Update index.yaml

Signed-off-by: szaimen <szaimen@users.noreply.github.com>
Update index.yaml
2026-05-21 10:50:10 +00:00 · 2026-05-16 07:26:45 +00:00 · 2026-05-13 14:10:42 +00:00 · 2026-05-13 16:07:06 +02:00 · 2026-05-13 16:07:00 +02:00 · 2026-05-13 09:19:47 +00:00
166 changed files with 3200 additions and 4087 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -108,15 +108,6 @@ updates:
  labels:
  - 3. to review
  - dependencies
- package-ecosystem: "docker"
-  directory: "/Containers/talk-recording"
-  schedule:
-    interval: "daily"
-    time: "12:00"
-  open-pull-requests-limit: 10
-  labels:
-  - 3. to review
-  - dependencies
 - package-ecosystem: "docker"
  directory: "/Containers/watchtower"
  schedule:
--- a/.github/workflows/codespell.yml
+++ b/.github/workflows/codespell.yml
@@ -1,20 +0,0 @@
-name: 'Codespell'
-
-on:
-  pull_request:
-  push:
-    branches:
-      - main
-
-jobs:
-  codespell:
-    name: Check spelling
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check out code
-        uses: actions/checkout@v3
-      - name: Check spelling
-        uses: codespell-project/actions-codespell@v2
-        with:
-          check_filenames: true
-          check_hidden: true
--- a/.github/workflows/command-rebase.yml
+++ b/.github/workflows/command-rebase.yml
@@ -23,7 +23,7 @@ jobs:

    steps:
      - name: Add reaction on start
-        uses: peter-evans/create-or-update-comment@c6c9a1a66007646a28c153e2a8580a5bad27bcfa # v3.0.2
+        uses: peter-evans/create-or-update-comment@v2
        with:
          token: ${{ secrets.COMMAND_BOT_PAT }}
          repository: ${{ github.event.repository.full_name }}
@@ -31,18 +31,18 @@ jobs:
          reaction-type: "+1"

      - name: Checkout the latest code
-        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+        uses: actions/checkout@v3
        with:
          fetch-depth: 0
          token: ${{ secrets.COMMAND_BOT_PAT }}

      - name: Automatic Rebase
-        uses: cirrus-actions/rebase@b87d48154a87a85666003575337e27b8cd65f691 # 1.8
+        uses: cirrus-actions/rebase@1.8
        env:
          GITHUB_TOKEN: ${{ secrets.COMMAND_BOT_PAT }}

      - name: Add reaction on failure
-        uses: peter-evans/create-or-update-comment@c6c9a1a66007646a28c153e2a8580a5bad27bcfa # v3.0.2
+        uses: peter-evans/create-or-update-comment@v2
        if: failure()
        with:
          token: ${{ secrets.COMMAND_BOT_PAT }}
--- a/.github/workflows/create-psalm-container.yml
+++ b/.github/workflows/create-psalm-container.yml
@@ -0,0 +1,54 @@
+name: Create Psalm Container
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '5 4 * * *'
+
+jobs:
+  push_to_registry:
+    runs-on: ubuntu-latest
+
+    name: Create Psalm Container
+
+    permissions:
+      packages: write
+      contents: read
+
+    steps:
+      - name: Check out the repo
+        run: |
+          git clone https://github.com/psalm/psalm-github-actions.git
+      
+      - name: Modify the Dockerfile
+        run: |
+          set -x
+          sed -i 's|FROM php:7.4-alpine|FROM php:8.1-alpine|' "psalm-github-actions/Dockerfile"
+          cat << APCU >> "psalm-github-actions/Dockerfile"
+          RUN mkdir -p /usr/src/php/ext/apcu && \
+            curl -fsSL https://pecl.php.net/get/apcu | tar xvz -C "/usr/src/php/ext/apcu" --strip 1 && \
+            docker-php-ext-install apcu
+          APCU
+
+      - name: Log in to GitHub Docker Registry
+        uses: docker/login-action@v2
+        with:
+          registry: docker.pkg.github.com
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build container image
+        uses: docker/build-push-action@v4
+        with:
+          push: true
+          context: 'psalm-github-actions'
+          file: 'psalm-github-actions/Dockerfile'
+          tags: |
+            ghcr.io/nextcloud/all-in-one-psalm:latest
--- a/.github/workflows/dependency-updates.yml
+++ b/.github/workflows/dependency-updates.yml
@@ -13,24 +13,23 @@ jobs:
    - uses: actions/checkout@v3
    - uses: shivammathur/setup-php@v2
      with:
-        php-version: 8.2
+        php-version: 8.1
        extensions: apcu
    - name: Run dependency update script
      run: |
        set -x
        cd ./php
-        composer update --with-all-dependencies
-        # Disable dependency updates for now
-        # set +e
-        # ALL_LINES="$(composer outdated | grep -v "^$\|Direct dependencies\|Everything up to date\|Transitive dependencies")"
-        # set -e
-        # while [ -n "$ALL_LINES" ]; do
-        #   CURRENT_LINE="$(echo "$ALL_LINES" | head -1)"
-        #   composer require "$(echo "$CURRENT_LINE" | awk '{print $1}')" "^$(echo "$CURRENT_LINE" | awk '{print $4}')" --with-all-dependencies
-        #   ALL_LINES="$(echo "$ALL_LINES" | sed '1d')"
-        # done
-        # echo "outdated dependencies:
-        # $(composer outdated)"
+        composer update
+        set +e
+        ALL_LINES="$(composer outdated | grep -v "^$\|Direct dependencies\|Everything up to date\|Transitive dependencies")"
+        set -e
+        while [ -n "$ALL_LINES" ]; do
+          CURRENT_LINE="$(echo "$ALL_LINES" | head -1)"
+          composer require "$(echo "$CURRENT_LINE" | awk '{print $1}')" "^$(echo "$CURRENT_LINE" | awk '{print $4}')" --with-all-dependencies
+          ALL_LINES="$(echo "$ALL_LINES" | sed '1d')"
+        done
+        echo "outdated dependencies:
+        $(composer outdated)"
    - name: Update apcu
      run: |
        # APCU
@@ -44,12 +43,12 @@ jobs:
        )"
        sed -i "s|pecl install APCu.*\;|pecl install APCu-$apcu_version\;|" ./Containers/mastercontainer/Dockerfile
    - name: Create Pull Request
-      uses: peter-evans/create-pull-request@v5
+      uses: peter-evans/create-pull-request@v4
      with:
        commit-message: dependency updates
        signoff: true
        title: Dependency updates
        body: Automated dependency updates since dependabot does not support grouped updates
-        labels: dependencies, 3. to review
+        labels: dependencies, enhancement
        milestone: next
        branch: aio-dependency-update
--- a/.github/workflows/docker-lint.yml
+++ b/.github/workflows/docker-lint.yml
@@ -1,54 +0,0 @@
-name: Docker Lint
-
-on:
-  pull_request:
-    paths:
-      - 'Containers/**'
-  push:
-    branches:
-      - main
-    paths:
-      - 'Containers/**'
-
-permissions:
-  contents: read
-
-concurrency: 
-  group: docker-lint-${{ github.head_ref || github.run_id }}
-  cancel-in-progress: true
-
-jobs:
-  docker-lint:
-    runs-on: ubuntu-latest
-
-    name: docker-lint
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Install npm and dockerfilelint
-        run: |
-          sudo apt-get update
-          sudo apt-get install nodejs npm -y --no-install-recommends
-          npm install -g dockerfilelint
-          wget https://github.com/replicatedhq/dockerfilelint/pull/184.patch -O /usr/local/lib/node_modules/dockerfilelint/184.patch
-          CURRENT_DIR=$PWD
-          cd /usr/local/lib/node_modules/dockerfilelint/
-          git apply 184.patch
-          cd $CURRENT_DIR
-          cat << RULES > ./.dockerfilelintrc
-          rules:
-            sudo_usage: off
-          RULES
-
-      - name: run lint
-        run: |
-          DOCKERFILES="$(find ./Containers -name Dockerfile)"
-          mapfile -t DOCKERFILES <<< "$DOCKERFILES"
-          for file in "${DOCKERFILES[@]}"; do
-            dockerfilelint "$file" --config ./ | tee -a ./dockerfilelint.log
-          done
-          if grep "^Issues: [0-9]" ./dockerfilelint.log; then
-            exit 1
-          fi
--- a/.github/workflows/helm-release.yml
+++ b/.github/workflows/helm-release.yml
@@ -6,7 +6,7 @@ on:
    branches:
      - main
    paths:
-      - 'nextcloud-aio-helm-chart/**'
+      - 'helm-chart/**'

 jobs:
  release:
@@ -40,10 +40,10 @@ jobs:
        # TODO: switch back @main to a specific version like @v1.5.1 or higher
        uses: helm/chart-releaser-action@main
        with:
+          charts_repo_url: https://nextcloud.github.io/all-in-one
+          charts_dir: helm-chart
          mark_as_latest: false
-          charts_dir: .
        env:
          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
          CR_RELEASE_NAME_TEMPLATE: "helm-chart-{{ .Version }}"
          CR_SKIP_EXISTING: true
-          CR_GENERATE_RELEASE_NOTES: true
--- a/.github/workflows/imaginary-update.yml
+++ b/.github/workflows/imaginary-update.yml
@@ -1,33 +0,0 @@
-name: imaginary-update
-
-on:
-  workflow_dispatch:
-  schedule:
-  - cron:  '00 12 * * *'
-
-jobs:
-  run_update:
-    name: update to latest imaginary commit on master branch
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v3
-    - name: Run imaginary-update
-      run: |
-        # Imaginary
-        imaginary_version="$(
-          git ls-remote https://github.com/h2non/imaginary master \
-            | cut -f1 \
-            | tail -1
-        )"
-        sed -i "s|^ENV IMAGINARY_HASH.*$|ENV IMAGINARY_HASH $imaginary_version|" ./Containers/imaginary/Dockerfile
-        
-    - name: Create Pull Request
-      uses: peter-evans/create-pull-request@v5
-      with:
-        commit-message: imaginary-update automated change
-        signoff: true
-        title: Imaginary update
-        body: Automated Imaginary container update
-        labels: dependencies, 3. to review
-        milestone: next
-        branch: imaginary-container-update
--- a/.github/workflows/json-validator.yml
+++ b/.github/workflows/json-validator.yml
@@ -2,16 +2,12 @@ name: Json Validator

 on:
  pull_request:
-    paths:
-      - '**.json'
  push:
    branches:
      - main
-    paths:
-      - '**.json'

 jobs:
-  json-validator:
+  psalm:
    name: Json Validator
    runs-on: ubuntu-latest
    steps:
@@ -19,7 +15,6 @@ jobs:
        uses: actions/checkout@v3
      - name: Validate Json
        run: |
-          sudo apt-get update
-          sudo apt-get install python3-pip -y --no-install-recommends
+          sudo apt install python3-pip --no-install-recommends
          sudo pip3 install json-spec
          json validate --schema-file=php/containers-schema.json --document-file=php/containers.json
--- a/.github/workflows/lint-php.yml
+++ b/.github/workflows/lint-php.yml
@@ -3,22 +3,18 @@
 # https://github.com/nextcloud/.github
 # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization

-name: Lint php
+name: Lint

 on:
  pull_request:
-    paths:
-      - 'php/**'
  push:
    branches:
      - main
-    paths:
-      - 'php/**'

 permissions:
  contents: read

-concurrency:
+concurrency: 
  group: lint-php-${{ github.head_ref || github.run_id }}
  cancel-in-progress: true

@@ -27,27 +23,24 @@ jobs:
    runs-on: ubuntu-latest
    strategy:
      matrix:
-        php-versions: [ "8.2" ]
+        php-versions: ["8.1"]

    name: php-lint

    steps:
      - name: Checkout
-        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+        uses: actions/checkout@v3

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@c5fc0d8281aba02c7fda07d3a70cc5371548067d # v2
+        uses: shivammathur/setup-php@v2
        with:
          php-version: ${{ matrix.php-versions }}
          coverage: none
-          ini-file: development
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

      - name: Lint
        run: cd php && composer run lint

-  php-lint-summary:
+  summary:
    permissions:
      contents: none
    runs-on: ubuntu-latest
--- a/.github/workflows/nextcloud-update.yml
+++ b/.github/workflows/nextcloud-update.yml
@@ -66,12 +66,12 @@ jobs:
        sed -i "s|^ENV NEXTCLOUD_VERSION.*|ENV NEXTCLOUD_VERSION $NCVERSION|" ./Containers/nextcloud/Dockerfile

    - name: Create Pull Request
-      uses: peter-evans/create-pull-request@v5
+      uses: peter-evans/create-pull-request@v4
      with:
        commit-message: nextcloud-update automated change
        signoff: true
        title: Nextcloud update
        body: Automated Nextcloud container update
-        labels: dependencies, 3. to review
+        labels: dependencies, enhancement
        milestone: next
        branch: nextcloud-container-update
--- a/.github/workflows/php-deprecation-detector.yml
+++ b/.github/workflows/php-deprecation-detector.yml
@@ -3,24 +3,20 @@ name: PHP Deprecation Detector

 on:
  pull_request:
-    paths:
-      - 'php/**'
  push:
    branches:
      - main
-    paths:
-      - 'php/**'

 jobs:
-  phpdd:
+  psalm:
    name: PHP Deprecation Detector
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
-      - name: Set up php8.2
+      - name: Set up php8.1
        uses: shivammathur/setup-php@v2
        with:
-          php-version: 8.2
+          php-version: 8.1
          extensions: apcu
          coverage: none

--- a/.github/workflows/psalm-analysis.yml
+++ b/.github/workflows/psalm-analysis.yml
@@ -0,0 +1,28 @@
+name: Psalm Analysis
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+
+jobs:
+  psalm:
+    name: Psalm
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up php8.1
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: 8.1
+          extensions: apcu
+          coverage: none
+
+      - name: Run script
+        run: |
+          set -x
+          cd php
+          composer global require vimeo/psalm --prefer-dist --no-progress --dev
+          composer install
+          composer run psalm
--- a/.github/workflows/psalm-security.yml
+++ b/.github/workflows/psalm-security.yml
@@ -0,0 +1,25 @@
+name: Psalm Security Analysis
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  psalm:
+    name: Psalm
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - name: Psalm
+        uses: docker://ghcr.io/nextcloud/all-in-one-psalm
+        with:
+          relative_dir: php
+          security_analysis: true
+          composer_ignore_platform_reqs: false
+          report_file: results.sarif
+      - name: Upload Security Analysis results to GitHub
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: php/results.sarif
--- a/.github/workflows/psalm-update-baseline.yml
+++ b/.github/workflows/psalm-update-baseline.yml
@@ -12,10 +12,10 @@ jobs:
    steps:
      - uses: actions/checkout@v3

-      - name: Set up php8.2
+      - name: Set up php8.1
        uses: shivammathur/setup-php@v2
        with:
-          php-version: 8.2
+          php-version: 8.1
          extensions: apcu
          coverage: none

@@ -31,7 +31,7 @@ jobs:
        continue-on-error: true

      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v5
+        uses: peter-evans/create-pull-request@v4
        with:
          token: ${{ secrets.COMMAND_BOT_PAT }}
          commit-message: Update psalm baseline
@@ -42,8 +42,7 @@ jobs:
          # Make sure we can open multiple PRs
          branch-suffix: timestamp
          title: '[Automated] Update psalm-baseline.xml'
-          milestone: next
          body: |
            Auto-generated update psalm-baseline.xml with fixed psalm warnings
          labels: |
-            3. to review, dependencies
+            3. to review
--- a/.github/workflows/psalm.yml
+++ b/.github/workflows/psalm.yml
@@ -1,47 +0,0 @@
-# This workflow is provided via the organization template repository
-#
-# https://github.com/nextcloud/.github
-# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
-
-name: Static analysis
-
-on:
-  pull_request:
-    paths:
-      - 'php/**'
-  push:
-    branches:
-      - main
-    paths:
-      - 'php/**'
-
-concurrency:
-  group: psalm-${{ github.head_ref || github.run_id }}
-  cancel-in-progress: true
-
-jobs:
-  static-analysis:
-    runs-on: ubuntu-latest
-
-    name: Nextcloud
-    steps:
-      - name: Checkout
-        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
-
-      - name: Set up php
-        uses: shivammathur/setup-php@c5fc0d8281aba02c7fda07d3a70cc5371548067d # v2
-        with:
-          php-version: 8.2
-          extensions: apcu
-          coverage: none
-          ini-file: development
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Install dependencies and run psalm
-        run: |
-          set -x
-          cd php
-          composer global require vimeo/psalm --prefer-dist --no-progress --dev
-          composer install
-          composer run psalm
--- a/.github/workflows/shellcheck.yml
+++ b/.github/workflows/shellcheck.yml
@@ -2,13 +2,9 @@ name: Shellcheck

 on:
  pull_request:
-    paths:
-      - '**.sh'
  push:
    branches:
      - main
-    paths:
-      - '**.sh'

 jobs:
  shellcheck:
--- a/.github/workflows/spellcheck.yml
+++ b/.github/workflows/spellcheck.yml
@@ -0,0 +1,23 @@
+name: 'Spellcheck'
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+
+jobs:
+  spellcheck:
+    name: Check spelling
+    runs-on: ubuntu-latest
+    steps:
+      - name: spelling or typos
+        uses: actions/checkout@v3
+      - name: fix permission for reviewdog
+        run: sudo chown -R root:root $GITHUB_WORKSPACE
+      - name: misspell
+        uses: reviewdog/action-misspell@v1
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          locale: "US"
+          fail_on_error: true
--- a/.github/workflows/talk.yml
+++ b/.github/workflows/talk.yml
@@ -1,46 +0,0 @@
-name: talk-update
-
-on:
-  workflow_dispatch:
-  schedule:
-  - cron:  '00 12 * * *'
-
-jobs:
-  talk-update:
-    name: update talk
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v3
-    - name: Run talk-update
-      run: |
-        # Spreed
-        spreed_version="$(
-          git ls-remote https://github.com/nextcloud/spreed v*.*.* \
-            | cut -d/ -f3 \
-            | sort -V \
-            | grep -E "^v[0-9]+\.[0-9]+\.[0-9]+$" \
-            | tail -1
-        )"
-        sed -i "s|^ENV RECORDING_VERSION.*$|ENV RECORDING_VERSION $spreed_version|" ./Containers/talk-recording/Dockerfile
-        curl -L "https://raw.githubusercontent.com/nextcloud/spreed/$spreed_version/recording/server.conf.in" -o Containers/talk-recording/recording.conf
-        
-        # Signaling
-        signaling_version="$(
-          git ls-remote https://github.com/strukturag/nextcloud-spreed-signaling v*.*.* \
-            | cut -d/ -f3 \
-            | sort -V \
-            | grep -E "^v[0-9]+\.[0-9]+\.[0-9]+$" \
-            | tail -1
-        )"
-        curl -L "https://raw.githubusercontent.com/strukturag/nextcloud-spreed-signaling/$signaling_version/server.conf.in" -o Containers/talk/server.conf.in
-        
-    - name: Create Pull Request
-      uses: peter-evans/create-pull-request@v5
-      with:
-        commit-message: talk-update automated change
-        signoff: true
-        title: talk update
-        body: Automated talk container update
-        labels: dependencies, 3. to review
-        milestone: next
-        branch: talk-container-update
--- a/.github/workflows/twig-lint.yml
+++ b/.github/workflows/twig-lint.yml
@@ -1,42 +0,0 @@
-name: Twig Lint
-
-on:
-  pull_request:
-    paths:
-      - '**.twig'
-  push:
-    branches:
-      - main
-    paths:
-      - '**.twig'
-
-permissions:
-  contents: read
-
-concurrency: 
-  group: lint-twig-${{ github.head_ref || github.run_id }}
-  cancel-in-progress: true
-
-jobs:
-  twig-lint:
-    runs-on: ubuntu-latest
-    name: twig-lint
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@v2
-        with:
-          php-version: 8.2
-          extensions: apcu
-          coverage: none
-
-      - name: twig lint
-        run: |
-          cd php
-          composer require sserbin/twig-linter:@dev --no-progress --dev
-          composer install
-          chmod +x ./vendor/bin/twig-linter
-          ./vendor/bin/twig-linter lint ./templates
--- a/.github/workflows/update-helm.yml
+++ b/.github/workflows/update-helm.yml
@@ -6,7 +6,7 @@ on:
  - cron:  '00 12 * * *'

 jobs:
-  update-helm:
+  psalm:
    name: update helm chart
    runs-on: ubuntu-latest
    steps:
@@ -17,17 +17,17 @@ jobs:
          DOCKER_TAG="$(curl -L -s 'https://registry.hub.docker.com/v2/repositories/nextcloud/all-in-one/tags?page_size=1024' | jq '."results"[]["name"]' | sed 's|"||g' | grep '^20' | sort -r | head -1)"
          DOCKER_TAG="${DOCKER_TAG%%-latest*}"
          export DOCKER_TAG
-          if [ -n "$DOCKER_TAG" ] && ! grep -q "$DOCKER_TAG" ./nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml; then
-            sudo bash nextcloud-aio-helm-chart/update-helm.sh "$DOCKER_TAG"
+          if [ -n "$DOCKER_TAG" ] && ! grep -q "$DOCKER_TAG" ./helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml; then
+            sudo bash helm-chart/update-helm.sh "$DOCKER_TAG"
          fi
      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v5
+        uses: peter-evans/create-pull-request@v4
        with:
          commit-message: Helm Chart updates
          signoff: true
          title: Helm Chart updates
          body: Automated Helm Chart updates for the yaml files. It can be merged if it looks good at any time which will automatically trigger a new release of the helm chart.
-          labels: dependencies, 3. to review
+          labels: dependencies
          milestone: next
          branch: aio-helm-update
          token: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/update-yaml.yml
+++ b/.github/workflows/update-yaml.yml
@@ -6,7 +6,7 @@ on:
  - cron:  '00 12 * * *'

 jobs:
-  update-yaml:
+  psalm:
    name: update yaml files
    runs-on: ubuntu-latest
    steps:
@@ -16,13 +16,13 @@ jobs:
        run: |
          sudo bash manual-install/update-yaml.sh
      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v5
+        uses: peter-evans/create-pull-request@v4
        with:
          commit-message: Yaml updates
          signoff: true
          title: Yaml updates
          body: Automated yaml updates for the docker-compose files. Should only be merged shortly before the next latest release.
-          labels: dependencies, 3. to review
+          labels: dependencies
          milestone: next
          branch: aio-yaml-update
          token: ${{ secrets.GITHUB_TOKEN }}
--- a/.gitignore
+++ b/.gitignore
@@ -6,5 +6,4 @@
 /manual-install/*.conf
 !/manual-install/sample.conf
 /manual-install/docker-compose.yml
-/manual-install/compose.yaml
 /manual-install/.env
--- a/Containers/apache/Caddyfile
+++ b/Containers/apache/Caddyfile
@@ -5,10 +5,6 @@
        root /mnt/data/caddy
    }

-    servers {
-        # trusted_proxies placeholder
-    }
-
    log {
        level ERROR
    }
@@ -16,21 +12,37 @@

