From 15119fdcc627f9e13856ddc6f8eee16f0c62b96f Mon Sep 17 00:00:00 2001
From: openclouders <devops@opencloud.eu>
Date: Tue, 13 Jan 2026 14:33:04 +0000
Subject: [PATCH] Update docs with latest env vars

---
 static/env-vars/activitylog.yaml              |   6 +-
 static/env-vars/activitylog_configvars.md     |   7 +-
 static/env-vars/activitylog_readme.md         |   2 +-
 static/env-vars/antivirus.yaml                |   6 +-
 static/env-vars/antivirus_configvars.md       |   7 +-
 static/env-vars/antivirus_readme.md           |  10 +-
 static/env-vars/app-provider.yaml             |   6 +-
 static/env-vars/app-provider_configvars.md    |   5 +-
 static/env-vars/app-provider_readme.md        |   2 +-
 static/env-vars/app-registry.yaml             |   6 +-
 static/env-vars/app-registry_configvars.md    |   5 +-
 static/env-vars/app-registry_readme.md        |   2 +-
 static/env-vars/audit.yaml                    |   6 +-
 static/env-vars/audit_configvars.md           |   7 +-
 static/env-vars/audit_readme.md               |   2 +-
 static/env-vars/auth-app.yaml                 |   6 +-
 static/env-vars/auth-app_configvars.md        |   5 +-
 static/env-vars/auth-app_readme.md            |   2 +-
 static/env-vars/auth-basic.yaml               |   8 +-
 static/env-vars/auth-basic_configvars.md      |   7 +-
 static/env-vars/auth-basic_readme.md          |   2 +-
 static/env-vars/auth-bearer.yaml              |   6 +-
 static/env-vars/auth-bearer_configvars.md     |   5 +-
 static/env-vars/auth-bearer_readme.md         |   2 +-
 static/env-vars/auth-machine.yaml             |   6 +-
 static/env-vars/auth-machine_configvars.md    |   5 +-
 static/env-vars/auth-machine_readme.md        |   2 +-
 static/env-vars/auth-service.yaml             |   6 +-
 static/env-vars/auth-service_configvars.md    |   5 +-
 static/env-vars/auth-service_readme.md        |   2 +-
 static/env-vars/clientlog.yaml                |   6 +-
 static/env-vars/clientlog_configvars.md       |   7 +-
 static/env-vars/clientlog_readme.md           |   2 +-
 static/env-vars/collaboration.yaml            |   6 +-
 static/env-vars/collaboration_configvars.md   |   5 +-
 static/env-vars/collaboration_readme.md       |   2 +-
 static/env-vars/eventhistory.yaml             |   6 +-
 static/env-vars/eventhistory_configvars.md    |   7 +-
 static/env-vars/eventhistory_readme.md        |   2 +-
 static/env-vars/extended_configvars.md        | 325 +++++++++++++++++-
 static/env-vars/frontend.yaml                 |  28 +-
 static/env-vars/frontend_configvars.md        |  27 +-
 static/env-vars/frontend_readme.md            |   2 +-
 static/env-vars/gateway.yaml                  |   6 +-
 static/env-vars/gateway_configvars.md         |   5 +-
 static/env-vars/gateway_readme.md             |   2 +-
 static/env-vars/global_configvars.md          |  75 ++--
 static/env-vars/graph.yaml                    |   8 +-
 static/env-vars/graph_configvars.md           |   9 +-
 static/env-vars/graph_readme.md               |   2 +-
 static/env-vars/groups.yaml                   |   8 +-
 static/env-vars/groups_configvars.md          |   7 +-
 static/env-vars/groups_readme.md              |   2 +-
 static/env-vars/idm.yaml                      |  12 +-
 static/env-vars/idm_configvars.md             |  11 +-
 static/env-vars/idm_readme.md                 |   2 +-
 static/env-vars/idp.yaml                      |  16 +-
 static/env-vars/idp_configvars.md             |  15 +-
 static/env-vars/idp_readme.md                 |   2 +-
 static/env-vars/invitations.yaml              |   6 +-
 static/env-vars/invitations_configvars.md     |   5 +-
 static/env-vars/invitations_readme.md         |   2 +-
 static/env-vars/nats.yaml                     |  12 +-
 static/env-vars/nats_configvars.md            |  11 +-
 static/env-vars/nats_readme.md                |   2 +-
 static/env-vars/notifications.yaml            |   6 +-
 static/env-vars/notifications_configvars.md   |   7 +-
 static/env-vars/notifications_readme.md       |   2 +-
 static/env-vars/ocm.yaml                      |  16 +-
 static/env-vars/ocm_configvars.md             |  17 +-
 static/env-vars/ocm_readme.md                 |   2 +-
 static/env-vars/ocs.yaml                      |   6 +-
 static/env-vars/ocs_configvars.md             |   5 +-
 static/env-vars/ocs_readme.md                 |   2 +-
 static/env-vars/policies.yaml                 |   6 +-
 static/env-vars/policies_configvars.md        |   7 +-
 static/env-vars/policies_readme.md            |   4 +-
 static/env-vars/postprocessing.yaml           |   6 +-
 static/env-vars/postprocessing_configvars.md  |   7 +-
 static/env-vars/postprocessing_readme.md      |   2 +-
 static/env-vars/proxy.yaml                    |  24 +-
 static/env-vars/proxy_configvars.md           |  13 +-
 static/env-vars/proxy_readme.md               |   4 +-
 static/env-vars/search.yaml                   |   8 +-
 static/env-vars/search_configvars.md          |   9 +-
 static/env-vars/search_readme.md              |   2 +-
 static/env-vars/settings.yaml                 |   6 +-
 static/env-vars/settings_configvars.md        |   5 +-
 static/env-vars/settings_readme.md            |   2 +-
 static/env-vars/sharing.yaml                  |  10 +-
 static/env-vars/sharing_configvars.md         |  11 +-
 static/env-vars/sharing_readme.md             |   2 +-
 static/env-vars/sse.yaml                      |   6 +-
 static/env-vars/sse_configvars.md             |   7 +-
 static/env-vars/sse_readme.md                 |   2 +-
 static/env-vars/storage-publiclink.yaml       |   6 +-
 .../env-vars/storage-publiclink_configvars.md |   5 +-
 static/env-vars/storage-publiclink_readme.md  |   4 +-
 static/env-vars/storage-shares.yaml           |   6 +-
 static/env-vars/storage-shares_configvars.md  |   5 +-
 static/env-vars/storage-shares_readme.md      |   4 +-
 static/env-vars/storage-system.yaml           |   8 +-
 static/env-vars/storage-system_configvars.md  |   7 +-
 static/env-vars/storage-system_readme.md      |   2 +-
 static/env-vars/storage-users.yaml            |  16 +-
 static/env-vars/storage-users_configvars.md   |  19 +-
 static/env-vars/storage-users_readme.md       |   2 +-
 static/env-vars/thumbnails.yaml               |   8 +-
 static/env-vars/thumbnails_configvars.md      |   7 +-
 static/env-vars/thumbnails_readme.md          |   2 +-
 static/env-vars/userlog.yaml                  |   6 +-
 static/env-vars/userlog_configvars.md         |   7 +-
 static/env-vars/userlog_readme.md             |   2 +-
 static/env-vars/users.yaml                    |   8 +-
 static/env-vars/users_configvars.md           |   7 +-
 static/env-vars/users_readme.md               |   2 +-
 static/env-vars/web.yaml                      |  12 +-
 static/env-vars/web_configvars.md             |  11 +-
 static/env-vars/web_readme.md                 |   2 +-
 static/env-vars/webdav.yaml                   |   6 +-
 static/env-vars/webdav_configvars.md          |   5 +-
 static/env-vars/webdav_readme.md              |   4 +-
 static/env-vars/webfinger.yaml                |   6 +-
 static/env-vars/webfinger_configvars.md       |   5 +-
 static/env-vars/webfinger_readme.md           |   2 +-
 125 files changed, 626 insertions(+), 559 deletions(-)
 mode change 100644 => 100755 static/env-vars/activitylog_readme.md
 mode change 100644 => 100755 static/env-vars/antivirus_readme.md
 mode change 100644 => 100755 static/env-vars/app-provider_readme.md
 mode change 100644 => 100755 static/env-vars/app-registry_readme.md
 mode change 100644 => 100755 static/env-vars/audit_readme.md
 mode change 100644 => 100755 static/env-vars/auth-app_readme.md
 mode change 100644 => 100755 static/env-vars/auth-basic_readme.md
 mode change 100644 => 100755 static/env-vars/auth-bearer_readme.md
 mode change 100644 => 100755 static/env-vars/auth-machine_readme.md
 mode change 100644 => 100755 static/env-vars/auth-service_readme.md
 mode change 100644 => 100755 static/env-vars/clientlog_readme.md
 mode change 100644 => 100755 static/env-vars/collaboration_readme.md
 mode change 100644 => 100755 static/env-vars/eventhistory_readme.md
 mode change 100644 => 100755 static/env-vars/frontend_readme.md
 mode change 100644 => 100755 static/env-vars/gateway_readme.md
 mode change 100644 => 100755 static/env-vars/graph_readme.md
 mode change 100644 => 100755 static/env-vars/groups_readme.md
 mode change 100644 => 100755 static/env-vars/idm_readme.md
 mode change 100644 => 100755 static/env-vars/idp_readme.md
 mode change 100644 => 100755 static/env-vars/invitations_readme.md
 mode change 100644 => 100755 static/env-vars/nats_readme.md
 mode change 100644 => 100755 static/env-vars/notifications_readme.md
 mode change 100644 => 100755 static/env-vars/ocm_readme.md
 mode change 100644 => 100755 static/env-vars/ocs_readme.md
 mode change 100644 => 100755 static/env-vars/policies_readme.md
 mode change 100644 => 100755 static/env-vars/postprocessing_readme.md
 mode change 100644 => 100755 static/env-vars/proxy_readme.md
 mode change 100644 => 100755 static/env-vars/search_readme.md
 mode change 100644 => 100755 static/env-vars/settings_readme.md
 mode change 100644 => 100755 static/env-vars/sse_readme.md
 mode change 100644 => 100755 static/env-vars/storage-publiclink_readme.md
 mode change 100644 => 100755 static/env-vars/storage-shares_readme.md
 mode change 100644 => 100755 static/env-vars/storage-system_readme.md
 mode change 100644 => 100755 static/env-vars/storage-users_readme.md
 mode change 100644 => 100755 static/env-vars/thumbnails_readme.md
 mode change 100644 => 100755 static/env-vars/userlog_readme.md
 mode change 100644 => 100755 static/env-vars/users_readme.md
 mode change 100644 => 100755 static/env-vars/web_readme.md
 mode change 100644 => 100755 static/env-vars/webdav_readme.md
 mode change 100644 => 100755 static/env-vars/webfinger_readme.md

diff --git a/static/env-vars/activitylog.yaml b/static/env-vars/activitylog.yaml
index b2bdf545..4227cda1 100644
--- a/static/env-vars/activitylog.yaml
+++ b/static/env-vars/activitylog.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: activitylog.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9197
   token: ""
diff --git a/static/env-vars/activitylog_configvars.md b/static/env-vars/activitylog_configvars.md
index d3e04384..c4ea3285 100644
--- a/static/env-vars/activitylog_configvars.md
+++ b/static/env-vars/activitylog_configvars.md
@@ -2,17 +2,14 @@ Environment variables for the **activitylog** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`ACTIVITYLOG_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`ACTIVITYLOG_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`ACTIVITYLOG_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`ACTIVITYLOG_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`ACTIVITYLOG_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`ACTIVITYLOG_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9197`|
 |`ACTIVITYLOG_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`ACTIVITYLOG_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
 |`ACTIVITYLOG_DEBUG_ZPAGES`| 1.0.0 |bool|`Enables zpages, which can be used for collecting and viewing in-memory traces.`|`false`|
 |`OC_EVENTS_ENDPOINT`| 1.0.0 |string|`The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.`|`127.0.0.1:9233`|
 |`OC_EVENTS_CLUSTER`| 1.0.0 |string|`The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system.`|`opencloud-cluster`|
-|`OC_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
+|`OC_INSECURE`<br/>`OC_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
 |`OC_EVENTS_TLS_ROOT_CA_CERTIFICATE`| 1.0.0 |string|`The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false.`|``|
 |`OC_EVENTS_ENABLE_TLS`| 1.0.0 |bool|`Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|`false`|
 |`OC_EVENTS_AUTH_USERNAME`| 1.0.0 |string|`The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|``|
diff --git a/static/env-vars/activitylog_readme.md b/static/env-vars/activitylog_readme.md
old mode 100644
new mode 100755
index f80fc09e..f705bcbe
--- a/static/env-vars/activitylog_readme.md
+++ b/static/env-vars/activitylog_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Activitylog
-date: 2025-11-27T22:56:02.331192+01:00
+date: 2026-01-13T14:33:04.555046952Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/activitylog
diff --git a/static/env-vars/antivirus.yaml b/static/env-vars/antivirus.yaml
index 43a9d201..28b354ee 100644
--- a/static/env-vars/antivirus.yaml
+++ b/static/env-vars/antivirus.yaml
@@ -2,11 +2,7 @@
 # Filename: antivirus.yaml
 
 file: ""
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9277
   token: ""
diff --git a/static/env-vars/antivirus_configvars.md b/static/env-vars/antivirus_configvars.md
index 092c14d0..e46a295d 100644
--- a/static/env-vars/antivirus_configvars.md
+++ b/static/env-vars/antivirus_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **antivirus** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`ANTIVIRUS_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`ANTIVIRUS_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`ANTIVIRUS_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`ANTIVIRUS_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`ANTIVIRUS_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`ANTIVIRUS_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9277`|
 |`ANTIVIRUS_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`ANTIVIRUS_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
@@ -13,7 +10,7 @@ Environment variables for the **antivirus** service
 |`ANTIVIRUS_INFECTED_FILE_HANDLING`| 1.0.0 |string|`Defines the behaviour when a virus has been found. Supported options are: 'delete', 'continue' and 'abort '. Delete will delete the file. Continue will mark the file as infected but continues further processing. Abort will keep the file in the uploads folder for further admin inspection and will not move it to its final destination.`|`delete`|
 |`OC_EVENTS_ENDPOINT`<br/>`ANTIVIRUS_EVENTS_ENDPOINT`| 1.0.0 |string|`The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.`|`127.0.0.1:9233`|
 |`OC_EVENTS_CLUSTER`<br/>`ANTIVIRUS_EVENTS_CLUSTER`| 1.0.0 |string|`The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system.`|`opencloud-cluster`|
-|`OC_INSECURE`<br/>`ANTIVIRUS_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
+|`OC_INSECURE`<br/>`OC_EVENTS_TLS_INSECURE`<br/>`ANTIVIRUS_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
 |`OC_EVENTS_TLS_ROOT_CA_CERTIFICATE`<br/>`ANTIVIRUS_EVENTS_TLS_ROOT_CA_CERTIFICATE`| 1.0.0 |string|`The root CA certificate used to validate the server's TLS certificate. If provided ANTIVIRUS_EVENTS_TLS_INSECURE will be seen as false.`|``|
 |`OC_EVENTS_ENABLE_TLS`<br/>`ANTIVIRUS_EVENTS_ENABLE_TLS`| 1.0.0 |bool|`Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|`false`|
 |`OC_EVENTS_AUTH_USERNAME`<br/>`ANTIVIRUS_EVENTS_AUTH_USERNAME`| 1.0.0 |string|`The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|``|
diff --git a/static/env-vars/antivirus_readme.md b/static/env-vars/antivirus_readme.md
old mode 100644
new mode 100755
index 8ca479e5..2b7ce3c6
--- a/static/env-vars/antivirus_readme.md
+++ b/static/env-vars/antivirus_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Antivirus
-date: 2025-11-27T22:56:02.331592+01:00
+date: 2026-01-13T14:33:04.55544793Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/antivirus
@@ -63,13 +63,13 @@ Several factors can make it necessary to limit the maximum filesize the antiviru
 Use the `ANTIVIRUS_MAX_SCAN_SIZE` environment variable to scan only a given number of bytes,
 or to skip the whole resource.
 
-Even if it's recommended to scan the whole file, several factors like scanner type and version,
+Even if it is recommended to scan the whole file, several factors like scanner type and version,
 bandwidth, performance issues, etc. might make a limit necessary.
 
-In such cases, the antivirus the max scan size mode can be handy, the following modes are available:
+In such cases, the antivirus max scan size mode can be handy, the following modes are available:
 
-  -   `partial`: The file is scanned up to the given size. The rest of the file is not scanned. This is the default mode `ANTIVIRUS_MAX_SCAN_SIZE=partial`
-  -   `skip`: The file is skipped and not scanned. `ANTIVIRUS_MAX_SCAN_SIZE=skip`
+  -   `partial`: The file is scanned up to the given size. The rest of the file is not scanned. This is the default mode `ANTIVIRUS_MAX_SCAN_SIZE_MODE=partial`
+  -   `skip`: The file is skipped and not scanned. `ANTIVIRUS_MAX_SCAN_SIZE_MODE=skip`
 
