reduce docker build context

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

.vscode/launch.json

@@ -36,7 +36,7 @@
         // demo users
         "IDM_CREATE_DEMO_USERS": "true",
         // OC_RUN_SERVICES allows to start a subset of services even in the supervised mode
-        //"OC_RUN_SERVICES": "settings,storage-system,graph,idp,idm,ocs,store,thumbnails,web,webdav,frontend,gateway,users,groups,auth-basic,storage-authmachine,storage-users,storage-shares,storage-publiclink,storage-system,app-provider,sharing,proxy,ocdav",
+        //"OC_RUN_SERVICES": "settings,storage-system,graph,idp,idm,ocs,store,thumbnails,web,webdav,frontend,gateway,users,groups,auth-basic,storage-authmachine,storage-users,storage-shares,storage-publiclink,storage-system,app-provider,sharing,proxy",
 
         /*
          * Keep secrets and passwords in one block to allow easy uncommenting
@@ -129,8 +129,6 @@
         "IDP_HTTP_ADDR": "127.0.0.1:10130",
         "NATS_DEBUG_ADDR": "127.0.0.1:10234",
         "NATS_NATS_PORT": "10233",
-        "OCDAV_HTTP_ADDR": "127.0.0.1:10350",
-        "OCDAV_DEBUG_ADDR": "127.0.0.1:10163",
         "OCM_DEBUG_ADDR": "127.0.0.1:10281",
         "OCM_HTTP_ADDR": "127.0.0.1:10280",
         "OCM_GRPC_ADDR": "127.0.0.1:10282",

.woodpecker.env

@@ -1,4 +1,4 @@
 # The test runner source for UI tests
-WEB_COMMITID=3d7367cfb1abe288d0fc0b0b1cc494a7747bcaf6
+WEB_COMMITID=50e3fff6a518361d59cba864a927470f313b6f91
 WEB_BRANCH=stable-4.2
 

.woodpecker.star

@@ -18,7 +18,7 @@ OC_CI_ALPINE = "owncloudci/alpine:latest"
 OC_CI_BAZEL_BUILDIFIER = "owncloudci/bazel-buildifier:latest"
 OC_CI_CLAMAVD = "owncloudci/clamavd"
 OC_CI_DRONE_ANSIBLE = "owncloudci/drone-ansible:latest"
-OC_CI_GOLANG = "docker.io/golang:1.24"
+OC_CI_GOLANG = "registry.heinlein.group/opencloud/golang-ci:1.25"
 OC_CI_NODEJS = "owncloudci/nodejs:%s"
 OC_CI_PHP = "owncloudci/php:%s"
 OC_CI_WAIT_FOR = "owncloudci/wait-for:latest"
@@ -27,6 +27,7 @@ OC_LITMUS = "owncloudci/litmus:latest"
 OC_UBUNTU = "owncloud/ubuntu:20.04"
 ONLYOFFICE_DOCUMENT_SERVER = "onlyoffice/documentserver:7.5.1"
 PLUGINS_DOCKER_BUILDX = "woodpeckerci/plugin-docker-buildx:latest"
+PLUGINS_NOTATION = "registry.heinlein.group/opencloud/notation-wp-plugin:latest"
 PLUGINS_GITHUB_RELEASE = "woodpeckerci/plugin-release"
 PLUGINS_GIT_ACTION = "quay.io/thegeeklab/wp-git-action"
 PLUGINS_S3 = "plugins/s3:1"
@@ -40,7 +41,6 @@ DEFAULT_PHP_VERSION = "8.2"
 DEFAULT_NODEJS_VERSION = "20"
 
 CACHE_S3_SERVER = "https://s3.ci.opencloud.eu"
-INSTALL_LIBVIPS_COMMAND = "apt-get update; apt-get install libvips42 -y"
 
 dirs = {
     "base": "/woodpecker/src/github.com/opencloud-eu/opencloud",
@@ -387,7 +387,7 @@ config = {
         "architectures": ["arm64", "amd64"],
         "production": {
             # NOTE: need to be updated if new production releases are determined
-            "tags": ["2.0"],
+            "tags": ["2.0", "4.0"],
             "repo": docker_repo_slug,
             "build_type": "production",
         },
@@ -705,7 +705,7 @@ def restoreGoBinCache():
             "name": "extract-go-bin-cache",
             "image": OC_UBUNTU,
             "commands": [
-                "tar -xmf %s -C /" % dirs["gobinTarPath"],
+                "tar -xvmf %s -C /" % dirs["gobinTarPath"],
             ],
         },
     ]
@@ -1657,12 +1657,12 @@ def dockerRelease(ctx, repo, build_type):
     # if no additional tag is given, the build-plugin adds latest
     hard_tag = "daily"
     if ctx.build.event == "tag":
-        tag_version = ctx.build.ref.replace("refs/tags/", "")
+        tag_version = ctx.build.ref.replace("refs/tags/v", "")
         tag_parts = tag_version.split("-")
 
         # if a tag has something appended with "-" i.e. alpha, beta, rc1...
-        # set the entire string as tag, else leave empty to autotag with latest
-        hard_tag = tag_version if len(tag_parts) > 1 else ""
+        # set the entire string as tag, else tag with latest (same as empty with current plugin)
+        hard_tag = tag_version if len(tag_parts) > 1 else "latest"
 
     depends_on = getPipelineNames(getGoBinForTesting(ctx))
 
@@ -1751,6 +1751,36 @@ def dockerRelease(ctx, repo, build_type):
                     event["tag"],
                 ],
             },
+            {
+                "name": "notation-signing",
+                "image": PLUGINS_NOTATION,
+                "settings": {
+                    "key": {
+                        "from_secret": "notation_key",
+                    },
+                    "crt": {
+                        "from_secret": "notation_cert",
+                    },
+                    "target": "registry.heinlein.group/%s:%s" % (repo, hard_tag),
+                    "pull_image": True,
+                    "logins": [
+                        {
+                            "registry": "https://registry.heinlein.group",
+                            "username": {
+                                "from_secret": "harbor_opencloudeu_user",
+                            },
+                            "password": {
+                                "from_secret": "harbor_opencloudeu_password",
+                            },
+                        },
+                    ],
+                },
+                "when": [
+                    event["cron"],
+                    event["base"],
+                    event["tag"],
+                ],
+            },
         ],
         "depends_on": depends_on,
         "when": [
@@ -2030,7 +2060,9 @@ def notifyMatrix(ctx):
                     },
                     "QA_REPO": "https://github.com/opencloud-eu/qa.git",
                     "QA_REPO_BRANCH": "main",
-                    "CI_WOODPECKER_URL": "https://ci.opencloud.eu/",
+                    "CI_WOODPECKER_URL": {
+                        "from_secret": "oc_ci_url",
+                    },
                     "CI_REPO_ID": "3",
                     "CI_WOODPECKER_TOKEN": "no-auth-needed-on-this-repo",
                 },
@@ -2088,7 +2120,6 @@ def opencloudServer(storage = "decomposed", accounts_hash_difficulty = 4, depend
         "IDP_DEBUG_ADDR": "0.0.0.0:9134",
         "INVITATIONS_DEBUG_ADDR": "0.0.0.0:9269",
         "NATS_DEBUG_ADDR": "0.0.0.0:9234",
-        "OCDAV_DEBUG_ADDR": "0.0.0.0:9163",
         "OCM_DEBUG_ADDR": "0.0.0.0:9281",
         "OCS_DEBUG_ADDR": "0.0.0.0:9114",
         "POSTPROCESSING_DEBUG_ADDR": "0.0.0.0:9255",
@@ -2192,9 +2223,6 @@ def opencloudServer(storage = "decomposed", accounts_hash_difficulty = 4, depend
             },
         },
         "commands": [
-            "apt-get update",
-            "apt-get install -y inotify-tools xattr",
-            INSTALL_LIBVIPS_COMMAND,
             "%s init --insecure true" % dirs["opencloudBin"],
             "cat $OC_CONFIG_DIR/opencloud.yaml",
             "cp tests/config/woodpecker/app-registry.yaml $OC_CONFIG_DIR/app-registry.yaml",
@@ -2238,7 +2266,6 @@ def startOpenCloudService(service = None, name = None, environment = {}):
             "detach": True,
             "environment": environment,
             "commands": [
-                INSTALL_LIBVIPS_COMMAND,
                 "%s %s server" % (dirs["opencloudBin"], service),
             ],
         },
@@ -2264,7 +2291,6 @@ def build():
             "name": "build",
             "image": OC_CI_GOLANG,
             "commands": [
-                "apt-get update; apt-get install libvips-dev -y",
                 "for i in $(seq 3); do make -C opencloud build ENABLE_VIPS=1 && break || sleep 1; done",
             ],
             "environment": CI_HTTP_PROXY_ENV,

CHANGELOG.md

@@ -1,5 +1,80 @@
 # Changelog
 
+## [4.0.0](https://github.com/opencloud-eu/opencloud/releases/tag/v4.0.0) - 2025-12-01
+
+### ❤️ Thanks to all contributors! ❤️
+
+@AlexAndBear, @MahdiBaghbani, @ScharfViktor, @butonic, @dragonchaser, @flimmy, @fschade, @individual-it, @jnweiger, @kulmann, @micbar, @mikelolasagasti, @pbleser-oc, @rhafer, @schweigisito
+
+### 💥 Breaking changes
+
+- collaboration: Enable `InsertRemoteImage` option [[#1692](https://github.com/opencloud-eu/opencloud/pull/1692)]
+
+### 📚 Documentation
+
+- Fix typos in antivirus README documentation [[#1940](https://github.com/opencloud-eu/opencloud/pull/1940)]
+- fix: add missing service README.md files with basic description [[#1859](https://github.com/opencloud-eu/opencloud/pull/1859)]
+- Fix README.md files which contain broken or missing links [[#1854](https://github.com/opencloud-eu/opencloud/pull/1854)]
+
+### 🐛 Bug Fixes
+
+- introduce OC_EVENTS_TLS_INSECURE [[#1936](https://github.com/opencloud-eu/opencloud/pull/1936)]
+- kill unused env vars [[#1888](https://github.com/opencloud-eu/opencloud/pull/1888)]
+- rc-handling was only active for the dryrun, not the real build-and-push [[#1919](https://github.com/opencloud-eu/opencloud/pull/1919)]
+- handle objectguid endianess [[#1901](https://github.com/opencloud-eu/opencloud/pull/1901)]
+- fix: add update server to default csp rules [[#1875](https://github.com/opencloud-eu/opencloud/pull/1875)]
+- fix: add missing capability flag support-radicale [[#1891](https://github.com/opencloud-eu/opencloud/pull/1891)]
+- fix opensearch client certificate [[#1890](https://github.com/opencloud-eu/opencloud/pull/1890)]
+- Bump reva [[#1882](https://github.com/opencloud-eu/opencloud/pull/1882)]
+- load two yaml configs [[#1617](https://github.com/opencloud-eu/opencloud/pull/1617)]
+- make user cache tenant aware [[#1732](https://github.com/opencloud-eu/opencloud/pull/1732)]
+- fix: sanitise markdow code to make docusaurus happy [[#1851](https://github.com/opencloud-eu/opencloud/pull/1851)]
+- update launch.json [[#1843](https://github.com/opencloud-eu/opencloud/pull/1843)]
+- docs: Fix auth-app examples in README [[#1844](https://github.com/opencloud-eu/opencloud/pull/1844)]
+- fix: fix typo in treesize logging [[#1826](https://github.com/opencloud-eu/opencloud/pull/1826)]
+- fix: set global signing secret fallback correctly [[#1781](https://github.com/opencloud-eu/opencloud/pull/1781)]
+
+### 📈 Enhancement
+
+- feat(ocm): add WAYF configuration for reva OCM service [[#1714](https://github.com/opencloud-eu/opencloud/pull/1714)]
+- log missing name or id attributes [[#1914](https://github.com/opencloud-eu/opencloud/pull/1914)]
+- collabora: Set IsAdminUser and IsAnonymousUser in CheckFileInfo [[#1745](https://github.com/opencloud-eu/opencloud/pull/1745)]
+
+### ✅ Tests
+
+- [full-ci] disable running ci with watch fs when full-ci [[#1902](https://github.com/opencloud-eu/opencloud/pull/1902)]
+- api-tests: delete spaces before users [[#1877](https://github.com/opencloud-eu/opencloud/pull/1877)]
+- update tika version [[#1872](https://github.com/opencloud-eu/opencloud/pull/1872)]
+- add share sync to collaborativePosix suite [[#1806](https://github.com/opencloud-eu/opencloud/pull/1806)]
+- removed test virus files from repo [[#1812](https://github.com/opencloud-eu/opencloud/pull/1812)]
+- increase timeouts waiting for notification & search [[#1802](https://github.com/opencloud-eu/opencloud/pull/1802)]
+- Sync share before action [[#1795](https://github.com/opencloud-eu/opencloud/pull/1795)]
+- correct STORAGE_USERS_POSIX_WATCH_FS env typo in CI [[#1746](https://github.com/opencloud-eu/opencloud/pull/1746)]
+
+### 📦️ Dependencies
+
+- [full-ci] revaBump-v2.40.1 [[#1927](https://github.com/opencloud-eu/opencloud/pull/1927)]
+- [full-ci] chore: bump web to v4.2.1 [[#1938](https://github.com/opencloud-eu/opencloud/pull/1938)]
+- build(deps): bump google.golang.org/grpc from 1.76.0 to 1.77.0 [[#1923](https://github.com/opencloud-eu/opencloud/pull/1923)]
+- build(deps): bump github.com/nats-io/nats-server/v2 from 2.12.1 to 2.12.2 [[#1922](https://github.com/opencloud-eu/opencloud/pull/1922)]
+- build(deps): bump github.com/kovidgoyal/imaging from 1.7.2 to 1.8.17 [[#1912](https://github.com/opencloud-eu/opencloud/pull/1912)]
+- build(deps): bump golang.org/x/crypto from 0.44.0 to 0.45.0 [[#1911](https://github.com/opencloud-eu/opencloud/pull/1911)]
+- [decomposed]Update version 4.0.0 rc.2 [[#1917](https://github.com/opencloud-eu/opencloud/pull/1917)]
+- chore: bump web to v4.2.1-rc.1 [[#1900](https://github.com/opencloud-eu/opencloud/pull/1900)]
+- revaBump-getting#428 [[#1887](https://github.com/opencloud-eu/opencloud/pull/1887)]
+- build(deps): bump github.com/blevesearch/bleve/v2 from 2.5.4 to 2.5.5 [[#1884](https://github.com/opencloud-eu/opencloud/pull/1884)]
+- build(deps): bump github.com/olekukonko/tablewriter from 1.1.0 to 1.1.1 [[#1869](https://github.com/opencloud-eu/opencloud/pull/1869)]
+- build(deps): bump golang.org/x/term from 0.36.0 to 0.37.0 [[#1845](https://github.com/opencloud-eu/opencloud/pull/1845)]
+- reva-bump-2.39.2. update opencloud 4.0.0-rc.1 [[#1849](https://github.com/opencloud-eu/opencloud/pull/1849)]
+- build(deps): bump golang.org/x/sync from 0.17.0 to 0.18.0 [[#1836](https://github.com/opencloud-eu/opencloud/pull/1836)]
+- build(deps): bump golang.org/x/oauth2 from 0.32.0 to 0.33.0 [[#1828](https://github.com/opencloud-eu/opencloud/pull/1828)]
+- build(deps): bump github.com/KimMachineGun/automemlimit from 0.7.4 to 0.7.5 [[#1787](https://github.com/opencloud-eu/opencloud/pull/1787)]
+- build(deps): bump github.com/open-policy-agent/opa from 1.9.0 to 1.10.1 [[#1788](https://github.com/opencloud-eu/opencloud/pull/1788)]
+- Bump reva [[#1786](https://github.com/opencloud-eu/opencloud/pull/1786)]
+- build(deps): bump github.com/gabriel-vasile/mimetype from 1.4.10 to 1.4.11 [[#1775](https://github.com/opencloud-eu/opencloud/pull/1775)]
+- build(deps): bump github.com/nats-io/nats-server/v2 from 2.12.0 to 2.12.1 [[#1706](https://github.com/opencloud-eu/opencloud/pull/1706)]
+- build(deps): bump github.com/onsi/ginkgo/v2 from 2.27.1 to 2.27.2 [[#1754](https://github.com/opencloud-eu/opencloud/pull/1754)]
+
 ## [3.7.0](https://github.com/opencloud-eu/opencloud/releases/tag/v3.7.0) - 2025-11-03
 
