Merge 1a0fb1bfc2 into 616d0dff03

Signed-off-by: J0WI <J0WI@users.noreply.github.com>

.config/autoconfig.php

@@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) {
     $AUTOCONFIG['dbtype'] = 'sqlite';
     $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE');
     $autoconfig_enabled = true;
-} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) {
-    $AUTOCONFIG['dbtype'] = 'mysql';
-    $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE')));
-    $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE')));
-    $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE')));
-    $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
-    $autoconfig_enabled = true;
 } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
     $AUTOCONFIG['dbtype'] = 'mysql';
     $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE');
@@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) {
     $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD');
     $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
     $autoconfig_enabled = true;
-} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) {
-    $AUTOCONFIG['dbtype'] = 'pgsql';
-    $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE')));
-    $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE')));
-    $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE')));
-    $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
-    $autoconfig_enabled = true;
 } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
     $AUTOCONFIG['dbtype'] = 'pgsql';
     $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB');

.config/redis.config.php

@@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) {
     'memcache.locking' => '\OC\Memcache\Redis',
     'redis' => array(
       'host' => getenv('REDIS_HOST'),
-      'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'),
+      'password' => (string) getenv('REDIS_HOST_PASSWORD'),
     ),
   );
 
@@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) {
   } elseif (getenv('REDIS_HOST')[0] != '/') {
     $CONFIG['redis']['port'] = 6379;
   }
+
+  if (getenv('REDIS_HOST_USER') !== false) {
+    $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER');
+  }
 }

.config/s3.config.php

@@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) {
     )
   );
 
-  if (getenv('OBJECTSTORE_S3_KEY_FILE')) {
-    $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_KEY')) {
+  if (getenv('OBJECTSTORE_S3_KEY')) {
     $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY');
   } else {
     $CONFIG['objectstore']['arguments']['key'] = '';
   }
 
-  if (getenv('OBJECTSTORE_S3_SECRET_FILE')) {
-    $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_SECRET')) {
+  if (getenv('OBJECTSTORE_S3_SECRET')) {
     $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET');
   } else {
     $CONFIG['objectstore']['arguments']['secret'] = '';
   }
 
-  if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) {
-    $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
+  if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
     $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY');
   }
 }

.config/smtp.config.php

@@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN'))
     'mail_smtphost' => getenv('SMTP_HOST'),
     'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
     'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
-    'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')),
+    'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'),
     'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
     'mail_smtpname' => getenv('SMTP_NAME') ?: '',
     'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
     'mail_domain' => getenv('MAIL_DOMAIN'),
   );
 
-  if (getenv('SMTP_PASSWORD_FILE')) {
-      $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE')));
-  } elseif (getenv('SMTP_PASSWORD')) {
+  if (getenv('SMTP_PASSWORD')) {
       $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD');
   } else {
       $CONFIG['mail_smtppassword'] = '';

28/apache/Dockerfile

@@ -21,6 +21,7 @@ RUN set -ex; \
 # see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html
 ENV PHP_MEMORY_LIMIT 512M
 ENV PHP_UPLOAD_LIMIT 512M
+ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128
 RUN set -ex; \
     \
     savedAptMark="$(apt-mark showmanual)"; \
@@ -98,7 +99,7 @@ RUN { \
         echo 'opcache.enable=1'; \
         echo 'opcache.interned_strings_buffer=32'; \
         echo 'opcache.max_accelerated_files=10000'; \
-        echo 'opcache.memory_consumption=128'; \
+        echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \
         echo 'opcache.save_comments=1'; \
         echo 'opcache.revalidate_freq=60'; \
         echo 'opcache.jit=1255'; \

28/apache/config/autoconfig.php

@@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) {
     $AUTOCONFIG['dbtype'] = 'sqlite';
     $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE');
     $autoconfig_enabled = true;
-} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) {
-    $AUTOCONFIG['dbtype'] = 'mysql';
-    $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE')));
-    $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE')));
-    $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE')));
-    $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
-    $autoconfig_enabled = true;
 } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
     $AUTOCONFIG['dbtype'] = 'mysql';
     $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE');
@@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) {
     $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD');
     $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
     $autoconfig_enabled = true;
-} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) {
-    $AUTOCONFIG['dbtype'] = 'pgsql';
-    $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE')));
-    $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE')));
-    $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE')));
-    $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
-    $autoconfig_enabled = true;
 } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
     $AUTOCONFIG['dbtype'] = 'pgsql';
     $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB');

28/apache/config/redis.config.php

@@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) {
     'memcache.locking' => '\OC\Memcache\Redis',
     'redis' => array(
       'host' => getenv('REDIS_HOST'),
-      'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'),
+      'password' => (string) getenv('REDIS_HOST_PASSWORD'),
     ),
   );
 
@@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) {
   } elseif (getenv('REDIS_HOST')[0] != '/') {
     $CONFIG['redis']['port'] = 6379;
   }
+
+  if (getenv('REDIS_HOST_USER') !== false) {
+    $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER');
+  }
 }

28/apache/config/s3.config.php

@@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) {
     )
   );
 
-  if (getenv('OBJECTSTORE_S3_KEY_FILE')) {
-    $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_KEY')) {
+  if (getenv('OBJECTSTORE_S3_KEY')) {
     $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY');
   } else {
     $CONFIG['objectstore']['arguments']['key'] = '';
   }
 
-  if (getenv('OBJECTSTORE_S3_SECRET_FILE')) {
-    $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_SECRET')) {
+  if (getenv('OBJECTSTORE_S3_SECRET')) {
     $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET');
   } else {
     $CONFIG['objectstore']['arguments']['secret'] = '';
   }
 
-  if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) {
-    $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
+  if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
     $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY');
   }
 }

28/apache/config/smtp.config.php

@@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN'))
     'mail_smtphost' => getenv('SMTP_HOST'),
     'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
     'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
-    'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')),
+    'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'),
     'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
     'mail_smtpname' => getenv('SMTP_NAME') ?: '',
     'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
     'mail_domain' => getenv('MAIL_DOMAIN'),
   );
 
-  if (getenv('SMTP_PASSWORD_FILE')) {
-      $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE')));
-  } elseif (getenv('SMTP_PASSWORD')) {
+  if (getenv('SMTP_PASSWORD')) {
       $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD');
   } else {
       $CONFIG['mail_smtppassword'] = '';

28/apache/entrypoint.sh

@@ -63,14 +63,16 @@ file_env() {
     local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
     local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
     if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
-        echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
-        exit 1
+        echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)"
     fi
-    if [ -n "${varValue}" ]; then
-        export "$var"="${varValue}"
-    elif [ -n "${fileVarValue}" ]; then
+    if [ -n "${fileVarValue}" ]; then
+        echo "note: taking ${fileVar} file for ${var} value"
         export "$var"="$(cat "${fileVarValue}")"
+    elif [ -n "${varValue}" ]; then
+        echo "note: using ${var} variable for ${var} value"
+        export "$var"="${varValue}"
     elif [ -n "${def}" ]; then
+        echo "note: using invoked definition for ${var} value"
         export "$var"="$def"
     fi
     unset "$fileVar"
@@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then
     fi
 fi
 
+# All possible content secrets to variable
+file_env NEXTCLOUD_ADMIN_PASSWORD
+file_env NEXTCLOUD_ADMIN_USER
+file_env MYSQL_DATABASE
+file_env MYSQL_PASSWORD
+file_env MYSQL_USER
+file_env POSTGRES_DB
+file_env POSTGRES_PASSWORD
+file_env POSTGRES_USER
+file_env REDIS_HOST_PASSWORD
+file_env SMTP_PASSWORD
+file_env OBJECTSTORE_S3_KEY
+file_env OBJECTSTORE_S3_SECRET
+file_env OBJECTSTORE_S3_SSE_C_KEY
+
 if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then
     uid="$(id -u)"
     gid="$(id -g)"