 **IMPORTANT**
 > Streaming of files to the virus scan service still [needs to be implemented](https://github.com/owncloud/ocis/issues/6803).
diff --git a/static/env-vars/app-provider.yaml b/static/env-vars/app-provider.yaml
index 8e19ea51..917bf3ac 100644
--- a/static/env-vars/app-provider.yaml
+++ b/static/env-vars/app-provider.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: app-provider.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9165
   token: ""
diff --git a/static/env-vars/app-provider_configvars.md b/static/env-vars/app-provider_configvars.md
index ae45b515..67310fd8 100644
--- a/static/env-vars/app-provider_configvars.md
+++ b/static/env-vars/app-provider_configvars.md
@@ -3,10 +3,7 @@ Environment variables for the **app-provider** service
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
 |`APP_PROVIDER_SERVICE_NAME`| 1.0.0 |string|`The name of the service. This needs to be changed when using more than one app provider. Each app provider configured needs to be identified by a unique service name. Possible examples are: 'app-provider-collabora', 'app-provider-onlyoffice', 'app-provider-office365'.`|`app-provider`|
-|`OC_LOG_LEVEL`<br/>`APP_PROVIDER_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`APP_PROVIDER_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`APP_PROVIDER_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`APP_PROVIDER_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`APP_PROVIDER_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`APP_PROVIDER_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9165`|
 |`APP_PROVIDER_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint`|``|
 |`APP_PROVIDER_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling`|`false`|
diff --git a/static/env-vars/app-provider_readme.md b/static/env-vars/app-provider_readme.md
old mode 100644
new mode 100755
index c3424bc2..b571df65
--- a/static/env-vars/app-provider_readme.md
+++ b/static/env-vars/app-provider_readme.md
@@ -1,6 +1,6 @@
 ---
 title: App Provider
-date: 2025-11-27T22:56:02.331696+01:00
+date: 2026-01-13T14:33:04.555730578Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/app-provider
diff --git a/static/env-vars/app-registry.yaml b/static/env-vars/app-registry.yaml
index cd6c50c9..5704e3af 100644
--- a/static/env-vars/app-registry.yaml
+++ b/static/env-vars/app-registry.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: app-registry.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9243
   token: ""
diff --git a/static/env-vars/app-registry_configvars.md b/static/env-vars/app-registry_configvars.md
index 1546f281..2b0c80d1 100644
--- a/static/env-vars/app-registry_configvars.md
+++ b/static/env-vars/app-registry_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **app-registry** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`APP_REGISTRY_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`APP_REGISTRY_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`APP_REGISTRY_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`APP_REGISTRY_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`APP_REGISTRY_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`APP_REGISTRY_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9243`|
 |`APP_REGISTRY_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`APP_REGISTRY_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
diff --git a/static/env-vars/app-registry_readme.md b/static/env-vars/app-registry_readme.md
old mode 100644
new mode 100755
index 5f7d4ff0..e97d61e5
--- a/static/env-vars/app-registry_readme.md
+++ b/static/env-vars/app-registry_readme.md
@@ -1,6 +1,6 @@
 ---
 title: App Registry
-date: 2025-11-27T22:56:02.33178+01:00
+date: 2026-01-13T14:33:04.555991237Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/app-registry
diff --git a/static/env-vars/audit.yaml b/static/env-vars/audit.yaml
index 5a0cf91f..1c6720df 100644
--- a/static/env-vars/audit.yaml
+++ b/static/env-vars/audit.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: audit.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9229
   token: ""
diff --git a/static/env-vars/audit_configvars.md b/static/env-vars/audit_configvars.md
index 103db962..1e941f06 100644
--- a/static/env-vars/audit_configvars.md
+++ b/static/env-vars/audit_configvars.md
@@ -2,17 +2,14 @@ Environment variables for the **audit** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`AUDIT_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`AUDIT_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`AUDIT_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`AUDIT_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`AUDIT_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`AUDIT_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9229`|
 |`AUDIT_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`AUDIT_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
 |`AUDIT_DEBUG_ZPAGES`| 1.0.0 |bool|`Enables zpages, which can be used for collecting and viewing in-memory traces.`|`false`|
 |`OC_EVENTS_ENDPOINT`<br/>`AUDIT_EVENTS_ENDPOINT`| 1.0.0 |string|`The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.`|`127.0.0.1:9233`|
 |`OC_EVENTS_CLUSTER`<br/>`AUDIT_EVENTS_CLUSTER`| 1.0.0 |string|`The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system.`|`opencloud-cluster`|
-|`OC_INSECURE`<br/>`AUDIT_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
+|`OC_INSECURE`<br/>`OC_EVENTS_TLS_INSECURE`<br/>`AUDIT_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
 |`OC_EVENTS_TLS_ROOT_CA_CERTIFICATE`<br/>`AUDIT_EVENTS_TLS_ROOT_CA_CERTIFICATE`| 1.0.0 |string|`The root CA certificate used to validate the server's TLS certificate. If provided AUDIT_EVENTS_TLS_INSECURE will be seen as false.`|``|
 |`OC_EVENTS_ENABLE_TLS`<br/>`AUDIT_EVENTS_ENABLE_TLS`| 1.0.0 |bool|`Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|`false`|
 |`OC_EVENTS_AUTH_USERNAME`<br/>`AUDIT_EVENTS_AUTH_USERNAME`| 1.0.0 |string|`The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|``|
diff --git a/static/env-vars/audit_readme.md b/static/env-vars/audit_readme.md
old mode 100644
new mode 100755
index 375fcc57..72bb7885
--- a/static/env-vars/audit_readme.md
+++ b/static/env-vars/audit_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Audit
-date: 2025-11-27T22:56:02.331876+01:00
+date: 2026-01-13T14:33:04.556372694Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/audit
diff --git a/static/env-vars/auth-app.yaml b/static/env-vars/auth-app.yaml
index c180ec4e..80924043 100644
--- a/static/env-vars/auth-app.yaml
+++ b/static/env-vars/auth-app.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: auth-app.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9245
   token: ""
diff --git a/static/env-vars/auth-app_configvars.md b/static/env-vars/auth-app_configvars.md
index 07f8cda4..3f231a8d 100644
--- a/static/env-vars/auth-app_configvars.md
+++ b/static/env-vars/auth-app_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **auth-app** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`AUTH_APP_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`AUTH_APP_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`AUTH_APP_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`AUTH_APP_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`AUTH_APP_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`AUTH_APP_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9245`|
 |`AUTH_APP_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`AUTH_APP_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
diff --git a/static/env-vars/auth-app_readme.md b/static/env-vars/auth-app_readme.md
old mode 100644
new mode 100755
index 1e09e336..4cada499
--- a/static/env-vars/auth-app_readme.md
+++ b/static/env-vars/auth-app_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Auth-App
-date: 2025-11-27T22:56:02.331944+01:00
+date: 2026-01-13T14:33:04.556634964Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/auth-app
diff --git a/static/env-vars/auth-basic.yaml b/static/env-vars/auth-basic.yaml
index 3a44e5c4..66f7ae96 100644
--- a/static/env-vars/auth-basic.yaml
+++ b/static/env-vars/auth-basic.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: auth-basic.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9147
   token: ""
@@ -27,7 +23,7 @@ auth_provider: ldap
 auth_providers:
   ldap:
     uri: ldaps://localhost:9235
-    ca_cert: /var/lib/opencloud/idm/ldap.crt
+    ca_cert: /root/.opencloud/idm/ldap.crt
     insecure: false
     bind_dn: uid=reva,ou=sysusers,o=libregraph-idm
     bind_password: ""
diff --git a/static/env-vars/auth-basic_configvars.md b/static/env-vars/auth-basic_configvars.md
index 5e86abc5..04770fcc 100644
--- a/static/env-vars/auth-basic_configvars.md
+++ b/static/env-vars/auth-basic_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **auth-basic** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`AUTH_BASIC_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`AUTH_BASIC_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`AUTH_BASIC_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`AUTH_BASIC_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`AUTH_BASIC_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`AUTH_BASIC_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9147`|
 |`AUTH_BASIC_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`AUTH_BASIC_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
@@ -19,7 +16,7 @@ Environment variables for the **auth-basic** service
 |`AUTH_BASIC_SKIP_USER_GROUPS_IN_TOKEN`| 1.0.0 |bool|`Disables the encoding of the user's group memberships in the reva access token. This reduces the token size, especially when users are members of a large number of groups.`|`false`|
 |`AUTH_BASIC_AUTH_MANAGER`| 1.0.0 |string|`The authentication manager to check if credentials are valid. Supported value is 'ldap'.`|`ldap`|
 |`OC_LDAP_URI`<br/>`AUTH_BASIC_LDAP_URI`| 1.0.0 |string|`URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'`|`ldaps://localhost:9235`|
-|`OC_LDAP_CACERT`<br/>`AUTH_BASIC_LDAP_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/var/lib/opencloud/idm/ldap.crt`|
+|`OC_LDAP_CACERT`<br/>`AUTH_BASIC_LDAP_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/root/.opencloud/idm/ldap.crt`|
 |`OC_LDAP_INSECURE`<br/>`AUTH_BASIC_LDAP_INSECURE`| 1.0.0 |bool|`Disable TLS certificate validation for the LDAP connections. Do not set this in production environments.`|`false`|
 |`OC_LDAP_BIND_DN`<br/>`AUTH_BASIC_LDAP_BIND_DN`| 1.0.0 |string|`LDAP DN to use for simple bind authentication with the target LDAP server.`|`uid=reva,ou=sysusers,o=libregraph-idm`|
 |`OC_LDAP_BIND_PASSWORD`<br/>`AUTH_BASIC_LDAP_BIND_PASSWORD`| 1.0.0 |string|`Password to use for authenticating the 'bind_dn'.`|``|
diff --git a/static/env-vars/auth-basic_readme.md b/static/env-vars/auth-basic_readme.md
old mode 100644
new mode 100755
index 29adb32f..7a040a7b
--- a/static/env-vars/auth-basic_readme.md
+++ b/static/env-vars/auth-basic_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Auth-Basic
-date: 2025-11-27T22:56:02.332069+01:00
+date: 2026-01-13T14:33:04.556905872Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/auth-basic
diff --git a/static/env-vars/auth-bearer.yaml b/static/env-vars/auth-bearer.yaml
index 3d6569a2..f7e28e0e 100644
--- a/static/env-vars/auth-bearer.yaml
+++ b/static/env-vars/auth-bearer.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: auth-bearer.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9149
   token: ""
diff --git a/static/env-vars/auth-bearer_configvars.md b/static/env-vars/auth-bearer_configvars.md
index ce85b095..04f21df1 100644
--- a/static/env-vars/auth-bearer_configvars.md
+++ b/static/env-vars/auth-bearer_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **auth-bearer** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`AUTH_BEARER_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`AUTH_BEARER_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`AUTH_BEARER_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`AUTH_BEARER_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`AUTH_BEARER_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`AUTH_BEARER_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9149`|
 |`AUTH_BEARER_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`AUTH_BEARER_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
diff --git a/static/env-vars/auth-bearer_readme.md b/static/env-vars/auth-bearer_readme.md
old mode 100644
new mode 100755
index fa141399..67a22d86
--- a/static/env-vars/auth-bearer_readme.md
+++ b/static/env-vars/auth-bearer_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Auth-Bearer
-date: 2025-11-27T22:56:02.332138+01:00
+date: 2026-01-13T14:33:04.557099351Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/auth-bearer
diff --git a/static/env-vars/auth-machine.yaml b/static/env-vars/auth-machine.yaml
index b916927d..fe028702 100644
--- a/static/env-vars/auth-machine.yaml
+++ b/static/env-vars/auth-machine.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: auth-machine.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9167
   token: ""
diff --git a/static/env-vars/auth-machine_configvars.md b/static/env-vars/auth-machine_configvars.md
index 11f65a55..fd1cc414 100644
--- a/static/env-vars/auth-machine_configvars.md
+++ b/static/env-vars/auth-machine_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **auth-machine** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`AUTH_MACHINE_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`AUTH_MACHINE_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`AUTH_MACHINE_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`AUTH_MACHINE_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`AUTH_MACHINE_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`AUTH_MACHINE_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9167`|
 |`AUTH_MACHINE_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`AUTH_MACHINE_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
diff --git a/static/env-vars/auth-machine_readme.md b/static/env-vars/auth-machine_readme.md
old mode 100644
new mode 100755
index ec99dc8c..f6e0bbc5
--- a/static/env-vars/auth-machine_readme.md
+++ b/static/env-vars/auth-machine_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Auth-Machine
-date: 2025-11-27T22:56:02.332206+01:00
+date: 2026-01-13T14:33:04.557290939Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/auth-machine
diff --git a/static/env-vars/auth-service.yaml b/static/env-vars/auth-service.yaml
index d310451f..e1cd9551 100644
--- a/static/env-vars/auth-service.yaml
+++ b/static/env-vars/auth-service.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: auth-service.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9198
   token: ""
diff --git a/static/env-vars/auth-service_configvars.md b/static/env-vars/auth-service_configvars.md
index 7b90239d..dab87e73 100644
--- a/static/env-vars/auth-service_configvars.md
+++ b/static/env-vars/auth-service_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **auth-service** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`AUTH_SERVICE_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`AUTH_SERVICE_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`AUTH_SERVICE_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`AUTH_SERVICE_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`AUTH_SERVICE_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`AUTH_SERVICE_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9198`|
 |`AUTH_SERVICE_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`AUTH_SERVICE_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
diff --git a/static/env-vars/auth-service_readme.md b/static/env-vars/auth-service_readme.md
old mode 100644
new mode 100755
index 3452959c..29b95d13
--- a/static/env-vars/auth-service_readme.md
+++ b/static/env-vars/auth-service_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Auth-Service
-date: 2025-11-27T22:56:02.332268+01:00
+date: 2026-01-13T14:33:04.557470608Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/auth-service
diff --git a/static/env-vars/clientlog.yaml b/static/env-vars/clientlog.yaml
index 10419623..283a4b23 100644
--- a/static/env-vars/clientlog.yaml
+++ b/static/env-vars/clientlog.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: clientlog.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9260
   token: ""
diff --git a/static/env-vars/clientlog_configvars.md b/static/env-vars/clientlog_configvars.md
index 0ba67365..f7bbc80b 100644
--- a/static/env-vars/clientlog_configvars.md
+++ b/static/env-vars/clientlog_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **clientlog** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`CLIENTLOG_USERLOG_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`CLIENTLOG_USERLOG_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`CLIENTLOG_USERLOG_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`CLIENTLOG_USERLOG_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`CLIENTLOG_USERLOG_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`CLIENTLOG_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9260`|
 |`CLIENTLOG_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`CLIENTLOG_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
@@ -14,7 +11,7 @@ Environment variables for the **clientlog** service
 |`OC_REVA_GATEWAY`| 1.0.0 |string|`CS3 gateway used to look up user metadata`|`eu.opencloud.api.gateway`|
 |`OC_EVENTS_ENDPOINT`<br/>`CLIENTLOG_EVENTS_ENDPOINT`| 1.0.0 |string|`The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.`|`127.0.0.1:9233`|
 |`OC_EVENTS_CLUSTER`<br/>`CLIENTLOG_EVENTS_CLUSTER`| 1.0.0 |string|`The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system.`|`opencloud-cluster`|
-|`OC_INSECURE`<br/>`CLIENTLOG_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
+|`OC_INSECURE`<br/>`OC_EVENTS_TLS_INSECURE`<br/>`CLIENTLOG_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
 |`OC_EVENTS_TLS_ROOT_CA_CERTIFICATE`<br/>`CLIENTLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE`| 1.0.0 |string|`The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false.`|``|
 |`OC_EVENTS_ENABLE_TLS`<br/>`CLIENTLOG_EVENTS_ENABLE_TLS`| 1.0.0 |bool|`Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|`false`|
 |`OC_EVENTS_AUTH_USERNAME`<br/>`CLIENTLOG_EVENTS_AUTH_USERNAME`| 1.0.0 |string|`The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|``|
diff --git a/static/env-vars/clientlog_readme.md b/static/env-vars/clientlog_readme.md
old mode 100644
new mode 100755
index ae27070c..a5121662
--- a/static/env-vars/clientlog_readme.md
+++ b/static/env-vars/clientlog_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Clientlog Service
-date: 2025-11-27T22:56:02.332344+01:00
+date: 2026-01-13T14:33:04.557668877Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/clientlog
diff --git a/static/env-vars/collaboration.yaml b/static/env-vars/collaboration.yaml
index ef04082d..f0f67838 100644
--- a/static/env-vars/collaboration.yaml
+++ b/static/env-vars/collaboration.yaml
@@ -46,11 +46,7 @@ cs3api:
     insecure: false
   grpc_client_tls: null
   app_registration_interval: 30s
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9304
   token: ""
diff --git a/static/env-vars/collaboration_configvars.md b/static/env-vars/collaboration_configvars.md
index 69eaa680..4dbed3be 100644
--- a/static/env-vars/collaboration_configvars.md
+++ b/static/env-vars/collaboration_configvars.md
@@ -35,10 +35,7 @@ Environment variables for the **collaboration** service
 |`OC_REVA_GATEWAY`| 1.0.0 |string|`CS3 gateway used to look up user metadata.`|`eu.opencloud.api.gateway`|
 |`COLLABORATION_CS3API_DATAGATEWAY_INSECURE`| 1.0.0 |bool|`Connect to the CS3API data gateway insecurely.`|`false`|
 |`COLLABORATION_CS3API_APP_REGISTRATION_INTERVAL`| 4.0.0 |Duration|`The interval at which the app provider registers itself.`|`30s`|
-|`OC_LOG_LEVEL`<br/>`COLLABORATION_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`COLLABORATION_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`COLLABORATION_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`COLLABORATION_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`COLLABORATION_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`COLLABORATION_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9304`|
 |`COLLABORATION_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`COLLABORATION_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
diff --git a/static/env-vars/collaboration_readme.md b/static/env-vars/collaboration_readme.md
old mode 100644
new mode 100755
index 8a1d29fe..a98ac48a
--- a/static/env-vars/collaboration_readme.md
+++ b/static/env-vars/collaboration_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Collaboration
-date: 2025-11-27T22:56:02.332416+01:00
+date: 2026-01-13T14:33:04.557890207Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/collaboration
diff --git a/static/env-vars/eventhistory.yaml b/static/env-vars/eventhistory.yaml
index 4a0bdc7d..dd10658f 100644
--- a/static/env-vars/eventhistory.yaml
+++ b/static/env-vars/eventhistory.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: eventhistory.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9270
   token: ""
diff --git a/static/env-vars/eventhistory_configvars.md b/static/env-vars/eventhistory_configvars.md
index 00df06cd..9302234a 100644
--- a/static/env-vars/eventhistory_configvars.md
+++ b/static/env-vars/eventhistory_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **eventhistory** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`EVENTHISTORY_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`EVENTHISTORY_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`EVENTHISTORY_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`EVENTHISTORY_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`EVENTHISTORY_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`EVENTHISTORY_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9270`|
 |`EVENTHISTORY_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`EVENTHISTORY_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
@@ -13,7 +10,7 @@ Environment variables for the **eventhistory** service
 |`EVENTHISTORY_GRPC_ADDR`| 1.0.0 |string|`The bind address of the GRPC service.`|`127.0.0.1:9274`|
 |`OC_EVENTS_ENDPOINT`<br/>`EVENTHISTORY_EVENTS_ENDPOINT`| 1.0.0 |string|`The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.`|`127.0.0.1:9233`|
 |`OC_EVENTS_CLUSTER`<br/>`EVENTHISTORY_EVENTS_CLUSTER`| 1.0.0 |string|`The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system.`|`opencloud-cluster`|
-|`OC_INSECURE`<br/>`EVENTHISTORY_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
+|`OC_INSECURE`<br/>`OC_EVENTS_TLS_INSECURE`<br/>`EVENTHISTORY_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
 |`OC_EVENTS_TLS_ROOT_CA_CERTIFICATE`<br/>`EVENTHISTORY_EVENTS_TLS_ROOT_CA_CERTIFICATE`| 1.0.0 |string|`The root CA certificate used to validate the server's TLS certificate. Will be seen as empty if NOTIFICATIONS_EVENTS_TLS_INSECURE is provided.`|``|
 |`OC_EVENTS_ENABLE_TLS`<br/>`EVENTHISTORY_EVENTS_ENABLE_TLS`| 1.0.0 |bool|`Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|`false`|
 |`OC_EVENTS_AUTH_USERNAME`<br/>`EVENTHISTORY_EVENTS_AUTH_USERNAME`| 1.0.0 |string|`The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|``|
diff --git a/static/env-vars/eventhistory_readme.md b/static/env-vars/eventhistory_readme.md
old mode 100644
new mode 100755
index 6d31ac18..da28c448
--- a/static/env-vars/eventhistory_readme.md
+++ b/static/env-vars/eventhistory_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Eventhistory
-date: 2025-11-27T22:56:02.332506+01:00
+date: 2026-01-13T14:33:04.558123415Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/eventhistory
diff --git a/static/env-vars/extended_configvars.md b/static/env-vars/extended_configvars.md
index 9e1abaec..9e9b4ec8 100644
--- a/static/env-vars/extended_configvars.md
+++ b/static/env-vars/extended_configvars.md
@@ -2,12 +2,335 @@
 
 | Name | Type | Default Value | Description |
 |---|---|---|---|
+`0` |  |  |  |
+`ACK_GINKGO_DEPRECATIONS` |  |  |  |
+`ACK_GINKGO_DEPRECATIONS` |  |  |  |
+`ACK_GINKGO_RC` |  |  |  |
+`ANSICON` |  |  |  |
+`ANSICON` |  |  |  |
+`ANSICON_VER` |  |  |  |
+`APP_ID` |  |  |  |
+`APP_SECRET` |  |  |  |
+`AWS_ACCESS_KEY` |  |  |  |
+`AWS_ACCESS_KEY_ID` |  |  |  |
+`AWS_CONTAINER_AUTHORIZATION_TOKEN` |  |  |  |
+`AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE` |  |  |  |
+`AWS_CONTAINER_CREDENTIALS_FULL_URI` |  |  |  |
+`AWS_CONTAINER_CREDENTIALS_RELATIVE_URI` |  |  |  |
+`AWS_PROFILE` |  |  |  |
+`AWS_REGION` |  |  |  |
+`AWS_ROLE_ARN` |  |  |  |
+`AWS_ROLE_SESSION_NAME` |  |  |  |
+`AWS_SECRET_ACCESS_KEY` |  |  |  |
+`AWS_SECRET_KEY` |  |  |  |
+`AWS_SESSION_TOKEN` |  |  |  |
+`AWS_SHARED_CREDENTIALS_FILE` |  |  |  |
+`AWS_WEB_IDENTITY_TOKEN_FILE` |  |  |  |
+`BASH_COMP_DEBUG_FILE` |  |  |  |
+`BASH_COMP_DEBUG_FILE` |  |  |  |
+`CI` |  |  |  |
+`CI_SYSTEM_NAME` |  |  |  |
+`CLICOLOR` |  |  |  |
+`CLI_TEMPLATE_ERROR_DEBUG` |  |  |  |
+`CLI_TEMPLATE_ERROR_DEBUG` |  |  |  |
+`COLORTERM` |  |  |  |
+`COLORTERM` |  |  |  |
+`COMSPEC` |  |  |  |
+`CS3_GATEWAY` |  |  |  |
+`CS3_MACHINE_AUTH_API_KEY` |  |  |  |
+`ConEmuANSI` |  |  |  |
+`ConEmuANSI` |  |  |  |
+`DAYS` |  |  |  |
+`DOCKER_AUTH_CONFIG` |  |  |  |
+`DOCKER_CONFIG` |  |  |  |
+`DOCKER_HOST` |  |  |  |
+`DOCKER_HOST` |  |  |  |
+`ENV_VERIFY` |  |  |  |
+`ETCD_CLIENT_DEBUG` |  |  |  |
+`ETCD_CLIENT_DEBUG` |  |  |  |
 `EXPERIMENTAL_REGISTER_INTERVAL` | duration | 25s | The interval at which services will re-register themselves with the registry to prevent expiry. Only change on supervision of openCloud Support. |
 `EXPERIMENTAL_REGISTER_TTL` | duration | 30s | The time-to-live for a service registration in the registry. Services must re-register before this time to prevent expiry. Only change on supervision of openCloud Support. |
+`EXPERIMENTAL_WASM_OPT` |  |  |  |
+`EXPERIMENTAL_WASM_OPT` |  |  |  |
+`EXPERIMENTAL_WASM_OPT_ARGS` |  |  |  |
+`EXPERIMENTAL_WASM_OPT_ARGS` |  |  |  |
+`EnvOverrideAPIVersion` |  |  |  |
+`EnvOverrideCertPath` |  |  |  |
+`EnvOverrideHost` |  |  |  |
+`EnvTLSVerify` |  |  |  |
+`EnvUnixSocketDir` |  |  |  |
+`EnvUnixSocketGroup` |  |  |  |
+`EnvVarLabels` |  |  |  |
+`EnvVarType` |  |  |  |
+`FORCE_COLOR` |  |  |  |
+`FSNOTIFY_DEBUG` |  |  |  |
+`GINKGO_EDITOR_INTEGRATION` |  |  |  |
+`GINKGO_EDITOR_INTEGRATION` |  |  |  |
+`GINKGO_EDITOR_INTEGRATION` |  |  |  |
+`GINKGO_EDITOR_INTEGRATION` |  |  |  |
+`GINKGO_PARALLEL_PROTOCOL` |  |  |  |
+`GINKGO_PARALLEL_PROTOCOL` |  |  |  |
+`GINKGO_PRESERVE_CACHE` |  |  |  |
+`GINKGO_PRUNE_STACK` |  |  |  |
+`GINKGO_TIME_FORMAT` |  |  |  |
+`GINKGO_TIME_FORMAT` |  |  |  |
+`GITHUB_ACTIONS` |  |  |  |
+`GO15VENDOREXPERIMENT` |  |  |  |
+`GO15VENDOREXPERIMENT` |  |  |  |
+`GODEBUG` |  |  |  |
+`GODEBUG` |  |  |  |
+`GODEBUG` |  |  |  |
+`GOOS` |  |  |  |
+`GOPACKAGESPRINTDRIVERERRORS` |  |  |  |
+`GOPROCESS` |  |  |  |
+`GOPROTODEBUG` |  |  |  |
+`GRACEFUL` |  |  |  |
+`GRPC_GO_LOG_FORMATTER` |  |  |  |
+`GRPC_GO_LOG_SEVERITY_LEVEL` |  |  |  |
+`GRPC_GO_LOG_VERBOSITY_LEVEL` |  |  |  |
+`GRPC_TEST_ONLY_GOOGLE_C2P_RESOLVER_TRAFFIC_DIRECTOR_URI` |  |  |  |
+`HOME` |  |  |  |
+`HOME` |  |  |  |
+`HOME` |  |  |  |
+`HOME` |  |  |  |
+`HOMEDRIVE` |  |  |  |
+`HOMEDRIVE` |  |  |  |
+`HOMEDRIVE` |  |  |  |
+`HOMEPATH` |  |  |  |
+`HOMEPATH` |  |  |  |
+`HOMEPATH` |  |  |  |
+`HOSTNAME` |  |  |  |
+`HOSTNAME` |  |  |  |
+`HOSTNAME` |  |  |  |
+`HOSTNAME` |  |  |  |
+`HOSTNAME` |  |  |  |
+`HOSTNAME` |  |  |  |
+`HOSTNAME` |  |  |  |
+`HOST_ROOT` |  |  |  |
+`HOST_ROOT` |  |  |  |
+`HOST_ROOT` |  |  |  |
+`IDENTITY_ENDPOINT` |  |  |  |
+`IDENTITY_HEADER` |  |  |  |
+`JOURNAL_STREAM` |  |  |  |
+`KIDM_TEMPLATE_DEBUG` |  |  |  |
+`KOPANO_DEBUG_SERVER_REQUEST_LOG` |  |  |  |
+`KUBERNETES_SERVICE_HOST` |  |  |  |
+`KUBERNETES_SERVICE_PORT` |  |  |  |
+`LANG` |  |  |  |
+`LANG` |  |  |  |
+`LC_ALL` |  |  |  |
+`LC_CTYPE` |  |  |  |
+`LC_CTYPE` |  |  |  |
+`LDAP_BASEDN` |  |  |  |
+`LDAP_BINDDN` |  |  |  |
+`LDAP_BINDPW` |  |  |  |
+`LDAP_EMAIL_ATTRIBUTE` |  |  |  |
+`LDAP_FAMILY_NAME_ATTRIBUTE` |  |  |  |
+`LDAP_FILTER` |  |  |  |
+`LDAP_GIVEN_NAME_ATTRIBUTE` |  |  |  |
+`LDAP_LOGIN_ATTRIBUTE` |  |  |  |
+`LDAP_NAME_ATTRIBUTE` |  |  |  |
+`LDAP_SCOPE` |  |  |  |
+`LDAP_SUB_ATTRIBUTES` |  |  |  |
+`LDAP_TLS_CACERT` |  |  |  |
+`LDAP_UIDNUMBER_ATTRIBUTE` |  |  |  |
+`LDAP_URI` |  |  |  |
+`LDAP_UUID_ATTRIBUTE` |  |  |  |
+`LDAP_UUID_ATTRIBUTE_TYPE` |  |  |  |
+`LIBREGRAPH_SCOPED_URIS` |  |  |  |
+`LIBREGRAPH_URI` |  |  |  |
+`LogEnv` |  |  |  |
+`MD2MAN_DEBUG` |  |  |  |
 `MICRO_LOG_LEVEL` | string | Error | Set the log level for the internal go micro framework. Only change on supervision of openCloud Support. |
+`MICRO_LOG_LEVEL` |  |  |  |
+`MICRO_LOG_LEVEL` |  |  |  |
+`MICRO_LOG_LEVEL` |  |  |  |
+`MICRO_NETWORK` |  |  |  |
+`MICRO_NETWORK_ADDRESS` |  |  |  |
+`MICRO_PROXY` |  |  |  |
 `MICRO_REGISTRY` | string | nats-js-kv | The type of registry to use. Only change on supervision of openCloud Support. |
 `MICRO_REGISTRY_ADDRESS` | string | 127.0.0.1:9233 | The bind address of the internal natsjs registry. Only change on supervision of openCloud Support. |
 `MICRO_REGISTRY_AUTH_PASSWORD` | string |  | Optional when using nats to authenticate with the nats cluster. |
+`MINIO_ACCESS_KEY` |  |  |  |
+`MINIO_ALIAS` |  |  |  |
+`MINIO_GO_TEST_BUCKET_CORS` |  |  |  |
+`MINIO_ROOT_PASSWORD` |  |  |  |
+`MINIO_ROOT_USER` |  |  |  |
+`MINIO_SECRET_KEY` |  |  |  |
+`MINT_MODE` |  |  |  |
+`MINT_NO_FULL_OBJECT` |  |  |  |
+`MINT_NO_FULL_OBJECT` |  |  |  |
+`MINT_NO_FULL_OBJECT` |  |  |  |
+`MOBY_DISABLE_PIGZ` |  |  |  |
+`MONTH` |  |  |  |
+`MSYSTEM` |  |  |  |
+`NOTIFY_ACCOUNTID` |  |  |  |
+`NOTIFY_ACCOUNTID` |  |  |  |
+`NOTIFY_BUCKET` |  |  |  |
+`NOTIFY_BUCKET` |  |  |  |
+`NOTIFY_REGION` |  |  |  |
+`NOTIFY_REGION` |  |  |  |
+`NOTIFY_RESOURCE` |  |  |  |
+`NOTIFY_RESOURCE` |  |  |  |
+`NOTIFY_SERVICE` |  |  |  |
+`NOTIFY_SERVICE` |  |  |  |
+`NO_COLOR` |  |  |  |
+`NO_COLOR` |  |  |  |
+`NO_COLOR` |  |  |  |
+`NO_COLOR` |  |  |  |
 `OC_BASE_DATA_PATH` | string |  | The base directory location used by several services and for user data. See the General Info section in the documentation for more details on defaults. Services can have, if available, an individual setting with an own environment variable. |
+`OC_BASE_DATA_PATH` |  |  |  |
+`OC_CONFIG_DIR` |  |  |  |
 `OC_CONFIG_DIR` | string |  | The default directory location for config files. See the General Info section in the documentation for more details on defaults. |
-`OC_GRPC_MAX_RECEIVED_MESSAGE_SIZE` | integer | 10240000 | Sets the maximum message size in bytes the GRPC client can receive. |
\ No newline at end of file
+`OC_GRPC_MAX_RECEIVED_MESSAGE_SIZE` | integer | 10240000 | Sets the maximum message size in bytes the GRPC client can receive. |
+`OC_GRPC_MAX_RECEIVED_MESSAGE_SIZE` |  |  |  |
+`OPA_TELEMETRY_SERVICE_URL` |  |  |  |
+`PATH` |  |  |  |
+`PATH` |  |  |  |
+`PATH` |  |  |  |
+`PLUGIN_CLIENT_CERT` |  |  |  |
+`PLUGIN_MAX_PORT` |  |  |  |
+`PLUGIN_MIN_PORT` |  |  |  |
+`PLUGIN_PROTOCOL_VERSIONS` |  |  |  |
+`PSHOME` |  |  |  |
+`PWD` |  |  |  |
+`REVA_APPPROVIDER_IOPSECRET` |  |  |  |
+`REVA_SMTP_SENDER_PASSWORD` |  |  |  |
+`RUNEWIDTH_EASTASIAN` |  |  |  |
+`RUN_CMD_TEST` |  |  |  |
+`RUN_ON_FAIL` |  |  |  |
+`RYUK_PORT` |  |  |  |
+`SHELL` |  |  |  |
+`SSH_AUTH_SOCK` |  |  |  |
+`SSH_AUTH_SOCK` |  |  |  |
+`SSH_KNOWN_HOSTS` |  |  |  |
+`SSL_CERT_FILE` |  |  |  |
+`TERM` |  |  |  |
+`TERM` |  |  |  |
+`TERM` |  |  |  |
+`TERM` |  |  |  |
+`TERM` |  |  |  |
+`TERM` |  |  |  |
+`TERMINAL_EMULATOR` |  |  |  |
+`TERM_PROGRAM` |  |  |  |
+`TERM_PROGRAM` |  |  |  |
+`TERM_PROGRAM_VERSION` |  |  |  |
+`TESTCONTAINERS_HUB_IMAGE_NAME_PREFIX` |  |  |  |
+`TESTCONTAINERS_RYUK_CONTAINER_PRIVILEGED` |  |  |  |
+`TESTCONTAINERS_RYUK_DISABLED` |  |  |  |
+`USER` |  |  |  |
+`USERPROFILE` |  |  |  |
+`USERPROFILE` |  |  |  |
+`USERPROFILE` |  |  |  |
+`USE_TESTCONTAINERS` |  |  |  |
+`WSL_DISTRO_NAME` |  |  |  |
+`WT_SESSION` |  |  |  |
+`XDG_CONFIG_HOME` |  |  |  |
+`XDSBootstrapFileContentEnv` |  |  |  |
+`XDSBootstrapFileNameEnv` |  |  |  |
+`YEAR` |  |  |  |
+`_registryAddressEnv` |  |  |  |
+`_registryAddressEnv` |  |  |  |
+`_registryEnv` |  |  |  |
+`_registryPasswordEnv` |  |  |  |
+`_registryRegisterIntervalEnv` |  |  |  |
+`_registryRegisterTTLEnv` |  |  |  |
+`_registryUsernameEnv` |  |  |  |
+`_serverMaxConnectionAgeEnv` |  |  |  |
+`_serverMaxConnectionAgeEnv` |  |  |  |
+`accessKey` |  |  |  |
+`accessKey` |  |  |  |
+`accessKeyEnvVar` |  |  |  |
+`activeHelpEnvVar(cmd.Root(` |  |  |  |
+`activeHelpEnvVar(cmd.Root(` |  |  |  |
+`activeHelpGlobalEnvVar` |  |  |  |
+`activeHelpGlobalEnvVar` |  |  |  |
+`ansiterm.LogEnv` |  |  |  |
+`awsConfigFileEnvVar` |  |  |  |
+`awsCredentialsFileEnvVar` |  |  |  |
+`awsDomainEnvVar` |  |  |  |
+`awsDomainEnvVar` |  |  |  |
+`awsProfileEnvVar` |  |  |  |
+`awsProfileEnvVar` |  |  |  |
+`awsRegionEnvVar` |  |  |  |
+`awsRegionEnvVar` |  |  |  |
+`awsRegionEnvVar` |  |  |  |
+`awsRegionEnvVar` |  |  |  |
+`awsRegionEnvVar` |  |  |  |
+`awsRoleArnEnvVar` |  |  |  |
+`awsRoleArnEnvVar` |  |  |  |
+`awsWebIdentityTokenFileEnvVar` |  |  |  |
+`configEnvVar(cmd.Root(` |  |  |  |
+`configEnvVar(configEnvVarGlobalPrefix, suffix` |  |  |  |
+`defaultHTTPRequestTimeoutEnv` |  |  |  |
+`ecsFullPathEnvVar` |  |  |  |
+`ecsRelativePathEnvVar` |  |  |  |
+`enableHTTPS` |  |  |  |
+`enableHTTPS` |  |  |  |
+`enableHTTPS` |  |  |  |
+`enableHTTPS` |  |  |  |
+`enableHTTPS` |  |  |  |
+`enableHTTPS` |  |  |  |
+`enableKMS` |  |  |  |
+`enableKMS` |  |  |  |
+`env` |  |  |  |
+`env` |  |  |  |
+`envAUTOMEMLIMIT_EXPERIMENT` |  |  |  |
+`envMultiplexGRPC` |  |  |  |
+`envMultiplexGRPC` |  |  |  |
+`envName` |  |  |  |
+`envObservabilityConfig` |  |  |  |
+`envObservabilityConfigFile` |  |  |  |
+`envStr` |  |  |  |
+`envVar` |  |  |  |
+`envVar` |  |  |  |
+`envVar` |  |  |  |
+`envVar` |  |  |  |
+`envVar` |  |  |  |
+`envVerify` |  |  |  |
+`f.key` |  |  |  |
+`key` |  |  |  |
+`key` |  |  |  |
+`key` |  |  |  |
+`key` |  |  |  |
+`key` |  |  |  |
+`key` |  |  |  |
+`key` |  |  |  |
+`key` |  |  |  |
+`key` |  |  |  |
+`key` |  |  |  |
+`key` |  |  |  |
+`n` |  |  |  |
+`name` |  |  |  |
+`name` |  |  |  |
+`name` |  |  |  |
+`name` |  |  |  |
+`name` |  |  |  |
+`name` |  |  |  |
+`name` |  |  |  |
+`name` |  |  |  |
+`name` |  |  |  |
+`name` |  |  |  |
+`opts.MagicCookieKey` |  |  |  |
+`parts[0]` |  |  |  |
+`prefix + envVar` |  |  |  |
+`resourceAttrKey` |  |  |  |
+`s` |  |  |  |
+`secretKey` |  |  |  |
+`secretKey` |  |  |  |
+`secretKeyEnvVar` |  |  |  |
+`securityTokenEnvVar` |  |  |  |
+`serverEndpoint` |  |  |  |
+`serverEndpoint` |  |  |  |
+`serverEndpoint` |  |  |  |
+`serverEndpoint` |  |  |  |
+`serverEndpoint` |  |  |  |
+`sessionTokenEnvVar` |  |  |  |
+`skipCERTValidation` |  |  |  |
+`strings.ToLower(key` |  |  |  |
+`strings.ToUpper(key` |  |  |  |
+`svcNameKey` |  |  |  |
+`tlsClientCertEnvVar` |  |  |  |
+`tlsClientKeyEnvVar` |  |  |  |
+`v` |  |  |  |
+`v` |  |  |  |
\ No newline at end of file
diff --git a/static/env-vars/frontend.yaml b/static/env-vars/frontend.yaml
index b9bcafae..996be0f5 100644
--- a/static/env-vars/frontend.yaml
+++ b/static/env-vars/frontend.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: frontend.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9141
   token: ""
@@ -76,7 +72,6 @@ default_upload_protocol: tus
 enable_federated_sharing_incoming: false
 enable_federated_sharing_outgoing: false
 search_min_length: 3
-edition: ""
 disable_sse: false
 disable_radicale: false
 default_link_permissions: 1
@@ -111,6 +106,27 @@ ocs:
   public_sharing_share_must_have_password: true
   public_sharing_writeableshare_must_have_password: false
   show_email_in_results: false
+ocdav:
+  prefix: ""
+  skip_user_groups_in_token: false
+  webdav_namespace: /users/{{.Id.OpaqueId}}
+  files_namespace: /users/{{.Id.OpaqueId}}
+  shares_namespace: /Shares
+  ocm_namespace: /public
+  public_url: https://localhost:9200
+  insecure: false
+  enable_http_tpc: false
+  gateway_request_timeout: 84300
+  machine_auth_api_key: ""
+  allow_propfind_depth_infinity: false
+  name_validation:
+    invalid_chars:
+    - "\f"
+    - "\r"
+    - |2+
+
+    - \
+    max_length: 255
 checksums:
   supported_types:
   - sha1
diff --git a/static/env-vars/frontend_configvars.md b/static/env-vars/frontend_configvars.md
index 415a7032..ba6f988c 100644
--- a/static/env-vars/frontend_configvars.md
+++ b/static/env-vars/frontend_configvars.md
@@ -1,5 +1,5 @@
 
