Update logo URL to use WebP format

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

CHANGELOG.md

@@ -10,12 +10,18 @@
 > [!CAUTION]
 Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit the project's popularity for potentially malicious purposes.
 
+## 2025-12-09
+
 ## 2025-12-08
 
 ### 🚀 Updated Scripts
 
   - typo: tandoor instead of trandoor [@Neonize](https://github.com/Neonize) ([#9771](https://github.com/community-scripts/ProxmoxVE/pull/9771))
 
+  - #### 🐞 Bug Fixes
+
+    - Tandoor: Remove postgres17-contrib package [@tremor021](https://github.com/tremor021) ([#9781](https://github.com/community-scripts/ProxmoxVE/pull/9781))
+
   - #### ✨ New Features
 
     - feat: Add var_gpu flag for GPU passthrough configuration [@MickLesk](https://github.com/MickLesk) ([#9764](https://github.com/community-scripts/ProxmoxVE/pull/9764))

ct/coolify.sh

@@ -0,0 +1,46 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://coolify.io/
+
+APP="Coolify"
+var_tags="${var_tags:-docker;paas}"
+var_cpu="${var_cpu:-2}"
+var_ram="${var_ram:-4096}"
+var_disk="${var_disk:-30}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-13}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+
+  if [[ ! -d /data/coolify ]]; then
+    msg_error "No ${APP} Installation Found!"
+    exit
+  fi
+
+  msg_info "Updating Coolify"
+  $STD bash <(curl -fsSL https://cdn.coollabs.io/coolify/install.sh)
+  msg_ok "Updated Coolify"
+  msg_ok "Updated successfully!"
+  exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed Successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:8000${CL}"

ct/tandoor.sh

@@ -55,7 +55,7 @@ function update_script() {
     cd /opt/tandoor/vue3
     $STD yarn install
     $STD yarn build
-    TANDOOR_VERSION="$(curl -fsSL https://api.github.com/repos/TandoorRecipes/recipes/releases/latest | jq -r .tag_name)"
+    TANDOOR_VERSION=$(get_latest_github_release "TandoorRecipes/recipes")
     cat <<EOF >/opt/tandoor/cookbook/version_info.py
 TANDOOR_VERSION = "$TANDOOR_VERSION"
 TANDOOR_REF = "bare-metal"

docs/misc/build.func/BUILD_FUNC_ADVANCED_SETTINGS.md

@@ -1,164 +0,0 @@
-# Advanced Settings Wizard Reference
-
-## Overview
-
-The Advanced Settings wizard provides a 28-step interactive configuration for LXC container creation. It allows users to customize every aspect of the container while inheriting sensible defaults from the CT script.
-
-## Key Features
-
-- **Inherit App Defaults**: All `var_*` values from CT scripts pre-populate wizard fields
-- **Back Navigation**: Press Cancel/Back to return to previous step
-- **App Default Hints**: Each dialog shows `(App default: X)` to indicate script defaults
-- **Full Customization**: Every configurable option is accessible
-
-## Wizard Steps
-
-| Step | Title                    | Variable(s)                       | Description                                           |
-| ---- | ------------------------ | --------------------------------- | ----------------------------------------------------- |
-| 1    | Container Type           | `var_unprivileged`                | Privileged (0) or Unprivileged (1) container          |
-| 2    | Root Password            | `var_pw`                          | Set password or use automatic login                   |
-| 3    | Container ID             | `var_ctid`                        | Unique container ID (auto-suggested)                  |
-| 4    | Hostname                 | `var_hostname`                    | Container hostname                                    |
-| 5    | Disk Size                | `var_disk`                        | Disk size in GB                                       |
-| 6    | CPU Cores                | `var_cpu`                         | Number of CPU cores                                   |
-| 7    | RAM Size                 | `var_ram`                         | RAM size in MiB                                       |
-| 8    | Network Bridge           | `var_brg`                         | Network bridge (vmbr0, etc.)                          |
-| 9    | IPv4 Configuration       | `var_net`, `var_gateway`          | DHCP or static IP with gateway                        |
-| 10   | IPv6 Configuration       | `var_ipv6_method`                 | Auto, DHCP, Static, or None                           |
-| 11   | MTU Size                 | `var_mtu`                         | Network MTU (default: 1500)                           |
-| 12   | DNS Search Domain        | `var_searchdomain`                | DNS search domain                                     |
-| 13   | DNS Server               | `var_ns`                          | Custom DNS server IP                                  |
-| 14   | MAC Address              | `var_mac`                         | Custom MAC address (auto-generated if empty)          |
-| 15   | VLAN Tag                 | `var_vlan`                        | VLAN tag ID                                           |
-| 16   | Tags                     | `var_tags`                        | Container tags (comma/semicolon separated)            |
-| 17   | SSH Settings             | `var_ssh`                         | SSH key selection and root access                     |
-| 18   | FUSE Support             | `var_fuse`                        | Enable FUSE for rclone, mergerfs, AppImage            |
-| 19   | TUN/TAP Support          | `var_tun`                         | Enable for VPN apps (WireGuard, OpenVPN, Tailscale)   |
-| 20   | Nesting Support          | `var_nesting`                     | Enable for Docker, LXC in LXC, Podman                 |
-| 21   | GPU Passthrough          | `var_gpu`                         | Auto-detect and pass through Intel/AMD/NVIDIA GPUs    |
-| 22   | Keyctl Support           | `var_keyctl`                      | Enable for Docker, systemd-networkd                   |
-| 23   | APT Cacher Proxy         | `var_apt_cacher`, `var_apt_cacher_ip` | Use apt-cacher-ng for faster downloads            |
-| 24   | Container Timezone       | `var_timezone`                    | Set timezone (e.g., Europe/Berlin)                    |
-| 25   | Container Protection     | `var_protection`                  | Prevent accidental deletion                           |
-| 26   | Device Node Creation     | `var_mknod`                       | Allow mknod (experimental, kernel 5.3+)               |
-| 27   | Mount Filesystems        | `var_mount_fs`                    | Allow specific mounts: nfs, cifs, fuse, etc.          |
-| 28   | Verbose Mode & Confirm   | `var_verbose`                     | Enable verbose output + final confirmation            |
-
-## Default Value Inheritance
-
-The wizard inherits defaults from multiple sources:
-
-```text
-CT Script (var_*) → default.vars → app.vars → User Input
-```
-
-### Example: VPN Container (alpine-wireguard.sh)
-
-```bash
-# CT script sets:
-var_tun="${var_tun:-1}"  # TUN enabled by default
-
-# In Advanced Settings Step 19:
-# Dialog shows: "(App default: 1)" and pre-selects "Yes"
-```
-
-### Example: Media Server (jellyfin.sh)
-
-```bash
-# CT script sets:
-var_gpu="${var_gpu:-yes}"  # GPU enabled by default
-
-# In Advanced Settings Step 21:
-# Dialog shows: "(App default: yes)" and pre-selects "Yes"
-```
-
-## Feature Matrix
-
-| Feature           | Variable         | When to Enable                                      |
-| ----------------- | ---------------- | --------------------------------------------------- |
-| FUSE              | `var_fuse`       | rclone, mergerfs, AppImage, SSHFS                   |
-| TUN/TAP           | `var_tun`        | WireGuard, OpenVPN, Tailscale, VPN containers       |
-| Nesting           | `var_nesting`    | Docker, Podman, LXC-in-LXC, systemd-nspawn          |
-| GPU Passthrough   | `var_gpu`        | Plex, Jellyfin, Emby, Frigate, Ollama, ComfyUI      |
-| Keyctl            | `var_keyctl`     | Docker (unprivileged), systemd-networkd             |
-| Protection        | `var_protection` | Production containers, prevent accidental deletion  |
-| Mknod             | `var_mknod`      | Device node creation (experimental)                 |
-| Mount FS          | `var_mount_fs`   | NFS mounts, CIFS shares, custom filesystems         |
-| APT Cacher        | `var_apt_cacher` | Speed up downloads with local apt-cacher-ng         |
-
-## Confirmation Summary
-
-Step 28 displays a comprehensive summary before creation:
-
-```text
-Container Type: Unprivileged
-Container ID: 100
-Hostname: jellyfin
-
-Resources:
-  Disk: 8 GB
-  CPU: 2 cores
-  RAM: 2048 MiB
-
-Network:
-  Bridge: vmbr0
-  IPv4: dhcp
-  IPv6: auto
-
-Features:
-  FUSE: no | TUN: no
-  Nesting: Enabled | Keyctl: Disabled
-  GPU: yes | Protection: No
-
-Advanced:
-  Timezone: Europe/Berlin
-  APT Cacher: no
-  Verbose: no
-```
-
-## Usage Examples
-
-### Skip to Advanced Settings
-
-```bash
-# Run script, select "Advanced" from menu
-bash -c "$(curl -fsSL https://...jellyfin.sh)"
-# Then select option 3 "Advanced"
-```
-
-### Pre-set Defaults via Environment
-
-```bash
-# Set defaults before running
-export var_cpu=4
-export var_ram=4096
-export var_gpu=yes
-bash -c "$(curl -fsSL https://...jellyfin.sh)"
-# Advanced settings will inherit these values
-```
-
-### Non-Interactive with All Options
-
-```bash
-# Set all variables for fully automated deployment
-export var_unprivileged=1
-export var_cpu=2
-export var_ram=2048
-export var_disk=8
-export var_net=dhcp
-export var_fuse=no
-export var_tun=no
-export var_gpu=yes
-export var_nesting=1
-export var_protection=no
-export var_verbose=no
-bash -c "$(curl -fsSL https://...jellyfin.sh)"
-```
-
-## Notes
-
-- **Cancel at Step 1**: Exits the script entirely
-- **Cancel at Steps 2-28**: Goes back to previous step
-- **Empty fields**: Use default value
-- **Keyctl**: Automatically enabled for unprivileged containers
-- **Nesting**: Enabled by default (required for many apps)

