Update CHANGELOG.md (#12495)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

.github/workflows/push-json-to-pocketbase.yml

@@ -105,7 +105,11 @@ jobs:
             const typesRes = await request(apiBase + '/collections/z_ref_script_types/records?perPage=500', { headers: { 'Authorization': token } });
             if (typesRes.ok) {
               const typesData = JSON.parse(typesRes.body);
-              (typesData.items || []).forEach(function(item) { if (item.type) typeValueToId[item.type] = item.id; });
+              (typesData.items || []).forEach(function(item) {
+                if (item.type != null) typeValueToId[item.type] = item.id;
+                if (item.name != null) typeValueToId[item.name] = item.id;
+                if (item.value != null) typeValueToId[item.value] = item.id;
+              });
             }
           } catch (e) { console.warn('Could not fetch z_ref_script_types:', e.message); }
           try {
@@ -115,6 +119,33 @@ jobs:
               (catData.items || []).forEach(function(item) { if (item.name) categoryNameToPbId[item.name] = item.id; });
             }
           } catch (e) { console.warn('Could not fetch script_categories:', e.message); }
+          var noteTypeToId = {};
+          var installMethodTypeToId = {};
+          var osToId = {};
+          var osVersionToId = {};
+          try {
+            const res = await request(apiBase + '/collections/z_ref_note_types/records?perPage=500', { headers: { 'Authorization': token } });
+            if (res.ok) JSON.parse(res.body).items?.forEach(function(item) { if (item.type != null) noteTypeToId[item.type] = item.id; });
+          } catch (e) { console.warn('z_ref_note_types:', e.message); }
+          try {
+            const res = await request(apiBase + '/collections/z_ref_install_method_types/records?perPage=500', { headers: { 'Authorization': token } });
+            if (res.ok) JSON.parse(res.body).items?.forEach(function(item) { if (item.type != null) installMethodTypeToId[item.type] = item.id; });
+          } catch (e) { console.warn('z_ref_install_method_types:', e.message); }
+          try {
+            const res = await request(apiBase + '/collections/z_ref_os/records?perPage=500', { headers: { 'Authorization': token } });
+            if (res.ok) JSON.parse(res.body).items?.forEach(function(item) { if (item.os != null) osToId[item.os] = item.id; });
+          } catch (e) { console.warn('z_ref_os:', e.message); }
+          try {
+            const res = await request(apiBase + '/collections/z_ref_os_version/records?perPage=500&expand=os', { headers: { 'Authorization': token } });
+            if (res.ok) {
+              (JSON.parse(res.body).items || []).forEach(function(item) {
+                var osName = item.expand && item.expand.os && item.expand.os.os != null ? item.expand.os.os : null;
+                if (osName != null && item.version != null) osVersionToId[osName + '|' + item.version] = item.id;
+              });
+            }
+          } catch (e) { console.warn('z_ref_os_version:', e.message); }
+          var notesCollUrl = apiBase + '/collections/script_notes/records';
+          var installMethodsCollUrl = apiBase + '/collections/script_install_methods/records';
           for (const file of files) {
             if (!fs.existsSync(file)) continue;
             const data = JSON.parse(fs.readFileSync(file, 'utf8'));
@@ -137,6 +168,7 @@ jobs:
               is_dev: false
             };
             var resolvedType = typeValueToId[data.type];
+            if (resolvedType == null && data.type === 'ct') resolvedType = typeValueToId['lxc'];
             if (resolvedType) payload.type = resolvedType;