-2025-11-27-22-55-58
+2026-01-13-14-32-58
 
 # Deprecation Notice
 
@@ -25,10 +25,7 @@ Environment variables for the **frontend** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`FRONTEND_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`FRONTEND_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`FRONTEND_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`FRONTEND_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`FRONTEND_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`FRONTEND_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9141`|
 |`FRONTEND_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`FRONTEND_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
@@ -55,7 +52,6 @@ Environment variables for the **frontend** service
 |`OC_ENABLE_OCM`<br/>`FRONTEND_ENABLE_FEDERATED_SHARING_INCOMING`| 1.0.0 |bool|`Changing this value is NOT supported. Enables support for incoming federated sharing for clients. The backend behaviour is not changed.`|`false`|
 |`OC_ENABLE_OCM`<br/>`FRONTEND_ENABLE_FEDERATED_SHARING_OUTGOING`| 1.0.0 |bool|`Changing this value is NOT supported. Enables support for outgoing federated sharing for clients. The backend behaviour is not changed.`|`false`|
 |`FRONTEND_SEARCH_MIN_LENGTH`| 1.0.0 |int|`Minimum number of characters to enter before a client should start a search for Share receivers. This setting can be used to customize the user experience if e.g too many results are displayed.`|`3`|
-|`OC_EDITION`<br/>`FRONTEND_EDITION`| 1.0.0 |string|`Edition of OpenCloud. Used for branding purposes.`|``|
 |`OC_DISABLE_SSE`<br/>`FRONTEND_DISABLE_SSE`| 1.0.0 |bool|`When set to true, clients are informed that the Server-Sent Events endpoint is not accessible.`|`false`|
 |`FRONTEND_DISABLE_RADICALE`| 4.0.0 |bool|`When set to true, clients are informed that the Radicale (CalDAV/CardDAV) is not accessible.`|`false`|
 |`FRONTEND_DEFAULT_LINK_PERMISSIONS`| 1.0.0 |int|`Defines the default permissions a link is being created with. Possible values are 0 (= internal link, for instance members only) and 1 (= public link with viewer permissions). Defaults to 1.`|`1`|
@@ -85,6 +81,21 @@ Environment variables for the **frontend** service
 |`OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD`<br/>`FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD`| 1.0.0 |bool|`Set this to true if you want to enforce passwords on all public shares.`|`true`|
 |`OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD`<br/>`FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD`| 1.0.0 |bool|`Set this to true if you want to enforce passwords for writable shares. Only effective if the setting for 'passwords on all public shares' is set to false.`|`false`|
 |`OC_SHOW_USER_EMAIL_IN_RESULTS`| 1.0.0 |bool|`Include user email addresses in responses. If absent or set to false emails will be omitted from results. Please note that admin users can always see all email addresses.`|`false`|
+|`OCDAV_HTTP_PREFIX`<br/>`FRONTENT_OCDAV_HTTP_PREFIX`| 1.0.0 |string|`A URL path prefix for the handler.`|``|
+|`OCDAV_SKIP_USER_GROUPS_IN_TOKEN`<br/>`FRONTENT_OCDAV_SKIP_USER_GROUPS_IN_TOKEN`| 1.0.0 |bool|`Disables the loading of user's group memberships from the reva access token.`|`false`|
+|`OCDAV_WEBDAV_NAMESPACE`<br/>`FRONTENT_OCDAV_WEBDAV_NAMESPACE`| 1.0.0 |string|`Jail requests to /dav/webdav into this CS3 namespace. Supports template layouting with CS3 User properties.`|`/users/{{.Id.OpaqueId}}`|
+|`OCDAV_FILES_NAMESPACE`<br/>`FRONTENT_OCDAV_FILES_NAMESPACE`| 1.0.0 |string|`Jail requests to /dav/files/{username} into this CS3 namespace. Supports template layouting with CS3 User properties.`|`/users/{{.Id.OpaqueId}}`|
+|`OCDAV_SHARES_NAMESPACE`<br/>`FRONTENT_OCDAV_SHARES_NAMESPACE`| 1.0.0 |string|`The human readable path for the share jail. Relative to a users personal space root. Upcased intentionally.`|`/Shares`|
+|`OCDAV_OCM_NAMESPACE`<br/>`FRONTENT_OCDAV_OCM_NAMESPACE`| 1.0.0 |string|`The human readable path prefix for the ocm shares.`|`/public`|
+|`OC_URL`<br/>`OCDAV_PUBLIC_URL`<br/>`FRONTENT_OCDAV_PUBLIC_URL`| 1.0.0 |string|`URL where OpenCloud is reachable for users.`|`https://localhost:9200`|
+|`OC_INSECURE`<br/>`OCDAV_INSECURE`<br/>`FRONTENT_OCDAV_INSECURE`| 1.0.0 |bool|`Allow insecure connections to the GATEWAY service.`|`false`|
+|`OCDAV_ENABLE_HTTP_TPC`<br/>`FRONTENT_OCDAV_ENABLE_HTTP_TPC`| next |bool|`Enable HTTP / WebDAV Third-Party-Copy support.`|`false`|
+|`OCDAV_GATEWAY_REQUEST_TIME`<br/>`FRONTENT_OUTOCDAV_GATEWAY_REQUEST_TIMEOUT`| 1.0.0 |int64|`Request timeout in seconds for requests from the oCDAV service to the GATEWAY service.`|`84300`|
+|`OC_MACHINE_AUTH_API_KEY`<br/>`OCDAV_MACHINE_AUTH_API_KEY`<br/>`FRONTENT_OCDAV_MACHINE_AUTH_API_KEY`| 1.0.0 |string|`Machine auth API key used to validate internal requests necessary for the access to resources from other services.`|``|
+|`OCDAV_ALLOW_PROPFIND_DEPTH_INFINITY`<br/>`FRONTENT_OCDAV_ALLOW_PROPFIND_DEPTH_INFINITY`| 1.0.0 |bool|`Allow the use of depth infinity in PROPFINDS. When enabled, a propfind will traverse through all subfolders. If many subfolders are expected, depth infinity can cause heavy server load and/or delayed response times.`|`false`|
+|`OCDAV_NAME_VALIDATION_INVALID_CHARS`<br/>`FRONTENT_OCDAV_NAME_VALIDATION_INVALID_CHARS`| next |[]string|`List of characters that are not allowed in file or folder names.`|`[ 
 
