Improuve Container States

Signed-off-by: Jean-Yves <7360784+docjyJ@users.noreply.github.com>

.github/workflows/update-copyright.yml

@@ -0,0 +1,11 @@
+name: Update Copyright
+
+on:
+  workflow_dispatch:
+
+jobs:
+  update-copyright:
+    name: update copyright
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4

Containers/clamav/Dockerfile

@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:latest
 # Probably from this file: https://github.com/Cisco-Talos/clamav-docker/blob/main/clamav/1.3/alpine/Dockerfile
-FROM clamav/clamav:1.4.1-7
+FROM clamav/clamav:1.4.1-8
 
 COPY clamav.conf /clamav.conf
 COPY --chmod=775 start.script /start.script

Containers/collabora/Dockerfile

@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:latest
 # From a file located probably somewhere here: https://github.com/CollaboraOnline/online/tree/master/docker
-FROM collabora/code:24.04.8.1.1
+FROM collabora/code:24.04.8.2.1
 
 USER root
 ARG DEBIAN_FRONTEND=noninteractive

Containers/fulltextsearch/Dockerfile

@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:latest
 # Probably from here https://github.com/elastic/elasticsearch/blob/main/distribution/docker/src/docker/Dockerfile
-FROM elasticsearch:8.15.2
+FROM elasticsearch:8.15.3
 
 USER root
 

Containers/nextcloud/Dockerfile

@@ -80,7 +80,7 @@ RUN set -ex; \
 # pecl will claim success even if one install fails, so we need to perform each install separately
     pecl install igbinary-3.2.16; \
     pecl install APCu-5.1.24; \
-    pecl install -D 'enable-memcached-igbinary="yes"' memcached-3.2.0; \
+    pecl install -D 'enable-memcached-igbinary="yes"' memcached-3.3.0; \
     pecl install -D 'enable-redis-igbinary="yes" enable-redis-zstd="yes" enable-redis-lz4="yes"' redis-6.1.0; \
     pecl install imagick-3.7.0; \
     \

Containers/onlyoffice/Dockerfile

@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:latest
 # From https://github.com/ONLYOFFICE/Docker-DocumentServer/blob/master/Dockerfile
-FROM onlyoffice/documentserver:8.1.3.2
+FROM onlyoffice/documentserver:8.2.0.1
 
 # USER root is probably used
 

Containers/talk/Dockerfile

@@ -1,5 +1,5 @@
 # syntax=docker/dockerfile:latest
-FROM nats:2.10.21-scratch AS nats
+FROM nats:2.10.22-scratch AS nats
 FROM eturnal/eturnal:1.12.0 AS eturnal
 FROM strukturag/nextcloud-spreed-signaling:2.0.0 AS signaling
 FROM alpine:3.20.3 AS janus

Containers/whiteboard/Dockerfile

@@ -1,5 +1,5 @@
 # syntax=docker/dockerfile:latest
-FROM ghcr.io/nextcloud-releases/whiteboard:v1.0.3
+FROM ghcr.io/nextcloud-releases/whiteboard:v1.0.4
 
