Updates

2025-11-17 18:51:08 +01:00
parent 14d6f9aa73
commit 7fb0d2212a
318 changed files with 35761 additions and 0 deletions
--- a/nextcloud-aio/Containers/nextcloud/Dockerfile
+++ b/nextcloud-aio/Containers/nextcloud/Dockerfile
@@ -0,0 +1,266 @@
+# syntax=docker/dockerfile:latest
+FROM php:8.3.26-fpm-alpine3.22
+
+ENV PHP_MEMORY_LIMIT=512M
+ENV PHP_UPLOAD_LIMIT=16G
+ENV PHP_MAX_TIME=3600
+ENV SOURCE_LOCATION=/usr/src/nextcloud
+ENV REDIS_DB_INDEX=0
+
+# AIO settings start # Do not remove or change this line!
+ENV NEXTCLOUD_VERSION=31.0.9
+ENV AIO_TOKEN=123456
+ENV AIO_URL=localhost
+# AIO settings end # Do not remove or change this line!
+
+COPY --chmod=775 Containers/nextcloud/*.sh /
+COPY --chmod=774 Containers/nextcloud/upgrade.exclude /upgrade.exclude
+COPY Containers/nextcloud/config/*.php /
+COPY Containers/nextcloud/supervisord.conf /supervisord.conf
+
+# AIO cloning start # Do not remove or change this line!
+COPY app /usr/src/nextcloud/apps/nextcloud-aio
+COPY Containers/nextcloud/root.motd /root.motd
+# AIO cloning end # Do not remove or change this line!
+
+VOLUME /mnt/ncdata
+VOLUME /var/www/html
+
+# Custom: change id of www-data user as it needs to be the same like on old installations
+# hadolint ignore=SC2086,DL3003
+RUN set -ex; \
+    apk upgrade --no-cache -a; \
+    apk add --no-cache shadow; \
+    deluser www-data; \
+    addgroup -g 33 -S www-data; \
+    adduser -u 33 -D -S -G www-data www-data; \
+    \
+# entrypoint.sh and cron.sh dependencies
+    apk add --no-cache \
+        rsync \
+    ; \
+# install the PHP extensions we need
+# see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html
+    apk add --no-cache --virtual .build-deps \
+        $PHPIZE_DEPS \
+        autoconf \
+        freetype-dev \
+        gmp-dev \
+        icu-dev \
+        imagemagick-dev \
+        imagemagick-svg \
+        imagemagick-heic \
+        imagemagick-tiff \
+        libevent-dev \
+        libjpeg-turbo-dev \
+        libmcrypt-dev \
+        libmemcached-dev \
+        libpng-dev \
+        libwebp-dev \
+        libxml2-dev \
+        libzip-dev \
+        openldap-dev \
+        pcre-dev \
+        postgresql-dev \
+    ; \
+    \
+    docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp; \
+    docker-php-ext-configure ftp --with-openssl-dir=/usr; \
+    docker-php-ext-configure ldap; \
+    docker-php-ext-install -j "$(nproc)" \
+        bcmath \
+        exif \
+        gd \
+        gmp \
+        intl \
+        ldap \
+        opcache \
+        pcntl \
+        pdo_pgsql \
+        sysvsem \
+        zip \
+    ; \
+    \
+# pecl will claim success even if one install fails, so we need to perform each install separately
+    pecl install -o igbinary-3.2.16; \
+    pecl install APCu-5.1.27; \
+    pecl install -D 'enable-memcached-igbinary="yes"' memcached-3.3.0; \
+    pecl install -oD 'enable-redis-igbinary="yes" enable-redis-zstd="yes" enable-redis-lz4="yes"' redis-6.2.0; \
+   pecl install -o imagick-3.8.0; \
+    \
+    docker-php-ext-enable \
+        igbinary \
+        apcu \
+        memcached \
+        redis \
+    ; \
+    rm -r /tmp/pear; \
+    \
+    runDeps="$( \
+        scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \
+            | tr ',' '\n' \
+            | sort -u \
+            | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
+    )"; \
+    apk add --no-cache --virtual .nextcloud-phpext-rundeps $runDeps; \
+    apk del .build-deps; \
+    \
+    { \
+        echo 'apc.serializer=igbinary'; \
+        echo 'session.serialize_handler=igbinary'; \
+    } >> /usr/local/etc/php/conf.d/docker-php-ext-igbinary.ini; \
+    \
+# set recommended PHP.ini settings
+# see https://docs.nextcloud.com/server/stable/admin_manual/installation/server_tuning.html#enable-php-opcache and below
+    { \
+        echo 'opcache.max_accelerated_files=10000'; \
+        echo 'opcache.memory_consumption=256'; \
+        echo 'opcache.interned_strings_buffer=64'; \
+        echo 'opcache.save_comments=1'; \
+        echo 'opcache.revalidate_freq=60'; \
+        echo 'opcache.jit=1255'; \
+        echo 'opcache.jit_buffer_size=8M'; \
+    } > /usr/local/etc/php/conf.d/opcache-recommended.ini; \
+    \
+    { \
+        echo 'apc.enable_cli=1'; \
+        echo 'apc.shm_size=64M'; \
+    } >> /usr/local/etc/php/conf.d/docker-php-ext-apcu.ini; \
+    \
+    { \
+        echo 'memory_limit=${PHP_MEMORY_LIMIT}'; \
+        echo 'upload_max_filesize=${PHP_UPLOAD_LIMIT}'; \
+        echo 'post_max_size=${PHP_UPLOAD_LIMIT}'; \
+        echo 'max_execution_time=${PHP_MAX_TIME}'; \
+        echo 'max_input_time=${PHP_MAX_TIME}'; \
+        echo 'default_socket_timeout=${PHP_MAX_TIME}'; \
+    } > /usr/local/etc/php/conf.d/nextcloud.ini; \
+    \
+    { \
+        echo 'session.save_handler = redis'; \
+        echo 'session.save_path = "tcp://${REDIS_HOST}:6379?database=${REDIS_DB_INDEX}${REDIS_USER_AUTH}&auth[]=${REDIS_HOST_PASSWORD}"'; \
+        echo 'redis.session.locking_enabled = 1'; \
+        echo 'redis.session.lock_retries = -1'; \
+        echo 'redis.session.lock_wait_time = 10000'; \
+        echo 'session.gc_maxlifetime = 86400'; \
+    } > /usr/local/etc/php/conf.d/redis-session.ini; \
+    \
+    mkdir -p /var/www/data; \
+    chown -R www-data:root /var/www; \
+    chmod -R g=u /var/www; \
+    \
+# Download Nextcloud archive start # Do not remove or change this line!
+    apk add --no-cache --virtual .fetch-deps \
+        bzip2 \
+        gnupg \
+    ; \
+    \
+    curl -fsSL -o nextcloud.tar.bz2 \
+        "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2"; \
+    curl -fsSL -o nextcloud.tar.bz2.asc \
+        "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2.asc"; \
+    export GNUPGHOME="$(mktemp -d)"; \
+# gpg key from https://nextcloud.com/nextcloud.asc
+    gpg --batch --keyserver keyserver.ubuntu.com  --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \
+    gpg --batch --verify nextcloud.tar.bz2.asc nextcloud.tar.bz2; \
+    tar -xjf nextcloud.tar.bz2 -C /usr/src/; \
+    gpgconf --kill all; \
+    rm nextcloud.tar.bz2.asc nextcloud.tar.bz2; \
+    mkdir -p /usr/src/nextcloud/data; \
+    mkdir -p /usr/src/nextcloud/custom_apps; \
+    chmod +x /usr/src/nextcloud/occ; \
+    mkdir -p /usr/src/nextcloud/config; \
+    apk del .fetch-deps; \
+# Download Nextcloud archive end # Do not remove or change this line!
+    mv /*.php /usr/src/nextcloud/config/; \
+    \
+# Template from https://github.com/nextcloud/docker/blob/master/.examples/dockerfiles/full/fpm-alpine/Dockerfile
+    apk add --no-cache \
+        ffmpeg \
+        procps \
+        samba-client \
+        supervisor \
+#       libreoffice \
+    ; \
+    \
+    apk add --no-cache --virtual .build-deps \
+        $PHPIZE_DEPS \
+        imap-dev \
+        krb5-dev \
+        openssl-dev \
+        samba-dev \
+        bzip2-dev \
+        libpq-dev \
+    ; \
+    \
+    docker-php-ext-configure imap --with-kerberos --with-imap-ssl; \
+    docker-php-ext-install \
+        bz2 \
+        imap \
+        pgsql \
+        ftp \
+    ; \
+    pecl install smbclient; \
+    docker-php-ext-enable smbclient; \
+    \
+    runDeps="$( \
+        scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \
+            | tr ',' '\n' \
+            | sort -u \
+            | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
+    )"; \
+    apk add --no-cache --virtual .nextcloud-phpext-rundeps $runDeps; \
+    apk del .build-deps; \
+    \
+    mkdir -p \
+    /var/log/supervisord \
+    /var/run/supervisord \
+    ; \
+    chmod 777 -R /var/log/supervisord; \
+    chmod 777 -R /var/run/supervisord; \
+    \
+    apk add --no-cache \
+        bash \
+        netcat-openbsd \
+        openssl \
+        gnupg \
+        git \
+        postgresql-client \
+        tzdata \
+        sudo \
+        grep \
+        nodejs \
+        libreoffice \
+        bind-tools \
+        imagemagick \
+        imagemagick-svg \
+        imagemagick-heic \
+        imagemagick-tiff \
+        coreutils; \
+    \
+    grep -q '^pm = dynamic' /usr/local/etc/php-fpm.d/www.conf; \
+    sed -i 's/^pm = dynamic/pm = ondemand/' /usr/local/etc/php-fpm.d/www.conf; \
+# Sync this with max db connections and MaxRequestWorkers
+# We don't actually expect so many children but don't want to limit it artificially because people will report issues otherwise.
