huntarr-install.sh

Root cause: post_update_to_api set POST_UPDATE_DONE=true even after
all 3 retry attempts failed (curl timeout, API error). This prevented
the EXIT trap (api_exit_script) from retrying with fresh attempts.

Changes:
- Only set POST_UPDATE_DONE=true on actual HTTP 2xx success
- If all 3 attempts fail, EXIT trap gets 3 more fresh attempts
- Increase timeout from 5s to 10s for final status updates (STATUS_TIMEOUT)
  Progress pings keep 5s (TELEMETRY_TIMEOUT) since they're lightweight
- post_update_to_api_extended: add proper retry logic + HTTP code check
  (was fire-and-forget with no retry)

CHANGELOG.md

@@ -409,6 +409,33 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit
 
 ## 2026-02-23
 
+### 🆕 New Scripts
+
+  - SparkyFitness ([#12185](https://github.com/community-scripts/ProxmoxVE/pull/12185))
+- Frigate v16.4 [@MickLesk](https://github.com/MickLesk) ([#11887](https://github.com/community-scripts/ProxmoxVE/pull/11887))
+
+### 🚀 Updated Scripts
+
+  - #### ✨ New Features
+
+    - core: Enhance signal handling, reported "status" and logs [@MickLesk](https://github.com/MickLesk) ([#12216](https://github.com/community-scripts/ProxmoxVE/pull/12216))
+
+### 💾 Core
+
+  - #### 🔧 Refactor
+
+    - core: Improve error handling and logging for LXC builds [@MickLesk](https://github.com/MickLesk) ([#12208](https://github.com/community-scripts/ProxmoxVE/pull/12208))
+
+### 🌐 Website
+
+  - #### 🐞 Bug Fixes
+
+    - calibre-web: update default credentials [@LaevaertK](https://github.com/LaevaertK) ([#12201](https://github.com/community-scripts/ProxmoxVE/pull/12201))
+
+  - #### 📝 Script Information
+
+    - chore: update Frigate documentation and website URLs [@JohnICB](https://github.com/JohnICB) ([#12218](https://github.com/community-scripts/ProxmoxVE/pull/12218))
+
 ## 2026-02-22
 
 ### 🆕 New Scripts

ct/frigate.sh

@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
-source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
-# Copyright (c) 2021-2026 tteck
-# Authors: tteck (tteckster)
+source <(curl -fsSL https://git.community-scripts.org/community-scripts/ProxmoxVE/raw/branch/main/misc/build.func)
+# Copyright (c) 2021-2026 community-scripts ORG
+# Authors: MickLesk (CanbiZ) | Co-Author: remz1337
 # License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
 # Source: https://frigate.video/
 
@@ -11,7 +11,7 @@ var_cpu="${var_cpu:-4}"
 var_ram="${var_ram:-4096}"
 var_disk="${var_disk:-20}"
 var_os="${var_os:-debian}"
-var_version="${var_version:-11}"
+var_version="${var_version:-12}"
 var_unprivileged="${var_unprivileged:-0}"
 var_gpu="${var_gpu:-yes}"
 
@@ -21,15 +21,15 @@ color
 catch_errors
 
 function update_script() {
-  header_info
-  check_container_storage
-  check_container_resources
-  if [[ ! -f /etc/systemd/system/frigate.service ]]; then
-    msg_error "No ${APP} Installation Found!"
+    header_info
+    check_container_storage
+    check_container_resources
+    if [[ ! -f /etc/systemd/system/frigate.service ]]; then
+        msg_error "No ${APP} Installation Found!"
+        exit
+    fi
+    msg_error "To update Frigate, create a new container and transfer your configuration."
     exit
-  fi
-  msg_error "To update Frigate, create a new container and transfer your configuration."
-  exit
 }
 
 start

ct/headers/sparkyfitness

@@ -0,0 +1,6 @@
+   _____                  __         _______ __                      
+  / ___/____  ____ ______/ /____  __/ ____(_) /_____  ___  __________
+  \__ \/ __ \/ __ `/ ___/ //_/ / / / /_  / / __/ __ \/ _ \/ ___/ ___/
+ ___/ / /_/ / /_/ / /  / ,< / /_/ / __/ / / /_/ / / /  __(__  |__  ) 
+/____/ .___/\__,_/_/  /_/|_|\__, /_/   /_/\__/_/ /_/\___/____/____/  
+    /_/                    /____/                                    

ct/huntarr.sh

@@ -1,62 +0,0 @@
-#!/usr/bin/env bash
-source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
-# Copyright (c) 2021-2026 community-scripts ORG
-# Author: BiluliB
-# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
-# Source: https://github.com/plexguide/Huntarr.io
-
-APP="huntarr"
-var_tags="${var_tags:-arr}"
-var_cpu="${var_cpu:-2}"
-var_ram="${var_ram:-1024}"
-var_disk="${var_disk:-4}"
-var_os="${var_os:-debian}"
-var_version="${var_version:-13}"
-var_unprivileged="${var_unprivileged:-1}"
-
-header_info "$APP"
-variables
-color
-catch_errors
-
-function update_script() {
-  header_info
-  check_container_storage
-  check_container_resources
-
-  if [[ ! -f /opt/huntarr/main.py ]]; then
-    msg_error "No ${APP} Installation Found!"
-    exit
-  fi
-
-  PYTHON_VERSION="3.12" setup_uv
-
-  if check_for_gh_release "huntarr" "plexguide/Huntarr.io"; then
-    msg_info "Stopping Service"
-    systemctl stop huntarr
-    msg_ok "Stopped Service"
-    
-    ensure_dependencies build-essential
-    fetch_and_deploy_gh_release "huntarr" "plexguide/Huntarr.io" "tarball"
-
-    msg_info "Updating Huntarr"
-    cd /opt/huntarr
-    $STD uv pip install -r requirements.txt --python /opt/huntarr/.venv/bin/python
-    msg_ok "Updated Huntarr"
-
-    msg_info "Starting Service"
-    systemctl start huntarr
-    msg_ok "Started Service"
-    msg_ok "Updated successfully!"
-  fi
-  exit
-}
-
-start
-build_container
-description
-
-msg_ok "Completed successfully!\n"
-echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
-echo -e "${INFO}${YW} Access it using the following URL:${CL}"
-echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:9705${CL}"

ct/sparkyfitness.sh

@@ -0,0 +1,83 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: Tom Frenzel (tomfrenzel)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/CodeWithCJ/SparkyFitness
+
+APP="SparkyFitness"
+var_tags="${var_tags:-health;fitness}"
+var_cpu="${var_cpu:-2}"
+var_ram="${var_ram:-2048}"
+var_disk="${var_disk:-4}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-13}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+
+  if [[ ! -d /opt/sparkyfitness ]]; then
+    msg_error "No ${APP} Installation Found!"
+    exit
+  fi
+
+  NODE_VERSION="25" setup_nodejs
+
+  if check_for_gh_release "sparkyfitness" "CodeWithCJ/SparkyFitness"; then
+    msg_info "Stopping Services"
+    systemctl stop sparkyfitness-server nginx
+    msg_ok "Stopped Services"
+
+    msg_info "Backing up data"
+    mkdir -p /opt/sparkyfitness_backup
+    if [[ -d /opt/sparkyfitness/SparkyFitnessServer/uploads ]]; then
+      cp -r /opt/sparkyfitness/SparkyFitnessServer/uploads /opt/sparkyfitness_backup/
+    fi
+    if [[ -d /opt/sparkyfitness/SparkyFitnessServer/backup ]]; then
+      cp -r /opt/sparkyfitness/SparkyFitnessServer/backup /opt/sparkyfitness_backup/
+    fi
+    msg_ok "Backed up data"
+
+    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "sparkyfitness" "CodeWithCJ/SparkyFitness" "tarball"
+
+    msg_info "Updating Sparky Fitness Backend"
+    cd /opt/sparkyfitness/SparkyFitnessServer
+    $STD npm install
+    msg_ok "Updated Sparky Fitness Backend"
+
+    msg_info "Updating Sparky Fitness Frontend (Patience)"
+    cd /opt/sparkyfitness/SparkyFitnessFrontend
+    $STD npm install
+    $STD npm run build
+    cp -a /opt/sparkyfitness/SparkyFitnessFrontend/dist/. /var/www/sparkyfitness/
+    msg_ok "Updated Sparky Fitness Frontend"
+
+    msg_info "Restoring data"
+    cp -r /opt/sparkyfitness_backup/. /opt/sparkyfitness/SparkyFitnessServer/
+    rm -rf /opt/sparkyfitness_backup
+    msg_ok "Restored data"
+
+    msg_info "Starting Services"
+    $STD systemctl start sparkyfitness-server nginx
+    msg_ok "Started Services"
+    msg_ok "Updated successfully!"
+  fi
+  exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}http://${IP}${CL}"

frontend/public/json/calibre-web.json

@@ -28,14 +28,10 @@
     }
   ],
   "default_credentials": {
-    "username": null,
-    "password": null
+    "username": "admin",
+    "password": "admin123"
   },
   "notes": [
-    {
-      "text": "No credentials are set by this script. Complete setup and create credentials in the first-run wizard.",
-      "type": "info"
-    },
     {
       "text": "Upload your Calibre library metadata.db during first setup wizard.",
       "type": "info"

frontend/public/json/frigate.json

@@ -0,0 +1,44 @@
+{
+  "name": "Frigate",
+  "slug": "frigate",
+  "categories": [
+    15
+  ],
+  "date_created": "2026-02-23",
+  "type": "ct",
+  "updateable": false,
+  "privileged": false,
+  "config_path": "/config/config.yml",
+  "interface_port": 5000,
+  "documentation": "https://docs.frigate.video/",
+  "website": "https://frigate.video/",
+  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/frigate-light.webp",
+  "description": "Frigate is a complete and local NVR (Network Video Recorder) with realtime AI object detection for CCTV cameras.",
+  "install_methods": [
+    {
+      "type": "default",
+      "script": "ct/frigate.sh",
+      "resources": {
+        "cpu": 4,
+        "ram": 4096,
+        "hdd": 20,
+        "os": "Debian",
+        "version": "12"
+      }
+    }
+  ],
+  "default_credentials": {
+    "username": null,
+    "password": null
+  },
+  "notes": [
+    {
+      "text": "SemanticSearch is not pre-installed due to high resource requirements (8+ cores, 16-24GB RAM, GPU recommended). Manual configuration required if needed.",
+      "type": "info"
+    },
+    {
+      "text": "OpenVino detector may fail on older CPUs (pre-Haswell/AVX2). If you encounter 'Illegal instruction' errors, consider using alternative detectors.",
+      "type": "warning"
+    }
+  ]
+}

frontend/public/json/frigate.json.bak

@@ -1,44 +0,0 @@
-{
-  "name": "Frigate",
-  "slug": "frigate",
-  "categories": [
-    15
-  ],
-  "date_created": "2024-05-02",
-  "type": "ct",
-  "updateable": false,
-  "privileged": true,
-  "interface_port": 5000,
-  "documentation": "https://docs.frigate.video/",
-  "website": "https://frigate.video/",
-  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/frigate.webp",
-  "config_path": "",
-  "description": "Frigate is an open source NVR built around real-time AI object detection. All processing is performed locally on your own hardware, and your camera feeds never leave your home.",
-  "install_methods": [
-    {
-      "type": "default",
-      "script": "ct/frigate.sh",
-      "resources": {
-        "cpu": 4,
-        "ram": 4096,
-        "hdd": 20,
-        "os": "debian",
-        "version": "11"
-      }
-    }
-  ],
-  "default_credentials": {
-    "username": null,
-    "password": null
-  },
-  "notes": [
-    {
-      "text": "Discussions (explore more advanced methods): `https://github.com/tteck/Proxmox/discussions/2711`",
-      "type": "info"
-    },
-    {
-      "text": "go2rtc Interface port:`1984`",
-      "type": "info"
-    }
-  ]
-}

frontend/public/json/github-versions.json

@@ -1,5 +1,5 @@
 {
-  "generated": "2026-02-23T00:22:07Z",
+  "generated": "2026-02-23T12:14:19Z",
   "versions": [
     {
       "slug": "2fauth",
@@ -200,9 +200,9 @@
     {
       "slug": "cleanuparr",
       "repo": "Cleanuparr/Cleanuparr",
-      "version": "v2.7.0",
+      "version": "v2.7.1",
       "pinned": false,
-      "date": "2026-02-22T18:17:27Z"
+      "date": "2026-02-23T09:58:13Z"
     },
     {
       "slug": "cloudreve",
@@ -421,6 +421,13 @@
       "pinned": false,
       "date": "2026-01-25T18:20:14Z"
     },
+    {
+      "slug": "frigate",
+      "repo": "blakeblackshear/frigate",
+      "version": "v0.16.4",
+      "pinned": true,
+      "date": "2026-01-29T00:42:14Z"
+    },
     {
       "slug": "gatus",
       "repo": "TwiN/gatus",
@@ -578,9 +585,9 @@
     {
       "slug": "huntarr",
       "repo": "plexguide/Huntarr.io",
-      "version": "9.3.7",
+      "version": "9.4.1",
       "pinned": false,
-      "date": "2026-02-19T01:03:53Z"
+      "date": "2026-02-23T08:46:37Z"
     },
     {
       "slug": "immich-public-proxy",
@@ -613,9 +620,9 @@
     {
       "slug": "jackett",
       "repo": "Jackett/Jackett",
-      "version": "v0.24.1178",
+      "version": "v0.24.1184",
       "pinned": false,
-      "date": "2026-02-22T05:51:41Z"
+      "date": "2026-02-23T05:55:36Z"
     },
     {
       "slug": "jellystat",
@@ -1334,9 +1341,9 @@
     {
       "slug": "scanopy",
       "repo": "scanopy/scanopy",
-      "version": "v0.14.6",
+      "version": "v0.14.7",
       "pinned": false,
-      "date": "2026-02-18T16:54:14Z"
+      "date": "2026-02-23T01:36:44Z"
     },
     {
       "slug": "scraparr",
@@ -1663,9 +1670,9 @@
     {
       "slug": "wanderer",
       "repo": "meilisearch/meilisearch",
-      "version": "v1.35.1",
+      "version": "v1.36.0",
       "pinned": false,
-      "date": "2026-02-16T17:01:17Z"
+      "date": "2026-02-23T08:13:32Z"
     },
     {
       "slug": "warracker",