 USER root
 RUN set -ex; \

community-containers/local-ai/readme.md

@@ -19,6 +19,7 @@ This container bundles Local AI and auto-configures it for you.
   name: gpt4all-j
 ```
 -  To make it work, you first need to browse `https://your-nc-domain.com/settings/admin/ai` and enable or disable specific features for your models in the openAI settings. Afterwards using the Nextcloud Assistant should work.
+- See [this guide](https://github.com/nextcloud/all-in-one/discussions/5430) for how to improve AI task pickup speed
 - See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack
 
 ### Repository

local-instance.md

@@ -9,6 +9,8 @@ The recommended way is the following:
 1. Enter the ip-address of your local dns-server in the daemon.json file for docker so that you are sure that all docker containers use the correct local dns-server.
 1. Now, entering the domain in the AIO-interface should work as expected and should allow you to continue with the setup
 
+Here is a video that does shows this a bit more in detail: https://youtu.be/zk-y2wVkY4c
+
 ## 2. Use the ACME DNS-challenge
 You can alternatively use the ACME DNS-challenge to get a valid certificate for Nextcloud. Here is described how to set it up: https://github.com/nextcloud/all-in-one#how-to-get-nextcloud-running-using-the-acme-dns-challenge
 

nextcloud-aio-helm-chart/Chart.yaml

@@ -1,6 +1,6 @@
 name: nextcloud-aio-helm-chart
 description: A generated Helm Chart for Nextcloud AIO from Skippbox Kompose
-version: 9.6.0
+version: 9.7.0
 apiVersion: v2
 keywords:
   - latest

nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml

@@ -64,7 +64,7 @@ spec:
               value: "{{ .Values.TIMEZONE }}"
             - name: WHITEBOARD_HOST
               value: nextcloud-aio-whiteboard
-          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-apache:20240925_080419"
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-apache:20241017_085101"
           name: nextcloud-aio-apache
           ports:
             - containerPort: {{ .Values.APACHE_PORT }}

nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml

@@ -53,7 +53,7 @@ spec:
               value: "{{ .Values.NEXTCLOUD_UPLOAD_LIMIT }}"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-clamav:20240925_080419"
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-clamav:20241017_085101"
           name: nextcloud-aio-clamav
           ports:
             - containerPort: 3310

nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml

@@ -36,7 +36,7 @@ spec:
               value: --o:ssl.enable=false --o:ssl.termination=true --o:mount_jail_tree=false --o:logging.level=warning --o:home_mode.enable=true {{ .Values.COLLABORA_SECCOMP_POLICY }} --o:remote_font_config.url=https://{{ .Values.NC_DOMAIN }}/apps/richdocuments/settings/fonts.json
             - name: server_name
               value: "{{ .Values.NC_DOMAIN }}"
-          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-collabora:20240925_080419"
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-collabora:20241017_085101"
           name: nextcloud-aio-collabora
           ports:
             - containerPort: 9980

nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml

@@ -62,7 +62,7 @@ spec:
               value: nextcloud
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-postgresql:20240925_080419"
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-postgresql:20241017_085101"
           name: nextcloud-aio-database
           ports:
             - containerPort: 5432

nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml

@@ -56,7 +56,7 @@ spec:
               value: basic
             - name: xpack.security.enabled
               value: "false"
-          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-fulltextsearch:20240925_080419"
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-fulltextsearch:20241017_085101"
           name: nextcloud-aio-fulltextsearch
           ports:
             - containerPort: 9200

nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml

@@ -28,7 +28,7 @@ spec:
               value: "{{ .Values.IMAGINARY_SECRET }}"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-imaginary:20240925_080419"
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-imaginary:20241017_085101"
           name: nextcloud-aio-imaginary
           ports:
             - containerPort: 9000

nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml

@@ -173,7 +173,7 @@ spec:
               value: "{{ .Values.WHITEBOARD_ENABLED }}"
             - name: WHITEBOARD_SECRET
               value: "{{ .Values.WHITEBOARD_SECRET }}"
-          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-nextcloud:20240925_080419"
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-nextcloud:20241017_085101"
           name: nextcloud-aio-nextcloud
           ports:
             - containerPort: 9000

nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml

@@ -53,7 +53,7 @@ spec:
               value: nextcloud-aio-redis
             - name: REDIS_HOST_PASSWORD
               value: "{{ .Values.REDIS_PASSWORD }}"
-          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-notify-push:20240925_080419"
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-notify-push:20241017_085101"
           name: nextcloud-aio-notify-push
           ports:
             - containerPort: 7867

nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml

@@ -44,7 +44,7 @@ spec:
               value: "{{ .Values.ONLYOFFICE_SECRET }}"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-onlyoffice:20240925_080419"
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-onlyoffice:20241017_085101"
           name: nextcloud-aio-onlyoffice
           ports:
             - containerPort: 80

nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml

@@ -39,7 +39,7 @@ spec:
               value: "{{ .Values.REDIS_PASSWORD }}"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-redis:20240925_080419"
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-redis:20241017_085101"
           name: nextcloud-aio-redis
           ports:
             - containerPort: 6379

nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml

@@ -42,7 +42,7 @@ spec:
               value: "{{ .Values.TURN_SECRET }}"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-talk:20240925_080419"
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-talk:20241017_085101"
           name: nextcloud-aio-talk
           ports:
             - containerPort: {{ .Values.TALK_PORT }}

nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml

@@ -32,7 +32,7 @@ spec:
               value: "{{ .Values.RECORDING_SECRET }}"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-talk-recording:20240925_080419"
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-talk-recording:20241017_085101"
           name: nextcloud-aio-talk-recording
           ports:
             - containerPort: 1234

nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml

@@ -36,7 +36,7 @@ spec:
               value: redis
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-whiteboard:20240925_080419"
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-whiteboard:20241017_085101"
           name: nextcloud-aio-whiteboard
           ports:
             - containerPort: 3002

php/composer.lock

@@ -134,16 +134,16 @@
         },
         {
             "name": "guzzlehttp/promises",
-            "version": "2.0.3",
+            "version": "2.0.4",
             "source": {
                 "type": "git",
                 "url": "https://github.com/guzzle/promises.git",
-                "reference": "6ea8dd08867a2a42619d65c3deb2c0fcbf81c8f8"
+                "reference": "f9c436286ab2892c7db7be8c8da4ef61ccf7b455"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/guzzle/promises/zipball/6ea8dd08867a2a42619d65c3deb2c0fcbf81c8f8",
-                "reference": "6ea8dd08867a2a42619d65c3deb2c0fcbf81c8f8",
+                "url": "https://api.github.com/repos/guzzle/promises/zipball/f9c436286ab2892c7db7be8c8da4ef61ccf7b455",
+                "reference": "f9c436286ab2892c7db7be8c8da4ef61ccf7b455",
                 "shasum": ""
             },
             "require": {
@@ -197,7 +197,7 @@
             ],
             "support": {
                 "issues": "https://github.com/guzzle/promises/issues",
-                "source": "https://github.com/guzzle/promises/tree/2.0.3"
+                "source": "https://github.com/guzzle/promises/tree/2.0.4"
             },
             "funding": [
                 {
@@ -213,7 +213,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2024-07-18T10:29:17+00:00"
+            "time": "2024-10-17T10:06:22+00:00"
         },
         {
             "name": "guzzlehttp/psr7",
@@ -2700,16 +2700,16 @@
         },
         {
             "name": "phpstan/phpdoc-parser",
-            "version": "1.32.0",
+            "version": "1.33.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/phpstan/phpdoc-parser.git",
-                "reference": "6ca22b154efdd9e3c68c56f5d94670920a1c19a4"
+                "reference": "82a311fd3690fb2bf7b64d5c98f912b3dd746140"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/phpstan/phpdoc-parser/zipball/6ca22b154efdd9e3c68c56f5d94670920a1c19a4",
-                "reference": "6ca22b154efdd9e3c68c56f5d94670920a1c19a4",
+                "url": "https://api.github.com/repos/phpstan/phpdoc-parser/zipball/82a311fd3690fb2bf7b64d5c98f912b3dd746140",
+                "reference": "82a311fd3690fb2bf7b64d5c98f912b3dd746140",
                 "shasum": ""
             },
             "require": {
@@ -2741,9 +2741,9 @@
             "description": "PHPDoc parser with support for nullable, intersection and generic types",
             "support": {
                 "issues": "https://github.com/phpstan/phpdoc-parser/issues",
-                "source": "https://github.com/phpstan/phpdoc-parser/tree/1.32.0"
+                "source": "https://github.com/phpstan/phpdoc-parser/tree/1.33.0"
             },
-            "time": "2024-09-26T07:23:32+00:00"
+            "time": "2024-10-13T11:25:22+00:00"
         },
         {
             "name": "sebastian/diff",

php/public/img/logo.svg

@@ -1 +0,0 @@
-<svg width="256" height="128" version="1.1" viewBox="0 0 256 128" xmlns="http://www.w3.org/2000/svg"><g fill="none" stroke-width="22"><circle cx="40" cy="64" r="26" stroke="#ffffff" fill="none"/><circle cx="216" cy="64" r="26" stroke="#ffffff" fill="none"/><circle cx="128" cy="64" r="46" stroke="#ffffff" fill="none"/></g></svg>

php/public/img/nextcloud-logo.svg

@@ -0,0 +1,4 @@
+<svg id="nextcloud-logo" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 142 100" width="142" height="100">
+  <g id="logo" stroke="currentColor" fill="none" stroke-width="11" transform="scale(1.109)"><circle cx="20" cy="32" r="13"/><circle cx="64" cy="32" r="23"/><circle cx="108" cy="32" r="13"/></g>
