perf(tools.func, alpine-tools.func): replace direct /etc/os-release reads with get_os_info(), echo|tr with bash builtins, consolidate pipelines

- get_os_info(): single while-read replaces 4 awk subprocesses on first call
- manage_tool_repository(): 7 awk|tr pipelines → get_os_info() cached lookups
- setup_hwaccel(): 3 grep|tr pipelines → get_os_info()
- setup_java/mysql/php/postgresql/clickhouse(): 2 awk|tr pipelines each → get_os_info()
- 6× echo|tr -d ' ' → bash parameter expansion (${var// /})
- 3× mod=$(echo|tr) → bash ${mod//[[:space:]]/}
- npm/apt-cache/cargo pipelines: grep|awk|tr → single awk with gsub
- COMBINED_MODULES: echo|tr|awk|paste (4 proc) → single awk with RS
- download_with_progress: awk|tr → awk gsub (both tools.func and alpine-tools.func)

Eliminates ~30 subprocess forks across typical tool setup paths.

CHANGELOG.md

@@ -436,26 +436,10 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit
 
   - NginxProxyManager: build OpenResty from source via GitHub releases [@MickLesk](https://github.com/MickLesk) ([#13134](https://github.com/community-scripts/ProxmoxVE/pull/13134))
 
-  - #### 🐞 Bug Fixes
-
-    - Tracearr: modify service restart and modify build ressources [@MickLesk](https://github.com/MickLesk) ([#13230](https://github.com/community-scripts/ProxmoxVE/pull/13230))
-
   - #### ✨ New Features
 
     - Kometa: optimize config.yml sed patterns, add Quickstart integration [@MickLesk](https://github.com/MickLesk) ([#13198](https://github.com/community-scripts/ProxmoxVE/pull/13198))
 
-  - #### 🔧 Refactor
-
-    - Refactor: nginxproxymanager update and OpenResty flow [@MickLesk](https://github.com/MickLesk) ([#13216](https://github.com/community-scripts/ProxmoxVE/pull/13216))
-    - Refactor: PartDB [@MickLesk](https://github.com/MickLesk) ([#13229](https://github.com/community-scripts/ProxmoxVE/pull/13229))
-
-### 💾 Core
-
-  - #### 🔧 Refactor
-
-    - core: alpine - Improve network connectivity and DNS checks [@MickLesk](https://github.com/MickLesk) ([#13222](https://github.com/community-scripts/ProxmoxVE/pull/13222))
-    - core: allow /31 and /32 CIDR with out-of-subnet gateway [@MickLesk](https://github.com/MickLesk) ([#13231](https://github.com/community-scripts/ProxmoxVE/pull/13231))
-
 ## 2026-03-22
 
 ### 🆕 New Scripts

ct/nginxproxymanager.sh

@@ -49,25 +49,41 @@ function update_script() {
 
   NODE_VERSION="22" NODE_MODULE="yarn" setup_nodejs
 
-  if dpkg -s openresty &>/dev/null 2>&1; then
-    msg_info "Migrating from packaged OpenResty to source"
-    rm -f /etc/apt/trusted.gpg.d/openresty-archive-keyring.gpg /etc/apt/trusted.gpg.d/openresty.gpg
-    rm -f /etc/apt/sources.list.d/openresty.list /etc/apt/sources.list.d/openresty.sources
+  RELEASE=$(get_latest_github_release "NginxProxyManager/nginx-proxy-manager")
+
+  CLEAN_INSTALL=1 fetch_and_deploy_gh_release "nginxproxymanager" "NginxProxyManager/nginx-proxy-manager" "tarball" "v${RELEASE}" "/opt/nginxproxymanager"
+
+  msg_info "Stopping Services"
+  systemctl stop openresty
+  systemctl stop npm
+  msg_ok "Stopped Services"
+
+  msg_info "Cleaning old files"
+  $STD rm -rf /app \
+    /var/www/html \
+    /etc/nginx \
+    /var/log/nginx \
+    /var/lib/nginx \
+    /var/cache/nginx
+  msg_ok "Cleaned old files"
+
+  msg_info "Migrating to OpenResty from source"
+  rm -f /etc/apt/trusted.gpg.d/openresty-archive-keyring.gpg /etc/apt/trusted.gpg.d/openresty.gpg
+  rm -f /etc/apt/sources.list.d/openresty.list /etc/apt/sources.list.d/openresty.sources
+  if dpkg -l openresty &>/dev/null; then
     $STD apt remove -y openresty
     $STD apt autoremove -y
-    rm -f ~/.openresty
-    msg_ok "Migrated from packaged OpenResty to source"
   fi
-
   local pcre_pkg="libpcre3-dev"
   if grep -qE 'VERSION_ID="1[3-9]"' /etc/os-release 2>/dev/null; then
     pcre_pkg="libpcre2-dev"
   fi
   $STD apt install -y build-essential "$pcre_pkg" libssl-dev zlib1g-dev
+  msg_ok "Migrated to OpenResty from source"
 
