chore: add VERSION v0.5.1

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

.github/workflows/node.js.yml

@@ -16,7 +16,7 @@ jobs:
 
     strategy:
       matrix:
-        node-version: [22.x]
+        node-version: [24.x]
         # See supported Node.js release schedule at https://nodejs.org/en/about/releases/
 
     steps:

.gitignore

@@ -16,6 +16,9 @@
 db.sqlite
 data/settings.db
 
+# prisma generated client
+/prisma/generated/
+
 # ssh keys (sensitive)
 data/ssh-keys/
 

VERSION

@@ -1 +1 @@
-0.4.9
+0.5.1

eslint.config.js

@@ -1,15 +1,23 @@
-import { FlatCompat } from "@eslint/eslintrc";
+import eslintPluginNext from "@next/eslint-plugin-next";
 import tseslint from "typescript-eslint";
-
-const compat = new FlatCompat({
-  baseDirectory: import.meta.dirname,
-});
+import reactPlugin from "eslint-plugin-react";
+import reactHooksPlugin from "eslint-plugin-react-hooks";
 
 export default tseslint.config(
   {
-    ignores: [".next"],
+    ignores: [".next", "next-env.d.ts", "postcss.config.js", "prettier.config.js"],
+  },
+  {
+    plugins: {
+      "@next/next": eslintPluginNext,
+      "react": reactPlugin,
+      "react-hooks": reactHooksPlugin,
+    },
+    rules: {
+      ...eslintPluginNext.configs.recommended.rules,
+      ...eslintPluginNext.configs["core-web-vitals"].rules,
+    },
   },
-  ...compat.extends("next/core-web-vitals"),
   {
     files: ["**/*.ts", "**/*.tsx"],
     extends: [

next.config.js

@@ -18,31 +18,25 @@ const config = {
       },
     ],
   },
-  // Allow cross-origin requests from local network ranges
-  allowedDevOrigins: [
-    'http://localhost:3000',
-    'http://127.0.0.1:3000',
-    'http://[::1]:3000',    
-    'http://10.*',
-    'http://172.16.*',
-    'http://172.17.*',
-    'http://172.18.*',
-    'http://172.19.*',
-    'http://172.20.*',
-    'http://172.21.*',
-    'http://172.22.*',
-    'http://172.23.*',
-    'http://172.24.*',
-    'http://172.25.*',
-    'http://172.26.*',
-    'http://172.27.*',
-    'http://172.28.*',
-    'http://172.29.*',
-    'http://172.30.*',
-    'http://172.31.*',
-    'http://192.168.*',
-  ],
+  // Allow cross-origin requests from local network in dev mode
+  // Note: In Next.js 16, we disable this check entirely for dev
+  async headers() {
+    return [
+      {
+        source: '/:path*',
+        headers: [
+          { key: 'Access-Control-Allow-Origin', value: '*' },
+          { key: 'Access-Control-Allow-Methods', value: 'GET,POST,PUT,DELETE,OPTIONS' },
+          { key: 'Access-Control-Allow-Headers', value: 'Content-Type, Authorization' },
+        ],
+      },
+    ];
+  },
 
+  turbopack: {
+    // Disable Turbopack and use Webpack instead for compatibility
+    // This is necessary for server-side code that uses child_process
+  },
   webpack: (config, { dev, isServer }) => {
     if (dev && !isServer) {
       config.watchOptions = {
@@ -50,8 +44,19 @@ const config = {
         aggregateTimeout: 300,
       };
     }
+    // Handle server-side modules
+    if (isServer) {
+      config.externals = config.externals || [];
+      if (!config.externals.includes('child_process')) {
+        config.externals.push('child_process');
+      }
+    }
     return config;
   },
+  // TypeScript errors will fail the build
+  typescript: {
+    ignoreBuildErrors: false,
+  },
 };
 
 export default config;

package.json

@@ -4,17 +4,20 @@
   "private": true,
   "type": "module",
   "scripts": {
-    "build": "next build",
-    "check": "next lint && tsc --noEmit",
-    "dev": "next dev",
-    "dev:server": "node server.js",
-    "dev:next": "next dev --turbo",
+    "build": "prisma generate && next build --webpack",
+    "check": "eslint . && tsc --noEmit",
+    "dev": "next dev --webpack",
+    "dev:server": "node --import tsx server.js",
+    "dev:next": "next dev --webpack",
     "format:check": "prettier --check \"**/*.{ts,tsx,js,jsx,mdx}\" --cache",
     "format:write": "prettier --write \"**/*.{ts,tsx,js,jsx,mdx}\" --cache",
-    "lint": "next lint",
-    "lint:fix": "next lint --fix",
+    "generate": "prisma generate",
+    "lint": "eslint .",
+    "lint:fix": "eslint --fix .",
+    "migrate": "prisma migrate dev",
     "preview": "next build && next start",
-    "start": "node server.js",
+    "postinstall": "prisma generate",
+    "start": "node --import tsx server.js",
     "test": "vitest",
     "test:ui": "vitest --ui",
     "test:run": "vitest run",
@@ -22,76 +25,82 @@
     "typecheck": "tsc --noEmit"
   },
   "dependencies": {
-    "@prisma/client": "^6.18.0",
+    "@prisma/adapter-better-sqlite3": "^7.0.1",
+    "@prisma/client": "^7.0.1",
     "@radix-ui/react-dropdown-menu": "^2.1.16",
-    "@radix-ui/react-slot": "^1.2.3",
+    "@radix-ui/react-slot": "^1.2.4",
     "@t3-oss/env-nextjs": "^0.13.8",
     "@tailwindcss/typography": "^0.5.19",
-    "@tanstack/react-query": "^5.90.5",
-    "@trpc/client": "^11.6.0",
-    "@trpc/react-query": "^11.6.0",
-    "@trpc/server": "^11.6.0",
+    "@tanstack/react-query": "^5.90.11",
+    "@trpc/client": "^11.7.2",
+    "@trpc/react-query": "^11.7.2",
+    "@trpc/server": "^11.7.2",
     "@types/react-syntax-highlighter": "^15.5.13",
     "@types/ws": "^8.18.1",
     "@xterm/addon-fit": "^0.10.0",
     "@xterm/addon-web-links": "^0.11.0",
     "@xterm/xterm": "^5.5.0",
-    "axios": "^1.7.9",
-    "bcryptjs": "^3.0.2",
+    "axios": "^1.13.2",
+    "bcryptjs": "^3.0.3",
+    "better-sqlite3": "^12.4.6",
     "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",
-    "cron-validator": "^1.2.0",
+    "cron-validator": "^1.4.0",
     "dotenv": "^17.2.3",
     "jsonwebtoken": "^9.0.2",
-    "lucide-react": "^0.548.0",
-    "next": "^15.5.6",
-    "node-cron": "^3.0.3",
+    "lucide-react": "^0.555.0",
+    "next": "^16.0.5",
+    "node-cron": "^4.2.1",
     "node-pty": "^1.0.0",
-    "react": "^19.0.0",
-    "react-dom": "^19.0.0",
+    "react": "^19.2.0",
+    "react-dom": "^19.2.0",
     "react-markdown": "^10.1.0",
-    "react-syntax-highlighter": "^15.6.6",
+    "react-syntax-highlighter": "^16.1.0",
     "refractor": "^5.0.0",
     "remark-gfm": "^4.0.1",
     "server-only": "^0.0.1",
     "strip-ansi": "^7.1.2",
-    "superjson": "^2.2.3",
-    "tailwind-merge": "^3.3.1",
+    "superjson": "^2.2.6",
+    "tailwind-merge": "^3.4.0",
     "ws": "^8.18.3",
-    "zod": "^4.1.12"
+    "zod": "^4.1.13"
   },
   "devDependencies": {
-    "@eslint/eslintrc": "^3.3.1",
-    "@tailwindcss/postcss": "^4.1.16",
+    "@tailwindcss/postcss": "^4.1.17",
     "@testing-library/jest-dom": "^6.9.1",
     "@testing-library/react": "^16.3.0",
     "@testing-library/user-event": "^14.6.1",
     "@types/bcryptjs": "^3.0.0",
-    "@types/better-sqlite3": "^7.6.8",
+    "@types/better-sqlite3": "^7.6.13",
     "@types/jsonwebtoken": "^9.0.10",
-    "@types/node": "^24.9.1",
+    "@types/node": "^24.10.1",
     "@types/node-cron": "^3.0.11",
-    "@types/react": "^19.0.0",
-    "@types/react-dom": "^19.2.2",
-    "@vitejs/plugin-react": "^5.1.0",
-    "@vitest/coverage-v8": "^3.2.4",
-    "@vitest/ui": "^3.2.4",
-    "eslint": "^9.38.0",
-    "eslint-config-next": "^16.0.0",
-    "jsdom": "^27.0.1",
-    "postcss": "^8.5.3",
-    "prettier": "^3.5.3",
+    "@types/react": "^19.2.7",
+    "@types/react-dom": "^19.2.3",
+    "@vitejs/plugin-react": "^5.1.1",
+    "@vitest/coverage-v8": "^4.0.14",
+    "@vitest/ui": "^4.0.14",
+    "baseline-browser-mapping": "^2.8.32",
+    "eslint": "^9.39.1",
+    "eslint-config-next": "^16.0.5",
+    "jsdom": "^27.2.0",
+    "postcss": "^8.5.6",
+    "prettier": "^3.7.1",
     "prettier-plugin-tailwindcss": "^0.7.1",
-    "prisma": "^6.18.0",
-    "tailwindcss": "^4.1.16",
-    "typescript": "^5.8.2",
-    "typescript-eslint": "^8.46.2",
-    "vitest": "^3.2.4"
+    "prisma": "^7.0.1",
+    "tailwindcss": "^4.1.17",
+    "tsx": "^4.19.4",
+    "typescript": "^5.9.3",
+    "typescript-eslint": "^8.48.0",
+    "vitest": "^4.0.14"
   },
   "ct3aMetadata": {
     "initVersion": "7.39.3"
   },
   "packageManager": "npm@10.9.3",
+  "engines": {
+    "node": ">=24.0.0"
+  },
   "overrides": {
     "prismjs": "^1.30.0"
   }