28/fpm-alpine/Dockerfile

@@ -1,5 +1,5 @@
 # DO NOT EDIT: created by update.sh from Dockerfile-alpine.template
-FROM php:8.2-fpm-alpine3.20
+FROM php:8.2-fpm-alpine3.21
 
 # entrypoint.sh and cron.sh dependencies
 RUN set -ex; \
@@ -89,11 +89,12 @@ RUN set -ex; \
 # see https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html#enable-php-opcache
 ENV PHP_MEMORY_LIMIT 512M
 ENV PHP_UPLOAD_LIMIT 512M
+ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128
 RUN { \
         echo 'opcache.enable=1'; \
         echo 'opcache.interned_strings_buffer=32'; \
         echo 'opcache.max_accelerated_files=10000'; \
-        echo 'opcache.memory_consumption=128'; \
+        echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \
         echo 'opcache.save_comments=1'; \
         echo 'opcache.revalidate_freq=60'; \
         echo 'opcache.jit=1255'; \

28/fpm-alpine/config/autoconfig.php

@@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) {
     $AUTOCONFIG['dbtype'] = 'sqlite';
     $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE');
     $autoconfig_enabled = true;
-} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) {
-    $AUTOCONFIG['dbtype'] = 'mysql';
-    $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE')));
-    $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE')));
-    $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE')));
-    $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
-    $autoconfig_enabled = true;
 } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
     $AUTOCONFIG['dbtype'] = 'mysql';
     $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE');
@@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) {
     $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD');
     $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
     $autoconfig_enabled = true;
-} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) {
-    $AUTOCONFIG['dbtype'] = 'pgsql';
-    $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE')));
-    $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE')));
-    $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE')));
-    $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
-    $autoconfig_enabled = true;
 } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
     $AUTOCONFIG['dbtype'] = 'pgsql';
     $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB');

28/fpm-alpine/config/redis.config.php

@@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) {
     'memcache.locking' => '\OC\Memcache\Redis',
     'redis' => array(
       'host' => getenv('REDIS_HOST'),
-      'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'),
+      'password' => (string) getenv('REDIS_HOST_PASSWORD'),
     ),
   );
 
@@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) {
   } elseif (getenv('REDIS_HOST')[0] != '/') {
     $CONFIG['redis']['port'] = 6379;
   }
+
+  if (getenv('REDIS_HOST_USER') !== false) {
+    $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER');
+  }
 }

28/fpm-alpine/config/s3.config.php

@@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) {
     )
   );
 
-  if (getenv('OBJECTSTORE_S3_KEY_FILE')) {
-    $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_KEY')) {
+  if (getenv('OBJECTSTORE_S3_KEY')) {
     $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY');
   } else {
     $CONFIG['objectstore']['arguments']['key'] = '';
   }
 
-  if (getenv('OBJECTSTORE_S3_SECRET_FILE')) {
-    $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_SECRET')) {
+  if (getenv('OBJECTSTORE_S3_SECRET')) {
     $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET');
   } else {
     $CONFIG['objectstore']['arguments']['secret'] = '';
   }
 
-  if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) {
-    $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
+  if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
     $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY');
   }
 }

28/fpm-alpine/config/smtp.config.php

@@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN'))
     'mail_smtphost' => getenv('SMTP_HOST'),
     'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
     'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
-    'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')),
+    'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'),
     'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
     'mail_smtpname' => getenv('SMTP_NAME') ?: '',
     'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
     'mail_domain' => getenv('MAIL_DOMAIN'),
   );
 
-  if (getenv('SMTP_PASSWORD_FILE')) {
-      $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE')));
-  } elseif (getenv('SMTP_PASSWORD')) {
+  if (getenv('SMTP_PASSWORD')) {
       $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD');
   } else {
       $CONFIG['mail_smtppassword'] = '';

28/fpm-alpine/entrypoint.sh

@@ -63,14 +63,16 @@ file_env() {
     local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
     local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
     if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
-        echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
-        exit 1
+        echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)"
     fi
-    if [ -n "${varValue}" ]; then
-        export "$var"="${varValue}"
-    elif [ -n "${fileVarValue}" ]; then
+    if [ -n "${fileVarValue}" ]; then
+        echo "note: taking ${fileVar} file for ${var} value"
         export "$var"="$(cat "${fileVarValue}")"
+    elif [ -n "${varValue}" ]; then
+        echo "note: using ${var} variable for ${var} value"
+        export "$var"="${varValue}"
     elif [ -n "${def}" ]; then
+        echo "note: using invoked definition for ${var} value"
         export "$var"="$def"
     fi
     unset "$fileVar"
@@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then
     fi
 fi
 
+# All possible content secrets to variable
+file_env NEXTCLOUD_ADMIN_PASSWORD
+file_env NEXTCLOUD_ADMIN_USER
+file_env MYSQL_DATABASE
+file_env MYSQL_PASSWORD
+file_env MYSQL_USER
+file_env POSTGRES_DB
+file_env POSTGRES_PASSWORD
+file_env POSTGRES_USER
+file_env REDIS_HOST_PASSWORD
+file_env SMTP_PASSWORD
+file_env OBJECTSTORE_S3_KEY
+file_env OBJECTSTORE_S3_SECRET
+file_env OBJECTSTORE_S3_SSE_C_KEY
+
 if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then
     uid="$(id -u)"
     gid="$(id -g)"

28/fpm/Dockerfile

@@ -21,6 +21,7 @@ RUN set -ex; \
 # see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html
 ENV PHP_MEMORY_LIMIT 512M
 ENV PHP_UPLOAD_LIMIT 512M
+ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128
 RUN set -ex; \
     \
     savedAptMark="$(apt-mark showmanual)"; \
@@ -98,7 +99,7 @@ RUN { \
         echo 'opcache.enable=1'; \
         echo 'opcache.interned_strings_buffer=32'; \
         echo 'opcache.max_accelerated_files=10000'; \
-        echo 'opcache.memory_consumption=128'; \
+        echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \
         echo 'opcache.save_comments=1'; \
         echo 'opcache.revalidate_freq=60'; \
         echo 'opcache.jit=1255'; \

28/fpm/config/autoconfig.php

@@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) {
     $AUTOCONFIG['dbtype'] = 'sqlite';
     $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE');
     $autoconfig_enabled = true;
-} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) {
-    $AUTOCONFIG['dbtype'] = 'mysql';
-    $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE')));
-    $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE')));
-    $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE')));
-    $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
-    $autoconfig_enabled = true;
 } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
     $AUTOCONFIG['dbtype'] = 'mysql';
     $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE');
@@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) {
     $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD');
     $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
     $autoconfig_enabled = true;
-} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) {
-    $AUTOCONFIG['dbtype'] = 'pgsql';
-    $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE')));
-    $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE')));
-    $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE')));
-    $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
-    $autoconfig_enabled = true;
 } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
     $AUTOCONFIG['dbtype'] = 'pgsql';
     $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB');

28/fpm/config/redis.config.php

@@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) {
     'memcache.locking' => '\OC\Memcache\Redis',
     'redis' => array(
       'host' => getenv('REDIS_HOST'),
-      'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'),
+      'password' => (string) getenv('REDIS_HOST_PASSWORD'),
     ),
   );
 
@@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) {
   } elseif (getenv('REDIS_HOST')[0] != '/') {
     $CONFIG['redis']['port'] = 6379;
   }
+
+  if (getenv('REDIS_HOST_USER') !== false) {
+    $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER');
+  }
 }

28/fpm/config/s3.config.php

@@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) {
     )
   );
 