+# Also children will usually be terminated again after the process is done due to the ondemand setting
+    sed -i 's/^pm.max_children =.*/pm.max_children = 5000/' /usr/local/etc/php-fpm.d/www.conf; \
+    sed -i 's|access.log = /proc/self/fd/2|access.log = /proc/self/fd/1|' /usr/local/etc/php-fpm.d/docker.conf; \
+    \
+    echo "[ -n \"\$TERM\" ] && [ -f /root.motd ] && cat /root.motd" >> /root/.bashrc; \
+    \
+    chown www-data:root -R /usr/src && \
+    chmod 777 -R /usr/local/etc/php/conf.d && \
+    chmod 777 -R /usr/local/etc/php-fpm.d && \
+    chmod -R 777 /tmp; \
+    \
+    mkdir -p /nc-updater; \
+    chmod -R 777 /nc-updater
+
+# hadolint ignore=DL3002
+USER root
+ENTRYPOINT ["/start.sh"]
+CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]
+
+HEALTHCHECK CMD /healthcheck.sh
+LABEL com.centurylinklabs.watchtower.enable="false" \
+    org.label-schema.vendor="Nextcloud"
--- a/nextcloud-aio/Containers/nextcloud/config/aio.config.php
+++ b/nextcloud-aio/Containers/nextcloud/config/aio.config.php
@@ -0,0 +1,5 @@
+<?php
+$CONFIG = array (
+  'one-click-instance' => true,
+  'one-click-instance.user-limit' => 100,
+);
--- a/nextcloud-aio/Containers/nextcloud/config/apcu.config.php
+++ b/nextcloud-aio/Containers/nextcloud/config/apcu.config.php
@@ -0,0 +1,4 @@
+<?php
+$CONFIG = array (
+  'memcache.local' => '\OC\Memcache\APCu',
+);
--- a/nextcloud-aio/Containers/nextcloud/config/apps.config.php
+++ b/nextcloud-aio/Containers/nextcloud/config/apps.config.php
@@ -0,0 +1,21 @@
+<?php
+$CONFIG = array (
+  'apps_paths' => array (
+      0 => array (
+              'path'     => '/var/www/html/apps',
+              'url'      => '/apps',
+              'writable' => false,
+      ),
+      1 => array (
+              'path'     => '/var/www/html/custom_apps',
+              'url'      => '/custom_apps',
+              'writable' => true,
+      ),
+  ),
+);
+if (getenv('APPS_ALLOWLIST')) {
+    $CONFIG['appsallowlist'] = explode(" ", getenv('APPS_ALLOWLIST'));
+}
+if (getenv('NEXTCLOUD_APP_STORE_URL')) {
+    $CONFIG['appstoreurl'] = getenv('NEXTCLOUD_APP_STORE_URL');
+}
--- a/nextcloud-aio/Containers/nextcloud/config/postgres.config.php
+++ b/nextcloud-aio/Containers/nextcloud/config/postgres.config.php
@@ -0,0 +1,9 @@
+<?php
+if (getenv('NEXTCLOUD_TRUSTED_CERTIFICATES_POSTGRES')) {
+  $CONFIG = array(
+    'pgsql_ssl' => array(
+      'mode' => 'verify-ca',
+      'rootcert' => '/var/www/html/data/certificates/POSTGRES',
+    ),
+  );
+}
--- a/nextcloud-aio/Containers/nextcloud/config/proxy.config.php
+++ b/nextcloud-aio/Containers/nextcloud/config/proxy.config.php
@@ -0,0 +1,13 @@
+<?php
+if (getenv('HTTP_PROXY')) {
+    $CONFIG['proxy'] = getenv('HTTP_PROXY');
+}
+if (getenv('HTTPS_PROXY')) {
+    $CONFIG['proxy'] = getenv('HTTPS_PROXY');
+}
+if (getenv('PROXY_USER_PASSWORD')) {
+    $CONFIG['proxyuserpwd'] = getenv('PROXY_USER_PASSWORD');
+}
+if (getenv('NO_PROXY')) {
+    $CONFIG['proxyexclude'] = explode(',', getenv('NO_PROXY'));
+}
--- a/nextcloud-aio/Containers/nextcloud/config/redis.config.php
+++ b/nextcloud-aio/Containers/nextcloud/config/redis.config.php
@@ -0,0 +1,25 @@
+<?php
+if (getenv('REDIS_HOST')) {
+  $CONFIG = array(
+    'memcache.distributed' => '\OC\Memcache\Redis',
+    'memcache.locking' => '\OC\Memcache\Redis',
+    'redis' => array(
+      'host' => getenv('REDIS_HOST'),
+      'password' => (string) getenv('REDIS_HOST_PASSWORD'),
+    ),
+  );
+
+  if (getenv('REDIS_HOST_PORT')) {
+    $CONFIG['redis']['port'] = (int) getenv('REDIS_HOST_PORT');
+  } elseif (getenv('REDIS_HOST')[0] != '/') {
+    $CONFIG['redis']['port'] = 6379;
+  }
+
+  if (getenv('REDIS_DB_INDEX')) {
+    $CONFIG['redis']['dbindex'] = (int) getenv('REDIS_DB_INDEX');
+  }
+
+  if (getenv('REDIS_USER_AUTH') !== false) {
+    $CONFIG['redis']['user'] = str_replace("&auth[]=", "", getenv('REDIS_USER_AUTH'));
+  }
+}
--- a/nextcloud-aio/Containers/nextcloud/config/reverse-proxy.config.php
+++ b/nextcloud-aio/Containers/nextcloud/config/reverse-proxy.config.php
@@ -0,0 +1,20 @@
+<?php
+$overwriteHost = getenv('OVERWRITEHOST');
+if ($overwriteHost) {
+  $CONFIG['overwritehost'] = $overwriteHost;
+}
+
+$overwriteProtocol = getenv('OVERWRITEPROTOCOL');
+if ($overwriteProtocol) {
+  $CONFIG['overwriteprotocol'] = $overwriteProtocol;
+}
+
+$overwriteWebRoot = getenv('OVERWRITEWEBROOT');
+if ($overwriteWebRoot) {
+  $CONFIG['overwritewebroot'] = $overwriteWebRoot;
+}
+
+$overwriteCondAddr = getenv('OVERWRITECONDADDR');
+if ($overwriteCondAddr) {
+  $CONFIG['overwritecondaddr'] = $overwriteCondAddr;
+}
--- a/nextcloud-aio/Containers/nextcloud/config/s3.config.php
+++ b/nextcloud-aio/Containers/nextcloud/config/s3.config.php
@@ -0,0 +1,34 @@
+<?php
+if (getenv('OBJECTSTORE_S3_BUCKET')) {
+  $use_ssl = getenv('OBJECTSTORE_S3_SSL');
+  $use_path = getenv('OBJECTSTORE_S3_USEPATH_STYLE');
+  $use_legacyauth = getenv('OBJECTSTORE_S3_LEGACYAUTH');
+  $autocreate = getenv('OBJECTSTORE_S3_AUTOCREATE');
+  $multibucket = getenv('OBJECTSTORE_S3_MULTIBUCKET');
+  $CONFIG = array(
+    $multibucket === 'true' ? 'objectstore_multibucket' : 'objectstore' => array(
+      'class' => '\OC\Files\ObjectStore\S3',
+      'arguments' => array(
+        'bucket' => getenv('OBJECTSTORE_S3_BUCKET'),
+        'key' => getenv('OBJECTSTORE_S3_KEY') ?: '',
+        'secret' => getenv('OBJECTSTORE_S3_SECRET') ?: '',
+        'region' => getenv('OBJECTSTORE_S3_REGION') ?: '',
+        'hostname' => getenv('OBJECTSTORE_S3_HOST') ?: '',
+        'port' => getenv('OBJECTSTORE_S3_PORT') ?: '',
+        'storageClass' => getenv('OBJECTSTORE_S3_STORAGE_CLASS') ?: '',
+        'objectPrefix' => getenv("OBJECTSTORE_S3_OBJECT_PREFIX") ? getenv("OBJECTSTORE_S3_OBJECT_PREFIX") : "urn:oid:",
+        'autocreate' => strtolower($autocreate) !== 'false',
+        'use_ssl' => strtolower($use_ssl) !== 'false',
+        // required for some non Amazon S3 implementations
+        'use_path_style' => strtolower($use_path) === 'true',
+        // required for older protocol versions
+        'legacy_auth' => strtolower($use_legacyauth) === 'true'
+      )
+    )
+  );
+
+  $sse_c_key = getenv('OBJECTSTORE_S3_SSE_C_KEY');
+  if ($sse_c_key) {
+    $CONFIG['objectstore']['arguments']['sse_c_key'] = $sse_c_key;
+  }
+}
--- a/nextcloud-aio/Containers/nextcloud/config/smtp.config.php
+++ b/nextcloud-aio/Containers/nextcloud/config/smtp.config.php
@@ -0,0 +1,20 @@
+<?php
+if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) {
+  $CONFIG = array (
+    'mail_smtpmode' => 'smtp',
+    'mail_smtphost' => getenv('SMTP_HOST'),
+    'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
+    'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
+    'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'),
+    'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
+    'mail_smtpname' => getenv('SMTP_NAME') ?: '',
+    'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
+    'mail_domain' => getenv('MAIL_DOMAIN'),
+  );
+
+  if (getenv('SMTP_PASSWORD')) {
+      $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD');
+  } else {
+      $CONFIG['mail_smtppassword'] = '';
+  }
+}
--- a/nextcloud-aio/Containers/nextcloud/config/swift.config.php
+++ b/nextcloud-aio/Containers/nextcloud/config/swift.config.php
@@ -0,0 +1,31 @@
+<?php
+if (getenv('OBJECTSTORE_SWIFT_URL')) {
+    $autocreate = getenv('OBJECTSTORE_SWIFT_AUTOCREATE');
+  $CONFIG = array(
+    'objectstore' => [
+      'class' => 'OC\\Files\\ObjectStore\\Swift',
+      'arguments' => [
+        'autocreate' => $autocreate == true && strtolower($autocreate) !== 'false',
+        'user' => [
+          'name' => getenv('OBJECTSTORE_SWIFT_USER_NAME'),
+          'password' => getenv('OBJECTSTORE_SWIFT_USER_PASSWORD'),
+          'domain' => [
+            'name' => (getenv('OBJECTSTORE_SWIFT_USER_DOMAIN')) ?: 'Default',
+          ],
+        ],
+        'scope' => [
+          'project' => [
+            'name' => getenv('OBJECTSTORE_SWIFT_PROJECT_NAME'),
+            'domain' => [
+              'name' => (getenv('OBJECTSTORE_SWIFT_PROJECT_DOMAIN')) ?: 'Default',
+            ],
+          ],
+        ],
+        'serviceName' => (getenv('OBJECTSTORE_SWIFT_SERVICE_NAME')) ?: 'swift',
+        'region' => getenv('OBJECTSTORE_SWIFT_REGION'),
+        'url' => getenv('OBJECTSTORE_SWIFT_URL'),
+        'bucket' => getenv('OBJECTSTORE_SWIFT_CONTAINER_NAME'),
+      ]
+    ]
+  );
+}
--- a/nextcloud-aio/Containers/nextcloud/cron.sh
+++ b/nextcloud-aio/Containers/nextcloud/cron.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+wait_for_cron() {
+    set -x
+    while [ -n "$(pgrep -f /var/www/html/cron.php)" ]; do
+        echo "Waiting for cron to stop..."
+        sleep 5
+    done
+    echo "Cronjob successfully exited."
+    exit
+}
+
+trap wait_for_cron SIGINT SIGTERM
+
+while true; do
+    php -f /var/www/html/cron.php &
+    sleep 5m &
+    wait $!
+done
--- a/nextcloud-aio/Containers/nextcloud/entrypoint.sh
+++ b/nextcloud-aio/Containers/nextcloud/entrypoint.sh
@@ -0,0 +1,952 @@
+#!/bin/bash
+
+# version_greater A B returns whether A > B
+version_greater() {
+    [ "$(printf '%s\n' "$@" | sort -t '.' -n -k1,1 -k2,2 -k3,3 -k4,4 | head -n 1)" != "$1" ]
+}
+
+# return true if specified directory is empty
+directory_empty() {
+    [ -z "$(ls -A "$1/")" ]
+}
+
+run_upgrade_if_needed_due_to_app_update() {
+    if php /var/www/html/occ status | grep maintenance | grep -q true; then
+        php /var/www/html/occ maintenance:mode --off
+    fi
+    if php /var/www/html/occ status | grep needsDbUpgrade | grep -q true; then
+        php /var/www/html/occ upgrade
+        php /var/www/html/occ app:enable nextcloud-aio --force
+    fi
+}
+
+# Adjust DATABASE_TYPE to by Nextcloud supported value
+if [ "$DATABASE_TYPE" = postgres ]; then
+    export DATABASE_TYPE=pgsql
+fi
+
+# Only start container if redis is accessible
+# shellcheck disable=SC2153
+while ! nc -z "$REDIS_HOST" "6379"; do
+    echo "Waiting for redis to start..."