prisma.config.ts

@@ -0,0 +1,20 @@
+import 'dotenv/config'
+import path from 'path'
+import { defineConfig } from 'prisma/config'
+
+// Resolve database path
+const dbPath = process.env.DATABASE_URL ?? `file:${path.join(process.cwd(), 'data', 'pve-scripts.db')}`
+
+export default defineConfig({
+  schema: 'prisma/schema.prisma',
+  datasource: {
+    url: dbPath,
+  },
+  // @ts-expect-error - Prisma 7 config types are incomplete
+  studio: {
+    adapter: async () => {
+      const { PrismaBetterSqlite3 } = await import('@prisma/adapter-better-sqlite3')
+      return new PrismaBetterSqlite3({ url: dbPath })
+    },
+  },
+})

prisma/migrations/20251113125441_add_repositories/migration.sql

@@ -0,0 +1,14 @@
+-- CreateTable
+CREATE TABLE "repositories" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "url" TEXT NOT NULL,
+    "enabled" BOOLEAN NOT NULL DEFAULT true,
+    "is_default" BOOLEAN NOT NULL DEFAULT false,
+    "is_removable" BOOLEAN NOT NULL DEFAULT true,
+    "priority" INTEGER NOT NULL DEFAULT 0,
+    "created_at" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updated_at" DATETIME NOT NULL
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "repositories_url_key" ON "repositories"("url");

prisma/migrations/20251118091618_add_backups_and_pbs_credentials/migration.sql

@@ -0,0 +1,41 @@
+-- CreateTable
+CREATE TABLE IF NOT EXISTS "backups" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "container_id" TEXT NOT NULL,
+    "server_id" INTEGER NOT NULL,
+    "hostname" TEXT NOT NULL,
+    "backup_name" TEXT NOT NULL,
+    "backup_path" TEXT NOT NULL,
+    "size" BIGINT,
+    "created_at" DATETIME,
+    "storage_name" TEXT NOT NULL,
+    "storage_type" TEXT NOT NULL,
+    "discovered_at" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    CONSTRAINT "backups_server_id_fkey" FOREIGN KEY ("server_id") REFERENCES "servers" ("id") ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE IF NOT EXISTS "pbs_storage_credentials" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "server_id" INTEGER NOT NULL,
+    "storage_name" TEXT NOT NULL,
+    "pbs_ip" TEXT NOT NULL,
+    "pbs_datastore" TEXT NOT NULL,
+    "pbs_password" TEXT NOT NULL,
+    "pbs_fingerprint" TEXT NOT NULL,
+    "created_at" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updated_at" DATETIME NOT NULL,
+    CONSTRAINT "pbs_storage_credentials_server_id_fkey" FOREIGN KEY ("server_id") REFERENCES "servers" ("id") ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+-- CreateIndex
+CREATE INDEX IF NOT EXISTS "backups_container_id_idx" ON "backups"("container_id");
+
+-- CreateIndex
+CREATE INDEX IF NOT EXISTS "backups_server_id_idx" ON "backups"("server_id");
+
+-- CreateIndex
+CREATE INDEX IF NOT EXISTS "pbs_storage_credentials_server_id_idx" ON "pbs_storage_credentials"("server_id");
+
+-- CreateIndex
+CREATE UNIQUE INDEX IF NOT EXISTS "pbs_storage_credentials_server_id_storage_name_key" ON "pbs_storage_credentials"("server_id", "storage_name");

prisma/schema.prisma

@@ -1,10 +1,10 @@
 generator client {
-  provider = "prisma-client-js"
+  provider = "prisma-client"
+  output   = "./generated/prisma"
 }
 
 datasource db {
   provider = "sqlite"
-  url      = env("DATABASE_URL")
 }
 
 model InstalledScript {
@@ -41,6 +41,8 @@ model Server {
   ssh_key_path       String?
   key_generated      Boolean?           @default(false)
   installed_scripts  InstalledScript[]
+  backups            Backup[]
+  pbs_credentials    PBSStorageCredential[]
   
   @@map("servers")
 }
@@ -95,3 +97,52 @@ model LXCConfig {
   
   @@map("lxc_configs")
 }
+
+model Backup {
+  id                Int       @id @default(autoincrement())
+  container_id      String
+  server_id         Int
+  hostname          String
+  backup_name       String
+  backup_path       String
+  size              BigInt?
+  created_at        DateTime?
+  storage_name      String
+  storage_type      String    // 'local', 'storage', or 'pbs'
+  discovered_at     DateTime  @default(now())
+  server            Server    @relation(fields: [server_id], references: [id], onDelete: Cascade)
+  
+  @@index([container_id])
+  @@index([server_id])
+  @@map("backups")
+}
+
+model PBSStorageCredential {
+  id                Int       @id @default(autoincrement())
+  server_id         Int
+  storage_name      String
+  pbs_ip            String
+  pbs_datastore     String
+  pbs_password      String
+  pbs_fingerprint   String
+  created_at        DateTime  @default(now())
+  updated_at        DateTime  @updatedAt
+  server            Server    @relation(fields: [server_id], references: [id], onDelete: Cascade)
+  
+  @@unique([server_id, storage_name])
+  @@index([server_id])
+  @@map("pbs_storage_credentials")
+}
+
+model Repository {
+  id          Int      @id @default(autoincrement())
+  url         String   @unique
+  enabled     Boolean  @default(true)
+  is_default  Boolean  @default(false)
+  is_removable Boolean @default(true)
+  priority    Int      @default(0)
+  created_at  DateTime @default(now())
+  updated_at  DateTime @updatedAt
+  
+  @@map("repositories")
+}

restore.log

@@ -0,0 +1,10 @@
+Starting restore...
+Reading container configuration...
+Stopping container...
+Destroying container...
+Logging into PBS...
+Downloading backup from PBS...
+Packing backup folder...
+Restoring container...
+Cleaning up temporary files...
+Restore completed successfully

