Update CHANGELOG.md (#13605)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

CHANGELOG.md

@@ -441,12 +441,31 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit
 
 ## 2026-04-08
 
+### 🆕 New Scripts
+
+  - IronClaw | Alpine-IronClaw ([#13591](https://github.com/community-scripts/ProxmoxVE/pull/13591))
+
 ### 🚀 Updated Scripts
 
   - #### 🐞 Bug Fixes
 
-    - Update flaresolverr-install.sh [@maztheman](https://github.com/maztheman) ([#13584](https://github.com/community-scripts/ProxmoxVE/pull/13584))
+    - immich: disable upgrade-insecure-requests CSP directive [@MickLesk](https://github.com/MickLesk) ([#13600](https://github.com/community-scripts/ProxmoxVE/pull/13600))
     - Immich: v2.7.2 [@vhsdream](https://github.com/vhsdream) ([#13579](https://github.com/community-scripts/ProxmoxVE/pull/13579))
+    - Update flaresolverr-install.sh [@maztheman](https://github.com/maztheman) ([#13584](https://github.com/community-scripts/ProxmoxVE/pull/13584))
+
+  - #### ✨ New Features
+
+    - bambuddy: add mkdir before data restore & add ffmpeg dependency [@MickLesk](https://github.com/MickLesk) ([#13601](https://github.com/community-scripts/ProxmoxVE/pull/13601))
+
+  - #### 🔧 Refactor
+
+    - feat: update UHF Server script to use setup_ffmpeg [@zackwithak13](https://github.com/zackwithak13) ([#13564](https://github.com/community-scripts/ProxmoxVE/pull/13564))
+
+### 💾 Core
+
+  - #### ✨ New Features
+
+    - core: add script page badges to descriptions | change donate URL [@MickLesk](https://github.com/MickLesk) ([#13596](https://github.com/community-scripts/ProxmoxVE/pull/13596))
 
 ## 2026-04-07
 

ct/bambuddy.sh

@@ -29,6 +29,8 @@ function update_script() {
     exit
   fi
 
+  ensure_dependencies ffmpeg
+
   if check_for_gh_release "bambuddy" "maziggy/bambuddy"; then
     msg_info "Stopping Service"
     systemctl stop bambuddy
@@ -54,6 +56,7 @@ function update_script() {
     msg_ok "Rebuilt Frontend"
 
     msg_info "Restoring Configuration and Data"
+    mkdir -p /opt/bambuddy/data
     cp /opt/bambuddy.env.bak /opt/bambuddy/.env
     cp -r /opt/bambuddy_data_bak/. /opt/bambuddy/data/
     rm -f /opt/bambuddy.env.bak

ct/headers/alpine-ironclaw

@@ -0,0 +1,6 @@
+    ___    __      _                  ____                 ________              
+   /   |  / /___  (_)___  ___        /  _/________  ____  / ____/ /___ __      __
+  / /| | / / __ \/ / __ \/ _ \______ / // ___/ __ \/ __ \/ /   / / __ `/ | /| / /
+ / ___ |/ / /_/ / / / / /  __/_____// // /  / /_/ / / / / /___/ / /_/ /| |/ |/ / 
+/_/  |_/_/ .___/_/_/ /_/\___/     /___/_/   \____/_/ /_/\____/_/\__,_/ |__/|__/  
+        /_/                                                                      

ct/headers/ironclaw

@@ -0,0 +1,6 @@
+    ____                 ________              
+   /  _/________  ____  / ____/ /___ __      __
+   / // ___/ __ \/ __ \/ /   / / __ `/ | /| / /
+ _/ // /  / /_/ / / / / /___/ / /_/ /| |/ |/ / 
+/___/_/   \____/_/ /_/\____/_/\__,_/ |__/|__/  
+                                               

ct/immich.sh

@@ -181,6 +181,12 @@ EOF
     unset SHARP_IGNORE_GLOBAL_LIBVIPS
     export SHARP_FORCE_GLOBAL_LIBVIPS=true
     $STD pnpm --filter immich --frozen-lockfile --prod --no-optional deploy "$APP_DIR"
+
+    # Patch helmet.json: disable upgrade-insecure-requests for HTTP access
+    if [[ -f "$APP_DIR/helmet.json" ]]; then
+      jq '.contentSecurityPolicy.directives["upgrade-insecure-requests"] = null' "$APP_DIR/helmet.json" >"$APP_DIR/helmet.json.tmp" && mv "$APP_DIR/helmet.json.tmp" "$APP_DIR/helmet.json"
+    fi
+
     cp "$APP_DIR"/package.json "$APP_DIR"/bin
     sed -i "s|^start|${APP_DIR}/bin/start|" "$APP_DIR"/bin/immich-admin
 

ct/uhf.sh

@@ -38,8 +38,14 @@ function update_script() {
     $STD apt -y upgrade
     msg_ok "Updated LXC"
 
