Copy the container install log to a host path before reporting a failure to the telemetry API so get_error_text() can read it. Introduce host_install_log and point INSTALL_LOG to the host copy when pulled via pct, move post_update_to_api after the log copy, and update the displayed installation-log path.
Update scripts to use Python 3.12 for uv tool setup and Open-WebUI installs/upgrades. Add a numba constraint (--constraint <(echo "numba>=0.60")) to uv tool install/upgrade commands to ensure compatibility. Changes applied to ct/openwebui.sh and install/openwebui-install.sh for both fresh installs and update paths.
Replace npm script calls to db:sqlite:generate and db:sqlite:push with db:generate and db:push in ct/pangolin.sh and install/pangolin-install.sh. This makes the build/install steps use the generic DB task names for consistency across update and install workflows.
The previous logic using 'file | grep PGP' was inverted — both
ASCII-armored and binary GPG keys matched the pattern, causing
ASCII-armored keys to be copied directly instead of being
dearmored. This resulted in APT failing with NO_PUBKEY errors
on Debian 12 (bookworm).
Use 'grep BEGIN PGP' to reliably detect ASCII-armored keys and
dearmor them, otherwise copy binary keys directly.
gpg --dearmor creates files with restrictive permissions (600),
which prevents Debian 13's sqv signature verifier from reading
the keyring files. This causes apt update to fail with
'Permission denied' errors for all repositories using custom
GPG keys (adoptium, pgdg, pdm, etc.).
Set chmod 644 after creating .gpg files in both setup_deb822_repo()
and the MongoDB GPG key import in manage_tool_repository().
* fix(archlinux-vm): fix LVM/LVM-thin storage and improve error reporting
- Add catch-all (*) case for storage types (LVM, LVM-thin, zfspool)
Previously only nfs/dir/cifs and btrfs were handled, leaving
DISK_EXT, DISK_REF, and DISK_IMPORT unset on LVM/LVM-thin storage
- Fix error_handler to send numeric exit_code to API instead of
bash command text (which caused 'Unknown error' in telemetry)
- Replace fragile pvesm alloc for EFI disk with Proxmox-managed
:0,efitype=4m (consistent with docker-vm.sh)
- Modernize disk import: auto-detect qm disk import vs qm importdisk,
parse output to get correct disk reference instead of guessing names
- Use --format flag (double dash) consistent with modern Proxmox API
- Remove unused FORMAT variable (EFI type now always set correctly)
- Remove fragile eval-based disk name construction
* fix(vm): fix LVM/LVM-thin storage and error reporting for all VM scripts
- Add catch-all (*) case to storage type detection in all VM scripts
that were missing it (debian-vm, debian-13-vm, ubuntu2204/2404/2504,
nextcloud-vm, owncloud-vm, opnsense-vm, pimox-haos-vm)
- Add catch-all to mikrotik-routeros (had zfspool but not lvm/lvmthin)
- Fix error_handler in ALL 14 VM scripts to send numeric exit_code
to post_update_to_api instead of bash command text, which caused
'Unknown error' in telemetry because the API expects a number
The catch_errors() function in CT scripts overrides the API telemetry
traps set by build.func. This caused on_exit, on_interrupt, and
on_terminate to never call post_update_to_api, leaving telemetry
records permanently stuck on 'installing'.
Changes:
- on_exit: Report orphaned 'installing' records on ANY exit where
post_to_api was called but post_update_to_api was not
- on_interrupt: Call post_update_to_api('failed', '130') before exit
- on_terminate: Call post_update_to_api('failed', '143') before exit
All calls are guarded by POST_UPDATE_DONE flag to prevent duplicates.
EMQX 6.1+ preallocates significant disk space for the MQ feature,
causing high CPU/disk usage on small containers (emqx/emqx#16649).
- Increase default disk from 4GB to 6GB
- Add read -rp prompt during install to optionally disable MQ feature
via mq.enable=false in emqx.conf (reduces disk/CPU overhead)
- Setting is in install script (not CT script) per reviewer feedback
Co-authored-by: sim-san <sim-san@users.noreply.github.com>
The UniFi GPG key at dl.ui.com/unifi/unifi-repo.gpg is already in binary
format. setup_deb822_repo unconditionally ran gpg --dearmor which expects
ASCII-armored input, corrupting binary keys and causing apt to fail with
'Unable to locate package unifi'.
setup_deb822_repo now downloads the key to a temp file first and uses
the file command to detect whether it is already a binary PGP/GPG key.
Binary keys are copied directly; armored keys are dearmored as before.
This also reverts unifi-install.sh back to using setup_deb822_repo for
consistency with all other install scripts.
* fix(tailscale-addon): fix DNS check and keyrings directory issues
- Source /etc/os-release instead of grep to handle quoted values properly
- Use VERSION_CODENAME variable instead of VER for correct URL
- Add fallback DNS resolution methods (host, nslookup, getent) when dig is missing
- Create /usr/share/keyrings directory if it doesn't exist
- Skip DNS check gracefully when no DNS tools are available
Fixes installation failures with 'dig: command not found' and
'No such file or directory' for keyrings path
* Update tools/addon/add-tailscale-lxc.sh
Co-authored-by: Chris <punk.sand7393@fastmail.com>
* Update tools/addon/add-tailscale-lxc.sh
Co-authored-by: Chris <punk.sand7393@fastmail.com>
---------
Co-authored-by: Chris <punk.sand7393@fastmail.com>
Add POST_TO_API_DONE idempotency guard to post_to_api() to prevent
the same telemetry record from being submitted twice with the same
RANDOM_UUID. This mirrors the existing POST_UPDATE_DONE pattern in
post_update_to_api().
post_to_api() is called twice in build.func:
- After storage validation (inside CONTAINER_STORAGE check)
- After create_lxc_container() completes
When both execute, the second call fails with a random_id uniqueness
violation on PocketBase, generating server-side errors.
* fix(debian-13-vm): disable systemd-firstboot and add autologin via virt-customize
Newer Debian 13 (Trixie) nocloud images (Jan 29+) have systemd-firstboot
enabled, which blocks the boot process by prompting for timezone and root
password on the serial console. The noVNC console stalls after auditd checks.
Fix by using virt-customize (like docker-vm.sh) to:
- Disable systemd-firstboot.service and mask it
- Pre-seed timezone to Etc/UTC
- Configure autologin on ttyS0 and tty1 for nocloud images
- Set hostname and clear machine-id for unique IDs
- Install libguestfs-tools if not present
Fixes#11807
* feat(debian-13-vm): add cloud-init selection dialog for default and advanced settings
Add select_cloud_init() function consistent with docker-vm.sh that prompts
the user to choose between Cloud-Init (genericcloud image) and nocloud
(with auto-login) in both default and advanced settings.
Previously, default settings hardcoded CLOUD_INIT=no without asking.