docs/misc/build.func/BUILD_FUNC_ENVIRONMENT_VARIABLES.md

@@ -66,36 +66,17 @@ This document provides a comprehensive reference of all environment variables us
 
 ### Feature Flags
 
-| Variable         | Description                    | Default | Set In                          | Used In            |
-| ---------------- | ------------------------------ | ------- | ------------------------------- | ------------------ |
-| `var_fuse`       | Enable FUSE support            | "no"    | CT script / Advanced Settings   | Container features |
-| `var_tun`        | Enable TUN/TAP support         | "no"    | CT script / Advanced Settings   | Container features |
-| `var_nesting`    | Enable nesting support         | "1"     | CT script / Advanced Settings   | Container features |
-| `var_keyctl`     | Enable keyctl support          | "0"     | CT script / Advanced Settings   | Container features |
-| `var_mknod`      | Allow device node creation     | "0"     | CT script / Advanced Settings   | Container features |
-| `var_mount_fs`   | Allowed filesystem mounts      | ""      | CT script / Advanced Settings   | Container features |
-| `var_protection` | Enable container protection    | "no"    | CT script / Advanced Settings   | Container creation |
-| `var_timezone`   | Container timezone             | ""      | CT script / Advanced Settings   | Container creation |
-| `var_verbose`    | Enable verbose output          | "no"    | Environment / Advanced Settings | Logging            |
-| `var_ssh`        | Enable SSH key provisioning    | "no"    | CT script / Advanced Settings   | SSH setup          |
-| `ENABLE_FUSE`    | FUSE flag (internal)           | "no"    | Advanced Settings               | Container creation |
-| `ENABLE_TUN`     | TUN/TAP flag (internal)        | "no"    | Advanced Settings               | Container creation |
-| `ENABLE_NESTING` | Nesting flag (internal)        | "1"     | Advanced Settings               | Container creation |
-| `ENABLE_KEYCTL`  | Keyctl flag (internal)         | "0"     | Advanced Settings               | Container creation |
-| `ENABLE_MKNOD`   | Mknod flag (internal)          | "0"     | Advanced Settings               | Container creation |
-| `PROTECT_CT`     | Protection flag (internal)     | "no"    | Advanced Settings               | Container creation |
-| `CT_TIMEZONE`    | Timezone setting (internal)    | ""      | Advanced Settings               | Container creation |
-| `VERBOSE`        | Verbose mode flag              | "no"    | Environment                     | Logging            |
-| `SSH`            | SSH access flag                | "no"    | Advanced Settings               | SSH setup          |
-
-### APT Cacher Configuration
-
-| Variable           | Description              | Default | Set In                        | Used In             |
-| ------------------ | ------------------------ | ------- | ----------------------------- | ------------------- |
-| `var_apt_cacher`   | Enable APT cacher proxy  | "no"    | CT script / Advanced Settings | Package management  |
-| `var_apt_cacher_ip`| APT cacher server IP     | ""      | CT script / Advanced Settings | Package management  |
-| `APT_CACHER`       | APT cacher flag          | "no"    | Advanced Settings             | Container creation  |
-| `APT_CACHER_IP`    | APT cacher IP (internal) | ""      | Advanced Settings             | Container creation  |
+| Variable              | Description                 | Default | Set In          | Used In            |
+| --------------------- | --------------------------- | ------- | --------------- | ------------------ |
+| `ENABLE_FUSE`         | Enable FUSE support         | "true"  | base_settings() | Container features |
+| `ENABLE_TUN`          | Enable TUN/TAP support      | "true"  | base_settings() | Container features |
+| `ENABLE_KEYCTL`       | Enable keyctl support       | "true"  | base_settings() | Container features |
+| `ENABLE_MOUNT`        | Enable mount support        | "true"  | base_settings() | Container features |
+| `ENABLE_NESTING`      | Enable nesting support      | "false" | base_settings() | Container features |
+| `ENABLE_PRIVILEGED`   | Enable privileged mode      | "false" | base_settings() | Container features |
+| `ENABLE_UNPRIVILEGED` | Enable unprivileged mode    | "true"  | base_settings() | Container features |
+| `VERBOSE`             | Enable verbose output       | "false" | Environment     | Logging            |
+| `SSH`                 | Enable SSH key provisioning | "true"  | base_settings() | SSH setup          |
 
