security: Fix MITM RCE vulnerability in microcode scripts

- Changed Intel microcode download from HTTP to HTTPS - Added --proto '=https' flag to curl to prevent protocol downgrade attacks - Simplified output parameter from basename to direct variable reference - Affects: tools/pve/microcode.sh (line 79) and tools/pve/pbs-microcode.sh (line 93) - CVSS: 6.5 (Medium) - CWE-494, CWE-300, CWE-829 - Impact: Prevents network-path MITM attacks that could lead to root RCE The AMD branch was already using HTTPS, this fix brings Intel branch to parity and closes the vulnerability reported in security advisory.
Update CHANGELOG.md (#15004 )
2026-06-09 00:55:14 +02:00 · 2026-06-08 21:10:11 +02:00 · 2026-06-08 13:36:24 +00:00 · 2026-06-08 15:35:50 +02:00 · 2026-06-08 11:34:16 +00:00 · 2026-06-08 13:33:50 +02:00
45 changed files with 1208 additions and 246 deletions
@@ -1,3 +1,23 @@
+## 2026-05-31
+
+### 🚀 Updated Scripts
+
+  - #### 🐞 Bug Fixes
+
+    - Manyfold: regenerate Rails credentials on update to fix encryption mimatch [@MickLesk](https://github.com/MickLesk) ([#14817](https://github.com/community-scripts/ProxmoxVE/pull/14817))
+    - OpenThread-BR: use correct ipv6 configuration [@tomfrenzel](https://github.com/tomfrenzel) ([#14829](https://github.com/community-scripts/ProxmoxVE/pull/14829))
+
+  - #### 🔧 Refactor
+
+    - Webtrees: use PHP CLI for initial setup instead of curl to setup wizard [@MickLesk](https://github.com/MickLesk) ([#14818](https://github.com/community-scripts/ProxmoxVE/pull/14818))
+    - Kima-Hub: use curl_with_retry for ML model downloads to fix possible timeout issues [@MickLesk](https://github.com/MickLesk) ([#14816](https://github.com/community-scripts/ProxmoxVE/pull/14816))
+
+### 🧰 Tools
+
+  - #### 🔧 Refactor
+
+    - PBS4-Upgrade: update current PBS3 packages before switching to Trixie repos [@MickLesk](https://github.com/MickLesk) ([#14815](https://github.com/community-scripts/ProxmoxVE/pull/14815))
+
 ## 2026-05-30

 ### 🚀 Updated Scripts
@@ -0,0 +1,121 @@
+## 2026-06-06
+
+### 🆕 New Scripts
+
+  - Spliit ([#14966](https://github.com/community-scripts/ProxmoxVE/pull/14966))
+- Tolgee ([#14965](https://github.com/community-scripts/ProxmoxVE/pull/14965))
+- XYOps ([#14967](https://github.com/community-scripts/ProxmoxVE/pull/14967))
+
+### 🚀 Updated Scripts
+
+  - #### 🐞 Bug Fixes
+
+    - Photoprism: Allow env variables with spaces [@Badintral](https://github.com/Badintral) ([#14969](https://github.com/community-scripts/ProxmoxVE/pull/14969))
+
+## 2026-06-05
+
+### 🆕 New Scripts
+
+  - MatterJS-Server ([#14951](https://github.com/community-scripts/ProxmoxVE/pull/14951))
+- CyberChef ([#14952](https://github.com/community-scripts/ProxmoxVE/pull/14952))
+
+### 🚀 Updated Scripts
+
+  - #### 🐞 Bug Fixes
+
+    - Jackett: Create missing .env file [@tremor021](https://github.com/tremor021) ([#14959](https://github.com/community-scripts/ProxmoxVE/pull/14959))
+    - OpenThread-BR: use systemd instead of init.d [@tomfrenzel](https://github.com/tomfrenzel) ([#14942](https://github.com/community-scripts/ProxmoxVE/pull/14942))
+
+  - #### ✨ New Features
+
+    - AMD IGPU support [@Learath](https://github.com/Learath) ([#14944](https://github.com/community-scripts/ProxmoxVE/pull/14944))
+
+  - #### 💥 Breaking Changes
+
+    - update authentik to 2026.5.2 [@thieneret](https://github.com/thieneret) ([#14846](https://github.com/community-scripts/ProxmoxVE/pull/14846))
+
+## 2026-06-04
+
+### 🚀 Updated Scripts
+
+  - #### 🐞 Bug Fixes
+
+    - Fix status messages for several alpine scripts [@tremor021](https://github.com/tremor021) ([#14911](https://github.com/community-scripts/ProxmoxVE/pull/14911))
+    - ReactiveResume: Fix Service Path [@MickLesk](https://github.com/MickLesk) ([#14926](https://github.com/community-scripts/ProxmoxVE/pull/14926))
+    - Jellyfin: install intel-igc deps before intel-opencl-icd to fix dependency order [@MickLesk](https://github.com/MickLesk) ([#14927](https://github.com/community-scripts/ProxmoxVE/pull/14927))
+
+  - #### 🔧 Refactor
+
+    - OpenThread-BR: use official GitHub releases [@tomfrenzel](https://github.com/tomfrenzel) ([#14916](https://github.com/community-scripts/ProxmoxVE/pull/14916))
+    - Grist: remove extra text at the end of installation [@tremor021](https://github.com/tremor021) ([#14905](https://github.com/community-scripts/ProxmoxVE/pull/14905))
+
+### ❔ Uncategorized
+
+  - chore(ct): sync sparkyfitness defaults with PocketBase [@github-actions[bot]](https://github.com/github-actions[bot]) ([#14925](https://github.com/community-scripts/ProxmoxVE/pull/14925))
+
+## 2026-06-03
+
+### 🚀 Updated Scripts
+
+  - #### 🐞 Bug Fixes
+
+    - Glance: Use separate directory for configuration files [@tremor021](https://github.com/tremor021) ([#14906](https://github.com/community-scripts/ProxmoxVE/pull/14906))
+
+### 💾 Core
+
+  - #### 🐞 Bug Fixes
+
+    - [core]: Fix alignment for `msg_` functions [@tremor021](https://github.com/tremor021) ([#14908](https://github.com/community-scripts/ProxmoxVE/pull/14908))
+
+## 2026-06-02
+
+### 🆕 New Scripts
+
+  - DDNS-Updater ([#14883](https://github.com/community-scripts/ProxmoxVE/pull/14883))
+- InvoiceShelf ([#14882](https://github.com/community-scripts/ProxmoxVE/pull/14882))
+- Certimate ([#14881](https://github.com/community-scripts/ProxmoxVE/pull/14881))
+
+### 🚀 Updated Scripts
+
+  - #### 🐞 Bug Fixes
+
+    - OpenThread-BR: preserve config during update [@tomfrenzel](https://github.com/tomfrenzel) ([#14893](https://github.com/community-scripts/ProxmoxVE/pull/14893))
+    - infisical: fix update abort due to creds field mismatch (#14868) [@michelroegl-brunner](https://github.com/michelroegl-brunner) ([#14870](https://github.com/community-scripts/ProxmoxVE/pull/14870))
+
+  - #### ✨ New Features
+
+    - feat(degoog): enable default valkey cache integration [@michelroegl-brunner](https://github.com/michelroegl-brunner) ([#14871](https://github.com/community-scripts/ProxmoxVE/pull/14871))
+
+  - #### 🔧 Refactor
+
+    - chore: bump Node version in selected scripts [@michelroegl-brunner](https://github.com/michelroegl-brunner) ([#14873](https://github.com/community-scripts/ProxmoxVE/pull/14873))
+
+### 💾 Core
+
+  - #### ✨ New Features
+
+    - tools.func: add support for Rust installation profile in setup_rust [@MickLesk](https://github.com/MickLesk) ([#14872](https://github.com/community-scripts/ProxmoxVE/pull/14872))
+
+### 📂 Github
+
+  - fix(workflow): only flag node drift when local is behind upstream [@michelroegl-brunner](https://github.com/michelroegl-brunner) ([#14874](https://github.com/community-scripts/ProxmoxVE/pull/14874))
+
+## 2026-06-01
+
+### 🚀 Updated Scripts
+
+  - #### 🐞 Bug Fixes
+
+    - fix(dispatcharr): forward nginx port for M3U URLs on new installs [@michelroegl-brunner](https://github.com/michelroegl-brunner) ([#14862](https://github.com/community-scripts/ProxmoxVE/pull/14862))
+    - Set environment paths in service for apprise-api-install.sh [@SystemIdleProcess](https://github.com/SystemIdleProcess) ([#14805](https://github.com/community-scripts/ProxmoxVE/pull/14805))
+    - fix(fireshare): rebuild client on update to fix nginx 500 [@michelroegl-brunner](https://github.com/michelroegl-brunner) ([#14848](https://github.com/community-scripts/ProxmoxVE/pull/14848))
+    - Fix Kan build failure (TS7016 nodemailer) [@michelroegl-brunner](https://github.com/michelroegl-brunner) ([#14856](https://github.com/community-scripts/ProxmoxVE/pull/14856))
+    - fix(firefly): set Data Importer APP_URL for subdirectory install [@michelroegl-brunner](https://github.com/michelroegl-brunner) ([#14847](https://github.com/community-scripts/ProxmoxVE/pull/14847))
+    - kan: extend fetch_and_deploy_gh_tag to use 'latest' tag [@MickLesk](https://github.com/MickLesk) ([#14853](https://github.com/community-scripts/ProxmoxVE/pull/14853))
+    - Glance: preserve glance.yml across updates [@michelroegl-brunner](https://github.com/michelroegl-brunner) ([#14845](https://github.com/community-scripts/ProxmoxVE/pull/14845))
+    - NginxProxymanager: set Certbot version in npm.service environment variable (2.15.0) [@MickLesk](https://github.com/MickLesk) ([#14843](https://github.com/community-scripts/ProxmoxVE/pull/14843))
+    - [FileFlows] Fix service handling by using systemctl --all with quoted glob [@adrianmusante](https://github.com/adrianmusante) ([#14838](https://github.com/community-scripts/ProxmoxVE/pull/14838))
+
+  - #### ✨ New Features
+
+    - Kometa: also update Quickstart in update_script [@MickLesk](https://github.com/MickLesk) ([#14529](https://github.com/community-scripts/ProxmoxVE/pull/14529))
@@ -59,6 +59,9 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit



+
+
+



@@ -72,7 +75,14 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit


 <details>
-<summary><h4>May (30 entries)</h4></summary>
+<summary><h4>June (6 entries)</h4></summary>
+
+[View June 2026 Changelog](.github/changelogs/2026/06.md)
+
+</details>
+
+<details>
+<summary><h4>May (31 entries)</h4></summary>

 [View May 2026 Changelog](.github/changelogs/2026/05.md)

