Immich: Ensure newline before appending IMMICH_HELMET_FILE to .env

Update CHANGELOG.md (#13663 )
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-04-12 04:55:04 +02:00 · 2026-04-11 22:11:20 +02:00 · 2026-04-11 20:08:27 +00:00 · 2026-04-11 22:08:04 +02:00 · 2026-04-11 20:07:47 +00:00 · 2026-04-11 22:07:23 +02:00
9 changed files with 72 additions and 12 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -439,11 +439,42 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit

 </details>

+## 2026-04-11
+
+### 🚀 Updated Scripts
+
+  - #### ✨ New Features
+
+    - Immich: Pin version to 2.7.4 [@vhsdream](https://github.com/vhsdream) ([#13661](https://github.com/community-scripts/ProxmoxVE/pull/13661))
+
+  - #### 🔧 Refactor
+
+    - Refactor: Alpine-Wakapi [@tremor021](https://github.com/tremor021) ([#13656](https://github.com/community-scripts/ProxmoxVE/pull/13656))
+
 ## 2026-04-10

 ### 🚀 Updated Scripts

-  - Immich: Pin version to 2.7.3 [@vhsdream](https://github.com/vhsdream) ([#13631](https://github.com/community-scripts/ProxmoxVE/pull/13631))
+  - #### 🐞 Bug Fixes
+
+    - fix: ensure trailing newline in redis.conf before appending bind directive [@Copilot](https://github.com/Copilot) ([#13647](https://github.com/community-scripts/ProxmoxVE/pull/13647))
+
+  - #### ✨ New Features
+
+    - Immich: Pin version to 2.7.3 [@vhsdream](https://github.com/vhsdream) ([#13631](https://github.com/community-scripts/ProxmoxVE/pull/13631))
+    - Homarr: bind Redis to localhost only [@MickLesk](https://github.com/MickLesk) ([#13552](https://github.com/community-scripts/ProxmoxVE/pull/13552))
+
+### 💾 Core
+
+  - #### 🐞 Bug Fixes
+
+    - tools.func: prevent script crash when entering GitHub token after rate limit [@MickLesk](https://github.com/MickLesk) ([#13638](https://github.com/community-scripts/ProxmoxVE/pull/13638))
+
+### 🧰 Tools
+
+  - #### 🔧 Refactor
+
+    - addons: Filebrowser & Filebrowser-Quantum get warning if host install [@MickLesk](https://github.com/MickLesk) ([#13639](https://github.com/community-scripts/ProxmoxVE/pull/13639))

 ## 2026-04-09

--- a/ct/alpine-wakapi.sh
+++ b/ct/alpine-wakapi.sh
@@ -44,12 +44,10 @@ function update_script() {
    cp /opt/wakapi/config.yml /opt/wakapi/wakapi_db.db /opt/wakapi-backup/
    msg_ok "Created backup"

-    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "wakapi" "muety/wakapi" "tarball"
+    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "wakapi" "muety/wakapi" "prebuild" "latest" "/opt/wakapi" "wakapi_linux_amd64.zip"

    msg_info "Configuring Wakapi"
    cd /opt/wakapi
-    $STD go mod download
-    $STD go build -o wakapi
    cp /opt/wakapi-backup/config.yml /opt/wakapi/
    cp /opt/wakapi-backup/wakapi_db.db /opt/wakapi/
    rm -rf /opt/wakapi-backup
--- a/ct/homarr.sh
+++ b/ct/homarr.sh
@@ -65,6 +65,8 @@ EOF

    msg_info "Updating Homarr"
    cp /opt/homarr/redis.conf /etc/redis/redis.conf
+    sed -i -e '$a\' /etc/redis/redis.conf
+    grep -q '^bind 127.0.0.1 -::1$' /etc/redis/redis.conf || echo "bind 127.0.0.1 -::1" >> /etc/redis/redis.conf
    rm /etc/nginx/nginx.conf
    cp /opt/homarr/nginx.conf /etc/nginx/templates/nginx.conf
    msg_ok "Updated Homarr"
--- a/ct/immich.sh
+++ b/ct/immich.sh
@@ -109,7 +109,7 @@ EOF
    msg_ok "Image-processing libraries up to date"
  fi