 {$PROTOCOL}://{$NC_DOMAIN}:{$APACHE_PORT} {

-    # Collabora
-    route /browser/* {
-        reverse_proxy {$COLLABORA_HOST}:9980
-    }
-    route /hosting/* {
-        reverse_proxy {$COLLABORA_HOST}:9980
-    }
-    route /cool/* {
-        reverse_proxy {$COLLABORA_HOST}:9980
-    }
-
    # Notify Push
    route /push/* {
        uri strip_prefix /push
-        reverse_proxy {$NOTIFY_PUSH_HOST}:7867
+        reverse_proxy {$NEXTCLOUD_HOST}:7867 {
+            # trusted_proxies placeholder
+        }
+    }
+
+    # Talk
+    route /standalone-signaling/* {
+        uri strip_prefix /standalone-signaling
+        reverse_proxy {$TALK_HOST}:8081 {
+            # trusted_proxies placeholder
+        }
+    }
+
+    # Collabora
+    route /browser/* {
+        reverse_proxy {$COLLABORA_HOST}:9980 {
+            # trusted_proxies placeholder
+        }
+    }
+    route /hosting/* {
+        reverse_proxy {$COLLABORA_HOST}:9980 {
+            # trusted_proxies placeholder
+        }
+    }
+    route /cool/* {
+        reverse_proxy {$COLLABORA_HOST}:9980 {
+            # trusted_proxies placeholder
+        }
    }

    # Onlyoffice
@@ -39,24 +51,19 @@
        reverse_proxy {$ONLYOFFICE_HOST}:80 {
            header_up X-Forwarded-Host {http.request.host}/onlyoffice
            header_up X-Forwarded-Proto https
+            # trusted_proxies placeholder
        }
    }

-    # Talk
-    route /standalone-signaling/* {
-        uri strip_prefix /standalone-signaling
-        reverse_proxy {$TALK_HOST}:8081
-    }
-
-    # Others
-    import /mnt/data/caddy-imports/*
-
    # Nextcloud
    route {
        rewrite /.well-known/carddav /remote.php/dav
        rewrite /.well-known/caldav /remote.php/dav
        header Strict-Transport-Security max-age=31536000;
-        reverse_proxy localhost:8000
+        reverse_proxy localhost:8000 {
+            # See https://github.com/nextcloud/all-in-one/issues/828
+            # trusted_proxies placeholder
+        }
    }

    # TLS options
--- a/Containers/apache/Dockerfile
+++ b/Containers/apache/Dockerfile
@@ -1,16 +1,7 @@
+# Caddy is a requirement
 FROM caddy:2.6.4-alpine as caddy

-FROM httpd:2.4.57-alpine3.18
-
-COPY --from=caddy /usr/bin/caddy /usr/bin/caddy
-
-COPY --chown=33:33 Caddyfile /Caddyfile
-COPY --chmod=664 nextcloud.conf /usr/local/apache2/conf/nextcloud.conf
-COPY --chmod=664 supervisord.conf /supervisord.conf
-COPY --chmod=775 start.sh /start.sh
-COPY --chmod=775 healthcheck.sh /healthcheck.sh
-
-VOLUME /mnt/data
+FROM httpd:2.4.56-alpine3.17

 RUN set -ex; \
    apk add --no-cache shadow; \
@@ -18,63 +9,77 @@ RUN set -ex; \
    usermod -u 333 -g 333 xfs; \
    groupmod -g 33 www-data; \
    usermod -u 33 -g 33 www-data; \
-    apk del --no-cache shadow; \
-    \
-    mkdir -p /mnt/data; \
-    chown -R www-data:www-data /mnt/data; \
-    chown -R 777 /tmp; \
-    \
+    apk del --no-cache shadow
+
+RUN mkdir -p /mnt/data; \
+    chown www-data:www-data /mnt/data;
+
+VOLUME /mnt/data
+
+RUN set -ex; \
    apk add --no-cache \
        bash \
        supervisor \
+        wget \
        tzdata \
        ca-certificates \
        openssl \
-        netcat-openbsd; \
-    \
-    sed -i \
-            -e '/^Listen /d' \
-            -e 's/^#\(LoadModule .*mod_rewrite.so\)/\1/' \
-            -e 's/^#\(LoadModule .*mod_headers.so\)/\1/' \
-            -e 's/^#\(LoadModule .*mod_proxy.so\)/\1/' \
-            -e 's/^#\(LoadModule .*mod_proxy_fcgi.so\)/\1/' \
-            -e 's/^#\(LoadModule .*mod_setenvif.so\)/\1/' \
-            -e 's/^#\(LoadModule .*mod_env.so\)/\1/' \
-            -e 's/^#\(LoadModule .*mod_mime.so\)/\1/' \
-            -e 's/^#\(LoadModule .*mod_dir.so\)/\1/' \
-            -e 's/^#\(LoadModule .*mod_authz_core.so\)/\1/' \
-            -e 's/^#\(LoadModule .*mod_alias.so\)/\1/' \
-            -e 's/^#\(LoadModule .*mod_mpm_event.so\)/\1/' \
-            -e 's/^#\(LoadModule .*mod_brotli.so\)/\1/' \
-            -e 's/\(LoadModule .*mod_mpm_worker.so\)/#\1/' \
-            -e 's/\(LoadModule .*mod_mpm_prefork.so\)/#\1/' \
-        /usr/local/apache2/conf/httpd.conf; \
-    echo "Include conf/nextcloud.conf" | tee -a /usr/local/apache2/conf/httpd.conf; \
-    echo "ServerName localhost" | tee -a /usr/local/apache2/conf/httpd.conf; \
-    \
-    rm -rf /usr/local/apache2/conf/original /var/www; \
-    mkdir -p /var/www; \
-    chown -R www-data:www-data /var/www; \
-    \
-    mkdir /var/log/supervisord; \
+        netcat-openbsd
+
+COPY --from=caddy /usr/bin/caddy /usr/bin/
+RUN chmod +x /usr/bin/caddy
+
+RUN sed -i \
+                -e '/^Listen /d' \
+                -e 's/^#\(LoadModule .*mod_rewrite.so\)/\1/' \
+                -e 's/^#\(LoadModule .*mod_headers.so\)/\1/' \
+                -e 's/^#\(LoadModule .*mod_proxy.so\)/\1/' \
+                -e 's/^#\(LoadModule .*mod_proxy_fcgi.so\)/\1/' \
+                -e 's/^#\(LoadModule .*mod_setenvif.so\)/\1/' \
+                -e 's/^#\(LoadModule .*mod_env.so\)/\1/' \
+                -e 's/^#\(LoadModule .*mod_mime.so\)/\1/' \
+                -e 's/^#\(LoadModule .*mod_dir.so\)/\1/' \
+                -e 's/^#\(LoadModule .*mod_authz_core.so\)/\1/' \
+                -e 's/^#\(LoadModule .*mod_alias.so\)/\1/' \
+                -e 's/^#\(LoadModule .*mod_mpm_event.so\)/\1/' \
+                -e 's/\(LoadModule .*mod_mpm_worker.so\)/#\1/' \
+                -e 's/\(LoadModule .*mod_mpm_prefork.so\)/#\1/' \
+                conf/httpd.conf; \
+		echo "Include conf/nextcloud.conf" | tee -a conf/httpd.conf; \
+                echo "ServerName localhost" | tee -a conf/httpd.conf
+		
+COPY nextcloud.conf conf
+
+RUN set -ex; \
+    rm -rf conf/original conf/original && \
+    rm -rf /var/www/html/* && \
+    mkdir /var/www && \
+    chown -R www-data:www-data /var/www;
+
+RUN mkdir /var/log/supervisord; \
    mkdir /var/run/supervisord; \
    chown www-data:www-data /var/run/supervisord; \
-    chown www-data:www-data /var/log/supervisord; \
-    chmod 777 /var/run/supervisord; \
-    chmod 777 /var/log/supervisord; \
-    \
+    chown www-data:www-data /var/log/supervisord;
+
+COPY Caddyfile /
+
+COPY start.sh /usr/bin/
+COPY healthcheck.sh /usr/bin/
+COPY supervisord.conf /
+RUN chmod +x /usr/bin/start.sh; \
+    chmod +x /usr/bin/healthcheck.sh; \
+    chmod +r /supervisord.conf; \
+    chown www-data:www-data /Caddyfile; \
    chown -R www-data:www-data /usr/local/apache2; \
-    chmod +r -R /usr/local/apache2; \
-    mkdir -p /usr/local/apache2/logs; \
-    chmod 777 -R /home/www-data; \
-    chmod 777 -R /usr/local/apache2/logs; \
-    \
-    echo "root:$(openssl rand -base64 12)" | chpasswd
+    chmod +r -R /usr/local/apache2
+
+# Give root a random password
+RUN echo "root:$(openssl rand -base64 12)" | chpasswd

 USER www-data

-ENTRYPOINT ["/start.sh"]
+ENTRYPOINT ["start.sh"]
 CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]

-HEALTHCHECK CMD /healthcheck.sh
-LABEL com.centurylinklabs.watchtower.enable="false"
+HEALTHCHECK CMD healthcheck.sh
+LABEL com.centurylinklabs.watchtower.monitor-only="true"
--- a/Containers/apache/healthcheck.sh
+++ b/Containers/apache/healthcheck.sh
@@ -2,5 +2,8 @@

 nc -z "$NEXTCLOUD_HOST" 9000 || exit 0
 nc -z localhost 8000 || exit 1
-nc -z localhost "$APACHE_PORT" || exit 1
-nc -z "$NC_DOMAIN" 443 || exit 1
+if [ "$APACHE_PORT" != '443' ]; then
+    nc -z localhost "$APACHE_PORT" || exit 1
+else
+    nc -z "$NC_DOMAIN" "$APACHE_PORT" || exit 1
+fi
--- a/Containers/apache/nextcloud.conf
+++ b/Containers/apache/nextcloud.conf
@@ -3,23 +3,13 @@ Listen 8000
    ServerName localhost

    # Add error log
-    CustomLog /proc/self/fd/1 proxy
-    LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
+    CustomLog /proc/self/fd/1 combined
    ErrorLog /proc/self/fd/2
-    ErrorLogFormat "[%t] [%l] [%E] [client: %{X-Forwarded-For}i] [%M] [%{User-Agent}i]"
-    LogLevel warn

    # PHP match
    <FilesMatch "\.php$">
        SetHandler "proxy:fcgi://${NEXTCLOUD_HOST}:9000"
    </FilesMatch>
-
-    # Enable Brotli compression for js, css and svg files - other plain files are compressed by Nextcloud by default
-    <IfModule mod_brotli.c>
-        AddOutputFilterByType BROTLI_COMPRESS text/javascript application/javascript application/x-javascript text/css image/svg+xml
-        BrotliCompressionQuality 0
-    </IfModule>
-
    # Nextcloud dir
    DocumentRoot /var/www/html/
    <Directory /var/www/html/>
--- a/Containers/apache/start.sh
+++ b/Containers/apache/start.sh
@@ -35,31 +35,22 @@ if [ "$APACHE_PORT" != '443' ]; then
 else
    CADDYFILE="$(sed 's|auto_https.*|auto_https disable_redirects|' /Caddyfile)"
 fi
-echo "$CADDYFILE" > /tmp/Caddyfile
+echo "$CADDYFILE" > /Caddyfile

 # Change the trusted_proxies in case of reverse proxies
 if [ "$APACHE_PORT" != '443' ]; then
-    CADDYFILE="$(sed 's|# trusted_proxies placeholder|trusted_proxies static private_ranges|' /tmp/Caddyfile)"
+    CADDYFILE="$(sed 's|# trusted_proxies placeholder|trusted_proxies private_ranges|' /Caddyfile)"
 else
-    CADDYFILE="$(sed 's|trusted_proxies.*private_ranges|# trusted_proxies placeholder|' /tmp/Caddyfile)"
+    CADDYFILE="$(sed 's|trusted_proxies private_ranges|# trusted_proxies placeholder|' /Caddyfile)"
 fi
-echo "$CADDYFILE" > /tmp/Caddyfile
+echo "$CADDYFILE" > /Caddyfile

 # Fix the Caddyfile format
-caddy fmt --overwrite /tmp/Caddyfile
+caddy fmt --overwrite /Caddyfile

 # Add caddy path
 mkdir -p /mnt/data/caddy/

-# Add caddy import path
-mkdir -p /mnt/data/caddy-imports
-
-# Remove falsely added Nextcloud conf
-rm -f /mnt/data/caddy-imports/nextcloud
-
-# Makre sure that the caddy-imports dir is not empty
-echo "# empty file so that caddy does not print a warning" > /mnt/data/caddy-imports/empty
-
 # Fix apache startup
 rm -f /usr/local/apache2/logs/httpd.pid

--- a/Containers/apache/supervisord.conf
+++ b/Containers/apache/supervisord.conf
@@ -20,4 +20,4 @@ stdout_logfile=/dev/stdout
 stdout_logfile_maxbytes=0
 stderr_logfile=/dev/stderr
 stderr_logfile_maxbytes=0
-command=/usr/bin/caddy run --config /tmp/Caddyfile
+command=/usr/bin/caddy run --config /Caddyfile
--- a/Containers/borgbackup/Dockerfile
+++ b/Containers/borgbackup/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.18.2
+FROM alpine:3.17.2

 RUN set -ex; \
    \
@@ -13,10 +13,11 @@ RUN set -ex; \

 VOLUME /root

-COPY --chmod=770 *.sh /
+COPY start.sh /usr/bin/
+COPY backupscript.sh /
+RUN chmod +x /usr/bin/start.sh; \
+    chmod +x /backupscript.sh

-ENTRYPOINT ["/start.sh"]
 USER root
-
-LABEL com.centurylinklabs.watchtower.enable="false"
-ENV BORG_RETENTION_POLICY="--keep-within=7d --keep-weekly=4 --keep-monthly=6"
+ENTRYPOINT ["start.sh"]
+LABEL com.centurylinklabs.watchtower.monitor-only="true"
--- a/Containers/borgbackup/backupscript.sh
+++ b/Containers/borgbackup/backupscript.sh
@@ -24,14 +24,6 @@ for directory in "${VOLUME_DIRS[@]}"; do
        exit 1
    fi
 done
-# Test if default volumes are there
-DEFAULT_VOLUMES=(nextcloud_aio_apache nextcloud_aio_nextcloud nextcloud_aio_database nextcloud_aio_database_dump nextcloud_aio_elasticsearch nextcloud_aio_nextcloud_data nextcloud_aio_mastercontainer)
-for volume in "${DEFAULT_VOLUMES[@]}"; do
-    if ! mountpoint -q "/nextcloud_aio_volumes/$volume"; then
-        echo "$volume is missing which is not intended."
-        exit 1
-    fi
-done

 # Check if target is mountpoint
 if ! mountpoint -q /mnt/borgbackup; then
@@ -94,9 +86,8 @@ if [ "$BORG_MODE" = backup ]; then
    if ! [ -f "$BORG_BACKUP_DIRECTORY/config" ]; then
        # Don't initialize if already initialized
        if [ -f "/nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/borg.config" ]; then
-            echo "No borg config file was found in the targeted directory."
-            echo "This might happen if the targeted directory is located on an external drive and the drive not connected anymore. You should check this."
-            echo "If you instead want to initialize a new backup repository, you may delete the 'borg.config' file that is stored in the mastercontainer volume manually, which will allow you to initialize a new borg repository in the chosen directory:"
+            echo "Cannot initialize a new repository as that was already done at least one time."
+            echo "If you still want to do so, you may delete the 'borg.config' file that is stored in the mastercontainer volume manually, which will allow you to initialize a new borg repository in the chosen directory:"
            echo "sudo docker exec nextcloud-aio-mastercontainer rm /mnt/docker-aio-config/data/borg.config"
            exit 1
        fi
@@ -136,21 +127,11 @@ if [ "$BORG_MODE" = backup ]; then
    # Borg options
    # auto,zstd compression seems to has the best ratio based on:
    # https://forum.level1techs.com/t/optimal-compression-for-borg-backups/145870/6
-    BORG_OPTS=(-v --stats --compression "auto,zstd" --exclude-caches)
-    if [ "$NEW_REPOSITORY" = 1 ]; then
-        BORG_OPTS+=(--progress)
-    fi
+    BORG_OPTS=(-v --stats --compression "auto,zstd" --exclude-caches --checkpoint-interval 86400)

    # Exclude the nextcloud log and audit log for GDPR reasons
    BORG_EXCLUDE=(--exclude "/nextcloud_aio_volumes/nextcloud_aio_nextcloud/data/nextcloud.log*" --exclude "/nextcloud_aio_volumes/nextcloud_aio_nextcloud/data/audit.log")

-    # Make sure that there is always a borg.config file before creating a new backup
-    if ! [ -f "/nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/borg.config" ]; then
-        echo "Did not find borg.config file in the mastercontainer volume."
-        echo "Cannot create a backup as this is wrong."
-        exit 1
-    fi
-
    # Create the backup
    echo "Starting the backup..."
    get_start_time
@@ -158,7 +139,6 @@ if [ "$BORG_MODE" = backup ]; then
        echo "Deleting the failed backup archive..."
        borg delete --stats "$BORG_BACKUP_DIRECTORY::$CURRENT_DATE-nextcloud-aio"
        echo "Backup failed!"
-        echo "You might want to check the backup integrity via the AIO interface."
        if [ "$NEW_REPOSITORY" = 1 ]; then
            echo "Deleting borg.config file so that you can choose a different location for the backup."
            rm "/nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/borg.config"
@@ -170,12 +150,11 @@ if [ "$BORG_MODE" = backup ]; then
    rm -f "/nextcloud_aio_volumes/nextcloud_aio_nextcloud_data/skip.update"

    # Prune options
-    read -ra BORG_PRUNE_OPTS <<< "$BORG_RETENTION_POLICY"
-    echo "BORG_PRUNE_OPTS are ${BORG_PRUNE_OPTS[*]}"
+    BORG_PRUNE_OPTS=(--stats --keep-within=7d --keep-weekly=4 --keep-monthly=6 "$BORG_BACKUP_DIRECTORY")

    # Prune archives
    echo "Pruning the archives..."
-    if ! borg prune --stats --glob-archives '*_*-nextcloud-aio' "${BORG_PRUNE_OPTS[@]}" "$BORG_BACKUP_DIRECTORY"; then
+    if ! borg prune --glob-archives '*_*-nextcloud-aio' "${BORG_PRUNE_OPTS[@]}"; then
        echo "Failed to prune archives!"
        exit 1
    fi
@@ -206,7 +185,7 @@ if [ "$BORG_MODE" = backup ]; then
                exit 1
            fi
            echo "Pruning additional volumes..."
-            if ! borg prune --stats --glob-archives '*_*-additional-docker-volumes' "${BORG_PRUNE_OPTS[@]}" "$BORG_BACKUP_DIRECTORY"; then
+            if ! borg prune --glob-archives '*_*-additional-docker-volumes' "${BORG_PRUNE_OPTS[@]}"; then
                echo "Failed to prune additional docker-volumes archives!"
                exit 1
            fi
@@ -236,7 +215,7 @@ if [ "$BORG_MODE" = backup ]; then
                exit 1
            fi
            echo "Pruning additional host mounts..."
-            if ! borg prune --stats --glob-archives '*_*-additional-host-mounts' "${BORG_PRUNE_OPTS[@]}" "$BORG_BACKUP_DIRECTORY"; then
+            if ! borg prune --glob-archives '*_*-additional-host-mounts' "${BORG_PRUNE_OPTS[@]}"; then
                echo "Failed to prune additional host-mount archives!"
                exit 1
            fi
@@ -297,7 +276,7 @@ if [ "$BORG_MODE" = restore ]; then
    --exclude "nextcloud_aio_mastercontainer/data/daily_backup_running" \
    --exclude "nextcloud_aio_mastercontainer/data/session_date_file" \
    --exclude "nextcloud_aio_mastercontainer/session/**" \
-    /tmp/borg/nextcloud_aio_volumes/ /nextcloud_aio_volumes/; then
+    /tmp/borg/nextcloud_aio_volumes/ /nextcloud_aio_volumes; then
        RESTORE_FAILED=1
        echo "Something failed while restoring from backup."
    fi
@@ -383,7 +362,6 @@ if [ "$BORG_MODE" = check ]; then
    # Perform the check
    if ! borg check -v --verify-data "$BORG_BACKUP_DIRECTORY"; then
        echo "Some errors were found while checking the backup integrity!"
-        echo "Check the AIO interface for advices on how to proceed now!"
        exit 1
    fi

--- a/Containers/clamav/Dockerfile
+++ b/Containers/clamav/Dockerfile
@@ -1,18 +1,7 @@
-# Probably from this file: https://github.com/Cisco-Talos/clamav-docker/blob/main/clamav/1.1/alpine/Dockerfile
-FROM clamav/clamav:1.1.0-1
+# Probably from this file: https://github.com/Cisco-Talos/clamav-docker/blob/main/clamav/0.105/alpine/Dockerfile
+FROM clamav/clamav:1.0.1-1

-COPY clamav.conf /tmp/clamav.conf
-
-RUN set -ex; \
-    apk add --no-cache tzdata; \
-    cat /tmp/clamav.conf | tee -a /etc/clamav/clamd.conf; \
-    rm /tmp/clamav.conf; \
-    mkdir -p /var/run/clamav /run/lock; \
-    chown -R clamav:clamav /var/run/clamav /run/clamav /var/log/clamav /var/lock /run/lock; \
-    chmod 777 -R /var/run/clamav /run/clamav /var/log/clamav /var/lock /run/lock /tmp
-
-VOLUME /var/lib/clamav
-
-USER clamav
-
-LABEL com.centurylinklabs.watchtower.enable="false"
+RUN apk add --no-cache tzdata
+COPY clamav.conf /tmp/
+RUN cat /tmp/clamav.conf >> /etc/clamav/clamd.conf
+LABEL com.centurylinklabs.watchtower.monitor-only="true"
--- a/Containers/collabora/Dockerfile
+++ b/Containers/collabora/Dockerfile
@@ -1,5 +1,5 @@
 # From a file located probably somewhere here: https://github.com/CollaboraOnline/online/tree/master/docker
-FROM collabora/code:23.05.1.3.1
+FROM collabora/code:22.05.12.2.1

 USER root

@@ -9,11 +9,11 @@ RUN set -ex; \
    export DEBIAN_FRONTEND=noninteractive; \
    apt-get install -y --no-install-recommends \
        tzdata \
-        netcat-openbsd \
+        netcat \
    ; \
-    rm -rf /var/lib/apt/lists/*;
+    rm -rf /var/lib/apt/lists/*

-USER 100
+USER 104

 HEALTHCHECK CMD nc -z localhost 9980 || exit 1
-LABEL com.centurylinklabs.watchtower.enable="false"
+LABEL com.centurylinklabs.watchtower.monitor-only="true"
--- a/Containers/domaincheck/Dockerfile
+++ b/Containers/domaincheck/Dockerfile
@@ -1,18 +1,19 @@
-FROM alpine:3.18.2
-RUN set -ex; \
-    apk add --no-cache bash lighttpd netcat-openbsd; \
-    adduser -S www-data -G www-data; \
-    rm -rf /etc/lighttpd/lighttpd.conf; \
-    chmod 777 -R /etc/lighttpd; \
-    mkdir -p /var/www/domaincheck; \
-    chown www-data:www-data -R /var/www; \
-    chmod 777 -R /var/www/domaincheck
-COPY --chown=www-data:www-data lighttpd.conf /lighttpd.conf
+FROM alpine:3.17.2
+RUN apk add --no-cache lighttpd bash netcat-openbsd

