feat(config): add missing env vars to v24.04 from config.sample.php and config.apps.sample.php

[DeepDiver1975]

Summary

• Exposes additional ownCloud configuration parameters as `OWNCLOUD_*` environment variables in v24.04 (the version used with ownCloud 11), sourced from both `config/config.sample.php` and `config/config.apps.sample.php` in `owncloud/core`
• v20.04 and v22.04 are intentionally left unchanged
• Covers previously inaccessible options across: user/auth, mail, proxy, trash bin, versioning, previews, DAV, sharing, file storage, security, antivirus, PDF viewer, firstrun wizard, LDAP, metrics, Collabora, WOPI/Office Online, workflow retention, and more
• Hardcodes `web-updater.enabled = false` — Docker installs upgrade by pulling a new image, not via the in-app updater
• `ENVIRONMENT.md` updated with all new variables in alphabetical order

Test plan

• Verify PHP syntax: `php -l v24.04/overlay/etc/templates/config.php`
• Smoke test: build image and confirm `php -r "echo 'OK';" | grep -q OK` passes
• Set a newly added env var (e.g. `OWNCLOUD_ALLOW_USER_TO_CHANGE_MAIL_ADDRESS=false`) and verify it appears correctly in the generated `config.php` inside a running container

🤖 Generated with Claude Code

[DeepDiver1975]

Large but well-structured PR adding ~90 new OWNCLOUD_* env var mappings to config.php, covering previously inaccessible config keys from config.sample.php and config.apps.sample.php. ENVIRONMENT.md is updated in parallel. Changes are described as applied identically across v20.04, v22.04, and v24.04 — though the diff only shows one version's config.php; confirm all three are updated.

A few observations:

Type handling: Most new vars follow existing patterns. A few notable ones:

• OWNCLOUD_FILELOCKING_TTL — corrected from string to (int), good fix
• OWNCLOUD_BLACKLISTED_FILES_REGEX / OWNCLOUD_EXCLUDED_DIRECTORIES_REGEX — split on comma into arrays; correct for these config keys
• OWNCLOUD_TRASHBIN_SKIP_SIZE_THRESHOLD — stored as a raw string; the underlying config key expects a string like "100 MB", so this is correct
• OWNCLOUD_DAV_PROPFIND_DEPTH_INFINITY — stored as boolean via === 'true'; correct

OWNCLOUD_METRICS_SHARED_SECRET: This exposes the metrics endpoint shared secret as an env var. That's the right approach for Docker, but operators should be aware it will appear in docker inspect output and process environment listings. Worth noting in ENVIRONMENT.md that this is a sensitive value.

web-updater.enabled hardcoded to false: The companion PR owncloud/core#41615 removes this key from the sample config. Confirm the hardcoding here ($config['web-updater.enabled'] = false; — not visible in this diff but referenced in the summary) is intentional and consistent with that removal.

OWNCLOUD_WOPI_TOKEN_KEY: Similarly sensitive — the WOPI token signing key. Same note as metrics: sensitive value, should be documented as such.

Overall the pattern is consistent and the implementation is clean. Safe to merge once the symmetric v20.04/v22.04/v24.04 application is confirmed and CI passes.

[mmattel]

Missing envvars from my perspective, maybe not complete, still looking:

• Windows Network Drive --> wnd.xxx and wnd2.xxx (config.apps.sample)
• Kerberos --> kerberos.xxx (config.apps.sample)
• Redis --> config.sample key: connection_parameters

[DeepDiver1975]

Code Review (automated)

All issues found have been fixed in the follow-up commit.