+    sleep 5
+done
+
+# Check permissions in ncdata
+touch "$NEXTCLOUD_DATA_DIR/this-is-a-test-file"
+if ! [ -f "$NEXTCLOUD_DATA_DIR/this-is-a-test-file" ]; then
+    echo "The www-data user doesn't seem to have access rights in the datadir.
+Most likely are the files located on a drive that does not follow linux permissions.
+Please adjust the permissions like mentioned below.
+The found permissions are:
+$(stat -c "%u:%g %a" "$NEXTCLOUD_DATA_DIR")
+(userID:groupID permissions)
+but they should be:
+33:0 750
+(userID:groupID permissions)
+Also make sure that the parent directories on the host of the directory that you've chosen as datadir are publicly readable with e.g. 'sudo chmod +r /mnt' (adjust the command accordingly to your case) and the same for all subdirectories.
+Additionally, if you want to use a Fuse-mount as datadir, set 'allow_other' as additional mount option.
+For SMB/CIFS mounts as datadir, see https://github.com/nextcloud/all-in-one#can-i-use-a-cifssmb-share-as-nextclouds-datadir"
+    exit 1
+fi
+rm "$NEXTCLOUD_DATA_DIR/this-is-a-test-file"
+
+if [ -f /var/www/html/version.php ]; then
+    # shellcheck disable=SC2016
+    installed_version="$(php -r 'require "/var/www/html/version.php"; echo implode(".", $OC_Version);')"
+else
+    installed_version="0.0.0.0"
+fi
+if [ -f "$SOURCE_LOCATION/version.php" ]; then
+    # shellcheck disable=SC2016
+    image_version="$(php -r "require '$SOURCE_LOCATION/version.php'; echo implode('.', \$OC_Version);")"
+else
+    image_version="$installed_version"
+fi
+
+# unset admin password
+if [ "$installed_version" != "0.0.0.0" ]; then
+    unset ADMIN_PASSWORD
+fi
+
+# Don't start the container if Nextcloud is not compatible with the PHP version
+if [ -f "/var/www/html/lib/versioncheck.php" ] && ! php /var/www/html/lib/versioncheck.php; then
+    echo "It seems like your installed Nextcloud is not compatible with the by the container provided PHP version."
+    echo "This most likely happened because you tried to restore an old Nextcloud version from backup that is not compatible with the PHP version that comes with the container."
+    echo "Please try to restore a more recent backup which contains a Nextcloud version that is compatible with the PHP version that comes with the container."
+    echo "If you do not have a more recent backup, feel free to have a look at this documentation: https://github.com/nextcloud/all-in-one/blob/main/manual-upgrade.md"
+    exit 1
+fi
+
+# Do not start the container if the last update failed
+if [ -f "$NEXTCLOUD_DATA_DIR/update.failed" ]; then
+    echo "The last Nextcloud update failed."
+    echo "Please restore from backup and try again!"
+    echo "If you do not have a backup in place, you can simply delete the update.failed file in the datadir which will allow the container to start again."
+    exit 1
+fi
+
+# Do not start the container if the install failed
+if [ -f "$NEXTCLOUD_DATA_DIR/install.failed" ]; then
+    echo "The initial Nextcloud installation failed."
+    echo "Please reset AIO properly and try again. For further clues what went wrong, check the logs above."
+    echo "See https://github.com/nextcloud/all-in-one#how-to-properly-reset-the-instance"
+    exit 1
+fi
+
+# Skip any update if Nextcloud was just restored
+if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then
+    if version_greater "$image_version" "$installed_version"; then
+        # Check if it skips a major version
+        INSTALLED_MAJOR="${installed_version%%.*}"
+        IMAGE_MAJOR="${image_version%%.*}"
+        
+        if [ "$installed_version" != "0.0.0.0" ]; then
+            # Write output to logfile.
+            exec > >(tee -i "/var/www/html/data/update.log")
+            exec 2>&1
+        fi
+
+        if [ "$installed_version" != "0.0.0.0" ] && [ "$((IMAGE_MAJOR - INSTALLED_MAJOR))" -gt 1 ]; then
+# Do not skip major versions placeholder # Do not remove or change this line!
+# Do not skip major versions start # Do not remove or change this line!
+            set -ex
+            NEXT_MAJOR="$((INSTALLED_MAJOR + 1))"
+            curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/latest-${NEXT_MAJOR}.tar.bz2"
+            curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/latest-${NEXT_MAJOR}.tar.bz2.asc"
+            GNUPGHOME="$(mktemp -d)"
+            export GNUPGHOME
+            # gpg key from https://nextcloud.com/nextcloud.asc
+            gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A
+            gpg --batch --verify nextcloud.tar.bz2.asc nextcloud.tar.bz2
+            mkdir -p /usr/src/tmp
+            tar -xjf nextcloud.tar.bz2 -C /usr/src/tmp/
+            gpgconf --kill all
+            rm nextcloud.tar.bz2.asc nextcloud.tar.bz2
+            mkdir -p /usr/src/tmp/nextcloud/data
+            mkdir -p /usr/src/tmp/nextcloud/custom_apps
+            chmod +x /usr/src/tmp/nextcloud/occ
+            cp -r "$SOURCE_LOCATION"/config/* /usr/src/tmp/nextcloud/config/
+            mkdir -p /usr/src/tmp/nextcloud/apps/nextcloud-aio
+            cp -r "$SOURCE_LOCATION"/apps/nextcloud-aio/* /usr/src/tmp/nextcloud/apps/nextcloud-aio/
+            mv "$SOURCE_LOCATION" /usr/src/temp-nextcloud
+            mv /usr/src/tmp/nextcloud "$SOURCE_LOCATION"
+            rm -r /usr/src/tmp
+            rm -r /usr/src/temp-nextcloud
+            # shellcheck disable=SC2016
+            image_version="$(php -r "require '$SOURCE_LOCATION/version.php'; echo implode('.', \$OC_Version);")"
+            IMAGE_MAJOR="${image_version%%.*}"
+            set +ex
+# Do not skip major versions end # Do not remove or change this line!
+        fi
+
+        if [ "$installed_version" != "0.0.0.0" ]; then
+# Check connection to appstore start # Do not remove or change this line!
+            while true; do
+                echo -e "Checking connection to appstore"
+                APPSTORE_URL="https://apps.nextcloud.com/api/v1"
+                if grep -q appstoreurl /var/www/html/config/config.php; then
+                    set -x
+                    APPSTORE_URL="$(grep appstoreurl /var/www/html/config/config.php | grep -oP 'https://.*v[0-9]+')"
+                    set +x
+                fi
+                # Default appstoreurl parameter in config.php defaults to 'https://apps.nextcloud.com/api/v1' so we check for the apps.json file stored in there
+                CURL_STATUS="$(curl -LI "$APPSTORE_URL"/apps.json -o /dev/null -w '%{http_code}\n' -s)"
+                if [[ "$CURL_STATUS" = "200" ]]
+                then
+                    echo "Appstore is reachable"
+                    break
+                else
+                    echo "Curl didn't produce a 200 status, is appstore reachable?"
+                    sleep 5
+                fi
+            done
+# Check connection to appstore end # Do not remove or change this line!
+
+            run_upgrade_if_needed_due_to_app_update
+
+            php /var/www/html/occ maintenance:mode --off
+
+            echo "Getting and backing up the status of apps for later, this might take a while..."
+            NC_APPS="$(find /var/www/html/custom_apps/ -type d -maxdepth 1 -mindepth 1 | sed 's|/var/www/html/custom_apps/||g')"
+            if [ -z "$NC_APPS" ]; then
+                echo "No apps detected, aborting export of app status..."
+                APPSTORAGE="no-export-done"
+            else
+                mapfile -t NC_APPS_ARRAY <<< "$NC_APPS"
+                declare -Ag APPSTORAGE
+                echo "Disabling apps before the update in order to make the update procedure more safe. This can take a while..."
+                for app in "${NC_APPS_ARRAY[@]}"; do
+                    if APPSTORAGE[$app]="$(php /var/www/html/occ config:app:get "$app" enabled)"; then
+                        php /var/www/html/occ app:disable "$app"
+                    else
+                        APPSTORAGE[$app]=""
+                        echo "Not disabling $app because the occ command to get the enabled state was failing."
+                    fi
+                done
+            fi
+
+            if [ "$((IMAGE_MAJOR - INSTALLED_MAJOR))" -eq 1 ]; then
+                php /var/www/html/occ config:system:delete app_install_overwrite
+            fi
+
+            php /var/www/html/occ app:update --all
+
+            run_upgrade_if_needed_due_to_app_update
+        fi
+
+        echo "Initializing nextcloud $image_version ..."
+        rsync -rlD --delete --exclude-from=/upgrade.exclude "$SOURCE_LOCATION/" /var/www/html/
+
+        # Copy custom_apps from Nextcloud archive
+        if ! directory_empty "$SOURCE_LOCATION/custom_apps"; then
+            set -x
+            for app in "$SOURCE_LOCATION/custom_apps"/*; do
+                app_id="$(basename "$app")"
+                mkdir -p "/var/www/html/custom_apps/$app_id"
+                rsync -rlD --delete --include "/$app_id/" --exclude '/*' "$SOURCE_LOCATION/custom_apps/" /var/www/html/custom_apps/
+            done
+            set +x
+        fi
+
+        # Copy over initial data from Nextcloud archive
+        for dir in config data custom_apps themes; do
+            if [ ! -d "/var/www/html/$dir" ] || directory_empty "/var/www/html/$dir"; then
+                rsync -rlD --include "/$dir/" --exclude '/*' "$SOURCE_LOCATION/" /var/www/html/
+            fi
+        done
+        rsync -rlD --delete --include '/config/' --exclude '/*' --exclude '/config/CAN_INSTALL' --exclude '/config/config.sample.php' --exclude '/config/config.php' "$SOURCE_LOCATION/" /var/www/html/
+        rsync -rlD --include '/version.php' --exclude '/*' "$SOURCE_LOCATION/" /var/www/html/
+        echo "Initializing finished"
+
+        #install
+        if [ "$installed_version" = "0.0.0.0" ]; then
+            echo "New Nextcloud instance."
+
+            # Write output to logfile.
+            mkdir -p /var/www/html/data
+            exec > >(tee -i "/var/www/html/data/install.log")
+            exec 2>&1
+
+            INSTALL_OPTIONS=(-n --admin-user "$ADMIN_USER" --admin-pass "$ADMIN_PASSWORD")
+            if [ -n "${NEXTCLOUD_DATA_DIR}" ]; then
+                INSTALL_OPTIONS+=(--data-dir "$NEXTCLOUD_DATA_DIR")
+            fi
+
+            # We do our own permission check so the permission check is not needed
+            cat << DATADIR_PERMISSION_CONF > /var/www/html/config/datadir.permission.config.php
+<?php
+    \$CONFIG = array (
+    'check_data_directory_permissions' => false
+);
+DATADIR_PERMISSION_CONF
+
+            # Write out postgres root cert
+            if [ -n "$NEXTCLOUD_TRUSTED_CERTIFICATES_POSTGRES" ]; then
+                mkdir /var/www/html/data/certificates
+                echo "$NEXTCLOUD_TRUSTED_CERTIFICATES_POSTGRES" > "/var/www/html/data/certificates/POSTGRES"
+            fi
+
+            echo "Installing with $DATABASE_TYPE database"
+            # Set a default value for POSTGRES_PORT
+            if [ -z "$POSTGRES_PORT" ]; then
+              POSTGRES_PORT=5432
+            fi
+            # shellcheck disable=SC2153
+            INSTALL_OPTIONS+=(--database "$DATABASE_TYPE" --database-name "$POSTGRES_DB" --database-user "$POSTGRES_USER" --database-pass "$POSTGRES_PASSWORD" --database-host "$POSTGRES_HOST" --database-port "$POSTGRES_PORT")
+
+            echo "Starting Nextcloud installation..."