-  if check_for_gh_release "openresty" "openresty/openresty"; then
-    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "openresty" "openresty/openresty" "prebuild" "${CHECK_UPDATE_RELEASE}" "/opt/openresty" "openresty-*.tar.gz"
+  CLEAN_INSTALL=1 fetch_and_deploy_gh_release "openresty" "openresty/openresty" "prebuild" "latest" "/opt/openresty" "openresty-*.tar.gz"
 
+  if [[ -d /opt/openresty ]]; then
     msg_info "Building OpenResty"
     cd /opt/openresty
     $STD ./configure \
@@ -98,100 +114,75 @@ ExecStart=/usr/local/openresty/nginx/sbin/nginx -g 'daemon off;'
 WantedBy=multi-user.target
 EOF
     systemctl daemon-reload
-    systemctl restart openresty
     msg_ok "Built OpenResty"
   fi
 
-  if [ -d /opt/certbot ]; then
-    msg_info "Updating Certbot"
-    $STD /opt/certbot/bin/pip install --upgrade pip setuptools wheel
-    $STD /opt/certbot/bin/pip install --upgrade certbot certbot-dns-cloudflare
-    msg_ok "Updated Certbot"
+  msg_info "Setting up Environment"
+  ln -sf /usr/bin/python3 /usr/bin/python
+  ln -sf /usr/local/openresty/nginx/sbin/nginx /usr/sbin/nginx
+  ln -sf /usr/local/openresty/nginx/ /etc/nginx
+  sed -i "0,/\"version\": \"[^\"]*\"/s|\"version\": \"[^\"]*\"|\"version\": \"$RELEASE\"|" /opt/nginxproxymanager/backend/package.json
+  sed -i "0,/\"version\": \"[^\"]*\"/s|\"version\": \"[^\"]*\"|\"version\": \"$RELEASE\"|" /opt/nginxproxymanager/frontend/package.json
+  sed -i 's+^daemon+#daemon+g' /opt/nginxproxymanager/docker/rootfs/etc/nginx/nginx.conf
+  NGINX_CONFS=$(find /opt/nginxproxymanager -type f -name "*.conf")
+  for NGINX_CONF in $NGINX_CONFS; do
+    sed -i 's+include conf.d+include /etc/nginx/conf.d+g' "$NGINX_CONF"
+  done
+
+  mkdir -p /var/www/html /etc/nginx/logs
+  cp -r /opt/nginxproxymanager/docker/rootfs/var/www/html/* /var/www/html/
+  cp -r /opt/nginxproxymanager/docker/rootfs/etc/nginx/* /etc/nginx/
+  cp /opt/nginxproxymanager/docker/rootfs/etc/letsencrypt.ini /etc/letsencrypt.ini
+  cp /opt/nginxproxymanager/docker/rootfs/etc/logrotate.d/nginx-proxy-manager /etc/logrotate.d/nginx-proxy-manager
+  ln -sf /etc/nginx/nginx.conf /etc/nginx/conf/nginx.conf
+  rm -f /etc/nginx/conf.d/dev.conf
+
+  mkdir -p /tmp/nginx/body \
+    /run/nginx \
+    /data/nginx \
+    /data/custom_ssl \
+    /data/logs \
+    /data/access \
+    /data/nginx/default_host \
+    /data/nginx/default_www \
+    /data/nginx/proxy_host \
+    /data/nginx/redirection_host \
+    /data/nginx/stream \
+    /data/nginx/dead_host \
+    /data/nginx/temp \
+    /var/lib/nginx/cache/public \
+    /var/lib/nginx/cache/private \
+    /var/cache/nginx/proxy_temp
+
+  chmod -R 777 /var/cache/nginx
+  chown root /tmp/nginx
+
+  echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" {print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf);" >/etc/nginx/conf.d/include/resolvers.conf
+
+  if [ ! -f /data/nginx/dummycert.pem ] || [ ! -f /data/nginx/dummykey.pem ]; then
+    $STD openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -subj "/O=Nginx Proxy Manager/OU=Dummy Certificate/CN=localhost" -keyout /data/nginx/dummykey.pem -out /data/nginx/dummycert.pem
   fi
 
