Compare commits

..

12 Commits

Author SHA1 Message Date
MickLesk
2b87e5ea7a Fix missing libGL.so.1 in Nvidia LXC containers 2026-02-26 21:57:32 +01:00
community-scripts-pr-app[bot]
0d6f5560ff Update CHANGELOG.md (#12367)
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-26 19:21:17 +00:00
Tobias
2f7c7c4ea7 Update overseerr.sh (#12366) 2026-02-26 20:20:41 +01:00
community-scripts-pr-app[bot]
b7f94befba chore: update github-versions.json (#12365)
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-26 18:16:29 +00:00
community-scripts-pr-app[bot]
dc3029822b Update CHANGELOG.md (#12359)
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-26 14:54:54 +00:00
CanbiZ (MickLesk)
3fb677d768 Add workflow to close unauthorized new-script PRs (#12356) 2026-02-26 15:53:47 +01:00
CanbiZ (MickLesk)
e2a83549cb Restrict GitHub source extraction to '# Source:'
When extracting GitHub source URLs in the workflow, only search the "# Source:" line first to avoid matching other URLs (such as license links). Update the grep pipeline to filter for the Source line (case-insensitive) before extracting the https://github.com/... pattern and add explanatory comments.
2026-02-26 14:08:45 +01:00
community-scripts-pr-app[bot]
3911b09d1d chore: update github-versions.json (#12354)
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-26 12:15:04 +00:00
community-scripts-pr-app[bot]
c24e9ead1c Update .app files (#12350)
Co-authored-by: GitHub Actions <github-actions[bot]@users.noreply.github.com>
2026-02-26 11:17:15 +01:00
community-scripts-pr-app[bot]
603d5b8f5e Update CHANGELOG.md (#12351)
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-26 10:15:03 +00:00
community-scripts-pr-app[bot]
4fd70137b4 Update CHANGELOG.md (#12349)
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-26 10:14:45 +00:00
community-scripts-pr-app[bot]
7398ffd9f4 Update date in json (#12348)
Co-authored-by: GitHub Actions <github-actions[bot]@users.noreply.github.com>
2026-02-26 10:14:37 +00:00
7 changed files with 212 additions and 61 deletions

View File

@@ -214,11 +214,12 @@ jobs:
total=$((total + 1))
slug=$(basename "$script" | sed 's/-install\.sh$//')
# Extract Source URL (GitHub only)
# Extract Source URL (GitHub only) from the "# Source:" line
# Supports both:
# # Source: https://github.com/owner/repo
# # Source: https://example.com | Github: https://github.com/owner/repo
source_url=$(head -20 "$script" | grep -oP 'https://github\.com/[^\s|]+' | head -1 || echo "")
# NOTE: Must filter for "# Source:" line first to avoid matching the License URL
source_url=$(head -20 "$script" | grep -i '# Source:' | grep -oP 'https://github\.com/[^\s|]+' | head -1 || echo "")
if [[ -z "$source_url" ]]; then
report_lines+=("| \`$slug\` | — | — | — | — | ⏭️ No GitHub source |")
continue

119
.github/workflows/close-new-script-prs.yml generated vendored Normal file
View File