scripts/core/api.func

@@ -0,0 +1,132 @@
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: michelroegl-brunner
+# License: MIT | https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/LICENSE
+
+post_to_api() {
+
+  if ! command -v curl &>/dev/null; then
+    return
+  fi
+
+  if [ "$DIAGNOSTICS" = "no" ]; then
+    return
+  fi
+
+  if [ -z "$RANDOM_UUID" ]; then
+    return
+  fi
+
+  local API_URL="http://api.community-scripts.org/upload"
+  local pve_version="not found"
+  pve_version=$(pveversion | awk -F'[/ ]' '{print $2}')
+
+  JSON_PAYLOAD=$(
+    cat <<EOF
+{
+    "ct_type": $CT_TYPE,
+    "type":"lxc",
+    "disk_size": $DISK_SIZE,
+    "core_count": $CORE_COUNT,
+    "ram_size": $RAM_SIZE,
+    "os_type": "$var_os",
+    "os_version": "$var_version",
+    "disableip6": "",
+    "nsapp": "$NSAPP",
+    "method": "$METHOD(PVE-Local)",
+    "pve_version": "$pve_version",
+    "status": "installing",
+    "random_id": "$RANDOM_UUID"
+}
+EOF
+  )
+
+  if [[ "$DIAGNOSTICS" == "yes" ]]; then
+    RESPONSE=$(curl -s -w "%{http_code}" -L -X POST "$API_URL" --post301 --post302 \
+      -H "Content-Type: application/json" \
+      -d "$JSON_PAYLOAD") || true
+  fi
+}
+
+post_to_api_vm() {
+
+  if [[ ! -f /usr/local/community-scripts/diagnostics ]]; then
+    return
+  fi
+  DIAGNOSTICS=$(grep -i "^DIAGNOSTICS=" /usr/local/community-scripts/diagnostics | awk -F'=' '{print $2}')
+  if ! command -v curl &>/dev/null; then
+    return
+  fi
+
+  if [ "$DIAGNOSTICS" = "no" ]; then
+    return
+  fi
+
+  if [ -z "$RANDOM_UUID" ]; then
+    return
+  fi
+
+  local API_URL="http://api.community-scripts.org/upload"
+  local pve_version="not found"
+  pve_version=$(pveversion | awk -F'[/ ]' '{print $2}')
+
+  DISK_SIZE_API=${DISK_SIZE%G}
+
+  JSON_PAYLOAD=$(
+    cat <<EOF
+{
+    "ct_type": 2,
+    "type":"vm",
+    "disk_size": $DISK_SIZE_API,
+    "core_count": $CORE_COUNT,
+    "ram_size": $RAM_SIZE,
+    "os_type": "$var_os",
+    "os_version": "$var_version",
+    "disableip6": "",
+    "nsapp": "$NSAPP",
+    "method": "$METHOD(PVE-Local)",
+    "pve_version": "$pve_version",
+    "status": "installing",
+    "random_id": "$RANDOM_UUID"
+}
+EOF
+  )
+
+  if [[ "$DIAGNOSTICS" == "yes" ]]; then
+    RESPONSE=$(curl -s -w "%{http_code}" -L -X POST "$API_URL" --post301 --post302 \
+      -H "Content-Type: application/json" \
+      -d "$JSON_PAYLOAD") || true
+  fi
+}
+
+POST_UPDATE_DONE=false
+post_update_to_api() {
+
+  if ! command -v curl &>/dev/null; then
+    return
+  fi
+
+  if [ "$POST_UPDATE_DONE" = true ]; then
+    return 0
+  fi
+  local API_URL="http://api.community-scripts.org/upload/updatestatus"
+  local status="${1:-failed}"
+  local error="${2:-No error message}"
+
+  JSON_PAYLOAD=$(
+    cat <<EOF
+{
+    "status": "$status",
+    "error": "$error",
+    "random_id": "$RANDOM_UUID"
+}
+EOF
+  )
+
+  if [[ "$DIAGNOSTICS" == "yes" ]]; then
+    RESPONSE=$(curl -s -w "%{http_code}" -L -X POST "$API_URL" --post301 --post302 \
+      -H "Content-Type: application/json" \
+      -d "$JSON_PAYLOAD") || true
+  fi
+
+  POST_UPDATE_DONE=true
+}

scripts/core/build.func

@@ -17,9 +17,9 @@ variables() {
 
 # Get absolute path to core directory
 CORE_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+source "$CORE_DIR/api.func"
 source "$CORE_DIR/core.func"
-
-
+load_functions
 # This function enables error handling in the script by setting options and defining a trap for the ERR signal.
 catch_errors() {
   set -Eeo pipefail
@@ -33,15 +33,15 @@ error_handler() {
   local line_number="$1"
   local command="$2"
   local error_message="${RD}[ERROR]${CL} in line ${RD}$line_number${CL}: exit code ${RD}$exit_code${CL}: while executing command ${YW}$command${CL}"
-  
+  post_update_to_api "failed" "${command}"
   echo -e "\n$error_message\n"
 }
 
-# Check if the shell is using bash
+# Check if the current shell is using bash
 shell_check() {
-  if [[ "$(basename "$SHELL")" != "bash" ]]; then
+  if [[ "$(ps -p $$ -o comm=)" != "bash" ]]; then
     clear
-    msg_error "Your default shell is currently not set to Bash. To use these scripts, please switch to the Bash shell."
+    msg_error "Your default shell is not bash. Please report this to our github issues or discord."
     echo -e "\nExiting..."
     sleep 2
     exit
@@ -60,7 +60,7 @@ root_check() {
 }
 
 # This function checks the version of Proxmox Virtual Environment (PVE) and exits if the version is not supported.
-# Supported: Proxmox VE 8.0.x – 8.9.x and 9.0 (NOT 9.1+)
+# Supported: Proxmox VE 8.0.x – 8.9.x, 9.0 and 9.1
 pve_check() {
   local PVE_VER
   PVE_VER="$(pveversion | awk -F'/' '{print $2}' | awk -F'-' '{print $1}')"
@@ -76,12 +76,12 @@ pve_check() {
     return 0
   fi
 
-  # Check for Proxmox VE 9.x: allow ONLY 9.0
+  # Check for Proxmox VE 9.x: allow 9.0 and 9.1
   if [[ "$PVE_VER" =~ ^9\.([0-9]+) ]]; then
     local MINOR="${BASH_REMATCH[1]}"
-    if ((MINOR != 0)); then
-      msg_error "This version of Proxmox VE is not yet supported."
-      msg_error "Supported: Proxmox VE version 9.0"
+    if ((MINOR < 0 || MINOR > 1)); then
+      msg_error "This version of Proxmox VE is not supported."
+      msg_error "Supported: Proxmox VE version 9.0 – 9.1"
       exit 1
     fi
     return 0
@@ -89,7 +89,7 @@ pve_check() {
 
   # All other unsupported versions
   msg_error "This version of Proxmox VE is not supported."
-  msg_error "Supported versions: Proxmox VE 8.0 – 8.x or 9.0"
+  msg_error "Supported versions: Proxmox VE 8.0 – 8.x or 9.0 – 9.1"
   exit 1
 }
 
@@ -439,14 +439,17 @@ advanced_settings() {
       exit_script
     fi
   done
+
   if CT_ID=$(whiptail --backtitle "Proxmox VE Helper Scripts" --inputbox "Set Container ID" 8 58 "$NEXTID" --title "CONTAINER ID" 3>&1 1>&2 2>&3); then
     if [ -z "$CT_ID" ]; then
       CT_ID="$NEXTID"
+      echo -e "${CONTAINERID}${BOLD}${DGN}Container ID: ${BGN}$CT_ID${CL}"
+    else
+      echo -e "${CONTAINERID}${BOLD}${DGN}Container ID: ${BGN}$CT_ID${CL}"
     fi
   else
     exit_script
   fi
-  echo -e "${CONTAINERID}${BOLD}${DGN}Container ID: ${BGN}$CT_ID${CL}"
 
   while true; do
     if CT_NAME=$(whiptail --backtitle "Proxmox VE Helper Scripts" --inputbox "Set Hostname" 8 58 "$NSAPP" --title "HOSTNAME" 3>&1 1>&2 2>&3); then
@@ -911,6 +914,7 @@ install_script() {
   shell_check
   root_check
   arch_check
+  #ssh_check
   maxkeys_check
   diagnostics_check
 
@@ -1045,7 +1049,6 @@ start() {
   source "$CORE_DIR/tools.func"
   if command -v pveversion >/dev/null 2>&1; then
     install_script
-    
   else
     CHOICE=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "${APP} LXC Update/Setting" --menu \
       "Support/Update functions for ${APP} LXC. Choose an option:" \
@@ -1075,7 +1078,6 @@ start() {
 
 # This function collects user settings and integrates all the collected information.
 build_container() {
-  
   #  if [ "$VERBOSE" == "yes" ]; then set -x; fi
 
   NET_STRING="-net0 name=eth0,bridge=$BRG$MAC,ip=$NET$GATE$VLAN$MTU"
@@ -1099,18 +1101,12 @@ build_container() {
   fi
 
   if [[ $DIAGNOSTICS == "yes" ]]; then
-    echo "Diagnostics enabled (post_to_api function not available)"
+    post_to_api
   fi
 
   TEMP_DIR=$(mktemp -d)
   pushd "$TEMP_DIR" >/dev/null
-  # CORE_DIR is already defined at the top of the file
-  
-  if [ "$var_os" == "alpine" ]; then
-    export FUNCTIONS_FILE_PATH="$(cat "$CORE_DIR/core.func" && echo && cat "$CORE_DIR/tools.func" && echo && cat "$CORE_DIR/alpine-install.func")"
-  else
-    export FUNCTIONS_FILE_PATH="$(cat "$CORE_DIR/core.func" && echo && cat "$CORE_DIR/tools.func" && echo && cat "$CORE_DIR/install.func")"
-  fi
+
 
   export DIAGNOSTICS="$DIAGNOSTICS"
   export RANDOM_UUID="$RANDOM_UUID"
@@ -1130,21 +1126,10 @@ build_container() {
   export PCT_OSTYPE="$var_os"
   export PCT_OSVERSION="$var_version"
   export PCT_DISK_SIZE="$DISK_SIZE"
-  export PCT_OPTIONS="
-    -features $FEATURES
-    -hostname $HN
-    -tags $TAGS
-    $SD
-    $NS
-    $NET_STRING
-    -onboot 1
-    -cores $CORE_COUNT
-    -memory $RAM_SIZE
-    -unprivileged $CT_TYPE
-    $PW
-  "
+  export PCT_OPTIONS="-features $FEATURES -hostname $HN -tags $TAGS $SD $NS $NET_STRING -onboot 1 -cores $CORE_COUNT -memory $RAM_SIZE -unprivileged $CT_TYPE $PW"
   # This executes create_lxc.sh and creates the container and .conf file
-  bash "$CORE_DIR/create_lxc.sh" $?
+  bash "$CORE_DIR/create_lxc.sh"
+
 
