* fix(dawarich): run db:migrate before assets:precompile
In Rails production, eager loading during assets:precompile can execute
DB queries. Dawarich 1.7.0 adds new tables (monthly digest email
preferences, S3 storage settings). Running precompile before migrate
causes 'Operation not permitted' / exit code 1 when those tables do
not exist yet.
Reordered to: db:migrate -> assets:precompile -> data:migrate,
which is the correct Rails deployment sequence.
Fixes#14048
* add otp key
Both update-lxcs.sh and update-apps.sh backgrounded pct shutdown and then
immediately called pct exec on the same container, causing 'Error: unexpected
status' which terminated the loop after the first container.
update-lxcs.sh: wrapped reboot-required and patchmon-agent checks in a
guard that only runs them when the container was already running (not
one that was started and is now being shut down).
update-apps.sh: moved pct set (resource reset) and the pct exec
reboot-required check to run before pct shutdown is issued.
Fixes#14027
Previously the update script only upgraded .NET when aspnetcore-runtime-8.0
or 9.0 was detected via is_package_installed. Containers where detection
failed would silently skip the upgrade block, leaving Technitium v15
(requires .NET 10) starting against .NET 8/9 and immediately failing.
Changed condition to: install .NET 10 unless it is already installed.
Old 8.0/9.0 packages are removed with || true to avoid errors on clean
installs.
Fixes#14045
The setup_deb822_repo function was only checking for the literal './'
suite value, but should reject any suite ending with '/', which
indicates a flat repository that must not include Components in the
DEB822 format.
This fix aligns ProxmoxVE with the correct behavior already present
in ProxmoxVED.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The update was failing with 'mv: cannot stat /opt/2fauth-backup/.env:
No such file or directory' on a system where a previous run had left
/opt/2fauth-backup behind. mv would then nest /opt/2fauth inside the
existing backup directory (as /opt/2fauth-backup/2fauth/), so the
restore step looked at the wrong path.
After fixing that, the app returned a 500 ('Key path
file:///opt/2fauth/storage/oauth-public.key does not exist or is not
readable') because chown/chmod ran before composer install and
php artisan 2fauth:install, leaving vendor/, bootstrap/cache/* and
the regenerated oauth keys owned by root and unreadable by www-data.
- Remove any stale /opt/2fauth-backup before creating the backup, and
remove it again at the end so the next run starts clean
- Use cp instead of mv when restoring .env/storage so the backup is
preserved until the update completes
- Move chown/chmod to AFTER composer + artisan, matching the order in
install/2fauth-install.sh
- Restart php8.4-fpm in addition to nginx so opcache picks up the new
cached config
- Drop redundant quotes around literal paths to match the rest of the
codebase
Stop vmagent and vmalert services (if present) before deploying the
vmutils tarball during updates, and restart them afterward. Running
vmutils daemons (vmagent-prod, vmalert-prod) cause cp to fail with
ETXTBSY when their binaries are overwritten in /opt/victoriametrics.
Fixes#14014
