da",
-                "reference": "fe752aedc9fd8fcca3fe7ad05d419d32998a06da",
+                "url": "https://api.github.com/repos/guzzle/promises/zipball/b94b2807d85443f9719887892882d0329d1e2598",
+                "reference": "b94b2807d85443f9719887892882d0329d1e2598",
                 "shasum": ""
             },
             "require": {
@@ -196,7 +200,7 @@
             ],
             "support": {
                 "issues": "https://github.com/guzzle/promises/issues",
-                "source": "https://github.com/guzzle/promises/tree/1.5.1"
+                "source": "https://github.com/guzzle/promises/tree/1.5.2"
             },
             "funding": [
                 {
@@ -212,20 +216,20 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2021-10-22T20:56:57+00:00"
+            "time": "2022-08-28T14:55:35+00:00"
         },
         {
             "name": "guzzlehttp/psr7",
-            "version": "2.4.0",
+            "version": "2.4.1",
             "source": {
                 "type": "git",
                 "url": "https://github.com/guzzle/psr7.git",
-                "reference": "13388f00956b1503577598873fffb5ae994b5737"
+                "reference": "69568e4293f4fa993f3b0e51c9723e1e17c41379"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/guzzle/psr7/zipball/13388f00956b1503577598873fffb5ae994b5737",
-                "reference": "13388f00956b1503577598873fffb5ae994b5737",
+                "url": "https://api.github.com/repos/guzzle/psr7/zipball/69568e4293f4fa993f3b0e51c9723e1e17c41379",
+                "reference": "69568e4293f4fa993f3b0e51c9723e1e17c41379",
                 "shasum": ""
             },
             "require": {
@@ -239,15 +243,19 @@
                 "psr/http-message-implementation": "1.0"
             },
             "require-dev": {
-                "bamarni/composer-bin-plugin": "^1.4.1",
+                "bamarni/composer-bin-plugin": "^1.8.1",
                 "http-interop/http-factory-tests": "^0.9",
-                "phpunit/phpunit": "^8.5.8 || ^9.3.10"
+                "phpunit/phpunit": "^8.5.29 || ^9.5.23"
             },
             "suggest": {
                 "laminas/laminas-httphandlerrunner": "Emit PSR-7 responses"
             },
             "type": "library",
             "extra": {
+                "bamarni-bin": {
+                    "bin-links": true,
+                    "forward-command": false
+                },
                 "branch-alias": {
                     "dev-master": "2.4-dev"
                 }
@@ -311,7 +319,7 @@
             ],
             "support": {
                 "issues": "https://github.com/guzzle/psr7/issues",
-                "source": "https://github.com/guzzle/psr7/tree/2.4.0"
+                "source": "https://github.com/guzzle/psr7/tree/2.4.1"
             },
             "funding": [
                 {
@@ -327,7 +335,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2022-06-20T21:43:11+00:00"
+            "time": "2022-08-28T14:45:39+00:00"
         },
         {
             "name": "http-interop/http-factory-guzzle",
@@ -389,25 +397,26 @@
         },
         {
             "name": "laravel/serializable-closure",
-            "version": "v1.2.0",
+            "version": "v1.2.1",
             "source": {
                 "type": "git",
                 "url": "https://github.com/laravel/serializable-closure.git",
-                "reference": "09f0e9fb61829f628205b7c94906c28740ff9540"
+                "reference": "d78fd36ba031a1a695ea5a406f29996948d7011b"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/laravel/serializable-closure/zipball/09f0e9fb61829f628205b7c94906c28740ff9540",
-                "reference": "09f0e9fb61829f628205b7c94906c28740ff9540",
+                "url": "https://api.github.com/repos/laravel/serializable-closure/zipball/d78fd36ba031a1a695ea5a406f29996948d7011b",
+                "reference": "d78fd36ba031a1a695ea5a406f29996948d7011b",
                 "shasum": ""
             },
             "require": {
                 "php": "^7.3|^8.0"
             },
             "require-dev": {
-                "pestphp/pest": "^1.18",
-                "phpstan/phpstan": "^0.12.98",
-                "symfony/var-dumper": "^5.3"
+                "nesbot/carbon": "^2.61",
+                "pestphp/pest": "^1.21.3",
+                "phpstan/phpstan": "^1.8.2",
+                "symfony/var-dumper": "^5.4.11"
             },
             "type": "library",
             "extra": {
@@ -444,7 +453,7 @@
                 "issues": "https://github.com/laravel/serializable-closure/issues",
                 "source": "https://github.com/laravel/serializable-closure"
             },
-            "time": "2022-05-16T17:09:47+00:00"
+            "time": "2022-08-26T15:25:27+00:00"
         },
         {
             "name": "nikic/fast-route",