             var resolvedCats = (data.categories || []).map(function(n) { return categoryNameToPbId[categoryIdToName[n]]; }).filter(Boolean);
             if (resolvedCats.length) payload.categories = resolvedCats;
@@ -149,7 +181,49 @@ jobs:
             });
             const list = JSON.parse(listRes.body);
             const existingId = list.items && list.items[0] && list.items[0].id;
+            async function resolveNotesAndInstallMethods(scriptId) {
+              var noteIds = [];
+              for (var i = 0; i < (data.notes || []).length; i++) {
+                var note = data.notes[i];
+                var typeId = noteTypeToId[note.type];
+                if (typeId == null) continue;
+                var postRes = await request(notesCollUrl, {
+                  method: 'POST',
+                  headers: { 'Authorization': token, 'Content-Type': 'application/json' },
+                  body: JSON.stringify({ text: note.text || '', type: typeId })
+                });
+                if (postRes.ok) noteIds.push(JSON.parse(postRes.body).id);
+              }
+              var installMethodIds = [];
+              for (var j = 0; j < (data.install_methods || []).length; j++) {
+                var im = data.install_methods[j];
+                var typeId = installMethodTypeToId[im.type];
+                var res = im.resources || {};
+                var osId = osToId[res.os];
+                var osVersionKey = (res.os != null && res.version != null) ? res.os + '|' + res.version : null;
+                var osVersionId = osVersionKey ? osVersionToId[osVersionKey] : null;
+                var imBody = {
+                  script: scriptId,
+                  resources_cpu: res.cpu != null ? res.cpu : 0,
+                  resources_ram: res.ram != null ? res.ram : 0,
+                  resources_hdd: res.hdd != null ? res.hdd : 0
+                };
+                if (typeId) imBody.type = typeId;
+                if (osId) imBody.os = osId;
+                if (osVersionId) imBody.os_version = osVersionId;
+                var imPostRes = await request(installMethodsCollUrl, {
+                  method: 'POST',
+                  headers: { 'Authorization': token, 'Content-Type': 'application/json' },
+                  body: JSON.stringify(imBody)
+                });
+                if (imPostRes.ok) installMethodIds.push(JSON.parse(imPostRes.body).id);
+              }
+              return { noteIds: noteIds, installMethodIds: installMethodIds };
+            }
             if (existingId) {
+              var resolved = await resolveNotesAndInstallMethods(existingId);
+              payload.notes = resolved.noteIds;
+              payload.install_methods = resolved.installMethodIds;
               console.log('Updating', file, '(slug=' + data.slug + ')');
               const r = await request(recordsUrl + '/' + existingId, {
                 method: 'PATCH',
@@ -165,6 +239,14 @@ jobs:
                 body: JSON.stringify(payload)
               });
               if (!r.ok) throw new Error('POST failed: ' + r.body);
+              var scriptId = JSON.parse(r.body).id;
+              var resolved = await resolveNotesAndInstallMethods(scriptId);
+              var patchRes = await request(recordsUrl + '/' + scriptId, {
+                method: 'PATCH',
+                headers: { 'Authorization': token, 'Content-Type': 'application/json' },
+                body: JSON.stringify({ install_methods: resolved.installMethodIds, notes: resolved.noteIds })
+              });
+              if (!patchRes.ok) throw new Error('PATCH relations failed: ' + patchRes.body);
             }
           }
           console.log('Done.');

