Update discopanel-install.sh

Update date_created and logo in discopanel.json
Add discopanel (ct)
2025-12-14 19:23:32 +01:00 · 2025-12-10 17:06:42 +01:00 · 2025-12-10 17:06:11 +01:00 · 2025-12-10 16:03:46 +00:00 · 2025-12-10 16:02:54 +00:00 · 2025-12-10 17:02:25 +01:00
85 changed files with 2140 additions and 801 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -10,8 +10,119 @@
 > [!CAUTION]
 Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit the project's popularity for potentially malicious purposes.

+## 2025-12-10
+
+### 🚀 Updated Scripts
+
+  - #### 🔧 Refactor
+
+    - Tracktor: Remove unused variable [@tremor021](https://github.com/tremor021) ([#9841](https://github.com/community-scripts/ProxmoxVE/pull/9841))
+
+## 2025-12-09
+
+### 🆕 New Scripts
+
+  - Dokploy ([#9793](https://github.com/community-scripts/ProxmoxVE/pull/9793))
+- Coolify ([#9792](https://github.com/community-scripts/ProxmoxVE/pull/9792))
+
+### 🚀 Updated Scripts
+
+  - #### ✨ New Features
+
+    - Refactor: Zerotier-One [@tremor021](https://github.com/tremor021) ([#9804](https://github.com/community-scripts/ProxmoxVE/pull/9804))
+    - Refactor: Zabbix [@tremor021](https://github.com/tremor021) ([#9807](https://github.com/community-scripts/ProxmoxVE/pull/9807))
+
+  - #### 🔧 Refactor
+
+    - Refactor: Zigbee2MQTT [@tremor021](https://github.com/tremor021) ([#9803](https://github.com/community-scripts/ProxmoxVE/pull/9803))
+    - Refactor: Wordpress [@tremor021](https://github.com/tremor021) ([#9808](https://github.com/community-scripts/ProxmoxVE/pull/9808))
+    - Wizarr: Various fixes [@tremor021](https://github.com/tremor021) ([#9809](https://github.com/community-scripts/ProxmoxVE/pull/9809))
+    - Refactor: Wiki.js [@tremor021](https://github.com/tremor021) ([#9810](https://github.com/community-scripts/ProxmoxVE/pull/9810))
+    - Zammad: Various fixes [@tremor021](https://github.com/tremor021) ([#9805](https://github.com/community-scripts/ProxmoxVE/pull/9805))
+    - Refactor: Zipline [@tremor021](https://github.com/tremor021) ([#9801](https://github.com/community-scripts/ProxmoxVE/pull/9801))
+
+### 💾 Core
+
+  - #### 🐞 Bug Fixes
+
+    - fix(tools): handle repos with 30+ pre-releases in check_for_gh_release [@vidonnus](https://github.com/vidonnus) ([#9786](https://github.com/community-scripts/ProxmoxVE/pull/9786))
+
+  - #### ✨ New Features
+
+    - Feature: extend advanced settings with more options & inherit app defaults [@MickLesk](https://github.com/MickLesk) ([#9776](https://github.com/community-scripts/ProxmoxVE/pull/9776))
+
+### 📚 Documentation
+
+  - website: fix/check updateable flags [@MickLesk](https://github.com/MickLesk) ([#9777](https://github.com/community-scripts/ProxmoxVE/pull/9777))
+- fixed grammar on alert that pops up when you copy the curl command [@Sarthak-Sidhant](https://github.com/Sarthak-Sidhant) ([#9799](https://github.com/community-scripts/ProxmoxVE/pull/9799))
+
+### ❔ Uncategorized
+
+  - Website: Remove Palmr script [@tremor021](https://github.com/tremor021) ([#9824](https://github.com/community-scripts/ProxmoxVE/pull/9824))
+
+## 2025-12-08
+
+### 🚀 Updated Scripts
+
+  - typo: tandoor instead of trandoor [@Neonize](https://github.com/Neonize) ([#9771](https://github.com/community-scripts/ProxmoxVE/pull/9771))
+
+  - #### 🐞 Bug Fixes
+
+    - Tandoor: Remove postgres17-contrib package [@tremor021](https://github.com/tremor021) ([#9781](https://github.com/community-scripts/ProxmoxVE/pull/9781))
+
+  - #### ✨ New Features
+
+    - feat: Add var_gpu flag for GPU passthrough configuration [@MickLesk](https://github.com/MickLesk) ([#9764](https://github.com/community-scripts/ProxmoxVE/pull/9764))
+
+### 💾 Core
+
+  - #### 🐞 Bug Fixes
+
+    - fix: always show SSH access dialog in advanced settings [@MickLesk](https://github.com/MickLesk) ([#9765](https://github.com/community-scripts/ProxmoxVE/pull/9765))
+
+## 2025-12-07
+
+### 🚀 Updated Scripts
+
+  - #### 🐞 Bug Fixes
+
+    - wanderer: add meilisearch dumpless upgrade for database migration [@MickLesk](https://github.com/MickLesk) ([#9749](https://github.com/community-scripts/ProxmoxVE/pull/9749))
+
+  - #### 💥 Breaking Changes
+
+    - Refactor: Inventree (uses now ubuntu 24.04) [@MickLesk](https://github.com/MickLesk) ([#9752](https://github.com/community-scripts/ProxmoxVE/pull/9752))
+    - Revert Zammad: use Debian 12 and dynamic APT source version [@MickLesk](https://github.com/MickLesk) ([#9750](https://github.com/community-scripts/ProxmoxVE/pull/9750))
+
+### 💾 Core
+
+  - #### 🐞 Bug Fixes
+
+    - tools.func: handle empty grep results in stop_all_services [@MickLesk](https://github.com/MickLesk) ([#9748](https://github.com/community-scripts/ProxmoxVE/pull/9748))
+    - Remove Debian from GPU passthrough [@MickLesk](https://github.com/MickLesk) ([#9754](https://github.com/community-scripts/ProxmoxVE/pull/9754))
+
+  - #### ✨ New Features
+
+    - core: motd - dynamically read OS version on each login [@MickLesk](https://github.com/MickLesk) ([#9751](https://github.com/community-scripts/ProxmoxVE/pull/9751))
+
+### 🌐 Website
+
+  - FAQ update [@tremor021](https://github.com/tremor021) ([#9742](https://github.com/community-scripts/ProxmoxVE/pull/9742))
+
 ## 2025-12-06

+### 🚀 Updated Scripts
+
+  - Update domain-locker-install.sh to enable auto-start after reboot [@alexindigo](https://github.com/alexindigo) ([#9715](https://github.com/community-scripts/ProxmoxVE/pull/9715))
+
+  - #### 🐞 Bug Fixes
+
+    - InfluxDB: Remove InfluxData source list post-installation [@tremor021](https://github.com/tremor021) ([#9723](https://github.com/community-scripts/ProxmoxVE/pull/9723))
+    - InfluxDB: Update InfluxDB repository key URL [@tremor021](https://github.com/tremor021) ([#9720](https://github.com/community-scripts/ProxmoxVE/pull/9720))
+
+  - #### ✨ New Features
+
+    - pin Portainer Update to CE Version only [@sgaert](https://github.com/sgaert) ([#9710](https://github.com/community-scripts/ProxmoxVE/pull/9710))
+
 ## 2025-12-05

 ### 🆕 New Scripts
--- a/ct/bookstack.sh
+++ b/ct/bookstack.sh
@ -51,7 +51,7 @@ function update_script() {
    msg_info "Configuring BookStack"
    cd /opt/bookstack
    export COMPOSER_ALLOW_SUPERUSER=1
-    $STD composer install --no-dev
+    $STD /usr/local/bin/composer install --no-dev
    $STD php artisan migrate --force
    chown www-data:www-data -R /opt/bookstack /opt/bookstack/bootstrap/cache /opt/bookstack/public/uploads /opt/bookstack/storage
    chmod -R 755 /opt/bookstack /opt/bookstack/bootstrap/cache /opt/bookstack/public/uploads /opt/bookstack/storage
--- a/ct/channels.sh
+++ b/ct/channels.sh
@ -13,6 +13,7 @@ var_disk="${var_disk:-8}"
 var_os="${var_os:-debian}"
 var_version="${var_version:-12}"
 var_unprivileged="${var_unprivileged:-0}"
+var_gpu="${var_gpu:-yes}"

 header_info "$APP"
 variables
--- a/ct/comfyui.sh
+++ b/ct/comfyui.sh
@ -24,11 +24,11 @@ function update_script() {
  check_container_storage
  check_container_resources

-  if [[ ! -f /opt/${APP} ]]; then
+  if [[ ! -d /opt/ComfyUI ]]; then
    msg_error "No ${APP} Installation Found!"
    exit
  fi
-  msg_error "To update use the ${APP} Manager."
+  msg_error "To update use the ComfyUI Manager."
  exit
 }

--- a/ct/coolify.sh
+++ b/ct/coolify.sh
@ -0,0 +1,46 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://coolify.io/
+
+APP="Coolify"
+var_tags="${var_tags:-docker;paas}"
+var_cpu="${var_cpu:-2}"
+var_ram="${var_ram:-4096}"
+var_disk="${var_disk:-30}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-13}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+
+  if [[ ! -d /data/coolify ]]; then
+    msg_error "No ${APP} Installation Found!"
+    exit
+  fi
+
+  msg_info "Updating Coolify"
+  $STD bash <(curl -fsSL https://cdn.coollabs.io/coolify/install.sh)
+  msg_ok "Updated Coolify"
+  msg_ok "Updated successfully!"
+  exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed Successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:8000${CL}"
--- a/ct/discopanel.sh
+++ b/ct/discopanel.sh
@ -0,0 +1,80 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: DragoQC
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://discopanel.app/
+
+APP="DiscoPanel"
+var_tags="${var_tags:-gaming}"
+var_cpu="${var_cpu:-4}"
+var_ram="${var_ram:-4096}"
+var_disk="${var_disk:-15}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-13}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+
+  if [[ ! -d "/opt/discopanel" ]]; then
+    msg_error "No ${APP} Installation Found!"
+    exit
+  fi
+
+  setup_docker
+
+  if check_for_gh_release "discopanel" "nickheyer/discopanel"; then
+    msg_info "Stopping Service"
+    systemctl stop discopanel
+    msg_ok "Stopped Service"
+
+    msg_info "Creating Backup"
+    mkdir -p /opt/discopanel_backup_temp
+    cp -r /opt/discopanel/data/discopanel.db \
+      /opt/discopanel/data/.recovery_key \
+      /opt/discopanel_backup_temp/
+    if [[ -d /opt/discopanel/data/servers ]]; then
+      cp -r /opt/discopanel/data/servers /opt/discopanel_backup_temp/
+    fi
+    msg_ok "Created Backup"
+
+    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "discopanel" "nickheyer/discopanel" "tarball" "latest" "/opt/discopanel"
+
+    msg_info "Setting up DiscoPanel"
+    cd /opt/discopanel/web/discopanel
+    $STD npm install
+    $STD npm run build
+    cd /opt/discopanel
+    $STD go build -o discopanel cmd/discopanel/main.go
+    msg_ok "Setup DiscoPanel"
+
+    msg_info "Restoring Data"
+    mkdir -p /opt/discopanel/data
+    cp -a /opt/discopanel_backup_temp/. /opt/discopanel/data/
+    rm -rf /opt/discopanel_backup_temp
+    msg_ok "Restored Data"
+
+    msg_info "Starting Service"
+    systemctl start discopanel
+    msg_ok "Started Service"
+    msg_ok "Updated Successfully!"
+  fi
+  exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed Successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:8080${CL}"
--- a/ct/dispatcharr.sh
+++ b/ct/dispatcharr.sh
@ -87,6 +87,11 @@ function update_script() {
      mv /tmp/start-daphne.sh.backup /opt/dispatcharr/start-daphne.sh
    fi

+    if ! grep -q "DJANGO_SECRET_KEY" /opt/dispatcharr/.env; then
+        DJANGO_SECRET=$(openssl rand -base64 48 | tr -dc 'a-zA-Z0-9' | cut -c1-50)
+        echo "DJANGO_SECRET_KEY=$DJANGO_SECRET" >> /opt/dispatcharr/.env
+    fi
+
    cd /opt/dispatcharr
    rm -rf .venv
    $STD uv venv
--- a/ct/docker.sh
+++ b/ct/docker.sh
@ -47,7 +47,7 @@ function update_script() {
    msg_ok "Docker Compose updated"
  fi

-  if docker ps -a --format '{{.Names}}' | grep -q '^portainer$'; then
+  if docker ps -a --format '{{.Image}}' | grep -q '^portainer/portainer-ce:latest$'; then
    msg_info "Updating Portainer"
    $STD docker pull portainer/portainer-ce:latest
    $STD docker stop portainer && docker rm portainer
--- a/ct/dokploy.sh
+++ b/ct/dokploy.sh
@ -0,0 +1,46 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://dokploy.com/
+
+APP="Dokploy"
+var_tags="${var_tags:-docker;paas}"
+var_cpu="${var_cpu:-2}"
+var_ram="${var_ram:-2048}"
+var_disk="${var_disk:-10}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-13}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+
+  if [[ ! -d /etc/dokploy ]]; then
+    msg_error "No ${APP} Installation Found!"
+    exit
+  fi
+
+  msg_info "Updating Dokploy"
+  $STD bash <(curl -sSL https://dokploy.com/install.sh)
+  msg_ok "Updated Dokploy"
+  msg_ok "Updated successfully!"
+  exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed Successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:3000${CL}"
--- a/ct/emby.sh
+++ b/ct/emby.sh
@ -13,6 +13,7 @@ var_disk="${var_disk:-8}"
 var_os="${var_os:-ubuntu}"
 var_version="${var_version:-24.04}"
 var_unprivileged="${var_unprivileged:-1}"
+var_gpu="${var_gpu:-yes}"

 header_info "$APP"
 variables
--- a/ct/ersatztv.sh
+++ b/ct/ersatztv.sh
@ -13,6 +13,7 @@ var_disk="${var_disk:-5}"
 var_os="${var_os:-debian}"
 var_version="${var_version:-12}"
 var_unprivileged="${var_unprivileged:-1}"
+var_gpu="${var_gpu:-yes}"

 header_info "$APP"
 variables
--- a/ct/fileflows.sh
+++ b/ct/fileflows.sh
@ -13,6 +13,7 @@ var_disk="${var_disk:-8}"
 var_os="${var_os:-debian}"
 var_version="${var_version:-12}"
 var_unprivileged="${var_unprivileged:-1}"
+var_gpu="${var_gpu:-yes}"

 header_info "$APP"
 variables
--- a/ct/frigate.sh
+++ b/ct/frigate.sh
@ -13,6 +13,7 @@ var_disk="${var_disk:-20}"
 var_os="${var_os:-debian}"
 var_version="${var_version:-11}"
 var_unprivileged="${var_unprivileged:-0}"
+var_gpu="${var_gpu:-yes}"

 header_info "$APP"
 variables
--- a/ct/headers/coolify
+++ b/ct/headers/coolify
@ -0,0 +1,6 @@
+   ______            ___ ____     
+  / ____/___  ____  / (_) __/_  __
+ / /   / __ \/ __ \/ / / /_/ / / /
+/ /___/ /_/ / /_/ / / / __/ /_/ / 
+\____/\____/\____/_/_/_/  \__, /  
+                         /____/   
--- a/ct/headers/dokploy
+++ b/ct/headers/dokploy
@ -0,0 +1,6 @@
+    ____        __         __           
+   / __ \____  / /______  / /___  __  __
+  / / / / __ \/ //_/ __ \/ / __ \/ / / /
+ / /_/ / /_/ / ,< / /_/ / / /_/ / /_/ / 
+/_____/\____/_/|_/ .___/_/\____/\__, /  
+                /_/            /____/   
--- a/ct/immich.sh
+++ b/ct/immich.sh
@ -13,6 +13,7 @@ var_ram="${var_ram:-4096}"
 var_os="${var_os:-debian}"
 var_version="${var_version:-13}"
 var_unprivileged="${var_unprivileged:-1}"
+var_gpu="${var_gpu:-yes}"

 header_info "$APP"
 variables
--- a/ct/inventree.sh
+++ b/ct/inventree.sh
@ -10,8 +10,8 @@ var_tags="${var_tags:-inventory}"
 var_cpu="${var_cpu:-2}"
 var_ram="${var_ram:-2048}"
 var_disk="${var_disk:-6}"
-var_os="${var_os:-debian}"
-var_version="${var_version:-13}"
+var_os="${var_os:-ubuntu}"
+var_version="${var_version:-24.04}"
 var_unprivileged="${var_unprivileged:-1}"

 header_info "$APP"
@ -28,10 +28,16 @@ function update_script() {
    msg_error "No ${APP} Installation Found!"
    exit
  fi
-  msg_info "Updating $APP"
+
+  if ! grep -qE "^ID=(ubuntu)$" /etc/os-release; then
+    msg_error "Unsupported OS. InvenTree requires Ubuntu (20.04/22.04/24.04)."
+    exit
+  fi
+
+  msg_info "Updating InvenTree"
  $STD apt update
  $STD apt install --only-upgrade inventree -y
-  msg_ok "Updated $APP"
+  msg_ok "Updated InvenTree"
  msg_ok "Updated successfully!"
  exit
 }
--- a/ct/jellyfin.sh
+++ b/ct/jellyfin.sh
@ -13,6 +13,7 @@ var_disk="${var_disk:-16}"
 var_os="${var_os:-ubuntu}"
 var_version="${var_version:-24.04}"
 var_unprivileged="${var_unprivileged:-1}"
+var_gpu="${var_gpu:-yes}"

 header_info "$APP"
 variables
--- a/ct/ollama.sh
+++ b/ct/ollama.sh
@ -12,6 +12,7 @@ var_ram="${var_ram:-4096}"
 var_disk="${var_disk:-35}"
 var_os="${var_os:-ubuntu}"
 var_version="${var_version:-24.04}"
+var_gpu="${var_gpu:-yes}"

 header_info "$APP"
 variables
--- a/ct/openwebui.sh
+++ b/ct/openwebui.sh
@ -13,6 +13,7 @@ var_disk="${var_disk:-25}"
 var_os="${var_os:-debian}"
 var_version="${var_version:-13}"
 var_unprivileged="${var_unprivileged:-1}"
+var_gpu="${var_gpu:-yes}"

 header_info "$APP"
 variables
--- a/ct/plex.sh
+++ b/ct/plex.sh
@ -13,6 +13,7 @@ var_disk="${var_disk:-8}"
 var_os="${var_os:-ubuntu}"
 var_version="${var_version:-24.04}"
 var_unprivileged="${var_unprivileged:-1}"
+var_gpu="${var_gpu:-yes}"

 header_info "$APP"
 variables
@ -23,8 +24,8 @@ function update_script() {
  header_info
  check_container_storage
  check_container_resources
-  if [[ ! -f /etc/apt/sources.list.d/plexmediaserver.list ]] \
-   && [[ ! -f /etc/apt/sources.list.d/plexmediaserver.sources ]]; then
+  if [[ ! -f /etc/apt/sources.list.d/plexmediaserver.list ]] &&
+    [[ ! -f /etc/apt/sources.list.d/plexmediaserver.sources ]]; then
    msg_error "No ${APP} Installation Found!"
    exit
  fi
--- a/ct/tandoor.sh
+++ b/ct/tandoor.sh
@ -55,7 +55,7 @@ function update_script() {
    cd /opt/tandoor/vue3
    $STD yarn install
    $STD yarn build
-    TANDOOR_VERSION="$(curl -fsSL https://api.github.com/repos/TandoorRecipes/recipes/releases/latest | jq -r .tag_name)"
+    TANDOOR_VERSION=$(get_latest_github_release "TandoorRecipes/recipes")
    cat <<EOF >/opt/tandoor/cookbook/version_info.py
 TANDOOR_VERSION = "$TANDOOR_VERSION"
 TANDOOR_REF = "bare-metal"
@ -65,7 +65,7 @@ EOF
    $STD /opt/tandoor/.venv/bin/python manage.py migrate
    $STD /opt/tandoor/.venv/bin/python manage.py collectstatic --no-input
    rm -rf /opt/tandoor.bak
-    msg_ok "Updated Trandoor"
+    msg_ok "Updated Tandoor"

    msg_info "Starting Service"
    systemctl start tandoor
--- a/ct/tdarr.sh
+++ b/ct/tdarr.sh
@ -13,6 +13,7 @@ var_disk="${var_disk:-4}"
 var_os="${var_os:-debian}"
 var_version="${var_version:-13}"
 var_unprivileged="${var_unprivileged:-1}"
+var_gpu="${var_gpu:-yes}"

 header_info "$APP"
 variables
--- a/ct/tunarr.sh
+++ b/ct/tunarr.sh
@ -13,6 +13,7 @@ var_disk="${var_disk:-5}"
 var_os="${var_os:-debian}"
 var_version="${var_version:-13}"
 var_unprivileged="${var_unprivileged:-1}"
+var_gpu="${var_gpu:-yes}"

 header_info "$APP"
 variables
--- a/ct/unmanic.sh
+++ b/ct/unmanic.sh
@ -13,6 +13,7 @@ var_disk="${var_disk:-4}"
 var_os="${var_os:-debian}"
 var_version="${var_version:-13}"
 var_unprivileged="${var_unprivileged:-0}"
+var_gpu="${var_gpu:-yes}"

 header_info "$APP"
 variables
--- a/ct/wanderer.sh
+++ b/ct/wanderer.sh
@ -56,6 +56,7 @@ function update_script() {
        msg_ok "Stopped service"

        fetch_and_deploy_gh_release "meilisearch" "meilisearch/meilisearch" "binary" "latest" "/opt/wanderer/source/search"
+        grep -q -- '--experimental-dumpless-upgrade' /opt/wanderer/start.sh || sed -i 's|meilisearch --master-key|meilisearch --experimental-dumpless-upgrade --master-key|' /opt/wanderer/start.sh

        msg_info "Starting service"
        systemctl start wanderer-web
--- a/ct/zammad.sh
+++ b/ct/zammad.sh
@ -11,7 +11,7 @@ var_disk="${var_disk:-8}"
 var_cpu="${var_cpu:-2}"
 var_ram="${var_ram:-4096}"
 var_os="${var_os:-debian}"
-var_version="${var_version:-13}"
+var_version="${var_version:-12}"
 var_unprivileged="${var_unprivileged:-1}"

 header_info "$APP"
@ -27,21 +27,22 @@ function update_script() {
    msg_error "No ${APP} Installation Found!"
    exit
  fi
+
  msg_info "Stopping Service"
  systemctl stop zammad
  msg_ok "Stopped Service"