+            if ! php /var/www/html/occ maintenance:install "${INSTALL_OPTIONS[@]}"; then
+                echo "Installation of Nextcloud failed!"
+                touch "$NEXTCLOUD_DATA_DIR/install.failed"
+                exit 1
+            fi
+
+            # Try to force generation of appdata dir:
+            php /var/www/html/occ maintenance:repair
+
+            if [ -z "$OBJECTSTORE_S3_BUCKET" ] && [ -z "$OBJECTSTORE_SWIFT_URL" ]; then
+                max_retries=10
+                try=0
+                while [ -z "$(find "$NEXTCLOUD_DATA_DIR/" -maxdepth 1 -mindepth 1 -type d -name "appdata_*")" ] && [ "$try" -lt "$max_retries" ]; do
+                    echo "Waiting for appdata to become available..."
+                    try=$((try+1))
+                    sleep 10s
+                done
+
+                if [ "$try" -ge "$max_retries" ]; then
+                    echo "Installation of Nextcloud failed!"
+                    echo "Install errors: $(cat /var/www/html/data/nextcloud.log)"
+                    touch "$NEXTCLOUD_DATA_DIR/install.failed"
+                    exit 1
+                fi
+            fi
+
+            # This autoconfig is not needed anymore and should be able to be overwritten by the user
+            rm /var/www/html/config/datadir.permission.config.php
+
+            # unset admin password
+            unset ADMIN_PASSWORD
+
+            # Enable the updatenotification app but disable its UI and server update notifications
+            php /var/www/html/occ config:system:set updatechecker --type=bool --value=false
+            php /var/www/html/occ config:app:set updatenotification notify_groups --value="[]"
+
+# AIO update to latest start # Do not remove or change this line!
+            if [ "$INSTALL_LATEST_MAJOR" = yes ]; then
+                php /var/www/html/occ config:system:set updatedirectory --value="/nc-updater"
+                INSTALLED_AT="$(php /var/www/html/occ config:app:get core installedat)"
+                if [ -n "${INSTALLED_AT}" ]; then
+                    # Set the installdat to 00 which will allow to skip staging and install the next major directly
+                    # shellcheck disable=SC2001
+                    INSTALLED_AT="$(echo "${INSTALLED_AT}" | sed "s|[0-9][0-9]$|00|")"
+                    php /var/www/html/occ config:app:set core installedat --value="${INSTALLED_AT}" 
+                fi
+                php /var/www/html/updater/updater.phar --no-interaction --no-backup
+                if ! php /var/www/html/occ -V || php /var/www/html/occ status | grep maintenance | grep -q 'true'; then
+                    echo "Installation of Nextcloud failed!"
+                    touch "$NEXTCLOUD_DATA_DIR/install.failed"
+                    exit 1
+                fi
+                # shellcheck disable=SC2016
+                installed_version="$(php -r 'require "/var/www/html/version.php"; echo implode(".", $OC_Version);')"
+                INSTALLED_MAJOR="${installed_version%%.*}"
+                IMAGE_MAJOR="${image_version%%.*}"
+                if ! [ "$INSTALLED_MAJOR" -gt "$IMAGE_MAJOR" ]; then
+                    php /var/www/html/updater/updater.phar --no-interaction --no-backup
+                    if ! php /var/www/html/occ -V || php /var/www/html/occ status | grep maintenance | grep -q 'true'; then
+                        echo "Installation of Nextcloud failed!"
+                        touch "$NEXTCLOUD_DATA_DIR/install.failed"
+                        exit 1
+                    fi
+                    # shellcheck disable=SC2016
+                    installed_version="$(php -r 'require "/var/www/html/version.php"; echo implode(".", $OC_Version);')"
+                fi
+                php /var/www/html/occ config:system:set updatechecker --type=bool --value=true
+                php /var/www/html/occ app:enable nextcloud-aio --force
+                php /var/www/html/occ db:add-missing-columns
+                php /var/www/html/occ db:add-missing-primary-keys
+                yes | php /var/www/html/occ db:convert-filecache-bigint
+            fi
+# AIO update to latest end # Do not remove or change this line!
+
+            # Apply log settings
+            echo "Applying default settings..."
+            mkdir -p /var/www/html/data
+            php /var/www/html/occ config:system:set loglevel --value="2" --type=integer
+            php /var/www/html/occ config:system:set log_type --value="file"
+            php /var/www/html/occ config:system:set logfile --value="/var/www/html/data/nextcloud.log"
+            php /var/www/html/occ config:system:set log_rotate_size --value="10485760" --type=integer
+            php /var/www/html/occ app:enable admin_audit
+            php /var/www/html/occ config:app:set admin_audit logfile --value="/var/www/html/data/audit.log"
+            php /var/www/html/occ config:system:set log.condition apps 0 --value="admin_audit"
+
+            # Apply preview settings
+            echo "Applying preview settings..."
+            php /var/www/html/occ config:system:set preview_max_x --value="2048" --type=integer
+            php /var/www/html/occ config:system:set preview_max_y --value="2048" --type=integer
+            php /var/www/html/occ config:system:set jpeg_quality --value="60" --type=integer
+            php /var/www/html/occ config:app:set preview jpeg_quality --value="60"
+            php /var/www/html/occ config:system:delete enabledPreviewProviders
+            php /var/www/html/occ config:system:set enabledPreviewProviders 1 --value="OC\\Preview\\Image"
+            php /var/www/html/occ config:system:set enabledPreviewProviders 2 --value="OC\\Preview\\MarkDown"
+            php /var/www/html/occ config:system:set enabledPreviewProviders 3 --value="OC\\Preview\\MP3"
+            php /var/www/html/occ config:system:set enabledPreviewProviders 4 --value="OC\\Preview\\TXT"
+            php /var/www/html/occ config:system:set enabledPreviewProviders 5 --value="OC\\Preview\\OpenDocument"
+            php /var/www/html/occ config:system:set enabledPreviewProviders 6 --value="OC\\Preview\\Movie"
+            php /var/www/html/occ config:system:set enabledPreviewProviders 7 --value="OC\\Preview\\Krita"
+            php /var/www/html/occ config:system:set enable_previews --value=true --type=boolean
+
+            # Apply other settings
+            echo "Applying other settings..."
+            # Add missing indices after new installation because they seem to be missing on new installation
+            php /var/www/html/occ db:add-missing-indices
+            php /var/www/html/occ config:system:set upgrade.disable-web --type=bool --value=true
+            php /var/www/html/occ config:system:set mail_smtpmode --value="smtp"
+            php /var/www/html/occ config:system:set trashbin_retention_obligation --value="auto, 30"
+            php /var/www/html/occ config:system:set versions_retention_obligation --value="auto, 30"
+            php /var/www/html/occ config:system:set activity_expire_days --value="30" --type=integer
+            php /var/www/html/occ config:system:set simpleSignUpLink.shown --type=bool --value=false
+            php /var/www/html/occ config:system:set share_folder --value="/Shared"
+
+            # Install some apps by default
+            if [ -n "$STARTUP_APPS" ]; then
+                read -ra STARTUP_APPS_ARRAY <<< "$STARTUP_APPS"
+                for app in "${STARTUP_APPS_ARRAY[@]}"; do
+                    if ! echo "$app" | grep -q '^-'; then 
+                        if [ -z "$(find /var/www/html/apps /var/www/html/custom_apps -type d -maxdepth 1 -mindepth 1 -name "$app" )" ]; then
+                            # If not shipped, install and enable the app
+                            php /var/www/html/occ app:install "$app"
+                        else
+                            # If shipped, enable the app
+                            php /var/www/html/occ app:enable "$app"
+                        fi
+                    else
+                        app="${app#-}"
+                        # Disable the app if '-' was provided in front of the appid
+                        php /var/www/html/occ app:disable "$app"
+                    fi
+                done
+            fi
+
+        #upgrade
+        else
+            touch "$NEXTCLOUD_DATA_DIR/update.failed"
+            echo "Upgrading nextcloud from $installed_version to $image_version..."
+            php /var/www/html/occ config:system:delete integrity.check.disabled
+            if ! php /var/www/html/occ upgrade || ! php /var/www/html/occ -V; then
+                echo "Upgrade failed. Please restore from backup."
+                bash /notify.sh "Nextcloud update to $image_version failed!" "Please restore from backup!"
+                exit 1
+            fi
+
+            # shellcheck disable=SC2016
+            installed_version="$(php -r 'require "/var/www/html/version.php"; echo implode(".", $OC_Version);')"
+
+            rm "$NEXTCLOUD_DATA_DIR/update.failed"
+            bash /notify.sh "Nextcloud update to $image_version successful!" "Feel free to inspect the Nextcloud container logs for more info."
+
+            php /var/www/html/occ app:update --all
+
+            run_upgrade_if_needed_due_to_app_update
+
+            # Restore app status
+            if [ "${APPSTORAGE[0]}" != "no-export-done" ]; then
+                echo "Restoring the status of apps. This can take a while..."
+                for app in "${!APPSTORAGE[@]}"; do
+                    if [ -n "${APPSTORAGE[$app]}" ]; then
+                        if [ "${APPSTORAGE[$app]}" != "no" ]; then
+                            echo "Enabling $app..."
+                            if ! php /var/www/html/occ app:enable "$app" >/dev/null; then
+                                php /var/www/html/occ app:disable "$app" >/dev/null
+                                if ! php /var/www/html/occ -V &>/dev/null; then
+                                    rm -r "/var/www/html/custom_apps/$app"
+                                    php /var/www/html/occ maintenance:mode --off
+                                fi
+                                run_upgrade_if_needed_due_to_app_update
+                                echo "The $app app could not get enabled. Probably because it is not compatible with the new Nextcloud version."
+                                if [ "$app" = apporder ]; then
+                                    CUSTOM_HINT="The apporder app was deprecated. A possible replacement is the side_menu app, aka 'Custom menu'."
+                                else
+                                    CUSTOM_HINT="Most likely because it is not compatible with the new Nextcloud version."
+                                fi
+                                bash /notify.sh "Could not enable the $app app after the Nextcloud update!" "$CUSTOM_HINT Feel free to look at the Nextcloud update logs and force-enable the app again from the app-store UI."
+                                continue
+                            fi
+                            # Only restore the group settings, if the app was enabled (and is thus compatible with the new NC version)
+                            if [ "${APPSTORAGE[$app]}" != "yes" ]; then
+                                php /var/www/html/occ config:app:set "$app" enabled --value="${APPSTORAGE[$app]}"
+                            fi
+                        fi
+                    fi
+                done
+            fi
+
+            php /var/www/html/occ app:update --all
+
+            run_upgrade_if_needed_due_to_app_update
+
+            # Enable the updatenotification app but disable its UI and server update notifications
+            php /var/www/html/occ config:system:set updatechecker --type=bool --value=false
+            php /var/www/html/occ app:enable updatenotification
+            php /var/www/html/occ config:app:set updatenotification notify_groups --value="[]"
+
+            # Apply optimization
+            echo "Doing some optimizations..."
