Repo-sync

nextcloud-releases · Mar 28, 2024 · 67c153d · 67c153d
1 parent 6eeea33
commit 67c153d
Show file tree

Hide file tree

Showing 34 changed files with 149 additions and 51 deletions.
diff --git a/Containers/clamav/Dockerfile b/Containers/clamav/Dockerfile
@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:latest
 # Probably from this file: https://github.com/Cisco-Talos/clamav-docker/blob/main/clamav/1.1/alpine/Dockerfile
-FROM clamav/clamav:1.3.0-41
+FROM clamav/clamav:1.3.0-44
 
 COPY clamav.conf /tmp/clamav.conf
 

diff --git a/Containers/collabora/Dockerfile b/Containers/collabora/Dockerfile
@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:latest
 # From a file located probably somewhere here: https://github.com/CollaboraOnline/online/tree/master/docker
-FROM collabora/code:23.05.9.3.1
+FROM collabora/code:23.05.10.1.1
 
 USER root
 

diff --git a/Containers/fulltextsearch/Dockerfile b/Containers/fulltextsearch/Dockerfile
@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:latest
 # Probably from here https://github.com/elastic/elasticsearch/blob/main/distribution/docker/src/docker/Dockerfile
-FROM elasticsearch:8.12.2
+FROM elasticsearch:8.13.0
 
 USER root
 

diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile
@@ -1,12 +1,12 @@
 # syntax=docker/dockerfile:latest
 # Docker CLI is a requirement
-FROM docker:25.0.3-cli as docker
+FROM docker:25.0.5-cli as docker
 
 # Caddy is a requirement
 FROM caddy:2.7.6-alpine as caddy
 
 # From https://github.com/docker-library/php/blob/master/8.3/alpine3.19/fpm/Dockerfile
-FROM php:8.3.3-fpm-alpine3.19
+FROM php:8.3.4-fpm-alpine3.19
 
 EXPOSE 80
 EXPOSE 8080

diff --git a/Containers/mastercontainer/start.sh b/Containers/mastercontainer/start.sh
@@ -47,7 +47,7 @@ elif ! sudo -u www-data test -r /var/run/docker.sock; then
     echo "Trying to fix docker.sock permissions internally..."
     DOCKER_GROUP=$(stat -c '%G' /var/run/docker.sock)
     DOCKER_GROUP_ID=$(stat -c '%g' /var/run/docker.sock)
-    # Check if a group with the same group id of /var/run/docker.socket already exists in the container
+    # Check if a group with the same group name of /var/run/docker.socket already exists in the container
     if grep -q "^$DOCKER_GROUP:" /etc/group; then
         # If yes, add www-data to that group
         echo "Adding internal www-data to group $DOCKER_GROUP"
@@ -344,6 +344,7 @@ fi
 print_green "Initial startup of Nextcloud All-in-One complete!
 You should be able to open the Nextcloud AIO Interface now on port 8080 of this server!
 E.g. https://internal.ip.of.this.server:8080
+⚠️ Important: do always use an ip-address if you access this port and not a domain as HSTS might block access to it later!
 
 If your server has port 80 and 8443 open and you point a domain to your server, you can get a valid certificate automatically by opening the Nextcloud AIO Interface via:
 https://your-domain-that-points-to-this-server.tld:8443"

diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile
@@ -1,13 +1,13 @@
 # syntax=docker/dockerfile:latest
-FROM php:8.2.16-fpm-alpine3.19
+FROM php:8.2.17-fpm-alpine3.19
 
 ENV PHP_MEMORY_LIMIT 512M
 ENV PHP_UPLOAD_LIMIT 10G
 ENV PHP_MAX_TIME 3600
 ENV SOURCE_LOCATION /usr/src/nextcloud
 
 # AIO settings start # Do not remove or change this line!
-ENV NEXTCLOUD_VERSION 28.0.3
+ENV NEXTCLOUD_VERSION 28.0.4
 ENV AIO_TOKEN 123456
 ENV AIO_URL localhost
 COPY supervisord.conf /supervisord.conf
@@ -117,6 +117,14 @@ RUN set -ex; \
         echo 'max_input_time=${PHP_MAX_TIME}'; \
     } > /usr/local/etc/php/conf.d/nextcloud.ini; \
     \
+    { \
+        echo 'session.save_handler = redis'; \
+        echo 'session.save_path = "tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}?auth=${REDIS_HOST_PASSWORD}"'; \
+        echo 'redis.session.locking_enabled = 1'; \
+        echo 'redis.session.lock_retries = -1'; \
+        echo 'redis.session.lock_wait_time = 10000'; \
+    } > /usr/local/etc/php/conf.d/redis-session.ini; \
+    \
     mkdir -p /var/www/data; \
     chown -R www-data:root /var/www; \
     chmod -R g=u /var/www; \