 ### GPU Passthrough Variables
 

docs/misc/build.func/README.md

@@ -6,16 +6,6 @@ This directory contains comprehensive documentation for the `build.func` script,
 
 ## Documentation Files
 
-### 🎛️ [BUILD_FUNC_ADVANCED_SETTINGS.md](./BUILD_FUNC_ADVANCED_SETTINGS.md)
-Complete reference for the 28-step Advanced Settings wizard, including all configurable options and their inheritance behavior.
-
-**Contents:**
-- All 28 wizard steps explained
-- Default value inheritance
-- Feature matrix (when to enable each feature)
-- Confirmation summary format
-- Usage examples
-
 ### 📊 [BUILD_FUNC_FLOWCHART.md](./BUILD_FUNC_FLOWCHART.md)
 Visual ASCII flowchart showing the main execution flow, decision trees, and key decision points in the build.func script.
 

frontend/public/json/coolify.json

@@ -0,0 +1,52 @@
+{
+    "name": "Coolify",
+    "slug": "coolify",
+    "categories": [
+        6
+    ],
+    "date_created": "2025-12-09",
+    "type": "ct",
+    "updateable": true,
+    "privileged": false,
+    "interface_port": 8000,
+    "documentation": "https://coolify.io/docs",
+    "config_path": "/data/coolify",
+    "website": "https://coolify.io/",
+    "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/coolify.webp",
+    "description": "Coolify is an open-source & self-hostable alternative to Heroku, Netlify, and Vercel. It helps you manage your servers, applications, and databases on your own hardware with Docker. Deploy any application from Git repositories, Docker images, or use pre-built templates.",
+    "install_methods": [
+        {
+            "type": "default",
+            "script": "ct/coolify.sh",
+            "resources": {
+                "cpu": 2,
+                "ram": 4096,
+                "hdd": 30,
+                "os": "Debian",
+                "version": "13"
+            }
+        }
+    ],
+    "default_credentials": {
+        "username": null,
+        "password": null
+    },
+    "notes": [
+        {
+            "text": "Initial setup will be done via the web interface on first access.",
+            "type": "info"
+        },
+        {
+            "text": "Coolify has built-in auto-updates. You can configure update frequency in Settings.",
+            "type": "info"
+        },
+        {
+            "text": "Coolify requires SSH access to manage deployments. SSH is enabled automatically.",
+            "type": "info"
+        },
+        {
+            "text": "This container uses Docker-in-Docker (nesting) for application deployments.",
+            "type": "warning"
+        }
+    ]
+}