frontend/public/json/sparkyfitness.json

@@ -0,0 +1,35 @@
+{
+  "name": "SparkyFitness",
+  "slug": "sparkyfitness",
+  "categories": [
+    9
+  ],
+  "date_created": "2026-02-23",
+  "type": "ct",
+  "updateable": true,
+  "privileged": false,
+  "interface_port": 80,
+  "documentation": "https://codewithcj.github.io/SparkyFitness",
+  "website": "https://github.com/CodeWithCJ/SparkyFitness",
+  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/sparkyfitness.webp",
+  "config_path": "/etc/sparkyfitness/.env",
+  "description": "A self-hosted, privacy-first alternative to MyFitnessPal. Track nutrition, exercise, body metrics, and health data while keeping full control of your data.",
+  "install_methods": [
+    {
+      "type": "default",
+      "script": "ct/sparkyfitness.sh",
+      "resources": {
+        "cpu": 2,
+        "ram": 2048,
+        "hdd": 4,
+        "os": "Debian",
+        "version": "13"
+      }
+    }
+  ],
+  "default_credentials": {
+    "username": null,
+    "password": null
+  },
+  "notes": []
+}

install/frigate-install.sh

@@ -1,8 +1,8 @@
 #!/usr/bin/env bash
 
-# Copyright (c) 2021-2026 tteck
-# Author: tteck (tteckster)
-# Co-Author: remz1337
+# Copyright (c) 2021-2026 community-scripts ORG
+# Authors: MickLesk (CanbiZ)
+# Co-Authors: remz1337
 # License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
 # Source: https://frigate.video/
 
@@ -14,60 +14,224 @@ setting_up_container
 network_check
 update_os
 
-msg_info "Installing Dependencies (Patience)"
-$STD apt-get install -y {git,ca-certificates,automake,build-essential,xz-utils,libtool,ccache,pkg-config,libgtk-3-dev,libavcodec-dev,libavformat-dev,libswscale-dev,libv4l-dev,libxvidcore-dev,libx264-dev,libjpeg-dev,libpng-dev,libtiff-dev,gfortran,openexr,libatlas-base-dev,libssl-dev,libtbb2,libtbb-dev,libdc1394-22-dev,libopenexr-dev,libgstreamer-plugins-base1.0-dev,libgstreamer1.0-dev,gcc,gfortran,libopenblas-dev,liblapack-dev,libusb-1.0-0-dev,jq,moreutils}
+source /etc/os-release
+if [[ "$VERSION_ID" != "12" ]]; then
+  msg_error "Frigate requires Debian 12 (Bookworm) due to Python 3.11 dependencies"
+  exit 1
+fi
+
+msg_info "Converting APT sources to DEB822 format"
+if [ -f /etc/apt/sources.list ]; then
+  cat >/etc/apt/sources.list.d/debian.sources <<'EOF'
+Types: deb
+URIs: http://deb.debian.org/debian
+Suites: bookworm
+Components: main contrib
+Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
+
+Types: deb
+URIs: http://deb.debian.org/debian
+Suites: bookworm-updates
+Components: main contrib
+Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
+
+Types: deb
+URIs: http://security.debian.org
+Suites: bookworm-security
+Components: main contrib
+Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
+EOF
+  mv /etc/apt/sources.list /etc/apt/sources.list.bak
+  $STD apt update
+fi
+msg_ok "Converted APT sources"
+
+msg_info "Installing Dependencies"
+$STD apt install -y \
+  xz-utils \
+  python3 \
+  python3-dev \
+  python3-pip \
+  gcc \
+  pkg-config \
+  libhdf5-dev \
+  build-essential \
+  automake \
+  libtool \
+  ccache \
+  libusb-1.0-0-dev \
+  apt-transport-https \
+  cmake \
+  git \
+  libgtk-3-dev \
+  libavcodec-dev \
+  libavformat-dev \
+  libswscale-dev \
+  libv4l-dev \
+  libxvidcore-dev \
+  libx264-dev \
+  libjpeg-dev \
+  libpng-dev \
+  libtiff-dev \
+  gfortran \
+  openexr \
+  libssl-dev \
+  libtbbmalloc2 \
+  libtbb-dev \
+  libdc1394-dev \
+  libopenexr-dev \
+  libgstreamer-plugins-base1.0-dev \
+  libgstreamer1.0-dev \
+  tclsh \
+  libopenblas-dev \
+  liblapack-dev \
+  make \
+  moreutils
 msg_ok "Installed Dependencies"
 
-msg_info "Setup Python3"
-$STD apt-get install -y {python3,python3-dev,python3-setuptools,python3-distutils,python3-pip}
-$STD pip install --upgrade pip
-msg_ok "Setup Python3"
-
-NODE_VERSION="22" setup_nodejs
-
-msg_info "Installing go2rtc"
-mkdir -p /usr/local/go2rtc/bin
-cd /usr/local/go2rtc/bin
-curl -fsSL "https://github.com/AlexxIT/go2rtc/releases/latest/download/go2rtc_linux_amd64" -o "go2rtc"
-chmod +x go2rtc
-$STD ln -svf /usr/local/go2rtc/bin/go2rtc /usr/local/bin/go2rtc
-msg_ok "Installed go2rtc"
-
 setup_hwaccel
 
-msg_info "Installing Frigate v0.14.1 (Perseverance)"
-cd ~
-mkdir -p /opt/frigate/models
-curl -fsSL "https://github.com/blakeblackshear/frigate/archive/refs/tags/v0.14.1.tar.gz" -o "frigate.tar.gz"
-tar -xzf frigate.tar.gz -C /opt/frigate --strip-components 1
-rm -rf frigate.tar.gz
-cd /opt/frigate
-$STD pip3 wheel --wheel-dir=/wheels -r /opt/frigate/docker/main/requirements-wheels.txt
-cp -a /opt/frigate/docker/main/rootfs/. /
 export TARGETARCH="amd64"
-echo 'libc6 libraries/restart-without-asking boolean true' | debconf-set-selections
-$STD /opt/frigate/docker/main/install_deps.sh
-$STD apt update
-$STD ln -svf /usr/lib/btbn-ffmpeg/bin/ffmpeg /usr/local/bin/ffmpeg
-$STD ln -svf /usr/lib/btbn-ffmpeg/bin/ffprobe /usr/local/bin/ffprobe
+export CCACHE_DIR=/root/.ccache
+export CCACHE_MAXSIZE=2G
+export APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=DontWarn
+export PIP_BREAK_SYSTEM_PACKAGES=1
+export NVIDIA_VISIBLE_DEVICES=all
+export NVIDIA_DRIVER_CAPABILITIES="compute,video,utility"
+export TOKENIZERS_PARALLELISM=true
+export TRANSFORMERS_NO_ADVISORY_WARNINGS=1
+export OPENCV_FFMPEG_LOGLEVEL=8
+export HAILORT_LOGGER_PATH=NONE
+
+fetch_and_deploy_gh_release "frigate" "blakeblackshear/frigate" "tarball" "v0.16.4" "/opt/frigate"
+
+msg_info "Building Nginx"
+$STD bash /opt/frigate/docker/main/build_nginx.sh
+sed -e '/s6-notifyoncheck/ s/^#*/#/' -i /opt/frigate/docker/main/rootfs/etc/s6-overlay/s6-rc.d/nginx/run
+ln -sf /usr/local/nginx/sbin/nginx /usr/local/bin/nginx
+msg_ok "Built Nginx"
+
+msg_info "Building SQLite Extensions"
+$STD bash /opt/frigate/docker/main/build_sqlite_vec.sh
+msg_ok "Built SQLite Extensions"
+
+fetch_and_deploy_gh_release "go2rtc" "AlexxIT/go2rtc" "singlefile" "latest" "/usr/local/go2rtc/bin" "go2rtc_linux_amd64"
+
+msg_info "Installing Tempio"
+sed -i 's|/rootfs/usr/local|/usr/local|g' /opt/frigate/docker/main/install_tempio.sh
+$STD bash /opt/frigate/docker/main/install_tempio.sh
+ln -sf /usr/local/tempio/bin/tempio /usr/local/bin/tempio
+msg_ok "Installed Tempio"
+
+msg_info "Building libUSB"
+fetch_and_deploy_gh_release "libusb" "libusb/libusb" "tarball" "v1.0.26" "/opt/libusb"
+cd /opt/libusb
+$STD ./bootstrap.sh
+$STD ./configure CC='ccache gcc' CCX='ccache g++' --disable-udev --enable-shared
+$STD make -j "$(nproc)"
+cd /opt/libusb/libusb
+mkdir -p /usr/local/lib /usr/local/include/libusb-1.0 /usr/local/lib/pkgconfig
+$STD bash ../libtool --mode=install /usr/bin/install -c libusb-1.0.la /usr/local/lib
+install -c -m 644 libusb.h /usr/local/include/libusb-1.0
+cd /opt/libusb/
+install -c -m 644 libusb-1.0.pc /usr/local/lib/pkgconfig
+ldconfig
+msg_ok "Built libUSB"
+
+msg_info "Installing Python Dependencies"
+$STD pip3 install -r /opt/frigate/docker/main/requirements.txt
+msg_ok "Installed Python Dependencies"
+
+msg_info "Building Python Wheels (Patience)"
+mkdir -p /wheels
+sed -i 's|^SQLITE3_VERSION=.*|SQLITE3_VERSION="version-3.46.0"|g' /opt/frigate/docker/main/build_pysqlite3.sh
+$STD bash /opt/frigate/docker/main/build_pysqlite3.sh
+for i in {1..3}; do
+  $STD pip3 wheel --wheel-dir=/wheels -r /opt/frigate/docker/main/requirements-wheels.txt --default-timeout=300 --retries=3 && break
+  [[ $i -lt 3 ]] && sleep 10
+done
+msg_ok "Built Python Wheels"
+
+NODE_VERSION="22" NODE_MODULE="yarn" setup_nodejs
+
+msg_info "Downloading Inference Models"
+mkdir -p /models /openvino-model
+wget -q -O /edgetpu_model.tflite https://github.com/google-coral/test_data/raw/release-frogfish/ssdlite_mobiledet_coco_qat_postprocess_edgetpu.tflite
+wget -q -O /models/cpu_model.tflite https://github.com/google-coral/test_data/raw/release-frogfish/ssdlite_mobiledet_coco_qat_postprocess.tflite
+cp /opt/frigate/labelmap.txt /labelmap.txt
+msg_ok "Downloaded Inference Models"
+
+msg_info "Downloading Audio Model"
+wget -q -O /tmp/yamnet.tar.gz https://www.kaggle.com/api/v1/models/google/yamnet/tfLite/classification-tflite/1/download
+$STD tar xzf /tmp/yamnet.tar.gz -C /
+mv /1.tflite /cpu_audio_model.tflite
+cp /opt/frigate/audio-labelmap.txt /audio-labelmap.txt
+rm -f /tmp/yamnet.tar.gz
+msg_ok "Downloaded Audio Model"
+
+msg_info "Installing HailoRT Runtime"
+$STD bash /opt/frigate/docker/main/install_hailort.sh
+cp -a /opt/frigate/docker/main/rootfs/. /
+sed -i '/^.*unset DEBIAN_FRONTEND.*$/d' /opt/frigate/docker/main/install_deps.sh
+echo "libedgetpu1-max libedgetpu/accepted-eula boolean true" | debconf-set-selections
+echo "libedgetpu1-max libedgetpu/install-confirm-max boolean true" | debconf-set-selections
+# Allow Frigate's Intel media packages to overwrite files from system GPU driver packages
+echo 'force-overwrite' >/etc/dpkg/dpkg.cfg.d/force-overwrite
+$STD bash /opt/frigate/docker/main/install_deps.sh
+rm -f /etc/dpkg/dpkg.cfg.d/force-overwrite
 $STD pip3 install -U /wheels/*.whl
 ldconfig
+msg_ok "Installed HailoRT Runtime"
+
+msg_info "Installing OpenVino"
+$STD pip3 install -r /opt/frigate/docker/main/requirements-ov.txt
+msg_ok "Installed OpenVino"
+
+msg_info "Building OpenVino Model"
+cd /models
+wget -q http://download.tensorflow.org/models/object_detection/ssdlite_mobilenet_v2_coco_2018_05_09.tar.gz
+$STD tar -zxf ssdlite_mobilenet_v2_coco_2018_05_09.tar.gz --no-same-owner
+if $STD python3 /opt/frigate/docker/main/build_ov_model.py; then
+  cp /models/ssdlite_mobilenet_v2.xml /openvino-model/
+  cp /models/ssdlite_mobilenet_v2.bin /openvino-model/
+  wget -q https://github.com/openvinotoolkit/open_model_zoo/raw/master/data/dataset_classes/coco_91cl_bkgr.txt -O /openvino-model/coco_91cl_bkgr.txt
+  sed -i 's/truck/car/g' /openvino-model/coco_91cl_bkgr.txt
+  msg_ok "Built OpenVino Model"
+else
+  msg_warn "OpenVino build failed (CPU may not support required instructions). Frigate will use CPU model."
+fi
+
+msg_info "Building Frigate Application (Patience)"
+cd /opt/frigate
 $STD pip3 install -r /opt/frigate/docker/main/requirements-dev.txt
-$STD /opt/frigate/.devcontainer/initialize.sh
+$STD bash /opt/frigate/.devcontainer/initialize.sh
 $STD make version
 cd /opt/frigate/web
 $STD npm install
 $STD npm run build
 cp -r /opt/frigate/web/dist/* /opt/frigate/web/
-cp -r /opt/frigate/config/. /config
 sed -i '/^s6-svc -O \.$/s/^/#/' /opt/frigate/docker/main/rootfs/etc/s6-overlay/s6-rc.d/frigate/run
+msg_ok "Built Frigate Application"
+
+msg_info "Configuring Frigate"
+mkdir -p /config /media/frigate
+cp -r /opt/frigate/config/. /config
+
+curl -fsSL "https://github.com/intel-iot-devkit/sample-videos/raw/master/person-bicycle-car-detection.mp4" -o "/media/frigate/person-bicycle-car-detection.mp4"
+
+echo "tmpfs   /tmp/cache      tmpfs   defaults        0       0" >>/etc/fstab
+
+cat <<EOF >/etc/frigate.env
+DEFAULT_FFMPEG_VERSION="7.0"
+INCLUDED_FFMPEG_VERSIONS="7.0:5.0"
+EOF
+
 cat <<EOF >/config/config.yml
 mqtt:
   enabled: false
 cameras:
   test:
     ffmpeg:
-      #hwaccel_args: preset-vaapi
       inputs:
         - path: /media/frigate/person-bicycle-car-detection.mp4
           input_args: -re -stream_loop -1 -fflags +genpts
@@ -78,96 +242,42 @@ cameras:
       height: 1080
       width: 1920
       fps: 5
+auth:
+  enabled: false
+detect:
+  enabled: false
 EOF
-ln -sf /config/config.yml /opt/frigate/config/config.yml
-if [[ "$CTTYPE" == "0" ]]; then
-  sed -i -e 's/^kvm:x:104:$/render:x:104:root,frigate/' -e 's/^render:x:105:root$/kvm:x:105:/' /etc/group
-else
-  sed -i -e 's/^kvm:x:104:$/render:x:104:frigate/' -e 's/^render:x:105:$/kvm:x:105:/' /etc/group
-fi
-echo "tmpfs   /tmp/cache      tmpfs   defaults        0       0" >>/etc/fstab
-msg_ok "Installed Frigate"
 