-  if check_for_gh_release "nginxproxymanager" "NginxProxyManager/nginx-proxy-manager"; then
-    msg_info "Stopping Services"
-    systemctl stop openresty
-    systemctl stop npm
-    msg_ok "Stopped Services"
+  mkdir -p /app/frontend/images
+  cp -r /opt/nginxproxymanager/backend/* /app
+  msg_ok "Set up Environment"
 
-    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "nginxproxymanager" "NginxProxyManager/nginx-proxy-manager" "tarball" "${CHECK_UPDATE_RELEASE}" "/opt/nginxproxymanager"
+  msg_info "Building Frontend"
+  export NODE_OPTIONS="--max_old_space_size=2048 --openssl-legacy-provider"
+  cd /opt/nginxproxymanager/frontend
+  # Replace node-sass with sass in package.json before installation
+  sed -E -i 's/"node-sass" *: *"([^"]*)"/"sass": "\1"/g' package.json
+  $STD yarn install --network-timeout 600000
+  $STD yarn locale-compile
+  $STD yarn build
+  cp -r /opt/nginxproxymanager/frontend/dist/* /app/frontend
+  cp -r /opt/nginxproxymanager/frontend/public/images/* /app/frontend/images
+  msg_ok "Built Frontend"
 
-    msg_info "Cleaning old files"
-    $STD rm -rf /app \
-      /var/www/html \
-      /etc/nginx \
-      /var/log/nginx \
-      /var/lib/nginx \
-      /var/cache/nginx
-    msg_ok "Cleaned old files"
-
-    local RELEASE="${CHECK_UPDATE_RELEASE#v}"
-    msg_info "Setting up Environment"
-    ln -sf /usr/bin/python3 /usr/bin/python
-    ln -sf /usr/local/openresty/nginx/sbin/nginx /usr/sbin/nginx
-    ln -sf /usr/local/openresty/nginx/ /etc/nginx
-    sed -i "0,/\"version\": \"[^\"]*\"/s|\"version\": \"[^\"]*\"|\"version\": \"$RELEASE\"|" /opt/nginxproxymanager/backend/package.json
-    sed -i "0,/\"version\": \"[^\"]*\"/s|\"version\": \"[^\"]*\"|\"version\": \"$RELEASE\"|" /opt/nginxproxymanager/frontend/package.json
-    sed -i 's+^daemon+#daemon+g' /opt/nginxproxymanager/docker/rootfs/etc/nginx/nginx.conf
-    NGINX_CONFS=$(find /opt/nginxproxymanager -type f -name "*.conf")
-    for NGINX_CONF in $NGINX_CONFS; do
-      sed -i 's+include conf.d+include /etc/nginx/conf.d+g' "$NGINX_CONF"
-    done
-
-    mkdir -p /var/www/html /etc/nginx/logs
-    cp -r /opt/nginxproxymanager/docker/rootfs/var/www/html/* /var/www/html/
-    cp -r /opt/nginxproxymanager/docker/rootfs/etc/nginx/* /etc/nginx/
-    cp /opt/nginxproxymanager/docker/rootfs/etc/letsencrypt.ini /etc/letsencrypt.ini
-    cp /opt/nginxproxymanager/docker/rootfs/etc/logrotate.d/nginx-proxy-manager /etc/logrotate.d/nginx-proxy-manager
-    ln -sf /etc/nginx/nginx.conf /etc/nginx/conf/nginx.conf
-    rm -f /etc/nginx/conf.d/dev.conf
-
-    mkdir -p /tmp/nginx/body \
-      /run/nginx \
-      /data/nginx \
-      /data/custom_ssl \
-      /data/logs \
-      /data/access \
-      /data/nginx/default_host \
-      /data/nginx/default_www \
-      /data/nginx/proxy_host \
-      /data/nginx/redirection_host \
-      /data/nginx/stream \
-      /data/nginx/dead_host \
-      /data/nginx/temp \
-      /var/lib/nginx/cache/public \
-      /var/lib/nginx/cache/private \
-      /var/cache/nginx/proxy_temp
-
-    chmod -R 777 /var/cache/nginx
-    chown root /tmp/nginx
-
-    echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" {print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf);" >/etc/nginx/conf.d/include/resolvers.conf
