Alpine-Nextcloud: Upgrade PHP and dependencies in installation script

CHANGELOG.md

@@ -480,20 +480,6 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit
 
 </details>
 
-## 2026-06-11
-
-### 🚀 Updated Scripts
-
-  - #### 🐞 Bug Fixes
-
-    - Fix for cross-seed after node upgrade [@TorinFrancis](https://github.com/TorinFrancis) ([#15025](https://github.com/community-scripts/ProxmoxVE/pull/15025))
-
-### 💾 Core
-
-  - #### ✨ New Features
-
-    - misc scripts: add support for arm64 [@asylumexp](https://github.com/asylumexp) ([#12639](https://github.com/community-scripts/ProxmoxVE/pull/12639))
-
 ## 2026-06-10
 
 ### 🆕 New Scripts

ct/cross-seed.sh

@@ -25,7 +25,7 @@ function update_script() {
   check_container_storage
   check_container_resources
 
-  NODE_VERSION="24" setup_nodejs
+  NODE_VERSION="26" setup_nodejs
   ensure_dependencies build-essential
 
   if command -v cross-seed &>/dev/null; then

ct/headers/postiz

@@ -1,6 +0,0 @@
-    ____             __  _    
-   / __ \____  _____/ /_(_)___
-  / /_/ / __ \/ ___/ __/ /_  /
- / ____/ /_/ (__  ) /_/ / / /_
-/_/    \____/____/\__/_/ /___/
-                              

ct/postiz.sh

@@ -1,83 +0,0 @@
-#!/usr/bin/env bash
-source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
-
-# Copyright (c) 2021-2026 community-scripts ORG
-# Author: MickLesk (CanbiZ)
-# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
-# Source: https://github.com/gitroomhq/postiz-app
-
-APP="Postiz"
-var_tags="${var_tags:-social-media;scheduling;automation}"
-var_cpu="${var_cpu:-4}"
-var_ram="${var_ram:-8192}"
-var_disk="${var_disk:-20}"
-var_os="${var_os:-debian}"
-var_version="${var_version:-13}"
-var_arm64="${var_arm64:-no}"
-var_unprivileged="${var_unprivileged:-1}"
-
-header_info "$APP"
-variables
-color
-catch_errors
-
-function update_script() {
-  header_info
-  check_container_storage
-  check_container_resources
-
-  if [[ ! -d /opt/postiz ]]; then
-    msg_error "No ${APP} Installation Found!"
-    exit
-  fi
-
-  if check_for_gh_release "postiz" "gitroomhq/postiz-app"; then
-    msg_info "Stopping Services"
-    systemctl stop postiz-orchestrator postiz-frontend postiz-backend
-    msg_ok "Stopped Services"
-
-    msg_info "Backing up Data"
-    cp /opt/postiz/.env /opt/postiz_env.bak
-    cp -r /opt/postiz/uploads /opt/postiz_uploads.bak 2>/dev/null || true
-    msg_ok "Backed up Data"
-
-    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "postiz" "gitroomhq/postiz-app" "tarball"
-
-    msg_info "Building Application"
-    cd /opt/postiz
-    cp /opt/postiz_env.bak /opt/postiz/.env
-    set -a && source /opt/postiz/.env && set +a
-    export NODE_OPTIONS="--max-old-space-size=4096"
-    $STD pnpm install
-    $STD pnpm run build
-    unset NODE_OPTIONS
-    msg_ok "Built Application"
-
-    msg_info "Running Database Migrations"
-    cd /opt/postiz
-    $STD pnpm run prisma-db-push
-    msg_ok "Ran Database Migrations"
-
-    msg_info "Restoring Data"
-    mkdir -p /opt/postiz/uploads
-    cp -r /opt/postiz_uploads.bak/. /opt/postiz/uploads 2>/dev/null || true
-    rm -f /opt/postiz_env.bak
-    rm -rf /opt/postiz_uploads.bak
-    msg_ok "Restored Data"
-
-    msg_info "Starting Services"
-    systemctl start postiz-backend postiz-frontend postiz-orchestrator
-    msg_ok "Started Services"
-    msg_ok "Updated successfully!"
-  fi
-  exit
-}
-
-start
-build_container
-description
-
-msg_ok "Completed Successfully!\n"
-echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
-echo -e "${INFO}${YW} Access it using the following URL:${CL}"
-echo -e "${TAB}${GATEWAY}${BGN}http://${IP}${CL}"

install/alpine-nextcloud-install.sh

@@ -14,24 +14,24 @@ network_check
 update_os
 
 msg_info "Installing Dependencies"
-$STD apk add openssl
-$STD apk add nginx
+$STD apk add \
+  openssl \
+  nginx
 msg_ok "Installed Dependencies"
 
 msg_info "Installing PHP/Redis"
-$STD apk add php83-opcache
-$STD apk add php83-redis
-$STD apk add php83-apcu
-$STD apk add php83-fpm
-$STD apk add php83-sysvsem
-$STD apk add php83-ftp
-$STD apk add php83-pecl-smbclient
-$STD apk add php83-pecl-imagick
-$STD apk add php83-pecl-vips
-$STD apk add php83-exif
-$STD apk add php83-sodium
-$STD apk add php83-bz2
-$STD apk add redis
+$STD apk add \
+  php85-pecl-redis \
+  php85-pecl-apcu \
+  php85-fpm \
+  php85-sysvsem \
+  php85-ftp \
+  php85-pecl-smbclient \
+  php85-pecl-imagick \
+  php85-exif \
+  php85-sodium \
+  php85-bz2 \
+  redis
 msg_ok "Installed PHP/Redis"
 
 msg_info "Installing MySQL Database"
@@ -134,42 +134,43 @@ server {
         location ^~ /.well-known/nodeinfo { return 301 /index.php/.well-known/nodeinfo; }
 }
 EOF
-sed -i -e 's|memory_limit = 128M|memory_limit = 512M|; $aapc.enable_cli=1' /etc/php83/php.ini
-sed -i -e 's|upload_max_file_size = 2M|upload_max_file_size = 16G|' /etc/php83/php.ini
-sed -i -E '/^php_admin_(flag|value)\[opcache/s/^/;/' /etc/php83/php-fpm.d/nextcloud.conf
+sed -i -e 's|memory_limit = 128M|memory_limit = 512M|; $aapc.enable_cli=1' /etc/php85/php.ini
+sed -i -e 's|upload_max_file_size = 2M|upload_max_file_size = 16G|' /etc/php85/php.ini
+sed -i -E '/^php_admin_(flag|value)\[opcache/s/^/;/' /etc/php85/fpm.d/nextcloud.conf
 sed -i -e 's| js;| mjs js;|' /etc/nginx/mime.types
 msg_ok "Installed Nextcloud"
 
 msg_info "Adding Additional Nextcloud Packages"
-$STD apk add nextcloud-occ
-$STD apk add nextcloud-default-apps
-$STD apk add nextcloud-activity
-$STD apk add nextcloud-admin_audit
-$STD apk add nextcloud-comments
-$STD apk add nextcloud-dashboard
-$STD apk add nextcloud-doc
-$STD apk add nextcloud-encryption
-$STD apk add nextcloud-federation
-$STD apk add nextcloud-files_external
-$STD apk add nextcloud-files_sharing
-$STD apk add nextcloud-files_trashbin
-$STD apk add nextcloud-files_versions
-$STD apk add nextcloud-notifications
-$STD apk add nextcloud-sharebymail
-$STD apk add nextcloud-suspicious_login
-$STD apk add nextcloud-support
-$STD apk add nextcloud-systemtags
-$STD apk add nextcloud-user_status
-$STD apk add nextcloud-weather_status
+$STD apk add \
+  nextcloud-occ \
+  nextcloud-default-apps \
+  nextcloud-activity \
+  nextcloud-admin_audit \
+  nextcloud-comments \
+  nextcloud-dashboard \
+  nextcloud-doc \
+  nextcloud-encryption \
+  nextcloud-federation \
+  nextcloud-files_external \
+  nextcloud-files_sharing \
+  nextcloud-files_trashbin \
+  nextcloud-files_versions \
+  nextcloud-notifications \
+  nextcloud-sharebymail \
+  nextcloud-suspicious_login \
+  nextcloud-support \
+  nextcloud-systemtags \
+  nextcloud-user_status \
+  nextcloud-weather_status
 msg_ok "Added Additional Nextcloud Packages"
 