   LXC_CONFIG="/etc/pve/lxc/${CTID}.conf"
 
@@ -1337,8 +1322,64 @@ EOF'
   fi
   msg_ok "Customized LXC Container"
 
+  if [ "$var_os" == "alpine" ]; then
+    FUNCTIONS_FILE_PATH="$(cat "$CORE_DIR/core.func" && echo && cat "$CORE_DIR/tools.func"  && echo && cat "$CORE_DIR/api.func" && echo && cat "$CORE_DIR/alpine-install.func")"
+  else
+    FUNCTIONS_FILE_PATH="$(cat "$CORE_DIR/core.func" && echo && cat "$CORE_DIR/tools.func" && echo && cat "$CORE_DIR/api.func" && echo && cat "$CORE_DIR/install.func")"
+  fi
   
-  lxc-attach -n "$CTID" -- bash -c "$(cat "$(dirname "$CORE_DIR")/install/${var_install}.sh")"
+  FUNCTIONS_FILE="/tmp/functions.sh"
+  echo "$FUNCTIONS_FILE_PATH" | pct exec "$CTID" -- bash -c "cat > $FUNCTIONS_FILE"
+  
+  pct exec "$CTID" -- test -f "$FUNCTIONS_FILE" || {
+    msg_error "Failed to write functions file to container"
+    exit 1
+  }  
+ 
+  INSTALL_SCRIPT_PATH="$(dirname "$CORE_DIR")/install/${var_install}.sh"
+  INSTALL_SCRIPT_CONTENT=$(cat "$INSTALL_SCRIPT_PATH")
+  
+  # Replace the old pattern: source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+  # with direct file source: source "/tmp/functions.sh"
+  # Use sed with a simpler pattern that matches the exact line
+  MODIFIED_INSTALL_SCRIPT=$(echo "$INSTALL_SCRIPT_CONTENT" | \
+    sed "s|source /dev/stdin <<<\"\$FUNCTIONS_FILE_PATH\"|source \"$FUNCTIONS_FILE\"|")
+  
+  # Verify replacement worked - if not, force add the source line
+  if ! echo "$MODIFIED_INSTALL_SCRIPT" | grep -q "source \"$FUNCTIONS_FILE\""; then
+    # If replacement didn't work, add source line after the last comment
+    MODIFIED_INSTALL_SCRIPT=$(echo "$MODIFIED_INSTALL_SCRIPT" | \
+      awk -v func_file="$FUNCTIONS_FILE" '
+      BEGIN { replaced = 0 }
+      {
+        if (/source.*dev\/stdin/ || /source.*FUNCTIONS_FILE_PATH/) {
+          print "source \"" func_file "\""
+          replaced = 1
+          next
+        }
+        if (!replaced && /^#/ && !/^#!/) {
+          print
+          next
+        }
+        if (!replaced && !/^#!/ && !/^#/) {
+          print "source \"" func_file "\""
+          replaced = 1
+        }
+        print
+      }
+      END {
+        if (!replaced) {
+          print "source \"" func_file "\""
+        }
+      }')
+  fi
+  
+  # Write the modified script to a file in the container and execute it
+  INSTALL_SCRIPT_FILE="/tmp/install_script.sh"
+  echo "$MODIFIED_INSTALL_SCRIPT" | pct exec "$CTID" -- bash -c "cat > $INSTALL_SCRIPT_FILE"
+  pct exec "$CTID" -- chmod +x "$INSTALL_SCRIPT_FILE"
+  
+  lxc-attach -n "$CTID" -- bash "$INSTALL_SCRIPT_FILE"
 }
 
 # This function sets the description of the container.
@@ -1383,6 +1424,37 @@ EOF
   if [[ -f /etc/systemd/system/ping-instances.service ]]; then
     systemctl start ping-instances.service
   fi
+
+  post_update_to_api "done" "none"
 }
 
+api_exit_script() {
+  exit_code=$? # Capture the exit status of the last executed command
+  #200 exit codes indicate error in create_lxc.sh
+  #100 exit codes indicate error in install.func
 
+  if [ $exit_code -ne 0 ]; then
+    case $exit_code in
+    100) post_update_to_api "failed" "100: Unexpected error in create_lxc.sh" ;;
+    101) post_update_to_api "failed" "101: No network connection detected in create_lxc.sh" ;;
+    200) post_update_to_api "failed" "200: LXC creation failed in create_lxc.sh" ;;
+    201) post_update_to_api "failed" "201: Invalid Storage class in create_lxc.sh" ;;
+    202) post_update_to_api "failed" "202: User aborted menu in create_lxc.sh" ;;
+    203) post_update_to_api "failed" "203: CTID not set in create_lxc.sh" ;;
+    204) post_update_to_api "failed" "204: PCT_OSTYPE not set in create_lxc.sh" ;;
+    205) post_update_to_api "failed" "205: CTID cannot be less than 100 in create_lxc.sh" ;;
+    206) post_update_to_api "failed" "206: CTID already in use in create_lxc.sh" ;;
+    207) post_update_to_api "failed" "207: Template not found in create_lxc.sh" ;;
+    208) post_update_to_api "failed" "208: Error downloading template in create_lxc.sh" ;;
+    209) post_update_to_api "failed" "209: Container creation failed, but template is intact in create_lxc.sh" ;;
+    *) post_update_to_api "failed" "Unknown error, exit code: $exit_code in create_lxc.sh" ;;
+    esac
+  fi
+}
+
+if command -v pveversion >/dev/null 2>&1; then
+  trap 'api_exit_script' EXIT
+fi
+trap 'post_update_to_api "failed" "$BASH_COMMAND"' ERR
+trap 'post_update_to_api "failed" "INTERRUPTED"' SIGINT
+trap 'post_update_to_api "failed" "TERMINATED"' SIGTERM

scripts/core/core.func

@@ -368,6 +368,51 @@ run_container_safe() {
   " || __handle_general_error "lxc-attach to CT $ct"
 }
 
+cleanup_lxc() {
+  msg_info "Cleaning up"
+
+  if is_alpine; then
+    $STD apk cache clean || true
+    rm -rf /var/cache/apk/*
+  else
+    $STD apt -y autoremove || true
+    $STD apt -y autoclean || true
+    $STD apt -y clean || true
+  fi
+
+  # Clear temp artifacts (keep sockets/FIFOs; ignore errors)
+  find /tmp /var/tmp -type f -name 'tmp*' -delete 2>/dev/null || true
+  find /tmp /var/tmp -type f -name 'tempfile*' -delete 2>/dev/null || true
+
+  # Truncate writable log files silently (permission errors ignored)
+  if command -v truncate >/dev/null 2>&1; then
+    find /var/log -type f -writable -print0 2>/dev/null |
+      xargs -0 -n1 truncate -s 0 2>/dev/null || true
+  fi
+
+  # Python pip
+  if command -v pip &>/dev/null; then $STD pip cache purge || true; fi
+  # Node.js npm
+  if command -v npm &>/dev/null; then $STD npm cache clean --force || true; fi
+  # Node.js yarn
+  if command -v yarn &>/dev/null; then $STD yarn cache clean || true; fi
+  # Node.js pnpm
+  if command -v pnpm &>/dev/null; then $STD pnpm store prune || true; fi
+  # Go
+  if command -v go &>/dev/null; then $STD go clean -cache -modcache || true; fi
+  # Rust cargo
+  if command -v cargo &>/dev/null; then $STD cargo clean || true; fi
+  # Ruby gem
+  if command -v gem &>/dev/null; then $STD gem cleanup || true; fi
+  # Composer (PHP)
+  if command -v composer &>/dev/null; then $STD composer clear-cache || true; fi
+
+  if command -v journalctl &>/dev/null; then
+    $STD journalctl --vacuum-time=10m || true
+  fi
+  msg_ok "Cleaned"
+}
+
 check_or_create_swap() {
   msg_info "Checking for active swap"
 