 ### ❤️ Thanks to all contributors! ❤️

Makefile

@@ -44,7 +44,6 @@ OC_MODULES = \
 	services/invitations \
 	services/nats \
 	services/notifications \
-	services/ocdav \
 	services/ocm \
 	services/ocs \
 	services/policies \

deployments/examples/bare-metal-simple/install.sh

@@ -11,7 +11,7 @@ set -euo pipefail
 #   OC_VERSION: Version to download, e.g. OC_VERSION="1.2.0"
 
 # Call this script directly from opencloud:
-# curl -L https://opencloud.eu/quickinstall.sh | /bin/bash
+# curl -L https://opencloud.eu/install | /bin/bash
 
 # This function is borrowed from openSUSEs /usr/bin/old, thanks.
 function backup_file () {

go.mod

@@ -64,7 +64,7 @@ require (
 	github.com/open-policy-agent/opa v1.10.1
 	github.com/opencloud-eu/icap-client v0.0.0-20250930132611-28a2afe62d89
 	github.com/opencloud-eu/libre-graph-api-go v1.0.8-0.20250724122329-41ba6b191e76
-	github.com/opencloud-eu/reva/v2 v2.39.3
+	github.com/opencloud-eu/reva/v2 v2.40.1
 	github.com/opensearch-project/opensearch-go/v4 v4.5.0
 	github.com/orcaman/concurrent-map v1.0.0
 	github.com/pkg/errors v0.9.1
@@ -80,7 +80,7 @@ require (
 	github.com/spf13/cobra v1.10.1
 	github.com/stretchr/testify v1.11.1
 	github.com/test-go/testify v1.1.4
-	github.com/testcontainers/testcontainers-go v0.39.0
+	github.com/testcontainers/testcontainers-go v0.40.0
 	github.com/testcontainers/testcontainers-go/modules/opensearch v0.39.0
 	github.com/theckman/yacspin v0.13.12
 	github.com/thejerf/suture/v4 v4.0.6
@@ -189,7 +189,7 @@ require (
 	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
 	github.com/distribution/reference v0.6.0 // indirect
 	github.com/dlclark/regexp2 v1.4.0 // indirect
-	github.com/docker/docker v28.3.3+incompatible // indirect
+	github.com/docker/docker v28.5.1+incompatible // indirect
 	github.com/docker/go-connections v0.6.0 // indirect
 	github.com/docker/go-units v0.5.0 // indirect
 	github.com/dustin/go-humanize v1.0.1 // indirect
@@ -372,9 +372,9 @@ require (
 	github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect
 	github.com/yashtewari/glob-intersection v0.2.0 // indirect
 	github.com/yusufpapurcu/wmi v1.2.4 // indirect
-	go.etcd.io/etcd/api/v3 v3.6.5 // indirect
-	go.etcd.io/etcd/client/pkg/v3 v3.6.5 // indirect
-	go.etcd.io/etcd/client/v3 v3.6.5 // indirect
+	go.etcd.io/etcd/api/v3 v3.6.6 // indirect
+	go.etcd.io/etcd/client/pkg/v3 v3.6.6 // indirect
+	go.etcd.io/etcd/client/v3 v3.6.6 // indirect
 	go.opencensus.io v0.24.0 // indirect
 	go.opentelemetry.io/auto/sdk v1.2.1 // indirect
 	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.38.0 // indirect

go.sum

@@ -310,8 +310,8 @@ github.com/dlclark/regexp2 v1.4.0 h1:F1rxgk7p4uKjwIQxBs9oAXe5CqrXlCduYEJvrF4u93E
 github.com/dlclark/regexp2 v1.4.0/go.mod h1:2pZnwuY/m+8K6iRw6wQdMtk+rH5tNGR1i55kozfMjCc=
 github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E=
 github.com/dnsimple/dnsimple-go v0.63.0/go.mod h1:O5TJ0/U6r7AfT8niYNlmohpLbCSG+c71tQlGr9SeGrg=
-github.com/docker/docker v28.3.3+incompatible h1:Dypm25kh4rmk49v1eiVbsAtpAsYURjYkaKubwuBdxEI=
-github.com/docker/docker v28.3.3+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/docker v28.5.1+incompatible h1:Bm8DchhSD2J6PsFzxC35TZo4TLGR2PdW/E69rU45NhM=
+github.com/docker/docker v28.5.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/go-connections v0.6.0 h1:LlMG9azAe1TqfR7sO+NJttz1gy6KO7VJBh+pMmjSD94=
 github.com/docker/go-connections v0.6.0/go.mod h1:AahvXYshr6JgfUJGdDCs2b5EZG/vmaMAntpSFH5BFKE=
 github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=
@@ -963,8 +963,8 @@ github.com/opencloud-eu/inotifywaitgo v0.0.0-20251111171128-a390bae3c5e9 h1:dIft
 github.com/opencloud-eu/inotifywaitgo v0.0.0-20251111171128-a390bae3c5e9/go.mod h1:JWyDC6H+5oZRdUJUgKuaye+8Ph5hEs6HVzVoPKzWSGI=
 github.com/opencloud-eu/libre-graph-api-go v1.0.8-0.20250724122329-41ba6b191e76 h1:vD/EdfDUrv4omSFjrinT8Mvf+8D7f9g4vgQ2oiDrVUI=
 github.com/opencloud-eu/libre-graph-api-go v1.0.8-0.20250724122329-41ba6b191e76/go.mod h1:pzatilMEHZFT3qV7C/X3MqOa3NlRQuYhlRhZTL+hN6Q=
-github.com/opencloud-eu/reva/v2 v2.39.3 h1:/9NW08Bpy1GaNAPo8HrlyT21Flj8uNnOUyWLud1ehGc=
-github.com/opencloud-eu/reva/v2 v2.39.3/go.mod h1:kkGiMeEVR59VjDsmWIczWqRcwK8cy9ogTd/u802U3NI=
+github.com/opencloud-eu/reva/v2 v2.40.1 h1:QwMkbGMhwDSwfk2WxbnTpIig2BugPBaVFjWcy2DSU3U=
+github.com/opencloud-eu/reva/v2 v2.40.1/go.mod h1:DGH08n2mvtsQLkt8o15FV6m51FwSJJGhjR8Ty+iIJww=
 github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
 github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJwooC2xJA040=
@@ -1188,8 +1188,8 @@ github.com/tchap/go-patricia/v2 v2.3.3 h1:xfNEsODumaEcCcY3gI0hYPZ/PcpVv5ju6RMAhg
 github.com/tchap/go-patricia/v2 v2.3.3/go.mod h1:VZRHKAb53DLaG+nA9EaYYiaEx6YztwDlLElMsnSHD4k=
 github.com/test-go/testify v1.1.4 h1:Tf9lntrKUMHiXQ07qBScBTSA0dhYQlu83hswqelv1iE=
 github.com/test-go/testify v1.1.4/go.mod h1:rH7cfJo/47vWGdi4GPj16x3/t1xGOj2YxzmNQzk2ghU=
-github.com/testcontainers/testcontainers-go v0.39.0 h1:uCUJ5tA+fcxbFAB0uP3pIK3EJ2IjjDUHFSZ1H1UxAts=
-github.com/testcontainers/testcontainers-go v0.39.0/go.mod h1:qmHpkG7H5uPf/EvOORKvS6EuDkBUPE3zpVGaH9NL7f8=
+github.com/testcontainers/testcontainers-go v0.40.0 h1:pSdJYLOVgLE8YdUY2FHQ1Fxu+aMnb6JfVz1mxk7OeMU=
+github.com/testcontainers/testcontainers-go v0.40.0/go.mod h1:FSXV5KQtX2HAMlm7U3APNyLkkap35zNLxukw9oBi/MY=
 github.com/testcontainers/testcontainers-go/modules/opensearch v0.39.0 h1:IkJUhR8AigQxv7qHZho/OtTU6JtiSdBGVh76o175JGo=
 github.com/testcontainers/testcontainers-go/modules/opensearch v0.39.0/go.mod h1:B7AhrDmQ4QbpzA0BeWvqzaJ8vbwcdEQDzybr35sBRfw=
 github.com/thanhpk/randstr v1.0.6 h1:psAOktJFD4vV9NEVb3qkhRSMvYh4ORRaj1+w/hn4B+o=
@@ -1275,12 +1275,12 @@ github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQ
 go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
 go.etcd.io/bbolt v1.4.3 h1:dEadXpI6G79deX5prL3QRNP6JB8UxVkqo4UPnHaNXJo=
 go.etcd.io/bbolt v1.4.3/go.mod h1:tKQlpPaYCVFctUIgFKFnAlvbmB3tpy1vkTnDWohtc0E=
-go.etcd.io/etcd/api/v3 v3.6.5 h1:pMMc42276sgR1j1raO/Qv3QI9Af/AuyQUW6CBAWuntA=
-go.etcd.io/etcd/api/v3 v3.6.5/go.mod h1:ob0/oWA/UQQlT1BmaEkWQzI0sJ1M0Et0mMpaABxguOQ=
-go.etcd.io/etcd/client/pkg/v3 v3.6.5 h1:Duz9fAzIZFhYWgRjp/FgNq2gO1jId9Yae/rLn3RrBP8=
-go.etcd.io/etcd/client/pkg/v3 v3.6.5/go.mod h1:8Wx3eGRPiy0qOFMZT/hfvdos+DjEaPxdIDiCDUv/FQk=
-go.etcd.io/etcd/client/v3 v3.6.5 h1:yRwZNFBx/35VKHTcLDeO7XVLbCBFbPi+XV4OC3QJf2U=
-go.etcd.io/etcd/client/v3 v3.6.5/go.mod h1:ZqwG/7TAFZ0BJ0jXRPoJjKQJtbFo/9NIY8uoFFKcCyo=
+go.etcd.io/etcd/api/v3 v3.6.6 h1:mcaMp3+7JawWv69p6QShYWS8cIWUOl32bFLb6qf8pOQ=
+go.etcd.io/etcd/api/v3 v3.6.6/go.mod h1:f/om26iXl2wSkcTA1zGQv8reJRSLVdoEBsi4JdfMrx4=
+go.etcd.io/etcd/client/pkg/v3 v3.6.6 h1:uoqgzSOv2H9KlIF5O1Lsd8sW+eMLuV6wzE3q5GJGQNs=
+go.etcd.io/etcd/client/pkg/v3 v3.6.6/go.mod h1:YngfUVmvsvOJ2rRgStIyHsKtOt9SZI2aBJrZiWJhCbI=
+go.etcd.io/etcd/client/v3 v3.6.6 h1:G5z1wMf5B9SNexoxOHUGBaULurOZPIgGPsW6CN492ec=
+go.etcd.io/etcd/client/v3 v3.6.6/go.mod h1:36Qv6baQ07znPR3+n7t+Rk5VHEzVYPvFfGmfF4wBHV8=
 go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
 go.opencensus.io v0.20.2/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
 go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=

opencloud/Makefile

@@ -17,7 +17,7 @@ include ../.make/docs.mk
 
 .PHONY: dev-docker
 dev-docker:
-	docker build -f docker/Dockerfile.multiarch -t opencloudeu/opencloud:dev ../..
+	docker build -f docker/Dockerfile.multiarch -t opencloudeu/opencloud:dev ..
 