frontend/public/json/versions.json

@@ -1,8 +1,73 @@
 [
+  {
+    "name": "sabnzbd/sabnzbd",
+    "version": "4.5.5",
+    "date": "2025-10-24T11:12:22Z"
+  },
+  {
+    "name": "home-assistant/core",
+    "version": "2025.12.2",
+    "date": "2025-12-08T21:36:42Z"
+  },
+  {
+    "name": "BerriAI/litellm",
+    "version": "v1.80.9-nightly",
+    "date": "2025-12-08T21:21:07Z"
+  },
+  {
+    "name": "seerr-team/seerr",
+    "version": "preview-test-fix-subscriptions",
+    "date": "2025-12-08T21:16:05Z"
+  },
+  {
+    "name": "hansmi/prometheus-paperless-exporter",
+    "version": "v0.0.9",
+    "date": "2025-12-08T20:37:45Z"
+  },
+  {
+    "name": "influxdata/telegraf",
+    "version": "v1.37.0",
+    "date": "2025-12-08T20:36:16Z"
+  },
+  {
+    "name": "pommee/goaway",
+    "version": "v0.62.23",
+    "date": "2025-12-08T20:30:54Z"
+  },
+  {
+    "name": "n8n-io/n8n",
+    "version": "n8n@1.123.4",
+    "date": "2025-12-08T13:30:40Z"
+  },
+  {
+    "name": "steveiliop56/tinyauth",
+    "version": "v4.1.0",
+    "date": "2025-11-23T12:13:34Z"
+  },
+  {
+    "name": "homarr-labs/homarr",
+    "version": "v1.45.3",
+    "date": "2025-12-08T16:11:16Z"
+  },
+  {
+    "name": "AdguardTeam/AdGuardHome",
+    "version": "v0.107.71",
+    "date": "2025-12-08T14:34:55Z"
+  },
+  {
+    "name": "chrisbenincasa/tunarr",
+    "version": "v0.22.18",
+    "date": "2025-12-08T14:26:24Z"
+  },
   {
     "name": "openobserve/openobserve",
     "version": "v0.30.0-rc1",
-    "date": "2025-12-08T11:46:24Z"
+    "date": "2025-12-08T13:29:14Z"
+  },
+  {
+    "name": "wavelog/wavelog",
+    "version": "2.2.1",
+    "date": "2025-12-08T12:01:34Z"
   },
   {
     "name": "ventoy/Ventoy",
@@ -44,6 +109,11 @@
     "version": "v0.24.420",
     "date": "2025-12-08T05:55:34Z"
   },
+  {
+    "name": "ollama/ollama",
+    "version": "v0.13.2-rc2",
+    "date": "2025-12-06T00:10:33Z"
+  },
   {
     "name": "firefly-iii/firefly-iii",
     "version": "v6.4.9",
@@ -54,21 +124,11 @@
     "version": "v2.2.0",
     "date": "2025-12-08T03:33:34Z"
   },
-  {
-    "name": "chrisbenincasa/tunarr",
-    "version": "v0.23.0-alpha.31",
-    "date": "2025-12-08T02:39:59Z"
-  },
   {
     "name": "jeedom/core",
     "version": "4.5",
     "date": "2025-12-08T00:27:05Z"
   },
-  {
-    "name": "steveiliop56/tinyauth",
-    "version": "v4.1.0",
-    "date": "2025-11-23T12:13:34Z"
-  },
   {
     "name": "maxdorninger/MediaManager",
     "version": "v1.10.0",
@@ -89,21 +149,11 @@
     "version": "26.4.7",
     "date": "2025-12-01T08:14:11Z"
   },
-  {
-    "name": "seerr-team/seerr",
-    "version": "preview-test-fix-subscriptions",
-    "date": "2025-12-07T14:31:55Z"
-  },
   {
     "name": "bluenviron/mediamtx",
     "version": "v1.15.5",
     "date": "2025-12-07T12:24:21Z"
   },
-  {
-    "name": "BerriAI/litellm",
-    "version": "v1.80.8.rc.1",
-    "date": "2025-12-07T01:36:40Z"
-  },
   {
     "name": "umami-software/umami",
     "version": "v2.20.1",
@@ -174,31 +224,11 @@
     "version": "v13.1.3",
     "date": "2025-12-06T04:40:09Z"
   },
-  {
-    "name": "ollama/ollama",
-    "version": "v0.13.2-rc1",
-    "date": "2025-12-04T23:19:06Z"
-  },
   {
     "name": "Stirling-Tools/Stirling-PDF",
     "version": "v2.1.1",
     "date": "2025-12-05T23:48:08Z"
   },
-  {
-    "name": "home-assistant/core",
-    "version": "2025.12.1",
-    "date": "2025-12-05T21:10:31Z"
-  },
-  {
-    "name": "n8n-io/n8n",
-    "version": "n8n@1.122.5",
-    "date": "2025-12-04T14:09:39Z"
-  },
-  {
-    "name": "homarr-labs/homarr",
-    "version": "v1.45.2",
-    "date": "2025-12-05T19:17:09Z"
-  },
   {
     "name": "booklore-app/booklore",
     "version": "v1.13.2",
@@ -264,11 +294,6 @@
     "version": "v1.30.20",
     "date": "2025-12-04T18:17:47Z"
   },
-  {
-    "name": "AdguardTeam/AdGuardHome",
-    "version": "v0.107.70",
-    "date": "2025-12-03T16:12:15Z"
-  },
   {
     "name": "wazuh/wazuh",
     "version": "coverity-w49-4.14.2",
@@ -367,7 +392,7 @@
   {
     "name": "mealie-recipes/mealie",
     "version": "v3.6.1",
-    "date": "2025-12-02T22:54:10Z"
+    "date": "2025-12-02T23:08:41Z"
   },
   {
     "name": "apache/tomcat",
@@ -539,11 +564,6 @@
     "version": "v11.8.2",
     "date": "2025-11-30T08:39:28Z"
   },
-  {
-    "name": "pommee/goaway",
-    "version": "v0.62.20",
-    "date": "2025-11-30T06:51:31Z"
-  },
   {
     "name": "MediaBrowser/Emby.Releases",
     "version": "4.9.1.90",
@@ -699,11 +719,6 @@
     "version": "v1.18.0",
     "date": "2025-11-23T17:42:53Z"
   },
-  {
-    "name": "wavelog/wavelog",
-    "version": "2.2",
-    "date": "2025-11-23T17:32:38Z"
-  },
   {
     "name": "crafty-controller/crafty-4",
     "version": "v4.6.1",
@@ -744,11 +759,6 @@
     "version": "5.2.4",
     "date": "2025-11-21T10:25:05Z"
   },
-  {
-    "name": "sabnzbd/sabnzbd",
-    "version": "4.5.5",
-    "date": "2025-10-24T11:12:22Z"
-  },
   {
     "name": "MariaDB/server",
     "version": "mariadb-12.1.2",
@@ -839,11 +849,6 @@
     "version": "v0.28.2",
     "date": "2025-11-18T05:51:46Z"
   },
-  {
-    "name": "influxdata/telegraf",
-    "version": "v1.36.4",
-    "date": "2025-11-17T17:15:29Z"
-  },
   {
     "name": "rabbitmq/rabbitmq-server",
     "version": "v4.2.1",
@@ -1364,11 +1369,6 @@
     "version": "v1.13.0",
     "date": "2025-05-25T20:21:13Z"
   },
-  {
-    "name": "hansmi/prometheus-paperless-exporter",
-    "version": "v0.0.8",
-    "date": "2025-05-18T11:37:31Z"
-  },
   {
     "name": "stackblitz-labs/bolt.diy",
     "version": "1.0.0",

install/coolify-install.sh

@@ -0,0 +1,39 @@
+#!/bin/bash
+
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://coolify.io/
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt install -y \
+  git \
+  openssl
+msg_ok "Installed Dependencies"
+
+msg_warn "WARNING: This script will run an external installer from a third-party source (https://coolify.io/)."
+msg_warn "The following code is NOT maintained or audited by our repository."
+msg_warn "If you have any doubts or concerns, please review the installer code before proceeding:"
+msg_custom "${TAB3}${GATEWAY}${BGN}${CL}" "\e[1;34m" "→  https://cdn.coollabs.io/coolify/install.sh"
+echo
+read -r -p "${TAB3}Do you want to continue? [y/N]: " CONFIRM
+if [[ ! "$CONFIRM" =~ ^([yY][eE][sS]|[yY])$ ]]; then
+  msg_error "Aborted by user. No changes have been made."
+  exit 10
+fi
+
+msg_info "Installing Coolify (Patience - this installs Docker and pulls containers)"
+$STD bash <(curl -fsSL https://cdn.coollabs.io/coolify/install.sh)
+msg_ok "Installed Coolify"
+
+motd_ssh
+customize
+cleanup_lxc

install/tandoor-install.sh

@@ -32,28 +32,10 @@ msg_ok "Installed Dependencies"
 