@@ -409,4 +454,4 @@ check_or_create_swap() {
 trap 'stop_spinner' EXIT INT TERM
 
 # Initialize functions when core.func is sourced
-load_functions
+load_functions

scripts/core/tools.func

@@ -72,15 +72,23 @@ stop_all_services() {
   local service_patterns=("$@")
 
   for pattern in "${service_patterns[@]}"; do
-    # Find all matching services
-    systemctl list-units --type=service --all 2>/dev/null |
-      grep -oE "${pattern}[^ ]*\.service" |
-      sort -u |
-      while read -r service; do
+    # Find all matching services (use || true to avoid pipeline failures)
+    local services
+    services=$(systemctl list-units --type=service --all 2>/dev/null |
+      grep -oE "${pattern}[^ ]*\.service" 2>/dev/null |
+      sort -u 2>/dev/null || true)
+
+    # Only process if we found any services
+    if [[ -n "$services" ]]; then
+      while IFS= read -r service; do
+        [[ -z "$service" ]] && continue
         $STD systemctl stop "$service" 2>/dev/null || true
         $STD systemctl disable "$service" 2>/dev/null || true
-      done
+      done <<<"$services"
+    fi
   done
+
+  return 0
 }
 
 # ------------------------------------------------------------------------------
@@ -1198,65 +1206,49 @@ ensure_apt_working() {
 }
 
 # ------------------------------------------------------------------------------
-# Standardized deb822 repository setup
-# Validates all parameters and fails safely if any are empty
+# Standardized deb822 repository setup (with optional Architectures)
+# Always runs apt update after repo creation to ensure package availability
 # ------------------------------------------------------------------------------
 setup_deb822_repo() {
   local name="$1"
   local gpg_url="$2"
   local repo_url="$3"
   local suite="$4"
-  local component="${5:-main}"
-  local architectures="${6:-$(dpkg --print-architecture)}"
+  local component="${5-main}"
+  local architectures="${6-}" # optional
 
   # Validate required parameters
   if [[ -z "$name" || -z "$gpg_url" || -z "$repo_url" || -z "$suite" ]]; then
-    msg_error "setup_deb822_repo: missing required parameters (name=$name, gpg=$gpg_url, repo=$repo_url, suite=$suite)"
+    msg_error "setup_deb822_repo: missing required parameters (name=$name repo=$repo_url suite=$suite)"
     return 1
   fi
 
-  # Cleanup old configs for this app
+  # Cleanup
   cleanup_old_repo_files "$name"
-
-  # Cleanup any orphaned .sources files from other apps
   cleanup_orphaned_sources
 
-  # Ensure keyring directory exists
   mkdir -p /etc/apt/keyrings || {
-    msg_error "Failed to create /etc/apt/keyrings directory"
+    msg_error "Failed to create /etc/apt/keyrings"
     return 1
   }
 
-  # Download GPG key (with --yes to avoid interactive prompts)
-  curl -fsSL "$gpg_url" | gpg --dearmor --yes -o "/etc/apt/keyrings/${name}.gpg" 2>/dev/null || {
-    msg_error "Failed to download or import GPG key for ${name} from $gpg_url"
+  # Import GPG
+  curl -fsSL "$gpg_url" | gpg --dearmor --yes -o "/etc/apt/keyrings/${name}.gpg" || {
+    msg_error "Failed to import GPG key for ${name}"
     return 1
   }
 
-  # Create deb822 sources file
-  cat <<EOF >/etc/apt/sources.list.d/${name}.sources
-Types: deb
-URIs: $repo_url
-Suites: $suite
-Components: $component
-Architectures: $architectures
-Signed-By: /etc/apt/keyrings/${name}.gpg
-EOF
+  # Write deb822
+  {
+    echo "Types: deb"
+    echo "URIs: $repo_url"
+    echo "Suites: $suite"
+    echo "Components: $component"
+    [[ -n "$architectures" ]] && echo "Architectures: $architectures"
+    echo "Signed-By: /etc/apt/keyrings/${name}.gpg"
+  } >/etc/apt/sources.list.d/${name}.sources
 
-  # Use cached apt update
-  local apt_cache_file="/var/cache/apt-update-timestamp"
-  local current_time=$(date +%s)
-  local last_update=0
-
-  if [[ -f "$apt_cache_file" ]]; then
-    last_update=$(cat "$apt_cache_file" 2>/dev/null || echo 0)
-  fi
-
-  # For repo changes, always update but respect short-term cache (30s)
-  if ((current_time - last_update > 30)); then
-    $STD apt update
-    echo "$current_time" >"$apt_cache_file"
-  fi
+  $STD apt update
 }
 
 # ------------------------------------------------------------------------------
@@ -1415,7 +1407,7 @@ verify_gpg_fingerprint() {
 }
 
 # ==============================================================================
-# EXISTING FUNCTIONS
+# INSTALL FUNCTIONS
 # ==============================================================================
 
 # ------------------------------------------------------------------------------
@@ -1517,7 +1509,7 @@ check_for_gh_release() {
       return 0
     fi
 
-    msg_error "No update available: ${app} is not installed!"
+    msg_ok "No update available: ${app} is already on pinned version (${current})"
     return 1
   fi
 
@@ -2795,8 +2787,9 @@ function setup_java() {
   fi
 
   # Validate INSTALLED_VERSION is not empty if matched
-  local JDK_COUNT=$(dpkg -l 2>/dev/null | grep -c "temurin-.*-jdk" || echo "0")
-  if [[ -z "$INSTALLED_VERSION" && "$JDK_COUNT" -gt 0 ]]; then
+  local JDK_COUNT=0
+  JDK_COUNT=$(dpkg -l 2>/dev/null | grep -c "temurin-.*-jdk")
+  if [[ -z "$INSTALLED_VERSION" && "${JDK_COUNT:-0}" -gt 0 ]]; then
     msg_warn "Found Temurin JDK but cannot determine version"
     INSTALLED_VERSION="0"
   fi
@@ -3060,6 +3053,85 @@ setup_mariadb() {
   msg_ok "Setup MariaDB $MARIADB_VERSION"
 }
 
+# ------------------------------------------------------------------------------
+# Creates MariaDB database with user, charset and optional extra grants/modes
+#
+# Description:
+#   - Generates password if empty
+#   - Creates database with utf8mb4_unicode_ci
+#   - Creates local user with password
+#   - Grants full access to this DB
+#   - Optional: apply extra GRANT statements (comma-separated)
+#   - Optional: apply custom GLOBAL sql_mode
+#   - Saves credentials to file
+#   - Exports variables for use in calling script
+#
+# Usage:
+#   MARIADB_DB_NAME="myapp_db" MARIADB_DB_USER="myapp_user" setup_mariadb_db
+#   MARIADB_DB_NAME="domain_monitor" MARIADB_DB_USER="domainmonitor" setup_mariadb_db
+#   MARIADB_DB_NAME="myapp" MARIADB_DB_USER="myapp" MARIADB_DB_EXTRA_GRANTS="GRANT SELECT ON \`mysql\`.\`time_zone_name\`" setup_mariadb_db
+#   MARIADB_DB_NAME="ghostfolio" MARIADB_DB_USER="ghostfolio" MARIADB_DB_SQL_MODE="" setup_mariadb_db
+#
+# Variables:
+#   MARIADB_DB_NAME         - Database name (required)
+#   MARIADB_DB_USER         - Database user (required)
+#   MARIADB_DB_PASS         - User password (optional, auto-generated if empty)
+#   MARIADB_DB_EXTRA_GRANTS - Comma-separated GRANT statements (optional)
+#                             Example: "GRANT SELECT ON \`mysql\`.\`time_zone_name\`"
+#   MARIADB_DB_SQL_MODE     - Optional global sql_mode override (e.g. "", "STRICT_TRANS_TABLES")
+#   MARIADB_DB_CREDS_FILE   - Credentials file path (optional, default: ~/${APPLICATION}.creds)
+#
+# Exports:
+#   MARIADB_DB_NAME, MARIADB_DB_USER, MARIADB_DB_PASS
+# ------------------------------------------------------------------------------
+
+function setup_mariadb_db() {
+  if [[ -z "${MARIADB_DB_NAME:-}" || -z "${MARIADB_DB_USER:-}" ]]; then
+    msg_error "MARIADB_DB_NAME and MARIADB_DB_USER must be set before calling setup_mariadb_db"
+    return 1
+  fi
+
+  if [[ -z "${MARIADB_DB_PASS:-}" ]]; then
+    MARIADB_DB_PASS=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | head -c13)
+  fi
+
+  msg_info "Setting up MariaDB Database"
+
+  $STD mariadb -u root -e "CREATE DATABASE \`$MARIADB_DB_NAME\` CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
+  $STD mariadb -u root -e "CREATE USER '$MARIADB_DB_USER'@'localhost' IDENTIFIED BY '$MARIADB_DB_PASS';"
+  $STD mariadb -u root -e "GRANT ALL ON \`$MARIADB_DB_NAME\`.* TO '$MARIADB_DB_USER'@'localhost';"
+
+  # Optional extra grants
+  if [[ -n "${MARIADB_DB_EXTRA_GRANTS:-}" ]]; then
+    IFS=',' read -ra G_LIST <<<"${MARIADB_DB_EXTRA_GRANTS:-}"
+    for g in "${G_LIST[@]}"; do
+      g=$(echo "$g" | xargs)
+      $STD mariadb -u root -e "$g TO '$MARIADB_DB_USER'@'localhost';"
+    done
+  fi
+
+  # Optional sql_mode override
+  if [[ -n "${MARIADB_DB_SQL_MODE:-}" ]]; then
+    $STD mariadb -u root -e "SET GLOBAL sql_mode='${MARIADB_DB_SQL_MODE:-}';"
+  fi
+
+  $STD mariadb -u root -e "FLUSH PRIVILEGES;"
+
+  local CREDS_FILE="${MARIADB_DB_CREDS_FILE:-${HOME}/${APPLICATION}.creds}"
+  {
+    echo "MariaDB Credentials"
+    echo "Database: $MARIADB_DB_NAME"
+    echo "User: $MARIADB_DB_USER"
+    echo "Password: $MARIADB_DB_PASS"
+  } >>"$CREDS_FILE"
+
+  msg_ok "Set up MariaDB Database"
+
+  export MARIADB_DB_NAME
+  export MARIADB_DB_USER
+  export MARIADB_DB_PASS
+}
+
 # ------------------------------------------------------------------------------
 # Installs or updates MongoDB to specified major version.
 #
@@ -3819,6 +3891,103 @@ function setup_postgresql() {
   fi
 }
 