 .PHONY: dev-docker-multiarch
 dev-docker-multiarch:

opencloud/docker/Dockerfile.multiarch

@@ -11,7 +11,7 @@ RUN --mount=type=bind,target=/build,rw \
     --mount=type=cache,target=/go/pkg/mod \
     --mount=type=cache,target=/root/.cache \
     GOOS="${TARGETOS:-linux}" GOARCH="${TARGETARCH:-amd64}" ; \
-    make -C opencloud/opencloud release-linux-docker-${TARGETARCH} ENABLE_VIPS=true DIST=/dist
+    make -C opencloud release-linux-docker-${TARGETARCH} ENABLE_VIPS=true DIST=/dist
 
 FROM alpine:3.22
 ARG VERSION

opencloud/pkg/command/services.go

@@ -30,7 +30,6 @@ import (
 	invitations "github.com/opencloud-eu/opencloud/services/invitations/pkg/command"
 	nats "github.com/opencloud-eu/opencloud/services/nats/pkg/command"
 	notifications "github.com/opencloud-eu/opencloud/services/notifications/pkg/command"
-	ocdav "github.com/opencloud-eu/opencloud/services/ocdav/pkg/command"
 	ocm "github.com/opencloud-eu/opencloud/services/ocm/pkg/command"
 	ocs "github.com/opencloud-eu/opencloud/services/ocs/pkg/command"
 	policies "github.com/opencloud-eu/opencloud/services/policies/pkg/command"
@@ -163,11 +162,6 @@ var svccmds = []register.Command{
 			cfg.Notifications.Commons = cfg.Commons
 		})
 	},
-	func(cfg *config.Config) *cli.Command {
-		return ServiceCommand(cfg, cfg.OCDav.Service.Name, ocdav.GetCommands(cfg.OCDav), func(c *config.Config) {
-			cfg.OCDav.Commons = cfg.Commons
-		})
-	},
 	func(cfg *config.Config) *cli.Command {
 		return ServiceCommand(cfg, cfg.OCM.Service.Name, ocm.GetCommands(cfg.OCM), func(c *config.Config) {
 			cfg.OCM.Commons = cfg.Commons

opencloud/pkg/init/init.go

@@ -281,6 +281,7 @@ func CreateConfig(insecure, forceOverwrite, diff bool, configPath, adminPassword
 		cfg.Collaboration.App.Insecure = true
 		cfg.Frontend.AppHandler = _insecureService
 		cfg.Frontend.Archiver = _insecureService
+		cfg.Frontend.OCDav = _insecureService
 		cfg.Graph.Spaces = _insecureService
 		cfg.Graph.Events = _insecureEvents
 		cfg.Notifications.Notifications.Events = _insecureEvents
@@ -289,7 +290,6 @@ func CreateConfig(insecure, forceOverwrite, diff bool, configPath, adminPassword
 		cfg.Sharing.Events = _insecureEvents
 		cfg.StorageUsers.Events = _insecureEvents
 		cfg.Nats.Nats.TLSSkipVerifyClientCert = true
-		cfg.Ocdav = _insecureService
 		cfg.Proxy = ProxyService{
 			InsecureBackends: true,
 			OIDC: InsecureProxyOIDC{

opencloud/pkg/init/structs.go

@@ -32,7 +32,6 @@ type OpenCloudConfig struct {
 	AuthBearer        AuthbearerService     `yaml:"auth_bearer"`
 	Users             UsersAndGroupsService `yaml:"users"`
 	Groups            UsersAndGroupsService `yaml:"groups"`
-	Ocdav             InsecureService       `yaml:"ocdav"`
 	Ocm               OcmService            `yaml:"ocm"`
 	Thumbnails        ThumbnailService      `yaml:"thumbnails"`
 	Search            Search                `yaml:"search"`
@@ -105,6 +104,7 @@ type FrontendService struct {
 	AppHandler     InsecureService `yaml:"app_handler"`
 	Archiver       InsecureService
 	ServiceAccount ServiceAccount `yaml:"service_account"`
+	OCDav          InsecureService
 }
 
 // Gateway is the configuration for the gateway

opencloud/pkg/runtime/service/service.go

@@ -40,7 +40,6 @@ import (
 	invitations "github.com/opencloud-eu/opencloud/services/invitations/pkg/command"
 	nats "github.com/opencloud-eu/opencloud/services/nats/pkg/command"
 	notifications "github.com/opencloud-eu/opencloud/services/notifications/pkg/command"
-	ocdav "github.com/opencloud-eu/opencloud/services/ocdav/pkg/command"
 	ocm "github.com/opencloud-eu/opencloud/services/ocm/pkg/command"
 	ocs "github.com/opencloud-eu/opencloud/services/ocs/pkg/command"
 	policies "github.com/opencloud-eu/opencloud/services/policies/pkg/command"
@@ -204,11 +203,6 @@ func NewService(ctx context.Context, options ...Option) (*Service, error) {
 		cfg.IDM.Commons = cfg.Commons
 		return idm.Execute(cfg.IDM)
 	})
-	reg(3, opts.Config.OCDav.Service.Name, func(ctx context.Context, cfg *occfg.Config) error {
-		cfg.OCDav.Context = ctx
-		cfg.OCDav.Commons = cfg.Commons
-		return ocdav.Execute(cfg.OCDav)
-	})
 	reg(3, opts.Config.OCS.Service.Name, func(ctx context.Context, cfg *occfg.Config) error {
 		cfg.OCS.Context = ctx
 		cfg.OCS.Commons = cfg.Commons

pkg/config/config.go

@@ -24,7 +24,6 @@ import (
 	invitations "github.com/opencloud-eu/opencloud/services/invitations/pkg/config"
 	nats "github.com/opencloud-eu/opencloud/services/nats/pkg/config"
 	notifications "github.com/opencloud-eu/opencloud/services/notifications/pkg/config"
-	ocdav "github.com/opencloud-eu/opencloud/services/ocdav/pkg/config"
 	ocm "github.com/opencloud-eu/opencloud/services/ocm/pkg/config"
 	ocs "github.com/opencloud-eu/opencloud/services/ocs/pkg/config"
 	policies "github.com/opencloud-eu/opencloud/services/policies/pkg/config"
@@ -105,7 +104,6 @@ type Config struct {
 	Invitations       *invitations.Config    `yaml:"invitations"`
 	Nats              *nats.Config           `yaml:"nats"`
 	Notifications     *notifications.Config  `yaml:"notifications"`
-	OCDav             *ocdav.Config          `yaml:"ocdav"`
 	OCM               *ocm.Config            `yaml:"ocm"`
 	OCS               *ocs.Config            `yaml:"ocs"`
 	Postprocessing    *postprocessing.Config `yaml:"postprocessing"`

pkg/config/defaultconfig.go

@@ -24,7 +24,6 @@ import (
 	invitations "github.com/opencloud-eu/opencloud/services/invitations/pkg/config/defaults"
 	nats "github.com/opencloud-eu/opencloud/services/nats/pkg/config/defaults"
 	notifications "github.com/opencloud-eu/opencloud/services/notifications/pkg/config/defaults"
-	ocdav "github.com/opencloud-eu/opencloud/services/ocdav/pkg/config/defaults"
 	ocm "github.com/opencloud-eu/opencloud/services/ocm/pkg/config/defaults"
 	ocs "github.com/opencloud-eu/opencloud/services/ocs/pkg/config/defaults"
 	policies "github.com/opencloud-eu/opencloud/services/policies/pkg/config/defaults"
@@ -80,7 +79,6 @@ func DefaultConfig() *Config {
 		Invitations:       invitations.DefaultConfig(),
 		Nats:              nats.DefaultConfig(),
 		Notifications:     notifications.DefaultConfig(),
-		OCDav:             ocdav.DefaultConfig(),
 		OCM:               ocm.DefaultConfig(),
 		OCS:               ocs.DefaultConfig(),
 		Postprocessing:    postprocessing.DefaultConfig(),

pkg/config/helpers_test.go

@@ -1,9 +1,10 @@
 package config
 
 import (
-	"gotest.tools/v3/assert"
 	"testing"
 	"testing/fstest"
+
+	"gotest.tools/v3/assert"
 )
 
 type TestConfig struct {
@@ -98,6 +99,8 @@ frontend:
   service_account:
     service_account_id: c05389b2-d94c-4d01-a9b5-a2f97952cc14
     service_account_secret: GW5.x1vDM&+NPRi++eV@.P7Tms4vj!=s
+  ocdav:
+    insecure: true
 auth_basic:
   auth_providers:
     ldap:
@@ -114,8 +117,6 @@ groups:
   drivers:
     ldap:
       bind_password: c68JL=V$c@0GHs!%eSb8r&Ps3rgzKnXJ
-ocdav:
-  insecure: true
 ocm:
   service_account:
     service_account_id: c05389b2-d94c-4d01-a9b5-a2f97952cc14

pkg/version/version.go

@@ -16,7 +16,7 @@ var (
 	// LatestTag is the latest released version plus the dev meta version.
 	// Will be overwritten by the release pipeline
 	// Needs a manual change for every tagged release
-	LatestTag = "4.0.0-rc.2+dev"
+	LatestTag = "4.0.0-rc.3+dev"
 
 	// Date indicates the build date.
 	// This has been removed, it looks like you can only replace static strings with recent go versions

services/activitylog/pkg/config/config.go

@@ -40,7 +40,7 @@ type Config struct {
 type Events struct {
 	Endpoint             string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"1.0.0"`
 	Cluster              string `yaml:"cluster" env:"OC_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"1.0.0"`
-	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
+	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;OC_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
 	TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"1.0.0"`
 	EnableTLS            bool   `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`
 	AuthUsername         string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`

services/activitylog/pkg/service/l10n/locale/ca/LC_MESSAGES/activitylog.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Ivan Fustero, 2025\n"
 "Language-Team: Catalan (https://app.transifex.com/opencloud-eu/teams/204053/ca/)\n"

services/activitylog/pkg/service/l10n/locale/de/LC_MESSAGES/activitylog.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Jörn Friedrich Dreyer <jfd@butonic.de>, 2025\n"
 "Language-Team: German (https://app.transifex.com/opencloud-eu/teams/204053/de/)\n"

services/activitylog/pkg/service/l10n/locale/es/LC_MESSAGES/activitylog.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Elías Martín, 2025\n"
 "Language-Team: Spanish (https://app.transifex.com/opencloud-eu/teams/204053/es/)\n"

services/activitylog/pkg/service/l10n/locale/fr/LC_MESSAGES/activitylog.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: eric_G <junk.eg@free.fr>, 2025\n"
 "Language-Team: French (https://app.transifex.com/opencloud-eu/teams/204053/fr/)\n"

services/activitylog/pkg/service/l10n/locale/it/LC_MESSAGES/activitylog.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Simone Broglia, 2025\n"
 "Language-Team: Italian (https://app.transifex.com/opencloud-eu/teams/204053/it/)\n"

services/activitylog/pkg/service/l10n/locale/ko/LC_MESSAGES/activitylog.po

@@ -12,7 +12,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Junghyuk Kwon <kwon@junghy.uk>, 2025\n"
 "Language-Team: Korean (https://app.transifex.com/opencloud-eu/teams/204053/ko/)\n"

services/activitylog/pkg/service/l10n/locale/nl/LC_MESSAGES/activitylog.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-12 00:01+0000\n"
+"POT-Creation-Date: 2025-12-03 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Stephan Paternotte <stephan@paternottes.net>, 2025\n"
 "Language-Team: Dutch (https://app.transifex.com/opencloud-eu/teams/204053/nl/)\n"

services/activitylog/pkg/service/l10n/locale/ru/LC_MESSAGES/activitylog.po

@@ -12,7 +12,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-12 00:01+0000\n"
+"POT-Creation-Date: 2025-12-03 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Lulufox, 2025\n"
 "Language-Team: Russian (https://app.transifex.com/opencloud-eu/teams/204053/ru/)\n"

services/activitylog/pkg/service/l10n/locale/sv/LC_MESSAGES/activitylog.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-08 00:02+0000\n"
+"POT-Creation-Date: 2025-11-29 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Daniel Nylander <po@danielnylander.se>, 2025\n"
 "Language-Team: Swedish (https://app.transifex.com/opencloud-eu/teams/204053/sv/)\n"

services/activitylog/pkg/service/l10n/locale/zh/LC_MESSAGES/activitylog.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: YQS Yang, 2025\n"
 "Language-Team: Chinese (https://app.transifex.com/opencloud-eu/teams/204053/zh/)\n"

services/antivirus/README.md

@@ -36,13 +36,13 @@ Several factors can make it necessary to limit the maximum filesize the antiviru
 Use the `ANTIVIRUS_MAX_SCAN_SIZE` environment variable to scan only a given number of bytes,
 or to skip the whole resource.
 