+            if [ "$NEXTCLOUD_SKIP_DATABASE_OPTIMIZATION" != yes ]; then
+                php /var/www/html/occ maintenance:repair --include-expensive
+                php /var/www/html/occ db:add-missing-indices
+                php /var/www/html/occ db:add-missing-columns
+                php /var/www/html/occ db:add-missing-primary-keys
+                yes | php /var/www/html/occ db:convert-filecache-bigint
+            else
+                php /var/www/html/occ maintenance:repair
+            fi
+        fi
+    fi
+
+    # Performing update of all apps if daily backups are enabled, running and successful and if it is saturday
+    if [ "$UPDATE_NEXTCLOUD_APPS" = 'yes' ] && [ "$(date +%u)" = 6 ]; then
+        UPDATED_APPS="$(php /var/www/html/occ app:update --all)"
+        run_upgrade_if_needed_due_to_app_update
+        if [ -n "$UPDATED_APPS" ]; then
+             bash /notify.sh "Your apps just got updated!" "$UPDATED_APPS"
+        fi
+    fi
+else
+    SKIP_UPDATE=1
+fi
+
+run_upgrade_if_needed_due_to_app_update
+
+if [ -z "$OBJECTSTORE_S3_BUCKET" ] && [ -z "$OBJECTSTORE_SWIFT_URL" ]; then
+    # Check if appdata is present
+    # If not, something broke (e.g. changing ncdatadir after aio was first started)
+    if [ -z "$(find "$NEXTCLOUD_DATA_DIR/" -maxdepth 1 -mindepth 1 -type d -name "appdata_*")" ]; then
+        echo "Appdata is not present. Did you maybe change the datadir after the initial Nextcloud installation? This is not supported!"
+        echo "See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir"
+        echo "If you adjusted the datadir to be located on an external drive, make sure that the drive is still mounted!"
+        echo "In the datadir was found:"
+        ls -la "$NEXTCLOUD_DATA_DIR/"
+        exit 1
+    fi
+
+    # Delete formerly configured tempdirectory as the default is usually faster (if the datadir is on a HDD or network FS)
+    if [ "$(php /var/www/html/occ config:system:get tempdirectory)" = "$NEXTCLOUD_DATA_DIR/tmp/" ]; then
+        php /var/www/html/occ config:system:delete tempdirectory
+        if [ -d "$NEXTCLOUD_DATA_DIR/tmp/" ]; then
+            rm -r "$NEXTCLOUD_DATA_DIR/tmp/"
+        fi
+    fi
+
+fi
+
+# Perform fingerprint update if instance was restored
+if [ -f "$NEXTCLOUD_DATA_DIR/fingerprint.update" ]; then
+    php /var/www/html/occ maintenance:data-fingerprint
+    rm "$NEXTCLOUD_DATA_DIR/fingerprint.update"
+fi
+
+# Perform preview scan if previews were excluded from restore
+if [ -f "$NEXTCLOUD_DATA_DIR/trigger-preview.scan" ]; then
+    php /var/www/html/occ files:scan-app-data preview -vvv
+    rm "$NEXTCLOUD_DATA_DIR/trigger-preview.scan"
+fi
+
+# AIO one-click settings start # Do not remove or change this line!
+# Apply one-click-instance settings
+echo "Applying one-click-instance settings..."
+php /var/www/html/occ config:system:set one-click-instance --value=true --type=bool
+php /var/www/html/occ config:system:set one-click-instance.user-limit --value=100 --type=int
+php /var/www/html/occ config:system:set one-click-instance.link --value="https://nextcloud.com/all-in-one/"
+# AIO one-click settings end # Do not remove or change this line!
+php /var/www/html/occ app:enable support
+if [ -n "$SUBSCRIPTION_KEY" ] && [ -z "$(php /var/www/html/occ config:app:get support potential_subscription_key)" ]; then
+    php /var/www/html/occ config:app:set support potential_subscription_key --value="$SUBSCRIPTION_KEY"
+    php /var/www/html/occ config:app:delete support last_check
+fi
+if [ -n "$NEXTCLOUD_DEFAULT_QUOTA" ]; then
+    if [ "$NEXTCLOUD_DEFAULT_QUOTA" = "unlimited" ]; then
+        php /var/www/html/occ config:app:delete files default_quota
+    else
+        php /var/www/html/occ config:app:set files default_quota --value="$NEXTCLOUD_DEFAULT_QUOTA"
+    fi
+fi
+
+# Adjusting log files to be stored on a volume
+echo "Adjusting log files..."
+php /var/www/html/occ config:system:set upgrade.cli-upgrade-link --value="https://github.com/nextcloud/all-in-one/discussions/2726"
+php /var/www/html/occ config:system:set logfile --value="/var/www/html/data/nextcloud.log"
+php /var/www/html/occ config:app:set admin_audit logfile --value="/var/www/html/data/audit.log"
+php /var/www/html/occ config:system:set updatedirectory --value="/nc-updater"
+if [ -n "$NEXTCLOUD_SKELETON_DIRECTORY" ]; then
+    if [ "$NEXTCLOUD_SKELETON_DIRECTORY" = "empty" ]; then
+        php /var/www/html/occ config:system:set skeletondirectory --value=""
+    else
+        php /var/www/html/occ config:system:set skeletondirectory --value="$NEXTCLOUD_SKELETON_DIRECTORY"
+    fi
+fi
+if [ -n "$SERVERINFO_TOKEN" ] && [ -z "$(php /var/www/html/occ config:app:get serverinfo token)" ]; then
+    php /var/www/html/occ config:app:set serverinfo token --value="$SERVERINFO_TOKEN"
+fi
+# Set maintenance window so that no warning is shown in the admin overview
+if [ -z "$NEXTCLOUD_MAINTENANCE_WINDOW" ]; then
+    NEXTCLOUD_MAINTENANCE_WINDOW=100
+fi
+php /var/www/html/occ config:system:set maintenance_window_start --type=int --value="$NEXTCLOUD_MAINTENANCE_WINDOW"
+
+# Apply network settings
+echo "Applying network settings..."
+php /var/www/html/occ config:system:set allow_local_remote_servers --type=bool --value=true
+php /var/www/html/occ config:system:set davstorage.request_timeout --value="$PHP_MAX_TIME" --type=int
+php /var/www/html/occ config:system:set trusted_domains 1 --value="$NC_DOMAIN"
+php /var/www/html/occ config:system:set overwrite.cli.url --value="https://$NC_DOMAIN/"
+php /var/www/html/occ config:system:set documentation_url.server_logs --value="https://github.com/nextcloud/all-in-one/discussions/5425"
+php /var/www/html/occ config:system:set htaccess.RewriteBase --value="/"
+php /var/www/html/occ maintenance:update:htaccess
+
+# Revert dbpersistent setting to check if it fixes too many db connections
+php /var/www/html/occ config:system:set dbpersistent --value=false --type=bool
+
+if [ "$DISABLE_BRUTEFORCE_PROTECTION" = yes ]; then
+    php /var/www/html/occ config:system:set auth.bruteforce.protection.enabled --type=bool --value=false
+    php /var/www/html/occ config:system:set ratelimit.protection.enabled --type=bool --value=false
+else
+    php /var/www/html/occ config:system:set auth.bruteforce.protection.enabled --type=bool --value=true
+    php /var/www/html/occ config:system:set ratelimit.protection.enabled --type=bool --value=true
+fi
+
+# Disallow creating local external storages when nothing was mounted
+if [ -z "$NEXTCLOUD_MOUNT" ]; then
+    php /var/www/html/occ config:system:set files_external_allow_create_new_local --type=bool --value=false
+else
+    php /var/www/html/occ config:system:set files_external_allow_create_new_local --type=bool --value=true
+fi
+
+# AIO app start # Do not remove or change this line!
+# AIO app
+if [ "$THIS_IS_AIO" = "true" ]; then
+    if [ "$(php /var/www/html/occ config:app:get nextcloud-aio enabled)" != "yes" ]; then
+        php /var/www/html/occ app:enable nextcloud-aio
+    fi
+else
+    if [ "$(php /var/www/html/occ config:app:get nextcloud-aio enabled)" != "no" ]; then
+        php /var/www/html/occ app:disable nextcloud-aio
+    fi
+fi
+# AIO app end # Do not remove or change this line!
+
+# Allow to add custom certs to Nextcloud's trusted cert store
+if env | grep -q NEXTCLOUD_TRUSTED_CERTIFICATES_; then
+    set -x
+    TRUSTED_CERTIFICATES="$(env | grep NEXTCLOUD_TRUSTED_CERTIFICATES_ | grep -oP '^[A-Z_a-z0-9]+')"
+    mapfile -t TRUSTED_CERTIFICATES <<< "$TRUSTED_CERTIFICATES"
+    CERTIFICATES_ROOT_DIR="/var/www/html/data/certificates"
+    mkdir -p "$CERTIFICATES_ROOT_DIR"
+    for certificate in "${TRUSTED_CERTIFICATES[@]}"; do
+        # shellcheck disable=SC2001
+        CERTIFICATE_NAME="$(echo "$certificate" | sed 's|^NEXTCLOUD_TRUSTED_CERTIFICATES_||')"
+        if ! [ -f "$CERTIFICATES_ROOT_DIR/$CERTIFICATE_NAME" ]; then
+            echo "${!certificate}" > "$CERTIFICATES_ROOT_DIR/$CERTIFICATE_NAME"
+            php /var/www/html/occ security:certificates:import "$CERTIFICATES_ROOT_DIR/$CERTIFICATE_NAME"
+        fi
+    done
+    set +x
+fi
+
+# Notify push
+if ! [ -d "/var/www/html/custom_apps/notify_push" ]; then
+    php /var/www/html/occ app:install notify_push
+elif [ "$(php /var/www/html/occ config:app:get notify_push enabled)" != "yes" ]; then
+    php /var/www/html/occ app:enable notify_push
+elif [ "$SKIP_UPDATE" != 1 ]; then
+    php /var/www/html/occ app:update notify_push
+fi
+chmod 775 -R /var/www/html/custom_apps/notify_push/bin/
+php /var/www/html/occ config:system:set trusted_proxies 0 --value="127.0.0.1"
+php /var/www/html/occ config:system:set trusted_proxies 1 --value="::1"
+if [ -n "$ADDITIONAL_TRUSTED_PROXY" ]; then
+    php /var/www/html/occ config:system:set trusted_proxies 2 --value="$ADDITIONAL_TRUSTED_PROXY"
+fi
+
+# Get ipv4-address of Nextcloud
+if [ -z "$NEXTCLOUD_HOST" ]; then
+    export NEXTCLOUD_HOST="nextcloud-aio-nextcloud"
+fi
+IPv4_ADDRESS="$(dig "$NEXTCLOUD_HOST" A +short +search | head -1)" 
+# Bring it in CIDR notation 
+# shellcheck disable=SC2001
+IPv4_ADDRESS="$(echo "$IPv4_ADDRESS" | sed 's|[0-9]\+$|0/16|')" 
+if [ -n "$IPv4_ADDRESS" ]; then
+    php /var/www/html/occ config:system:set trusted_proxies 10 --value="$IPv4_ADDRESS"
+fi
+
+if [ -n "$ADDITIONAL_TRUSTED_DOMAIN" ]; then
+    php /var/www/html/occ config:system:set trusted_domains 2 --value="$ADDITIONAL_TRUSTED_DOMAIN"
+fi
+php /var/www/html/occ config:app:set notify_push base_endpoint --value="https://$NC_DOMAIN/push"
+
+# Collabora
+if [ "$COLLABORA_ENABLED" = 'yes' ]; then
+    set -x
+    if echo "$COLLABORA_HOST" | grep -q "nextcloud-.*-collabora"; then
+        COLLABORA_HOST="$NC_DOMAIN"
+    fi
+    set +x
+    # Remove richdcoumentscode if it should be incorrectly installed
+    if [ -d "/var/www/html/custom_apps/richdocumentscode" ]; then
+        php /var/www/html/occ app:remove richdocumentscode
+    fi
+    if ! [ -d "/var/www/html/custom_apps/richdocuments" ]; then
+        php /var/www/html/occ app:install richdocuments
+    elif [ "$(php /var/www/html/occ config:app:get richdocuments enabled)" != "yes" ]; then
+        php /var/www/html/occ app:enable richdocuments
+    elif [ "$SKIP_UPDATE" != 1 ]; then
+        php /var/www/html/occ app:update richdocuments
+    fi
+    php /var/www/html/occ config:app:set richdocuments wopi_url --value="https://$COLLABORA_HOST/"
+    # Make collabora more save
+    COLLABORA_IPv4_ADDRESS="$(dig "$COLLABORA_HOST" A +short +search | grep '^[0-9.]\+$' | sort | head -n1)"
+    COLLABORA_IPv6_ADDRESS="$(dig "$COLLABORA_HOST" AAAA +short +search | grep '^[0-9a-f:]\+$' | sort | head -n1)"
+    COLLABORA_ALLOW_LIST="$(php /var/www/html/occ config:app:get richdocuments wopi_allowlist)"
+    if [ -n "$COLLABORA_IPv4_ADDRESS" ]; then
+        if ! echo "$COLLABORA_ALLOW_LIST" | grep -q "$COLLABORA_IPv4_ADDRESS"; then
+            if [ -z "$COLLABORA_ALLOW_LIST" ]; then
+                COLLABORA_ALLOW_LIST="$COLLABORA_IPv4_ADDRESS"
+            else
+                COLLABORA_ALLOW_LIST+=",$COLLABORA_IPv4_ADDRESS"
+            fi
+        fi
+    else
+        echo "Warning: No ipv4-address found for $COLLABORA_HOST."