@@ -470,14 +480,86 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit

 </details>

+## 2026-06-08
+
+### 🚀 Updated Scripts
+
+  - #### 🐞 Bug Fixes
+
+    - homelable: preserve MCP server config across updates [@ferr079](https://github.com/ferr079) ([#14996](https://github.com/community-scripts/ProxmoxVE/pull/14996))
+    - changedetection: migrate Python install to uv venv [@ferr079](https://github.com/ferr079) ([#14995](https://github.com/community-scripts/ProxmoxVE/pull/14995))
+
+  - #### 🔧 Refactor
+
+    - Update Flowwiseai to node 24 [@michelroegl-brunner](https://github.com/michelroegl-brunner) ([#14999](https://github.com/community-scripts/ProxmoxVE/pull/14999))
+
+## 2026-06-07
+
+### 🚀 Updated Scripts
+
+  - #### 🐞 Bug Fixes
+
+    - Immich: use actual installed PostgreSQL version for vchord package [@MickLesk](https://github.com/MickLesk) ([#14989](https://github.com/community-scripts/ProxmoxVE/pull/14989))
+
+  - #### 🔧 Refactor
+
+    - Navidrome: remove genereic filebrowser addon setup [@MickLesk](https://github.com/MickLesk) ([#14991](https://github.com/community-scripts/ProxmoxVE/pull/14991))
+
+## 2026-06-06
+
+### 🆕 New Scripts
+
+  - Spliit ([#14966](https://github.com/community-scripts/ProxmoxVE/pull/14966))
+- Tolgee ([#14965](https://github.com/community-scripts/ProxmoxVE/pull/14965))
+- XYOps ([#14967](https://github.com/community-scripts/ProxmoxVE/pull/14967))
+
+### 🚀 Updated Scripts
+
+  - #### 🐞 Bug Fixes
+
+    - Photoprism: Allow env variables with spaces [@Badintral](https://github.com/Badintral) ([#14969](https://github.com/community-scripts/ProxmoxVE/pull/14969))
+
+## 2026-06-05
+
+### 🆕 New Scripts
+
+  - MatterJS-Server ([#14951](https://github.com/community-scripts/ProxmoxVE/pull/14951))
+- CyberChef ([#14952](https://github.com/community-scripts/ProxmoxVE/pull/14952))
+
+### 🚀 Updated Scripts
+
+  - #### 🐞 Bug Fixes
+
+    - Jackett: Create missing .env file [@tremor021](https://github.com/tremor021) ([#14959](https://github.com/community-scripts/ProxmoxVE/pull/14959))
+    - OpenThread-BR: use systemd instead of init.d [@tomfrenzel](https://github.com/tomfrenzel) ([#14942](https://github.com/community-scripts/ProxmoxVE/pull/14942))
+
+  - #### ✨ New Features
+
+    - AMD IGPU support [@Learath](https://github.com/Learath) ([#14944](https://github.com/community-scripts/ProxmoxVE/pull/14944))
+
+  - #### 💥 Breaking Changes
+
+    - update authentik to 2026.5.2 [@thieneret](https://github.com/thieneret) ([#14846](https://github.com/community-scripts/ProxmoxVE/pull/14846))
+
 ## 2026-06-04

 ### 🚀 Updated Scripts

+  - #### 🐞 Bug Fixes
+
+    - Fix status messages for several alpine scripts [@tremor021](https://github.com/tremor021) ([#14911](https://github.com/community-scripts/ProxmoxVE/pull/14911))
+    - ReactiveResume: Fix Service Path [@MickLesk](https://github.com/MickLesk) ([#14926](https://github.com/community-scripts/ProxmoxVE/pull/14926))
+    - Jellyfin: install intel-igc deps before intel-opencl-icd to fix dependency order [@MickLesk](https://github.com/MickLesk) ([#14927](https://github.com/community-scripts/ProxmoxVE/pull/14927))
+
  - #### 🔧 Refactor

+    - OpenThread-BR: use official GitHub releases [@tomfrenzel](https://github.com/tomfrenzel) ([#14916](https://github.com/community-scripts/ProxmoxVE/pull/14916))
    - Grist: remove extra text at the end of installation [@tremor021](https://github.com/tremor021) ([#14905](https://github.com/community-scripts/ProxmoxVE/pull/14905))

+### ❔ Uncategorized
+
+  - chore(ct): sync sparkyfitness defaults with PocketBase [@github-actions[bot]](https://github.com/github-actions[bot]) ([#14925](https://github.com/community-scripts/ProxmoxVE/pull/14925))
+
 ## 2026-06-03

 ### 🚀 Updated Scripts
@@ -986,144 +1068,3 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit
  - #### 🐞 Bug Fixes

    - tools.func: fix meilisearch import-dump background process handling [@MickLesk](https://github.com/MickLesk) ([#14341](https://github.com/community-scripts/ProxmoxVE/pull/14341))
-
-## 2026-05-07
-
-### 🚀 Updated Scripts
-
-  - #### 🐞 Bug Fixes
-
-    - termix: create /tmp/nginx before nginx -t [@MickLesk](https://github.com/MickLesk) ([#14312](https://github.com/community-scripts/ProxmoxVE/pull/14312))
-    - The Lounge: Fix service not starting automaticaly [@tremor021](https://github.com/tremor021) ([#14311](https://github.com/community-scripts/ProxmoxVE/pull/14311))
-    - netbird-lxc: fix installation check [@MickLesk](https://github.com/MickLesk) ([#14309](https://github.com/community-scripts/ProxmoxVE/pull/14309))
-    - databasus: Backup and secure configuration file [@MickLesk](https://github.com/MickLesk) ([#14308](https://github.com/community-scripts/ProxmoxVE/pull/14308))
-    - vm: update disk image URL for Ubuntu 25.04 [@MickLesk](https://github.com/MickLesk) ([#14290](https://github.com/community-scripts/ProxmoxVE/pull/14290))
-
-  - #### ✨ New Features
-
-    - pangolin: bump version to 1.18.3 [@MickLesk](https://github.com/MickLesk) ([#14297](https://github.com/community-scripts/ProxmoxVE/pull/14297))
-
-### 🗑️ Deleted Scripts
-
-  - Remove: LiteLLM [@michelroegl-brunner](https://github.com/michelroegl-brunner) ([#14294](https://github.com/community-scripts/ProxmoxVE/pull/14294))
-
-### 💾 Core
-
-  - #### ✨ New Features
-
-    - update-apps: some  improvements [@MickLesk](https://github.com/MickLesk) ([#14275](https://github.com/community-scripts/ProxmoxVE/pull/14275))
-
-## 2026-05-06
-
-### 🆕 New Scripts
-
-  - Hoodik ([#14279](https://github.com/community-scripts/ProxmoxVE/pull/14279))
-
-### 🚀 Updated Scripts
-
-  - #### 🐞 Bug Fixes
-
-    - Pelican-Panel: create backup subdirectory before copying storage [@MickLesk](https://github.com/MickLesk) ([#14274](https://github.com/community-scripts/ProxmoxVE/pull/14274))
-    - Rustdeskserver: remove redundant else with undefined RELEASE var [@MickLesk](https://github.com/MickLesk) ([#14272](https://github.com/community-scripts/ProxmoxVE/pull/14272))
-
-### 🧰 Tools
-
-  - #### 🔧 Refactor
-
-    - AdguardHome-Sync replace ifconfig with hostname -I for IP detection [@MickLesk](https://github.com/MickLesk) ([#14273](https://github.com/community-scripts/ProxmoxVE/pull/14273))
-
-## 2026-05-05
-
-### 🆕 New Scripts
-
-  - LibreChat ([#14247](https://github.com/community-scripts/ProxmoxVE/pull/14247))
- Matomo ([#14248](https://github.com/community-scripts/ProxmoxVE/pull/14248))
- Storyteller ([#14122](https://github.com/community-scripts/ProxmoxVE/pull/14122))
-
-### 🧰 Tools
-
-  - Fix container count message in update-apps.sh [@Quotacious](https://github.com/Quotacious) ([#14265](https://github.com/community-scripts/ProxmoxVE/pull/14265))
-
-## 2026-05-04
-
-### 🚀 Updated Scripts
-
-  - #### 🐞 Bug Fixes
-
-    - Databasus: move .env to filesystem root so service starts correctly [@Copilot](https://github.com/Copilot) ([#14252](https://github.com/community-scripts/ProxmoxVE/pull/14252))
-    - Databasus: update mongo-tools fallback to 100.16.1 and use now pnpm instead of npm ci [@MickLesk](https://github.com/MickLesk) ([#14240](https://github.com/community-scripts/ProxmoxVE/pull/14240))
-
-### 💾 Core
-
-  - #### ✨ New Features
-
-    - tools.func get_latest_gh_tag - add pagination to find prefixed tags beyond first 50 [@MickLesk](https://github.com/MickLesk) ([#14241](https://github.com/community-scripts/ProxmoxVE/pull/14241))
-    - tools.func: add GitLab release check/fetch/deploy helpers [@MickLesk](https://github.com/MickLesk) ([#14242](https://github.com/community-scripts/ProxmoxVE/pull/14242))
-
-## 2026-05-03
-
-### 🚀 Updated Scripts
-
-  - #### 🐞 Bug Fixes
-
-    - Hortusfox: fix update issues [@tomfrenzel](https://github.com/tomfrenzel) ([#14214](https://github.com/community-scripts/ProxmoxVE/pull/14214))
-
-  - #### ✨ New Features
-
-    - Refactor: PeaNUT for v6 [@MickLesk](https://github.com/MickLesk) ([#14224](https://github.com/community-scripts/ProxmoxVE/pull/14224))
-    - pangolin: pin version, drop manual SQL, use upstream migrator [@MickLesk](https://github.com/MickLesk) ([#14223](https://github.com/community-scripts/ProxmoxVE/pull/14223))
-
-### 💾 Core
-
-  - #### 🐞 Bug Fixes
-
-    - core: fix validate_bridge function [@MichaelOultram](https://github.com/MichaelOultram) ([#14206](https://github.com/community-scripts/ProxmoxVE/pull/14206))
-
-### 🧰 Tools
-
-  - #### 🐞 Bug Fixes
-
-    - pve/pbs scripts: guard sed against missing /etc/apt/sources.list [@MickLesk](https://github.com/MickLesk) ([#14222](https://github.com/community-scripts/ProxmoxVE/pull/14222))
-
-## 2026-05-02
-
-### 🆕 New Scripts
-
-  - protonmail-bridge ([#14136](https://github.com/community-scripts/ProxmoxVE/pull/14136))
- Tube Archivist ([#14123](https://github.com/community-scripts/ProxmoxVE/pull/14123))
-
-### 🚀 Updated Scripts
-
-  - #### 🐞 Bug Fixes
-
-    - Nagios: Ping fix [@tremor021](https://github.com/tremor021) ([#14186](https://github.com/community-scripts/ProxmoxVE/pull/14186))
-    - opnsense-vm: retry pvesm alloc on transient zfs 'got timeout' errors [@MickLesk](https://github.com/MickLesk) ([#14157](https://github.com/community-scripts/ProxmoxVE/pull/14157))
-    - ImmichFrame: fix update by reinstalling dotnet-sdk before publish [@MickLesk](https://github.com/MickLesk) ([#14158](https://github.com/community-scripts/ProxmoxVE/pull/14158))
-    - [FIX]ShelfMark: Use UV sync for shelfmark backend build; update to Python 3.14 [@vhsdream](https://github.com/vhsdream) ([#14170](https://github.com/community-scripts/ProxmoxVE/pull/14170))
-    - alpine: remove deb/ubuntu-only resource & storage checks from update-script [@MickLesk](https://github.com/MickLesk) ([#14166](https://github.com/community-scripts/ProxmoxVE/pull/14166))
-    - Threadfin: use 'threadfin-app' as app name to avoid version-file clash  [@MickLesk](https://github.com/MickLesk) ([#14159](https://github.com/community-scripts/ProxmoxVE/pull/14159))
-
-### 💾 Core
-
-  - #### ✨ New Features
-
-    - core: prompt to also run installed addon update scripts (…/bin/update_*) after update_script [@MickLesk](https://github.com/MickLesk) ([#14162](https://github.com/community-scripts/ProxmoxVE/pull/14162))
-
-## 2026-05-01
-
-### 🆕 New Scripts
-
-  - SoulSync ([#14124](https://github.com/community-scripts/ProxmoxVE/pull/14124))
- Teable ([#14125](https://github.com/community-scripts/ProxmoxVE/pull/14125))
-
-### 🚀 Updated Scripts
-
-  - #### 🐞 Bug Fixes
-
-    - Step ca update [@heinemannj](https://github.com/heinemannj) ([#14058](https://github.com/community-scripts/ProxmoxVE/pull/14058))
-    - paperless-ngx: refresh NLTK data on update [@kurtislanderson](https://github.com/kurtislanderson) ([#14144](https://github.com/community-scripts/ProxmoxVE/pull/14144))
-    - [Pelican Panel] stop deleting the public storage [@LetterN](https://github.com/LetterN) ([#14145](https://github.com/community-scripts/ProxmoxVE/pull/14145))
-
-  - #### 🔧 Refactor
-
-    - Mail-Archiver: update dependencies [@tremor021](https://github.com/tremor021) ([#14152](https://github.com/community-scripts/ProxmoxVE/pull/14152))
@@ -55,5 +55,6 @@ build_container
 description