-
-    if [ ! -f /data/nginx/dummycert.pem ] || [ ! -f /data/nginx/dummykey.pem ]; then
-      $STD openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -subj "/O=Nginx Proxy Manager/OU=Dummy Certificate/CN=localhost" -keyout /data/nginx/dummykey.pem -out /data/nginx/dummycert.pem
-    fi
-
-    mkdir -p /app/frontend/images
-    cp -r /opt/nginxproxymanager/backend/* /app
-    msg_ok "Set up Environment"
-
-    msg_info "Building Frontend"
-    export NODE_OPTIONS="--max_old_space_size=2048 --openssl-legacy-provider"
-    cd /opt/nginxproxymanager/frontend
-    sed -E -i 's/"node-sass" *: *"([^"]*)"/"sass": "\1"/g' package.json
-    $STD yarn install --network-timeout 600000
-    $STD yarn locale-compile
-    $STD yarn build
-    cp -r /opt/nginxproxymanager/frontend/dist/* /app/frontend
-    cp -r /opt/nginxproxymanager/frontend/public/images/* /app/frontend/images
-    msg_ok "Built Frontend"
-
-    msg_info "Initializing Backend"
-    rm -rf /app/config/default.json
-    if [ ! -f /app/config/production.json ]; then
-      cat <<'EOF' >/app/config/production.json
+  msg_info "Initializing Backend"
+  rm -rf /app/config/default.json
+  if [ ! -f /app/config/production.json ]; then
+    cat <<'EOF' >/app/config/production.json
 {
   "database": {
     "engine": "knex-native",
@@ -205,21 +196,28 @@ EOF
   }
 }
 EOF
-    fi
-    sed -i 's/"client": "sqlite3"/"client": "better-sqlite3"/' /app/config/production.json
-    cd /app
-    $STD yarn install --network-timeout 600000
-    msg_ok "Initialized Backend"
-
-    msg_info "Starting Services"
-    sed -i 's/user npm/user root/g; s/^pid/#pid/g' /usr/local/openresty/nginx/conf/nginx.conf
-    sed -r -i 's/^([[:space:]]*)su npm npm/\1#su npm npm/g;' /etc/logrotate.d/nginx-proxy-manager
-    systemctl daemon-reload
-    systemctl enable -q --now openresty
-    systemctl enable -q --now npm
-    msg_ok "Started Services"
-    msg_ok "Updated successfully!"
   fi
+  sed -i 's/"client": "sqlite3"/"client": "better-sqlite3"/' /app/config/production.json
+  cd /app
+  $STD yarn install --network-timeout 600000
+  msg_ok "Initialized Backend"
+
+  msg_info "Updating Certbot"
+  if [ -d /opt/certbot ]; then
+    $STD /opt/certbot/bin/pip install --upgrade pip setuptools wheel
+    $STD /opt/certbot/bin/pip install --upgrade certbot certbot-dns-cloudflare
+  fi
+  msg_ok "Updated Certbot"
+
+  msg_info "Starting Services"
+  sed -i 's/user npm/user root/g; s/^pid/#pid/g' /usr/local/openresty/nginx/conf/nginx.conf
+  sed -r -i 's/^([[:space:]]*)su npm npm/\1#su npm npm/g;' /etc/logrotate.d/nginx-proxy-manager
+  systemctl daemon-reload
+  systemctl enable -q --now openresty
+  systemctl enable -q --now npm
+  msg_ok "Started Services"
+
+  msg_ok "Updated successfully!"
   exit
 }
 

ct/part-db.sh

@@ -27,27 +27,36 @@ function update_script() {
     msg_error "No ${APP} Installation Found!"
     exit
   fi
-
+  
+  RELEASE=$(get_latest_github_release "Part-DB/Part-DB-server")
   if check_for_gh_release "partdb" "Part-DB/Part-DB-server"; then
     msg_info "Stopping Service"
     systemctl stop apache2
     msg_ok "Stopped Service"
 