-COPY --chmod=775 start.sh /start.sh
+RUN adduser -S www-data -G www-data
+RUN rm -rf /etc/lighttpd/lighttpd.conf
+COPY lighttpd.conf /etc/lighttpd/lighttpd.conf
+RUN chmod +r -R /etc/lighttpd && \
+    chown www-data:www-data -R /var/www && \
+    chown www-data:www-data /etc/lighttpd/lighttpd.conf
+
+COPY start.sh /
+RUN chmod +x /start.sh

 USER www-data
+RUN mkdir -p /var/www/domaincheck/
 ENTRYPOINT ["/start.sh"]

 HEALTHCHECK CMD nc -z localhost $APACHE_PORT || exit 1
-LABEL com.centurylinklabs.watchtower.enable="false"
+LABEL com.centurylinklabs.watchtower.monitor-only="true"
--- a/Containers/domaincheck/start.sh
+++ b/Containers/domaincheck/start.sh
@@ -11,7 +11,7 @@ if [ -z "$APACHE_PORT" ]; then
    export APACHE_PORT="443"
 fi

-CONF_FILE="$(sed "s|ipv6-placeholder|\[::\]:$APACHE_PORT|" /lighttpd.conf)"
+CONF_FILE="$(sed "s|ipv6-placeholder|\[::\]:$APACHE_PORT|" /etc/lighttpd/lighttpd.conf)"
 echo "$CONF_FILE" > /etc/lighttpd/lighttpd.conf

 # Check config file
--- a/Containers/fulltextsearch/Dockerfile
+++ b/Containers/fulltextsearch/Dockerfile
@@ -1,19 +1,15 @@
 # Probably from here https://github.com/elastic/elasticsearch/blob/main/distribution/docker/src/docker/Dockerfile
-FROM elasticsearch:7.17.10
+FROM elasticsearch:7.17.9

-USER root
+RUN elasticsearch-plugin install --batch ingest-attachment

 RUN set -ex; \
    \
-    export DEBIAN_FRONTEND=noninteractive; \
    apt-get update; \
    apt-get install -y --no-install-recommends \
        tzdata \
    ; \
-    rm -rf /var/lib/apt/lists/*; \
-    elasticsearch-plugin install --batch ingest-attachment
-
-USER 1000:0
+    rm -rf /var/lib/apt/lists/*

 HEALTHCHECK CMD nc -z localhost 9200 || exit 1
-LABEL com.centurylinklabs.watchtower.enable="false"
+LABEL com.centurylinklabs.watchtower.monitor-only="true"
--- a/Containers/imaginary/Dockerfile
+++ b/Containers/imaginary/Dockerfile
@@ -1,38 +1,29 @@
-FROM golang:1.20.6-alpine3.18 as go
-
-ENV IMAGINARY_HASH b632dae8cc321452c3f85bcae79c580b1ae1ed84
+# From https://github.com/h2non/imaginary/blob/master/Dockerfile
+FROM nextcloud/imaginary:20230301

+USER root
 RUN set -ex; \
-    apk add --no-cache \
-        vips-dev \
-        vips-magick \
-        vips-heif \
-        vips-jxl \
-        vips-poppler \
-        build-base; \
-    go install github.com/h2non/imaginary@"$IMAGINARY_HASH";
-
-FROM alpine:3.18.2
-RUN set -ex; \
-    apk add --no-cache \
-        tzdata \
-        ca-certificates \
-        netcat-openbsd \
-        vips \
-        vips-magick \
-        vips-heif \
-        vips-jxl \
-        vips-poppler
-
-COPY --from=go /go/bin/imaginary /usr/local/bin/imaginary
-
-ENV PORT 9000
-
+    \
+    apt-get update; \
+    apt-get install -y --no-install-recommends \
+        netcat \
+    ; \
+    echo "deb http://deb.debian.org/debian bookworm main" > /etc/apt/sources.list.d/bookworm.list; \
+    apt-get update; \
+    apt-get install -t bookworm -y --no-install-recommends \
+        libheif1 \
+        libde265-0 \
+        libx265-199 \
+        libvips \
+    ; \
+    rm /etc/apt/sources.list.d/bookworm.list; \
+    rm -rf /var/lib/apt/lists/*
 USER nobody

+ENTRYPOINT ["/usr/local/bin/imaginary", "-return-size", "-max-allowed-resolution", "222.2"]
+
+HEALTHCHECK CMD nc -z localhost 9000 || exit 1
+LABEL com.centurylinklabs.watchtower.monitor-only="true"
+
 # https://github.com/h2non/imaginary#memory-issues
 ENV MALLOC_ARENA_MAX=2
-ENTRYPOINT ["imaginary", "-return-size", "-max-allowed-resolution", "222.2"]
-
-HEALTHCHECK CMD nc -z localhost "$PORT" || exit 1
-LABEL com.centurylinklabs.watchtower.enable="false"
--- a/Containers/mastercontainer/Caddyfile
+++ b/Containers/mastercontainer/Caddyfile
@@ -10,10 +10,6 @@
    log {
        level ERROR
    }
-
-    servers {
-        protocols h1 h2 h2c
-    }
 }

 http://:80 {
--- a/Containers/mastercontainer/Dockerfile
+++ b/Containers/mastercontainer/Dockerfile
@@ -1,28 +1,28 @@
 # Docker CLI is a requirement
-FROM docker:24.0.4-cli as docker
+FROM docker:23.0.1-dind as dind

 # Caddy is a requirement
 FROM caddy:2.6.4-alpine as caddy

-# From https://github.com/docker-library/php/blob/master/8.2/alpine3.18/fpm/Dockerfile
-FROM php:8.2.8-fpm-alpine3.18
-
-EXPOSE 80
-EXPOSE 8080
-EXPOSE 8443
-
-COPY --from=caddy /usr/bin/caddy /usr/bin/caddy
-COPY --from=docker /usr/local/bin/docker /usr/local/bin/docker
-
-WORKDIR /var/www/docker-aio
+# From https://github.com/docker-library/php/blob/master/8.1/alpine3.17/fpm/Dockerfile
+FROM php:8.1.17-fpm-alpine3.17

 RUN set -ex; \
    apk add --no-cache shadow; \
    groupmod -g 333 xfs; \
    usermod -u 333 -g 333 xfs; \
    groupmod -g 33 www-data; \
-    usermod -u 33 -g 33 www-data; \
-    \
+    usermod -u 33 -g 33 www-data
+
+EXPOSE 80
+EXPOSE 8080
+EXPOSE 8443
+
+RUN mkdir -p /var/www/docker-aio;
+
+WORKDIR /var/www/docker-aio
+
+RUN set -ex; \
    apk add --no-cache \
        util-linux-misc \
        ca-certificates \
@@ -36,14 +36,16 @@ RUN set -ex; \
        sudo \
        netcat-openbsd \
        curl \
-        grep; \
-    \
+        grep
+
+RUN set -ex; \
    apk add --no-cache --virtual .build-deps \
        autoconf \
        build-base; \
    pecl install APCu-5.1.22; \
    docker-php-ext-enable apcu; \
    rm -r /tmp/pear; \
+    \
    runDeps="$( \
        scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \
            | tr ',' '\n' \
@@ -55,33 +57,39 @@ RUN set -ex; \
    grep -q '^pm = dynamic' /usr/local/etc/php-fpm.d/www.conf; \
    sed -i 's/^pm = dynamic/pm = ondemand/' /usr/local/etc/php-fpm.d/www.conf; \
    sed -i 's/^pm.max_children =.*/pm.max_children = 80/' /usr/local/etc/php-fpm.d/www.conf; \
-    sed -i 's|access.log = /proc/self/fd/2|access.log = /proc/self/fd/1|' /usr/local/etc/php-fpm.d/docker.conf; \
-    \
+    sed -i 's|access.log = /proc/self/fd/2|access.log = /proc/self/fd/1|' /usr/local/etc/php-fpm.d/docker.conf
+
+COPY --from=caddy /usr/bin/caddy /usr/bin/
+RUN chmod +x /usr/bin/caddy
+
+COPY --from=dind /usr/local/bin/docker /usr/local/bin/
+RUN chmod +x /usr/local/bin/docker
+
+RUN set -e && \
    apk add --no-cache git; \
    wget https://getcomposer.org/installer -O - | php -- --install-dir=/usr/local/bin --filename=composer; \
    chmod +x /usr/local/bin/composer; \
    cd /var/www/docker-aio; \
    git clone https://github.com/nextcloud-releases/all-in-one.git --depth 1 .; \
-    find ./ -maxdepth 1 -mindepth 1 -not -path ./php -exec rm -r {} \; ; \
-    chown www-data:www-data -R /var/www/docker-aio; \
    cd php; \
-    sudo -u www-data composer install --no-dev; \
-    sudo -u www-data composer clear-cache; \
+    composer install --no-dev; \
+    composer clearcache; \
    cd ..; \
    rm -f /usr/local/bin/composer; \
-    chmod -R 770 /var/www/docker-aio; \
-    chown -R www-data:www-data /var/www; \
-    rm -r php/data; \
-    rm -r php/session; \
-    \
-    mkdir -p /etc/apache2/certs; \
-    cd /etc/apache2/certs; \
-    openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=DE/ST=BE/L=Local/O=Dev/CN=nextcloud.local" -keyout /etc/apache2/certs/ssl.key -out /etc/apache2/certs/ssl.crt; \
-    \
-    sed -i \
+    chmod 770 -R ./; \
+    chown www-data:www-data -R /var/www; \
+    rm -r ./php/data; \
+    rm -r ./php/session; \
+    apk del --no-cache git
+
+RUN mkdir -p /etc/apache2/certs && \
+    cd /etc/apache2/certs && \
+    openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=DE/ST=BE/L=Local/O=Dev/CN=nextcloud.local" -keyout ./ssl.key -out ./ssl.crt;
+
+COPY mastercontainer.conf /etc/apache2/sites-available/
+
+RUN sed -i \
            -e '/^Listen /d' \
-            -e 's/^LogLevel .*/LogLevel error/' \
-            -e 's|^ErrorLog .*|ErrorLog /proc/self/fd/2|' \
            -e 's/User apache/User www-data/g' \
            -e 's/Group apache/Group www-data/g' \
            -e 's/^#\(LoadModule .*mod_rewrite.so\)/\1/' \
@@ -97,28 +105,37 @@ RUN set -ex; \
        mkdir -p /etc/apache2/logs; \
        rm /etc/apache2/conf.d/ssl.conf; \
        echo "ServerName localhost" | tee -a /etc/apache2/httpd.conf; \
-        grep -q '^LoadModule lbmethod_heartbeat_module' /etc/apache2/conf.d/proxy.conf; \
-        sed -i 's|^LoadModule lbmethod_heartbeat_module.*|#LoadModule lbmethod_heartbeat_module|' /etc/apache2/conf.d/proxy.conf; \
-        echo "SSLSessionCache nonenotnull" | tee -a /etc/apache2/httpd.conf; \
        echo "LoadModule ssl_module modules/mod_ssl.so" | tee -a /etc/apache2/httpd.conf; \
        echo "LoadModule socache_shmcb_module modules/mod_socache_shmcb.so" | tee -a /etc/apache2/httpd.conf; \
-        echo "Include /etc/apache2/sites-available/mastercontainer.conf" | tee -a /etc/apache2/httpd.conf; \
-    \
+        echo "Include /etc/apache2/sites-available/mastercontainer.conf" | tee -a /etc/apache2/httpd.conf
+
+RUN set -ex; \
    rm -f /etc/apache2/conf.d/default.conf \
          /etc/apache2/conf.d/userdir.conf \
-          /etc/apache2/conf.d/info.conf; \
-    \
-    mkdir /var/log/supervisord; \
+          /etc/apache2/conf.d/info.conf
+
+RUN mkdir /var/log/supervisord; \
    mkdir /var/run/supervisord;

-COPY --chmod=775 *.sh /
-COPY --chmod=664 Caddyfile /Caddyfile
-COPY --chmod=664 supervisord.conf /supervisord.conf
-COPY mastercontainer.conf /etc/apache2/sites-available/mastercontainer.conf
+COPY Caddyfile /
+COPY start.sh /usr/bin/
+COPY backup-time-file-watcher.sh /
+COPY session-deduplicator.sh /
+COPY cron.sh /
+COPY daily-backup.sh /
+COPY supervisord.conf /
+COPY healthcheck.sh /
+RUN chmod +x /usr/bin/start.sh; \
+    chmod +x /cron.sh; \
+    chmod +x /session-deduplicator.sh; \
+    chmod +x /backup-time-file-watcher.sh; \
+    chmod +x /daily-backup.sh; \
+    chmod a+r /Caddyfile; \
+    chmod +x /healthcheck.sh

 USER root

-ENTRYPOINT ["/start.sh"]
+ENTRYPOINT ["start.sh"]
 CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]

 HEALTHCHECK CMD /healthcheck.sh
--- a/Containers/mastercontainer/cron.sh
+++ b/Containers/mastercontainer/cron.sh
@@ -57,14 +57,6 @@ while true; do
    # Remove dangling images
    sudo -u www-data docker image prune --force

-    # Check for available free space
-    sudo -u www-data php /var/www/docker-aio/php/src/Cron/CheckFreeDiskSpace.php
-
-    # Remove mastercontainer from default bridge network
-    if sudo -u www-data docker inspect nextcloud-aio-mastercontainer  --format "{{.NetworkSettings.Networks}}" | grep -q "bridge"; then
-        sudo -u www-data docker network disconnect bridge nextcloud-aio-mastercontainer
-    fi
-
    # Wait 60s so that the whole loop will not be executed again
    sleep 60
 done
--- a/Containers/mastercontainer/mastercontainer.conf
+++ b/Containers/mastercontainer/mastercontainer.conf
@@ -11,11 +11,8 @@ Listen 8080
    ServerName localhost

    # Add error log
-    CustomLog /proc/self/fd/1 proxy
-    LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
+    CustomLog /proc/self/fd/1 combined
    ErrorLog /proc/self/fd/2
-    ErrorLogFormat "[%t] [%l] [%E] [client: %{X-Forwarded-For}i] [%M] [%{User-Agent}i]"
-    LogLevel warn

    # PHP match
    <FilesMatch "\.php$">
--- a/Containers/mastercontainer/start.sh
+++ b/Containers/mastercontainer/start.sh
@@ -6,12 +6,6 @@ print_green() {
    printf "%b%s%b\n" "\e[0;92m" "$TEXT" "\e[0m"
 }

-# Function to show text in red
-print_red() {
-    local TEXT="$1"
-    printf "%b%s%b\n" "\e[0;31m" "$TEXT" "\e[0m"
-}
-
 # Function to check if number was provided
 check_if_number() {
 case "${1}" in
@@ -20,22 +14,12 @@ case "${1}" in
 esac
 }

-# Check if running as root user
-if [ "$EUID" != "0" ]; then
-    print_red "Container does not run as root user. This is not supported."
-    exit 1
-fi
-
 # Check if socket is available and readable
 if ! [ -a "/var/run/docker.sock" ]; then
-    print_red "Docker socket is not available. Cannot continue."
-    echo "Please make sure to mount the docker socket into /var/run/docker.sock inside the container!"
-    echo "If you did this by purpose because you don't want the container to have access to the docker socket, see https://github.com/nextcloud/all-in-one/tree/main/manual-install."
+    echo "Docker socket is not available. Cannot continue."
    exit 1
 elif ! mountpoint -q "/mnt/docker-aio-config"; then
-    print_red "/mnt/docker-aio-config is not a mountpoint. Cannot proceed!"
-    echo "Please make sure to mount the nextcloud_aio_mastercontainer docker volume into /mnt/docker-aio-config inside the container!"
-    echo "If you are on TrueNas SCALE, see https://github.com/nextcloud/all-in-one#can-i-run-aio-on-truenas-scale"
+    echo "/mnt/docker-aio-config is not a mountpoint. Cannot proceed!"
    exit 1
 elif ! sudo -u www-data test -r /var/run/docker.sock; then
    echo "Trying to fix docker.sock permissions internally..."
@@ -56,16 +40,14 @@ elif ! sudo -u www-data test -r /var/run/docker.sock; then
        usermod -aG docker www-data
    fi
    if ! sudo -u www-data test -r /var/run/docker.sock; then
-        print_red "Docker socket is not readable by the www-data user. Cannot continue."
+        echo "Docker socket is not readable by the www-data user. Cannot continue."
        exit 1
    fi
 fi

 # Check if api version is supported
 if ! sudo -u www-data docker info &>/dev/null; then
-    print_red "Cannot connect to the docker socket. Cannot proceed."
-    echo "If SELinux is enabled on your host, see https://github.com/nextcloud/all-in-one#are-there-known-problems-when-selinux-is-enabled"
-    echo "If you are on TrueNas SCALE, see https://github.com/nextcloud/all-in-one#can-i-run-aio-on-truenas-scale"
+    echo "Cannot connect to the docker socket. Cannot proceed."
    exit 1
 fi
 API_VERSION_FILE="$(find ./ -name DockerActionManager.php | head -1)"
@@ -75,7 +57,7 @@ API_VERSION_NUMB="$(echo "$API_VERSION" | sed 's/\.//')"
 LOCAL_API_VERSION_NUMB="$(sudo -u www-data docker version | grep -i "api version" | grep -oP '[0-9]+.[0-9]+' | head -1 | sed 's/\.//')"
 if [ -n "$LOCAL_API_VERSION_NUMB" ] && [ -n "$API_VERSION_NUMB" ]; then
    if ! [ "$LOCAL_API_VERSION_NUMB" -ge "$API_VERSION_NUMB" ]; then
-        print_red "Docker API v$API_VERSION is not supported by your docker engine. Cannot proceed. Please upgrade your docker engine if you want to run Nextcloud AIO!"
+        echo "Docker API v$API_VERSION is not supported by your docker engine. Cannot proceed. Please upgrade your docker engine if you want to run Nextcloud AIO!"
        exit 1
    fi
 else
@@ -96,16 +78,16 @@ fi