-if grep -q -o -m1 -E 'avx[^ ]*' /proc/cpuinfo; then
-  msg_ok "AVX Support Detected"
-  msg_info "Installing Openvino Object Detection Model (Resilience)"
-  $STD pip install -r /opt/frigate/docker/main/requirements-ov.txt
-  cd /opt/frigate/models
-  export ENABLE_ANALYTICS=NO
-  $STD /usr/local/bin/omz_downloader --name ssdlite_mobilenet_v2 --num_attempts 2
-  $STD /usr/local/bin/omz_converter --name ssdlite_mobilenet_v2 --precision FP16 --mo /usr/local/bin/mo
-  cd /
-  cp -r /opt/frigate/models/public/ssdlite_mobilenet_v2 openvino-model
-  curl -fsSL "https://github.com/openvinotoolkit/open_model_zoo/raw/master/data/dataset_classes/coco_91cl_bkgr.txt" -o "openvino-model/coco_91cl_bkgr.txt"
-  sed -i 's/truck/car/g' openvino-model/coco_91cl_bkgr.txt
+if grep -q -o -m1 -E 'avx[^ ]*|sse4_2' /proc/cpuinfo; then
   cat <<EOF >>/config/config.yml
+ffmpeg:
+  hwaccel_args: auto
 detectors:
-  ov:
+  detector01:
     type: openvino
-    device: CPU
-    model:
-      path: /openvino-model/FP16/ssdlite_mobilenet_v2.xml
 model:
   width: 300
   height: 300
   input_tensor: nhwc
   input_pixel_format: bgr
+  path: /openvino-model/ssdlite_mobilenet_v2.xml
   labelmap_path: /openvino-model/coco_91cl_bkgr.txt
 EOF
-  msg_ok "Installed Openvino Object Detection Model"
 else
   cat <<EOF >>/config/config.yml
+ffmpeg:
+  hwaccel_args: auto
 model:
   path: /cpu_model.tflite
 EOF
 fi
-
-msg_info "Installing Coral Object Detection Model (Patience)"
-cd /opt/frigate
-export CCACHE_DIR=/root/.ccache
-export CCACHE_MAXSIZE=2G
-curl -fsSL "https://github.com/libusb/libusb/archive/v1.0.26.zip" -o "v1.0.26.zip"
-$STD unzip v1.0.26.zip
-rm v1.0.26.zip
-cd libusb-1.0.26
-$STD ./bootstrap.sh
-$STD ./configure --disable-udev --enable-shared
-$STD make -j $(nproc --all)
-cd /opt/frigate/libusb-1.0.26/libusb
-mkdir -p /usr/local/lib
-$STD /bin/bash ../libtool --mode=install /usr/bin/install -c libusb-1.0.la '/usr/local/lib'
-mkdir -p /usr/local/include/libusb-1.0
-$STD /usr/bin/install -c -m 644 libusb.h '/usr/local/include/libusb-1.0'
-ldconfig
-cd /
-curl -fsSL "https://github.com/google-coral/test_data/raw/release-frogfish/ssdlite_mobiledet_coco_qat_postprocess_edgetpu.tflite" -o "edgetpu_model.tflite"
-curl -fsSL "https://github.com/google-coral/test_data/raw/release-frogfish/ssdlite_mobiledet_coco_qat_postprocess.tflite" -o "cpu_model.tflite"
-cp /opt/frigate/labelmap.txt /labelmap.txt
-curl -fsSL "https://www.kaggle.com/api/v1/models/google/yamnet/tfLite/classification-tflite/1/download" -o "yamnet-tflite-classification-tflite-v1.tar.gz"
-tar xzf yamnet-tflite-classification-tflite-v1.tar.gz
-rm -rf yamnet-tflite-classification-tflite-v1.tar.gz
-mv 1.tflite cpu_audio_model.tflite
-cp /opt/frigate/audio-labelmap.txt /audio-labelmap.txt
-mkdir -p /media/frigate
-curl -fsSL "https://github.com/intel-iot-devkit/sample-videos/raw/master/person-bicycle-car-detection.mp4" -o "/media/frigate/person-bicycle-car-detection.mp4"
-msg_ok "Installed Coral Object Detection Model"
-
-msg_info "Building Nginx with Custom Modules"
-$STD /opt/frigate/docker/main/build_nginx.sh
-sed -e '/s6-notifyoncheck/ s/^#*/#/' -i /opt/frigate/docker/main/rootfs/etc/s6-overlay/s6-rc.d/nginx/run
-ln -sf /usr/local/nginx/sbin/nginx /usr/local/bin/nginx
-msg_ok "Built Nginx"
-
-msg_info "Installing Tempio"
-sed -i 's|/rootfs/usr/local|/usr/local|g' /opt/frigate/docker/main/install_tempio.sh
-$STD /opt/frigate/docker/main/install_tempio.sh
-ln -sf /usr/local/tempio/bin/tempio /usr/local/bin/tempio
-msg_ok "Installed Tempio"
+msg_ok "Configured Frigate"
 
 msg_info "Creating Services"
 cat <<EOF >/etc/systemd/system/create_directories.service
 [Unit]
-Description=Create necessary directories for logs
+Description=Create necessary directories for Frigate logs
+Before=frigate.service go2rtc.service nginx.service
 
 [Service]
 Type=oneshot
@@ -176,13 +286,11 @@ ExecStart=/bin/bash -c '/bin/mkdir -p /dev/shm/logs/{frigate,go2rtc,nginx} && /b
 [Install]
 WantedBy=multi-user.target
 EOF
-systemctl enable -q --now create_directories
-sleep 3
+
 cat <<EOF >/etc/systemd/system/go2rtc.service
 [Unit]
-Description=go2rtc service
-After=network.target
-After=create_directories.service
+Description=go2rtc streaming service
+After=network.target create_directories.service
 StartLimitIntervalSec=0
 
 [Service]
@@ -190,7 +298,8 @@ Type=simple
 Restart=always
 RestartSec=1
 User=root
-ExecStartPre=+rm /dev/shm/logs/go2rtc/current
+EnvironmentFile=/etc/frigate.env
+ExecStartPre=+rm -f /dev/shm/logs/go2rtc/current
 ExecStart=/bin/bash -c "bash /opt/frigate/docker/main/rootfs/etc/s6-overlay/s6-rc.d/go2rtc/run 2> >(/usr/bin/ts '%%Y-%%m-%%d %%H:%%M:%%.S ' >&2) | /usr/bin/ts '%%Y-%%m-%%d %%H:%%M:%%.S '"
 StandardOutput=file:/dev/shm/logs/go2rtc/current
 StandardError=file:/dev/shm/logs/go2rtc/current
@@ -198,13 +307,11 @@ StandardError=file:/dev/shm/logs/go2rtc/current
 [Install]
 WantedBy=multi-user.target
 EOF
-systemctl enable -q --now go2rtc
-sleep 3
+
 cat <<EOF >/etc/systemd/system/frigate.service
 [Unit]
-Description=Frigate service
-After=go2rtc.service
-After=create_directories.service
+Description=Frigate NVR service
+After=go2rtc.service create_directories.service
 StartLimitIntervalSec=0
 
 [Service]
@@ -212,8 +319,8 @@ Type=simple
 Restart=always
 RestartSec=1
 User=root
-# Environment=PLUS_API_KEY=
-ExecStartPre=+rm /dev/shm/logs/frigate/current
+EnvironmentFile=/etc/frigate.env
+ExecStartPre=+rm -f /dev/shm/logs/frigate/current
 ExecStart=/bin/bash -c "bash /opt/frigate/docker/main/rootfs/etc/s6-overlay/s6-rc.d/frigate/run 2> >(/usr/bin/ts '%%Y-%%m-%%d %%H:%%M:%%.S ' >&2) | /usr/bin/ts '%%Y-%%m-%%d %%H:%%M:%%.S '"
 StandardOutput=file:/dev/shm/logs/frigate/current
 StandardError=file:/dev/shm/logs/frigate/current
@@ -221,13 +328,11 @@ StandardError=file:/dev/shm/logs/frigate/current
 [Install]
 WantedBy=multi-user.target
 EOF
-systemctl enable -q --now frigate
-sleep 3
+
 cat <<EOF >/etc/systemd/system/nginx.service
 [Unit]
-Description=Nginx service
-After=frigate.service
-After=create_directories.service
+Description=Nginx reverse proxy for Frigate
+After=frigate.service create_directories.service
 StartLimitIntervalSec=0
 