@@ -0,0 +1,119 @@
name: Close Unauthorized New Script PRs
on:
pull_request_target:
branches: ["main"]
types: [opened, labeled]
jobs:
check-new-script:
if: github.repository == 'community-scripts/ProxmoxVE'
runs-on: coolify-runner
permissions:
pull-requests: write
contents: read
steps:
- name: Close PR if unauthorized new script submission
uses: actions/github-script@v7
with:
script: |
const pr = context.payload.pull_request;
const prNumber = pr.number;
const author = pr.user.login;
const authorType = pr.user.type; // "User" or "Bot"
const owner = context.repo.owner;
const repo = context.repo.repo;
// --- Only act on PRs with the "new script" label ---
const labels = pr.labels.map(l => l.name);
if (!labels.includes("new script")) {
core.info(`PR #${prNumber} does not have "new script" label — skipping.`);
return;
}
// --- Allow our bots ---
const allowedBots = [
"push-app-to-main[bot]",
"push-app-to-main",
];
if (allowedBots.includes(author)) {
core.info(`PR #${prNumber} by allowed bot "${author}" — skipping.`);
return;
}
// --- Check if author is a member of the contributor team ---
const teamSlug = "contributor";
let isMember = false;
try {
const { status } = await github.rest.teams.getMembershipForUserInOrg({
org: owner,
team_slug: teamSlug,
username: author,
});
// status 200 means the user is a member (active or pending)
isMember = true;
} catch (error) {
if (error.status === 404) {
isMember = false;
} else {
core.warning(`Could not check team membership for ${author}: ${error.message}`);
// Fallback: check org membership
try {
await github.rest.orgs.checkMembershipForUser({
org: owner,
username: author,
});
isMember = true;
} catch {
isMember = false;
}
}
}
if (isMember) {
core.info(`PR #${prNumber} by contributor "${author}" — skipping.`);
return;
}
// --- Unauthorized: close the PR with a comment ---
core.info(`Closing PR #${prNumber} by "${author}" — not a contributor or allowed bot.`);
const comment = [
`👋 Hi @${author},`,
``,
`Thank you for your interest in contributing a new script!`,
``,
`However, **new scripts must first be submitted to our development repository** for testing and review before they can be merged here.`,
``,
`> 🛑 New scripts must be submitted to [**ProxmoxVED**](https://github.com/community-scripts/ProxmoxVED) for testing.`,
`> PRs without prior testing will be closed.`,
``,
`Please open your PR at **https://github.com/community-scripts/ProxmoxVED** instead.`,
`Once your script has been tested and approved there, it will be pushed to this repository automatically.`,
``,
`This PR will now be closed. Thank you for understanding! 🙏`,
].join("\n");
await github.rest.issues.createComment({
owner,
repo,
issue_number: prNumber,
body: comment,
});
await github.rest.pulls.update({
owner,
repo,
pull_number: prNumber,
state: "closed",
});
// Add a label to indicate why it was closed
await github.rest.issues.addLabels({
owner,
repo,
issue_number: prNumber,
labels: ["not a script issue"],
});

View File

@@ -409,12 +409,24 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit
## 2026-02-26
### 🆕 New Scripts
- Kima-Hub ([#12319](https://github.com/community-scripts/ProxmoxVE/pull/12319))
### 🚀 Updated Scripts
- #### 🐞 Bug Fixes
- hotfix: overseer version [@CrazyWolf13](https://github.com/CrazyWolf13) ([#12366](https://github.com/community-scripts/ProxmoxVE/pull/12366))
- #### ✨ New Features
- [QOL] Immich: add warning regarding library compilation time [@vhsdream](https://github.com/vhsdream) ([#12345](https://github.com/community-scripts/ProxmoxVE/pull/12345))
### 📂 Github
- github: add workflow to autom. close unauthorized new-script PRs [@MickLesk](https://github.com/MickLesk) ([#12356](https://github.com/community-scripts/ProxmoxVE/pull/12356))
## 2026-02-25
### 🆕 New Scripts

View File

@@ -28,7 +28,7 @@ function update_script() {
exit
fi
if [[ -f "$HOME/.overseerr" ]] && [[ "$(printf '%s\n' "1.34.0" "$(cat "$HOME/.overseerr")" | sort -V | head -n1)" == "1.35.0" ]]; then
if [[ -f "$HOME/.overseerr" ]] && [[ "$(printf '%s\n' "1.35.0" "$(cat "$HOME/.overseerr")" | sort -V | head -n1)" == "1.35.0" ]]; then
echo
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
echo "Overseerr v1.34.0 detected."

View File

@@ -1,5 +1,5 @@
{
"generated": "2026-02-26T06:22:43Z",
"generated": "2026-02-26T18:16:20Z",
"versions": [
{
"slug": "2fauth",
@@ -109,9 +109,9 @@
{
"slug": "bazarr",
"repo": "morpheus65535/bazarr",
"version": "v1.5.5",
"version": "v1.5.6",
"pinned": false,
"date": "2026-02-01T18:00:34Z"
"date": "2026-02-26T11:33:11Z"
},
{
"slug": "bentopdf",
@@ -242,9 +242,9 @@
{
"slug": "cosmos",
"repo": "azukaar/Cosmos-Server",
"version": "v0.21.0",
"version": "v0.21.2",
"pinned": false,
"date": "2026-02-25T17:26:37Z"
"date": "2026-02-26T11:32:33Z"
},
{
"slug": "cronicle",
@@ -666,6 +666,13 @@
"pinned": false,
"date": "2026-02-20T09:19:45Z"
},
{
"slug": "kima-hub",
"repo": "Chevron7Locked/kima-hub",
"version": "v1.5.7",
"pinned": false,
"date": "2026-02-23T23:58:59Z"
},
{
"slug": "kimai",
"repo": "kimai/kimai",
@@ -809,9 +816,9 @@
{
"slug": "mail-archiver",
"repo": "s1t5/mail-archiver",
"version": "2602.3",
"version": "2602.4",
"pinned": false,
"date": "2026-02-22T20:24:18Z"
"date": "2026-02-26T08:43:01Z"
},
{
"slug": "managemydamnlife",
@@ -823,9 +830,9 @@
{
"slug": "manyfold",
"repo": "manyfold3d/manyfold",
"version": "v0.133.0",
"version": "v0.133.1",
"pinned": false,
"date": "2026-02-25T10:40:26Z"
"date": "2026-02-26T15:50:34Z"
},
{
"slug": "mealie",
@@ -963,9 +970,9 @@
{
"slug": "oauth2-proxy",
"repo": "oauth2-proxy/oauth2-proxy",
"version": "v7.14.2",
"version": "v7.14.3",
"pinned": false,
"date": "2026-01-18T00:26:09Z"
"date": "2026-02-26T14:10:21Z"
},
{
"slug": "ombi",
@@ -1054,9 +1061,9 @@
{
"slug": "paperless-gpt",
"repo": "icereed/paperless-gpt",
"version": "v0.25.0",
"version": "v0.25.1",
"pinned": false,
"date": "2026-02-16T08:31:48Z"
"date": "2026-02-26T14:50:11Z"
},
{
"slug": "paperless-ngx",