 # Check if startup command was executed correctly
 if ! sudo -u www-data docker ps --format "{{.Names}}" | grep -q "^nextcloud-aio-mastercontainer$"; then
-    print_red "It seems like you did not give the mastercontainer the correct name? (The 'nextcloud-aio-mastercontainer' container was not found.)
+    echo "It seems like you did not give the mastercontainer the correct name? (The 'nextcloud-aio-mastercontainer' container was not found.)
 Using a different name is not supported since mastercontainer updates will not work in that case!
 If you are on docker swarm and try to run AIO, see https://github.com/nextcloud/all-in-one#can-i-run-this-with-docker-swarm"
    exit 1
 elif ! sudo -u www-data docker volume ls --format "{{.Name}}" | grep -q "^nextcloud_aio_mastercontainer$"; then
-    print_red "It seems like you did not give the mastercontainer volume the correct name? (The 'nextcloud_aio_mastercontainer' volume was not found.)
+    echo "It seems like you did not give the mastercontainer volume the correct name? (The 'nextcloud_aio_mastercontainer' volume was not found.)
 Using a different name is not supported since the built-in backup solution will not work in that case!"
    exit 1
 elif ! sudo -u www-data docker inspect nextcloud-aio-mastercontainer | grep -q "nextcloud_aio_mastercontainer"; then
-    print_red "It seems like you did not attach the 'nextcloud_aio_mastercontainer' volume to the mastercontainer?
+    echo "It seems like you did not attach the 'nextcloud_aio_mastercontainer' volume to the mastercontainer?
 This is not supported since the built-in backup solution will not work in that case!"
    exit 1
 fi
@@ -113,34 +95,34 @@ fi
 # Check for other options
 if [ -n "$NEXTCLOUD_DATADIR" ]; then
    if [ "$NEXTCLOUD_DATADIR" = "nextcloud_aio_nextcloud_datadir" ]; then
-        sleep 1
+        echo "NEXTCLOUD_DATADIR is set to $NEXTCLOUD_DATADIR"
    elif ! echo "$NEXTCLOUD_DATADIR" | grep -q "^/" || [ "$NEXTCLOUD_DATADIR" = "/" ]; then
-        print_red "You've set NEXTCLOUD_DATADIR but not to an allowed value.
-The string must start with '/' and must not be equal to '/'. Also allowed is 'nextcloud_aio_nextcloud_datadir'.
+        echo "You've set NEXTCLOUD_DATADIR but not to an allowed value.
+The string must start with '/' and must not be equal to '/'.
 It is set to '$NEXTCLOUD_DATADIR'."
        exit 1
    fi
 fi
 if [ -n "$NEXTCLOUD_MOUNT" ]; then
    if ! echo "$NEXTCLOUD_MOUNT" | grep -q "^/" || [ "$NEXTCLOUD_MOUNT" = "/" ]; then
-        print_red "You've set NEXCLOUD_MOUNT but not to an allowed value.
+        echo "You've set NEXCLOUD_MOUNT but not to an allowed value.
 The string must start with '/' and must not be equal to '/'.
 It is set to '$NEXTCLOUD_MOUNT'."
        exit 1
    elif [ "$NEXTCLOUD_MOUNT" = "/mnt/ncdata" ] || echo "$NEXTCLOUD_MOUNT" | grep -q "^/mnt/ncdata/"; then
-        print_red "'/mnt/ncdata' and '/mnt/ncdata/' are not allowed as values for NEXTCLOUD_MOUNT."
+        echo "'/mnt/ncdata' and '/mnt/ncdata/' are not allowed as values for NEXTCLOUD_MOUNT."
        exit 1
    fi
 fi
 if [ -n "$NEXTCLOUD_DATADIR" ] && [ -n "$NEXTCLOUD_MOUNT" ]; then
    if [ "$NEXTCLOUD_DATADIR" = "$NEXTCLOUD_MOUNT" ]; then
-        print_red "NEXTCLOUD_DATADIR and NEXTCLOUD_MOUNT are not allowed to be equal."
+        echo "NEXTCLOUD_DATADIR and NEXTCLOUD_MOUNT are not allowed to be equal."
        exit 1
    fi
 fi
 if [ -n "$NEXTCLOUD_UPLOAD_LIMIT" ]; then
    if ! echo "$NEXTCLOUD_UPLOAD_LIMIT" | grep -q '^[0-9]\+G$'; then
-        print_red "You've set NEXTCLOUD_UPLOAD_LIMIT but not to an allowed value.
+        echo "You've set NEXTCLOUD_UPLOAD_LIMIT but not to an allowed value.
 The string must start with a number and end with 'G'.
 It is set to '$NEXTCLOUD_UPLOAD_LIMIT'."
        exit 1
@@ -148,7 +130,7 @@ It is set to '$NEXTCLOUD_UPLOAD_LIMIT'."
 fi
 if [ -n "$NEXTCLOUD_MAX_TIME" ]; then
    if ! echo "$NEXTCLOUD_MAX_TIME" | grep -q '^[0-9]\+$'; then
-        print_red "You've set NEXTCLOUD_MAX_TIME but not to an allowed value.
+        echo "You've set NEXTCLOUD_MAX_TIME but not to an allowed value.
 The string must be a number. E.g. '3600'.
 It is set to '$NEXTCLOUD_MAX_TIME'."
        exit 1
@@ -156,7 +138,7 @@ It is set to '$NEXTCLOUD_MAX_TIME'."
 fi
 if [ -n "$NEXTCLOUD_MEMORY_LIMIT" ]; then
    if ! echo "$NEXTCLOUD_MEMORY_LIMIT" | grep -q '^[0-9]\+M$'; then
-        print_red "You've set NEXTCLOUD_MEMORY_LIMIT but not to an allowed value.
+        echo "You've set NEXTCLOUD_MEMORY_LIMIT but not to an allowed value.
 The string must start with a number and end with 'M'.
 It is set to '$NEXTCLOUD_MEMORY_LIMIT'."
        exit 1
@@ -164,64 +146,64 @@ It is set to '$NEXTCLOUD_MEMORY_LIMIT'."
 fi
 if [ -n "$APACHE_PORT" ]; then
    if ! check_if_number "$APACHE_PORT"; then
-        print_red "You provided an Apache port but did not only use numbers.
+        echo "You provided an Apache port but did not only use numbers.
 It is set to '$APACHE_PORT'."
        exit 1
    elif ! [ "$APACHE_PORT" -le 65535 ] || ! [ "$APACHE_PORT" -ge 1 ]; then
-        print_red "The provided Apache port is invalid. It must be between 1 and 65535"
+        echo "The provided Apache port is invalid. It must be between 1 and 65535"
        exit 1
    fi
 fi
 if [ -n "$APACHE_IP_BINDING" ]; then
    if ! echo "$APACHE_IP_BINDING" | grep -q '^[0-9.]\+$'; then
-        print_red "You provided an ip-address for the apache container's ip-binding but it was not a valid ip-address.
+        echo "You provided an ip-address for the apache container's ip-binding but it was not a valid ip-address.
 It is set to '$APACHE_IP_BINDING'."
        exit 1
    fi
 fi
 if [ -n "$TALK_PORT" ]; then
    if ! check_if_number "$TALK_PORT"; then
-        print_red "You provided an Talk port but did not only use numbers.
+        echo "You provided an Talk port but did not only use numbers.
 It is set to '$TALK_PORT'."
        exit 1
    elif ! [ "$TALK_PORT" -le 65535 ] || ! [ "$TALK_PORT" -ge 1 ]; then
-        print_red "The provided Talk port is invalid. It must be between 1 and 65535"
+        echo "The provided Talk port is invalid. It must be between 1 and 65535"
        exit 1
    fi
 fi
 if [ -n "$APACHE_PORT" ] && [ -n "$TALK_PORT" ]; then
    if [ "$APACHE_PORT" = "$TALK_PORT" ]; then
-        print_red "APACHE_PORT and TALK_PORT are not allowed to be equal."
+        echo "APACHE_PORT and TALK_PORT are not allowed to be equal."
        exit 1
    fi
 fi
-if [ -n "$WATCHTOWER_DOCKER_SOCKET_PATH" ]; then
-    if ! echo "$WATCHTOWER_DOCKER_SOCKET_PATH" | grep -q "^/" || echo "$WATCHTOWER_DOCKER_SOCKET_PATH" | grep -q "/$"; then
-        print_red "You've set WATCHTOWER_DOCKER_SOCKET_PATH but not to an allowed value.
+if [ -n "$DOCKER_SOCKET_PATH" ]; then
+    if ! echo "$DOCKER_SOCKET_PATH" | grep -q "^/" || echo "$DOCKER_SOCKET_PATH" | grep -q "/$"; then
+        echo "You've set DOCKER_SOCKET_PATH but not to an allowed value.
 The string must start with '/' and must not end with '/'.
-It is set to '$WATCHTOWER_DOCKER_SOCKET_PATH'."
+It is set to '$DOCKER_SOCKET_PATH'."
        exit 1
    fi
 fi
 if [ -n "$NEXTCLOUD_TRUSTED_CACERTS_DIR" ]; then
    if ! echo "$NEXTCLOUD_TRUSTED_CACERTS_DIR" | grep -q "^/" || echo "$NEXTCLOUD_TRUSTED_CACERTS_DIR" | grep -q "/$"; then
-        print_red "You've set NEXTCLOUD_TRUSTED_CACERTS_DIR but not to an allowed value.
+        echo "You've set NEXTCLOUD_TRUSTED_CACERTS_DIR but not to an allowed value.
 It should be an absolute path to a directory that starts with '/' but not end with '/'.
 It is set to '$NEXTCLOUD_TRUSTED_CACERTS_DIR '."
        exit 1
    fi
 fi
 if [ -n "$NEXTCLOUD_STARTUP_APPS" ]; then
-    if ! echo "$NEXTCLOUD_STARTUP_APPS" | grep -q "^[a-z0-9 _-]\+$"; then
-        print_red "You've set NEXTCLOUD_STARTUP_APPS but not to an allowed value.
-It needs to be a string. Allowed are small letters a-z, 0-9, spaces, hyphens and '_'.
+    if ! echo "$NEXTCLOUD_STARTUP_APPS" | grep -q "^[a-z _-]\+$"; then
+        echo "You've set NEXTCLOUD_STARTUP_APPS but not to an allowed value.
+It needs to be a string. Allowed are small letters a-z, spaces, hyphens and '_'.
 It is set to '$NEXTCLOUD_STARTUP_APPS'."
        exit 1
    fi
 fi
 if [ -n "$NEXTCLOUD_ADDITIONAL_APKS" ]; then
    if ! echo "$NEXTCLOUD_ADDITIONAL_APKS" | grep -q "^[a-z0-9 ._-]\+$"; then
-        print_red "You've set NEXTCLOUD_ADDITIONAL_APKS but not to an allowed value.
+        echo "You've set NEXTCLOUD_ADDITIONAL_APKS but not to an allowed value.
 It needs to be a string. Allowed are small letters a-z, digits 0-9, spaces, hyphens, dots and '_'.
 It is set to '$NEXTCLOUD_ADDITIONAL_APKS'."
        exit 1
@@ -229,7 +211,7 @@ It is set to '$NEXTCLOUD_ADDITIONAL_APKS'."
 fi
 if [ -n "$NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS" ]; then
    if ! echo "$NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS" | grep -q "^[a-z0-9 ._-]\+$"; then
-        print_red "You've set NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS but not to an allowed value.
+        echo "You've set NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS but not to an allowed value.
 It needs to be a string. Allowed are small letters a-z, digits 0-9, spaces, hyphens, dots and '_'.
 It is set to '$NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS'."
        exit 1
@@ -240,7 +222,7 @@ fi
 # Prevents issues like https://github.com/nextcloud/all-in-one/discussions/565
 curl https://nextcloud.com &>/dev/null
 if [ "$?" = 6 ]; then
-    print_red "Could not resolve the host nextcloud.com."
+    echo "Could not resolve the host nextcloud.com."
    echo "Most likely the DNS resolving does not work."
    echo "You should be able to fix this by following https://dockerlabs.collabnix.com/intermediate/networking/Configuring_DNS.html"
    echo "Apart from that, there has been this: https://github.com/nextcloud/all-in-one/discussions/2065"
@@ -291,7 +273,7 @@ if [ -f ./ssl.crt ] && [ -f ./ssl.key ]; then
    cp "$GENERATED_CERTS/ssl.key" ./
 fi

-print_green "Initial startup of Nextcloud All-in-One complete!
+print_green "Initial startup of Nextcloud All In One complete!
 You should be able to open the Nextcloud AIO Interface now on port 8080 of this server!
 E.g. https://internal.ip.of.this.server:8080

--- a/Containers/mastercontainer/supervisord.conf
+++ b/Containers/mastercontainer/supervisord.conf
@@ -38,7 +38,6 @@ stdout_logfile_maxbytes=0
 stderr_logfile=/dev/stderr
 stderr_logfile_maxbytes=0
 command=/cron.sh
-user=root

 [program:backup-time-file-watcher]
 stdout_logfile=/dev/stdout
--- a/Containers/nextcloud/Dockerfile
+++ b/Containers/nextcloud/Dockerfile
@@ -1,19 +1,5 @@
-FROM php:8.1.21-fpm-alpine3.18
-
-ENV PHP_MEMORY_LIMIT 512M
-ENV PHP_UPLOAD_LIMIT 10G
-ENV PHP_MAX_TIME 3600
-ENV NEXTCLOUD_VERSION 26.0.3
-ENV AIO_TOKEN 123456
-ENV AIO_URL localhost
-
-COPY --chmod=775 *.sh /
-COPY --chmod=774 upgrade.exclude /upgrade.exclude
-COPY config/*.php /
-COPY supervisord.conf /supervisord.conf
-
-VOLUME /mnt/ncdata
-VOLUME /var/www/html
+# From https://github.com/nextcloud/docker/blob/master/23/fpm-alpine/Dockerfile
+FROM php:8.0.28-fpm-alpine3.16

 # Custom: change id of www-data user as it needs to be the same like on old installations
 RUN set -ex; \
@@ -22,32 +8,51 @@ RUN set -ex; \
    groupmod -g 333 xfs; \
    usermod -u 333 -g 333 xfs; \
    addgroup -g 33 -S www-data; \
-    adduser -u 33 -D -S -G www-data www-data; \
-    \
+    adduser -u 33 -D -S -G www-data www-data
+
 # entrypoint.sh and cron.sh dependencies
+RUN set -ex; \
+    \
    apk add --no-cache \
        rsync \
-    ; \
+    ;
+
 # install the PHP extensions we need
 # see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html
+ENV PHP_MEMORY_LIMIT 512M
+ENV PHP_UPLOAD_LIMIT 10G
+ENV PHP_MAX_TIME 3600
+RUN set -ex; \
+    \
    apk add --no-cache --virtual .build-deps \
        $PHPIZE_DEPS \
        autoconf \
+        libtool \
        freetype-dev \
-        gmp-dev \
        icu-dev \
-        imagemagick-dev \
        libevent-dev \
        libjpeg-turbo-dev \
        libmcrypt-dev \
-        libmemcached-dev \
        libpng-dev \
-        libwebp-dev \
+        libmemcached-dev \
        libxml2-dev \
        libzip-dev \
        openldap-dev \
        pcre-dev \
        postgresql-dev \
+        libwebp-dev \
+        gmp-dev \
+        lcms2-dev \
+        fontconfig-dev \
+        freetype-dev \
+        ghostscript-dev \
+        tiff-dev \
+        zlib-dev \
+        imagemagick-dev \
+        libheif-dev \
+        librsvg-dev \
+        libxext-dev \
+        ghostscript-fonts \
    ; \
    \
    docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp; \
@@ -56,14 +61,13 @@ RUN set -ex; \
        bcmath \
        exif \
        gd \
-        gmp \
        intl \
        ldap \
        opcache \
        pcntl \
        pdo_pgsql \
-        sysvsem \
        zip \
+        gmp \
    ; \
    \
 # pecl will claim success even if one install fails, so we need to perform each install separately
@@ -86,17 +90,14 @@ RUN set -ex; \
            | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
    )"; \
    apk add --virtual .nextcloud-phpext-rundeps $runDeps; \
-    apk del .build-deps; \
-    \
+    apk del .build-deps
+
 # set recommended PHP.ini settings
 # see https://docs.nextcloud.com/server/stable/admin_manual/configuration_server/server_tuning.html#enable-php-opcache
-    { \
-        echo 'opcache.memory_consumption=256'; \
-        echo 'opcache.interned_strings_buffer=64'; \
+RUN { \
+        echo 'opcache.interned_strings_buffer=32'; \
        echo 'opcache.save_comments=1'; \
        echo 'opcache.revalidate_freq=60'; \
-        echo 'opcache.jit=1255'; \
-        echo 'opcache.jit_buffer_size=8M'; \
    } > /usr/local/etc/php/conf.d/opcache-recommended.ini; \
    \
    echo 'apc.enable_cli=1' >> /usr/local/etc/php/conf.d/docker-php-ext-apcu.ini; \
@@ -109,10 +110,15 @@ RUN set -ex; \
        echo 'max_input_time=${PHP_MAX_TIME}'; \
    } > /usr/local/etc/php/conf.d/nextcloud.ini; \
    \
-    mkdir -p /var/www/data; \
+    mkdir /var/www/data; \
    chown -R www-data:root /var/www; \
-    chmod -R g=u /var/www; \
-    \
+    chmod -R g=u /var/www
+
+VOLUME /var/www/html
+
+ENV NEXTCLOUD_VERSION 25.0.5
+
+RUN set -ex; \
    apk add --no-cache --virtual .fetch-deps \
        bzip2 \
        gnupg \
@@ -132,18 +138,27 @@ RUN set -ex; \
    mkdir -p /usr/src/nextcloud/data; \
    mkdir -p /usr/src/nextcloud/custom_apps; \
    chmod +x /usr/src/nextcloud/occ; \
-    mkdir -p /usr/src/nextcloud/config; \
-    mv /*.php /usr/src/nextcloud/config/; \
-    apk del .fetch-deps; \
-    \
+    apk del .fetch-deps
+
+COPY *.sh upgrade.exclude /
+COPY config/* /usr/src/nextcloud/config/
+
+ENTRYPOINT ["/entrypoint.sh"]
+CMD ["php-fpm"]
+
 # Template from https://github.com/nextcloud/docker/blob/master/.examples/dockerfiles/full/fpm-alpine/Dockerfile
+
+RUN set -ex; \
+    \
    apk add --no-cache \
        ffmpeg \
        procps \
        samba-client \
        supervisor \
 #       libreoffice \
-    ; \
+    ;
+
+RUN set -ex; \
    \
    apk add --no-cache --virtual .build-deps \
        $PHPIZE_DEPS \
@@ -171,12 +186,21 @@ RUN set -ex; \
            | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
    )"; \
    apk add --virtual .nextcloud-phpext-rundeps $runDeps; \
-    apk del .build-deps; \
-    \
-    mkdir -p \
+    apk del .build-deps
+
+RUN mkdir -p \
    /var/log/supervisord \
    /var/run/supervisord \
-    ; \
+;
+
+COPY supervisord.conf /
+
+ENV NEXTCLOUD_UPDATE=1
+
+CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]
+
+# Custom:
+RUN set -ex; \
    \
    apk add --no-cache \
        bash \
@@ -186,41 +210,63 @@ RUN set -ex; \
        git \
        postgresql-client \
        tzdata \
+        mawk \
        sudo \
        grep \
-        nodejs \
-        coreutils; \
-    \
+        coreutils \
+        libjpeg \
+        librsvg \
+        libheif \
+        libpng \
+        ghostscript-fonts;
+
+RUN set -ex; \
    grep -q '^pm = dynamic' /usr/local/etc/php-fpm.d/www.conf; \
    sed -i 's/^pm = dynamic/pm = ondemand/' /usr/local/etc/php-fpm.d/www.conf; \
    sed -i 's/^pm.max_children =.*/pm.max_children = 80/' /usr/local/etc/php-fpm.d/www.conf; \
    sed -i 's/^pm.start_servers =.*/pm.start_servers = 2/' /usr/local/etc/php-fpm.d/www.conf; \
    sed -i 's/^pm.min_spare_servers =.*/pm.min_spare_servers = 1/' /usr/local/etc/php-fpm.d/www.conf; \
    sed -i 's/^pm.max_spare_servers =.*/pm.max_spare_servers = 3/' /usr/local/etc/php-fpm.d/www.conf; \
-    sed -i 's|access.log = /proc/self/fd/2|access.log = /proc/self/fd/1|' /usr/local/etc/php-fpm.d/docker.conf; \
-    \
+    sed -i 's|access.log = /proc/self/fd/2|access.log = /proc/self/fd/1|' /usr/local/etc/php-fpm.d/docker.conf
+
+RUN set -ex; \
    rm -rf /tmp/nextcloud-aio && \
    mkdir -p /tmp/nextcloud-aio && \
    cd /tmp/nextcloud-aio && \
    git clone https://github.com/nextcloud-releases/all-in-one.git --depth 1 .; \
    mkdir -p /usr/src/nextcloud/apps/nextcloud-aio; \
-    cp -r ./app/* /usr/src/nextcloud/apps/nextcloud-aio/; \
-    \
+    cp -r ./app/* /usr/src/nextcloud/apps/nextcloud-aio/
+
+RUN set -ex; \
    chown www-data:root -R /usr/src && \
    chown www-data:root -R /usr/local/etc/php/conf.d && \
    chown www-data:root -R /usr/local/etc/php-fpm.d && \
-    rm -r /usr/src/nextcloud/apps/updatenotification; \
-    \
-    mkdir -p /nc-updater; \
-    chown -R www-data:www-data /nc-updater; \
-    chmod -R 770 /nc-updater; \
-    \
+    rm -r /usr/src/nextcloud/apps/updatenotification
+
+COPY start.sh /
+COPY notify.sh /
+COPY notify-all.sh /
+RUN set -ex; \
+    chmod +x /start.sh && \
+    chmod +x /entrypoint.sh && \
+    chmod +r /upgrade.exclude && \
+    chmod +x /cron.sh && \
+    chmod +x /notify.sh && \
+    chmod +x /notify-all.sh && \
+    chmod +x /activate-collabora.sh && \
+    chmod +x /healthcheck.sh
+
+RUN set -ex; \
+    mkdir /mnt/ncdata; \
+    chown www-data:www-data /mnt/ncdata;
+
+VOLUME /mnt/ncdata
+
 # Give root a random password
-    echo "root:$(openssl rand -base64 12)" | chpasswd
+RUN echo "root:$(openssl rand -base64 12)" | chpasswd

 USER root
 ENTRYPOINT ["/start.sh"]
-CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]

 HEALTHCHECK CMD sudo -E -u www-data bash /healthcheck.sh
-LABEL com.centurylinklabs.watchtower.enable="false"
+LABEL com.centurylinklabs.watchtower.monitor-only="true"
--- a/Containers/nextcloud/activate-collabora.sh
+++ b/Containers/nextcloud/activate-collabora.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+
+if [ "$COLLABORA_ENABLED" != yes ]; then
+    # Basically sleep for forever if collabora is not enabled
+    sleep inf
+fi
+while ! nc -z "$NC_DOMAIN" 443; do
+    sleep 5
+done
+sleep 10
+echo "Activating collabora config..."
+php /var/www/html/occ richdocuments:activate-config
+sleep inf
--- a/Containers/nextcloud/config/aio.config.php
+++ b/Containers/nextcloud/config/aio.config.php
@@ -1,5 +0,0 @@
-<?php
-$CONFIG = array (
-  'one-click-instance' => true,
-  'one-click-instance.user-limit' => 100,
-);
--- a/Containers/nextcloud/entrypoint.sh
+++ b/Containers/nextcloud/entrypoint.sh
@@ -10,15 +10,6 @@ directory_empty() {
    [ -z "$(ls -A "$1/")" ]
 }

-run_upgrade_if_needed_due_to_app_update() {
-    if php /var/www/html/occ status | grep needsDbUpgrade | grep -q true; then
-        # Disable integrity check temporarily until next update
-        php /var/www/html/occ config:system:set integrity.check.disabled --type bool --value true
-        php /var/www/html/occ upgrade
-        php /var/www/html/occ app:enable nextcloud-aio --force
-    fi
-}
-
 echo "Configuring Redis as session handler..."
 cat << REDIS_CONF > /usr/local/etc/php/conf.d/redis-session.ini
 session.save_handler = redis
@@ -31,7 +22,7 @@ redis.session.lock_wait_time = 10000
 REDIS_CONF

 echo "Setting php max children..."
-MEMORY=$(awk '/MemTotal/ {printf "%d", $2/1024}' /proc/meminfo)
+MEMORY=$(mawk '/MemTotal/ {printf "%d", $2/1024}' /proc/meminfo)
 PHP_MAX_CHILDREN=$((MEMORY/50))
 if [ -n "$PHP_MAX_CHILDREN" ]; then
    sed -i "s/^pm.max_children =.*/pm.max_children = $PHP_MAX_CHILDREN/" /usr/local/etc/php-fpm.d/www.conf
@@ -156,8 +147,6 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then
                fi
            done

-            run_upgrade_if_needed_due_to_app_update
-
            php /var/www/html/occ maintenance:mode --off

            echo "Getting and backing up the status of apps for later, this might take a while..."
@@ -181,8 +170,6 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then

            php /var/www/html/occ app:update --all

-            run_upgrade_if_needed_due_to_app_update
-
            # Fix removing the updatenotification for old instances
            UPDATENOTIFICATION_STATUS="$(php /var/www/html/occ config:app:get updatenotification enabled)"
            if [ -d "/var/www/html/apps/updatenotification" ]; then
@@ -218,14 +205,6 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then
                INSTALL_OPTIONS+=(--data-dir "$NEXTCLOUD_DATA_DIR")
            fi

-            # We do our own permission check so the permission check is not needed
-            cat << DATADIR_PERMISSION_CONF > /var/www/html/config/datadir.permission.config.php
-<?php
-    \$CONFIG = array (
-    'check_data_directory_permissions' => false
-);
-DATADIR_PERMISSION_CONF
-
            echo "Installing with PostgreSQL database"
            INSTALL_OPTIONS+=(--database pgsql --database-name "$POSTGRES_DB" --database-user "$POSTGRES_USER" --database-pass "$POSTGRES_PASSWORD" --database-host "$POSTGRES_HOST")

@@ -236,6 +215,9 @@ DATADIR_PERMISSION_CONF
                exit 1
            fi

+            # We do our own permission check so the permission check is not needed
+            php /var/www/html/occ config:system:set check_data_directory_permissions --value=false --type=bool
+
            # Try to force generation of appdata dir:
            php /var/www/html/occ maintenance:repair

@@ -256,43 +238,9 @@ DATADIR_PERMISSION_CONF
                fi
            fi

-            # This autoconfig is not needed anymore and should be able to be overwritten by the user
-            rm /var/www/html/config/datadir.permission.config.php
-
            # unset admin password
            unset ADMIN_PASSWORD