+ \]`|
+|`OCDAV_NAME_VALIDATION_MAX_LENGTH`<br/>`FRONTENT_OCDAV_NAME_VALIDATION_MAX_LENGTH`| next |int|`Max lenght og file or folder names.`|`255`|
 |`FRONTEND_CHECKSUMS_SUPPORTED_TYPES`| 1.0.0 |[]string|`A list of checksum types that indicate to clients which hashes the server can use to verify upload integrity. Supported types are 'sha1', 'md5' and 'adler32'. See the Environment Variable Types description for more details.`|`[sha1 md5 adler32]`|
 |`FRONTEND_CHECKSUMS_PREFERRED_UPLOAD_TYPE`| 1.0.0 |string|`The supported checksum type for uploads that indicates to clients supporting multiple hash algorithms which one is preferred by the server. Must be one out of the defined list of SUPPORTED_TYPES.`|`sha1`|
 |`FRONTEND_READONLY_USER_ATTRIBUTES`| 1.0.0 |[]string|`A list of user attributes to indicate as read-only. Supported values: 'user.onPremisesSamAccountName' (username), 'user.displayName', 'user.mail', 'user.passwordProfile' (password), 'user.appRoleAssignments' (role), 'user.memberOf' (groups), 'user.accountEnabled' (login allowed), 'drive.quota' (quota). See the Environment Variable Types description for more details.`|`[]`|
@@ -94,8 +105,8 @@ Environment variables for the **frontend** service
 |`FRONTEND_CHECK_FOR_UPDATES`| 3.6.0 |bool|`Enable automatic checking for updates. Defaults to true.`|`true`|
 |`OC_EVENTS_ENDPOINT`<br/>`FRONTEND_EVENTS_ENDPOINT`| 1.0.0 |string|`The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.`|`127.0.0.1:9233`|
 |`OC_EVENTS_CLUSTER`<br/>`FRONTEND_EVENTS_CLUSTER`| 1.0.0 |string|`The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system.`|`opencloud-cluster`|
-|`OC_INSECURE`<br/>`FRONTEND_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
-|`FRONTEND_EVENTS_TLS_ROOT_CA_CERTIFICATE`<br/>`OCS_EVENTS_TLS_ROOT_CA_CERTIFICATE`| 1.0.0 |string|`The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false.`|``|
+|`OC_INSECURE`<br/>`OC_EVENTS_TLS_INSECURE`<br/>`FRONTEND_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
+|`OC_EVENTS_TLS_ROOT_CA_CERTIFICATE`<br/>`FRONTEND_EVENTS_TLS_ROOT_CA_CERTIFICATE`<br/>`OCS_EVENTS_TLS_ROOT_CA_CERTIFICATE`| 1.0.0 |string|`The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false.`|``|
 |`OC_EVENTS_ENABLE_TLS`<br/>`FRONTEND_EVENTS_ENABLE_TLS`| 1.0.0 |bool|`Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|`false`|
 |`OC_EVENTS_AUTH_USERNAME`<br/>`FRONTEND_EVENTS_AUTH_USERNAME`| 1.0.0 |string|`The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|``|
 |`OC_EVENTS_AUTH_PASSWORD`<br/>`FRONTEND_EVENTS_AUTH_PASSWORD`| 1.0.0 |string|`The password to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|``|
diff --git a/static/env-vars/frontend_readme.md b/static/env-vars/frontend_readme.md
old mode 100644
new mode 100755
index 578de0bc..c675d5d5
--- a/static/env-vars/frontend_readme.md
+++ b/static/env-vars/frontend_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Frontend
-date: 2025-11-27T22:56:02.332575+01:00
+date: 2026-01-13T14:33:04.558448703Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/frontend
diff --git a/static/env-vars/gateway.yaml b/static/env-vars/gateway.yaml
index 6831c5c6..410ed3ea 100644
--- a/static/env-vars/gateway.yaml
+++ b/static/env-vars/gateway.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: gateway.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9143
   token: ""
diff --git a/static/env-vars/gateway_configvars.md b/static/env-vars/gateway_configvars.md
index c17ecb8a..b9b218f3 100644
--- a/static/env-vars/gateway_configvars.md
+++ b/static/env-vars/gateway_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **gateway** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`GATEWAY_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`GATEWAY_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`GATEWAY_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`GATEWAY_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`GATEWAY_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`GATEWAY_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9143`|
 |`GATEWAY_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`GATEWAY_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
diff --git a/static/env-vars/gateway_readme.md b/static/env-vars/gateway_readme.md
old mode 100644
new mode 100755
index 31af233e..f70e00fc
--- a/static/env-vars/gateway_readme.md
+++ b/static/env-vars/gateway_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Gateway
-date: 2025-11-27T22:56:02.332732+01:00
+date: 2026-01-13T14:33:04.558835421Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/gateway
diff --git a/static/env-vars/global_configvars.md b/static/env-vars/global_configvars.md
index b2d2d2ea..4a066a72 100644
--- a/static/env-vars/global_configvars.md
+++ b/static/env-vars/global_configvars.md
@@ -3,7 +3,7 @@
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|---|
 `IDM_CREATE_DEMO_USERS` | 1.0.0 | bool | The default role assignments the demo users should be setup. | false |
-`OC_ADMIN_USER_ID` | 1.0.0 | string | ID of the user who collects all necessary information for deletion. Consider that the UUID can be encoded in some LDAP deployment configurations like in .ldif files. These need to be decoded beforehand. |  |
+`OC_ADMIN_USER_ID` | 1.0.0 | string | ID of the user that should receive admin privileges. Consider that the UUID can be encoded in some LDAP deployment configurations like in .ldif files. These need to be decoded beforehand. |  |
 `OC_ASYNC_UPLOADS` | 1.0.0 | bool | Enable asynchronous file uploads. | true |
 `OC_CACHE_AUTH_PASSWORD` | 1.0.0 | string | The password to use for authentication. Only applies when store type 'nats-js-kv' is configured. |  |
 `OC_CACHE_AUTH_USERNAME` | 1.0.0 | string | The username to use for authentication. Only applies when store type 'nats-js-kv' is configured. |  |
@@ -12,21 +12,21 @@
 `OC_CACHE_STORE` | 1.0.0 | string | The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details. | noop |
 `OC_CACHE_STORE_NODES` | 1.0.0 | []string | A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. | [127.0.0.1:9233] |
 `OC_CACHE_TTL` | 1.0.0 | Duration | Default time to live for user info in the cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details. | 5m0s |
-`OC_CORS_ALLOW_CREDENTIALS` | 1.0.0 | bool | Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at \https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials. | true |
-`OC_CORS_ALLOW_HEADERS` | 1.0.0 | []string | A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at \https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details. | [Authorization Origin Content-Type Accept X-Requested-With X-Request-Id Cache-Control] |
-`OC_CORS_ALLOW_METHODS` | 1.0.0 | []string | A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at \https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details. | [GET POST PUT PATCH DELETE OPTIONS] |
-`OC_CORS_ALLOW_ORIGINS` | 1.0.0 | []string | A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at \https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details. | [*] |
+`OC_CORS_ALLOW_CREDENTIALS` | 1.0.0 | bool | Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at \https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials. | false |
+`OC_CORS_ALLOW_HEADERS` | 1.0.0 | []string | A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at \https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details. | [Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires Upload-Checksum Upload-Offset X-HTTP-Method-Override Cache-Control] |
+`OC_CORS_ALLOW_METHODS` | 1.0.0 | []string | A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at \https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details. | [OPTIONS HEAD GET PUT POST DELETE MKCOL PROPFIND PROPPATCH MOVE COPY REPORT SEARCH] |
+`OC_CORS_ALLOW_ORIGINS` | 1.0.0 | []string | A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at \https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details. | [https://localhost:9200] |
 `OC_DECOMPOSEDFS_PROPAGATOR` | 1.0.0 | string | The propagator used for decomposedfs. At the moment, only 'sync' is fully supported, 'async' is available as an experimental option. | sync |
-`OC_DEFAULT_LANGUAGE` | 1.0.0 | string | The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details. |  |
+`OC_DEFAULT_LANGUAGE` | 1.0.0 | string | The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details. | en |
 `OC_DISABLE_VERSIONING` | 1.0.0 | bool | Disables versioning of files. When set to true, new uploads with the same filename will overwrite existing files instead of creating a new version. | false |
-`OC_EDITION` | 1.0.0 | string | Edition of OpenCloud. Used for branding purposes. |  |
-`OC_ENABLE_OCM` | 1.0.0 | bool | Changing this value is NOT supported. Enables support for incoming federated sharing for clients. The backend behaviour is not changed. | false |
+`OC_ENABLE_OCM` | 1.0.0 | bool | Include OCM sharees when listing users. | false |
 `OC_EVENTS_AUTH_PASSWORD` | 1.0.0 | string | The password to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services. |  |
 `OC_EVENTS_AUTH_USERNAME` | 1.0.0 | string | The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services. |  |
 `OC_EVENTS_CLUSTER` | 1.0.0 | string | The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. | opencloud-cluster |
 `OC_EVENTS_ENABLE_TLS` | 1.0.0 | bool | Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services. | false |
 `OC_EVENTS_ENDPOINT` | 1.0.0 | string | The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. | 127.0.0.1:9233 |
-`OC_EVENTS_TLS_ROOT_CA_CERTIFICATE` | 1.0.0 | string | The root CA certificate used to validate the server's TLS certificate. If provided POLICIES_EVENTS_TLS_INSECURE will be seen as false. |  |
+`OC_EVENTS_TLS_INSECURE` | 1.0.0 | bool | Whether to verify the server TLS certificates. | false |
+`OC_EVENTS_TLS_ROOT_CA_CERTIFICATE` | 1.0.0 | string | The root CA certificate used to validate the server's TLS certificate. If provided OCM_EVENTS_TLS_INSECURE will be seen as false. |  |
 `OC_GATEWAY_GRPC_ADDR` | 1.0.0 | string | The bind address of the GRPC service. | 127.0.0.1:9142 |
 `OC_GRPC_CLIENT_TLS_CACERT` | 1.0.0 | string | Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the go-micro based grpc services. |  |
 `OC_GRPC_CLIENT_TLS_MODE` | 1.0.0 | string | TLS mode for grpc connection to the go-micro based grpc services. Possible values are 'off', 'insecure' and 'on'. 'off': disables transport security for the clients. 'insecure' allows using transport security, but disables certificate verification (to be used with the autogenerated self-signed certificates). 'on' enables transport security, including server certificate verification. |  |
@@ -34,51 +34,48 @@
 `OC_HTTP_TLS_CERTIFICATE` | 1.0.0 | string | Path/File name of the TLS server certificate (in PEM format) for the http services. |  |
 `OC_HTTP_TLS_ENABLED` | 1.0.0 | bool | Activates TLS for the http based services using the server certifcate and key configured via OC_HTTP_TLS_CERTIFICATE and OC_HTTP_TLS_KEY. If OC_HTTP_TLS_CERTIFICATE is not set a temporary server certificate is generated - to be used with PROXY_INSECURE_BACKEND=true. | false |
 `OC_HTTP_TLS_KEY` | 1.0.0 | string | Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the http services. |  |
-`OC_INSECURE` | 1.0.0 | bool | Whether the server should skip the client certificate verification during the TLS handshake. | false |
+`OC_INSECURE` | 1.0.0 | bool | Whether to verify the server TLS certificates. | false |
 `OC_JWT_SECRET` | 1.0.0 | string | The secret to mint and validate jwt tokens. |  |
 `OC_KEYCLOAK_BASE_PATH` | 1.0.0 | string | The URL to access keycloak. |  |
-`OC_KEYCLOAK_CLIENT_ID` | 1.0.0 | string | The client ID to authenticate with keycloak. |  |
+`OC_KEYCLOAK_CLIENT_ID` | 1.0.0 | string | The client id to authenticate with keycloak. |  |
 `OC_KEYCLOAK_CLIENT_REALM` | 1.0.0 | string | The realm the client is defined in. |  |
 `OC_KEYCLOAK_CLIENT_SECRET` | 1.0.0 | string | The client secret to use in authentication. |  |
 `OC_KEYCLOAK_INSECURE_SKIP_VERIFY` | 1.0.0 | bool | Disable TLS certificate validation for Keycloak connections. Do not set this in production environments. | false |
 `OC_KEYCLOAK_USER_REALM` | 1.0.0 | string | The realm users are defined. |  |
 `OC_LDAP_BIND_DN` | 1.0.0 | string | LDAP DN to use for simple bind authentication with the target LDAP server. | uid=reva,ou=sysusers,o=libregraph-idm |
 `OC_LDAP_BIND_PASSWORD` | 1.0.0 | string | Password to use for authenticating the 'bind_dn'. |  |
-`OC_LDAP_CACERT` | 1.0.0 | string | Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm. | /var/lib/opencloud/idm/ldap.crt |
+`OC_LDAP_CACERT` | 1.0.0 | string | Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm. | /root/.opencloud/idm/ldap.crt |
 `OC_LDAP_DISABLED_USERS_GROUP_DN` | 1.0.0 | string | The distinguished name of the group to which added users will be classified as disabled when 'disable_user_mechanism' is set to 'group'. | cn=DisabledUsersGroup,ou=groups,o=libregraph-idm |
-`OC_LDAP_DISABLE_USER_MECHANISM` | 1.0.0 | string | An option to control the behavior for disabling users. Valid options are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API will add the user to the configured group for disabled users, if set to 'attribute' this will be done in the ldap user entry, if set to 'none' the disable request is not processed. | attribute |
+`OC_LDAP_DISABLE_USER_MECHANISM` | 1.0.0 | string | An option to control the behavior for disabling users. Supported options are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API will add the user to the configured group for disabled users, if set to 'attribute' this will be done in the ldap user entry, if set to 'none' the disable request is not processed. Default is 'attribute'. | attribute |
 `OC_LDAP_GROUP_BASE_DN` | 1.0.0 | string | Search base DN for looking up LDAP groups. | ou=groups,o=libregraph-idm |
 `OC_LDAP_GROUP_FILTER` | 1.0.0 | string | LDAP filter to add to the default filters for group searches. |  |
 `OC_LDAP_GROUP_OBJECTCLASS` | 1.0.0 | string | The object class to use for groups in the default group search filter ('groupOfNames'). | groupOfNames |
 `OC_LDAP_GROUP_SCHEMA_DISPLAYNAME` | 1.0.0 | string | LDAP Attribute to use for the displayname of groups (often the same as groupname attribute). | cn |
 `OC_LDAP_GROUP_SCHEMA_GROUPNAME` | 1.0.0 | string | LDAP Attribute to use for the name of groups. | cn |
-`OC_LDAP_GROUP_SCHEMA_ID` | 1.0.0 | string | LDAP Attribute to use as the unique id for groups. This should be a stable globally unique id (e.g. a UUID). | openCloudUUID |
-`OC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING` | 1.0.0 | bool | Set this to true if the defined 'id' attribute for groups is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the group IDs. | false |
+`OC_LDAP_GROUP_SCHEMA_ID` | 1.0.0 | string | LDAP Attribute to use as the unique id for groups. This should be a stable globally unique ID like a UUID. | openCloudUUID |
+`OC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING` | 1.0.0 | bool | Set this to true if the defined 'id' attribute for groups is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the group ID's. | false |
 `OC_LDAP_GROUP_SCHEMA_MAIL` | 1.0.0 | string | LDAP Attribute to use for the email address of groups (can be empty). | mail |
 `OC_LDAP_GROUP_SCHEMA_MEMBER` | 1.0.0 | string | LDAP Attribute that is used for group members. | member |
-`OC_LDAP_GROUP_SCOPE` | 1.0.0 | string | LDAP search scope to use when looking up groups. Supported values are 'base', 'one' and 'sub'. | sub |
+`OC_LDAP_GROUP_SCOPE` | 1.0.0 | string | LDAP search scope to use when looking up groups. Supported scopes are 'base', 'one' and 'sub'. | sub |
 `OC_LDAP_INSECURE` | 1.0.0 | bool | Disable TLS certificate validation for the LDAP connections. Do not set this in production environments. | false |
 `OC_LDAP_SERVER_WRITE_ENABLED` | 1.0.0 | bool | Allow creating, modifying and deleting LDAP users via the GRAPH API. This can only be set to 'true' when keeping default settings for the LDAP user and group attribute types (the 'OC_LDAP_USER_SCHEMA_* and 'OC_LDAP_GROUP_SCHEMA_* variables). | true |
 `OC_LDAP_URI` | 1.0.0 | string | URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://' | ldaps://localhost:9235 |
 `OC_LDAP_USER_BASE_DN` | 1.0.0 | string | Search base DN for looking up LDAP users. | ou=users,o=libregraph-idm |
-`OC_LDAP_USER_ENABLED_ATTRIBUTE` | 1.0.0 | string | LDAP attribute to use as a flag telling if the user is enabled or disabled. | openCloudUserEnabled |
+`OC_LDAP_USER_ENABLED_ATTRIBUTE` | 1.0.0 | string | LDAP Attribute to use as a flag telling if the user is enabled or disabled. | openCloudUserEnabled |
 `OC_LDAP_USER_FILTER` | 1.0.0 | string | LDAP filter to add to the default filters for user search like '(objectclass=openCloudUser)'. |  |
 `OC_LDAP_USER_OBJECTCLASS` | 1.0.0 | string | The object class to use for users in the default user search filter ('inetOrgPerson'). | inetOrgPerson |
 `OC_LDAP_USER_SCHEMA_DISPLAYNAME` | 1.0.0 | string | LDAP Attribute to use for the displayname of users. | displayname |
-`OC_LDAP_USER_SCHEMA_ID` | 1.0.0 | string | LDAP Attribute to use as the unique ID for users. This should be a stable globally unique ID like a UUID. | openCloudUUID |
-`OC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING` | 1.0.0 | bool | Set this to true if the defined 'ID' attribute for users is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the user IDs. | false |
+`OC_LDAP_USER_SCHEMA_ID` | 1.0.0 | string | LDAP Attribute to use as the unique id for users. This should be a stable globally unique id like a UUID. | openCloudUUID |
+`OC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING` | 1.0.0 | bool | Set this to true if the defined 'ID' attribute for users is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the user ID's. | false |
 `OC_LDAP_USER_SCHEMA_MAIL` | 1.0.0 | string | LDAP Attribute to use for the email address of users. | mail |
 `OC_LDAP_USER_SCHEMA_TENANT_ID` | 4.0.0 | string | LDAP Attribute to use for the tenant ID of users. This is used to identify the tenant of a user in a multi-tenant environment. |  |
 `OC_LDAP_USER_SCHEMA_USERNAME` | 1.0.0 | string | LDAP Attribute to use for username of users. | uid |
 `OC_LDAP_USER_SCHEMA_USER_TYPE` | 1.0.0 | string | LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default is 'openCloudUserType'. | openCloudUserType |
-`OC_LDAP_USER_SCOPE` | 1.0.0 | string | LDAP search scope to use when looking up users. Supported values are 'base', 'one' and 'sub'. | sub |
-`OC_LOG_COLOR` | 1.0.0 | bool | Activates colorized log output. | false |
-`OC_LOG_FILE` | 1.0.0 | string | The path to the log file. Activates logging to this file if set. |  |
-`OC_LOG_LEVEL` | 1.0.0 | string | The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'. |  |
-`OC_LOG_PRETTY` | 1.0.0 | bool | Activates pretty log output. | false |
-`OC_MACHINE_AUTH_API_KEY` | 1.0.0 | string | Machine auth API key used to validate internal requests necessary to access resources from other services. |  |
-`OC_MAX_CONCURRENCY` | 1.0.0 | int | Maximum number of concurrent go-routines. Higher values can potentially get work done faster but will also cause more load on the system. Values of 0 or below will be ignored and the default value will be used. | 1 |
-`OC_OIDC_ISSUER` | 1.0.0 | string | The identity provider value to set in the userids of the CS3 user objects for users returned by this user provider. | https://localhost:9200 |
+`OC_LDAP_USER_SCOPE` | 1.0.0 | string | LDAP search scope to use when looking up users. Supported scopes are 'base', 'one' and 'sub'. | sub |
+`OC_LOG_LEVEL` | 1.0.0 | string | The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'. | error |
+`OC_MACHINE_AUTH_API_KEY` | 1.0.0 | string | Machine auth API key used to validate internal requests necessary for the access to resources from other services. |  |
+`OC_MAX_CONCURRENCY` | 1.0.0 | int | The maximum number of concurrent requests the service will handle. | 20 |
+`OC_OIDC_ISSUER` | 1.0.0 | string | The identity provider value to set in the group IDs of the CS3 group objects for groups returned by this group provider. | https://localhost:9200 |
 `OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST` | 1.0.0 | string | Path to the 'banned passwords list' file. This only impacts public link password validation. See the documentation for more details. |  |
 `OC_PASSWORD_POLICY_DISABLED` | 1.0.0 | bool | Disable the password policy. Defaults to false if not set. | false |
 `OC_PASSWORD_POLICY_MIN_CHARACTERS` | 1.0.0 | int | Define the minimum password length. Defaults to 8 if not set. | 8 |
@@ -86,28 +83,28 @@
 `OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS` | 1.0.0 | int | Define the minimum number of uppercase letters. Defaults to 1 if not set. | 1 |
 `OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS` | 1.0.0 | int | Define the minimum number of characters from the special characters list to be present. Defaults to 1 if not set. | 1 |
 `OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS` | 1.0.0 | int | Define the minimum number of lowercase letters. Defaults to 1 if not set. | 1 |
-`OC_PERSISTENT_STORE` | 1.0.0 | string | The type of the store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details. | nats-js-kv |
+`OC_PERSISTENT_STORE` | 1.0.0 | string | The type of the store. Supported values are: 'memory', 'nats-js-kv', 'redis-sentinel', 'noop'. See the text description for details. | nats-js-kv |
 `OC_PERSISTENT_STORE_AUTH_PASSWORD` | 1.0.0 | string | The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. |  |
 `OC_PERSISTENT_STORE_AUTH_USERNAME` | 1.0.0 | string | The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. |  |
 `OC_PERSISTENT_STORE_NODES` | 1.0.0 | []string | A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. | [127.0.0.1:9233] |
 `OC_PERSISTENT_STORE_TTL` | 1.0.0 | Duration | Time to live for events in the store. See the Environment Variable Types description for more details. | 0s |
-`OC_REVA_GATEWAY` | 1.0.0 | string | CS3 gateway used to look up user metadata | eu.opencloud.api.gateway |
+`OC_REVA_GATEWAY` | 1.0.0 | string | The CS3 gateway endpoint. | eu.opencloud.api.gateway |