php/containers.json

@@ -5,7 +5,6 @@
       "dependsOn": [
         "nextcloud-aio-onlyoffice",
         "nextcloud-aio-collabora",
-        "nextcloud-aio-clamav",
         "nextcloud-aio-talk",
         "nextcloud-aio-nextcloud"
       ],
@@ -80,7 +79,10 @@
       "identifier": "nextcloud-aio-nextcloud",
       "dependsOn": [
         "nextcloud-aio-database",
-        "nextcloud-aio-redis"
+        "nextcloud-aio-redis",
+        "nextcloud-aio-clamav",
+        "nextcloud-aio-fulltextsearch",
+        "nextcloud-aio-imaginary"
       ],
       "displayName": "Nextcloud",
       "containerName": "nextcloud/aio-nextcloud",
@@ -140,7 +142,13 @@
         "ONLYOFFICE_HOST=nextcloud-aio-onlyoffice",
         "UPDATE_NEXTCLOUD_APPS=%UPDATE_NEXTCLOUD_APPS%",
         "TZ=%TIMEZONE%",
-        "TALK_PORT=%TALK_PORT%"
+        "TALK_PORT=%TALK_PORT%",
+        "IMAGINARY_ENABLED=%IMAGINARY_ENABLED%",
+        "IMAGINARY_HOST=nextcloud-aio-imaginary",
+        "PHP_UPLOAD_LIMIT=%NEXTCLOUD_UPLOAD_LIMIT%",
+        "FULLTEXTSEARCH_ENABLED=%FULLTEXTSEARCH_ENABLED%",
+        "FULLTEXTSEARCH_HOST=nextcloud-aio-fulltextsearch",
+        "PHP_MAX_TIME=%NEXTCLOUD_MAX_TIME%"
       ],
       "maxShutdownTime": 10,
       "restartPolicy": "unless-stopped"
@@ -226,7 +234,9 @@
         "BORG_PASSWORD=%BORGBACKUP_PASSWORD%",
         "BORG_MODE=%BORGBACKUP_MODE%",
         "SELECTED_RESTORE_TIME=%SELECTED_RESTORE_TIME%",
-        "BACKUP_RESTORE_PASSWORD=%BACKUP_RESTORE_PASSWORD%"
+        "BACKUP_RESTORE_PASSWORD=%BACKUP_RESTORE_PASSWORD%",
+        "ADDITIONAL_DIRECTORIES_BACKUP=%ADDITIONAL_DIRECTORIES_BACKUP%",
+        "BORGBACKUP_HOST_LOCATION=%BORGBACKUP_HOST_LOCATION%"
       ],
       "volumes": [
         {
@@ -367,6 +377,48 @@
       ],
       "maxShutdownTime": 10,
       "restartPolicy": "unless-stopped"
+    },
+    {
+      "identifier": "nextcloud-aio-imaginary",
+      "dependsOn": [],
+      "displayName": "Imaginary",
+      "containerName": "nextcloud/aio-imaginary",
+      "ports": [],
+      "internalPorts": [
+        "9000"
+      ],
+      "environmentVariables": [
+        "TZ=%TIMEZONE%"
+      ],
+      "volumes": [],
+      "secrets": [],
+      "maxShutdownTime": 10,
+      "restartPolicy": "unless-stopped"
+    },
+    {
+      "identifier": "nextcloud-aio-fulltextsearch",
+      "dependsOn": [],
+      "displayName": "Fulltextsearch",
+      "containerName": "nextcloud/aio-fulltextsearch",
+      "ports": [],
+      "internalPorts": [
+        "9200"
+      ],
+      "environmentVariables": [
+        "TZ=%TIMEZONE%",
+        "discovery.type=single-node",
+        "ES_JAVA_OPTS=-Xms1024M -Xmx1024M"
+      ],
+      "volumes": [
+        {
+          "name": "nextcloud_aio_elasticsearch",
+          "location": "/usr/share/elasticsearch/data",
+          "writeable": true
+        }
+      ],
+      "secrets": [],
+      "maxShutdownTime": 10,
+      "restartPolicy": "unless-stopped"
     }
   ]
 }

php/psalm-baseline.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<files psalm-version="4.26.0@6998fabb2bf528b65777bf9941920888d23c03ac">
+<files psalm-version="4.27.0@faf106e717c37b8c81721845dba9de3d8deed8ff">
   <file src="public/index.php">
     <MissingClosureParamType occurrences="10">
       <code>$args</code>

php/public/disable-fulltextsearch.js

@@ -0,0 +1,5 @@
+document.addEventListener("DOMContentLoaded", function(event) {
+    // Fulltextsearch
+    var fulltextsearch = document.getElementById("fulltextsearch");
+    fulltextsearch.disabled = true;
+}); 

php/public/disable-imaginary.js

@@ -0,0 +1,5 @@
+document.addEventListener("DOMContentLoaded", function(event) {
+    // Imaginary
+    var imaginary = document.getElementById("imaginary");
+    imaginary.disabled = true;
+});

php/public/disable-onlyoffice.js

@@ -1,5 +1,9 @@
-document.addEventListener("DOMContentLoaded", function(event) {
-    // OnlyOffice
-    var onlyoffice = document.getElementById("onlyoffice");
-    onlyoffice.disabled = true;
+document.addEventListener("DOMContentLoaded", function(event) {
+    // OnlyOffice
+    try {
+        var onlyoffice = document.getElementById("onlyoffice");
+        onlyoffice.disabled = true;
+    } catch (error) {
+        // console.error(error);
+    }
 });

php/public/index.php

@@ -102,6 +102,9 @@ $app->get('/containers', function ($request, $response, $args) use ($container)
         'collabora_dictionaries' => $configurationManager->GetCollaboraDictionaries(),
         'automatic_updates' => $configurationManager->areAutomaticUpdatesEnabled(),
         'is_backup_section_enabled' => $configurationManager->isBackupSectionEnabled(),
+        'is_imaginary_enabled' => $configurationManager->isImaginaryEnabled(),
+        'is_fulltextsearch_enabled' => $configurationManager->isFulltextsearchEnabled(),
+        'additional_backup_directories' => $configurationManager->GetAdditionalBackupDirectoriesString(),
     ]);
 })->setName('profile');
 $app->get('/login', function ($request, $response, $args) use ($container) {

php/public/options-form-submit.js

@@ -13,8 +13,12 @@ document.addEventListener("DOMContentLoaded", function(event) {
     clamav.addEventListener('change', makeOptionsFormSubmitVisible);
 