 msg_info "Starting Services"
 $STD rc-service redis start
 $STD rc-update add redis default
-$STD rc-service php-fpm83 start
+$STD rc-service php-fpm85 start
 chown -R nextcloud:www-data /var/log/nextcloud/
 chown -R nextcloud:www-data /usr/share/webapps/nextcloud/
-$STD rc-service php-fpm83 restart
+$STD rc-service php-fpm85 restart
 $STD rc-service nginx start
 $STD rc-service nextcloud start
 $STD rc-update add nginx default
@@ -179,16 +180,16 @@ msg_ok "Started Services"
 msg_info "Start Nextcloud Setup-Wizard"
 echo -e "export VISUAL=nano\nexport EDITOR=nano" >>/etc/profile
 cd /usr/share/webapps/nextcloud
-$STD su nextcloud -s /bin/sh -c "php83 occ maintenance:install \
+$STD su nextcloud -s /bin/sh -c "php85 occ maintenance:install \
 --database='mysql' --database-name $DB_NAME \
 --database-user '$DB_USER' --database-pass '$DB_PASS' \
 --admin-user '$ADMIN_USER' --admin-pass '$ADMIN_PASS' \
 --data-dir '/var/lib/nextcloud/data'"
-$STD su nextcloud -s /bin/sh -c 'php83 occ background:cron'
+$STD su nextcloud -s /bin/sh -c 'php85 occ background:cron'
 rm -rf /usr/share/webapps/nextcloud/apps/serverinfo
 IP4=$(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1)
 sed -i "/0 => \'localhost\',/a \    \1 => '$IP4'," /usr/share/webapps/nextcloud/config/config.php
-su nextcloud -s /bin/sh -c 'php83 -f /usr/share/webapps/nextcloud/cron.php'
+su nextcloud -s /bin/sh -c 'php85 -f /usr/share/webapps/nextcloud/cron.php'
 msg_ok "Finished Nextcloud Setup-Wizard"
 
 motd_ssh

install/cross-seed-install.sh

@@ -17,7 +17,7 @@ msg_info "Installing Dependencies"
 $STD apt install -y build-essential
 msg_ok "Installed Dependencies"
 
-NODE_VERSION="24" setup_nodejs
+NODE_VERSION="26" setup_nodejs
 
 msg_info "Setup Cross-Seed"
 $STD npm install cross-seed@latest -g

install/postiz-install.sh

@@ -1,251 +0,0 @@
-#!/usr/bin/env bash
-
-# Copyright (c) 2021-2026 community-scripts ORG
-# Author: MickLesk (CanbiZ)
-# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
-# Source: https://github.com/gitroomhq/postiz-app
-
-source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
-color
-verb_ip6
-catch_errors
-setting_up_container
-network_check
-update_os
-
-msg_info "Installing Dependencies"
-$STD apt install -y \
-  build-essential \
-  python3 \
-  redis-server \
-  nginx
-msg_ok "Installed Dependencies"
-
-PG_VERSION="17" setup_postgresql
-PG_DB_NAME="postiz" PG_DB_USER="postiz" setup_postgresql_db
-NODE_VERSION="24" setup_nodejs
-
-fetch_and_deploy_gh_release "temporal" "temporalio/cli" "prebuild" "latest" "/opt/temporal" "temporal_cli_*_linux_amd64.tar.gz"
-chmod +x /opt/temporal/temporal
-
-fetch_and_deploy_gh_release "postiz" "gitroomhq/postiz-app" "tarball"
-
-msg_info "Installing pnpm"
-PNPM_VERSION=$(sed -n 's/.*"packageManager":\s*"pnpm@\([^"]*\)".*/\1/p' /opt/postiz/package.json)
-$STD npm install -g "pnpm@${PNPM_VERSION}"
-msg_ok "Installed pnpm"
-
-msg_info "Configuring Application"
-JWT_SECRET=$(openssl rand -base64 32)
-mkdir -p /opt/postiz/uploads
-cat <<EOF >/opt/postiz/.env
-DATABASE_URL=postgresql://${PG_DB_USER}:${PG_DB_PASS}@localhost:5432/${PG_DB_NAME}
-REDIS_URL=redis://localhost:6379
-JWT_SECRET=${JWT_SECRET}
-MAIN_URL=http://${LOCAL_IP}
-FRONTEND_URL=http://${LOCAL_IP}
-NEXT_PUBLIC_BACKEND_URL=http://${LOCAL_IP}/api
-BACKEND_INTERNAL_URL=http://localhost:3000
-NOT_SECURED=true
-TEMPORAL_ADDRESS=localhost:7233
-IS_GENERAL=true
-STORAGE_PROVIDER=local
-UPLOAD_DIRECTORY=/opt/postiz/uploads
-NEXT_PUBLIC_UPLOAD_DIRECTORY=/uploads
-NX_ADD_PLUGINS=false
-EOF
-msg_ok "Configured Application"
-
-msg_info "Building Application"
-cd /opt/postiz
-set -a && source /opt/postiz/.env && set +a
-export NODE_OPTIONS="--max-old-space-size=4096"
-$STD pnpm install
-$STD pnpm run build
-unset NODE_OPTIONS
-msg_ok "Built Application"
-
-msg_info "Running Database Migrations"
-cd /opt/postiz
-set -a && source /opt/postiz/.env && set +a
-$STD pnpm run prisma-db-push
-msg_ok "Ran Database Migrations"
-
-msg_info "Creating Services"
-PNPM_BIN="$(command -v pnpm)"
-
-cat <<EOF >/etc/systemd/system/postiz-temporal.service
-[Unit]
-Description=Temporal Dev Server (Postiz)
-After=network.target
-
-[Service]
-Type=simple
-User=root
-ExecStart=/opt/temporal/temporal server start-dev --db-filename /opt/temporal/temporal.db --log-format json --log-level warn
-Restart=on-failure
-RestartSec=5
-
-[Install]
-WantedBy=multi-user.target
-EOF
-
-cat <<EOF >/etc/systemd/system/postiz-backend.service
-[Unit]
-Description=Postiz Backend
-After=network.target postgresql.service redis-server.service postiz-temporal.service
-Requires=postgresql.service redis-server.service
-
-[Service]
-Type=simple
-User=root
-WorkingDirectory=/opt/postiz
-EnvironmentFile=/opt/postiz/.env
-ExecStart=${PNPM_BIN} run start:prod:backend
-Environment=NODE_OPTIONS=--max-old-space-size=512
-Restart=on-failure
-RestartSec=5
-
-[Install]
-WantedBy=multi-user.target
-EOF
-
-cat <<EOF >/etc/systemd/system/postiz-frontend.service
-[Unit]
-Description=Postiz Frontend
-After=network.target postiz-backend.service
-
-[Service]
-Type=simple
-User=root
-WorkingDirectory=/opt/postiz
-EnvironmentFile=/opt/postiz/.env
-Environment=PORT=4200
-ExecStart=${PNPM_BIN} run start:prod:frontend
-Environment=NODE_OPTIONS=--max-old-space-size=512
-Restart=on-failure
-RestartSec=5
-
-[Install]
-WantedBy=multi-user.target
-EOF
-
-cat <<EOF >/etc/systemd/system/postiz-orchestrator.service
-[Unit]
-Description=Postiz Orchestrator
-After=network.target postiz-temporal.service postiz-backend.service
-Requires=postiz-temporal.service
-
-[Service]
-Type=simple
-User=root
-WorkingDirectory=/opt/postiz
-EnvironmentFile=/opt/postiz/.env
-ExecStart=${PNPM_BIN} run start:prod:orchestrator
-Environment=NODE_OPTIONS=--max-old-space-size=384
-Restart=on-failure
-RestartSec=5
-
-[Install]
-WantedBy=multi-user.target
-EOF
-
-systemctl enable -q --now redis-server postiz-temporal postiz-backend postiz-frontend postiz-orchestrator
-msg_ok "Created Services"
-
-msg_info "Creating Helper Scripts"
-cat <<'EOF' >/usr/local/bin/postiz-rebuild
-#!/usr/bin/env bash
-echo "=== Postiz Rebuild ==="
-echo "Stopping services..."
-systemctl stop postiz-orchestrator postiz-frontend postiz-backend
-
-cd /opt/postiz
-set -a && source /opt/postiz/.env && set +a
-export NODE_OPTIONS="--max-old-space-size=4096"
-
-echo "Building application (this may take a while)..."
-pnpm run build
-BUILD_RC=$?
-unset NODE_OPTIONS
-
-if [[ $BUILD_RC -ne 0 ]]; then
-  echo "ERROR: Build failed! Check the output above."
-  echo "Starting services with previous build..."
-  systemctl start postiz-backend postiz-frontend postiz-orchestrator
-  exit 1
-fi
-
-echo "Running database migrations..."
-pnpm run prisma-db-push
-
-echo "Starting services..."
-systemctl start postiz-backend postiz-frontend postiz-orchestrator
-echo "=== Rebuild complete ==="
-EOF
-chmod +x /usr/local/bin/postiz-rebuild
-msg_ok "Created Helper Scripts"
-
-msg_info "Configuring Nginx"
-cat <<EOF >/etc/nginx/sites-available/postiz
-server {
-  listen 80 default_server;
-  server_name _;
-
-  client_max_body_size 100M;
-
-  gzip on;
-  gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
-
-  location /api/ {
-    proxy_pass http://127.0.0.1:3000/;
-    proxy_http_version 1.1;
-    proxy_set_header Upgrade \$http_upgrade;
-    proxy_set_header Connection "upgrade";
-    proxy_set_header Host \$host;
-    proxy_set_header X-Real-IP \$remote_addr;
-    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
-    proxy_set_header X-Forwarded-Proto \$scheme;
-    proxy_set_header Reload \$http_reload;
-    proxy_set_header Onboarding \$http_onboarding;
-    proxy_set_header Activate \$http_activate;
-    proxy_set_header Auth \$http_auth;
-    proxy_set_header Showorg \$http_showorg;
-    proxy_set_header Impersonate \$http_impersonate;
-    proxy_set_header Accept-Language \$http_accept_language;
-  }
-
-  location /uploads/ {
-    alias /opt/postiz/uploads/;
-  }
-
-  location / {
-    proxy_pass http://127.0.0.1:4200/;
-    proxy_http_version 1.1;
-    proxy_set_header Upgrade \$http_upgrade;
-    proxy_set_header Connection "upgrade";
-    proxy_set_header Host \$host;
-    proxy_set_header X-Real-IP \$remote_addr;
-    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
-    proxy_set_header X-Forwarded-Proto \$scheme;
-    proxy_set_header Reload \$http_reload;
-    proxy_set_header Onboarding \$http_onboarding;
-    proxy_set_header Activate \$http_activate;
-    proxy_set_header Auth \$http_auth;
-    proxy_set_header Showorg \$http_showorg;
-    proxy_set_header Impersonate \$http_impersonate;
-    proxy_set_header Accept-Language \$http_accept_language;
-    proxy_set_header i18next \$http_i18next;
-  }
-}
-EOF
-ln -sf /etc/nginx/sites-available/postiz /etc/nginx/sites-enabled/postiz
-rm -f /etc/nginx/sites-enabled/default
-$STD nginx -t
-systemctl enable -q nginx
-systemctl reload -q nginx
-msg_ok "Configured Nginx"
-
-motd_ssh
-customize
-cleanup_lxc