+    msg_info "Updating $APP to v${RELEASE}"
+    cd /opt
     mv /opt/partdb/ /opt/partdb-backup
-    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "partdb" "Part-DB/Part-DB-server" "prebuild" "latest" "/opt/partdb" "partdb_with_assets.zip"
+    curl -fsSL "https://github.com/Part-DB/Part-DB-server/archive/refs/tags/v${RELEASE}.zip" -o "/opt/v${RELEASE}.zip"
+    $STD unzip "v${RELEASE}.zip"
+    mv /opt/Part-DB-server-${RELEASE}/ /opt/partdb
 
-    msg_info "Updating Part-DB"
     cd /opt/partdb/
-    cp -r /opt/partdb-backup/.env.local /opt/partdb/
-    cp -r /opt/partdb-backup/public/media /opt/partdb/public/
-    cp -r /opt/partdb-backup/config/banner.md /opt/partdb/config/
+    cp -r "/opt/partdb-backup/.env.local" /opt/partdb/
+    cp -r "/opt/partdb-backup/public/media" /opt/partdb/public/
+    cp -r "/opt/partdb-backup/config/banner.md" /opt/partdb/config/
+
     export COMPOSER_ALLOW_SUPERUSER=1
     $STD composer install --no-dev -o --no-interaction
+    $STD yarn install
+    $STD yarn build
     $STD php bin/console cache:clear
     $STD php bin/console doctrine:migrations:migrate -n
     chown -R www-data:www-data /opt/partdb
+    rm -r "/opt/v${RELEASE}.zip"
     rm -r /opt/partdb-backup
-    msg_ok "Updated Part-DB"
+    echo "${RELEASE}" >~/.partdb
+    msg_ok "Updated $APP to v${RELEASE}"
 
     msg_info "Starting Service"
     systemctl start apache2

ct/tracearr.sh

@@ -8,7 +8,7 @@ source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxV
 APP="Tracearr"
 var_tags="${var_tags:-media}"
 var_cpu="${var_cpu:-2}"
-var_ram="${var_ram:-8192}"
+var_ram="${var_ram:-4096}"
 var_disk="${var_disk:-10}"
 var_os="${var_os:-debian}"
 var_version="${var_version:-13}"
@@ -102,7 +102,7 @@ EOF
 
   if check_for_gh_release "tracearr" "connorgallopo/Tracearr"; then
     msg_info "Stopping Services"
-    systemctl stop tracearr postgresql redis-server
+    systemctl stop tracearr postgresql redis
     msg_ok "Stopped Services"
 
     msg_info "Updating pnpm"
@@ -115,7 +115,6 @@ EOF
 
     msg_info "Building Tracearr"
     export TZ=$(cat /etc/timezone)
-    export NODE_OPTIONS="--max-old-space-size=4096"
     cd /opt/tracearr.build
     $STD pnpm install --frozen-lockfile --force
     $STD pnpm turbo telemetry disable
@@ -149,7 +148,7 @@ EOF
     msg_ok "Configured Tracearr"
 
     msg_info "Starting services"
-    systemctl start postgresql redis-server tracearr
+    systemctl start postgresql redis tracearr
     msg_ok "Started services"
     msg_ok "Updated successfully!"
   else

install/part-db-install.sh

@@ -13,19 +13,27 @@ setting_up_container
 network_check
 update_os
 
+NODE_VERSION="22" NODE_MODULE="yarn@latest" setup_nodejs
 PG_VERSION="16" setup_postgresql
 PG_DB_NAME="partdb" PG_DB_USER="partdb" setup_postgresql_db
 PHP_VERSION="8.4" PHP_APACHE="YES" PHP_MODULE="xsl" PHP_POST_MAX_SIZE="100M" PHP_UPLOAD_MAX_FILESIZE="100M" setup_php
 setup_composer
 
-fetch_and_deploy_gh_release "partdb" "Part-DB/Part-DB-server" "prebuild" "latest" "/opt/partdb" "partdb_with_assets.zip"
+msg_info "Installing Part-DB (Patience)"
+cd /opt
+RELEASE=$(get_latest_github_release "Part-DB/Part-DB-server")
+curl -fsSL "https://github.com/Part-DB/Part-DB-server/archive/refs/tags/v${RELEASE}.zip" -o "/opt/v${RELEASE}.zip"
+$STD unzip "v${RELEASE}.zip"
+mv /opt/Part-DB-server-${RELEASE}/ /opt/partdb
 