 [Service]
@@ -235,7 +340,7 @@ Type=simple
 Restart=always
 RestartSec=1
 User=root
-ExecStartPre=+rm /dev/shm/logs/nginx/current
+ExecStartPre=+rm -f /dev/shm/logs/nginx/current
 ExecStart=/bin/bash -c "bash /opt/frigate/docker/main/rootfs/etc/s6-overlay/s6-rc.d/nginx/run 2> >(/usr/bin/ts '%%Y-%%m-%%d %%H:%%M:%%.S ' >&2) | /usr/bin/ts '%%Y-%%m-%%d %%H:%%M:%%.S '"
 StandardOutput=file:/dev/shm/logs/nginx/current
 StandardError=file:/dev/shm/logs/nginx/current
@@ -243,8 +348,20 @@ StandardError=file:/dev/shm/logs/nginx/current
 [Install]
 WantedBy=multi-user.target
 EOF
+
+systemctl daemon-reload
+systemctl enable -q --now create_directories
+sleep 2
+systemctl enable -q --now go2rtc
+sleep 2
+systemctl enable -q --now frigate
+sleep 2
 systemctl enable -q --now nginx
-msg_ok "Configured Services"
+msg_ok "Created Services"
+
+msg_info "Cleaning Up"
+rm -rf /opt/libusb /wheels /models/*.tar.gz
+msg_ok "Cleaned Up"
 
 motd_ssh
 customize

install/huntarr-install.sh

@@ -1,45 +0,0 @@
-#!/usr/bin/env bash
-
-# Copyright (c) 2021-2026 community-scripts ORG
-# Author: BiluliB
-# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
-# Source: https://github.com/plexguide/Huntarr.io
-
-source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
-color
-verb_ip6
-catch_errors
-setting_up_container
-network_check
-update_os
-
-msg_info "Installing Dependencies"
-$STD apt install -y build-essential
-msg_ok "Installed Dependencies"
-
-PYTHON_VERSION="3.12" setup_uv
-fetch_and_deploy_gh_release "huntarr" "plexguide/Huntarr.io" "tarball"
-
-msg_info "Configure Huntarr"
-$STD uv venv --clear /opt/huntarr/.venv
-$STD uv pip install --python /opt/huntarr/.venv/bin/python -r /opt/huntarr/requirements.txt
-msg_ok "Configured Huntrarr"
-
-msg_info "Creating Service"
-cat <<EOF >/etc/systemd/system/huntarr.service
-[Unit]
-Description=Huntarr Service
-After=network.target
-[Service]
-WorkingDirectory=/opt/huntarr
-ExecStart=/opt/huntarr/.venv/bin/python /opt/huntarr/main.py
-Restart=always
-[Install]
-WantedBy=multi-user.target
-EOF
-systemctl enable -q --now huntarr
-msg_ok "Created Service"
-
-motd_ssh
-customize
-cleanup_lxc

install/sparkyfitness-install.sh

@@ -0,0 +1,95 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: Tom Frenzel (tomfrenzel)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/CodeWithCJ/SparkyFitness
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt install -y nginx
+msg_ok "Installed Dependencies"
+
+NODE_VERSION="25" setup_nodejs
+PG_VERSION="18" setup_postgresql
+PG_DB_NAME="sparkyfitness" PG_DB_USER="sparky" PG_DB_GRANT_SUPERUSER="true" setup_postgresql_db
+
+fetch_and_deploy_gh_release sparkyfitness "CodeWithCJ/SparkyFitness" "tarball" "latest"
+
+msg_info "Configuring Sparky Fitness"
+mkdir -p "/etc/sparkyfitness" "/var/lib/sparkyfitness/uploads" "/var/lib/sparkyfitness/backup" "/var/www/sparkyfitness"
+cp "/opt/sparkyfitness/docker/.env.example" "/etc/sparkyfitness/.env"
+sed \
+  -i \
+  -e "s|^#\?SPARKY_FITNESS_DB_HOST=.*|SPARKY_FITNESS_DB_HOST=localhost|" \
+  -e "s|^#\?SPARKY_FITNESS_DB_PORT=.*|SPARKY_FITNESS_DB_PORT=5432|" \
+  -e "s|^SPARKY_FITNESS_DB_NAME=.*|SPARKY_FITNESS_DB_NAME=sparkyfitness|" \
+  -e "s|^SPARKY_FITNESS_DB_USER=.*|SPARKY_FITNESS_DB_USER=sparky|" \
+  -e "s|^SPARKY_FITNESS_DB_PASSWORD=.*|SPARKY_FITNESS_DB_PASSWORD=${PG_DB_PASS}|" \
+  -e "s|^SPARKY_FITNESS_APP_DB_USER=.*|SPARKY_FITNESS_APP_DB_USER=sparky_app|" \
+  -e "s|^SPARKY_FITNESS_APP_DB_PASSWORD=.*|SPARKY_FITNESS_APP_DB_PASSWORD=$(openssl rand -base64 24 | tr -dc 'a-zA-Z0-9' | head -c20)|" \
+  -e "s|^SPARKY_FITNESS_SERVER_HOST=.*|SPARKY_FITNESS_SERVER_HOST=localhost|" \
+  -e "s|^SPARKY_FITNESS_SERVER_PORT=.*|SPARKY_FITNESS_SERVER_PORT=3010|" \
+  -e "s|^SPARKY_FITNESS_FRONTEND_URL=.*|SPARKY_FITNESS_FRONTEND_URL=http://${LOCAL_IP}:80|" \
+  -e "s|^SPARKY_FITNESS_API_ENCRYPTION_KEY=.*|SPARKY_FITNESS_API_ENCRYPTION_KEY=$(openssl rand -hex 32)|" \
+  -e "s|^BETTER_AUTH_SECRET=.*|BETTER_AUTH_SECRET=$(openssl rand -hex 32)|" \
+  "/etc/sparkyfitness/.env"
+msg_ok "Configured Sparky Fitness"
+
+msg_info "Building Backend"
+cd /opt/sparkyfitness/SparkyFitnessServer
+$STD npm install
+msg_ok "Built Backend"
+
+msg_info "Building Frontend (Patience)"
+cd /opt/sparkyfitness/SparkyFitnessFrontend
+$STD npm install
+$STD npm run build
+cp -a /opt/sparkyfitness/SparkyFitnessFrontend/dist/. /var/www/sparkyfitness/
+msg_ok "Built Frontend"
+
+msg_info "Creating SparkyFitness Service"
+cat <<EOF >/etc/systemd/system/sparkyfitness-server.service
+[Unit]
+Description=SparkyFitness Backend Service
+After=network.target postgresql.service
+Requires=postgresql.service
+
+[Service]
+Type=simple
+WorkingDirectory=/opt/sparkyfitness/SparkyFitnessServer
+EnvironmentFile=/etc/sparkyfitness/.env
+ExecStart=/usr/bin/node SparkyFitnessServer.js
+Restart=always
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl enable -q --now sparkyfitness-server
+msg_ok "Created SparkyFitness Service"
+
+msg_info "Configuring Nginx"
+sed \
+  -e 's|${SPARKY_FITNESS_SERVER_HOST}|127.0.0.1|g' \
+  -e 's|${SPARKY_FITNESS_SERVER_PORT}|3010|g' \
+  -e 's|root /usr/share/nginx/html;|root /var/www/sparkyfitness;|g' \
+  -e 's|server_name localhost;|server_name _;|g' \
+  "/opt/sparkyfitness/docker/nginx.conf" >/etc/nginx/sites-available/sparkyfitness
+ln -sf /etc/nginx/sites-available/sparkyfitness /etc/nginx/sites-enabled/sparkyfitness
+rm -f /etc/nginx/sites-enabled/default
+$STD nginx -t
+$STD systemctl enable -q --now nginx
+$STD systemctl reload nginx
+msg_ok "Configured Nginx"
+
+motd_ssh
+customize
+cleanup_lxc

misc/alpine-install.func

@@ -25,7 +25,9 @@ get_lxc_ip
 # post_progress_to_api()
 #
 # - Lightweight progress ping from inside the container
-# - Updates the existing telemetry record status from "installing" to "configuring"
+# - Updates the existing telemetry record status
+# - Arguments:
+#   * $1: status (optional, default: "configuring")
 # - Signals that the installation is actively progressing (not stuck)
 # - Fire-and-forget: never blocks or fails the script
 # - Only executes if DIAGNOSTICS=yes and RANDOM_UUID is set
@@ -35,9 +37,11 @@ post_progress_to_api() {
   [[ "${DIAGNOSTICS:-no}" == "no" ]] && return 0
   [[ -z "${RANDOM_UUID:-}" ]] && return 0
 
+  local progress_status="${1:-configuring}"
+
   curl -fsS -m 5 -X POST "https://telemetry.community-scripts.org/telemetry" \
     -H "Content-Type: application/json" \
-    -d "{\"random_id\":\"${RANDOM_UUID}\",\"execution_id\":\"${EXECUTION_ID:-${RANDOM_UUID}}\",\"type\":\"lxc\",\"nsapp\":\"${app:-unknown}\",\"status\":\"configuring\"}" &>/dev/null || true
+    -d "{\"random_id\":\"${RANDOM_UUID}\",\"execution_id\":\"${EXECUTION_ID:-${RANDOM_UUID}}\",\"type\":\"lxc\",\"nsapp\":\"${app:-unknown}\",\"status\":\"${progress_status}\"}" &>/dev/null || true
 }
 
 # This function enables IPv6 if it's not disabled and sets verbose mode

misc/api.func

@@ -35,7 +35,11 @@
 TELEMETRY_URL="https://telemetry.community-scripts.org/telemetry"
 
 # Timeout for telemetry requests (seconds)
+# Progress pings (validation/configuring) use the short timeout
 TELEMETRY_TIMEOUT=5
+# Final status updates (success/failed) use the longer timeout
+# PocketBase may need more time under load (FindRecord + UpdateRecord)
+STATUS_TIMEOUT=10
 
 # ==============================================================================
 # SECTION 0: REPOSITORY SOURCE DETECTION
@@ -350,6 +354,55 @@ get_error_text() {
   fi
 }
 
+# ------------------------------------------------------------------------------
+# get_full_log()
+#
+# - Returns the FULL installation log (build + install combined)
+# - Calls ensure_log_on_host() to pull container log if needed
+# - Strips ANSI escape codes and carriage returns
+# - Truncates to max_bytes (default: 120KB) to stay within API limits
+# - Used for the error telemetry field (full trace instead of 20 lines)
+# ------------------------------------------------------------------------------
+get_full_log() {
+  local max_bytes="${1:-122880}" # 120KB default
+  local logfile=""
+
+  # Ensure logs are available on host (pulls from container if needed)
+  if declare -f ensure_log_on_host >/dev/null 2>&1; then
+    ensure_log_on_host
+  fi
+
+  # Try combined log first (most complete)
+  if [[ -n "${CTID:-}" && -n "${SESSION_ID:-}" ]]; then
+    local combined_log="/tmp/${NSAPP:-lxc}-${CTID}-${SESSION_ID}.log"
+    if [[ -s "$combined_log" ]]; then
+      logfile="$combined_log"
+    fi
+  fi
+
+  # Fall back to INSTALL_LOG
+  if [[ -z "$logfile" || ! -s "$logfile" ]]; then
+    if [[ -n "${INSTALL_LOG:-}" && -s "${INSTALL_LOG}" ]]; then
+      logfile="$INSTALL_LOG"
+    fi
+  fi
+
+  # Fall back to BUILD_LOG
+  if [[ -z "$logfile" || ! -s "$logfile" ]]; then
+    if [[ -n "${BUILD_LOG:-}" && -s "${BUILD_LOG}" ]]; then
+      logfile="$BUILD_LOG"
+    fi
+  fi
+
+  if [[ -n "$logfile" && -s "$logfile" ]]; then
+    # Strip ANSI codes, carriage returns, and anonymize IP addresses (GDPR)
+    sed 's/\r$//' "$logfile" 2>/dev/null |
+      sed 's/\x1b\[[0-9;]*[a-zA-Z]//g' |
+      sed -E 's/([0-9]{1,3}\.)[0-9]{1,3}\.[0-9]{1,3}/\1x.x/g' |
+      head -c "$max_bytes"
+  fi
+}
+
 # ------------------------------------------------------------------------------
 # build_error_string()
 #
@@ -692,7 +745,10 @@ EOF
 # post_progress_to_api()
 #
 # - Lightweight progress ping from host or container
-# - Updates the existing telemetry record status to "configuring"
+# - Updates the existing telemetry record status
+# - Arguments:
+#   * $1: status (optional, default: "configuring")
+#         Valid values: "validation", "configuring"
 # - Signals that the installation is actively progressing (not stuck)
 # - Fire-and-forget: never blocks or fails the script
 # - Only executes if DIAGNOSTICS=yes and RANDOM_UUID is set
@@ -703,12 +759,13 @@ post_progress_to_api() {
   [[ "${DIAGNOSTICS:-no}" == "no" ]] && return 0
   [[ -z "${RANDOM_UUID:-}" ]] && return 0
 
+  local progress_status="${1:-configuring}"
   local app_name="${NSAPP:-${app:-unknown}}"
   local telemetry_type="${TELEMETRY_TYPE:-lxc}"
 
   curl -fsS -m 5 -X POST "${TELEMETRY_URL:-https://telemetry.community-scripts.org/telemetry}" \
     -H "Content-Type: application/json" \
-    -d "{\"random_id\":\"${RANDOM_UUID}\",\"execution_id\":\"${EXECUTION_ID:-${RANDOM_UUID}}\",\"type\":\"${telemetry_type}\",\"nsapp\":\"${app_name}\",\"status\":\"configuring\"}" &>/dev/null || true
+    -d "{\"random_id\":\"${RANDOM_UUID}\",\"execution_id\":\"${EXECUTION_ID:-${RANDOM_UUID}}\",\"type\":\"${telemetry_type}\",\"nsapp\":\"${app_name}\",\"status\":\"${progress_status}\"}" &>/dev/null || true
 }
 
 # ------------------------------------------------------------------------------
@@ -782,11 +839,15 @@ post_update_to_api() {
     else
       exit_code=1
     fi
-    # Get log lines and build structured error string
-    local error_text=""
-    error_text=$(get_error_text)
+    # Get full installation log for error field
+    local log_text=""
+    log_text=$(get_full_log 122880) || true # 120KB max
+    if [[ -z "$log_text" ]]; then
+      # Fallback to last 20 lines
+      log_text=$(get_error_text)
+    fi
     local full_error
-    full_error=$(build_error_string "$exit_code" "$error_text")
+    full_error=$(build_error_string "$exit_code" "$log_text")
     error=$(json_escape "$full_error")
     short_error=$(json_escape "$(explain_exit_code "$exit_code")")
     error_category=$(categorize_error "$exit_code")
@@ -807,7 +868,7 @@ post_update_to_api() {
 
   local http_code=""
 
-  # ── Attempt 1: Full payload with complete error text ──
+  # ── Attempt 1: Full payload with complete error text (includes full log) ──
   local JSON_PAYLOAD
   JSON_PAYLOAD=$(
     cat <<EOF
@@ -840,7 +901,7 @@ post_update_to_api() {
 EOF
   )
 