 msg_ok "Completed successfully!\n"
-echo -e "${APP} should be reachable by going to the following URL.
-         ${BL}http://${IP}:3000${CL} \n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW}Access it using the following URL:${CL}"
+echo -e "${GATEWAY}${BGN}http://${IP}:3000${CL}"
@@ -54,8 +54,9 @@ start
 build_container
 description

-msg_ok "Completed Successfully!\n"
-echo -e "${APP} should be reachable by going to the following URL.
-         ${BL}http://${IP}:3100${CL} \n"
-echo -e "Promtail should be reachable by going to the following URL.
-         ${BL}http://${IP}:9080${CL} \n"
+msg_ok "Completed successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW}Access it using the following URL:${CL}"
+echo -e "${GATEWAY}${BGN}http://${IP}:3100${CL}"
+echo -e "${INFO}${YW}Access Promtail using the following URL:${CL}"
+echo -e "${GATEWAY}${BGN}http://${IP}:9080${CL}"
@@ -57,5 +57,6 @@ build_container
 description

 msg_ok "Completed successfully!\n"
-echo -e "${APP} should be reachable by going to the following URL.
-         ${BL}https://${IP}${CL} \n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW}Access it using the following URL:${CL}"
+echo -e "${GATEWAY}${BGN}https://${IP}${CL}"
@@ -58,5 +58,6 @@ build_container
 description

 msg_ok "Completed successfully!\n"
-echo -e "${APP} should be reachable on port 6379.
-         ${BL}redis-cli -h ${IP} -p 6379${CL} \n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW}Connect to Redis CLI using the following command:${CL}"
+echo -e "${GATEWAY}${BGN}redis-cli -h ${IP} -p 6379${CL}"
@@ -59,5 +59,6 @@ build_container
 description

 msg_ok "Completed successfully!\n"
-echo -e "${APP} should be reachable on port 6379.
-         ${BL}valkey-cli -h ${IP} -p 6379${CL} \n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW}Connect to Valkey CLI using the following command:${CL}"
+echo -e "${GATEWAY}${BGN}valkey-cli -h ${IP} -p 6379${CL}"
@@ -60,5 +60,6 @@ build_container
 description

 msg_ok "Completed successfully!\n"
-echo -e "${APP} should be reachable by going to the following URL.
-         ${BL}https://${IP}:8000${CL} \n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW}Access it using the following URL:${CL}"
+echo -e "${GATEWAY}${BGN}https://${IP}:8000${CL}"
@@ -8,7 +8,7 @@ source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxV
 APP="authentik"
 var_tags="${var_tags:-auth}"
 var_cpu="${var_cpu:-4}"
-var_ram="${var_ram:-4096}"
+var_ram="${var_ram:-8192}"
 var_disk="${var_disk:-16}"
 var_os="${var_os:-debian}"
 var_version="${var_version:-13}"
@@ -30,12 +30,20 @@ function update_script() {
    exit
  fi

+  read -r MAJOR MINOR PATCH <<< "$(sed 's/^version\///; s/\./ /g' "$HOME/.authentik")"
+
+  msg_info "Update dependencies"
+  ensure_dependencies crossbuild-essential-amd64 gcc-x86-64-linux-gnu cmake clang libunwind-18-dev
+  msg_ok "Update dependencies"
+
  NODE_VERSION="24" setup_nodejs
  setup_go
  UV_PYTHON_INSTALL_DIR="/usr/local/bin" PYTHON_VERSION="3.14.3" setup_uv
-  setup_rust
+  RUST_PROFILE="minimal" RUST_TOOLCHAIN="stable" setup_rust
+  setup_yq

-  AUTHENTIK_VERSION="version/2026.2.3"
+  AUTHENTIK_VERSION="version/2026.5.2"
+  # Source: https://github.com/goauthentik/fips/blob/main/Makefile#L26
  XMLSEC_VERSION="1.3.11"

  if check_for_gh_release "geoipupdate" "maxmind/geoipupdate"; then
@@ -71,6 +79,12 @@ function update_script() {

    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "authentik" "goauthentik/authentik" "tarball" "${AUTHENTIK_VERSION}" "/opt/authentik"

+	msg_info "Configuring rust"
+	cd /opt/authentik
+	$STD rustup install
+	$STD rustup default "$(sed -n 's/channel = "\(.*\)"/\1/p' rust-toolchain.toml)"
+	msg_ok "Configured rust"
+
 	msg_info "Updating web"
    cd /opt/authentik/web
    export NODE_ENV="production"
@@ -89,6 +103,14 @@ function update_script() {
 	$STD go build -o /opt/authentik/radius ./cmd/radius
    msg_ok "Updated go proxy"

+	msg_info "Building worker"
+	export AWS_LC_FIPS_SYS_CC="clang"
+	cd /opt/authentik
+	$STD cargo build --package authentik --no-default-features --features core --locked --release --jobs 1
+	cp ./target/release/authentik /opt/authentik/authentik-worker
+	rm -r ./target
+	msg_ok "Built worker"
+
    msg_info "Updating python server"
    export UV_NO_BINARY_PACKAGE="cryptography lxml python-kadmin-rs xmlsec"
    export UV_COMPILE_BYTECODE="1"
@@ -100,6 +122,103 @@ function update_script() {
    $STD uv sync --frozen --no-install-project --no-dev
    chown -R authentik:authentik /opt/authentik
    msg_ok "Updated python server"
+
+    if [[ $MAJOR == 2026 && $MINOR -lt 5 ]]; then
+	  msg_info "Updating Worker and Server config"
+	  cp /etc/authentik/config.yml /etc/authentik/config.bak
+	  yq -i ".postgresql.conn_max_age = 0" /etc/authentik/config.yml
+	  yq -i ".postgresql.conn_health_checks = false" /etc/authentik/config.yml
+	  yq -i ".listen.debug_tokio = \"[::]:6669\"" /etc/authentik/config.yml
+      yq -i ".log.rust_log.console_subscriber = \"info\"" /etc/authentik/config.yml
+      yq -i ".log.rust_log.h2 = \"info\""  /etc/authentik/config.yml
+      yq -i ".log.rust_log.hyper_util = \"warn\"" /etc/authentik/config.yml
+      yq -i ".log.rust_log.mio = \"info\"" /etc/authentik/config.yml
+      yq -i ".log.rust_log.notify = \"info\"" /etc/authentik/config.yml
+	  yq -i ".log.rust_log.reqwest = \"info\"" /etc/authentik/config.yml
+      yq -i ".log.rust_log.runtime = \"info\"" /etc/authentik/config.yml
+      yq -i ".log.rust_log.rustls = \"info\"" /etc/authentik/config.yml
+      yq -i ".log.rust_log.sqlx = \"info\"" /etc/authentik/config.yml
+      yq -i ".log.rust_log.sqlx_postgres = \"info\"" /etc/authentik/config.yml
+      yq -i ".log.rust_log.tokio = \"info\"" /etc/authentik/config.yml
+      yq -i ".log.rust_log.tungstenite = \"info\"" /etc/authentik/config.yml
+	  yq -i ".web.workers = 2" /etc/authentik/config.yml
+	  mv /etc/default/authentik /etc/default/authentik.bak
+	  cat <<EOF >/etc/default/authentik-server
+TMPDIR=/dev/shm/
+UV_LINK_MODE=copy
+UV_PYTHON_DOWNLOADS=0
+UV_NATIVE_TLS=1
+VENV_PATH=/opt/authentik/.venv
+PYTHONDONTWRITEBYTECODE=1
+PYTHONUNBUFFERED=1
+PATH=/opt/authentik/lifecycle:/opt/authentik/.venv/bin:/usr/local/bin:/usr/local/sbin:/usr/sbin:/usr/bin:/sbin:/bin
+DJANGO_SETTINGS_MODULE=authentik.root.settings
+PROMETHEUS_MULTIPROC_DIR="/tmp/authentik_prometheus_tmp"
+AUTHENTIK_LISTEN__HTTP="[::]:9000"
+AUTHENTIK_LISTEN__HTTPS="[::]:9443"
+AUTHENTIK_LISTEN__METRICS="[::]:9300"
+EOF
+	  cat <<EOF >/etc/default/authentik-worker
+TMPDIR=/dev/shm/
+UV_LINK_MODE=copy
+UV_PYTHON_DOWNLOADS=0
+UV_NATIVE_TLS=1
+VENV_PATH=/opt/authentik/.venv
+PYTHONDONTWRITEBYTECODE=1
+PYTHONUNBUFFERED=1
+PATH=/opt/authentik/lifecycle:/opt/authentik/.venv/bin:/usr/local/bin:/usr/local/sbin:/usr/sbin:/usr/bin:/sbin:/bin
+DJANGO_SETTINGS_MODULE=authentik.root.settings
+PROMETHEUS_MULTIPROC_DIR="/tmp/authentik_prometheus_tmp"
+AUTHENTIK_LISTEN__HTTP="[::]:8000"
+AUTHENTIK_LISTEN__HTTPS="[::]:8443"
+AUTHENTIK_LISTEN__METRICS="[::]:8300"
+EOF
+	  msg_ok "Updated Worker and Server config!"
+	  msg_warn "Please check /etc/default/authentik-worker and /etc/default/authentik-server config files for port configurations!"
+
+	  msg_info "Updating services"
+	  cat <<EOF >/etc/systemd/system/authentik-server.service
+[Unit]
+Description=authentik Go Server (API Gateway)
+After=network.target
+Wants=postgresql.service
+
+[Service]
+User=authentik
+Group=authentik
+ExecStartPre=/usr/bin/mkdir -p "\${PROMETHEUS_MULTIPROC_DIR}"
+ExecStart=/opt/authentik/authentik-server
+WorkingDirectory=/opt/authentik/
+Restart=always
+RestartSec=5
+EnvironmentFile=/etc/default/authentik-server
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+	  cat <<EOF >/etc/systemd/system/authentik-worker.service
+[Unit]
+Description=authentik Worker
+After=network.target postgresql.service
+
+[Service]
+User=authentik
+Group=authentik
+Type=simple
+EnvironmentFile=/etc/default/authentik-worker
+ExecStartPre=/usr/bin/mkdir -p "\${PROMETHEUS_MULTIPROC_DIR}"
+ExecStart=/opt/authentik/authentik-worker worker
+WorkingDirectory=/opt/authentik
+Restart=always
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+	  systemctl daemon-reload
+	  msg_ok "Updated services"
+	fi
  fi

  msg_info "Starting Services"
@@ -150,7 +269,5 @@ description

 msg_ok "Completed successfully!\n"
 echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
-echo -e "${INFO}${YW} Initial setup URL:${CL}"
-echo -e "${GATEWAY}${BGN}http://${IP}:9000/if/flow/initial-setup/${CL}"
 echo -e "${INFO}${YW} Access it using the following URL:${CL}"
-echo -e "${GATEWAY}${BGN}http://${IP}:9000${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}https://${IP}:9443${CL}"
@@ -34,13 +34,32 @@ function update_script() {