Issues fixed

v24.04/overlay/etc/templates/config.php

• Wrong comment // app: activity above the admin_audit.groups block → fixed to // app: admin_audit

ENVIRONMENT.md — 9 alphabetical ordering violations corrected:

• OWNCLOUD_ADMIN_AUDIT_GROUPS moved before OWNCLOUD_ANTIVIRUS_*
• OWNCLOUD_DB_PLATFORM moved after OWNCLOUD_DB_FAIL (was before it)
• OWNCLOUD_FILESYSTEM_CACHE_READONLY / FILESYSTEM_CHECK_CHANGES moved before FILESYSTEM_MAX_MOUNTPOINT_MOVE_ATTEMPTS
• OWNCLOUD_FORWARDED_FOR_HEADERS moved before OWNCLOUD_GROUPS_ENABLE_MEDIAL_SEARCH
• OWNCLOUD_HAS_INTERNET_CONNECTION moved before OWNCLOUD_INTERNET_CONNECTIVITY_DETECT_URL
• OWNCLOUD_LOGIN_ALTERNATIVES moved before OWNCLOUD_LOGIN_POLICY_ORDER
• OWNCLOUD_PART_FILE_IN_STORAGE moved before OWNCLOUD_POLLINTERVAL
• OWNCLOUD_SHARING_FEDERATION_* / SHARING_MANAGER_FACTORY moved before SHARING_SHOW_PUBLIC_LINK_QUICK_ACTION
• OWNCLOUD_SHOW_SERVER_HOSTNAME moved before OWNCLOUD_STRICT_LOGIN_ENFORCED (and both repositioned in S-section)

No issues found in

• Shell declarations in 85-others.sh — all correct syntax, pattern consistent
• PHP type casts — all correct (=== 'true' for bools, (int) for ints, explode(',', ...) for arrays)
• PHP syntax — valid
• Consistency between 85-others.sh declarations and config.php entries — all 31 new vars present in both

[mmattel]

As discussed today, memcached occurrences should be removed from the code and description.
There are 5 occurrences starting with OWNCLOUD_MEMCACHED_xxx

Alternatively, we can just remove the occurrences in the ENVIRONMENT.md file and should place a note in the code not to re-add them...

Note that altough the core PHP code still exists, the config.sample occurrences of memcached (docs only) have also been removed with the cleanup PR in core. As this is OC11, a major release, removing these envvars is imho ok. Just needs a note in the upcoming release notes.

[DeepDiver1975]

• Kerberos --> kerberos.xxx (config.apps.sample)

not added my intention as kerberos will not work in the images out of the box

• Redis --> config.sample key: connection_parameters

see e846dd5

• Windows Network Drive --> wnd.xxx and wnd2.xxx (config.apps.sample)

not added intntionally due to complexity - will come in a follow up pr

[DeepDiver1975]

Code Review

Overview: Adds ~90 missing OWNCLOUD_* environment variables to the v24.04 image, removes memcached support (deprecated), and introduces Redis TLS configuration. Scoped to v24.04 only; v20.04 and v22.04 are intentionally left unchanged.

New env vars — grouped by area:

• Core config: OWNCLOUD_ALLOW_USER_TO_CHANGE_MAIL_ADDRESS, OWNCLOUD_BLACKLISTED_FILES_REGEX, OWNCLOUD_EXCLUDED_DIRECTORIES_REGEX, OWNCLOUD_FILESYSTEM_MAX_MOUNTPOINT_MOVE_ATTEMPTS, OWNCLOUD_DB_PLATFORM, OWNCLOUD_OPENSSL_CONFIG, OWNCLOUD_POLLINTERVAL, OWNCLOUD_PROXY_IGNORE, OWNCLOUD_USE_RELATIVE_DOMAIN_NAME, OWNCLOUD_STRICT_LOGIN_ENFORCED, OWNCLOUD_GROUPS_ENABLE_MEDIAL_SEARCH, OWNCLOUD_INTERNET_CONNECTIVITY_DETECT_URL, OWNCLOUD_LOGIN_POLICY_ORDER, OWNCLOUD_DAV_PROPFIND_DEPTH_INFINITY
• App-specific: OWNCLOUD_ADMIN_AUDIT_GROUPS, antivirus (AV_PATH, AV_CMD_OPTIONS), OWNCLOUD_PDF_VIEWER_ENABLE_SCRIPTING, firstrunwizard custom client URLs, OWNCLOUD_LDAP_IGNORE_NAMING_RULES, OWNCLOUD_USER_LDAP_ENABLE_MEDIAL_SEARCH, OWNCLOUD_COLLABORA_GROUP, OWNCLOUD_METRICS_SHARED_SECRET, OWNCLOUD_WORKFLOW_RETENTION_ENGINE
• WOPI/Office Online (Enterprise): OWNCLOUD_WOPI_TOKEN_KEY, OWNCLOUD_WOPI_OFFICE_ONLINE_SERVER, OWNCLOUD_WOPI_GROUP, OWNCLOUD_WOPI_PROXY_URL, OWNCLOUD_WOPI_BUSINESS_FLOW_ENABLED
• Redis TLS: Full connection_parameters suite for both standalone (redis) and cluster (redis.cluster) modes: CAFILE, CAPATH, LOCAL_CERT, LOCAL_PK, PASSPHRASE, CIPHERS, PEER_NAME, VERIFY_PEER, VERIFY_PEER_NAME, ALLOW_SELF_SIGNED
• Trashbin: OWNCLOUD_TRASHBIN_SKIP_DIRECTORIES, OWNCLOUD_TRASHBIN_SKIP_EXTENSIONS, OWNCLOUD_TRASHBIN_SKIP_SIZE_THRESHOLD
• Web UI: OWNCLOUD_WEB_BASEURL, OWNCLOUD_WEB_REWRITE_LINKS
• Misc: OWNCLOUD_SHARING_SHOW_PUBLIC_LINK_QUICK_ACTION, OWNCLOUD_TELEMETRY_ENABLED, OWNCLOUD_GRACE_PERIOD_DEMO_KEY_LINK, OWNCLOUD_GRACE_PERIOD_DEMO_KEY_SHOW_POPUP, OWNCLOUD_MAIL_REMOVE_SENDER_DISPLAY_NAME, OWNCLOUD_PREVIEW_JPEG_IMAGE_DISPLAY_QUALITY

Memcached removal: The 20-memcached.sh entrypoint script and all OWNCLOUD_MEMCACHED_* + OWNCLOUD_MEMCACHE_* env var blocks are removed from v24.04, along with the case getenv('OWNCLOUD_MEMCACHED_ENABLED') branch in config.php. ENVIRONMENT.md entries for these vars are also removed. This is a breaking change for anyone relying on memcached with the v24.04 image — worth a prominent note in the release changelog.

Redis TLS implementation detail: The TLS params are applied to both redis.cluster['connection_parameters'] and redis['connection_parameters']['stream'] paths. This correctly handles both standalone and cluster topologies.

ENVIRONMENT.md: All new vars are documented with descriptions and doc links. A few doc links appear to reuse a related but not exact anchor (e.g., OWNCLOUD_DAV_PROPFIND_DEPTH_INFINITY points to the async DAV doc, OWNCLOUD_FILESYSTEM_MAX_MOUNTPOINT_MOVE_ATTEMPTS points to filesystem-changes-detection). These are minor — the doc pages still provide relevant context.

One observation: OWNCLOUD_LDAP_IGNORE_NAMING_RULES maps to $config['ldapIgnoreNamingRules'] = ... === 'true' (boolean coercion), while most other boolean vars use string passthrough. This matches the ownCloud config format for that specific key, so it's correct — but it's worth being consistent in documentation (the ENVIRONMENT.md entry doesn't mention it's a boolean).

Overall: Solid PR that brings v24.04 env var coverage up to parity with the broader ownCloud config surface. The Redis TLS additions are particularly valuable for production deployments. No blocking concerns.

[mmattel]

Why has OWNCLOUD_MEMCACHE_LOCAL been removed?
This has nothing to do with memcached.
I guess this was unintentionally....