View File

@@ -1,48 +1,48 @@
{
"name": "Kima-Hub",
"slug": "kima-hub",
"categories": [
13
],
"date_created": "2026-02-25",
"type": "ct",
"updateable": true,
"privileged": false,
"interface_port": 3030,
"documentation": "https://github.com/Chevron7Locked/kima-hub#readme",
"website": "https://github.com/Chevron7Locked/kima-hub",
"logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/kima-hub.webp",
"config_path": "/opt/kima-hub/backend/.env",
"description": "Self-hosted, on-demand audio streaming platform with AI-powered vibe matching, mood detection, smart playlists, and Lidarr/Audiobookshelf integration.",
"install_methods": [
{
"type": "default",
"script": "ct/kima-hub.sh",
"resources": {
"cpu": 4,
"ram": 8192,
"hdd": 20,
"os": "Debian",
"version": "13"
}
}
],
"default_credentials": {
"username": null,
"password": null
"name": "Kima-Hub",
"slug": "kima-hub",
"categories": [
13
],
"date_created": "2026-02-26",
"type": "ct",
"updateable": true,
"privileged": false,
"interface_port": 3030,
"documentation": "https://github.com/Chevron7Locked/kima-hub#readme",
"website": "https://github.com/Chevron7Locked/kima-hub",
"logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/kima-hub.webp",
"config_path": "/opt/kima-hub/backend/.env",
"description": "Self-hosted, on-demand audio streaming platform with AI-powered vibe matching, mood detection, smart playlists, and Lidarr/Audiobookshelf integration.",
"install_methods": [
{
"type": "default",
"script": "ct/kima-hub.sh",
"resources": {
"cpu": 4,
"ram": 8192,
"hdd": 20,
"os": "Debian",
"version": "13"
}
}
],
"default_credentials": {
"username": null,
"password": null
},
"notes": [
{
"text": "First user to register becomes the administrator.",
"type": "info"
},
"notes": [
{
"text": "First user to register becomes the administrator.",
"type": "info"
},
{
"text": "Mount your music library to /music in the container.",
"type": "warning"
},
{
"text": "Audio analysis (mood/vibe detection) requires significant RAM (2-4GB per worker).",
"type": "info"
}
]
{
"text": "Mount your music library to /music in the container.",
"type": "warning"
},
{
"text": "Audio analysis (mood/vibe detection) requires significant RAM (2-4GB per worker).",
"type": "info"
}
]
}

View File

@@ -4237,6 +4237,18 @@ NVIDIA_PIN
# VA-API for hybrid setups (Intel + NVIDIA)
$STD apt-get -y install va-driver-all vainfo 2>/dev/null || true
# Fix GLX alternatives: nvidia-alternative diverts mesa libs but in LXC
# containers the nvidia GLX libs are typically missing, leaving libGL.so.1
# pointing nowhere. Fall back to mesa if nvidia GLX dir is empty/missing.
if command -v update-glx &>/dev/null; then
local nvidia_glx_dir="/usr/lib/nvidia"
if [[ ! -f "${nvidia_glx_dir}/libGL.so.1" ]] && [[ -d /usr/lib/mesa-diverted ]]; then
msg_info "NVIDIA GLX libs missing in container - falling back to mesa"
$STD update-glx --set glx /usr/lib/mesa-diverted 2>/dev/null || true
ldconfig 2>/dev/null || true
fi
fi
msg_ok "NVIDIA GPU configured"
}