     // OnlyOffice
-    var onlyoffice = document.getElementById("onlyoffice");
-    onlyoffice.addEventListener('change', makeOptionsFormSubmitVisible);
+    try {
+        var onlyoffice = document.getElementById("onlyoffice");
+        onlyoffice.addEventListener('change', makeOptionsFormSubmitVisible);
+    } catch (error) {
+        // console.error(error);
+    }
 
     // Collabora
     var collabora = document.getElementById("collabora");
@@ -23,4 +27,12 @@ document.addEventListener("DOMContentLoaded", function(event) {
     // Talk
     var talk = document.getElementById("talk");
     talk.addEventListener('change', makeOptionsFormSubmitVisible);
+
+    // Imaginary
+    var imaginary = document.getElementById("imaginary");
+    imaginary.addEventListener('change', makeOptionsFormSubmitVisible);
+
+    // Fulltextsearch
+    var fulltextsearch = document.getElementById("fulltextsearch");
+    fulltextsearch.addEventListener('change', makeOptionsFormSubmitVisible);
 });

php/src/ContainerDefinitionFetcher.php

@@ -65,6 +65,14 @@ class ContainerDefinitionFetcher
                 if (!$this->configurationManager->isTalkEnabled()) {
                     continue;
                 }
+            } elseif ($entry['identifier'] === 'nextcloud-aio-imaginary') {
+                if (!$this->configurationManager->isImaginaryEnabled()) {
+                    continue;
+                }
+            } elseif ($entry['identifier'] === 'nextcloud-aio-fulltextsearch') {
+                if (!$this->configurationManager->isFulltextsearchEnabled()) {
+                    continue;
+                }
             }
 
             $ports = new ContainerPorts();
@@ -146,6 +154,14 @@ class ContainerDefinitionFetcher
                     if (!$this->configurationManager->isTalkEnabled()) {
                         continue;
                     }
+                } elseif ($value === 'nextcloud-aio-imaginary') {
+                    if (!$this->configurationManager->isImaginaryEnabled()) {
+                        continue;
+                    }
+                } elseif ($value === 'nextcloud-aio-fulltextsearch') {
+                    if (!$this->configurationManager->isFulltextsearchEnabled()) {
+                        continue;
+                    }
                 }
                 $dependsOn[] = $value;
             }

php/src/Controller/ConfigurationController.php

@@ -57,6 +57,11 @@ class ConfigurationController
                 $this->configurationManager->DeleteDailyBackupTime();
             }
 
+            if (isset($request->getParsedBody()['additional_backup_directories'])) {
+                $additionalBackupDirectories = $request->getParsedBody()['additional_backup_directories'] ?? '';
+                $this->configurationManager->SetAdditionalBackupDirectories($additionalBackupDirectories);
+            }
+
             if (isset($request->getParsedBody()['delete_timezone'])) {
                 $this->configurationManager->DeleteTimezone();
             }
@@ -90,6 +95,16 @@ class ConfigurationController
                 } else {
                     $this->configurationManager->SetTalkEnabledState(0);
                 }
+                if (isset($request->getParsedBody()['imaginary'])) {
+                    $this->configurationManager->SetImaginaryEnabledState(1);
+                } else {
+                    $this->configurationManager->SetImaginaryEnabledState(0);
+                }
+                if (isset($request->getParsedBody()['fulltextsearch'])) {
+                    $this->configurationManager->SetFulltextsearchEnabledState(1);
+                } else {
+                    $this->configurationManager->SetFulltextsearchEnabledState(0);
+                }
             }
 
             if (isset($request->getParsedBody()['delete_collabora_dictionaries'])) {

php/src/Controller/DockerController.php

@@ -30,20 +30,19 @@ class DockerController
         $container = $this->containerDefinitionFetcher->GetContainerById($id);
 
         foreach($container->GetDependsOn() as $dependency) {
-            $this->PerformRecursiveContainerStart($dependency);
+            $this->PerformRecursiveContainerStart($dependency, $pullContainer);
         }
 
         if ($id === 'nextcloud-aio-database') {
             if ($this->dockerActionManager->GetDatabasecontainerExitCode() > 0) {
                 $pullContainer = false;
+                error_log('Not pulling the latest database image because the container was not correctly shut down.');
             }
         }
         $this->dockerActionManager->DeleteContainer($container);
         $this->dockerActionManager->CreateVolumes($container);
         if ($pullContainer) {
             $this->dockerActionManager->PullContainer($container);
-        } else {
-            error_log('Not pulling the latest database image because the container was not correctly shut down.');
         }
         $this->dockerActionManager->CreateContainer($container);
         $this->dockerActionManager->StartContainer($container);
@@ -86,14 +85,17 @@ class DockerController
     }
 
     public function StartBackupContainerCheck(Request $request, Response $response, $args) : Response {
+        $this->checkBackup();
+        return $response->withStatus(201)->withHeader('Location', '/');
+    }
+
+    public function checkBackup() : void {
         $config = $this->configurationManager->GetConfig();
         $config['backup-mode'] = 'check';
         $this->configurationManager->WriteConfig($config);
 