-  msg_info "Updating ${APP}"
+  msg_info "Updating Zammad"
  $STD apt update
  $STD apt-mark hold zammad
-  $STD apt -y upgrade
+  $STD apt upgrade -y
  $STD apt-mark unhold zammad
-  $STD apt -y upgrade
-  msg_ok "Updated ${APP}"
+  $STD apt upgrade -y
+  msg_ok "Updated Zammad"

  msg_info "Starting Service"
  systemctl start zammad
-  msg_ok "Updated ${APP} LXC"
+  msg_ok "Started Service"
  msg_ok "Updated successfully!"
  exit
 }
--- a/ct/zerotier-one.sh
+++ b/ct/zerotier-one.sh
@ -33,10 +33,10 @@ function update_script() {
  systemctl stop zerotier-one
  msg_ok "Stopping Service"

-  msg_info "Updating ${APP}"
+  msg_info "Updating Zerotier-One"
  $STD apt update
-  $STD apt -y upgrade
-  msg_ok "Updated ${APP}"
+  $STD apt upgrade -y
+  msg_ok "Updated Zerotier-One"

  msg_info "Starting Service"
  systemctl start zerotier-one
--- a/ct/zigbee2mqtt.sh
+++ b/ct/zigbee2mqtt.sh
@ -43,7 +43,7 @@ function update_script() {

    fetch_and_deploy_gh_release "Zigbee2MQTT" "Koenkk/zigbee2mqtt" "tarball" "latest" "/opt/zigbee2mqtt"

-    msg_info "Updating ${APP}"
+    msg_info "Updating Zigbee2MQTT"
    rm -rf /opt/zigbee2mqtt/data
    mv /opt/z2m_backup/data /opt/zigbee2mqtt
    cd /opt/zigbee2mqtt
--- a/docs/TECHNICAL_REFERENCE.md
+++ b/docs/TECHNICAL_REFERENCE.md
@ -2,7 +2,7 @@

 > **For Developers and Advanced Users**
 >
-> *Deep dive into how the defaults and configuration system works*
+> _Deep dive into how the defaults and configuration system works_

 ---

@ -124,7 +124,7 @@ VAR_VALUE  := [^\n]*  # Any printable characters except newline
 **Constraints**:

 | Constraint        | Value                    |
-|-----------|-------|
+| ----------------- | ------------------------ |
 | Max file size     | 64 KB                    |
 | Max line length   | 1024 bytes               |
 | Max variables     | 100                      |
@ -206,6 +206,7 @@ var_tags=dns,pihole
 **Purpose**: Safely load variables from .vars files without using `source` or `eval`

 **Signature**:
+
 ```bash
 load_vars_file(filepath)
 ```
@ -213,14 +214,16 @@ load_vars_file(filepath)
 **Parameters**:

 | Param    | Type   | Required | Example                                     |
-|-------|------|----------|---------|
+| -------- | ------ | -------- | ------------------------------------------- |
 | filepath | String | Yes      | `/usr/local/community-scripts/default.vars` |

 **Returns**:
+
 - `0` on success
 - `1` on error (file missing, parse error, etc.)

 **Environment Side Effects**:
+
 - Sets all parsed `var_*` variables as shell variables
 - Does NOT unset variables if file missing (safe)
 - Does NOT affect other variables
@ -281,6 +284,7 @@ echo "Allocating ${var_ram} MB RAM"
 **Purpose**: Get the full path for app-specific defaults file

 **Signature**:
+
 ```bash
 get_app_defaults_path()
 ```
@ -288,6 +292,7 @@ get_app_defaults_path()
 **Parameters**: None

 **Returns**:
+
 - String: Full path to app defaults file

 **Implementation**:
@ -322,6 +327,7 @@ load_vars_file "$(get_app_defaults_path)"
 **Purpose**: Load and display user global defaults

 **Signature**:
+
 ```bash
 default_var_settings()
 ```
@ -329,6 +335,7 @@ default_var_settings()
 **Parameters**: None

 **Returns**:
+
 - `0` on success
 - `1` on error

@ -354,7 +361,7 @@ default_var_settings()
 ```bash
 default_var_settings() {
  local VAR_WHITELIST=(
-    var_apt_cacher var_apt_cacher_ip var_brg var_cpu var_disk var_fuse
+    var_apt_cacher var_apt_cacher_ip var_brg var_cpu var_disk var_fuse var_gpu
    var_gateway var_hostname var_ipv6_method var_mac var_mtu
    var_net var_ns var_pw var_ram var_tags var_tun var_unprivileged
    var_verbose var_vlan var_ssh var_ssh_authorized_key
@ -389,6 +396,7 @@ default_var_settings() {
 **Purpose**: Offer to save current settings as app-specific defaults

 **Signature**:
+
 ```bash
 maybe_offer_save_app_defaults()
 ```
@ -438,6 +446,7 @@ maybe_offer_save_app_defaults() {
 **Purpose**: Remove dangerous characters/patterns from configuration values

 **Signature**:
+
 ```bash
 _sanitize_value(value)
 ```
@ -445,17 +454,18 @@ _sanitize_value(value)
 **Parameters**:

 | Param | Type   | Required |
-|-------|------|----------|
+| ----- | ------ | -------- |
 | value | String | Yes      |

 **Returns**:
+
 - `0` (success) + sanitized value on stdout
 - `1` (failure) + nothing if dangerous

 **Dangerous Patterns**:

 | Pattern   | Threat               | Example              |
-|---------|--------|---------|
+| --------- | -------------------- | -------------------- |
 | `$(...)`  | Command substitution | `$(rm -rf /)`        |
 | `` ` ` `` | Command substitution | `` `whoami` ``       |
 | `;`       | Command separator    | `value; rm -rf /`    |
@ -501,6 +511,7 @@ fi
 **Purpose**: Check if variable name is in allowed whitelist

 **Signature**:
+
 ```bash
 _is_whitelisted_key(key)
 ```
@ -508,10 +519,11 @@ _is_whitelisted_key(key)
 **Parameters**:

 | Param | Type   | Required | Example   |
-|-------|------|----------|---------|
+| ----- | ------ | -------- | --------- |
 | key   | String | Yes      | `var_cpu` |

 **Returns**:
+
 - `0` if key is whitelisted
 - `1` if key is NOT whitelisted

@ -573,6 +585,7 @@ Step 4: Use BUILT-IN DEFAULTS
 ### Precedence Examples

 **Example 1: Environment Variable Wins**
+
 ```bash
 # Shell environment has highest priority
 $ export var_cpu=16
@ -583,6 +596,7 @@ $ bash pihole-install.sh
 ```

 **Example 2: App Defaults Override User Defaults**
+
 ```bash
 # User Defaults: var_cpu=4
 # App Defaults: var_cpu=2
@ -593,6 +607,7 @@ $ bash pihole-install.sh
 ```

 **Example 3: All Defaults Missing (Built-ins Used)**
+
 ```bash
 # No environment variables set
 # No app defaults file
@ -735,7 +750,7 @@ CONTAINER CREATION STARTED
 ### Threat Model

 | Threat                       | Mitigation                                        |
-|--------|-----------|
+| ---------------------------- | ------------------------------------------------- |
 | **Arbitrary Code Execution** | No `source` or `eval`; manual parsing only        |
 | **Variable Injection**       | Whitelist of allowed variable names               |
 | **Command Substitution**     | `_sanitize_value()` blocks `$()`, backticks, etc. |
@ -798,6 +813,7 @@ fi
 ### Module: `build.func`

 **Load Order** (in actual scripts):
+
 1. `#!/usr/bin/env bash` - Shebang
 2. `source /dev/stdin <<<$(curl ... api.func)` - API functions
 3. `source /dev/stdin <<<$(curl ... build.func)` - Build functions
@ -832,17 +848,17 @@ fi

 # Section 6: Installation Flow
 - install_script()         # Main entry point
- advanced_settings()      # 19-step wizard
+- advanced_settings()      # 20-step wizard
 ```

 ### Regex Patterns Used

 | Pattern                | Purpose               | Example Match           |
-|---------|---------|---|
+| ---------------------- | --------------------- | ----------------------- |
 | `^[0-9]+([.][0-9]+)?$` | Integer validation    | `4`, `192.168`          |
 | `^var_[a-z_]+$`        | Variable name         | `var_cpu`, `var_ssh`    |
 | `*'$('*`               | Command substitution  | `$(whoami)`             |
-| `*\`*` | Backtick substitution | `` `cat /etc/passwd` `` |
+| `*\`\*`                | Backtick substitution | `` `cat /etc/passwd` `` |

 ---

@ -870,7 +886,7 @@ fi
 ### Function Mapping

 | Old              | New                               | Location   |
-|-----|-----|----------|
+| ---------------- | --------------------------------- | ---------- |
 | `read_config()`  | `load_vars_file()`                | build.func |
 | `write_config()` | `_build_current_app_vars_tmp()`   | build.func |
 | None             | `maybe_offer_save_app_defaults()` | build.func |
--- a/docs/misc/build.func/BUILD_FUNC_ADVANCED_SETTINGS.md
+++ b/docs/misc/build.func/BUILD_FUNC_ADVANCED_SETTINGS.md
@ -0,0 +1,164 @@
+# Advanced Settings Wizard Reference
+
+## Overview
+
+The Advanced Settings wizard provides a 28-step interactive configuration for LXC container creation. It allows users to customize every aspect of the container while inheriting sensible defaults from the CT script.
+
+## Key Features
+
+- **Inherit App Defaults**: All `var_*` values from CT scripts pre-populate wizard fields
+- **Back Navigation**: Press Cancel/Back to return to previous step
+- **App Default Hints**: Each dialog shows `(App default: X)` to indicate script defaults
+- **Full Customization**: Every configurable option is accessible
+
+## Wizard Steps
+
+| Step | Title                    | Variable(s)                       | Description                                           |
+| ---- | ------------------------ | --------------------------------- | ----------------------------------------------------- |
+| 1    | Container Type           | `var_unprivileged`                | Privileged (0) or Unprivileged (1) container          |
+| 2    | Root Password            | `var_pw`                          | Set password or use automatic login                   |
+| 3    | Container ID             | `var_ctid`                        | Unique container ID (auto-suggested)                  |
+| 4    | Hostname                 | `var_hostname`                    | Container hostname                                    |
+| 5    | Disk Size                | `var_disk`                        | Disk size in GB                                       |
+| 6    | CPU Cores                | `var_cpu`                         | Number of CPU cores                                   |
+| 7    | RAM Size                 | `var_ram`                         | RAM size in MiB                                       |
+| 8    | Network Bridge           | `var_brg`                         | Network bridge (vmbr0, etc.)                          |
+| 9    | IPv4 Configuration       | `var_net`, `var_gateway`          | DHCP or static IP with gateway                        |
+| 10   | IPv6 Configuration       | `var_ipv6_method`                 | Auto, DHCP, Static, or None                           |
+| 11   | MTU Size                 | `var_mtu`                         | Network MTU (default: 1500)                           |
+| 12   | DNS Search Domain        | `var_searchdomain`                | DNS search domain                                     |
+| 13   | DNS Server               | `var_ns`                          | Custom DNS server IP                                  |
+| 14   | MAC Address              | `var_mac`                         | Custom MAC address (auto-generated if empty)          |
+| 15   | VLAN Tag                 | `var_vlan`                        | VLAN tag ID                                           |
+| 16   | Tags                     | `var_tags`                        | Container tags (comma/semicolon separated)            |
+| 17   | SSH Settings             | `var_ssh`                         | SSH key selection and root access                     |
+| 18   | FUSE Support             | `var_fuse`                        | Enable FUSE for rclone, mergerfs, AppImage            |
+| 19   | TUN/TAP Support          | `var_tun`                         | Enable for VPN apps (WireGuard, OpenVPN, Tailscale)   |
+| 20   | Nesting Support          | `var_nesting`                     | Enable for Docker, LXC in LXC, Podman                 |
+| 21   | GPU Passthrough          | `var_gpu`                         | Auto-detect and pass through Intel/AMD/NVIDIA GPUs    |
+| 22   | Keyctl Support           | `var_keyctl`                      | Enable for Docker, systemd-networkd                   |
+| 23   | APT Cacher Proxy         | `var_apt_cacher`, `var_apt_cacher_ip` | Use apt-cacher-ng for faster downloads            |
+| 24   | Container Timezone       | `var_timezone`                    | Set timezone (e.g., Europe/Berlin)                    |
+| 25   | Container Protection     | `var_protection`                  | Prevent accidental deletion                           |
+| 26   | Device Node Creation     | `var_mknod`                       | Allow mknod (experimental, kernel 5.3+)               |
+| 27   | Mount Filesystems        | `var_mount_fs`                    | Allow specific mounts: nfs, cifs, fuse, etc.          |
+| 28   | Verbose Mode & Confirm   | `var_verbose`                     | Enable verbose output + final confirmation            |
+
+## Default Value Inheritance
+
+The wizard inherits defaults from multiple sources:
+
+```text
+CT Script (var_*) → default.vars → app.vars → User Input
+```
+
+### Example: VPN Container (alpine-wireguard.sh)
+
+```bash
+# CT script sets:
+var_tun="${var_tun:-1}"  # TUN enabled by default
+
+# In Advanced Settings Step 19:
+# Dialog shows: "(App default: 1)" and pre-selects "Yes"
+```
+
+### Example: Media Server (jellyfin.sh)
+
+```bash
+# CT script sets:
+var_gpu="${var_gpu:-yes}"  # GPU enabled by default
+
+# In Advanced Settings Step 21:
+# Dialog shows: "(App default: yes)" and pre-selects "Yes"
+```
+
+## Feature Matrix
+
+| Feature           | Variable         | When to Enable                                      |
+| ----------------- | ---------------- | --------------------------------------------------- |
+| FUSE              | `var_fuse`       | rclone, mergerfs, AppImage, SSHFS                   |
+| TUN/TAP           | `var_tun`        | WireGuard, OpenVPN, Tailscale, VPN containers       |
+| Nesting           | `var_nesting`    | Docker, Podman, LXC-in-LXC, systemd-nspawn          |
+| GPU Passthrough   | `var_gpu`        | Plex, Jellyfin, Emby, Frigate, Ollama, ComfyUI      |
+| Keyctl            | `var_keyctl`     | Docker (unprivileged), systemd-networkd             |
+| Protection        | `var_protection` | Production containers, prevent accidental deletion  |
+| Mknod             | `var_mknod`      | Device node creation (experimental)                 |
+| Mount FS          | `var_mount_fs`   | NFS mounts, CIFS shares, custom filesystems         |
+| APT Cacher        | `var_apt_cacher` | Speed up downloads with local apt-cacher-ng         |
+
+## Confirmation Summary
+
+Step 28 displays a comprehensive summary before creation:
+
+```text
+Container Type: Unprivileged
+Container ID: 100
+Hostname: jellyfin
+
+Resources:
+  Disk: 8 GB
+  CPU: 2 cores
+  RAM: 2048 MiB
+
+Network:
+  Bridge: vmbr0
+  IPv4: dhcp
+  IPv6: auto
+
+Features:
+  FUSE: no | TUN: no
+  Nesting: Enabled | Keyctl: Disabled
+  GPU: yes | Protection: No
+
+Advanced:
+  Timezone: Europe/Berlin
+  APT Cacher: no
+  Verbose: no
+```
+
+## Usage Examples
+
+### Skip to Advanced Settings
+
+```bash
+# Run script, select "Advanced" from menu
+bash -c "$(curl -fsSL https://...jellyfin.sh)"
+# Then select option 3 "Advanced"
+```
+
+### Pre-set Defaults via Environment
+
+```bash
+# Set defaults before running
+export var_cpu=4
+export var_ram=4096
+export var_gpu=yes
+bash -c "$(curl -fsSL https://...jellyfin.sh)"
+# Advanced settings will inherit these values
+```
+
+### Non-Interactive with All Options
+
+```bash
+# Set all variables for fully automated deployment
+export var_unprivileged=1
+export var_cpu=2
+export var_ram=2048
+export var_disk=8
+export var_net=dhcp
+export var_fuse=no
+export var_tun=no
+export var_gpu=yes
+export var_nesting=1
+export var_protection=no
+export var_verbose=no
+bash -c "$(curl -fsSL https://...jellyfin.sh)"
+```
+
+## Notes
+
+- **Cancel at Step 1**: Exits the script entirely
+- **Cancel at Steps 2-28**: Goes back to previous step
+- **Empty fields**: Use default value
+- **Keyctl**: Automatically enabled for unprivileged containers
+- **Nesting**: Enabled by default (required for many apps)
--- a/docs/misc/build.func/BUILD_FUNC_ENVIRONMENT_VARIABLES.md
+++ b/docs/misc/build.func/BUILD_FUNC_ENVIRONMENT_VARIABLES.md
@ -9,7 +9,7 @@ This document provides a comprehensive reference of all environment variables us
 ### Core Container Variables

 | Variable  | Description                                  | Default   | Set In      | Used In            |
-|----------|-------------|---------|---------|---------|
+| --------- | -------------------------------------------- | --------- | ----------- | ------------------ |
 | `APP`     | Application name (e.g., "plex", "nextcloud") | -         | Environment | Throughout         |
 | `NSAPP`   | Namespace application name                   | `$APP`    | Environment | Throughout         |
 | `CTID`    | Container ID                                 | -         | Environment | Container creation |
@ -19,7 +19,7 @@ This document provides a comprehensive reference of all environment variables us
 ### Operating System Variables

 | Variable       | Description                | Default        | Set In          | Used In            |
-|----------|-------------|---------|---------|---------|
+| -------------- | -------------------------- | -------------- | --------------- | ------------------ |
 | `var_os`       | Operating system selection | "debian"       | base_settings() | OS selection       |
 | `var_version`  | OS version                 | "12"           | base_settings() | Template selection |
 | `var_template` | Template name              | Auto-generated | base_settings() | Template download  |
@ -27,7 +27,7 @@ This document provides a comprehensive reference of all environment variables us
 ### Resource Configuration Variables

 | Variable     | Description             | Default     | Set In          | Used In            |
-|----------|-------------|---------|---------|---------|
+| ------------ | ----------------------- | ----------- | --------------- | ------------------ |
 | `var_cpu`    | CPU cores               | "2"         | base_settings() | Container creation |
 | `var_ram`    | RAM in MB               | "2048"      | base_settings() | Container creation |
 | `var_disk`   | Disk size in GB         | "8"         | base_settings() | Container creation |
@ -38,7 +38,7 @@ This document provides a comprehensive reference of all environment variables us
 ### Network Configuration Variables

 | Variable      | Description                     | Default        | Set In          | Used In        |
-|----------|-------------|---------|---------|---------|
+| ------------- | ------------------------------- | -------------- | --------------- | -------------- |
 | `var_net`     | Network interface               | "vmbr0"        | base_settings() | Network config |
 | `var_bridge`  | Bridge interface                | "vmbr0"        | base_settings() | Network config |
 | `var_gateway` | Gateway IP                      | "192.168.1.1"  | base_settings() | Network config |
@ -58,7 +58,7 @@ This document provides a comprehensive reference of all environment variables us
 ### Storage Configuration Variables

 | Variable                | Description                     | Default                  | Set In           | Used In           |
-|----------|-------------|---------|---------|---------|
+| ----------------------- | ------------------------------- | ------------------------ | ---------------- | ----------------- |
 | `var_template_storage`  | Storage for templates           | -                        | select_storage() | Template storage  |
 | `var_container_storage` | Storage for container disks     | -                        | select_storage() | Container storage |
 | `TEMPLATE_STORAGE`      | Template storage (alternative)  | `$var_template_storage`  | Environment      | Template storage  |
@ -67,30 +67,69 @@ This document provides a comprehensive reference of all environment variables us
 ### Feature Flags

 | Variable         | Description                    | Default | Set In                          | Used In            |
-|----------|-------------|---------|---------|---------|
-| `ENABLE_FUSE` | Enable FUSE support | "true" | base_settings() | Container features |
-| `ENABLE_TUN` | Enable TUN/TAP support | "true" | base_settings() | Container features |
-| `ENABLE_KEYCTL` | Enable keyctl support | "true" | base_settings() | Container features |
-| `ENABLE_MOUNT` | Enable mount support | "true" | base_settings() | Container features |
-| `ENABLE_NESTING` | Enable nesting support | "false" | base_settings() | Container features |
-| `ENABLE_PRIVILEGED` | Enable privileged mode | "false" | base_settings() | Container features |
-| `ENABLE_UNPRIVILEGED` | Enable unprivileged mode | "true" | base_settings() | Container features |
-| `VERBOSE` | Enable verbose output | "false" | Environment | Logging |
-| `SSH` | Enable SSH key provisioning | "true" | base_settings() | SSH setup |
+| ---------------- | ------------------------------ | ------- | ------------------------------- | ------------------ |
+| `var_fuse`       | Enable FUSE support            | "no"    | CT script / Advanced Settings   | Container features |
+| `var_tun`        | Enable TUN/TAP support         | "no"    | CT script / Advanced Settings   | Container features |
+| `var_nesting`    | Enable nesting support         | "1"     | CT script / Advanced Settings   | Container features |
+| `var_keyctl`     | Enable keyctl support          | "0"     | CT script / Advanced Settings   | Container features |
+| `var_mknod`      | Allow device node creation     | "0"     | CT script / Advanced Settings   | Container features |
+| `var_mount_fs`   | Allowed filesystem mounts      | ""      | CT script / Advanced Settings   | Container features |
+| `var_protection` | Enable container protection    | "no"    | CT script / Advanced Settings   | Container creation |
+| `var_timezone`   | Container timezone             | ""      | CT script / Advanced Settings   | Container creation |
+| `var_verbose`    | Enable verbose output          | "no"    | Environment / Advanced Settings | Logging            |
+| `var_ssh`        | Enable SSH key provisioning    | "no"    | CT script / Advanced Settings   | SSH setup          |
+| `ENABLE_FUSE`    | FUSE flag (internal)           | "no"    | Advanced Settings               | Container creation |
+| `ENABLE_TUN`     | TUN/TAP flag (internal)        | "no"    | Advanced Settings               | Container creation |
+| `ENABLE_NESTING` | Nesting flag (internal)        | "1"     | Advanced Settings               | Container creation |
+| `ENABLE_KEYCTL`  | Keyctl flag (internal)         | "0"     | Advanced Settings               | Container creation |
+| `ENABLE_MKNOD`   | Mknod flag (internal)          | "0"     | Advanced Settings               | Container creation |
+| `PROTECT_CT`     | Protection flag (internal)     | "no"    | Advanced Settings               | Container creation |
+| `CT_TIMEZONE`    | Timezone setting (internal)    | ""      | Advanced Settings               | Container creation |
+| `VERBOSE`        | Verbose mode flag              | "no"    | Environment                     | Logging            |
+| `SSH`            | SSH access flag                | "no"    | Advanced Settings               | SSH setup          |
+
+### APT Cacher Configuration
+
+| Variable           | Description              | Default | Set In                        | Used In             |
+| ------------------ | ------------------------ | ------- | ----------------------------- | ------------------- |
+| `var_apt_cacher`   | Enable APT cacher proxy  | "no"    | CT script / Advanced Settings | Package management  |
+| `var_apt_cacher_ip`| APT cacher server IP     | ""      | CT script / Advanced Settings | Package management  |
+| `APT_CACHER`       | APT cacher flag          | "no"    | Advanced Settings             | Container creation  |
+| `APT_CACHER_IP`    | APT cacher IP (internal) | ""      | Advanced Settings             | Container creation  |

 ### GPU Passthrough Variables

 | Variable     | Description                     | Default | Set In                                      | Used In            |
-|----------|-------------|---------|---------|---------|
-| `GPU_APPS` | List of apps that support GPU | - | Environment | GPU detection |
-| `var_gpu` | GPU selection | - | User input | GPU passthrough |
-| `var_gpu_type` | GPU type (intel/amd/nvidia) | - | detect_gpu_devices() | GPU passthrough |
-| `var_gpu_devices` | GPU device list | - | detect_gpu_devices() | GPU passthrough |
+| ------------ | ------------------------------- | ------- | ------------------------------------------- | ------------------ |
+| `var_gpu`    | Enable GPU passthrough          | "no"    | CT script / Environment / Advanced Settings | GPU passthrough    |
+| `ENABLE_GPU` | GPU passthrough flag (internal) | "no"    | Advanced Settings                           | Container creation |
+
+**Note**: GPU passthrough is controlled via `var_gpu`. Apps that benefit from GPU acceleration (media servers, AI/ML, transcoding) have `var_gpu=yes` as default in their CT scripts.
+
+**Apps with GPU enabled by default**:
+
+- Media: jellyfin, plex, emby, channels, ersatztv, tunarr, immich
+- Transcoding: tdarr, unmanic, fileflows
+- AI/ML: ollama, openwebui
+- NVR: frigate
+
+**Usage Examples**:
+
+```bash
+# Disable GPU for a specific installation
+var_gpu=no bash -c "$(curl -fsSL https://...jellyfin.sh)"
+
+# Enable GPU for apps without default GPU support
+var_gpu=yes bash -c "$(curl -fsSL https://...debian.sh)"
+
+# Set in default.vars for all apps
+echo "var_gpu=yes" >> /usr/local/community-scripts/default.vars
+```

 ### API and Diagnostics Variables

 | Variable      | Description              | Default   | Set In      | Used In           |
-|----------|-------------|---------|---------|---------|
+| ------------- | ------------------------ | --------- | ----------- | ----------------- |
 | `DIAGNOSTICS` | Enable diagnostics mode  | "false"   | Environment | Diagnostics       |
 | `METHOD`      | Installation method      | "install" | Environment | Installation flow |
 | `RANDOM_UUID` | Random UUID for tracking | -         | Environment | Logging           |
@ -100,7 +139,7 @@ This document provides a comprehensive reference of all environment variables us
 ### Settings Persistence Variables

 | Variable            | Description                | Default                                           | Set In      | Used In              |
-|----------|-------------|---------|---------|---------|
+| ------------------- | -------------------------- | ------------------------------------------------- | ----------- | -------------------- |
 | `SAVE_DEFAULTS`     | Save settings as defaults  | "false"                                           | User input  | Settings persistence |
 | `SAVE_APP_DEFAULTS` | Save app-specific defaults | "false"                                           | User input  | Settings persistence |
 | `DEFAULT_VARS_FILE` | Path to default.vars       | "/usr/local/community-scripts/default.vars"       | Environment | Settings persistence |
@ -152,6 +191,7 @@ export SSH="true"
 ## Environment Variable Usage Patterns

 ### 1. Container Creation
+
 ```bash
 # Basic container creation
 export APP="nextcloud"
@ -170,6 +210,7 @@ export var_container_storage="local"
 ```

 ### 2. GPU Passthrough
+
 ```bash
 # Enable GPU passthrough
 export GPU_APPS="plex,jellyfin,emby"
@ -178,6 +219,7 @@ export ENABLE_PRIVILEGED="true"
 ```

 ### 3. Advanced Network Configuration
+
 ```bash
 # VLAN and IPv6 configuration
 export var_vlan="100"
@ -187,6 +229,7 @@ export var_mtu="9000"
 ```

 ### 4. Storage Configuration
+
 ```bash
 # Custom storage locations
 export var_template_storage="nfs-storage"
@ -206,6 +249,7 @@ The script validates variables at several points:
 ## Common Variable Combinations