+  <g id="Nextcloud" fill="currentColor" transform="translate(-3.4, -3.4) scale(1.17)"><path d="M15.4,67.4c-0.4,0-0.5,0.2-0.5,0.6v14.6c0,0.4,0.2,0.5,0.5,0.5h0.4c0.4,0,0.5-0.2,0.5-0.5V70.4   l7.9,12.3c0,0.1,0.1,0.1,0.1,0.1c0,0,0,0,0,0c0,0,0.1,0,0.1,0.1c0,0,0,0,0.1,0c0,0,0,0,0,0c0.1,0,0.1,0,0.2,0h0.4   c0.4,0,0.5-0.2,0.5-0.5V68c0-0.4-0.2-0.6-0.5-0.6h-0.4c-0.4,0-0.6,0.2-0.6,0.6v12.1l-7.9-12.3c0,0-0.1-0.1-0.1-0.1   c-0.1-0.1-0.2-0.2-0.4-0.2L15.4,67.4z M110.8,67.6c-0.4,0-0.2,0.2-0.2,0.6v5c0,0.5,0,0.9,0,0.9h0c0,0-1-2.2-3.6-2.2   c-2.9,0-5,2.3-4.9,5.7c0,3.4,1.9,5.8,4.8,5.8c2.9,0,3.8-2.3,3.8-2.3h0.1c0,0-0.1,0.3-0.1,0.7v0.9c0,0.4,0.2,0.5,0.6,0.5h0.4   c0.4,0,0.5-0.2,0.5-0.6V68.2c0-0.4-0.6-0.6-0.9-0.6H110.8z M71.8,67.7c-0.4,0-0.1,0.2-0.1,0.6v12.3c0,2.4,1.6,2.7,2.5,2.7   c0.4,0,0.6-0.2,0.6-0.6v-0.4c0-0.4-0.2-0.5-0.5-0.5c-0.5-0.1-1.2-0.2-1.2-1.6v-12c0-0.4-0.6-0.6-0.9-0.6L71.8,67.7z M53.8,69   c-0.4,0-0.6,0.2-0.6,0.6v2.6v1.3v5.7c0,2.6,1.5,4.1,3.9,4.1c0.5,0,0.6-0.1,0.6-0.5v-0.3c0-0.4-0.1-0.5-0.6-0.6   c-0.9-0.1-2.4-0.4-2.4-2.9v-5.5h2.3c0.4,0,0.6-0.1,0.6-0.5v-0.2c0-0.4-0.2-0.6-0.6-0.6h-2.3v-2.6c0-0.4-0.1-0.6-0.5-0.6L53.8,69z    M33.8,71.8c-3,0-5.4,2.2-5.5,5.8c0,3.4,2.5,5.8,5.8,5.8c1.8,0,3.1-0.8,3.7-1.2c0.3-0.2,0.3-0.5,0.2-0.7l-0.2-0.2   c-0.2-0.3-0.4-0.4-0.7-0.2c-0.5,0.4-1.5,1-2.9,1c-2.3,0-4.2-1.6-4.3-4.4h8c0.3,0,0.6-0.3,0.6-0.6C38.4,73.9,36.8,71.8,33.8,71.8z    M65,71.8c-3.3,0-5.8,2.4-5.8,5.8c0,3.4,2.5,5.8,5.8,5.8c2,0,3.4-1,3.9-1.4c0.3-0.3,0.3-0.5,0.1-0.8L68.8,81   c-0.2-0.3-0.4-0.4-0.7-0.2C67.6,81.3,66.6,82,65,82c-2.4,0-4.3-1.8-4.3-4.4c0-2.7,1.9-4.5,4.3-4.5c1.3,0,2.3,0.7,2.8,1   c0.3,0.2,0.6,0.2,0.8-0.1l0.2-0.3c0.3-0.3,0.2-0.6-0.1-0.8C68.1,72.6,66.9,71.8,65,71.8L65,71.8z M81.9,71.8   c-3.2,0-5.8,2.5-5.8,5.7c0,3.3,2.6,5.8,5.8,5.8c3.2,0,5.8-2.5,5.8-5.8C87.8,74.3,85.1,71.8,81.9,71.8z M49.5,72   c-0.1,0-0.2,0.1-0.4,0.2l-2,2.4l-1.5,1.8l-2.3-2.7L42,72.2c-0.1-0.1-0.2-0.2-0.4-0.2c-0.1,0-0.3,0-0.4,0.2l-0.3,0.3   c-0.3,0.2-0.3,0.5,0,0.7l2,2.4l1.7,2l-2.5,2.9c0,0,0,0,0,0L40.9,82c-0.2,0.3-0.2,0.6,0.1,0.8l0.3,0.3c0.3,0.2,0.5,0.2,0.7-0.1   l2-2.4l1.5-1.8l2.3,2.7c0,0,0,0,0,0l1.2,1.5c0.2,0.3,0.5,0.3,0.8,0.1l0.3-0.3c0.3-0.2,0.3-0.5,0-0.7l-2-2.4l-1.7-2l2.5-2.9   c0,0,0,0,0,0l1.2-1.5c0.2-0.3,0.2-0.6-0.1-0.8l-0.3-0.3C49.7,72,49.6,71.9,49.5,72L49.5,72z M90.7,72c-0.4,0-0.5,0.2-0.5,0.6v6.5   c0,2.9,2.1,4.3,4.7,4.3c2.6,0,4.7-1.4,4.7-4.3v-6.5c0.1-0.4-0.1-0.6-0.5-0.6h-0.4c-0.4,0-0.6,0.2-0.6,0.6v6.1   c0,1.7-1.1,3.3-3.3,3.3c-2.1,0-3.3-1.6-3.3-3.3v-6.1c0-0.4-0.2-0.6-0.6-0.6L90.7,72z M33.8,73c1.6,0,3,1.2,3.1,3.5h-6.9   C30.3,74.3,31.9,73,33.8,73z M81.9,73.1c2.4,0,4.3,1.9,4.3,4.4c0,2.6-1.9,4.5-4.3,4.5c-2.4,0-4.3-2-4.3-4.5   C77.6,75.1,79.6,73.1,81.9,73.1z M107.1,73.1c2.4,0,3.5,2.2,3.5,4.4c0,3.2-1.7,4.5-3.6,4.5c-2.1,0-3.5-1.8-3.5-4.5   C103.5,74.8,105.1,73.1,107.1,73.1z"/></g>
+</svg>

php/public/style.css

@@ -1,12 +1,60 @@
+:root {
+    --color-nextcloud-blue: #0082c9;
+    --color-nextcloud-logo: var(--color-nextcloud-blue);
+    --color-main-background: white;
+    --color-input-background: white;
+    --color-main-text: black;
+    --color-main-border: black;
+    --color-main-border-hover: var(--color-main-border);
+    --color-error: #db0606;
+    --color-error-hover: #df2525;
+    --color-error-text: #c20505;
+    --color-success: #46ba61;
+    --color-running: #ffd000;
+    --color-info: #0071ad;
+    --color-info-hover: #00aaef;
+    --color-border-maxcontrast: #7d7d7d;
+    --color-loader: #f3f3f3;
+    --border: .5px;
+    --border-hover: 2px;
+    --border-radius: 7px;
+    --border-radius-large: 12px;
+    --default-font-size: 13px;
+    --checkbox-size: 16px;
+    --max-width: 500px;
+}
+
+[data-theme="dark"] {
+    --color-main-background: #171717;
+    --color-input-background: #ebebeb;
+    --color-main-text: #ebebeb;
+    --color-nextcloud-logo: var(--color-main-text);
+    --color-main-border: var(--color-border-maxcontrast);
+    --color-main-border-hover: var(--color-main-text);
+    --color-error: #ff3333;
+    --color-error-hover: #ff6666;
+    --color-error-text: #ff8080;
+    --color-info: #00aeff;
+    --color-info-hover: #33beff;
+    --color-loader: var(--color-border-maxcontrast);
+    --border-hover: var(--border);
+}
+
 html, body {
     padding: 0;
     margin: 0;
-    font-family: -apple-system, BlinkMacSystemFont, Segoe UI, Roboto, Oxygen-Sans, Cantarell, Ubuntu, Helvetica Neue, Arial, Noto Color Emoji, sans-serif, Apple Color Emoji, Segoe UI Emoji, Segoe UI Symbol;;
+    font-family: system-ui, -apple-system, 'Segoe UI', Roboto, Oxygen-Sans, Cantarell, Ubuntu, 'Helvetica Neue', 'Noto Sans', 'Liberation Sans', Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol', 'Noto Color Emoji';
+    background-color: var(--color-main-background);
+    color: var(--color-main-text);
 }
 
 a {
     text-decoration: none;
-    color: #0082c9;
+    color: var(--color-info);
+}
+
+a:hover {
+    color: var(--color-info-hover);
 }
 
 a.button,
@@ -15,19 +63,24 @@ input[type="submit"] {
     width: auto;
     height: 34px;
     cursor: pointer;
-    background-color: #0082c9;
+    background-color: var(--color-nextcloud-blue);
     font-weight: bold;
-    border-radius: 8px;
+    border-radius: var(--border-radius);
     margin: 3px 3px 3px 0;
-    font-size: 14px;
+    font-size: var(--default-font-size);
     color: white;
-    border: .5px solid black;
+    border: .5px solid var(--color-main-border);
     outline: none;
 }
 
 a.button:focus,
 input[type="submit"]:focus {
-    border: 1px solid black;
+    border: 1px solid var(--color-main-border);
+}
+
+a.button:hover,
+input[type="submit"]:hover {
+    background-color: var(--color-info-hover);
 }
 
 summary {
@@ -41,38 +94,36 @@ ul {
 
 li {
     padding-bottom: 5px;
+    text-indent: 0;
+    padding-left: 0;
 }
 
 span.error {
-    background-color: #e9322d;
+    background-color: var(--color-error);
 }
 
 div.toast.error {
-    border-left-color: #e9322d;
+    border-left-color: var(--color-error);
 }
 
 .status {
     display: inline-block;
-    height: 16px;
-    width: 16px;
-    vertical-align: text-bottom
-}
-
-.status {
+    height: var(--checkbox-size);
+    width: var(--checkbox-size);
+    vertical-align: text-bottom;
     border-radius: 50%
 }
 
-
 span.success {
-    background-color: #46ba61;
+    background-color: var(--color-success);
 }
 
 span.running {
-    background-color: rgb(255, 208, 0);
+    background-color: var(--color-running);
 }
 
 div.toast.success {
-    border-left-color: #46ba61;
+    border-left-color: var(--color-success);
 }
 
 div.toast {
@@ -84,19 +135,36 @@ div.toast {
     margin-top: 45px;
     position: fixed;
     z-index: 1000;
-    border-radius: 3px;
-    background: white none;
+    border-radius: var(--border-radius);
+    background: var(--color-main-background) none;
+    color: var(--color-main-text);
+}
+
+.nextcloud-logo {
+    margin-left: auto;
+    margin-right: auto;
+    display: block;
+    color: var(--color-nextcloud-logo);
+}
+
+.fallback-text {
+   display: none;
+}
+
+svg:not(:has(use)) .fallback-text {
+    display: block;
 }
 
 .login {
     padding: 50px;
-    background-color: white;
+    background-color: var(--color-main-background);
+    color: var(--color-main-text);
     width: 500px;
     position: absolute;
     top: 50%;
     left: 50%;
     transform: translate(-50%, -50%);
-    border-radius: 12px;
+    border-radius: var(--border-radius-large);
 }
 
 .login > .monospace {
@@ -104,33 +172,6 @@ div.toast {
     font-size: 17px;
 }
 
-form {
-    margin: 0;
-}
-
-input[type="text"],
-input[type="password"],
-select {
-    padding-left: 8px;
-    padding-right: 8px;
-    height: 34px;
-    margin-bottom: 15px;
-    border-radius: 8px;
-    border: .5px solid black;
-}
-
-textarea {
-    border-radius: 8px;
-    border: .5px solid black;
-}
-
-input[type="text"]:focus,
-input[type="password"]:focus,
-textarea:focus,
-select:focus {
-    border: 1px solid black;
-}
-
 .login > form > input[type="password"],
 .login > form > input[type="text"],
 .login > form > input[type="submit"] {
@@ -153,34 +194,114 @@ select:focus {
     align-content: center;
 }
 
-.login-wrapper {
+.wrapper {
     min-height: 100dvh;
     min-width: 100vw;
     position: fixed;
     width: 100vw;
-    height: auto;
-    background-image: url("img/Background_Light.jpg");
-
+    background-image: url("img/jenna-kim-the-globe.webp");
     background-position: center;
     background-repeat: no-repeat;
     background-size: cover;
+    box-sizing: border-box;
+    overflow: hidden;
+}
+
+html[data-theme="dark"] .wrapper {
+    background-image: url("img/jenna-kim-the-globe-dark.webp");
+}
+
+form {
+    margin: 0;
+}
+
+input[type="text"],
+input[type="password"],
+select {
+    padding-left: 8px;
+    padding-right: 8px;
+    height: 34px;
+    margin-bottom: 15px;
+    border-radius: var(--border-radius);
+    border: var(--border) solid var(--color-border-maxcontrast);
+    background: var(--color-main-background);
+    color: var(--color-main-text);
+}
+
+input[type="text"]:hover,
+input[type="password"]:hover,
+select:hover {
+    border: var(--border-hover) solid var(--color-main-border-hover);
+}
+
+textarea {
+    border-radius: var(--border-radius);
+    border: .5px solid var(--color-main-border);
+    max-width: 100%;
+}
+
+input[type="text"]:focus,
+input[type="password"]:focus,
+textarea:focus,
+select:focus {
+    border: 1px solid var(--color-main-border);
+}
+
+/* Scroll bar for dark mode */
+html[data-theme="dark"] ::-webkit-scrollbar {
+    width: 8px; /* Width of the scroll bar */
+}
+
+html[data-theme="dark"] ::-webkit-scrollbar-thumb {
+    background-color: #444; /* Dark mode scrollbar thumb color */
+    border-radius: 4px; /* Rounded corners for the thumb */
+}
+
+html[data-theme="dark"] ::-webkit-scrollbar-track {
+    background-color: #333; /* Dark mode scrollbar track color */
+}
+
+/* Scroll bar for light mode */
+::-webkit-scrollbar {
+    width: 8px; /* Width of the scroll bar */
+}
+
+::-webkit-scrollbar-thumb {
+    background-color: #888; /* Light mode scrollbar thumb color */
+    border-radius: 4px; /* Rounded corners for the thumb */
+}
+
+::-webkit-scrollbar-track {
+    background-color: #f0f0f0; /* Light mode scrollbar track color */
+}
+
+.container {
+    margin: 20px auto;
+    padding: 2px;
+    max-width: calc(var(--max-width) + 108px);
+    background-color: var(--color-main-background);
+    border-radius: var(--border-radius-large);
+    box-shadow: 0 4px 8px rgba(0, 0, 0, 0.1);
+    max-height: calc(100dvh - 50px);
+    overflow: hidden;
 }
 
 main {
-    padding: 20px;
-    max-width: 100%;
+    padding-left: 50px;
+    padding-right: 50px;
+    background-color: transparent; /* transparent, since color comes from outer container */
+    color: var(--color-main-text);
+    max-height: calc(100dvh - 44px);
+    overflow-y: auto;
+    box-sizing: border-box;
     word-break: break-word;
-    max-width: 500px;
+    max-width: calc(var(--max-width) + 100px);
     margin: 0 auto;
 }
 
 .logo {
-    background-image: url('/img/logo.svg');
+    color: white;
     height: 50px;
-    background-repeat: no-repeat;
-    display: inline-flex;
-    background-size: contain;
-    background-position: center center;
     width: 62px;
     position: absolute;
     left: 12px;
@@ -189,16 +310,62 @@ main {
 }
 
 header {
-    background-color: #0082c9;
-    background-image: linear-gradient(40deg, #0082c9 0%, #30b6ff 100%);
+    position: fixed;
+    top: 0;
+    width: 100%;
+    background-color: transparent;
     height: 50px;
     justify-content: space-between;
     align-items: center;
     display: flex;
+    padding: 0 20px;
+    z-index: 1000;
 }
 
 header > form {
-    margin: 0 8px;
+    margin-left: auto;
+    margin-right: 30px;
+}
+
+input[type="checkbox"] {
+    width: var(--checkbox-size);
+    height: var(--checkbox-size);
+    -webkit-appearance: none; /* remove default styling */
+    -moz-appearance: none;
+    appearance: none;
+    border: 1px solid var(--color-nextcloud-blue);
+    border-radius: 2px;
+    cursor: pointer;
+    position: relative;
+    vertical-align: middle; /* align checkbox vertically with text */
+    margin-top: -1px; /* adjust for better alignment */
+}
+
+input[type="checkbox"]:checked {
+    background-color: var(--color-nextcloud-blue);
+    border-color: var(--color-border-maxcontrast);
+}
+
+input[type="checkbox"]:checked::after {
+    content: ''; /* Create a pseudo-element for the checkmark */
+    position: absolute; /* Position it absolutely */
+    left: 4px; /* Positioning of the checkmark */