  NODE_VERSION="24" setup_nodejs

-  msg_info "Updating ${APP}"
-  $STD pip3 install changedetection.io --upgrade --break-system-packages --ignore-installed typing_extensions
-  msg_ok "Updated ${APP}"
+  VENV_PATH="/opt/changedetection/.venv"
+  CHANGEDETECTION_BIN="${VENV_PATH}/bin/changedetection.io"

-  msg_info "Updating Playwright"
-  $STD pip3 install playwright --upgrade --break-system-packages
-  msg_ok "Updated Playwright"
+  PYTHON_VERSION="3.13" setup_uv
+
+  if [[ ! -d "$VENV_PATH" || ! -x "$CHANGEDETECTION_BIN" ]]; then
+    msg_info "Migrating to uv/venv"
+    rm -rf "$VENV_PATH"
+    $STD uv venv --clear "$VENV_PATH"
+    $STD "$VENV_PATH/bin/python" -m ensurepip --upgrade
+    $STD "$VENV_PATH/bin/python" -m pip install --upgrade pip
+    $STD "$VENV_PATH/bin/python" -m pip install changedetection.io playwright
+    msg_ok "Migrated to uv/venv"
+  else
+    msg_info "Updating ${APP}"
+    $STD "$VENV_PATH/bin/python" -m pip install --upgrade changedetection.io playwright
+    msg_ok "Updated ${APP}"
+  fi
+
+  SERVICE_FILE="/etc/systemd/system/changedetection.service"
+  if ! grep -q "${VENV_PATH}/bin/changedetection.io" "$SERVICE_FILE"; then
+    msg_info "Updating systemd service"
+    sed -i "s|^ExecStart=.*|ExecStart=${VENV_PATH}/bin/changedetection.io -d /opt/changedetection -p 5000|" "$SERVICE_FILE"
+    $STD systemctl daemon-reload
+    msg_ok "Updated systemd service"
+  fi

  if [[ -f /etc/systemd/system/browserless.service ]]; then
    msg_info "Updating Browserless (Patience)"
@@ -0,0 +1,62 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: ethan-hgwr
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/gchq/CyberChef
+
+APP="CyberChef"
+var_tags="${var_tags:-security;data;tools}"
+var_cpu="${var_cpu:-2}"
+var_ram="${var_ram:-4096}"
+var_disk="${var_disk:-4}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-13}"
+var_arm64="${var_arm64:-no}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+
+  if [[ ! -d /opt/cyberchef ]]; then
+      msg_error "No ${APP} Installation Found!"
+      exit
+  fi
+
+  if check_for_gh_release "cyberchef" "gchq/CyberChef"; then
+    msg_info "Stopping Service"
+    systemctl stop caddy
+    msg_ok "Stopped Service"
+
+    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "cyberchef" "gchq/CyberChef" "tarball"
+
+    msg_info "Building CyberChef"
+    cd /opt/cyberchef
+    $STD npm ci --ignore-scripts
+    $STD npm run postinstall
+    $STD npm run build
+    msg_ok "Built CyberChef"
+
+    msg_info "Starting Service"
+    systemctl start caddy
+    msg_ok "Started Service"
+    msg_ok "Updated successfully!"
+  fi
+  exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}http://${IP}${CL}"
@@ -29,7 +29,7 @@ function update_script() {
    exit
  fi

-  NODE_VERSION="20" NODE_MODULE="pnpm" setup_nodejs
+  NODE_VERSION="24" NODE_MODULE="pnpm" setup_nodejs

  msg_info "Updating FlowiseAI (this may take some time)"
  systemctl stop flowise
@@ -0,0 +1,6 @@
+   ______      __              ________         ____
+  / ____/_  __/ /_  ___  _____/ ____/ /_  ___  / __/
+ / /   / / / / __ \/ _ \/ ___/ /   / __ \/ _ \/ /_  
+/ /___/ /_/ / /_/ /  __/ /  / /___/ / / /  __/ __/  
+\____/\__, /_.___/\___/_/   \____/_/ /_/\___/_/     
+     /____/                                         
@@ -0,0 +1,6 @@
+    __  ___      __  __                _______      _____                          
+   /  |/  /___ _/ /_/ /____  _____    / / ___/     / ___/___  ______   _____  _____
+  / /|_/ / __ `/ __/ __/ _ \/ ___/_  / /\__ \______\__ \/ _ \/ ___/ | / / _ \/ ___/
+ / /  / / /_/ / /_/ /_/  __/ /  / /_/ /___/ /_____/__/ /  __/ /   | |/ /  __/ /    
+/_/  /_/\__,_/\__/\__/\___/_/   \____//____/     /____/\___/_/    |___/\___/_/     
+                                                                                   
@@ -0,0 +1,6 @@
+   _____       ___ _ __ 
+  / ___/____  / (_|_) /_
+  \__ \/ __ \/ / / / __/
+ ___/ / /_/ / / / / /_  
+/____/ .___/_/_/_/\__/  
+    /_/                 
@@ -0,0 +1,6 @@
+  ______      __              
+ /_  __/___  / /___ ____  ___ 
+  / / / __ \/ / __ `/ _ \/ _ \
+ / / / /_/ / / /_/ /  __/  __/
+/_/  \____/_/\__, /\___/\___/ 
+            /____/            
@@ -0,0 +1,6 @@
+               ____            
+   _  ____  __/ __ \____  _____
+  | |/_/ / / / / / / __ \/ ___/
+ _>  </ /_/ / /_/ / /_/ (__  ) 
+/_/|_|\__, /\____/ .___/____/  
+     /____/     /_/            
@@ -38,6 +38,9 @@ function update_script() {
    msg_info "Backing up Configuration and Data"
    cp /opt/homelable/backend/.env /opt/homelable.env.bak
    cp -r /opt/homelable/data /opt/homelable_data_bak
+    if [[ -f /opt/homelable/mcp/.env ]]; then
+      cp -a /opt/homelable/mcp/.env /opt/homelable-mcp.env.bak
+    fi
    msg_ok "Backed up Configuration and Data"

    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "homelable" "Pouzor/homelable" "tarball" "latest" "/opt/homelable"
@@ -61,6 +64,19 @@ function update_script() {
    rm -rf /opt/homelable_data_bak
    msg_ok "Restored Configuration and Data"

+    if [[ -f /opt/homelable-mcp.env.bak ]]; then
+      msg_info "Restoring MCP Server"
+      cp -a /opt/homelable-mcp.env.bak /opt/homelable/mcp/.env
+      rm -f /opt/homelable-mcp.env.bak
+      MCP_OWNER=$(stat -c '%U' /opt/homelable/mcp/.env)
+      cd /opt/homelable/mcp
+      $STD uv venv --clear /opt/homelable/mcp/.venv
+      $STD uv pip install --python /opt/homelable/mcp/.venv/bin/python -r requirements.txt
+      chown -R "$MCP_OWNER":"$MCP_OWNER" /opt/homelable/mcp
+      systemctl restart homelable-mcp
+      msg_ok "Restored MCP Server"
+    fi
+
    msg_info "Starting Service"
    systemctl start homelable
    msg_ok "Started Service"
@@ -36,13 +36,13 @@ function update_script() {

    # Fetch compute-runtime first so /tmp/gh_rel.json is populated for IGC tag resolution
    fetch_and_deploy_gh_release "intel-libgdgmm12" "intel/compute-runtime" "binary" "latest" "" "libigdgmm12_*_amd64.deb"
-    fetch_and_deploy_gh_release "intel-opencl-icd" "intel/compute-runtime" "binary" "latest" "" "intel-opencl-icd_*_amd64.deb"

    local igc_tag
    _resolve_igc_tag igc_tag

    fetch_and_deploy_gh_release "intel-igc-core-2" "intel/intel-graphics-compiler" "binary" "$igc_tag" "" "intel-igc-core-2_*_amd64.deb"
    fetch_and_deploy_gh_release "intel-igc-opencl-2" "intel/intel-graphics-compiler" "binary" "$igc_tag" "" "intel-igc-opencl-2_*_amd64.deb"
+    fetch_and_deploy_gh_release "intel-opencl-icd" "intel/compute-runtime" "binary" "latest" "" "intel-opencl-icd_*_amd64.deb"
    msg_ok "Updated Intel Dependencies"
  fi

@@ -0,0 +1,64 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/matter-js/matterjs-server
+
+APP="MatterJS-Server"
+var_tags="${var_tags:-matter;iot;smarthome;homeassistant}"
+var_cpu="${var_cpu:-2}"
+var_ram="${var_ram:-1024}"
+var_disk="${var_disk:-4}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-13}"
+var_arm64="${var_arm64:-no}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+
+  if [[ ! -d /opt/matter-server ]]; then
+    msg_error "No ${APP} Installation Found!"
+    exit
+  fi
+
+  NODE_VERSION="24" setup_nodejs
+  
+  CURRENT=$(cat /opt/matter-server/node_modules/matter-server/package.json | grep '"version"' | head -1 | sed 's/.*"\([^"]*\)".*/\1/')
+  LATEST=$(npm view matter-server version 2>/dev/null)
+  if [[ "$CURRENT" != "$LATEST" ]]; then
+    msg_info "Stopping Service"
+    systemctl stop matterjs-server
+    msg_ok "Stopped Service"
+
+    msg_info "Updating ${APP} from v${CURRENT} to v${LATEST}"
+    cd /opt/matter-server
+    $STD npm install matter-server@latest
+    msg_ok "Updated ${APP}"
+
+    msg_info "Starting Service"
+    systemctl start matterjs-server
+    msg_ok "Started Service"
+    msg_ok "Updated successfully!"
+  else
+    msg_ok "No update required. ${APP} is already at v${LATEST}"
+  fi
+  exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed Successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:5580${CL}"
@@ -2,7 +2,7 @@
 source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)

 # Copyright (c) 2021-2026 community-scripts ORG
-# Author: MickLesk (CanbiZ)
+# Author: MickLesk (CanbiZ) | Co-Author: Tom Frenzel (tomfrenzel)
 # License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
 # Source: https://openthread.io/guides/border-router