 ### Development Container
+
 ```bash
 export APP="dev-container"
 export CTID="200"
@ -220,6 +264,7 @@ export ENABLE_PRIVILEGED="true"
 ```

 ### Media Server with GPU
+
 ```bash
 export APP="plex"
 export CTID="300"
@ -235,6 +280,7 @@ export ENABLE_PRIVILEGED="true"
 ```

 ### Lightweight Service
+
 ```bash
 export APP="nginx"
 export CTID="400"
--- a/docs/misc/build.func/BUILD_FUNC_FUNCTIONS_REFERENCE.md
+++ b/docs/misc/build.func/BUILD_FUNC_FUNCTIONS_REFERENCE.md
@ -9,10 +9,12 @@ This document provides a comprehensive reference of all functions in `build.func
 ### Initialization Functions

 #### `start()`
+
 **Purpose**: Main entry point when build.func is sourced or executed
 **Parameters**: None
 **Returns**: None
 **Side Effects**:
+
 - Detects execution context (Proxmox host vs container)
 - Captures hard environment variables
 - Sets CT_TYPE based on context
@ -21,10 +23,12 @@ This document provides a comprehensive reference of all functions in `build.func
  **Environment Variables Used**: `CT_TYPE`, `APP`, `CTID`

 #### `variables()`
+
 **Purpose**: Load and resolve all configuration variables using precedence chain
 **Parameters**: None
 **Returns**: None
 **Side Effects**:
+
 - Loads app-specific .vars file
 - Loads global default.vars file
 - Applies variable precedence chain
@ -33,6 +37,7 @@ This document provides a comprehensive reference of all functions in `build.func
  **Environment Variables Used**: All configuration variables

 #### `base_settings()`
+
 **Purpose**: Set built-in default values for all configuration variables
 **Parameters**: None
 **Returns**: None
@ -43,10 +48,12 @@ This document provides a comprehensive reference of all functions in `build.func
 ### UI and Menu Functions

 #### `install_script()`
+
 **Purpose**: Main installation workflow coordinator
 **Parameters**: None
 **Returns**: None
 **Side Effects**:
+
 - Displays installation mode selection menu
 - Coordinates the entire installation process
 - Handles user interaction and validation
@ -54,10 +61,12 @@ This document provides a comprehensive reference of all functions in `build.func
  **Environment Variables Used**: `APP`, `CTID`, `var_hostname`

 #### `advanced_settings()`
+
 **Purpose**: Provide advanced configuration options via whiptail menus
 **Parameters**: None
 **Returns**: None
 **Side Effects**:
+
 - Displays whiptail menus for configuration
 - Updates configuration variables based on user input
 - Validates user selections
@ -65,6 +74,7 @@ This document provides a comprehensive reference of all functions in `build.func
  **Environment Variables Used**: All configuration variables

 #### `settings_menu()`
+
 **Purpose**: Display and handle settings configuration menu
 **Parameters**: None
 **Returns**: None
@ -75,10 +85,12 @@ This document provides a comprehensive reference of all functions in `build.func
 ### Storage Functions

 #### `select_storage()`
+
 **Purpose**: Handle storage selection for templates and containers
 **Parameters**: None
 **Returns**: None
 **Side Effects**:
+
 - Resolves storage preselection
 - Prompts user for storage selection if needed
 - Validates storage availability
@ -87,8 +99,10 @@ This document provides a comprehensive reference of all functions in `build.func
  **Environment Variables Used**: `var_template_storage`, `var_container_storage`, `TEMPLATE_STORAGE`, `CONTAINER_STORAGE`

 #### `resolve_storage_preselect()`
+
 **Purpose**: Resolve preselected storage options
 **Parameters**:
+
 - `storage_type`: Type of storage (template or container)
  **Returns**: Storage name if valid, empty if invalid
  **Side Effects**: Validates storage availability
@ -96,8 +110,10 @@ This document provides a comprehensive reference of all functions in `build.func
  **Environment Variables Used**: `var_template_storage`, `var_container_storage`

 #### `choose_and_set_storage_for_file()`
+
 **Purpose**: Interactive storage selection via whiptail
 **Parameters**:
+
 - `storage_type`: Type of storage (template or container)
 - `content_type`: Content type (vztmpl or rootdir)
  **Returns**: None
@ -111,10 +127,12 @@ This document provides a comprehensive reference of all functions in `build.func
 ### Container Creation Functions

 #### `build_container()`
+
 **Purpose**: Validate settings and prepare container creation
 **Parameters**: None
 **Returns**: None
 **Side Effects**:
+
 - Validates all configuration
 - Checks for conflicts
 - Prepares container configuration
@ -123,10 +141,12 @@ This document provides a comprehensive reference of all functions in `build.func
  **Environment Variables Used**: All configuration variables

 #### `create_lxc_container()`
+
 **Purpose**: Create the actual LXC container
 **Parameters**: None
 **Returns**: None
 **Side Effects**:
+
 - Creates LXC container with basic configuration
 - Configures network settings
 - Sets up storage and mount points
@ -140,10 +160,12 @@ This document provides a comprehensive reference of all functions in `build.func
 ### GPU and Hardware Functions

 #### `detect_gpu_devices()`
+
 **Purpose**: Detect available GPU hardware on the system
 **Parameters**: None
 **Returns**: None
 **Side Effects**:
+
 - Scans for Intel, AMD, and NVIDIA GPUs
 - Updates var_gpu_type and var_gpu_devices
 - Determines GPU capabilities
@ -151,10 +173,12 @@ This document provides a comprehensive reference of all functions in `build.func
  **Environment Variables Used**: `var_gpu_type`, `var_gpu_devices`, `GPU_APPS`

 #### `configure_gpu_passthrough()`
+
 **Purpose**: Configure GPU passthrough for the container
 **Parameters**: None
 **Returns**: None
 **Side Effects**:
+
 - Adds GPU device entries to container config
 - Configures proper device permissions
 - Sets up device mapping
@ -163,23 +187,78 @@ This document provides a comprehensive reference of all functions in `build.func
  **Environment Variables Used**: `var_gpu`, `var_gpu_type`, `var_gpu_devices`, `CTID`

 #### `fix_gpu_gids()`
+
 **Purpose**: Fix GPU group IDs after container creation
 **Parameters**: None
 **Returns**: None
 **Side Effects**:
+
 - Updates GPU group IDs in container
 - Ensures proper GPU access permissions
 - Configures video and render groups
  **Dependencies**: `configure_gpu_passthrough()`
  **Environment Variables Used**: `CTID`, `var_gpu_type`

+### SSH Configuration Functions
+
+#### `configure_ssh_settings()`
+
+**Purpose**: Interactive SSH key and access configuration wizard
+**Parameters**:
+
+- `step_info` (optional): Step indicator string (e.g., "Step 17/19") for consistent dialog headers
+  **Returns**: None
+  **Side Effects**:
+- Creates temporary file for SSH keys
+- Discovers and presents available SSH keys from host
+- Allows manual key entry or folder/glob scanning
+- Sets `SSH` variable to "yes" or "no" based on user selection
+- Sets `SSH_AUTHORIZED_KEY` if manual key provided
+- Populates `SSH_KEYS_FILE` with selected keys
+  **Dependencies**: `ssh_discover_default_files()`, `ssh_build_choices_from_files()`
+  **Environment Variables Used**: `SSH`, `SSH_AUTHORIZED_KEY`, `SSH_KEYS_FILE`
+
+**SSH Key Source Options**:
+
+1. `found` - Select from auto-detected host keys
+2. `manual` - Paste a single public key
+3. `folder` - Scan custom folder or glob pattern
+4. `none` - No SSH keys
+
+**Note**: The "Enable root SSH access?" dialog is always shown, regardless of whether SSH keys or password are configured. This ensures users can always enable SSH access even with automatic login.
+
+#### `ssh_discover_default_files()`
+
+**Purpose**: Discover SSH public key files on the host system
+**Parameters**: None
+**Returns**: Array of discovered key file paths
+**Side Effects**: Scans common SSH key locations
+**Dependencies**: None
+**Environment Variables Used**: `var_ssh_import_glob`
+
+#### `ssh_build_choices_from_files()`
+
+**Purpose**: Build whiptail checklist choices from SSH key files
+**Parameters**:
+
+- Array of file paths to process
+  **Returns**: None
+  **Side Effects**:
+- Sets `CHOICES` array for whiptail checklist
+- Sets `COUNT` variable with number of keys found
+- Creates `MAPFILE` for key tag to content mapping
+  **Dependencies**: None
+  **Environment Variables Used**: `CHOICES`, `COUNT`, `MAPFILE`
+
 ### Settings Persistence Functions

 #### `default_var_settings()`
+
 **Purpose**: Offer to save current settings as defaults
 **Parameters**: None
 **Returns**: None
 **Side Effects**:
+
 - Prompts user to save settings
 - Saves to default.vars file
 - Saves to app-specific .vars file
@ -187,10 +266,12 @@ This document provides a comprehensive reference of all functions in `build.func
  **Environment Variables Used**: All configuration variables

 #### `maybe_offer_save_app_defaults()`
+
 **Purpose**: Offer to save app-specific defaults
 **Parameters**: None
 **Returns**: None
 **Side Effects**:
+
 - Prompts user to save app-specific settings
 - Saves to app.vars file
 - Updates app-specific configuration
@ -200,10 +281,12 @@ This document provides a comprehensive reference of all functions in `build.func
 ### Utility Functions

 #### `validate_settings()`
+
 **Purpose**: Validate all configuration settings
 **Parameters**: None
 **Returns**: 0 if valid, 1 if invalid
 **Side Effects**:
+
 - Checks for configuration conflicts
 - Validates resource limits
 - Validates network configuration
@ -212,10 +295,12 @@ This document provides a comprehensive reference of all functions in `build.func
  **Environment Variables Used**: All configuration variables

 #### `check_conflicts()`
+
 **Purpose**: Check for configuration conflicts
 **Parameters**: None
 **Returns**: 0 if no conflicts, 1 if conflicts found
 **Side Effects**:
+
 - Checks for conflicting settings
 - Validates resource allocation
 - Checks network configuration
@ -223,10 +308,12 @@ This document provides a comprehensive reference of all functions in `build.func
  **Environment Variables Used**: All configuration variables

 #### `cleanup_on_error()`
+
 **Purpose**: Clean up resources on error
 **Parameters**: None
 **Returns**: None
 **Side Effects**:
+
 - Removes partially created containers
 - Cleans up temporary files
 - Resets configuration
@ -236,6 +323,7 @@ This document provides a comprehensive reference of all functions in `build.func
 ## Function Call Flow

 ### Main Installation Flow
+
 ```
 start()
 ├── variables()
@ -259,6 +347,7 @@ start()
 ```

 ### Error Handling Flow
+
 ```
 Error Detection
 ├── validate_settings()
@ -271,24 +360,29 @@ Error Detection
 ## Function Dependencies

 ### Core Dependencies
+
 - `start()` → `install_script()` → `build_container()` → `create_lxc_container()`
 - `variables()` → `base_settings()`
 - `advanced_settings()` → `select_storage()` → `detect_gpu_devices()`

 ### Storage Dependencies
+
 - `select_storage()` → `resolve_storage_preselect()`
 - `select_storage()` → `choose_and_set_storage_for_file()`

 ### GPU Dependencies
+
 - `configure_gpu_passthrough()` → `detect_gpu_devices()`
 - `fix_gpu_gids()` → `configure_gpu_passthrough()`

 ### Settings Dependencies
+
 - `default_var_settings()` → `maybe_offer_save_app_defaults()`

 ## Function Usage Examples

 ### Basic Container Creation
+
 ```bash
 # Set required variables
 export APP="plex"
@ -304,6 +398,7 @@ start()  # Entry point
 ```

 ### Advanced Configuration
+
 ```bash
 # Set advanced variables
 export var_os="debian"
@ -319,6 +414,7 @@ advanced_settings()  # Interactive configuration
 ```

 ### GPU Passthrough
+
 ```bash
 # Enable GPU passthrough
 export GPU_APPS="plex"
@ -331,6 +427,7 @@ fix_gpu_gids()  # Fix permissions
 ```