         $id = 'nextcloud-aio-borgbackup';
         $this->PerformRecursiveContainerStart($id);
-
-        return $response->withStatus(201)->withHeader('Location', '/');
     }
 
     public function StartBackupContainerRestore(Request $request, Response $response, $args) : Response {

php/src/Cron/CheckBackup.php

@@ -0,0 +1,17 @@
+<?php
+declare(strict_types=1);
+
+// increase memory limit to 2GB
+ini_set('memory_limit', '2048M');
+
+use DI\Container;
+
+require __DIR__ . '/../../vendor/autoload.php';
+
+$container = \AIO\DependencyInjection::GetContainer();
+
+/** @var \AIO\Controller\DockerController $dockerController */
+$dockerController = $container->get(\AIO\Controller\DockerController::class);
+
+// Stop container and start backup check
+$dockerController->checkBackup();

php/src/Data/ConfigurationManager.php

@@ -139,6 +139,36 @@ class ConfigurationManager
         $this->WriteConfig($config);
     }
 
+    public function isImaginaryEnabled() : bool {
+        $config = $this->GetConfig();
+        if (isset($config['isImaginaryEnabled']) && $config['isImaginaryEnabled'] === 1) {
+            return true;
+        } else {
+            return false;
+        }
+    }
+
+    public function SetImaginaryEnabledState(int $value) : void {
+        $config = $this->GetConfig();
+        $config['isImaginaryEnabled'] = $value;
+        $this->WriteConfig($config);
+    }
+
+    public function isFulltextsearchEnabled() : bool {
+        $config = $this->GetConfig();
+        if (isset($config['isFulltextsearchEnabled']) && $config['isFulltextsearchEnabled'] === 1) {
+            return true;
+        } else {
+            return false;
+        }
+    }
+
+    public function SetFulltextsearchEnabledState(int $value) : void {
+        $config = $this->GetConfig();
+        $config['isFulltextsearchEnabled'] = $value;
+        $this->WriteConfig($config);
+    }
+
     public function isOnlyofficeEnabled() : bool {
         $config = $this->GetConfig();
         if (isset($config['isOnlyofficeEnabled']) && $config['isOnlyofficeEnabled'] === 1) {
@@ -487,6 +517,20 @@ class ConfigurationManager
         return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue);
     }
 
+    public function GetNextcloudUploadLimit() : string {
+        $envVariableName = 'NEXTCLOUD_UPLOAD_LIMIT';
+        $configName = 'nextcloud_upload_limit';
+        $defaultValue = '10G';
+        return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue);
+    }
+
+    public function GetNextcloudMaxTime() : string {
+        $envVariableName = 'NEXTCLOUD_MAX_TIME';
+        $configName = 'nextcloud_max_time';
+        $defaultValue = '3600';
+        return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue);
+    }
+
     public function GetDockerSocketPath() : string {
         $envVariableName = 'DOCKER_SOCKET_PATH';
         $configName = 'docker_socket_path';
@@ -540,6 +584,45 @@ class ConfigurationManager
         }
     }
 
+    /**
+     * @throws InvalidSettingConfigurationException
+     */
+    public function SetAdditionalBackupDirectories(string $additionalBackupDirectories) : void {
+        $additionalBackupDirectoriesArray = explode("\n", $additionalBackupDirectories);
+        $validDirectories = '';
+        foreach($additionalBackupDirectoriesArray as $entry) {
+            // Trim all unwanted chars on both sites
+            $entry = trim($entry);
+            if ($entry !== "") {
+                if (!preg_match("#^/[0-1a-zA-Z/-_]+$#", $entry) && !preg_match("#^[0-1a-zA-Z_-]+$#", $entry)) {
+                    throw new InvalidSettingConfigurationException("You entered unallowed characters! Problematic is " . $entry);
+                }
+                $validDirectories .= rtrim($entry, '/') . PHP_EOL;
+            }
+        }
+
+        if ($validDirectories === '') {
+            unlink(DataConst::GetAdditionalBackupDirectoriesFile());
+        } else {
+            file_put_contents(DataConst::GetAdditionalBackupDirectoriesFile(), $validDirectories);
+        }
+    }
+
+    public function GetAdditionalBackupDirectoriesString() : string {
+        if (!file_exists(DataConst::GetAdditionalBackupDirectoriesFile())) {
+            return '';
+        }
+        $additionalBackupDirectories = file_get_contents(DataConst::GetAdditionalBackupDirectoriesFile());
+        return $additionalBackupDirectories;
+    }
+
+    public function GetAdditionalBackupDirectoriesArray() : array {
+        $additionalBackupDirectories = $this->GetAdditionalBackupDirectoriesString();
+        $additionalBackupDirectoriesArray = explode("\n", $additionalBackupDirectories);
+        $additionalBackupDirectoriesArray = array_unique($additionalBackupDirectoriesArray, SORT_REGULAR);
+        return $additionalBackupDirectoriesArray;
+    }
+
     public function isDailyBackupRunning() : bool {
         if (file_exists(DataConst::GetDailyBackupBlockFile())) {
             return true;

php/src/Data/DataConst.php

@@ -31,6 +31,10 @@ class DataConst {
         return self::GetDataDirectory() . '/daily_backup_time';
     }
 
