* fix(error-handler): prevent silent() from re-enabling error handling during recovery
Root cause: silent() (core.func) unconditionally calls set -Eeuo pipefail
and trap 'error_handler' ERR after every command. When build_container()
intentionally disables error handling for its recovery section, any
intermediate call through silent()/ re-enables it. This causes the
grep/sed pipeline for missing_cmd extraction to trigger error_handler
(grep returns exit code 1 on no match + pipefail = fatal).
Fixes:
1. silent(): Save errexit state before disabling, only restore if it was
active. Callers that intentionally disabled error handling (e.g.
build_container recovery) are no longer silently re-enabled.
2. build.func: Add || true to missing_cmd grep pipeline as defense-in-depth
against pipeline failure propagation.
3. build.func: Add explicit set +Eeuo pipefail / trap - ERR after
post_update_to_api() call, before error classification grep/sed section.
4. build.func: Remove stale global combined_log variable from variables()
that used a different path format (/tmp/install-SESSION-combined.log)
than the actual local variable (/tmp/NSAPP-CTID-SESSION.log). The global
was never written to and caused confusion when error_handler displayed it.
* Update build.func
* chore(install): add Github source links to all setup_nodejs scripts
52 install scripts had a project website in '# Source:' but no GitHub
link. Merged the GitHub repo URL into the Source header as:
# Source: https://website.com/ | Github: https://github.com/OWNER/REPO
Repos sourced from fetch_and_deploy_gh_release calls, get_latest_github_release
calls, or known project repos for npm/pip installed apps.
Two scripts (fumadocs, pve-scripts-local) had no Source line at all —
added one. Shinobi skipped (GitLab-only, no GitHub repo).
* chore(install): add Github source links to all fetch_and_deploy scripts
77 additional install scripts had fetch_and_deploy_gh_release calls but
no GitHub link in the Source header. Merged the primary app repo into
the Source header as:
# Source: https://website.com/ | Github: https://github.com/OWNER/REPO
Where multiple fetch_and_deploy calls existed (app + dependency), the
primary app repo was selected:
- ersatztv: ErsatzTV/ErsatzTV (not ffmpeg)
- firefly: firefly-iii/firefly-iii (not data-importer)
- komga: gotson/komga (not kepubify dep)
- sabnzbd: sabnzbd/sabnzbd (not par2cmdline-turbo dep)
- signoz: SigNoz/signoz (not otel-collector)
- tunarr: chrisbenincasa/tunarr (not ffmpeg dep)
Also fixed cosmos-install.sh double https:// in Source URL.
Skipped: autocaliweb (source already on codeberg, GitHub repos are deps only)
* revert: restore misc/build.func and misc/core.func to main state
These error-handler fixes belong to fix/error-handler-recovery, not to
this sources-only branch.
* chore(ct,tools): sync Source headers with install/ and add Github links to addon scripts
* fix(jellyfin): use setup_hwaccel for robust hardware acceleration
Replaces manual hardware acceleration setup with the centralized
setup_hwaccel function from tools.func.
This fixes the installation failure in privileged containers where
/dev/dri does not exist (e.g., when no GPU is passed through).
The setup_hwaccel function includes:
- Proper error handling for missing /dev/dri
- GPU vendor detection (Intel, AMD, NVIDIA)
- Graceful fallback when no GPU is available
Fixes: Installation fails with 'chgrp: cannot access /dev/dri'
when creating privileged containers without GPU passthrough.
* refactor(hwaccel): standardize hardware acceleration across all install scripts
Migrated all install scripts to use the centralized setup_hwaccel function:
- plex-install.sh
- emby-install.sh
- ersatztv-install.sh
- frigate-install.sh
- tdarr-install.sh
- unmanic-install.sh
- channels-install.sh
- ollama-install.sh
- immich-install.sh (added error handling)
Enhanced setup_hwaccel function in tools.func:
- Added -d /dev/dri check before setting permissions
- Added error handling (2>/dev/null || true) for all /dev/dri operations
- Added adduser error handling for video/render groups
- No longer fails if no GPU is detected (graceful skip)
- Added intel-media-va-driver for newer Intel GPUs
- Improved AMD APU support with firmware packages
- Better NVIDIA handling (warning instead of failure)
This fixes installation failures in privileged containers without GPU
passthrough, where /dev/dri does not exist.
Supports: Ubuntu, Debian 12 (Bookworm), Debian 13 (Trixie)
GPU Support: Intel, AMD, NVIDIA (manual driver)
* refactor(hwaccel): complete migration for all GPU apps
Migrated remaining GPU apps to setup_hwaccel:
- fileflows-install.sh
- openwebui-install.sh (added setup_hwaccel - was missing)
- tunarr-install.sh
Also fixed tools/pve/hw-acceleration.sh:
- Added error handling for /dev/dri operations
- Added chmod 660 /dev/dri/* that was missing
- Added error suppression for adduser commands
All 13 GPU apps (var_gpu=yes) now use centralized setup_hwaccel:
jellyfin, plex, emby, ersatztv, frigate, tdarr, unmanic,
channels, ollama, immich, fileflows, openwebui, tunarr
* feat(hwaccel): complete Intel non-free driver support and GID sync
Enhanced setup_hwaccel function:
- Auto-detect Intel GPU generation (Gen 9+ for non-free drivers)
- Debian 12 (Bookworm): Add non-free repo + intel-media-va-driver-non-free
- Debian 13 (Trixie): Add non-free repo + libvpl2 + mesa-opencl-icd
- Ubuntu: Use ubuntu repos with intel-media-va-driver
- Fallback to open drivers if non-free fails
- GID sync for video/render groups (moved from install scripts)
OpenWebUI: Added Intel oneAPI support when installing Ollama
- Intel Level Zero GPU support
- Intel oneAPI Base Toolkit
- Same setup as standalone Ollama install
Cleanup:
- Removed duplicate GID sync from tdarr-install.sh
- Removed duplicate GID sync from unmanic-install.sh
* fix(ersatztv): remove duplicate HW acceleration code
Removed manual Intel HW acceleration setup that remained after
setup_hwaccel migration. The non-free driver prompt is no longer
needed as setup_hwaccel auto-detects Intel GPU generation.