 ### Settings Persistence
+
 ```bash
 # Save settings as defaults
 export SAVE_DEFAULTS="true"
@ -344,15 +441,18 @@ maybe_offer_save_app_defaults()  # Save app defaults
 ## Function Error Handling

 ### Validation Functions
+
 - `validate_settings()`: Returns 0 for valid, 1 for invalid
 - `check_conflicts()`: Returns 0 for no conflicts, 1 for conflicts

 ### Error Recovery
+
 - `cleanup_on_error()`: Cleans up on any error
 - Error codes are propagated up the call stack
 - Critical errors cause script termination

 ### Error Types
+
 1. **Configuration Errors**: Invalid settings or conflicts
 2. **Resource Errors**: Insufficient resources or conflicts
 3. **Network Errors**: Invalid network configuration
--- a/docs/misc/build.func/README.md
+++ b/docs/misc/build.func/README.md
@ -6,6 +6,16 @@ This directory contains comprehensive documentation for the `build.func` script,

 ## Documentation Files

+### 🎛️ [BUILD_FUNC_ADVANCED_SETTINGS.md](./BUILD_FUNC_ADVANCED_SETTINGS.md)
+Complete reference for the 28-step Advanced Settings wizard, including all configurable options and their inheritance behavior.
+
+**Contents:**
+- All 28 wizard steps explained
+- Default value inheritance
+- Feature matrix (when to enable each feature)
+- Confirmation summary format
+- Usage examples
+
 ### 📊 [BUILD_FUNC_FLOWCHART.md](./BUILD_FUNC_FLOWCHART.md)
 Visual ASCII flowchart showing the main execution flow, decision trees, and key decision points in the build.func script.

--- a/frontend/public/json/aria2.json
+++ b/frontend/public/json/aria2.json
@ -6,7 +6,7 @@
  ],
  "date_created": "2024-05-02",
  "type": "ct",
-  "updateable": false,
+  "updateable": true,
  "privileged": false,
  "interface_port": 6880,
  "documentation": "https://aria2.github.io/manual/en/html/index.html",
--- a/frontend/public/json/casaos.json
+++ b/frontend/public/json/casaos.json
@ -6,7 +6,7 @@
  ],
  "date_created": "2024-05-02",
  "type": "ct",
-  "updateable": false,
+  "updateable": true,
  "privileged": false,
  "interface_port": 80,
  "documentation": "https://wiki.casaos.io/en/home",
--- a/frontend/public/json/coolify.json
+++ b/frontend/public/json/coolify.json
@ -0,0 +1,52 @@
+{
+    "name": "Coolify",
+    "slug": "coolify",
+    "categories": [
+        6
+    ],
+    "date_created": "2025-12-09",
+    "type": "ct",
+    "updateable": true,
+    "privileged": false,
+    "interface_port": 8000,
+    "documentation": "https://coolify.io/docs",
+    "config_path": "/data/coolify",
+    "website": "https://coolify.io/",
+    "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/coolify.webp",
+    "description": "Coolify is an open-source & self-hostable alternative to Heroku, Netlify, and Vercel. It helps you manage your servers, applications, and databases on your own hardware with Docker. Deploy any application from Git repositories, Docker images, or use pre-built templates.",
+    "install_methods": [
+        {
+            "type": "default",
+            "script": "ct/coolify.sh",
+            "resources": {
+                "cpu": 2,
+                "ram": 4096,
+                "hdd": 30,
+                "os": "Debian",
+                "version": "13"
+            }
+        }
+    ],
+    "default_credentials": {
+        "username": null,
+        "password": null
+    },
+    "notes": [
+        {
+            "text": "Initial setup will be done via the web interface on first access.",
+            "type": "info"
+        },
+        {
+            "text": "Coolify has built-in auto-updates. You can configure update frequency in Settings.",
+            "type": "info"
+        },
+        {
+            "text": "Coolify requires SSH access to manage deployments. SSH is enabled automatically.",
+            "type": "info"
+        },
+        {
+            "text": "This container uses Docker-in-Docker (nesting) for application deployments.",
+            "type": "warning"
+        }
+    ]
+}
--- a/frontend/public/json/daemonsync.json
+++ b/frontend/public/json/daemonsync.json
@ -6,7 +6,7 @@
  ],
  "date_created": "2024-05-02",
  "type": "ct",
-  "updateable": false,
+  "updateable": true,
  "privileged": false,
  "interface_port": 8084,
  "documentation": null,
--- a/frontend/public/json/discopanel.json
+++ b/frontend/public/json/discopanel.json
@ -0,0 +1,35 @@
+{
+    "name": "DiscoPanel",
+    "slug": "discopanel",
+    "categories": [
+        24
+    ],
+    "date_created": "2025-12-10",
+    "type": "ct",
+    "updateable": true,
+    "privileged": false,
+    "interface_port": 8080,
+    "documentation": "https://discopanel.app/docs/",
+    "config_path": "",
+    "website": "https://discopanel.app/",
+    "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/discopanel.webp",
+    "description": "The Minecraft Server Manager That *Actually* Works\nBuilt by someone who was done with bloated panels, endless menus, and tools that break the moment you need them most.\nSpin up servers in minutes, configure your proxy without headaches, and link your own DNS name effortlessly.\nFast setup, clean controls, zero nonsense—just a manager that gets out of your way and lets you play.",
+    "install_methods": [
+        {
+            "type": "default",
+            "script": "ct/discopanel.sh",
+            "resources": {
+                "cpu": 4,
+                "ram": 4096,
+                "hdd": 15,
+                "os": "Debian",
+                "version": "13"
+            }
+        }
+    ],
+    "default_credentials": {
+        "username": null,
+        "password": null
+    },
+    "notes": []
+}
--- a/frontend/public/json/dokploy.json
+++ b/frontend/public/json/dokploy.json
@ -0,0 +1,48 @@
+{
+    "name": "Dokploy",
+    "slug": "dokploy",
+    "categories": [
+        6
+    ],
+    "date_created": "2025-12-09",
+    "type": "ct",
+    "updateable": true,
+    "privileged": false,
+    "interface_port": 3000,
+    "documentation": "https://docs.dokploy.com/",
+    "config_path": "/etc/dokploy",
+    "website": "https://dokploy.com/",
+    "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons/png/dokploy.png",
+    "description": "Dokploy is a free, self-hostable Platform as a Service (PaaS) that simplifies the deployment and management of applications and databases. Built with Docker and Traefik, it offers features like automatic SSL, Docker Compose support, database backups, and a real-time monitoring dashboard.",
+    "install_methods": [
+        {
+            "type": "default",
+            "script": "ct/dokploy.sh",
+            "resources": {
+                "cpu": 2,
+                "ram": 2048,
+                "hdd": 10,
+                "os": "Debian",
+                "version": "13"
+            }
+        }
+    ],
+    "default_credentials": {
+        "username": null,
+        "password": null
+    },
+    "notes": [
+        {
+            "text": "Initial setup will be done via the web interface on first access.",
+            "type": "info"
+        },
+        {
+            "text": "Dokploy has built-in auto-updates via the web interface.",
+            "type": "info"
+        },
+        {
+            "text": "This container uses Docker-in-Docker (nesting) for application deployments.",
+            "type": "warning"
+        }
+    ]
+}
--- a/frontend/public/json/inventree.json
+++ b/frontend/public/json/inventree.json
@ -22,8 +22,8 @@
        "cpu": 2,
        "ram": 2048,
        "hdd": 6,
-        "os": "debian",
-        "version": "13"
+        "os": "ubuntu",
+        "version": "24.04"
      }
    }
  ],
--- a/frontend/public/json/iobroker.json
+++ b/frontend/public/json/iobroker.json
@ -6,7 +6,7 @@
  ],
  "date_created": "2024-05-02",
  "type": "ct",
-  "updateable": false,
+  "updateable": true,
  "privileged": false,
  "interface_port": 8081,
  "documentation": "https://www.iobroker.net/#en/documentation",
--- a/frontend/public/json/librenms.json
+++ b/frontend/public/json/librenms.json
@ -6,7 +6,7 @@
  ],
  "date_created": "2025-11-14",
  "type": "ct",
-  "updateable": false,
+  "updateable": true,
  "privileged": false,
  "interface_port": 80,
  "documentation": "https://docs.librenms.org/",
--- a/frontend/public/json/meshcentral.json
+++ b/frontend/public/json/meshcentral.json
@ -6,7 +6,7 @@
  ],
  "date_created": "2024-05-02",
  "type": "ct",
-  "updateable": false,
+  "updateable": true,
  "privileged": false,
  "interface_port": 80,
  "documentation": "https://ylianst.github.io/MeshCentral/",
--- a/frontend/public/json/nextcloudpi.json
+++ b/frontend/public/json/nextcloudpi.json
@ -6,7 +6,7 @@
  ],
  "date_created": "2024-05-02",
  "type": "ct",
-  "updateable": false,
+  "updateable": true,
  "privileged": false,
  "interface_port": 4443,
  "documentation": "https://docs.nextcloudpi.com/",
--- a/frontend/public/json/palmr.json
+++ b/frontend/public/json/palmr.json
@ -9,6 +9,7 @@
  "updateable": true,
  "privileged": false,
  "interface_port": 3000,
+  "disable": false,
  "documentation": "https://palmr.kyantech.com.br/docs/3.1-beta",
  "config_path": "/opt/palmr/apps/server/.env, /opt/palmr/apps/web/.env",
  "website": "https://palmr.kyantech.com.br/",
--- a/frontend/public/json/podman.json
+++ b/frontend/public/json/podman.json
@ -6,7 +6,7 @@
  ],
  "date_created": "2024-05-02",
  "type": "ct",
-  "updateable": false,
+  "updateable": true,
  "privileged": false,
  "interface_port": null,
  "documentation": "https://podman.io/docs",
--- a/frontend/public/json/tasmoadmin.json
+++ b/frontend/public/json/tasmoadmin.json
@ -6,7 +6,7 @@
  ],
  "date_created": "2024-05-02",
  "type": "ct",
-  "updateable": false,
+  "updateable": true,
  "privileged": false,
  "interface_port": 9999,
  "documentation": null,
--- a/frontend/public/json/versions.json
+++ b/frontend/public/json/versions.json
--- a/frontend/public/json/wazuh.json
+++ b/frontend/public/json/wazuh.json
@ -6,7 +6,7 @@
  ],
  "date_created": "2025-03-24",
  "type": "ct",
-  "updateable": false,
+  "updateable": true,
  "privileged": false,
  "interface_port": 443,
  "documentation": "https://documentation.wazuh.com/",
--- a/frontend/public/json/whisparr.json
+++ b/frontend/public/json/whisparr.json
@ -6,7 +6,7 @@
  ],
  "date_created": "2024-05-02",
  "type": "ct",
-  "updateable": false,
+  "updateable": true,
  "privileged": false,
  "interface_port": 6969,
  "documentation": "https://wiki.servarr.com/en/whisparr",
--- a/frontend/public/json/wikijs.json
+++ b/frontend/public/json/wikijs.json
@ -11,7 +11,7 @@
  "interface_port": 3000,
  "documentation": "https://docs.requarks.io/",
  "website": "https://js.wiki/",
-  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@master/webp/wiki-js.webp",
+  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/wiki-js.webp",
  "config_path": "/opt/wikijs/config.yml",
  "description": "Wiki.js is a free, open-source, and modern wiki application built using Node.js. It is designed to be fast, easy to use, and flexible, with a range of features for collaboration, knowledge management, and content creation. Wiki.js supports Markdown syntax for editing pages, and includes features such as version control, page history, and access control, making it easy to manage content and collaborate with others. The software is fully customizable, with a range of themes and extensions available, and can be deployed on a local server or in the cloud, making it an ideal choice for small teams and organizations looking to create and manage a wiki. Wiki.js provides a modern, user-friendly interface, and supports a range of data sources, including local file systems, databases, and cloud storage services.",
  "install_methods": [
--- a/frontend/public/json/wizarr.json
+++ b/frontend/public/json/wizarr.json
@ -12,7 +12,7 @@
  "interface_port": 5690,
  "documentation": "https://docs.wizarr.dev/",
  "website": "https://docs.wizarr.dev/",
-  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@master/webp/wizarr.webp",
+  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/wizarr.webp",
  "config_path": "/opt/wizarr/.env",
  "description": "Wizarr is an automatic user invitation system for Plex, Jellyfin and Emby. Create a unique link and share it to a user and they will automatically be invited to your media Server",
  "install_methods": [
--- a/frontend/public/json/wordpress.json
+++ b/frontend/public/json/wordpress.json
@ -11,7 +11,7 @@
  "interface_port": 80,
  "documentation": "https://wordpress.org/documentation/",
  "website": "https://wordpress.org/",
-  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@master/webp/wordpress.webp",
+  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/wordpress.webp",
  "config_path": "/var/www/html/wordpress/wp-config.php",
  "description": "WordPress is the simplest, most popular way to create your own website or blog. In fact, WordPress powers over 43.6% of all the websites on the Internet. Yes – more than one in four websites that you visit are likely powered by WordPress.\n\nOn a slightly more technical level, WordPress is an open-source content management system licensed under GPLv2, which means that anyone can use or modify the WordPress software for free.",
  "install_methods": [
--- a/frontend/public/json/zabbix.json
+++ b/frontend/public/json/zabbix.json
@ -11,7 +11,7 @@
  "interface_port": null,
  "documentation": "https://www.zabbix.com/documentation/current/en/manual",
  "website": "https://www.zabbix.com/",
-  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@master/webp/zabbix.webp",
+  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/zabbix.webp",
  "config_path": "/etc/zabbix/zabbix_server.conf",
  "description": "Zabbix is an all-in-one monitoring solution with a variety of enterprise-grade features available right out of the box.",
  "install_methods": [
--- a/frontend/public/json/zammad.json
+++ b/frontend/public/json/zammad.json
@ -11,7 +11,7 @@
  "interface_port": null,
  "documentation": "https://docs.zammad.org/en/latest/",
  "website": "https://zammad.org/",
-  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@master/webp/zammad.webp",
+  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/zammad.webp",
  "config_path": "/etc/nginx/sites-available/zammad.conf",
  "description": "Zammad is a web based open source helpdesk/customer support system with many features to manage customer communication via several channels like telephone, facebook, twitter, chat and emails. It is distributed under version 3 of the GNU AFFERO General Public License (GNU AGPLv3).",
  "install_methods": [
@ -23,7 +23,7 @@
        "ram": 4096,
        "hdd": 8,
        "os": "debian",
-        "version": "13"
+        "version": "12"
      }
    }
  ],
--- a/frontend/public/json/zerotier-one.json
+++ b/frontend/public/json/zerotier-one.json
@ -11,7 +11,7 @@
  "interface_port": 3443,
  "documentation": "https://docs.zerotier.com/",
  "website": "https://www.zerotier.com/",
-  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@master/webp/zerotier.webp",
+  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/zerotier.webp",
  "config_path": "/opt/key-networks/ztncui/.env",
  "description": "ZeroTier is a secure network overlay that allows you to manage all of your network resources as if they were on the same LAN. The software-defined solution can be deployed in minutes from anywhere. No matter how many devices you need to connect, or where they are in the world, ZeroTier makes global networking simple.",
  "install_methods": [
--- a/frontend/public/json/zigbee2mqtt.json
+++ b/frontend/public/json/zigbee2mqtt.json
@ -11,7 +11,7 @@
  "interface_port": 9442,
  "documentation": "https://www.zigbee2mqtt.io/guide/getting-started/",
  "website": "https://www.zigbee2mqtt.io/",
-  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@master/webp/zigbee2mqtt.webp",
+  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/zigbee2mqtt.webp",
  "config_path": "debian: /opt/zigbee2mqtt/data/configuration.yaml | alpine: /var/lib/zigbee2mqtt/configuration.yaml",
  "description": "Zigbee2MQTT is an open-source software project that allows you to use Zigbee-based smart home devices (such as those sold under the Philips Hue and Ikea Tradfri brands) with MQTT-based home automation systems, like Home Assistant, Node-RED, and others. The software acts as a bridge between your Zigbee devices and MQTT, allowing you to control and monitor these devices from your home automation system.",
  "install_methods": [
--- a/frontend/public/json/zipline.json
+++ b/frontend/public/json/zipline.json
@ -11,7 +11,7 @@
  "interface_port": 3000,
  "documentation": "https://zipline.diced.sh/docs/get-started",
  "website": "https://zipline.diced.sh/",
-  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@master/webp/zipline.webp",
+  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/zipline.webp",
  "config_path": "/opt/zipline/.env",
  "description": "Zipline is a file-sharing and URL-shortening server designed for easy setup and extensive features. It allows users to upload files, organize them into folders, create shortened URLs, and manage uploads through a user-friendly dashboard. Additional features include image compression, video thumbnails, password protection, 2FA, OAuth2 registration, and API access for custom control. It supports integrations with platforms like Discord.",
  "install_methods": [
--- a/frontend/src/components/ui/code-copy-button.tsx
+++ b/frontend/src/components/ui/code-copy-button.tsx
@ -34,7 +34,7 @@ export default function CodeCopyButton({
      localStorage.setItem("warning", "1");
      setTimeout(() => {
        toast.error(
-          "Be careful when copying scripts from the internet. Always remember check the source!",
+          "Be careful when copying scripts from the internet. Always remember to check the source!",