+    top: 0; /* Positioning of the checkmark */
+    width: 4px; /* Width of the checkmark */
+    height: 9px; /* Height of the checkmark */
+    border: solid white; /* Color of the checkmark */
+    border-width: 0 2px 3px 0; /* Create the checkmark shape */
+    transform: rotate(45deg); /* Rotate to form a checkmark */
+}
+
+input[type="checkbox"]:hover {
+    border-color: var(--color-info-hover);
+}
+
+label {
+    cursor: pointer;
+    margin-left: 4px;
+    line-height: var(--checkbox-size);
 }
 
 .loading {
@@ -221,9 +388,9 @@ header > form {
 }
 
 .loader {
-    border: 16px solid #f3f3f3;
+    border: 16px solid var(--color-loader);
     border-radius: 50%;
-    border-top: 16px solid #0082c9;
+    border-top: 16px solid var(--color-nextcloud-blue);
     width: 120px;
     height: 120px;
     -webkit-animation: spin 2s linear infinite; /* Safari */
@@ -243,3 +410,64 @@ header > form {
     0% { transform: rotate(0deg); }
     100% { transform: rotate(360deg); }
 }
+
+/* General theme button styling */
+#theme-toggle {
+    position: fixed; /* Keep the button in the same position */
+    right: 30px; /* Adjust the distance from the right */
+    bottom: 30px; /* Adjust the distance from the bottom */
+    background-color: transparent; /* Make the background transparent */
+    border: none; /* Remove border */
+    font-size: 36px; /* Adjust font size */
+    cursor: pointer; /* Change cursor to pointer */
+    outline: none;
+    z-index: 9999; /* Ensures the icon is on top of every layer */
+}
+
+/* Icon styling: default state */
+#theme-icon {
+    display: inline-block;
+    border-radius: 50%; /* Round shape */
+    position: relative; /* For the pseudo-element positioning */
+    transition: box-shadow 0.3s, background-color 0.3s; /* Smooth transition for hover effect */
+    opacity: 0.6; /* Slightly transparent by default */
+    filter: grayscale(100%); /* Make the icon black and white */
+}
+
+/* Create the inner glow effect with ::after */
+#theme-icon::after {
+    content: ''; /* Empty content for the pseudo-element */
+    position: absolute;
+    top: 50%;
+    left: 50%;
+    width: 0px; /* Invisible dot */
+    height: 0px; /* Invisible dot */
+    background-color: transparent; /* Invisible by default */
+    border-radius: 50%; /* Circle shape */
+    transform: translate(-50%, -50%); /* Center the dot */
+    transition: box-shadow 0.3s, background-color 0.3s; /* Smooth transition for hover */
+}
+
+/* Hover effect for both light and dark modes */
+#theme-toggle:hover #theme-icon {
+    position: relative; /* Ensures stacking order */
+    filter: grayscale(0%); /* Restore full color */
+    opacity: 1; /* Fully visible on hover */
+}
+
+/* Inner glow when hovered */
+#theme-toggle:hover #theme-icon::after {
+    box-shadow: 0 0 40px 40px rgba(128, 128, 128, 0.4); /* Blur effect from inside */
+    background-color: rgba(128, 128, 128, 0.2); /* Light glow inside */
+}
+
+/* Remove hover effects when not hovering */
+#theme-toggle:not(:hover) #theme-icon {
+    opacity: 0.6; /* Slightly transparent */
+}
+
+@media only screen and (max-width: 800px) {
+    .container {
+        margin: 50px auto 0px auto;
+    }
+}

php/public/toggle-dark-mode.js

@@ -0,0 +1,26 @@
+// Function to toggle theme
+function toggleTheme() {
+    const currentTheme = document.documentElement.getAttribute('data-theme');
+    const newTheme = (currentTheme === 'dark') ? '' : 'dark'; // Toggle between no theme and dark theme
+    document.documentElement.setAttribute('data-theme', newTheme);
+    localStorage.setItem('theme', newTheme);
+
+    // Change the icon based on the current theme
+    const themeIcon = document.getElementById('theme-icon');
+    themeIcon.textContent = newTheme === 'dark' ? '☀️' : '🌙'; // Switch between moon and sun icons
+}
+
+// Function to apply saved theme from localStorage
+function applySavedTheme() {
+    const savedTheme = localStorage.getItem('theme');
+    if (savedTheme === 'dark') {
+        document.documentElement.setAttribute('data-theme', 'dark');
+        document.getElementById('theme-icon').textContent = '☀️'; // Sun icon for dark mode
+    } else {
+        document.documentElement.removeAttribute('data-theme'); // Default to light theme (no data-theme)
+        document.getElementById('theme-icon').textContent = '🌙'; // Moon icon for light mode
+    }
+}
+
+// Apply theme when the page loads
+document.addEventListener('DOMContentLoaded', applySavedTheme);

php/src/Container/Container.php

@@ -5,6 +5,7 @@ namespace AIO\Container;
 use AIO\Data\ConfigurationManager;
 use AIO\Docker\DockerActionManager;
 use AIO\ContainerDefinitionFetcher;
+use GuzzleHttp\Exception\GuzzleException;
 
 readonly class Container {
     public function __construct(
@@ -112,20 +113,13 @@ readonly class Container {
         return $this->volumes;
     }
 
-    public function GetRunningState() : ContainerState {
-        return $this->dockerActionManager->GetContainerRunningState($this);
+    /** @throws GuzzleException */
+    public function GetContainerState() : ContainerState {
+        return $this->dockerActionManager->GetContainerState($this);
     }
 
-    public function GetRestartingState() : ContainerState {
-        return $this->dockerActionManager->GetContainerRestartingState($this);
-    }
-
-    public function GetUpdateState() : VersionState {
-        return $this->dockerActionManager->GetContainerUpdateState($this);
-    }
-
-    public function GetStartingState() : ContainerState {
-        return $this->dockerActionManager->GetContainerStartingState($this);
+    public function GetUpdateState() : UpdateState {
+        return $this->dockerActionManager->GetUpdateState($this);
     }
 
     /**

php/src/Container/ContainerState.php

@@ -2,11 +2,35 @@
 
 namespace AIO\Container;
 
-enum ContainerState: string {
-    case ImageDoesNotExist = 'image_does_not_exist';
-    case NotRestarting = 'not_restarting';
-    case Restarting = 'restarting';
-    case Running = 'running';
-    case Starting = 'starting';
-    case Stopped = 'stopped';
+enum ContainerState {
+    case DoesNotExist;
+    case Restarting;
+    case Healthy;
+    case Starting;
+    case Stopped;
+    case Unhealthy;
+
+    public function isStopped(): bool {
+        return $this == self::Stopped;
+    }
+
+    public function isStarting(): bool {
+        return $this == self::Starting;
+    }
+
+    public function isRestarting(): bool {
+        return $this == self::Restarting;
+    }
+
+    public function isHealthy(): bool {
+        return $this == self::Healthy;
+    }
+
+    public function isUnhealthy(): bool {
+        return $this == self::Unhealthy;
+    }
+
+    public function isRunning(): bool {
+        return $this->isHealthy() || $this->isUnhealthy() || $this->isStarting() || $this->isRestarting();
+    }
 }

php/src/Container/UpdateState.php

@@ -0,0 +1,12 @@
+<?php
+
+namespace AIO\Container;
+
+enum UpdateState {
+    case Outdated;
+    case Latest;
+
+    public function isUpdatableAvailable(): bool {
+        return $this == self::Outdated;
+    }
+}

php/src/Container/VersionState.php

@@ -1,8 +0,0 @@
-<?php
-
-namespace AIO\Container;
-
-enum VersionState: string {
-    case Different = 'different';
-    case Equal = 'equal';
-}

php/src/Controller/DockerController.php

@@ -5,6 +5,7 @@ namespace AIO\Controller;
 use AIO\Container\ContainerState;
 use AIO\ContainerDefinitionFetcher;
 use AIO\Docker\DockerActionManager;
+use GuzzleHttp\Exception\GuzzleException;
 use Psr\Http\Message\ResponseInterface as Response;
 use Psr\Http\Message\ServerRequestInterface as Request;
 use AIO\Data\ConfigurationManager;
@@ -19,6 +20,7 @@ readonly class DockerController {
     ) {
     }
 
+    /** @throws GuzzleException */
     private function PerformRecursiveContainerStart(string $id, bool $pullImage = true) : void {
         $container = $this->containerDefinitionFetcher->GetContainerById($id);
 
@@ -28,7 +30,7 @@ readonly class DockerController {
 
         // Don't start if container is already running
         // This is expected to happen if a container is defined in depends_on of multiple containers
-        if ($container->GetRunningState() === ContainerState::Running) {
+        if ($container->GetContainerState()->isRunning()) {
             error_log('Not starting ' . $id . ' because it was already started.');
             return;
         }
@@ -240,6 +242,7 @@ readonly class DockerController {
         $this->PerformRecursiveContainerStop($id);
     }
 
+    /** @throws GuzzleException */
     public function StartDomaincheckContainer() : void
     {
         # Don't start if domain is already set
@@ -254,10 +257,10 @@ readonly class DockerController {
         $domaincheckContainer = $this->containerDefinitionFetcher->GetContainerById($id);
         $apacheContainer = $this->containerDefinitionFetcher->GetContainerById(self::TOP_CONTAINER);
         // Don't start if apache is already running
-        if ($apacheContainer->GetRunningState() === ContainerState::Running) {
+        if ($apacheContainer->GetContainerState()->isRunning()) {
             return;
         // Don't start if domaincheck is already running
-        } elseif ($domaincheckContainer->GetRunningState() === ContainerState::Running) {
+        } elseif ($domaincheckContainer->GetContainerState()->isRunning()) {
             $domaincheckWasStarted = apcu_fetch($cacheKey);
             // Start domaincheck again when 10 minutes are over by not returning here
             if($domaincheckWasStarted !== false && is_string($domaincheckWasStarted)) {

php/src/Docker/DockerActionManager.php

@@ -3,10 +3,13 @@
 namespace AIO\Docker;
 
 use AIO\Container\Container;
-use AIO\Container\VersionState;
+use AIO\Container\UpdateState;
 use AIO\Container\ContainerState;
 use AIO\Data\ConfigurationManager;
+use AssertionError;
+use Exception;
 use GuzzleHttp\Client;
+use GuzzleHttp\Exception\GuzzleException;
 use GuzzleHttp\Exception\RequestException;
 use AIO\ContainerDefinitionFetcher;
 use http\Env\Response;
@@ -35,50 +38,7 @@ readonly class DockerActionManager {
         return $container->GetContainerName() . ':' . $tag;
     }
 
-    public function GetContainerRunningState(Container $container) : ContainerState
-    {
-        $url = $this->BuildApiUrl(sprintf('containers/%s/json', urlencode($container->GetIdentifier())));
-        try {
-            $response = $this->guzzleClient->get($url);
-        } catch (RequestException $e) {
-            if ($e->getCode() === 404) {
-                return ContainerState::ImageDoesNotExist;
-            }
-            throw $e;
-        }
-
-        $responseBody = json_decode((string)$response->getBody(), true);
-
-        if ($responseBody['State']['Running'] === true) {
-            return ContainerState::Running;
-        } else {
-            return ContainerState::Stopped;
-        }
-    }
-
-    public function GetContainerRestartingState(Container $container) : ContainerState
-    {
-        $url = $this->BuildApiUrl(sprintf('containers/%s/json', urlencode($container->GetIdentifier())));
-        try {
-            $response = $this->guzzleClient->get($url);
-        } catch (RequestException $e) {
-            if ($e->getCode() === 404) {
-                return ContainerState::ImageDoesNotExist;
-            }
-            throw $e;
-        }
-
-        $responseBody = json_decode((string)$response->getBody(), true);
-
-        if ($responseBody['State']['Restarting'] === true) {
-            return ContainerState::Restarting;
-        } else {
-            return ContainerState::NotRestarting;
-        }
-    }
-
-    public function GetContainerUpdateState(Container $container) : VersionState
-    {