diff --git a/Containers/nextcloud/config/apps.config.php b/Containers/nextcloud/config/apps.config.php
@@ -2,12 +2,12 @@
 $CONFIG = array (
   'apps_paths' => array (
       0 => array (
-              'path'     => OC::$SERVERROOT.'/apps',
+              'path'     => '/var/www/html/apps',
               'url'      => '/apps',
               'writable' => false,
       ),
       1 => array (
-              'path'     => OC::$SERVERROOT.'/custom_apps',
+              'path'     => '/var/www/html/custom_apps',
               'url'      => '/custom_apps',
               'writable' => true,
       ),

diff --git a/Containers/nextcloud/config/redis.config.php b/Containers/nextcloud/config/redis.config.php
@@ -6,6 +6,7 @@
     'redis' => array(
       'host' => getenv('REDIS_HOST'),
       'password' => (string) getenv('REDIS_HOST_PASSWORD'),
+      // 'dbindex' => (int) getenv('REDIS_DB_INDEX'),
     ),
   );
 

diff --git a/Containers/nextcloud/entrypoint.sh b/Containers/nextcloud/entrypoint.sh
@@ -19,17 +19,6 @@ run_upgrade_if_needed_due_to_app_update() {
     fi
 }
 
-echo "Configuring Redis as session handler..."
-cat << REDIS_CONF > /usr/local/etc/php/conf.d/redis-session.ini
-session.save_handler = redis
-session.save_path = "tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}?auth=${REDIS_HOST_PASSWORD}"
-redis.session.locking_enabled = 1
-redis.session.lock_retries = -1
-# redis.session.lock_wait_time is specified in microseconds.
-# Wait 10ms before retrying the lock rather than the default 2ms.
-redis.session.lock_wait_time = 10000
-REDIS_CONF
-
 # Check permissions in ncdata
 touch "$NEXTCLOUD_DATA_DIR/this-is-a-test-file" &>/dev/null
 if ! [ -f "$NEXTCLOUD_DATA_DIR/this-is-a-test-file" ]; then
@@ -550,17 +539,22 @@ php /var/www/html/occ config:app:set notify_push base_endpoint --value="https://
 
 # Collabora
 if [ "$COLLABORA_ENABLED" = 'yes' ]; then
+    set -x
+    if [ "$COLLABORA_HOST" = "nextcloud-.*-collabora" ]; then
+        COLLABORA_HOST="$NC_DOMAIN"
+    fi
+    set +x
     if ! [ -d "/var/www/html/custom_apps/richdocuments" ]; then
         php /var/www/html/occ app:install richdocuments
     elif [ "$(php /var/www/html/occ config:app:get richdocuments enabled)" != "yes" ]; then
         php /var/www/html/occ app:enable richdocuments
     elif [ "$SKIP_UPDATE" != 1 ]; then
         php /var/www/html/occ app:update richdocuments
     fi
-    php /var/www/html/occ config:app:set richdocuments wopi_url --value="https://$NC_DOMAIN/"
+    php /var/www/html/occ config:app:set richdocuments wopi_url --value="https://$COLLABORA_HOST/"
     # Make collabora more save
-    COLLABORA_IPv4_ADDRESS="$(dig "$NC_DOMAIN" A +short +search | grep '^[0-9.]\+$' | sort | head -n1)"
-    COLLABORA_IPv6_ADDRESS="$(dig "$NC_DOMAIN" AAAA +short +search | grep '^[0-9a-f:]\+$' | sort | head -n1)"
+    COLLABORA_IPv4_ADDRESS="$(dig "$COLLABORA_HOST" A +short +search | grep '^[0-9.]\+$' | sort | head -n1)"
+    COLLABORA_IPv6_ADDRESS="$(dig "$COLLABORA_HOST" AAAA +short +search | grep '^[0-9a-f:]\+$' | sort | head -n1)"
     COLLABORA_ALLOW_LIST="$(php /var/www/html/occ config:app:get richdocuments wopi_allowlist)"
     if [ -n "$COLLABORA_IPv4_ADDRESS" ]; then
         if ! echo "$COLLABORA_ALLOW_LIST" | grep -q "$COLLABORA_IPv4_ADDRESS"; then
@@ -571,7 +565,7 @@ if [ "$COLLABORA_ENABLED" = 'yes' ]; then
             fi
         fi
     else
-        echo "Warning: No ipv4-address found for $NC_DOMAIN."
+        echo "Warning: No ipv4-address found for $COLLABORA_HOST."
     fi
     if [ -n "$COLLABORA_IPv6_ADDRESS" ]; then
         if ! echo "$COLLABORA_ALLOW_LIST" | grep -q "$COLLABORA_IPv6_ADDRESS"; then
@@ -582,7 +576,7 @@ if [ "$COLLABORA_ENABLED" = 'yes' ]; then
             fi
         fi
     else
-        echo "No ipv6-address found for $NC_DOMAIN."
+        echo "No ipv6-address found for $COLLABORA_HOST."
     fi
     if [ -n "$COLLABORA_ALLOW_LIST" ]; then
         PRIVATE_IP_RANGES='127.0.0.1/8,192.168.0.0/16,172.16.0.0/12,10.0.0.0/8,fd00::/8,::1'