          { duration: 8000 },
        );
      }, 500);
--- a/frontend/src/config/faq-config.tsx
+++ b/frontend/src/config/faq-config.tsx
@ -34,9 +34,4 @@ export const FAQ_Items = [
    content:
      "If an LXC script fails, run it again using Verbose mode. Standard mode hides detailed output for neatness, showing only progress. Verbose mode displays all messages, which helps you (and us) diagnose the error. Include this verbose output if you report the issue.",
  },
-  {
-    title: "What does \"Updatable\" and \"Not updatable\" mean?",
-    content:
-      "Updatable means that script has a function that is used to update the installed application to the latest version available. Not updatable means that script doesn't have a function that can safely update the application to the latest version available, so only the LXC OS is updated.",
-  },
 ];
--- a/install/coolify-install.sh
+++ b/install/coolify-install.sh
@ -0,0 +1,39 @@
+#!/bin/bash
+
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://coolify.io/
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt install -y \
+  git \
+  openssl
+msg_ok "Installed Dependencies"
+
+msg_warn "WARNING: This script will run an external installer from a third-party source (https://coolify.io/)."
+msg_warn "The following code is NOT maintained or audited by our repository."
+msg_warn "If you have any doubts or concerns, please review the installer code before proceeding:"
+msg_custom "${TAB3}${GATEWAY}${BGN}${CL}" "\e[1;34m" "→  https://cdn.coollabs.io/coolify/install.sh"
+echo
+read -r -p "${TAB3}Do you want to continue? [y/N]: " CONFIRM
+if [[ ! "$CONFIRM" =~ ^([yY][eE][sS]|[yY])$ ]]; then
+  msg_error "Aborted by user. No changes have been made."
+  exit 10
+fi
+
+msg_info "Installing Coolify (Patience - this installs Docker and pulls containers)"
+$STD bash <(curl -fsSL https://cdn.coollabs.io/coolify/install.sh)
+msg_ok "Installed Coolify"
+
+motd_ssh
+customize
+cleanup_lxc
--- a/install/discopanel-install.sh
+++ b/install/discopanel-install.sh
@ -0,0 +1,51 @@
+#!/usr/bin/env bash
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: DragoQC
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://discopanel.app/
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt install -y build-essential
+msg_ok "Installed Dependencies"
+
+NODE_VERSION="22" setup_nodejs
+setup_go
+fetch_and_deploy_gh_release "discopanel" "nickheyer/discopanel" "tarball" "latest" "/opt/discopanel"
+setup_docker
+
+msg_info "Setting up DiscoPanel"
+cd /opt/discopanel/web/discopanel
+$STD npm install
+$STD npm run build
+cd /opt/discopanel
+$STD go build -o discopanel cmd/discopanel/main.go
+msg_ok "Setup DiscoPanel"
+
+msg_info "Creating Service"
+cat <<EOF >/etc/systemd/system/discopanel.service
+[Unit]
+Description=DiscoPanel Service
+After=network.target
+
+[Service]
+WorkingDirectory=/opt/discopanel
+ExecStart=/opt/discopanel/discopanel
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl enable -q --now discopanel
+msg_ok "Created Service"
+
+motd_ssh
+customize
+cleanup_lxc
--- a/install/dispatcharr-install.sh
+++ b/install/dispatcharr-install.sh
@ -62,11 +62,13 @@ install -d -m 755 \
    /data/uploads/{m3us,epgs} \
    /data/{m3us,epgs}
 chown -R root:root /data
+DJANGO_SECRET=$(openssl rand -base64 48 | tr -dc 'a-zA-Z0-9' | cut -c1-50)
 export DATABASE_URL="postgresql://${DB_USER}:${DB_PASS}@localhost:5432/${DB_NAME}"
 export POSTGRES_DB=$DB_NAME
 export POSTGRES_USER=$DB_USER
 export POSTGRES_PASSWORD=$DB_PASS
 export POSTGRES_HOST=localhost
+export DJANGO_SECRET_KEY=$DJANGO_SECRET
 $STD uv run python manage.py migrate --noinput
 $STD uv run python manage.py collectstatic --noinput
 cat <<EOF >/opt/dispatcharr/.env
@ -76,6 +78,7 @@ POSTGRES_USER=$DB_USER
 POSTGRES_PASSWORD=$DB_PASS
 POSTGRES_HOST=localhost
 CELERY_BROKER_URL=redis://localhost:6379/0
+DJANGO_SECRET_KEY=$DJANGO_SECRET
 EOF
 cd /opt/dispatcharr/frontend
 $STD npm install --legacy-peer-deps
--- a/install/dokploy-install.sh
+++ b/install/dokploy-install.sh
@ -0,0 +1,40 @@
+#!/bin/bash
+
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://dokploy.com/
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt install -y \
+  git \
+  openssl \
+  redis
+msg_ok "Installed Dependencies"
+
+msg_warn "WARNING: This script will run an external installer from a third-party source (https://dokploy.com/)."
+msg_warn "The following code is NOT maintained or audited by our repository."
+msg_warn "If you have any doubts or concerns, please review the installer code before proceeding:"
+msg_custom "${TAB3}${GATEWAY}${BGN}${CL}" "\e[1;34m" "→  https://dokploy.com/install.sh"
+echo
+read -r -p "${TAB3}Do you want to continue? [y/N]: " CONFIRM
+if [[ ! "$CONFIRM" =~ ^([yY][eE][sS]|[yY])$ ]]; then
+  msg_error "Aborted by user. No changes have been made."
+  exit 10
+fi
+
+msg_info "Installing Dokploy (Patience - this installs Docker and pulls containers)"
+$STD bash <(curl -sSL https://dokploy.com/install.sh)
+msg_ok "Installed Dokploy"
+
+motd_ssh
+customize
+cleanup_lxc
--- a/install/domain-locker-install.sh
+++ b/install/domain-locker-install.sh
@ -64,7 +64,7 @@ Restart=always
 [Install]
 WantedBy=multi-user.target
 EOF
-systemctl start --now -q domain-locker
+systemctl enable -q --now domain-locker
 msg_info "Created Service"

 motd_ssh
--- a/install/influxdb-install.sh
+++ b/install/influxdb-install.sh
@ -16,7 +16,7 @@ update_os
 msg_info "Setting up InfluxDB Repository"
 setup_deb822_repo \
  "influxdata" \
-  "https://repos.influxdata.com/influxdata-archive_compat.key" \
+  "https://repos.influxdata.com/influxdata-archive.key" \
  "https://repos.influxdata.com/$(get_os_info id)" \
  "stable"
 msg_ok "Set up InfluxDB Repository"
@ -38,6 +38,7 @@ else
  $STD dpkg -i chronograf_1.10.8_amd64.deb
  rm -rf /chronograf_1.10.8_amd64.deb
 fi
+rm /etc/apt/sources.list.d/influxdata.list
 $STD systemctl enable --now influxdb
 msg_ok "Installed InfluxDB"

--- a/install/inventree-install.sh
+++ b/install/inventree-install.sh
@ -13,23 +13,27 @@ setting_up_container
 network_check
 update_os

-msg_info "Installing Dependencies"
-temp_file=$(mktemp)
-curl -fsSL "http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2_amd64.deb" -o "$temp_file"
-$STD dpkg -i $temp_file
-rm -f $temp_file
-msg_ok "Installed Dependencies"
-
 msg_info "Setting up InvenTree Repository"
-mkdir -p /etc/apt/keyrings
-curl -fsSL https://dl.packager.io/srv/inventree/InvenTree/key | gpg --dearmor -o /etc/apt/keyrings/inventree.gpg
-echo "deb [signed-by=/etc/apt/keyrings/inventree.gpg] https://dl.packager.io/srv/deb/inventree/InvenTree/stable/ubuntu 20.04 main" >/etc/apt/sources.list.d/inventree.list
+setup_deb822_repo \
+  "inventree" \
+  "https://dl.packager.io/srv/inventree/InvenTree/key" \
+  "https://dl.packager.io/srv/deb/inventree/InvenTree/stable/$(get_os_info id)" \
+  "$(get_os_info version)" \
+  "main"
 msg_ok "Set up InvenTree Repository"

-msg_info "Setup ${APPLICATION} (Patience)"
-$STD apt-get update
-$STD apt-get install -y inventree
-msg_ok "Setup ${APPLICATION}"
+msg_info "Installing InvenTree (Patience)"
+export SETUP_NO_CALLS=true
+$STD apt install -y inventree
+msg_ok "Installed InvenTree"
+
+msg_info "Configuring InvenTree"
+LOCAL_IP="$(hostname -I | awk '{print $1}')"
+if [[ -f /etc/inventree/config.yaml ]]; then
+  sed -i "s|site_url:.*|site_url: http://${LOCAL_IP}|" /etc/inventree/config.yaml
+fi
+$STD inventree run invoke update
+msg_ok "Configured InvenTree"

 motd_ssh
 customize
--- a/install/tandoor-install.sh
+++ b/install/tandoor-install.sh
@ -32,28 +32,10 @@ msg_ok "Installed Dependencies"

 NODE_VERSION="22" NODE_MODULE="yarn" setup_nodejs
 fetch_and_deploy_gh_release "tandoor" "TandoorRecipes/recipes" "tarball" "latest" "/opt/tandoor"
-PG_VERSION="17" PG_MODULES="contrib" setup_postgresql
+PG_VERSION="17" setup_postgresql
 PYTHON_VERSION="3.13" setup_uv
-
-msg_info "Set up PostgreSQL Database"
-DB_NAME=db_recipes
-DB_USER=tandoor
+PG_DB_USER="tandoor" PG_DB_NAME="db_recipes" PG_DB_EXTENSIONS="unaccent,pg_trgm" setup_postgresql_db
 SECRET_KEY=$(openssl rand -base64 45 | sed 's/\//\\\//g')
-DB_PASS="$(openssl rand -base64 18 | cut -c1-13)"
-$STD sudo -u postgres psql -c "CREATE ROLE $DB_USER WITH LOGIN PASSWORD '$DB_PASS';"
-$STD sudo -u postgres psql -c "CREATE DATABASE $DB_NAME WITH OWNER $DB_USER TEMPLATE template0;"
-$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET client_encoding TO 'utf8';"
-$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET default_transaction_isolation TO 'read committed';"
-$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET timezone TO 'UTC'"
-$STD sudo -u postgres psql -d "$DB_NAME" -c "CREATE EXTENSION IF NOT EXISTS unaccent;"
-$STD sudo -u postgres psql -d "$DB_NAME" -c "CREATE EXTENSION IF NOT EXISTS pg_trgm;"
-{
-  echo "Tandoor-Credentials"
-  echo "Tandoor Database Name: $DB_NAME"
-  echo "Tandoor Database User: $DB_USER"
-  echo "Tandoor Database Password: $DB_PASS"
-} >>~/tandoor.creds
-msg_ok "Set up PostgreSQL Database"

 msg_info "Setup Tandoor"
 mkdir -p /opt/tandoor/{config,api,mediafiles,staticfiles}
@ -69,16 +51,16 @@ TZ=Europe/Berlin

 DB_ENGINE=django.db.backends.postgresql
 POSTGRES_HOST=localhost
-POSTGRES_DB=$DB_NAME
+POSTGRES_DB=$PG_DB_NAME
 POSTGRES_PORT=5432
-POSTGRES_USER=$DB_USER
-POSTGRES_PASSWORD=$DB_PASS
+POSTGRES_USER=$PG_DB_USER
+POSTGRES_PASSWORD=$PG_DB_PASS

 STATIC_URL=/staticfiles/
 MEDIA_URL=/media/
 EOF

-TANDOOR_VERSION="$(curl -s https://api.github.com/repos/TandoorRecipes/recipes/releases/latest | jq -r .tag_name)"
+TANDOOR_VERSION=$(get_latest_github_release "TandoorRecipes/recipes")
 cat <<EOF >/opt/tandoor/cookbook/version_info.py
 TANDOOR_VERSION = "$TANDOOR_VERSION"
 TANDOOR_REF = "bare-metal"
--- a/install/tracktor-install.sh
+++ b/install/tracktor-install.sh
@ -21,7 +21,6 @@ cd /opt/tracktor
 $STD npm install
 $STD npm run build
 mkdir -p /opt/tracktor-data/{uploads,logs}
-HOST_IP=$(hostname -I | awk '{print $1}')
 cat <<EOF >/opt/tracktor.env
 NODE_ENV=production
 DB_PATH=/opt/tracktor-data/tracktor.db
--- a/install/wanderer-install.sh
+++ b/install/wanderer-install.sh
@ -52,7 +52,7 @@ cat <<EOF >/opt/wanderer/start.sh

 trap "kill 0" EXIT

-cd /opt/wanderer/source/search && meilisearch --master-key \$MEILI_MASTER_KEY &
+cd /opt/wanderer/source/search && meilisearch --experimental-dumpless-upgrade --master-key \$MEILI_MASTER_KEY &
 sleep 1
 cd /opt/wanderer/source/db && ./pocketbase serve --http=\$PB_URL --dir=\$PB_DB_LOCATION &
 cd /opt/wanderer/source/web && node build &
--- a/install/wikijs-install.sh
+++ b/install/wikijs-install.sh
@ -14,36 +14,18 @@ network_check
 update_os

 msg_info "Installing Dependencies"
-$STD apt install -y \
-  git
+$STD apt install -y git
 msg_ok "Installed Dependencies"

 NODE_VERSION="22" NODE_MODULE="yarn,node-gyp" setup_nodejs
 PG_VERSION="17" setup_postgresql
+PG_DB_NAME="wiki" PG_DB_USER="wikijs_user" PG_DB_EXTENSIONS="pg_trgm" setup_postgresql_db
 fetch_and_deploy_gh_release "wikijs" "requarks/wiki" "prebuild" "latest" "/opt/wikijs" "wiki-js.tar.gz"

-msg_info "Set up PostgreSQL"
-DB_NAME="wiki"
-DB_USER="wikijs_user"
-DB_PASS="$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | cut -c1-13)"
-$STD sudo -u postgres psql -c "CREATE ROLE $DB_USER WITH LOGIN PASSWORD '$DB_PASS';"
-$STD sudo -u postgres psql -c "CREATE DATABASE $DB_NAME WITH OWNER $DB_USER ENCODING 'UTF8' TEMPLATE template0;"
-$STD sudo -u postgres psql -c "CREATE EXTENSION IF NOT EXISTS pg_trgm;" $DB_NAME
-$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET client_encoding TO 'utf8';"
-$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET default_transaction_isolation TO 'read committed';"
-$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET timezone TO 'UTC';"
-{
-  echo "WikiJS-Credentials"
-  echo "WikiJS Database User: $DB_USER"
-  echo "WikiJS Database Password: $DB_PASS"
-  echo "WikiJS Database Name: $DB_NAME"
-} >>~/wikijs.creds
-msg_ok "Set up PostgreSQL"
-
 msg_info "Configuring Wiki.js"
 mv /opt/wikijs/config.sample.yml /opt/wikijs/config.yml
-sed -i -E 's|^( *user: ).*|\1'"$DB_USER"'|' /opt/wikijs/config.yml
-sed -i -E 's|^( *pass: ).*|\1'"$DB_PASS"'|' /opt/wikijs/config.yml
+sed -i -E 's|^( *user: ).*|\1'"$PG_DB_USER"'|' /opt/wikijs/config.yml
+sed -i -E 's|^( *pass: ).*|\1'"$PG_DB_PASS"'|' /opt/wikijs/config.yml
 msg_ok "Configured Wiki.js"

 msg_info "Creating Service"
--- a/install/wizarr-install.sh
+++ b/install/wizarr-install.sh
@ -19,25 +19,23 @@ msg_ok "Installed Dependencies"

 setup_uv
 NODE_VERSION="22" setup_nodejs
-fetch_and_deploy_gh_release "wizarr" "wizarrrr/wizarr"
+fetch_and_deploy_gh_release "wizarr" "wizarrrr/wizarr" "tarball"
+import_local_ip

 msg_info "Configure Wizarr"
-cd /opt/wizarr || exit
+cd /opt/wizarr
 $STD /usr/local/bin/uv sync --frozen
 $STD /usr/local/bin/uv run --frozen pybabel compile -d app/translations
 $STD npm --prefix app/static install
 $STD npm --prefix app/static run build:css
 mkdir -p ./.cache
-
-LOCAL_IP="$(hostname -I | awk '{print $1}')"
-VERSION="$(sed 's/^20/v&/' ~/.wizarr)"
 cat <<EOF >/opt/wizarr/.env
 FLASK_ENV=production
 GUNICORN_WORKERS=4
 APP_URL=http://${LOCAL_IP}
 DISABLE_BUILTIN_AUTH=false
 LOG_LEVEL=INFO
-APP_VERSION=${VERSION}
+APP_VERSION=v$(get_latest_github_release "wizarrrr/wizarr")
 EOF

 cat <<EOF >/opt/wizarr/start.sh
--- a/install/wordpress-install.sh
+++ b/install/wordpress-install.sh
@ -15,34 +15,20 @@ update_os

 PHP_VERSION="8.4" PHP_FPM="YES" PHP_MODULE="common,snmp,imap,mysql" PHP_APACHE="YES" setup_php
 setup_mariadb
-
-msg_info "Setting up Database"
-DB_NAME=wordpress_db
-DB_USER=wordpress
-DB_PASS=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | head -c13)
-$STD mariadb -u root -e "CREATE DATABASE $DB_NAME;"
-$STD mariadb -u root -e "CREATE USER '$DB_USER'@'localhost' IDENTIFIED BY '$DB_PASS';"
-$STD mariadb -u root -e "GRANT ALL PRIVILEGES ON $DB_NAME.* TO '$DB_USER'@'localhost'; FLUSH PRIVILEGES;"
-{
-  echo "WordPress Credentials"
-  echo "Database User: $DB_USER"
-  echo "Database Password: $DB_PASS"
-  echo "Database Name: $DB_NAME"
-} >>~/wordpress.creds
-msg_ok "Set up Database"
+MARIADB_DB_NAME="wordpress_db" MARIADB_DB_USER="wordpress" setup_mariadb_db

 msg_info "Installing Wordpress (Patience)"
-cd /var/www/html || exit
+cd /var/www/html
 curl -fsSL "https://wordpress.org/latest.zip" -o "latest.zip"
 $STD unzip latest.zip
 chown -R www-data:www-data wordpress/
-cd /var/www/html/wordpress || exit
+cd /var/www/html/wordpress
 find . -type d -exec chmod 755 {} \;
 find . -type f -exec chmod 644 {} \;
 mv wp-config-sample.php wp-config.php
-sed -i -e "s|^define( 'DB_NAME', '.*' );|define( 'DB_NAME', '$DB_NAME' );|" \
-  -e "s|^define( 'DB_USER', '.*' );|define( 'DB_USER', '$DB_USER' );|" \
-  -e "s|^define( 'DB_PASSWORD', '.*' );|define( 'DB_PASSWORD', '$DB_PASS' );|" \
+sed -i -e "s|^define( 'DB_NAME', '.*' );|define( 'DB_NAME', '$MARIADB_DB_NAME' );|" \
+  -e "s|^define( 'DB_USER', '.*' );|define( 'DB_USER', '$MARIADB_DB_USER' );|" \
+  -e "s|^define( 'DB_PASSWORD', '.*' );|define( 'DB_PASSWORD', '$MARIADB_DB_PASS' );|" \
  /var/www/html/wordpress/wp-config.php
 rm -rf /var/www/html/latest.zip
 msg_ok "Installed Wordpress"
--- a/install/zabbix-install.sh
+++ b/install/zabbix-install.sh
@ -14,6 +14,7 @@ network_check
 update_os

 PG_VERSION="17" setup_postgresql
+PG_DB_NAME="zabbixdb" PG_DB_USER="zabbix" setup_postgresql_db

 read -rp "Choose Zabbix version [1] 7.0 LTS  [2] 7.4 (Latest Stable)  [3] Latest available (default: 2): " ZABBIX_CHOICE
 ZABBIX_CHOICE=${ZABBIX_CHOICE:-2}
@ -35,6 +36,10 @@ curl -fsSL "$ZABBIX_DEB_URL" -o /tmp/zabbix-release_latest+debian13_all.deb
 $STD dpkg -i /tmp/zabbix-release_latest+debian13_all.deb
 $STD apt update
 $STD apt install -y zabbix-server-pgsql zabbix-frontend-php php8.4-pgsql zabbix-apache-conf zabbix-sql-scripts
+zcat /usr/share/zabbix/sql-scripts/postgresql/server.sql.gz | sudo -u "$PG_DB_USER" psql "$PG_DB_NAME" &>/dev/null
+sed -i "s/^DBName=.*/DBName=$PG_DB_NAME/" /etc/zabbix/zabbix_server.conf
+sed -i "s/^DBUser=.*/DBUser=$PG_DB_USER/" /etc/zabbix/zabbix_server.conf
+sed -i "s/^# DBPassword=.*/DBPassword=$PG_DB_PASS/" /etc/zabbix/zabbix_server.conf
 msg_ok "Installed Zabbix $ZABBIX_VERSION"

 while true; do
@ -78,28 +83,6 @@ else
  $STD apt install -y zabbix-agent
 fi

-msg_info "Setting up PostgreSQL"
-DB_NAME=zabbixdb
-DB_USER=zabbix
-DB_PASS=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | cut -c1-13)
-$STD sudo -u postgres psql -c "CREATE ROLE $DB_USER WITH LOGIN PASSWORD '$DB_PASS';"
-$STD sudo -u postgres psql -c "CREATE DATABASE $DB_NAME WITH OWNER $DB_USER ENCODING 'UTF8' TEMPLATE template0;"
-$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET client_encoding TO 'utf8';"
-$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET default_transaction_isolation TO 'read committed';"
-$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET timezone TO 'UTC'"
-{
-  echo "Zabbix-Credentials"
-  echo "Zabbix Database User: $DB_USER"
-  echo "Zabbix Database Password: $DB_PASS"
-  echo "Zabbix Database Name: $DB_NAME"
-} >>~/zabbix.creds
-
-zcat /usr/share/zabbix/sql-scripts/postgresql/server.sql.gz | sudo -u $DB_USER psql $DB_NAME &>/dev/null
-sed -i "s/^DBName=.*/DBName=$DB_NAME/" /etc/zabbix/zabbix_server.conf
-sed -i "s/^DBUser=.*/DBUser=$DB_USER/" /etc/zabbix/zabbix_server.conf
-sed -i "s/^# DBPassword=.*/DBPassword=$DB_PASS/" /etc/zabbix/zabbix_server.conf
-msg_ok "Set up PostgreSQL"
-
 msg_info "Configuring Fping"
 if command -v fping >/dev/null 2>&1; then
  FPING_PATH=$(command -v fping)
--- a/install/zammad-install.sh
+++ b/install/zammad-install.sh
@ -20,17 +20,16 @@ $STD apt install -y \
  apt-transport-https
 msg_ok "Installed Dependencies"

+import_local_ip
+
 msg_info "Setting up Elasticsearch"
