- Trim whitespace, skip empty tokens and reject non-numeric input so a
malformed selection no longer feeds garbage into `sed -n "<index>p"`.
- Reject reversed ranges (start greater than end) with a clear message.
- Replace `grep | wc -l` with `grep -c` (ShellCheck SC2126).
- Replace the array-style exclude check (`${excluded_containers[@]}` on a
plain string) with an explicit per-VMID loop, resolving the ShellCheck
SC2199/SC2076 errors and avoiding accidental substring matches.
- Abort cleanly when the checklist dialog is cancelled instead of relying
on an unreachable `$?` test under `set -eEuo pipefail`.
- Exit gracefully on a declined confirmation prompt.
- Use `pct exec ... -- hostname` for consistent argument handling.
- AMD: download directly to "$microcode" instead of a convoluted, unquoted
basename of the full URL (fixes ShellCheck SC2046) and pin to https.
- Quote dpkg install and cleanup paths (SC2086) and use rm -f.
- Normalize the Debian pool URLs (drop the stray double/triple slashes).
- Define color variables directly instead of via $(echo ...) (SC2116/SC2028).
* Reduce IP-Tag resource usage and clean up ShellCheck findings
Performance / resource fixes in the generated service:
- VM IP detection only queries the QEMU guest agent when it is actually
enabled in the VM config. Previously every VM without an agent stalled
the loop for the full `qm guest cmd` timeout on each cycle; the timeout
is also lowered from 8s to 5s.
- Skip the ARP/ping fallback for VMs entirely when the guest agent already
returned addresses, avoiding needless ping probes every run.
- Snapshot `ip neighbor show` once per host instead of invoking it per MAC
in the VM and LXC lookups.
- Lower ping verification to a 1s timeout (`-W 1`).
ShellCheck cleanup in the installer:
- Define color variables directly instead of via $(echo ...) (SC2116/SC2028).
- Use `read -rp` everywhere (SC2162).
- Replace Unicode quotes with ASCII in a status message (SC1111).
* Cut IP-Tag CPU usage by avoiding per-guest pct/qm status calls
The periodic check spawned one `pct status` per container and one
`qm status` per VM each cycle. Both are heavy Perl tools (~hundreds of ms
CPU per invocation), so on hosts with many guests the 5-minute run caused
a noticeable CPU spike.
- Derive LXC status from the single `pct list` call that is already made
for enumeration.
- Add one `qm list` call to collect all VM statuses at once.
- Store both in a per-cycle STATUS_CACHE and read from it instead of
calling `pct status` / `qm status` per guest (with a fallback for direct
calls outside the cycle).
The heredoc used <<EOF (unquoted), causing the \ inside it
to be executed during installation. This embedded the entire cronmaster.sh
source (~250 lines) into the update script, which contained backtick-style
constructs that caused 'unexpected EOF while looking for matching backtick'
at line 44 when the update script was later run.
Use <<'EOF' so the literal \ text is written to the file.
* feat(update-apps): add var_continue_on_error and TERM=dumb fix
- Add var_continue_on_error=yes to skip failed containers instead
of aborting all remaining updates. Useful for cron/unattended runs
where one disabled or broken script should not stop others.
Containers with backup still attempt restore on failure regardless.
- Set TERM=dumb when running pct exec to prevent whiptail from
hanging when no TTY is available (e.g. cron jobs redirecting
stdout/stderr). This causes whiptail to fail-fast instead of
blocking indefinitely.
- Add var_continue_on_error to export_config_json, --help output,
and usage examples (cron-style invocation example added).
* feat(update-apps): add var_dry_run to check updates without applying
Adds dry-run mode (var_dry_run=yes) that reports available updates for
all selected containers without modifying anything:
- Extracts GitHub source repo from the ct script header (# Source:)
- Resolves the version file name from check_for_gh_release app arg
- Reads current installed version from ~/.appname inside the container
- Queries GitHub API /releases/latest for comparison
- Outputs color-coded status: up-to-date (green), update available (yellow),
or unknown (blue/yellow with reason)
Non-GitHub sources (Codeberg, custom URLs) are skipped with a notice.
Resource scaling is suppressed entirely during dry-run.