diff --git a/Containers/talk/Dockerfile b/Containers/talk/Dockerfile
@@ -1,5 +1,5 @@
 # syntax=docker/dockerfile:latest
-FROM nats:2.10.11-scratch as nats
+FROM nats:2.10.12-scratch as nats
 FROM eturnal/eturnal:1.12.0 AS eturnal
 FROM strukturag/nextcloud-spreed-signaling:1.2.3 as signaling
 FROM alpine:3.19.1 as janus

diff --git a/community-containers/readme.md b/community-containers/readme.md
@@ -9,13 +9,13 @@ All containers that are in this directory are community maintained so the respon
 ## How to use this?
 Before adding any additional container, make sure to create a backup via the AIO interface!
 
-Afterwards, you might want to add additional community containers to the default AIO stack. You can do so by adding `--env AIO_COMMUNITY_CONTAINERS="container1 container2"` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and customize the value to your fitting. It must match the folder names in this directory! ⚠️⚠️⚠️ Please review the folder for documentation on each of the containers before adding them! Not reviewing the documentation for each of them first might break starting the AIO containers because e.g. fail2ban only works on Linux and not on Docker Desktop!
+Afterwards, you might want to add additional community containers to the default AIO stack. You can do so by adding `--env AIO_COMMUNITY_CONTAINERS="container1 container2"` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and customize the value to your fitting. It must match the folder names in this directory! ⚠️⚠️⚠️ Please review the folder for documentation on each of the containers before adding them! Not reviewing the documentation for each of them first might break starting the AIO containers because e.g. fail2ban only works on Linux and not on Docker Desktop! **Hint:** If the containers where running already, in order to actually start the added container, you need to click on `Stop containers` and the `Update and start containers` in order to actually start it.
 
 ## How to add containers?
 Simply submit a PR by creating a new folder in this directory: https://github.com/nextcloud/all-in-one/tree/main/community-containers with the name of your container. It must include a json file with the same name and with correct syntax and a readme.md with additional information. You might get inspired by caddy, fail2ban, local-ai, libretranslate, plex, pi-hole or vaultwarden (subfolders in this directory). For a full-blown example of the json file, see https://github.com/nextcloud/all-in-one/blob/main/php/containers.json. The json-schema that it validates against can be found here: https://github.com/nextcloud/all-in-one/blob/main/php/containers-schema.json.
 
 ### Is there a list of ideas for new community containers?
-Yes, see [this list](https://github.com/nextcloud/all-in-one/discussions/categories/ideas?discussions_q=is%3Aopen+category%3AIdeas+label%3A%22help+wanted%22) for already existing ideas for new community containers. Feel free to pick one up and add it to this folder by following the instructions above.
+Yes, see [this list](https://github.com/nextcloud/all-in-one/discussions/categories/ideas?discussions_q=is%3Aopen+category%3AIdeas+label%3A%22help+wanted%22+sort%3Atop) for already existing ideas for new community containers. Feel free to pick one up and add it to this folder by following the instructions above.
 