-msg_info "Installing Part-DB"
 cd /opt/partdb/
 cp .env .env.local
 sed -i "s|DATABASE_URL=\"sqlite:///%kernel.project_dir%/var/app.db\"|DATABASE_URL=\"postgresql://${PG_DB_USER}:${PG_DB_PASS}@127.0.0.1:5432/${PG_DB_NAME}?serverVersion=12.19&charset=utf8\"|" .env.local
+
 export COMPOSER_ALLOW_SUPERUSER=1
 $STD composer install --no-dev -o --no-interaction
+$STD yarn install
+$STD yarn build
 $STD php bin/console cache:clear
 php bin/console doctrine:migrations:migrate -n >~/database-migration-output
 chown -R www-data:www-data /opt/partdb
@@ -36,6 +44,8 @@ ADMIN_PASS=$(grep -oP 'The initial password for the "admin" user is: \K\w+' ~/da
   echo "Part-DB Admin Password: $ADMIN_PASS"
 } >>~/partdb.creds
 rm -rf ~/database-migration-output
+rm -rf "/opt/v${RELEASE}.zip"
+echo "${RELEASE}" >~/.partdb
 msg_ok "Installed Part-DB"
 
 msg_info "Creating Service"

install/tracearr-install.sh

@@ -62,7 +62,6 @@ fetch_and_deploy_gh_release "tracearr" "connorgallopo/Tracearr" "tarball" "lates
 
 msg_info "Building Tracearr"
 export TZ=$(cat /etc/timezone)
-export NODE_OPTIONS="--max-old-space-size=4096"
 cd /opt/tracearr.build
 $STD pnpm install --frozen-lockfile --force
 $STD pnpm turbo telemetry disable

misc/alpine-install.func

@@ -67,22 +67,22 @@ EOF
 # This function sets up the Container OS by generating the locale, setting the timezone, and checking the network connection
 setting_up_container() {
   msg_info "Setting up Container OS"
+  local _ip=""
   while [ $i -gt 0 ]; do
-    if [ "$(ip addr show | grep 'inet ' | grep -v '127.0.0.1' | awk '{print $2}' | cut -d'/' -f1)" != "" ]; then
-      break
-    fi
+    _ip=$(ip -4 addr show 2>/dev/null | awk '/inet [0-9]/ && !/127\.0\.0\.1/ {sub(/\/.*/, "", $2); print $2; exit}')
+    [[ -n "$_ip" ]] && break
     echo 1>&2 -en "${CROSS}${RD} No Network! "
     sleep $RETRY_EVERY
     i=$((i - 1))
   done
 
-  if [ "$(ip addr show | grep 'inet ' | grep -v '127.0.0.1' | awk '{print $2}' | cut -d'/' -f1)" = "" ]; then
+  if [[ -z "$_ip" ]]; then
     echo 1>&2 -e "\n${CROSS}${RD} No Network After $RETRY_NUM Tries${CL}"
     echo -e "${NETWORK}Check Network Settings"
     exit 121
   fi
   msg_ok "Set up Container OS"
-  msg_ok "Network Connected: ${BL}$(ip addr show | grep 'inet ' | awk '{print $2}' | cut -d'/' -f1 | tail -n1)${CL}"
+  msg_ok "Network Connected: ${BL}${_ip}${CL}"
   post_progress_to_api
 }
 