Example usage:
var_container=all_running var_skip_confirm=yes var_dry_run=yes \
bash -c "$(curl -fsSL .../update-apps.sh)"
* fix(update-apps): dry-run uses check_for_gh_release args, not Source header
The # Source: header can point to a different repo than what
check_for_gh_release actually queries (e.g. RustDesk uses
lejianwen fork, not official rustdesk repo).
Now parse both app name and source repo directly from the
check_for_gh_release call in the ct script:
check_for_gh_release "appname" "owner/repo"
Also fix $HOME/.appname path expansion in pct exec context.
* fix issue on clear()
* feat(update-apps): add no-op clear wrapper to PATH for update scripts
Co-authored-by: Copilot <copilot@github.com>
* feat(update-apps): enhance error handling for unattended mode in resource checks
Co-authored-by: Copilot <copilot@github.com>
* feat(update-apps): implement structured logging and summary report for updates
Co-authored-by: Copilot <copilot@github.com>
* fix log issue
Co-authored-by: Copilot <copilot@github.com>
* feat(update-apps): enhance dry-run functionality and logging for container updates
Co-authored-by: Copilot <copilot@github.com>
* feat(update-apps): add dry-run completion message for better user feedback
Co-authored-by: Copilot <copilot@github.com>
---------
Co-authored-by: Copilot <copilot@github.com>
ifconfig is not available on modern Debian systems (net-tools not
installed by default). Replace with hostname -I which is available
everywhere, with ip addr as fallback.
Fixes: #14257
Both update-lxcs.sh and update-apps.sh backgrounded pct shutdown and then
immediately called pct exec on the same container, causing 'Error: unexpected
status' which terminated the loop after the first container.
update-lxcs.sh: wrapped reboot-required and patchmon-agent checks in a
guard that only runs them when the container was already running (not
one that was started and is now being shut down).
update-apps.sh: moved pct set (resource reset) and the pct exec
reboot-required check to run before pct shutdown is issued.
Fixes#14027
* PMG Post Install: Detect gateway via /etc/os-release when /etc/issue is generic
* PMG Post Install: detect gateway via dpkg or PMG service units
* PMG: migrate post-install to deb822 format, fix APT source conflicts
- Simplify PMG detection to dpkg-based check only
- Extend repo_state() to scan .sources files (deb822 format)
- Add toggle_repo() helper for enable/disable on both formats
- Migrate Debian sources correction to deb822 (debian.sources)
- Migrate pmg-enterprise, pmg-no-subscription, pmgtest repo
creation to deb822 .sources files
- Install script: clean up duplicate APT sources created by
proxmox-mailgateway-container package (enterprise.list,
pmg-install-repo.list, legacy sources.list)
* fix: use official Signed-By path & revert install script cleanup
- Change Signed-By from /etc/apt/keyrings/pmg.gpg to
/usr/share/keyrings/proxmox-archive-keyring.gpg in all three
PMG repo creation blocks (enterprise, no-subscription, test),
matching official PMG docs and PVE post-install convention
- Remove APT source cleanup from install script (handled by
post-pmg-install instead)
* remove empty line
* fix(filebrowser-quantum): warn when addon is run directly on Proxmox host
Detect /etc/pve and show a clear warning with link to the recommended
LXC installer. User must explicitly confirm to continue on the host,
addressing the size calculation and indexing issues reported in
gtsteffaniak/filebrowser#1893.
Closes#13636
* fix(filebrowser): improve host warning text and add to filebrowser addon
- Clarify that passthrough drives are not visible on the Proxmox host
- Mention incorrect disk usage stats and incomplete file browsing
- Add same warning to filebrowser (non-quantum) addon which also serves from /
- Reduce verbosity, remove redundant phrasing
* fix(filebrowser): fix misleading host warning wording
Remove reference to a non-existent dedicated LXC installer.
The addons should simply be run inside an LXC or VM instead.
Update Komodo addon script: switch source GitHub URL to moghtech, create a timestamped backup of the compose env before updating, and add migrations for Komodo v2. Migrate image tag from 'latest' to ':2', rename DB credential variables (KOMODO_DB_* -> KOMODO_DATABASE_*), remove the deprecated KOMODO_PASSKEY, and ensure COMPOSE_KOMODO_BACKUPS_PATH is set. Adjust install routine to stop generating/setting PASSKEY and to use the new DATABASE variable names.
CanbiZ (MickLesk)