CHANGELOG.md

@@ -410,11 +410,14 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit
 
 </details>
 
+## 2026-03-03
+
 ## 2026-03-02
 
 ### 🆕 New Scripts
 
-  - Profilarr ([#12441](https://github.com/community-scripts/ProxmoxVE/pull/12441))
+  - PowerDNS ([#12481](https://github.com/community-scripts/ProxmoxVE/pull/12481))
+- Profilarr ([#12441](https://github.com/community-scripts/ProxmoxVE/pull/12441))
 
 ### 🚀 Updated Scripts
 

ct/headers/powerdns

@@ -0,0 +1,6 @@
+    ____                          ____  _   _______
+   / __ \____ _      _____  _____/ __ \/ | / / ___/
+  / /_/ / __ \ | /| / / _ \/ ___/ / / /  |/ /\__ \ 
+ / ____/ /_/ / |/ |/ /  __/ /  / /_/ / /|  /___/ / 
+/_/    \____/|__/|__/\___/_/  /_____/_/ |_//____/  
+                                                   

ct/powerdns.sh

@@ -0,0 +1,68 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: Slaviša Arežina (tremor021)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://www.powerdns.com/
+
+APP="PowerDNS"
+var_tags="${var_tags:-dns}"
+var_cpu="${var_cpu:-1}"
+var_ram="${var_ram:-1024}"
+var_disk="${var_disk:-4}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-13}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+  if [[ ! -d /opt/poweradmin ]]; then
+    msg_error "No ${APP} Installation Found!"
+    exit
+  fi
+
+  msg_info "Updating PowerDNS"
+  $STD apt update
+  $STD apt install -y --only-upgrade pdns-server pdns-backend-sqlite3
+  msg_ok "Updated PowerDNS"
+
+  if check_for_gh_release "poweradmin" "poweradmin/poweradmin"; then
+    msg_info "Backing up Configuration"
+    cp /opt/poweradmin/config/settings.php /opt/poweradmin_settings.php.bak
+    cp /opt/poweradmin/powerdns.db /opt/poweradmin_powerdns.db.bak
+    msg_ok "Backed up Configuration"
+
+    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "poweradmin" "poweradmin/poweradmin" "tarball"
+
+    msg_info "Updating Poweradmin"
+    cp /opt/poweradmin_settings.php.bak /opt/poweradmin/config/settings.php
+    cp /opt/poweradmin_powerdns.db.bak /opt/poweradmin/powerdns.db
+    rm -rf /opt/poweradmin/install
+    rm -f /opt/poweradmin_settings.php.bak /opt/poweradmin_powerdns.db.bak
+    chown -R www-data:www-data /opt/poweradmin
+    msg_ok "Updated Poweradmin"
+
+    msg_info "Restarting Services"
+    systemctl restart pdns apache2
+    msg_ok "Restarted Services"
+    msg_ok "Updated successfully!"
+  fi
+  exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed Successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}http://${IP}${CL}"

frontend/public/json/2fauth.json

@@ -13,7 +13,7 @@
   "website": "https://2fauth.app/",
   "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/2fauth.webp",
   "config_path": "cat /opt/2fauth/.env",
-  "description": "2FAuth is a web based self-hosted alternative to One Time Passcode (OTP) generators like Google Authenticator, designed for both mobile and desktop. It aims to ease you perform your 2FA authentication steps whatever the device you handle, with a clean and suitable interface. - Workflow -  Test",
+  "description": "2FAuth is a web based self-hosted alternative to One Time Passcode (OTP) generators like Google Authenticator, designed for both mobile and desktop. It aims to ease you perform your 2FA authentication steps whatever the device you handle, with a clean and suitable interface.",
   "install_methods": [
     {
       "type": "default",

frontend/public/json/github-versions.json

@@ -1,5 +1,5 @@
 {
-  "generated": "2026-03-02T13:48:26Z",
+  "generated": "2026-03-03T00:21:34Z",
   "versions": [
     {
       "slug": "2fauth",
@@ -585,9 +585,9 @@
     {
       "slug": "immich-public-proxy",
       "repo": "alangrainger/immich-public-proxy",
-      "version": "v1.15.3",
+      "version": "v1.15.4",
       "pinned": false,
-      "date": "2026-02-16T22:54:27Z"
+      "date": "2026-03-02T21:28:06Z"
     },
     {
       "slug": "inspircd",
@@ -872,9 +872,9 @@
     {
       "slug": "metube",
       "repo": "alexta69/metube",
-      "version": "2026.02.27",
+      "version": "2026.03.02",
       "pinned": false,
-      "date": "2026-02-27T11:47:02Z"
+      "date": "2026-03-02T19:19:10Z"
     },
     {
       "slug": "miniflux",
@@ -1149,6 +1149,13 @@
       "pinned": false,
       "date": "2026-02-23T19:50:48Z"
     },
+    {
+      "slug": "powerdns",
+      "repo": "poweradmin/poweradmin",
+      "version": "v4.0.7",
+      "pinned": false,
+      "date": "2026-02-15T20:09:48Z"
+    },
     {
       "slug": "privatebin",
       "repo": "PrivateBin/PrivateBin",
@@ -1222,9 +1229,9 @@
     {
       "slug": "pulse",
       "repo": "rcourtman/Pulse",
-      "version": "v5.1.16",
+      "version": "v5.1.17",
       "pinned": false,
-      "date": "2026-03-01T23:13:09Z"
+      "date": "2026-03-02T20:15:31Z"
     },
     {
       "slug": "pve-scripts-local",
@@ -1348,9 +1355,9 @@
     {
       "slug": "scanopy",
       "repo": "scanopy/scanopy",
-      "version": "v0.14.10",
+      "version": "v0.14.11",
       "pinned": false,
-      "date": "2026-02-28T21:05:12Z"
+      "date": "2026-03-02T08:48:42Z"
     },
     {
       "slug": "scraparr",

