Update CHANGELOG.md (#13029 )

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Update CHANGELOG.md (#13028 )
2026-03-19 16:33:01 +01:00 · 2026-03-17 23:00:07 +00:00 · 2026-03-17 22:59:55 +00:00 · 2026-03-17 23:59:40 +01:00 · 2026-03-17 23:59:28 +01:00 · 2026-03-17 20:20:06 +00:00
3 changed files with 21 additions and 2 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -425,6 +425,19 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit

 ## 2026-03-17

+### 🚀 Updated Scripts
+
+  - #### 🐞 Bug Fixes
+
+    - Gluetun: add OpenVPN process user and cleanup stale config [@MickLesk](https://github.com/MickLesk) ([#13016](https://github.com/community-scripts/ProxmoxVE/pull/13016))
+    - Frigate: check OpenVino model files exist before configuring detector and use curl_with_retry instead of default wget [@MickLesk](https://github.com/MickLesk) ([#13019](https://github.com/community-scripts/ProxmoxVE/pull/13019))
+
+### 💾 Core
+
+  - #### 🔧 Refactor
+
+    - tools.func: Update `create_self_signed_cert()` [@tremor021](https://github.com/tremor021) ([#13008](https://github.com/community-scripts/ProxmoxVE/pull/13008))
+
 ## 2026-03-16

 ### 🆕 New Scripts
--- a/install/gluetun-install.sh
+++ b/install/gluetun-install.sh
@@ -46,6 +46,9 @@ VPN_TYPE=openvpn
 OPENVPN_CUSTOM_CONFIG=/opt/gluetun-data/custom.ovpn
 OPENVPN_USER=
 OPENVPN_PASSWORD=
+OPENVPN_PROCESS_USER=root
+PUID=0
+PGID=0
 HTTP_CONTROL_SERVER_ADDRESS=:8000
 HTTPPROXY=off
 SHADOWSOCKS=off
@@ -76,6 +79,7 @@ User=root
 WorkingDirectory=/opt/gluetun-data
 EnvironmentFile=/opt/gluetun-data/.env
 UnsetEnvironment=USER
+ExecStartPre=/bin/sh -c 'rm -f /etc/openvpn/target.ovpn'
 ExecStart=/usr/local/bin/gluetun
 Restart=on-failure
 RestartSec=5
--- a/misc/tools.func
+++ b/misc/tools.func
@@ -2519,6 +2519,8 @@ check_for_codeberg_release() {
 # ------------------------------------------------------------------------------
 create_self_signed_cert() {
  local APP_NAME="${1:-${APPLICATION}}"
+  local HOSTNAME="$(hostname -f)"
+  local IP="$(hostname -I | awk '{print $1}')"
  local APP_NAME_LC=$(echo "${APP_NAME,,}" | tr -d ' ')
  local CERT_DIR="/etc/ssl/${APP_NAME_LC}"
  local CERT_KEY="${CERT_DIR}/${APP_NAME_LC}.key"
@@ -2536,8 +2538,8 @@ create_self_signed_cert() {

  mkdir -p "$CERT_DIR"
  $STD openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 \
-    -subj "/CN=${APP_NAME}" \
-    -addext "subjectAltName=DNS:${APP_NAME}" \
+    -subj "/CN=${HOSTNAME}" \
+    -addext "subjectAltName=DNS:${HOSTNAME},DNS:localhost,IP:${IP},IP:127.0.0.1" \
    -keyout "$CERT_KEY" \
    -out "$CERT_CRT" || {
    msg_error "Failed to create self-signed certificate"
Author	SHA1	Message	Date
community-scripts-pr-app[bot]	7d11f9acd6	Update CHANGELOG.md (#13029 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-03-17 23:00:07 +00:00
community-scripts-pr-app[bot]	55a877a3e2	Update CHANGELOG.md (#13028 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-03-17 22:59:55 +00:00
CanbiZ (MickLesk)	27c9d7fd07	fix(gluetun): add OpenVPN process user and cleanup stale config (#13016 ) - Add OPENVPN_PROCESS_USER=root, PUID=0, PGID=0 to default .env to prevent gluetun from injecting 'user' directive into target.ovpn which causes 'Unrecognized option' errors on Debian - Add ExecStartPre to remove stale /etc/openvpn/target.ovpn before start - Fixes #12988	2026-03-17 23:59:40 +01:00
CanbiZ (MickLesk)	c907e10334	Frigate: check OpenVino model files exist before configuring detector and use curl_with_retry instead of default wget (#13019 ) * fix(frigate): check OpenVino model files exist before configuring detector When the OpenVino model build fails (e.g. TensorFlow import error), the model files are not created but the config still references them if the CPU supports avx/sse4_2, causing Frigate to crash on start with FileNotFoundError. Now also checks that ssdlite_mobilenet_v2.xml and coco_91cl_bkgr.txt actually exist before configuring the OpenVino detector, falling back to CPU model otherwise. Fixes #12808 * fix(frigate): use curl_with_retry for all downloads Replace all wget and bare curl calls with curl_with_retry from tools.func for robust downloads with retry logic, exponential backoff, and DNS pre-checks. This prevents install failures from transient network issues during model and dependency downloads.	2026-03-17 23:59:28 +01:00
community-scripts-pr-app[bot]	804c462dd3	Update CHANGELOG.md (#13020 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-03-17 20:20:06 +00:00
Slaviša Arežina	9df9a2831e	Update (#13008 )	2026-03-17 21:19:36 +01:00