-  if (getenv('OBJECTSTORE_S3_KEY_FILE')) {
-    $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_KEY')) {
+  if (getenv('OBJECTSTORE_S3_KEY')) {
     $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY');
   } else {
     $CONFIG['objectstore']['arguments']['key'] = '';
   }
 
-  if (getenv('OBJECTSTORE_S3_SECRET_FILE')) {
-    $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_SECRET')) {
+  if (getenv('OBJECTSTORE_S3_SECRET')) {
     $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET');
   } else {
     $CONFIG['objectstore']['arguments']['secret'] = '';
   }
 
-  if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) {
-    $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
+  if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
     $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY');
   }
 }

28/fpm/config/smtp.config.php

@@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN'))
     'mail_smtphost' => getenv('SMTP_HOST'),
     'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
     'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
-    'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')),
+    'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'),
     'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
     'mail_smtpname' => getenv('SMTP_NAME') ?: '',
     'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
     'mail_domain' => getenv('MAIL_DOMAIN'),
   );
 
-  if (getenv('SMTP_PASSWORD_FILE')) {
-      $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE')));
-  } elseif (getenv('SMTP_PASSWORD')) {
+  if (getenv('SMTP_PASSWORD')) {
       $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD');
   } else {
       $CONFIG['mail_smtppassword'] = '';

28/fpm/entrypoint.sh

@@ -63,14 +63,16 @@ file_env() {
     local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
     local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
     if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
-        echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
-        exit 1
+        echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)"
     fi
-    if [ -n "${varValue}" ]; then
-        export "$var"="${varValue}"
-    elif [ -n "${fileVarValue}" ]; then
+    if [ -n "${fileVarValue}" ]; then
+        echo "note: taking ${fileVar} file for ${var} value"
         export "$var"="$(cat "${fileVarValue}")"
+    elif [ -n "${varValue}" ]; then
+        echo "note: using ${var} variable for ${var} value"
+        export "$var"="${varValue}"
     elif [ -n "${def}" ]; then
+        echo "note: using invoked definition for ${var} value"
         export "$var"="$def"
     fi
     unset "$fileVar"
@@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then
     fi
 fi
 
+# All possible content secrets to variable
+file_env NEXTCLOUD_ADMIN_PASSWORD
+file_env NEXTCLOUD_ADMIN_USER
+file_env MYSQL_DATABASE
+file_env MYSQL_PASSWORD
+file_env MYSQL_USER
+file_env POSTGRES_DB
+file_env POSTGRES_PASSWORD
+file_env POSTGRES_USER
+file_env REDIS_HOST_PASSWORD
+file_env SMTP_PASSWORD
+file_env OBJECTSTORE_S3_KEY
+file_env OBJECTSTORE_S3_SECRET
+file_env OBJECTSTORE_S3_SSE_C_KEY
+
 if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then
     uid="$(id -u)"
     gid="$(id -g)"

29/apache/Dockerfile

@@ -21,6 +21,7 @@ RUN set -ex; \
 # see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html
 ENV PHP_MEMORY_LIMIT 512M
 ENV PHP_UPLOAD_LIMIT 512M
+ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128
 RUN set -ex; \
     \
     savedAptMark="$(apt-mark showmanual)"; \
@@ -98,7 +99,7 @@ RUN { \
         echo 'opcache.enable=1'; \
         echo 'opcache.interned_strings_buffer=32'; \
         echo 'opcache.max_accelerated_files=10000'; \
-        echo 'opcache.memory_consumption=128'; \
+        echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \
         echo 'opcache.save_comments=1'; \
         echo 'opcache.revalidate_freq=60'; \
         echo 'opcache.jit=1255'; \
@@ -140,7 +141,7 @@ RUN { \
     } > /etc/apache2/conf-available/apache-limits.conf; \
     a2enconf apache-limits
 
-ENV NEXTCLOUD_VERSION 29.0.10
+ENV NEXTCLOUD_VERSION 29.0.11
 
 RUN set -ex; \
     fetchDeps=" \
@@ -150,8 +151,8 @@ RUN set -ex; \
     apt-get update; \
     apt-get install -y --no-install-recommends $fetchDeps; \
     \
-    curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-29.0.10.tar.bz2"; \
-    curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-29.0.10.tar.bz2.asc"; \
+    curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-29.0.11.tar.bz2"; \
+    curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-29.0.11.tar.bz2.asc"; \
     export GNUPGHOME="$(mktemp -d)"; \
 # gpg key from https://nextcloud.com/nextcloud.asc
     gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \

29/apache/config/autoconfig.php

@@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) {
     $AUTOCONFIG['dbtype'] = 'sqlite';
     $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE');
     $autoconfig_enabled = true;
-} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) {
-    $AUTOCONFIG['dbtype'] = 'mysql';
-    $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE')));
-    $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE')));
-    $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE')));
-    $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
-    $autoconfig_enabled = true;
 } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
     $AUTOCONFIG['dbtype'] = 'mysql';
     $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE');
@@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) {
     $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD');
     $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
     $autoconfig_enabled = true;
-} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) {
-    $AUTOCONFIG['dbtype'] = 'pgsql';
-    $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE')));
-    $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE')));
-    $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE')));
-    $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
-    $autoconfig_enabled = true;
 } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
     $AUTOCONFIG['dbtype'] = 'pgsql';
     $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB');

29/apache/config/redis.config.php

@@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) {
     'memcache.locking' => '\OC\Memcache\Redis',
     'redis' => array(
       'host' => getenv('REDIS_HOST'),
-      'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'),
+      'password' => (string) getenv('REDIS_HOST_PASSWORD'),
     ),
   );
 
@@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) {
   } elseif (getenv('REDIS_HOST')[0] != '/') {
     $CONFIG['redis']['port'] = 6379;
   }
+
+  if (getenv('REDIS_HOST_USER') !== false) {
+    $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER');
+  }
 }

29/apache/config/s3.config.php

@@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) {
     )
   );
 
-  if (getenv('OBJECTSTORE_S3_KEY_FILE')) {
-    $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_KEY')) {
+  if (getenv('OBJECTSTORE_S3_KEY')) {
     $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY');
   } else {
     $CONFIG['objectstore']['arguments']['key'] = '';
   }
 
-  if (getenv('OBJECTSTORE_S3_SECRET_FILE')) {
-    $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_SECRET')) {
+  if (getenv('OBJECTSTORE_S3_SECRET')) {
     $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET');
   } else {
     $CONFIG['objectstore']['arguments']['secret'] = '';
   }
 
-  if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) {
-    $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
+  if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
     $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY');
   }
 }

29/apache/config/smtp.config.php

@@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN'))
     'mail_smtphost' => getenv('SMTP_HOST'),
     'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
     'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
-    'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')),
+    'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'),
     'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
     'mail_smtpname' => getenv('SMTP_NAME') ?: '',
     'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
     'mail_domain' => getenv('MAIL_DOMAIN'),
   );
 
-  if (getenv('SMTP_PASSWORD_FILE')) {
-      $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE')));
-  } elseif (getenv('SMTP_PASSWORD')) {
+  if (getenv('SMTP_PASSWORD')) {
       $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD');
   } else {
       $CONFIG['mail_smtppassword'] = '';

29/apache/entrypoint.sh

@@ -63,14 +63,16 @@ file_env() {
     local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
     local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
     if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
-        echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
-        exit 1
+        echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)"
     fi
-    if [ -n "${varValue}" ]; then
-        export "$var"="${varValue}"
-    elif [ -n "${fileVarValue}" ]; then
+    if [ -n "${fileVarValue}" ]; then
+        echo "note: taking ${fileVar} file for ${var} value"
         export "$var"="$(cat "${fileVarValue}")"
+    elif [ -n "${varValue}" ]; then
+        echo "note: using ${var} variable for ${var} value"
+        export "$var"="${varValue}"
     elif [ -n "${def}" ]; then
+        echo "note: using invoked definition for ${var} value"
         export "$var"="$def"
     fi
     unset "$fileVar"
@@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then
     fi
 fi
 