-curl -fsSL https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo gpg --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg
-cat <<EOF | sudo tee /etc/apt/sources.list.d/elasticsearch.sources >/dev/null
-Types: deb
-URIs: https://artifacts.elastic.co/packages/7.x/apt
-Suites: stable
-Components: main
-Signed-By: /usr/share/keyrings/elasticsearch-keyring.gpg
-EOF
-$STD apt update
-$STD apt -y install elasticsearch
+setup_deb822_repo \
+  "elasticsearch" \
+  "https://artifacts.elastic.co/GPG-KEY-elasticsearch" \
+  "https://artifacts.elastic.co/packages/7.x/apt" \
+  "stable" \
+  "main"
+$STD apt install -y elasticsearch
 echo "-Xms2g" >>/etc/elasticsearch/jvm.options
 echo "-Xmx2g" >>/etc/elasticsearch/jvm.options
 $STD /usr/share/elasticsearch/bin/elasticsearch-plugin install ingest-attachment -b
@ -39,24 +38,20 @@ systemctl restart -q elasticsearch
 msg_ok "Setup Elasticsearch"

 msg_info "Installing Zammad"
-curl -fsSL https://dl.packager.io/srv/zammad/zammad/key | gpg --dearmor | sudo tee /etc/apt/keyrings/pkgr-zammad.gpg >/dev/null
-cat <<EOF | sudo tee /etc/apt/sources.list.d/zammad.sources >/dev/null
-Types: deb
-URIs: https://dl.packager.io/srv/deb/zammad/zammad/stable/debian
-Suites: 12
-Components: main
-Signed-By: /etc/apt/keyrings/pkgr-zammad.gpg
-EOF
-$STD apt update
-$STD apt -y install zammad
+setup_deb822_repo \
+  "zammad" \
+  "https://dl.packager.io/srv/zammad/zammad/key" \
+  "https://dl.packager.io/srv/deb/zammad/zammad/stable/debian" \
+  "$(get_os_info version_id)" \
+  "main"
+$STD apt install -y zammad
 $STD zammad run rails r "Setting.set('es_url', 'http://localhost:9200')"
 $STD zammad run rake zammad:searchindex:rebuild
 msg_ok "Installed Zammad"

 msg_info "Setup Services"
 cp /opt/zammad/contrib/nginx/zammad.conf /etc/nginx/sites-available/zammad.conf
-IPADDRESS=$(hostname -I | awk '{print $1}')
-sed -i "s/server_name localhost;/server_name $IPADDRESS;/g" /etc/nginx/sites-available/zammad.conf
+sed -i "s/server_name localhost;/server_name $LOCAL_IP;/g" /etc/nginx/sites-available/zammad.conf
 $STD systemctl reload nginx
 msg_ok "Created Service"

--- a/install/zerotier-one-install.sh
+++ b/install/zerotier-one-install.sh
@ -13,6 +13,17 @@ setting_up_container
 network_check
 update_os

+msg_warn "WARNING: This script will run an external installer from a third-party source (https://install.zerotier.com)."
+msg_warn "The following code is NOT maintained or audited by our repository."
+msg_warn "If you have any doubts or concerns, please review the installer code before proceeding:"
+msg_custom "${TAB3}${GATEWAY}${BGN}${CL}" "\e[1;34m" "→  https://install.zerotier.com"
+echo
+read -r -p "${TAB3}Do you want to continue? [y/N]: " CONFIRM
+if [[ ! $CONFIRM =~ ^([yY][eE][sS]|[yY])$ ]]; then
+  msg_error "Aborted by user. No changes have been made."
+  exit 10
+fi
+
 msg_info "Setting up Zerotier-One"
 curl -fsSL https://raw.githubusercontent.com/zerotier/ZeroTierOne/main/doc/contact%40zerotier.com.gpg | gpg --import >/dev/null 2>&1
 curl -fsSL https://install.zerotier.com -o /tmp/zerotier-install.sh
@ -33,7 +44,7 @@ echo NODE_ENV=production >>/opt/key-networks/ztncui/.env
 chmod 400 /opt/key-networks/ztncui/.env
 chown ztncui:ztncui /opt/key-networks/ztncui/.env
 systemctl restart ztncui
-msg_ok "Done setting up UI."
+msg_ok "Setup UI."

 motd_ssh
 customize
--- a/install/zigbee2mqtt-install.sh
+++ b/install/zigbee2mqtt-install.sh
@ -16,31 +16,26 @@ update_os
 msg_info "Installing Dependencies"
 $STD apt install -y \
  git \
-  make \
-  g++ \
-  gcc \
-  ca-certificates \
-  jq
+  build-essential
 msg_ok "Installed Dependencies"

 NODE_VERSION="24" NODE_MODULE="pnpm@$(curl -fsSL https://raw.githubusercontent.com/Koenkk/zigbee2mqtt/master/package.json | jq -r '.packageManager | split("@")[1]')" setup_nodejs
-
 fetch_and_deploy_gh_release "Zigbee2MQTT" "Koenkk/zigbee2mqtt" "tarball" "latest" "/opt/zigbee2mqtt"

 msg_info "Setting up Zigbee2MQTT"
-cd /opt/zigbee2mqtt/data || exit
-mv configuration.example.yaml configuration.yaml
-cd /opt/zigbee2mqtt || exit
+mv /opt/zigbee2mqtt/data/configuration.example.yaml /opt/zigbee2mqtt/data/configuration.yaml
+cd /opt/zigbee2mqtt
 echo "packageImportMethod: hardlink" >>./pnpm-workspace.yaml
 $STD pnpm install --no-frozen-lockfile
 $STD pnpm build
-msg_ok "Installed Zigbee2MQTT"
+msg_ok "Setup Zigbee2MQTT"

 msg_info "Creating Service"
 cat <<EOF >/etc/systemd/system/zigbee2mqtt.service
 [Unit]
 Description=zigbee2mqtt
 After=network.target
+
 [Service]
 Environment=NODE_ENV=production
 ExecStart=/usr/bin/pnpm start
@ -49,6 +44,7 @@ StandardOutput=inherit
 StandardError=inherit
 Restart=always
 User=root
+
 [Install]
 WantedBy=multi-user.target
 EOF
--- a/install/zipline-install.sh
+++ b/install/zipline-install.sh
@ -16,31 +16,15 @@ update_os

 NODE_VERSION="22" NODE_MODULE="pnpm" setup_nodejs
 PG_VERSION="17" setup_postgresql
+PG_DB_NAME="ziplinedb" PG_DB_USER="zipline" setup_postgresql_db
 fetch_and_deploy_gh_release "zipline" "diced/zipline" "tarball"
-
-msg_info "Setting up PostgreSQL"
-DB_NAME=ziplinedb
-DB_USER=zipline
-DB_PASS="$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | cut -c1-13)"
 SECRET_KEY="$(openssl rand -base64 42 | tr -dc 'a-zA-Z0-9')"
-$STD sudo -u postgres psql -c "CREATE ROLE $DB_USER WITH LOGIN PASSWORD '$DB_PASS';"
-$STD sudo -u postgres psql -c "CREATE DATABASE $DB_NAME WITH OWNER $DB_USER ENCODING 'UTF8' TEMPLATE template0;"
-$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET client_encoding TO 'utf8';"
-$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET default_transaction_isolation TO 'read committed';"
-$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET timezone TO 'UTC'"
-{
-  echo "Zipline-Credentials"
-  echo "Zipline Database User: $DB_USER"
-  echo "Zipline Database Password: $DB_PASS"
-  echo "Zipline Database Name: $DB_NAME"
-  echo "Zipline Secret Key: $SECRET_KEY"
-} >>~/zipline.creds
-msg_ok "Set up PostgreSQL"
+echo "Zipline Secret Key: ${SECRET_KEY}" >>~/zipline.creds

 msg_info "Installing Zipline (Patience)"
 cd /opt/zipline || exit
 cat <<EOF >/opt/zipline/.env
-DATABASE_URL=postgres://$DB_USER:$DB_PASS@localhost:5432/$DB_NAME
+DATABASE_URL=postgres://$PG_DB_USER:$PG_DB_PASS@localhost:5432/$PG_DB_NAME
 CORE_SECRET=$SECRET_KEY
 CORE_HOSTNAME=0.0.0.0
 CORE_PORT=3000
--- a/misc/alpine-install.func
+++ b/misc/alpine-install.func
@ -125,22 +125,13 @@ update_os() {
 # This function modifies the message of the day (motd) and SSH settings
 motd_ssh() {
  echo "export TERM='xterm-256color'" >>/root/.bashrc
-  IP=$(ip -4 addr show eth0 | awk '/inet / {print $2}' | cut -d/ -f1 | head -n 1)
-
-  if [ -f "/etc/os-release" ]; then
-    OS_NAME=$(grep ^NAME /etc/os-release | cut -d= -f2 | tr -d '"')
-    OS_VERSION=$(grep ^VERSION_ID /etc/os-release | cut -d= -f2 | tr -d '"')
-  else
-    OS_NAME="Alpine Linux"
-    OS_VERSION="Unknown"
-  fi

  PROFILE_FILE="/etc/profile.d/00_lxc-details.sh"
  echo "echo -e \"\"" >"$PROFILE_FILE"
  echo -e "echo -e \"${BOLD}${APPLICATION} LXC Container${CL}"\" >>"$PROFILE_FILE"
  echo -e "echo -e \"${TAB}${GATEWAY}${YW} Provided by: ${GN}community-scripts ORG ${YW}| GitHub: ${GN}https://github.com/community-scripts/ProxmoxVE${CL}\"" >>"$PROFILE_FILE"
  echo "echo \"\"" >>"$PROFILE_FILE"
-  echo -e "echo -e \"${TAB}${OS}${YW} OS: ${GN}${OS_NAME} - Version: ${OS_VERSION}${CL}\"" >>"$PROFILE_FILE"
+  echo -e "echo -e \"${TAB}${OS}${YW} OS: ${GN}\$(grep ^NAME /etc/os-release | cut -d= -f2 | tr -d '\"') - Version: \$(grep ^VERSION_ID /etc/os-release | cut -d= -f2 | tr -d '\"')${CL}\"" >>"$PROFILE_FILE"
  echo -e "echo -e \"${TAB}${HOSTNAME}${YW} Hostname: ${GN}\$(hostname)${CL}\"" >>"$PROFILE_FILE"
  echo -e "echo -e \"${TAB}${INFO}${YW} IP Address: ${GN}\$(ip -4 addr show eth0 | awk '/inet / {print \$2}' | cut -d/ -f1 | head -n 1)${CL}\"" >>"$PROFILE_FILE"

--- a/misc/build.func
+++ b/misc/build.func
@ -453,7 +453,7 @@ load_vars_file() {

  # Allowed var_* keys
  local VAR_WHITELIST=(
-    var_apt_cacher var_apt_cacher_ip var_brg var_cpu var_disk var_fuse var_keyctl
+    var_apt_cacher var_apt_cacher_ip var_brg var_cpu var_disk var_fuse var_gpu var_keyctl
    var_gateway var_hostname var_ipv6_method var_mac var_mknod var_mount_fs var_mtu
    var_net var_nesting var_ns var_protection var_pw var_ram var_tags var_timezone var_tun var_unprivileged
    var_verbose var_vlan var_ssh var_ssh_authorized_key var_container_storage var_template_storage
@ -505,7 +505,7 @@ default_var_settings() {
  # Allowed var_* keys (alphabetically sorted)
  # Note: Removed var_ctid (can only exist once), var_ipv6_static (static IPs are unique)
  local VAR_WHITELIST=(
-    var_apt_cacher var_apt_cacher_ip var_brg var_cpu var_disk var_fuse var_keyctl
+    var_apt_cacher var_apt_cacher_ip var_brg var_cpu var_disk var_fuse var_gpu var_keyctl
    var_gateway var_hostname var_ipv6_method var_mac var_mknod var_mount_fs var_mtu
    var_net var_nesting var_ns var_protection var_pw var_ram var_tags var_timezone var_tun var_unprivileged
    var_verbose var_vlan var_ssh var_ssh_authorized_key var_container_storage var_template_storage
@ -667,7 +667,7 @@ get_app_defaults_path() {
 if ! declare -p VAR_WHITELIST >/dev/null 2>&1; then
  # Note: Removed var_ctid (can only exist once), var_ipv6_static (static IPs are unique)
  declare -ag VAR_WHITELIST=(
-    var_apt_cacher var_apt_cacher_ip var_brg var_cpu var_disk var_fuse
+    var_apt_cacher var_apt_cacher_ip var_brg var_cpu var_disk var_fuse var_gpu
    var_gateway var_hostname var_ipv6_method var_mac var_mtu
    var_net var_ns var_pw var_ram var_tags var_tun var_unprivileged
    var_verbose var_vlan var_ssh var_ssh_authorized_key var_container_storage var_template_storage
@ -816,6 +816,7 @@ _build_current_app_vars_tmp() {
  _apt_cacher_ip="${APT_CACHER_IP:-}"
  _fuse="${ENABLE_FUSE:-no}"
  _tun="${ENABLE_TUN:-no}"
+  _gpu="${ENABLE_GPU:-no}"
  _nesting="${ENABLE_NESTING:-1}"
  _keyctl="${ENABLE_KEYCTL:-0}"
  _mknod="${ENABLE_MKNOD:-0}"
@ -865,6 +866,7 @@ _build_current_app_vars_tmp() {

    [ -n "$_fuse" ] && echo "var_fuse=$(_sanitize_value "$_fuse")"
    [ -n "$_tun" ] && echo "var_tun=$(_sanitize_value "$_tun")"
+    [ -n "$_gpu" ] && echo "var_gpu=$(_sanitize_value "$_gpu")"
    [ -n "$_nesting" ] && echo "var_nesting=$(_sanitize_value "$_nesting")"
    [ -n "$_keyctl" ] && echo "var_keyctl=$(_sanitize_value "$_keyctl")"
    [ -n "$_mknod" ] && echo "var_mknod=$(_sanitize_value "$_mknod")"
@ -1011,37 +1013,49 @@ advanced_settings() {
  # Initialize defaults
  TAGS="community-script;${var_tags:-}"
  local STEP=1
-  local MAX_STEP=19
+  local MAX_STEP=28

-  # Store values for back navigation
-  local _ct_type="${CT_TYPE:-1}"
+  # Store values for back navigation - inherit from var_* app defaults
+  local _ct_type="${var_unprivileged:-1}"
  local _pw=""
  local _pw_display="Automatic Login"
  local _ct_id="$NEXTID"
  local _hostname="$NSAPP"
-  local _disk_size="$var_disk"
-  local _core_count="$var_cpu"
-  local _ram_size="$var_ram"
-  local _bridge="vmbr0"
-  local _net="dhcp"
-  local _gate=""
-  local _ipv6_method="auto"
+  local _disk_size="${var_disk:-4}"
+  local _core_count="${var_cpu:-1}"
+  local _ram_size="${var_ram:-1024}"
+  local _bridge="${var_brg:-vmbr0}"
+  local _net="${var_net:-dhcp}"
+  local _gate="${var_gateway:-}"
+  local _ipv6_method="${var_ipv6_method:-auto}"
  local _ipv6_addr=""
  local _ipv6_gate=""
-  local _apt_cacher_ip=""
-  local _mtu=""
-  local _sd=""
-  local _ns=""
-  local _mac=""
-  local _vlan=""
+  local _apt_cacher="${var_apt_cacher:-no}"
+  local _apt_cacher_ip="${var_apt_cacher_ip:-}"
+  local _mtu="${var_mtu:-}"
+  local _sd="${var_searchdomain:-}"
+  local _ns="${var_ns:-}"
+  local _mac="${var_mac:-}"
+  local _vlan="${var_vlan:-}"
  local _tags="$TAGS"
-  local _enable_fuse="no"
-  local _verbose="no"
-  local _enable_keyctl="0"
-  local _enable_mknod="0"
-  local _mount_fs=""
-  local _protect_ct="no"
-  local _ct_timezone=""
+  local _enable_fuse="${var_fuse:-no}"
+  local _enable_tun="${var_tun:-no}"
+  local _enable_gpu="${var_gpu:-no}"
+  local _enable_nesting="${var_nesting:-1}"
+  local _verbose="${var_verbose:-no}"
+  local _enable_keyctl="${var_keyctl:-0}"
+  local _enable_mknod="${var_mknod:-0}"
+  local _mount_fs="${var_mount_fs:-}"
+  local _protect_ct="${var_protection:-no}"
+  
+  # Detect host timezone for default (if not set via var_timezone)
+  local _host_timezone=""
+  if command -v timedatectl >/dev/null 2>&1; then
+    _host_timezone=$(timedatectl show --value --property=Timezone 2>/dev/null || echo "")
+  elif [ -f /etc/timezone ]; then
+    _host_timezone=$(cat /etc/timezone 2>/dev/null || echo "")
+  fi
+  local _ct_timezone="${var_timezone:-$_host_timezone}"

  # Helper to show current progress
  show_progress() {
@ -1491,20 +1505,23 @@ advanced_settings() {
    # STEP 17: SSH Settings
    # ═══════════════════════════════════════════════════════════════════════════
    17)
-      configure_ssh_settings
+      configure_ssh_settings "Step $STEP/$MAX_STEP"
      # configure_ssh_settings handles its own flow, always advance
      ((STEP++))
      ;;

    # ═══════════════════════════════════════════════════════════════════════════
-    # STEP 18: FUSE & Verbose Mode
+    # STEP 18: FUSE Support
    # ═══════════════════════════════════════════════════════════════════════════
    18)
+      local fuse_default_flag="--defaultno"
+      [[ "$_enable_fuse" == "yes" || "$_enable_fuse" == "1" ]] && fuse_default_flag=""
+
      if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
        --title "FUSE SUPPORT" \
        --ok-button "Next" --cancel-button "Back" \
-        --defaultno \
-        --yesno "\nEnable FUSE support?\n\nRequired for: rclone, mergerfs, AppImage, etc." 12 58; then
+        $fuse_default_flag \
+        --yesno "\nEnable FUSE support?\n\nRequired for: rclone, mergerfs, AppImage, etc.\n\n(App default: ${var_fuse:-no})" 14 58; then
        _enable_fuse="yes"
      else
        if [ $? -eq 1 ]; then
@ -1514,26 +1531,255 @@ advanced_settings() {
          continue
        fi
      fi
+      ((STEP++))
+      ;;
+
+    # ═══════════════════════════════════════════════════════════════════════════
+    # STEP 19: TUN/TAP Support
+    # ═══════════════════════════════════════════════════════════════════════════
+    19)
+      local tun_default_flag="--defaultno"
+      [[ "$_enable_tun" == "yes" || "$_enable_tun" == "1" ]] && tun_default_flag=""

      if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
-        --title "VERBOSE MODE" \
-        --defaultno \
-        --yesno "\nEnable Verbose Mode?\n\nShows detailed output during installation." 12 58; then
-        _verbose="yes"
+        --title "TUN/TAP SUPPORT" \
+        --ok-button "Next" --cancel-button "Back" \
+        $tun_default_flag \
+        --yesno "\nEnable TUN/TAP device support?\n\nRequired for: VPN apps (WireGuard, OpenVPN, Tailscale),\nnetwork tunneling, and containerized networking.\n\n(App default: ${var_tun:-no})" 14 62; then
+        _enable_tun="yes"
      else
-        _verbose="no"
+        if [ $? -eq 1 ]; then
+          _enable_tun="no"
+        else
+          ((STEP--))
+          continue
+        fi
      fi
      ((STEP++))
      ;;

    # ═══════════════════════════════════════════════════════════════════════════
-    # STEP 19: Confirmation
+    # STEP 20: Nesting Support
    # ═══════════════════════════════════════════════════════════════════════════
-    19)
+    20)
+      local nesting_default_flag=""
+      [[ "$_enable_nesting" == "0" || "$_enable_nesting" == "no" ]] && nesting_default_flag="--defaultno"
+
+      if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
+        --title "NESTING SUPPORT" \
+        --ok-button "Next" --cancel-button "Back" \
+        $nesting_default_flag \
+        --yesno "\nEnable Nesting?\n\nRequired for: Docker, LXC inside LXC, Podman,\nand other containerization tools.\n\n(App default: ${var_nesting:-1})" 14 58; then
+        _enable_nesting="1"
+      else
+        if [ $? -eq 1 ]; then
+          _enable_nesting="0"
+        else
+          ((STEP--))
+          continue
+        fi
+      fi
+      ((STEP++))
+      ;;
+
+    # ═══════════════════════════════════════════════════════════════════════════
+    # STEP 21: GPU Passthrough
+    # ═══════════════════════════════════════════════════════════════════════════
+    21)
+      local gpu_default_flag="--defaultno"
+      [[ "$_enable_gpu" == "yes" ]] && gpu_default_flag=""
+
+      if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
+        --title "GPU PASSTHROUGH" \
+        --ok-button "Next" --cancel-button "Back" \
+        $gpu_default_flag \
+        --yesno "\nEnable GPU Passthrough?\n\nAutomatically detects and passes through available GPUs\n(Intel/AMD/NVIDIA) for hardware acceleration.\n\nRecommended for: Media servers, AI/ML, Transcoding\n\n(App default: ${var_gpu:-no})" 16 62; then
+        _enable_gpu="yes"
+      else
+        if [ $? -eq 1 ]; then
+          _enable_gpu="no"
+        else
+          ((STEP--))
+          continue
+        fi
+      fi
+      ((STEP++))
+      ;;
+
+    # ═══════════════════════════════════════════════════════════════════════════
+    # STEP 22: Keyctl Support (Docker/systemd)
+    # ═══════════════════════════════════════════════════════════════════════════
+    22)
+      local keyctl_default_flag="--defaultno"
+      [[ "$_enable_keyctl" == "1" ]] && keyctl_default_flag=""
+
+      if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
+        --title "KEYCTL SUPPORT" \
+        --ok-button "Next" --cancel-button "Back" \
+        $keyctl_default_flag \
+        --yesno "\nEnable Keyctl support?\n\nRequired for: Docker containers, systemd-networkd,\nand kernel keyring operations.\n\nNote: Automatically enabled for unprivileged containers.\n\n(App default: ${var_keyctl:-0})" 16 62; then