 NODE_VERSION="22" NODE_MODULE="yarn" setup_nodejs
 fetch_and_deploy_gh_release "tandoor" "TandoorRecipes/recipes" "tarball" "latest" "/opt/tandoor"
-PG_VERSION="17" PG_MODULES="contrib" setup_postgresql
+PG_VERSION="17" setup_postgresql
 PYTHON_VERSION="3.13" setup_uv
-
-msg_info "Set up PostgreSQL Database"
-DB_NAME=db_recipes
-DB_USER=tandoor
+PG_DB_USER="tandoor" PG_DB_NAME="db_recipes" PG_DB_EXTENSIONS="unaccent,pg_trgm" setup_postgresql_db
 SECRET_KEY=$(openssl rand -base64 45 | sed 's/\//\\\//g')
-DB_PASS="$(openssl rand -base64 18 | cut -c1-13)"
-$STD sudo -u postgres psql -c "CREATE ROLE $DB_USER WITH LOGIN PASSWORD '$DB_PASS';"
-$STD sudo -u postgres psql -c "CREATE DATABASE $DB_NAME WITH OWNER $DB_USER TEMPLATE template0;"
-$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET client_encoding TO 'utf8';"
-$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET default_transaction_isolation TO 'read committed';"
-$STD sudo -u postgres psql -c "ALTER ROLE $DB_USER SET timezone TO 'UTC'"
-$STD sudo -u postgres psql -d "$DB_NAME" -c "CREATE EXTENSION IF NOT EXISTS unaccent;"
-$STD sudo -u postgres psql -d "$DB_NAME" -c "CREATE EXTENSION IF NOT EXISTS pg_trgm;"
-{
-  echo "Tandoor-Credentials"
-  echo "Tandoor Database Name: $DB_NAME"
-  echo "Tandoor Database User: $DB_USER"
-  echo "Tandoor Database Password: $DB_PASS"
-} >>~/tandoor.creds
-msg_ok "Set up PostgreSQL Database"
 
 msg_info "Setup Tandoor"
 mkdir -p /opt/tandoor/{config,api,mediafiles,staticfiles}
@@ -69,16 +51,16 @@ TZ=Europe/Berlin
 
 DB_ENGINE=django.db.backends.postgresql
 POSTGRES_HOST=localhost
-POSTGRES_DB=$DB_NAME
+POSTGRES_DB=$PG_DB_NAME
 POSTGRES_PORT=5432
-POSTGRES_USER=$DB_USER
-POSTGRES_PASSWORD=$DB_PASS
+POSTGRES_USER=$PG_DB_USER
+POSTGRES_PASSWORD=$PG_DB_PASS
 
 STATIC_URL=/staticfiles/
 MEDIA_URL=/media/
 EOF
 
-TANDOOR_VERSION="$(curl -s https://api.github.com/repos/TandoorRecipes/recipes/releases/latest | jq -r .tag_name)"
+TANDOOR_VERSION=$(get_latest_github_release "TandoorRecipes/recipes")
 cat <<EOF >/opt/tandoor/cookbook/version_info.py
 TANDOOR_VERSION = "$TANDOOR_VERSION"
 TANDOOR_REF = "bare-metal"

misc/build.func

@@ -816,7 +816,6 @@ _build_current_app_vars_tmp() {
   _apt_cacher_ip="${APT_CACHER_IP:-}"
   _fuse="${ENABLE_FUSE:-no}"
   _tun="${ENABLE_TUN:-no}"
-  _gpu="${ENABLE_GPU:-no}"
   _nesting="${ENABLE_NESTING:-1}"
   _keyctl="${ENABLE_KEYCTL:-0}"
   _mknod="${ENABLE_MKNOD:-0}"
@@ -866,7 +865,6 @@ _build_current_app_vars_tmp() {
 
     [ -n "$_fuse" ] && echo "var_fuse=$(_sanitize_value "$_fuse")"
     [ -n "$_tun" ] && echo "var_tun=$(_sanitize_value "$_tun")"
-    [ -n "$_gpu" ] && echo "var_gpu=$(_sanitize_value "$_gpu")"
     [ -n "$_nesting" ] && echo "var_nesting=$(_sanitize_value "$_nesting")"
     [ -n "$_keyctl" ] && echo "var_keyctl=$(_sanitize_value "$_keyctl")"
     [ -n "$_mknod" ] && echo "var_mknod=$(_sanitize_value "$_mknod")"
@@ -1013,49 +1011,38 @@ advanced_settings() {
   # Initialize defaults
   TAGS="community-script;${var_tags:-}"
   local STEP=1
-  local MAX_STEP=28
+  local MAX_STEP=20
 
-  # Store values for back navigation - inherit from var_* app defaults
-  local _ct_type="${var_unprivileged:-1}"
+  # Store values for back navigation
+  local _ct_type="${CT_TYPE:-1}"
   local _pw=""
   local _pw_display="Automatic Login"
   local _ct_id="$NEXTID"
   local _hostname="$NSAPP"
-  local _disk_size="${var_disk:-4}"
-  local _core_count="${var_cpu:-1}"
-  local _ram_size="${var_ram:-1024}"
-  local _bridge="${var_brg:-vmbr0}"
-  local _net="${var_net:-dhcp}"
-  local _gate="${var_gateway:-}"
-  local _ipv6_method="${var_ipv6_method:-auto}"
+  local _disk_size="$var_disk"
+  local _core_count="$var_cpu"
+  local _ram_size="$var_ram"
+  local _bridge="vmbr0"
+  local _net="dhcp"
+  local _gate=""
+  local _ipv6_method="auto"
   local _ipv6_addr=""
   local _ipv6_gate=""
-  local _apt_cacher="${var_apt_cacher:-no}"
-  local _apt_cacher_ip="${var_apt_cacher_ip:-}"
-  local _mtu="${var_mtu:-}"
-  local _sd="${var_searchdomain:-}"
-  local _ns="${var_ns:-}"
-  local _mac="${var_mac:-}"
-  local _vlan="${var_vlan:-}"
+  local _apt_cacher_ip=""
+  local _mtu=""
+  local _sd=""
+  local _ns=""
+  local _mac=""
+  local _vlan=""
   local _tags="$TAGS"
-  local _enable_fuse="${var_fuse:-no}"
-  local _enable_tun="${var_tun:-no}"
+  local _enable_fuse="no"
   local _enable_gpu="${var_gpu:-no}"
-  local _enable_nesting="${var_nesting:-1}"
-  local _verbose="${var_verbose:-no}"
-  local _enable_keyctl="${var_keyctl:-0}"
-  local _enable_mknod="${var_mknod:-0}"
-  local _mount_fs="${var_mount_fs:-}"
-  local _protect_ct="${var_protection:-no}"
-  
-  # Detect host timezone for default (if not set via var_timezone)
-  local _host_timezone=""
-  if command -v timedatectl >/dev/null 2>&1; then
-    _host_timezone=$(timedatectl show --value --property=Timezone 2>/dev/null || echo "")
-  elif [ -f /etc/timezone ]; then
-    _host_timezone=$(cat /etc/timezone 2>/dev/null || echo "")
-  fi
-  local _ct_timezone="${var_timezone:-$_host_timezone}"
+  local _verbose="no"
+  local _enable_keyctl="0"
+  local _enable_mknod="0"
+  local _mount_fs=""
+  local _protect_ct="no"
+  local _ct_timezone=""
 