-            if [ "$INSTALL_LATEST_MAJOR" = yes ]; then
-                php /var/www/html/occ config:system:set updater.release.channel --value=beta
-                php /var/www/html/occ config:system:set updatedirectory --value="/nc-updater"
-                php /var/www/html/updater/updater.phar --no-interaction
-                if ! php /var/www/html/occ -V || php /var/www/html/occ status | grep maintenance | grep -q 'true'; then
-                    echo "Installation of Nextcloud failed!"
-                    touch "$NEXTCLOUD_DATA_DIR/install.failed"
-                    exit 1
-                fi
-                # shellcheck disable=SC2016
-                installed_version="$(php -r 'require "/var/www/html/version.php"; echo implode(".", $OC_Version);')"
-                INSTALLED_MAJOR="${installed_version%%.*}"
-                IMAGE_MAJOR="${image_version%%.*}"
-                if ! [ "$INSTALLED_MAJOR" -gt "$IMAGE_MAJOR" ]; then
-                    php /var/www/html/updater/updater.phar --no-interaction
-                    if ! php /var/www/html/occ -V || php /var/www/html/occ status | grep maintenance | grep -q 'true'; then
-                        echo "Installation of Nextcloud failed!"
-                        touch "$NEXTCLOUD_DATA_DIR/install.failed"
-                        exit 1
-                    fi
-                fi
-                php /var/www/html/occ app:disable updatenotification
-                rm -rf /var/www/html/apps/updatenotification
-                php /var/www/html/occ config:system:set updater.release.channel --value=stable
-                php /var/www/html/occ app:enable nextcloud-aio --force
-                php /var/www/html/occ db:add-missing-indices
-                php /var/www/html/occ db:add-missing-columns
-                php /var/www/html/occ db:add-missing-primary-keys
-                yes | php /var/www/html/occ db:convert-filecache-bigint
-            fi
-
            # Apply log settings
            echo "Applying default settings..."
            mkdir -p /var/www/html/data
@@ -317,7 +265,6 @@ DATADIR_PERMISSION_CONF
            php /var/www/html/occ config:system:set enabledPreviewProviders 4 --value="OC\\Preview\\TXT"
            php /var/www/html/occ config:system:set enabledPreviewProviders 5 --value="OC\\Preview\\OpenDocument"
            php /var/www/html/occ config:system:set enabledPreviewProviders 6 --value="OC\\Preview\\Movie"
-            php /var/www/html/occ config:system:set enabledPreviewProviders 7 --value="OC\\Preview\\Krita"
            php /var/www/html/occ config:system:set enable_previews --value=true --type=boolean

            # Apply other settings
@@ -352,11 +299,15 @@ DATADIR_PERMISSION_CONF
                done
            fi

+            # Set the permission check to its default value again if not set
+            if [ "$SKIP_DATA_DIRECTORY_PERMISSION_CHECK" != yes ]; then
+                php /var/www/html/occ config:system:set check_data_directory_permissions --value=true --type=bool
+            fi
+
        #upgrade
        else
            touch "$NEXTCLOUD_DATA_DIR/update.failed"
            echo "Upgrading nextcloud from $installed_version to $image_version..."
-            php /var/www/html/occ config:system:delete integrity.check.disabled
            if ! php /var/www/html/occ upgrade || ! php /var/www/html/occ -V; then
                echo "Upgrade failed. Please restore from backup."
                bash /notify.sh "Nextcloud update to $image_version failed!" "Please restore from backup!"
@@ -368,8 +319,6 @@ DATADIR_PERMISSION_CONF

            php /var/www/html/occ app:update --all

-            run_upgrade_if_needed_due_to_app_update
-
            # Restore app status
            if [ "${APPSTORAGE[0]}" != "no-export-done" ]; then
                echo "Restoring the status of apps. This can take a while..."
@@ -378,12 +327,6 @@ DATADIR_PERMISSION_CONF
                        if [ "${APPSTORAGE[$app]}" != "no" ]; then
                            echo "Enabling $app..."
                            if ! php /var/www/html/occ app:enable "$app" >/dev/null; then
-                                php /var/www/html/occ app:disable "$app" >/dev/null
-                                if ! php /var/www/html/occ -V &>/dev/null; then
-                                    rm -r "/var/www/html/custom_apps/$app"
-                                    php /var/www/html/occ maintenance:mode --off
-                                fi
-                                run_upgrade_if_needed_due_to_app_update
                                echo "The $app app could not get enabled. Probably because it is not compatible with the new Nextcloud version."
                                if [ "$app" = apporder ]; then
                                    CUSTOM_HINT="The apporder app was deprecated. A possible replacement is the side_menu app, aka 'Custom menu'."
@@ -404,8 +347,6 @@ DATADIR_PERMISSION_CONF

            php /var/www/html/occ app:update --all

-            run_upgrade_if_needed_due_to_app_update
-
            # Apply optimization
            echo "Doing some optimizations..."
            php /var/www/html/occ maintenance:repair
@@ -421,7 +362,8 @@ DATADIR_PERMISSION_CONF
    # Performing update of all apps if daily backups are enabled, running and successful and if it is saturday
    if [ "$UPDATE_NEXTCLOUD_APPS" = 'yes' ] && [ "$(date +%u)" = 6 ]; then
        UPDATED_APPS="$(php /var/www/html/occ app:update --all)"
-        run_upgrade_if_needed_due_to_app_update
+        # Update all apps again and try to prevent something like https://github.com/nextcloud/polls/issues/2793 from happening
+        php /var/www/html/occ app:update --all
        if [ -n "$UPDATED_APPS" ]; then
             bash /notify.sh "Your apps just got updated!" "$UPDATED_APPS"
        fi
@@ -430,28 +372,23 @@ else
    SKIP_UPDATE=1
 fi

-run_upgrade_if_needed_due_to_app_update
-
 if [ -z "$OBJECTSTORE_S3_BUCKET" ] && [ -z "$OBJECTSTORE_SWIFT_URL" ]; then
    # Check if appdata is present
    # If not, something broke (e.g. changing ncdatadir after aio was first started)
    if [ -z "$(find "$NEXTCLOUD_DATA_DIR/" -maxdepth 1 -mindepth 1 -type d -name "appdata_*")" ]; then
-        echo "Appdata is not present. Did you maybe change the datadir after the initial Nextcloud installation? This is not supported!"
+        echo "Appdata is not present. Did you maybe change the datadir after aio was first started?"
        echo "See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir"
-        echo "If you adjusted the datadir to be located on an external drive, make sure that the drive is still mounted!"
        echo "In the datadir was found:"
        ls -la "$NEXTCLOUD_DATA_DIR/"
        exit 1
    fi

-    # Delete formerly configured tempdirectory as the default is usually faster (if the datadir is on a HDD or network FS)
-    if [ "$(php /var/www/html/occ config:system:get tempdirectory)" = "$NEXTCLOUD_DATA_DIR/tmp/" ]; then
-        php /var/www/html/occ config:system:delete tempdirectory
-        if [ -d "$NEXTCLOUD_DATA_DIR/tmp/" ]; then
-            rm -r "$NEXTCLOUD_DATA_DIR/tmp/"
-        fi
+    # Configure tempdirectory
+    mkdir -p "$NEXTCLOUD_DATA_DIR/tmp/"
+    if ! grep -q upload_tmp_dir /usr/local/etc/php/conf.d/nextcloud.ini; then
+        echo "upload_tmp_dir = $NEXTCLOUD_DATA_DIR/tmp/" >> /usr/local/etc/php/conf.d/nextcloud.ini
    fi
-
+    php /var/www/html/occ config:system:set tempdirectory --value="$NEXTCLOUD_DATA_DIR/tmp/"
 fi

 # Perform fingerprint update if instance was restored
@@ -469,10 +406,8 @@ php /var/www/html/occ app:enable support

 # Adjusting log files to be stored on a volume
 echo "Adjusting log files..."
-php /var/www/html/occ config:system:set upgrade.cli-upgrade-link --value="https://github.com/nextcloud/all-in-one/discussions/2726"
 php /var/www/html/occ config:system:set logfile --value="/var/www/html/data/nextcloud.log"
 php /var/www/html/occ config:app:set admin_audit logfile --value="/var/www/html/data/audit.log"
-php /var/www/html/occ config:system:set updatedirectory --value="/nc-updater"

 # Apply network settings
 echo "Applying network settings..."
@@ -575,7 +510,6 @@ if [ "$ONLYOFFICE_ENABLED" = 'yes' ]; then
        php /var/www/html/occ app:update onlyoffice
    fi
    php /var/www/html/occ config:system:set onlyoffice jwt_secret --value="$ONLYOFFICE_SECRET"
-    php /var/www/html/occ config:app:set onlyoffice jwt_secret --value="$ONLYOFFICE_SECRET"
    php /var/www/html/occ config:system:set onlyoffice jwt_header --value="AuthorizationJwt"
    php /var/www/html/occ config:app:set onlyoffice DocumentServerUrl --value="https://$NC_DOMAIN/onlyoffice"
    php /var/www/html/occ config:system:set allow_local_remote_servers --type=bool --value=true
@@ -612,21 +546,6 @@ else
    fi
 fi

-# Talk recording
-if [ -d "/var/www/html/custom_apps/spreed" ]; then
-    if [ "$TALK_RECORDING_ENABLED" = 'yes' ]; then
-        while ! nc -z "$TALK_RECORDING_HOST" 1234; do
-            echo "waiting for Talk Recording to become available..."
-            sleep 5
-        done
-        # TODO: migrate to occ command if that becomes available
-        RECORDING_SERVERS_STRING="{\"servers\":[{\"server\":\"http://$TALK_RECORDING_HOST:1234/\",\"verify\":true}],\"secret\":\"$RECORDING_SECRET\"}"
-        php /var/www/html/occ config:app:set spreed recording_servers --value="$RECORDING_SERVERS_STRING"
-    else
-        php /var/www/html/occ config:app:delete spreed recording_servers
-    fi
-fi
-
 # Clamav
 if [ "$CLAMAV_ENABLED" = 'yes' ]; then
    count=0
@@ -650,7 +569,7 @@ if [ "$CLAMAV_ENABLED" = 'yes' ]; then
        php /var/www/html/occ config:app:set files_antivirus av_port --value="3310"
        php /var/www/html/occ config:app:set files_antivirus av_host --value="$CLAMAV_HOST"
        php /var/www/html/occ config:app:set files_antivirus av_stream_max_length --value="104857600"
-        php /var/www/html/occ config:app:set files_antivirus av_max_file_size --value="104857600"
+        php /var/www/html/occ config:app:set files_antivirus av_max_file_size --value="-1"
        php /var/www/html/occ config:app:set files_antivirus av_infected_action --value="only_log"
    fi
 else
@@ -660,16 +579,18 @@ else
 fi

 # Imaginary
-if [ "$IMAGINARY_ENABLED" = 'yes' ]; then
-    php /var/www/html/occ config:system:set enabledPreviewProviders 0 --value="OC\\Preview\\Imaginary"
-    php /var/www/html/occ config:system:set preview_imaginary_url --value="http://$IMAGINARY_HOST:9000"
-else
-    if [ -n "$(php /var/www/html/occ config:system:get preview_imaginary_url)" ]; then
-        php /var/www/html/occ config:system:delete enabledPreviewProviders 0
-        php /var/www/html/occ config:system:delete preview_imaginary_url
-        php /var/www/html/occ config:system:delete enabledPreviewProviders 20
-        php /var/www/html/occ config:system:delete enabledPreviewProviders 21
-        php /var/www/html/occ config:system:delete enabledPreviewProviders 22
+if version_greater "$installed_version" "24.0.0.0"; then
+    if [ "$IMAGINARY_ENABLED" = 'yes' ]; then
+        php /var/www/html/occ config:system:set enabledPreviewProviders 0 --value="OC\\Preview\\Imaginary"
+        php /var/www/html/occ config:system:set preview_imaginary_url --value="http://$IMAGINARY_HOST:9000"
+    else
+        if [ -n "$(php /var/www/html/occ config:system:get preview_imaginary_url)" ]; then
+            php /var/www/html/occ config:system:delete enabledPreviewProviders 0
+            php /var/www/html/occ config:system:delete preview_imaginary_url
+            php /var/www/html/occ config:system:delete enabledPreviewProviders 20
+            php /var/www/html/occ config:system:delete enabledPreviewProviders 21
+            php /var/www/html/occ config:system:delete enabledPreviewProviders 22
+        fi
    fi
 fi

--- a/Containers/nextcloud/healthcheck.sh
+++ b/Containers/nextcloud/healthcheck.sh
@@ -2,6 +2,6 @@

 nc -z "$POSTGRES_HOST" 5432 || exit 0

-if ! nc -z localhost 9000; then
+if ! nc -z localhost 9000 || ! nc -z localhost 7867; then
    exit 1
 fi
--- a/Containers/nextcloud/run-exec-commands.sh
+++ b/Containers/nextcloud/run-exec-commands.sh
@@ -1,23 +0,0 @@
-#!/bin/bash
-
-while ! nc -z "$NC_DOMAIN" 443; do
-    sleep 5
-done
-sleep 10
-
-if [ -n "$NEXTCLOUD_EXEC_COMMANDS" ]; then
-    echo "#!/bin/bash" > /tmp/nextcloud-exec-commands
-    echo "$NEXTCLOUD_EXEC_COMMANDS" >> /tmp/nextcloud-exec-commands
-    if ! grep "one-click-instance" /tmp/nextcloud-exec-commands; then
-        bash /tmp/nextcloud-exec-commands
-        rm /tmp/nextcloud-exec-commands
-    fi
-else
-    # Collabora must work also if using manual-install 
-    if [ "$COLLABORA_ENABLED" = yes ]; then
-        echo "Activating collabora config..."
-        php /var/www/html/occ richdocuments:activate-config
-    fi
-fi
-
-sleep inf
--- a/Containers/nextcloud/start.sh
+++ b/Containers/nextcloud/start.sh
@@ -131,4 +131,14 @@ if ! sudo -E -u www-data bash /entrypoint.sh; then
    exit 1
 fi

+# Correctly set CPU_ARCH for notify_push
+CPU_ARCH="$(uname -m)"
+export CPU_ARCH
+if [ -z "$CPU_ARCH" ]; then
+    echo "Could not get processor architecture. Exiting."
+    exit 1
+elif [ "$CPU_ARCH" != "x86_64" ]; then
+    export CPU_ARCH="aarch64"
+fi
+
 exec "$@"
--- a/Containers/nextcloud/supervisord.conf
+++ b/Containers/nextcloud/supervisord.conf
@@ -25,10 +25,18 @@ stderr_logfile_maxbytes=0
 command=/cron.sh
 user=www-data

-[program:run-exec-commands]
+[program:notify-push]
 stdout_logfile=/dev/stdout
 stdout_logfile_maxbytes=0
 stderr_logfile=/dev/stderr
 stderr_logfile_maxbytes=0
-command=/run-exec-commands.sh
+command=/var/www/html/custom_apps/notify_push/bin/%(ENV_CPU_ARCH)s/notify_push /var/www/html/config/config.php --port 7867 --redis-url redis://:%(ENV_REDIS_HOST_PASSWORD)s@%(ENV_REDIS_HOST)s
+user=www-data
+
+[program:activate-collabora]
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+command=/activate-collabora.sh
 user=www-data
--- a/Containers/notify-push/Dockerfile
+++ b/Containers/notify-push/Dockerfile
@@ -1,21 +0,0 @@
-FROM alpine:3.18.2
-
-COPY --chmod=775 start.sh /start.sh
-
-RUN set -ex; \
-    apk add --no-cache \
-        ca-certificates \
-        netcat-openbsd \
-        tzdata \
-        bash \
-        openssl; \
-# Give root a random password
-    echo "root:$(openssl rand -base64 12)" | chpasswd; \
-    apk del --no-cache \
-        openssl;
-
-USER 33
-ENTRYPOINT ["/start.sh"]
-
-HEALTHCHECK CMD nc -z localhost 7867 || exit 1
-LABEL com.centurylinklabs.watchtower.enable="false"
--- a/Containers/notify-push/start.sh
+++ b/Containers/notify-push/start.sh
@@ -1,40 +0,0 @@
-#!/bin/bash
-
-if [ -z "$NEXTCLOUD_HOST" ]; then
-    echo "NEXTCLOUD_HOST need to be provided. Exiting!"
-    exit 1
-elif [ -z "$POSTGRES_HOST" ]; then
-    echo "POSTGRES_HOST need to be provided. Exiting!"
-    exit 1
-elif [ -z "$REDIS_HOST" ]; then
-    echo "REDIS_HOST need to be provided. Exiting!"
-    exit 1
-fi
-
-# Only start container if nextcloud is accessible
-while ! nc -z "$NEXTCLOUD_HOST" 9000; do
-    echo "Waiting for Nextcloud to start..."
-    sleep 5
-done
-
-# Correctly set CPU_ARCH for notify_push
-CPU_ARCH="$(uname -m)"
-export CPU_ARCH
-if [ -z "$CPU_ARCH" ]; then
-    echo "Could not get processor architecture. Exiting."
-    exit 1
-elif [ "$CPU_ARCH" != "x86_64" ]; then
-    export CPU_ARCH="aarch64"
-fi
-
-# Set sensitive values as env
-export DATABASE_URL="postgres://$POSTGRES_USER:$POSTGRES_PASSWORD@$POSTGRES_HOST/$POSTGRES_DB"
-export REDIS_URL="redis://:$REDIS_HOST_PASSWORD@$REDIS_HOST"
-
-# Run it
-/nextcloud/custom_apps/notify_push/bin/"$CPU_ARCH"/notify_push \
-    --database-prefix="oc_" \
-    --nextcloud-url "https://$NC_DOMAIN" \
-    --port 7867
-
-exec "$@"
--- a/Containers/onlyoffice/Dockerfile
+++ b/Containers/onlyoffice/Dockerfile
@@ -1,7 +1,5 @@
 # From https://github.com/ONLYOFFICE/Docker-DocumentServer/blob/master/Dockerfile
-FROM onlyoffice/documentserver:7.4.0.1
-
-# USER root is probably used
+FROM onlyoffice/documentserver:7.3.3.49

 HEALTHCHECK CMD nc -z localhost 80 || exit 1
-LABEL com.centurylinklabs.watchtower.enable="false"
+LABEL com.centurylinklabs.watchtower.monitor-only="true"
--- a/Containers/postgresql/Dockerfile
+++ b/Containers/postgresql/Dockerfile
@@ -1,41 +1,39 @@
 # From https://github.com/docker-library/postgres/blob/master/15/alpine/Dockerfile
-FROM postgres:15.3-alpine
+FROM postgres:15.2-alpine

-COPY --chmod=775 start.sh /start.sh
-COPY --chmod=775 healthcheck.sh /healthcheck.sh
-COPY --chmod=775 init-user-db.sh /docker-entrypoint-initdb.d/init-user-db.sh
+RUN apk add --no-cache bash openssl shadow grep mawk

-RUN set -ex; \
-    apk add --no-cache \
-        bash \
-        openssl \
-        shadow \
-        grep; \
-    \
 # We need to use the same gid and uid as on old installations
+RUN set -ex; \
    deluser postgres; \
    groupmod -g 9999 ping; \
    addgroup -g 999 -S postgres; \
-    adduser -u 999 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres; \
-    apk del --no-cache shadow; \
-    \
+    adduser -u 999 -S -D -G postgres -H -h /var/lib/postgresql -s /bin/sh postgres
+
 # Fix default permissions
+RUN set -ex; \
    chown -R postgres:postgres /var/lib/postgresql; \
    chown -R postgres:postgres /var/run/postgresql; \
-    chmod -R 777 /var/run/postgresql; \
-    chown -R postgres:postgres "$PGDATA"; \
-    \
-    mkdir /mnt/data; \
-    chown postgres:postgres /mnt/data; \
-    \
-# Give root a random password
-    echo "root:$(openssl rand -base64 12)" | chpasswd; \
-    apk --no-cache del openssl;
+    chown -R postgres:postgres "$PGDATA"
+
+COPY start.sh /usr/bin/
+COPY healthcheck.sh /usr/bin/
+COPY init-user-db.sh /docker-entrypoint-initdb.d/
+RUN set -ex; \
+    chmod +x /usr/bin/start.sh; \
+    chmod +xr /docker-entrypoint-initdb.d/init-user-db.sh; \
+    chmod +x /usr/bin/healthcheck.sh
+
+RUN mkdir /mnt/data; \
+    chown postgres:postgres /mnt/data;

 VOLUME /mnt/data

-USER postgres
-ENTRYPOINT ["/start.sh"]
+# Give root a random password
+RUN echo "root:$(openssl rand -base64 12)" | chpasswd

-HEALTHCHECK CMD /healthcheck.sh
-LABEL com.centurylinklabs.watchtower.enable="false"
+USER postgres
+ENTRYPOINT ["start.sh"]
+
+HEALTHCHECK CMD healthcheck.sh
+LABEL com.centurylinklabs.watchtower.monitor-only="true"
--- a/Containers/postgresql/start.sh
+++ b/Containers/postgresql/start.sh
@@ -146,19 +146,11 @@ if ! [ -f "$DATADIR/PG_VERSION" ] && ! [ -f "$DUMP_FILE" ]; then
    rm -rf "${DATADIR:?}/"*
 fi

-# Modify postgresql.conf
-if [ -f "/var/lib/postgresql/data/postgresql.conf" ]; then
-    echo "Setting max connections..."
-    MEMORY=$(awk '/MemTotal/ {printf "%d", $2/1024}' /proc/meminfo)
-    MAX_CONNECTIONS=$((MEMORY/50+3))
-    if [ -n "$MAX_CONNECTIONS" ]; then
-        sed -i "s|^max_connections =.*|max_connections = $MAX_CONNECTIONS|" "/var/lib/postgresql/data/postgresql.conf"
-    fi
-
-    # Modify conf
-    if grep -q "#log_checkpoints" /var/lib/postgresql/data/postgresql.conf; then
-        sed -i 's|#log_checkpoints.*|log_checkpoints = off|' /var/lib/postgresql/data/postgresql.conf
-    fi
+echo "Setting max connections..."
+MEMORY=$(mawk '/MemTotal/ {printf "%d", $2/1024}' /proc/meminfo)
+MAX_CONNECTIONS=$((MEMORY/50+3))
+if [ -n "$MAX_CONNECTIONS" ]; then
+    sed -i "s|^max_connections =.*|max_connections = $MAX_CONNECTIONS|" "/var/lib/postgresql/data/postgresql.conf"
 fi

 # Catch docker stop attempts
--- a/Containers/redis/Dockerfile
+++ b/Containers/redis/Dockerfile
@@ -1,16 +1,16 @@
 # From https://github.com/docker-library/redis/blob/master/7.0/alpine/Dockerfile
-FROM redis:7.0.12-alpine
+FROM redis:7.0.10-alpine

-COPY --chmod=775 start.sh /start.sh
+RUN apk add --no-cache openssl bash
+
+COPY start.sh /usr/bin/
+RUN chmod +x /usr/bin/start.sh

-RUN set -ex; \
-    apk add --no-cache openssl bash; \
-    \
 # Give root a random password
-    echo "root:$(openssl rand -base64 12)" | chpasswd
+RUN echo "root:$(openssl rand -base64 12)" | chpasswd

 USER redis
-ENTRYPOINT ["/start.sh"]
+ENTRYPOINT ["start.sh"]

 HEALTHCHECK CMD redis-cli -a $REDIS_HOST_PASSWORD PING || exit 1
-LABEL com.centurylinklabs.watchtower.enable="false"
+LABEL com.centurylinklabs.watchtower.monitor-only="true"
--- a/Containers/redis/start.sh
+++ b/Containers/redis/start.sh
@@ -8,9 +8,9 @@ fi