-  RELEASE="v2.7.3"
+  RELEASE="v2.7.4"
  if check_for_gh_release "Immich" "immich-app/immich" "${RELEASE}" "each release is tested individually before the version is updated. Please do not open issues for this"; then
    if [[ $(cat ~/.immich) > "2.5.1" ]]; then
      msg_info "Enabling Maintenance Mode"
@@ -276,6 +276,7 @@ EOF
      sed -i '/^DB_DATABASE_NAME/a DB_HOSTNAME=127.0.0.1' "$INSTALL_DIR"/.env
    fi
    if ! grep -q 'HELMET_FILE' "$INSTALL_DIR"/.env; then
+      sed -i -e '$a\' "$INSTALL_DIR"/.env
      echo "IMMICH_HELMET_FILE=true" >>"$INSTALL_DIR"/.env
    fi

--- a/install/alpine-wakapi-install.sh
+++ b/install/alpine-wakapi-install.sh
@@ -18,17 +18,13 @@ $STD apk add --no-cache \
  ca-certificates \
  tzdata
 $STD update-ca-certificates
-$STD apk add --no-cache go --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community
 msg_ok "Installed Dependencies"

-fetch_and_deploy_gh_release "wakapi" "muety/wakapi" "tarball"
+fetch_and_deploy_gh_release "wakapi" "muety/wakapi" "prebuild" "latest" "/opt/wakapi" "wakapi_linux_amd64.zip"

 msg_info "Configuring Wakapi"
 LOCAL_IP=$(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1)
 cd /opt/wakapi
-$STD go mod download
-$STD go build -o wakapi
-cp config.default.yml config.yml
 sed -i 's/listen_ipv6: ::1/listen_ipv6: "-"/g' config.yml
 sed -i 's/listen_ipv4: 127.0.0.1/listen_ipv4: "0.0.0.0"/g' config.yml
 sed -i "s/public_url: http:\/\/localhost:3000/public_url: http:\/\/$LOCAL_IP:3000/g" config.yml
--- a/install/homarr-install.sh
+++ b/install/homarr-install.sh
@@ -47,6 +47,8 @@ mkdir -p /appdata/redis
 chown -R redis:redis /appdata/redis
 chmod 744 /appdata/redis
 cp /opt/homarr/redis.conf /etc/redis/redis.conf
+sed -i -e '$a\' /etc/redis/redis.conf
+grep -q '^bind 127.0.0.1 -::1$' /etc/redis/redis.conf || echo "bind 127.0.0.1 -::1" >>/etc/redis/redis.conf
 rm /etc/nginx/nginx.conf
 mkdir -p /etc/nginx/templates
 cp /opt/homarr/nginx.conf /etc/nginx/templates/nginx.conf
@@ -80,7 +82,7 @@ chmod +x /opt/homarr/run.sh
 systemctl daemon-reload
 systemctl enable -q --now redis-server
 systemctl enable -q --now homarr
-systemctl disable -q --now nginx 
+systemctl disable -q --now nginx
 msg_ok "Created Services"

 motd_ssh
--- a/install/immich-install.sh
+++ b/install/immich-install.sh
@@ -295,7 +295,7 @@ ML_DIR="${APP_DIR}/machine-learning"
 GEO_DIR="${INSTALL_DIR}/geodata"
 mkdir -p {"${APP_DIR}","${UPLOAD_DIR}","${GEO_DIR}","${INSTALL_DIR}"/cache}

-fetch_and_deploy_gh_release "Immich" "immich-app/immich" "tarball" "v2.7.3" "$SRC_DIR"
+fetch_and_deploy_gh_release "Immich" "immich-app/immich" "tarball" "v2.7.4" "$SRC_DIR"
 PNPM_VERSION="$(jq -r '.packageManager | split("@")[1] | split("+")[0]' ${SRC_DIR}/package.json)"
 NODE_VERSION="24" NODE_MODULE="pnpm@${PNPM_VERSION}" setup_nodejs

