* feat: validate container ID before pct create to prevent failures
Add validation to ensure container IDs are not already in use before attempting to create containers. This prevents pct create failures when an ID is already assigned to a VM/LXC or used in LVM volumes.
Changes:
- Add validate_container_id() and get_valid_container_id() functions to build.func
- Validate ID in base_settings() for default installation method
- Validate ID in advanced_settings() dialog with user prompt for next available ID
- Add validation to turnkey.sh with interactive dialog
- Add validation to all-templates.sh with automatic ID correction
Checks performed:
- Container config file existence (/etc/pve/lxc/*.conf)
- VM config file existence (/etc/pve/qemu-server/*.conf)
- LVM logical volume usage
Fixes issue where container creation would fail if the suggested/chosen ID was already in use.
* feat: validate container ID before pct create to prevent failures
Add validation to ensure container IDs are not already in use before attempting to create containers. This prevents pct create failures when an ID is already assigned to a VM/LXC or used in LVM volumes.
Changes:
- Add validate_container_id() and get_valid_container_id() functions to build.func
- Validate ID in base_settings() for default installation method
- Validate ID in advanced_settings() dialog with user prompt for next available ID
- Add validation to turnkey.sh with interactive dialog
- Add validation to all-templates.sh with automatic ID correction
Checks performed:
- Container config file existence (/etc/pve/lxc/*.conf)
- VM config file existence (/etc/pve/qemu-server/*.conf)
- LVM logical volume usage
Fixes issue where container creation would fail if the suggested/chosen ID was already in use.
* Update turnkey.sh
* Update build.func
- Check if beignet-opencl-icd package is available before installation
- Package was removed in Debian 12+ and Ubuntu 22.04+
- VA-API hardware acceleration still works without OpenCL
- Prevents installation failure on systems with Intel HD 2000-5999 GPUs
- libigdgmm12: Fetch from intel/compute-runtime (not gmmlib which has no releases)
- intel-igc-core-2: Correct pattern with -2 suffix
- intel-igc-opencl-2: Correct pattern with -2 suffix
- libze-intel-gpu1: Correct package name (was intel-level-zero-gpu)
- Remove libigdgmm12 from apt install (already fetched from GitHub)
- Only fetch GitHub packages for Trixie/Sid (Bookworm uses repos)
Verified all patterns against actual GitHub release assets.
- Fix ((gpu_count++)) returning exit code 1 when count=0
- Fix ((failed_modules++)) same issue in setup_nodejs
- Add || true to all arithmetic increments starting from 0
- Export ENABLE_GPU from build.func to container
- Check ENABLE_GPU instead of var_gpu in setup_hwaccel
The bash arithmetic expansion ((0)) and ((x++)) when x=0
returns exit code 1, which causes immediate script abort
when set -e is active.
Ensures LANG is set to en_US.UTF-8 by default if not already defined before updating /etc/locale.gen.
Co-authored-by: CanbiZ <47820557+MickLesk@users.noreply.github.com>
Refactored various shell functions to add more robust error handling by redirecting stderr to /dev/null and using '|| true' to prevent script failures. Enhanced npm cache cleanup to remove both _cacache and _logs directories, and improved reliability of version and keyring extraction commands. These changes increase script resilience and prevent unnecessary errors from halting execution.
Replaced the if-statement for npm cache cleaning with a single command using '||' to fall back to manual cache removal if 'npm cache clean' fails. This streamlines the cleanup process.
Adds a fallback to manually remove the npm cache directory if 'npm cache clean --force' fails during cleanup. This ensures the cache is cleared even if the npm command encounters an error.
* fix(jellyfin): use setup_hwaccel for robust hardware acceleration
Replaces manual hardware acceleration setup with the centralized
setup_hwaccel function from tools.func.
This fixes the installation failure in privileged containers where
/dev/dri does not exist (e.g., when no GPU is passed through).
The setup_hwaccel function includes:
- Proper error handling for missing /dev/dri
- GPU vendor detection (Intel, AMD, NVIDIA)
- Graceful fallback when no GPU is available
Fixes: Installation fails with 'chgrp: cannot access /dev/dri'
when creating privileged containers without GPU passthrough.
* refactor(hwaccel): standardize hardware acceleration across all install scripts
Migrated all install scripts to use the centralized setup_hwaccel function:
- plex-install.sh
- emby-install.sh
- ersatztv-install.sh
- frigate-install.sh
- tdarr-install.sh
- unmanic-install.sh
- channels-install.sh
- ollama-install.sh
- immich-install.sh (added error handling)
Enhanced setup_hwaccel function in tools.func:
- Added -d /dev/dri check before setting permissions
- Added error handling (2>/dev/null || true) for all /dev/dri operations
- Added adduser error handling for video/render groups
- No longer fails if no GPU is detected (graceful skip)
- Added intel-media-va-driver for newer Intel GPUs
- Improved AMD APU support with firmware packages
- Better NVIDIA handling (warning instead of failure)
This fixes installation failures in privileged containers without GPU
passthrough, where /dev/dri does not exist.