+# ------------------------------------------------------------------------------
+# Creates PostgreSQL database with user and optional extensions
+#
+# Description:
+#   - Creates PostgreSQL role with login and password
+#   - Creates database with UTF8 encoding and template0
+#   - Installs optional extensions (postgis, pgvector, etc.)
+#   - Configures ALTER ROLE settings for Django/Rails compatibility
+#   - Saves credentials to file
+#   - Exports variables for use in calling script
+#
+# Usage:
+#   PG_DB_NAME="myapp_db" PG_DB_USER="myapp_user" setup_postgresql_db
+#   PG_DB_NAME="immich" PG_DB_USER="immich" PG_DB_EXTENSIONS="pgvector" setup_postgresql_db
+#   PG_DB_NAME="ghostfolio" PG_DB_USER="ghostfolio" PG_DB_GRANT_SUPERUSER="true" setup_postgresql_db
+#   PG_DB_NAME="adventurelog" PG_DB_USER="adventurelog" PG_DB_EXTENSIONS="postgis" setup_postgresql_db
+#
+# Variables:
+#   PG_DB_NAME             - Database name (required)
+#   PG_DB_USER             - Database user (required)
+#   PG_DB_PASS             - Database password (optional, auto-generated if empty)
+#   PG_DB_EXTENSIONS       - Comma-separated list of extensions (optional, e.g. "postgis,pgvector")
+#   PG_DB_GRANT_SUPERUSER  - Grant SUPERUSER privilege (optional, "true" to enable, security risk!)
+#   PG_DB_SCHEMA_PERMS     - Grant schema-level permissions (optional, "true" to enable)
+#   PG_DB_SKIP_ALTER_ROLE  - Skip ALTER ROLE settings (optional, "true" to skip)
+#   PG_DB_CREDS_FILE       - Credentials file path (optional, default: ~/${APPLICATION}.creds)
+#
+# Exports:
+#   PG_DB_NAME, PG_DB_USER, PG_DB_PASS - For use in calling script
+# ------------------------------------------------------------------------------
+
+function setup_postgresql_db() {
+  # Validation
+  if [[ -z "${PG_DB_NAME:-}" || -z "${PG_DB_USER:-}" ]]; then
+    msg_error "PG_DB_NAME and PG_DB_USER must be set before calling setup_postgresql_db"
+    return 1
+  fi
+
+  # Generate password if not provided
+  if [[ -z "${PG_DB_PASS:-}" ]]; then
+    PG_DB_PASS=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | head -c13)
+  fi
+
+  msg_info "Setting up PostgreSQL Database"
+  $STD sudo -u postgres psql -c "CREATE ROLE $PG_DB_USER WITH LOGIN PASSWORD '$PG_DB_PASS';"
+  $STD sudo -u postgres psql -c "CREATE DATABASE $PG_DB_NAME WITH OWNER $PG_DB_USER ENCODING 'UTF8' TEMPLATE template0;"
+
+  # Install extensions (comma-separated)
+  if [[ -n "${PG_DB_EXTENSIONS:-}" ]]; then
+    IFS=',' read -ra EXT_LIST <<<"${PG_DB_EXTENSIONS:-}"
+    for ext in "${EXT_LIST[@]}"; do
+      ext=$(echo "$ext" | xargs) # Trim whitespace
+      $STD sudo -u postgres psql -d "$PG_DB_NAME" -c "CREATE EXTENSION IF NOT EXISTS $ext;"
+    done
+  fi
+
+  # ALTER ROLE settings for Django/Rails compatibility (unless skipped)
+  if [[ "${PG_DB_SKIP_ALTER_ROLE:-}" != "true" ]]; then
+    $STD sudo -u postgres psql -c "ALTER ROLE $PG_DB_USER SET client_encoding TO 'utf8';"
+    $STD sudo -u postgres psql -c "ALTER ROLE $PG_DB_USER SET default_transaction_isolation TO 'read committed';"
+    $STD sudo -u postgres psql -c "ALTER ROLE $PG_DB_USER SET timezone TO 'UTC';"
+  fi
+
+  # Schema permissions (if requested)
+  if [[ "${PG_DB_SCHEMA_PERMS:-}" == "true" ]]; then
+    $STD sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE $PG_DB_NAME TO $PG_DB_USER;"
+    $STD sudo -u postgres psql -c "ALTER USER $PG_DB_USER CREATEDB;"
+    $STD sudo -u postgres psql -d "$PG_DB_NAME" -c "GRANT ALL ON SCHEMA public TO $PG_DB_USER;"
+    $STD sudo -u postgres psql -d "$PG_DB_NAME" -c "GRANT CREATE ON SCHEMA public TO $PG_DB_USER;"
+    $STD sudo -u postgres psql -d "$PG_DB_NAME" -c "ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO $PG_DB_USER;"
+    $STD sudo -u postgres psql -d "$PG_DB_NAME" -c "ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON SEQUENCES TO $PG_DB_USER;"
+  fi
+
+  # Superuser grant (if requested - WARNING!)
+  if [[ "${PG_DB_GRANT_SUPERUSER:-}" == "true" ]]; then
+    msg_warn "Granting SUPERUSER privilege (security risk!)"
+    $STD sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE $PG_DB_NAME to $PG_DB_USER;"
+    $STD sudo -u postgres psql -c "ALTER USER $PG_DB_USER WITH SUPERUSER;"
+  fi
+
+  # Save credentials
+  local CREDS_FILE="${PG_DB_CREDS_FILE:-${HOME}/${APPLICATION}.creds}"
+  {
+    echo "PostgreSQL Credentials"
+    echo "Database: $PG_DB_NAME"
+    echo "User: $PG_DB_USER"
+    echo "Password: $PG_DB_PASS"
+  } >>"$CREDS_FILE"
+
+  msg_ok "Set up PostgreSQL Database"
+
+  # Export for use in calling script
+  export PG_DB_NAME
+  export PG_DB_USER
+  export PG_DB_PASS
+}
+
 # ------------------------------------------------------------------------------
 # Installs rbenv and ruby-build, installs Ruby and optionally Rails.
 #
@@ -4172,31 +4341,63 @@ function setup_rust() {
     }
     export PATH="$CARGO_BIN:$PATH"
     echo 'export PATH="$HOME/.cargo/bin:$PATH"' >>"$HOME/.profile"
+
+    # Verify installation
+    if ! command -v rustc >/dev/null 2>&1; then
+      msg_error "Rust binary not found after installation"
+      return 1
+    fi
+
     local RUST_VERSION=$(rustc --version 2>/dev/null | awk '{print $2}')
+    if [[ -z "$RUST_VERSION" ]]; then
+      msg_error "Failed to determine Rust version"
+      return 1
+    fi
+
     cache_installed_version "rust" "$RUST_VERSION"
     msg_ok "Setup Rust $RUST_VERSION"
   else
     # Scenario 2: Rustup already installed - update/maintain
     msg_info "Update Rust ($RUST_TOOLCHAIN)"
-    $STD rustup install "$RUST_TOOLCHAIN" || {
-      msg_error "Failed to install Rust toolchain $RUST_TOOLCHAIN"
-      return 1
-    }
-    $STD rustup default "$RUST_TOOLCHAIN" || {
-      msg_error "Failed to set default Rust toolchain"
-      return 1
+
+    # Ensure default toolchain is set
+    $STD rustup default "$RUST_TOOLCHAIN" 2>/dev/null || {
+      # If default fails, install the toolchain first
+      $STD rustup install "$RUST_TOOLCHAIN" || {
+        msg_error "Failed to install Rust toolchain $RUST_TOOLCHAIN"
+        return 1
+      }
+      $STD rustup default "$RUST_TOOLCHAIN" || {
+        msg_error "Failed to set default Rust toolchain"
+        return 1
+      }
     }
+
+    # Update to latest patch version
     $STD rustup update "$RUST_TOOLCHAIN" || true
+
+    # Ensure PATH is updated for current shell session
+    export PATH="$CARGO_BIN:$PATH"
+
     local RUST_VERSION=$(rustc --version 2>/dev/null | awk '{print $2}')
+    if [[ -z "$RUST_VERSION" ]]; then
+      msg_error "Failed to determine Rust version after update"
+      return 1
+    fi
+
     cache_installed_version "rust" "$RUST_VERSION"
     msg_ok "Update Rust $RUST_VERSION"
   fi
 