frontend/public/json/powerdns.json

@@ -0,0 +1,40 @@
+{
+  "name": "PowerDNS",
+  "slug": "powerdns",
+  "categories": [
+    5
+  ],
+  "date_created": "2026-03-02",
+  "type": "ct",
+  "updateable": true,
+  "privileged": false,
+  "interface_port": 80,
+  "documentation": "https://doc.powerdns.com/index.html",
+  "config_path": "/opt/poweradmin/config/settings.php",
+  "website": "https://www.powerdns.com/",
+  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/powerdns.webp",
+  "description": "The PowerDNS Authoritative Server is a versatile nameserver which supports a large number of backends. These backends can either be plain zone files or be more dynamic in nature. PowerDNS has the concepts of ‘backends’. A backend is a datastore that the server will consult that contains DNS records (and some metadata). The backends range from database backends (MySQL, PostgreSQL) and BIND zone files to co-processes and JSON API’s.",
+  "install_methods": [
+    {
+      "type": "default",
+      "script": "ct/powerdns.sh",
+      "resources": {
+        "cpu": 1,
+        "ram": 1024,
+        "hdd": 4,
+        "os": "Debian",
+        "version": "13"
+      }
+    }
+  ],
+  "default_credentials": {
+    "username": null,
+    "password": null
+  },
+  "notes": [
+    {
+      "text": "For administrator credentials type: `cat ~/poweradmin.creds` inside LXC.",
+      "type": "info"
+    }
+  ]
+}