 # Run redis with a password if provided
 if [ -n "$REDIS_HOST_PASSWORD" ]; then
-    exec redis-server --requirepass "$REDIS_HOST_PASSWORD" --loglevel warning
+    exec redis-server --requirepass "$REDIS_HOST_PASSWORD"
 else
-    exec redis-server --loglevel warning
+    exec redis-server
 fi

 exec "$@"
--- a/Containers/talk-recording/Dockerfile
+++ b/Containers/talk-recording/Dockerfile
@@ -1,49 +0,0 @@
-FROM python:3.11.4-alpine3.18
-
-COPY --chmod=775 start.sh /start.sh
-
-ENV RECORDING_VERSION v17.0.1
-
-RUN set -ex; \
-    apk add --no-cache \
-        ca-certificates \
-        tzdata \
-        bash \
-        xvfb \
-        ffmpeg \
-        firefox \
-        bind-tools \
-        netcat-openbsd \
-        git \
-        wget \
-        shadow \
-        pulseaudio \
-        openssl; \
-    # chromium chromium-chromedriver?
-    apk add --no-cache geckodriver --repository http://dl-cdn.alpinelinux.org/alpine/edge/testing; \
-    useradd -d /tmp --system recording; \
-# Give root a random password
-    echo "root:$(openssl rand -base64 12)" | chpasswd; \
-    git clone --recursive https://github.com/nextcloud/spreed --depth=1 --single-branch --branch "$RECORDING_VERSION" /src; \
-    mv -v /src/recording/pyproject.toml /src/recording/src/pyproject.toml; \
-    python3 -m pip install /src/recording/src; \
-    rm -rf /src; \
-    touch /etc/recording.conf; \
-    chown recording:recording -R \
-        /tmp /etc/recording.conf; \
-    mkdir -p /conf; \
-    chmod 777 /conf; \
-    chmod 777 /tmp; \
-    apk del --no-cache \
-        git \
-        wget \
-        shadow \
-        openssl;
-
-WORKDIR /tmp
-USER recording
-ENTRYPOINT ["/start.sh"]
-CMD ["python", "-m", "nextcloud.talk.recording", "--config", "/conf/recording.conf"]
-
-HEALTHCHECK CMD nc -z localhost 1234 || exit 1
-LABEL com.centurylinklabs.watchtower.enable="false"
--- a/Containers/talk-recording/recording.conf
+++ b/Containers/talk-recording/recording.conf
@@ -1,111 +0,0 @@
-[logs]
-# Log level based on numeric values of Python logging levels:
-# - Critical: 50
-# - Error:    40
-# - Warning:  30
-# - Info:     20
-# - Debug:    10
-# - Not set:   0
-#level = 20
-
-[http]
-# IP and port to listen on for HTTP requests.
-#listen = 127.0.0.1:8000
-
-[backend]
-# Allow any hostname as backend endpoint. This is extremely insecure and should
-# only be used during development.
-#allowall = false
-
-# Common shared secret for requests from and to the backend servers if
-# "allowall" is enabled. This must be the same value as configured in the
-# Nextcloud admin ui.
-#secret = the-shared-secret
-
-# Comma-separated list of backend ids allowed to connect.
-#backends = backend-id, another-backend
-
-# If set to "true", certificate validation of backend endpoints will be skipped.
-# This should only be enabled during development, e.g. to work with self-signed
-# certificates.
-# Overridable by backend.
-#skipverify = false
-
-# Maximum allowed size in bytes for messages sent by the backend.
-# Overridable by backend.
-#maxmessagesize = 1024
-
-# Width for recorded videos.
-# Overridable by backend.
-#videowidth = 1920
-
-# Height for recorded videos.
-# Overridable by backend.
-#videoheight = 1080
-
-# Temporary directory used to store recordings until uploaded. It must be
-# writable by the user running the recording server.
-# Overridable by backend.
-#directory = /tmp
-
-# Backend configurations as defined in the "[backend]" section above. The
-# section names must match the ids used in "backends" above.
-#[backend-id]
-# URL of the Nextcloud instance
-#url = https://cloud.domain.invalid
-
-# Shared secret for requests from and to the backend servers. This must be the
-# same value as configured in the Nextcloud admin ui.
-#secret = the-shared-secret
-
-#[another-backend]
-# URL of the Nextcloud instance
-#url = https://cloud.otherdomain.invalid
-
-# Shared secret for requests from and to the backend servers. This must be the
-# same value as configured in the Nextcloud admin ui.
-#secret = the-shared-secret
-
-[signaling]
-# Common shared secret for authenticating as an internal client of signaling
-# servers if a specific secret is not set for a signaling server. This must be
-# the same value as configured in the signaling server configuration file.
-#internalsecret = the-shared-secret-for-internal-clients
-
-# Comma-separated list of signaling servers with specific internal secrets.
-#signalings = signaling-id, another-signaling
-
-# Signaling server configurations as defined in the "[signaling]" section above.
-# The section names must match the ids used in "signalings" above.
-#[signaling-id]
-# URL of the signaling server
-#url = https://signaling.domain.invalid
-
-# Shared secret for authenticating as an internal client of signaling servers.
-# This must be the same value as configured in the signaling server
-# configuration file.
-#internalsecret = the-shared-secret-for-internal-clients
-
-#[another-signaling]
-# URL of the signaling server
-#url = https://signaling.otherdomain.invalid
-
-# Shared secret for authenticating as an internal client of signaling servers.
-# This must be the same value as configured in the signaling server
-# configuration file.
-#internalsecret = the-shared-secret-for-internal-clients
-
-[ffmpeg]
-# The options given to FFmpeg to encode the audio output. The options given here
-# fully override the default options for the audio output.
-#outputaudio = -c:a libopus
-
-# The options given to FFmpeg to encode the video output. The options given here
-# fully override the default options for the video output.
-#outputvideo = -c:v libvpx -deadline:v realtime -crf 10 -b:v 1M
-
-# The extension of the file for audio only recordings.
-#extensionaudio = .ogg
-
-# The extension of the file for audio and video recordings.
-#extensionvideo = .webm
--- a/Containers/talk-recording/start.sh
+++ b/Containers/talk-recording/start.sh
@@ -1,53 +0,0 @@
-#!/bin/bash
-
-# Variables
-if [ -z "$NC_DOMAIN" ]; then
-    echo "You need to provide the NC_DOMAIN."
-    exit 1
-elif [ -z "$RECORDING_SECRET" ]; then
-    echo "You need to provide the RECORDING_SECRET."
-    exit 1
-elif [ -z "$INTERNAL_SECRET" ]; then
-    echo "You need to provide the INTERNAL_SECRET."
-    exit 1
-fi
-
-cat << RECORDING_CONF > "/conf/recording.conf"
-[logs]
-# 30 means Warning
-level = 30
-
-[http]
-listen = 0.0.0.0:1234
-
-[backend]
-allowall = false
-# TODO: remove secret below when https://github.com/nextcloud/spreed/issues/9580 is fixed
-secret = ${RECORDING_SECRET}
-backends = backend-1
-skipverify = false
-maxmessagesize = 1024
-videowidth = 1920
-videoheight = 1080
-directory = /tmp
-
-[backend-1]
-url = https://${NC_DOMAIN}
-secret = ${RECORDING_SECRET}
-skipverify = false
-
-[signaling]
-signalings = signaling-1
-
-[signaling-1]
-url = https://${NC_DOMAIN}/standalone-signaling/
-internalsecret = ${INTERNAL_SECRET}
-
-[ffmpeg]
-# outputaudio = -c:a libopus
-# outputvideo = -c:v libvpx -deadline:v realtime -crf 10 -b:v 1M
-extensionaudio = .ogg
-extensionvideo = .webm
-RECORDING_CONF
-
-exec "$@"
--- a/Containers/talk/Dockerfile
+++ b/Containers/talk/Dockerfile
@@ -1,20 +1,17 @@
-FROM nats:2.9.19-scratch as nats
-FROM strukturag/nextcloud-spreed-signaling:1.1.3 as signaling
-FROM coturn/coturn:4.6.2-alpine3.18
+FROM nats:2.9.15-scratch as nats
+FROM strukturag/nextcloud-spreed-signaling:1.1.2 as signaling
+FROM alpine:3.17.2
 USER root

 COPY --from=nats /nats-server /usr/local/bin/nats-server
 COPY --from=signaling /usr/bin/nextcloud-spreed-signaling /usr/local/bin/nextcloud-spreed-signaling

-COPY --chmod=775 start.sh /start.sh
-COPY --chmod=664 supervisord.conf /supervisord.conf
-
 RUN set -ex; \
    apk add --no-cache \
        ca-certificates \
        tzdata \
        bash \
-        janus-gateway \
+        coturn \
        openssl \
        supervisor \
        bind-tools \
@@ -22,9 +19,9 @@ RUN set -ex; \
        shadow \
        util-linux \
        build-base \
-        wget \
        lua5.3-dev \
        luarocks5.3; \
+    apk add --no-cache janus-gateway --repository http://dl-cdn.alpinelinux.org/alpine/edge/community; \
    useradd --system talk; \
    luarocks-5.3 install luajson; \
    luarocks-5.3 install ansicolors; \
@@ -33,43 +30,42 @@ RUN set -ex; \
        shadow \
        util-linux \
        build-base \
-        wget \
        lua5.3-dev \
-        luarocks5.3; \
-    \
+        luarocks5.3;
+
 # Give root a random password
-    echo "root:$(openssl rand -base64 12)" | chpasswd; \
-    \
+RUN echo "root:$(openssl rand -base64 12)" | chpasswd
+
+COPY --chmod=775 start.sh /usr/bin/start.sh
+COPY --chmod=664 supervisord.conf /supervisord.conf
+
+RUN set -ex; \
    touch \
-        /etc/nats.conf; \
+        /etc/nats.conf \
+        /etc/signaling.conf \
+        /etc/turnserver.conf; \
    echo "listen: 127.0.0.1:4222" | tee /etc/nats.conf; \
    mkdir -p \
        /var/tmp \
-        /conf \
        /var/lib/turn \
        /var/log/supervisord \
-        /var/lib/turn \
        /var/run/supervisord; \
    chown talk:talk -R \
        /usr \
        /etc/janus \
        /etc/nats.conf \
+        /etc/signaling.conf \
+        /etc/turnserver.conf \
        /var/lib/turn \
        /var/log/supervisord \
-        /var/run/supervisord; \
-    chmod 777 -R \
-        /tmp \
-        /conf \
-        /var/run/supervisord \
-        /var/lib/turn \
-        /var/log/supervisord;
+        /var/run/supervisord;

 # Set default talk port https://github.com/nextcloud/all-in-one/issues/1011
 ENV TALK_PORT=3478

 USER talk
-ENTRYPOINT ["/start.sh"]
-CMD ["supervisord", "-c", "/supervisord.conf"]
+ENTRYPOINT ["start.sh"]
+CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]

-HEALTHCHECK CMD (nc -z localhost 8081 && nc -z localhost 8188 && nc -z localhost 4222 && nc -z localhost "$TALK_PORT" && nc -z "$NC_DOMAIN" "$TALK_PORT") || exit 1
-LABEL com.centurylinklabs.watchtower.enable="false"
+HEALTHCHECK CMD (nc -z localhost 8081 && nc -z localhost 8188 && nc -z localhost 4222 && nc -z localhost $TALK_PORT) || exit 1
+LABEL com.centurylinklabs.watchtower.monitor-only="true"
--- a/Containers/talk/server.conf.in
+++ b/Containers/talk/server.conf.in
@@ -1,314 +0,0 @@
-[http]
-# IP and port to listen on for HTTP requests.
-# Comment line to disable the listener.
-#listen = 127.0.0.1:8080
-
-# HTTP socket read timeout in seconds.
-#readtimeout = 15
-
-# HTTP socket write timeout in seconds.
-#writetimeout = 15
-
-[https]
-# IP and port to listen on for HTTPS requests.
-# Comment line to disable the listener.
-#listen = 127.0.0.1:8443
-
-# HTTPS socket read timeout in seconds.
-#readtimeout = 15
-
-# HTTPS socket write timeout in seconds.
-#writetimeout = 15
-
-# Certificate / private key to use for the HTTPS server.
-certificate = /etc/nginx/ssl/server.crt
-key = /etc/nginx/ssl/server.key
-
-[app]
-# Set to "true" to install pprof debug handlers.
-# See "https://golang.org/pkg/net/http/pprof/" for further information.
-debug = false
-
-# Set to "true" to allow subscribing any streams. This is insecure and should
-# only be enabled for testing. By default only streams of users in the same
-# room and call can be subscribed.
-#allowsubscribeany = false
-
-[sessions]
-# Secret value used to generate checksums of sessions. This should be a random
-# string of 32 or 64 bytes.
-hashkey = the-secret-for-session-checksums
-
-# Optional key for encrypting data in the sessions. Must be either 16, 24 or
-# 32 bytes.
-# If no key is specified, data will not be encrypted (not recommended).
-blockkey = -encryption-key-
-
-[clients]
-# Shared secret for connections from internal clients. This must be the same
-# value as configured in the respective internal services.
-internalsecret = the-shared-secret-for-internal-clients
-
-[backend]
-# Type of backend configuration.
-# Defaults to "static".
-#
-# Possible values:
-# - static: A comma-separated list of backends is given in the "backends" option.
-# - etcd: Backends are retrieved from an etcd cluster.
-#backendtype = static
-
-# For backend type "static":
-# Comma-separated list of backend ids from which clients are allowed to connect
-# from. Each backend will have isolated rooms, i.e. clients connecting to room
-# "abc12345" on backend 1 will be in a different room than clients connected to
-# a room with the same name on backend 2. Also sessions connected from different
-# backends will not be able to communicate with each other.
-#backends = backend-id, another-backend
-
-# For backend type "etcd":
-# Key prefix of backend entries. All keys below will be watched and assumed to
-# contain a JSON document with the following entries:
-# - "url": Url of the Nextcloud instance.
-# - "secret": Shared secret for requests from and to the backend servers.
-#
-# Additional optional entries:
-# - "maxstreambitrate": Maximum bitrate per publishing stream (in bits per second).
-# - "maxscreenbitrate": Maximum bitrate per screensharing stream (in bits per second).
-# - "sessionlimit": Number of sessions that are allowed to connect.
-#
-# Example:
-# "/signaling/backend/one" -> {"url": "https://nextcloud.domain1.invalid", ...}
-# "/signaling/backend/two" -> {"url": "https://domain2.invalid/nextcloud", ...}
-#backendprefix = /signaling/backend
-
-# Allow any hostname as backend endpoint. This is extremely insecure and should
-# only be used while running the benchmark client against the server.
-allowall = false
-
-# Common shared secret for requests from and to the backend servers if
-# "allowall" is enabled. This must be the same value as configured in the
-# Nextcloud admin ui.
-#secret = the-shared-secret-for-allowall
-
-# Timeout in seconds for requests to the backend.
-timeout = 10
-
-# Maximum number of concurrent backend connections per host.
-connectionsperhost = 8
-
-# If set to "true", certificate validation of backend endpoints will be skipped.
-# This should only be enabled during development, e.g. to work with self-signed
-# certificates.
-#skipverify = false
-
-# For backendtype "static":
-# Backend configurations as defined in the "[backend]" section above. The
-# section names must match the ids used in "backends" above.
-#[backend-id]
-# URL of the Nextcloud instance
-#url = https://cloud.domain.invalid
-
-# Shared secret for requests from and to the backend servers. This must be the
-# same value as configured in the Nextcloud admin ui.
-#secret = the-shared-secret
-
-# Limit the number of sessions that are allowed to connect to this backend.
-# Omit or set to 0 to not limit the number of sessions.
-#sessionlimit = 10
-
-# The maximum bitrate per publishing stream (in bits per second).
-# Defaults to the maximum bitrate configured for the proxy / MCU.
-#maxstreambitrate = 1048576
-
-# The maximum bitrate per screensharing stream (in bits per second).
-# Defaults to the maximum bitrate configured for the proxy / MCU.
-#maxscreenbitrate = 2097152
-
-#[another-backend]
-# URL of the Nextcloud instance
-#url = https://cloud.otherdomain.invalid
-
-# Shared secret for requests from and to the backend servers. This must be the
-# same value as configured in the Nextcloud admin ui.
-#secret = the-shared-secret
-
-[nats]
-# Url of NATS backend to use. This can also be a list of URLs to connect to
-# multiple backends. For local development, this can be set to "nats://loopback"
-# to process NATS messages internally instead of sending them through an
-# external NATS backend.
-#url = nats://localhost:4222
-
-[mcu]
-# The type of the MCU to use. Currently only "janus" and "proxy" are supported.
-# Leave empty to disable MCU functionality.
-#type =
-
-# For type "janus": the URL to the websocket endpoint of the MCU server.
-# For type "proxy": a space-separated list of proxy URLs to connect to.
-#url =
-
-# The maximum bitrate per publishing stream (in bits per second).
-# Defaults to 1 mbit/sec.
-# For type "proxy": will be capped to the maximum bitrate configured at the
-# proxy server that is used.
-#maxstreambitrate = 1048576
-
-# The maximum bitrate per screensharing stream (in bits per second).
-# Default is 2 mbit/sec.
-# For type "proxy": will be capped to the maximum bitrate configured at the
-# proxy server that is used.
-#maxscreenbitrate = 2097152
-
-# For type "proxy": timeout in seconds for requests to the proxy server.
-#proxytimeout = 2
-
-# For type "proxy": type of URL configuration for proxy servers.
-# Defaults to "static".
-#
-# Possible values:
-# - static: A space-separated list of proxy URLs is given in the "url" option.
-# - etcd: Proxy URLs are retrieved from an etcd cluster (see below).
-#urltype = static
-
-# If set to "true", certificate validation of proxy servers will be skipped.
-# This should only be enabled during development, e.g. to work with self-signed
-# certificates.
-#skipverify = false
-
-# For type "proxy": the id of the token to use when connecting to proxy servers.
-#token_id = server1
-
-# For type "proxy": the private key for the configured token id to use when
-# connecting to proxy servers.
-#token_key = privkey.pem
-
-# For url type "static": Enable DNS discovery on hostname of configured URL.
-# If the hostname resolves to multiple IP addresses, a connection is established
-# to each of them.
-# Changes to the DNS are monitored regularly and proxy connections are created
-# or deleted as necessary.
-#dnsdiscovery = true
-
-# For url type "etcd": Key prefix of MCU proxy entries. All keys below will be
-# watched and assumed to contain a JSON document. The entry "address" from this
-# document will be used as proxy URL, other contents in the document will be
-# ignored.
-#
-# Example:
-# "/signaling/proxy/server/one" -> {"address": "https://proxy1.domain.invalid"}
-# "/signaling/proxy/server/two" -> {"address": "https://proxy2.domain.invalid"}
-#keyprefix = /signaling/proxy/server
-
-[turn]
-# API key that the MCU will need to send when requesting TURN credentials.
-#apikey = the-api-key-for-the-rest-service
-
-# The shared secret to use for generating TURN credentials. This must be the
-# same as on the TURN server.
-#secret = 6d1c17a7-c736-4e22-b02c-e2955b7ecc64
-
-# A comma-separated list of TURN servers to use. Leave empty to disable the
-# TURN REST API.
-#servers = turn:1.2.3.4:9991?transport=udp,turn:1.2.3.4:9991?transport=tcp
-
-[geoip]
-# License key to use when downloading the MaxMind GeoIP database. You can
-# register an account at "https://www.maxmind.com/en/geolite2/signup" for
-# free. See "https://dev.maxmind.com/geoip/geoip2/geolite2/" for further
-# information.
-# Leave empty to disable GeoIP lookups.
-#license =
-
-# Optional URL to download a MaxMind GeoIP database from. Will be generated if
-# "license" is provided above. Can be a "file://" url if a local file should
-# be used. Please note that the database must provide a country field when
-# looking up IP addresses.
-#url =
-
-[geoip-overrides]
-# Optional overrides for GeoIP lookups. The key is an IP address / range, the
-# value the associated country code.
-#127.0.0.1 = DE
-#192.168.0.0/24 = DE
-
-[continent-overrides]
-# Optional overrides for continent mappings. The key is a continent code, the
-# value a comma-separated list of continent codes to map the continent to.
-# Use European servers for clients in Africa.
-#AF = EU
-# Use servers in North Africa for clients in South America.
-#SA = NA
-
-[stats]
-# Comma-separated list of IP addresses that are allowed to access the stats
-# endpoint. Leave empty (or commented) to only allow access from "127.0.0.1".
-#allowed_ips =
-
-[etcd]
-# Comma-separated list of static etcd endpoints to connect to.
-#endpoints = 127.0.0.1:2379,127.0.0.1:22379,127.0.0.1:32379
-
-# Options to perform endpoint discovery through DNS SRV.
-# Only used if no endpoints are configured manually.
-#discoverysrv = example.com
-#discoveryservice = foo
-
-# Path to private key, client certificate and CA certificate if TLS
-# authentication should be used.
-#clientkey = /path/to/etcd-client.key
-#clientcert = /path/to/etcd-client.crt
-#cacert = /path/to/etcd-ca.crt
-
-[grpc]
-# IP and port to listen on for GRPC requests.
-# Comment line to disable the listener.
-#listen = 0.0.0.0:9090
-
-# Certificate / private key to use for the GRPC server.
-# Omit to use unencrypted connections.
-#servercertificate = /path/to/grpc-server.crt
-#serverkey = /path/to/grpc-server.key
-
-# CA certificate that is allowed to issue certificates of GRPC servers.
-# Omit to expect unencrypted connections.
-#serverca = /path/to/grpc-ca.crt
-
-# Certificate / private key to use for the GRPC client.
-# Omit if clients don't need to authenticate on the server.
-#clientcertificate = /path/to/grpc-client.crt
-#clientkey = /path/to/grpc-client.key
-
-# CA certificate that is allowed to issue certificates of GRPC clients.
-# Omit to allow any clients to connect.
-#clientca = /path/to/grpc-ca.crt
-
-# Type of GRPC target configuration.
-# Defaults to "static".
-#
-# Possible values:
-# - static: A comma-separated list of targets is given in the "targets" option.
-# - etcd: Target URLs are retrieved from an etcd cluster.
-#targettype = static
-
-# For target type "static": Comma-separated list of GRPC targets to connect to
-# for clustering mode.
-#targets = 192.168.0.1:9090, 192.168.0.2:9090
-
-# For target type "static": Enable DNS discovery on hostnames of GRPC target.
-# If a hostname resolves to multiple IP addresses, a connection is established
-# to each of them.
-# Changes to the DNS are monitored regularly and GRPC clients are created or
-# deleted as necessary.
-#dnsdiscovery = true
-
-# For target type "etcd": Key prefix of GRPC target entries. All keys below will
-# be watched and assumed to contain a JSON document. The entry "address" from
-# this document will be used as target URL, other contents in the document will
-# be ignored.
-#
-# Example:
-# "/signaling/cluster/grpc/one" -> {"address": "192.168.0.1:9090"}
-# "/signaling/cluster/grpc/two" -> {"address": "192.168.0.2:9090"}
-#targetprefix = /signaling/cluster/grpc
--- a/Containers/talk/start.sh
+++ b/Containers/talk/start.sh
@@ -10,9 +10,6 @@ elif [ -z "$TURN_SECRET" ]; then
 elif [ -z "$SIGNALING_SECRET" ]; then
    echo "You need to provide the SIGNALING_SECRET."
    exit 1
-elif [ -z "$INTERNAL_SECRET" ]; then
-    echo "You need to provide the INTERNAL_SECRET."
-    exit 1
 fi

 set -x
@@ -20,9 +17,10 @@ IPv4_ADDRESS_TALK="$(dig nextcloud-aio-talk A +short)"
 set +x