misc/api.func

@@ -196,7 +196,7 @@ explain_exit_code() {
   103) echo "Validation: Shell is not Bash" ;;
   104) echo "Validation: Not running as root (or invoked via sudo)" ;;
   105) echo "Validation: Proxmox VE version not supported" ;;
-  106) echo "Validation: Unsupported architecture (requires amd64 or arm64)" ;;
+  106) echo "Validation: Architecture not supported (ARM / PiMox)" ;;
   107) echo "Validation: Kernel key parameters unreadable" ;;
   108) echo "Validation: Kernel key limits exceeded" ;;
   109) echo "Proxmox: No available container ID after max attempts" ;;

misc/build.func

@@ -52,11 +52,6 @@ variables() {
   # as "/tmp/${NSAPP}-${CTID}-${SESSION_ID}.log" (requires CTID, not available here)
   CTTYPE="${CTTYPE:-${CT_TYPE:-1}}"
 
-  # ARM64 Template default variables
-  DEBIAN_DEFAULT_CODENAME="trixie"
-  UBUNTU_DEFAULT_CODENAME="noble"
-  ALPINE_DEFAULT_VERSION="3.23"
-
   # Parse dev_mode early
   parse_dev_mode
 
@@ -1941,7 +1936,7 @@ advanced_settings() {
 
     # ═══════════════════════════════════════════════════════════════════════════
     # STEP 2: Root Password
-    # ═══════════════════════════════════════════════════════════════════════════
+    # ════════════════════════════════════════���═══════════════════════════════���══
     2)
       if PW1=$(whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
         --title "ROOT PASSWORD" \
@@ -3051,9 +3046,6 @@ echo_default() {
   echo -e "${DISKSIZE}${BOLD}${DGN}Disk Size: ${BGN}${DISK_SIZE} GB${CL}"
   echo -e "${CPUCORE}${BOLD}${DGN}CPU Cores: ${BGN}${CORE_COUNT}${CL}"
   echo -e "${RAMSIZE}${BOLD}${DGN}RAM Size: ${BGN}${RAM_SIZE} MiB${CL}"
-  if [[ "$(dpkg --print-architecture)" == "arm64" ]]; then
-    echo -e "${INFO}${BOLD}${DGN}Architecture: ${BGN}arm64${CL}"
-  fi
   if [[ -n "${var_gpu:-}" && "${var_gpu}" == "yes" ]]; then
     echo -e "${GPU}${BOLD}${DGN}GPU Passthrough: ${BGN}Enabled${CL}"
   fi
@@ -3090,9 +3082,7 @@ install_script() {
   pve_check
   shell_check
   root_check
-  ensure_whiptail
   arch_check
-  arm64_notice
   ssh_check
   maxkeys_check
   diagnostics_check
@@ -4365,23 +4355,19 @@ EOF
       msg_warn "Skipping timezone setup – zone '$tz' not found in container"
     fi
 
-    local _base_pkgs="sudo curl mc gnupg2 jq"
-    if [[ "${ARCH:-amd64}" == "arm64" ]]; then
-      _base_pkgs+=" openssh-server wget gcc"
-    fi
-
     # Detect broken DNS resolver (e.g. Tailscale MagicDNS) and inject public DNS
     if ! pct exec "$CTID" -- bash -c "getent hosts deb.debian.org >/dev/null 2>&1 && getent hosts archive.ubuntu.com >/dev/null 2>&1"; then
       msg_warn "APT repository DNS resolution failed in container, injecting public DNS servers"
       pct exec "$CTID" -- bash -c "echo -e 'nameserver 8.8.8.8\nnameserver 1.1.1.1' >/etc/resolv.conf"
     fi
 
-    pct exec "$CTID" -- bash -c "apt-get update 2>&1 && apt-get install -y ${_base_pkgs} 2>&1" >>"$BUILD_LOG" 2>&1 || {
+    pct exec "$CTID" -- bash -c "apt-get update 2>&1 && apt-get install -y sudo curl mc gnupg2 jq 2>&1" >>"$BUILD_LOG" 2>&1 || {
       local failed_mirror
       failed_mirror=$(pct exec "$CTID" -- bash -c "grep -m1 -oP '(?<=URIs: https?://)[^/]+' /etc/apt/sources.list.d/debian.sources 2>/dev/null || grep -m1 -oP '(?<=deb https?://)[^/]+' /etc/apt/sources.list 2>/dev/null" 2>/dev/null || echo "unknown")
       msg_warn "apt-get update failed (${failed_mirror}), trying alternate mirrors..."
       local mirror_exit=0
-      pct exec "$CTID" -- env APT_BASE="$_base_pkgs" bash -c '
+      pct exec "$CTID" -- bash -c '
+        APT_BASE="sudo curl mc gnupg2 jq"
         DISTRO=$(. /etc/os-release 2>/dev/null && echo "$ID" || echo "debian")
 
         if [ "$DISTRO" = "ubuntu" ]; then
@@ -4491,7 +4477,7 @@ EOF
               [ -f \"\$src\" ] && sed -i \"s|URIs: http[s]*://[^/]*/|URIs: http://${custom_mirror}/|g; s|deb http[s]*://[^/]*/|deb http://${custom_mirror}/|g\" \"\$src\"
             done
             rm -rf /var/lib/apt/lists/*
-            apt-get update >/dev/null 2>&1 && apt-get install -y ${_base_pkgs} >/dev/null 2>&1
+            apt-get update >/dev/null 2>&1 && apt-get install -y sudo curl mc gnupg2 jq >/dev/null 2>&1
           " && break
           msg_warn "Mirror '${custom_mirror}' also failed. Try another or type 'skip'."
         done
@@ -4531,9 +4517,7 @@ EOF
     # that sends "configuring" status AFTER the host already reported "failed"
     export CONTAINER_INSTALLING=true
 
-    local _install_script
-    _install_script="$(curl -fsSL "https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/install/${var_install}.sh")"
-    lxc-attach -n "$CTID" -- bash -c "$_install_script"
+    lxc-attach -n "$CTID" -- bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/install/${var_install}.sh)"
     local lxc_exit=$?
 
     unset CONTAINER_INSTALLING
@@ -4928,9 +4912,7 @@ EOF
           # Re-run install script in existing container (don't destroy/recreate)
           set +Eeuo pipefail
           trap - ERR
-          local _install_script
-          _install_script="$(curl -fsSL "https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/install/${var_install}.sh")"
-          lxc-attach -n "$CTID" -- bash -c "$_install_script"
+          lxc-attach -n "$CTID" -- bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/install/${var_install}.sh)"
           local apt_retry_exit=$?
           set -Eeuo pipefail
           trap 'error_handler' ERR
@@ -5688,72 +5670,6 @@ create_lxc_container() {
     esac
   }
 