+    public function GetUpdateState(Container $container): UpdateState {
         $tag = $container->GetImageTag();
         if ($tag === '%AIO_CHANNEL%') {
             $tag = $this->GetCurrentChannel();
@@ -86,47 +46,66 @@ readonly class DockerActionManager {
 
         $runningDigests = $this->GetRepoDigestsOfContainer($container->GetIdentifier());
         if ($runningDigests === null) {
-            return VersionState::Different;
+            return UpdateState::Outdated;
         }
         $remoteDigest = $this->dockerHubManager->GetLatestDigestOfTag($container->GetContainerName(), $tag);
         if ($remoteDigest === null) {
-            return VersionState::Equal;
+            return UpdateState::Latest;
         }
 
-        foreach($runningDigests as $runningDigest) {
-            if ($runningDigest === $remoteDigest) {
-                return VersionState::Equal;
-            }
-        }
-        return VersionState::Different;
+        return in_array($remoteDigest, $runningDigests, true) ? UpdateState::Latest : UpdateState::Outdated;
     }
 
-    public function GetContainerStartingState(Container $container) : ContainerState
-    {
-        $runningState = $this->GetContainerRunningState($container);
-        if ($runningState === ContainerState::Stopped || $runningState === ContainerState::ImageDoesNotExist) {
-            return $runningState;
-        }
-
-        $containerName = $container->GetIdentifier();
-        $internalPort = $container->GetInternalPort();
-        if($internalPort === '%APACHE_PORT%') {
-            $internalPort = $this->configurationManager->GetApachePort();
-        } elseif($internalPort === '%TALK_PORT%') {
-            $internalPort = $this->configurationManager->GetTalkPort();
-        }
-
-        if ($internalPort !== "" && $internalPort !== 'host') {
-            $connection = @fsockopen($containerName, (int)$internalPort, $errno, $errstr, 0.2);
-            if ($connection) {
-                fclose($connection);
-                return ContainerState::Running;
-            } else {
-                return ContainerState::Starting;
+    /** @throws GuzzleException */
+    public function GetContainerState(Container $container): ContainerState {
+        $url = $this->BuildApiUrl(sprintf('containers/%s/json', urlencode($container->GetIdentifier())));
+        try {
+            $response = $this->guzzleClient->get($url);
+        } catch (GuzzleException $e) {
+            if ($e->getCode() === 404) {
+                return ContainerState::DoesNotExist;
             }
-        } else {
-            return ContainerState::Running;
+            throw $e;
         }
+
+        $body = json_decode($response->getBody()->getContents(), true);
+        assert(is_array($body));
+        assert(is_array($body['State']));
+
+        $state = match ($body['State']['Status']) {
+            'running' => ContainerState::Healthy,
+            'created' => ContainerState::Starting,
+            'restarting' => ContainerState::Restarting,
+            'paused', 'removing', 'exited', 'dead' => ContainerState::Stopped,
+            default => throw new AssertionError()
+        };
+
+        if ($state->isHealthy() && is_array($body['State']['Health'])) {
+            $state = match ($body['State']['Health']['Status']) {
+                'starting' => ContainerState::Starting,
+                'unhealthy' => ContainerState::Unhealthy,
+                default => $state,
+            };
+        }
+
+        if ($state->isHealthy()) {
+            $containerName = $container->GetIdentifier();
+            $internalPort = $container->GetInternalPort();
+            if ($internalPort === '%APACHE_PORT%') {
+                $internalPort = $this->configurationManager->GetApachePort();
+            } elseif ($internalPort === '%TALK_PORT%') {
+                $internalPort = $this->configurationManager->GetTalkPort();
+            }
+            if (is_numeric($internalPort)) {
+                $connection = @fsockopen($containerName, intval($internalPort), $errno, $errstr, 0.2);
+                if ($connection) {
+                    fclose($connection);
+                } else {
+                    $state = ContainerState::Starting;
+                }
+            }
+        }
+        return $state;
     }
 
     public function DeleteContainer(Container $container) : void {
@@ -167,7 +146,7 @@ readonly class DockerActionManager {
         try {
             $this->guzzleClient->post($url);
         } catch (RequestException $e) {
-            throw new \Exception("Could not start container " . $container->GetIdentifier() . ": " . $e->getMessage());
+            throw new Exception("Could not start container " . $container->GetIdentifier() . ": " . $e->getMessage());
         }
     }
 
@@ -404,7 +383,7 @@ readonly class DockerActionManager {
                 } else {
                     $secret = $this->configurationManager->GetSecret($out[1]);
                     if ($secret === "") {
-                        throw new \Exception("The secret " . $out[1] . " is empty. Cannot substitute its value. Please check if it is defined in secrets of containers.json.");
+                        throw new Exception("The secret " . $out[1] . " is empty. Cannot substitute its value. Please check if it is defined in secrets of containers.json.");
                     }
                     $replacements[1] = $secret;
                 }
@@ -573,7 +552,7 @@ readonly class DockerActionManager {
                 ]
             );
         } catch (RequestException $e) {
-            throw new \Exception("Could not create container " . $container->GetIdentifier() . ": " . $e->getMessage());
+            throw new Exception("Could not create container " . $container->GetIdentifier() . ": " . $e->getMessage());
         }
 
     }
@@ -609,17 +588,16 @@ readonly class DockerActionManager {
             $this->guzzleClient->post($url);
         } catch (RequestException $e) {
             if ($imageIsThere === false) {
-                throw new \Exception("Could not pull image " . $imageName . ". Please run 'sudo docker exec -it nextcloud-aio-mastercontainer docker pull " . $imageName . "' in order to find out why it failed.");
+                throw new Exception("Could not pull image " . $imageName . ". Please run 'sudo docker exec -it nextcloud-aio-mastercontainer docker pull " . $imageName . "' in order to find out why it failed.");
             }
         }
     }
 
-    private function isContainerUpdateAvailable(string $id) : string
-    {
+    private function isContainerUpdateAvailable(string $id): string {
         $container = $this->containerDefinitionFetcher->GetContainerById($id);
 
         $updateAvailable = "";
-        if ($container->GetUpdateState() === VersionState::Different) {
+        if ($container->GetUpdateState() === UpdateState::Outdated) {
             $updateAvailable = '1';
         }
         foreach ($container->GetDependsOn() as $dependency) {
@@ -718,7 +696,7 @@ readonly class DockerActionManager {
             }
 
             return null;
-        } catch (\Exception $e) {
+        } catch (Exception $e) {
             return null;
         }
     }
@@ -747,7 +725,7 @@ readonly class DockerActionManager {
                 $tag = 'latest';
             }
             return $tag;
-        } catch (\Exception $e) {
+        } catch (Exception $e) {
             error_log('Could not get current channel ' . $e->getMessage());
         }
 
@@ -778,9 +756,9 @@ readonly class DockerActionManager {
         return true;
     }
 
-    public function sendNotification(Container $container, string $subject, string $message, string $file = '/notify.sh') : void
-    {
-        if ($this->GetContainerStartingState($container) === ContainerState::Running) {
+    /** @throws GuzzleException */
+    public function sendNotification(Container $container, string $subject, string $message, string $file = '/notify.sh'): void {
+        if ($this->GetContainerState($container)->isHealthy()) {
 
             $containerName = $container->GetIdentifier();
 
@@ -867,7 +845,7 @@ readonly class DockerActionManager {
         } catch (RequestException $e) {
             // 409 is undocumented and gets thrown if the network already exists.
             if ($e->getCode() !== 409) {
-                throw new \Exception("Could not create the nextcloud-aio network: " . $e->getMessage());
+                throw new Exception("Could not create the nextcloud-aio network: " . $e->getMessage());
             }
         }
 
@@ -961,19 +939,24 @@ readonly class DockerActionManager {
         }
     }
 
-    public function isLoginAllowed() : bool {
+    /**
+     * @throws GuzzleException
+     * @throws Exception
+     */
+    public function isLoginAllowed(): bool {
         $id = 'nextcloud-aio-apache';
         $apacheContainer = $this->containerDefinitionFetcher->GetContainerById($id);
-        if ($this->GetContainerStartingState($apacheContainer) === ContainerState::Running) {
+        if ($this->GetContainerState($apacheContainer)->isRunning()) {
             return false;
         }
         return true;
     }
 
-    public function isBackupContainerRunning() : bool {
+    /** @throws GuzzleException */
+    public function isBackupContainerRunning(): bool {
         $id = 'nextcloud-aio-borgbackup';
         $backupContainer = $this->containerDefinitionFetcher->GetContainerById($id);
-        if ($this->GetContainerRunningState($backupContainer) === ContainerState::Running) {
+        if ($this->GetContainerState($backupContainer)->isRunning()) {
             return true;
         }
         return false;
@@ -991,7 +974,7 @@ readonly class DockerActionManager {
             }
 
             return str_replace('T', ' ', (string)$imageOutput['Created']);
-        } catch (\Exception $e) {
+        } catch (Exception $e) {
             return null;
         }
     }

php/templates/already-installed.twig

@@ -1,5 +1,13 @@
 {% extends "layout.twig" %}
 
 {% block body %}
-    Already installed.
-{% endblock %}
+    <div class="login">
+        <svg class="nextcloud-logo" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 142 100" width="142" height="100"">
+            <use href="/img/nextcloud-logo.svg#logo"></use>
+            <use href="/img/nextcloud-logo.svg#Nextcloud"></use>
+            <text x="10" y="50" fill="var(--color-nextcloud-logo)" class="fallback-text">Nextcloud Logo</text>
+        </svg>
+        <h2>Nextcloud All-In-One is already installed</h2>
+        <a href="/" class="button">Open Nextcloud AIO</a>
+    </div>
+{% endblock %}

php/templates/layout.twig

@@ -1,12 +1,21 @@
 <html>
     <head>
         <title>AIO</title>
-        <link rel="stylesheet" href="/style.css?v2" media="all" />
+        <link rel="stylesheet" href="/style.css?v3" media="all" />
         <link rel="icon" href="/img/favicon.png">
         <script type="text/javascript" src="forms.js"></script>
+        <script type="text/javascript" src="toggle-dark-mode.js"></script>
     </head>
 
     <body>
+        <div class="wrapper">
             {% block body %}{% endblock %}
+        </div>
+        <div id="overlay">
+            <div class="loader"></div>
+        </div>
+        <button id="theme-toggle" onclick="toggleTheme()">
+            <span id="theme-icon">🌙</span>
+        </button>
     </body>
 </html>

php/templates/login.twig

@@ -1,28 +1,25 @@
-{% extends "layout.twig" %}
-
-{% block body %}
-    <div class="login-wrapper">
-        <div class="login">
-            <img alt="Nextcloud logo" src="/img/logo-blue.svg" style="margin-left: auto;margin-right: auto;display: block;">
-            <h1>Nextcloud AIO Login</h1>
-            {% if is_login_allowed == true %}