@@ -32,29 +32,30 @@ function update_script() {
    exit
  fi

-  cd /opt/ot-br-posix
-  LOCAL_COMMIT=$(git rev-parse HEAD)
-  $STD git fetch --depth 1 origin main
-  REMOTE_COMMIT=$(git rev-parse origin/main)
-
-  if [[ "${LOCAL_COMMIT}" == "${REMOTE_COMMIT}" ]]; then
-    msg_ok "Already up to date (${LOCAL_COMMIT:0:7})"
-    exit
-  fi
-
+  if check_for_gh_release "openthread-br" "openthread/ot-br-posix"; then
    msg_info "Stopping Services"
    systemctl stop otbr-web
    systemctl stop otbr-agent
    msg_ok "Stopped Services"

+    if [[ -f /etc/init.d/otbr-agent ]] || [[ -f /etc/init.d/otbr-web ]]; then
+      msg_info "Removing legacy services"
+      rm -f /etc/init.d/otbr-agent /etc/init.d/otbr-web
+      systemctl daemon-reload
+      msg_ok "Removed legacy services"
+    fi
+
    msg_info "Backing up Configuration"
    cp /etc/default/otbr-agent /etc/default/otbr-agent.bak
    msg_ok "Backed up Configuration"

-  msg_info "Updating Source"
-  $STD git reset --hard origin/main
+    msg_info "Fetching GitHub release OpenThread-BR (${CHECK_UPDATE_RELEASE#v})" 
+    cd /opt/ot-br-posix
+    $STD git fetch --depth 1 origin tag "$CHECK_UPDATE_RELEASE"
+    $STD git checkout -f "$CHECK_UPDATE_RELEASE"
    $STD git submodule update --depth 1 --init --recursive
-  msg_ok "Updated Source"
+    echo "${CHECK_UPDATE_RELEASE#v}" > ~/.openthread-br
+    msg_ok "Deployed GitHub release OpenThread-BR (${CHECK_UPDATE_RELEASE#v})"

  msg_info "Rebuilding OpenThread Border Router (Patience)"
  cd /opt/ot-br-posix/build
@@ -67,6 +68,7 @@ function update_script() {
    -DOTBR_WEB=ON \
    -DOTBR_BORDER_ROUTING=ON \
    -DOTBR_BACKBONE_ROUTER=ON \
+    -DOTBR_SYSTEMD_UNIT_DIR=/etc/systemd/system \
    -DOT_FIREWALL=ON \
    -DOT_POSIX_NAT64_CIDR="192.168.255.0/24" \
    ..
@@ -104,6 +106,7 @@ EOF
  systemctl start otbr-web
  msg_ok "Started Services"
  msg_ok "Updated successfully!"
+  fi
  exit
 }

@@ -37,7 +37,9 @@ function update_script() {
    if ! grep -q "photoprism/config/.env" ~/.bashrc 2>/dev/null; then
      msg_info "Adding environment export for CLI tools"
      echo '# Load PhotoPrism environment variables for CLI tools' >>~/.bashrc
-      echo 'export $(grep -v "^#" /opt/photoprism/config/.env | xargs)' >>~/.bashrc
+      echo 'set -a' >>~/.bashrc
+      echo 'source /opt/photoprism/config/.env' >>~/.bashrc
+      echo 'set +a' >>~/.bashrc
      msg_ok "Added environment export"
    fi

@@ -53,7 +53,7 @@ function update_script() {
    msg_ok "Updated Reactive Resume"

    msg_info "Updating Service"
-    sed -i 's|WorkingDirectory=/opt/reactive-resume$|WorkingDirectory=/opt/reactive-resume/apps/web|' /etc/systemd/system/reactive-resume.service
+    sed -i 's|WorkingDirectory=/opt/reactive-resume/apps/web|WorkingDirectory=/opt/reactive-resume/apps/server|; s|ExecStart=/usr/bin/node .output/server/index.mjs|ExecStart=/usr/bin/node dist/index.mjs|' /etc/systemd/system/reactive-resume.service
    systemctl daemon-reload
    msg_ok "Updated Service"

@@ -9,7 +9,7 @@ APP="SparkyFitness"
 var_tags="${var_tags:-health;fitness}"
 var_cpu="${var_cpu:-2}"
 var_ram="${var_ram:-2048}"
-var_disk="${var_disk:-4}"
+var_disk="${var_disk:-7}"
 var_os="${var_os:-debian}"
 var_version="${var_version:-13}"
 var_arm64="${var_arm64:-no}"
@@ -0,0 +1,76 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: phof
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/spliit-app/spliit
+
+APP="Spliit"
+var_tags="${var_tags:-finance;expense-sharing}"
+var_cpu="${var_cpu:-2}"
+var_ram="${var_ram:-2048}"
+var_disk="${var_disk:-8}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-13}"
+var_arm64="${var_arm64:-no}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+
+  if [[ ! -d /opt/spliit ]]; then
+    msg_error "No ${APP} Installation Found!"
+    exit
+  fi
+
+  if check_for_gh_release "spliit" "spliit-app/spliit"; then
+    msg_info "Stopping Service"
+    systemctl stop spliit
+    msg_ok "Stopped Service"
+
+    msg_info "Backing up Configuration"
+    rm -f /opt/spliit.env.bak
+    cp /opt/spliit/.env /opt/spliit.env.bak
+    msg_ok "Backed up Configuration"
+
+    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "spliit" "spliit-app/spliit" "tarball"
+
+    msg_info "Restoring Configuration"
+    cp /opt/spliit.env.bak /opt/spliit/.env
+    msg_ok "Restored Configuration"
+
+    msg_info "Building Application"
+    cd /opt/spliit
+    $STD npm ci --ignore-scripts
+    $STD npx prisma generate
+    $STD npm run build
+    msg_ok "Built Application"
+
+    msg_info "Running Database Migrations"
+    cd /opt/spliit
+    $STD npx prisma migrate deploy
+    msg_ok "Ran Database Migrations"
+
+    msg_info "Starting Service"
+    systemctl start spliit
+    msg_ok "Started Service"
+    msg_ok "Updated successfully!"
+  fi
+  exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed Successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:3000${CL}"
@@ -0,0 +1,56 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/tolgee/tolgee-platform
+
+APP="Tolgee"
+var_tags="${var_tags:-localization;i18n;developer-tools}"
+var_cpu="${var_cpu:-4}"
+var_ram="${var_ram:-4096}"
+var_disk="${var_disk:-20}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-13}"
+var_arm64="${var_arm64:-no}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+
+  if [[ ! -d /opt/tolgee ]]; then
+    msg_error "No ${APP} Installation Found!"
+    exit
+  fi
+
+  if check_for_gh_release "tolgee" "tolgee/tolgee-platform"; then
+    msg_info "Stopping Service"
+    systemctl stop tolgee
+    msg_ok "Stopped Service"
+
+    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "tolgee" "tolgee/tolgee-platform" "singlefile" "latest" "/opt/tolgee" "tolgee-*.jar"
+    find /opt/tolgee -maxdepth 1 -type f -name 'tolgee-*.jar' -exec mv {} /opt/tolgee/tolgee.jar \;
+
+    msg_info "Starting Service"
+    systemctl start tolgee
+    msg_ok "Started Service"
+    msg_ok "Updated successfully!"
+  fi
+  exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed Successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:8080${CL}"
@@ -0,0 +1,73 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/pixlcore/xyops
+
+APP="xyOps"
+var_tags="${var_tags:-scheduler;automation;monitoring}"
+var_cpu="${var_cpu:-2}"
+var_ram="${var_ram:-2048}"
+var_disk="${var_disk:-8}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-13}"
+var_arm64="${var_arm64:-no}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+
+  if [[ ! -d /opt/xyops ]]; then
+    msg_error "No ${APP} Installation Found!"
+    exit
+  fi
+
+  if check_for_gh_release "xyops" "pixlcore/xyops"; then
+    msg_info "Stopping Service"
+    systemctl stop xyops
+    msg_ok "Stopped Service"
+
+    msg_info "Backing up Data"
+    cp -r /opt/xyops/data /opt/xyops_data_backup
+    cp -r /opt/xyops/conf /opt/xyops_conf_backup
+    msg_ok "Backed up Data"
+
+    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "xyops" "pixlcore/xyops" "tarball"
+
+    msg_info "Rebuilding Application"
+    cd /opt/xyops
+    $STD npm install
+    $STD node bin/build.js dist
+    chmod 644 /opt/xyops/node_modules/useragent-ng/lib/regexps.js
+    msg_ok "Rebuilt Application"
+
+    msg_info "Restoring Data"
+    cp -r /opt/xyops_data_backup/. /opt/xyops/data
+    cp -r /opt/xyops_conf_backup/. /opt/xyops/conf
+    rm -rf /opt/xyops_data_backup /opt/xyops_conf_backup
+    msg_ok "Restored Data"
+
+    msg_info "Starting Service"
+    systemctl start xyops
+    msg_ok "Started Service"
+    msg_ok "Updated successfully!"
+  fi
+  exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed Successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:5522${CL}"
@@ -29,8 +29,6 @@ $STD apt install -y \
  libltdl-dev \
  libpq5 \
  libmaxminddb0 \
-  libkrb5-3 \
-  libkdb5-10 \
  libkadm5clnt-mit12 \
  libkadm5clnt7t64-heimdal \
  libltdl7 \
@@ -44,49 +42,61 @@ $STD apt install -y \
  libtool \
  libtool-bin \
  gcc \
+  crossbuild-essential-amd64 \
+  gcc-x86-64-linux-gnu \
+  cmake \
+  clang \
+  libunwind-18-dev \
  git
 msg_ok "Installed Dependencies"

 NODE_VERSION="24" setup_nodejs
 setup_yq
 setup_go
+RUST_PROFILE="minimal" RUST_TOOLCHAIN="stable" setup_rust
 UV_PYTHON_INSTALL_DIR="/usr/local/bin" PYTHON_VERSION="3.14.3" setup_uv
-setup_rust
 PG_VERSION="17" setup_postgresql
 PG_DB_NAME="authentik" PG_DB_USER="authentik" PG_DB_GRANT_SUPERUSER="true" setup_postgresql_db

 XMLSEC_VERSION="1.3.11"
-AUTHENTIK_VERSION="version/2026.2.3"
+AUTHENTIK_VERSION="version/2026.5.2"
 fetch_and_deploy_gh_release "xmlsec" "lsh123/xmlsec" "tarball" "${XMLSEC_VERSION}" "/opt/xmlsec"
 fetch_and_deploy_gh_release "authentik" "goauthentik/authentik" "tarball" "${AUTHENTIK_VERSION}" "/opt/authentik"
 fetch_and_deploy_gh_release "geoipupdate" "maxmind/geoipupdate" "binary"

-msg_info "Setup xmlsec"
+msg_info "Setting up xmlsec"
 cd /opt/xmlsec
 $STD ./autogen.sh
 $STD make -j $(nproc)
 $STD make check
 $STD make install
 $STD ldconfig
-msg_ok "xmlsec installed"
+msg_ok "Setup xmlsec"

-msg_info "Setup web"
+msg_info "Configuring rust"
+cd /opt/authentik
+$STD rustup install
+$STD rustup default "$(sed -n 's/channel = "\(.*\)"/\1/p' rust-toolchain.toml)"
+msg_ok "Configured rust"
+
+msg_info "Setting up web"
 cd /opt/authentik/web
 export NODE_ENV="production"
 $STD npm install
 $STD npm run build
 $STD npm run build:sfe
-msg_ok "Web installed"
+msg_ok "Setup web"