-  ARCH="$(dpkg --print-architecture)"
-
-  # Maps OS type + version to the release variant name used by ARM64 template sources.
-  arm64_template_variant() {
-    case "$1:$2" in
-      debian:12) echo "bookworm" ;;
-      debian:13) echo "trixie" ;;
-      debian:) echo "$DEBIAN_DEFAULT_CODENAME" ;;
-
-      ubuntu:24.04) echo "noble" ;;
-      ubuntu:26.04) echo "questing" ;;
-      ubuntu:) echo "$UBUNTU_DEFAULT_CODENAME" ;;
-
-      alpine:*) echo "${2:-$ALPINE_DEFAULT_VERSION}" ;;
-
-      *) return 1 ;;
-    esac
-  }
-
-  # Downloads an ARM64 LXC rootfs template to $1.
-  # Debian: fetches latest release from community-scripts/debian-arm64-lxc on GitHub.
-  # Others: fetches from jenkins.linuxcontainers.org.
-  download_arm64_template() {
-    local dest="$1" url
-
-    mkdir -p "$(dirname "$dest")" || {
-      msg_error "Cannot create template dir."
-      exit 207
-    }
-
-    if [[ "$PCT_OSTYPE" == "debian" ]]; then
-      url=$(
-        curl -fsSL "https://api.github.com/repos/community-scripts/debian-arm64-lxc/releases/latest" |
-          jq -r --arg v "$CUSTOM_TEMPLATE_VARIANT" \
-            '.assets[].browser_download_url | select(test("debian-" + $v + "-arm64-rootfs\\.tar\\.xz$"))' |
-          head -n1
-      )
-
-      [[ -n "$url" ]] || {
-        msg_error "Could not find Debian ${CUSTOM_TEMPLATE_VARIANT} ARM64 template URL."
-        exit 207
-      }
-    else
-      url="https://jenkins.linuxcontainers.org/job/image-${PCT_OSTYPE}/architecture=arm64,release=${CUSTOM_TEMPLATE_VARIANT},variant=default/lastStableBuild/artifact/rootfs.tar.xz"
-    fi
-
-    msg_info "Downloading ${PCT_OSTYPE^} ${CUSTOM_TEMPLATE_VARIANT} ARM64 template"
-    if ! curl -fsSL -o "$dest" "$url"; then
-      msg_error "Failed to download ARM64 template from: $url"
-      exit 208
-    fi
-    msg_ok "Downloaded ARM64 LXC template"
-  }
-
-  download_template() {
-    local dest="${1:-$TEMPLATE_PATH}"
-    if [[ "$ARCH" == "arm64" ]]; then
-      download_arm64_template "$dest"
-    else
-      pveam download "$TEMPLATE_STORAGE" "$TEMPLATE" >>"${BUILD_LOG:-/dev/null}" 2>&1 || {
-        msg_error "Failed to download template '$TEMPLATE' to storage '$TEMPLATE_STORAGE'"
-        exit 222
-      }
-    fi
-  }
-
   # ------------------------------------------------------------------------------
   # Required input variables
   # ------------------------------------------------------------------------------
@@ -5920,120 +5836,153 @@ create_lxc_container() {
   # ------------------------------------------------------------------------------
   # Template discovery & validation
   # ------------------------------------------------------------------------------
-  CUSTOM_TEMPLATE_VARIANT=""
+  TEMPLATE_SEARCH="${PCT_OSTYPE}-${PCT_OSVERSION:-}"
+  case "$PCT_OSTYPE" in
+  debian | ubuntu) TEMPLATE_PATTERN="-standard_" ;;
+  alpine | fedora | rocky | centos) TEMPLATE_PATTERN="-default_" ;;
+  *) TEMPLATE_PATTERN="" ;;
+  esac
 
-  if [[ "$ARCH" == "arm64" ]]; then
-    # ARM64: use custom template download from linuxcontainers.org / GitHub
-    msg_info "Preparing ARM64 template"
+  msg_info "Searching for template '$TEMPLATE_SEARCH'"
 
-    CUSTOM_TEMPLATE_VARIANT=$(arm64_template_variant "$PCT_OSTYPE" "${PCT_OSVERSION:-}") || {
-      msg_error "No ARM64 template mapping for ${PCT_OSTYPE} ${PCT_OSVERSION:-latest}"
-      exit 207
-    }
+  # Initialize variables
+  ONLINE_TEMPLATE=""
+  ONLINE_TEMPLATES=()
 
-    TEMPLATE="${PCT_OSTYPE}-${CUSTOM_TEMPLATE_VARIANT}-rootfs.tar.xz"
-    TEMPLATE_SOURCE="custom-arm64"
-
-    # Resolve template path
-    TEMPLATE_PATH="$(pvesm path "${TEMPLATE_STORAGE}:vztmpl/${TEMPLATE}" 2>/dev/null || true)"
-    if [[ -z "$TEMPLATE_PATH" ]]; then
-      local _tpl_base
-      _tpl_base=$(awk -v s="$TEMPLATE_STORAGE" '
-        $0 ~ "^[^:]+:[[:space:]]*" s "$" {f=1; next}
-        f && /^[^[:space:]]/ {f=0}
-        f && $1 == "path" {print $2; exit}
-      ' /etc/pve/storage.cfg)
-      TEMPLATE_PATH="${_tpl_base:-/var/lib/vz}/template/cache/$TEMPLATE"
-    fi
-
-    # Download if missing, too small, or corrupt
-    if [[ ! -f "$TEMPLATE_PATH" ]]; then
-      download_arm64_template "$TEMPLATE_PATH"
-    elif [[ "$(stat -c%s "$TEMPLATE_PATH")" -lt 1000000 ]] || ! tar -tf "$TEMPLATE_PATH" &>/dev/null; then
-      msg_warn "Local template invalid - re-downloading."
-      rm -f "$TEMPLATE_PATH"
-      download_arm64_template "$TEMPLATE_PATH"
-    else
-      msg_ok "Template ${BL}$TEMPLATE${CL} found locally."
-    fi
+  # Step 1: Check local templates first (instant)
+  mapfile -t LOCAL_TEMPLATES < <(
+    pveam list "$TEMPLATE_STORAGE" 2>/dev/null |
+      awk -v search="${TEMPLATE_SEARCH}" -v pattern="${TEMPLATE_PATTERN}" '$1 ~ search && $1 ~ pattern {print $1}' |
+      sed 's|.*/||' | sort -t - -k 2 -V
+  )
 
+  # Step 2: If local template found, use it immediately (skip pveam update)
+  if [[ ${#LOCAL_TEMPLATES[@]} -gt 0 ]]; then
+    TEMPLATE="${LOCAL_TEMPLATES[-1]}"
+    TEMPLATE_SOURCE="local"
+    msg_ok "Template search completed"
   else
-    TEMPLATE_SEARCH="${PCT_OSTYPE}-${PCT_OSVERSION:-}"
-    case "$PCT_OSTYPE" in
-    debian | ubuntu) TEMPLATE_PATTERN="-standard_" ;;
-    alpine | fedora | rocky | centos) TEMPLATE_PATTERN="-default_" ;;
-    *) TEMPLATE_PATTERN="" ;;
-    esac
+    # Step 3: No local template - need to check online (this may be slow)
+    msg_info "No local template found, checking online catalog..."
 
-    msg_info "Searching for template '$TEMPLATE_SEARCH'"
+    # Update catalog with timeout to prevent long hangs
+    if command -v timeout &>/dev/null; then
+      if ! timeout 30 pveam update >/dev/null 2>&1; then
+        msg_warn "Template catalog update timed out (possible network/DNS issue). Run 'pveam update' manually to diagnose."
+      fi
+    else
+      pveam update >/dev/null 2>&1 || msg_warn "Could not update template catalog (pveam update failed)"
+    fi
 
-    # Initialize variables
-    ONLINE_TEMPLATE=""
     ONLINE_TEMPLATES=()
+    mapfile -t ONLINE_TEMPLATES < <(pveam available -section system 2>/dev/null | grep -E '\.(tar\.zst|tar\.xz|tar\.gz)$' | awk '{print $2}' | grep -E "^${TEMPLATE_SEARCH}.*${TEMPLATE_PATTERN}" | sort -t - -k 2 -V 2>/dev/null || true)
+    [[ ${#ONLINE_TEMPLATES[@]} -gt 0 ]] && ONLINE_TEMPLATE="${ONLINE_TEMPLATES[-1]}"
 
-    # Step 1: Check local templates first (instant)
-    mapfile -t LOCAL_TEMPLATES < <(
-      pveam list "$TEMPLATE_STORAGE" 2>/dev/null |
-        awk -v search="${TEMPLATE_SEARCH}" -v pattern="${TEMPLATE_PATTERN}" '$1 ~ search && $1 ~ pattern {print $1}' |
-        sed 's|.*/||' | sort -t - -k 2 -V
+    TEMPLATE="$ONLINE_TEMPLATE"
+    TEMPLATE_SOURCE="online"
+    msg_ok "Template search completed"
+  fi
+
+  # If still no template, try to find alternatives
+  if [[ -z "$TEMPLATE" ]]; then
+    msg_warn "No template found for ${PCT_OSTYPE} ${PCT_OSVERSION}, searching for alternatives..."
+
+    # Get all available versions for this OS type
+    AVAILABLE_VERSIONS=()
+    mapfile -t AVAILABLE_VERSIONS < <(
+      pveam available -section system 2>/dev/null |
+        grep -E '\.(tar\.zst|tar\.xz|tar\.gz)$' |
+        awk -F'\t' '{print $1}' |
+        grep "^${PCT_OSTYPE}-" |
+        sed -E "s/.*${PCT_OSTYPE}-([0-9]+(\.[0-9]+)?).*/\1/" |
+        sort -u -V 2>/dev/null
     )
 