+# All possible content secrets to variable
+file_env NEXTCLOUD_ADMIN_PASSWORD
+file_env NEXTCLOUD_ADMIN_USER
+file_env MYSQL_DATABASE
+file_env MYSQL_PASSWORD
+file_env MYSQL_USER
+file_env POSTGRES_DB
+file_env POSTGRES_PASSWORD
+file_env POSTGRES_USER
+file_env REDIS_HOST_PASSWORD
+file_env SMTP_PASSWORD
+file_env OBJECTSTORE_S3_KEY
+file_env OBJECTSTORE_S3_SECRET
+file_env OBJECTSTORE_S3_SSE_C_KEY
+
 if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then
     uid="$(id -u)"
     gid="$(id -g)"

29/fpm-alpine/Dockerfile

@@ -1,5 +1,5 @@
 # DO NOT EDIT: created by update.sh from Dockerfile-alpine.template
-FROM php:8.2-fpm-alpine3.20
+FROM php:8.2-fpm-alpine3.21
 
 # entrypoint.sh and cron.sh dependencies
 RUN set -ex; \
@@ -89,11 +89,12 @@ RUN set -ex; \
 # see https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html#enable-php-opcache
 ENV PHP_MEMORY_LIMIT 512M
 ENV PHP_UPLOAD_LIMIT 512M
+ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128
 RUN { \
         echo 'opcache.enable=1'; \
         echo 'opcache.interned_strings_buffer=32'; \
         echo 'opcache.max_accelerated_files=10000'; \
-        echo 'opcache.memory_consumption=128'; \
+        echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \
         echo 'opcache.save_comments=1'; \
         echo 'opcache.revalidate_freq=60'; \
         echo 'opcache.jit=1255'; \
@@ -120,7 +121,7 @@ RUN { \
 VOLUME /var/www/html
 
 
-ENV NEXTCLOUD_VERSION 29.0.10
+ENV NEXTCLOUD_VERSION 29.0.11
 
 RUN set -ex; \
     apk add --no-cache --virtual .fetch-deps \
@@ -128,8 +129,8 @@ RUN set -ex; \
         gnupg \
     ; \
     \
-    curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-29.0.10.tar.bz2"; \
-    curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-29.0.10.tar.bz2.asc"; \
+    curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-29.0.11.tar.bz2"; \
+    curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-29.0.11.tar.bz2.asc"; \
     export GNUPGHOME="$(mktemp -d)"; \
 # gpg key from https://nextcloud.com/nextcloud.asc
     gpg --batch --keyserver keyserver.ubuntu.com  --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \

29/fpm-alpine/config/autoconfig.php

@@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) {
     $AUTOCONFIG['dbtype'] = 'sqlite';
     $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE');
     $autoconfig_enabled = true;
-} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) {
-    $AUTOCONFIG['dbtype'] = 'mysql';
-    $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE')));
-    $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE')));
-    $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE')));
-    $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
-    $autoconfig_enabled = true;
 } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
     $AUTOCONFIG['dbtype'] = 'mysql';
     $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE');
@@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) {
     $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD');
     $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
     $autoconfig_enabled = true;
-} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) {
-    $AUTOCONFIG['dbtype'] = 'pgsql';
-    $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE')));
-    $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE')));
-    $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE')));
-    $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
-    $autoconfig_enabled = true;
 } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
     $AUTOCONFIG['dbtype'] = 'pgsql';
     $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB');

29/fpm-alpine/config/redis.config.php

@@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) {
     'memcache.locking' => '\OC\Memcache\Redis',
     'redis' => array(
       'host' => getenv('REDIS_HOST'),
-      'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'),
+      'password' => (string) getenv('REDIS_HOST_PASSWORD'),
     ),
   );
 
@@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) {
   } elseif (getenv('REDIS_HOST')[0] != '/') {
     $CONFIG['redis']['port'] = 6379;
   }
+
+  if (getenv('REDIS_HOST_USER') !== false) {
+    $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER');
+  }
 }

29/fpm-alpine/config/s3.config.php

@@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) {
     )
   );
 
-  if (getenv('OBJECTSTORE_S3_KEY_FILE')) {
-    $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_KEY')) {
+  if (getenv('OBJECTSTORE_S3_KEY')) {
     $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY');
   } else {
     $CONFIG['objectstore']['arguments']['key'] = '';
   }
 
-  if (getenv('OBJECTSTORE_S3_SECRET_FILE')) {
-    $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_SECRET')) {
+  if (getenv('OBJECTSTORE_S3_SECRET')) {
     $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET');
   } else {
     $CONFIG['objectstore']['arguments']['secret'] = '';
   }
 
-  if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) {
-    $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
+  if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
     $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY');
   }
 }

29/fpm-alpine/config/smtp.config.php

@@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN'))
     'mail_smtphost' => getenv('SMTP_HOST'),
     'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
     'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
-    'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')),
+    'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'),
     'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
     'mail_smtpname' => getenv('SMTP_NAME') ?: '',
     'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
     'mail_domain' => getenv('MAIL_DOMAIN'),
   );
 
-  if (getenv('SMTP_PASSWORD_FILE')) {
-      $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE')));
-  } elseif (getenv('SMTP_PASSWORD')) {
+  if (getenv('SMTP_PASSWORD')) {
       $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD');
   } else {
       $CONFIG['mail_smtppassword'] = '';

29/fpm-alpine/entrypoint.sh

@@ -63,14 +63,16 @@ file_env() {
     local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
     local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
     if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
-        echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
-        exit 1
+        echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)"
     fi
-    if [ -n "${varValue}" ]; then
-        export "$var"="${varValue}"
-    elif [ -n "${fileVarValue}" ]; then
+    if [ -n "${fileVarValue}" ]; then
+        echo "note: taking ${fileVar} file for ${var} value"
         export "$var"="$(cat "${fileVarValue}")"
+    elif [ -n "${varValue}" ]; then
+        echo "note: using ${var} variable for ${var} value"
+        export "$var"="${varValue}"
     elif [ -n "${def}" ]; then
+        echo "note: using invoked definition for ${var} value"
         export "$var"="$def"
     fi
     unset "$fileVar"
@@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then
     fi
 fi
 
+# All possible content secrets to variable
+file_env NEXTCLOUD_ADMIN_PASSWORD
+file_env NEXTCLOUD_ADMIN_USER
+file_env MYSQL_DATABASE
+file_env MYSQL_PASSWORD
+file_env MYSQL_USER
+file_env POSTGRES_DB
+file_env POSTGRES_PASSWORD
+file_env POSTGRES_USER
+file_env REDIS_HOST_PASSWORD
+file_env SMTP_PASSWORD
+file_env OBJECTSTORE_S3_KEY
+file_env OBJECTSTORE_S3_SECRET
+file_env OBJECTSTORE_S3_SSE_C_KEY
+
 if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then
     uid="$(id -u)"
     gid="$(id -g)"

29/fpm/Dockerfile

@@ -21,6 +21,7 @@ RUN set -ex; \
 # see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html
 ENV PHP_MEMORY_LIMIT 512M
 ENV PHP_UPLOAD_LIMIT 512M
+ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128
 RUN set -ex; \
     \
     savedAptMark="$(apt-mark showmanual)"; \
@@ -98,7 +99,7 @@ RUN { \
         echo 'opcache.enable=1'; \
         echo 'opcache.interned_strings_buffer=32'; \
         echo 'opcache.max_accelerated_files=10000'; \
-        echo 'opcache.memory_consumption=128'; \
+        echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \
         echo 'opcache.save_comments=1'; \
         echo 'opcache.revalidate_freq=60'; \
         echo 'opcache.jit=1255'; \
@@ -125,7 +126,7 @@ RUN { \
 VOLUME /var/www/html
 