--- a/tools/addon/filebrowser-quantum.sh
+++ b/tools/addon/filebrowser-quantum.sh
@@ -43,6 +43,21 @@ IP=$(ip -4 addr show "$IFACE" | awk '/inet / {print $2}' | cut -d/ -f1 | head -n
 [[ -z "$IP" ]] && IP=$(hostname -I | awk '{print $1}')
 [[ -z "$IP" ]] && IP="127.0.0.1"

+# Proxmox Host Warning
+if [[ -d "/etc/pve" ]]; then
+  echo -e "${RD}⚠️  Warning: Running this addon directly on the Proxmox host is not recommended!${CL}"
+  echo -e "${YW}   Only the boot disk will be visible — passthrough drives will not be indexed.${CL}"
+  echo -e "${YW}   This causes incorrect disk usage stats and incomplete file browsing.${CL}"
+  echo -e "${YW}   Run this addon inside an LXC or VM instead and mount your drives there.${CL}"
+  echo ""
+  echo -n "Continue anyway on the Proxmox host? (y/N): "
+  read -r host_confirm
+  if [[ ! "${host_confirm,,}" =~ ^(y|yes)$ ]]; then
+    echo -e "${YW}Aborted.${CL}"
+    exit 0
+  fi
+fi
+
 # OS Detection
 if [[ -f "/etc/alpine-release" ]]; then
  OS="Alpine"
--- a/tools/addon/filebrowser.sh
+++ b/tools/addon/filebrowser.sh
@@ -41,6 +41,21 @@ IP=$(ip -4 addr show "$IFACE" | awk '/inet / {print $2}' | cut -d/ -f1 | head -n
 [[ -z "$IP" ]] && IP=$(hostname -I | awk '{print $1}')
 [[ -z "$IP" ]] && IP="127.0.0.1"