-                <p>Log in using your Nextcloud AIO passphrase:</p>
-                <form method="POST" action="/api/auth/login" class="xhr">
-                    <input type="password" autocomplete="current-password" name="password" placeholder="Password" id="master-password" oninput="showPassword('master-password')">
-
-                    <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
-                    <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
-                    <input type="submit" class="button" value="Log in" />
-                </form>
-            {% else %}
-                <p>The login is blocked since Nextcloud is running.<br>Please use the <a href="https://github.com/nextcloud/all-in-one#how-to-easily-log-in-to-the-aio-interface"><strong>automatic login</strong></a> from your Nextcloud.<br><br>
-                If that is not possible, you can unblock the login by running<br><strong>sudo docker stop nextcloud-aio-apache</strong></p>
-            {% endif %}
-        </div>
-    </div>
-    <script type="text/javascript" src="before-unload.js"></script>
-    <div id="overlay">
-        <div class="loader"></div>
-    </div>
-{% endblock %}
-
+{% extends "layout.twig" %}
+
+{% block body %}
+    <div class="login">
+        <svg class="nextcloud-logo" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 142 100" width="142" height="100"">
+            <use href="/img/nextcloud-logo.svg#logo"></use>
+            <use href="/img/nextcloud-logo.svg#Nextcloud"></use>
+            <text x="10" y="50" fill="var(--color-nextcloud-logo)" class="fallback-text">Nextcloud Logo</text>
+        </svg>
+        <h1>Nextcloud AIO Login</h1>
+        {% if is_login_allowed == true %}
+            <p>Log in using your Nextcloud AIO passphrase:</p>
+            <form method="POST" action="/api/auth/login" class="xhr">
+                <input type="password" autocomplete="current-password" name="password" placeholder="Password" id="master-password" oninput="showPassword('master-password')">
+                <input type="hidden" name="{{csrf.keys.name}}" value="{{csrf.name}}">
+                <input type="hidden" name="{{csrf.keys.value}}" value="{{csrf.value}}">
+                <input type="submit" class="button" value="Log in" />
+            </form>
+        {% else %}
+            <p>The login is blocked since Nextcloud is running.<br>Please use the <a href="https://github.com/nextcloud/all-in-one#how-to-easily-log-in-to-the-aio-interface"><strong>automatic login</strong></a> from your Nextcloud.<br><br>
+            If that is not possible, you can unblock the login by running<br><strong>sudo docker stop nextcloud-aio-apache</strong></p>
+        {% endif %}
+    </div>
+    <script type="text/javascript" src="before-unload.js"></script>
+{% endblock %}

php/templates/setup.twig

@@ -1,14 +1,16 @@
 {% extends "layout.twig" %}
 
 {% block body %}
-    <div class="login-wrapper">
-        <div class="login">
-            <img alt="Nextcloud logo" src="/img/logo-blue.svg" style="margin-left: auto;margin-right: auto;display: block;">
-            <h1>All-in-One setup</h1>
-            <p>The official Nextcloud installation method. Nextcloud All-in-One provides easy deployment and maintenance with most features included in this one Nextcloud instance.</p>
-            <p>⚠️ <strong>Please note down the passphrase to access the AIO interface and don't lose it!</strong></p>
-            <strong>Passphrase</strong><br/><span class="monospace">{{ password }}</span><br>
-            <a href="/" class="button" target="_blank" rel="noopener">Open Nextcloud AIO login ↗</a>
-        </div>
+    <div class="login">
+        <svg class="nextcloud-logo" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 142 100" width="142" height="100"">
+            <use href="/img/nextcloud-logo.svg#logo"></use>
+            <use href="/img/nextcloud-logo.svg#Nextcloud"></use>
+            <text x="10" y="50" fill="var(--color-nextcloud-logo)" class="fallback-text">Nextcloud Logo</text>
+        </svg>
+        <h1>All-in-One setup</h1>
+        <p>The official Nextcloud installation method. Nextcloud All-in-One provides easy deployment and maintenance with most features included in this one Nextcloud instance.</p>
+        <p>⚠️ <strong>Please note down the passphrase to access the AIO interface and don't lose it!</strong></p>
+        <strong>Passphrase</strong><br/><span class="monospace">{{ password }}</span><br>
+        <a href="/" class="button" target="_blank" rel="noopener">Open Nextcloud AIO login ↗</a>
     </div>
-{% endblock %}
+{% endblock %}

reverse-proxy.md

@@ -1,22 +1,29 @@
 # Reverse Proxy Documentation
 
-**Note:** The maintainers of AIO noticed that this documentation could be improved to make it easier to follow. All contributions that improve this are very welcome!
+> [!NOTE]  
+> The maintainers of AIO noticed that this documentation could be improved to make it easier to follow. All contributions that improve this are very welcome!
 
-A [reverse proxy](https://en.wikipedia.org/wiki/Reverse_proxy) is basically a web server that enables computers on the internet to access a service in a [private subnet](https://en.wikipedia.org/wiki/Private_network).
+A [reverse proxy](https://en.wikipedia.org/wiki/Reverse_proxy) is a software service that acts as a gateway between services and a client. It is commonly used to allow a client connected to the Internet to access a website located in the [private subnet](https://en.wikipedia.org/wiki/Private_network) of that web server.
 
-**Please note:** Publishing the AIO interface with a valid certificate to the public internet is **not** the goal of this documentation! Instead, the main goal is to publish Nextcloud with a valid certificate to the public internet which is **not** running inside the mastercontainer but in a different container! If you need a valid certificate for the AIO interface, see [point 5](#5-optional-get-a-valid-certificate-for-the-aio-interface).
+**Please note:** Publishing the AIO interface with a valid certificate to the public internet is **not** the goal of this documentation! If you need a valid certificate for the AIO interface, see [point 5](#5-optional-get-a-valid-certificate-for-the-aio-interface).
 
-In order to run Nextcloud behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else), you need to specify the port that AIO's Apache container shall use, add a specific config to your web server or reverse proxy and modify the startup command a bit. All examples below will use port `11000` as example `APACHE_PORT` which will be exposed on the host to receive unencrypted HTTP traffic from the reverse proxy. **Advice:** If you need https between Nextcloud and the reverse proxy because it is running on a different server in the same network, simply add another reverse proxy to the chain that runs on the same server like AIO and takes care of https proxying (most likely via self-signed cert). Another option is to create a VPN between the server that runs AIO and the server that runs the reverse proxy which takes care of encrypting the connection.
+In order to run Nextcloud behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else), you need to:
+1. specify the port that AIO's integrated Apache container shall use
+2. add a specific config to your web server or reverse proxy
+3. modify the startup command a bit.
+All examples below will use port `11000` as `APACHE_PORT`. This port will be exposed in the private network to receive unencrypted HTTP traffic from the reverse proxy.
+> [!IMPORTANT] 
+> If you need HTTPS between Nextcloud and the reverse proxy because it is running on a different server in the same network, simply add another reverse proxy to the chain that runs on the same server like AIO and takes care of HTTPS proxying (most likely via self-signed certificates). Another option would be to create a VPN between the server that runs AIO and the server that runs the reverse proxy which takes care of encrypting the connection.
 
 **Attention:** The process to run Nextcloud behind a reverse proxy consists of at least steps 1, 2 and 4:
 1. **Configure the reverse proxy! See [point 1](#1-configure-the-reverse-proxy)**
 1. **Use this startup command! See [point 2](#2-use-this-startup-command)**
-1. Optional: If the reverse proxy is installed on the same host and in the host network, you should limit the apache container to only listen on localhost. See [point 3](#3-limit-the-access-to-the-apache-container)
+1. Optional: if the reverse proxy is installed on the same host and in the host network, you should limit the apache container to only listen on localhost. See [point 3](#3-limit-the-access-to-the-apache-container)
 1. **Open the AIO interface. See [point 4](#4-open-the-aio-interface)**
-1. Optional: Get a valid certificate for the AIO interface! See [point 5](#5-optional-get-a-valid-certificate-for-the-aio-interface)
-1. Optional: How to debug things? See [point 6](#6-how-to-debug-things)
+1. Optional: get a valid certificate for the AIO interface! See [point 5](#5-optional-get-a-valid-certificate-for-the-aio-interface)
+1. Optional: how to debug things? See [point 6](#6-how-to-debug-things)
 
-**Please note:** Since the Apache container gets created by the mastercontainer, there is **NO** way to provide custom docker labels or custom environmental variables for the Apache container. So please do not attempt to do this because you will fail! Only the documented way will work!
+**Please note:** Since the Apache container gets created by the mastercontainer, there is **NO** way to provide custom docker labels or custom environmental variables for the Apache container. So please do not attempt to do this because it will fail!
 
 ## 1. Configure the reverse proxy
 
@@ -39,7 +46,7 @@ In order to run Nextcloud behind a web server or reverse proxy (like Apache, Ngi
 
     For this setup, you can use as target `host.docker.internal:$APACHE_PORT` instead of `localhost:$APACHE_PORT`. **⚠️ Important:** In order to make this work on Docker for Linux, you need to add `--add-host=host.docker.internal:host-gateway` to the docker run command of your reverse proxy container or `extra_hosts: ["host.docker.internal:host-gateway"]` in docker compose (it works on Docker Desktop by default).
 
-    Another option and actually the recommended way in this case is to use `--network host` option (or `network_mode: host` for docker-compose) as setting for the reverse proxy container to connect it to the host network. If you are using a firewall on the server, you need to open ports 80 and 443 for the reverse proxy manually. By doing so, the default sample configurations that point at `localhost:$APACHE_PORT` should work without having to modify them.
+    Another option (actually the recommended way) in this case is to use `--network host` option (or `network_mode: host` for docker-compose) as setting for the reverse proxy container to connect it to the host network. If you are using a firewall on the server, you need to open ports 80 and 443 for the reverse proxy manually. By doing so, the default sample configurations that point at `localhost:$APACHE_PORT` should work without having to modify them.
 
     </details>
 
@@ -132,7 +139,7 @@ To make the config work you can run the following command:
 
 </details>
 
-### Caddy (Recommended)
+### Caddy (recommended)
 
 <details>
 
@@ -147,7 +154,7 @@ https://<your-nc-domain>:443 {
 ```
 The Caddyfile is a text file called `Caddyfile` (no extension) which – if you should be running Caddy inside a container – should usually be created in the same location as your `compose.yaml` file prior to starting the container.
 