-Even if it's recommended to scan the whole file, several factors like scanner type and version,
+Even if it is recommended to scan the whole file, several factors like scanner type and version,
 bandwidth, performance issues, etc. might make a limit necessary.
 
-In such cases, the antivirus the max scan size mode can be handy, the following modes are available:
+In such cases, the antivirus max scan size mode can be handy, the following modes are available:
 
-  -   `partial`: The file is scanned up to the given size. The rest of the file is not scanned. This is the default mode `ANTIVIRUS_MAX_SCAN_SIZE=partial`
-  -   `skip`: The file is skipped and not scanned. `ANTIVIRUS_MAX_SCAN_SIZE=skip`
+  -   `partial`: The file is scanned up to the given size. The rest of the file is not scanned. This is the default mode `ANTIVIRUS_MAX_SCAN_SIZE_MODE=partial`
+  -   `skip`: The file is skipped and not scanned. `ANTIVIRUS_MAX_SCAN_SIZE_MODE=skip`
 
 **IMPORTANT**
 > Streaming of files to the virus scan service still [needs to be implemented](https://github.com/owncloud/ocis/issues/6803).

services/antivirus/pkg/config/config.go

@@ -75,7 +75,7 @@ type Debug struct {
 type Events struct {
 	Endpoint             string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;ANTIVIRUS_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"1.0.0"`
 	Cluster              string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;ANTIVIRUS_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"1.0.0"`
-	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;ANTIVIRUS_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
+	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;OC_EVENTS_TLS_INSECURE;ANTIVIRUS_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
 	TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;ANTIVIRUS_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided ANTIVIRUS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"1.0.0"`
 	EnableTLS            bool   `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;ANTIVIRUS_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`
 	AuthUsername         string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;ANTIVIRUS_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`

services/audit/pkg/config/config.go

@@ -25,7 +25,7 @@ type Config struct {
 type Events struct {
 	Endpoint             string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;AUDIT_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"1.0.0"`
 	Cluster              string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;AUDIT_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"1.0.0"`
-	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;AUDIT_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
+	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;OC_EVENTS_TLS_INSECURE;AUDIT_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
 	TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;AUDIT_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided AUDIT_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"1.0.0"`
 	EnableTLS            bool   `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;AUDIT_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`
 	AuthUsername         string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;AUDIT_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`

services/clientlog/pkg/config/config.go

@@ -31,7 +31,7 @@ type Config struct {
 type Events struct {
 	Endpoint             string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;CLIENTLOG_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"1.0.0"`
 	Cluster              string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;CLIENTLOG_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"1.0.0"`
-	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;CLIENTLOG_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
+	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;OC_EVENTS_TLS_INSECURE;CLIENTLOG_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
 	TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;CLIENTLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"1.0.0"`
 	EnableTLS            bool   `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;CLIENTLOG_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`
 	AuthUsername         string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;CLIENTLOG_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`

services/eventhistory/pkg/config/config.go

@@ -49,7 +49,7 @@ type Store struct {
 type Events struct {
 	Endpoint             string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;EVENTHISTORY_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"1.0.0"`
 	Cluster              string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;EVENTHISTORY_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"1.0.0"`
-	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;EVENTHISTORY_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
+	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;OC_EVENTS_TLS_INSECURE;EVENTHISTORY_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
 	TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;EVENTHISTORY_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. Will be seen as empty if NOTIFICATIONS_EVENTS_TLS_INSECURE is provided." introductionVersion:"1.0.0"`
 	EnableTLS            bool   `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;EVENTHISTORY_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`
 	AuthUsername         string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;EVENTHISTORY_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`

services/frontend/pkg/config/config.go

@@ -44,6 +44,7 @@ type Config struct {
 	Archiver                 Archiver    `yaml:"archiver"`
 	DataGateway              DataGateway `yaml:"data_gateway"`
 	OCS                      OCS         `yaml:"ocs"`
+	OCDav                    OCDav       `yaml:"ocdav"`
 	Checksums                Checksums   `yaml:"checksums"`
 	ReadOnlyUserAttributes   []string    `yaml:"read_only_user_attributes" env:"FRONTEND_READONLY_USER_ATTRIBUTES" desc:"A list of user attributes to indicate as read-only. Supported values: 'user.onPremisesSamAccountName' (username), 'user.displayName', 'user.mail', 'user.passwordProfile' (password), 'user.appRoleAssignments' (role), 'user.memberOf' (groups), 'user.accountEnabled' (login allowed), 'drive.quota' (quota). See the Environment Variable Types description for more details." introductionVersion:"1.0.0"`
 	LDAPServerWriteEnabled   bool        `yaml:"ldap_server_write_enabled" env:"OC_LDAP_SERVER_WRITE_ENABLED;FRONTEND_LDAP_SERVER_WRITE_ENABLED" desc:"Allow creating, modifying and deleting LDAP users via the GRAPH API. This can only be set to 'true' when keeping default settings for the LDAP user and group attribute types (the 'OC_LDAP_USER_SCHEMA_* and 'OC_LDAP_GROUP_SCHEMA_* variables)." introductionVersion:"1.0.0"`
@@ -152,6 +153,41 @@ type OCS struct {
 	ShowUserEmailInResults               bool               `yaml:"show_email_in_results" env:"OC_SHOW_USER_EMAIL_IN_RESULTS" desc:"Include user email addresses in responses. If absent or set to false emails will be omitted from results. Please note that admin users can always see all email addresses." introductionVersion:"1.0.0"`
 }
 
+type OCDav struct {
+	Prefix string `yaml:"prefix" env:"OCDAV_HTTP_PREFIX" desc:"A URL path prefix for the handler." introductionVersion:"1.0.0"`
+
+	SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token" env:"OCDAV_SKIP_USER_GROUPS_IN_TOKEN" desc:"Disables the loading of user's group memberships from the reva access token." introductionVersion:"1.0.0"`
+
+	WebdavNamespace string `yaml:"webdav_namespace" env:"OCDAV_WEBDAV_NAMESPACE" desc:"Jail requests to /dav/webdav into this CS3 namespace. Supports template layouting with CS3 User properties." introductionVersion:"1.0.0"`
+	FilesNamespace  string `yaml:"files_namespace" env:"OCDAV_FILES_NAMESPACE" desc:"Jail requests to /dav/files/{username} into this CS3 namespace. Supports template layouting with CS3 User properties." introductionVersion:"1.0.0"`
+	SharesNamespace string `yaml:"shares_namespace" env:"OCDAV_SHARES_NAMESPACE" desc:"The human readable path for the share jail. Relative to a users personal space root. Upcased intentionally." introductionVersion:"1.0.0"`
+	OCMNamespace    string `yaml:"ocm_namespace" env:"OCDAV_OCM_NAMESPACE" desc:"The human readable path prefix for the ocm shares." introductionVersion:"1.0.0"`
+	// PublicURL used to redirect /s/{token} URLs to
+	PublicURL string `yaml:"public_url" env:"OC_URL;OCDAV_PUBLIC_URL" desc:"URL where OpenCloud is reachable for users." introductionVersion:"1.0.0"`
+
+	// Insecure certificates allowed when making requests to the gateway
+	Insecure      bool `yaml:"insecure" env:"OC_INSECURE;OCDAV_INSECURE" desc:"Allow insecure connections to the GATEWAY service." introductionVersion:"1.0.0"`
+	EnableHTTPTPC bool `yaml:"enable_http_tpc" env:"OCDAV_ENABLE_HTTP_TPC" desc:"Enable HTTP / WebDAV Third-Party-Copy support." introductionVersion:"%%NEXT%%"`
+	// Timeout in seconds when making requests to the gateway
+	Timeout int64 `yaml:"gateway_request_timeout" env:"OCDAV_GATEWAY_REQUEST_TIMEOUT" desc:"Request timeout in seconds for requests from the oCDAV service to the GATEWAY service." introductionVersion:"1.0.0"`
+
+	MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OC_MACHINE_AUTH_API_KEY;OCDAV_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used to validate internal requests necessary for the access to resources from other services." introductionVersion:"1.0.0"`
+
+	Status Status `yaml:"-"`
+
+	AllowPropfindDepthInfinity bool `yaml:"allow_propfind_depth_infinity" env:"OCDAV_ALLOW_PROPFIND_DEPTH_INFINITY" desc:"Allow the use of depth infinity in PROPFINDS. When enabled, a propfind will traverse through all subfolders. If many subfolders are expected, depth infinity can cause heavy server load and/or delayed response times." introductionVersion:"1.0.0"`
+}
+
+// Status holds the configurable values for the status.php
+type Status struct {
+	Version        string
+	VersionString  string
+	Product        string
+	ProductName    string
+	ProductVersion string
+	Edition        string `yaml:"edition" env:"OC_EDITION;OCDAV_EDITION" desc:"Edition of OpenCloud. Used for branding purposes." introductionVersion:"1.0.0"`
+}
+
 type CacheWarmupDrivers struct {
 	CBOX CBOXDriver `yaml:"cbox,omitempty"`
 }
@@ -174,8 +210,8 @@ type Checksums struct {
 type Events struct {
 	Endpoint             string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;FRONTEND_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"1.0.0"`
 	Cluster              string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;FRONTEND_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"1.0.0"`
-	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;FRONTEND_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
-	TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"FRONTEND_EVENTS_TLS_ROOT_CA_CERTIFICATE;OCS_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"1.0.0"`
+	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;OC_EVENTS_TLS_INSECURE;FRONTEND_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
+	TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;FRONTEND_EVENTS_TLS_ROOT_CA_CERTIFICATE;OCS_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"1.0.0"`
 	EnableTLS            bool   `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;FRONTEND_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`
 	AuthUsername         string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;FRONTEND_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`
 	AuthPassword         string `yaml:"password" env:"OC_EVENTS_AUTH_PASSWORD;FRONTEND_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`

services/frontend/pkg/config/defaults/defaultconfig.go

@@ -5,6 +5,7 @@ import (
 
 	"github.com/opencloud-eu/opencloud/pkg/shared"
 	"github.com/opencloud-eu/opencloud/pkg/structs"
+	"github.com/opencloud-eu/opencloud/pkg/version"
 	"github.com/opencloud-eu/opencloud/services/frontend/pkg/config"
 )
 
@@ -119,6 +120,28 @@ func DefaultConfig() *config.Config {
 			PublicShareMustHavePassword: true,
 			IncludeOCMSharees:           false,
 		},
+		OCDav: config.OCDav{
+			Prefix:                "",
+			SkipUserGroupsInToken: false,
+
+			WebdavNamespace: "/users/{{.Id.OpaqueId}}",
+			FilesNamespace:  "/users/{{.Id.OpaqueId}}",
+			SharesNamespace: "/Shares",
+			OCMNamespace:    "/public",
+			PublicURL:       "https://localhost:9200",
+			Insecure:        false,
+			EnableHTTPTPC:   false,
+			Timeout:         84300,
+			Status: config.Status{
+				Version:        version.Legacy,
+				VersionString:  version.LegacyString,
+				ProductVersion: version.GetString(),
+				Product:        "OpenCloud",
+				ProductName:    "OpenCloud",
+				Edition:        "",
+			},
+			AllowPropfindDepthInfinity: false,
+		},
 		Middleware: config.Middleware{
 			Auth: config.Auth{
 				CredentialsByUserAgent: map[string]string{},

services/frontend/pkg/revaconfig/config.go

@@ -357,6 +357,34 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 					"include_ocm_sharees":   cfg.OCS.IncludeOCMSharees,
 					"show_email_in_results": cfg.OCS.ShowUserEmailInResults,
 				},
+				"ocdav": map[string]interface{}{
+					"prefix":           cfg.OCDav.Prefix,
+					"files_namespace":  cfg.OCDav.FilesNamespace,
+					"webdav_namespace": cfg.OCDav.WebdavNamespace,
+					"shares_namespace": cfg.OCDav.SharesNamespace,
+					"ocm_namespace":    cfg.OCDav.OCMNamespace,
+					"gatewaysvc":       cfg.Reva.Address,
+					"timeout":          cfg.OCDav.Timeout,
+					"insecure":         cfg.OCDav.Insecure,
+					"enable_http_tpc":  cfg.OCDav.EnableHTTPTPC,
+					"public_url":       cfg.OCDav.PublicURL,
+					// still not supported
+					//"favorite_storage_driver":   unused,
+					//"favorite_storage_drivers":  unused,
+					"version":              cfg.OCDav.Status.Version,
+					"version_string":       cfg.OCDav.Status.VersionString,
+					"edition":              cfg.OCDav.Status.Edition,
+					"product":              cfg.OCDav.Status.Product,
+					"product_name":         cfg.OCDav.Status.ProductName,
+					"product_version":      cfg.OCDav.Status.ProductVersion,
+					"allow_depth_infinity": cfg.OCDav.AllowPropfindDepthInfinity,
+					"validation":           map[string]interface{}{
+						// "invalid_chars": aka ItemNameInvalidChars option ... unused
+						// "max_length": aka ItemNameMaxLength option ... unused
+					},
+					"url_signing_shared_secret": cfg.Commons.URLSigningSecret,
+					"machine_auth_apikey":       cfg.MachineAuthAPIKey,
+				},
 			},
 		},
 	}, nil

services/graph/pkg/config/config.go

@@ -129,7 +129,7 @@ type API struct {
 type Events struct {
 	Endpoint             string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;GRAPH_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Set to a empty string to disable emitting events." introductionVersion:"1.0.0"`
 	Cluster              string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;GRAPH_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"1.0.0"`
-	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;GRAPH_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
+	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;OC_EVENTS_TLS_INSECURE;GRAPH_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
 	TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;GRAPH_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided GRAPH_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"1.0.0"`
 	EnableTLS            bool   `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;GRAPH_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`
 	AuthUsername         string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;GRAPH_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`

services/graph/pkg/identity/backend.go

@@ -133,6 +133,10 @@ func CreateUserModelFromCS3(u *cs3user.User) *libregraph.User {
 		OnPremisesSamAccountName: u.GetUsername(),
 		Id:                       &u.GetId().OpaqueId,
 	}
+	if u.GetId().GetType() == cs3user.UserType_USER_TYPE_FEDERATED {
+		ocmUserId := u.GetId().GetOpaqueId() + "@" + u.GetId().GetIdp()
+		user.Id = &ocmUserId
+	}
 	return user
 }
 

services/graph/pkg/identity/cache/cache.go

@@ -2,6 +2,8 @@ package cache
 
 import (
 	"context"
+	"errors"
+	"strings"
 	"time"
 
 	gateway "github.com/cs3org/go-cs3apis/cs3/gateway/v1beta1"
@@ -133,6 +135,20 @@ func (cache IdentityCache) GetAcceptedUser(ctx context.Context, userid string) (
 	return *identity.CreateUserModelFromCS3(u), nil
 }
 