-    # Step 2: If local template found, use it immediately (skip pveam update)
-    if [[ ${#LOCAL_TEMPLATES[@]} -gt 0 ]]; then
-      TEMPLATE="${LOCAL_TEMPLATES[-1]}"
-      TEMPLATE_SOURCE="local"
-      msg_ok "Template search completed"
-    else
-      # Step 3: No local template - need to check online (this may be slow)
-      msg_info "No local template found, checking online catalog..."
+    if [[ ${#AVAILABLE_VERSIONS[@]} -gt 0 ]]; then
+      echo ""
+      echo "${BL}Available ${PCT_OSTYPE} versions:${CL}"
+      for i in "${!AVAILABLE_VERSIONS[@]}"; do
+        echo "  [$((i + 1))] ${AVAILABLE_VERSIONS[$i]}"
+      done
+      echo ""
+      read -p "Select version [1-${#AVAILABLE_VERSIONS[@]}] or press Enter to cancel: " choice </dev/tty
 
-      # Update catalog with timeout to prevent long hangs
-      if command -v timeout &>/dev/null; then
-        if ! timeout 30 pveam update >/dev/null 2>&1; then
-          msg_warn "Template catalog update timed out (possible network/DNS issue). Run 'pveam update' manually to diagnose."
+      if [[ "$choice" =~ ^[0-9]+$ ]] && [[ "$choice" -ge 1 ]] && [[ "$choice" -le ${#AVAILABLE_VERSIONS[@]} ]]; then
+        PCT_OSVERSION="${AVAILABLE_VERSIONS[$((choice - 1))]}"
+        TEMPLATE_SEARCH="${PCT_OSTYPE}-${PCT_OSVERSION}"
+
+        ONLINE_TEMPLATES=()
+        mapfile -t ONLINE_TEMPLATES < <(
+          pveam available -section system 2>/dev/null |
+            grep -E '\.(tar\.zst|tar\.xz|tar\.gz)$' |
+            awk '{print $2}' |
+            grep -E "^${TEMPLATE_SEARCH}-.*${TEMPLATE_PATTERN}" |
+            sort -t - -k 2 -V 2>/dev/null || true
+        )
+
+        if [[ ${#ONLINE_TEMPLATES[@]} -gt 0 ]]; then
+          TEMPLATE="${ONLINE_TEMPLATES[-1]}"
+          TEMPLATE_SOURCE="online"
+        else
+          msg_error "No templates available for ${PCT_OSTYPE} ${PCT_OSVERSION}"
+          exit 225
         fi
       else
-        pveam update >/dev/null 2>&1 || msg_warn "Could not update template catalog (pveam update failed)"
+        msg_custom "🚫" "${YW}" "Installation cancelled"
+        exit 0
       fi
-
-      ONLINE_TEMPLATES=()
-      mapfile -t ONLINE_TEMPLATES < <(pveam available -section system 2>/dev/null | grep -E '\.(tar\.zst|tar\.xz|tar\.gz)$' | awk '{print $2}' | grep -E "^${TEMPLATE_SEARCH}.*${TEMPLATE_PATTERN}" | sort -t - -k 2 -V 2>/dev/null || true)
-      [[ ${#ONLINE_TEMPLATES[@]} -gt 0 ]] && ONLINE_TEMPLATE="${ONLINE_TEMPLATES[-1]}"
-
-      TEMPLATE="$ONLINE_TEMPLATE"
-      TEMPLATE_SOURCE="online"
-      msg_ok "Template search completed"
+    else
+      msg_error "No ${PCT_OSTYPE} templates available at all"
+      exit 225
     fi
+  fi
 
-    # If still no template, try to find alternatives
+  TEMPLATE_PATH="$(pvesm path $TEMPLATE_STORAGE:vztmpl/$TEMPLATE 2>/dev/null || true)"
+  if [[ -z "$TEMPLATE_PATH" ]]; then
+    TEMPLATE_BASE=$(awk -v s="$TEMPLATE_STORAGE" '$1==s {f=1} f && /path/ {print $2; exit}' /etc/pve/storage.cfg)
+    [[ -n "$TEMPLATE_BASE" ]] && TEMPLATE_PATH="$TEMPLATE_BASE/template/cache/$TEMPLATE"
+  fi
+
+  # If we still don't have a path but have a valid template name, construct it
+  if [[ -z "$TEMPLATE_PATH" && -n "$TEMPLATE" ]]; then
+    TEMPLATE_PATH="/var/lib/vz/template/cache/$TEMPLATE"
+  fi
+
+  [[ -n "$TEMPLATE_PATH" ]] || {
     if [[ -z "$TEMPLATE" ]]; then
-      msg_warn "No template found for ${PCT_OSTYPE} ${PCT_OSVERSION}, searching for alternatives..."
+      msg_error "Template ${PCT_OSTYPE} ${PCT_OSVERSION} not available"
 
-      # Get all available versions for this OS type
-      AVAILABLE_VERSIONS=()
+      # Get available versions
       mapfile -t AVAILABLE_VERSIONS < <(
         pveam available -section system 2>/dev/null |
-          grep -E '\.(tar\.zst|tar\.xz|tar\.gz)$' |
-          awk -F'\t' '{print $1}' |
           grep "^${PCT_OSTYPE}-" |
-          sed -E "s/.*${PCT_OSTYPE}-([0-9]+(\.[0-9]+)?).*/\1/" |
-          sort -u -V 2>/dev/null
+          sed -E 's/.*'"${PCT_OSTYPE}"'-([0-9]+\.[0-9]+).*/\1/' |
+          grep -E '^[0-9]+\.[0-9]+$' |
+          sort -u -V 2>/dev/null || sort -u
       )
 
       if [[ ${#AVAILABLE_VERSIONS[@]} -gt 0 ]]; then
-        echo ""
-        echo "${BL}Available ${PCT_OSTYPE} versions:${CL}"
+        echo -e "\n${BL}Available versions:${CL}"
         for i in "${!AVAILABLE_VERSIONS[@]}"; do
           echo "  [$((i + 1))] ${AVAILABLE_VERSIONS[$i]}"
         done
+
         echo ""
-        read -p "Select version [1-${#AVAILABLE_VERSIONS[@]}] or press Enter to cancel: " choice </dev/tty
+        read -p "Select version [1-${#AVAILABLE_VERSIONS[@]}] or Enter to exit: " choice </dev/tty
 
         if [[ "$choice" =~ ^[0-9]+$ ]] && [[ "$choice" -ge 1 ]] && [[ "$choice" -le ${#AVAILABLE_VERSIONS[@]} ]]; then
-          PCT_OSVERSION="${AVAILABLE_VERSIONS[$((choice - 1))]}"
-          TEMPLATE_SEARCH="${PCT_OSTYPE}-${PCT_OSVERSION}"
+          export var_version="${AVAILABLE_VERSIONS[$((choice - 1))]}"
+          export PCT_OSVERSION="$var_version"
+          msg_ok "Switched to ${PCT_OSTYPE} ${var_version}"
 
-          ONLINE_TEMPLATES=()
+          # Retry template search with new version
+          TEMPLATE_SEARCH="${PCT_OSTYPE}-${PCT_OSVERSION:-}"
+
+          mapfile -t LOCAL_TEMPLATES < <(
+            pveam list "$TEMPLATE_STORAGE" 2>/dev/null |
+              awk -v search="${TEMPLATE_SEARCH}-" -v pattern="${TEMPLATE_PATTERN}" '$1 ~ search && $1 ~ pattern {print $1}' |
+              sed 's|.*/||' | sort -t - -k 2 -V
+          )
           mapfile -t ONLINE_TEMPLATES < <(
             pveam available -section system 2>/dev/null |
               grep -E '\.(tar\.zst|tar\.xz|tar\.gz)$' |
@@ -6041,181 +5990,109 @@ create_lxc_container() {
               grep -E "^${TEMPLATE_SEARCH}-.*${TEMPLATE_PATTERN}" |
               sort -t - -k 2 -V 2>/dev/null || true
           )
+          ONLINE_TEMPLATE=""
+          [[ ${#ONLINE_TEMPLATES[@]} -gt 0 ]] && ONLINE_TEMPLATE="${ONLINE_TEMPLATES[-1]}"
 