 
-ENV NEXTCLOUD_VERSION 29.0.10
+ENV NEXTCLOUD_VERSION 29.0.11
 
 RUN set -ex; \
     fetchDeps=" \
@@ -135,8 +136,8 @@ RUN set -ex; \
     apt-get update; \
     apt-get install -y --no-install-recommends $fetchDeps; \
     \
-    curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-29.0.10.tar.bz2"; \
-    curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-29.0.10.tar.bz2.asc"; \
+    curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-29.0.11.tar.bz2"; \
+    curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-29.0.11.tar.bz2.asc"; \
     export GNUPGHOME="$(mktemp -d)"; \
 # gpg key from https://nextcloud.com/nextcloud.asc
     gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \

29/fpm/config/autoconfig.php

@@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) {
     $AUTOCONFIG['dbtype'] = 'sqlite';
     $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE');
     $autoconfig_enabled = true;
-} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) {
-    $AUTOCONFIG['dbtype'] = 'mysql';
-    $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE')));
-    $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE')));
-    $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE')));
-    $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
-    $autoconfig_enabled = true;
 } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
     $AUTOCONFIG['dbtype'] = 'mysql';
     $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE');
@@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) {
     $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD');
     $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
     $autoconfig_enabled = true;
-} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) {
-    $AUTOCONFIG['dbtype'] = 'pgsql';
-    $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE')));
-    $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE')));
-    $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE')));
-    $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
-    $autoconfig_enabled = true;
 } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
     $AUTOCONFIG['dbtype'] = 'pgsql';
     $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB');

29/fpm/config/redis.config.php

@@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) {
     'memcache.locking' => '\OC\Memcache\Redis',
     'redis' => array(
       'host' => getenv('REDIS_HOST'),
-      'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'),
+      'password' => (string) getenv('REDIS_HOST_PASSWORD'),
     ),
   );
 
@@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) {
   } elseif (getenv('REDIS_HOST')[0] != '/') {
     $CONFIG['redis']['port'] = 6379;
   }
+
+  if (getenv('REDIS_HOST_USER') !== false) {
+    $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER');
+  }
 }

29/fpm/config/s3.config.php

@@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) {
     )
   );
 
-  if (getenv('OBJECTSTORE_S3_KEY_FILE')) {
-    $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_KEY')) {
+  if (getenv('OBJECTSTORE_S3_KEY')) {
     $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY');
   } else {
     $CONFIG['objectstore']['arguments']['key'] = '';
   }
 
-  if (getenv('OBJECTSTORE_S3_SECRET_FILE')) {
-    $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_SECRET')) {
+  if (getenv('OBJECTSTORE_S3_SECRET')) {
     $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET');
   } else {
     $CONFIG['objectstore']['arguments']['secret'] = '';
   }
 
-  if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) {
-    $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
+  if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
     $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY');
   }
 }

29/fpm/config/smtp.config.php

@@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN'))
     'mail_smtphost' => getenv('SMTP_HOST'),
     'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
     'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
-    'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')),
+    'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'),
     'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
     'mail_smtpname' => getenv('SMTP_NAME') ?: '',
     'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
     'mail_domain' => getenv('MAIL_DOMAIN'),
   );
 
-  if (getenv('SMTP_PASSWORD_FILE')) {
-      $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE')));
-  } elseif (getenv('SMTP_PASSWORD')) {
+  if (getenv('SMTP_PASSWORD')) {
       $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD');
   } else {
       $CONFIG['mail_smtppassword'] = '';

29/fpm/entrypoint.sh

@@ -63,14 +63,16 @@ file_env() {
     local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
     local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
     if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
-        echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
-        exit 1
+        echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)"
     fi
-    if [ -n "${varValue}" ]; then
-        export "$var"="${varValue}"
-    elif [ -n "${fileVarValue}" ]; then
+    if [ -n "${fileVarValue}" ]; then
+        echo "note: taking ${fileVar} file for ${var} value"
         export "$var"="$(cat "${fileVarValue}")"
+    elif [ -n "${varValue}" ]; then
+        echo "note: using ${var} variable for ${var} value"
+        export "$var"="${varValue}"
     elif [ -n "${def}" ]; then
+        echo "note: using invoked definition for ${var} value"
         export "$var"="$def"
     fi
     unset "$fileVar"
@@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then
     fi
 fi
 
+# All possible content secrets to variable
+file_env NEXTCLOUD_ADMIN_PASSWORD
+file_env NEXTCLOUD_ADMIN_USER
+file_env MYSQL_DATABASE
+file_env MYSQL_PASSWORD
+file_env MYSQL_USER
+file_env POSTGRES_DB
+file_env POSTGRES_PASSWORD
+file_env POSTGRES_USER
+file_env REDIS_HOST_PASSWORD
+file_env SMTP_PASSWORD
+file_env OBJECTSTORE_S3_KEY
+file_env OBJECTSTORE_S3_SECRET
+file_env OBJECTSTORE_S3_SSE_C_KEY
+
 if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then
     uid="$(id -u)"
     gid="$(id -g)"

30/apache/Dockerfile

@@ -21,6 +21,7 @@ RUN set -ex; \
 # see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html
 ENV PHP_MEMORY_LIMIT 512M
 ENV PHP_UPLOAD_LIMIT 512M
+ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128
 RUN set -ex; \
     \
     savedAptMark="$(apt-mark showmanual)"; \
@@ -98,7 +99,7 @@ RUN { \
         echo 'opcache.enable=1'; \
         echo 'opcache.interned_strings_buffer=32'; \
         echo 'opcache.max_accelerated_files=10000'; \
-        echo 'opcache.memory_consumption=128'; \
+        echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \
         echo 'opcache.save_comments=1'; \
         echo 'opcache.revalidate_freq=60'; \
         echo 'opcache.jit=1255'; \
@@ -140,7 +141,7 @@ RUN { \
     } > /etc/apache2/conf-available/apache-limits.conf; \
     a2enconf apache-limits
 
-ENV NEXTCLOUD_VERSION 30.0.4
+ENV NEXTCLOUD_VERSION 30.0.5
 
 RUN set -ex; \
     fetchDeps=" \
@@ -150,8 +151,8 @@ RUN set -ex; \
     apt-get update; \
     apt-get install -y --no-install-recommends $fetchDeps; \
     \
-    curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-30.0.4.tar.bz2"; \
-    curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-30.0.4.tar.bz2.asc"; \
+    curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-30.0.5.tar.bz2"; \
+    curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-30.0.5.tar.bz2.asc"; \
     export GNUPGHOME="$(mktemp -d)"; \
 # gpg key from https://nextcloud.com/nextcloud.asc
     gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \

30/apache/config/autoconfig.php

@@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) {
     $AUTOCONFIG['dbtype'] = 'sqlite';
     $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE');
     $autoconfig_enabled = true;
-} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) {
-    $AUTOCONFIG['dbtype'] = 'mysql';
-    $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE')));
-    $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE')));
-    $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE')));
-    $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
-    $autoconfig_enabled = true;
 } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
     $AUTOCONFIG['dbtype'] = 'mysql';
     $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE');
@@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) {
     $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD');
     $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
     $autoconfig_enabled = true;
-} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) {
-    $AUTOCONFIG['dbtype'] = 'pgsql';
-    $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE')));
-    $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE')));
-    $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE')));
-    $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
-    $autoconfig_enabled = true;
 } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
     $AUTOCONFIG['dbtype'] = 'pgsql';
     $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB');