-  http_code=$(curl -sS -w "%{http_code}" -m "${TELEMETRY_TIMEOUT}" -X POST "${TELEMETRY_URL}" \
+  http_code=$(curl -sS -w "%{http_code}" -m "${STATUS_TIMEOUT}" -X POST "${TELEMETRY_URL}" \
     -H "Content-Type: application/json" \
     -d "$JSON_PAYLOAD" -o /dev/null 2>/dev/null) || http_code="000"
 
@@ -883,7 +944,7 @@ EOF
 EOF
   )
 
-  http_code=$(curl -sS -w "%{http_code}" -m "${TELEMETRY_TIMEOUT}" -X POST "${TELEMETRY_URL}" \
+  http_code=$(curl -sS -w "%{http_code}" -m "${STATUS_TIMEOUT}" -X POST "${TELEMETRY_URL}" \
     -H "Content-Type: application/json" \
     -d "$RETRY_PAYLOAD" -o /dev/null 2>/dev/null) || http_code="000"
 
@@ -911,12 +972,18 @@ EOF
 EOF
   )
 
-  curl -sS -w "%{http_code}" -m "${TELEMETRY_TIMEOUT}" -X POST "${TELEMETRY_URL}" \
+  http_code=$(curl -sS -w "%{http_code}" -m "${STATUS_TIMEOUT}" -X POST "${TELEMETRY_URL}" \
     -H "Content-Type: application/json" \
-    -d "$MINIMAL_PAYLOAD" -o /dev/null 2>/dev/null || true
+    -d "$MINIMAL_PAYLOAD" -o /dev/null 2>/dev/null) || http_code="000"
 
-  # Tried 3 times - mark as done regardless to prevent infinite loops
-  POST_UPDATE_DONE=true
+  if [[ "$http_code" =~ ^2[0-9]{2}$ ]]; then
+    POST_UPDATE_DONE=true
+    return 0
+  fi
+
+  # All 3 attempts failed — do NOT set POST_UPDATE_DONE=true.
+  # This allows the EXIT trap (api_exit_script) to retry with 3 fresh attempts.
+  # No infinite loop risk: EXIT trap fires exactly once.
 }
 
 # ==============================================================================
@@ -969,16 +1036,16 @@ categorize_error() {
   # Python environment errors
   # (already covered: 160-162 under dependency)
 
-  # Aborted by user
-  130) echo "aborted" ;;
+  # Aborted by user (SIGHUP=terminal closed, SIGINT=Ctrl+C, SIGTERM=killed)
+  129 | 130 | 143) echo "user_aborted" ;;
 
   # Resource errors (OOM, SIGKILL, SIGABRT)
   134 | 137) echo "resource" ;;
 
-  # Signal/Process errors (SIGTERM, SIGPIPE, SIGSEGV)
-  139 | 141 | 143) echo "signal" ;;
+  # Signal/Process errors (SIGPIPE, SIGSEGV)
+  139 | 141) echo "signal" ;;
 
-  # Shell errors (general error, syntax error)  
+  # Shell errors (general error, syntax error)
   1 | 2) echo "shell" ;;
 
   # Default - truly unknown
@@ -1292,9 +1359,27 @@ post_update_to_api_extended() {
 EOF
   )
 
-  curl -fsS -m "${TELEMETRY_TIMEOUT}" -X POST "${TELEMETRY_URL}" \
+  local http_code
+  http_code=$(curl -sS -w "%{http_code}" -m "${STATUS_TIMEOUT}" -X POST "${TELEMETRY_URL}" \
     -H "Content-Type: application/json" \
-    -d "$JSON_PAYLOAD" &>/dev/null || true
+    -d "$JSON_PAYLOAD" -o /dev/null 2>/dev/null) || http_code="000"
 
-  POST_UPDATE_DONE=true
+  if [[ "$http_code" =~ ^2[0-9]{2}$ ]]; then
+    POST_UPDATE_DONE=true
+    return 0
+  fi
+
+  # Retry with minimal payload
+  sleep 1
+  http_code=$(curl -sS -w "%{http_code}" -m "${STATUS_TIMEOUT}" -X POST "${TELEMETRY_URL}" \
+    -H "Content-Type: application/json" \
+    -d "{\"random_id\":\"${RANDOM_UUID}\",\"execution_id\":\"${EXECUTION_ID:-${RANDOM_UUID}}\",\"type\":\"${TELEMETRY_TYPE:-lxc}\",\"nsapp\":\"${NSAPP:-unknown}\",\"status\":\"${pb_status}\",\"exit_code\":${exit_code},\"install_duration\":${duration:-0}}" \
+    -o /dev/null 2>/dev/null) || http_code="000"
+
+  if [[ "$http_code" =~ ^2[0-9]{2}$ ]]; then
+    POST_UPDATE_DONE=true
+    return 0
+  fi
+
+  # Do NOT set POST_UPDATE_DONE=true — let EXIT trap retry
 }

misc/build.func

@@ -3578,6 +3578,13 @@ build_container() {
   # DEV_MODE exports (optional, for debugging)
   export BUILD_LOG="$BUILD_LOG"
   export INSTALL_LOG="/root/.install-${SESSION_ID}.log"
+
+  # Keep host-side logging on BUILD_LOG (not exported — invisible to container)
+  # Without this, get_active_logfile() would return INSTALL_LOG (a container path)
+  # and all host msg_info/msg_ok/msg_error would write to /root/.install-SESSION.log
+  # on the HOST instead of BUILD_LOG, causing incomplete telemetry logs.
+  _HOST_LOGFILE="$BUILD_LOG"
+
   export dev_mode="${dev_mode:-}"
   export DEV_MODE_MOTD="${DEV_MODE_MOTD:-false}"
   export DEV_MODE_KEEP="${DEV_MODE_KEEP:-false}"
@@ -3664,6 +3671,9 @@ $PCT_OPTIONS_STRING"
 
   create_lxc_container || exit $?
 
+  # Transition to 'configuring' — container created, now setting up OS/userland
+  post_progress_to_api "configuring"
+
   LXC_CONFIG="/etc/pve/lxc/${CTID}.conf"
 
   # ============================================================================
@@ -3905,7 +3915,6 @@ EOF
   for i in {1..10}; do
     if pct status "$CTID" | grep -q "status: running"; then
       msg_ok "Started LXC Container"
-      post_progress_to_api # Signal container is running
       break
     fi
     sleep 1
@@ -3960,7 +3969,6 @@ EOF
       echo -e "${YW}Container may have limited internet access. Installation will continue...${CL}"
     else
       msg_ok "Network in LXC is reachable (ping)"
-      post_progress_to_api # Signal network is ready
     fi
   fi
   # Function to get correct GID inside container
@@ -4032,7 +4040,6 @@ EOF'
   fi
 
   msg_ok "Customized LXC Container"
-  post_progress_to_api # Signal ready for app installation
 
   # Optional DNS override for retry scenarios (inside LXC, never on host)
   if [[ "${DNS_RETRY_OVERRIDE:-false}" == "true" ]]; then
@@ -4052,11 +4059,26 @@ EOF'
   set +Eeuo pipefail # Disable ALL error handling temporarily
   trap - ERR         # Remove ERR trap completely
 
-  lxc-attach -n "$CTID" -- bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/install/${var_install}.sh)"
-  local lxc_exit=$?
+  # Signal handlers use this flag to stop the container on abort (SIGHUP/SIGINT/SIGTERM)
+  # Without this, SSH disconnects leave the container running as an orphan process
+  # that sends "configuring" status AFTER the host already reported "failed"
+  export CONTAINER_INSTALLING=true
 
-  set -Eeuo pipefail       # Re-enable error handling
-  trap 'error_handler' ERR # Restore ERR trap
+  # Capture lxc-attach terminal output to host-side log via tee.
+  # This is the ONLY reliable way to get install output when:
+  #   - install.func fails to load (DNS error) → no container-side logging
+  #   - install script crashes before logging starts
+  #   - $STD/silent() not used for some commands
+  # PIPESTATUS[0] gets the real exit code from lxc-attach (not from tee).
+  local _LXC_CAPTURE_LOG="/tmp/.install-capture-${SESSION_ID}.log"
+  lxc-attach -n "$CTID" -- bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/install/${var_install}.sh)" 2>&1 | tee "$_LXC_CAPTURE_LOG"
+  local lxc_exit=${PIPESTATUS[0]}
+
+  unset CONTAINER_INSTALLING
+
+  # Keep error handling DISABLED during failure detection and recovery
+  # Re-enabling it here would cause any pct exec/pull failure to trigger
+  # error_handler() on the host, bypassing the recovery menu entirely
 
   # Check for error flag file in container (more reliable than lxc-attach exit code)
   local install_exit_code=0
@@ -4108,7 +4130,17 @@ EOF'
 
       # Copy and append INSTALL_LOG from container (with timeout to prevent hangs)
       local temp_install_log="/tmp/.install-temp-${SESSION_ID}.log"
+      local container_log_ok=false
       if timeout 8 pct pull "$CTID" "/root/.install-${SESSION_ID}.log" "$temp_install_log" 2>/dev/null; then
+        # Only use container log if it has meaningful content (>100 bytes)
+        if [[ -s "$temp_install_log" ]] && [[ $(stat -c%s "$temp_install_log" 2>/dev/null || echo 0) -gt 100 ]]; then
+          container_log_ok=true
+        fi
+      fi
+
+      # PHASE 2: Use container-side log if available, otherwise use host-captured tee output
+      local _LXC_CAPTURE_LOG="/tmp/.install-capture-${SESSION_ID}.log"
+      if [[ "$container_log_ok" == true ]]; then
         {
           echo "================================================================================"
           echo "PHASE 2: APPLICATION INSTALLATION (Container)"
@@ -4116,9 +4148,25 @@ EOF'
           cat "$temp_install_log"
           echo ""
         } >>"$combined_log"
-        rm -f "$temp_install_log"
         install_log_copied=true
-        # Point INSTALL_LOG to combined log so get_error_text() finds it
+      elif [[ -s "$_LXC_CAPTURE_LOG" ]]; then
+        # Fallback: host-captured terminal output from lxc-attach
+        # This captures everything the user saw, including errors when install.func
+        # failed to load (DNS issues, etc.) and no container-side logging was set up.
+        {
+          echo "================================================================================"
+          echo "PHASE 2: APPLICATION INSTALLATION (Container - captured from terminal)"
+          echo "================================================================================"
+          # Strip ANSI escape codes from terminal capture
+          sed 's/\x1b\[[0-9;]*[a-zA-Z]//g' "$_LXC_CAPTURE_LOG" | sed 's/\r$//'
+          echo ""
+        } >>"$combined_log"
+        install_log_copied=true
+      fi
+      rm -f "$temp_install_log"
+
+      if [[ "$install_log_copied" == true ]]; then
+        # Point INSTALL_LOG to combined log so get_full_log() finds it
         INSTALL_LOG="$combined_log"
       fi
     fi
@@ -4378,8 +4426,9 @@ EOF'
           # Re-run install script in existing container (don't destroy/recreate)
           set +Eeuo pipefail
           trap - ERR
-          lxc-attach -n "$CTID" -- bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/install/${var_install}.sh)"
-          local apt_retry_exit=$?
+          local _LXC_CAPTURE_LOG="/tmp/.install-capture-${SESSION_ID}.log"
+          lxc-attach -n "$CTID" -- bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/install/${var_install}.sh)" 2>&1 | tee "$_LXC_CAPTURE_LOG"
+          local apt_retry_exit=${PIPESTATUS[0]}
           set -Eeuo pipefail
           trap 'error_handler' ERR
 
@@ -4484,6 +4533,13 @@ EOF'
 
     exit $install_exit_code
   fi
+
+  # Clean up host-side capture log (not needed on success, already in combined_log on failure)
+  rm -f "/tmp/.install-capture-${SESSION_ID}.log" 2>/dev/null
+
+  # Re-enable error handling after successful install or recovery menu completion
+  set -Eeuo pipefail
+  trap 'error_handler' ERR
 }
 
 destroy_lxc() {
@@ -4891,6 +4947,9 @@ create_lxc_container() {
   # Report installation start to API early - captures failures in storage/template/create
   post_to_api
 
+  # Transition to 'validation' — Proxmox-internal checks (storage, template, cluster)
+  post_progress_to_api "validation"
+
   # Storage capability check
   check_storage_support "rootdir" || {
     msg_error "No valid storage found for 'rootdir' [Container]"
@@ -5420,7 +5479,6 @@ create_lxc_container() {
   }
 
   msg_ok "LXC Container ${BL}$CTID${CL} ${GN}was successfully created."
-  post_progress_to_api # Signal container creation complete
 }
 