+        _enable_keyctl="1"
+      else
+        if [ $? -eq 1 ]; then
+          _enable_keyctl="0"
+        else
+          ((STEP--))
+          continue
+        fi
+      fi
+      ((STEP++))
+      ;;
+
+    # ═══════════════════════════════════════════════════════════════════════════
+    # STEP 23: APT Cacher Proxy
+    # ═══════════════════════════════════════════════════════════════════════════
+    23)
+      local apt_cacher_default_flag="--defaultno"
+      [[ "$_apt_cacher" == "yes" ]] && apt_cacher_default_flag=""
+
+      if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
+        --title "APT CACHER PROXY" \
+        --ok-button "Next" --cancel-button "Back" \
+        $apt_cacher_default_flag \
+        --yesno "\nUse APT Cacher-NG proxy?\n\nSpeeds up package downloads by caching them locally.\nRequires apt-cacher-ng running on your network.\n\n(App default: ${var_apt_cacher:-no})" 14 62; then
+        _apt_cacher="yes"
+        # Ask for IP if enabled
+        if result=$(whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
+          --title "APT CACHER IP" \
+          --inputbox "\nEnter APT Cacher-NG server IP address:" 10 58 "$_apt_cacher_ip" \
+          3>&1 1>&2 2>&3); then
+          _apt_cacher_ip="$result"
+        fi
+      else
+        if [ $? -eq 1 ]; then
+          _apt_cacher="no"
+          _apt_cacher_ip=""
+        else
+          ((STEP--))
+          continue
+        fi
+      fi
+      ((STEP++))
+      ;;
+
+    # ═══════════════════════════════════════════════════════════════════════════
+    # STEP 24: Container Timezone
+    # ═══════════════════════════════════════════════════════════════════════════
+    24)
+      local tz_hint="$_ct_timezone"
+      [[ -z "$tz_hint" ]] && tz_hint="(empty - will use host timezone)"
+
+      if result=$(whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
+        --title "CONTAINER TIMEZONE" \
+        --ok-button "Next" --cancel-button "Back" \
+        --inputbox "\nSet container timezone.\n\nExamples: Europe/Berlin, America/New_York, Asia/Tokyo\n\nHost timezone: ${_host_timezone:-unknown}\n\nLeave empty to inherit from host." 16 62 "$_ct_timezone" \
+        3>&1 1>&2 2>&3); then
+        _ct_timezone="$result"
+        ((STEP++))
+      else
+        ((STEP--))
+      fi
+      ;;
+
+    # ═══════════════════════════════════════════════════════════════════════════
+    # STEP 25: Container Protection
+    # ═══════════════════════════════════════════════════════════════════════════
+    25)
+      local protect_default_flag="--defaultno"
+      [[ "$_protect_ct" == "yes" || "$_protect_ct" == "1" ]] && protect_default_flag=""
+
+      if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
+        --title "CONTAINER PROTECTION" \
+        --ok-button "Next" --cancel-button "Back" \
+        $protect_default_flag \
+        --yesno "\nEnable Container Protection?\n\nPrevents accidental deletion of this container.\nYou must disable protection before removing.\n\n(App default: ${var_protection:-no})" 14 62; then
+        _protect_ct="yes"
+      else
+        if [ $? -eq 1 ]; then
+          _protect_ct="no"
+        else
+          ((STEP--))
+          continue
+        fi
+      fi
+      ((STEP++))
+      ;;
+
+    # ═══════════════════════════════════════════════════════════════════════════
+    # STEP 26: Device Node Creation (mknod)
+    # ═══════════════════════════════════════════════════════════════════════════
+    26)
+      local mknod_default_flag="--defaultno"
+      [[ "$_enable_mknod" == "1" ]] && mknod_default_flag=""
+
+      if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
+        --title "DEVICE NODE CREATION" \
+        --ok-button "Next" --cancel-button "Back" \
+        $mknod_default_flag \
+        --yesno "\nAllow device node creation (mknod)?\n\nRequired for: Creating device files inside container.\nExperimental feature (requires kernel 5.3+).\n\n(App default: ${var_mknod:-0})" 14 62; then
+        _enable_mknod="1"
+      else
+        if [ $? -eq 1 ]; then
+          _enable_mknod="0"
+        else
+          ((STEP--))
+          continue
+        fi
+      fi
+      ((STEP++))
+      ;;
+
+    # ═══════════════════════════════════════════════════════════════════════════
+    # STEP 27: Mount Filesystems
+    # ═══════════════════════════════════════════════════════════════════════════
+    27)
+      local mount_hint=""
+      [[ -n "$_mount_fs" ]] && mount_hint="$_mount_fs" || mount_hint="(none)"
+
+      if result=$(whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
+        --title "MOUNT FILESYSTEMS" \
+        --ok-button "Next" --cancel-button "Back" \
+        --inputbox "\nAllow specific filesystem mounts.\n\nComma-separated list: nfs, cifs, fuse, ext4, etc.\nLeave empty for defaults (none).\n\nCurrent: $mount_hint" 14 62 "$_mount_fs" \
+        3>&1 1>&2 2>&3); then
+        _mount_fs="$result"
+        ((STEP++))
+      else
+        ((STEP--))
+      fi
+      ;;
+
+    # ═══════════════════════════════════════════════════════════════════════════
+    # STEP 28: Verbose Mode & Confirmation
+    # ═══════════════════════════════════════════════════════════════════════════
+    28)
+      local verbose_default_flag="--defaultno"
+      [[ "$_verbose" == "yes" ]] && verbose_default_flag=""
+
+      if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
+        --title "VERBOSE MODE" \
+        $verbose_default_flag \
+        --yesno "\nEnable Verbose Mode?\n\nShows detailed output during installation." 12 58; then
+        _verbose="yes"
+      else
+        _verbose="no"
+      fi
      # Build summary
      local ct_type_desc="Unprivileged"
      [[ "$_ct_type" == "0" ]] && ct_type_desc="Privileged"

+      local nesting_desc="Disabled"
+      [[ "$_enable_nesting" == "1" ]] && nesting_desc="Enabled"
+
+      local keyctl_desc="Disabled"
+      [[ "$_enable_keyctl" == "1" ]] && keyctl_desc="Enabled"
+
+      local protect_desc="No"
+      [[ "$_protect_ct" == "yes" || "$_protect_ct" == "1" ]] && protect_desc="Yes"
+
+      local tz_display="${_ct_timezone:-Host TZ}"
+      local apt_display="${_apt_cacher:-no}"
+      [[ "$_apt_cacher" == "yes" && -n "$_apt_cacher_ip" ]] && apt_display="$_apt_cacher_ip"
+
      local summary="Container Type: $ct_type_desc
 Container ID: $_ct_id
 Hostname: $_hostname
@ -1548,14 +1794,20 @@ Network:
  IPv4: $_net
  IPv6: $_ipv6_method

-Options:
-  FUSE: $_enable_fuse
+Features:
+  FUSE: $_enable_fuse | TUN: $_enable_tun
+  Nesting: $nesting_desc | Keyctl: $keyctl_desc
+  GPU: $_enable_gpu | Protection: $protect_desc
+
+Advanced:
+  Timezone: $tz_display
+  APT Cacher: $apt_display
  Verbose: $_verbose"

      if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
        --title "CONFIRM SETTINGS" \
        --ok-button "Create LXC" --cancel-button "Back" \
-        --yesno "$summary\n\nCreate ${APP} LXC with these settings?" 26 58; then
+        --yesno "$summary\n\nCreate ${APP} LXC with these settings?" 32 62; then
        ((STEP++))
      else
        ((STEP--))
@ -1582,8 +1834,31 @@ Options:
  IPV6_GATE="$_ipv6_gate"
  TAGS="$_tags"
  ENABLE_FUSE="$_enable_fuse"
+  ENABLE_TUN="$_enable_tun"
+  ENABLE_GPU="$_enable_gpu"
+  ENABLE_NESTING="$_enable_nesting"
+  ENABLE_KEYCTL="$_enable_keyctl"
+  ENABLE_MKNOD="$_enable_mknod"
+  ALLOW_MOUNT_FS="$_mount_fs"
+  PROTECT_CT="$_protect_ct"
+  CT_TIMEZONE="$_ct_timezone"
+  APT_CACHER="$_apt_cacher"
+  APT_CACHER_IP="$_apt_cacher_ip"
  VERBOSE="$_verbose"

+  # Update var_* based on user choice (for functions that check these)
+  var_gpu="$_enable_gpu"
+  var_fuse="$_enable_fuse"
+  var_tun="$_enable_tun"
+  var_nesting="$_enable_nesting"
+  var_keyctl="$_enable_keyctl"
+  var_mknod="$_enable_mknod"
+  var_mount_fs="$_mount_fs"
+  var_protection="$_protect_ct"
+  var_timezone="$_ct_timezone"
+  var_apt_cacher="$_apt_cacher"
+  var_apt_cacher_ip="$_apt_cacher_ip"
+
  # Format optional values
  [[ -n "$_mtu" ]] && MTU=",mtu=$_mtu" || MTU=""
  [[ -n "$_sd" ]] && SD="-searchdomain=$_sd" || SD=""
@ -1600,6 +1875,10 @@ Options:
  export UDHCPC_FIX
  export SSH_KEYS_FILE

+  # Exit alternate screen buffer before showing summary (so output remains visible)
+  tput rmcup 2>/dev/null || true
+  trap - RETURN
+
  # Display final summary
  echo -e "\n${INFO}${BOLD}${DGN}PVE Version ${PVEVERSION} (Kernel: ${KERNEL_VERSION})${CL}"
  echo -e "${OS}${BOLD}${DGN}Operating System: ${BGN}$var_os${CL}"
@ -1614,6 +1893,13 @@ Options:
  echo -e "${NETWORK}${BOLD}${DGN}IPv4: ${BGN}$NET${CL}"
  echo -e "${NETWORK}${BOLD}${DGN}IPv6: ${BGN}$IPV6_METHOD${CL}"
  echo -e "${FUSE}${BOLD}${DGN}FUSE Support: ${BGN}$ENABLE_FUSE${CL}"
+  [[ "$ENABLE_TUN" == "yes" ]] && echo -e "${NETWORK}${BOLD}${DGN}TUN/TAP Support: ${BGN}$ENABLE_TUN${CL}"
+  echo -e "${CONTAINERTYPE}${BOLD}${DGN}Nesting: ${BGN}$([ "$ENABLE_NESTING" == "1" ] && echo "Enabled" || echo "Disabled")${CL}"
+  [[ "$ENABLE_KEYCTL" == "1" ]] && echo -e "${CONTAINERTYPE}${BOLD}${DGN}Keyctl: ${BGN}Enabled${CL}"
+  echo -e "${GPU}${BOLD}${DGN}GPU Passthrough: ${BGN}$ENABLE_GPU${CL}"
+  [[ "$PROTECT_CT" == "yes" || "$PROTECT_CT" == "1" ]] && echo -e "${CONTAINERTYPE}${BOLD}${DGN}Protection: ${BGN}Enabled${CL}"
+  [[ -n "$CT_TIMEZONE" ]] && echo -e "${INFO}${BOLD}${DGN}Timezone: ${BGN}$CT_TIMEZONE${CL}"
+  [[ "$APT_CACHER" == "yes" ]] && echo -e "${INFO}${BOLD}${DGN}APT Cacher: ${BGN}$APT_CACHER_IP${CL}"
  echo -e "${SEARCH}${BOLD}${DGN}Verbose Mode: ${BGN}$VERBOSE${CL}"
  echo -e "${CREATING}${BOLD}${RD}Creating a ${APP} LXC using the above advanced settings${CL}"
 }
@ -1736,6 +2022,9 @@ echo_default() {
  echo -e "${DISKSIZE}${BOLD}${DGN}Disk Size: ${BGN}${DISK_SIZE} GB${CL}"
  echo -e "${CPUCORE}${BOLD}${DGN}CPU Cores: ${BGN}${CORE_COUNT}${CL}"
  echo -e "${RAMSIZE}${BOLD}${DGN}RAM Size: ${BGN}${RAM_SIZE} MiB${CL}"
+  if [[ -n "${var_gpu:-}" && "${var_gpu}" == "yes" ]]; then
+    echo -e "${GPU}${BOLD}${DGN}GPU Passthrough: ${BGN}Enabled${CL}"
+  fi
  if [ "$VERBOSE" == "yes" ]; then
    echo -e "${SEARCH}${BOLD}${DGN}Verbose Mode: ${BGN}Enabled${CL}"
  fi
@ -2076,6 +2365,10 @@ ssh_discover_default_files() {
 }

 configure_ssh_settings() {
+  local step_info="${1:-}"
+  local backtitle="Proxmox VE Helper Scripts"
+  [[ -n "$step_info" ]] && backtitle="Proxmox VE Helper Scripts [${step_info}]"
+
  SSH_KEYS_FILE="$(mktemp)"
  : >"$SSH_KEYS_FILE"

@ -2085,14 +2378,14 @@ configure_ssh_settings() {

  local ssh_key_mode
  if [[ "$default_key_count" -gt 0 ]]; then
-    ssh_key_mode=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "SSH KEY SOURCE" --menu \
+    ssh_key_mode=$(whiptail --backtitle "$backtitle" --title "SSH KEY SOURCE" --menu \
      "Provision SSH keys for root:" 14 72 4 \
      "found" "Select from detected keys (${default_key_count})" \
      "manual" "Paste a single public key" \
      "folder" "Scan another folder (path or glob)" \
      "none" "No keys" 3>&1 1>&2 2>&3) || exit_script
  else
-    ssh_key_mode=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "SSH KEY SOURCE" --menu \
+    ssh_key_mode=$(whiptail --backtitle "$backtitle" --title "SSH KEY SOURCE" --menu \
      "No host keys detected; choose manual/none:" 12 72 2 \
      "manual" "Paste a single public key" \
      "none" "No keys" 3>&1 1>&2 2>&3) || exit_script
@ -2101,7 +2394,7 @@ configure_ssh_settings() {
  case "$ssh_key_mode" in
  found)
    local selection
-    selection=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "SELECT HOST KEYS" \
+    selection=$(whiptail --backtitle "$backtitle" --title "SELECT HOST KEYS" \
      --checklist "Select one or more keys to import:" 20 140 10 "${CHOICES[@]}" 3>&1 1>&2 2>&3) || exit_script
    for tag in $selection; do
      tag="${tag%\"}"
@ -2112,13 +2405,13 @@ configure_ssh_settings() {
    done
    ;;
  manual)
-    SSH_AUTHORIZED_KEY="$(whiptail --backtitle "Proxmox VE Helper Scripts" \
+    SSH_AUTHORIZED_KEY="$(whiptail --backtitle "$backtitle" \
      --inputbox "Paste one SSH public key line (ssh-ed25519/ssh-rsa/...)" 10 72 --title "SSH Public Key" 3>&1 1>&2 2>&3)"
    [[ -n "$SSH_AUTHORIZED_KEY" ]] && printf '%s\n' "$SSH_AUTHORIZED_KEY" >>"$SSH_KEYS_FILE"
    ;;
  folder)
    local glob_path
-    glob_path=$(whiptail --backtitle "Proxmox VE Helper Scripts" \
+    glob_path=$(whiptail --backtitle "$backtitle" \
      --inputbox "Enter a folder or glob to scan (e.g. /root/.ssh/*.pub)" 10 72 --title "Scan Folder/Glob" 3>&1 1>&2 2>&3)
    if [[ -n "$glob_path" ]]; then
      shopt -s nullglob
@ -2128,7 +2421,7 @@ configure_ssh_settings() {
        ssh_build_choices_from_files "${_scan_files[@]}"
        if [[ "$COUNT" -gt 0 ]]; then
          local folder_selection
-          folder_selection=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "SELECT FOLDER KEYS" \
+          folder_selection=$(whiptail --backtitle "$backtitle" --title "SELECT FOLDER KEYS" \
            --checklist "Select key(s) to import:" 20 78 10 "${CHOICES[@]}" 3>&1 1>&2 2>&3) || exit_script
          for tag in $folder_selection; do
            tag="${tag%\"}"
@ -2138,10 +2431,10 @@ configure_ssh_settings() {
            [[ -n "$line" ]] && printf '%s\n' "$line" >>"$SSH_KEYS_FILE"
          done
        else
-          whiptail --backtitle "Proxmox VE Helper Scripts" --msgbox "No keys found in: $glob_path" 8 60
+          whiptail --backtitle "$backtitle" --msgbox "No keys found in: $glob_path" 8 60
        fi
      else
-        whiptail --backtitle "Proxmox VE Helper Scripts" --msgbox "Path/glob returned no files." 8 60
+        whiptail --backtitle "$backtitle" --msgbox "Path/glob returned no files." 8 60
      fi
    fi
    ;;
@ -2155,15 +2448,12 @@ configure_ssh_settings() {
    printf '\n' >>"$SSH_KEYS_FILE"
  fi

-  if [[ -s "$SSH_KEYS_FILE" || "$PW" == -password* ]]; then
-    if (whiptail --backtitle "Proxmox VE Helper Scripts" --defaultno --title "SSH ACCESS" --yesno "Enable root SSH access?" 10 58); then
+  # Always show SSH access dialog - user should be able to enable SSH even without keys
+  if (whiptail --backtitle "$backtitle" --defaultno --title "SSH ACCESS" --yesno "Enable root SSH access?" 10 58); then
    SSH="yes"
  else
    SSH="no"
  fi
-  else
-    SSH="no"
-  fi
 }

 # ------------------------------------------------------------------------------
@ -2278,15 +2568,23 @@ build_container() {
  none) ;;
  esac

-  # Build FEATURES string
-  if [ "$CT_TYPE" == "1" ]; then
-    FEATURES="keyctl=1,nesting=1"
-  else
+  # Build FEATURES string based on container type and user choices
+  FEATURES=""
+
+  # Nesting support (user configurable, default enabled)
+  if [ "${ENABLE_NESTING:-1}" == "1" ]; then
    FEATURES="nesting=1"
  fi

+  # Keyctl for unprivileged containers (needed for Docker)
+  if [ "$CT_TYPE" == "1" ]; then
+    [ -n "$FEATURES" ] && FEATURES="$FEATURES,"
+    FEATURES="${FEATURES}keyctl=1"
+  fi
+
  if [ "$ENABLE_FUSE" == "yes" ]; then
-    FEATURES="$FEATURES,fuse=1"
+    [ -n "$FEATURES" ] && FEATURES="$FEATURES,"
+    FEATURES="${FEATURES}fuse=1"
  fi

  # Build PCT_OPTIONS as string for export
@ -2387,21 +2685,15 @@ build_container() {
  # GPU/USB PASSTHROUGH CONFIGURATION
  # ============================================================================

-  # List of applications that benefit from GPU acceleration
-  GPU_APPS=(
-    "immich" "channels" "emby" "ersatztv" "frigate"
-    "jellyfin" "plex" "scrypted" "tdarr" "unmanic"
-    "ollama" "fileflows" "open-webui" "tunarr" "debian"
-    "handbrake" "sunshine" "moonlight" "kodi" "stremio"
-    "viseron"
-  )
-
-  # Check if app needs GPU
+  # Check if GPU passthrough is enabled
+  # Returns true only if var_gpu is explicitly set to "yes"
+  # Can be set via:
+  #   - Environment variable: var_gpu=yes bash -c "..."
+  #   - CT script default: var_gpu="${var_gpu:-no}"
+  #   - Advanced settings wizard
+  #   - App defaults file: /usr/local/community-scripts/defaults/<app>.vars
  is_gpu_app() {
-    local app="${1,,}"
-    for gpu_app in "${GPU_APPS[@]}"; do
-      [[ "$app" == "${gpu_app,,}" ]] && return 0
-    done
+    [[ "${var_gpu:-no}" == "yes" ]] && return 0
    return 1
  }

@ -2491,8 +2783,13 @@ EOF

  # Configure GPU passthrough
  configure_gpu_passthrough() {
-    # Skip if not a GPU app and not privileged
-    if [[ "$CT_TYPE" != "0" ]] && ! is_gpu_app "$APP"; then
+    # Skip if:
+    # GPU passthrough is enabled when var_gpu="yes":
+    # - Set via environment variable: var_gpu=yes bash -c "..."
+    # - Set in CT script: var_gpu="${var_gpu:-no}"
+    # - Enabled in advanced_settings wizard
+    # - Configured in app defaults file
+    if ! is_gpu_app "$APP"; then
      return 0
    fi

--- a/misc/core.func
+++ b/misc/core.func
@ -123,6 +123,7 @@ icons() {
  CREATING="${TAB}🚀${TAB}${CL}"
  ADVANCED="${TAB}🧩${TAB}${CL}"
  FUSE="${TAB}🗂️${TAB}${CL}"
+  GPU="${TAB}🎮${TAB}${CL}"
  HOURGLASS="${TAB}⏳${TAB}"
 }

--- a/misc/install.func
+++ b/misc/install.func
@ -222,21 +222,12 @@ motd_ssh() {
  # Set terminal to 256-color mode
  grep -qxF "export TERM='xterm-256color'" /root/.bashrc || echo "export TERM='xterm-256color'" >>/root/.bashrc

-  # Get OS information (Debian / Ubuntu)
-  if [ -f "/etc/os-release" ]; then
-    OS_NAME=$(grep ^NAME /etc/os-release | cut -d= -f2 | tr -d '"')
-    OS_VERSION=$(grep ^VERSION_ID /etc/os-release | cut -d= -f2 | tr -d '"')
-  elif [ -f "/etc/debian_version" ]; then
-    OS_NAME="Debian"
-    OS_VERSION=$(cat /etc/debian_version)
-  fi
-
  PROFILE_FILE="/etc/profile.d/00_lxc-details.sh"
  echo "echo -e \"\"" >"$PROFILE_FILE"
  echo -e "echo -e \"${BOLD}${APPLICATION} LXC Container${CL}"\" >>"$PROFILE_FILE"
  echo -e "echo -e \"${TAB}${GATEWAY}${YW} Provided by: ${GN}community-scripts ORG ${YW}| GitHub: ${GN}https://github.com/community-scripts/ProxmoxVE${CL}\"" >>"$PROFILE_FILE"