Supports: Ubuntu, Debian 12 (Bookworm), Debian 13 (Trixie)
GPU Support: Intel, AMD, NVIDIA (manual driver)
* refactor(hwaccel): complete migration for all GPU apps
Migrated remaining GPU apps to setup_hwaccel:
- fileflows-install.sh
- openwebui-install.sh (added setup_hwaccel - was missing)
- tunarr-install.sh
Also fixed tools/pve/hw-acceleration.sh:
- Added error handling for /dev/dri operations
- Added chmod 660 /dev/dri/* that was missing
- Added error suppression for adduser commands
All 13 GPU apps (var_gpu=yes) now use centralized setup_hwaccel:
jellyfin, plex, emby, ersatztv, frigate, tdarr, unmanic,
channels, ollama, immich, fileflows, openwebui, tunarr
* feat(hwaccel): complete Intel non-free driver support and GID sync
Enhanced setup_hwaccel function:
- Auto-detect Intel GPU generation (Gen 9+ for non-free drivers)
- Debian 12 (Bookworm): Add non-free repo + intel-media-va-driver-non-free
- Debian 13 (Trixie): Add non-free repo + libvpl2 + mesa-opencl-icd
- Ubuntu: Use ubuntu repos with intel-media-va-driver
- Fallback to open drivers if non-free fails
- GID sync for video/render groups (moved from install scripts)
OpenWebUI: Added Intel oneAPI support when installing Ollama
- Intel Level Zero GPU support
- Intel oneAPI Base Toolkit
- Same setup as standalone Ollama install
Cleanup:
- Removed duplicate GID sync from tdarr-install.sh
- Removed duplicate GID sync from unmanic-install.sh
* fix(ersatztv): remove duplicate HW acceleration code
Removed manual Intel HW acceleration setup that remained after
setup_hwaccel migration. The non-free driver prompt is no longer
needed as setup_hwaccel auto-detects Intel GPU generation.
Add error suppression and || true to awk commands that parse rustc version.
Prevents 'Operation not permitted' errors in containers with restricted syscalls.
- load_vars_file() now supports force parameter to override existing variables
- App Defaults uses force=yes to properly apply saved user preferences
- Added safety check for SSH_KEYS_FILE in install_ssh_keys_into_ct()
- Initialize ENABLE_GPU, ENABLE_NESTING, ENABLE_KEYCTL, ENABLE_MKNOD, PROTECT_CT, CT_TIMEZONE in base_settings()
- Added fallback defaults in echo_default() to prevent unbound variable errors when advanced_settings is skipped
* fix(build): load app defaults before applying base_settings
App defaults were loaded after base_settings, causing saved values to be ignored.
Now loads var_* from app defaults file before calling base_settings.
* fix(cleanup): suppress composer root warning in cleanup_lxc
Composer's clear-cache command prompts for confirmation when run as root,
causing scripts to hang at 'Cleaning up' stage. Set COMPOSER_ALLOW_SUPERUSER=1
to suppress the interactive prompt.
Fixes#9952 (Heimdall Dashboard), also affects BentoPDF and other PHP apps.
* Fix COMPOSER_ALLOW_SUPERUSER export in cleanup_lxc
Exports COMPOSER_ALLOW_SUPERUSER before running composer clear-cache to ensure the environment variable is set correctly during cleanup.
- SSH access dialog is now always displayed regardless of password or SSH keys
- Added step indicator to SSH settings dialogs for consistency
- configure_ssh_settings() now accepts optional step_info parameter
- Updated documentation for SSH configuration functions
Fixes#9753
* Switch container exec from bash to sh in fix_gpu_gids
Replaces bash with sh for container execution in fix_gpu_gids and updates device matching logic to use a POSIX-compliant case statement. This improves compatibility with containers that may not have bash installed.
* fix(apt): auto-recover from interrupted dpkg operations
When a previous installation is interrupted (e.g., by script error or
user cancellation), dpkg can be left in an inconsistent state requiring
'dpkg --configure -a' to fix.
This change:
- Adds dpkg --configure -a check to ensure_apt_working()
- Adds dpkg --configure -a to retry logic in install_packages_with_retry()
- Adds dpkg --configure -a to retry logic in upgrade_packages_with_retry()
Fixes: Omada Controller update failing after interrupted installation
Reported-in: #9663
* core: enhance storage type validation and error codes
Improve storage validation for LXC container creation with
explicit checks for unsupported storage types.
Changes:
- Add validation for storage types that don't support containers:
- iscsidirect (exit 212) - VMs only
- iscsi/zfs (exit 213) - no rootdir support
- cephfs (exit 219) - use RBD instead
- pbs (exit 224) - backups only
- Add connectivity check for network storage (linstor, rbd, nfs, cifs)
- Simplify storage content validation using pvesm status
- Reorganize Proxmox error codes (200-231) for consistency
- Update error messages to be more descriptive and actionable
This helps users identify storage compatibility issues early
before container creation fails with cryptic errors.
* Update build.func