+func getIDAndMeshProvider(user string) (id, provider string, err error) {
+	last := strings.LastIndex(user, "@")
+	if last == -1 {
+		return "", "", errors.New("not in the form <id>@<provider>")
+	}
+	if len(user[:last]) == 0 {
+		return "", "", errors.New("empty id")
+	}
+	if len(user[last+1:]) == 0 {
+		return "", "", errors.New("empty provider")
+	}
+	return user[:last], user[last+1:], nil
+}
+
 func (cache IdentityCache) GetAcceptedCS3User(ctx context.Context, userid string) (*cs3User.User, error) {
 	var user *cs3user.User
 	if item := cache.users.Get(userid); item == nil {
@@ -140,8 +156,14 @@ func (cache IdentityCache) GetAcceptedCS3User(ctx context.Context, userid string
 		if err != nil {
 			return nil, errorcode.New(errorcode.GeneralException, err.Error())
 		}
+		id, provider, err := getIDAndMeshProvider(userid)
+		if err != nil {
+			return nil, errorcode.New(errorcode.InvalidRequest, err.Error())
+		}
 		cs3UserID := &cs3User.UserId{
-			OpaqueId: userid,
+			Idp:      provider,
+			OpaqueId: id,
+			Type:     cs3User.UserType_USER_TYPE_FEDERATED,
 		}
 		user, err = revautils.GetAcceptedUserWithContext(ctx, cs3UserID, gatewayClient)
 		if err != nil {

services/graph/pkg/l10n/locale/ca/LC_MESSAGES/graph.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Ivan Fustero, 2025\n"
 "Language-Team: Catalan (https://app.transifex.com/opencloud-eu/teams/204053/ca/)\n"

services/graph/pkg/l10n/locale/de/LC_MESSAGES/graph.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Jörn Friedrich Dreyer <jfd@butonic.de>, 2025\n"
 "Language-Team: German (https://app.transifex.com/opencloud-eu/teams/204053/de/)\n"

services/graph/pkg/l10n/locale/es/LC_MESSAGES/graph.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Elías Martín, 2025\n"
 "Language-Team: Spanish (https://app.transifex.com/opencloud-eu/teams/204053/es/)\n"

services/graph/pkg/l10n/locale/fr/LC_MESSAGES/graph.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: eric_G <junk.eg@free.fr>, 2025\n"
 "Language-Team: French (https://app.transifex.com/opencloud-eu/teams/204053/fr/)\n"

services/graph/pkg/l10n/locale/it/LC_MESSAGES/graph.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Simone Broglia, 2025\n"
 "Language-Team: Italian (https://app.transifex.com/opencloud-eu/teams/204053/it/)\n"

services/graph/pkg/l10n/locale/ko/LC_MESSAGES/graph.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: gapho shin, 2025\n"
 "Language-Team: Korean (https://app.transifex.com/opencloud-eu/teams/204053/ko/)\n"

services/graph/pkg/l10n/locale/sv/LC_MESSAGES/graph.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-08 00:02+0000\n"
+"POT-Creation-Date: 2025-11-29 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Daniel Nylander <po@danielnylander.se>, 2025\n"
 "Language-Team: Swedish (https://app.transifex.com/opencloud-eu/teams/204053/sv/)\n"

services/graph/pkg/l10n/locale/zh/LC_MESSAGES/graph.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: YQS Yang, 2025\n"
 "Language-Team: Chinese (https://app.transifex.com/opencloud-eu/teams/204053/zh/)\n"

services/graph/pkg/service/v0/users_test.go

@@ -1354,6 +1354,7 @@ var _ = Describe("Users", func() {
 							Username: "federated",
 							Id: &userv1beta1.UserId{
 								OpaqueId: "federated",
+								Idp:      "provider",
 								Type:     userv1beta1.UserType_USER_TYPE_FEDERATED,
 							},
 						},
@@ -1377,7 +1378,7 @@ var _ = Describe("Users", func() {
 				Expect(err).ToNot(HaveOccurred())
 
 				Expect(len(res.Value)).To(Equal(1))
-				Expect(res.Value[0].GetId()).To(Equal("federated"))
+				Expect(res.Value[0].GetId()).To(Equal("federated@provider"))
 				Expect(res.Value[0].GetUserType()).To(Equal("Federated"))
 			})
 			It("does not list federated users when filtering for 'Member' users", func() {

services/graph/pkg/service/v0/utils.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"encoding/base64"
 	"encoding/json"
+	"fmt"
 	"io"
 	"net/http"
 	"reflect"
@@ -106,7 +107,8 @@ func userIdToIdentity(ctx context.Context, cache cache.IdentityCache, tennantId,
 
 // federatedIdToIdentity looks the user for the supplied id using the cache and returns it
 // as a libregraph.Identity
-func federatedIdToIdentity(ctx context.Context, cache cache.IdentityCache, userID string) (libregraph.Identity, error) {
+func federatedIdToIdentity(ctx context.Context, cache cache.IdentityCache, cs3UserID *cs3User.UserId) (libregraph.Identity, error) {
+	userID := fmt.Sprintf("%s@%s", cs3UserID.GetOpaqueId(), cs3UserID.GetIdp())
 	identity := libregraph.Identity{
 		Id:                 libregraph.PtrString(userID),
 		LibreGraphUserType: libregraph.PtrString("Federated"),
@@ -123,7 +125,7 @@ func federatedIdToIdentity(ctx context.Context, cache cache.IdentityCache, userI
 // as a libregraph.Identity. Skips the user lookup if the id type is USER_TYPE_SPACE_OWNER
 func cs3UserIdToIdentity(ctx context.Context, cache cache.IdentityCache, cs3UserID *cs3User.UserId) (libregraph.Identity, error) {
 	if cs3UserID.GetType() == cs3User.UserType_USER_TYPE_FEDERATED {
-		return federatedIdToIdentity(ctx, cache, cs3UserID.GetOpaqueId())
+		return federatedIdToIdentity(ctx, cache, cs3UserID)
 	}
 	if cs3UserID.GetType() != cs3User.UserType_USER_TYPE_SPACE_OWNER {
 		return userIdToIdentity(ctx, cache, cs3UserID.GetTenantId(), cs3UserID.GetOpaqueId())

services/notifications/pkg/config/config.go

@@ -55,7 +55,7 @@ type SMTP struct {
 type Events struct {
 	Endpoint             string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;NOTIFICATIONS_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"1.0.0"`
 	Cluster              string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;NOTIFICATIONS_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"1.0.0"`
-	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;NOTIFICATIONS_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
+	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;OC_EVENTS_TLS_INSECURE;NOTIFICATIONS_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
 	TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;NOTIFICATIONS_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"1.0.0"`
 	EnableTLS            bool   `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;NOTIFICATIONS_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`
 	AuthUsername         string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;NOTIFICATIONS_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`

services/notifications/pkg/email/l10n/locale/ca/LC_MESSAGES/notifications.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Ivan Fustero, 2025\n"
 "Language-Team: Catalan (https://app.transifex.com/opencloud-eu/teams/204053/ca/)\n"

services/notifications/pkg/email/l10n/locale/de/LC_MESSAGES/notifications.po

@@ -12,7 +12,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Jonas, 2025\n"
 "Language-Team: German (https://app.transifex.com/opencloud-eu/teams/204053/de/)\n"

services/notifications/pkg/email/l10n/locale/fr/LC_MESSAGES/notifications.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: eric_G <junk.eg@free.fr>, 2025\n"
 "Language-Team: French (https://app.transifex.com/opencloud-eu/teams/204053/fr/)\n"

services/notifications/pkg/email/l10n/locale/it/LC_MESSAGES/notifications.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Simone Broglia, 2025\n"
 "Language-Team: Italian (https://app.transifex.com/opencloud-eu/teams/204053/it/)\n"

services/notifications/pkg/email/l10n/locale/ko/LC_MESSAGES/notifications.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: gapho shin, 2025\n"
 "Language-Team: Korean (https://app.transifex.com/opencloud-eu/teams/204053/ko/)\n"

services/notifications/pkg/email/l10n/locale/sv/LC_MESSAGES/notifications.po

@@ -12,7 +12,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-08 00:02+0000\n"
+"POT-Creation-Date: 2025-11-29 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Daniel Nylander <po@danielnylander.se>, 2025\n"
 "Language-Team: Swedish (https://app.transifex.com/opencloud-eu/teams/204053/sv/)\n"

services/notifications/pkg/email/l10n/locale/zh/LC_MESSAGES/notifications.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: YQS Yang, 2025\n"
 "Language-Team: Chinese (https://app.transifex.com/opencloud-eu/teams/204053/zh/)\n"

services/ocdav/Makefile

@@ -1,11 +0,0 @@
-SHELL := bash
-NAME := ocdav
-
-ifneq (, $(shell command -v go 2> /dev/null)) # suppress `command not found warnings` for non go targets in CI
-include ../../.bingo/Variables.mk
-endif
-
-include ../../.make/default.mk
-include ../../.make/go.mk
-include ../../.make/release.mk
-include ../../.make/docs.mk

services/ocdav/README.md

@@ -1,3 +0,0 @@
-# ocDAV
-
-The ocdav service provides the WebDAV API which is required by OpenCloud clients. Previews (thumbnails) are provided by the [WebDAV service](../webdav).

services/ocdav/cmd/ocdav/main.go

@@ -1,19 +0,0 @@
-package main
-
-import (
-	"context"
-	"os"
-	"os/signal"
-	"syscall"
-
-	"github.com/opencloud-eu/opencloud/services/ocdav/pkg/command"
-	"github.com/opencloud-eu/opencloud/services/ocdav/pkg/config/defaults"
-)
-
-func main() {
-	cfg := defaults.DefaultConfig()
-	cfg.Context, _ = signal.NotifyContext(context.Background(), syscall.SIGINT, syscall.SIGTERM, syscall.SIGQUIT, syscall.SIGHUP)
-	if err := command.Execute(cfg); err != nil {
-		os.Exit(1)
-	}
-}

services/ocdav/pkg/command/health.go

@@ -1,54 +0,0 @@
-package command
-
-import (
-	"fmt"
-	"net/http"
-
-	"github.com/opencloud-eu/opencloud/pkg/config/configlog"
-	"github.com/opencloud-eu/opencloud/services/ocdav/pkg/config"
-	"github.com/opencloud-eu/opencloud/services/ocdav/pkg/config/parser"
-	"github.com/opencloud-eu/opencloud/services/ocdav/pkg/logging"
-	"github.com/urfave/cli/v2"
-)
-
-// Health is the entrypoint for the health command.
-func Health(cfg *config.Config) *cli.Command {
-	return &cli.Command{
-		Name:     "health",
-		Usage:    "check health status",
-		Category: "info",
-		Before: func(c *cli.Context) error {
-			return configlog.ReturnError(parser.ParseConfig(cfg))
-		},
-		Action: func(c *cli.Context) error {
-			logger := logging.Configure(cfg.Service.Name, cfg.Log)
-
-			resp, err := http.Get(
-				fmt.Sprintf(
-					"http://%s/healthz",
-					cfg.Debug.Addr,
-				),
-			)
-
-			if err != nil {
-				logger.Fatal().
-					Err(err).
-					Msg("Failed to request health check")
-			}
-
-			defer resp.Body.Close()
-
-			if resp.StatusCode != http.StatusOK {
-				logger.Fatal().
-					Int("code", resp.StatusCode).
-					Msg("Health seems to be in bad state")
-			}
-
-			logger.Debug().
-				Int("code", resp.StatusCode).
-				Msg("Health got a good state")
-
-			return nil
-		},
-	}
-}