 # Turn
-cat << TURN_CONF > "/conf/turnserver.conf"
+cat << TURN_CONF > "/etc/turnserver.conf"
 listening-port=$TALK_PORT
 fingerprint
+lt-cred-mech
 use-auth-secret
 static-auth-secret=$TURN_SECRET
 realm=$NC_DOMAIN
@@ -54,7 +52,7 @@ denied-peer-ip=240.0.0.0-255.255.255.255
 TURN_CONF

 # Signling
-cat << SIGNALING_CONF > "/conf/signaling.conf"
+cat << SIGNALING_CONF > "/etc/signaling.conf"
 [http]
 listen = 0.0.0.0:8081

@@ -66,7 +64,7 @@ hashkey = $(openssl rand -hex 16)
 blockkey = $(openssl rand -hex 16)

 [clients]
-internalsecret = ${INTERNAL_SECRET}
+internalsecret = $(openssl rand -hex 16)

 [backend]
 backends = backend-1
--- a/Containers/talk/supervisord.conf
+++ b/Containers/talk/supervisord.conf
@@ -13,7 +13,7 @@ stdout_logfile=/dev/stdout
 stdout_logfile_maxbytes=0
 stderr_logfile=/dev/stderr
 stderr_logfile_maxbytes=0
-command=turnserver -c /conf/turnserver.conf
+command=turnserver -c /etc/turnserver.conf

 [program:nats-server]
 stdout_logfile=/dev/stdout
@@ -27,12 +27,11 @@ stdout_logfile=/dev/stdout
 stdout_logfile_maxbytes=0
 stderr_logfile=/dev/stderr
 stderr_logfile_maxbytes=0
-# debug-level 3 means warning
-command=janus --config=/etc/janus/janus.jcfg --disable-colors --log-stdout --full-trickle --debug-level 3
+command=janus --config=/etc/janus/janus.jcfg --disable-colors --log-stdout

 [program:signaling]
 stdout_logfile=/dev/stdout
 stdout_logfile_maxbytes=0
 stderr_logfile=/dev/stderr
 stderr_logfile_maxbytes=0
-command=nextcloud-spreed-signaling -config /conf/signaling.conf
+command=nextcloud-spreed-signaling -config /etc/signaling.conf
--- a/Containers/watchtower/Dockerfile
+++ b/Containers/watchtower/Dockerfile
@@ -1,14 +1,14 @@
 # From https://github.com/containrrr/watchtower/blob/main/dockerfiles/Dockerfile.self-contained
 FROM containrrr/watchtower:1.5.3 as watchtower

-FROM alpine:3.18.2
+FROM alpine:3.17.2

 RUN apk add --no-cache bash
-COPY --from=watchtower /watchtower /watchtower
+COPY --from=watchtower /watchtower /

-COPY --chmod=775 start.sh /start.sh
+COPY start.sh /
+RUN chmod +x /start.sh

 USER root
-
 ENTRYPOINT ["/start.sh"]
-LABEL com.centurylinklabs.watchtower.enable="false"
+LABEL com.centurylinklabs.watchtower.monitor-only="true"
--- a/app/appinfo/info.xml
+++ b/app/appinfo/info.xml
@@ -2,10 +2,10 @@
 <info xmlns:xsi= "http://www.w3.org/2001/XMLSchema-instance"
 	  xsi:noNamespaceSchemaLocation="https://apps.nextcloud.com/schema/apps/info.xsd">
 	<id>nextcloud-aio</id>
-	<name>Nextcloud All-in-One</name>
+	<name>Nextcloud All In One</name>
 	<summary>Provides a login link for admins.</summary>
-	<description>Add a link to the admin settings that gives access to the Nextcloud All-in-One admin interface</description>
-	<version>0.4.0</version>
+	<description>Add a link to the admin settings that gives access to the Nextcloud All In One admin interface</description>
+	<version>0.3.0</version>
 	<licence>agpl</licence>
 	<author>Azul</author>
 	<namespace>AllInOne</namespace>
@@ -13,7 +13,7 @@
 	<category>monitoring</category>
 	<bugs>https://github.com/nextcloud/all-in-one/issues</bugs>
 	<dependencies>
-		<nextcloud min-version="25" max-version="26"/>
+		<nextcloud min-version="24" max-version="25"/>
 	</dependencies>

 	<settings>
--- a/app/templates/admin.php
+++ b/app/templates/admin.php
@@ -10,7 +10,6 @@ declare(strict_types=1);
 */
 	/** @var array $_ */ ?>
 <div id="allinone" class="section">
-	<h2><?php p($l->t('Nextcloud All-in-One'));?></h2>
-	<a href="<?php p($_['AIOLoginUrl']);?>" class="button" target="_blank" rel="noopener">Open Nextcloud AIO Interface ↗</a><br><br>
-	<p><a href="https://github.com/nextcloud/all-in-one#how-to-easily-log-in-to-the-aio-interface">Click here for more infos on this feature (e.g. also on how to change the link in the button)</a></p>
+	<h2><?php p($l->t('Nextcloud All In One'));?></h2>
+	<a href="<?php p($_['AIOLoginUrl']);?>" class="button" target="_blank" rel="noopener">Open Nextcloud AIO Interface ↗</a>
 </div>
--- a/compose.yaml
+++ b/compose.yaml
@@ -1,62 +0,0 @@
-services:
-  nextcloud:
-    image: nextcloud/all-in-one:latest
-    restart: always
-    container_name: nextcloud-aio-mastercontainer # This line is not allowed to be changed as otherwise AIO will not work correctly
-    volumes:
-      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config # This line is not allowed to be changed as otherwise the built-in backup solution will not work
-      - /var/run/docker.sock:/var/run/docker.sock:ro # May be changed on macOS, Windows or docker rootless. See the applicable documentation. If adjusting, don't forget to also set 'WATCHTOWER_DOCKER_SOCKET_PATH'!
-    ports:
-      - 80:80 # Can be removed when running behind a web server or reverse proxy (like Apache, Nginx, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
-      - 8080:8080
-      - 8443:8443 # Can be removed when running behind a web server or reverse proxy (like Apache, Nginx, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
-    # environment: # Is needed when using any of the options below
-      # - AIO_DISABLE_BACKUP_SECTION=false # Setting this to true allows to hide the backup section in the AIO interface. See https://github.com/nextcloud/all-in-one#how-to-disable-the-backup-section
-      # - APACHE_PORT=11000 # Is needed when running behind a web server or reverse proxy (like Apache, Nginx, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
-      # - APACHE_IP_BINDING=127.0.0.1 # Should be set when running behind a web server or reverse proxy (like Apache, Nginx, Cloudflare Tunnel and else) that is running on the same host. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
-      # - BORG_RETENTION_POLICY=--keep-within=7d --keep-weekly=4 --keep-monthly=6 # Allows to adjust borgs retention policy. See https://github.com/nextcloud/all-in-one#how-to-adjust-borgs-retention-policy
-      # - COLLABORA_SECCOMP_DISABLED=false # Setting this to true allows to disable Collabora's Seccomp feature. See https://github.com/nextcloud/all-in-one#how-to-disable-collaboras-seccomp-feature
-      # - NEXTCLOUD_DATADIR=/mnt/ncdata # Allows to set the host directory for Nextcloud's datadir. ⚠️⚠️⚠️ Warning: do not set or adjust this value after the initial Nextcloud installation is done! See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir
-      # - NEXTCLOUD_MOUNT=/mnt/ # Allows the Nextcloud container to access the chosen directory on the host. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host
-      # - NEXTCLOUD_UPLOAD_LIMIT=10G # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-upload-limit-for-nextcloud
-      # - NEXTCLOUD_MAX_TIME=3600 # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-max-execution-time-for-nextcloud
-      # - NEXTCLOUD_MEMORY_LIMIT=512M # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-php-memory-limit-for-nextcloud
-      # - NEXTCLOUD_TRUSTED_CACERTS_DIR=/path/to/my/cacerts # CA certificates in this directory will be trusted by the OS of the nexcloud container (Useful e.g. for LDAPS) See See https://github.com/nextcloud/all-in-one#how-to-trust-user-defined-certification-authorities-ca
-      # - NEXTCLOUD_STARTUP_APPS=deck twofactor_totp tasks calendar contacts notes # Allows to modify the Nextcloud apps that are installed on starting AIO the first time. See https://github.com/nextcloud/all-in-one#how-to-change-the-nextcloud-apps-that-are-installed-on-the-first-startup
-      # - NEXTCLOUD_ADDITIONAL_APKS=imagemagick # This allows to add additional packages to the Nextcloud container permanently. Default is imagemagick but can be overwritten by modifying this value. See https://github.com/nextcloud/all-in-one#how-to-add-os-packages-permanently-to-the-nextcloud-container
-      # - NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS=imagick # This allows to add additional php extensions to the Nextcloud container permanently. Default is imagick but can be overwritten by modifying this value. See https://github.com/nextcloud/all-in-one#how-to-add-php-extensions-permanently-to-the-nextcloud-container
-      # - NEXTCLOUD_ENABLE_DRI_DEVICE=true # This allows to enable the /dev/dri device in the Nextcloud container. ⚠️⚠️⚠️ Warning: this only works if the '/dev/dri' device is present on the host! If it should not exist on your host, don't set this to true as otherwise the Nextcloud container will fail to start! See https://github.com/nextcloud/all-in-one#how-to-enable-hardware-transcoding-for-nextcloud
-      # - TALK_PORT=3478 # This allows to adjust the port that the talk container is using. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-talk-port
-      # - WATCHTOWER_DOCKER_SOCKET_PATH=/var/run/docker.sock # Needs to be specified if the docker socket on the host is not located in the default '/var/run/docker.sock'. Otherwise mastercontainer updates will fail. For macos it needs to be '/var/run/docker.sock'
-    # networks: # Is needed when you want to create the nextcloud-aio network with ipv6-support using this file, see the network config at the bottom of the file
-      # - nextcloud-aio # Is needed when you want to create the nextcloud-aio network with ipv6-support using this file, see the network config at the bottom of the file
-
-  # # Optional: Caddy reverse proxy. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
-  # # You can find further examples here: https://github.com/nextcloud/all-in-one/discussions/588
-  # caddy:
-  #   image: caddy:alpine
-  #   restart: always
-  #   container_name: caddy
-  #   volumes:
-  #     - ./Caddyfile:/etc/caddy/Caddyfile
-  #     - ./certs:/certs
-  #     - ./config:/config
-  #     - ./data:/data
-  #     - ./sites:/srv
-  #   network_mode: "host"
-
-volumes:
-  nextcloud_aio_mastercontainer:
-    name: nextcloud_aio_mastercontainer # This line is not allowed to be changed as otherwise the built-in backup solution will not work
-
-# # Optional: If you need ipv6, follow step 1 and 2 of https://github.com/nextcloud/all-in-one/blob/main/docker-ipv6-support.md first and then uncomment the below config in order to activate ipv6 for the internal nextcloud-aio network.
-# # Please make sure to uncomment also the networking lines of the mastercontainer above in order to actually create the network with docker-compose
-# networks:
-#   nextcloud-aio:
-#     name: nextcloud-aio # This line is not allowed to be changed as otherwise the created network will not be used by the other containers of AIO
-#     driver: bridge
-#     enable_ipv6: true
-#     ipam:
-#       driver: default
-#       config:
-#         - subnet: fd12:3456:789a:2::/64 # IPv6 subnet to use
--- a/develop.md
+++ b/develop.md
@@ -22,8 +22,6 @@ Simply use https://github.com/nextcloud/all-in-one/issues/180 as template.
 Go to https://github.com/nextcloud-releases/all-in-one/actions/workflows/repo-sync.yml and run the workflow that will first sync the repo and then build new container that automatically get published to `develop` and `develop-arm64`.

 ## How to test things correctly?
-Before testing, make sure that at least the amd64 containers are built successfully by checking the last workflow here: https://github.com/nextcloud-releases/all-in-one/actions/workflows/build_images.yml. 
-
 There is a testing-VM available for the maintainer of AIO that allows for some final testing before releasing new version. See [this](https://cloud.nextcloud.com/apps/collectives/Nextcloud%20Handbook/Technical/AIO%20testing%20VM?fileId=6350152) for details.

 ## How to promote builds from develop to beta
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -0,0 +1,49 @@
+version: "3.8"
+
+volumes:
+  nextcloud_aio_mastercontainer:
+    name: nextcloud_aio_mastercontainer # This line is not allowed to be changed
+
+services:
+  nextcloud:
+    image: nextcloud/all-in-one:latest
+    restart: always
+    container_name: nextcloud-aio-mastercontainer # This line is not allowed to be changed
+    volumes:
+      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config # This line is not allowed to be changed
+      - /var/run/docker.sock:/var/run/docker.sock:ro # May be changed on macOS, Windows or docker rootless. See the applicable documentation. If adjusting, don't forget to also set 'DOCKER_SOCKET_PATH'!
+    ports:
+      - 80:80 # Can be removed when running behind a web server or reverse proxy (like Apache, Nginx and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
+      - 8080:8080
+      - 8443:8443 # Can be removed when running behind a web server or reverse proxy (like Apache, Nginx and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
+    # environment: # Is needed when using any of the options below
+      # - APACHE_PORT=11000 # Is needed when running behind a web server or reverse proxy (like Apache, Nginx and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
+      # - APACHE_IP_BINDING=127.0.0.1 # Should be set when running behind a web server or reverse proxy (like Apache, Nginx and else) that is running on the same host. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
+      # - COLLABORA_SECCOMP_DISABLED=false # Setting this to true allows to disable Collabora's Seccomp feature. See https://github.com/nextcloud/all-in-one#how-to-disable-collaboras-seccomp-feature
+      # - DOCKER_SOCKET_PATH=/var/run/docker.sock # Needs to be specified if the docker socket on the host is not located in the default '/var/run/docker.sock'. Otherwise mastercontainer updates will fail. For macos it needs to be '/var/run/docker.sock'
+      # - DISABLE_BACKUP_SECTION=false # Setting this to true allows to hide the backup section in the AIO interface.
+      # - NEXTCLOUD_DATADIR=/mnt/ncdata # Allows to set the host directory for Nextcloud's datadir. See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir
+      # - NEXTCLOUD_MOUNT=/mnt/ # Allows the Nextcloud container to access the chosen directory on the host. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host
+      # - NEXTCLOUD_UPLOAD_LIMIT=10G # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-upload-limit-for-nextcloud
+      # - NEXTCLOUD_MAX_TIME=3600 # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-max-execution-time-for-nextcloud
+      # - NEXTCLOUD_MEMORY_LIMIT=512M # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-php-memory-limit-for-nextcloud
+      # - NEXTCLOUD_TRUSTED_CACERTS_DIR=/path/to/my/cacerts # CA certificates in this directory will be trusted by the OS of the nexcloud container (Useful e.g. for LDAPS) See See https://github.com/nextcloud/all-in-one#how-to-trust-user-defiend-certification-authorities-ca
+      # - NEXTCLOUD_STARTUP_APPS=deck twofactor_totp tasks calendar contacts # Allows to modify the Nextcloud apps that are installed on starting AIO the first time. See https://github.com/nextcloud/all-in-one#how-to-change-the-nextcloud-apps-that-are-installed-on-the-first-startup
+      # - NEXTCLOUD_ADDITIONAL_APKS=imagemagick # This allows to add additional packages to the Nextcloud container permanently. Default is imagemagick but can be overwritten by modifying this value. See https://github.com/nextcloud/all-in-one#how-to-add-os-packages-permanently-to-the-nextcloud-container
+      # - NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS=imagick # This allows to add additional php extensions to the Nextcloud container permanently. Default is imagick but can be overwritten by modifying this value. See https://github.com/nextcloud/all-in-one#how-to-add-php-extensions-permanently-to-the-nextcloud-container
+      # - NEXTCLOUD_ENABLE_DRI_DEVICE=true # This allows to enable the /dev/dri device in the Nextcloud container which is needed for hardware-transcoding. See https://github.com/nextcloud/all-in-one#how-to-enable-hardware-transcoding-for-nextcloud
+      # - TALK_PORT=3478 # This allows to adjust the port that the talk container is using.
+
+  # # Optional: Caddy reverse proxy. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
+  # # You can find further examples here: https://github.com/nextcloud/all-in-one/discussions/588
+  # caddy:
+  #   image: caddy:alpine
+  #   restart: always
+  #   container_name: caddy
+  #   volumes:
+  #     - ./Caddyfile:/etc/caddy/Caddyfile
+  #     - ./certs:/certs
+  #     - ./config:/config
+  #     - ./data:/data
+  #     - ./sites:/srv
+  #   network_mode: "host"
--- a/docker-ipv6-support.md
+++ b/docker-ipv6-support.md
@@ -1,45 +0,0 @@
-# IPv6-Support for Docker
-
-Before enabling IPv6-Support for Docker, please note that there are still some unresolved problems in regards to IPv6-Support in Docker. See https://github.com/nextcloud/all-in-one/discussions/2557 for more details on this.
-
-Now that this was mentioned, see the instructions below on how to enable IPv6 for Docker.
-
-## Docker on Linux and Docker-rootless
-1.  Edit `/etc/docker/daemon.json` (or `~/.config/docker/daemon.json` in case of docker-rootless), set the `ipv6` key to `true` and the `fixed-cidr-v6` key to your IPv6 subnet. In this example we are setting it to `fd12:3456:789a:1::/64`. Additionally set `experimental` to `true` and `ip6tables` to `true` as well. If you are using mailcow and enabled IPv6 with the update.sh, you can keep their daemon.json, it will work too.
-
-    ```json
-    {
-      "ipv6": true,
-      "fixed-cidr-v6": "fd12:3456:789a:1::/64",
-      "experimental": true,
-      "ip6tables": true
-    }
-    ```
-
-    Save the file.
-
-2.  Reload the Docker configuration file.
-
-    ```console
-    sudo systemctl restart docker
-    ```
-3. Make sure that ipv6 is enabled for the internal `nextcloud-aio` network by running `sudo docker network inspect nextcloud-aio | grep EnableIPv6`. On a new instance, this command should return that it did not find a network with this name. Then you can run `sudo docker network create --subnet="fd12:3456:789a:2::/64" --driver bridge --ipv6 nextcloud-aio` in order to create the network with ipv6-support. However if it finds the network and its value `EnableIPv6` is set to false, make sure to follow https://github.com/nextcloud/all-in-one/discussions/2045 in order to recreate the network and enable ipv6 for it.
-
-## Docker Desktop (Windows and macOS)
-On Windows and macOS which use Docker Desktop, you need to go into the settings, and select `Docker Engine`. There you should see the currently used daemon.json file. 
-
-1. You need to now adjust this json file by setting the `ipv6` key to `true` and the `fixed-cidr-v6` key to your IPv6 subnet. In this example we are setting it to `fd12:3456:789a:1::/64`. Additionally set `experimental` to `true` and `ip6tables` to `true` as well.
-
-    ```
-    "ipv6": true,
-    "fixed-cidr-v6": "fd12:3456:789a:1::/64",
-    "experimental": true,
-    "ip6tables": true
-    ```
-
-2. Add these values to the json and make sure to keep the other currently values and that you don't see `Unexpected token in JSON at position ...` before attempting to restart by clicking on `Apply & restart`.
-3. Make sure that ipv6 is enabled for the internal `nextcloud-aio` network by running `docker network inspect nextcloud-aio`. On a new instance, this command should return that it did not find a network with this name. Then you can run `docker network create --subnet="fd12:3456:789a:2::/64" --driver bridge --ipv6 nextcloud-aio` in order to create the network with ipv6-support. However if it finds the network and its value `EnableIPv6` is set to false, make sure to follow https://github.com/nextcloud/all-in-one/discussions/2045 in order to recreate the network and enable ipv6 for it.
-
---
-
-**Note**: This is a copy of the original docker docs at https://docs.docker.com/config/daemon/ipv6/ which apparently are not correct. However experimental is set to true which the ip6tables feature needs. Thus it will not get included into the official docs. However it is needed to make it work in our testing.
--- a/docker-rootless.md
+++ b/docker-rootless.md
@@ -4,12 +4,12 @@ You can run AIO with docker rootless by following the steps below.

 0. If docker is already installed, you should consider disabling it first: (`sudo systemctl disable --now docker.service docker.socket`)
 1. Install docker rootless by following the official documentation: https://docs.docker.com/engine/security/rootless/#install. The easiest way is installing it **Without packages** (`curl -fsSL https://get.docker.com/rootless | sh`). Further limitations, distribution specific hints, etc. are discussed on the same site. Also do not forget to enable the systemd service, which may not be enabled always by default. See https://docs.docker.com/engine/security/rootless/#usage. (`systemctl --user enable docker`)
-1. If you need ipv6 support, you should enable it by following https://github.com/nextcloud/all-in-one/blob/main/docker-ipv6-support.md.
+1. If you need ipv6 support, you should enable it by following https://docs.docker.com/config/daemon/ipv6/. The daemon.json file is most likely stored in `~/.config/docker/daemon.json`.
 1. Do not forget to set the mentioned environmental variables and in best case add them to your `~/.bashrc` file as shown!
 1. Also do not forget to run `loginctl enable-linger USERNAME` (and substitute USERNAME with the correct one) in order to make sure that user services are automatically started after every reboot.
 1. Expose the privileged ports by following https://docs.docker.com/engine/security/rootless/#exposing-privileged-ports. (`sudo setcap cap_net_bind_service=ep $(which rootlesskit); systemctl --user restart docker`)
-1. Use the official AIO startup command but use `--volume $XDG_RUNTIME_DIR/docker.sock:/var/run/docker.sock:ro` instead of `--volume /var/run/docker.sock:/var/run/docker.sock:ro` and also add `--env WATCHTOWER_DOCKER_SOCKET_PATH=$XDG_RUNTIME_DIR/docker.sock` to the initial container startup (which is needed for mastercontainer updates to work correctly).
-1. Now everything should work like without docker rootless. You can consider using docker-compose for this or running it behind a reverse proxy. Basically the only thing that needs to be adjusted always in the startup command or compose.yaml file (after installing docker rootles) are things that are mentioned in point 3.
+1. Use the official AIO startup command but use `--volume $XDG_RUNTIME_DIR/docker.sock:/var/run/docker.sock:ro` instead of `--volume /var/run/docker.sock:/var/run/docker.sock:ro` and also add `-e DOCKER_SOCKET_PATH=$XDG_RUNTIME_DIR/docker.sock` to the initial container startup (which is needed for mastercontainer updates to work correctly).
+1. Now everything should work like without docker rootless. You can consider using docker-compose for this or running it behind a reverse proxy. Basically the only thing that needs to be adjusted always in the startup command or docker-compose file (after installing docker rootles) are things that are mentioned in point 3.