 # ==============================================================================
@@ -5561,9 +5619,13 @@ api_exit_script() {
     # ALWAYS send telemetry FIRST - ensure status is reported even if
     # ensure_log_on_host hangs (e.g. pct pull on dead container)
     post_update_to_api "failed" "$exit_code" 2>/dev/null || true
-    # Best-effort log collection with timeout (non-critical after telemetry is sent)
+    # Best-effort log collection (non-critical after telemetry is sent)
     if declare -f ensure_log_on_host >/dev/null 2>&1; then
-      timeout 10 bash -c 'ensure_log_on_host' 2>/dev/null || true
+      ensure_log_on_host 2>/dev/null || true
+    fi
+    # Stop orphaned container if we're in the install phase
+    if [[ "${CONTAINER_INSTALLING:-}" == "true" && -n "${CTID:-}" ]] && command -v pct &>/dev/null; then
+      pct stop "$CTID" 2>/dev/null || true
     fi
   elif [[ "${POST_TO_API_DONE:-}" == "true" && "${POST_UPDATE_DONE:-}" != "true" ]]; then
     # Script exited with 0 but never sent a completion status
@@ -5575,7 +5637,7 @@ api_exit_script() {
 if command -v pveversion >/dev/null 2>&1; then
   trap 'api_exit_script' EXIT
 fi
-trap 'local _ec=$?; if [[ $_ec -ne 0 ]]; then post_update_to_api "failed" "$_ec" 2>/dev/null || true; timeout 10 bash -c "ensure_log_on_host" 2>/dev/null || true; fi' ERR
-trap 'post_update_to_api "failed" "129" 2>/dev/null || true; timeout 10 bash -c "ensure_log_on_host" 2>/dev/null || true; exit 129' SIGHUP
-trap 'post_update_to_api "failed" "130" 2>/dev/null || true; timeout 10 bash -c "ensure_log_on_host" 2>/dev/null || true; exit 130' SIGINT
-trap 'post_update_to_api "failed" "143" 2>/dev/null || true; timeout 10 bash -c "ensure_log_on_host" 2>/dev/null || true; exit 143' SIGTERM
+trap 'local _ec=$?; if [[ $_ec -ne 0 ]]; then post_update_to_api "failed" "$_ec" 2>/dev/null || true; if declare -f ensure_log_on_host &>/dev/null; then ensure_log_on_host 2>/dev/null || true; fi; fi' ERR
+trap 'post_update_to_api "failed" "129" 2>/dev/null || true; if [[ -n "${CTID:-}" ]] && command -v pct &>/dev/null; then pct stop "$CTID" 2>/dev/null || true; fi; exit 129' SIGHUP
+trap 'post_update_to_api "failed" "130" 2>/dev/null || true; if [[ -n "${CTID:-}" ]] && command -v pct &>/dev/null; then pct stop "$CTID" 2>/dev/null || true; fi; exit 130' SIGINT
+trap 'post_update_to_api "failed" "143" 2>/dev/null || true; if [[ -n "${CTID:-}" ]] && command -v pct &>/dev/null; then pct stop "$CTID" 2>/dev/null || true; fi; exit 143' SIGTERM

misc/core.func

@@ -395,12 +395,20 @@ ssh_check() {
 # get_active_logfile()
 #
 # - Returns the appropriate log file based on execution context
-# - BUILD_LOG: Host operations (container creation)
+# - _HOST_LOGFILE: Override for host context (keeps host logging on BUILD_LOG
+#   even after INSTALL_LOG is exported for the container)
 # - INSTALL_LOG: Container operations (application installation)
+# - BUILD_LOG: Host operations (container creation)
 # - Fallback to BUILD_LOG if neither is set
 # ------------------------------------------------------------------------------
 get_active_logfile() {
-  if [[ -n "${INSTALL_LOG:-}" ]]; then
+  # Host override: _HOST_LOGFILE is set (not exported) in build.func to keep
+  # host-side logging in BUILD_LOG after INSTALL_LOG is exported for the container.
+  # Without this, all host msg_info/msg_ok/msg_error would write to
+  # /root/.install-SESSION.log (a container path) instead of BUILD_LOG.
+  if [[ -n "${_HOST_LOGFILE:-}" ]]; then
+    echo "$_HOST_LOGFILE"
+  elif [[ -n "${INSTALL_LOG:-}" ]]; then
     echo "$INSTALL_LOG"
   elif [[ -n "${BUILD_LOG:-}" ]]; then
     echo "$BUILD_LOG"
@@ -480,7 +488,7 @@ log_section() {
 # silent()
 #
 # - Executes command with output redirected to active log file
-# - On error: displays last 10 lines of log and exits with original exit code
+# - On error: displays last 20 lines of log and exits with original exit code
 # - Temporarily disables error trap to capture exit code correctly
 # - Sources explain_exit_code() for detailed error messages
 # ------------------------------------------------------------------------------
@@ -522,9 +530,10 @@ silent() {
     msg_custom "→" "${YWB}" "${cmd}"
 
     if [[ -s "$logfile" ]]; then
-      echo -e "\n${TAB}--- Last 10 lines of log ---"
-      tail -n 10 "$logfile"
-      echo -e "${TAB}-----------------------------------\n"
+      echo -e "\n${TAB}--- Last 20 lines of log ---"
+      tail -n 20 "$logfile"
+      echo -e "${TAB}-----------------------------------"
+      echo -e "${TAB}📋 Full log: ${logfile}\n"
     fi
 
     exit "$rc"
@@ -1496,7 +1505,7 @@ cleanup_lxc() {
   fi
 
   msg_ok "Cleaned"
-  
+
   # Send progress ping if available (defined in install.func)
   if declare -f post_progress_to_api &>/dev/null; then
     post_progress_to_api

misc/error_handler.func

@@ -208,6 +208,10 @@ error_handler() {
   # This ensures we capture failures that occur before/after container exists
   if declare -f post_update_to_api &>/dev/null; then
     post_update_to_api "failed" "$exit_code" 2>/dev/null || true
+  else
+    # Container context: post_update_to_api not available (api.func not sourced)
+    # Send status directly via curl so container failures are never lost
+    _send_abort_telemetry "$exit_code" 2>/dev/null || true
   fi
 
   # Use msg_error if available, fallback to echo
@@ -236,67 +240,54 @@ error_handler() {
     active_log="$SILENT_LOGFILE"
   fi
 
+  # If active_log points to a container-internal path that doesn't exist on host,
+  # fall back to BUILD_LOG (host-side log)
+  if [[ -n "$active_log" && ! -s "$active_log" && -n "${BUILD_LOG:-}" && -s "${BUILD_LOG}" ]]; then
+    active_log="$BUILD_LOG"
+  fi
+
+  # Show last log lines if available
   if [[ -n "$active_log" && -s "$active_log" ]]; then
     echo -e "\n${TAB}--- Last 20 lines of log ---"
     tail -n 20 "$active_log"
     echo -e "${TAB}-----------------------------------\n"
+  fi
 
-    # Detect context: Container (INSTALL_LOG set + /root exists) vs Host (BUILD_LOG)
-    if [[ -n "${INSTALL_LOG:-}" && -d /root ]]; then
-      # CONTAINER CONTEXT: Copy log and create flag file for host
-      local container_log="/root/.install-${SESSION_ID:-error}.log"
-      cp "$active_log" "$container_log" 2>/dev/null || true
+  # Detect context: Container (INSTALL_LOG set + inside container /root) vs Host
+  if [[ -n "${INSTALL_LOG:-}" && -f "${INSTALL_LOG:-}" && -d /root ]]; then
+    # CONTAINER CONTEXT: Copy log and create flag file for host
+    local container_log="/root/.install-${SESSION_ID:-error}.log"
+    cp "${INSTALL_LOG}" "$container_log" 2>/dev/null || true
 
-      # Create error flag file with exit code for host detection
-      echo "$exit_code" >"/root/.install-${SESSION_ID:-error}.failed" 2>/dev/null || true
-      # Log path is shown by host as combined log - no need to show container path
-    else
-      # HOST CONTEXT: Show local log path and offer container cleanup
+    # Create error flag file with exit code for host detection
+    echo "$exit_code" >"/root/.install-${SESSION_ID:-error}.failed" 2>/dev/null || true
+    # Log path is shown by host as combined log - no need to show container path
+  else
+    # HOST CONTEXT: Show local log path and offer container cleanup
+    if [[ -n "$active_log" && -s "$active_log" ]]; then
       if declare -f msg_custom >/dev/null 2>&1; then
         msg_custom "📋" "${YW}" "Full log: ${active_log}"
       else
         echo -e "${YW}Full log:${CL} ${BL}${active_log}${CL}"
       fi
+    fi
 
-      # Offer to remove container if it exists (build errors after container creation)
-      if [[ -n "${CTID:-}" ]] && command -v pct &>/dev/null && pct status "$CTID" &>/dev/null; then
-        echo ""
-        if declare -f msg_custom >/dev/null 2>&1; then
-          echo -en "${TAB}❓${TAB}${YW}Remove broken container ${CTID}? (Y/n) [auto-remove in 60s]: ${CL}"
-        else
-          echo -en "${YW}Remove broken container ${CTID}? (Y/n) [auto-remove in 60s]: ${CL}"
-        fi
+    # Offer to remove container if it exists (build errors after container creation)
+    if [[ -n "${CTID:-}" ]] && command -v pct &>/dev/null && pct status "$CTID" &>/dev/null; then
+      echo ""
+      if declare -f msg_custom >/dev/null 2>&1; then
+        echo -en "${TAB}❓${TAB}${YW}Remove broken container ${CTID}? (Y/n) [auto-remove in 60s]: ${CL}"
+      else
+        echo -en "${YW}Remove broken container ${CTID}? (Y/n) [auto-remove in 60s]: ${CL}"
+      fi
 
-        if read -t 60 -r response; then
-          if [[ -z "$response" || "$response" =~ ^[Yy]$ ]]; then
-            echo ""
-            if declare -f msg_info >/dev/null 2>&1; then
-              msg_info "Removing container ${CTID}"
-            else
-              echo -e "${YW}Removing container ${CTID}${CL}"
-            fi
-            pct stop "$CTID" &>/dev/null || true
-            pct destroy "$CTID" &>/dev/null || true
-            if declare -f msg_ok >/dev/null 2>&1; then
-              msg_ok "Container ${CTID} removed"
-            else
-              echo -e "${GN}✔${CL} Container ${CTID} removed"
-            fi
-          elif [[ "$response" =~ ^[Nn]$ ]]; then
-            echo ""
-            if declare -f msg_warn >/dev/null 2>&1; then
-              msg_warn "Container ${CTID} kept for debugging"
-            else
-              echo -e "${YW}Container ${CTID} kept for debugging${CL}"
-            fi
-          fi
-        else
-          # Timeout - auto-remove
+      if read -t 60 -r response; then
+        if [[ -z "$response" || "$response" =~ ^[Yy]$ ]]; then
           echo ""
           if declare -f msg_info >/dev/null 2>&1; then
-            msg_info "No response - removing container ${CTID}"
+            msg_info "Removing container ${CTID}"
           else
-            echo -e "${YW}No response - removing container ${CTID}${CL}"
+            echo -e "${YW}Removing container ${CTID}${CL}"
           fi
           pct stop "$CTID" &>/dev/null || true
           pct destroy "$CTID" &>/dev/null || true
@@ -305,13 +296,35 @@ error_handler() {
           else
             echo -e "${GN}✔${CL} Container ${CTID} removed"
           fi
+        elif [[ "$response" =~ ^[Nn]$ ]]; then
+          echo ""
+          if declare -f msg_warn >/dev/null 2>&1; then
+            msg_warn "Container ${CTID} kept for debugging"
+          else
+            echo -e "${YW}Container ${CTID} kept for debugging${CL}"
+          fi
         fi
+      else
+        # Timeout - auto-remove
+        echo ""
+        if declare -f msg_info >/dev/null 2>&1; then
+          msg_info "No response - removing container ${CTID}"
+        else
+          echo -e "${YW}No response - removing container ${CTID}${CL}"
+        fi
+        pct stop "$CTID" &>/dev/null || true
+        pct destroy "$CTID" &>/dev/null || true
+        if declare -f msg_ok >/dev/null 2>&1; then
+          msg_ok "Container ${CTID} removed"
+        else
+          echo -e "${GN}✔${CL} Container ${CTID} removed"
+        fi
+      fi
 
-        # Force one final status update attempt after cleanup
-        # This ensures status is updated even if the first attempt failed (e.g., HTTP 400)
-        if declare -f post_update_to_api &>/dev/null; then
-          post_update_to_api "failed" "$exit_code" "force"
-        fi
+      # Force one final status update attempt after cleanup
+      # This ensures status is updated even if the first attempt failed (e.g., HTTP 400)
+      if declare -f post_update_to_api &>/dev/null; then
+        post_update_to_api "failed" "$exit_code" "force"
       fi
     fi
   fi
@@ -320,40 +333,97 @@ error_handler() {
 }
 