 `OC_SERVICE_ACCOUNT_ID` | 1.0.0 | string | The ID of the service account the service should use. See the 'auth-service' service description for more details. |  |
 `OC_SERVICE_ACCOUNT_SECRET` | 1.0.0 | string | The service account secret. |  |
 `OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD` | 1.0.0 | bool | Set this to true if you want to enforce passwords on all public shares. | true |
-`OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD` | 1.0.0 | bool | Set this to true if you want to enforce passwords on Uploader, Editor or Contributor shares. If not using the global OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD, you must define the FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD (deprecated) in the frontend service. | false |
+`OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD` | 1.0.0 | bool | Set this to true if you want to enforce passwords for writable shares. Only effective if the setting for 'passwords on all public shares' is set to false. | false |
 `OC_SHOW_USER_EMAIL_IN_RESULTS` | 1.0.0 | bool | Include user email addresses in responses. If absent or set to false emails will be omitted from results. Please note that admin users can always see all email addresses. | false |
-`OC_SPACES_MAX_QUOTA` | 1.0.0 | uint64 | Set a global max quota for spaces in bytes. A value of 0 equals unlimited. If not using the global OC_SPACES_MAX_QUOTA, you must define the FRONTEND_MAX_QUOTA in the frontend service. | 0 |
-`OC_SYSTEM_USER_API_KEY` | 1.0.0 | string | API key for the STORAGE-SYSTEM system user. |  |
-`OC_SYSTEM_USER_ID` | 1.0.0 | string | ID of the OpenCloud STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format. |  |
-`OC_SYSTEM_USER_IDP` | 1.0.0 | string | IDP of the OpenCloud STORAGE-SYSTEM system user. | internal |
+`OC_SPACES_MAX_QUOTA` | 1.0.0 | uint64 | Set the global max quota value in bytes. A value of 0 equals unlimited. The value is provided via capabilities. | 0 |
+`OC_SYSTEM_USER_API_KEY` | 4.0.0 | string | API key for the STORAGE-SYSTEM system user. |  |
+`OC_SYSTEM_USER_ID` | 4.0.0 | string | ID of the OpenCloud STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format. |  |
+`OC_SYSTEM_USER_IDP` | 4.0.0 | string | IDP of the OpenCloud STORAGE-SYSTEM system user. | internal |
 `OC_TRANSFER_SECRET` | 1.0.0 | string | The storage transfer secret. |  |
 `OC_TRANSLATION_PATH` | 1.0.0 | string | (optional) Set this to a path with custom translations to overwrite the builtin translations. Note that file and folder naming rules apply, see the documentation for more details. |  |
-`OC_URL` | 1.0.0 | string | The identity provider value to set in the userids of the CS3 user objects for users returned by this user provider. | https://localhost:9200 |
-`OC_WOPI_DISABLE_CHAT` | 1.0.0 | bool | Disable chat in the office web frontend. This feature applies to OnlyOffice and Microsoft. | false |
+`OC_URL` | 1.0.0 | string | The public facing URL of the OpenCloud frontend. | https://localhost:9200 |
+`OC_WOPI_DISABLE_CHAT` | 1.0.0 | bool | Disable the chat functionality of the office app. | false |
 `SEARCH_EVENTS_ACK_WAIT` | 4.0.0 | Duration | The time to wait for an ack before the message is redelivered. This is used to ensure that messages are not lost if the consumer crashes. | 1m0s |
-`SEARCH_EVENTS_MAX_ACK_PENDING` | 4.0.0 | int | The maximum number of unacknowledged messages. This is used to limit the number of messages that can be in flight at the same time. | 10000 |
-`STORAGE_GATEWAY_GRPC_ADDR` | 1.0.0 | string | GRPC address of the STORAGE-SYSTEM service. | eu.opencloud.api.storage-system |
-`STORAGE_GRPC_ADDR` | 1.0.0 | string | GRPC address of the STORAGE-SYSTEM service. | eu.opencloud.api.storage-system |
+`SEARCH_EVENTS_MAX_ACK_PENDING` | 4.0.0 | int | The maximum number of unacknowledged messages. This is used to limit the number of messages that can be in flight at the same time. | 1000 |
+`STORAGE_GATEWAY_GRPC_ADDR` | 4.0.0 | string | GRPC address of the STORAGE-SYSTEM service. | eu.opencloud.api.storage-system |
+`STORAGE_GRPC_ADDR` | 4.0.0 | string | GRPC address of the STORAGE-SYSTEM service. | eu.opencloud.api.storage-system |
 `STORAGE_USERS_ASYNC_PROPAGATOR_PROPAGATION_DELAY` | 1.0.0 | Duration | The delay between a change made to a tree and the propagation start on treesize and treetime. Multiple propagations are computed to a single one. See the Environment Variable Types description for more details. | 0s |
 `STORAGE_USERS_PERMISSION_ENDPOINT` | 1.0.0 | string | Endpoint of the permissions service. The endpoints can differ for 'decomposed' and 'decomposeds3'. | eu.opencloud.api.settings |
\ No newline at end of file
diff --git a/static/env-vars/graph.yaml b/static/env-vars/graph.yaml
index 47c43f10..95eacffa 100644
--- a/static/env-vars/graph.yaml
+++ b/static/env-vars/graph.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: graph.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 cache:
   store: memory
   nodes:
@@ -80,7 +76,7 @@ identity:
   backend: ldap
   ldap:
     uri: ldaps://localhost:9235
-    cacert: /var/lib/opencloud/idm/ldap.crt
+    cacert: /root/.opencloud/idm/ldap.crt
     insecure: false
     bind_dn: uid=libregraph,ou=sysusers,o=libregraph-idm
     bind_password: ""
diff --git a/static/env-vars/graph_configvars.md b/static/env-vars/graph_configvars.md
index 6d208dd8..e69aa0a0 100644
--- a/static/env-vars/graph_configvars.md
+++ b/static/env-vars/graph_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **graph** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`GRAPH_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`GRAPH_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`GRAPH_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`GRAPH_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`GRAPH_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`OC_CACHE_STORE`<br/>`GRAPH_CACHE_STORE`| 1.0.0 |string|`The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details.`|`memory`|
 |`OC_CACHE_STORE_NODES`<br/>`GRAPH_CACHE_STORE_NODES`| 1.0.0 |[]string|`A list of nodes to access the configured store. This has no effect when 'memory' store are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details.`|`[127.0.0.1:9233]`|
 |`GRAPH_CACHE_STORE_DATABASE`| 1.0.0 |string|`The database name the configured store should use.`|`cache-roles`|
@@ -50,7 +47,7 @@ Environment variables for the **graph** service
 |`OC_TRANSLATION_PATH`<br/>`GRAPH_TRANSLATION_PATH`| 1.0.0 |string|`(optional) Set this to a path with custom translations to overwrite the builtin translations. Note that file and folder naming rules apply, see the documentation for more details.`|``|
 |`GRAPH_IDENTITY_BACKEND`| 1.0.0 |string|`The user identity backend to use. Supported backend types are 'ldap' and 'cs3'.`|`ldap`|
 |`OC_LDAP_URI`<br/>`GRAPH_LDAP_URI`| 1.0.0 |string|`URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'`|`ldaps://localhost:9235`|
-|`OC_LDAP_CACERT`<br/>`GRAPH_LDAP_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/var/lib/opencloud/idm/ldap.crt`|
+|`OC_LDAP_CACERT`<br/>`GRAPH_LDAP_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/root/.opencloud/idm/ldap.crt`|
 |`OC_LDAP_INSECURE`<br/>`GRAPH_LDAP_INSECURE`| 1.0.0 |bool|`Disable TLS certificate validation for the LDAP connections. Do not set this in production environments.`|`false`|
 |`OC_LDAP_BIND_DN`<br/>`GRAPH_LDAP_BIND_DN`| 1.0.0 |string|`LDAP DN to use for simple bind authentication with the target LDAP server.`|`uid=libregraph,ou=sysusers,o=libregraph-idm`|
 |`OC_LDAP_BIND_PASSWORD`<br/>`GRAPH_LDAP_BIND_PASSWORD`| 1.0.0 |string|`Password to use for authenticating the 'bind_dn'.`|``|
@@ -92,7 +89,7 @@ Environment variables for the **graph** service
 |`OC_ENABLE_OCM`<br/>`GRAPH_INCLUDE_OCM_SHAREES`| 1.0.0 |bool|`Include OCM sharees when listing users.`|`false`|
 |`OC_EVENTS_ENDPOINT`<br/>`GRAPH_EVENTS_ENDPOINT`| 1.0.0 |string|`The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Set to a empty string to disable emitting events.`|`127.0.0.1:9233`|
 |`OC_EVENTS_CLUSTER`<br/>`GRAPH_EVENTS_CLUSTER`| 1.0.0 |string|`The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.`|`opencloud-cluster`|
-|`OC_INSECURE`<br/>`GRAPH_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
+|`OC_INSECURE`<br/>`OC_EVENTS_TLS_INSECURE`<br/>`GRAPH_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
 |`OC_EVENTS_TLS_ROOT_CA_CERTIFICATE`<br/>`GRAPH_EVENTS_TLS_ROOT_CA_CERTIFICATE`| 1.0.0 |string|`The root CA certificate used to validate the server's TLS certificate. If provided GRAPH_EVENTS_TLS_INSECURE will be seen as false.`|``|
 |`OC_EVENTS_ENABLE_TLS`<br/>`GRAPH_EVENTS_ENABLE_TLS`| 1.0.0 |bool|`Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|`false`|
 |`OC_EVENTS_AUTH_USERNAME`<br/>`GRAPH_EVENTS_AUTH_USERNAME`| 1.0.0 |string|`The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|``|
diff --git a/static/env-vars/graph_readme.md b/static/env-vars/graph_readme.md
old mode 100644
new mode 100755
index e0ce237e..954342bd
--- a/static/env-vars/graph_readme.md
+++ b/static/env-vars/graph_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Graph
-date: 2025-11-27T22:56:02.332815+01:00
+date: 2026-01-13T14:33:04.55913643Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/graph
diff --git a/static/env-vars/groups.yaml b/static/env-vars/groups.yaml
index 52b3a494..eacfc14e 100644
--- a/static/env-vars/groups.yaml
+++ b/static/env-vars/groups.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: groups.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9161
   token: ""
@@ -27,7 +23,7 @@ driver: ldap
 drivers:
   ldap:
     uri: ldaps://localhost:9235
-    ca_cert: /var/lib/opencloud/idm/ldap.crt
+    ca_cert: /root/.opencloud/idm/ldap.crt
     insecure: false
     bind_dn: uid=reva,ou=sysusers,o=libregraph-idm
     bind_password: ""
diff --git a/static/env-vars/groups_configvars.md b/static/env-vars/groups_configvars.md
index 5b889d21..05f49633 100644
--- a/static/env-vars/groups_configvars.md
+++ b/static/env-vars/groups_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **groups** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`GROUPS_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`GROUPS_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`GROUPS_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`GROUPS_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`GROUPS_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`GROUPS_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9161`|
 |`GROUPS_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`GROUPS_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
@@ -19,7 +16,7 @@ Environment variables for the **groups** service
 |`GROUPS_SKIP_USER_GROUPS_IN_TOKEN`| 1.0.0 |bool|`Disables the loading of user's group memberships from the reva access token.`|`false`|
 |`GROUPS_DRIVER`| 1.0.0 |string|`The driver which should be used by the groups service. Supported values are 'ldap' and 'owncloudsql'.`|`ldap`|
 |`OC_LDAP_URI`<br/>`GROUPS_LDAP_URI`| 1.0.0 |string|`URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'`|`ldaps://localhost:9235`|
-|`OC_LDAP_CACERT`<br/>`GROUPS_LDAP_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/var/lib/opencloud/idm/ldap.crt`|
+|`OC_LDAP_CACERT`<br/>`GROUPS_LDAP_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/root/.opencloud/idm/ldap.crt`|
 |`OC_LDAP_INSECURE`<br/>`GROUPS_LDAP_INSECURE`| 1.0.0 |bool|`Disable TLS certificate validation for the LDAP connections. Do not set this in production environments.`|`false`|
 |`OC_LDAP_BIND_DN`<br/>`GROUPS_LDAP_BIND_DN`| 1.0.0 |string|`LDAP DN to use for simple bind authentication with the target LDAP server.`|`uid=reva,ou=sysusers,o=libregraph-idm`|
 |`OC_LDAP_BIND_PASSWORD`<br/>`GROUPS_LDAP_BIND_PASSWORD`| 1.0.0 |string|`Password to use for authenticating the 'bind_dn'.`|``|
diff --git a/static/env-vars/groups_readme.md b/static/env-vars/groups_readme.md
old mode 100644
new mode 100755
index 4c092d6b..2eb70e5b
--- a/static/env-vars/groups_readme.md
+++ b/static/env-vars/groups_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Groups
-date: 2025-11-27T22:56:02.332899+01:00
+date: 2026-01-13T14:33:04.559479218Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/groups
diff --git a/static/env-vars/idm.yaml b/static/env-vars/idm.yaml
index bc5d5a70..22b8db7c 100644
--- a/static/env-vars/idm.yaml
+++ b/static/env-vars/idm.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: idm.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9239
   token: ""
@@ -13,9 +9,9 @@ debug:
   zpages: false
 idm:
   ldaps_addr: 127.0.0.1:9235
-  cert: /var/lib/opencloud/idm/ldap.crt
-  key: /var/lib/opencloud/idm/ldap.key
-  database: /var/lib/opencloud/idm/idm.boltdb
+  cert: /root/.opencloud/idm/ldap.crt
+  key: /root/.opencloud/idm/ldap.key
+  database: /root/.opencloud/idm/idm.boltdb
 create_demo_users: false
 demo_users_issuer_url: https://localhost:9200
 service_user_passwords:
diff --git a/static/env-vars/idm_configvars.md b/static/env-vars/idm_configvars.md
index af0e5596..0c7aacfa 100644
--- a/static/env-vars/idm_configvars.md
+++ b/static/env-vars/idm_configvars.md
@@ -2,18 +2,15 @@ Environment variables for the **idm** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`IDM_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`IDM_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`IDM_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`IDM_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`IDM_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`IDM_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9239`|
 |`IDM_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`IDM_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
 |`IDM_DEBUG_ZPAGES`| 1.0.0 |bool|`Enables zpages, which can be used for collecting and viewing in-memory traces.`|`false`|
 |`IDM_LDAPS_ADDR`| 1.0.0 |string|`Listen address for the LDAPS listener (ip-addr:port).`|`127.0.0.1:9235`|
-|`IDM_LDAPS_CERT`| 1.0.0 |string|`File name of the TLS server certificate for the LDAPS listener. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/var/lib/opencloud/idm/ldap.crt`|
-|`IDM_LDAPS_KEY`| 1.0.0 |string|`File name for the TLS certificate key for the server certificate. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/var/lib/opencloud/idm/ldap.key`|
-|`IDM_DATABASE_PATH`| 1.0.0 |string|`Full path to the IDM backend database. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/var/lib/opencloud/idm/idm.boltdb`|
+|`IDM_LDAPS_CERT`| 1.0.0 |string|`File name of the TLS server certificate for the LDAPS listener. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/root/.opencloud/idm/ldap.crt`|
+|`IDM_LDAPS_KEY`| 1.0.0 |string|`File name for the TLS certificate key for the server certificate. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/root/.opencloud/idm/ldap.key`|
+|`IDM_DATABASE_PATH`| 1.0.0 |string|`Full path to the IDM backend database. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/root/.opencloud/idm/idm.boltdb`|
 |`IDM_CREATE_DEMO_USERS`| 1.0.0 |bool|`Flag to enable or disable the creation of the demo users.`|`false`|
 |`OC_URL`<br/>`OC_OIDC_ISSUER`| 1.0.0 |string|`The OIDC issuer URL to assign to the demo users.`|`https://localhost:9200`|
 |`IDM_ADMIN_PASSWORD`| 1.0.0 |string|`Password to set for the OpenCloud 'admin' user. Either cleartext or an argon2id hash.`|``|
diff --git a/static/env-vars/idm_readme.md b/static/env-vars/idm_readme.md
old mode 100644
new mode 100755
index 684e0f20..90924a72
--- a/static/env-vars/idm_readme.md
+++ b/static/env-vars/idm_readme.md
@@ -1,6 +1,6 @@
 ---
 title: IDM
-date: 2025-11-27T22:56:02.333155+01:00
+date: 2026-01-13T14:33:04.559718896Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/idm
diff --git a/static/env-vars/idp.yaml b/static/env-vars/idp.yaml
index 41e2beca..18419c03 100644
--- a/static/env-vars/idp.yaml
+++ b/static/env-vars/idp.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: idp.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9134
   token: ""
@@ -14,8 +10,8 @@ debug:
 http:
   addr: 127.0.0.1:9130
   root: /
-  tls_cert: /var/lib/opencloud/idp/server.crt
-  tls_key: /var/lib/opencloud/idp/server.key
+  tls_cert: /root/.opencloud/idp/server.crt
+  tls_key: /root/.opencloud/idp/server.key
   tls: false
 reva:
   address: eu.opencloud.api.gateway
@@ -38,7 +34,7 @@ idp:
   allow_scope: []
   allow_client_guests: false
   allow_dynamic_client_registration: false
-  encrypt_secret_file: /var/lib/opencloud/idp/encryption.key
+  encrypt_secret_file: /root/.opencloud/idp/encryption.key
   listen: ""
   identifierdefaultbannerlogo: ""
   default_sign_in_page_text: ""
@@ -48,7 +44,7 @@ idp:
   signing_kid: private-key
   signing_method: PS256
   signing_private_key_files:
-  - /var/lib/opencloud/idp/private-key.pem
+  - /root/.opencloud/idp/private-key.pem
   validation_keys_path: ""
   cookiebackenduri: ""
   cookienames: []
@@ -102,7 +98,7 @@ clients:
   application_type: native
 ldap:
   uri: ldaps://localhost:9235
-  cacert: /var/lib/opencloud/idm/ldap.crt
+  cacert: /root/.opencloud/idm/ldap.crt
   bind_dn: uid=idp,ou=sysusers,o=libregraph-idm
   bind_password: ""
   base_dn: ou=users,o=libregraph-idm
diff --git a/static/env-vars/idp_configvars.md b/static/env-vars/idp_configvars.md
index 053268ad..4c7bb4c2 100644
--- a/static/env-vars/idp_configvars.md
+++ b/static/env-vars/idp_configvars.md
@@ -3,18 +3,15 @@ Environment variables for the **idp** service
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
 |`IDP_PASSWORD_RESET_URI`| 1.0.0 |string|`The URI where a user can reset their password.`|``|
-|`OC_LOG_LEVEL`<br/>`IDP_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`IDP_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`IDP_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`IDP_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`IDP_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`IDP_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9134`|
 |`IDP_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`IDP_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
 |`IDP_DEBUG_ZPAGES`| 1.0.0 |bool|`Enables zpages, which can be used for collecting and viewing in-memory traces.`|`false`|
 |`IDP_HTTP_ADDR`| 1.0.0 |string|`The bind address of the HTTP service.`|`127.0.0.1:9130`|
 |`IDP_HTTP_ROOT`| 1.0.0 |string|`Subdirectory that serves as the root for this HTTP service.`|`/`|
-|`IDP_TRANSPORT_TLS_CERT`| 1.0.0 |string|`Path/File name of the TLS server certificate (in PEM format) for the IDP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idp.`|`/var/lib/opencloud/idp/server.crt`|
-|`IDP_TRANSPORT_TLS_KEY`| 1.0.0 |string|`Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the IDP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idp.`|`/var/lib/opencloud/idp/server.key`|
+|`IDP_TRANSPORT_TLS_CERT`| 1.0.0 |string|`Path/File name of the TLS server certificate (in PEM format) for the IDP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idp.`|`/root/.opencloud/idp/server.crt`|
+|`IDP_TRANSPORT_TLS_KEY`| 1.0.0 |string|`Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the IDP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idp.`|`/root/.opencloud/idp/server.key`|
 |`IDP_TLS`| 1.0.0 |bool|`Disable or Enable HTTPS for the communication between the Proxy service and the IDP service. If set to 'true', the key and cert files need to be configured and present.`|`false`|
 |`OC_REVA_GATEWAY`| 1.0.0 |string|`The CS3 gateway endpoint.`|`eu.opencloud.api.gateway`|
 |`OC_GRPC_CLIENT_TLS_MODE`| 1.0.0 |string|`TLS mode for grpc connection to the go-micro based grpc services. Possible values are 'off', 'insecure' and 'on'. 'off': disables transport security for the clients. 'insecure' allows using transport security, but disables certificate verification (to be used with the autogenerated self-signed certificates). 'on' enables transport security, including server certificate verification.`|``|
@@ -31,19 +28,19 @@ Environment variables for the **idp** service
 |`OC_LDAP_INSECURE`<br/>`IDP_INSECURE`| 1.0.0 |bool|`Disable TLS certificate validation for the LDAP connections. Do not set this in production environments.`|`false`|
 |`IDP_ALLOW_CLIENT_GUESTS`| 1.0.0 |bool|`Allow guest clients to access OpenCloud.`|`false`|
 |`IDP_ALLOW_DYNAMIC_CLIENT_REGISTRATION`| 1.0.0 |bool|`Allow dynamic client registration.`|`false`|
-|`IDP_ENCRYPTION_SECRET_FILE`| 1.0.0 |string|`Path to the encryption secret file, if unset, a new certificate will be autogenerated upon each restart, thus invalidating all existing sessions. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idp.`|`/var/lib/opencloud/idp/encryption.key`|
+|`IDP_ENCRYPTION_SECRET_FILE`| 1.0.0 |string|`Path to the encryption secret file, if unset, a new certificate will be autogenerated upon each restart, thus invalidating all existing sessions. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idp.`|`/root/.opencloud/idp/encryption.key`|
 |`IDP_DEFAULT_SIGNIN_PAGE_TEXT`| 2.0.0 |string|``|``|
 |`IDP_DEFAULT_LOGO_TARGET_URI`| 4.0.0 |string|`Default logo target URI.`|`https://opencloud.eu`|
 |`IDP_SIGNING_KID`| 1.0.0 |string|`Value of the KID (Key ID) field which is used in created tokens to uniquely identify the signing-private-key.`|`private-key`|
 |`IDP_SIGNING_METHOD`| 1.0.0 |string|`Signing method of IDP requests like 'PS256'`|`PS256`|
-|`IDP_SIGNING_PRIVATE_KEY_FILES`| 1.0.0 |[]string|`A list of private key files for signing IDP requests. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idp. See the Environment Variable Types description for more details.`|`[/var/lib/opencloud/idp/private-key.pem]`|
+|`IDP_SIGNING_PRIVATE_KEY_FILES`| 1.0.0 |[]string|`A list of private key files for signing IDP requests. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idp. See the Environment Variable Types description for more details.`|`[/root/.opencloud/idp/private-key.pem]`|
 |`IDP_VALIDATION_KEYS_PATH`| 1.0.0 |string|`Path to validation keys for IDP requests.`|``|
 |`IDP_ACCESS_TOKEN_EXPIRATION`| 1.0.0 |uint64|`'Access token lifespan in seconds (time before an access token is expired).'`|`300`|
 |`IDP_ID_TOKEN_EXPIRATION`| 1.0.0 |uint64|`ID token lifespan in seconds (time before an ID token is expired).`|`300`|