install/powerdns-install.sh

@@ -0,0 +1,134 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: Slaviša Arežina (tremor021)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://www.powerdns.com/
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt install -y sqlite3
+msg_ok "Installed Dependencies"
+
+PHP_VERSION="8.3" PHP_APACHE="YES" PHP_FPM="YES" PHP_MODULE="gettext,tokenizer,sqlite3,ldap" setup_php
+setup_deb822_repo \
+  "pdns" \
+  "https://repo.powerdns.com/FD380FBB-pub.asc" \
+  "http://repo.powerdns.com/debian" \
+  "trixie-auth-50"
+
+cat <<EOF >/etc/apt/preferences.d/auth-50
+Package: pdns-*
+Pin: origin repo.powerdns.com
+Pin-Priority: 600
+EOF
+
+escape_sql() {
+  printf '%s' "$1" | sed "s/'/''/g"
+}
+
+msg_info "Setting up PowerDNS"
+$STD apt install -y \
+  pdns-server \
+  pdns-backend-sqlite3
+msg_ok "Setup PowerDNS"
+
+fetch_and_deploy_gh_release "poweradmin" "poweradmin/poweradmin" "tarball"
+
+msg_info "Setting up Poweradmin"
+sqlite3 /opt/poweradmin/powerdns.db </opt/poweradmin/sql/poweradmin-sqlite-db-structure.sql
+sqlite3 /opt/poweradmin/powerdns.db </opt/poweradmin/sql/pdns/49/schema.sqlite3.sql
+PA_ADMIN_USERNAME="admin"
+PA_ADMIN_EMAIL="admin@example.com"
+PA_ADMIN_FULLNAME="Administrator"
+PA_ADMIN_PASSWORD=$(openssl rand -base64 16 | tr -d "=+/" | cut -c1-16)
+PA_SESSION_KEY=$(openssl rand -base64 75 | tr -dc 'A-Za-z0-9^@#!(){}[]%_\-+=~' | head -c 50)
+PASSWORD_HASH=$(php -r "echo password_hash(\$argv[1], PASSWORD_DEFAULT);" -- "${PA_ADMIN_PASSWORD}" 2>/dev/null)
+sqlite3 /opt/poweradmin/powerdns.db "INSERT INTO users (username, password, fullname, email, description, perm_templ, active, use_ldap) \
+  VALUES ('$(escape_sql "${PA_ADMIN_USERNAME}")', '$(escape_sql "${PASSWORD_HASH}")', '$(escape_sql "${PA_ADMIN_FULLNAME}")', \
+  '$(escape_sql "${PA_ADMIN_EMAIL}")', 'System Administrator', 1, 1, 0);"
+
+cat <<EOF >~/poweradmin.creds
+Admin Username: ${PA_ADMIN_USERNAME}
+Admin Password: ${PA_ADMIN_PASSWORD}
+EOF
+
+cat <<EOF >/opt/poweradmin/config/settings.php
+<?php
+
+/**
+ * Poweradmin Settings Configuration File
+ *
+ * Generated by the installer on 2026-02-02 21:01:40
+ */
+
+return [
+    /**
+     * Database Settings
+     */
+    'database' => [
+        'type' => 'sqlite',
+        'file' => '/opt/poweradmin/powerdns.db',
+    ],
+
+    /**
+     * Security Settings
+     */
+    'security' => [
+        'session_key' => '${PA_SESSION_KEY}',
+    ],
+
+    /**
+     * Interface Settings
+     */
+    'interface' => [
+        'language' => 'en_EN',
+    ],
+
+    /**
+     * DNS Settings
+     */
+    'dns' => [
+        'hostmaster' => 'localhost.lan',
+        'ns1' => '8.8.8.8',
+        'ns2' => '9.9.9.9',
+    ]
+];
+EOF
+rm -rf /opt/poweradmin/install
+msg_ok "Setup Poweradmin"
+
+msg_info "Creating Service"
+rm /etc/apache2/sites-enabled/000-default.conf
+cat <<EOF >/etc/apache2/sites-enabled/poweradmin.conf
+<VirtualHost *:80>
+    ServerName localhost
+    DocumentRoot /opt/poweradmin
+
+    <Directory /opt/poweradmin>
+        Options -Indexes +FollowSymLinks
+        AllowOverride All
+        Require all granted
+    </Directory>
+
+    # For DDNS update functionality
+    RewriteEngine On
+    RewriteRule ^/update(.*)\$ /dynamic_update.php [L]
+    RewriteRule ^/nic/update(.*)\$ /dynamic_update.php [L]
+</VirtualHost>
+EOF
+$STD a2enmod rewrite headers
+chown -R www-data:www-data /opt/poweradmin
+$STD systemctl restart apache2
+msg_info "Created Service"
+
+motd_ssh
+customize
+cleanup_lxc

misc/api.func

@@ -346,18 +346,20 @@ explain_exit_code() {
 # - Handles backslashes, quotes, newlines, tabs, and carriage returns
 # ------------------------------------------------------------------------------
 json_escape() {
-  local s="$1"
-  # Strip ANSI escape sequences (color codes etc.)
-  s=$(printf '%s' "$s" | sed 's/\x1b\[[0-9;]*[a-zA-Z]//g')
-  s=${s//\\/\\\\}
-  s=${s//"/\\"/}
-  s=${s//$'\n'/\\n}
-  s=${s//$'\r'/}
-  s=${s//$'\t'/\\t}
-  # Remove any remaining control characters (0x00-0x1F except those already handled)
-  # Also remove DEL (0x7F) and invalid high bytes that break JSON parsers
-  s=$(printf '%s' "$s" | tr -d '\000-\010\013\014\016-\037\177')
-  printf '%s' "$s"
+  # Escape a string for safe JSON embedding using awk (handles any input size).
+  # Pipeline: strip ANSI → remove control chars → escape \ " TAB → join lines with \n
+  printf '%s' "$1" \
+    | sed 's/\x1b\[[0-9;]*[a-zA-Z]//g' \
+    | tr -d '\000-\010\013\014\016-\037\177\r' \
+    | awk '
+        BEGIN { ORS = "" }
+        {
+          gsub(/\\/, "\\\\")   # backslash → \\
+          gsub(/"/, "\\\"")    # double quote → \"
+          gsub(/\t/, "\\t")   # tab → \t
+          if (NR > 1) printf "\\n"
+          printf "%s", $0
+        }'
 }
 
 # ------------------------------------------------------------------------------