 # ==============================================================================
-# SECTION 3: SIGNAL HANDLERS
+# SECTION 3: TELEMETRY & CLEANUP HELPERS FOR SIGNAL HANDLERS
+# ==============================================================================
+
+# ------------------------------------------------------------------------------
+# _send_abort_telemetry()
+#
+# - Sends failure/abort status to telemetry API
+# - Works in BOTH host context (post_update_to_api available) and
+#   container context (only curl available, api.func not sourced)
+# - Container context is critical: without this, container-side failures
+#   and signal exits are never reported, leaving records stuck in
+#   "installing" or "configuring" forever
+# - Arguments: $1 = exit_code
+# ------------------------------------------------------------------------------
+_send_abort_telemetry() {
+  local exit_code="${1:-1}"
+  # Try full API function first (host context - api.func sourced)
+  if declare -f post_update_to_api &>/dev/null; then
+    post_update_to_api "failed" "$exit_code" 2>/dev/null || true
+    return
+  fi
+  # Fallback: direct curl (container context - api.func NOT sourced)
+  # This is the ONLY way containers can report failures to telemetry
+  command -v curl &>/dev/null || return 0
+  [[ "${DIAGNOSTICS:-no}" == "no" ]] && return 0
+  [[ -z "${RANDOM_UUID:-}" ]] && return 0
+  curl -fsS -m 5 -X POST "${TELEMETRY_URL:-https://telemetry.community-scripts.org/telemetry}" \
+    -H "Content-Type: application/json" \
+    -d "{\"random_id\":\"${RANDOM_UUID}\",\"execution_id\":\"${EXECUTION_ID:-${RANDOM_UUID}}\",\"type\":\"${TELEMETRY_TYPE:-lxc}\",\"nsapp\":\"${NSAPP:-${app:-unknown}}\",\"status\":\"failed\",\"exit_code\":${exit_code}}" &>/dev/null || true
+}
+
+# ------------------------------------------------------------------------------
+# _stop_container_if_installing()
+#
+# - Stops the LXC container if we're in the install phase
+# - Prevents orphaned container processes when the host exits due to a signal
+#   (SSH disconnect, Ctrl+C, SIGTERM) — without this, the container keeps
+#   running and may send "configuring" status AFTER the host already sent
+#   "failed", leaving records permanently stuck in "configuring"
+# - Only acts when:
+#   * CONTAINER_INSTALLING flag is set (during lxc-attach in build_container)
+#   * CTID is set (container was created)
+#   * pct command is available (we're on the Proxmox host, not inside a container)
+# - Does NOT destroy the container — just stops it for potential debugging
+# ------------------------------------------------------------------------------
+_stop_container_if_installing() {
+  [[ "${CONTAINER_INSTALLING:-}" == "true" ]] || return 0
+  [[ -n "${CTID:-}" ]] || return 0
+  command -v pct &>/dev/null || return 0
+  pct stop "$CTID" 2>/dev/null || true
+}
+
+# ==============================================================================
+# SECTION 4: SIGNAL HANDLERS
 # ==============================================================================
 
 # ------------------------------------------------------------------------------
 # on_exit()
 #
-# - EXIT trap handler
-# - Cleans up lock files if lockfile variable is set
-# - Exits with captured exit code
-# - Always runs on script termination (success or failure)
-# - For signal exits (>128): sends telemetry FIRST before log collection
-#   to prevent pct pull hangs from blocking status updates
+# - EXIT trap handler — runs on EVERY script termination
+# - Catches orphaned "installing"/"configuring" records:
+#   * If post_to_api sent "installing" but post_update_to_api never ran
+#   * Reports final status to prevent records stuck forever
+# - Best-effort log collection for failed installs
+# - Stops orphaned container processes on failure
+# - Cleans up lock files
 # ------------------------------------------------------------------------------
 on_exit() {
   local exit_code=$?
+
   # Report orphaned "installing" records to telemetry API
-  # Catches ALL exit paths: errors (non-zero), signals, AND clean exits where
-  # post_to_api was called ("installing" sent) but post_update_to_api was never called
+  # Catches ALL exit paths: errors, signals, AND clean exits where
+  # post_to_api was called but post_update_to_api was never called
   if [[ "${POST_TO_API_DONE:-}" == "true" && "${POST_UPDATE_DONE:-}" != "true" ]]; then
-    if declare -f post_update_to_api >/dev/null 2>&1; then
-      # ALWAYS send telemetry FIRST - ensure status is reported even if
-      # ensure_log_on_host hangs (e.g. pct pull on dead/unresponsive container)
-      if [[ $exit_code -ne 0 ]]; then
-        post_update_to_api "failed" "$exit_code" 2>/dev/null || true
-      else
-        # exit_code=0 is never an error — report as success
-        post_update_to_api "done" "0" 2>/dev/null || true
-      fi
-      # Best-effort log collection with timeout (non-critical after telemetry is sent)
-      if declare -f ensure_log_on_host >/dev/null 2>&1; then
-        timeout 10 bash -c 'ensure_log_on_host' 2>/dev/null || true
-      fi
+    if [[ $exit_code -ne 0 ]]; then
+      _send_abort_telemetry "$exit_code"
+    elif declare -f post_update_to_api >/dev/null 2>&1; then
+      post_update_to_api "done" "0" 2>/dev/null || true
     fi
   fi
+
+  # Best-effort log collection on failure (non-critical, telemetry already sent)
+  if [[ $exit_code -ne 0 ]] && declare -f ensure_log_on_host >/dev/null 2>&1; then
+    ensure_log_on_host 2>/dev/null || true
+  fi
+
+  # Stop orphaned container if we're in the install phase and exiting with error
+  if [[ $exit_code -ne 0 ]]; then
+    _stop_container_if_installing
+  fi
+
   [[ -n "${lockfile:-}" && -e "$lockfile" ]] && rm -f "$lockfile"
   exit "$exit_code"
 }
@@ -362,22 +432,13 @@ on_exit() {
 # on_interrupt()
 #
 # - SIGINT (Ctrl+C) trap handler
-# - Reports to telemetry FIRST (time-critical: container may be dying)
-# - Displays "Interrupted by user" message
+# - Reports status FIRST (time-critical: container may be dying)
+# - Stops orphaned container to prevent "configuring" ghost records
 # - Exits with code 130 (128 + SIGINT=2)
-# - Output redirected to /dev/null fallback to prevent SIGPIPE on closed terminals
 # ------------------------------------------------------------------------------
 on_interrupt() {
-  # CRITICAL: Send telemetry FIRST before any cleanup or output
-  # If ensure_log_on_host hangs (e.g. pct pull on dying container),
-  # the status update would never be sent, leaving records stuck in "installing"
-  if declare -f post_update_to_api >/dev/null 2>&1; then
-    post_update_to_api "failed" "130" 2>/dev/null || true
-  fi
-  # Best-effort log collection with timeout (non-critical after telemetry is sent)
-  if declare -f ensure_log_on_host >/dev/null 2>&1; then
-    timeout 10 bash -c 'ensure_log_on_host' 2>/dev/null || true
-  fi
+  _send_abort_telemetry "130"
+  _stop_container_if_installing
   if declare -f msg_error >/dev/null 2>&1; then
     msg_error "Interrupted by user (SIGINT)" 2>/dev/null || true
   else
@@ -390,23 +451,13 @@ on_interrupt() {
 # on_terminate()
 #
 # - SIGTERM trap handler
-# - Reports to telemetry FIRST (time-critical: process being killed)
-# - Displays "Terminated by signal" message
+# - Reports status FIRST (time-critical: process being killed)
+# - Stops orphaned container to prevent "configuring" ghost records
 # - Exits with code 143 (128 + SIGTERM=15)
-# - Triggered by external process termination
-# - Output redirected to /dev/null fallback to prevent SIGPIPE on closed terminals
 # ------------------------------------------------------------------------------
 on_terminate() {
-  # CRITICAL: Send telemetry FIRST before any cleanup or output
-  # Same rationale as on_interrupt: ensure status gets reported even if
-  # ensure_log_on_host hangs or terminal is already closed
-  if declare -f post_update_to_api >/dev/null 2>&1; then
-    post_update_to_api "failed" "143" 2>/dev/null || true
-  fi
-  # Best-effort log collection with timeout (non-critical after telemetry is sent)
-  if declare -f ensure_log_on_host >/dev/null 2>&1; then
-    timeout 10 bash -c 'ensure_log_on_host' 2>/dev/null || true
-  fi
+  _send_abort_telemetry "143"
+  _stop_container_if_installing
   if declare -f msg_error >/dev/null 2>&1; then
     msg_error "Terminated by signal (SIGTERM)" 2>/dev/null || true
   else
@@ -415,8 +466,25 @@ on_terminate() {
   exit 143
 }
 
+# ------------------------------------------------------------------------------
+# on_hangup()
+#
+# - SIGHUP trap handler (SSH disconnect, terminal closed)
+# - CRITICAL: This was previously MISSING from catch_errors(), causing
+#   container processes to become orphans on SSH disconnect — the #1 cause
+#   of records stuck in "installing" and "configuring" states
+# - Reports status via direct curl (terminal is already closed, no output)
+# - Stops orphaned container to prevent ghost records
+# - Exits with code 129 (128 + SIGHUP=1)
+# ------------------------------------------------------------------------------
+on_hangup() {
+  _send_abort_telemetry "129"
+  _stop_container_if_installing
+  exit 129
+}
+
 # ==============================================================================
-# SECTION 4: INITIALIZATION
+# SECTION 5: INITIALIZATION
 # ==============================================================================
 
 # ------------------------------------------------------------------------------
@@ -428,10 +496,11 @@ on_terminate() {
 #   * set -o pipefail: Pipeline fails if any command fails
 #   * set -u: (optional) Exit on undefined variable (if STRICT_UNSET=1)
 # - Sets up traps:
-#   * ERR → error_handler
-#   * EXIT → on_exit
-#   * INT → on_interrupt
-#   * TERM → on_terminate
+#   * ERR  → error_handler (script errors)
+#   * EXIT → on_exit      (any termination — cleanup + orphan detection)
+#   * INT  → on_interrupt  (Ctrl+C)
+#   * TERM → on_terminate  (kill / systemd stop)
+#   * HUP  → on_hangup     (SSH disconnect / terminal closed)
 # - Call this function early in every script
 # ------------------------------------------------------------------------------
 catch_errors() {
@@ -444,4 +513,5 @@ catch_errors() {
   trap on_exit EXIT
   trap on_interrupt INT
   trap on_terminate TERM
+  trap on_hangup HUP
 }

misc/install.func

@@ -51,7 +51,9 @@ get_lxc_ip
 # post_progress_to_api()
 #
 # - Lightweight progress ping from inside the container
-# - Updates the existing telemetry record status from "installing" to "configuring"
+# - Updates the existing telemetry record status
+# - Arguments:
+#   * $1: status (optional, default: "configuring")
 # - Signals that the installation is actively progressing (not stuck)
 # - Fire-and-forget: never blocks or fails the script
 # - Only executes if DIAGNOSTICS=yes and RANDOM_UUID is set
@@ -61,9 +63,11 @@ post_progress_to_api() {
   [[ "${DIAGNOSTICS:-no}" == "no" ]] && return 0
   [[ -z "${RANDOM_UUID:-}" ]] && return 0
 
+  local progress_status="${1:-configuring}"
+
   curl -fsS -m 5 -X POST "https://telemetry.community-scripts.org/telemetry" \
     -H "Content-Type: application/json" \
-    -d "{\"random_id\":\"${RANDOM_UUID}\",\"execution_id\":\"${EXECUTION_ID:-${RANDOM_UUID}}\",\"type\":\"lxc\",\"nsapp\":\"${app:-unknown}\",\"status\":\"configuring\"}" &>/dev/null || true
+    -d "{\"random_id\":\"${RANDOM_UUID}\",\"execution_id\":\"${EXECUTION_ID:-${RANDOM_UUID}}\",\"type\":\"lxc\",\"nsapp\":\"${app:-unknown}\",\"status\":\"${progress_status}\"}" &>/dev/null || true
 }
 
 # ==============================================================================

misc/tools.func

@@ -3692,20 +3692,22 @@ _setup_intel_arc() {
     # Add non-free repos
     _add_debian_nonfree "$os_codename"
 
-    # Arc requires latest drivers - fetch from GitHub
-    # Order matters: libigdgmm first (dependency), then IGC, then compute-runtime
-    msg_info "Fetching Intel compute-runtime for Arc support"
+    # For Trixie/Sid: Fetch latest drivers from GitHub (Debian repo packages may be too old or missing)
+    # For Bookworm: Use repo packages (GitHub latest requires libstdc++6 >= 13.1, unavailable on Bookworm)
+    if [[ "$os_codename" == "trixie" || "$os_codename" == "sid" ]]; then
+      msg_info "Fetching Intel compute-runtime from GitHub for Arc support"
 
-    # libigdgmm - bundled in compute-runtime releases (Debian version often too old)
-    fetch_and_deploy_gh_release "libigdgmm12" "intel/compute-runtime" "binary" "latest" "" "libigdgmm12_*_amd64.deb" || true
+      # libigdgmm - bundled in compute-runtime releases
+      fetch_and_deploy_gh_release "libigdgmm12" "intel/compute-runtime" "binary" "latest" "" "libigdgmm12_*_amd64.deb" || true
 
-    # Intel Graphics Compiler (note: packages have -2 suffix)
-    fetch_and_deploy_gh_release "intel-igc-core" "intel/intel-graphics-compiler" "binary" "latest" "" "intel-igc-core-2_*_amd64.deb" || true
-    fetch_and_deploy_gh_release "intel-igc-opencl" "intel/intel-graphics-compiler" "binary" "latest" "" "intel-igc-opencl-2_*_amd64.deb" || true
+      # Intel Graphics Compiler (note: packages have -2 suffix)
+      fetch_and_deploy_gh_release "intel-igc-core" "intel/intel-graphics-compiler" "binary" "latest" "" "intel-igc-core-2_*_amd64.deb" || true
+      fetch_and_deploy_gh_release "intel-igc-opencl" "intel/intel-graphics-compiler" "binary" "latest" "" "intel-igc-opencl-2_*_amd64.deb" || true
 
-    # Compute Runtime (depends on IGC and gmmlib)
-    fetch_and_deploy_gh_release "intel-opencl-icd" "intel/compute-runtime" "binary" "latest" "" "intel-opencl-icd_*_amd64.deb" || true
-    fetch_and_deploy_gh_release "intel-level-zero-gpu" "intel/compute-runtime" "binary" "latest" "" "libze-intel-gpu1_*_amd64.deb" || true
+      # Compute Runtime (depends on IGC and gmmlib)
+      fetch_and_deploy_gh_release "intel-opencl-icd" "intel/compute-runtime" "binary" "latest" "" "intel-opencl-icd_*_amd64.deb" || true
+      fetch_and_deploy_gh_release "intel-level-zero-gpu" "intel/compute-runtime" "binary" "latest" "" "libze-intel-gpu1_*_amd64.deb" || true
+    fi
 