 |`IDP_REFRESH_TOKEN_EXPIRATION`| 1.0.0 |uint64|`Refresh token lifespan in seconds (time before an refresh token is expired). This also limits the duration of an idle offline session.`|`2592000`|
 |`IDP_DYNAMIC_CLIENT_SECRET_DURATION`| 1.0.0 |uint64|`Lifespan in seconds of a dynamically registered OIDC client.`|`0`|
 |`OC_LDAP_URI`<br/>`IDP_LDAP_URI`| 1.0.0 |string|`Url of the LDAP service to use as IDP.`|`ldaps://localhost:9235`|
-|`OC_LDAP_CACERT`<br/>`IDP_LDAP_TLS_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idp.`|`/var/lib/opencloud/idm/ldap.crt`|
+|`OC_LDAP_CACERT`<br/>`IDP_LDAP_TLS_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idp.`|`/root/.opencloud/idm/ldap.crt`|
 |`OC_LDAP_BIND_DN`<br/>`IDP_LDAP_BIND_DN`| 1.0.0 |string|`LDAP DN to use for simple bind authentication with the target LDAP server.`|`uid=idp,ou=sysusers,o=libregraph-idm`|
 |`OC_LDAP_BIND_PASSWORD`<br/>`IDP_LDAP_BIND_PASSWORD`| 1.0.0 |string|`Password to use for authenticating the 'bind_dn'.`|``|
 |`OC_LDAP_USER_BASE_DN`<br/>`IDP_LDAP_BASE_DN`| 1.0.0 |string|`Search base DN for looking up LDAP users.`|`ou=users,o=libregraph-idm`|
diff --git a/static/env-vars/idp_readme.md b/static/env-vars/idp_readme.md
old mode 100644
new mode 100755
index d174da2c..da344943
--- a/static/env-vars/idp_readme.md
+++ b/static/env-vars/idp_readme.md
@@ -1,6 +1,6 @@
 ---
 title: IDP
-date: 2025-11-27T22:56:02.333271+01:00
+date: 2026-01-13T14:33:04.559916035Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/idp
diff --git a/static/env-vars/invitations.yaml b/static/env-vars/invitations.yaml
index a16f88c8..5b61607d 100644
--- a/static/env-vars/invitations.yaml
+++ b/static/env-vars/invitations.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: invitations.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9269
   token: ""
diff --git a/static/env-vars/invitations_configvars.md b/static/env-vars/invitations_configvars.md
index 6933fe38..129434b2 100644
--- a/static/env-vars/invitations_configvars.md
+++ b/static/env-vars/invitations_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **invitations** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`INVITATIONS_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`INVITATIONS_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`INVITATIONS_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`INVITATIONS_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`INVITATIONS_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`INVITATIONS_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9269`|
 |`INVITATIONS_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`INVITATIONS_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
diff --git a/static/env-vars/invitations_readme.md b/static/env-vars/invitations_readme.md
old mode 100644
new mode 100755
index cd90e794..e381629d
--- a/static/env-vars/invitations_readme.md
+++ b/static/env-vars/invitations_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Invitations
-date: 2025-11-27T22:56:02.333362+01:00
+date: 2026-01-13T14:33:04.560083484Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/invitations
diff --git a/static/env-vars/nats.yaml b/static/env-vars/nats.yaml
index 17985208..75c79ef2 100644
--- a/static/env-vars/nats.yaml
+++ b/static/env-vars/nats.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: nats.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9234
   token: ""
@@ -15,8 +11,8 @@ nats:
   host: 127.0.0.1
   port: 9233
   clusterid: opencloud-cluster
-  store_dir: /var/lib/opencloud/nats
-  tls_cert: /var/lib/opencloud/nats/tls.crt
-  tls_key: /var/lib/opencloud/nats/tls.key
+  store_dir: /root/.opencloud/nats
+  tls_cert: /root/.opencloud/nats/tls.crt
+  tls_key: /root/.opencloud/nats/tls.key
   tls_skip_verify_client_cert: false
   enable_tls: false
diff --git a/static/env-vars/nats_configvars.md b/static/env-vars/nats_configvars.md
index c792bf41..7d3f85fc 100644
--- a/static/env-vars/nats_configvars.md
+++ b/static/env-vars/nats_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **nats** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`NATS_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`NATS_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`NATS_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`NATS_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`NATS_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`NATS_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9234`|
 |`NATS_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`NATS_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
@@ -13,8 +10,8 @@ Environment variables for the **nats** service
 |`NATS_NATS_HOST`| 1.0.0 |string|`Bind address.`|`127.0.0.1`|
 |`NATS_NATS_PORT`| 1.0.0 |int|`Bind port.`|`9233`|
 |`NATS_NATS_CLUSTER_ID`| 1.0.0 |string|`ID of the NATS cluster.`|`opencloud-cluster`|
-|`NATS_NATS_STORE_DIR`| 1.0.0 |string|`The directory where the filesystem storage will store NATS JetStream data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/nats.`|`/var/lib/opencloud/nats`|
-|`NATS_TLS_CERT`| 1.0.0 |string|`Path/File name of the TLS server certificate (in PEM format) for the NATS listener. If not defined, the root directory derives from $OC_BASE_DATA_PATH/nats.`|`/var/lib/opencloud/nats/tls.crt`|
-|`NATS_TLS_KEY`| 1.0.0 |string|`Path/File name for the TLS certificate key (in PEM format) for the NATS listener. If not defined, the root directory derives from $OC_BASE_DATA_PATH/nats.`|`/var/lib/opencloud/nats/tls.key`|
+|`NATS_NATS_STORE_DIR`| 1.0.0 |string|`The directory where the filesystem storage will store NATS JetStream data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/nats.`|`/root/.opencloud/nats`|
+|`NATS_TLS_CERT`| 1.0.0 |string|`Path/File name of the TLS server certificate (in PEM format) for the NATS listener. If not defined, the root directory derives from $OC_BASE_DATA_PATH/nats.`|`/root/.opencloud/nats/tls.crt`|
+|`NATS_TLS_KEY`| 1.0.0 |string|`Path/File name for the TLS certificate key (in PEM format) for the NATS listener. If not defined, the root directory derives from $OC_BASE_DATA_PATH/nats.`|`/root/.opencloud/nats/tls.key`|
 |`OC_INSECURE`<br/>`NATS_TLS_SKIP_VERIFY_CLIENT_CERT`| 1.0.0 |bool|`Whether the NATS server should skip the client certificate verification during the TLS handshake.`|`false`|
 |`OC_EVENTS_ENABLE_TLS`<br/>`NATS_EVENTS_ENABLE_TLS`| 1.0.0 |bool|`Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|`false`|
diff --git a/static/env-vars/nats_readme.md b/static/env-vars/nats_readme.md
old mode 100644
new mode 100755
index 045b5608..be9ac060
--- a/static/env-vars/nats_readme.md
+++ b/static/env-vars/nats_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Nats
-date: 2025-11-27T22:56:02.333443+01:00
+date: 2026-01-13T14:33:04.560325763Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/nats
diff --git a/static/env-vars/notifications.yaml b/static/env-vars/notifications.yaml
index 061d5eaa..cc6a0c10 100644
--- a/static/env-vars/notifications.yaml
+++ b/static/env-vars/notifications.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: notifications.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9174
   token: ""
diff --git a/static/env-vars/notifications_configvars.md b/static/env-vars/notifications_configvars.md
index bf8ab298..e49cbe7f 100644
--- a/static/env-vars/notifications_configvars.md
+++ b/static/env-vars/notifications_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **notifications** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`NOTIFICATIONS_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`NOTIFICATIONS_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`NOTIFICATIONS_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`NOTIFICATIONS_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`NOTIFICATIONS_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`NOTIFICATIONS_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9174`|
 |`NOTIFICATIONS_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`NOTIFICATIONS_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
@@ -21,7 +18,7 @@ Environment variables for the **notifications** service
 |`NOTIFICATIONS_SMTP_ENCRYPTION`| 1.0.0 |string|`Encryption method for the SMTP communication. Possible values are 'starttls', 'ssltls' and 'none'.`|`none`|
 |`OC_EVENTS_ENDPOINT`<br/>`NOTIFICATIONS_EVENTS_ENDPOINT`| 1.0.0 |string|`The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.`|`127.0.0.1:9233`|
 |`OC_EVENTS_CLUSTER`<br/>`NOTIFICATIONS_EVENTS_CLUSTER`| 1.0.0 |string|`The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system.`|`opencloud-cluster`|
-|`OC_INSECURE`<br/>`NOTIFICATIONS_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
+|`OC_INSECURE`<br/>`OC_EVENTS_TLS_INSECURE`<br/>`NOTIFICATIONS_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
 |`OC_EVENTS_TLS_ROOT_CA_CERTIFICATE`<br/>`NOTIFICATIONS_EVENTS_TLS_ROOT_CA_CERTIFICATE`| 1.0.0 |string|`The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false.`|``|
 |`OC_EVENTS_ENABLE_TLS`<br/>`NOTIFICATIONS_EVENTS_ENABLE_TLS`| 1.0.0 |bool|`Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|`false`|
 |`OC_EVENTS_AUTH_USERNAME`<br/>`NOTIFICATIONS_EVENTS_AUTH_USERNAME`| 1.0.0 |string|`The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|``|
diff --git a/static/env-vars/notifications_readme.md b/static/env-vars/notifications_readme.md
old mode 100644
new mode 100755
index 80953feb..fc3d1daf
--- a/static/env-vars/notifications_readme.md
+++ b/static/env-vars/notifications_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Notification
-date: 2025-11-27T22:56:02.33353+01:00
+date: 2026-01-13T14:33:04.560616271Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/notifications
diff --git a/static/env-vars/ocm.yaml b/static/env-vars/ocm.yaml
index a30a8968..bb938d87 100644
--- a/static/env-vars/ocm.yaml
+++ b/static/env-vars/ocm.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: ocm.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9281
   token: ""
@@ -87,27 +83,27 @@ ocm_invite_manager:
   driver: json
   drivers:
     json:
-      file: /var/lib/opencloud/storage/ocm/ocminvites.json
+      file: /root/.opencloud/storage/ocm/ocminvites.json
   token_expiration: 24h0m0s
   timeout: 30s
   insecure: false
 ocm_provider_authorizer_driver: json
 ocm_provider_authorizer_drivers:
   json:
-    providers: /etc/opencloud/ocmproviders.json
+    providers: /root/.opencloud/config/ocmproviders.json
 ocm_share_provider:
   driver: json
   drivers:
     json:
-      file: /var/lib/opencloud/storage/ocm/ocmshares.json
+      file: /root/.opencloud/storage/ocm/ocmshares.json
   insecure: false
   webapp_template: ""
 ocm_core:
   driver: json
   drivers:
     json:
-      file: /var/lib/opencloud/storage/ocm/ocmshares.json
+      file: /root/.opencloud/storage/ocm/ocmshares.json
 ocm_storage_provider:
   insecure: false
-  storage_root: /var/lib/opencloud/storage/ocm
+  storage_root: /root/.opencloud/storage/ocm
   data_server_url: http://localhost:9280/data
diff --git a/static/env-vars/ocm_configvars.md b/static/env-vars/ocm_configvars.md
index 1d65d444..23efe28a 100644
--- a/static/env-vars/ocm_configvars.md
+++ b/static/env-vars/ocm_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **ocm** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`OCM_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`OCM_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`OCM_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`OCM_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`OCM_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`OCM_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9281`|
 |`OCM_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`OCM_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
@@ -23,7 +20,7 @@ Environment variables for the **ocm** service
 |`OC_SERVICE_ACCOUNT_SECRET`<br/>`OCM_SERVICE_ACCOUNT_SECRET`| 1.0.0 |string|`The service account secret.`|``|
 |`OC_EVENTS_ENDPOINT`<br/>`OCM_EVENTS_ENDPOINT`| 1.0.0 |string|`The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.`|`127.0.0.1:9233`|
 |`OC_EVENTS_CLUSTER`<br/>`OCM_EVENTS_CLUSTER`| 1.0.0 |string|`The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system.`|`opencloud-cluster`|
-|`OC_INSECURE`<br/>`OCM_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
+|`OC_INSECURE`<br/>`OC_EVENTS_TLS_INSECURE`<br/>`OCM_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
 |`OC_EVENTS_TLS_ROOT_CA_CERTIFICATE`<br/>`OCM_EVENTS_TLS_ROOT_CA_CERTIFICATE`| 1.0.0 |string|`The root CA certificate used to validate the server's TLS certificate. If provided OCM_EVENTS_TLS_INSECURE will be seen as false.`|``|
 |`OC_EVENTS_ENABLE_TLS`<br/>`OCM_EVENTS_ENABLE_TLS`| 1.0.0 |bool|`Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|`false`|
 |`OC_EVENTS_AUTH_USERNAME`<br/>`OCM_EVENTS_AUTH_USERNAME`| 1.0.0 |string|`The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|``|
@@ -39,18 +36,18 @@ Environment variables for the **ocm** service
 |`OCM_DIRECTORY_SERVICE_URLS`| 3.5.0 |string|`Space delimited URLs of the directory services.`|``|
 |`OCM_INVITE_ACCEPT_DIALOG`| 3.5.0 |string|`/open-cloud-mesh/accept-invite;The frontend URL where to land when receiving an invitation`|`/open-cloud-mesh/accept-invite`|
 |`OCM_OCM_INVITE_MANAGER_DRIVER`| 1.0.0 |string|`Driver to be used to persist OCM invites. Supported value is only 'json'.`|`json`|
-|`OCM_OCM_INVITE_MANAGER_JSON_FILE`| 1.0.0 |string|`Path to the JSON file where OCM invite data will be stored. This file is maintained by the instance and must not be changed manually. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/ocm.`|`/var/lib/opencloud/storage/ocm/ocminvites.json`|
+|`OCM_OCM_INVITE_MANAGER_JSON_FILE`| 1.0.0 |string|`Path to the JSON file where OCM invite data will be stored. This file is maintained by the instance and must not be changed manually. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/ocm.`|`/root/.opencloud/storage/ocm/ocminvites.json`|
 |`OCM_OCM_INVITE_MANAGER_TOKEN_EXPIRATION`| 1.0.0 |Duration|`Expiry duration for invite tokens.`|`24h0m0s`|
 |`OCM_OCM_INVITE_MANAGER_TIMEOUT`| 1.0.0 |Duration|`Timeout specifies a time limit for requests made to OCM endpoints.`|`30s`|
 |`OCM_OCM_INVITE_MANAGER_INSECURE`| 1.0.0 |bool|`Disable TLS certificate validation for the OCM connections. Do not set this in production environments.`|`false`|
 |`SHARING_OCM_PROVIDER_AUTHORIZER_DRIVER`| 1.0.0 |string|`Driver to be used to persist ocm invites. Supported value is only 'json'.`|`json`|
-|`OCM_OCM_PROVIDER_AUTHORIZER_PROVIDERS_FILE`| 1.0.0 |string|`Path to the JSON file where ocm invite data will be stored. Defaults to $OC_CONFIG_DIR/ocmproviders.json.`|`/etc/opencloud/ocmproviders.json`|
+|`OCM_OCM_PROVIDER_AUTHORIZER_PROVIDERS_FILE`| 1.0.0 |string|`Path to the JSON file where ocm invite data will be stored. Defaults to $OC_CONFIG_DIR/ocmproviders.json.`|`/root/.opencloud/config/ocmproviders.json`|
 |`OCM_OCM_SHARE_PROVIDER_DRIVER`| 1.0.0 |string|`Driver to be used for the OCM share provider. Supported value is only 'json'.`|`json`|
-|`OCM_OCM_SHAREPROVIDER_JSON_FILE`| 1.0.0 |string|`Path to the JSON file where OCM share data will be stored. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage.`|`/var/lib/opencloud/storage/ocm/ocmshares.json`|
+|`OCM_OCM_SHAREPROVIDER_JSON_FILE`| 1.0.0 |string|`Path to the JSON file where OCM share data will be stored. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage.`|`/root/.opencloud/storage/ocm/ocmshares.json`|
 |`OCM_OCM_SHARE_PROVIDER_INSECURE`| 1.0.0 |bool|`Disable TLS certificate validation for the OCM connections. Do not set this in production environments.`|`false`|
 |`OCM_WEBAPP_TEMPLATE`| 1.0.0 |string|`Template for the webapp url.`|``|
 |`OCM_OCM_CORE_DRIVER`| 1.0.0 |string|`Driver to be used for the OCM core. Supported value is only 'json'.`|`json`|
-|`OCM_OCM_CORE_JSON_FILE`| 1.0.0 |string|`Path to the JSON file where OCM share data will be stored. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage.`|`/var/lib/opencloud/storage/ocm/ocmshares.json`|
+|`OCM_OCM_CORE_JSON_FILE`| 1.0.0 |string|`Path to the JSON file where OCM share data will be stored. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage.`|`/root/.opencloud/storage/ocm/ocmshares.json`|
 |`OCM_OCM_STORAGE_PROVIDER_INSECURE`| 1.0.0 |bool|`Disable TLS certificate validation for the OCM connections. Do not set this in production environments.`|`false`|
-|`OCM_OCM_STORAGE_PROVIDER_STORAGE_ROOT`| 1.0.0 |string|`Directory where the ocm storage provider persists its data like tus upload info files.`|`/var/lib/opencloud/storage/ocm`|
+|`OCM_OCM_STORAGE_PROVIDER_STORAGE_ROOT`| 1.0.0 |string|`Directory where the ocm storage provider persists its data like tus upload info files.`|`/root/.opencloud/storage/ocm`|
 |`OCM_OCM_STORAGE_DATA_SERVER_URL`| 1.0.0 |string|`URL of the data server, needs to be reachable by the data gateway provided by the frontend service or the user if directly exposed.`|`http://localhost:9280/data`|
diff --git a/static/env-vars/ocm_readme.md b/static/env-vars/ocm_readme.md
old mode 100644
new mode 100755
index 4910053b..fee34a7f
--- a/static/env-vars/ocm_readme.md
+++ b/static/env-vars/ocm_readme.md
@@ -1,6 +1,6 @@
 ---
 title: OCM
-date: 2025-11-27T22:56:02.333689+01:00
+date: 2026-01-13T14:33:04.560907459Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/ocm
diff --git a/static/env-vars/ocs.yaml b/static/env-vars/ocs.yaml
index 9bfbe275..a91a765f 100644
--- a/static/env-vars/ocs.yaml
+++ b/static/env-vars/ocs.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: ocs.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9114
   token: ""
diff --git a/static/env-vars/ocs_configvars.md b/static/env-vars/ocs_configvars.md
index acd077d8..64367371 100644
--- a/static/env-vars/ocs_configvars.md
+++ b/static/env-vars/ocs_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **ocs** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`OCS_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`OCS_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`OCS_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`OCS_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`OCS_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`OCS_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9114`|
 |`OCS_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`OCS_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
diff --git a/static/env-vars/ocs_readme.md b/static/env-vars/ocs_readme.md
old mode 100644
new mode 100755
index fdb66cea..50c920d0
--- a/static/env-vars/ocs_readme.md
+++ b/static/env-vars/ocs_readme.md
@@ -1,6 +1,6 @@
 ---
 title: OCS Service
-date: 2025-11-27T22:56:02.333791+01:00
+date: 2026-01-13T14:33:04.561137388Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/ocs
diff --git a/static/env-vars/policies.yaml b/static/env-vars/policies.yaml
index 9e7866a9..3f29546c 100644
--- a/static/env-vars/policies.yaml
+++ b/static/env-vars/policies.yaml
@@ -18,11 +18,7 @@ events:
   username: ""
   password: ""
 grpc_client_tls: null
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 engine:
   timeout: 10s
   policies: []
diff --git a/static/env-vars/policies_configvars.md b/static/env-vars/policies_configvars.md
index f0cdb8a3..a2db9872 100644
--- a/static/env-vars/policies_configvars.md
+++ b/static/env-vars/policies_configvars.md
@@ -9,15 +9,12 @@ Environment variables for the **policies** service
 |`POLICIES_DEBUG_ZPAGES`| 1.0.0 |bool|`Enables zpages, which can be used for collecting and viewing in-memory traces.`|`false`|
 |`OC_EVENTS_ENDPOINT`<br/>`POLICIES_EVENTS_ENDPOINT`| 1.0.0 |string|`The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.`|`127.0.0.1:9233`|
 |`OC_EVENTS_CLUSTER`<br/>`POLICIES_EVENTS_CLUSTER`| 1.0.0 |string|`The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system.`|`opencloud-cluster`|
-|`OC_INSECURE`<br/>`POLICIES_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether the server should skip the client certificate verification during the TLS handshake.`|`false`|
+|`OC_INSECURE`<br/>`OC_EVENTS_TLS_INSECURE`<br/>`POLICIES_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether the server should skip the client certificate verification during the TLS handshake.`|`false`|
 |`OC_EVENTS_TLS_ROOT_CA_CERTIFICATE`<br/>`POLICIES_EVENTS_TLS_ROOT_CA_CERTIFICATE`| 1.0.0 |string|`The root CA certificate used to validate the server's TLS certificate. If provided POLICIES_EVENTS_TLS_INSECURE will be seen as false.`|``|
 |`OC_EVENTS_ENABLE_TLS`<br/>`POLICIES_EVENTS_ENABLE_TLS`| 1.0.0 |bool|`Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|`false`|
 |`OC_EVENTS_AUTH_USERNAME`<br/>`POLICIES_EVENTS_AUTH_USERNAME`| 1.0.0 |string|`The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|``|
 |`OC_EVENTS_AUTH_PASSWORD`<br/>`POLICIES_EVENTS_AUTH_PASSWORD`| 1.0.0 |string|`The password to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|``|
-|`OC_LOG_LEVEL`<br/>`POLICIES_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`POLICIES_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`POLICIES_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`POLICIES_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`POLICIES_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`POLICIES_ENGINE_TIMEOUT`| 1.0.0 |Duration|`Sets the timeout the rego expression evaluation can take. Rules default to deny if the timeout was reached. See the Environment Variable Types description for more details.`|`10s`|
 |`POLICIES_ENGINE_MIMES`| 1.0.0 |string|`Sets the mimes file path which maps mimetypes to associated file extensions. See the text description for details.`|``|
 |`POLICIES_POSTPROCESSING_QUERY`| 1.0.0 |string|`Defines the 'Complete Rules' variable defined in the rego rule set this step uses for its evaluation. Defaults to deny if the variable was not found.`|``|
diff --git a/static/env-vars/policies_readme.md b/static/env-vars/policies_readme.md
old mode 100644
new mode 100755
index 6b35fd49..47786f27
--- a/static/env-vars/policies_readme.md
+++ b/static/env-vars/policies_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Policies
-date: 2025-11-27T22:56:02.33387+01:00
+date: 2026-01-13T14:33:04.561366978Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/policies
@@ -193,5 +193,5 @@ A good example of how such a file should be formatted can be found in the [Apach
 
