Add a GitHub Actions workflow that listens for `/pocketbase` issue comments and runs a self-hosted job executing an inline Node.js bot. The script authenticates to PocketBase using configured secrets, checks commenter association (OWNER/MEMBER), and supports updating record fields, setting multiline/code-block fields, managing notes, and editing install method resources. It provides GitHub reactions and status comments and uses GITHUB_TOKEN for issue/comment interactions.
* fix(tdarr): use curl_with_retry and verify binaries before enabling service
Tdarr_Updater downloads the actual server/node binaries from tdarr.io at
runtime. If tdarr.io is blocked by local DNS (e.g. OPNsense OISD blocklists),
the updater exits silently with code 0, leaving no binaries on disk. The
subsequent systemctl enable then fails with 'Operation not permitted' (exit 1)
because the ExecStart paths don't exist.
Changes:
- Replace bare curl with curl_with_retry for versions.json and Tdarr_Updater.zip
downloads to gain retry logic, DNS pre-check and exponential backoff
- Add msg_info before Tdarr_Updater run so users see this step in the log
- Check that Tdarr_Server and Tdarr_Node binaries exist after the updater
runs; fail immediately with a clear message pointing to tdarr.io connectivity
instead of letting systemctl fail with a confusing 'Operation not permitted'
Fixes: #13030
* Improve Tdarr installer error handling
Refine post-update validation and failure behavior in tdarr-install.sh: remove a redundant status message, simplify the updater check to only require the Tdarr_Server binary, and replace the previous fatal path with msg_error plus an explicit exit 250. This makes failures (for example when tdarr.io is blocked by local DNS) clearer and avoids false negatives from the Tdarr_Node existence check.
* Use curl_with_retry and handle updater failure
Replace direct curl calls with curl_with_retry for fetching versions.json and downloading Tdarr_Updater.zip to improve network reliability. Add a post-update check that verifies /opt/tdarr/Tdarr_Server/Tdarr_Server exists; if missing, log an error suggesting possible DNS blocking and exit with code 250. Minor cleanup of updater artifacts remains unchanged.
* Reorder hwaccel setup and adjust GPU group usermod
Move setup_hwaccel invocations in emby, jellyfin, ollama, and plex installers to occur after package installation/configuration so GPU drivers/repos are present before enabling hardware acceleration. Update _setup_gpu_permissions to call usermod directly (remove $STD wrapper) when adding service users to render/video groups. Includes minor whitespace/ordering cleanups in the installer scripts.
improve hardware-acceleration setup to centralize service user group management. Install scripts (emby, plex, ollama, channels) now pass a service user to setup_hwaccel (or no user for channels) and have had inline /etc/group sed/usermod tweaks removed. misc/tools.func updated: setup_hwaccel accepts an optional service_user and forwards it to _setup_gpu_permissions, which now adds the service user to render and video groups if provided. This consolidates GPU permission changes in one place and removes duplicated per-service group edits.
* tools.func Implement check_for_gh_tag function
Adds a function to check for new GitHub tags for repositories without releases. (needed for termix / guacd-server)
* Update documentation for check_for_gh_tag function
* tools.func: Implement fetch_and_deploy_gh_tag function
Adds function to fetch and deploy GitHub tag-based source tarballs.
* Refactor fetch_and_deploy_gh_tag function and comments
Updated the function to fetch and deploy GitHub tags, enhancing its description and usage instructions.
* cleanuo
- Add OPENVPN_PROCESS_USER=root, PUID=0, PGID=0 to default .env
to prevent gluetun from injecting 'user' directive into target.ovpn
which causes 'Unrecognized option' errors on Debian
- Add ExecStartPre to remove stale /etc/openvpn/target.ovpn before start
- Fixes#12988
* fix(frigate): check OpenVino model files exist before configuring detector
When the OpenVino model build fails (e.g. TensorFlow import error),
the model files are not created but the config still references them
if the CPU supports avx/sse4_2, causing Frigate to crash on start
with FileNotFoundError.
Now also checks that ssdlite_mobilenet_v2.xml and coco_91cl_bkgr.txt
actually exist before configuring the OpenVino detector, falling back
to CPU model otherwise.
Fixes#12808
* fix(frigate): use curl_with_retry for all downloads
Replace all wget and bare curl calls with curl_with_retry from
tools.func for robust downloads with retry logic, exponential
backoff, and DNS pre-checks. This prevents install failures from
transient network issues during model and dependency downloads.