+    msg_info "Updating UHF Server"
+    if dpkg -l ffmpeg 2>&1 | grep -q "ii"; then
+      apt remove ffmpeg -y && apt autoremove -y
+    fi
+    setup_ffmpeg
     fetch_and_deploy_gh_release "comskip" "swapplications/comskip" "prebuild" "latest" "/opt/comskip" "comskip-x64-*.zip"
     fetch_and_deploy_gh_release "uhf-server" "swapplications/uhf-server-dist" "prebuild" "latest" "/opt/uhf-server" "UHF.Server-linux-x64-*.zip"
+    msg_ok "Updated UHF Server"
 
     msg_info "Starting Service"
     systemctl start uhf-server

install/bambuddy-install.sh

@@ -14,7 +14,7 @@ network_check
 update_os
 
 msg_info "Installing Dependencies"
-$STD apt install -y libglib2.0-0
+$STD apt install -y libglib2.0-0 ffmpeg
 msg_ok "Installed Dependencies"
 
 PYTHON_VERSION="3.13" setup_uv

install/immich-install.sh

@@ -312,6 +312,12 @@ $STD pnpm --filter immich --frozen-lockfile build
 unset SHARP_IGNORE_GLOBAL_LIBVIPS
 export SHARP_FORCE_GLOBAL_LIBVIPS=true
 $STD pnpm --filter immich --frozen-lockfile --prod --no-optional deploy "$APP_DIR"
+
+# Patch helmet.json: disable upgrade-insecure-requests for HTTP access
+if [[ -f "$APP_DIR/helmet.json" ]]; then
+  jq '.contentSecurityPolicy.directives["upgrade-insecure-requests"] = null' "$APP_DIR/helmet.json" >"$APP_DIR/helmet.json.tmp" && mv "$APP_DIR/helmet.json.tmp" "$APP_DIR/helmet.json"
+fi
+
 cp "$APP_DIR"/package.json "$APP_DIR"/bin
 sed -i "s|^start|${APP_DIR}/bin/start|" "$APP_DIR"/bin/immich-admin
 

install/uhf-install.sh

@@ -15,7 +15,7 @@ update_os
 setup_hwaccel
 
 msg_info "Installing Dependencies"
-$STD apt install -y ffmpeg
+setup_ffmpeg
 msg_ok "Installed Dependencies"
 
 msg_info "Setting Up UHF Server Environment"

misc/build.func

@@ -5906,6 +5906,12 @@ create_lxc_container() {
 # ------------------------------------------------------------------------------
 description() {
   IP=$(pct exec "$CTID" ip a s dev eth0 | awk '/inet / {print $2}' | cut -d/ -f1)
+  local script_slug script_url donate_url
+
+  script_slug="${SCRIPT_SLUG:-${NSAPP}}"
+  script_slug="$(echo "$script_slug" | tr '[:upper:]' '[:lower:]' | tr ' ' '-')"
+  script_url="https://community-scripts.org/scripts/${script_slug}"
+  donate_url="https://community-scripts.org/donate"
 
   # Generate LXC Description
   DESCRIPTION=$(
@@ -5918,8 +5924,14 @@ description() {
   <h2 style='font-size: 24px; margin: 20px 0;'>${APP} LXC</h2>
 
   <p style='margin: 16px 0;'>
-    <a href='https://ko-fi.com/community_scripts' target='_blank' rel='noopener noreferrer'>
-      <img src='https://img.shields.io/badge/&#x2615;-Buy us a coffee-blue' alt='spend Coffee' />
+    <a href='${donate_url}' target='_blank' rel='noopener noreferrer'>
+      <img src='https://img.shields.io/badge/❤️-Sponsoring%20%26%20Donations-FF5E5B' alt='Sponsoring and donations' />
+    </a>
+  </p>
+
+  <p style='margin: 12px 0;'>
+    <a href='${script_url}' target='_blank' rel='noopener noreferrer'>
+      <img src='https://img.shields.io/badge/📦-Open%20Script%20Page-00617f' alt='Open script page' />
     </a>
   </p>
 

misc/vm-core.func

@@ -577,6 +577,13 @@ check_hostname_conflict() {
 }
 
 set_description() {
+  local app_name script_slug script_url donate_url
+  app_name=$(echo "${APP,,}" | tr ' ' '-')
+  script_slug="${SCRIPT_SLUG:-${app_name}}"
+  script_slug="$(echo "$script_slug" | tr '[:upper:]' '[:lower:]' | tr ' ' '-')"
+  script_url="https://community-scripts.org/scripts/${script_slug}"
+  donate_url="https://community-scripts.org/donate"
+
   DESCRIPTION=$(
     cat <<EOF
 <div align='center'>
@@ -587,8 +594,14 @@ set_description() {
   <h2 style='font-size: 24px; margin: 20px 0;'>${NSAPP} VM</h2>
 
   <p style='margin: 16px 0;'>
-    <a href='https://ko-fi.com/community_scripts' target='_blank' rel='noopener noreferrer'>
-      <img src='https://img.shields.io/badge/&#x2615;-Buy us a coffee-blue' alt='spend Coffee' />
+    <a href='${donate_url}' target='_blank' rel='noopener noreferrer'>
+      <img src='https://img.shields.io/badge/❤️-Sponsoring%20%26%20Donations-FF5E5B' alt='Sponsoring and donations' />
+    </a>
+  </p>
+
+  <p style='margin: 12px 0;'>
+    <a href='${script_url}' target='_blank' rel='noopener noreferrer'>
+      <img src='https://img.shields.io/badge/📦-Open%20Script%20Page-00617f' alt='Open script page' />
     </a>
   </p>