 ## Example Policies
 
-The policies service contains a set of preconfigured example policies. See the [deployment examples](https://github.com/opencloud-eu/opencloud/tree/main/deployments/examples) directory for details. The contained policies disallow OpenCloud to create certain file types, both via the proxy middleware and the events service via postprocessing.
+The policies service contains a set of preconfigured example policies. See the [devtools policie](https://github.com/opencloud-eu/opencloud/tree/main/devtools/deployments/service_policies/policies/) directory for details. The contained policies disallow OpenCloud to create certain file types, both via the proxy middleware and the events service via postprocessing.
 
diff --git a/static/env-vars/postprocessing.yaml b/static/env-vars/postprocessing.yaml
index 93e70c12..521a3d05 100644
--- a/static/env-vars/postprocessing.yaml
+++ b/static/env-vars/postprocessing.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: postprocessing.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9255
   token: ""
diff --git a/static/env-vars/postprocessing_configvars.md b/static/env-vars/postprocessing_configvars.md
index aa6a1077..3f3e83f3 100644
--- a/static/env-vars/postprocessing_configvars.md
+++ b/static/env-vars/postprocessing_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **postprocessing** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`POSTPROCESSING_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`POSTPROCESSING_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`POSTPROCESSING_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`POSTPROCESSING_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`POSTPROCESSING_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`POSTPROCESSING_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9255`|
 |`POSTPROCESSING_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`POSTPROCESSING_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
@@ -19,7 +16,7 @@ Environment variables for the **postprocessing** service
 |`OC_PERSISTENT_STORE_AUTH_PASSWORD`<br/>`POSTPROCESSING_STORE_AUTH_PASSWORD`| 1.0.0 |string|`The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured.`|``|
 |`OC_EVENTS_ENDPOINT`<br/>`POSTPROCESSING_EVENTS_ENDPOINT`| 1.0.0 |string|`The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.`|`127.0.0.1:9233`|
 |`OC_EVENTS_CLUSTER`<br/>`POSTPROCESSING_EVENTS_CLUSTER`| 1.0.0 |string|`The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system.`|`opencloud-cluster`|
-|`OC_INSECURE`<br/>`POSTPROCESSING_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether the OpenCloud server should skip the client certificate verification during the TLS handshake.`|`false`|
+|`OC_INSECURE`<br/>`OC_EVENTS_TLS_INSECURE`<br/>`POSTPROCESSING_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether the OpenCloud server should skip the client certificate verification during the TLS handshake.`|`false`|
 |`OC_EVENTS_TLS_ROOT_CA_CERTIFICATE`<br/>`POSTPROCESSING_EVENTS_TLS_ROOT_CA_CERTIFICATE`| 1.0.0 |string|`The root CA certificate used to validate the server's TLS certificate. If provided POSTPROCESSING_EVENTS_TLS_INSECURE will be seen as false.`|``|
 |`OC_EVENTS_ENABLE_TLS`<br/>`POSTPROCESSING_EVENTS_ENABLE_TLS`| 1.0.0 |bool|`Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|`false`|
 |`OC_EVENTS_AUTH_USERNAME`<br/>`POSTPROCESSING_EVENTS_AUTH_USERNAME`| 1.0.0 |string|`The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|``|
diff --git a/static/env-vars/postprocessing_readme.md b/static/env-vars/postprocessing_readme.md
old mode 100644
new mode 100755
index 79e58d02..e03f24d0
--- a/static/env-vars/postprocessing_readme.md
+++ b/static/env-vars/postprocessing_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Postprocessing
-date: 2025-11-27T22:56:02.333978+01:00
+date: 2026-01-13T14:33:04.561726935Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/postprocessing
diff --git a/static/env-vars/proxy.yaml b/static/env-vars/proxy.yaml
index d4763bfe..c76e79e0 100644
--- a/static/env-vars/proxy.yaml
+++ b/static/env-vars/proxy.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: proxy.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9205
   token: ""
@@ -14,8 +10,8 @@ debug:
 http:
   addr: 0.0.0.0:9200
   root: /
-  tls_cert: /var/lib/opencloud/proxy/server.crt
-  tls_key: /var/lib/opencloud/proxy/server.key
+  tls_cert: /root/.opencloud/proxy/server.crt
+  tls_key: /root/.opencloud/proxy/server.key
   tls: true
 reva:
   address: eu.opencloud.api.gateway
@@ -107,27 +103,27 @@ policies:
     service: eu.opencloud.web.webdav
     skip_x_access_token: false
   - endpoint: /remote.php/
-    service: eu.opencloud.web.ocdav
+    service: eu.opencloud.web.frontend
     skip_x_access_token: false
   - endpoint: /dav/
-    service: eu.opencloud.web.ocdav
+    service: eu.opencloud.web.frontend
     skip_x_access_token: false
   - endpoint: /webdav/
-    service: eu.opencloud.web.ocdav
+    service: eu.opencloud.web.frontend
     skip_x_access_token: false
   - endpoint: /status
-    service: eu.opencloud.web.ocdav
+    service: eu.opencloud.web.frontend
     unprotected: true
     skip_x_access_token: false
   - endpoint: /status.php
-    service: eu.opencloud.web.ocdav
+    service: eu.opencloud.web.frontend
     unprotected: true
     skip_x_access_token: false
   - endpoint: /index.php/
-    service: eu.opencloud.web.ocdav
+    service: eu.opencloud.web.frontend
     skip_x_access_token: false
   - endpoint: /apps/
-    service: eu.opencloud.web.ocdav
+    service: eu.opencloud.web.frontend
     skip_x_access_token: false
   - endpoint: /data
     service: eu.opencloud.web.frontend
diff --git a/static/env-vars/proxy_configvars.md b/static/env-vars/proxy_configvars.md
index f55923ef..91e5e516 100644
--- a/static/env-vars/proxy_configvars.md
+++ b/static/env-vars/proxy_configvars.md
@@ -2,19 +2,16 @@ Environment variables for the **proxy** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`PROXY_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`PROXY_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`PROXY_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`PROXY_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`PROXY_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`PROXY_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9205`|
 |`PROXY_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`PROXY_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
 |`PROXY_DEBUG_ZPAGES`| 1.0.0 |bool|`Enables zpages, which can be used for collecting and viewing in-memory traces.`|`false`|
 |`PROXY_HTTP_ADDR`| 1.0.0 |string|`The bind address of the HTTP service.`|`0.0.0.0:9200`|
 |`PROXY_HTTP_ROOT`| 1.0.0 |string|`Subdirectory that serves as the root for this HTTP service.`|`/`|
-|`PROXY_TRANSPORT_TLS_CERT`| 1.0.0 |string|`Path/File name of the TLS server certificate (in PEM format) for the external http services. If not defined, the root directory derives from $OC_BASE_DATA_PATH/proxy.`|`/var/lib/opencloud/proxy/server.crt`|
-|`PROXY_TRANSPORT_TLS_KEY`| 1.0.0 |string|`Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the external http services. If not defined, the root directory derives from $OC_BASE_DATA_PATH/proxy.`|`/var/lib/opencloud/proxy/server.key`|
-|`PROXY_TLS`| 1.0.0 |bool|`Enable/Disable HTTPS for external HTTP services. Must be set to 'true' if the built-in IDP service an no reverse proxy is used. See the text description for details.`|`true`|
+|`PROXY_TRANSPORT_TLS_CERT`| 1.0.0 |string|`Path/File name of the TLS server certificate (in PEM format) for the external http services. If not defined, the root directory derives from $OC_BASE_DATA_PATH/proxy.`|`/root/.opencloud/proxy/server.crt`|
+|`PROXY_TRANSPORT_TLS_KEY`| 1.0.0 |string|`Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the external http services. If not defined, the root directory derives from $OC_BASE_DATA_PATH/proxy.`|`/root/.opencloud/proxy/server.key`|
+|`PROXY_TLS`| 1.0.0 |bool|`Enable/Disable HTTPS for external HTTP services. Must be set to 'true' if the built-in IDP service and no reverse proxy is used. See the text description for details.`|`true`|
 |`OC_REVA_GATEWAY`| 1.0.0 |string|`The CS3 gateway endpoint.`|`eu.opencloud.api.gateway`|
 |`OC_GRPC_CLIENT_TLS_MODE`| 1.0.0 |string|`TLS mode for grpc connection to the go-micro based grpc services. Possible values are 'off', 'insecure' and 'on'. 'off': disables transport security for the clients. 'insecure' allows using transport security, but disables certificate verification (to be used with the autogenerated self-signed certificates). 'on' enables transport security, including server certificate verification.`|``|
 |`OC_GRPC_CLIENT_TLS_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the go-micro based grpc services.`|``|
@@ -64,7 +61,7 @@ Environment variables for the **proxy** service
 |`PROXY_CSP_CONFIG_FILE_OVERRIDE_LOCATION`| 4.0.0 |string|`The location of the CSP configuration file override.`|``|
 |`OC_EVENTS_ENDPOINT`<br/>`PROXY_EVENTS_ENDPOINT`| 1.0.0 |string|`The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Set to a empty string to disable emitting events.`|`127.0.0.1:9233`|
 |`OC_EVENTS_CLUSTER`<br/>`PROXY_EVENTS_CLUSTER`| 1.0.0 |string|`The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.`|`opencloud-cluster`|
-|`OC_INSECURE`<br/>`PROXY_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
+|`OC_INSECURE`<br/>`OC_EVENTS_TLS_INSECURE`<br/>`PROXY_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
 |`OC_EVENTS_TLS_ROOT_CA_CERTIFICATE`<br/>`PROXY_EVENTS_TLS_ROOT_CA_CERTIFICATE`| 1.0.0 |string|`The root CA certificate used to validate the server's TLS certificate. If provided PROXY_EVENTS_TLS_INSECURE will be seen as false.`|``|
 |`OC_EVENTS_ENABLE_TLS`<br/>`PROXY_EVENTS_ENABLE_TLS`| 1.0.0 |bool|`Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|`false`|
 |`OC_EVENTS_AUTH_USERNAME`<br/>`PROXY_EVENTS_AUTH_USERNAME`| 1.0.0 |string|`The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|``|
diff --git a/static/env-vars/proxy_readme.md b/static/env-vars/proxy_readme.md
old mode 100644
new mode 100755
index 0c1101b0..0071ba87
--- a/static/env-vars/proxy_readme.md
+++ b/static/env-vars/proxy_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Proxy
-date: 2025-11-27T22:56:02.334185+01:00
+date: 2026-01-13T14:33:04.562157222Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/proxy
@@ -65,7 +65,7 @@ policies:
       - endpoint: /
         service: eu.opencloud.web.web
       - endpoint: /dav/
-        service: eu.opencloud.web.ocdav
+        service: eu.opencloud.web.frontend
 ```
 
 For adding _additional_ routes to the default routes use:
diff --git a/static/env-vars/search.yaml b/static/env-vars/search.yaml
index 3a778873..aeb17def 100644
--- a/static/env-vars/search.yaml
+++ b/static/env-vars/search.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: search.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9224
   token: ""
@@ -40,7 +36,7 @@ events:
 engine:
   type: bleve
   bleve:
-    data_path: /var/lib/opencloud/search
+    data_path: /root/.opencloud/search
   open_search:
     client:
       addresses: []
diff --git a/static/env-vars/search_configvars.md b/static/env-vars/search_configvars.md
index 82af749f..e2f72ae1 100644
--- a/static/env-vars/search_configvars.md
+++ b/static/env-vars/search_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **search** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`SEARCH_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`SEARCH_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`SEARCH_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`SEARCH_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`SEARCH_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`SEARCH_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9224`|
 |`SEARCH_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`SEARCH_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
@@ -22,7 +19,7 @@ Environment variables for the **search** service
 |`OC_ASYNC_UPLOADS`<br/>`SEARCH_EVENTS_ASYNC_UPLOADS`| 1.0.0 |bool|`Enable asynchronous file uploads.`|`true`|
 |`SEARCH_EVENTS_NUM_CONSUMERS`| 1.0.0 |int|`The amount of concurrent event consumers to start. Event consumers are used for searching files. Multiple consumers increase parallelisation, but will also increase CPU and memory demands.`|`1`|
 |`SEARCH_EVENTS_REINDEX_DEBOUNCE_DURATION`| 1.0.0 |int|`The duration in milliseconds the reindex debouncer waits before triggering a reindex of a space that was modified.`|`1000`|
-|`OC_INSECURE`<br/>`SEARCH_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
+|`OC_INSECURE`<br/>`OC_EVENTS_TLS_INSECURE`<br/>`SEARCH_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
 |`OC_EVENTS_TLS_ROOT_CA_CERTIFICATE`<br/>`SEARCH_EVENTS_TLS_ROOT_CA_CERTIFICATE`| 1.0.0 |string|`The root CA certificate used to validate the server's TLS certificate. If provided SEARCH_EVENTS_TLS_INSECURE will be seen as false.`|``|
 |`OC_EVENTS_ENABLE_TLS`<br/>`SEARCH_EVENTS_ENABLE_TLS`| 1.0.0 |bool|`Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|`false`|
 |`OC_EVENTS_AUTH_USERNAME`<br/>`SEARCH_EVENTS_AUTH_USERNAME`| 1.0.0 |string|`The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|``|
@@ -30,7 +27,7 @@ Environment variables for the **search** service
 |`SEARCH_EVENTS_MAX_ACK_PENDING`| 4.0.0 |int|`The maximum number of unacknowledged messages. This is used to limit the number of messages that can be in flight at the same time.`|`1000`|
 |`SEARCH_EVENTS_ACK_WAIT`| 4.0.0 |Duration|`The time to wait for an ack before the message is redelivered. This is used to ensure that messages are not lost if the consumer crashes.`|`1m0s`|
 |`SEARCH_ENGINE_TYPE`| 1.0.0 |string|`Defines which search engine to use. Defaults to 'bleve'. Supported values are: 'bleve'.`|`bleve`|
-|`SEARCH_ENGINE_BLEVE_DATA_PATH`| 1.0.0 |string|`The directory where the filesystem will store search data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/search.`|`/var/lib/opencloud/search`|
+|`SEARCH_ENGINE_BLEVE_DATA_PATH`| 1.0.0 |string|`The directory where the filesystem will store search data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/search.`|`/root/.opencloud/search`|
 |`SEARCH_ENGINE_OPEN_SEARCH_CLIENT_ADDRESSES`| 4.0.0 |[]string|`The addresses of the OpenSearch nodes..`|`[]`|
 |`SEARCH_ENGINE_OPEN_SEARCH_CLIENT_USERNAME`| 4.0.0 |string|`Username for HTTP Basic Authentication.`|``|
 |`SEARCH_ENGINE_OPEN_SEARCH_CLIENT_PASSWORD`| 4.0.0 |string|`Password for HTTP Basic Authentication.`|``|
diff --git a/static/env-vars/search_readme.md b/static/env-vars/search_readme.md
old mode 100644
new mode 100755
index c5eb90f8..97deb9ca
--- a/static/env-vars/search_readme.md
+++ b/static/env-vars/search_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Search
-date: 2025-11-27T22:56:02.334322+01:00
+date: 2026-01-13T14:33:04.56262602Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/search
diff --git a/static/env-vars/settings.yaml b/static/env-vars/settings.yaml
index 41ab10a6..8eed1467 100644
--- a/static/env-vars/settings.yaml
+++ b/static/env-vars/settings.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: settings.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9194
   token: ""
diff --git a/static/env-vars/settings_configvars.md b/static/env-vars/settings_configvars.md
index 11531d2c..2c690dbe 100644
--- a/static/env-vars/settings_configvars.md
+++ b/static/env-vars/settings_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **settings** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`SETTINGS_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`SETTINGS_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`SETTINGS_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`SETTINGS_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`SETTINGS_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`SETTINGS_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9194`|
 |`SETTINGS_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`SETTINGS_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
diff --git a/static/env-vars/settings_readme.md b/static/env-vars/settings_readme.md
old mode 100644
new mode 100755
index fca4650e..22b7ffe0
--- a/static/env-vars/settings_readme.md
+++ b/static/env-vars/settings_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Settings
-date: 2025-11-27T22:56:02.334436+01:00
+date: 2026-01-13T14:33:04.562999328Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/settings
diff --git a/static/env-vars/sharing.yaml b/static/env-vars/sharing.yaml
index f0fcbc02..d88a612c 100644
--- a/static/env-vars/sharing.yaml
+++ b/static/env-vars/sharing.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: sharing.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9151
   token: ""
@@ -41,7 +37,7 @@ user_sharing_drivers:
     cache_ttl: 0
     max_concurrency: 1
   json:
-    file: /var/lib/opencloud/storage/shares.json
+    file: /root/.opencloud/storage/shares.json
   cs3:
     provider_addr: eu.opencloud.api.storage-system
     system_user_id: ""
@@ -57,7 +53,7 @@ user_sharing_drivers:
 public_sharing_driver: jsoncs3
 public_sharing_drivers:
   json:
-    file: /var/lib/opencloud/storage/publicshares.json
+    file: /root/.opencloud/storage/publicshares.json
   jsoncs3:
     provider_addr: eu.opencloud.api.storage-system
     system_user_id: ""
diff --git a/static/env-vars/sharing_configvars.md b/static/env-vars/sharing_configvars.md
index c08c3da4..d27185d3 100644
--- a/static/env-vars/sharing_configvars.md
+++ b/static/env-vars/sharing_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **sharing** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`SHARING_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`SHARING_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`SHARING_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`SHARING_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`SHARING_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`SHARING_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9151`|
 |`SHARING_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`SHARING_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
@@ -18,7 +15,7 @@ Environment variables for the **sharing** service
 |`OC_GRPC_CLIENT_TLS_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the go-micro based grpc services.`|``|
 |`OC_EVENTS_ENDPOINT`<br/>`SHARING_EVENTS_ENDPOINT`| 1.0.0 |string|`The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.`|`127.0.0.1:9233`|
 |`OC_EVENTS_CLUSTER`<br/>`SHARING_EVENTS_CLUSTER`| 1.0.0 |string|`The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system.`|`opencloud-cluster`|
-|`OC_INSECURE`<br/>`SHARING_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
+|`OC_INSECURE`<br/>`OC_EVENTS_TLS_INSECURE`<br/>`SHARING_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
 |`OC_EVENTS_TLS_ROOT_CA_CERTIFICATE`<br/>`SHARING_EVENTS_TLS_ROOT_CA_CERTIFICATE`| 1.0.0 |string|`The root CA certificate used to validate the server's TLS certificate. If provided SHARING_EVENTS_TLS_INSECURE will be seen as false.`|``|
 |`OC_EVENTS_ENABLE_TLS`<br/>`SHARING_EVENTS_ENABLE_TLS`| 1.0.0 |bool|`Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|`false`|
 |`OC_EVENTS_AUTH_USERNAME`<br/>`SHARING_EVENTS_AUTH_USERNAME`| 1.0.0 |string|`Username for the events broker.`|``|
@@ -31,7 +28,7 @@ Environment variables for the **sharing** service
 |`OC_SYSTEM_USER_API_KEY`<br/>`SHARING_USER_JSONCS3_SYSTEM_USER_API_KEY`| 1.0.0 |string|`API key for the STORAGE-SYSTEM system user.`|``|
 |`SHARING_USER_JSONCS3_CACHE_TTL`| 1.0.0 |int|`TTL for the internal caches in seconds.`|`0`|
 |`OC_MAX_CONCURRENCY`<br/>`SHARING_USER_JSONCS3_MAX_CONCURRENCY`| 1.0.0 |int|`Maximum number of concurrent go-routines. Higher values can potentially get work done faster but will also cause more load on the system. Values of 0 or below will be ignored and the default value will be used.`|`1`|
-|`SHARING_USER_JSON_FILE`| 1.0.0 |string|`Path to the JSON file where shares will be persisted. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage.`|`/var/lib/opencloud/storage/shares.json`|
+|`SHARING_USER_JSON_FILE`| 1.0.0 |string|`Path to the JSON file where shares will be persisted. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage.`|`/root/.opencloud/storage/shares.json`|
 |`SHARING_USER_CS3_PROVIDER_ADDR`| 1.0.0 |string|`GRPC address of the STORAGE-SYSTEM service.`|`eu.opencloud.api.storage-system`|
 |`OC_SYSTEM_USER_ID`<br/>`SHARING_USER_CS3_SYSTEM_USER_ID`| 1.0.0 |string|`ID of the OpenCloud STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format.`|``|
 |`OC_SYSTEM_USER_IDP`<br/>`SHARING_USER_CS3_SYSTEM_USER_IDP`| 1.0.0 |string|`IDP of the OpenCloud STORAGE-SYSTEM system user.`|`internal`|
@@ -43,7 +40,7 @@ Environment variables for the **sharing** service
 |`SHARING_USER_OWNCLOUDSQL_DB_NAME`| 1.0.0 |string|`Name of the database to be used.`|`owncloud`|
 |`SHARING_USER_OWNCLOUDSQL_USER_STORAGE_MOUNT_ID`| 1.0.0 |string|`Mount ID of the ownCloudSQL users storage for mapping ownCloud 10 shares.`|``|
 |`SHARING_PUBLIC_DRIVER`| 1.0.0 |string|`Driver to be used to persist public shares. Supported values are 'jsoncs3', 'json' and 'cs3' (deprecated).`|`jsoncs3`|
-|`SHARING_PUBLIC_JSON_FILE`| 1.0.0 |string|`Path to the JSON file where public share meta-data will be stored. This JSON file contains the information about public shares that have been created. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage.`|`/var/lib/opencloud/storage/publicshares.json`|
+|`SHARING_PUBLIC_JSON_FILE`| 1.0.0 |string|`Path to the JSON file where public share meta-data will be stored. This JSON file contains the information about public shares that have been created. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage.`|`/root/.opencloud/storage/publicshares.json`|
 |`SHARING_PUBLIC_JSONCS3_PROVIDER_ADDR`| 1.0.0 |string|`GRPC address of the STORAGE-SYSTEM service.`|`eu.opencloud.api.storage-system`|
 |`OC_SYSTEM_USER_ID`<br/>`SHARING_PUBLIC_JSONCS3_SYSTEM_USER_ID`| 1.0.0 |string|`ID of the OpenCloud STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format.`|``|
 |`OC_SYSTEM_USER_IDP`<br/>`SHARING_PUBLIC_JSONCS3_SYSTEM_USER_IDP`| 1.0.0 |string|`IDP of the OpenCloud STORAGE-SYSTEM system user.`|`internal`|
diff --git a/static/env-vars/sharing_readme.md b/static/env-vars/sharing_readme.md
index c24134b7..b6e1dba2 100755
--- a/static/env-vars/sharing_readme.md
+++ b/static/env-vars/sharing_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Sharing
-date: 2025-11-27T22:56:02.334524+01:00
+date: 2026-01-13T14:33:04.563417885Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/sharing
diff --git a/static/env-vars/sse.yaml b/static/env-vars/sse.yaml
index 8600af9e..e2767c3a 100644
--- a/static/env-vars/sse.yaml
+++ b/static/env-vars/sse.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: sse.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9139
   token: ""
diff --git a/static/env-vars/sse_configvars.md b/static/env-vars/sse_configvars.md
index 4214aad8..bb84edbc 100644
--- a/static/env-vars/sse_configvars.md
+++ b/static/env-vars/sse_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **sse** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`SSE_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`SSE_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`SSE_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`SSE_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`SSE_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`SSE_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9139`|
 |`SSE_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`SSE_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
@@ -13,7 +10,7 @@ Environment variables for the **sse** service
 |`SSE_KEEPALIVE_INTERVAL`| 1.0.0 |Duration|`To prevent intermediate proxies from closing the SSE connection, send periodic SSE comments to keep it open.`|`0s`|
 |`OC_EVENTS_ENDPOINT`<br/>`SSE_EVENTS_ENDPOINT`| 1.0.0 |string|`The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.`|`127.0.0.1:9233`|
 |`OC_EVENTS_CLUSTER`<br/>`SSE_EVENTS_CLUSTER`| 1.0.0 |string|`The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system.`|`opencloud-cluster`|
-|`OC_INSECURE`<br/>`SSE_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
+|`OC_INSECURE`<br/>`OC_EVENTS_TLS_INSECURE`<br/>`SSE_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
 |`OC_EVENTS_TLS_ROOT_CA_CERTIFICATE`<br/>`SSE_EVENTS_TLS_ROOT_CA_CERTIFICATE`| 1.0.0 |string|`The root CA certificate used to validate the server's TLS certificate. If provided SSE_EVENTS_TLS_INSECURE will be seen as false.`|``|
 |`OC_EVENTS_ENABLE_TLS`<br/>`SSE_EVENTS_ENABLE_TLS`| 1.0.0 |bool|`Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|`false`|
 |`OC_EVENTS_AUTH_USERNAME`<br/>`SSE_EVENTS_AUTH_USERNAME`| 1.0.0 |string|`The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|``|
diff --git a/static/env-vars/sse_readme.md b/static/env-vars/sse_readme.md
old mode 100644
new mode 100755
index 49aea22f..fb5e0022
--- a/static/env-vars/sse_readme.md
+++ b/static/env-vars/sse_readme.md
@@ -1,6 +1,6 @@
 ---
 title: SSE
-date: 2025-11-27T22:56:02.334591+01:00
+date: 2026-01-13T14:33:04.563621314Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/sse
diff --git a/static/env-vars/storage-publiclink.yaml b/static/env-vars/storage-publiclink.yaml
index 127d622d..66f3b842 100644
--- a/static/env-vars/storage-publiclink.yaml
+++ b/static/env-vars/storage-publiclink.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: storage-publiclink.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9179
   token: ""
diff --git a/static/env-vars/storage-publiclink_configvars.md b/static/env-vars/storage-publiclink_configvars.md
index e2ba94f3..151d7fe6 100644
--- a/static/env-vars/storage-publiclink_configvars.md
+++ b/static/env-vars/storage-publiclink_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **storage-publiclink** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`STORAGE_PUBLICLINK_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`STORAGE_PUBLICLINK_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`STORAGE_PUBLICLINK_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`STORAGE_PUBLICLINK_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`STORAGE_PUBLICLINK_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`STORAGE_PUBLICLINK_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9179`|
 |`STORAGE_PUBLICLINK_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`STORAGE_PUBLICLINK_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
diff --git a/static/env-vars/storage-publiclink_readme.md b/static/env-vars/storage-publiclink_readme.md
old mode 100644
new mode 100755
index e5a03492..d73cacd1
--- a/static/env-vars/storage-publiclink_readme.md
+++ b/static/env-vars/storage-publiclink_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Storage PublicLink
-date: 2025-11-27T22:56:02.334658+01:00
+date: 2026-01-13T14:33:04.563813674Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/storage-publiclink
@@ -34,7 +34,7 @@ This service is part of the storage services family and is responsible for:
 
 The storage-publiclink service integrates with:
 - `sharing` service - Manages and persists public link shares
-- `frontend` and `ocdav` - Provide HTTP/WebDAV access to public links
+- `frontend` service - Provides HTTP/WebDAV access to public links
 - Storage drivers - Accesses the actual file content
 
 ## Storage Registry
diff --git a/static/env-vars/storage-shares.yaml b/static/env-vars/storage-shares.yaml
index 0c637011..4f1502c2 100644
--- a/static/env-vars/storage-shares.yaml
+++ b/static/env-vars/storage-shares.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: storage-shares.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9156
   token: ""
diff --git a/static/env-vars/storage-shares_configvars.md b/static/env-vars/storage-shares_configvars.md
index ce9b2bf6..c157ebbe 100644
--- a/static/env-vars/storage-shares_configvars.md
+++ b/static/env-vars/storage-shares_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **storage-shares** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`STORAGE_SHARES_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`STORAGE_SHARES_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`STORAGE_SHARES_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`STORAGE_SHARES_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`STORAGE_SHARES_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`STORAGE_SHARES_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9156`|
 |`STORAGE_SHARES_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`STORAGE_SHARES_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
diff --git a/static/env-vars/storage-shares_readme.md b/static/env-vars/storage-shares_readme.md
old mode 100644
new mode 100755
index 37dfc066..e664bb31
--- a/static/env-vars/storage-shares_readme.md
+++ b/static/env-vars/storage-shares_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Storage Shares
-date: 2025-11-27T22:56:02.334725+01:00
+date: 2026-01-13T14:33:04.563998783Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/storage-shares
@@ -35,7 +35,7 @@ This service is part of the storage services family and is responsible for:
 The storage-shares service integrates with:
 - `sharing` service - Manages and persists shares
 - `storage-users` service - Accesses the underlying file content
-- `frontend` and `ocdav` - Provide HTTP/WebDAV access to shares
+- `frontend` service - Provides HTTP/WebDAV access to shares
 
 ## Virtual Shares Folder
 
diff --git a/static/env-vars/storage-system.yaml b/static/env-vars/storage-system.yaml
index 5d4a9f11..872ecfae 100644
--- a/static/env-vars/storage-system.yaml
+++ b/static/env-vars/storage-system.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: storage-system.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9217
   token: ""
@@ -40,7 +36,7 @@ cache:
 driver: decomposed
 drivers:
   decomposed:
-    root: /var/lib/opencloud/storage/metadata
+    root: /root/.opencloud/storage/metadata
     max_acquire_lock_cycles: 20
     lock_cycle_duration_factor: 30
 data_server_url: http://localhost:9216/data
diff --git a/static/env-vars/storage-system_configvars.md b/static/env-vars/storage-system_configvars.md
index 2b7ef3ae..bc3ef099 100644
--- a/static/env-vars/storage-system_configvars.md
+++ b/static/env-vars/storage-system_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **storage-system** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`STORAGE_SYSTEM_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`STORAGE_SYSTEM_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`STORAGE_SYSTEM_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`STORAGE_SYSTEM_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`STORAGE_SYSTEM_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`STORAGE_SYSTEM_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9217`|
 |`STORAGE_SYSTEM_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint`|``|
 |`STORAGE_SYSTEM_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling`|`false`|
@@ -29,7 +26,7 @@ Environment variables for the **storage-system** service
 |`OC_CACHE_AUTH_USERNAME`<br/>`STORAGE_SYSTEM_CACHE_AUTH_USERNAME`| 1.0.0 |string|`Username for the configured store. Only applies when store type 'nats-js-kv' is configured.`|``|
 |`OC_CACHE_AUTH_PASSWORD`<br/>`STORAGE_SYSTEM_CACHE_AUTH_PASSWORD`| 1.0.0 |string|`Password for the configured store. Only applies when store type 'nats-js-kv' is configured.`|``|
 |`STORAGE_SYSTEM_DRIVER`| 1.0.0 |string|`The driver which should be used by the service. The only supported driver is 'decomposed'. For backwards compatibility reasons it's also possible to use the 'ocis' driver and configure it using the 'decomposed' options. `|`decomposed`|