  echo "echo \"\"" >>"$PROFILE_FILE"
-  echo -e "echo -e \"${TAB}${OS}${YW} OS: ${GN}${OS_NAME} - Version: ${OS_VERSION}${CL}\"" >>"$PROFILE_FILE"
+  echo -e "echo -e \"${TAB}${OS}${YW} OS: ${GN}\$(grep ^NAME /etc/os-release | cut -d= -f2 | tr -d '\"') - Version: \$(grep ^VERSION_ID /etc/os-release | cut -d= -f2 | tr -d '\"')${CL}\"" >>"$PROFILE_FILE"
  echo -e "echo -e \"${TAB}${HOSTNAME}${YW} Hostname: ${GN}\$(hostname)${CL}\"" >>"$PROFILE_FILE"
  echo -e "echo -e \"${TAB}${INFO}${YW} IP Address: ${GN}\$(hostname -I | awk '{print \$1}')${CL}\"" >>"$PROFILE_FILE"

--- a/misc/tools.func
+++ b/misc/tools.func
@ -72,17 +72,17 @@ stop_all_services() {
  local service_patterns=("$@")

  for pattern in "${service_patterns[@]}"; do
-    # Find all matching services
+    # Find all matching services (grep || true to handle no matches)
+    local services
+    services=$(systemctl list-units --type=service --all 2>/dev/null |
+      grep -oE "${pattern}[^ ]*\.service" 2>/dev/null | sort -u) || true

-    systemctl list-units --type=service --all 2>/dev/null |
-      grep -oE "${pattern}[^ ]*\.service" |
-      sort -u |
+    if [[ -n "$services" ]]; then
      while read -r service; do
-
        $STD systemctl stop "$service" 2>/dev/null || true
        $STD systemctl disable "$service" 2>/dev/null || true
-      done
-
+      done <<<"$services"
+    fi
  done

 }
@ -1453,15 +1453,32 @@ check_for_gh_release() {

  ensure_dependencies jq

-  # Fetch releases and exclude drafts/prereleases
-  local releases_json
+  # Try /latest endpoint for non-pinned versions (most efficient)
+  local releases_json=""
+  
+  if [[ -z "$pinned_version_in" ]]; then
    releases_json=$(curl -fsSL --max-time 20 \
      -H 'Accept: application/vnd.github+json' \
      -H 'X-GitHub-Api-Version: 2022-11-28' \
-    "https://api.github.com/repos/${source}/releases") || {
+      "https://api.github.com/repos/${source}/releases/latest" 2>/dev/null)
+    
+    if [[ $? -eq 0 ]] && [[ -n "$releases_json" ]]; then
+      # Wrap single release in array for consistent processing
+      releases_json="[$releases_json]"
+    fi
+  fi
+  
+  # If no releases yet (pinned version OR /latest failed), fetch up to 100
+  if [[ -z "$releases_json" ]]; then
+    # Fetch releases and exclude drafts/prereleases
+    releases_json=$(curl -fsSL --max-time 20 \
+      -H 'Accept: application/vnd.github+json' \
+      -H 'X-GitHub-Api-Version: 2022-11-28' \
+      "https://api.github.com/repos/${source}/releases?per_page=100") || {
      msg_error "Unable to fetch releases for ${app}"
      return 1
    }
+  fi

  mapfile -t raw_tags < <(jq -r '.[] | select(.draft==false and .prerelease==false) | .tag_name' <<<"$releases_json")
  if ((${#raw_tags[@]} == 0)); then
--- a/vm/opnsense-vm.sh
+++ b/vm/opnsense-vm.sh
@ -24,7 +24,7 @@ RANDOM_UUID="$(cat /proc/sys/kernel/random/uuid)"
 METHOD=""
 NSAPP="opnsense-vm"
 var_os="opnsense"
-var_version="25.1"
+var_version="25.7"
 #
 GEN_MAC=02:$(openssl rand -hex 5 | awk '{print toupper($0)}' | sed 's/\(..\)/\1:/g; s/.$//')
 GEN_MAC_LAN=02:$(openssl rand -hex 5 | awk '{print toupper($0)}' | sed 's/\(..\)/\1:/g; s/.$//')
@ -670,7 +670,7 @@ if [ -n "$WAN_BRG" ]; then
  msg_ok "WAN interface added"
  sleep 5  # Brief pause after adding network interface
 fi
-send_line_to_vm "sh ./opnsense-bootstrap.sh.in -y -f -r 25.1"
+send_line_to_vm "sh ./opnsense-bootstrap.sh.in -y -f -r 25.7"
 msg_ok "OPNsense VM is being installed, do not close the terminal, or the installation will fail."
 #We need to wait for the OPNsense build proccess to finish, this takes a few minutes
 sleep 1000
Author	SHA1	Message	Date
CanbiZ	1ca57736bc	Update discopanel-install.sh	2025-12-10 17:06:42 +01:00
CanbiZ	9921490e2e	Update date_created and logo in discopanel.json	2025-12-10 17:06:11 +01:00
push-app-to-main[bot]	c0af8cb9e8	Add discopanel (ct)	2025-12-10 16:03:46 +00:00
community-scripts-pr-app[bot]	da7cafd82c	Update CHANGELOG.md (#9846 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-10 16:02:54 +00:00
Slaviša Arežina	7800578ad4	Fix formatting issues in tracktor-install.sh (#9841 )	2025-12-10 17:02:25 +01:00
CanbiZ	7c39bc8787	Enable the 'disable' option in palmr.json	2025-12-10 14:27:59 +01:00
community-scripts-pr-app[bot]	7a91dc765a	Update versions.json (#9843 ) Co-authored-by: GitHub Actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-10 13:07:39 +01:00
CanbiZ	8b858f4a65	add redis	2025-12-10 07:19:55 +01:00
community-scripts-pr-app[bot]	96dc87ddd5	Update CHANGELOG.md (#9830 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-10 00:15:36 +00:00
community-scripts-pr-app[bot]	f0f1708c31	Update versions.json (#9829 ) Co-authored-by: GitHub Actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-10 01:15:09 +01:00
community-scripts-pr-app[bot]	76c4277f4b	Update CHANGELOG.md (#9825 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-09 18:27:57 +00:00
Slaviša Arežina	10ee5f2eb4	Disable Palmr (#9824 )	2025-12-09 19:27:30 +01:00
community-scripts-pr-app[bot]	9611267657	Update CHANGELOG.md (#9822 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-09 15:05:21 +00:00
community-scripts-pr-app[bot]	4dce90530b	Update CHANGELOG.md (#9821 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-09 15:05:09 +00:00
Slaviša Arežina	cb28199964	Refactor: Zigbee2MQTT (#9803 )	2025-12-09 16:04:47 +01:00
community-scripts-pr-app[bot]	c28e404bd9	Update CHANGELOG.md (#9820 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-09 15:04:36 +00:00
Slaviša Arežina	42d1f2980a	Refactor: Zerotier-One (#9804 )	2025-12-09 16:04:15 +01:00
community-scripts-pr-app[bot]	0ab80c814b	Update CHANGELOG.md (#9819 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-09 15:04:11 +00:00
community-scripts-pr-app[bot]	0f183d0b2f	Update CHANGELOG.md (#9818 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-09 15:03:51 +00:00
Slaviša Arežina	fd75b03435	Refactor (#9807 )	2025-12-09 16:03:43 +01:00
community-scripts-pr-app[bot]	2abb7db794	Update CHANGELOG.md (#9817 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-09 15:03:34 +00:00
Slaviša Arežina	f07e6a92b0	Refactor (#9808 )	2025-12-09 16:03:13 +01:00
community-scripts-pr-app[bot]	ee3c4f843d	Update CHANGELOG.md (#9816 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-09 15:03:00 +00:00
Slaviša Arežina	5ad841da76	Fixes (#9809 )	2025-12-09 16:02:38 +01:00
community-scripts-pr-app[bot]	02da3fc888	Update CHANGELOG.md (#9815 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-09 15:02:31 +00:00
Slaviša Arežina	d51c37d134	Refactor (#9810 )	2025-12-09 16:02:07 +01:00
community-scripts-pr-app[bot]	938a66a67e	Update CHANGELOG.md (#9814 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-09 15:01:58 +00:00
CanbiZ	bea9a62cce	Feature: extend advanced settings with more options & inherit app defaults (#9776 )	2025-12-09 16:01:31 +01:00
community-scripts-pr-app[bot]	1458aade19	Update CHANGELOG.md (#9813 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-09 14:58:35 +00:00
Slaviša Arežina	cf7d32548f	Refactor (#9805 )	2025-12-09 15:58:13 +01:00
community-scripts-pr-app[bot]	3be34bdac8	Update CHANGELOG.md (#9812 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-09 14:53:43 +00:00
Slaviša Arežina	6cdc26badc	Refactor: Zipline (#9801 ) * Refactor * Update icon URL	2025-12-09 15:53:19 +01:00
community-scripts-pr-app[bot]	92a26677f7	Update CHANGELOG.md (#9811 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-09 14:50:10 +00:00
Gabriel David Pragin	0bcffdc8b0	fix(tools): handle repos with 30+ pre-releases in check_for_gh_release (#9786 )	2025-12-09 15:49:43 +01:00
community-scripts-pr-app[bot]	f2597f4d35	Update CHANGELOG.md (#9806 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-09 14:24:46 +00:00
CanbiZ	7b139fa763	fix(json): correct updateable flags for 11 apps with working update scripts (#9777 ) Changed updateable from false to true for: - aria2 (apt-get update/upgrade) - casaos (apt-get update/upgrade) - daemonsync (apt-get update/upgrade) - iobroker (apt update/upgrade) - librenms (daily.sh update) - meshcentral (apt update/upgrade) - nextcloudpi (apt update/upgrade) - podman (apt update/upgrade) - tasmoadmin (apt update/upgrade) - wazuh (apt-get update/upgrade) - whisparr (apt update/upgrade)	2025-12-09 15:24:19 +01:00
community-scripts-pr-app[bot]	f6f131efab	Update CHANGELOG.md (#9800 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-09 13:22:50 +00:00
Sarthak Sidhant	e4d5ce221b	fixed grammar on one of the alerts (#9799 )	2025-12-09 14:22:23 +01:00
community-scripts-pr-app[bot]	4e182bd5b9	Update versions.json (#9797 ) Co-authored-by: GitHub Actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-09 13:06:31 +01:00
community-scripts-pr-app[bot]	12a7ecd85d	Update .app files (#9795 ) Co-authored-by: GitHub Actions <github-actions[bot]@users.noreply.github.com>	2025-12-09 10:08:03 +01:00
community-scripts-pr-app[bot]	b658959c7b	Update CHANGELOG.md (#9796 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-09 09:07:33 +00:00
push-app-to-main[bot]	5eb9d2bcdf	Add dokploy (ct) (#9793 ) Co-authored-by: push-app-to-main[bot] <203845782+push-app-to-main[bot]@users.noreply.github.com>	2025-12-09 10:07:04 +01:00
community-scripts-pr-app[bot]	7d37743981	Update CHANGELOG.md (#9794 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-09 09:05:57 +00:00
push-app-to-main[bot]	b0e7cdfe13	Coolify (#9792 ) * Add coolify (ct) * Update logo URL to use WebP format --------- Co-authored-by: push-app-to-main[bot] <203845782+push-app-to-main[bot]@users.noreply.github.com> Co-authored-by: CanbiZ <47820557+MickLesk@users.noreply.github.com>	2025-12-09 10:05:36 +01:00
community-scripts-pr-app[bot]	31c19bed09	Update CHANGELOG.md (#9788 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-09 00:13:26 +00:00
community-scripts-pr-app[bot]	bff0650d72	Update versions.json (#9787 ) Co-authored-by: GitHub Actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-09 01:13:01 +01:00
community-scripts-pr-app[bot]	d9b05882a3	Update CHANGELOG.md (#9782 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-08 18:36:34 +00:00
Slaviša Arežina	31dbf2554c	Tandoor: Remove postgres17-contrib package (#9781 ) * Remove contrib * Update * Update * Upda	2025-12-08 19:36:06 +01:00
community-scripts-pr-app[bot]	f95cc5a7ad	Update CHANGELOG.md (#9775 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-08 13:20:30 +00:00
CanbiZ	3fb9d02f36	fix: always show SSH access dialog in advanced settings (#9765 ) - SSH access dialog is now always displayed regardless of password or SSH keys - Added step indicator to SSH settings dialogs for consistency - configure_ssh_settings() now accepts optional step_info parameter - Updated documentation for SSH configuration functions Fixes #9753	2025-12-08 14:20:05 +01:00
community-scripts-pr-app[bot]	a748be9a1f	Update CHANGELOG.md (#9774 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-08 12:52:51 +00:00
CanbiZ	4d4ced6b63	feat: Add var_gpu flag for GPU passthrough configuration (#9764 ) * feat: Add var_gpu flag for GPU passthrough configuration Changes: - Add var_gpu variable to CT scripts for explicit GPU control - Remove hardcoded GPU_APPS list - GPU detection now uses var_gpu flag - Add var_gpu to VAR_WHITELIST for persistence in default.vars and app.vars - Add GPU Passthrough option (Step 19) to advanced_settings wizard (now 20 steps) - Update documentation Apps with var_gpu=yes (GPU enabled by default): - Media: jellyfin, plex, emby, channels, ersatztv, tunarr - Transcoding: tdarr, unmanic, fileflows - AI/ML: ollama, openwebui - NVR: frigate, immich Usage: - Disable GPU: var_gpu=no bash -c '$(curl -fsSL ...jellyfin.sh)' - Enable GPU: var_gpu=yes bash -c '$(curl -fsSL ...debian.sh)' - Via default.vars: echo 'var_gpu=yes' >> /usr/local/community-scripts/default.vars - Via advanced settings wizard (Step 19) * fix: tput rmcup timing, GPU line indentation, echo_default GPU display * style: add GPU icon variable for consistent formatting	2025-12-08 13:52:30 +01:00
community-scripts-pr-app[bot]	a5d017c83b	Update versions.json (#9773 ) Co-authored-by: GitHub Actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-08 13:06:10 +01:00
community-scripts-pr-app[bot]	5378d822f8	Update CHANGELOG.md (#9772 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-08 10:38:33 +00:00
Vincent Martens	243cb34d47	tandoor instead of trandoor (#9771 )	2025-12-08 11:38:08 +01:00
community-scripts-pr-app[bot]	59699425f8	Update CHANGELOG.md (#9768 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-08 00:14:20 +00:00
community-scripts-pr-app[bot]	155a8571ba	Update versions.json (#9767 ) Co-authored-by: GitHub Actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-08 01:13:57 +01:00
community-scripts-pr-app[bot]	1cae72bdec	Update CHANGELOG.md (#9762 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-07 20:48:24 +00:00
CanbiZ	531ecad4c7	Refactor: Inventree (uses now ubuntu 24.04) (#9752 )	2025-12-07 21:48:00 +01:00
community-scripts-pr-app[bot]	9e8ab9de01	Update CHANGELOG.md (#9761 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-07 20:31:58 +00:00
Slaviša Arežina	70557798ec	FAQ update (#9742 )	2025-12-07 21:31:36 +01:00
community-scripts-pr-app[bot]	4b554900ca	Update CHANGELOG.md (#9760 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-07 20:30:44 +00:00
community-scripts-pr-app[bot]	9f84eae07f	Update CHANGELOG.md (#9759 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-07 20:30:37 +00:00
CanbiZ	ba5bdd94ad	fix(tools.func): handle empty grep results in stop_all_services (#9748 )	2025-12-07 21:30:23 +01:00
community-scripts-pr-app[bot]	d18baa2177	Update CHANGELOG.md (#9758 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-07 20:30:18 +00:00
CanbiZ	779c06f232	fix(wanderer): add meilisearch dumpless upgrade for database migration (#9749 )	2025-12-07 21:30:01 +01:00
community-scripts-pr-app[bot]	9e2b6524c4	Update CHANGELOG.md (#9757 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-07 20:29:58 +00:00
CanbiZ	a328d7b8ba	fix(zammad): use Debian 12 and dynamic APT source version (#9750 )	2025-12-07 21:29:39 +01:00
community-scripts-pr-app[bot]	dfa4d82951	Update CHANGELOG.md (#9756 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-07 20:29:35 +00:00
CanbiZ	5e5a8cd104	feat(motd): dynamically read OS version on each login (#9751 )	2025-12-07 21:29:09 +01:00
community-scripts-pr-app[bot]	0da3231d3c	Update CHANGELOG.md (#9755 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-07 20:11:38 +00:00
CanbiZ	5a6a30e594	Remove Debian from GPU passthrough (#9754 )	2025-12-07 21:11:12 +01:00
community-scripts-pr-app[bot]	97ac2520ec	Update CHANGELOG.md (#9747 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-07 15:09:37 +00:00
Slaviša Arežina	bd5fe17228	ComfyUI: Fix update script (#9740 ) * Update error messages for ComfyUI installation check * Update comfyui.json * Change updateable status to true in comfyui.json * Update comfyui.json	2025-12-07 16:09:14 +01:00
community-scripts-pr-app[bot]	f42586c083	Update versions.json (#9745 ) Co-authored-by: GitHub Actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-07 13:05:30 +01:00
community-scripts-pr-app[bot]	fab5539c82	Update CHANGELOG.md (#9744 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-07 11:39:00 +00:00
Copilot	1ecb5bbeab	Add DJANGO_SECRET_KEY support for Dispatcharr v0.13.1+ (#9730 ) * Initial plan * Add DJANGO_SECRET_KEY support for Dispatcharr v0.13.1+ Co-authored-by: MickLesk <47820557+MickLesk@users.noreply.github.com> * Improve DJANGO_SECRET_KEY generation to ensure consistent 50 character length Co-authored-by: MickLesk <47820557+MickLesk@users.noreply.github.com> * short --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: MickLesk <47820557+MickLesk@users.noreply.github.com>	2025-12-07 12:38:37 +01:00
community-scripts-pr-app[bot]	64dbd4e9f7	Update CHANGELOG.md (#9737 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-07 08:37:17 +00:00
ltsch	2ba63b28f0	Update OPNsense version from 25.1 to 25.7 (#9736 )	2025-12-07 09:36:47 +01:00
community-scripts-pr-app[bot]	2a3b09b413	Update CHANGELOG.md (#9735 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-07 00:16:08 +00:00
community-scripts-pr-app[bot]	d6ca5676df	Update versions.json (#9734 ) Co-authored-by: GitHub Actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-07 01:15:43 +01:00
Tobias	478194ba1a	Update composer command path in bookstack.sh (#9656 )	2025-12-06 16:55:45 +01:00
community-scripts-pr-app[bot]	d241c03b3d	Update CHANGELOG.md (#9724 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-06 15:40:28 +00:00
Slaviša Arežina	8cd037ff88	Remove InfluxData source list post-installation (#9723 )	2025-12-06 16:40:06 +01:00
community-scripts-pr-app[bot]	fb15c13833	Update CHANGELOG.md (#9722 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-06 15:04:53 +00:00
Slaviša Arežina	e95541260b	Update InfluxDB repository key URL (#9720 )	2025-12-06 16:04:27 +01:00
community-scripts-pr-app[bot]	a37ac14907	Update versions.json (#9718 ) Co-authored-by: GitHub Actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-06 13:05:20 +01:00
community-scripts-pr-app[bot]	74a870bc5c	Update CHANGELOG.md (#9717 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-06 10:42:04 +00:00
sgaert	e0f65f2db8	pin Portainer Update to CE Version only (#9710 )	2025-12-06 11:41:43 +01:00
community-scripts-pr-app[bot]	01b246f375	Update CHANGELOG.md (#9716 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-06 10:09:12 +00:00
Alex Indigo	53dd0efddd	Update domain-locker-install.sh to enable auto-start after reboot (#9715 ) * Update domain-locker-install.sh It should be `systemctl enable --now`, so service would start again after reboot. * Apply suggestion from @tremor021 --------- Co-authored-by: Slaviša Arežina <58952836+tremor021@users.noreply.github.com>	2025-12-06 11:08:40 +01:00