   # Helper to show current progress
   show_progress() {
@@ -1511,17 +1498,14 @@ advanced_settings() {
       ;;
 
     # ═══════════════════════════════════════════════════════════════════════════
-    # STEP 18: FUSE Support
+    # STEP 18: FUSE & Verbose Mode
     # ═══════════════════════════════════════════════════════════════════════════
     18)
-      local fuse_default_flag="--defaultno"
-      [[ "$_enable_fuse" == "yes" || "$_enable_fuse" == "1" ]] && fuse_default_flag=""
-
       if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
         --title "FUSE SUPPORT" \
         --ok-button "Next" --cancel-button "Back" \
-        $fuse_default_flag \
-        --yesno "\nEnable FUSE support?\n\nRequired for: rclone, mergerfs, AppImage, etc.\n\n(App default: ${var_fuse:-no})" 14 58; then
+        --defaultno \
+        --yesno "\nEnable FUSE support?\n\nRequired for: rclone, mergerfs, AppImage, etc." 12 58; then
         _enable_fuse="yes"
       else
         if [ $? -eq 1 ]; then
@@ -1531,69 +1515,30 @@ advanced_settings() {
           continue
         fi
       fi
+
+      if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
+        --title "VERBOSE MODE" \
+        --defaultno \
+        --yesno "\nEnable Verbose Mode?\n\nShows detailed output during installation." 12 58; then
+        _verbose="yes"
+      else
+        _verbose="no"
+      fi
       ((STEP++))
       ;;
 
     # ═══════════════════════════════════════════════════════════════════════════
-    # STEP 19: TUN/TAP Support
+    # STEP 19: GPU Passthrough
     # ═══════════════════════════════════════════════════════════════════════════
     19)
-      local tun_default_flag="--defaultno"
-      [[ "$_enable_tun" == "yes" || "$_enable_tun" == "1" ]] && tun_default_flag=""
-
-      if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
-        --title "TUN/TAP SUPPORT" \
-        --ok-button "Next" --cancel-button "Back" \
-        $tun_default_flag \
-        --yesno "\nEnable TUN/TAP device support?\n\nRequired for: VPN apps (WireGuard, OpenVPN, Tailscale),\nnetwork tunneling, and containerized networking.\n\n(App default: ${var_tun:-no})" 14 62; then
-        _enable_tun="yes"
-      else
-        if [ $? -eq 1 ]; then
-          _enable_tun="no"
-        else
-          ((STEP--))
-          continue
-        fi
-      fi
-      ((STEP++))
-      ;;
-
-    # ═══════════════════════════════════════════════════════════════════════════
-    # STEP 20: Nesting Support
-    # ═══════════════════════════════════════════════════════════════════════════
-    20)
-      local nesting_default_flag=""
-      [[ "$_enable_nesting" == "0" || "$_enable_nesting" == "no" ]] && nesting_default_flag="--defaultno"
-
-      if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
-        --title "NESTING SUPPORT" \
-        --ok-button "Next" --cancel-button "Back" \
-        $nesting_default_flag \
-        --yesno "\nEnable Nesting?\n\nRequired for: Docker, LXC inside LXC, Podman,\nand other containerization tools.\n\n(App default: ${var_nesting:-1})" 14 58; then
-        _enable_nesting="1"
-      else
-        if [ $? -eq 1 ]; then
-          _enable_nesting="0"
-        else
-          ((STEP--))
-          continue
-        fi
-      fi
-      ((STEP++))
-      ;;
-
-    # ═══════════════════════════════════════════════════════════════════════════
-    # STEP 21: GPU Passthrough
-    # ═══════════════════════════════════════════════════════════════════════════
-    21)
-      local gpu_default_flag="--defaultno"
-      [[ "$_enable_gpu" == "yes" ]] && gpu_default_flag=""
+      local gpu_default="OFF"
+      [[ "$_enable_gpu" == "yes" ]] && gpu_default="ON"
 
       if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
         --title "GPU PASSTHROUGH" \
         --ok-button "Next" --cancel-button "Back" \
-        $gpu_default_flag \
-        --yesno "\nEnable GPU Passthrough?\n\nAutomatically detects and passes through available GPUs\n(Intel/AMD/NVIDIA) for hardware acceleration.\n\nRecommended for: Media servers, AI/ML, Transcoding\n\n(App default: ${var_gpu:-no})" 16 62; then
+        --defaultno \
+        --yesno "\nEnable GPU Passthrough?\n\nAutomatically detects and passes through available GPUs\n(Intel/AMD/NVIDIA) for hardware acceleration.\n\nRecommended for: Media servers, AI/ML, Transcoding" 14 62; then
         _enable_gpu="yes"
       else
         if [ $? -eq 1 ]; then
@@ -1607,179 +1552,13 @@ advanced_settings() {
       ;;
 