-|`STORAGE_SYSTEM_OC_ROOT`| 1.0.0 |string|`Path for the directory where the STORAGE-SYSTEM service stores it's persistent data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage.`|`/var/lib/opencloud/storage/metadata`|
+|`STORAGE_SYSTEM_OC_ROOT`| 1.0.0 |string|`Path for the directory where the STORAGE-SYSTEM service stores it's persistent data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage.`|`/root/.opencloud/storage/metadata`|
 |`STORAGE_SYSTEM_OC_MAX_ACQUIRE_LOCK_CYCLES`| 1.0.0 |int|`When trying to lock files, OpenCloud will try this amount of times to acquire the lock before failing. After each try it will wait for an increasing amount of time. Values of 0 or below will be ignored and the default value of 20 will be used.`|`20`|
 |`STORAGE_SYSTEM_OC_LOCK_CYCLE_DURATION_FACTOR`| 1.0.0 |int|`When trying to lock files, OpenCloud will multiply the cycle with this factor and use it as a millisecond timeout. Values of 0 or below will be ignored and the default value of 30 will be used.`|`30`|
 |`STORAGE_SYSTEM_DATA_SERVER_URL`| 1.0.0 |string|`URL of the data server, needs to be reachable by other services using this service.`|`http://localhost:9216/data`|
diff --git a/static/env-vars/storage-system_readme.md b/static/env-vars/storage-system_readme.md
old mode 100644
new mode 100755
index 4137d732..b5b8fdd3
--- a/static/env-vars/storage-system_readme.md
+++ b/static/env-vars/storage-system_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Storage-System
-date: 2025-11-27T22:56:02.33479+01:00
+date: 2026-01-13T14:33:04.564936918Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/storage-system
diff --git a/static/env-vars/storage-users.yaml b/static/env-vars/storage-users.yaml
index cc60efb9..00ca85b3 100644
--- a/static/env-vars/storage-users.yaml
+++ b/static/env-vars/storage-users.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: storage-users.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9159
   token: ""
@@ -74,7 +70,7 @@ drivers:
     propagator: sync
     async_propagator_options:
       propagation_delay: 0s
-    root: /var/lib/opencloud/storage/users
+    root: /root/.opencloud/storage/users
     user_layout: '{{.Id.OpaqueId}}'
     permissions_endpoint: eu.opencloud.api.settings
     personalspacealias_template: '{{.SpaceType}}/{{.User.Username | lower}}'
@@ -92,7 +88,7 @@ drivers:
     propagator: sync
     async_propagator_options:
       propagation_delay: 0s
-    root: /var/lib/opencloud/storage/users
+    root: /root/.opencloud/storage/users
     user_layout: '{{.Id.OpaqueId}}'
     permissions_endpoint: eu.opencloud.api.settings
     region: default
@@ -117,10 +113,10 @@ drivers:
     async_uploads: true
     disable_versioning: false
   owncloudsql:
-    root: /var/lib/opencloud/storage/owncloud
+    root: /root/.opencloud/storage/owncloud
     share_folder: /Shares
     user_layout: '{{.Username}}'
-    upload_info_dir: /var/lib/opencloud/storage/uploadinfo
+    upload_info_dir: /root/.opencloud/storage/uploadinfo
     db_username: owncloud
     db_password: owncloud
     db_host: ""
@@ -128,7 +124,7 @@ drivers:
     db_name: owncloud
     users_provider_endpoint: eu.opencloud.api.users
   posix:
-    root: /var/lib/opencloud/storage/users
+    root: /root/.opencloud/storage/users
     propagator: ""
     async_propagator_options:
       propagation_delay: 0s
diff --git a/static/env-vars/storage-users_configvars.md b/static/env-vars/storage-users_configvars.md
index 185cd3b9..29d17439 100644
--- a/static/env-vars/storage-users_configvars.md
+++ b/static/env-vars/storage-users_configvars.md
@@ -1,5 +1,5 @@
 
-2025-11-27-22-55-58
+2026-01-13-14-32-58
 
 # Deprecation Notice
 
@@ -11,10 +11,7 @@ Environment variables for the **storage-users** service
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
 |`STORAGE_USERS_SERVICE_NAME`| 1.0.0 |string|`Service name to use. Change this when starting an additional storage provider with a custom configuration to prevent it from colliding with the default 'storage-users' service.`|`storage-users`|
-|`OC_LOG_LEVEL`<br/>`STORAGE_USERS_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`STORAGE_USERS_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`STORAGE_USERS_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`STORAGE_USERS_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`STORAGE_USERS_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`STORAGE_USERS_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9159`|
 |`STORAGE_USERS_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`STORAGE_USERS_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
@@ -38,7 +35,7 @@ Environment variables for the **storage-users** service
 |`STORAGE_USERS_DRIVER`| 1.0.0 |string|`The storage driver which should be used by the service. Defaults to 'posix'. Supported values are: 'posix', 'decomposed', 'decomposeds3' and 'owncloudsql'. For backwards compatibility reasons it's also possible to use the 'ocis' and 's3ng' driver and configure them using the 'decomposed'/'decomposeds3' options. The 'posix' driver stores data directly on a POSIX-compliant filesystem. The 'decomposed' driver stores all data (blob and meta data) in a POSIX compliant volume. The 'decomposeds3' driver stores metadata in a POSIX compliant volume and uploads blobs to the s3 bucket.`|`posix`|
 |`OC_DECOMPOSEDFS_PROPAGATOR`<br/>`STORAGE_USERS_DECOMPOSED_PROPAGATOR`| 1.0.0 |string|`The propagator used for decomposedfs. At the moment, only 'sync' is fully supported, 'async' is available as an experimental option.`|`sync`|
 |`STORAGE_USERS_ASYNC_PROPAGATOR_PROPAGATION_DELAY`| 1.0.0 |Duration|`The delay between a change made to a tree and the propagation start on treesize and treetime. Multiple propagations are computed to a single one. See the Environment Variable Types description for more details.`|`0s`|
-|`STORAGE_USERS_DECOMPOSED_ROOT`| 1.0.0 |string|`The directory where the filesystem storage will store blobs and metadata. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/users.`|`/var/lib/opencloud/storage/users`|
+|`STORAGE_USERS_DECOMPOSED_ROOT`| 1.0.0 |string|`The directory where the filesystem storage will store blobs and metadata. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/users.`|`/root/.opencloud/storage/users`|
 |`STORAGE_USERS_DECOMPOSED_USER_LAYOUT`| 1.0.0 |string|`Template string for the user storage layout in the user directory.`|`{{.Id.OpaqueId}}`|
 |`STORAGE_USERS_PERMISSION_ENDPOINT`<br/>`STORAGE_USERS_DECOMPOSED_PERMISSIONS_ENDPOINT`| 1.0.0 |string|`Endpoint of the permissions service. The endpoints can differ for 'decomposed' and 'decomposeds3'.`|`eu.opencloud.api.settings`|
 |`STORAGE_USERS_DECOMPOSED_PERSONAL_SPACE_ALIAS_TEMPLATE`| 1.0.0 |string|`Template string to construct personal space aliases.`|`{{.SpaceType}}/{{.User.Username \| lower}}`|
@@ -54,7 +51,7 @@ Environment variables for the **storage-users** service
 |`OC_DISABLE_VERSIONING`| 1.0.0 |bool|`Disables versioning of files. When set to true, new uploads with the same filename will overwrite existing files instead of creating a new version.`|`false`|
 |`OC_DECOMPOSEDFS_PROPAGATOR`<br/>`STORAGE_USERS_DECOMPOSEDS3_PROPAGATOR`| 1.0.0 |string|`The propagator used for decomposedfs. At the moment, only 'sync' is fully supported, 'async' is available as an experimental option.`|`sync`|
 |`STORAGE_USERS_ASYNC_PROPAGATOR_PROPAGATION_DELAY`| 1.0.0 |Duration|`The delay between a change made to a tree and the propagation start on treesize and treetime. Multiple propagations are computed to a single one. See the Environment Variable Types description for more details.`|`0s`|
-|`STORAGE_USERS_DECOMPOSEDS3_ROOT`| 1.0.0 |string|`The directory where the filesystem storage will store metadata for blobs. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/users.`|`/var/lib/opencloud/storage/users`|
+|`STORAGE_USERS_DECOMPOSEDS3_ROOT`| 1.0.0 |string|`The directory where the filesystem storage will store metadata for blobs. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/users.`|`/root/.opencloud/storage/users`|
 |`STORAGE_USERS_DECOMPOSEDS3_USER_LAYOUT`| 1.0.0 |string|`Template string for the user storage layout in the user directory.`|`{{.Id.OpaqueId}}`|
 |`STORAGE_USERS_PERMISSION_ENDPOINT`<br/>`STORAGE_USERS_DECOMPOSEDS3_PERMISSIONS_ENDPOINT`| 1.0.0 |string|`Endpoint of the permissions service. The endpoints can differ for 'decomposed' and 'decomposeds3'.`|`eu.opencloud.api.settings`|
 |`STORAGE_USERS_DECOMPOSEDS3_REGION`| 1.0.0 |string|`Region of the S3 bucket.`|`default`|
@@ -78,17 +75,17 @@ Environment variables for the **storage-users** service
 |`OC_MAX_CONCURRENCY`<br/>`STORAGE_USERS_DECOMPOSEDS3_MAX_CONCURRENCY`| 1.0.0 |int|`Maximum number of concurrent go-routines. Higher values can potentially get work done faster but will also cause more load on the system. Values of 0 or below will be ignored and the default value of 100 will be used.`|`5`|
 |`OC_ASYNC_UPLOADS`| 1.0.0 |bool|`Enable asynchronous file uploads.`|`true`|
 |`OC_DISABLE_VERSIONING`| 1.0.0 |bool|`Disables versioning of files. When set to true, new uploads with the same filename will overwrite existing files instead of creating a new version.`|`false`|
-|`STORAGE_USERS_OWNCLOUDSQL_DATADIR`| 1.0.0 |string|`The directory where the filesystem storage will store SQL migration data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/owncloud.`|`/var/lib/opencloud/storage/owncloud`|
+|`STORAGE_USERS_OWNCLOUDSQL_DATADIR`| 1.0.0 |string|`The directory where the filesystem storage will store SQL migration data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/owncloud.`|`/root/.opencloud/storage/owncloud`|
 |`STORAGE_USERS_OWNCLOUDSQL_SHARE_FOLDER`| 1.0.0 |string|`Name of the folder jailing all shares.`|`/Shares`|
 |`STORAGE_USERS_OWNCLOUDSQL_LAYOUT`| 1.0.0 |string|`Path layout to use to navigate into a users folder in an owncloud data directory`|`{{.Username}}`|
-|`STORAGE_USERS_OWNCLOUDSQL_UPLOADINFO_DIR`| 1.0.0 |string|`The directory where the filesystem will store uploads temporarily. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/uploadinfo.`|`/var/lib/opencloud/storage/uploadinfo`|
+|`STORAGE_USERS_OWNCLOUDSQL_UPLOADINFO_DIR`| 1.0.0 |string|`The directory where the filesystem will store uploads temporarily. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/uploadinfo.`|`/root/.opencloud/storage/uploadinfo`|
 |`STORAGE_USERS_OWNCLOUDSQL_DB_USERNAME`| 1.0.0 |string|`Username for the database.`|`owncloud`|
 |`STORAGE_USERS_OWNCLOUDSQL_DB_PASSWORD`| 1.0.0 |string|`Password for the database.`|`owncloud`|
 |`STORAGE_USERS_OWNCLOUDSQL_DB_HOST`| 1.0.0 |string|`Hostname or IP of the database server.`|``|
 |`STORAGE_USERS_OWNCLOUDSQL_DB_PORT`| 1.0.0 |int|`Port that the database server is listening on.`|`3306`|
 |`STORAGE_USERS_OWNCLOUDSQL_DB_NAME`| 1.0.0 |string|`Name of the database to be used.`|`owncloud`|
 |`STORAGE_USERS_OWNCLOUDSQL_USERS_PROVIDER_ENDPOINT`| 1.0.0 |string|`Endpoint of the users provider.`|`eu.opencloud.api.users`|
-|`STORAGE_USERS_POSIX_ROOT`| 1.0.0 |string|`The directory where the filesystem storage will store its data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/users.`|`/var/lib/opencloud/storage/users`|
+|`STORAGE_USERS_POSIX_ROOT`| 1.0.0 |string|`The directory where the filesystem storage will store its data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/users.`|`/root/.opencloud/storage/users`|
 |`OC_DECOMPOSEDFS_PROPAGATOR`<br/>`STORAGE_USERS_POSIX_PROPAGATOR`| 2.0.0 |string|`The propagator used for the posix driver. At the moment, only 'sync' is fully supported, 'async' is available as an experimental option.`|``|
 |`STORAGE_USERS_ASYNC_PROPAGATOR_PROPAGATION_DELAY`| 1.0.0 |Duration|`The delay between a change made to a tree and the propagation start on treesize and treetime. Multiple propagations are computed to a single one. See the Environment Variable Types description for more details.`|`0s`|
 |`STORAGE_USERS_POSIX_PERSONAL_SPACE_ALIAS_TEMPLATE`| 1.0.0 |string|`Template string to construct personal space aliases.`|`{{.SpaceType}}/{{.User.Username \| lower}}`|
@@ -116,7 +113,7 @@ Environment variables for the **storage-users** service
 |`STORAGE_USERS_TRANSFER_EXPIRES`| 1.0.0 |int64|`The time after which the token for upload postprocessing expires`|`86400`|
 |`OC_EVENTS_ENDPOINT`<br/>`STORAGE_USERS_EVENTS_ENDPOINT`| 1.0.0 |string|`The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.`|`127.0.0.1:9233`|
 |`OC_EVENTS_CLUSTER`<br/>`STORAGE_USERS_EVENTS_CLUSTER`| 1.0.0 |string|`The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system.`|`opencloud-cluster`|
-|`OC_INSECURE`<br/>`STORAGE_USERS_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
+|`OC_INSECURE`<br/>`OC_EVENTS_TLS_INSECURE`<br/>`STORAGE_USERS_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
 |`OC_EVENTS_TLS_ROOT_CA_CERTIFICATE`<br/>`STORAGE_USERS_EVENTS_TLS_ROOT_CA_CERTIFICATE`| 1.0.0 |string|`The root CA certificate used to validate the server's TLS certificate. If provided STORAGE_USERS_EVENTS_TLS_INSECURE will be seen as false.`|``|
 |`OC_EVENTS_ENABLE_TLS`<br/>`STORAGE_USERS_EVENTS_ENABLE_TLS`| 1.0.0 |bool|`Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|`false`|
 |`STORAGE_USERS_EVENTS_NUM_CONSUMERS`| 1.0.0 |int|`The amount of concurrent event consumers to start. Event consumers are used for post-processing files. Multiple consumers increase parallelisation, but will also increase CPU and memory demands. The setting has no effect when the OC_ASYNC_UPLOADS is set to false. The default and minimum value is 1.`|`0`|
diff --git a/static/env-vars/storage-users_readme.md b/static/env-vars/storage-users_readme.md
old mode 100644
new mode 100755
index 51c7064e..5cf4dd85
--- a/static/env-vars/storage-users_readme.md
+++ b/static/env-vars/storage-users_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Storage-Users
-date: 2025-11-27T22:56:02.334862+01:00
+date: 2026-01-13T14:33:04.565211796Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/storage-users
diff --git a/static/env-vars/thumbnails.yaml b/static/env-vars/thumbnails.yaml
index fa39a91d..9f722877 100644
--- a/static/env-vars/thumbnails.yaml
+++ b/static/env-vars/thumbnails.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: thumbnails.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9189
   token: ""
@@ -55,7 +51,7 @@ thumbnail:
   - 4320x7680
   - 7680x4320
   filesystem_storage:
-    root_directory: /var/lib/opencloud/thumbnails
+    root_directory: /root/.opencloud/thumbnails
   webdav_allow_insecure: false
   cs3_allow_insecure: false
   reva_gateway: eu.opencloud.api.gateway
diff --git a/static/env-vars/thumbnails_configvars.md b/static/env-vars/thumbnails_configvars.md
index b61c1386..bddb3793 100644
--- a/static/env-vars/thumbnails_configvars.md
+++ b/static/env-vars/thumbnails_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **thumbnails** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`THUMBNAILS_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`THUMBNAILS_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`THUMBNAILS_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`THUMBNAILS_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`THUMBNAILS_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`THUMBNAILS_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9189`|
 |`THUMBNAILS_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`THUMBNAILS_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
@@ -22,7 +19,7 @@ Environment variables for the **thumbnails** service
 |`OC_CORS_ALLOW_HEADERS`<br/>`THUMBNAILS_CORS_ALLOW_HEADERS`| 1.0.0 |[]string|`A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at \https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.`|`[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id Cache-Control]`|
 |`OC_CORS_ALLOW_CREDENTIALS`<br/>`THUMBNAILS_CORS_ALLOW_CREDENTIALS`| 1.0.0 |bool|`Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at \https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.`|`true`|
 |`THUMBNAILS_RESOLUTIONS`| 1.0.0 |[]string|`The supported list of target resolutions in the format WidthxHeight like 32x32. You can define any resolution as required. See the Environment Variable Types description for more details.`|`[16x16 32x32 64x64 128x128 1080x1920 1920x1080 2160x3840 3840x2160 4320x7680 7680x4320]`|
-|`THUMBNAILS_FILESYSTEMSTORAGE_ROOT`| 1.0.0 |string|`The directory where the filesystem storage will store the thumbnails. If not defined, the root directory derives from $OC_BASE_DATA_PATH/thumbnails.`|`/var/lib/opencloud/thumbnails`|
+|`THUMBNAILS_FILESYSTEMSTORAGE_ROOT`| 1.0.0 |string|`The directory where the filesystem storage will store the thumbnails. If not defined, the root directory derives from $OC_BASE_DATA_PATH/thumbnails.`|`/root/.opencloud/thumbnails`|
 |`OC_INSECURE`<br/>`THUMBNAILS_WEBDAVSOURCE_INSECURE`| 1.0.0 |bool|`Ignore untrusted SSL certificates when connecting to the webdav source.`|`false`|
 |`OC_INSECURE`<br/>`THUMBNAILS_CS3SOURCE_INSECURE`| 1.0.0 |bool|`Ignore untrusted SSL certificates when connecting to the CS3 source.`|`false`|
 |`OC_REVA_GATEWAY`| 1.0.0 |string|`CS3 gateway used to look up user metadata`|`eu.opencloud.api.gateway`|
diff --git a/static/env-vars/thumbnails_readme.md b/static/env-vars/thumbnails_readme.md
old mode 100644
new mode 100755
index ad62b83f..099e9e6e
--- a/static/env-vars/thumbnails_readme.md
+++ b/static/env-vars/thumbnails_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Thumbnails
-date: 2025-11-27T22:56:02.334947+01:00
+date: 2026-01-13T14:33:04.565649843Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/thumbnails
diff --git a/static/env-vars/userlog.yaml b/static/env-vars/userlog.yaml
index 50f9f235..8c6d40e2 100644
--- a/static/env-vars/userlog.yaml
+++ b/static/env-vars/userlog.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: userlog.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9214
   token: ""
diff --git a/static/env-vars/userlog_configvars.md b/static/env-vars/userlog_configvars.md
index 40753381..ee43f221 100644
--- a/static/env-vars/userlog_configvars.md
+++ b/static/env-vars/userlog_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **userlog** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`USERLOG_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`USERLOG_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`USERLOG_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`USERLOG_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`USERLOG_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`USERLOG_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9214`|
 |`USERLOG_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`USERLOG_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
@@ -25,7 +22,7 @@ Environment variables for the **userlog** service
 |`OC_DEFAULT_LANGUAGE`| 1.0.0 |string|`The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details.`|``|
 |`OC_EVENTS_ENDPOINT`<br/>`USERLOG_EVENTS_ENDPOINT`| 1.0.0 |string|`The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.`|`127.0.0.1:9233`|
 |`OC_EVENTS_CLUSTER`<br/>`USERLOG_EVENTS_CLUSTER`| 1.0.0 |string|`The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system.`|`opencloud-cluster`|
-|`OC_INSECURE`<br/>`USERLOG_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
+|`OC_INSECURE`<br/>`OC_EVENTS_TLS_INSECURE`<br/>`USERLOG_EVENTS_TLS_INSECURE`| 1.0.0 |bool|`Whether to verify the server TLS certificates.`|`false`|
 |`OC_EVENTS_TLS_ROOT_CA_CERTIFICATE`<br/>`USERLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE`| 1.0.0 |string|`The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false.`|``|
 |`OC_EVENTS_ENABLE_TLS`<br/>`USERLOG_EVENTS_ENABLE_TLS`| 1.0.0 |bool|`Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|`false`|
 |`OC_EVENTS_AUTH_USERNAME`<br/>`USERLOG_EVENTS_AUTH_USERNAME`| 1.0.0 |string|`The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services.`|``|
diff --git a/static/env-vars/userlog_readme.md b/static/env-vars/userlog_readme.md
old mode 100644
new mode 100755
index e55816e7..0aa0250e
--- a/static/env-vars/userlog_readme.md
+++ b/static/env-vars/userlog_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Userlog
-date: 2025-11-27T22:56:02.335031+01:00
+date: 2026-01-13T14:33:04.565921771Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/userlog
diff --git a/static/env-vars/users.yaml b/static/env-vars/users.yaml
index bf2a685c..82efb1af 100644
--- a/static/env-vars/users.yaml
+++ b/static/env-vars/users.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: users.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9145
   token: ""
@@ -27,7 +23,7 @@ driver: ldap
 drivers:
   ldap:
     uri: ldaps://localhost:9235
-    ca_cert: /var/lib/opencloud/idm/ldap.crt
+    ca_cert: /root/.opencloud/idm/ldap.crt
     insecure: false
     bind_dn: uid=reva,ou=sysusers,o=libregraph-idm
     bind_password: ""
diff --git a/static/env-vars/users_configvars.md b/static/env-vars/users_configvars.md
index 96e4a7f8..1fe8ccc1 100644
--- a/static/env-vars/users_configvars.md
+++ b/static/env-vars/users_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **users** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`USERS_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`USERS_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`USERS_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`USERS_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`USERS_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`USERS_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9145`|
 |`USERS_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`USERS_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
@@ -19,7 +16,7 @@ Environment variables for the **users** service
 |`USERS_SKIP_USER_GROUPS_IN_TOKEN`| 1.0.0 |bool|`Disables the loading of user's group memberships from the reva access token.`|`false`|
 |`USERS_DRIVER`| 1.0.0 |string|`The driver which should be used by the users service. Supported values are 'ldap' and 'owncloudsql'.`|`ldap`|
 |`OC_LDAP_URI`<br/>`USERS_LDAP_URI`| 1.0.0 |string|`URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'`|`ldaps://localhost:9235`|
-|`OC_LDAP_CACERT`<br/>`USERS_LDAP_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/var/lib/opencloud/idm/ldap.crt`|
+|`OC_LDAP_CACERT`<br/>`USERS_LDAP_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/root/.opencloud/idm/ldap.crt`|
 |`OC_LDAP_INSECURE`<br/>`USERS_LDAP_INSECURE`| 1.0.0 |bool|`Disable TLS certificate validation for the LDAP connections. Do not set this in production environments.`|`false`|
 |`OC_LDAP_BIND_DN`<br/>`USERS_LDAP_BIND_DN`| 1.0.0 |string|`LDAP DN to use for simple bind authentication with the target LDAP server.`|`uid=reva,ou=sysusers,o=libregraph-idm`|
 |`OC_LDAP_BIND_PASSWORD`<br/>`USERS_LDAP_BIND_PASSWORD`| 1.0.0 |string|`Password to use for authenticating the 'bind_dn'.`|``|
diff --git a/static/env-vars/users_readme.md b/static/env-vars/users_readme.md
old mode 100644
new mode 100755
index 6d2eb34f..c59c6f27
--- a/static/env-vars/users_readme.md
+++ b/static/env-vars/users_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Users
-date: 2025-11-27T22:56:02.335114+01:00
+date: 2026-01-13T14:33:04.566134691Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/users
diff --git a/static/env-vars/web.yaml b/static/env-vars/web.yaml
index a2075298..861dcd39 100644
--- a/static/env-vars/web.yaml
+++ b/static/env-vars/web.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: web.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9104
   token: ""
@@ -62,9 +58,9 @@ http:
     - X-HTTP-Method-Override
     allow_credentials: false
 asset:
-  core_path: /var/lib/opencloud/web/assets/core
-  themes_path: /var/lib/opencloud/web/assets/themes
-  apps_path: /var/lib/opencloud/web/assets/apps
+  core_path: /root/.opencloud/web/assets/core
+  themes_path: /root/.opencloud/web/assets/themes
+  apps_path: /root/.opencloud/web/assets/apps
 file: ""
 web:
   theme_server: https://localhost:9200
diff --git a/static/env-vars/web_configvars.md b/static/env-vars/web_configvars.md
index 6d4b4ed9..e34d1bb8 100644
--- a/static/env-vars/web_configvars.md
+++ b/static/env-vars/web_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **web** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`WEB_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`WEB_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`WEB_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`WEB_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`WEB_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`WEB_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9104`|
 |`WEB_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`WEB_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
@@ -20,9 +17,9 @@ Environment variables for the **web** service
 |`OC_CORS_ALLOW_METHODS`<br/>`WEB_CORS_ALLOW_METHODS`| 1.0.0 |[]string|`A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at \https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details.`|`[OPTIONS HEAD GET PUT PATCH POST DELETE MKCOL PROPFIND PROPPATCH MOVE COPY REPORT SEARCH]`|
 |`OC_CORS_ALLOW_HEADERS`<br/>`WEB_CORS_ALLOW_HEADERS`| 1.0.0 |[]string|`A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at \https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.`|`[Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires Upload-Checksum Upload-Offset X-HTTP-Method-Override]`|
 |`OC_CORS_ALLOW_CREDENTIALS`<br/>`WEB_CORS_ALLOW_CREDENTIALS`| 1.0.0 |bool|`Allow credentials for CORS. See following chapter for more details: *Access-Control-Allow-Credentials* at \https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.`|`false`|
-|`WEB_ASSET_CORE_PATH`| 1.0.0 |string|`Serve OpenCloud Web assets from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/core`|`/var/lib/opencloud/web/assets/core`|
-|`OC_ASSET_THEMES_PATH`<br/>`WEB_ASSET_THEMES_PATH`| 1.0.0 |string|`Serve OpenCloud themes from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/themes`|`/var/lib/opencloud/web/assets/themes`|
-|`WEB_ASSET_APPS_PATH`| 1.0.0 |string|`Serve OpenCloud Web apps assets from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/apps`|`/var/lib/opencloud/web/assets/apps`|
+|`WEB_ASSET_CORE_PATH`| 1.0.0 |string|`Serve OpenCloud Web assets from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/core`|`/root/.opencloud/web/assets/core`|
+|`OC_ASSET_THEMES_PATH`<br/>`WEB_ASSET_THEMES_PATH`| 1.0.0 |string|`Serve OpenCloud themes from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/themes`|`/root/.opencloud/web/assets/themes`|
+|`WEB_ASSET_APPS_PATH`| 1.0.0 |string|`Serve OpenCloud Web apps assets from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/apps`|`/root/.opencloud/web/assets/apps`|
 |`WEB_UI_CONFIG_FILE`| 1.0.0 |string|`Read the OpenCloud Web json based configuration from this path/file. The config file takes precedence over WEB_OPTION_xxx environment variables. See the text description for more details.`|``|
 |`OC_URL`<br/>`WEB_UI_THEME_SERVER`| 1.0.0 |string|`Base URL to load themes from. Will be prepended to the theme path.`|`https://localhost:9200`|
 |`WEB_UI_THEME_PATH`| 1.0.0 |string|`Path to the theme json file. Will be appended to the URL of the theme server.`|`/themes/opencloud/theme.json`|
diff --git a/static/env-vars/web_readme.md b/static/env-vars/web_readme.md
old mode 100644
new mode 100755
index 4dbda35d..2b0952af
--- a/static/env-vars/web_readme.md
+++ b/static/env-vars/web_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Web
-date: 2025-11-27T22:56:02.335267+01:00
+date: 2026-01-13T14:33:04.56632457Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/web
diff --git a/static/env-vars/webdav.yaml b/static/env-vars/webdav.yaml
index 39a7ce3c..1da16a7c 100644
--- a/static/env-vars/webdav.yaml
+++ b/static/env-vars/webdav.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: webdav.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9119
   token: ""
diff --git a/static/env-vars/webdav_configvars.md b/static/env-vars/webdav_configvars.md
index eaa32876..32877efd 100644
--- a/static/env-vars/webdav_configvars.md
+++ b/static/env-vars/webdav_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **webdav** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`WEBDAV_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`WEBDAV_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`WEBDAV_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`WEBDAV_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`WEBDAV_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`WEBDAV_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9119`|
 |`WEBDAV_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`WEBDAV_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
diff --git a/static/env-vars/webdav_readme.md b/static/env-vars/webdav_readme.md
old mode 100644
new mode 100755
index 01c2e503..5a3fdc94
--- a/static/env-vars/webdav_readme.md
+++ b/static/env-vars/webdav_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Webdav
-date: 2025-11-27T22:56:02.335343+01:00
+date: 2026-01-13T14:33:04.566596538Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/webdav
@@ -13,7 +13,7 @@ geekdocCollapseSection: true
 ## Abstract
 
 
-The webdav service, like the [ocdav](../ocdav) service, provides a HTTP API following the webdav protocol. It receives HTTP calls from requestors like clients and issues gRPC calls to other services executing these requests. After the called service has finished the request, the webdav service will render their responses in `xml` and sends them back to the requestor.
+The webdav service, like the [frontend](../frontend) service, provides a HTTP API following the webdav protocol. It receives HTTP calls from requestors like clients and issues gRPC calls to other services executing these requests. After the called service has finished the request, the webdav service will render their responses in `xml` and sends them back to the requestor.
 
 
 ## Table of Contents
diff --git a/static/env-vars/webfinger.yaml b/static/env-vars/webfinger.yaml
index fd77ff1b..f1feab56 100644
--- a/static/env-vars/webfinger.yaml
+++ b/static/env-vars/webfinger.yaml
@@ -1,11 +1,7 @@
 # Autogenerated
 # Filename: webfinger.yaml
 
-log:
-  level: ""
-  pretty: false
-  color: false
-  file: ""
+loglevel: error
 debug:
   addr: 127.0.0.1:9279
   token: ""
diff --git a/static/env-vars/webfinger_configvars.md b/static/env-vars/webfinger_configvars.md
index 08733164..d1b3fd1a 100644
--- a/static/env-vars/webfinger_configvars.md
+++ b/static/env-vars/webfinger_configvars.md
@@ -2,10 +2,7 @@ Environment variables for the **webfinger** service
 
 | Name | Introduction Version | Type | Description | Default Value |
 |---|---|---|---|:---|
-|`OC_LOG_LEVEL`<br/>`WEBFINGER_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|``|
-|`OC_LOG_PRETTY`<br/>`WEBFINGER_LOG_PRETTY`| 1.0.0 |bool|`Activates pretty log output.`|`false`|
-|`OC_LOG_COLOR`<br/>`WEBFINGER_LOG_COLOR`| 1.0.0 |bool|`Activates colorized log output.`|`false`|
-|`OC_LOG_FILE`<br/>`WEBFINGER_LOG_FILE`| 1.0.0 |string|`The path to the log file. Activates logging to this file if set.`|``|
+|`OC_LOG_LEVEL`<br/>`WEBFINGER_LOG_LEVEL`| 1.0.0 |string|`The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.`|`error`|
 |`WEBFINGER_DEBUG_ADDR`| 1.0.0 |string|`Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.`|`127.0.0.1:9279`|
 |`WEBFINGER_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`WEBFINGER_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
diff --git a/static/env-vars/webfinger_readme.md b/static/env-vars/webfinger_readme.md
old mode 100644
new mode 100755
index 39185961..1f172f66
--- a/static/env-vars/webfinger_readme.md
+++ b/static/env-vars/webfinger_readme.md
@@ -1,6 +1,6 @@
 ---
 title: Webfinger
-date: 2025-11-27T22:56:02.335416+01:00
+date: 2026-01-13T14:33:04.566786027Z
 weight: 20
 geekdocRepo: https://github.com/opencloud-eu/opencloud
 geekdocEditPath: edit/master/services/webfinger