 ## How to remove containers from AIOs stack?
 In some cases, you might want to remove some community containers from the AIO stack again. Here is how to do this.

diff --git a/manual-install/latest.yml b/manual-install/latest.yml
@@ -149,6 +149,7 @@ services:
       - REMOVE_DISABLED_APPS=${REMOVE_DISABLED_APPS}
       - APACHE_PORT=${APACHE_PORT}
       - APACHE_IP_BINDING=${APACHE_IP_BINDING}
+      - IMAGINARY_SECRET=${IMAGINARY_SECRET}
     stop_grace_period: 600s
     restart: unless-stopped
     networks:
@@ -322,6 +323,7 @@ services:
       - "9000"
     environment:
       - TZ=${TIMEZONE}
+      - IMAGINARY_SECRET=${IMAGINARY_SECRET}
     restart: unless-stopped
     cap_add:
       - SYS_NICE

diff --git a/manual-install/sample.conf b/manual-install/sample.conf
@@ -1,5 +1,6 @@
 DATABASE_PASSWORD=          # TODO! This needs to be a unique and good password!
 FULLTEXTSEARCH_PASSWORD=          # TODO! This needs to be a unique and good password!
+IMAGINARY_SECRET=          # TODO! This needs to be a unique and good password!
 NC_DOMAIN=yourdomain.com          # TODO! Needs to be changed to the domain that you want to use for Nextcloud.
 NEXTCLOUD_PASSWORD=          # TODO! This is the password of the initially created Nextcloud admin with username "admin".
 ONLYOFFICE_SECRET=          # TODO! This needs to be a unique and good password!

diff --git a/nextcloud-aio-helm-chart/Chart.yaml b/nextcloud-aio-helm-chart/Chart.yaml
@@ -1,6 +1,6 @@
 name: nextcloud-aio-helm-chart
 description: A generated Helm Chart for Nextcloud AIO from Skippbox Kompose
-version: 7.13.1
+version: 8.0.0-1
 apiVersion: v2
 keywords:
   - latest

diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml
@@ -26,7 +26,11 @@ spec:
     spec:
       initContainers:
         - name: init-volumes
+          {{- if or .Values.IMAGE_MIRROR_PREFIX .Values.ALPINE_IMAGE_ORG }}
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.ALPINE_IMAGE_ORG}}/alpine"
+          {{- else }}
           image: alpine
+          {{- end }}
           command:
             - chmod
             - "777"
@@ -61,7 +65,7 @@ spec:
               value: nextcloud-aio-talk
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: nextcloud/aio-apache:20240308_092935-latest
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-apache:20240321_080708-latest"
           name: nextcloud-aio-apache
           ports:
             - containerPort: {{ .Values.APACHE_PORT }}

diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml
@@ -27,7 +27,11 @@ spec:
     spec:
       initContainers:
         - name: init-subpath
+          {{- if or .Values.IMAGE_MIRROR_PREFIX .Values.ALPINE_IMAGE_ORG }}
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.ALPINE_IMAGE_ORG}}/alpine"
+          {{- else }}
           image: alpine
+          {{- end }}
           command:
             - mkdir
             - "-p"
@@ -37,7 +41,11 @@ spec:
             - name: nextcloud-aio-clamav
               mountPath: /nextcloud-aio-clamav
         - name: init-volumes
+          {{- if or .Values.IMAGE_MIRROR_PREFIX .Values.ALPINE_IMAGE_ORG }}
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.ALPINE_IMAGE_ORG}}/alpine"
+          {{- else }}
           image: alpine
+          {{- end }}
           command:
             - chown
             - 100:100
@@ -52,7 +60,7 @@ spec:
               value: "90"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: nextcloud/aio-clamav:20240308_092935-latest
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-clamav:20240321_080708-latest"
           name: nextcloud-aio-clamav
           ports:
             - containerPort: 3310

diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml
@@ -37,7 +37,7 @@ spec:
               value: --o:ssl.enable=false --o:ssl.termination=true --o:mount_jail_tree=false --o:logging.level=warning --o:home_mode.enable=true {{ .Values.COLLABORA_SECCOMP_POLICY }} --o:remote_font_config.url=https://{{ .Values.NC_DOMAIN }}/apps/richdocuments/settings/fonts.json
             - name: server_name
               value: "{{ .Values.NC_DOMAIN }}"
-          image: nextcloud/aio-collabora:20240308_092935-latest
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-collabora:20240321_080708-latest"
           name: nextcloud-aio-collabora
           ports:
             - containerPort: 9980

diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml
@@ -26,7 +26,11 @@ spec:
     spec:
       initContainers:
         - name: init-subpath
+          {{- if or .Values.IMAGE_MIRROR_PREFIX .Values.ALPINE_IMAGE_ORG }}
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.ALPINE_IMAGE_ORG}}/alpine"
+          {{- else }}
           image: alpine
+          {{- end }}
           command:
             - mkdir
             - "-p"
@@ -39,7 +43,11 @@ spec:
             - name: nextcloud-aio-database
               mountPath: /nextcloud-aio-database
         - name: init-volumes
+          {{- if or .Values.IMAGE_MIRROR_PREFIX .Values.ALPINE_IMAGE_ORG }}
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.ALPINE_IMAGE_ORG}}/alpine"
+          {{- else }}
           image: alpine
+          {{- end }}
           command:
             - chown
             - 999:999
@@ -63,7 +71,7 @@ spec:
               value: nextcloud
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: nextcloud/aio-postgresql:20240308_092935-latest
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-postgresql:20240321_080708-latest"
           name: nextcloud-aio-database
           ports:
             - containerPort: 5432

diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml
@@ -27,7 +27,11 @@ spec:
     spec:
       initContainers:
         - name: init-volumes
+          {{- if or .Values.IMAGE_MIRROR_PREFIX .Values.ALPINE_IMAGE_ORG }}
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.ALPINE_IMAGE_ORG}}/alpine"
+          {{- else }}
           image: alpine
+          {{- end }}
           command:
             - chmod
             - "777"
@@ -57,7 +61,7 @@ spec:
               value: basic
             - name: xpack.security.enabled
               value: "false"
-          image: nextcloud/aio-fulltextsearch:20240308_092935-latest
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-fulltextsearch:20240321_080708-latest"
           name: nextcloud-aio-fulltextsearch
           ports:
             - containerPort: 9200

diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml
@@ -25,9 +25,11 @@ spec:
     spec:
       containers:
         - env:
+            - name: IMAGINARY_SECRET
+              value: "{{ .Values.IMAGINARY_SECRET }}"
             - name: TZ
               value: "{{ .Values.TIMEZONE }}"
-          image: nextcloud/aio-imaginary:20240308_092935-latest
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-imaginary:20240321_080708-latest"
           name: nextcloud-aio-imaginary
           ports:
             - containerPort: 9000

diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml
@@ -26,7 +26,11 @@ spec:
     spec:
       initContainers:
         - name: "delete-lost-found"
+          {{- if or .Values.IMAGE_MIRROR_PREFIX .Values.ALPINE_IMAGE_ORG }}
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.ALPINE_IMAGE_ORG}}/alpine"
+          {{- else }}
           image: alpine
+          {{- end }}
           command:
             - rm
             - "-rf"
@@ -37,7 +41,11 @@ spec:
             - name: nextcloud-aio-nextcloud
               mountPath: /nextcloud-aio-nextcloud
         - name: init-volumes
+          {{- if or .Values.IMAGE_MIRROR_PREFIX .Values.ALPINE_IMAGE_ORG }}
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.ALPINE_IMAGE_ORG}}/alpine"
+          {{- else }}
           image: alpine
+          {{- end }}
           command:
             - chmod
             - "777"
@@ -104,6 +112,8 @@ spec:
               value: "{{ .Values.IMAGINARY_ENABLED }}"
             - name: IMAGINARY_HOST
               value: nextcloud-aio-imaginary
+            - name: IMAGINARY_SECRET
+              value: "{{ .Values.IMAGINARY_SECRET }}"
             - name: INSTALL_LATEST_MAJOR
               value: "{{ .Values.INSTALL_LATEST_MAJOR }}"
             - name: NC_DOMAIN
@@ -160,7 +170,7 @@ spec:
               value: "{{ .Values.TIMEZONE }}"
             - name: UPDATE_NEXTCLOUD_APPS
               value: "{{ .Values.UPDATE_NEXTCLOUD_APPS }}"
-          image: nextcloud/aio-nextcloud:20240308_092935-latest
+          image: "{{ .Values.IMAGE_MIRROR_PREFIX }}{{ .Values.NEXTCLOUD_IMAGE_ORG }}/aio-nextcloud:20240321_080708-latest"
           name: nextcloud-aio-nextcloud
           ports:
             - containerPort: 9000