     # ═══════════════════════════════════════════════════════════════════════════
-    # STEP 22: Keyctl Support (Docker/systemd)
+    # STEP 20: Confirmation
     # ═══════════════════════════════════════════════════════════════════════════
-    22)
-      local keyctl_default_flag="--defaultno"
-      [[ "$_enable_keyctl" == "1" ]] && keyctl_default_flag=""
-
-      if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
-        --title "KEYCTL SUPPORT" \
-        --ok-button "Next" --cancel-button "Back" \
-        $keyctl_default_flag \
-        --yesno "\nEnable Keyctl support?\n\nRequired for: Docker containers, systemd-networkd,\nand kernel keyring operations.\n\nNote: Automatically enabled for unprivileged containers.\n\n(App default: ${var_keyctl:-0})" 16 62; then
-        _enable_keyctl="1"
-      else
-        if [ $? -eq 1 ]; then
-          _enable_keyctl="0"
-        else
-          ((STEP--))
-          continue
-        fi
-      fi
-      ((STEP++))
-      ;;
-
-    # ═══════════════════════════════════════════════════════════════════════════
-    # STEP 23: APT Cacher Proxy
-    # ═══════════════════════════════════════════════════════════════════════════
-    23)
-      local apt_cacher_default_flag="--defaultno"
-      [[ "$_apt_cacher" == "yes" ]] && apt_cacher_default_flag=""
-
-      if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
-        --title "APT CACHER PROXY" \
-        --ok-button "Next" --cancel-button "Back" \
-        $apt_cacher_default_flag \
-        --yesno "\nUse APT Cacher-NG proxy?\n\nSpeeds up package downloads by caching them locally.\nRequires apt-cacher-ng running on your network.\n\n(App default: ${var_apt_cacher:-no})" 14 62; then
-        _apt_cacher="yes"
-        # Ask for IP if enabled
-        if result=$(whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
-          --title "APT CACHER IP" \
-          --inputbox "\nEnter APT Cacher-NG server IP address:" 10 58 "$_apt_cacher_ip" \
-          3>&1 1>&2 2>&3); then
-          _apt_cacher_ip="$result"
-        fi
-      else
-        if [ $? -eq 1 ]; then
-          _apt_cacher="no"
-          _apt_cacher_ip=""
-        else
-          ((STEP--))
-          continue
-        fi
-      fi
-      ((STEP++))
-      ;;
-
-    # ═══════════════════════════════════════════════════════════════════════════
-    # STEP 24: Container Timezone
-    # ═══════════════════════════════════════════════════════════════════════════
-    24)
-      local tz_hint="$_ct_timezone"
-      [[ -z "$tz_hint" ]] && tz_hint="(empty - will use host timezone)"
-
-      if result=$(whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
-        --title "CONTAINER TIMEZONE" \
-        --ok-button "Next" --cancel-button "Back" \
-        --inputbox "\nSet container timezone.\n\nExamples: Europe/Berlin, America/New_York, Asia/Tokyo\n\nHost timezone: ${_host_timezone:-unknown}\n\nLeave empty to inherit from host." 16 62 "$_ct_timezone" \
-        3>&1 1>&2 2>&3); then
-        _ct_timezone="$result"
-        ((STEP++))
-      else
-        ((STEP--))
-      fi
-      ;;
-
-    # ═══════════════════════════════════════════════════════════════════════════
-    # STEP 25: Container Protection
-    # ═══════════════════════════════════════════════════════════════════════════
-    25)
-      local protect_default_flag="--defaultno"
-      [[ "$_protect_ct" == "yes" || "$_protect_ct" == "1" ]] && protect_default_flag=""
-
-      if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
-        --title "CONTAINER PROTECTION" \
-        --ok-button "Next" --cancel-button "Back" \
-        $protect_default_flag \
-        --yesno "\nEnable Container Protection?\n\nPrevents accidental deletion of this container.\nYou must disable protection before removing.\n\n(App default: ${var_protection:-no})" 14 62; then
-        _protect_ct="yes"
-      else
-        if [ $? -eq 1 ]; then
-          _protect_ct="no"
-        else
-          ((STEP--))
-          continue
-        fi
-      fi
-      ((STEP++))
-      ;;
-
-    # ═══════════════════════════════════════════════════════════════════════════
-    # STEP 26: Device Node Creation (mknod)
-    # ═══════════════════════════════════════════════════════════════════════════
-    26)
-      local mknod_default_flag="--defaultno"
-      [[ "$_enable_mknod" == "1" ]] && mknod_default_flag=""
-
-      if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
-        --title "DEVICE NODE CREATION" \
-        --ok-button "Next" --cancel-button "Back" \
-        $mknod_default_flag \
-        --yesno "\nAllow device node creation (mknod)?\n\nRequired for: Creating device files inside container.\nExperimental feature (requires kernel 5.3+).\n\n(App default: ${var_mknod:-0})" 14 62; then
-        _enable_mknod="1"
-      else
-        if [ $? -eq 1 ]; then
-          _enable_mknod="0"
-        else
-          ((STEP--))
-          continue
-        fi
-      fi
-      ((STEP++))
-      ;;
-
-    # ═══════════════════════════════════════════════════════════════════════════
-    # STEP 27: Mount Filesystems
-    # ═══════════════════════════════════════════════════════════════════════════
-    27)
-      local mount_hint=""
-      [[ -n "$_mount_fs" ]] && mount_hint="$_mount_fs" || mount_hint="(none)"
-
-      if result=$(whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
-        --title "MOUNT FILESYSTEMS" \
-        --ok-button "Next" --cancel-button "Back" \
-        --inputbox "\nAllow specific filesystem mounts.\n\nComma-separated list: nfs, cifs, fuse, ext4, etc.\nLeave empty for defaults (none).\n\nCurrent: $mount_hint" 14 62 "$_mount_fs" \
-        3>&1 1>&2 2>&3); then
-        _mount_fs="$result"
-        ((STEP++))
-      else
-        ((STEP--))
-      fi
-      ;;
-
-    # ═══════════════════════════════════════════════════════════════════════════
-    # STEP 28: Verbose Mode & Confirmation
-    # ═══════════════════════════════════════════════════════════════════════════
-    28)
-      local verbose_default_flag="--defaultno"
-      [[ "$_verbose" == "yes" ]] && verbose_default_flag=""
-
-      if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
-        --title "VERBOSE MODE" \
-        $verbose_default_flag \
-        --yesno "\nEnable Verbose Mode?\n\nShows detailed output during installation." 12 58; then
-        _verbose="yes"
-      else
-        _verbose="no"
-      fi
+    20)
       # Build summary
       local ct_type_desc="Unprivileged"
       [[ "$_ct_type" == "0" ]] && ct_type_desc="Privileged"
 
