Root cause: post_update_to_api set POST_UPDATE_DONE=true even after
all 3 retry attempts failed (curl timeout, API error). This prevented
the EXIT trap (api_exit_script) from retrying with fresh attempts.
Changes:
- Only set POST_UPDATE_DONE=true on actual HTTP 2xx success
- If all 3 attempts fail, EXIT trap gets 3 more fresh attempts
- Increase timeout from 5s to 10s for final status updates (STATUS_TIMEOUT)
Progress pings keep 5s (TELEMETRY_TIMEOUT) since they're lightweight
- post_update_to_api_extended: add proper retry logic + HTTP code check
(was fire-and-forget with no retry)
Validation status was persisting through container start, network check,
and OS customization. Now transitions to 'configuring' immediately after
create_lxc_container returns. Validation only covers storage/template/cluster
checks as intended.
Pipe lxc-attach output through tee into /tmp/.install-capture-${SESSION_ID}.log and use PIPESTATUS[0] to get the real lxc-attach exit code. Prefer a pulled container-side INSTALL_LOG when it exists and is >100 bytes; otherwise fall back to the host-captured terminal log (stripping ANSI codes) and append it to the combined log so get_full_log() can find it. Apply the same capture behavior to the retry path and remove temporary capture files on completion. This makes install output reliable when container-side logging is missing (DNS errors, early crashes, or missing silent() usage).
After 'export INSTALL_LOG' in build.func, get_active_logfile() returned
the container's INSTALL_LOG path for all host-side logging, causing
msg_info/msg_ok/msg_error on the host to write to /root/.install-SESSION.log
(the host file, not the container's) instead of BUILD_LOG. This made
BUILD_LOG incomplete and get_full_log() unable to send full traces.
Fix: Add _HOST_LOGFILE (not exported, invisible to container) so the host
always logs to BUILD_LOG. Container still uses INSTALL_LOG as before.
* Enhance telemetry, signal handling, and logs
Improve failure telemetry and signal handling across the installer: add get_full_log() to collect/strip/truncate install logs and include them in API payloads with a truncated retry; add CONTAINER_INSTALLING flag around lxc-attach and stop containers on abort to avoid orphaned "installing/configuring" records; introduce _send_abort_telemetry() (curl fallback for container context) and _stop_container_if_installing() helpers; centralize and simplify EXIT/ERR/INT/TERM/HUP traps and handlers (including a new on_hangup handler) and update VM scripts to report numeric exit codes. Also ensure best-effort log collection is performed and tweak error categorization for certain signals.
* Include full log in error telemetry
Use get_full_log (up to 120KB) to populate the error telemetry field so the API receives the full installation trace; fall back to get_error_text (last ~20 lines) if the full log is empty. Removed collection and inclusion of a separate install_log field from the JSON payloads and simplified the retry payloads/comments accordingly. The change ensures error reports contain the complete trace while avoiding duplicate large log fields and keeps graceful failure handling (get_full_log || true).
* Anonymize IP addresses in get_full_log
Mask IPv4 addresses in logs when collecting full log output: added a sed step that replaces the last two octets with "x.x" to avoid exposing full IPs (GDPR). Also updated the comment to reflect anonymization; existing steps that strip carriage returns and ANSI escape sequences remain in place before truncating with head -c.
Prevent host-side error_handler from being triggered during in-container install/recovery by delaying re-enabling set -Eeuo pipefail and the ERR trap in misc/build.func until after install/recovery completes; add explanatory comments. Update misc/error_handler.func to fall back to BUILD_LOG if container-internal log path is unavailable, show the last 20 log lines when present, refine container vs host detection (check INSTALL_LOG file and /root), copy INSTALL_LOG into /root and write a .failed flag with the exit code for host-side detection, and ensure full-log output and container removal prompt are shown appropriately in host context. Tweak misc/core.func silent() output to include a "Full log" path and adjust formatting.
Update misc/tools.func to include Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg on multiple Debian repository blocks (bullseye, bookworm, trixie/sid and their -security entries) for non-free and non-free-firmware components. This ensures APT uses the specified keyring to verify repository metadata and improves reproducible/secure apt configuration.
* Update frigate.sh
* Add Frigate metadata and overhaul installer
Add frontend metadata for Frigate (frontend/public/json/frigate.json), remove the old .bak metadata file, and perform a major refactor of install/frigate-install.sh. The installer now targets Debian 12 (Bookworm), converts APT sources to deb822, installs and builds required dependencies (Python wheels, libusb, OpenVINO, Tempio, Nginx, sqlite extensions), configures hardware acceleration and GPU access, fetches and deploys Frigate and go2rtc releases, and prepares inference/audio models. Systemd service units were improved (dependencies, env file usage, safer log file handling, create_directories service) and services are enabled/started with cleanup steps added. Also updated copyright/authorship and various runtime environment exports and default Frigate config changes (ffmpeg hwaccel, detector selection, disabled auth/detect in default config).
* Update frigate.json
* frigate: update metadata and installer
Update frontend metadata (config path, interface port, and expanded description) and modernize the install script: switch apt-get to apt, streamline dependency list (remove wget/jq/unzip), replace inline hardware-acceleration/GPU group tweaks with setup_hwaccel, pin Frigate release to v0.16.4 for reproducible installs, and fetch/libusb build now uses fetch_and_deploy_gh_release with adjusted paths. Also clean up removed temporary files.
* add std
