fix(tools): auto-detect binary vs armored GPG keys in setup_deb822_repo

The UniFi GPG key at dl.ui.com/unifi/unifi-repo.gpg is already in binary format. setup_deb822_repo unconditionally ran gpg --dearmor which expects ASCII-armored input, corrupting binary keys and causing apt to fail with 'Unable to locate package unifi'. setup_deb822_repo now downloads the key to a temp file first and uses the file command to detect whether it is already a binary PGP/GPG key. Binary keys are copied directly; armored keys are dearmored as before. This also reverts unifi-install.sh back to using setup_deb822_repo for consistency with all other install scripts.
Update CHANGELOG.md (#11839 )
2026-02-13 16:53:27 +01:00 · 2026-02-12 16:47:06 +01:00 · 2026-02-12 13:51:22 +00:00 · 2026-02-12 13:51:13 +00:00 · 2026-02-12 14:50:56 +01:00 · 2026-02-12 14:50:42 +01:00
6 changed files with 30 additions and 6 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -407,6 +407,8 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit

  - #### 🐞 Bug Fixes

+    - Deluge: add python3-setuptools as dep [@MickLesk](https://github.com/MickLesk) ([#11833](https://github.com/community-scripts/ProxmoxVE/pull/11833))
+    - Dispatcharr: migrate to uv sync [@MickLesk](https://github.com/MickLesk) ([#11831](https://github.com/community-scripts/ProxmoxVE/pull/11831))
    - Pangolin: Update database generation command in install script [@tremor021](https://github.com/tremor021) ([#11825](https://github.com/community-scripts/ProxmoxVE/pull/11825))

  - #### ✨ New Features
--- a/ct/deluge.sh
+++ b/ct/deluge.sh
@@ -28,6 +28,7 @@ function update_script() {
    exit
  fi
  msg_info "Updating Deluge"
+  ensure_dependencies python3-setuptools
  $STD apt update
  $STD pip3 install deluge[all] --upgrade
  msg_ok "Updated Deluge"
--- a/ct/dispatcharr.sh
+++ b/ct/dispatcharr.sh
@@ -104,7 +104,7 @@ function update_script() {
    cd /opt/dispatcharr
    rm -rf .venv
    $STD uv venv --clear
-    $STD uv pip install -r requirements.txt --index-strategy unsafe-best-match
+    $STD uv sync
    $STD uv pip install gunicorn gevent celery redis daphne
    msg_ok "Updated Dispatcharr Backend"

--- a/install/deluge-install.sh
+++ b/install/deluge-install.sh
@@ -16,7 +16,8 @@ update_os
 msg_info "Installing Dependencies"
 $STD apt install -y \
  python3-pip \
-  python3-libtorrent
+  python3-libtorrent \
+  python3-setuptools
 msg_ok "Installed Dependencies"

 msg_info "Installing Deluge"
--- a/install/dispatcharr-install.sh
+++ b/install/dispatcharr-install.sh
@@ -37,7 +37,7 @@ fetch_and_deploy_gh_release "dispatcharr" "Dispatcharr/Dispatcharr" "tarball"
 msg_info "Installing Python Dependencies with uv"
 cd /opt/dispatcharr
 $STD uv venv --clear
-$STD uv pip install -r requirements.txt --index-strategy unsafe-best-match
+$STD uv sync
 $STD uv pip install gunicorn gevent celery redis daphne
 msg_ok "Installed Python Dependencies"

--- a/misc/tools.func
+++ b/misc/tools.func
@@ -1294,12 +1294,32 @@ setup_deb822_repo() {
    return 1
  }

-  # Import GPG
-  curl -fsSL "$gpg_url" | gpg --dearmor --yes -o "/etc/apt/keyrings/${name}.gpg" || {
-    msg_error "Failed to import GPG key for ${name}"
+  # Import GPG key (auto-detect binary vs ASCII-armored format)
+  local tmp_gpg
+  tmp_gpg=$(mktemp) || return 1
+  curl -fsSL "$gpg_url" -o "$tmp_gpg" || {
+    msg_error "Failed to download GPG key for ${name}"
+    rm -f "$tmp_gpg"
    return 1
  }

+  if file "$tmp_gpg" | grep -qi 'PGP\|GPG\|public key'; then
+    # Already in binary GPG format — copy directly
+    cp "$tmp_gpg" "/etc/apt/keyrings/${name}.gpg" || {
+      msg_error "Failed to install GPG key for ${name}"
+      rm -f "$tmp_gpg"
+      return 1
+    }
+  else
+    # ASCII-armored — dearmor to binary
+    gpg --dearmor --yes -o "/etc/apt/keyrings/${name}.gpg" < "$tmp_gpg" || {
+      msg_error "Failed to dearmor GPG key for ${name}"
+      rm -f "$tmp_gpg"
+      return 1
+    }
+  fi
+  rm -f "$tmp_gpg"
+
  # Write deb822
  {
    echo "Types: deb"
Author	SHA1	Message	Date
CanbiZ (MickLesk)	7ba4e5dbc9	fix(tools): auto-detect binary vs armored GPG keys in setup_deb822_repo The UniFi GPG key at dl.ui.com/unifi/unifi-repo.gpg is already in binary format. setup_deb822_repo unconditionally ran gpg --dearmor which expects ASCII-armored input, corrupting binary keys and causing apt to fail with 'Unable to locate package unifi'. setup_deb822_repo now downloads the key to a temp file first and uses the file command to detect whether it is already a binary PGP/GPG key. Binary keys are copied directly; armored keys are dearmored as before. This also reverts unifi-install.sh back to using setup_deb822_repo for consistency with all other install scripts.	2026-02-12 16:47:06 +01:00
community-scripts-pr-app[bot]	79fd0d1dda	Update CHANGELOG.md (#11839 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-02-12 13:51:22 +00:00
community-scripts-pr-app[bot]	280778d53b	Update CHANGELOG.md (#11838 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2026-02-12 13:51:13 +00:00
CanbiZ (MickLesk)	1c3a3107f1	Deluge: add python3-setuptools as dep (#11833 ) * fix(deluge): add python3-setuptools for pkg_resources on Python 3.13 * Ensure dependencies before updating Deluge	2026-02-12 14:50:56 +01:00
CanbiZ (MickLesk)	ee2c3a20ee	fix(dispatcharr): migrate from requirements.txt to uv sync (pyproject.toml) (#11831 )	2026-02-12 14:50:42 +01:00
CanbiZ (MickLesk)	5ee4f4e34b	fix(api): prevent duplicate post_to_api submissions (#11836 ) Add POST_TO_API_DONE idempotency guard to post_to_api() to prevent the same telemetry record from being submitted twice with the same RANDOM_UUID. This mirrors the existing POST_UPDATE_DONE pattern in post_update_to_api(). post_to_api() is called twice in build.func: - After storage validation (inside CONTAINER_STORAGE check) - After create_lxc_container() completes When both execute, the second call fails with a random_id uniqueness violation on PocketBase, generating server-side errors.	2026-02-12 13:45:32 +01:00