+# Proxmox Host Warning
+if [[ -d "/etc/pve" ]]; then
+  echo -e "${RD}⚠️  Warning: Running this addon directly on the Proxmox host is not recommended!${CL}"
+  echo -e "${YW}   Only the boot disk will be visible — passthrough drives will not be indexed.${CL}"
+  echo -e "${YW}   This causes incorrect disk usage stats and incomplete file browsing.${CL}"
+  echo -e "${YW}   Run this addon inside an LXC or VM instead and mount your drives there.${CL}"
+  echo ""
+  echo -n "Continue anyway on the Proxmox host? (y/N): "
+  read -r host_confirm
+  if [[ ! "${host_confirm,,}" =~ ^(y|yes)$ ]]; then
+    echo -e "${YW}Aborted.${CL}"
+    exit 0
+  fi
+fi
+
 # Detect OS
 if [[ -f "/etc/alpine-release" ]]; then
  OS="Alpine"
Author	SHA1	Message	Date
MickLesk	f0e7d67c24	Immich: Ensure newline before appending IMMICH_HELMET_FILE to .env	2026-04-11 22:11:20 +02:00
community-scripts-pr-app[bot]	daaa137cec	Update CHANGELOG.md (#13663 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-04-11 20:08:27 +00:00
Slaviša Arežina	e820d58f2e	Refactor (#13656 )	2026-04-11 22:08:04 +02:00
community-scripts-pr-app[bot]	90bc07f65b	Update CHANGELOG.md (#13662 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-04-11 20:07:47 +00:00
Chris	b40bc46b4b	Immich: Pin version to 2.7.4 (#13661 )	2026-04-11 22:07:23 +02:00
community-scripts-pr-app[bot]	cacc04b26d	Update CHANGELOG.md (#13649 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-04-10 20:50:53 +00:00
community-scripts-pr-app[bot]	e9e65854cc	Update CHANGELOG.md (#13648 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-04-10 20:37:21 +00:00
Copilot	017e709ac7	fix: ensure trailing newline in redis.conf before appending bind directive (#13647 ) * Initial plan * fix: ensure trailing newline in redis.conf before appending bind directive in homarr scripts Agent-Logs-Url: https://github.com/community-scripts/ProxmoxVE/sessions/69891642-9467-46d1-a5d4-004cb66aa824 Co-authored-by: MickLesk <47820557+MickLesk@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: MickLesk <47820557+MickLesk@users.noreply.github.com>	2026-04-10 22:36:56 +02:00
community-scripts-pr-app[bot]	ba876c7495	Update CHANGELOG.md (#13642 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-04-10 09:29:59 +00:00
community-scripts-pr-app[bot]	0d2d1f46f5	Update CHANGELOG.md (#13641 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-04-10 09:29:45 +00:00
CanbiZ (MickLesk)	5e865278e9	addons: Filebrowser & Filebrowser-Quantum get warning if host install (#13639 ) * fix(filebrowser-quantum): warn when addon is run directly on Proxmox host Detect /etc/pve and show a clear warning with link to the recommended LXC installer. User must explicitly confirm to continue on the host, addressing the size calculation and indexing issues reported in gtsteffaniak/filebrowser#1893. Closes #13636 * fix(filebrowser): improve host warning text and add to filebrowser addon - Clarify that passthrough drives are not visible on the Proxmox host - Mention incorrect disk usage stats and incomplete file browsing - Add same warning to filebrowser (non-quantum) addon which also serves from / - Reduce verbosity, remove redundant phrasing * fix(filebrowser): fix misleading host warning wording Remove reference to a non-existent dedicated LXC installer. The addons should simply be run inside an LXC or VM instead.	2026-04-10 11:29:31 +02:00
community-scripts-pr-app[bot]	a18642a8f8	Update CHANGELOG.md (#13640 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-04-10 09:29:19 +00:00
CanbiZ (MickLesk)	9a82ec48b2	tools.func: prevent script crash when entering GitHub token after rate limit (#13638 ) * fix(tools): prevent script crash when entering GitHub token after rate limit fetch_and_deploy_gh_release set attempt=0 after accepting a token, then immediately ran ((0++)) which evaluates to 0 (falsy) causing exit code 1 and killing the script under set -e. Fix: set attempt=1 and continue to restart the retry loop cleanly, giving the full max_retries budget with the new token. Also fix fetch_and_deploy_codeberg_release: replace ((attempt++)) with attempt=\ to avoid the same zero-evaluation crash on the first connection timeout (attempt starts at 0 in that loop). Fixes #13635 * feat(tools): add var_github_token support with token validation - Add var_github_token to all VAR_WHITELIST arrays in build.func so the token can be set via default.vars, app.vars, or environment variable - Map var_github_token -> GITHUB_TOKEN in default_var_settings() (env variable takes precedence over the var file value) - Add commented var_github_token example to the default.vars template - Add validate_github_token() to tools.func: * Calls GET /user to verify the token is accepted * Reports expiry date from x-oauth-expiry header (fine-grained PATs) * Warns when classic PAT is missing public_repo scope * Returns distinct exit codes: 0=valid, 1=invalid/expired, 2=no scope, 3=error - Update prompt_for_github_token(): * Non-interactive path now picks up var_github_token automatically * Interactive path also picks up var_github_token without prompting * Validates token immediately after entry; loops until valid or Ctrl+C	2026-04-10 11:28:52 +02:00
community-scripts-pr-app[bot]	f2d46dd8c8	Update CHANGELOG.md (#13637 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-04-10 08:03:50 +00:00
CanbiZ (MickLesk)	2707295eba	Homarr: bind Redis to localhost only (#13552 ) * Homarr: bind Redis to localhost only * fix(homarr): make Redis bind directive idempotent Replace unconditional append with grep guard to prevent duplicate 'bind 127.0.0.1 -::1' entries on repeated updates. * Fix whitespace in homarr install script Clean up minor whitespace issues in install/homarr-install.sh: remove an extra space before the here-path in the Redis config append (>>/etc/redis/redis.conf) and strip a trailing space after the nginx service name in the systemctl disable call. These are whitespace-only edits to keep the script tidy and avoid passing unintended whitespace to commands.	2026-04-10 10:03:22 +02:00