+    fi
+    if [ -n "$COLLABORA_IPv6_ADDRESS" ]; then
+        if ! echo "$COLLABORA_ALLOW_LIST" | grep -q "$COLLABORA_IPv6_ADDRESS"; then
+            if [ -z "$COLLABORA_ALLOW_LIST" ]; then
+                COLLABORA_ALLOW_LIST="$COLLABORA_IPv6_ADDRESS"
+            else
+                COLLABORA_ALLOW_LIST+=",$COLLABORA_IPv6_ADDRESS"
+            fi
+        fi
+    else
+        echo "No ipv6-address found for $COLLABORA_HOST."
+    fi
+    if [ -n "$COLLABORA_ALLOW_LIST" ]; then
+        PRIVATE_IP_RANGES='127.0.0.1/8,192.168.0.0/16,172.16.0.0/12,10.0.0.0/8,fd00::/8,::1'
+        if ! echo "$COLLABORA_ALLOW_LIST" | grep -q "$PRIVATE_IP_RANGES"; then
+            COLLABORA_ALLOW_LIST+=",$PRIVATE_IP_RANGES"
+        fi
+        if [ -n "$ADDITIONAL_TRUSTED_PROXY" ]; then
+            if ! echo "$COLLABORA_ALLOW_LIST" | grep -q "$ADDITIONAL_TRUSTED_PROXY"; then
+                COLLABORA_ALLOW_LIST+=",$ADDITIONAL_TRUSTED_PROXY"
+            fi
+        fi
+        php /var/www/html/occ config:app:set richdocuments wopi_allowlist --value="$COLLABORA_ALLOW_LIST"
+    else
+        echo "Warning: wopi_allowlist is empty which should not be the case!"
+    fi
+else
+    if [ "$REMOVE_DISABLED_APPS" = yes ] && [ -d "/var/www/html/custom_apps/richdocuments" ]; then
+        php /var/www/html/occ app:remove richdocuments
+    fi
+fi
+
+# OnlyOffice
+if [ "$ONLYOFFICE_ENABLED" = 'yes' ]; then
+    if echo "$ONLYOFFICE_HOST" | grep -q "nextcloud-.*-onlyoffice"; then
+        ONLYOFFICE_PORT=80
+    else
+        ONLYOFFICE_PORT=443
+    fi
+    while ! nc -z "$ONLYOFFICE_HOST" "$ONLYOFFICE_PORT"; do
+        echo "waiting for OnlyOffice to become available..."
+        sleep 5
+    done
+    if ! [ -d "/var/www/html/custom_apps/onlyoffice" ]; then
+        php /var/www/html/occ app:install onlyoffice
+    elif [ "$(php /var/www/html/occ config:app:get onlyoffice enabled)" != "yes" ]; then
+        php /var/www/html/occ app:enable onlyoffice
+    elif [ "$SKIP_UPDATE" != 1 ]; then
+        php /var/www/html/occ app:update onlyoffice
+    fi
+    php /var/www/html/occ config:system:set onlyoffice jwt_secret --value="$ONLYOFFICE_SECRET"
+    php /var/www/html/occ config:app:set onlyoffice jwt_secret --value="$ONLYOFFICE_SECRET"
+    php /var/www/html/occ config:system:set onlyoffice jwt_header --value="AuthorizationJwt"
+    if echo "$ONLYOFFICE_HOST" | grep -q "nextcloud-.*-onlyoffice"; then
+        ONLYOFFICE_HOST="$NC_DOMAIN/onlyoffice"
+        export ONLYOFFICE_HOST
+    fi
+    php /var/www/html/occ config:app:set onlyoffice DocumentServerUrl --value="https://$ONLYOFFICE_HOST"
+else
+    if [ "$REMOVE_DISABLED_APPS" = yes ] && [ -d "/var/www/html/custom_apps/onlyoffice" ] && [ -n "$ONLYOFFICE_SECRET" ] && [ "$(php /var/www/html/occ config:system:get onlyoffice jwt_secret)" = "$ONLYOFFICE_SECRET" ]; then
+        php /var/www/html/occ app:remove onlyoffice
+    fi
+fi
+
+# Talk
+if [ "$TALK_ENABLED" = 'yes' ]; then
+    set -x
+    if [ -z "$TALK_HOST" ] || echo "$TALK_HOST" | grep -q "nextcloud-.*-talk"; then
+        TALK_HOST="$NC_DOMAIN"
+        HPB_PATH="/standalone-signaling/"
+    fi
+    if [ -z "$TURN_DOMAIN" ]; then
+        TURN_DOMAIN="$TALK_HOST"
+    fi
+    set +x
+    if ! [ -d "/var/www/html/custom_apps/spreed" ]; then
+        php /var/www/html/occ app:install spreed
+    elif [ "$(php /var/www/html/occ config:app:get spreed enabled)" != "yes" ]; then
+        php /var/www/html/occ app:enable spreed
+    elif [ "$SKIP_UPDATE" != 1 ]; then
+        php /var/www/html/occ app:update spreed
+    fi
+    # Based on https://github.com/nextcloud/spreed/issues/960#issuecomment-416993435
+    if [ -z "$(php /var/www/html/occ talk:turn:list --output="plain")" ]; then
+        # shellcheck disable=SC2153
+        php /var/www/html/occ talk:turn:add turn "$TURN_DOMAIN:$TALK_PORT" "udp,tcp" --secret="$TURN_SECRET"
+    fi
+    STUN_SERVER="$(php /var/www/html/occ talk:stun:list --output="plain")"
+    if [ -z "$STUN_SERVER" ] || echo "$STUN_SERVER" | grep -oP '[a-zA-Z.:0-9]+' | grep -q "^stun.nextcloud.com:443$"; then
+        php /var/www/html/occ talk:stun:add "$TURN_DOMAIN:$TALK_PORT"
+        php /var/www/html/occ talk:stun:delete "stun.nextcloud.com:443"
+    fi
+    if ! php /var/www/html/occ talk:signaling:list --output="plain" | grep -q "https://$TALK_HOST$HPB_PATH"; then
+        php /var/www/html/occ talk:signaling:add "https://$TALK_HOST$HPB_PATH" "$SIGNALING_SECRET" --verify
+    fi
+else
+    if [ "$REMOVE_DISABLED_APPS" = yes ] && [ -d "/var/www/html/custom_apps/spreed" ]; then
+        php /var/www/html/occ app:remove spreed
+    fi
+fi
+
+# Talk recording
+if [ -d "/var/www/html/custom_apps/spreed" ]; then
+    if [ "$TALK_RECORDING_ENABLED" = 'yes' ]; then
+        while ! nc -z "$TALK_RECORDING_HOST" 1234; do
+            echo "waiting for Talk Recording to become available..."
+            sleep 5
+        done
+        # TODO: migrate to occ command if that becomes available
+        RECORDING_SERVERS_STRING="{\"servers\":[{\"server\":\"http://$TALK_RECORDING_HOST:1234/\",\"verify\":true}],\"secret\":\"$RECORDING_SECRET\"}"
+        php /var/www/html/occ config:app:set spreed recording_servers --value="$RECORDING_SERVERS_STRING"
+    else
+        php /var/www/html/occ config:app:delete spreed recording_servers
+    fi
+fi
+
+# Clamav
+if [ "$CLAMAV_ENABLED" = 'yes' ]; then
+    count=0
+    while ! nc -z "$CLAMAV_HOST" 3310 && [ "$count" -lt 90 ]; do
+        echo "waiting for clamav to become available..."
+        count=$((count+5))
+        sleep 5
+    done
+    if [ "$count" -ge 90 ]; then
+        echo "Clamav did not start in time. Skipping initialization and disabling files_antivirus app."
+        php /var/www/html/occ app:disable files_antivirus
+    else
+        if ! [ -d "/var/www/html/custom_apps/files_antivirus" ]; then
+            php /var/www/html/occ app:install files_antivirus
+        elif [ "$(php /var/www/html/occ config:app:get files_antivirus enabled)" != "yes" ]; then
+            php /var/www/html/occ app:enable files_antivirus
+        elif [ "$SKIP_UPDATE" != 1 ]; then
+            php /var/www/html/occ app:update files_antivirus
+        fi
+        php /var/www/html/occ config:app:set files_antivirus av_mode --value="daemon"
+        php /var/www/html/occ config:app:set files_antivirus av_port --value="3310"
+        php /var/www/html/occ config:app:set files_antivirus av_host --value="$CLAMAV_HOST"
+        php /var/www/html/occ config:app:set files_antivirus av_stream_max_length --value="$CLAMAV_MAX_SIZE"
+        php /var/www/html/occ config:app:set files_antivirus av_max_file_size --value="$CLAMAV_MAX_SIZE"
+        php /var/www/html/occ config:app:set files_antivirus av_infected_action --value="only_log"
+        if [ -n "$CLAMAV_BLOCKLISTED_DIRECTORIES" ]; then
+            php /var/www/html/occ config:app:set files_antivirus av_blocklisted_directories --value="$CLAMAV_BLOCKLISTED_DIRECTORIES"
+        fi
+    fi
+else
+    if [ "$REMOVE_DISABLED_APPS" = yes ] && [ -d "/var/www/html/custom_apps/files_antivirus" ]; then
+        php /var/www/html/occ app:remove files_antivirus
+    fi
+fi
+
+# Imaginary
+if [ "$IMAGINARY_ENABLED" = 'yes' ]; then
+    php /var/www/html/occ config:system:set enabledPreviewProviders 0 --value="OC\\Preview\\Imaginary"
+    php /var/www/html/occ config:system:set enabledPreviewProviders 23 --value="OC\\Preview\\ImaginaryPDF"
+    php /var/www/html/occ config:system:set preview_imaginary_url --value="http://$IMAGINARY_HOST:9000"
+    php /var/www/html/occ config:system:set preview_imaginary_key --value="$IMAGINARY_SECRET"
+else
+    if [ -n "$(php /var/www/html/occ config:system:get preview_imaginary_url)" ]; then
+        php /var/www/html/occ config:system:delete enabledPreviewProviders 0
+        php /var/www/html/occ config:system:delete preview_imaginary_url
+        php /var/www/html/occ config:system:delete enabledPreviewProviders 20
+        php /var/www/html/occ config:system:delete enabledPreviewProviders 21
+        php /var/www/html/occ config:system:delete enabledPreviewProviders 22
+        php /var/www/html/occ config:system:delete enabledPreviewProviders 23
+    fi
+fi
+
+# Fulltextsearch
+if [ "$FULLTEXTSEARCH_ENABLED" = 'yes' ]; then
+    count=0
+    while ! nc -z "$FULLTEXTSEARCH_HOST" "$FULLTEXTSEARCH_PORT" && [ "$count" -lt 90 ]; do
+        echo "waiting for Fulltextsearch to become available..."