services/ocdav/pkg/command/root.go

@@ -1,34 +0,0 @@
-package command
-
-import (
-	"os"
-
-	"github.com/opencloud-eu/opencloud/pkg/clihelper"
-	"github.com/opencloud-eu/opencloud/services/ocdav/pkg/config"
-	"github.com/urfave/cli/v2"
-)
-
-// GetCommands provides all commands for this service
-func GetCommands(cfg *config.Config) cli.Commands {
-	return []*cli.Command{
-		// start this service
-		Server(cfg),
-
-		// interaction with this service
-
-		// infos about this service
-		Health(cfg),
-		Version(cfg),
-	}
-}
-
-// Execute is the entry point for the OpenCloud ocdav command.
-func Execute(cfg *config.Config) error {
-	app := clihelper.DefaultApp(&cli.App{
-		Name:     "ocdav",
-		Usage:    "Provide a WebDav API for OpenCloud",
-		Commands: GetCommands(cfg),
-	})
-
-	return app.RunContext(cfg.Context, os.Args)
-}

services/ocdav/pkg/command/server.go

@@ -1,134 +0,0 @@
-package command
-
-import (
-	"context"
-	"fmt"
-	"os/signal"
-
-	"github.com/opencloud-eu/opencloud/pkg/broker"
-	"github.com/opencloud-eu/opencloud/pkg/config/configlog"
-	"github.com/opencloud-eu/opencloud/pkg/registry"
-	"github.com/opencloud-eu/opencloud/pkg/runner"
-	ohttp "github.com/opencloud-eu/opencloud/pkg/service/http"
-	"github.com/opencloud-eu/opencloud/pkg/tracing"
-	"github.com/opencloud-eu/opencloud/pkg/version"
-	"github.com/opencloud-eu/opencloud/services/ocdav/pkg/config"
-	"github.com/opencloud-eu/opencloud/services/ocdav/pkg/config/parser"
-	"github.com/opencloud-eu/opencloud/services/ocdav/pkg/logging"
-	"github.com/opencloud-eu/opencloud/services/ocdav/pkg/server/debug"
-	"github.com/opencloud-eu/reva/v2/pkg/micro/ocdav"
-	"github.com/opencloud-eu/reva/v2/pkg/sharedconf"
-	"github.com/urfave/cli/v2"
-)
-
-// Server is the entry point for the server command.
-func Server(cfg *config.Config) *cli.Command {
-	return &cli.Command{
-		Name:     "server",
-		Usage:    fmt.Sprintf("start the %s service without runtime (unsupervised mode)", cfg.Service.Name),
-		Category: "server",
-		Before: func(c *cli.Context) error {
-			return configlog.ReturnFatal(parser.ParseConfig(cfg))
-		},
-		Action: func(c *cli.Context) error {
-			logger := logging.Configure(cfg.Service.Name, cfg.Log)
-			traceProvider, err := tracing.GetTraceProvider(c.Context, cfg.Commons.TracesExporter, cfg.Service.Name)
-			if err != nil {
-				return err
-			}
-
-			var cancel context.CancelFunc
-			if cfg.Context == nil {
-				cfg.Context, cancel = signal.NotifyContext(context.Background(), runner.StopSignals...)
-				defer cancel()
-			}
-			ctx := cfg.Context
-
-			gr := runner.NewGroup()
-
-			// init reva shared config explicitly as the go-micro based ocdav does not use
-			// the reva runtime. But we need e.g. the shared client settings to be initialized
-			sc := map[string]interface{}{
-				"jwt_secret":                cfg.TokenManager.JWTSecret,
-				"gatewaysvc":                cfg.Reva.Address,
-				"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
-				"grpc_client_options":       cfg.Reva.GetGRPCClientConfig(),
-			}
-			if err := sharedconf.Decode(sc); err != nil {
-				logger.Error().Err(err).Msg("error decoding shared config for ocdav")
-			}
-			opts := []ocdav.Option{
-				ocdav.Name(cfg.HTTP.Namespace + "." + cfg.Service.Name),
-				ocdav.Version(version.GetString()),
-				ocdav.Context(ctx),
-				ocdav.Logger(logger.Logger),
-				ocdav.Address(cfg.HTTP.Addr),
-				ocdav.AllowCredentials(cfg.HTTP.CORS.AllowCredentials),
-				ocdav.AllowedMethods(cfg.HTTP.CORS.AllowedMethods),
-				ocdav.AllowedHeaders(cfg.HTTP.CORS.AllowedHeaders),
-				ocdav.AllowedOrigins(cfg.HTTP.CORS.AllowedOrigins),
-				ocdav.FilesNamespace(cfg.FilesNamespace),
-				ocdav.WebdavNamespace(cfg.WebdavNamespace),
-				ocdav.OCMNamespace(cfg.OCMNamespace),
-				ocdav.AllowDepthInfinity(cfg.AllowPropfindDepthInfinity),
-				ocdav.SharesNamespace(cfg.SharesNamespace),
-				ocdav.Timeout(cfg.Timeout),
-				ocdav.Insecure(cfg.Insecure),
-				ocdav.PublicURL(cfg.PublicURL),
-				ocdav.Prefix(cfg.HTTP.Prefix),
-				ocdav.GatewaySvc(cfg.Reva.Address),
-				ocdav.JWTSecret(cfg.TokenManager.JWTSecret),
-				ocdav.ProductName(cfg.Status.ProductName),
-				ocdav.ProductVersion(cfg.Status.ProductVersion),
-				ocdav.Product(cfg.Status.Product),
-				ocdav.Version(cfg.Status.Version),
-				ocdav.VersionString(cfg.Status.VersionString),
-				ocdav.Edition(cfg.Status.Edition),
-				ocdav.MachineAuthAPIKey(cfg.MachineAuthAPIKey),
-				ocdav.Broker(broker.NoOp{}),
-				// ocdav.FavoriteManager() // FIXME needs a proper persistence implementation https://github.com/owncloud/ocis/issues/1228
-				// ocdav.LockSystem(), // will default to the CS3 lock system
-				// ocdav.TLSConfig() // tls config for the http server
-				ocdav.MetricsEnabled(true),
-				ocdav.MetricsNamespace("ocis"),
-				ocdav.WithTraceProvider(traceProvider),
-				ocdav.RegisterTTL(registry.GetRegisterTTL()),
-				ocdav.RegisterInterval(registry.GetRegisterInterval()),
-				ocdav.URLSigningSharedSecret(cfg.Commons.URLSigningSecret),
-			}
-
-			s, err := ocdav.Service(opts...)
-			if err != nil {
-				return err
-			}
-
-			// creating a runner for a go-micro service is a bit complex, so we'll
-			// wrap the go-micro service with an ocis service the same way as
-			// ocis-pkg/service/http is doing in order to reuse the factory.
-			gr.Add(runner.NewGoMicroHttpServerRunner(cfg.Service.Name+".http", ohttp.Service{Service: s}))
-
-			debugServer, err := debug.Server(
-				debug.Logger(logger),
-				debug.Context(ctx),
-				debug.Config(cfg),
-			)
-
-			if err != nil {
-				logger.Info().Err(err).Str("server", "debug").Msg("Failed to initialize server")
-				return err
-			}
-
-			gr.Add(runner.NewGolangHttpServerRunner(cfg.Service.Name+".debug", debugServer))
-
-			grResults := gr.Run(ctx)
-
-			// return the first non-nil error found in the results
-			for _, grResult := range grResults {
-				if grResult.RunnerError != nil {
-					return grResult.RunnerError
-				}
-			}
-			return nil
-		},
-	}
-}

services/ocdav/pkg/command/version.go

@@ -1,50 +0,0 @@
-package command
-
-import (
-	"fmt"
-	"os"
-
-	"github.com/opencloud-eu/opencloud/pkg/registry"
-	"github.com/opencloud-eu/opencloud/pkg/version"
-
-	"github.com/olekukonko/tablewriter"
-	"github.com/olekukonko/tablewriter/tw"
-	"github.com/opencloud-eu/opencloud/services/ocdav/pkg/config"
-	"github.com/urfave/cli/v2"
-)
-
-// Version prints the service versions of all running instances.
-func Version(cfg *config.Config) *cli.Command {
-	return &cli.Command{
-		Name:     "version",
-		Usage:    "print the version of this binary and the running service instances",
-		Category: "info",
-		Action: func(c *cli.Context) error {
-			fmt.Println("Version: " + version.GetString())
-			fmt.Printf("Compiled: %s\n", version.Compiled())
-			fmt.Println("")
-
-			reg := registry.GetRegistry()
-			services, err := reg.GetService(cfg.HTTP.Namespace + "." + cfg.Service.Name)
-			if err != nil {
-				fmt.Println(fmt.Errorf("could not get %s services from the registry: %v", cfg.Service.Name, err))
-				return err
-			}
-
-			if len(services) == 0 {
-				fmt.Println("No running " + cfg.Service.Name + " service found.")
-				return nil
-			}
-
-			table := tablewriter.NewTable(os.Stdout, tablewriter.WithHeaderAutoFormat(tw.Off))
-			table.Header([]string{"Version", "Address", "Id"})
-			for _, s := range services {
-				for _, n := range s.Nodes {
-					table.Append([]string{s.Version, n.Address, n.Id})
-				}
-			}
-			table.Render()
-			return nil
-		},
-	}
-}

services/ocdav/pkg/config/config.go

@@ -1,84 +0,0 @@
-package config
-
-import (
-	"context"
-
-	"github.com/opencloud-eu/opencloud/pkg/shared"
-)
-
-type Config struct {
-	Commons *shared.Commons `yaml:"-"` // don't use this directly as configuration for a service
-	Service Service         `yaml:"-"`
-	Log     *Log            `yaml:"log"`
-	Debug   Debug           `yaml:"debug"`
-
-	HTTP HTTPConfig `yaml:"http"`
-
-	TokenManager *TokenManager `yaml:"token_manager"`
-	Reva         *shared.Reva  `yaml:"reva"`
-
-	SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token" env:"OCDAV_SKIP_USER_GROUPS_IN_TOKEN" desc:"Disables the loading of user's group memberships from the reva access token." introductionVersion:"1.0.0"`
-
-	WebdavNamespace string `yaml:"webdav_namespace" env:"OCDAV_WEBDAV_NAMESPACE" desc:"Jail requests to /dav/webdav into this CS3 namespace. Supports template layouting with CS3 User properties." introductionVersion:"1.0.0"`
-	FilesNamespace  string `yaml:"files_namespace" env:"OCDAV_FILES_NAMESPACE" desc:"Jail requests to /dav/files/{username} into this CS3 namespace. Supports template layouting with CS3 User properties." introductionVersion:"1.0.0"`
-	SharesNamespace string `yaml:"shares_namespace" env:"OCDAV_SHARES_NAMESPACE" desc:"The human readable path for the share jail. Relative to a users personal space root. Upcased intentionally." introductionVersion:"1.0.0"`
-	OCMNamespace    string `yaml:"ocm_namespace" env:"OCDAV_OCM_NAMESPACE" desc:"The human readable path prefix for the ocm shares." introductionVersion:"1.0.0"`
-	// PublicURL used to redirect /s/{token} URLs to
-	PublicURL string `yaml:"public_url" env:"OC_URL;OCDAV_PUBLIC_URL" desc:"URL where OpenCloud is reachable for users." introductionVersion:"1.0.0"`
-
-	// Insecure certificates allowed when making requests to the gateway
-	Insecure bool `yaml:"insecure" env:"OC_INSECURE;OCDAV_INSECURE" desc:"Allow insecure connections to the GATEWAY service." introductionVersion:"1.0.0"`
-	// Timeout in seconds when making requests to the gateway
-	Timeout int64 `yaml:"gateway_request_timeout" env:"OCDAV_GATEWAY_REQUEST_TIMEOUT" desc:"Request timeout in seconds for requests from the oCDAV service to the GATEWAY service." introductionVersion:"1.0.0"`
-
-	MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OC_MACHINE_AUTH_API_KEY;OCDAV_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used to validate internal requests necessary for the access to resources from other services." introductionVersion:"1.0.0"`
-
-	Context context.Context `yaml:"-"`
-	Status  Status          `yaml:"-"`
-
-	AllowPropfindDepthInfinity bool `yaml:"allow_propfind_depth_infinity" env:"OCDAV_ALLOW_PROPFIND_DEPTH_INFINITY" desc:"Allow the use of depth infinity in PROPFINDS. When enabled, a propfind will traverse through all subfolders. If many subfolders are expected, depth infinity can cause heavy server load and/or delayed response times." introductionVersion:"1.0.0"`
-}
-
-type Log struct {
-	Level  string `yaml:"level" env:"OC_LOG_LEVEL;OCDAV_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"1.0.0"`
-	Pretty bool   `yaml:"pretty" env:"OC_LOG_PRETTY;OCDAV_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"1.0.0"`
-	Color  bool   `yaml:"color" env:"OC_LOG_COLOR;OCDAV_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"1.0.0"`
-	File   string `yaml:"file" env:"OC_LOG_FILE;OCDAV_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"1.0.0"`
-}
-
-type Service struct {
-	Name string `yaml:"-"`
-}
-
-type Debug struct {
-	Addr   string `yaml:"addr" env:"OCDAV_DEBUG_ADDR" desc:"Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed." introductionVersion:"1.0.0"`
-	Token  string `yaml:"token" env:"OCDAV_DEBUG_TOKEN" desc:"Token to secure the metrics endpoint." introductionVersion:"1.0.0"`
-	Pprof  bool   `yaml:"pprof" env:"OCDAV_DEBUG_PPROF" desc:"Enables pprof, which can be used for profiling." introductionVersion:"1.0.0"`
-	Zpages bool   `yaml:"zpages" env:"OCDAV_DEBUG_ZPAGES" desc:"Enables zpages, which can be used for collecting and viewing in-memory traces." introductionVersion:"1.0.0"`
-}
-
-type HTTPConfig struct {
-	Addr      string `yaml:"addr" env:"OCDAV_HTTP_ADDR" desc:"The bind address of the HTTP service." introductionVersion:"1.0.0"`
-	Namespace string `yaml:"-"`
-	Protocol  string `yaml:"protocol" env:"OCDAV_HTTP_PROTOCOL" desc:"The transport protocol of the HTTP service." introductionVersion:"1.0.0"`
-	Prefix    string `yaml:"prefix" env:"OCDAV_HTTP_PREFIX" desc:"A URL path prefix for the handler." introductionVersion:"1.0.0"`
-	CORS      `yaml:"cors"`
-}
-
-// CORS defines the available cors configuration.
-type CORS struct {
-	AllowedOrigins   []string `yaml:"allow_origins" env:"OC_CORS_ALLOW_ORIGINS;OCDAV_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"1.0.0"`
-	AllowedMethods   []string `yaml:"allow_methods" env:"OC_CORS_ALLOW_METHODS;OCDAV_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"1.0.0"`
-	AllowedHeaders   []string `yaml:"allow_headers" env:"OC_CORS_ALLOW_HEADERS;OCDAV_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"1.0.0"`
-	AllowCredentials bool     `yaml:"allow_credentials" env:"OC_CORS_ALLOW_CREDENTIALS;OCDAV_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"1.0.0"`
-}
-
-// Status holds the configurable values for the status.php
-type Status struct {
-	Version        string
-	VersionString  string
-	Product        string
-	ProductName    string
-	ProductVersion string
-	Edition        string `yaml:"edition" env:"OC_EDITION;OCDAV_EDITION" desc:"Edition of OpenCloud. Used for branding purposes." introductionVersion:"1.0.0"`
-}