 **Please note:** All files outside the containers get created, written to and accessed as the user that is running the docker daemon or a subuid of it. So for the built-in backup to work you need to allow this user to write to the target directory. E.g. with `sudo chown -R USERNAME:GROUPNAME /mnt/backup`. The same applies when changing Nextcloud's datadir. E.g. `sudo chown -R USERNAME:GROUPNAME /mnt/ncdata`. When you want to use the NEXTCLOUD_MOUNT option for local external storage, you need to adjust the permissions of the chosen folders to be accessible/writeable by the userid `100032:100032` (if running `grep ^$(whoami): /etc/subuid` as the user that is running the docker daemon returns 100000 as first value). 

--- a/helm-chart/Chart.yaml
+++ b/helm-chart/Chart.yaml
@@ -0,0 +1,9 @@
+name: Nextcloud AIO Helm Chart
+description: A generated Helm Chart for Nextcloud AIO from Skippbox Kompose
+version: 4.6.2
+apiVersion: v2
+keywords:
+  - latest
+sources:
+  - https://github.com/nextcloud/all-in-one/tree/main/helm-chart
+home: https://github.com/nextcloud/all-in-one/tree/main/helm-chart
--- a/helm-chart/readme.md
+++ b/helm-chart/readme.md
@@ -0,0 +1,3 @@
+# You can also install the AIO containers on Kubernetes using this Helm Chart
+
+This is currently beta and not ready yet.
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml
@@ -48,15 +48,13 @@ spec:
              value: "{{ .Values.NC_DOMAIN }}"
            - name: NEXTCLOUD_HOST
              value: nextcloud-aio-nextcloud
-            - name: NOTIFY_PUSH_HOST
-              value: nextcloud-aio-notify-push
            - name: ONLYOFFICE_HOST
              value: nextcloud-aio-onlyoffice
            - name: TALK_HOST
              value: nextcloud-aio-talk
            - name: TZ
              value: "{{ .Values.TIMEZONE }}"
-          image: nextcloud/aio-apache:20230626_101439-latest
+          image: nextcloud/aio-apache:20230315_112022-latest
          name: nextcloud-aio-apache
          ports:
            - containerPort: {{ .Values.APACHE_PORT }}
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-persistentvolumeclaim.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-persistentvolumeclaim.yaml
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-service.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-service.yaml
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml
@@ -29,16 +29,7 @@ spec:
            - chmod
            - "777"
            - /nextcloud-aio-clamav
-            - /nextcloud-aio-clamav-tmpfs0
-            - /nextcloud-aio-clamav-tmpfs1
-            - /nextcloud-aio-clamav-tmpfs2
          volumeMounts:
-            - name: nextcloud-aio-clamav-tmpfs2
-              mountPath: /nextcloud-aio-clamav-tmpfs2
-            - name: nextcloud-aio-clamav-tmpfs1
-              mountPath: /nextcloud-aio-clamav-tmpfs1
-            - name: nextcloud-aio-clamav-tmpfs0
-              mountPath: /nextcloud-aio-clamav-tmpfs0
            - name: nextcloud-aio-clamav
              mountPath: /nextcloud-aio-clamav
      containers:
@@ -47,27 +38,15 @@ spec:
              value: "90"
            - name: TZ
              value: "{{ .Values.TIMEZONE }}"
-          image: nextcloud/aio-clamav:20230626_101439-latest
+          image: nextcloud/aio-clamav:20230315_112022-latest
          name: nextcloud-aio-clamav
          ports:
            - containerPort: 3310
          volumeMounts:
            - mountPath: /var/lib/clamav
              name: nextcloud-aio-clamav
-            - mountPath: /var/lock
-              name: nextcloud-aio-clamav-tmpfs0
-            - mountPath: /var/log/clamav
-              name: nextcloud-aio-clamav-tmpfs1
-            - mountPath: /tmp
-              name: nextcloud-aio-clamav-tmpfs2
      volumes:
        - name: nextcloud-aio-clamav
          persistentVolumeClaim:
            claimName: nextcloud-aio-clamav
-        - emptyDir: {}
-          name: nextcloud-aio-clamav-tmpfs0
-        - emptyDir: {}
-          name: nextcloud-aio-clamav-tmpfs1
-        - emptyDir: {}
-          name: nextcloud-aio-clamav-tmpfs2
 {{- end }}
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-persistentvolumeclaim.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-persistentvolumeclaim.yaml
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-service.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-service.yaml
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml
@@ -22,10 +22,18 @@ spec:
        io.kompose.network/nextcloud-aio: "true"
        io.kompose.service: nextcloud-aio-collabora
    spec:
+      initContainers:
+        - name: init-volumes
+          image: alpine
+          command:
+            - chmod
+            - "777"
+            - /nextcloud-aio-collabora-fonts
+          volumeMounts:
+            - name: nextcloud-aio-collabora-fonts
+              mountPath: /nextcloud-aio-collabora-fonts
      containers:
        - env:
-            - name: DONT_GEN_SSL_CERT
-              value: "1"
            - name: TZ
              value: "{{ .Values.TIMEZONE }}"
            - name: aliasgroup1
@@ -36,8 +44,15 @@ spec:
              value: --o:ssl.enable=false --o:ssl.termination=true --o:mount_jail_tree=false --o:logging.level=warning --o:home_mode.enable=true {{ .Values.COLLABORA_SECCOMP_POLICY }} --o:remote_font_config.url=https://{{ .Values.NC_DOMAIN }}/apps/richdocuments/settings/fonts.json
            - name: server_name
              value: "{{ .Values.NC_DOMAIN }}"
-          image: nextcloud/aio-collabora:20230626_101439-latest
+          image: nextcloud/aio-collabora:20230315_112022-latest
          name: nextcloud-aio-collabora
          ports:
            - containerPort: 9980
+          volumeMounts:
+            - mountPath: /opt/cool/systemplate/tmpfonts
+              name: nextcloud-aio-collabora-fonts
+      volumes:
+        - name: nextcloud-aio-collabora-fonts
+          persistentVolumeClaim:
+            claimName: nextcloud-aio-collabora-fonts
 {{- end }}
--- a/helm-chart/templates/nextcloud-aio-collabora-fonts-persistentvolumeclaim.yaml
+++ b/helm-chart/templates/nextcloud-aio-collabora-fonts-persistentvolumeclaim.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  labels:
+    io.kompose.service: nextcloud-aio-collabora-fonts
+  name: nextcloud-aio-collabora-fonts
+spec:
+  {{- if .Values.STORAGE_CLASS }}
+  storageClassName: {{ .Values.STORAGE_CLASS }}
+  {{- end }}
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: {{ .Values.COLLABORA_FONTS_STORAGE_SIZE }}
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-service.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-service.yaml
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml
@@ -22,25 +22,11 @@ spec:
        io.kompose.service: nextcloud-aio-database
    spec:
      initContainers:
-        - name: init-subpath
-          image: alpine
-          command:
-            - mkdir
-            - "-p"
-            - /nextcloud-aio-database/data
-            - /nextcloud-aio-database
-            - /nextcloud-aio-database-dump
-          volumeMounts:
-            - name: nextcloud-aio-database-dump
-              mountPath: /nextcloud-aio-database-dump
-            - name: nextcloud-aio-database
-              mountPath: /nextcloud-aio-database
        - name: init-volumes
          image: alpine
          command:
            - chown
            - 999:999
-            - "-R"
            - /nextcloud-aio-database
            - /nextcloud-aio-database-dump
          volumeMounts:
@@ -60,13 +46,12 @@ spec:
              value: nextcloud
            - name: TZ
              value: "{{ .Values.TIMEZONE }}"
-          image: nextcloud/aio-postgresql:20230626_101439-latest
+          image: nextcloud/aio-postgresql:20230315_112022-latest
          name: nextcloud-aio-database
          ports:
            - containerPort: 5432
          volumeMounts:
            - mountPath: /var/lib/postgresql/data
-              subPath: data
              name: nextcloud-aio-database
            - mountPath: /mnt/data
              name: nextcloud-aio-database-dump
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-dump-persistentvolumeclaim.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-dump-persistentvolumeclaim.yaml
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-persistentvolumeclaim.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-persistentvolumeclaim.yaml
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-service.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-service.yaml
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-elasticsearch-persistentvolumeclaim.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-elasticsearch-persistentvolumeclaim.yaml
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml
@@ -42,7 +42,7 @@ spec:
              value: "{{ .Values.TIMEZONE }}"
            - name: discovery.type
              value: single-node
-          image: nextcloud/aio-fulltextsearch:20230626_101439-latest
+          image: nextcloud/aio-fulltextsearch:20230315_112022-latest
          name: nextcloud-aio-fulltextsearch
          ports:
            - containerPort: 9200
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-service.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-service.yaml
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml
@@ -26,7 +26,7 @@ spec:
        - env:
            - name: TZ
              value: "{{ .Values.TIMEZONE }}"
-          image: nextcloud/aio-imaginary:20230626_101439-latest
+          image: nextcloud/aio-imaginary:20230315_112022-latest
          name: nextcloud-aio-imaginary
          ports:
            - containerPort: 9000
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-service.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-service.yaml
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-networkpolicy.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-networkpolicy.yaml
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-data-persistentvolumeclaim.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-data-persistentvolumeclaim.yaml
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml
@@ -44,6 +44,10 @@ spec:
              value: "{{ .Values.NEXTCLOUD_PASSWORD }}"
            - name: ADMIN_USER
              value: admin
+            - name: AIO_TOKEN
+              value: "{{ .Values.AIO_TOKEN }}"
+            - name: AIO_URL
+              value: "{{ .Values.AIO_URL }}"
            - name: CLAMAV_ENABLED
              value: "{{ .Values.CLAMAV_ENABLED }}"
            - name: CLAMAV_HOST
@@ -60,8 +64,6 @@ spec:
              value: "{{ .Values.IMAGINARY_ENABLED }}"
            - name: IMAGINARY_HOST
              value: nextcloud-aio-imaginary
-            - name: INSTALL_LATEST_MAJOR
-              value: "{{ .Values.INSTALL_LATEST_MAJOR }}"
            - name: NC_DOMAIN
              value: "{{ .Values.NC_DOMAIN }}"
            - name: NEXTCLOUD_DATA_DIR
@@ -90,24 +92,20 @@ spec:
              value: "{{ .Values.DATABASE_PASSWORD }}"
            - name: POSTGRES_USER
              value: nextcloud
-            - name: RECORDING_SECRET
-              value: "{{ .Values.RECORDING_SECRET }}"
            - name: REDIS_HOST
              value: nextcloud-aio-redis
            - name: REDIS_HOST_PASSWORD
              value: "{{ .Values.REDIS_PASSWORD }}"
            - name: SIGNALING_SECRET
              value: "{{ .Values.SIGNALING_SECRET }}"
+            - name: SKIP_DATA_DIRECTORY_PERMISSION_CHECK
+              value: "{{ .Values.SKIP_DATA_DIRECTORY_PERMISSION_CHECK }}"
            - name: STARTUP_APPS
              value: "{{ .Values.NEXTCLOUD_STARTUP_APPS }}"
            - name: TALK_ENABLED
              value: "{{ .Values.TALK_ENABLED }}"
            - name: TALK_PORT
              value: "{{ .Values.TALK_PORT }}"
-            - name: TALK_RECORDING_ENABLED
-              value: "{{ .Values.TALK_RECORDING_ENABLED }}"
-            - name: TALK_RECORDING_HOST
-              value: nextcloud-aio-talk-recording
            - name: TRUSTED_CACERTS_DIR
              value: "{{ .Values.NEXTCLOUD_TRUSTED_CACERTS_DIR }}"
            - name: TURN_SECRET
@@ -116,10 +114,11 @@ spec:
              value: "{{ .Values.TIMEZONE }}"
            - name: UPDATE_NEXTCLOUD_APPS
              value: "{{ .Values.UPDATE_NEXTCLOUD_APPS }}"
-          image: nextcloud/aio-nextcloud:20230626_101439-latest
+          image: nextcloud/aio-nextcloud:20230315_112022-latest
          name: nextcloud-aio-nextcloud
          ports:
            - containerPort: 9000
+            - containerPort: 7867
          volumeMounts:
            - mountPath: /var/www/html
              name: nextcloud-aio-nextcloud
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-persistentvolumeclaim.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-persistentvolumeclaim.yaml
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-service.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-service.yaml
@@ -12,5 +12,8 @@ spec:
    - name: "9000"
      port: 9000
      targetPort: 9000
+    - name: "7867"
+      port: 7867
+      targetPort: 7867
  selector:
    io.kompose.service: nextcloud-aio-nextcloud
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-trusted-cacerts-persistentvolumeclaim.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-trusted-cacerts-persistentvolumeclaim.yaml
--- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml
+++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml
@@ -42,7 +42,7 @@ spec:
              value: "{{ .Values.ONLYOFFICE_SECRET }}"
            - name: TZ
              value: "{{ .Values.TIMEZONE }}"
-          image: nextcloud/aio-onlyoffice:20230626_101439-latest
+          image: nextcloud/aio-onlyoffice:20230315_112022-latest
          name: nextcloud-aio-onlyoffice
          ports:
            - containerPort: 80
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
szaimen	6063db801c	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2026-05-16 07:26:45 +00:00
szaimen	22da7408a5	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2026-05-13 14:10:42 +00:00
Simon L.	8423dc785a	Revert "Update index.yaml" This reverts commit `4dd278bab9`.	2026-05-13 16:07:06 +02:00
Simon L.	cbf558f01c	Revert "Update index.yaml" This reverts commit `a28409c858`.	2026-05-13 16:07:00 +02:00
szaimen	a28409c858	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2026-05-13 09:19:47 +00:00
szaimen	4dd278bab9	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2026-05-13 09:18:29 +00:00
szaimen	4c47dddc2e	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2026-04-09 09:59:15 +00:00
szaimen	9d754ec537	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2026-03-06 08:18:33 +00:00
szaimen	0ba0ace5e1	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2026-02-18 12:44:05 +00:00
szaimen	30fffcba07	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2026-02-11 14:28:44 +00:00
szaimen	ae86b688f6	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2026-01-22 14:27:34 +00:00
szaimen	7460e78e98	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2026-01-14 11:56:43 +00:00
szaimen	ad2d53180b	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-12-18 10:02:56 +00:00
szaimen	b7730b46a6	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-12-10 13:41:10 +00:00
szaimen	4fb6b0d57b	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-11-28 09:00:14 +00:00
szaimen	c7afd4f90e	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-10-31 12:29:07 +00:00
szaimen	b470a6051a	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-10-15 08:44:28 +00:00
szaimen	3a298076ba	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-09-27 08:19:20 +00:00
szaimen	0662e57d9b	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-09-18 09:33:41 +00:00
szaimen	3defa4967f	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-09-05 10:15:50 +00:00
szaimen	4b19f4c0a3	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-08-22 11:38:12 +00:00
szaimen	c2ba3481a6	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-08-11 12:03:26 +00:00
szaimen	6aafc753d4	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-07-17 09:31:27 +00:00
szaimen	206fbf8422	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-07-10 08:55:03 +00:00
szaimen	ac966412cf	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-07-01 11:54:02 +00:00
szaimen	e64121a977	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-06-19 08:34:22 +00:00
szaimen	ff22ab211f	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-06-10 12:35:00 +00:00
szaimen	33a917c163	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-05-26 13:29:23 +00:00
Simon L.	f4dd1cf5d0	Revert "Update index.yaml" This reverts commit `0b5e8110c1`.	2025-05-26 15:28:04 +02:00
szaimen	0b5e8110c1	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-05-26 12:47:42 +00:00
szaimen	2d00da6012	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-05-12 08:47:50 +00:00
szaimen	3692457b00	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-04-24 09:59:17 +00:00
szaimen	0bd1512549	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-04-17 08:58:40 +00:00
szaimen	136f1c884e	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-04-08 08:22:21 +00:00
szaimen	72b6e60400	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-03-31 08:47:04 +00:00
szaimen	be6c5d3714	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-03-25 09:47:09 +00:00
szaimen	cb07f18cc8	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-03-06 09:46:09 +00:00
szaimen	fdaf675dd1	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-02-25 13:01:03 +00:00
szaimen	4e1c8dd95e	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-02-04 11:04:54 +00:00
szaimen	a4915339ad	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-01-22 10:12:10 +00:00
szaimen	52a19f75f7	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-01-14 10:47:51 +00:00
szaimen	8cc9d73d93	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2025-01-06 11:07:45 +00:00
szaimen	ad61683b8d	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-12-16 14:06:57 +00:00
szaimen	8a8b0721ef	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-12-16 12:48:12 +00:00
szaimen	1ee210b481	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-12-16 10:50:19 +00:00
szaimen	1274ebd000	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-12-03 14:16:27 +00:00
szaimen	b1c38e03c9	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-11-26 10:17:01 +00:00
szaimen	fdf4e5dc4a	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-11-06 15:32:42 +00:00
szaimen	0d6cabc3ba	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-10-17 09:57:05 +00:00
szaimen	cc0923c84d	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-09-25 08:27:20 +00:00
szaimen	cb2a69f32f	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-09-14 06:46:11 +00:00
Simon L.	614a9b97be	Revert "Update index.yaml" This reverts commit `e235a9dd46`.	2024-08-19 15:08:12 +02:00
szaimen	e235a9dd46	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-08-19 13:03:18 +00:00
szaimen	b8b0ad99c8	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-08-08 09:10:12 +00:00
szaimen	2e28033838	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-07-25 07:48:24 +00:00
szaimen	cd08be3551	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-07-18 06:49:41 +00:00
szaimen	57e3e5c66f	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-07-01 09:24:12 +00:00
szaimen	9e309e97e8	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-06-17 09:03:01 +00:00
szaimen	2b2d1ce764	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-06-06 08:02:39 +00:00
Simon L.	e6dadecd15	Revert "Update index.yaml" This reverts commit `19a221205d`.	2024-05-21 15:05:09 +02:00
szaimen	19a221205d	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-05-21 12:11:59 +00:00
szaimen	5ecb856959	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-05-02 10:52:50 +00:00
szaimen	c2761f24f5	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-04-24 10:17:55 +00:00
szaimen	1adf679e18	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-04-11 12:10:05 +00:00
szaimen	73563b69b6	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-04-04 09:38:02 +00:00
szaimen	e4034ac013	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-04-04 09:26:34 +00:00
szaimen	060f6aeb1f	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-03-26 13:20:18 +00:00
szaimen	9326394386	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-03-21 08:11:15 +00:00
szaimen	88da974922	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-03-08 09:36:30 +00:00
szaimen	a41ca6c341	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-02-28 19:30:19 +00:00
szaimen	cc5129c6b3	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-02-28 11:31:05 +00:00
szaimen	7cf0b6437c	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-02-23 18:58:07 +00:00
szaimen	a2cc883d9a	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-02-01 14:53:58 +00:00
szaimen	365a4dab8a	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-02-01 12:57:41 +00:00
Simon L	39b9765f52	Revert "Update index.yaml" This reverts commit `63165d1910`.	2024-02-01 13:40:09 +01:00
szaimen	63165d1910	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-02-01 12:37:03 +00:00
szaimen	c722eae2b1	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-01-24 12:26:17 +00:00
szaimen	5761af59f8	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-01-17 09:01:07 +00:00
szaimen	542277a615	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2024-01-09 12:32:52 +00:00
szaimen	dec906e92b	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-12-20 15:40:32 +00:00
szaimen	9021b608b4	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-12-12 12:02:53 +00:00
szaimen	8697e39be0	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-12-07 12:22:35 +00:00
szaimen	873aba9cf7	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-12-07 11:35:38 +00:00
szaimen	5990aaa8d8	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-12-07 08:23:56 +00:00
szaimen	b01a999081	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-30 08:20:39 +00:00
szaimen	bb4c1954a0	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-23 18:37:06 +00:00
szaimen	cf83598dc5	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-23 14:29:04 +00:00
szaimen	b2d35138ea	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-23 11:08:33 +00:00
szaimen	378ddfffa4	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-23 09:57:20 +00:00
szaimen	c73a6d77e7	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-23 08:48:20 +00:00
szaimen	3f56b3b710	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-21 18:10:38 +00:00
szaimen	a6108e394b	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-21 15:41:33 +00:00
szaimen	d03d413060	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-21 10:46:03 +00:00
szaimen	98bcc39683	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-17 10:03:32 +00:00
szaimen	8861c16685	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-16 20:38:57 +00:00
szaimen	47f81a40f9	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-13 13:26:34 +00:00
szaimen	ea6383f4d9	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-13 13:11:06 +00:00
szaimen	47dc35a60c	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-13 13:05:29 +00:00
szaimen	a04d40db8a	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-08 10:30:24 +00:00
szaimen	17ee039b6a	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-06 20:47:57 +00:00
szaimen	8ef2ca3064	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-06 15:09:33 +00:00
szaimen	6264490965	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-06 15:09:08 +00:00
szaimen	6de6549f18	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-06 15:08:12 +00:00
szaimen	2733056d0d	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-06 15:07:48 +00:00
szaimen	da012b4c21	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-11-06 13:28:53 +00:00
szaimen	2d0dfe5ef0	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-10-30 13:08:41 +00:00
szaimen	8e01eb665a	Publishing chart package for helm-chart-7.5.1 Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-10-30 13:08:39 +00:00
szaimen	f8c0737350	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-10-27 11:27:53 +00:00
szaimen	8260b7f745	Publishing chart package for helm-chart-7.5.0 Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-10-27 11:27:52 +00:00
szaimen	41ba7cc1c6	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-10-16 08:27:09 +00:00
szaimen	be4e99f61c	Publishing chart package for helm-chart-7.4.1 Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-10-16 08:27:07 +00:00
szaimen	adbebb4a4c	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-09-16 12:40:49 +00:00
szaimen	f12e5b244e	Publishing chart package for helm-chart-7.2.1 Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-09-16 12:40:48 +00:00
szaimen	fd31fc0a32	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-09-12 08:55:15 +00:00
szaimen	1a6a7acce6	Publishing chart package for helm-chart-7.1.1 Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-09-12 08:55:13 +00:00
szaimen	30778fcc07	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-08-17 07:28:19 +00:00
szaimen	17f71a128c	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-07-28 09:41:57 +00:00
szaimen	e72bfd6c34	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-07-20 14:07:23 +00:00
szaimen	b32a8230cb	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-06-26 10:34:47 +00:00
szaimen	564a0366b2	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-06-13 12:14:24 +00:00
szaimen	efa350e2d0	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-06-13 08:12:10 +00:00
szaimen	0a1aa673a7	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-06-06 07:20:26 +00:00
szaimen	f047678b43	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-05-30 10:38:18 +00:00
szaimen	d17bb88086	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-05-11 09:49:06 +00:00
szaimen	d83a996d0d	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-05-01 12:16:52 +00:00
Simon L	f4f36e8a52	adjust the readme Signed-off-by: Simon L <szaimen@e.mail.de>	2023-04-22 11:51:39 +02:00
szaimen	55ac1c4fa4	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-04-22 09:46:22 +00:00
szaimen	180e0246b8	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-04-14 13:50:10 +00:00
szaimen	c7fa53b02f	Update index.yaml Signed-off-by: szaimen <szaimen@users.noreply.github.com>	2023-03-30 09:28:19 +00:00