-⚠️ **Please note:** Look into [this](#adapting-the-sample-web-server-configurations-below) to adapt the above example configuration.
+⚠️ **Please note:** look into [this](#adapting-the-sample-web-server-configurations-below) to adapt the above example configuration.
 
 **Advice:** You may have a look at [this](https://github.com/nextcloud/all-in-one/discussions/575#discussion-4055615) for a more complete example.
 
@@ -181,7 +188,7 @@ You can get AIO running using the ACME DNS-challenge. Here is how to do it.
 
 </details>
 
-### Citrix ADC VPX / Citrix Netscaler 
+### Citrix ADC VPX / Citrix Netscaler
 
 <details>
 
@@ -200,8 +207,8 @@ For a reverse proxy example guide for Citrix ADC VPX / Citrix Netscaler, see thi
 Although it does not seem like it is the case but from AIO perspective a Cloudflare Tunnel works like a reverse proxy. Please see the [caveats](https://github.com/nextcloud/all-in-one#notes-on-cloudflare-proxytunnel) before proceeding. Here is then how to make it work:
 
 1. Install the Cloudflare Tunnel on the same machine where AIO will be running on and point the Tunnel with the domain that you want to use for AIO to `http://localhost:11000`.<br>
-⚠️ **Please note:** Look into [this](#adapting-the-sample-web-server-configurations-below) to adapt the above example configuration.
-1. Now continue with [point 2](#2-use-this-startup-command) but additionally, add `--env SKIP_DOMAIN_VALIDATION=true` to the docker run command which will disable the domain validation (because it is known that the domain validation will not work behind a Cloudflare Tunnel). So you need to ensure yourself that you've configured everything correctly.
+⚠️ **Please note:** look into [this](#adapting-the-sample-web-server-configurations-below) to adapt the above example configuration.
+1. Now continue with [point 2](#2-use-this-startup-command) but add `--env SKIP_DOMAIN_VALIDATION=true` to the docker run command - which will disable the domain validation (because it is known that the domain validation will not work behind a Cloudflare Tunnel).
 
 **Advice:** Make sure to [disable Cloudflares Rocket Loader feature](https://help.nextcloud.com/t/login-page-not-working-solved/149417/8) as otherwise Nextcloud's login prompt will not be shown.
 
@@ -310,11 +317,11 @@ backend Nextcloud
 
 <summary>click here to expand</summary>
 
-**Disclaimer:** This config was tested and should normally work on all modern nginx version if you configure it correctly. Improvements to the config are very welcome!
+**Disclaimer:** This config was tested and should normally work on all modern Nginx versions. Improvements to the config are very welcome!
 
-Add the below template to your nginx config.
+Add the below template to your Nginx config.
 
-**Note:** please check your nginx version by running: `nginx -v` and adjust it the lines marked with version notes, so that they fit your nginx version.
+**Note:** please check your Nginx version by running: `nginx -v` and adjust the lines marked with version notes to fit your version.
 
 ```
 map $http_upgrade $connection_upgrade {
@@ -392,19 +399,19 @@ server {
 
 ```
 
-⚠️ **Please note:** Look into [this](#adapting-the-sample-web-server-configurations-below) to adapt the above example configuration.
+⚠️ **Please note:** look into [this](#adapting-the-sample-web-server-configurations-below) to adapt the above example configuration.
 
 **Advice:** You may have a look at [this](https://github.com/nextcloud/all-in-one/discussions/588#discussioncomment-2811152) for a more complete example.
 
 </details>
 
-### Nginx-Proxy-Manager
+### Nginx-Proxy-Manager - NPM
 
 <details>
 
 <summary>click here to expand</summary>
 
-First, please make sure that the environmental variables `PUID` and `PGID` in the compose.yaml file for NPM are either unset or set to `0`.
+First, make sure the environmental variables `PUID` and `PGID` in the `compose.yaml` file for NPM are either unset or set to `0`.
 If you need to change the GID/PID then please add `net.ipv4.ip_unprivileged_port_start=0` at the end of `/etc/sysctl.conf`. Note: this will cause that non root users can bind privileged ports.
 
 Second, see these screenshots for a working config:
@@ -423,8 +430,7 @@ proxy_read_timeout 86400s;
 client_max_body_size 0;
 ```
 
-⚠️ **Please note:** Look into [this](#adapting-the-sample-web-server-configurations-below) to adapt the above example configuration.
-
+⚠️ **Please note:** look into [this](#adapting-the-sample-web-server-configurations-below) to adapt the above example configuration.
 Also change `<you>@<your-mail-provider-domain>` to a mail address of yours.
 
 </details>
@@ -435,12 +441,11 @@ Also change `<you>@<your-mail-provider-domain>` to a mail address of yours.
 
 <summary>click here to expand</summary>
 
-Unfortunately it is not possible to configure nginx-proxy in a way that works because it completely relies on environmental variables of the docker containers itself. Providing these variables does not work as stated above.
+Unfortunately, it is not possible to configure Nginx-proxy in a way that works because it completely relies on environmental variables of the docker containers itself. Providing these variables does not work as stated above.
 
 If you really want to use AIO, we recommend you to switch to caddy. It is simply amazing!<br>
-Of course understandable if that is not possible for you.
 
-Apart from that, there is this: [manual-install](https://github.com/nextcloud/all-in-one/tree/main/manual-install)
+Apart from that, there is a [manual-install](https://github.com/nextcloud/all-in-one/tree/main/manual-install).
 
 </details>
 
@@ -450,7 +455,7 @@ Apart from that, there is this: [manual-install](https://github.com/nextcloud/al
 
 <summary>click here to expand</summary>
 
-**Disclaimer:** It might be possible that the config below is not working 100% correctly, yet. Improvements to it are very welcome!
+**Disclaimer:** it might be possible that the config below is not working 100% correctly, yet. Improvements to it are very welcome!
 
 For Node.js, we will use the npm package `http-proxy`. WebSockets must be handled separately.
 
@@ -527,7 +532,7 @@ httpServer.on('upgrade', (req, socket, head) => {
 });
 ```
 
-⚠️ **Please note:** Look into [this](#adapting-the-sample-web-server-configurations-below) to adapt the above example configuration.
+⚠️ **Please note:** look into [this](#adapting-the-sample-web-server-configurations-below) to adapt the above example configuration.
 