services/ocdav/pkg/config/defaults/defaultconfig.go

@@ -1,141 +0,0 @@
-package defaults
-
-import (
-	"github.com/opencloud-eu/opencloud/pkg/shared"
-	"github.com/opencloud-eu/opencloud/pkg/structs"
-	"github.com/opencloud-eu/opencloud/pkg/version"
-	"github.com/opencloud-eu/opencloud/services/ocdav/pkg/config"
-)
-
-// FullDefaultConfig returns a fully initialized default configuration
-func FullDefaultConfig() *config.Config {
-	cfg := DefaultConfig()
-	EnsureDefaults(cfg)
-	Sanitize(cfg)
-	return cfg
-}
-
-// DefaultConfig returns a basic default configuration
-func DefaultConfig() *config.Config {
-	return &config.Config{
-		Debug: config.Debug{
-			Addr:   "127.0.0.1:9163",
-			Token:  "",
-			Pprof:  false,
-			Zpages: false,
-		},
-		HTTP: config.HTTPConfig{
-			Addr:      "127.0.0.1:9350",
-			Namespace: "eu.opencloud.web",
-			Protocol:  "tcp",
-			Prefix:    "",
-			CORS: config.CORS{
-				AllowedOrigins: []string{"https://localhost:9200"},
-				AllowedMethods: []string{
-					"OPTIONS",
-					"HEAD",
-					"GET",
-					"PUT",
-					"POST",
-					"DELETE",
-					"MKCOL",
-					"PROPFIND",
-					"PROPPATCH",
-					"MOVE",
-					"COPY",
-					"REPORT",
-					"SEARCH",
-				},
-				AllowedHeaders: []string{
-					"Origin",
-					"Accept",
-					"Content-Type",
-					"Depth",
-					"Authorization",
-					"Ocs-Apirequest",
-					"If-None-Match",
-					"If-Match",
-					"Destination",
-					"Overwrite",
-					"X-Request-Id",
-					"X-Requested-With",
-					"Tus-Resumable",
-					"Tus-Checksum-Algorithm",
-					"Upload-Concat",
-					"Upload-Length",
-					"Upload-Metadata",
-					"Upload-Defer-Length",
-					"Upload-Expires",
-					"Upload-Checksum",
-					"Upload-Offset",
-					"X-HTTP-Method-Override",
-					"Cache-Control",
-				},
-				AllowCredentials: false,
-			},
-		},
-		Service: config.Service{
-			Name: "ocdav",
-		},
-		Reva:              shared.DefaultRevaConfig(),
-		WebdavNamespace:   "/users/{{.Id.OpaqueId}}",
-		FilesNamespace:    "/users/{{.Id.OpaqueId}}",
-		SharesNamespace:   "/Shares",
-		OCMNamespace:      "/public",
-		PublicURL:         "https://localhost:9200",
-		Insecure:          false,
-		Timeout:           84300,
-		MachineAuthAPIKey: "",
-		Status: config.Status{
-			Version:        version.Legacy,
-			VersionString:  version.LegacyString,
-			ProductVersion: version.GetString(),
-			Product:        "OpenCloud",
-			ProductName:    "OpenCloud",
-			Edition:        "",
-		},
-	}
-}
-
-// EnsureDefaults adds default values to the configuration if they are not set yet
-func EnsureDefaults(cfg *config.Config) {
-	// provide with defaults for shared logging, since we need a valid destination address for "envdecode".
-	if cfg.Log == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
-		cfg.Log = &config.Log{
-			Level:  cfg.Commons.Log.Level,
-			Pretty: cfg.Commons.Log.Pretty,
-			Color:  cfg.Commons.Log.Color,
-			File:   cfg.Commons.Log.File,
-		}
-	} else if cfg.Log == nil {
-		cfg.Log = &config.Log{}
-	}
-
-	if cfg.Reva == nil && cfg.Commons != nil {
-		cfg.Reva = structs.CopyOrZeroValue(cfg.Commons.Reva)
-	}
-
-	if cfg.TokenManager == nil && cfg.Commons != nil && cfg.Commons.TokenManager != nil {
-		cfg.TokenManager = &config.TokenManager{
-			JWTSecret: cfg.Commons.TokenManager.JWTSecret,
-		}
-	} else if cfg.TokenManager == nil {
-		cfg.TokenManager = &config.TokenManager{}
-	}
-
-	if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" {
-		cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey
-	}
-
-	if (cfg.Commons != nil && cfg.Commons.OpenCloudURL != "") &&
-		(cfg.HTTP.CORS.AllowedOrigins == nil ||
-			len(cfg.HTTP.CORS.AllowedOrigins) == 1 &&
-				cfg.HTTP.CORS.AllowedOrigins[0] == "https://localhost:9200") {
-		cfg.HTTP.CORS.AllowedOrigins = []string{cfg.Commons.OpenCloudURL}
-	}
-}
-
-// Sanitize sanitizes the configuration
-func Sanitize(cfg *config.Config) {
-	// nothing to sanitize here atm
-}

services/ocdav/pkg/config/parser/parse.go

@@ -1,50 +0,0 @@
-package parser
-
-import (
-	"errors"
-
-	occfg "github.com/opencloud-eu/opencloud/pkg/config"
-	"github.com/opencloud-eu/opencloud/pkg/shared"
-	"github.com/opencloud-eu/opencloud/services/ocdav/pkg/config"
-	"github.com/opencloud-eu/opencloud/services/ocdav/pkg/config/defaults"
-
-	"github.com/opencloud-eu/opencloud/pkg/config/envdecode"
-)
-
-// ParseConfig loads configuration from known paths.
-func ParseConfig(cfg *config.Config) error {
-	err := occfg.BindSourcesToStructs(cfg.Service.Name, cfg)
-	if err != nil {
-		return err
-	}
-
-	defaults.EnsureDefaults(cfg)
-
-	// load all env variables relevant to the config in the current context.
-	if err := envdecode.Decode(cfg); err != nil {
-		// no environment variable set for this config is an expected "error"
-		if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) {
-			return err
-		}
-	}
-
-	defaults.Sanitize(cfg)
-
-	return Validate(cfg)
-}
-
-func Validate(cfg *config.Config) error {
-	if cfg.TokenManager.JWTSecret == "" {
-		return shared.MissingJWTTokenError(cfg.Service.Name)
-	}
-
-	if cfg.MachineAuthAPIKey == "" {
-		return shared.MissingMachineAuthApiKeyError(cfg.Service.Name)
-	}
-
-	if cfg.Commons.URLSigningSecret == "" {
-		return shared.MissingURLSigningSecret(cfg.Service.Name)
-	}
-
-	return nil
-}

services/ocdav/pkg/config/reva.go

@@ -1,6 +0,0 @@
-package config
-
-// TokenManager is the config for using the reva token manager
-type TokenManager struct {
-	JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;OCDAV_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"1.0.0"`
-}

services/ocdav/pkg/logging/logging.go

@@ -1,17 +0,0 @@
-package logging
-
-import (
-	"github.com/opencloud-eu/opencloud/pkg/log"
-	"github.com/opencloud-eu/opencloud/services/ocdav/pkg/config"
-)
-
-// Configure initializes a service-specific logger instance.
-func Configure(name string, cfg *config.Log) log.Logger {
-	return log.NewLogger(
-		log.Name(name),
-		log.Level(cfg.Level),
-		log.Pretty(cfg.Pretty),
-		log.Color(cfg.Color),
-		log.File(cfg.File),
-	)
-}

services/ocdav/pkg/server/debug/option.go

@@ -1,50 +0,0 @@
-package debug
-
-import (
-	"context"
-
-	"github.com/opencloud-eu/opencloud/pkg/log"
-	"github.com/opencloud-eu/opencloud/services/ocdav/pkg/config"
-)
-
-// Option defines a single option function.
-type Option func(o *Options)
-
-// Options defines the available options for this package.
-type Options struct {
-	Logger  log.Logger
-	Context context.Context
-	Config  *config.Config
-}
-
-// newOptions initializes the available default options.
-func newOptions(opts ...Option) Options {
-	opt := Options{}
-
-	for _, o := range opts {
-		o(&opt)
-	}
-
-	return opt
-}
-
-// Logger provides a function to set the logger option.
-func Logger(val log.Logger) Option {
-	return func(o *Options) {
-		o.Logger = val
-	}
-}
-
-// Context provides a function to set the context option.
-func Context(val context.Context) Option {
-	return func(o *Options) {
-		o.Context = val
-	}
-}
-
-// Config provides a function to set the config option.
-func Config(val *config.Config) Option {
-	return func(o *Options) {
-		o.Config = val
-	}
-}

services/ocdav/pkg/server/debug/server.go

@@ -1,27 +0,0 @@
-package debug
-
-import (
-	"net/http"
-
-	"github.com/opencloud-eu/opencloud/pkg/service/debug"
-	"github.com/opencloud-eu/opencloud/pkg/version"
-)
-
-// Server initializes the debug service and server.
-func Server(opts ...Option) (*http.Server, error) {
-	options := newOptions(opts...)
-
-	return debug.NewService(
-		debug.Logger(options.Logger),
-		debug.Name(options.Config.Service.Name),
-		debug.Version(version.GetString()),
-		debug.Address(options.Config.Debug.Addr),
-		debug.Token(options.Config.Debug.Token),
-		debug.Pprof(options.Config.Debug.Pprof),
-		debug.Zpages(options.Config.Debug.Zpages),
-		//debug.CorsAllowedOrigins(options.Config.HTTP.CORS.AllowedOrigins),
-		//debug.CorsAllowedMethods(options.Config.HTTP.CORS.AllowedMethods),
-		//debug.CorsAllowedHeaders(options.Config.HTTP.CORS.AllowedHeaders),
-		//debug.CorsAllowCredentials(options.Config.HTTP.CORS.AllowCredentials),
-	), nil
-}

services/ocm/pkg/config/config.go

@@ -154,7 +154,7 @@ type OCMShareProviderJSONDriver struct {
 type Events struct {
 	Endpoint             string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;OCM_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"1.0.0"`
 	Cluster              string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;OCM_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"1.0.0"`
-	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;OCM_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
+	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;OC_EVENTS_TLS_INSECURE;OCM_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
 	TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;OCM_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided OCM_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"1.0.0"`
 	EnableTLS            bool   `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;OCM_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`
 	AuthUsername         string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;OCM_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`

services/policies/pkg/config/config.go

@@ -50,7 +50,7 @@ type Postprocessing struct {
 type Events struct {
 	Endpoint             string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;POLICIES_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"1.0.0"`
 	Cluster              string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;POLICIES_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"1.0.0"`
-	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;POLICIES_EVENTS_TLS_INSECURE" desc:"Whether the server should skip the client certificate verification during the TLS handshake." introductionVersion:"1.0.0"`
+	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;OC_EVENTS_TLS_INSECURE;POLICIES_EVENTS_TLS_INSECURE" desc:"Whether the server should skip the client certificate verification during the TLS handshake." introductionVersion:"1.0.0"`
 	TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;POLICIES_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided POLICIES_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"1.0.0"`
 	EnableTLS            bool   `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;POLICIES_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`
 	AuthUsername         string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;POLICIES_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`

services/postprocessing/pkg/config/config.go

@@ -39,7 +39,7 @@ type Events struct {
 	Endpoint string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;POSTPROCESSING_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"1.0.0"`
 	Cluster  string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;POSTPROCESSING_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"1.0.0"`
 