+        count=$((count+5))
+        sleep 5
+    done
+    if [ "$count" -ge 90 ]; then
+        echo "Fulltextsearch did not start in time. Skipping initialization and disabling fulltextsearch apps."
+        php /var/www/html/occ app:disable fulltextsearch
+        php /var/www/html/occ app:disable fulltextsearch_elasticsearch
+        php /var/www/html/occ app:disable files_fulltextsearch
+    else
+        if ! [ -d "/var/www/html/custom_apps/fulltextsearch" ]; then
+            php /var/www/html/occ app:install fulltextsearch
+        elif [ "$(php /var/www/html/occ config:app:get fulltextsearch enabled)" != "yes" ]; then
+            php /var/www/html/occ app:enable fulltextsearch
+        elif [ "$SKIP_UPDATE" != 1 ]; then
+            php /var/www/html/occ app:update fulltextsearch
+        fi    
+        if ! [ -d "/var/www/html/custom_apps/fulltextsearch_elasticsearch" ]; then
+            php /var/www/html/occ app:install fulltextsearch_elasticsearch
+        elif [ "$(php /var/www/html/occ config:app:get fulltextsearch_elasticsearch enabled)" != "yes" ]; then
+            php /var/www/html/occ app:enable fulltextsearch_elasticsearch
+        elif [ "$SKIP_UPDATE" != 1 ]; then
+            php /var/www/html/occ app:update fulltextsearch_elasticsearch
+        fi    
+        if ! [ -d "/var/www/html/custom_apps/files_fulltextsearch" ]; then
+            php /var/www/html/occ app:install files_fulltextsearch
+        elif [ "$(php /var/www/html/occ config:app:get files_fulltextsearch enabled)" != "yes" ]; then
+            php /var/www/html/occ app:enable files_fulltextsearch
+        elif [ "$SKIP_UPDATE" != 1 ]; then
+            php /var/www/html/occ app:update files_fulltextsearch
+        fi
+        php /var/www/html/occ fulltextsearch:configure '{"search_platform":"OCA\\FullTextSearch_Elasticsearch\\Platform\\ElasticSearchPlatform"}'
+        php /var/www/html/occ fulltextsearch_elasticsearch:configure "{\"elastic_host\":\"http://$FULLTEXTSEARCH_USER:$FULLTEXTSEARCH_PASSWORD@$FULLTEXTSEARCH_HOST:$FULLTEXTSEARCH_PORT\",\"elastic_index\":\"$FULLTEXTSEARCH_INDEX\"}"
+        php /var/www/html/occ files_fulltextsearch:configure "{\"files_pdf\":\"1\",\"files_office\":\"1\"}"
+
+        # Do the index
+        if ! [ -f "$NEXTCLOUD_DATA_DIR/fts-index.done" ]; then
+            echo "Waiting 10s before activating FTS..."
+            sleep 10
+            echo "Activating fulltextsearch..."
+            if php /var/www/html/occ fulltextsearch:test && php /var/www/html/occ fulltextsearch:index "{\"errors\": \"reset\"}" --no-readline; then
+                touch "$NEXTCLOUD_DATA_DIR/fts-index.done"
+            else
+                echo "Fulltextsearch failed. Could not index."
+                echo "Feel free to follow https://github.com/nextcloud/all-in-one/discussions/1709 if you want to skip the indexing in the future."
+            fi
+        fi
+    fi
+else
+    if [ "$REMOVE_DISABLED_APPS" = yes ]; then
+        if [ -d "/var/www/html/custom_apps/fulltextsearch" ]; then
+            php /var/www/html/occ app:remove fulltextsearch
+        fi
+        if [ -d "/var/www/html/custom_apps/fulltextsearch_elasticsearch" ]; then
+            php /var/www/html/occ app:remove fulltextsearch_elasticsearch
+        fi
+        if [ -d "/var/www/html/custom_apps/files_fulltextsearch" ]; then
+            php /var/www/html/occ app:remove files_fulltextsearch
+        fi
+    fi
+fi
+
+# Docker socket proxy
+# app_api is a shipped app
+if [ -d "/var/www/html/custom_apps/app_api" ]; then
+    php /var/www/html/occ app:disable app_api
+    rm -r "/var/www/html/custom_apps/app_api"
+fi
+if [ "$DOCKER_SOCKET_PROXY_ENABLED" = 'yes' ]; then
+    if [ "$(php /var/www/html/occ config:app:get app_api enabled)" != "yes" ]; then
+        php /var/www/html/occ app:enable app_api
+    fi
+else
+    if [ "$REMOVE_DISABLED_APPS" = yes ]; then
+        if [ "$(php /var/www/html/occ config:app:get app_api enabled)" != "no" ]; then
+            php /var/www/html/occ app:disable app_api
+        fi
+    fi
+fi
+
+# Whiteboard app
+if [ "$WHITEBOARD_ENABLED" = 'yes' ]; then
+    if ! [ -d "/var/www/html/custom_apps/whiteboard" ]; then
+        php /var/www/html/occ app:install whiteboard
+    elif [ "$(php /var/www/html/occ config:app:get whiteboard enabled)" != "yes" ]; then
+        php /var/www/html/occ app:enable whiteboard
+    elif [ "$SKIP_UPDATE" != 1 ]; then
+        php /var/www/html/occ app:update whiteboard
+    fi
+    php /var/www/html/occ config:app:set whiteboard collabBackendUrl --value="https://$NC_DOMAIN/whiteboard"
+    php /var/www/html/occ config:app:set whiteboard jwt_secret_key --value="$WHITEBOARD_SECRET"
+else
+    if [ "$REMOVE_DISABLED_APPS" = yes ] && [ -d "/var/www/html/custom_apps/whiteboard" ]; then
+        php /var/www/html/occ app:remove whiteboard
+    fi
+fi
+
+# Remove the update skip file always
+rm -f "$NEXTCLOUD_DATA_DIR"/skip.update
--- a/nextcloud-aio/Containers/nextcloud/healthcheck.sh
+++ b/nextcloud-aio/Containers/nextcloud/healthcheck.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+# Set a default value for POSTGRES_PORT
+if [ -z "$POSTGRES_PORT" ]; then
+    POSTGRES_PORT=5432
+fi
+
+
+# POSTGRES_HOST must be set in the containers env vars and POSTGRES_PORT has a default above
+# shellcheck disable=SC2153
+nc -z "$POSTGRES_HOST" "$POSTGRES_PORT" || exit 0
+
+if ! nc -z 127.0.0.1 9000; then
+    exit 1
+fi
--- a/nextcloud-aio/Containers/nextcloud/notify-all.sh
+++ b/nextcloud-aio/Containers/nextcloud/notify-all.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+if [[ "$EUID" = 0 ]]; then
+    COMMAND=(sudo -E -u www-data php /var/www/html/occ)
+else
+    COMMAND=(php /var/www/html/occ)
+fi
+
+SUBJECT="$1"
+MESSAGE="$2"
+
+if [ "$("${COMMAND[@]}" config:app:get notifications enabled)" = "no" ]; then
+    echo "Cannot send notification as notification app is not enabled."
+    exit 1
+fi
+
+echo "Posting notifications to all users..."
+NC_USERS=$("${COMMAND[@]}" user:list | sed 's|^  - ||g' | sed 's|:.*||')
+mapfile -t NC_USERS <<< "$NC_USERS"
+for user in "${NC_USERS[@]}"
+do
+    echo "Posting '$SUBJECT' to: $user"
+    "${COMMAND[@]}" notification:generate "$user" "$NC_DOMAIN: $SUBJECT" -l "$MESSAGE" --object-type='update' --object-id="$SUBJECT"
+done
+
+echo "Done!"
+exit 0
--- a/nextcloud-aio/Containers/nextcloud/notify.sh
+++ b/nextcloud-aio/Containers/nextcloud/notify.sh
@@ -0,0 +1,35 @@
+#!/bin/bash
+
+if [[ "$EUID" = 0 ]]; then
+    COMMAND=(sudo -E -u www-data php /var/www/html/occ)
+else
+    COMMAND=(php /var/www/html/occ)
+fi
+
+SUBJECT="$1"
+MESSAGE="$2"
+
+if [ "$("${COMMAND[@]}" config:app:get notifications enabled)" = "no" ]; then
+    echo "Cannot send notification as notification app is not enabled."
+    exit 1
+fi
+
+echo "Posting notifications to users that are admins..."
+NC_USERS=$("${COMMAND[@]}" user:list | sed 's|^  - ||g' | sed 's|:.*||')
+mapfile -t NC_USERS <<< "$NC_USERS"
+for user in "${NC_USERS[@]}"
+do
+    if "${COMMAND[@]}" user:info "$user" | cut -d "-" -f2 | grep -x -q " admin"
+    then
+        NC_ADMIN_USER+=("$user")
+    fi
+done
+
+for admin in "${NC_ADMIN_USER[@]}"
+do
+    echo "Posting '$SUBJECT' to: $admin"
+    "${COMMAND[@]}" notification:generate "$admin" "$NC_DOMAIN: $SUBJECT" -l "$MESSAGE" --object-type='update' --object-id="$SUBJECT"
+done
+
+echo "Done!"
+exit 0
--- a/nextcloud-aio/Containers/nextcloud/root.motd
+++ b/nextcloud-aio/Containers/nextcloud/root.motd
@@ -0,0 +1,4 @@
+Warning: You have logged in into the Nextcloud container as root user.
+See https://github.com/nextcloud/all-in-one#how-to-run-occ-commands if you want to run occ commands.
+Apart from that, you can use 'sudo -E -u www-data php occ <your-command>' in order to run occ commands.
+Of course <your-command> needs to be substituted with the command that you want to use.
--- a/nextcloud-aio/Containers/nextcloud/run-exec-commands.sh
+++ b/nextcloud-aio/Containers/nextcloud/run-exec-commands.sh
@@ -0,0 +1,36 @@
+#!/bin/bash
+
+# Wait until the apache container is ready
+while ! nc -z "$APACHE_HOST" "$APACHE_PORT"; do
+    echo "Waiting for $APACHE_HOST to become available..."
+    sleep 15
+done
+
+if [ -n "$NEXTCLOUD_EXEC_COMMANDS" ]; then
+    echo "#!/bin/bash" > /tmp/nextcloud-exec-commands
+    echo "$NEXTCLOUD_EXEC_COMMANDS" >> /tmp/nextcloud-exec-commands
+    if ! grep "one-click-instance" /tmp/nextcloud-exec-commands; then
+        bash /tmp/nextcloud-exec-commands
+        rm /tmp/nextcloud-exec-commands
+    fi
+else
+    # Collabora must work also if using manual-install 
+    if [ "$COLLABORA_ENABLED" = yes ]; then
+        echo "Activating Collabora config..."