   # Install global crates
   if [[ -n "$RUST_CRATES" ]]; then
+    msg_info "Processing Rust crates: $RUST_CRATES"
     IFS=',' read -ra CRATES <<<"$RUST_CRATES"
     for crate in "${CRATES[@]}"; do
-      local NAME VER INSTALLED_VER
+      crate=$(echo "$crate" | xargs) # trim whitespace
+      [[ -z "$crate" ]] && continue  # skip empty entries
+
+      local NAME VER INSTALLED_VER CRATE_LIST
       if [[ "$crate" == *"@"* ]]; then
         NAME="${crate%@*}"
         VER="${crate##*@}"
@@ -4205,18 +4406,50 @@ function setup_rust() {
         VER=""
       fi
 
-      INSTALLED_VER=$(cargo install --list 2>/dev/null | awk "/^$NAME v[0-9]/ {print \$2}" | tr -d 'v')
+      # Get list of installed crates once
+      CRATE_LIST=$(cargo install --list 2>/dev/null || echo "")
+
+      # Check if already installed
+      if echo "$CRATE_LIST" | grep -q "^${NAME} "; then
+        INSTALLED_VER=$(echo "$CRATE_LIST" | grep "^${NAME} " | head -1 | awk '{print $2}' | tr -d 'v:')
 
-      if [[ -n "$INSTALLED_VER" ]]; then
         if [[ -n "$VER" && "$VER" != "$INSTALLED_VER" ]]; then
-          $STD cargo install "$NAME" --version "$VER" --force
+          msg_info "Upgrading $NAME from v$INSTALLED_VER to v$VER"
+          $STD cargo install "$NAME" --version "$VER" --force || {
+            msg_error "Failed to install $NAME@$VER"
+            return 1
+          }
+          msg_ok "Upgraded $NAME to v$VER"
         elif [[ -z "$VER" ]]; then
-          $STD cargo install "$NAME" --force
+          msg_info "Upgrading $NAME to latest"
+          $STD cargo install "$NAME" --force || {
+            msg_error "Failed to upgrade $NAME"
+            return 1
+          }
+          local NEW_VER=$(cargo install --list 2>/dev/null | grep "^${NAME} " | head -1 | awk '{print $2}' | tr -d 'v:')
+          msg_ok "Upgraded $NAME to v$NEW_VER"
+        else
+          msg_ok "$NAME v$INSTALLED_VER already installed"
         fi
       else
-        $STD cargo install "$NAME" ${VER:+--version "$VER"}
+        msg_info "Installing $NAME${VER:+@$VER}"
+        if [[ -n "$VER" ]]; then
+          $STD cargo install "$NAME" --version "$VER" || {
+            msg_error "Failed to install $NAME@$VER"
+            return 1
+          }
+          msg_ok "Installed $NAME v$VER"
+        else
+          $STD cargo install "$NAME" || {
+            msg_error "Failed to install $NAME"
+            return 1
+          }
+          local NEW_VER=$(cargo install --list 2>/dev/null | grep "^${NAME} " | head -1 | awk '{print $2}' | tr -d 'v:')
+          msg_ok "Installed $NAME v$NEW_VER"
+        fi
       fi
     done
+    msg_ok "Processed Rust crates"
   fi
 }
 
@@ -4353,7 +4586,9 @@ function setup_uv() {
 
   # Optional: Generate shell completions
   $STD uv generate-shell-completion bash >/etc/bash_completion.d/uv 2>/dev/null || true
-  $STD uv generate-shell-completion zsh >/usr/share/zsh/site-functions/_uv 2>/dev/null || true
+  if [[ -d /usr/share/zsh/site-functions ]]; then
+    $STD uv generate-shell-completion zsh >/usr/share/zsh/site-functions/_uv 2>/dev/null || true
+  fi
 
   # Optional: Install specific Python version if requested
   if [[ -n "${PYTHON_VERSION:-}" ]]; then
@@ -4466,4 +4701,4 @@ function setup_yq() {
   FINAL_VERSION=$("$BINARY_PATH" --version 2>/dev/null | awk '{print $NF}' | sed 's/^v//')
   cache_installed_version "yq" "$FINAL_VERSION"
   msg_ok "Setup yq $FINAL_VERSION"
-}
+}

scripts/json/2fauth.json

@@ -1,44 +0,0 @@
-{
-  "name": "2FAuth",
-  "slug": "2fauth",
-  "categories": [
-    6
-  ],
-  "date_created": "2024-12-20",
-  "type": "ct",
-  "updateable": true,
-  "privileged": false,
-  "interface_port": 80,
-  "documentation": "https://docs.2fauth.app/",
-  "website": "https://2fauth.app/",
-  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons/webp/2fauth.webp",
-  "config_path": "cat /opt/2fauth/.env",
-  "description": "2FAuth is a web based self-hosted alternative to One Time Passcode (OTP) generators like Google Authenticator, designed for both mobile and desktop. It aims to ease you perform your 2FA authentication steps whatever the device you handle, with a clean and suitable interface.",
-  "install_methods": [
-    {
-      "type": "default",
-      "script": "ct/2fauth.sh",
-      "resources": {
-        "cpu": 1,
-        "ram": 512,
-        "hdd": 2,
-        "os": "debian",
-        "version": "13"
-      }
-    }
-  ],
-  "default_credentials": {
-    "username": null,
-    "password": null
-  },
-  "notes": [
-    {
-      "text": "Database credentials: `cat ~/2FAuth.creds`",
-      "type": "info"
-    },
-    {
-      "text": "The very first account created is automatically set up as an administrator account.",
-      "type": "info"
-    }
-  ]
-}

scripts/json/actualbudget.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/add-iptag.json

@@ -48,5 +48,6 @@
       "text": "You can execute the ip tool manually with `iptag-run`",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/add-netbird-lxc.json

@@ -44,5 +44,6 @@
       "text": "The script only works in Debian/Ubuntu, not in Alpine!",
       "type": "warning"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/add-tailscale-lxc.json

@@ -40,5 +40,6 @@
       "text": "Execute within the Proxmox host shell",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/adguard.json

@@ -47,5 +47,6 @@
       "text": "AdGuard Home can only be updated via the user interface.",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/adventurelog.json

@@ -40,5 +40,6 @@
       "text": "Use `cat ~/adventurelog.creds` to see login credentials.",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/agentdvr.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/all-templates.json

@@ -36,5 +36,6 @@
       "text": "Resource and network settings are adjustable post LXC creation.",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/alpine-it-tools.json

@@ -42,5 +42,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/alpine-redlib.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/alpine-tinyauth.json

@@ -47,5 +47,6 @@
       "text": "The default credentials are located in `/opt/tinyauth/credentials.txt`.",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/alpine.json

@@ -36,5 +36,6 @@
       "text": "To Update Alpine: `apk -U upgrade`",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/apache-cassandra.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/apache-couchdb.json

@@ -36,5 +36,6 @@
       "text": "Show Login Credentials: `cat CouchDB.creds`",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/apache-guacamole.json

@@ -31,5 +31,6 @@
     "username": "guacadmin",
     "password": "guacadmin"
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/apache-tika.json

@@ -36,5 +36,6 @@
       "text": "Configuration file is not created at install time. Example is at: `https://cwiki.apache.org/confluence/display/TIKA/TikaServer+in+Tika+2.x`",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/apache-tomcat.json

@@ -36,5 +36,6 @@
       "text": "User can select which Adoptium JDK should be used for the selected Tomcat version (9, 10.1 or 11). ",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/apt-cacher-ng.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/archivebox.json

@@ -31,5 +31,6 @@
     "username": "archivebox",
     "password": "helper-scripts.com"
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/archlinux-vm.json

@@ -36,5 +36,6 @@
       "text": "doesnt work with lvm and lvmthin disks!",
       "type": "warning"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/argus.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/aria2.json

@@ -36,5 +36,6 @@
       "text": "Within the LXC console, run `cat rpc.secret` to display the rpc-secret. Copy this token and paste it into the Aria2 RPC Secret Token box within the AriaNG Settings. Then, click the reload AriaNG button.",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/asterisk.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/audiobookshelf.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/authelia.json