30/apache/config/redis.config.php

@@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) {
     'memcache.locking' => '\OC\Memcache\Redis',
     'redis' => array(
       'host' => getenv('REDIS_HOST'),
-      'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'),
+      'password' => (string) getenv('REDIS_HOST_PASSWORD'),
     ),
   );
 
@@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) {
   } elseif (getenv('REDIS_HOST')[0] != '/') {
     $CONFIG['redis']['port'] = 6379;
   }
+
+  if (getenv('REDIS_HOST_USER') !== false) {
+    $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER');
+  }
 }

30/apache/config/s3.config.php

@@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) {
     )
   );
 
-  if (getenv('OBJECTSTORE_S3_KEY_FILE')) {
-    $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_KEY')) {
+  if (getenv('OBJECTSTORE_S3_KEY')) {
     $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY');
   } else {
     $CONFIG['objectstore']['arguments']['key'] = '';
   }
 
-  if (getenv('OBJECTSTORE_S3_SECRET_FILE')) {
-    $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_SECRET')) {
+  if (getenv('OBJECTSTORE_S3_SECRET')) {
     $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET');
   } else {
     $CONFIG['objectstore']['arguments']['secret'] = '';
   }
 
-  if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) {
-    $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
+  if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
     $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY');
   }
 }

30/apache/config/smtp.config.php

@@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN'))
     'mail_smtphost' => getenv('SMTP_HOST'),
     'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
     'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
-    'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')),
+    'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'),
     'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
     'mail_smtpname' => getenv('SMTP_NAME') ?: '',
     'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
     'mail_domain' => getenv('MAIL_DOMAIN'),
   );
 
-  if (getenv('SMTP_PASSWORD_FILE')) {
-      $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE')));
-  } elseif (getenv('SMTP_PASSWORD')) {
+  if (getenv('SMTP_PASSWORD')) {
       $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD');
   } else {
       $CONFIG['mail_smtppassword'] = '';

30/apache/entrypoint.sh

@@ -63,14 +63,16 @@ file_env() {
     local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
     local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
     if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
-        echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
-        exit 1
+        echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)"
     fi
-    if [ -n "${varValue}" ]; then
-        export "$var"="${varValue}"
-    elif [ -n "${fileVarValue}" ]; then
+    if [ -n "${fileVarValue}" ]; then
+        echo "note: taking ${fileVar} file for ${var} value"
         export "$var"="$(cat "${fileVarValue}")"
+    elif [ -n "${varValue}" ]; then
+        echo "note: using ${var} variable for ${var} value"
+        export "$var"="${varValue}"
     elif [ -n "${def}" ]; then
+        echo "note: using invoked definition for ${var} value"
         export "$var"="$def"
     fi
     unset "$fileVar"
@@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then
     fi
 fi
 
+# All possible content secrets to variable
+file_env NEXTCLOUD_ADMIN_PASSWORD
+file_env NEXTCLOUD_ADMIN_USER
+file_env MYSQL_DATABASE
+file_env MYSQL_PASSWORD
+file_env MYSQL_USER
+file_env POSTGRES_DB
+file_env POSTGRES_PASSWORD
+file_env POSTGRES_USER
+file_env REDIS_HOST_PASSWORD
+file_env SMTP_PASSWORD
+file_env OBJECTSTORE_S3_KEY
+file_env OBJECTSTORE_S3_SECRET
+file_env OBJECTSTORE_S3_SSE_C_KEY
+
 if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then
     uid="$(id -u)"
     gid="$(id -g)"

30/fpm-alpine/Dockerfile

@@ -1,5 +1,5 @@
 # DO NOT EDIT: created by update.sh from Dockerfile-alpine.template
-FROM php:8.2-fpm-alpine3.20
+FROM php:8.2-fpm-alpine3.21
 
 # entrypoint.sh and cron.sh dependencies
 RUN set -ex; \
@@ -89,11 +89,12 @@ RUN set -ex; \
 # see https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html#enable-php-opcache
 ENV PHP_MEMORY_LIMIT 512M
 ENV PHP_UPLOAD_LIMIT 512M
+ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128
 RUN { \
         echo 'opcache.enable=1'; \
         echo 'opcache.interned_strings_buffer=32'; \
         echo 'opcache.max_accelerated_files=10000'; \
-        echo 'opcache.memory_consumption=128'; \
+        echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \
         echo 'opcache.save_comments=1'; \
         echo 'opcache.revalidate_freq=60'; \
         echo 'opcache.jit=1255'; \
@@ -120,7 +121,7 @@ RUN { \
 VOLUME /var/www/html
 
 
-ENV NEXTCLOUD_VERSION 30.0.4
+ENV NEXTCLOUD_VERSION 30.0.5
 
 RUN set -ex; \
     apk add --no-cache --virtual .fetch-deps \
@@ -128,8 +129,8 @@ RUN set -ex; \
         gnupg \
     ; \
     \
-    curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-30.0.4.tar.bz2"; \
-    curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-30.0.4.tar.bz2.asc"; \
+    curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-30.0.5.tar.bz2"; \
+    curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-30.0.5.tar.bz2.asc"; \
     export GNUPGHOME="$(mktemp -d)"; \
 # gpg key from https://nextcloud.com/nextcloud.asc
     gpg --batch --keyserver keyserver.ubuntu.com  --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \

30/fpm-alpine/config/autoconfig.php

@@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) {
     $AUTOCONFIG['dbtype'] = 'sqlite';
     $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE');
     $autoconfig_enabled = true;
-} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) {
-    $AUTOCONFIG['dbtype'] = 'mysql';
-    $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE')));
-    $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE')));
-    $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE')));
-    $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
-    $autoconfig_enabled = true;
 } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
     $AUTOCONFIG['dbtype'] = 'mysql';
     $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE');
@@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) {
     $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD');
     $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
     $autoconfig_enabled = true;
-} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) {
-    $AUTOCONFIG['dbtype'] = 'pgsql';
-    $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE')));
-    $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE')));
-    $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE')));
-    $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
-    $autoconfig_enabled = true;
 } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
     $AUTOCONFIG['dbtype'] = 'pgsql';
     $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB');

30/fpm-alpine/config/redis.config.php

@@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) {
     'memcache.locking' => '\OC\Memcache\Redis',
     'redis' => array(
       'host' => getenv('REDIS_HOST'),
-      'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'),
+      'password' => (string) getenv('REDIS_HOST_PASSWORD'),
     ),
   );
 
@@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) {
   } elseif (getenv('REDIS_HOST')[0] != '/') {
     $CONFIG['redis']['port'] = 6379;
   }
+
+  if (getenv('REDIS_HOST_USER') !== false) {
+    $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER');
+  }
 }

30/fpm-alpine/config/s3.config.php

@@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) {
     )
   );
 
-  if (getenv('OBJECTSTORE_S3_KEY_FILE')) {
-    $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_KEY')) {
+  if (getenv('OBJECTSTORE_S3_KEY')) {
     $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY');
   } else {
     $CONFIG['objectstore']['arguments']['key'] = '';
   }
 
-  if (getenv('OBJECTSTORE_S3_SECRET_FILE')) {
-    $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_SECRET')) {
+  if (getenv('OBJECTSTORE_S3_SECRET')) {
     $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET');
   } else {
     $CONFIG['objectstore']['arguments']['secret'] = '';
   }
 
-  if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) {
-    $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
+  if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
     $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY');
   }
 }

30/fpm-alpine/config/smtp.config.php

@@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN'))
     'mail_smtphost' => getenv('SMTP_HOST'),
     'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
     'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
-    'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')),
+    'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'),
     'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
     'mail_smtpname' => getenv('SMTP_NAME') ?: '',
     'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
     'mail_domain' => getenv('MAIL_DOMAIN'),
   );
 