+    public static function GetAdditionalBackupDirectoriesFile() : string {
+        return self::GetDataDirectory() . '/additional_backup_directories';
+    }
+
     public static function GetDailyBackupBlockFile() : string {
         return self::GetDataDirectory() . '/daily_backup_running';
     }

php/src/Docker/DockerActionManager.php

@@ -162,11 +162,11 @@ class DockerActionManager
         $response = "";
         $separator = "\r\n";
         $line = strtok($responseBody, $separator);
-        $response = substr($line, 8) . "\n";
+        $response = substr($line, 8) . $separator;
 
         while ($line !== false) {
             $line = strtok($separator);
-            $response .= substr($line, 8) . "\n";
+            $response .= substr($line, 8) . $separator;
         }
 
         return $response;
@@ -298,6 +298,30 @@ class DockerActionManager
                     } else {
                         $replacements[1] = $this->configurationManager->GetCollaboraDictionaries();
                     }
+                } elseif ($out[1] === 'IMAGINARY_ENABLED') {
+                    if ($this->configurationManager->isImaginaryEnabled()) {
+                        $replacements[1] = 'yes';
+                    } else {
+                        $replacements[1] = '';
+                    }
+                } elseif ($out[1] === 'FULLTEXTSEARCH_ENABLED') {
+                    if ($this->configurationManager->isFulltextsearchEnabled()) {
+                        $replacements[1] = 'yes';
+                    } else {
+                        $replacements[1] = '';
+                    }
+                } elseif ($out[1] === 'NEXTCLOUD_UPLOAD_LIMIT') {
+                    $replacements[1] = $this->configurationManager->GetNextcloudUploadLimit();
+                } elseif ($out[1] === 'NEXTCLOUD_MAX_TIME') {
+                    $replacements[1] = $this->configurationManager->GetNextcloudMaxTime();
+                } elseif ($out[1] === 'ADDITIONAL_DIRECTORIES_BACKUP') {
+                    if ($this->configurationManager->GetAdditionalBackupDirectoriesString() !== '') {
+                        $replacements[1] = 'yes';
+                    } else {
+                        $replacements[1] = '';
+                    }
+                } elseif ($out[1] === 'BORGBACKUP_HOST_LOCATION') {
+                    $replacements[1] = $this->configurationManager->GetBorgBackupHostLocation();
                 } else {
                     $replacements[1] = $this->configurationManager->GetSecret($out[1]);
                 }
@@ -338,6 +362,21 @@ class DockerActionManager
             $requestBody['HostConfig']['CapAdd'] = ["SYS_ADMIN"];
             $requestBody['HostConfig']['Devices'] = [["PathOnHost" => "/dev/fuse", "PathInContainer" => "/dev/fuse", "CgroupPermissions" => "rwm"]];
             $requestBody['HostConfig']['SecurityOpt'] = ["apparmor:unconfined"];
+            
+            // Additional backup directories
+            $mounts = [];
+            foreach ($this->configurationManager->GetAdditionalBackupDirectoriesArray() as $additionalBackupDirectories) {
+                if ($additionalBackupDirectories !== '') {
+                    if (!str_starts_with($additionalBackupDirectories, '/')) {
+                        $mounts[] = ["Type" => "volume", "Source" => $additionalBackupDirectories, "Target" => "/docker_volumes/" . $additionalBackupDirectories, "ReadOnly" => true];
+                    } else {
+                        $mounts[] = ["Type" => "bind", "Source" => $additionalBackupDirectories, "Target" => "/host_mounts" . $additionalBackupDirectories, "ReadOnly" => true, "BindOptions" => ["NonRecursive" => true]];
+                    }
+                }
+            }
+            if(count($mounts) > 0) {
+                $requestBody['HostConfig']['Mounts'] = $mounts;
+            }
         }
 
         $url = $this->BuildApiUrl('containers/create?name=' . $container->GetIdentifier());

php/templates/containers.twig

@@ -16,7 +16,7 @@
     </header>
 
     <div class="content">
-        <h1>Nextcloud AIO v1.7.1</h1>
+        <h1>Nextcloud AIO v2.0.2</h1>
 
         {% set isAnyRunning = false %}
         {% set isAnyRestarting = false %}
@@ -371,7 +371,7 @@
                                         </form>
 