-          if [[ ${#ONLINE_TEMPLATES[@]} -gt 0 ]]; then
-            TEMPLATE="${ONLINE_TEMPLATES[-1]}"
-            TEMPLATE_SOURCE="online"
+          if [[ ${#LOCAL_TEMPLATES[@]} -gt 0 ]]; then
+            TEMPLATE="${LOCAL_TEMPLATES[-1]}"
+            TEMPLATE_SOURCE="local"
           else
-            msg_error "No templates available for ${PCT_OSTYPE} ${PCT_OSVERSION}"
-            exit 225
+            TEMPLATE="$ONLINE_TEMPLATE"
+            TEMPLATE_SOURCE="online"
           fi
+
+          TEMPLATE_PATH="$(pvesm path $TEMPLATE_STORAGE:vztmpl/$TEMPLATE 2>/dev/null || true)"
+          if [[ -z "$TEMPLATE_PATH" ]]; then
+            TEMPLATE_BASE=$(awk -v s="$TEMPLATE_STORAGE" '$1==s {f=1} f && /path/ {print $2; exit}' /etc/pve/storage.cfg)
+            [[ -n "$TEMPLATE_BASE" ]] && TEMPLATE_PATH="$TEMPLATE_BASE/template/cache/$TEMPLATE"
+          fi
+
+          # If we still don't have a path but have a valid template name, construct it
+          if [[ -z "$TEMPLATE_PATH" && -n "$TEMPLATE" ]]; then
+            TEMPLATE_PATH="/var/lib/vz/template/cache/$TEMPLATE"
+          fi
+
+          [[ -n "$TEMPLATE_PATH" ]] || {
+            msg_error "Template still not found after version change"
+            exit 220
+          }
         else
           msg_custom "🚫" "${YW}" "Installation cancelled"
           exit 0
         fi
       else
         msg_error "No ${PCT_OSTYPE} templates available"
-        exit 225
+        exit 220
       fi
     fi
+  }
 
-    TEMPLATE_PATH="$(pvesm path $TEMPLATE_STORAGE:vztmpl/$TEMPLATE 2>/dev/null || true)"
-    if [[ -z "$TEMPLATE_PATH" ]]; then
-      TEMPLATE_BASE=$(awk -v s="$TEMPLATE_STORAGE" '$1==s {f=1} f && /path/ {print $2; exit}' /etc/pve/storage.cfg)
-      [[ -n "$TEMPLATE_BASE" ]] && TEMPLATE_PATH="$TEMPLATE_BASE/template/cache/$TEMPLATE"
-    fi
+  # Validate that we found a template
+  if [[ -z "$TEMPLATE" ]]; then
+    msg_error "No template found for ${PCT_OSTYPE} ${PCT_OSVERSION}"
+    msg_custom "ℹ️" "${YW}" "Please check:"
+    msg_custom "  •" "${YW}" "Is pveam catalog available? (run: pveam available -section system)"
+    msg_custom "  •" "${YW}" "Does the template exist for your OS version?"
+    exit 225
+  fi
 
-    # If we still don't have a path but have a valid template name, construct it
-    if [[ -z "$TEMPLATE_PATH" && -n "$TEMPLATE" ]]; then
-      TEMPLATE_PATH="/var/lib/vz/template/cache/$TEMPLATE"
-    fi
+  msg_ok "Template ${BL}$TEMPLATE${CL} [$TEMPLATE_SOURCE]"
+  msg_debug "Resolved TEMPLATE_PATH=$TEMPLATE_PATH"
 
-    [[ -n "$TEMPLATE_PATH" ]] || {
-      if [[ -z "$TEMPLATE" ]]; then
-        msg_error "Template ${PCT_OSTYPE} ${PCT_OSVERSION} not available"
-
-        # Get available versions
-        mapfile -t AVAILABLE_VERSIONS < <(
-          pveam available -section system 2>/dev/null |
-            grep "^${PCT_OSTYPE}-" |
-            sed -E 's/.*'"${PCT_OSTYPE}"'-([0-9]+\.[0-9]+).*/\1/' |
-            grep -E '^[0-9]+\.[0-9]+$' |
-            sort -u -V 2>/dev/null || sort -u
-        )
-
-        if [[ ${#AVAILABLE_VERSIONS[@]} -gt 0 ]]; then
-          echo -e "\n${BL}Available versions:${CL}"
-          for i in "${!AVAILABLE_VERSIONS[@]}"; do
-            echo "  [$((i + 1))] ${AVAILABLE_VERSIONS[$i]}"
-          done
-
-          echo ""
-          read -p "Select version [1-${#AVAILABLE_VERSIONS[@]}] or press Enter to exit: " choice </dev/tty
-
-          if [[ "$choice" =~ ^[0-9]+$ ]] && [[ "$choice" -ge 1 ]] && [[ "$choice" -le ${#AVAILABLE_VERSIONS[@]} ]]; then
-            export var_version="${AVAILABLE_VERSIONS[$((choice - 1))]}"
-            export PCT_OSVERSION="$var_version"
-            msg_ok "Switched to ${PCT_OSTYPE} ${var_version}"
-
-            # Retry template search with new version
-            TEMPLATE_SEARCH="${PCT_OSTYPE}-${PCT_OSVERSION:-}"
-
-            mapfile -t LOCAL_TEMPLATES < <(
-              pveam list "$TEMPLATE_STORAGE" 2>/dev/null |
-                awk -v search="${TEMPLATE_SEARCH}-" -v pattern="${TEMPLATE_PATTERN}" '$1 ~ search && $1 ~ pattern {print $1}' |
-                sed 's|.*/||' | sort -t - -k 2 -V
-            )
-            mapfile -t ONLINE_TEMPLATES < <(
-              pveam available -section system 2>/dev/null |
-                grep -E '\.(tar\.zst|tar\.xz|tar\.gz)$' |
-                awk '{print $2}' |
-                grep -E "^${TEMPLATE_SEARCH}-.*${TEMPLATE_PATTERN}" |
-                sort -t - -k 2 -V 2>/dev/null || true
-            )
-            ONLINE_TEMPLATE=""
-            [[ ${#ONLINE_TEMPLATES[@]} -gt 0 ]] && ONLINE_TEMPLATE="${ONLINE_TEMPLATES[-1]}"
-
-            if [[ ${#LOCAL_TEMPLATES[@]} -gt 0 ]]; then
-              TEMPLATE="${LOCAL_TEMPLATES[-1]}"
-              TEMPLATE_SOURCE="local"
-            else
-              TEMPLATE="$ONLINE_TEMPLATE"
-              TEMPLATE_SOURCE="online"
-            fi
-
-            TEMPLATE_PATH="$(pvesm path $TEMPLATE_STORAGE:vztmpl/$TEMPLATE 2>/dev/null || true)"
-            if [[ -z "$TEMPLATE_PATH" ]]; then
-              TEMPLATE_BASE=$(awk -v s="$TEMPLATE_STORAGE" '$1==s {f=1} f && /path/ {print $2; exit}' /etc/pve/storage.cfg)
-              [[ -n "$TEMPLATE_BASE" ]] && TEMPLATE_PATH="$TEMPLATE_BASE/template/cache/$TEMPLATE"
-            fi
-
-            # If we still don't have a path but have a valid template name, construct it
-            if [[ -z "$TEMPLATE_PATH" && -n "$TEMPLATE" ]]; then
-              TEMPLATE_PATH="/var/lib/vz/template/cache/$TEMPLATE"
-            fi
-
-            [[ -n "$TEMPLATE_PATH" ]] || {
-              msg_error "Template still not found after version change"
-              exit 220
-            }
-          else
-            msg_custom "🚫" "${YW}" "Installation cancelled"
-            exit 0
-          fi
-        else
-          msg_error "No ${PCT_OSTYPE} templates available"
-          exit 220
-        fi
-      fi
-    }
-
-    # Validate that we found a template
-    if [[ -z "$TEMPLATE" ]]; then
-      msg_error "No template found for ${PCT_OSTYPE} ${PCT_OSVERSION}"
-      msg_custom "ℹ️" "${YW}" "Please check:"
-      msg_custom "  •" "${YW}" "Is pveam catalog available? (run: pveam available -section system)"
-      msg_custom "  •" "${YW}" "Does the template exist for your OS version?"
-      exit 225
-    fi
-
-    msg_ok "Template ${BL}$TEMPLATE${CL} [$TEMPLATE_SOURCE]"
-    msg_debug "Resolved TEMPLATE_PATH=$TEMPLATE_PATH"
-
-    NEED_DOWNLOAD=0
-    if [[ ! -f "$TEMPLATE_PATH" ]]; then
-      msg_info "Template not present locally, will download it."
+  NEED_DOWNLOAD=0
+  if [[ ! -f "$TEMPLATE_PATH" ]]; then
+    msg_info "Template not present locally – will download."
+    NEED_DOWNLOAD=1
+  elif [[ ! -r "$TEMPLATE_PATH" ]]; then
+    msg_error "Template file exists but is not readable – check permissions."
+    exit 221
+  elif [[ "$(stat -c%s "$TEMPLATE_PATH")" -lt 1000000 ]]; then
+    if [[ -n "$ONLINE_TEMPLATE" ]]; then
+      msg_warn "Template file too small (<1MB) – re-downloading."
       NEED_DOWNLOAD=1
-    elif [[ ! -r "$TEMPLATE_PATH" ]]; then
-      msg_error "Template file exists but is not readable, check permissions."
-      exit 221
-    elif [[ "$(stat -c%s "$TEMPLATE_PATH")" -lt 1000000 ]]; then
-      if [[ -n "$ONLINE_TEMPLATE" ]]; then
-        msg_warn "Template file too small (<1MB), re-downloading."
-        NEED_DOWNLOAD=1
-      else
-        msg_warn "Template looks too small, but no online version exists. Keeping local file."
-      fi
-    elif ! tar -tf "$TEMPLATE_PATH" &>/dev/null; then
-      if [[ -n "$ONLINE_TEMPLATE" ]]; then
-        msg_warn "Template appears corrupted, re-downloading."
-        NEED_DOWNLOAD=1
-      else
-        msg_warn "Template appears corrupted, but no online version exists. Keeping local file."
-      fi
     else
-      $STD msg_ok "Template $TEMPLATE is present and valid."
+      msg_warn "Template looks too small, but no online version exists. Keeping local file."
     fi
+  elif ! tar -tf "$TEMPLATE_PATH" &>/dev/null; then
+    if [[ -n "$ONLINE_TEMPLATE" ]]; then
+      msg_warn "Template appears corrupted – re-downloading."
+      NEED_DOWNLOAD=1
+    else
+      msg_warn "Template appears corrupted, but no online version exists. Keeping local file."
+    fi
+  else
+    $STD msg_ok "Template $TEMPLATE is present and valid."
+  fi
 