     $STD apt -y install \
       intel-media-va-driver-non-free \
@@ -3714,6 +3716,9 @@ _setup_intel_arc() {
       libmfx-gen1.2 \
       vainfo \
       intel-gpu-tools 2>/dev/null || msg_warn "Some Intel Arc packages failed"
+
+    # Bookworm has compatible versions of these packages in repos
+    [[ "$os_codename" == "bookworm" ]] && $STD apt -y install intel-opencl-icd libigdgmm12 2>/dev/null || true
   fi
 
   msg_ok "Intel Arc GPU configured"
@@ -4085,6 +4090,7 @@ Types: deb
 URIs: http://deb.debian.org/debian
 Suites: bullseye bullseye-updates
 Components: non-free
+Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
 EOF
     ;;
   bookworm)
@@ -4093,6 +4099,7 @@ Types: deb
 URIs: http://deb.debian.org/debian
 Suites: bookworm bookworm-updates
 Components: non-free non-free-firmware
+Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
 EOF
     ;;
   trixie | sid)
@@ -4101,11 +4108,13 @@ Types: deb
 URIs: http://deb.debian.org/debian
 Suites: trixie trixie-updates
 Components: non-free non-free-firmware
+Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
 
 Types: deb
 URIs: http://deb.debian.org/debian-security
 Suites: trixie-security
 Components: non-free non-free-firmware
+Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
 EOF
     ;;
   esac
@@ -4128,11 +4137,13 @@ Types: deb
 URIs: http://deb.debian.org/debian
 Suites: bullseye bullseye-updates
 Components: non-free
+Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
 
 Types: deb
 URIs: http://deb.debian.org/debian-security
 Suites: bullseye-security
 Components: non-free
+Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
 EOF
     ;;
   bookworm)
@@ -4141,11 +4152,13 @@ Types: deb
 URIs: http://deb.debian.org/debian
 Suites: bookworm bookworm-updates
 Components: non-free-firmware
+Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
 
 Types: deb
 URIs: http://deb.debian.org/debian-security
 Suites: bookworm-security
 Components: non-free-firmware
+Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
 EOF
     ;;
   trixie | sid)
@@ -4154,11 +4167,13 @@ Types: deb
 URIs: http://deb.debian.org/debian
 Suites: trixie trixie-updates
 Components: non-free-firmware
+Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
 
 Types: deb
 URIs: http://deb.debian.org/debian-security
 Suites: trixie-security
 Components: non-free-firmware
+Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
 EOF
     ;;
   esac

misc/vm-core.func

@@ -169,7 +169,7 @@ get_active_logfile() {
 # silent()
 #
 # - Executes command with output redirected to active log file
-# - On error: displays last 10 lines of log and exits with original exit code
+# - On error: displays last 20 lines of log and exits with original exit code
 # - Temporarily disables error trap to capture exit code correctly
 # - Sources explain_exit_code() for detailed error messages
 # ------------------------------------------------------------------------------
@@ -207,8 +207,8 @@ silent() {
     msg_custom "→" "${YWB}" "${cmd}"
 
     if [[ -s "$logfile" ]]; then
-      echo -e "\n${TAB}--- Last 10 lines of log ---"
-      tail -n 10 "$logfile"
+      echo -e "\n${TAB}--- Last 20 lines of log ---"
+      tail -n 20 "$logfile"
       echo -e "${TAB}----------------------------\n"
     fi
 

vm/archlinux-vm.sh

@@ -63,8 +63,9 @@ THIN="discard=on,ssd=1,"
 set -e
 trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
 trap cleanup EXIT
-trap 'post_update_to_api "failed" "INTERRUPTED"' SIGINT
-trap 'post_update_to_api "failed" "TERMINATED"' SIGTERM
+trap 'post_update_to_api "failed" "130"' SIGINT
+trap 'post_update_to_api "failed" "143"' SIGTERM
+trap 'post_update_to_api "failed" "129"; exit 129' SIGHUP
 function error_handler() {
   local exit_code="$?"
   local line_number="$1"

vm/debian-13-vm.sh

@@ -63,8 +63,9 @@ THIN="discard=on,ssd=1,"
 set -e
 trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
 trap cleanup EXIT
-trap 'post_update_to_api "failed" "INTERRUPTED"' SIGINT
-trap 'post_update_to_api "failed" "TERMINATED"' SIGTERM
+trap 'post_update_to_api "failed" "130"' SIGINT
+trap 'post_update_to_api "failed" "143"' SIGTERM
+trap 'post_update_to_api "failed" "129"; exit 129' SIGHUP
 function error_handler() {
   local exit_code="$?"
   local line_number="$1"

vm/debian-vm.sh

@@ -63,8 +63,9 @@ THIN="discard=on,ssd=1,"
 set -e
 trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
 trap cleanup EXIT
-trap 'post_update_to_api "failed" "INTERRUPTED"' SIGINT
-trap 'post_update_to_api "failed" "TERMINATED"' SIGTERM
+trap 'post_update_to_api "failed" "130"' SIGINT
+trap 'post_update_to_api "failed" "143"' SIGTERM
+trap 'post_update_to_api "failed" "129"; exit 129' SIGHUP
 function error_handler() {
   local exit_code="$?"
   local line_number="$1"

vm/docker-vm.sh

@@ -37,8 +37,9 @@ THIN="discard=on,ssd=1,"
 set -e
 trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
 trap cleanup EXIT
-trap 'post_update_to_api "failed" "INTERRUPTED"' SIGINT
-trap 'post_update_to_api "failed" "TERMINATED"' SIGTERM
+trap 'post_update_to_api "failed" "130"' SIGINT
+trap 'post_update_to_api "failed" "143"' SIGTERM
+trap 'post_update_to_api "failed" "129"; exit 129' SIGHUP
 
 function error_handler() {
   local exit_code="$?"

vm/haos-vm.sh

@@ -67,8 +67,9 @@ THIN="discard=on,ssd=1,"
 set -e
 trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
 trap cleanup EXIT
-trap 'post_update_to_api "failed" "INTERRUPTED"' SIGINT
-trap 'post_update_to_api "failed" "TERMINATED"' SIGTERM
+trap 'post_update_to_api "failed" "130"' SIGINT
+trap 'post_update_to_api "failed" "143"' SIGTERM
+trap 'post_update_to_api "failed" "129"; exit 129' SIGHUP
 function error_handler() {
   local exit_code="$?"
   local line_number="$1"

vm/mikrotik-routeros.sh

@@ -64,8 +64,9 @@ THIN="discard=on,ssd=1,"
 set -e
 trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
 trap cleanup EXIT
-trap 'post_update_to_api "failed" "INTERRUPTED"' SIGINT
-trap 'post_update_to_api "failed" "TERMINATED"' SIGTERM
+trap 'post_update_to_api "failed" "130"' SIGINT
+trap 'post_update_to_api "failed" "143"' SIGTERM
+trap 'post_update_to_api "failed" "129"; exit 129' SIGHUP
 function error_handler() {
   local exit_code="$?"
   local line_number="$1"

vm/nextcloud-vm.sh

@@ -63,8 +63,9 @@ THIN="discard=on,ssd=1,"
 set -e
 trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
 trap cleanup EXIT
-trap 'post_update_to_api "failed" "INTERRUPTED"' SIGINT
-trap 'post_update_to_api "failed" "TERMINATED"' SIGTERM
+trap 'post_update_to_api "failed" "130"' SIGINT
+trap 'post_update_to_api "failed" "143"' SIGTERM
+trap 'post_update_to_api "failed" "129"; exit 129' SIGHUP
 function error_handler() {
   local exit_code="$?"
   local line_number="$1"

vm/openwrt-vm.sh

@@ -68,8 +68,9 @@ CLOUD="${TAB}☁️${TAB}${CL}"
 set -Eeo pipefail
 trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
 trap cleanup EXIT
-trap 'post_update_to_api "failed" "INTERRUPTED"' SIGINT
-trap 'post_update_to_api "failed" "TERMINATED"' SIGTERM
+trap 'post_update_to_api "failed" "130"' SIGINT
+trap 'post_update_to_api "failed" "143"' SIGTERM
+trap 'post_update_to_api "failed" "129"; exit 129' SIGHUP
 function error_handler() {
   local exit_code="$?"
   local line_number="$1"

vm/opnsense-vm.sh

@@ -44,6 +44,9 @@ CROSS="${RD}✗${CL}"
 set -Eeo pipefail
 trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
 trap cleanup EXIT
+trap 'post_update_to_api "failed" "130"' SIGINT
+trap 'post_update_to_api "failed" "143"' SIGTERM
+trap 'post_update_to_api "failed" "129"; exit 129' SIGHUP
 function error_handler() {
   local exit_code="$?"
   local line_number="$1"

vm/owncloud-vm.sh

@@ -64,8 +64,9 @@ THIN="discard=on,ssd=1,"
 set -e
 trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
 trap cleanup EXIT
-trap 'post_update_to_api "failed" "INTERRUPTED"' SIGINT
-trap 'post_update_to_api "failed" "TERMINATED"' SIGTERM
+trap 'post_update_to_api "failed" "130"' SIGINT
+trap 'post_update_to_api "failed" "143"' SIGTERM
+trap 'post_update_to_api "failed" "129"; exit 129' SIGHUP
 function error_handler() {
   local exit_code="$?"
   local line_number="$1"

vm/pimox-haos-vm.sh

@@ -72,8 +72,9 @@ THIN="discard=on,ssd=1,"
 set -e
 trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
 trap cleanup EXIT
-trap 'post_update_to_api "failed" "INTERRUPTED"' SIGINT
-trap 'post_update_to_api "failed" "TERMINATED"' SIGTERM
+trap 'post_update_to_api "failed" "130"' SIGINT
+trap 'post_update_to_api "failed" "143"' SIGTERM
+trap 'post_update_to_api "failed" "129"; exit 129' SIGHUP
 function error_handler() {
   local exit_code="$?"
   local line_number="$1"

vm/truenas-vm.sh

@@ -62,8 +62,9 @@ CLOUD="${TAB}☁️${TAB}${CL}"
 set -e
 trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
 trap cleanup EXIT
-trap 'post_update_to_api "failed" "INTERRUPTED"' SIGINT
-trap 'post_update_to_api "failed" "TERMINATED"' SIGTERM
+trap 'post_update_to_api "failed" "130"' SIGINT
+trap 'post_update_to_api "failed" "143"' SIGTERM
+trap 'post_update_to_api "failed" "129"; exit 129' SIGHUP
 function error_handler() {
   local exit_code="$?"
   local line_number="$1"

vm/ubuntu2204-vm.sh

@@ -60,8 +60,9 @@ THIN="discard=on,ssd=1,"
 set -e
 trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
 trap cleanup EXIT
-trap 'post_update_to_api "failed" "INTERRUPTED"' SIGINT
-trap 'post_update_to_api "failed" "TERMINATED"' SIGTERM
+trap 'post_update_to_api "failed" "130"' SIGINT
+trap 'post_update_to_api "failed" "143"' SIGTERM
+trap 'post_update_to_api "failed" "129"; exit 129' SIGHUP
 function error_handler() {
   local exit_code="$?"
   local line_number="$1"

vm/ubuntu2404-vm.sh

@@ -63,8 +63,9 @@ THIN="discard=on,ssd=1,"
 set -e
 trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
 trap cleanup EXIT
-trap 'post_update_to_api "failed" "INTERRUPTED"' SIGINT
-trap 'post_update_to_api "failed" "TERMINATED"' SIGTERM
+trap 'post_update_to_api "failed" "130"' SIGINT
+trap 'post_update_to_api "failed" "143"' SIGTERM
+trap 'post_update_to_api "failed" "129"; exit 129' SIGHUP
 function error_handler() {
   local exit_code="$?"
   local line_number="$1"

vm/ubuntu2504-vm.sh

@@ -62,8 +62,9 @@ THIN="discard=on,ssd=1,"
 set -e
 trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
 trap cleanup EXIT
-trap 'post_update_to_api "failed" "INTERRUPTED"' SIGINT
-trap 'post_update_to_api "failed" "TERMINATED"' SIGTERM
+trap 'post_update_to_api "failed" "130"' SIGINT
+trap 'post_update_to_api "failed" "143"' SIGTERM
+trap 'post_update_to_api "failed" "129"; exit 129' SIGHUP
 function error_handler() {
   local exit_code="$?"
   local line_number="$1"

vm/umbrel-os-vm.sh

@@ -62,8 +62,9 @@ THIN="discard=on,ssd=1,"
 set -e
 trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
 trap cleanup EXIT
-trap 'post_update_to_api "failed" "INTERRUPTED"' SIGINT
-trap 'post_update_to_api "failed" "TERMINATED"' SIGTERM
+trap 'post_update_to_api "failed" "130"' SIGINT
+trap 'post_update_to_api "failed" "143"' SIGTERM
+trap 'post_update_to_api "failed" "129"; exit 129' SIGHUP
 function error_handler() {
   local exit_code="$?"
   local line_number="$1"