                                         <h3>Backup restore</h3>
-                                        Choose the backup that you want to restore and click on the button below to restore the selected backup. This will overwrite all your files with the state of the backup so you should consider creating a backup first. It also makes sense to run an integrity check before restoring your files but is not mandatory since it shouldn't be needed in most situations.<br><br>
+                                        Choose the backup that you want to restore and click on the button below to restore the selected backup. This will overwrite all your files with the state of the backup so you should consider creating a backup first. It also makes sense to run an integrity check before restoring your files but is not mandatory since it shouldn't be needed in most situations. Please note that this will not restore additionally chosen backup directories!<br><br>
                                         <form method="POST" action="/api/docker/restore" class="xhr" id="restore_selection">
                                             <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
                                             <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
@@ -406,6 +406,21 @@
                                                 <input class="button" type="submit" value="Disable daily backups" />
                                             </form>
                                         {% endif %}
+
+                                        <h3>Back up additional directories and docker volumes of your host</h3>
+                                        Below, you can enter directories and docker volumes of your host that will backed up additionally into the same borg backup archive.<br><br>
+                                        <form method="POST" action="/api/configuration" class="xhr">
+                                            <textarea id="additional_backup_directories" name="additional_backup_directories" rows="4" cols="50" placeholder="/directory/on/the/host&#10;my_custom_docker_volume">{{ additional_backup_directories }}</textarea>
+                                            <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
+                                            <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
+                                            <input class="button" type="submit" value="Submit" /><br>
+                                        </form>
+                                        Each line and entry needs to start with a slash or letter/digit. Allowed are only <b>a-z</b>, <b>A-Z</b>, <b>0-9</b>, <b>_</b>, <b>-</b>, and <b>/</b>. If the entry begins with a letter/digit are slashes not supported. Two valid entries are <b>/directory/on/the/host</b> and <b>my_custom_docker_volume</b>. You need to make sure yourself that all given directories exist. Otherwise the backup container will fail starting!<br><br/>
+                                        Make sure to specify all storages that you want to back up separately since storages will not be mounted recursively. E.g. providing <b>/</b> as additional backup directory will only back up files and folders that are stored on the root partition and not on the EFI partition or any other. Excluded by the backup will be caches and a few other directories. You should make sure to stop all services before the backup can run correctly if you want to back up the root partition. For automating this see <a href="https://github.com/nextcloud/all-in-one#how-to-stopstartupdate-containers-or-trigger-the-daily-backup-from-a-script-externally">this documentation</a><br><br/>
+                                        Please note that the chosen directories/volumes will not be restored when you restore your instance, so this would need to be done manually. <br><br>
+                                        {% if additional_backup_directories != "" %}
+                                            This option is currently set. You can disable it again by clearing the field and submitting your changes.<br><br>
+                                        {% endif %}
                                     {% endif %}
                                 {% endif %}
                                 {% if has_backup_run_once == false %}
@@ -452,6 +467,16 @@
                         {% else %}
                             <input type="checkbox" id="collabora" name="collabora"><label for="collabora">Collabora (Nextcloud Office)</label><br>
                         {% endif %}
+                        {% if is_fulltextsearch_enabled == true %}
+                            <input type="checkbox" id="fulltextsearch" name="fulltextsearch" checked="checked"><label for="fulltextsearch">Fulltextsearch (needs ~1GB additional RAM)</label><br>
+                        {% else %}
+                            <input type="checkbox" id="fulltextsearch" name="fulltextsearch"><label for="fulltextsearch">Fulltextsearch (needs ~1GB additional RAM)</label><br>
+                        {% endif %}
+                        {% if is_imaginary_enabled == true %}
+                            <input type="checkbox" id="imaginary" name="imaginary" checked="checked"><label for="imaginary">Imaginary</label><br>
+                        {% else %}
+                            <input type="checkbox" id="imaginary" name="imaginary"><label for="imaginary">Imaginary</label><br>
+                        {% endif %}
                         {% if is_talk_enabled == true %}
                             <input type="checkbox" id="talk" name="talk" checked="checked"><label for="talk">Nextcloud Talk (needs ports {{ talk_port }}/TCP and {{ talk_port }}/UDP open in your firewall/router)</label><br><br>
                         {% else %}
@@ -460,11 +485,11 @@
                         {% if is_onlyoffice_enabled == true %}
                             <input type="checkbox" id="onlyoffice" name="onlyoffice" checked="checked"><label for="onlyoffice">OnlyOffice (only supported on x64)</label><br>
                         {% else %}
-                            <input type="checkbox" id="onlyoffice" name="onlyoffice"><label for="onlyoffice">OnlyOffice (only supported on x64)</label><br>
+                            {#<input type="checkbox" id="onlyoffice" name="onlyoffice"><label for="onlyoffice">OnlyOffice (only supported on x64)</label><br>#}
                         {% endif %}
                         <input id="options-form-submit" class="button" type="submit" value="Save changes" />
                     </form>
-                    <b>System requirements:</b> When any optional addon is enabled, at least 2GB RAM, a dual-core CPU and 40GB system storage are required. When enabling ClamAV, at least 3GB RAM are required.<br><br>
+                    <b>Minimal system requirements:</b> When any optional addon is enabled, at least 2GB RAM, a dual-core CPU and 40GB system storage are required. When enabling ClamAV or Fulltextsearch, at least 3GB RAM are required. When enabling everything, at least 4GB RAM are required. Recommended are at least 1GB more RAM than the minimal requirement.<br><br>
                     {% if isAnyRunning == true or is_x64_platform == false %}
                         <script type="text/javascript" src="disable-clamav.js"></script>
                         <script type="text/javascript" src="disable-onlyoffice.js"></script>
@@ -472,6 +497,8 @@
                     {% if isAnyRunning == true %}
                         <script type="text/javascript" src="disable-talk.js"></script>
                         <script type="text/javascript" src="disable-collabora.js"></script>
+                        <script type="text/javascript" src="disable-imaginary.js"></script>
+                        <script type="text/javascript" src="disable-fulltextsearch.js"></script>
                     {% endif %}
 
                     {% if is_collabora_enabled == true and isAnyRunning == false and was_start_button_clicked == true %}
@@ -511,7 +538,7 @@
                                 <input type="text" name="timezone" placeholder="Europe/Berlin" />
                                 <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
                                 <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
-                                <input class="button" type="submit" value="Submit" />
+                                <input class="button" type="submit" value="Submit" onclick="return confirm('Are you sure that this is a valid timezone? Please double check by following the wikipedia article and checking the correct column since if not, it will break the startup since the database will not get correctly initialized and you will end in a startup loop.')" />
                             </form>
                             You need to make sure that the timezone that you enter is valid. An example is <b>Europe/Berlin</b>. You can get valid values by looking at the 'TZ database name' column of this list: <a href="https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List"><b>click here</b></a>.<br><br>
                         {% else %}

readme.md

@@ -7,8 +7,9 @@ Included are:
 - High performance backend for Nextcloud Files
 - High performance backend for Nextcloud Talk
 - Backup solution (based on [BorgBackup](https://github.com/borgbackup/borg#what-is-borgbackup))
-- OnlyOffice
+- Imaginary
 - ClamAV
+- Fulltextsearch
 