-    if [[ "$TEMPLATE_SOURCE" == "local" && -n "$ONLINE_TEMPLATE" && "$TEMPLATE" != "$ONLINE_TEMPLATE" ]]; then
-      msg_warn "Local template is outdated: $TEMPLATE (latest available: $ONLINE_TEMPLATE)"
-      if whiptail --yesno "A newer template is available:\n$ONLINE_TEMPLATE\n\nDo you want to download and use it instead?" 12 70; then
-        TEMPLATE="$ONLINE_TEMPLATE"
-        NEED_DOWNLOAD=1
-      else
-        msg_custom "ℹ️" "${BL}" "Continuing with local template $TEMPLATE"
+  if [[ "$TEMPLATE_SOURCE" == "local" && -n "$ONLINE_TEMPLATE" && "$TEMPLATE" != "$ONLINE_TEMPLATE" ]]; then
+    msg_warn "Local template is outdated: $TEMPLATE (latest available: $ONLINE_TEMPLATE)"
+    if whiptail --yesno "A newer template is available:\n$ONLINE_TEMPLATE\n\nDo you want to download and use it instead?" 12 70; then
+      TEMPLATE="$ONLINE_TEMPLATE"
+      NEED_DOWNLOAD=1
+    else
+      msg_custom "ℹ️" "${BL}" "Continuing with local template $TEMPLATE"
+    fi
+  fi
+
+  if [[ "$NEED_DOWNLOAD" -eq 1 ]]; then
+    [[ -f "$TEMPLATE_PATH" ]] && rm -f "$TEMPLATE_PATH"
+    for attempt in {1..3}; do
+      msg_info "Attempt $attempt: Downloading template $TEMPLATE to $TEMPLATE_STORAGE"
+      if pveam download "$TEMPLATE_STORAGE" "$TEMPLATE" >>"${BUILD_LOG:-/dev/null}" 2>&1; then
+        msg_ok "Template download successful."
+        break
       fi
-    fi
+      if [[ $attempt -eq 3 ]]; then
+        msg_error "Failed after 3 attempts. Please check network access, permissions, or manually run:\n  pveam download $TEMPLATE_STORAGE $TEMPLATE"
+        exit 222
+      fi
+      sleep $((attempt * 5))
+    done
+  fi
 
-    if [[ "$NEED_DOWNLOAD" -eq 1 ]]; then
-      [[ -f "$TEMPLATE_PATH" ]] && rm -f "$TEMPLATE_PATH"
-      for attempt in {1..3}; do
-        msg_info "Attempt $attempt: Downloading template $TEMPLATE to $TEMPLATE_STORAGE"
-        if pveam download "$TEMPLATE_STORAGE" "$TEMPLATE" >>"${BUILD_LOG:-/dev/null}" 2>&1; then
-          msg_ok "Template download successful."
-          break
-        fi
-        if [[ $attempt -eq 3 ]]; then
-          msg_error "Failed after 3 attempts. Please check network access, permissions, or manually run:\n  pveam download $TEMPLATE_STORAGE $TEMPLATE"
-          exit 222
-        fi
-        sleep $((attempt * 5))
-      done
-    fi
-
-    if ! pveam list "$TEMPLATE_STORAGE" 2>/dev/null | grep -q "$TEMPLATE"; then
-      msg_error "Template $TEMPLATE not available in storage $TEMPLATE_STORAGE after download."
-      exit 223
-    fi
+  if ! pveam list "$TEMPLATE_STORAGE" 2>/dev/null | grep -q "$TEMPLATE"; then
+    msg_error "Template $TEMPLATE not available in storage $TEMPLATE_STORAGE after download."
+    exit 223
   fi
 
   # ------------------------------------------------------------------------------
@@ -6292,15 +6169,21 @@ create_lxc_container() {
 
   # Validate template before pct create (while holding lock)
   if [[ ! -s "$TEMPLATE_PATH" || "$(stat -c%s "$TEMPLATE_PATH" 2>/dev/null || echo 0)" -lt 1000000 ]]; then
-    msg_info "Template file missing or too small - downloading"
+    msg_info "Template file missing or too small – downloading"
     rm -f "$TEMPLATE_PATH"
-    download_template
+    pveam download "$TEMPLATE_STORAGE" "$TEMPLATE" >>"${BUILD_LOG:-/dev/null}" 2>&1 || {
+      msg_error "Failed to download template '$TEMPLATE' to storage '$TEMPLATE_STORAGE'"
+      exit 222
+    }
     msg_ok "Template downloaded"
   elif ! tar -tf "$TEMPLATE_PATH" &>/dev/null; then
-    if [[ "$ARCH" == "arm64" || -n "$ONLINE_TEMPLATE" ]]; then
-      msg_info "Template appears corrupted - re-downloading"
+    if [[ -n "$ONLINE_TEMPLATE" ]]; then
+      msg_info "Template appears corrupted – re-downloading"
       rm -f "$TEMPLATE_PATH"
-      download_template
+      pveam download "$TEMPLATE_STORAGE" "$TEMPLATE" >>"${BUILD_LOG:-/dev/null}" 2>&1 || {
+        msg_error "Failed to re-download template '$TEMPLATE'"
+        exit 222
+      }
       msg_ok "Template re-downloaded"
     else
       msg_warn "Template appears corrupted, but no online version exists. Skipping re-download."
@@ -6348,9 +6231,9 @@ create_lxc_container() {
     else
       # Not a CTID collision - check if template issue and retry with fresh download
       if grep -qiE 'unable to open|corrupt|invalid' "$LOGFILE"; then
-        msg_info "Template may be corrupted - re-downloading"
+        msg_info "Template may be corrupted – re-downloading"
         rm -f "$TEMPLATE_PATH"
-        download_template
+        pveam download "$TEMPLATE_STORAGE" "$TEMPLATE" >>"${BUILD_LOG:-/dev/null}" 2>&1
         msg_ok "Template re-downloaded"
       fi
 
@@ -6363,11 +6246,7 @@ create_lxc_container() {
           if [[ ! -f "$LOCAL_TEMPLATE_PATH" ]]; then
             msg_ok "Trying local storage fallback"
             msg_info "Downloading template to local"
-            if [[ "$ARCH" == "arm64" ]]; then
-              download_arm64_template "$LOCAL_TEMPLATE_PATH"
-            else
-              pveam download local "$TEMPLATE" >>"${BUILD_LOG:-/dev/null}" 2>&1
-            fi
+            pveam download local "$TEMPLATE" >>"${BUILD_LOG:-/dev/null}" 2>&1
             msg_ok "Template downloaded to local"
           else
             msg_ok "Trying local storage fallback"

misc/core.func

@@ -346,15 +346,9 @@ pve_check() {
 # - Provides link to ARM64-compatible scripts
 # ------------------------------------------------------------------------------
 arch_check() {
-  local arch
-  arch="$(dpkg --print-architecture)"
-  if [[ "$arch" != "amd64" && "$arch" != "arm64" ]]; then
-    msg_error "This script requires amd64 or arm64 (detected: $arch)."
-    sleep 2
-    exit 106
-  fi
-  if [[ "$arch" == "arm64" && "${var_arm64:-}" != "yes" ]]; then
-    msg_error "This script does not yet support arm64."
+  if [ "$(dpkg --print-architecture)" != "amd64" ]; then
+    msg_error "This script will not work with PiMox (ARM architecture detected)."
+    msg_warn "Visit https://github.com/asylumexp/Proxmox for ARM64 support."
     sleep 2
     exit 106
   fi
@@ -1720,38 +1714,6 @@ function get_lxc_ip() {
   export LOCAL_IP
 }
 