-  if (getenv('SMTP_PASSWORD_FILE')) {
-      $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE')));
-  } elseif (getenv('SMTP_PASSWORD')) {
+  if (getenv('SMTP_PASSWORD')) {
       $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD');
   } else {
       $CONFIG['mail_smtppassword'] = '';

30/fpm-alpine/entrypoint.sh

@@ -63,14 +63,16 @@ file_env() {
     local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
     local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
     if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
-        echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
-        exit 1
+        echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)"
     fi
-    if [ -n "${varValue}" ]; then
-        export "$var"="${varValue}"
-    elif [ -n "${fileVarValue}" ]; then
+    if [ -n "${fileVarValue}" ]; then
+        echo "note: taking ${fileVar} file for ${var} value"
         export "$var"="$(cat "${fileVarValue}")"
+    elif [ -n "${varValue}" ]; then
+        echo "note: using ${var} variable for ${var} value"
+        export "$var"="${varValue}"
     elif [ -n "${def}" ]; then
+        echo "note: using invoked definition for ${var} value"
         export "$var"="$def"
     fi
     unset "$fileVar"
@@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then
     fi
 fi
 
+# All possible content secrets to variable
+file_env NEXTCLOUD_ADMIN_PASSWORD
+file_env NEXTCLOUD_ADMIN_USER
+file_env MYSQL_DATABASE
+file_env MYSQL_PASSWORD
+file_env MYSQL_USER
+file_env POSTGRES_DB
+file_env POSTGRES_PASSWORD
+file_env POSTGRES_USER
+file_env REDIS_HOST_PASSWORD
+file_env SMTP_PASSWORD
+file_env OBJECTSTORE_S3_KEY
+file_env OBJECTSTORE_S3_SECRET
+file_env OBJECTSTORE_S3_SSE_C_KEY
+
 if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then
     uid="$(id -u)"
     gid="$(id -g)"

30/fpm/Dockerfile

@@ -21,6 +21,7 @@ RUN set -ex; \
 # see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html
 ENV PHP_MEMORY_LIMIT 512M
 ENV PHP_UPLOAD_LIMIT 512M
+ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128
 RUN set -ex; \
     \
     savedAptMark="$(apt-mark showmanual)"; \
@@ -98,7 +99,7 @@ RUN { \
         echo 'opcache.enable=1'; \
         echo 'opcache.interned_strings_buffer=32'; \
         echo 'opcache.max_accelerated_files=10000'; \
-        echo 'opcache.memory_consumption=128'; \
+        echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \
         echo 'opcache.save_comments=1'; \
         echo 'opcache.revalidate_freq=60'; \
         echo 'opcache.jit=1255'; \
@@ -125,7 +126,7 @@ RUN { \
 VOLUME /var/www/html
 
 
-ENV NEXTCLOUD_VERSION 30.0.4
+ENV NEXTCLOUD_VERSION 30.0.5
 
 RUN set -ex; \
     fetchDeps=" \
@@ -135,8 +136,8 @@ RUN set -ex; \
     apt-get update; \
     apt-get install -y --no-install-recommends $fetchDeps; \
     \
-    curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-30.0.4.tar.bz2"; \
-    curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-30.0.4.tar.bz2.asc"; \
+    curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-30.0.5.tar.bz2"; \
+    curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-30.0.5.tar.bz2.asc"; \
     export GNUPGHOME="$(mktemp -d)"; \
 # gpg key from https://nextcloud.com/nextcloud.asc
     gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \

30/fpm/config/autoconfig.php

@@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) {
     $AUTOCONFIG['dbtype'] = 'sqlite';
     $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE');
     $autoconfig_enabled = true;
-} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) {
-    $AUTOCONFIG['dbtype'] = 'mysql';
-    $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE')));
-    $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE')));
-    $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE')));
-    $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
-    $autoconfig_enabled = true;
 } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
     $AUTOCONFIG['dbtype'] = 'mysql';
     $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE');
@@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) {
     $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD');
     $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
     $autoconfig_enabled = true;
-} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) {
-    $AUTOCONFIG['dbtype'] = 'pgsql';
-    $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE')));
-    $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE')));
-    $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE')));
-    $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
-    $autoconfig_enabled = true;
 } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
     $AUTOCONFIG['dbtype'] = 'pgsql';
     $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB');

30/fpm/config/redis.config.php

@@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) {
     'memcache.locking' => '\OC\Memcache\Redis',
     'redis' => array(
       'host' => getenv('REDIS_HOST'),
-      'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'),
+      'password' => (string) getenv('REDIS_HOST_PASSWORD'),
     ),
   );
 
@@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) {
   } elseif (getenv('REDIS_HOST')[0] != '/') {
     $CONFIG['redis']['port'] = 6379;
   }
+
+  if (getenv('REDIS_HOST_USER') !== false) {
+    $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER');
+  }
 }

30/fpm/config/s3.config.php

@@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) {
     )
   );
 
-  if (getenv('OBJECTSTORE_S3_KEY_FILE')) {
-    $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_KEY')) {
+  if (getenv('OBJECTSTORE_S3_KEY')) {
     $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY');
   } else {
     $CONFIG['objectstore']['arguments']['key'] = '';
   }
 
-  if (getenv('OBJECTSTORE_S3_SECRET_FILE')) {
-    $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_SECRET')) {
+  if (getenv('OBJECTSTORE_S3_SECRET')) {
     $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET');
   } else {
     $CONFIG['objectstore']['arguments']['secret'] = '';
   }
 
-  if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) {
-    $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')));
-  } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
+  if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
     $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY');
   }
 }

30/fpm/config/smtp.config.php

@@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN'))
     'mail_smtphost' => getenv('SMTP_HOST'),
     'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
     'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
-    'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')),
+    'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'),
     'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
     'mail_smtpname' => getenv('SMTP_NAME') ?: '',
     'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
     'mail_domain' => getenv('MAIL_DOMAIN'),
   );
 
-  if (getenv('SMTP_PASSWORD_FILE')) {
-      $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE')));
-  } elseif (getenv('SMTP_PASSWORD')) {
+  if (getenv('SMTP_PASSWORD')) {
       $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD');
   } else {
       $CONFIG['mail_smtppassword'] = '';

30/fpm/entrypoint.sh

@@ -63,14 +63,16 @@ file_env() {
     local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
     local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
     if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
-        echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
-        exit 1
+        echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)"
     fi
-    if [ -n "${varValue}" ]; then
-        export "$var"="${varValue}"
-    elif [ -n "${fileVarValue}" ]; then
+    if [ -n "${fileVarValue}" ]; then
+        echo "note: taking ${fileVar} file for ${var} value"
         export "$var"="$(cat "${fileVarValue}")"
+    elif [ -n "${varValue}" ]; then
+        echo "note: using ${var} variable for ${var} value"
+        export "$var"="${varValue}"
     elif [ -n "${def}" ]; then
+        echo "note: using invoked definition for ${var} value"
         export "$var"="$def"
     fi
     unset "$fileVar"
@@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then
     fi
 fi
 
+# All possible content secrets to variable
+file_env NEXTCLOUD_ADMIN_PASSWORD
+file_env NEXTCLOUD_ADMIN_USER
+file_env MYSQL_DATABASE
+file_env MYSQL_PASSWORD
+file_env MYSQL_USER
+file_env POSTGRES_DB
+file_env POSTGRES_PASSWORD
+file_env POSTGRES_USER
+file_env REDIS_HOST_PASSWORD
+file_env SMTP_PASSWORD
+file_env OBJECTSTORE_S3_KEY
+file_env OBJECTSTORE_S3_SECRET
+file_env OBJECTSTORE_S3_SSE_C_KEY
+
 if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then
     uid="$(id -u)"
     gid="$(id -g)"