 </details>
 
@@ -537,7 +542,7 @@ httpServer.on('upgrade', (req, socket, head) => {
 
 <summary>click here to expand</summary>
 
-**Disclaimer:** It might be possible that the config below is not working 100% correctly, yet. Improvements to it are very welcome!
+**Disclaimer:** it might be possible that the config below is not working 100% correctly, yet. Improvements to it are very welcome!
 
 See these screenshots for a working config:
 
@@ -545,7 +550,7 @@ See these screenshots for a working config:
 
 ![image](https://user-images.githubusercontent.com/70434961/213193789-fa936edc-e307-4e6a-9a53-ae26d1bf2f42.jpg)
 
-⚠️ **Please note:** Look into [this](#adapting-the-sample-web-server-configurations-below) to adapt the above example configuration.
+⚠️ **Please note:** look into [this](#adapting-the-sample-web-server-configurations-below) to adapt the above example configuration.
 
 </details>
 
@@ -555,7 +560,7 @@ See these screenshots for a working config:
 
 <summary>click here to expand</summary>
 
-**Disclaimer:** It might be possible that the config below is not working 100% correctly, yet. Improvements to it are very welcome!
+**Disclaimer:** it might be possible that the config below is not working 100% correctly, yet. Improvements to it are very welcome!
 
 Traefik's building blocks (router, service, middlewares) need to be defined using dynamic configuration similar to [this](https://doc.traefik.io/traefik/providers/file/#configuration-examples) official Traefik configuration example. Using **docker labels _won't work_** because of the nature of the project.
 
@@ -632,8 +637,7 @@ The examples below define the dynamic configuration in YAML files. If you rather
 
 ---
 
-⚠️ **Please note:** Look into [this](#adapting-the-sample-web-server-configurations-below) to adapt the above example configuration.
-
+⚠️ **Please note:** look into [this](#adapting-the-sample-web-server-configurations-below) to adapt the above example configuration.
 **Hint**: see https://www.youtube.com/watch?v=VLPSRrLMDmA for a video on configuring Traefik.
 
 </details>
@@ -706,6 +710,17 @@ Add the following `web.config` file to the root of the site you created as the r
 
 </details>
 
+### Tailscale
+
+<details>
+
+<summary>click here to expand</summary>
+
+For a reverse proxy example guide for Tailscale, see this guide by @flll: https://github.com/nextcloud/all-in-one/discussions/5439
+
+</details>
+
+
 ### Others
 
 <details>
@@ -720,7 +735,7 @@ Config examples for other reverse proxies are currently not documented. Pull req
 
 After adjusting your reverse proxy config, use the following command to start AIO:<br>
 
-(For a docker-compose example, see the example further [below](#inspiration-for-a-docker-compose-file).)
+(For a `compose.yaml` example, see the example further [below](#inspiration-for-a-docker-compose-file).)
 
 ```
 # For Linux:
@@ -737,9 +752,9 @@ sudo docker run \
 nextcloud/all-in-one:latest
 ```
 
-Note: You may be interested in adjusting Nextcloud’s datadir to store the files in a different location than the default docker volume. See [this documentation](https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir) on how to do it.
+Note: you may be interested in adjusting Nextcloud’s datadir to store the files in a different location than the default docker volume. See [this documentation](https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir) on how to do it.
 
-You should also think about limiting the apache container to listen only on localhost in case the reverse proxy is running on the same host and in the host network, by providing an additional environmental variable to this docker run command. See [point 3](#3-limit-the-access-to-the-apache-container).
+You should also think about limiting the Apache container to listen only on localhost in case the reverse proxy is running on the same host and in the host network, by providing an additional environmental variable to this docker run command. See [point 3](#3-limit-the-access-to-the-apache-container).
 
 On macOS see https://github.com/nextcloud/all-in-one#how-to-run-aio-on-macos.
 
@@ -773,11 +788,12 @@ On Synology DSM see https://github.com/nextcloud/all-in-one#how-to-run-aio-on-sy
 
 Simply translate the docker run command into a docker-compose file. You can have a look at [this file](https://github.com/nextcloud/all-in-one/blob/main/compose.yaml) for some inspiration but you will need to modify it either way. You can find further examples here: https://github.com/nextcloud/all-in-one/discussions/588
 
-## 3. Limit the access to the apache container
+## 3. Limit the access to the Apache container
 
 Use this environment variable during the initial startup of the mastercontainer to make the apache container only listen on localhost: `--env APACHE_IP_BINDING=127.0.0.1`. **Attention:** This is only recommended to be set if you use `localhost` in your reverse proxy config to connect to your AIO instance. If you use an ip-address instead of localhost, you should set it to `0.0.0.0`.
 
-## 4. Open the AIO interface.
+## 4. Open the AIO interface
+
 After starting AIO, you should be able to access the AIO Interface via `https://ip.address.of.the.host:8080`.<br>
 ⚠️ **Important:** do always use an ip-address if you access this port and not a domain as HSTS might block access to it later! (It is also expected that this port uses a self-signed certificate due to security concerns which you need to accept in your browser)<br>
 Enter your domain in the AIO interface that you've used in the reverse proxy config and you should be done. Please do not forget to open/forward port `3478/TCP` and `3478/UDP` in your firewall/router for the Talk container!
@@ -800,17 +816,18 @@ https://<your-nc-domain>:8443 {
 Afterwards should the AIO interface be accessible via `https://ip.address.of.the.host:8443`. You can alternatively change the domain to a different subdomain by using `https://<your-alternative-domain>:443` instead of `https://<your-nc-domain>:8443` in the Caddyfile and use that to access the AIO interface.
 
 ## 6. How to debug things?
+
 If something does not work, follow the steps below:
 1. Make sure to exactly follow the whole reverse proxy documentation step-for-step from top to bottom!
-1. Make sure that you used the docker run command that is described in this reverse proxy documentation. **Hint:** make sure that you have set the `APACHE_PORT` via e.g. `--env APACHE_PORT=11000` during the docker run command!
+1. Make sure that you used the `docker run` command that is described in this reverse proxy documentation. **Hint:** make sure that you have set the `APACHE_PORT` via e.g. `--env APACHE_PORT=11000` during the docker run command!
 1. Make sure to set the `APACHE_IP_BINDING` variable correctly. If in doubt, set it to `--env APACHE_IP_BINDING=0.0.0.0`
 1. Make sure that all ports to which your reverse proxy is pointing match the chosen `APACHE_PORT`.
-1. Make sure to follow [this](#adapting-the-sample-web-server-configurations-below) to adapt the example configurations to your specific setup
+1. Make sure to follow [this](#adapting-the-sample-web-server-configurations-below) to adapt the example configurations to your specific setup!
 1. Make sure that the mastercontainer is able to spawn other containers. You can do so by checking that the mastercontainer indeed has access to the Docker socket which might not be positioned in one of the suggested directories like `/var/run/docker.sock` but in a different directory, based on your OS and the way how you installed Docker. The mastercontainer logs should help figuring this out. You can have a look at them by running `sudo docker logs nextcloud-aio-mastercontainer` after the container is started the first time.
 1. Check if after the mastercontainer was started, the reverse proxy if running inside a container, can reach the provided apache port. You can test this by running `nc -z localhost 11000; echo $?` from inside the reverse proxy container. If the output is `0`, everything works. Alternatively you can of course use instead of `localhost` the ip-address of the host here for the test.
-1. Make sure that you are not behind CGNAT. If that is the case, you will not be able to open ports properly. In that case you might use a Cloudflare Tunnel.
-1. If you use Cloudflare, you might need to skip the domain validation anyways since it is known that Cloudflare might block the validation attempts. In that case, see the last option below.
-1. If your reverse proxy is configured to use the host network (as recommended in the above docs) or running on the host, make sure that you've configured your firewall to open port 443 and 80.
-1. Check if you have a public IPv4- and public IPv6-address. If you only have a public IPv6-address (e.g. due to DS-Lite), make sure to enable IPv6 in Docker and your whole networking infrastructure (e.g. also by adding an AAAA DNS-entry to your domain).
-1. Try to configure everything from scratch if it still does not work by following https://github.com/nextcloud/all-in-one#how-to-properly-reset-the-instance.
+1. Make sure that you are not behind CGNAT. If that is the case, you will not be able to open ports properly. In that case you might use a Cloudflare Tunnel!
+1. If you use Cloudflare, you might need to skip the domain validation anyways since it is known that Cloudflare might block the validation attempts. In that case, see the last option below!
+1. If your reverse proxy is configured to use the host network (as recommended in the above docs) or running on the host, make sure that you've configured your firewall to open port 443 (and 80)!
+1. Check if you have a public IPv4- and public IPv6-address. If you only have a public IPv6-address (e.g. due to DS-Lite), make sure to enable IPv6 in Docker and your whole networking infrastructure (e.g. also by adding an AAAA DNS-entry to your domain)!
+1. Try to configure everything from scratch - if it still does not work by following https://github.com/nextcloud/all-in-one#how-to-properly-reset-the-instance.
 1. As last resort, you may disable the domain validation by adding `--env SKIP_DOMAIN_VALIDATION=true` to the docker run command. But only use this if you are completely sure that you've correctly configured everything!