+        php /var/www/html/occ richdocuments:activate-config
+    fi
+    # OnlyOffice must work also if using manual-install
+    if [ "$ONLYOFFICE_ENABLED" = yes ]; then
+        echo "Activating OnlyOffice config..."
+        php /var/www/html/occ onlyoffice:documentserver --check
+    fi
+fi
+
+signal_handler() {
+    exit 0
+}
+
+trap signal_handler SIGINT SIGTERM
+
+sleep inf &
+wait $!
--- a/nextcloud-aio/Containers/nextcloud/start.sh
+++ b/nextcloud-aio/Containers/nextcloud/start.sh
@@ -0,0 +1,173 @@
+#!/bin/bash
+
+# Set a default value for POSTGRES_PORT
+if [ -z "$POSTGRES_PORT" ]; then
+    POSTGRES_PORT=5432
+fi
+
+# Only start container if database is accessible
+# POSTGRES_HOST must be set in the containers env vars and POSTGRES_PORT has a default above
+# shellcheck disable=SC2153
+while ! sudo -u www-data nc -z "$POSTGRES_HOST" "$POSTGRES_PORT"; do
+    echo "Waiting for database to start..."
+    sleep 5
+done
+
+# Use the correct Postgres username
+POSTGRES_USER="oc_$POSTGRES_USER"
+export POSTGRES_USER
+
+# Check that db type is not empty
+if [ -z "$DATABASE_TYPE" ]; then
+    export DATABASE_TYPE=postgres
+fi
+
+# Fix false database connection on old instances
+if [ -f "/var/www/html/config/config.php" ]; then
+    sleep 2
+    while ! sudo -u www-data psql -d "postgresql://$POSTGRES_USER:$POSTGRES_PASSWORD@$POSTGRES_HOST:$POSTGRES_PORT/$POSTGRES_DB" -c "select now()"; do
+        echo "Waiting for the database to start..."
+        sleep 5
+    done
+    if [ "$POSTGRES_USER" = "oc_nextcloud" ] && [ "$POSTGRES_DB" = "nextcloud_database" ] && echo "$POSTGRES_PASSWORD" | grep -q '^[a-z0-9]\+$'; then
+        # This was introduced with https://github.com/nextcloud/all-in-one/pull/218
+        sed -i "s|'dbuser'.*=>.*$|'dbuser' => '$POSTGRES_USER',|" /var/www/html/config/config.php
+        sed -i "s|'dbpassword'.*=>.*$|'dbpassword' => '$POSTGRES_PASSWORD',|" /var/www/html/config/config.php
+        sed -i "s|'db_name'.*=>.*$|'db_name' => '$POSTGRES_DB',|" /var/www/html/config/config.php
+    fi
+fi
+
+# Trust additional Cacerts, if the user provided $TRUSTED_CACERTS_DIR
+if [ -n "$TRUSTED_CACERTS_DIR" ]; then
+    echo "User required to trust additional CA certificates, running 'update-ca-certificates.'"
+    update-ca-certificates
+fi
+
+# Check if /dev/dri device is present and apply correct permissions
+set -x
+if ! [ -f "/dev-dri-group-was-added" ] && [ -n "$(find /dev -maxdepth 1 -mindepth 1 -name dri)" ] && [ -n "$(find /dev/dri -maxdepth 1 -mindepth 1 -name renderD128)" ]; then
+    # From https://memories.gallery/hw-transcoding/#docker-installations
+    GID="$(stat -c "%g" /dev/dri/renderD128)"
+    groupadd -g "$GID" render2 || true # sometimes this is needed
+    GROUP="$(getent group "$GID" | cut -d: -f1)"
+    usermod -aG "$GROUP" www-data
+    touch "/dev-dri-group-was-added"
+fi
+set +x
+
+# Check datadir permissions
+sudo -u www-data touch "$NEXTCLOUD_DATA_DIR/this-is-a-test-file" &>/dev/null
+if ! [ -f "$NEXTCLOUD_DATA_DIR/this-is-a-test-file" ]; then
+    chown -R www-data:root "$NEXTCLOUD_DATA_DIR"
+    chmod 750 -R "$NEXTCLOUD_DATA_DIR"
+fi
+sudo -u www-data rm -f "$NEXTCLOUD_DATA_DIR/this-is-a-test-file"
+
+# Install additional dependencies
+if [ -n "$ADDITIONAL_APKS" ]; then
+    if ! [ -f "/additional-apks-are-installed" ]; then
+        # Allow to disable imagemagick without having to download it each time
+        if ! echo "$ADDITIONAL_APKS" | grep -q imagemagick; then
+            apk del imagemagick imagemagick-svg imagemagick-heic imagemagick-tiff;
+        fi
+        read -ra ADDITIONAL_APKS_ARRAY <<< "$ADDITIONAL_APKS"
+        for app in "${ADDITIONAL_APKS_ARRAY[@]}"; do
+            if [ "$app" != imagemagick ]; then
+                echo "Installing $app via apk..."
+                if ! apk add --no-cache "$app" >/dev/null; then
+                    echo "The packet $app was not installed!"
+                fi
+            fi
+        done
+    fi
+    touch /additional-apks-are-installed
+fi
+
+# Install additional php extensions
+if [ -n "$ADDITIONAL_PHP_EXTENSIONS" ]; then
+    if ! [ -f "/additional-php-extensions-are-installed" ]; then
+        read -ra ADDITIONAL_PHP_EXTENSIONS_ARRAY <<< "$ADDITIONAL_PHP_EXTENSIONS"
+        for app in "${ADDITIONAL_PHP_EXTENSIONS_ARRAY[@]}"; do
+            if [ "$app" = imagick ]; then
+                echo "Enabling Imagick..."
+                if ! docker-php-ext-enable imagick >/dev/null; then
+                    echo "Could not install PHP extension imagick!"
+                fi
+                continue
+            fi
+            # shellcheck disable=SC2086
+            if [ "$PHP_DEPS_ARE_INSTALLED" != 1 ]; then
+                echo "Installing PHP build dependencies..."
+                    if ! apk add --no-cache --virtual .build-deps \
+                        libxml2-dev \
+                        autoconf \
+                        $PHPIZE_DEPS >/dev/null; then
+                    echo "Could not install build-deps!"
+                fi
+                PHP_DEPS_ARE_INSTALLED=1
+            fi
+            if [ "$app" = inotify ]; then
+                echo "Installing $app via PECL..."
+                pecl install "$app" >/dev/null
+                if ! docker-php-ext-enable "$app" >/dev/null; then
+                    echo "Could not install PHP extension $app!"
+                fi
+            elif [ "$app" = soap ]; then
+                echo "Installing $app from core..."
+                if ! docker-php-ext-install -j "$(nproc)" "$app" >/dev/null; then
+                    echo "Could not install PHP extension $app!"
+                fi
+            else
+                echo "Installing PHP extension $app ..."
+                if ! docker-php-ext-install -j "$(nproc)" "$app" >/dev/null; then
+                    echo "Could not install $app from core. Trying to install from PECL..."
+                    pecl install "$app" >/dev/null
+                    if ! docker-php-ext-enable "$app" >/dev/null; then
+                        echo "Could also not install $app from PECL. The PHP extensions was not installed!"
+                    fi
+                fi
+            fi
+        done
+        if [ "$PHP_DEPS_ARE_INSTALLED" = 1 ]; then
+            rm -rf /tmp/pear
+            runDeps="$( \
+                scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \
+                    | tr ',' '\n' \
+                    | sort -u \
+                    | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
+            )";
+            # shellcheck disable=SC2086
+            apk add --no-cache --virtual .nextcloud-phpext-rundeps $runDeps >/dev/null
+            apk del .build-deps >/dev/null
+        fi
+    fi
+    touch /additional-php-extensions-are-installed
+fi
+
+# Run original entrypoint
+if ! sudo -E -u www-data bash /entrypoint.sh; then
+    exit 1
+fi
+
+while [ "$THIS_IS_AIO" = "true" ] && [ -z "$(dig nextcloud-aio-apache A +short +search)" ]; do
+    echo "Waiting for nextcloud-aio-apache to start..."
+    sleep 5
+done
+
+set -x
+# shellcheck disable=SC2235
+if [ "$THIS_IS_AIO" = "true" ] && [ "$APACHE_PORT" = 443 ]; then
+    IPv4_ADDRESS_APACHE="$(dig nextcloud-aio-apache A +short +search | grep '^[0-9.]\+$' | sort | head -n1)"
+    IPv6_ADDRESS_APACHE="$(dig nextcloud-aio-apache AAAA +short +search | grep '^[0-9a-f:]\+$' | sort | head -n1)"
+    IPv4_ADDRESS_MASTERCONTAINER="$(dig nextcloud-aio-mastercontainer A +short +search | grep '^[0-9.]\+$' | sort | head -n1)"
+    IPv6_ADDRESS_MASTERCONTAINER="$(dig nextcloud-aio-mastercontainer AAAA +short +search | grep '^[0-9a-f:]\+$' | sort | head -n1)"
+
+    sed -i "s|^;listen.allowed_clients|listen.allowed_clients|" /usr/local/etc/php-fpm.d/www.conf
+    sed -i "s|listen.allowed_clients.*|listen.allowed_clients = 127.0.0.1,::1,$IPv4_ADDRESS_APACHE,$IPv6_ADDRESS_APACHE,$IPv4_ADDRESS_MASTERCONTAINER,$IPv6_ADDRESS_MASTERCONTAINER|" /usr/local/etc/php-fpm.d/www.conf
+    sed -i "/^listen.allowed_clients/s/,,/,/g" /usr/local/etc/php-fpm.d/www.conf
+    sed -i "/^listen.allowed_clients/s/,$//" /usr/local/etc/php-fpm.d/www.conf
+    grep listen.allowed_clients /usr/local/etc/php-fpm.d/www.conf
+fi
+set +x
+
+exec "$@"
--- a/nextcloud-aio/Containers/nextcloud/supervisord.conf
+++ b/nextcloud-aio/Containers/nextcloud/supervisord.conf
@@ -0,0 +1,45 @@
+# From https://github.com/nextcloud/docker/blob/master/.examples/dockerfiles/full/fpm/supervisord.conf
+[supervisord]
+nodaemon=true
+logfile=/var/log/supervisord/supervisord.log
+pidfile=/var/run/supervisord/supervisord.pid
+childlogdir=/var/log/supervisord/
+logfile_maxbytes=50MB                           ; maximum size of logfile before rotation
+logfile_backups=10                              ; number of backed up logfiles
+loglevel=error
+user=root
+
+[program:php-fpm]
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+command=php-fpm
+user=root
+
+[program:cron]
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+command=/cron.sh
+user=www-data
+
+[program:run-exec-commands]
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+command=/run-exec-commands.sh
+user=www-data
+
+# This is a hack but no better solution is there
+[program:is-nextcloud-online]
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+# Restart the netcat command once a day to ensure that it stays reachable
+# See https://github.com/nextcloud/all-in-one/issues/6334
+command=timeout 86400 nc -lk 9001
+user=www-data
--- a/nextcloud-aio/Containers/nextcloud/upgrade.exclude
+++ b/nextcloud-aio/Containers/nextcloud/upgrade.exclude
@@ -0,0 +1,5 @@
+/config/
+/data/
+/custom_apps/
+/themes/
+/version.php