Dockerfile-alpine.template

@@ -88,11 +88,12 @@ RUN set -ex; \
 # see https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html#enable-php-opcache
 ENV PHP_MEMORY_LIMIT 512M
 ENV PHP_UPLOAD_LIMIT 512M
+ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128
 RUN { \
         echo 'opcache.enable=1'; \
         echo 'opcache.interned_strings_buffer=32'; \
         echo 'opcache.max_accelerated_files=10000'; \
-        echo 'opcache.memory_consumption=128'; \
+        echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \
         echo 'opcache.save_comments=1'; \
         echo 'opcache.revalidate_freq=60'; \
         echo 'opcache.jit=1255'; \

Dockerfile-debian.template

@@ -20,6 +20,7 @@ RUN set -ex; \
 # see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html
 ENV PHP_MEMORY_LIMIT 512M
 ENV PHP_UPLOAD_LIMIT 512M
+ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128
 RUN set -ex; \
     \
     savedAptMark="$(apt-mark showmanual)"; \
@@ -97,7 +98,7 @@ RUN { \
         echo 'opcache.enable=1'; \
         echo 'opcache.interned_strings_buffer=32'; \
         echo 'opcache.max_accelerated_files=10000'; \
-        echo 'opcache.memory_consumption=128'; \
+        echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \
         echo 'opcache.save_comments=1'; \
         echo 'opcache.revalidate_freq=60'; \
         echo 'opcache.jit=1255'; \

README.md

@@ -5,6 +5,7 @@
 ![GitHub commit activity](https://img.shields.io/github/commit-activity/m/nextcloud/docker)
 ![GitHub contributors](https://img.shields.io/github/contributors/nextcloud/docker?label=contributors%20-%20Thank%20you!)
 ![Docker Pulls](https://img.shields.io/docker/pulls/library/nextcloud)
+[![Helm](https://img.shields.io/badge/Helm-0F1689?logo=helm&logoColor=fff)](https://github.com/nextcloud/helm/?tab=readme-ov-file)
 
 # What is Nextcloud?
 
@@ -235,6 +236,7 @@ To use Redis for memory caching as well as PHP session storage, specify the foll
 
 - `REDIS_HOST` (not set by default) Name of Redis container
 - `REDIS_HOST_PORT` (default: `6379`) Optional port for Redis, only use for external Redis servers that run on non-standard ports.
+- `REDIS_HOST_USER` (not set by default) Optional username for Redis, only use for external Redis servers that require a user.
 - `REDIS_HOST_PASSWORD` (not set by default) Redis password
 
 Check the [Nextcloud documentation](https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/caching_configuration.html) for more information.
@@ -298,6 +300,7 @@ Check the [Nextcloud documentation](https://docs.nextcloud.com/server/latest/adm
 To customize PHP limits you can change the following variables:
 - `PHP_MEMORY_LIMIT` (default `512M`) This sets the maximum amount of memory in bytes that a script is allowed to allocate. This is meant to help prevent poorly written scripts from eating up all available memory but it can prevent normal operation if set too tight.
 - `PHP_UPLOAD_LIMIT` (default `512M`) This sets the upload limit (`post_max_size` and `upload_max_filesize`) for big files. Note that you may have to change other limits depending on your client, webserver or operating system. Check the [Nextcloud documentation](https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/big_file_upload_configuration.html) for more information.
+- `PHP_OPCACHE_MEMORY_CONSUMPTION` (default `128`) This sets the `opcache.memory_consumption` value. It's the size of the shared memory storage used by OPcache, in megabytes. 
 
 ### Apache Configuration
 

docker-entrypoint.sh

@@ -63,14 +63,16 @@ file_env() {
     local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
     local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
     if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
-        echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
-        exit 1
+        echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)"
     fi
-    if [ -n "${varValue}" ]; then
-        export "$var"="${varValue}"
-    elif [ -n "${fileVarValue}" ]; then
+    if [ -n "${fileVarValue}" ]; then
+        echo "note: taking ${fileVar} file for ${var} value"
         export "$var"="$(cat "${fileVarValue}")"
+    elif [ -n "${varValue}" ]; then
+        echo "note: using ${var} variable for ${var} value"
+        export "$var"="${varValue}"
     elif [ -n "${def}" ]; then
+        echo "note: using invoked definition for ${var} value"
         export "$var"="$def"
     fi
     unset "$fileVar"
@@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then
     fi
 fi
 
+# All possible content secrets to variable
+file_env NEXTCLOUD_ADMIN_PASSWORD
+file_env NEXTCLOUD_ADMIN_USER
+file_env MYSQL_DATABASE
+file_env MYSQL_PASSWORD
+file_env MYSQL_USER
+file_env POSTGRES_DB
+file_env POSTGRES_PASSWORD
+file_env POSTGRES_USER
+file_env REDIS_HOST_PASSWORD
+file_env SMTP_PASSWORD
+file_env OBJECTSTORE_S3_KEY
+file_env OBJECTSTORE_S3_SECRET
+file_env OBJECTSTORE_S3_SSE_C_KEY
+
 if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then
     uid="$(id -u)"
     gid="$(id -g)"

generate-stackbrew-library.sh

@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
 set -Eeuo pipefail
 
-stable_channel='30.0.4'
+stable_channel='30.0.5'
 
 self="$(basename "$BASH_SOURCE")"
 cd "$(dirname "$(readlink -f "$BASH_SOURCE")")"

latest.txt

@@ -1 +1 @@
-30.0.4
+30.0.5

update.sh

@@ -2,7 +2,7 @@
 set -eo pipefail
 
 declare -A alpine_version=(
-	[default]='3.20'
+	[default]='3.21'
 )
 
 declare -A debian_version=(

versions.json

@@ -1,9 +1,9 @@
 {
   "30": {
     "branch": "30",
-    "version": "30.0.4",
-    "url": "https://download.nextcloud.com/server/releases/nextcloud-30.0.4.tar.bz2",
-    "ascUrl": "https://download.nextcloud.com/server/releases/nextcloud-30.0.4.tar.bz2.asc",
+    "version": "30.0.5",
+    "url": "https://download.nextcloud.com/server/releases/nextcloud-30.0.5.tar.bz2",
+    "ascUrl": "https://download.nextcloud.com/server/releases/nextcloud-30.0.5.tar.bz2.asc",
     "variants": {
       "apache": {
         "variant": "apache",
@@ -20,16 +20,16 @@
       "fpm-alpine": {
         "variant": "fpm-alpine",
         "base": "alpine",
-        "baseVersion": "3.20",
+        "baseVersion": "3.21",
         "phpVersion": "8.2"
       }
     }
   },
   "29": {
     "branch": "29",
-    "version": "29.0.10",
-    "url": "https://download.nextcloud.com/server/releases/nextcloud-29.0.10.tar.bz2",
-    "ascUrl": "https://download.nextcloud.com/server/releases/nextcloud-29.0.10.tar.bz2.asc",
+    "version": "29.0.11",
+    "url": "https://download.nextcloud.com/server/releases/nextcloud-29.0.11.tar.bz2",
+    "ascUrl": "https://download.nextcloud.com/server/releases/nextcloud-29.0.11.tar.bz2.asc",
     "variants": {
       "apache": {
         "variant": "apache",
@@ -46,7 +46,7 @@
       "fpm-alpine": {
         "variant": "fpm-alpine",
         "base": "alpine",
-        "baseVersion": "3.20",
+        "baseVersion": "3.21",
         "phpVersion": "8.2"
       }
     }
@@ -72,7 +72,7 @@
       "fpm-alpine": {
         "variant": "fpm-alpine",
         "base": "alpine",
-        "baseVersion": "3.20",
+        "baseVersion": "3.21",
         "phpVersion": "8.2"
       }
     }