 ## How to use this?
 The following instructions are especially meant for Linux. For macOS see [this](#how-to-run-aio-on-macos), for Windows see [this](#how-to-run-aio-on-windows).
@@ -21,12 +22,13 @@ The following instructions are especially meant for Linux. For macOS see [this](
     (For people that cannot use ports 80 and/or 443 on this server, please follow the [reverse proxy documentation](https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md) because port 443 is used by this project and opened on the host by default even though it does not look like this is the case. Otherwise please run the command below!)
     ```
     # For x64 CPUs:
-    sudo docker run -it \
+    sudo docker run \
+    --sig-proxy=false \
     --name nextcloud-aio-mastercontainer \
     --restart always \
-    -p 80:80 \
-    -p 8080:8080 \
-    -p 8443:8443 \
+    --publish 80:80 \
+    --publish 8080:8080 \
+    --publish 8443:8443 \
     --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \
     --volume /var/run/docker.sock:/var/run/docker.sock:ro \
     nextcloud/all-in-one:latest
@@ -36,12 +38,13 @@ The following instructions are especially meant for Linux. For macOS see [this](
 
     ```
     # For arm64 CPUs:
-    sudo docker run -it \
+    sudo docker run \
+    --sig-proxy=false \
     --name nextcloud-aio-mastercontainer \
     --restart always \
-    -p 80:80 \
-    -p 8080:8080 \
-    -p 8443:8443 \
+    --publish 80:80 \
+    --publish 8080:8080 \
+    --publish 8443:8443 \
     --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \
     --volume /var/run/docker.sock:/var/run/docker.sock:ro \
     nextcloud/all-in-one:latest-arm64
@@ -81,12 +84,13 @@ On macOS, there are two things different in comparison to Linux: instead of usin
 On Windows, the following command should work in the command prompt after you installed [Docker Desktop](https://www.docker.com/products/docker-desktop/):
 
 ```
-docker run -it ^
+docker run ^
+--sig-proxy=false ^
 --name nextcloud-aio-mastercontainer ^
 --restart always ^
--p 80:80 ^
--p 8080:8080 ^
--p 8443:8443 ^
+--publish 80:80 ^
+--publish 8080:8080 ^
+--publish 8443:8443 ^
 --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config ^
 --volume //var/run/docker.sock:/var/run/docker.sock:ro ^
 nextcloud/all-in-one:latest
@@ -377,8 +381,9 @@ You can do so by running the `/daily-backup.sh` script that is stored in the mas
 - `DAILY_BACKUP` if set to `1`, it will automatically stop the containers and create a backup. If you want to start them again afterwards, you may have a look at the `START_CONTAINERS` option. Please be aware that this option is non-blocking which means that the backup is not done when the process is finished since it only start the borgbackup container with the correct configuration.
 - `START_CONTAINERS` if set to `1`, it will automatically start the containers without updating them.
 - `STOP_CONTAINERS` if set to `1`, it will automatically stop the containers.
+- `CHECK_BACKUP` if set to `1`, it will start the backup check. This is not allowed to be enabled at the same time like `DAILY_BACKUP`.
 
-One example for this would be `sudo docker exec -it nextcloud-aio-mastercontainer DAILY_BACKUP=1 /daily-backup.sh`, which you can run via a cronjob or put it in a script.
+One example for this would be `sudo docker exec -it -e DAILY_BACKUP=1 nextcloud-aio-mastercontainer /daily-backup.sh`, which you can run via a cronjob or put it in a script.
 
 ### How to disable the backup section?
 If you already have a backup solution in place, you may want to hide the backup section. You can do so by adding `-e DISABLE_BACKUP_SECTION=true` to the initial startup of the mastercontainer.
@@ -425,6 +430,12 @@ Be aware though that these locations will not be covered by the built-in backup
 ### How to adjust the Talk port?
 By default will the talk container use port `3478/UDP` and `3478/TCP` for connections. You can adjust the port by adding e.g. `-e TALK_PORT=3478` to the initial docker run command and adjusting the port to your desired value.
 
+### How to adjust the upload limit for Nextcloud?
+By default are uploads to Nextcloud limited to a max of 10G. You can adjust the upload limit by providing `-e NEXTCLOUD_UPLOAD_LIMIT=10G` to the docker run command of the mastercontainer and customize the value to your fitting. It must start with a number and end with `G` e.g. `10G`.
+
+### How to adjust the max execution time for Nextcloud?
+By default are uploads to Nextcloud limited to a max of 3600s. You can adjust the upload time limit by providing `-e NEXTCLOUD_MAX_TIME=3600` to the docker run command of the mastercontainer and customize the value to your fitting. It must be a number e.g. `3600`.
+
 ### What can I do to fix the internal or reserved ip-address error?
 If you get an error during the domain validation which states that your ip-address is an internal or reserved ip-address, you can fix this by first making sure that your domain indeed has the correct public ip-address that points to the server and then adding `--add-host yourdomain.com:<public-ip-address>` to the initial docker run command which will allow the domain validation to work correctly. And so that you know: even if the `A` record of your domain should change over time, this is no problem since the mastercontainer will not make any attempt to access the chosen domain after the initial domain validation.
 

reverse-proxy.md

@@ -64,6 +64,9 @@ Add this as a new Apache site config:
     <Files ".ht*">
         Require all denied
     </Files>
+
+    # Support big file uploads
+    LimitRequestBody 0
 </VirtualHost>
 ```
 
@@ -138,7 +141,7 @@ Although it does not seems like it is the case but from AIO perspective a Cloudf
 
 <summary>click here to expand</summary>
 
-**Disclaimer:** the config below is not working 100% correctly, yet. See e.g. https://github.com/nextcloud/all-in-one/issues/450, https://github.com/nextcloud/all-in-one/issues/447 and https://github.com/nextcloud/all-in-one/issues/491. Improvements to it are very welcome!
+**Disclaimer:** It might be possible that the config below is not working 100% correctly, yet. Improvements to it are very welcome!
 