-	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;POSTPROCESSING_EVENTS_TLS_INSECURE" desc:"Whether the OpenCloud server should skip the client certificate verification during the TLS handshake." introductionVersion:"1.0.0"`
+	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;OC_EVENTS_TLS_INSECURE;POSTPROCESSING_EVENTS_TLS_INSECURE" desc:"Whether the OpenCloud server should skip the client certificate verification during the TLS handshake." introductionVersion:"1.0.0"`
 	TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;POSTPROCESSING_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided POSTPROCESSING_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"1.0.0"`
 	EnableTLS            bool   `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;POSTPROCESSING_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`
 	AuthUsername         string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;POSTPROCESSING_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`

services/proxy/README.md

@@ -28,7 +28,7 @@ policies:
       - endpoint: /
         service: eu.opencloud.web.web
       - endpoint: /dav/
-        service: eu.opencloud.web.ocdav
+        service: eu.opencloud.web.frontend
 ```
 
 For adding _additional_ routes to the default routes use:

services/proxy/pkg/config/config.go

@@ -227,7 +227,7 @@ type ServiceAccount struct {
 type Events struct {
 	Endpoint             string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;PROXY_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Set to a empty string to disable emitting events." introductionVersion:"1.0.0"`
 	Cluster              string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;PROXY_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"1.0.0"`
-	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;PROXY_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
+	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;OC_EVENTS_TLS_INSECURE;PROXY_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
 	TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;PROXY_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided PROXY_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"1.0.0"`
 	EnableTLS            bool   `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;PROXY_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`
 	AuthUsername         string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;PROXY_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`

services/proxy/pkg/config/defaults/defaultconfig.go

@@ -223,33 +223,33 @@ func DefaultPolicies() []config.Policy {
 				},
 				{
 					Endpoint: "/remote.php/",
-					Service:  "eu.opencloud.web.ocdav",
+					Service:  "eu.opencloud.web.frontend",
 				},
 				{
 					Endpoint: "/dav/",
-					Service:  "eu.opencloud.web.ocdav",
+					Service:  "eu.opencloud.web.frontend",
 				},
 				{
 					Endpoint: "/webdav/",
-					Service:  "eu.opencloud.web.ocdav",
+					Service:  "eu.opencloud.web.frontend",
 				},
 				{
 					Endpoint:    "/status",
-					Service:     "eu.opencloud.web.ocdav",
+					Service:     "eu.opencloud.web.frontend",
 					Unprotected: true,
 				},
 				{
 					Endpoint:    "/status.php",
-					Service:     "eu.opencloud.web.ocdav",
+					Service:     "eu.opencloud.web.frontend",
 					Unprotected: true,
 				},
 				{
 					Endpoint: "/index.php/",
-					Service:  "eu.opencloud.web.ocdav",
+					Service:  "eu.opencloud.web.frontend",
 				},
 				{
 					Endpoint: "/apps/",
-					Service:  "eu.opencloud.web.ocdav",
+					Service:  "eu.opencloud.web.frontend",
 				},
 				{
 					Endpoint:    "/data",
@@ -262,7 +262,7 @@ func DefaultPolicies() []config.Policy {
 					Unprotected: true,
 				},
 				{
-					Endpoint: "/app/", // /app or /apps? ocdav only handles /apps
+					Endpoint: "/app/", // /app or /apps? frontend only handles /apps
 					Service:  "eu.opencloud.web.frontend",
 				},
 				{

services/proxy/pkg/router/router_test.go

@@ -127,7 +127,7 @@ func TestRouter(t *testing.T) {
 			Name: "default",
 			Routes: []config.Route{
 				{Type: config.PrefixRoute, Endpoint: "/web/unprotected/demo/", Backend: "http://web", Unprotected: true},
-				{Type: config.PrefixRoute, Endpoint: "/dav", Backend: "http://ocdav"},
+				{Type: config.PrefixRoute, Endpoint: "/dav", Backend: "http://frontend"},
 				{Type: config.PrefixRoute, Method: "REPORT", Endpoint: "/dav", Backend: "http://opencloud-webdav"},
 			},
 		},
@@ -138,7 +138,7 @@ func TestRouter(t *testing.T) {
 	router := New(sel, policySelectorCfg, policies, log.NewLogger())
 
 	table := []matchertest{
-		{method: "PROPFIND", endpoint: "/dav/files/demo/", target: "ocdav"},
+		{method: "PROPFIND", endpoint: "/dav/files/demo/", target: "frontend"},
 		{method: "REPORT", endpoint: "/dav/files/demo/", target: "opencloud-webdav"},
 		{method: "GET", endpoint: "/web/unprotected/demo/", target: "web", unprotected: true},
 	}

services/search/pkg/config/search.go

@@ -11,7 +11,7 @@ type Events struct {
 	NumConsumers     int    `yaml:"num_consumers" env:"SEARCH_EVENTS_NUM_CONSUMERS" desc:"The amount of concurrent event consumers to start. Event consumers are used for searching files. Multiple consumers increase parallelisation, but will also increase CPU and memory demands." introductionVersion:"1.0.0"`
 	DebounceDuration int    `yaml:"debounce_duration" env:"SEARCH_EVENTS_REINDEX_DEBOUNCE_DURATION" desc:"The duration in milliseconds the reindex debouncer waits before triggering a reindex of a space that was modified." introductionVersion:"1.0.0"`
 
-	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;SEARCH_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
+	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;OC_EVENTS_TLS_INSECURE;SEARCH_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
 	TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;SEARCH_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided SEARCH_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"1.0.0"`
 	EnableTLS            bool   `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;SEARCH_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`
 	AuthUsername         string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;SEARCH_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`

services/settings/pkg/service/v0/l10n/locale/ca/LC_MESSAGES/settings.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Ivan Fustero, 2025\n"
 "Language-Team: Catalan (https://app.transifex.com/opencloud-eu/teams/204053/ca/)\n"

services/settings/pkg/service/v0/l10n/locale/de/LC_MESSAGES/settings.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Jörn Friedrich Dreyer <jfd@butonic.de>, 2025\n"
 "Language-Team: German (https://app.transifex.com/opencloud-eu/teams/204053/de/)\n"

services/settings/pkg/service/v0/l10n/locale/es/LC_MESSAGES/settings.po

@@ -12,7 +12,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Alejandro Robles, 2025\n"
 "Language-Team: Spanish (https://app.transifex.com/opencloud-eu/teams/204053/es/)\n"

services/settings/pkg/service/v0/l10n/locale/fr/LC_MESSAGES/settings.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: eric_G <junk.eg@free.fr>, 2025\n"
 "Language-Team: French (https://app.transifex.com/opencloud-eu/teams/204053/fr/)\n"

services/settings/pkg/service/v0/l10n/locale/it/LC_MESSAGES/settings.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Simone Pagano, 2025\n"
 "Language-Team: Italian (https://app.transifex.com/opencloud-eu/teams/204053/it/)\n"

services/settings/pkg/service/v0/l10n/locale/ko/LC_MESSAGES/settings.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: gapho shin, 2025\n"
 "Language-Team: Korean (https://app.transifex.com/opencloud-eu/teams/204053/ko/)\n"

services/settings/pkg/service/v0/l10n/locale/nl/LC_MESSAGES/settings.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-12 00:01+0000\n"
+"POT-Creation-Date: 2025-12-03 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Stephan Paternotte <stephan@paternottes.net>, 2025\n"
 "Language-Team: Dutch (https://app.transifex.com/opencloud-eu/teams/204053/nl/)\n"

services/settings/pkg/service/v0/l10n/locale/ru/LC_MESSAGES/settings.po

@@ -12,7 +12,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Lulufox, 2025\n"
 "Language-Team: Russian (https://app.transifex.com/opencloud-eu/teams/204053/ru/)\n"

services/settings/pkg/service/v0/l10n/locale/sv/LC_MESSAGES/settings.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Davis Kaza, 2025\n"
 "Language-Team: Swedish (https://app.transifex.com/opencloud-eu/teams/204053/sv/)\n"

services/settings/pkg/service/v0/l10n/locale/zh/LC_MESSAGES/settings.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: YQS Yang, 2025\n"
 "Language-Team: Chinese (https://app.transifex.com/opencloud-eu/teams/204053/zh/)\n"

services/sharing/pkg/config/config.go

@@ -149,7 +149,7 @@ type PublicSharingJSONCS3Driver struct {
 type Events struct {
 	Addr              string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;SHARING_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"1.0.0"`
 	ClusterID         string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;SHARING_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"1.0.0"`
-	TLSInsecure       bool   `yaml:"tls_insecure" env:"OC_INSECURE;SHARING_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
+	TLSInsecure       bool   `yaml:"tls_insecure" env:"OC_INSECURE;OC_EVENTS_TLS_INSECURE;SHARING_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
 	TLSRootCaCertPath string `yaml:"tls_root_ca_cert_path" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;SHARING_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided SHARING_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"1.0.0"`
 	EnableTLS         bool   `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;SHARING_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`
 	AuthUsername      string `yaml:"auth_username" env:"OC_EVENTS_AUTH_USERNAME;SHARING_EVENTS_AUTH_USERNAME" desc:"Username for the events broker." introductionVersion:"1.0.0"`

services/sse/pkg/config/config.go

@@ -49,7 +49,7 @@ type Debug struct {
 type Events struct {
 	Endpoint             string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;SSE_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"1.0.0"`
 	Cluster              string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;SSE_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"1.0.0"`
-	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;SSE_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
+	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;OC_EVENTS_TLS_INSECURE;SSE_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
 	TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;SSE_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided SSE_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"1.0.0"`
 	EnableTLS            bool   `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;SSE_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`
 	AuthUsername         string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;SSE_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`

services/storage-publiclink/README.md

@@ -12,7 +12,7 @@ This service is part of the storage services family and is responsible for:
 
 The storage-publiclink service integrates with:
 - `sharing` service - Manages and persists public link shares
-- `frontend` and `ocdav` - Provide HTTP/WebDAV access to public links
+- `frontend` service - Provides HTTP/WebDAV access to public links
 - Storage drivers - Accesses the actual file content
 
 ## Storage Registry

services/storage-shares/README.md

@@ -13,7 +13,7 @@ This service is part of the storage services family and is responsible for:
 The storage-shares service integrates with:
 - `sharing` service - Manages and persists shares
 - `storage-users` service - Accesses the underlying file content
-- `frontend` and `ocdav` - Provide HTTP/WebDAV access to shares
+- `frontend` service - Provides HTTP/WebDAV access to shares
 
 ## Virtual Shares Folder
 

services/storage-users/pkg/config/config.go

@@ -224,7 +224,7 @@ type PosixDriver struct {
 type Events struct {
 	Addr              string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;STORAGE_USERS_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"1.0.0"`
 	ClusterID         string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;STORAGE_USERS_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"1.0.0"`
-	TLSInsecure       bool   `yaml:"tls_insecure" env:"OC_INSECURE;STORAGE_USERS_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
+	TLSInsecure       bool   `yaml:"tls_insecure" env:"OC_INSECURE;OC_EVENTS_TLS_INSECURE;STORAGE_USERS_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
 	TLSRootCaCertPath string `yaml:"tls_root_ca_cert_path" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;STORAGE_USERS_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided STORAGE_USERS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"1.0.0"`
 	EnableTLS         bool   `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;STORAGE_USERS_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`
 	NumConsumers      int    `yaml:"num_consumers" env:"STORAGE_USERS_EVENTS_NUM_CONSUMERS" desc:"The amount of concurrent event consumers to start. Event consumers are used for post-processing files. Multiple consumers increase parallelisation, but will also increase CPU and memory demands. The setting has no effect when the OC_ASYNC_UPLOADS is set to false. The default and minimum value is 1." introductionVersion:"1.0.0"`

services/userlog/pkg/config/config.go

@@ -52,7 +52,7 @@ type Persistence struct {
 type Events struct {
 	Endpoint             string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;USERLOG_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"1.0.0"`
 	Cluster              string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;USERLOG_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"1.0.0"`
-	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;USERLOG_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
+	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;OC_EVENTS_TLS_INSECURE;USERLOG_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"1.0.0"`
 	TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;USERLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"1.0.0"`
 	EnableTLS            bool   `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;USERLOG_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`
 	AuthUsername         string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;USERLOG_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"1.0.0"`

services/userlog/pkg/service/l10n/locale/ca/LC_MESSAGES/userlog.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Ivan Fustero, 2025\n"
 "Language-Team: Catalan (https://app.transifex.com/opencloud-eu/teams/204053/ca/)\n"

services/userlog/pkg/service/l10n/locale/de/LC_MESSAGES/userlog.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Jörn Friedrich Dreyer <jfd@butonic.de>, 2025\n"
 "Language-Team: German (https://app.transifex.com/opencloud-eu/teams/204053/de/)\n"

services/userlog/pkg/service/l10n/locale/es/LC_MESSAGES/userlog.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Elías Martín, 2025\n"
 "Language-Team: Spanish (https://app.transifex.com/opencloud-eu/teams/204053/es/)\n"

services/userlog/pkg/service/l10n/locale/fr/LC_MESSAGES/userlog.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-11-30 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: eric_G <junk.eg@free.fr>, 2025\n"
 "Language-Team: French (https://app.transifex.com/opencloud-eu/teams/204053/fr/)\n"