-msg_info "Setup go proxy"
+msg_info "Setting up go proxy"
 cd /opt/authentik
 export CGO_ENABLED="1"
+export CC="x86_64-linux-gnu-gcc"
 $STD go mod download
 $STD go build -o /opt/authentik/authentik-server ./cmd/server
 $STD go build -o /opt/authentik/ldap ./cmd/ldap
 $STD go build -o /opt/authentik/rac ./cmd/rac
 $STD go build -o /opt/authentik/radius ./cmd/radius
-msg_ok "Go proxy installed"
+msg_ok "Setup go proxy"

 cat <<EOF >/usr/local/etc/GeoIP.conf
 AccountID ChangeME
@@ -99,17 +109,24 @@ EOF

 echo "#39 19 * * 6,4 /usr/bin/geoipupdate -f /usr/local/etc/GeoIP.conf" | crontab -

-msg_info "Setup python server"
+msg_info "Building worker"
+export AWS_LC_FIPS_SYS_CC="clang"
+cd /opt/authentik
+$STD cargo build --package authentik --no-default-features --features core --locked --release --jobs 1
+cp ./target/release/authentik /opt/authentik/authentik-worker
+rm -r ./target
+msg_ok "Built worker"
+
+msg_info "Setting up python server"
 export UV_NO_BINARY_PACKAGE="cryptography lxml python-kadmin-rs xmlsec"
 export UV_COMPILE_BYTECODE="1"
 export UV_LINK_MODE="copy"
 export UV_NATIVE_TLS="1"
-export RUSTUP_PERMIT_COPY_RENAME="true"
 export UV_PYTHON_INSTALL_DIR="/usr/local/bin"
 cd /opt/authentik
 $STD uv sync --frozen --no-install-project --no-dev
 cp /opt/authentik/authentik/sources/kerberos/krb5.conf /etc/krb5.conf
-msg_ok "Installed python server"
+msg_ok "Setup python server"

 msg_info "Creating authentik config"
 mkdir -p /etc/authentik
@@ -125,7 +142,7 @@ yq -i ".storage.file.path = \"/opt/authentik-data\"" /etc/authentik/config.yml
 yq -i ".disable_startup_analytics = \"true\"" /etc/authentik/config.yml
 $STD useradd -U -s /usr/sbin/nologin -r -M -d /opt/authentik authentik
 chown -R authentik:authentik /opt/authentik
-cat <<EOF >/etc/default/authentik
+cat <<EOF >/etc/default/authentik-server
 TMPDIR=/dev/shm/
 UV_LINK_MODE=copy
 UV_PYTHON_DOWNLOADS=0
@@ -136,6 +153,24 @@ PYTHONUNBUFFERED=1
 PATH=/opt/authentik/lifecycle:/opt/authentik/.venv/bin:/usr/local/bin:/usr/local/sbin:/usr/sbin:/usr/bin:/sbin:/bin
 DJANGO_SETTINGS_MODULE=authentik.root.settings
 PROMETHEUS_MULTIPROC_DIR="/tmp/authentik_prometheus_tmp"
+AUTHENTIK_LISTEN__HTTP="[::]:9000"
+AUTHENTIK_LISTEN__HTTPS="[::]:9443"
+AUTHENTIK_LISTEN__METRICS="[::]:9300"
+EOF
+cat <<EOF >/etc/default/authentik-worker
+TMPDIR=/dev/shm/
+UV_LINK_MODE=copy
+UV_PYTHON_DOWNLOADS=0
+UV_NATIVE_TLS=1
+VENV_PATH=/opt/authentik/.venv
+PYTHONDONTWRITEBYTECODE=1
+PYTHONUNBUFFERED=1
+PATH=/opt/authentik/lifecycle:/opt/authentik/.venv/bin:/usr/local/bin:/usr/local/sbin:/usr/sbin:/usr/bin:/sbin:/bin
+DJANGO_SETTINGS_MODULE=authentik.root.settings
+PROMETHEUS_MULTIPROC_DIR="/tmp/authentik_prometheus_tmp"
+AUTHENTIK_LISTEN__HTTP="[::]:8000"
+AUTHENTIK_LISTEN__HTTPS="[::]:8443"
+AUTHENTIK_LISTEN__METRICS="[::]:8300"
 EOF
 cat <<EOF >/etc/default/authentik_ldap
 AUTHENTIK_HOST="https://127.0.0.1:9443"
@@ -152,7 +187,7 @@ AUTHENTIK_HOST="https://127.0.0.1:9443"
 AUTHENTIK_INSECURE="true"
 AUTHENTIK_TOKEN="token-generated-by-authentik"
 EOF
-msg_ok "authentik config created"
+msg_ok "Created authentik config"

 msg_info "Creating services"
 cat <<EOF >/etc/systemd/system/authentik-server.service
@@ -164,12 +199,12 @@ Wants=postgresql.service
 [Service]
 User=authentik
 Group=authentik
+EnvironmentFile=/etc/default/authentik-server
 ExecStartPre=/usr/bin/mkdir -p "\${PROMETHEUS_MULTIPROC_DIR}"
 ExecStart=/opt/authentik/authentik-server
 WorkingDirectory=/opt/authentik/
 Restart=always
 RestartSec=5
-EnvironmentFile=/etc/default/authentik

 [Install]
 WantedBy=multi-user.target
@@ -184,8 +219,9 @@ After=network.target postgresql.service
 User=authentik
 Group=authentik
 Type=simple
-EnvironmentFile=/etc/default/authentik
-ExecStart=/usr/local/bin/uv run python -m manage worker --pid-file /dev/shm/authentik-worker.pid
+EnvironmentFile=/etc/default/authentik-worker
+ExecStartPre=/usr/bin/mkdir -p "\${PROMETHEUS_MULTIPROC_DIR}"
+ExecStart=/opt/authentik/authentik-worker worker
 WorkingDirectory=/opt/authentik
 Restart=always
 RestartSec=5
@@ -250,7 +286,7 @@ EnvironmentFile=/etc/default/authentik_radius
 [Install]
 WantedBy=multi-user.target
 EOF
-msg_ok "Services created"
+msg_ok "Created services"

 motd_ssh
 customize
@@ -43,19 +43,16 @@ $STD apt-get install -y \
  ca-certificates
 msg_ok "Installed Dependencies"

-msg_info "Setup Python3"
-$STD apt-get install -y \
-  python3 \
-  python3-dev \
-  python3-pip
-rm -rf /usr/lib/python3.*/EXTERNALLY-MANAGED
-msg_ok "Setup Python3"
+PYTHON_VERSION="3.13" setup_uv

 NODE_VERSION="24" setup_nodejs

 msg_info "Installing Change Detection"
-mkdir /opt/changedetection
-$STD pip3 install changedetection.io
+mkdir -p /opt/changedetection
+$STD uv venv --clear /opt/changedetection/.venv
+$STD /opt/changedetection/.venv/bin/python -m ensurepip --upgrade
+$STD /opt/changedetection/.venv/bin/python -m pip install --upgrade pip
+$STD /opt/changedetection/.venv/bin/python -m pip install changedetection.io
 cat <<EOF >/opt/changedetection/.env
 WEBDRIVER_URL=http://127.0.0.1:4444/wd/hub
 PLAYWRIGHT_DRIVER_URL=ws://localhost:3000/chrome?launch=eyJkZWZhdWx0Vmlld3BvcnQiOnsiaGVpZ2h0Ijo3MjAsIndpZHRoIjoxMjgwfSwiaGVhZGxlc3MiOmZhbHNlLCJzdGVhbHRoIjp0cnVlfQ==&blockAds=true
@@ -64,7 +61,7 @@ msg_ok "Installed Change Detection"

 msg_info "Installing Browserless & Playwright"
 mkdir /opt/browserless
-$STD python3 -m pip install playwright
+$STD /opt/changedetection/.venv/bin/python -m pip install playwright
 $STD git clone https://github.com/browserless/chrome /opt/browserless
 $STD npm ci --include=optional --include=dev --prefix /opt/browserless
 $STD /opt/browserless/node_modules/playwright-core/cli.js install --with-deps &>/dev/null
@@ -121,7 +118,7 @@ Wants=browserless.service
 Type=simple
 EnvironmentFile=/opt/changedetection/.env
 WorkingDirectory=/opt/changedetection
-ExecStart=changedetection.io -d /opt/changedetection -p 5000
+ExecStart=/opt/changedetection/.venv/bin/changedetection.io -d /opt/changedetection -p 5000

 [Install]
 WantedBy=multi-user.target
@@ -0,0 +1,43 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: ethan-hgwr
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/gchq/CyberChef
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt install -y caddy
+msg_ok "Installed Dependencies"
+
+NODE_VERSION="24" setup_nodejs
+fetch_and_deploy_gh_release "cyberchef" "gchq/CyberChef" "tarball"
+
+msg_info "Building CyberChef (Patience)"
+cd /opt/cyberchef
+$STD npm ci --ignore-scripts
+$STD npm run postinstall
+$STD npm run build
+msg_ok "Built CyberChef"
+
+msg_info "Configuring Caddy"
+cat <<EOF >/etc/caddy/Caddyfile
+:80 {
+    root * /opt/cyberchef/build/prod
+    file_server
+}
+EOF
+systemctl enable -q --now caddy
+systemctl reload caddy
+msg_ok "Configured Caddy"
+
+motd_ssh
+customize
+cleanup_lxc
@@ -17,7 +17,7 @@ msg_info "Installing Dependencies"
 $STD apt install -y build-essential python3-dev
 msg_ok "Installed Dependencies"

-NODE_VERSION="20" setup_nodejs
+NODE_VERSION="24" setup_nodejs

 msg_info "Installing FlowiseAI (Patience)"
 $STD npm install -g flowise \
@@ -149,10 +149,13 @@ msg_ok "Installed packages from Debian Testing repo"
 setup_uv
 PG_VERSION="16" PG_MODULES="pgvector" setup_postgresql

-VCHORD_RELEASE="0.5.3"
-fetch_and_deploy_gh_release "VectorChord" "tensorchord/VectorChord" "binary" "${VCHORD_RELEASE}" "/tmp" "postgresql-16-vchord_*_amd64.deb"
+ACTUAL_PG_VERSION=$(ls /etc/postgresql/ 2>/dev/null | sort -V | tail -1)
+ACTUAL_PG_VERSION=${ACTUAL_PG_VERSION:-16}

-sed -i "s/^#shared_preload.*/shared_preload_libraries = 'vchord.so'/" /etc/postgresql/16/main/postgresql.conf
+VCHORD_RELEASE="0.5.3"
+fetch_and_deploy_gh_release "VectorChord" "tensorchord/VectorChord" "binary" "${VCHORD_RELEASE}" "/tmp" "postgresql-${ACTUAL_PG_VERSION}-vchord_*_amd64.deb"
+
+sed -i "s/^#shared_preload.*/shared_preload_libraries = 'vchord.so'/" /etc/postgresql/${ACTUAL_PG_VERSION}/main/postgresql.conf
 systemctl restart postgresql.service
 PG_DB_NAME="immich" PG_DB_USER="immich" PG_DB_GRANT_SUPERUSER="true" PG_DB_SKIP_ALTER_ROLE="true" setup_postgresql_db

@@ -15,6 +15,10 @@ update_os

 fetch_and_deploy_gh_release "jackett" "Jackett/Jackett" "prebuild" "latest" "/opt/Jackett" "Jackett.Binaries.LinuxAMDx64.tar.gz"