-# ------------------------------------------------------------------------------
-# ensure_whiptail()
-#
-# - Ensures whiptail is installed
-# - Some ARM64 systems will not have whiptail installed
-# - Exits with error message if installation fails
-# ------------------------------------------------------------------------------
-ensure_whiptail() {
-  command -v whiptail >/dev/null 2>&1 && return 0
-
-  msg_info "Installing whiptail"
-  apt_update_safe
-  $STD apt-get install -y whiptail || {
-    msg_error "Failed to install whiptail"
-    exit 100
-  }
-  msg_ok "Installed whiptail"
-}
-
-# ------------------------------------------------------------------------------
-# arm64_notice()
-#
-# - Shows a short warning when running scripts on ARM64 systems
-# ------------------------------------------------------------------------------
-arm64_notice() {
-  [[ "$(dpkg --print-architecture)" == "arm64" ]] || return 0
-
-  whiptail --backtitle "Proxmox VE Helper Scripts" \
-    --title "ARM64 SUPPORT" \
-    --ok-button "Continue" \
-    --msgbox "ARM64 support is in active development.\n\nSome scripts, packages, or application releases may not be fully tested or working yet." 10 68
-}
 # ==============================================================================
 # SIGNAL TRAPS
 # ==============================================================================

misc/error_handler.func

@@ -99,7 +99,7 @@ if ! declare -f explain_exit_code &>/dev/null; then
     103) echo "Validation: Shell is not Bash" ;;
     104) echo "Validation: Not running as root (or invoked via sudo)" ;;
     105) echo "Validation: Proxmox VE version not supported" ;;
-    106) echo "Validation: Unsupported architecture (requires amd64 or arm64)" ;;
+    106) echo "Validation: Architecture not supported (ARM / PiMox)" ;;
     107) echo "Validation: Kernel key parameters unreadable" ;;
     108) echo "Validation: Kernel key limits exceeded" ;;
     109) echo "Proxmox: No available container ID after max attempts" ;;

misc/tools.func

@@ -3157,14 +3157,10 @@ fetch_and_deploy_codeberg_release() {
     # Fall back to architecture heuristic
     if [[ -z "$url_match" ]]; then
       for u in $assets; do
-        [[ "$u" =~ \.deb$ ]] || continue
-        if [[ "${arch,,}" =~ ^(amd64|x86_64)$ ]]; then
-          [[ "$u" =~ (amd64|x86_64).*\.deb$ ]] || continue
-        elif [[ "${arch,,}" =~ ^(arm64|aarch64)$ ]]; then
-          [[ "$u" =~ (arm64|aarch64).*\.deb$ ]] || continue
+        if [[ "$u" =~ ($arch|amd64|x86_64|aarch64|arm64).*\.deb$ ]]; then
+          url_match="$u"
+          break
         fi
-        url_match="$u"
-        break
       done
     fi
 
@@ -3461,11 +3457,7 @@ _gh_scan_older_releases() {
         done)
       fi
       if [[ "$has_match" != "true" ]]; then
-        if [[ "${arch,,}" =~ ^(amd64|x86_64)$ ]]; then
-          has_match=$(echo "$releases_list" | jq -r ".[$i].assets[].browser_download_url" | grep -qE '(amd64|x86_64).*\.deb$' && echo true)
-        elif [[ "${arch,,}" =~ ^(arm64|aarch64)$ ]]; then
-          has_match=$(echo "$releases_list" | jq -r ".[$i].assets[].browser_download_url" | grep -qE '(arm64|aarch64).*\.deb$' && echo true)
-        fi
+        has_match=$(echo "$releases_list" | jq -r ".[$i].assets[].browser_download_url" | grep -qE "($arch|amd64|x86_64|aarch64|arm64).*\.deb$" && echo true)
       fi
       if [[ "$has_match" != "true" ]]; then
         has_match=$(echo "$releases_list" | jq -r ".[$i].assets[].browser_download_url" | grep -qE '\.deb$' && echo true)
@@ -3671,14 +3663,10 @@ fetch_and_deploy_gh_release() {
     # If no match via explicit pattern, fall back to architecture heuristic
     if [[ -z "$url_match" ]]; then
       for u in $assets; do
-        [[ "$u" =~ \.deb$ ]] || continue
-        if [[ "${arch,,}" =~ ^(amd64|x86_64)$ ]]; then
-          [[ "$u" =~ (amd64|x86_64).*\.deb$ ]] || continue
-        elif [[ "${arch,,}" =~ ^(arm64|aarch64)$ ]]; then
-          [[ "$u" =~ (arm64|aarch64).*\.deb$ ]] || continue
+        if [[ "$u" =~ ($arch|amd64|x86_64|aarch64|arm64).*\.deb$ ]]; then
+          url_match="$u"
+          break
         fi
-        url_match="$u"
-        break
       done
     fi
 
@@ -3709,14 +3697,10 @@ fetch_and_deploy_gh_release() {
         fi
         if [[ -z "$url_match" ]]; then
           for u in $assets; do
-            [[ "$u" =~ \.deb$ ]] || continue
-            if [[ "${arch,,}" =~ ^(amd64|x86_64)$ ]]; then
-              [[ "$u" =~ (amd64|x86_64).*\.deb$ ]] || continue
-            elif [[ "${arch,,}" =~ ^(arm64|aarch64)$ ]]; then
-              [[ "$u" =~ (arm64|aarch64).*\.deb$ ]] || continue
+            if [[ "$u" =~ ($arch|amd64|x86_64|aarch64|arm64).*\.deb$ ]]; then
+              url_match="$u"
+              break
             fi
-            url_match="$u"
-            break
           done
         fi
         if [[ -z "$url_match" ]]; then
@@ -4474,12 +4458,7 @@ setup_ffmpeg() {
 
   # Binary fallback mode
   if [[ "$TYPE" == "binary" ]]; then
-    local ffmpeg_arch
-    case "$(dpkg --print-architecture 2>/dev/null || echo amd64)" in
-    arm64) ffmpeg_arch="arm64" ;;
-    *) ffmpeg_arch="amd64" ;;
-    esac
-    if ! CURL_TIMEOUT=300 curl_with_retry "https://johnvansickle.com/ffmpeg/releases/ffmpeg-release-${ffmpeg_arch}-static.tar.xz" "$TMP_DIR/ffmpeg.tar.xz"; then
+    if ! CURL_TIMEOUT=300 curl_with_retry "https://johnvansickle.com/ffmpeg/releases/ffmpeg-release-amd64-static.tar.xz" "$TMP_DIR/ffmpeg.tar.xz"; then
       msg_error "Failed to download FFmpeg binary"
       msg_error "Hint: Check connectivity to johnvansickle.com/ffmpeg (static builds, may be slow — large file)"
       rm -rf "$TMP_DIR"
@@ -4567,17 +4546,7 @@ setup_ffmpeg() {
   # If no source download (either VERSION empty or download failed), use binary
   if [[ -z "$VERSION" ]]; then
     msg_info "Setup FFmpeg from pre-built binary"
-    local ffmpeg_arch detected_arch
-    detected_arch="$(dpkg --print-architecture 2>/dev/null || true)"
-    if [[ -z "$detected_arch" ]]; then
-      detected_arch="$(uname -m 2>/dev/null || true)"
-    fi
-    case "$detected_arch" in
-    arm64 | aarch64) ffmpeg_arch="arm64" ;;
-    amd64 | x86_64) ffmpeg_arch="amd64" ;;
-    *) ffmpeg_arch="amd64" ;;
-    esac
-    if ! CURL_TIMEOUT=300 curl_with_retry "https://johnvansickle.com/ffmpeg/releases/ffmpeg-release-${ffmpeg_arch}-static.tar.xz" "$TMP_DIR/ffmpeg.tar.xz"; then
+    if ! CURL_TIMEOUT=300 curl_with_retry "https://johnvansickle.com/ffmpeg/releases/ffmpeg-release-amd64-static.tar.xz" "$TMP_DIR/ffmpeg.tar.xz"; then
       msg_error "Failed to download FFmpeg pre-built binary"
       msg_error "Hint: Check connectivity to johnvansickle.com/ffmpeg (large file, may timeout on slow connections)"
       rm -rf "$TMP_DIR"
@@ -8607,19 +8576,7 @@ setup_yq() {
     msg_info "Setup yq $LATEST_VERSION"
   fi
 
-  local yq_arch detected_arch
-  if command -v dpkg &>/dev/null; then
-    detected_arch="$(dpkg --print-architecture 2>/dev/null)"
-  else
-    detected_arch="$(uname -m 2>/dev/null)"
-  fi
-
-  case "$detected_arch" in
-  arm64 | aarch64) yq_arch="arm64" ;;
-  amd64 | x86_64) yq_arch="amd64" ;;
-  *) yq_arch="amd64" ;;
-  esac
-  if ! curl_with_retry "https://github.com/${GITHUB_REPO}/releases/download/v${LATEST_VERSION}/yq_linux_${yq_arch}" "$TMP_DIR/yq"; then
+  if ! curl_with_retry "https://github.com/${GITHUB_REPO}/releases/download/v${LATEST_VERSION}/yq_linux_amd64" "$TMP_DIR/yq"; then
     msg_error "Failed to download yq"
     msg_error "Hint: Check connectivity to github.com/${GITHUB_REPO} — set GITHUB_TOKEN to avoid rate-limiting"
     rm -rf "$TMP_DIR"