 Add this to you nginx config:
 
@@ -271,10 +274,11 @@ After adjusting your reverse proxy config, use the following command to start AI
 
 ```
 # For x64 CPUs:
-sudo docker run -it \
+sudo docker run \
+--sig-proxy=false \
 --name nextcloud-aio-mastercontainer \
 --restart always \
--p 8080:8080 \
+--publish 8080:8080 \
 -e APACHE_PORT=11000 \
 --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \
 --volume /var/run/docker.sock:/var/run/docker.sock:ro \
@@ -289,10 +293,11 @@ You should also think about limiting the apache container to listen only on loca
 
 ```
 # For arm64 CPUs:
-sudo docker run -it \
+sudo docker run \
+--sig-proxy=false \
 --name nextcloud-aio-mastercontainer \
 --restart always \
--p 8080:8080 \
+--publish 8080:8080 \
 -e APACHE_PORT=11000 \
 --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \
 --volume /var/run/docker.sock:/var/run/docker.sock:ro \
@@ -308,10 +313,11 @@ On macOS see https://github.com/nextcloud/all-in-one#how-to-run-aio-on-macos.
 <summary>Command for Windows</summary>
 
 ```
-docker run -it ^
+docker run ^
+--sig-proxy=false ^
 --name nextcloud-aio-mastercontainer ^
 --restart always ^
--p 8080:8080 ^
+--publish 8080:8080 ^
 -e APACHE_PORT=11000 ^
 --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config ^
 --volume //var/run/docker.sock:/var/run/docker.sock:ro ^

tests/QA/020-backup-and-restore.md

@@ -7,5 +7,6 @@
 - [ ] Submitting a time here should reload the page and reveal at the same place the option to delete the setting again.
 - [ ] When the time of the automatic backup has come (you can test it by choosing a time that is e.g. only a minute away), it should automatically log you out (you can verify by reloading) and after you log in again you should see that the automatic backup is currently running.
 - [ ] After a while you should see that your container are starting and in the Backup and restore section you should see that the backup was successful
+- [ ] When entering additional backup directories, it should allow e.g. `/etc` and `nextcloud_aio_mastercontainer` but not `nextcloud/test`. Running a backup with this should back up these directories/volumes successfully.
 
 You can now continue with [030-aio-password-change.md](./030-aio-password-change.md)

tests/QA/050-optional-addons.md

@@ -7,7 +7,8 @@
     - [ ] ClamAV by trying to upload a testvirus to Nextcloud https://www.eicar.org/?page_id=3950
     - [ ] Collabora by trying to open a .docx or .odt file in Nextcloud
     - [ ] Nextcloud Talk by opening the Talk app in Nextcloud, creating a new chat and trying to join a call in this chat. Also verifying in the settings that the HPB and turn server work.
-    - [ ] Onlyoffice by trying to open a .docx file in Nextcloud
+    - [ ] Imaginary by having a look if when uploading a new picture in Nextcloud, it adds some log entries to the container
+    - [ ] Fulltextsearch by trying to search for a heading inside a file in Nextcloud
 - [ ] When Collabora is enabled, it should show below the Optional Addons section a section where you can change the dictionaries for collabora. `de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru` should be a valid setting. E.g. `de.De` not. If already set, it should show a button that allows to remove the setting again.
 
 You can now continue with [060-environmental-variables.md](./060-environmental-variables.md)

tests/QA/060-environmental-variables.md

@@ -7,6 +7,8 @@
 - [ ] When starting the mastercontainer with `-e SKIP_DOMAIN_VALIDATION=true` on a clean instance, it should skip the domain verification. So it should accept any domain that you type in then.
 - [ ] When starting the mastercontainer with `-e NEXTCLOUD_DATADIR="/mnt/testdata"` it should map that location from `/mnt/testdata` to `/mnt/ncdata` inside the Nextcloud container. Not having adjusted the permissions correctly before starting the Nextcloud container the first time will not allow the Nextcloud container to start correctly. See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir for allowed values.
 - [ ] When starting the mastercontainer with `-e NEXTCLOUD_MOUNT="/mnt/"` it should map `/mnt/` to `/mnt/` inside the Nextcloud container. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host for allowed values.
+- [ ] When starting the mastercontainer with `-e NEXTCLOUD_UPLOAD_LIMIT=11G` it should change Nextclouds upload limit to 11G. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-upload-limit-for-nextcloud for allowed values.
+- [ ] When starting the mastercontainer with `-e NEXTCLOUD_MAX_TIME=4000` it should change Nextclouds upload max time 4000s. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-max-execution-time-for-nextcloud for allowed values.
 - [ ] When starting the mastercontainer with `-e DOCKER_SOCKET_PATH="/var/run/docker.sock.raw"` it should map `/var/run/docker.sock.raw` to `/var/run/docker.sock` inside the watchtower container which allow to update the mastercontainer on macos and with docker rootless.
 - [ ] When starting the mastercontainer with `-e DISABLE_BACKUP_SECTION=true` it should hide the backup section that gets shown after AIO is set up (everything of [020-backup-and-restore](./020-backup-and-restore.md)) and simply show that the backup section is disabled.