+cat <<EOF >/opt/.env
+DisableRootWarning=true
+EOF
+
 msg_info "Creating Service"
 cat <<EOF >/etc/systemd/system/jackett.service
 [Unit]
@@ -0,0 +1,58 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/matter-js/matterjs-server
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+NODE_VERSION="24" setup_nodejs
+
+msg_info "Installing MatterJS-Server"
+mkdir -p /opt/matter-server
+cd /opt/matter-server
+$STD npm install matter-server
+mkdir -p /var/lib/matterjs-server
+msg_ok "Installed MatterJS-Server"
+
+msg_info "Configuring Network"
+cat <<EOF >/etc/sysctl.d/60-ipv6-ra-rio.conf
+net.ipv6.conf.default.accept_ra=1
+net.ipv6.conf.default.accept_ra_rtr_pref=1
+net.ipv6.conf.default.accept_ra_rt_info_max_plen=64
+net.ipv6.conf.eth0.accept_ra=1
+net.ipv6.conf.eth0.accept_ra_rtr_pref=1
+net.ipv6.conf.eth0.accept_ra_rt_info_max_plen=64
+EOF
+$STD sysctl -p /etc/sysctl.d/60-ipv6-ra-rio.conf
+msg_ok "Configured Network"
+
+msg_info "Creating Service"
+cat <<EOF >/etc/systemd/system/matterjs-server.service
+[Unit]
+Description=MatterJS Server
+After=network.target
+
+[Service]
+Type=simple
+User=root
+ExecStart=/usr/bin/node /opt/matter-server/node_modules/matter-server/dist/esm/MatterServer.js --storage-path /var/lib/matterjs-server
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl enable -q --now matterjs-server
+msg_ok "Created Service"
+
+motd_ssh
+customize
+cleanup_lxc
@@ -23,11 +23,6 @@ msg_info "Starting Navidrome"
 systemctl enable -q --now navidrome
 msg_ok "Started Navidrome"

-read -p "${TAB3}Do you want to install filebrowser addon? (y/n) " -n 1 -r
-if [[ $REPLY =~ ^[Yy]$ ]]; then
-  bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/tools/addon/filebrowser.sh)"
-fi
-
 motd_ssh
 customize
 cleanup_lxc
@@ -69,6 +69,13 @@ if ! fetch_and_deploy_gh_release "ollama-com" "ollama/ollama" "prebuild" "latest
  msg_error "Failed to download or deploy Ollama – check network connectivity and GitHub API availability"
  exit 250
 fi
+# If /dev/kfd exists assume an AMD GPU is installed, and install ROCM support for ollama
+if [[ -e /dev/kfd ]]; then
+  if ! fetch_and_deploy_gh_release "ollama-rocm-com" "ollama/ollama" "prebuild" "latest" "$OLLAMA_INSTALL_DIR/lib" "ollama-linux-amd64-rocm.tar.zst"; then
+    msg_error "Failed to download or deploy Ollama AMD ROCM suport – check network connectivity and GitHub API availability"
+    exit 250
+  fi
+fi
 ln -sf "$OLLAMA_INSTALL_DIR/bin/ollama" "$BINDIR/ollama"
 msg_ok "Installed Ollama"

@@ -102,6 +109,10 @@ RestartSec=3
 [Install]
 WantedBy=multi-user.target
 EOF
+if [[ -e /dev/kfd ]]; then
+  sed -i '/Environment=OLLAMA_INTEL_GPU=true/a Environment=OLLAMA_IGPU_ENABLE=1' \
+      /etc/systemd/system/ollama.service
+fi
 systemctl enable -q --now ollama
 msg_ok "Created Service"

@@ -1,7 +1,7 @@
 #!/usr/bin/env bash

 # Copyright (c) 2021-2026 community-scripts ORG
-# Author: MickLesk (CanbiZ)
+# Author: MickLesk (CanbiZ) | Co-Author: Tom Frenzel (tomfrenzel)
 # License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
 # Source: https://openthread.io/guides/border-router

@@ -39,12 +39,19 @@ msg_ok "Installed Dependencies"

 setup_nodejs

-msg_info "Cloning OpenThread Border Router"
+RELEASE=$(get_latest_gh_tag "openthread/ot-br-posix")
+if [[ -z "$RELEASE" ]]; then
+  msg_error "Failed to fetch latest release tag"
+  exit 1
+fi
+
+msg_info "Fetching GitHub release OpenThread-BR (${RELEASE#v})"
 # git clone is needed to fetch submodules, fetch_and_deploy_gh_release doesn't support this. We use --depth 1 to minimize the amount of data cloned, but it still may take a while.
-$STD git clone --depth 1 https://github.com/openthread/ot-br-posix /opt/ot-br-posix
+$STD git clone --depth 1 --branch "$RELEASE" https://github.com/openthread/ot-br-posix /opt/ot-br-posix
 cd /opt/ot-br-posix
 $STD git submodule update --depth 1 --init --recursive
-msg_ok "Cloned OpenThread Border Router"
+echo "${RELEASE#v}" > ~/.openthread-br
+msg_ok "Deployed GitHub release OpenThread-BR (${RELEASE#v})"

 msg_info "Building OpenThread Border Router (Patience)"
 mkdir -p build && cd build
@@ -57,6 +64,7 @@ $STD cmake -GNinja \
  -DOTBR_WEB=ON \
  -DOTBR_BORDER_ROUTING=ON \
  -DOTBR_BACKBONE_ROUTER=ON \
+  -DOTBR_SYSTEMD_UNIT_DIR=/etc/systemd/system \
  -DOT_FIREWALL=ON \
  -DOT_POSIX_NAT64_CIDR="192.168.255.0/24" \
  ..
@@ -107,9 +107,9 @@ After=network.target postgresql.service chromium-printer.service
 Wants=postgresql.service chromium-printer.service

 [Service]
-WorkingDirectory=/opt/reactive-resume/apps/web
+WorkingDirectory=/opt/reactive-resume/apps/server
 EnvironmentFile=/opt/reactive-resume/.env
-ExecStart=/usr/bin/node .output/server/index.mjs
+ExecStart=/usr/bin/node dist/index.mjs
 Restart=always
 RestartSec=5

@@ -0,0 +1,69 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: phof
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/spliit-app/spliit
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+PG_VERSION="16" setup_postgresql
+PG_DB_NAME="spliit" PG_DB_USER="spliit" setup_postgresql_db
+NODE_VERSION="22" setup_nodejs
+fetch_and_deploy_gh_release "spliit" "spliit-app/spliit" "tarball"
+
+msg_info "Configuring Application"
+cat <<EOF >/opt/spliit/.env
+POSTGRES_PRISMA_URL=postgresql://${PG_DB_USER}:${PG_DB_PASS}@localhost:5432/${PG_DB_NAME}?schema=public
+POSTGRES_URL_NON_POOLING=postgresql://${PG_DB_USER}:${PG_DB_PASS}@localhost:5432/${PG_DB_NAME}?schema=public
+NEXT_PUBLIC_DEFAULT_CURRENCY_CODE=
+NEXT_TELEMETRY_DISABLED=1
+NODE_ENV=production
+PORT=3000
+HOSTNAME=0.0.0.0
+EOF
+msg_ok "Configured Application"
+
+msg_info "Building Application"
+cd /opt/spliit
+$STD npm ci --ignore-scripts
+$STD npx prisma generate
+$STD npm run build
+msg_ok "Built Application"
+
+msg_info "Running Database Migrations"
+cd /opt/spliit
+$STD npx prisma migrate deploy
+msg_ok "Ran Database Migrations"
+
+msg_info "Creating Service"
+cat <<EOF >/etc/systemd/system/spliit.service
+[Unit]
+Description=Spliit
+After=network.target postgresql.service
+Requires=postgresql.service
+
+[Service]
+Type=simple
+User=root
+WorkingDirectory=/opt/spliit
+EnvironmentFile=/opt/spliit/.env
+ExecStart=/usr/bin/npm run start
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl enable -q --now spliit
+msg_ok "Created Service"
+
+motd_ssh
+customize
+cleanup_lxc
@@ -0,0 +1,61 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/tolgee/tolgee-platform
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+JAVA_VERSION="21" setup_java
+PG_VERSION="16" setup_postgresql
+PG_DB_NAME="tolgee" PG_DB_USER="tolgee" setup_postgresql_db
+
+fetch_and_deploy_gh_release "tolgee" "tolgee/tolgee-platform" "singlefile" "latest" "/opt/tolgee" "tolgee-*.jar"
+
+msg_info "Setting up Tolgee"
+mkdir -p /opt/tolgee_data
+find /opt/tolgee -maxdepth 1 -type f -name 'tolgee-*.jar' -exec mv {} /opt/tolgee/tolgee.jar \;
+
+cat <<EOF >/opt/tolgee_data/.env
+SERVER_PORT=8080
+TOLGEE_POSTGRES_AUTOSTART_ENABLED=false
+SPRING_DATASOURCE_URL=jdbc:postgresql://localhost:5432/${PG_DB_NAME}
+SPRING_DATASOURCE_USERNAME=${PG_DB_USER}
+SPRING_DATASOURCE_PASSWORD=${PG_DB_PASS}
+TOLGEE_AUTHENTICATION_ENABLED=true
+TOLGEE_AUTHENTICATION_INITIAL_USERNAME=admin
+TOLGEE_FILE_STORAGE_FS_DATA_PATH=/opt/tolgee_data
+EOF
+msg_ok "Set up Tolgee"
+
+msg_info "Creating Service"
+cat <<EOF >/etc/systemd/system/tolgee.service
+[Unit]
+Description=Tolgee Service
+After=network.target
+
+[Service]
+Type=simple
+User=root
+WorkingDirectory=/opt/tolgee
+EnvironmentFile=/opt/tolgee_data/.env
+ExecStart=/usr/bin/java -jar /opt/tolgee/tolgee
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl enable -q --now tolgee
+msg_ok "Created Service"
+
+motd_ssh
+customize
+cleanup_lxc
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/pixlcore/xyops
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt install -y \
+  build-essential \
+  python3 \
+  python3-setuptools \
+  pkg-config \
+  libssl-dev \
+  zlib1g-dev
+msg_ok "Installed Dependencies"
+
+NODE_VERSION="22" setup_nodejs
+
+fetch_and_deploy_gh_release "xyops" "pixlcore/xyops" "tarball"
+
+msg_info "Building Application"
+cd /opt/xyops
+$STD npm install
+$STD node bin/build.js dist
+chmod 644 /opt/xyops/node_modules/useragent-ng/lib/regexps.js
+msg_ok "Built Application"
+
+fetch_and_deploy_gh_release "xysat" "pixlcore/xysat" "tarball" "latest" "/opt/xyops/satellite"
+
+msg_info "Building xySat Satellite"
+cd /opt/xyops/satellite
+$STD npm install
+msg_ok "Built xySat Satellite"
+
+msg_info "Setting up Directories"
+mkdir -p /opt/xyops/data /opt/xyops/logs /opt/xyops/temp /opt/xyops/conf
+msg_ok "Set up Directories"
+
+msg_info "Creating Service"
+cat <<EOF >/etc/systemd/system/xyops.service
+[Unit]
+Description=xyOps Task Scheduler and Server Monitor
+After=network.target
+
+[Service]
+Type=simple
+User=root
+WorkingDirectory=/opt/xyops
+Environment=XYOPS_foreground=1
+ExecStart=/usr/bin/node /opt/xyops/lib/main.js
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl enable -q --now xyops
+msg_ok "Created Service"
+
+motd_ssh
+customize
+cleanup_lxc
@@ -3982,7 +3982,7 @@ $PCT_OPTIONS_STRING"
      if [[ -d /dev/dri ]]; then
        # Only add if not already claimed by Intel
        if [[ ${#INTEL_DEVICES[@]} -eq 0 ]]; then
-          for d in /dev/dri/renderD* /dev/dri/card*; do
+          for d in /dev/dri/renderD* /dev/dri/card* /dev/kfd; do
            [[ -e "$d" ]] && AMD_DEVICES+=("$d")
          done
        fi
@@ -76,7 +76,7 @@ intel() {
  }