-      local nesting_desc="Disabled"
-      [[ "$_enable_nesting" == "1" ]] && nesting_desc="Enabled"
-
-      local keyctl_desc="Disabled"
-      [[ "$_enable_keyctl" == "1" ]] && keyctl_desc="Enabled"
-
-      local protect_desc="No"
-      [[ "$_protect_ct" == "yes" || "$_protect_ct" == "1" ]] && protect_desc="Yes"
-
-      local tz_display="${_ct_timezone:-Host TZ}"
-      local apt_display="${_apt_cacher:-no}"
-      [[ "$_apt_cacher" == "yes" && -n "$_apt_cacher_ip" ]] && apt_display="$_apt_cacher_ip"
-
       local summary="Container Type: $ct_type_desc
 Container ID: $_ct_id
 Hostname: $_hostname
@@ -1794,20 +1573,15 @@ Network:
   IPv4: $_net
   IPv6: $_ipv6_method
 
-Features:
-  FUSE: $_enable_fuse | TUN: $_enable_tun
-  Nesting: $nesting_desc | Keyctl: $keyctl_desc
-  GPU: $_enable_gpu | Protection: $protect_desc
-
-Advanced:
-  Timezone: $tz_display
-  APT Cacher: $apt_display
+Options:
+  FUSE: $_enable_fuse
+  GPU Passthrough: $_enable_gpu
   Verbose: $_verbose"
 
       if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
         --title "CONFIRM SETTINGS" \
         --ok-button "Create LXC" --cancel-button "Back" \
-        --yesno "$summary\n\nCreate ${APP} LXC with these settings?" 32 62; then
+        --yesno "$summary\n\nCreate ${APP} LXC with these settings?" 28 58; then
         ((STEP++))
       else
         ((STEP--))
@@ -1834,30 +1608,11 @@ Advanced:
   IPV6_GATE="$_ipv6_gate"
   TAGS="$_tags"
   ENABLE_FUSE="$_enable_fuse"
-  ENABLE_TUN="$_enable_tun"
   ENABLE_GPU="$_enable_gpu"
-  ENABLE_NESTING="$_enable_nesting"
-  ENABLE_KEYCTL="$_enable_keyctl"
-  ENABLE_MKNOD="$_enable_mknod"
-  ALLOW_MOUNT_FS="$_mount_fs"
-  PROTECT_CT="$_protect_ct"
-  CT_TIMEZONE="$_ct_timezone"
-  APT_CACHER="$_apt_cacher"
-  APT_CACHER_IP="$_apt_cacher_ip"
   VERBOSE="$_verbose"
 
-  # Update var_* based on user choice (for functions that check these)
+  # Update var_gpu based on user choice (for is_gpu_app function)
   var_gpu="$_enable_gpu"
-  var_fuse="$_enable_fuse"
-  var_tun="$_enable_tun"
-  var_nesting="$_enable_nesting"
-  var_keyctl="$_enable_keyctl"
-  var_mknod="$_enable_mknod"
-  var_mount_fs="$_mount_fs"
-  var_protection="$_protect_ct"
-  var_timezone="$_ct_timezone"
-  var_apt_cacher="$_apt_cacher"
-  var_apt_cacher_ip="$_apt_cacher_ip"
 
   # Format optional values
   [[ -n "$_mtu" ]] && MTU=",mtu=$_mtu" || MTU=""
@@ -1893,13 +1648,7 @@ Advanced:
   echo -e "${NETWORK}${BOLD}${DGN}IPv4: ${BGN}$NET${CL}"
   echo -e "${NETWORK}${BOLD}${DGN}IPv6: ${BGN}$IPV6_METHOD${CL}"
   echo -e "${FUSE}${BOLD}${DGN}FUSE Support: ${BGN}$ENABLE_FUSE${CL}"
-  [[ "$ENABLE_TUN" == "yes" ]] && echo -e "${NETWORK}${BOLD}${DGN}TUN/TAP Support: ${BGN}$ENABLE_TUN${CL}"
-  echo -e "${CONTAINERTYPE}${BOLD}${DGN}Nesting: ${BGN}$([ "$ENABLE_NESTING" == "1" ] && echo "Enabled" || echo "Disabled")${CL}"
-  [[ "$ENABLE_KEYCTL" == "1" ]] && echo -e "${CONTAINERTYPE}${BOLD}${DGN}Keyctl: ${BGN}Enabled${CL}"
   echo -e "${GPU}${BOLD}${DGN}GPU Passthrough: ${BGN}$ENABLE_GPU${CL}"
-  [[ "$PROTECT_CT" == "yes" || "$PROTECT_CT" == "1" ]] && echo -e "${CONTAINERTYPE}${BOLD}${DGN}Protection: ${BGN}Enabled${CL}"
-  [[ -n "$CT_TIMEZONE" ]] && echo -e "${INFO}${BOLD}${DGN}Timezone: ${BGN}$CT_TIMEZONE${CL}"
-  [[ "$APT_CACHER" == "yes" ]] && echo -e "${INFO}${BOLD}${DGN}APT Cacher: ${BGN}$APT_CACHER_IP${CL}"
   echo -e "${SEARCH}${BOLD}${DGN}Verbose Mode: ${BGN}$VERBOSE${CL}"
   echo -e "${CREATING}${BOLD}${RD}Creating a ${APP} LXC using the above advanced settings${CL}"
 }
@@ -2568,23 +2317,15 @@ build_container() {
   none) ;;
   esac
 
-  # Build FEATURES string based on container type and user choices
-  FEATURES=""
-
-  # Nesting support (user configurable, default enabled)
-  if [ "${ENABLE_NESTING:-1}" == "1" ]; then
+  # Build FEATURES string
+  if [ "$CT_TYPE" == "1" ]; then
+    FEATURES="keyctl=1,nesting=1"
+  else
     FEATURES="nesting=1"
   fi
 
-  # Keyctl for unprivileged containers (needed for Docker)
-  if [ "$CT_TYPE" == "1" ]; then
-    [ -n "$FEATURES" ] && FEATURES="$FEATURES,"
-    FEATURES="${FEATURES}keyctl=1"
-  fi
-
   if [ "$ENABLE_FUSE" == "yes" ]; then
-    [ -n "$FEATURES" ] && FEATURES="$FEATURES,"
-    FEATURES="${FEATURES}fuse=1"
+    FEATURES="$FEATURES,fuse=1"
   fi
 
   # Build PCT_OPTIONS as string for export