@@ -36,5 +36,6 @@
       "text": "During installation, you will have to input your domain (ex. domain.com). Authelia will use auth.domain.com",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/autobrr.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/autocaliweb.json

@@ -31,5 +31,6 @@
     "username": "admin",
     "password": "admin123"
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/babybuddy.json

@@ -36,5 +36,6 @@
       "text": "for private SSL setup visit: `https://github.com/babybuddy/babybuddy/blob/master/docs/setup/ssl.md`",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/backrest.json

@@ -36,5 +36,6 @@
       "type": "info",
       "text": "`cat ~/.ssh/id_ed25519.pub` to view ssh public key. This key is used to authenticate with sftp targets. You can add this key on the sftp server."
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/baikal.json

@@ -31,5 +31,6 @@
     "username": "Admin",
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/bar-assistant.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/barcode-buddy.json

@@ -36,5 +36,6 @@
       "text": "After install enable the option \"Use Redis cache\" on the settings page.",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/bazarr.json

@@ -23,7 +23,7 @@
         "ram": 1024,
         "hdd": 4,
         "os": "debian",
-        "version": "12"
+        "version": "13"
       }
     }
   ],
@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/beszel.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/bitmagnet.json

@@ -47,5 +47,6 @@
       "text": "During installation you will be asked to enter your TMDB API key, if you wanna use it. Make sure you have it ready.",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/blocky.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/booklore.json

@@ -36,5 +36,6 @@
       "text": "Starting Booklore (Web UI) may take up to 2 minutes after a restart or fresh installation.",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/bookstack.json

@@ -36,5 +36,6 @@
       "text": "Bookstack works only with static ip. If you Change the IP of your LXC, you Need to edit the .env File `nano /opt/bookstack/.env`",
       "type": "warning"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/bunkerweb.json

@@ -36,5 +36,6 @@
       "text": "WARNING: Installation sources scripts outside of Community Scripts repo. Please check the source before installing.",
       "type": "warning"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/bytestash.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/caddy.json

@@ -55,5 +55,6 @@
       "text": "if you need an external module run: `xcaddy build --with github.com/caddy-dns/cloudflare`",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/casaos.json

@@ -40,5 +40,6 @@
       "text": "WARNING: Installation sources scripts outside of Community Scripts repo. Please check the source before installing.",
       "type": "warning"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/changedetection.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/channels.json

@@ -36,5 +36,6 @@
       "text": "WARNING: Installation sources scripts outside of Community Scripts repo. Please check the source before installing.",
       "type": "warning"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/checkmk.json

@@ -36,5 +36,6 @@
       "text": "Login Credentials : `cat ~/checkmk.creds`",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/clean-lxcs.json

@@ -36,5 +36,6 @@
       "text": "Execute within the Proxmox shell",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/clean-orphaned-lvm.json

@@ -36,5 +36,6 @@
       "text": "Execute within the Proxmox shell",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/cleanuparr.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/cloudflare-ddns.json

@@ -40,5 +40,6 @@
       "text": "To update the configuration edit `/etc/systemd/system/cloudflare-ddns.service`. After edit please restart with `systemctl restart cloudflare-ddns`",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/cloudflared.json

@@ -36,5 +36,6 @@
       "text": "With an option to configure cloudflared as a DNS-over-HTTPS (DoH) proxy",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/cloudreve.json

@@ -36,5 +36,6 @@
       "text": "After Installation: Register your user -> Login -> Dashboard -> Accept Primary URL.",
       "type": "warn"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/cockpit.json

@@ -33,8 +33,13 @@
   },
   "notes": [
     {
-      "text": "Set a root password if using autologin. This will be the Cockpit password.`sudo passwd root`",
+      "text": "Set a root password if using autologin. This will be the Cockpit password. To set root password run `sudo passwd root`",
       "type": "info"
+    },
+    {
+      "text": "If you plan on using 45Drives extension with NFS, you must setup LXC as privileged. Some features of 45Drives don't work on Debian 13, so Debian 12 must be used.",
+      "type": "warning"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/coder-code-server.json

@@ -38,5 +38,6 @@
       "text": "Execute within an existing LXC Console",
       "type": "warning"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/commafeed.json

@@ -31,5 +31,6 @@
     "username": "admin",
     "password": "admin"
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/configarr.json

@@ -36,5 +36,6 @@
       "text": "change secrets file /opt/configarr/secrets.yml",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/convertx.json

@@ -36,5 +36,6 @@
       "text": "Complete setup via the web interface at http://<container-ip>:3000. Create and secure the admin account immediately.",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/copyparty.json

@@ -36,5 +36,6 @@
       "text": "Execute within the Proxmox shell or in LXC",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/cosmos.json

@@ -37,5 +37,6 @@
       "type": "info",
       "text": "The file `/etc/sysconfig/CosmosCloud` is optional. If you need custom settings, you can create it yourself."
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/crafty-controller.json

@@ -36,5 +36,6 @@
       "text": "Show password: `cat ~/crafty-controller.creds`",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/cron-update-lxcs.json

@@ -40,5 +40,6 @@
       "text": "To exclude LXCs from updating, edit the crontab using `crontab -e` and add CTID as shown in the example below:\n\n\n\n`0 0 * * 0 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin /bin/bash -c \"$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/tools/pve/update-lxcs-cron.sh)\" -s 103 111 >>/var/log/update-lxcs-cron.log 2>/dev/null`",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/cronicle.json

@@ -28,13 +28,14 @@
     }
   ],
   "default_credentials": {
-    "username": null,
-    "password": null
+    "username": "admin",
+    "password": "admin"
   },
   "notes": [
     {
       "text": "Primary and Worker Private Keys Must Match in the config file",
       "type": "warning"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/cross-seed.json

@@ -36,5 +36,6 @@
       "text": "After the installation cross-seed will fail to start with an empty configuration. To fix this, edit the config file to properly configure cross-seed, then restart by running `systemctl restart cross-seed`.",
       "type": "warning"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/crowdsec.json

@@ -36,5 +36,6 @@
       "text": "Execute within an existing LXC Console. Debian only!",
       "type": "warning"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/cryptpad.json

@@ -36,5 +36,6 @@
       "text": "After installation finishes, `systemctl status cryptpad.service` to get token URL which you can use to create admin account",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/daemonsync.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/dashy.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/debian-13-vm.json

@@ -44,5 +44,6 @@
       "text": "If you use Cloud-init, checkout after installation: ´https://github.com/community-scripts/ProxmoxVE/discussions/272´",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/debian-vm.json

@@ -40,5 +40,6 @@
       "text": "After installation, checkout: ´https://github.com/community-scripts/ProxmoxVE/discussions/836´ for useful Debian commands",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/debian.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/deconz.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/deluge.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": "deluge"
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/docker-vm.json

@@ -41,5 +41,6 @@
       "text": "This Script works on amd64 and arm64 Architecture.",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/docker.json

@@ -55,5 +55,6 @@
       "text": "Options to Install Portainer and/or Docker Compose V2",
       "type": "warning"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/dockge.json

@@ -40,5 +40,6 @@
       "text": "If the LXC is created Privileged, the script will automatically set up USB passthrough.",
       "type": "warning"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/docmost.json

@@ -36,5 +36,6 @@
       "text": "Use `cat ~/docmost.creds` to see database credentials.",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/documenso.json

@@ -31,5 +31,6 @@
     "username": "helper-scripts@local.com",
     "password": "helper-scripts"
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/dolibarr.json

@@ -36,5 +36,6 @@
       "text": "Database credentials: `cat ~/dolibarr.creds`",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/dotnetaspwebapi.json

@@ -36,5 +36,6 @@
       "text": "FTP server credentials: `cat ~/ftp.creds`",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/duplicati.json

@@ -36,5 +36,6 @@
       "text": "Admin password and database encryption key: `cat ~/duplicati.creds`",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/elementsynapse.json

@@ -44,5 +44,6 @@
       "type": "info",
       "text": "For bridges Installation methods (WhatsApp, Signal, Discord, etc.), see: ´https://docs.mau.fi/bridges/go/setup.html´"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/emby.json

@@ -36,5 +36,6 @@
       "text": "With Privileged/Unprivileged Hardware Acceleration Support",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/emqx.json

@@ -36,5 +36,6 @@
       "text": "Setup-Steps: Access Control ➡ Authentication ➡ Create ➡ Next ➡ Next ➡ Create ➡ Users ➡ Add ➡ Username / Password (to authenicate with MQTT) ➡ Save. You're now ready to enjoy a high-performance MQTT Broker.",
       "type": "info"
     }
-  ]
+  ],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }

scripts/json/ersatztv.json

@@ -31,5 +31,6 @@
     "username": null,
     "password": null
   },
-  "notes": []
+  "notes": [],
+  "repository_url": "https://github.com/community-scripts/ProxmoxVE"
 }