  msg_info "Downloading the Intel Processor Microcode Package $microcode"
-  curl -fsSL "http://ftp.debian.org/debian/pool/non-free-firmware/i/intel-microcode/$microcode" -o $(basename "http://ftp.debian.org/debian/pool/non-free-firmware/i/intel-microcode/$microcode")
+  curl -fsSL --proto '=https' "https://ftp.debian.org/debian/pool/non-free-firmware/i/intel-microcode/$microcode" -o "$microcode"
  msg_ok "Downloaded the Intel Processor Microcode Package $microcode"

  msg_info "Installing $microcode (Patience)"
@@ -90,7 +90,7 @@ intel() {
  }

  msg_info "Downloading Intel processor microcode package $microcode"
-  curl -fsSL "http://ftp.debian.org/debian/pool/non-free-firmware/i/intel-microcode/$microcode" -o $(basename "http://ftp.debian.org/debian/pool/non-free-firmware/i/intel-microcode/$microcode")
+  curl -fsSL --proto '=https' "https://ftp.debian.org/debian/pool/non-free-firmware/i/intel-microcode/$microcode" -o "$microcode"
  msg_ok "Downloaded Intel processor microcode package $microcode"

  msg_info "Installing $microcode (this might take a while)"
Author	SHA1	Message	Date
Security Fix	ab549baa1f	security: Fix MITM RCE vulnerability in microcode scripts - Changed Intel microcode download from HTTP to HTTPS - Added --proto '=https' flag to curl to prevent protocol downgrade attacks - Simplified output parameter from basename to direct variable reference - Affects: tools/pve/microcode.sh (line 79) and tools/pve/pbs-microcode.sh (line 93) - CVSS: 6.5 (Medium) - CWE-494, CWE-300, CWE-829 - Impact: Prevents network-path MITM attacks that could lead to root RCE The AMD branch was already using HTTPS, this fix brings Intel branch to parity and closes the vulnerability reported in security advisory.	2026-06-08 21:10:11 +02:00
community-scripts-pr-app[bot]	131545081c	Update CHANGELOG.md (#15004 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-08 13:36:24 +00:00
Michel Roegl-Brunner	f98a64b632	Move flowiseai to node 24 to alligne with upstream (#14999 )	2026-06-08 15:35:50 +02:00
community-scripts-pr-app[bot]	56129f7833	Update CHANGELOG.md (#15001 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-08 11:34:16 +00:00
Stéphane FERREIRA	68af0f5b41	homelable: preserve MCP server config across updates (#14996 ) * homelable: preserve MCP server config across updates The update path runs CLEAN_INSTALL=1 fetch_and_deploy_gh_release, which wipes /opt/homelable before redeploying. The backup/restore only covers backend/.env and data/, so an optionally-installed MCP server (set up via Pouzor/homelable's own scripts/lxc-mcp-install.sh, which targets exactly this LXC and lives in /opt/homelable/mcp) loses its .env and .venv on every update. The homelable-mcp service then keeps running on deleted inodes and dies at the next restart. Back up mcp/.env when present, and after the deploy restore it, rebuild the venv (same uv pattern as the backend), restore ownership and restart the service. Fully conditional: installs without the MCP are unaffected. * homelable: remove comments per maintainer review	2026-06-08 13:33:50 +02:00
community-scripts-pr-app[bot]	0a21262cf1	Update CHANGELOG.md (#14997 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-08 06:33:47 +00:00
Stéphane FERREIRA	b3a2fbbf98	changedetection: migrate Python install to uv venv (#14995 ) The update path installed into the global interpreter with a global --ignore-installed flag, which leaves the previous *.dist-info behind on every dependency bump. Duplicate metadata makes pip resolve against stale requirements (e.g. downgrading pydantic-core) and the service crashes at the next restart. Fixes the typing_extensions workaround (#13548) at the root: in a venv there are no Debian-owned packages to conflict with, so neither --ignore-installed nor --break-system-packages is needed. Follows the existing setup_uv + venv-or-migrate pattern from prometheus-pve-exporter and esphome. Existing installs are migrated automatically on the next update; the systemd unit is repointed to the venv binary. Fixes #14987	2026-06-08 08:33:20 +02:00
community-scripts-pr-app[bot]	373b138fe0	Update CHANGELOG.md (#14994 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-07 20:56:35 +00:00
community-scripts-pr-app[bot]	ed8b35f50b	Update CHANGELOG.md (#14993 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-07 20:56:14 +00:00
CanbiZ (MickLesk)	eab30076ca	Navidrome: remove genereic filebrowser addon setup (#14991 )	2026-06-07 22:56:12 +02:00
CanbiZ (MickLesk)	dc2193f4bb	Immich: use actual installed PostgreSQL version for vchord package (#14989 )	2026-06-07 22:55:53 +02:00
community-scripts-pr-app[bot]	4dbefa70cd	Update CHANGELOG.md (#14981 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-07 00:24:11 +00:00
community-scripts-pr-app[bot]	96c2032b60	Archive old changelog entries (#14980 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-07 00:23:51 +00:00
community-scripts-pr-app[bot]	125ff2b27e	Update CHANGELOG.md (#14977 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-06 20:21:02 +00:00
push-app-to-main[bot]	3382ec22f7	Add spliit (ct) (#14966 ) Co-authored-by: push-app-to-main[bot] <203845782+push-app-to-main[bot]@users.noreply.github.com>	2026-06-06 22:20:40 +02:00
community-scripts-pr-app[bot]	2c0ec7c64a	Update CHANGELOG.md (#14976 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-06 20:11:41 +00:00
push-app-to-main[bot]	64009bee05	Add tolgee (ct) (#14965 ) Co-authored-by: push-app-to-main[bot] <203845782+push-app-to-main[bot]@users.noreply.github.com>	2026-06-06 22:11:21 +02:00
community-scripts-pr-app[bot]	ca3f80ed07	Update CHANGELOG.md (#14974 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-06 14:24:47 +00:00
Badintral	0a061c09e7	Allow env variables with spaces (#14969 ) In https://github.com/community-scripts/ProxmoxVE/pull/10023/commits/95dd153d81f96abfef26d6b3997dad3ff5469b05 the syntax used to export env variables, using xargs, meant it was impossible to use standard crontab syntax, with spaces, for a variable like PHOTOPRISM_INDEX_SCHEDULE. This change should solve that.	2026-06-06 16:24:26 +02:00
community-scripts-pr-app[bot]	7d3eb376d4	Update CHANGELOG.md (#14973 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-06 14:09:14 +00:00
push-app-to-main[bot]	25b5fc8866	Add xyops (ct) (#14967 ) Co-authored-by: push-app-to-main[bot] <203845782+push-app-to-main[bot]@users.noreply.github.com>	2026-06-06 16:08:46 +02:00
community-scripts-pr-app[bot]	0deeccbce8	Update CHANGELOG.md (#14961 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-05 19:14:55 +00:00
Slaviša Arežina	78852f6161	Create missing .env file (#14959 )	2026-06-05 21:14:29 +02:00
community-scripts-pr-app[bot]	26c7ffbbea	Update CHANGELOG.md (#14956 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-05 12:01:25 +00:00
push-app-to-main[bot]	290df58f03	Add matterjs-server (ct) (#14951 ) Co-authored-by: push-app-to-main[bot] <203845782+push-app-to-main[bot]@users.noreply.github.com>	2026-06-05 14:00:55 +02:00
community-scripts-pr-app[bot]	497591be6c	Update CHANGELOG.md (#14955 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-05 11:56:02 +00:00
push-app-to-main[bot]	5b11b6cf15	Add cyberchef (ct) (#14952 ) Co-authored-by: push-app-to-main[bot] <203845782+push-app-to-main[bot]@users.noreply.github.com>	2026-06-05 13:55:33 +02:00
community-scripts-pr-app[bot]	bf319655e1	Update CHANGELOG.md (#14953 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-05 10:40:55 +00:00
Nick B	79ccc8ed6b	AMD IGPU support (#14944 )	2026-06-05 12:40:26 +02:00
community-scripts-pr-app[bot]	416717eeb1	Update CHANGELOG.md (#14950 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-05 10:05:04 +00:00
Tom Frenzel	9bb6480135	fix(openthread-br): use systemd instead of init.d (#14942 )	2026-06-05 12:04:34 +02:00
community-scripts-pr-app[bot]	34a3322544	Update CHANGELOG.md (#14949 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-05 10:02:28 +00:00
thieneret	e280a2d8ba	update authentik to 2026.5.2 (#14846 ) * update authentik * Apply e Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com> * Apply requested change * refactored * Update install/authentik-install.sh Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com> * Update install/authentik-install.sh Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com> * Update install/authentik-install.sh Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com> * Update install/authentik-install.sh Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com> * Update install/authentik-install.sh Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com> * Update ct/authentik.sh Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com> * Update ct/authentik.sh Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com> * Update ct/authentik.sh Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com> * Update install/authentik-install.sh Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com> * update rust * Update install/authentik-install.sh Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com> * add setup_yq * update current version check * Update ct/authentik.sh Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com> --------- Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com> Co-authored-by: CanbiZ (MickLesk) <47820557+MickLesk@users.noreply.github.com>	2026-06-05 12:02:00 +02:00
community-scripts-pr-app[bot]	f09b8ff9a8	Update CHANGELOG.md (#14945 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-04 21:51:26 +00:00
Tom Frenzel	a6cb33e431	OpenThread-BR: use official GitHub releases (#14916 )	2026-06-04 23:50:58 +02:00
community-scripts-pr-app[bot]	7099acc119	Update CHANGELOG.md (#14938 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-04 16:16:55 +00:00
Slaviša Arežina	8f770b4dd2	Fix status messages for several alpine scripts (#14911 )	2026-06-04 18:16:21 +02:00
community-scripts-pr-app[bot]	e160b22c81	Update CHANGELOG.md (#14932 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-04 11:44:29 +00:00
CanbiZ (MickLesk)	ccd36df35d	ReactiveResume: Fix Service Path (#14926 )	2026-06-04 13:44:05 +02:00
community-scripts-pr-app[bot]	5296626c57	Update CHANGELOG.md (#14931 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-04 10:23:10 +00:00
CanbiZ (MickLesk)	370d164993	fix(jellyfin): install intel-igc deps before intel-opencl-icd to fix dependency order (#14927 )	2026-06-04 12:22:41 +02:00
community-scripts-pr-app[bot]	601912340f	Update CHANGELOG.md (#14930 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-06-04 09:41:29 +00:00
github-actions[bot]	ba3708a351	chore(ct): sync sparkyfitness defaults with PocketBase (#14925 )	2026-06-04 11:41:04 +02:00