@@ -90,18 +90,11 @@ setting_up_container() {
 network_check() {
   set +e
   trap - ERR
-  ipv4_connected=false
-
-  # Check IPv4 connectivity to Cloudflare, Google & Quad9 DNS servers
   if ping -c 1 -W 1 1.1.1.1 &>/dev/null || ping -c 1 -W 1 8.8.8.8 &>/dev/null || ping -c 1 -W 1 9.9.9.9 &>/dev/null; then
-    msg_ok "IPv4 Internet Connected"
-    ipv4_connected=true
+    ipv4_status="${GN}✔${CL} IPv4"
   else
-    msg_error "IPv4 Internet Not Connected"
-  fi
-
-  if [[ $ipv4_connected == false ]]; then
-    read -r -p "No Internet detected, would you like to continue anyway? <y/N> " prompt
+    ipv4_status="${RD}✖${CL} IPv4"
+    read -r -p "Internet NOT connected. Continue anyway? <y/N> " prompt
     if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then
       echo -e "${INFO}${RD}Expect Issues Without Internet${CL}"
     else
@@ -109,28 +102,12 @@ network_check() {
       exit 122
     fi
   fi
-
-  # DNS resolution checks for GitHub-related domains
-  GIT_HOSTS=("github.com" "raw.githubusercontent.com" "api.github.com" "git.community-scripts.org")
-  GIT_STATUS="Git DNS:"
-  DNS_FAILED=false
-
-  for HOST in "${GIT_HOSTS[@]}"; do
-    RESOLVEDIP=$(getent hosts "$HOST" | awk '{ print $1 }' | grep -E '(^([0-9]{1,3}\.){3}[0-9]{1,3}$)|(^[a-fA-F0-9:]+$)' | head -n1)
-    if [[ -z "$RESOLVEDIP" ]]; then
-      GIT_STATUS+="$HOST:($DNSFAIL)"
-      DNS_FAILED=true
-    else
-      GIT_STATUS+=" $HOST:($DNSOK)"
-    fi
-  done
-
-  if [[ "$DNS_FAILED" == true ]]; then
-    fatal "$GIT_STATUS"
+  RESOLVEDIP=$(getent hosts github.com | awk '{ print $1 }')
+  if [[ -z "$RESOLVEDIP" ]]; then
+    msg_error "Internet: ${ipv4_status}  DNS Failed"
   else
-    msg_ok "$GIT_STATUS"
+    msg_ok "Internet: ${ipv4_status}  DNS: ${BL}${RESOLVEDIP}${CL}"
   fi
-
   set -e
   trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
 }

misc/alpine-tools.func

@@ -53,7 +53,7 @@ download_with_progress() {
   # $1 url, $2 dest
   local url="$1" out="$2" cl
   need_tool curl pv || return 1
-  cl=$(curl -fsSLI "$url" 2>/dev/null | awk 'tolower($0) ~ /^content-length:/ {print $2}' | tr -d '\r')
+  cl=$(curl -fsSLI "$url" 2>/dev/null | awk 'tolower($0) ~ /^content-length:/ {gsub(/\r/,""); print $2}')
   if [ -n "$cl" ]; then
     curl -fsSL "$url" | pv -s "$cl" >"$out" || {
       msg_error "Download failed: $url"

misc/api.func

@@ -348,10 +348,10 @@ explain_exit_code() {
 json_escape() {
   # Escape a string for safe JSON embedding using awk (handles any input size).
   # Pipeline: strip ANSI → remove control chars → escape \ " TAB → join lines with \n
-  printf '%s' "$1" \
-    | sed 's/\x1b\[[0-9;]*[a-zA-Z]//g' \
-    | tr -d '\000-\010\013\014\016-\037\177\r' \
-    | awk '
+  printf '%s' "$1" |
+    sed 's/\x1b\[[0-9;]*[a-zA-Z]//g' |
+    tr -d '\000-\010\013\014\016-\037\177\r' |
+    awk '
         BEGIN { ORS = "" }
         {
           gsub(/\\/, "\\\\")   # backslash → \\
@@ -401,7 +401,7 @@ get_error_text() {
   fi
 
   if [[ -n "$logfile" && -s "$logfile" ]]; then
-    tail -n 20 "$logfile" 2>/dev/null | sed 's/\r$//' | sed 's/\x1b\[[0-9;]*[a-zA-Z]//g'
+    tail -n 20 "$logfile" 2>/dev/null | sed -E 's/\r$//; s/\x1b\[[0-9;]*[a-zA-Z]//g'
   fi
 }
 
@@ -508,7 +508,8 @@ detect_gpu() {
 
   if [[ -n "$gpu_line" ]]; then
     # Extract model: everything after the colon, clean up
-    GPU_MODEL=$(echo "$gpu_line" | sed 's/.*: //' | sed 's/ (rev .*)$//' | cut -c1-64)
+    GPU_MODEL=$(echo "$gpu_line" | sed -E 's/.*: //; s/ \(rev .*\)$//')
+    GPU_MODEL="${GPU_MODEL:0:64}"
 
     # Detect vendor and passthrough type
     if echo "$gpu_line" | grep -qi "Intel"; then
@@ -557,7 +558,8 @@ detect_cpu() {
     esac
 
     # Extract model name and clean it up
-    CPU_MODEL=$(grep -m1 "model name" /proc/cpuinfo 2>/dev/null | cut -d: -f2 | sed 's/^ *//' | sed 's/(R)//g' | sed 's/(TM)//g' | sed 's/  */ /g' | cut -c1-64)
+    CPU_MODEL=$(grep -m1 "model name" /proc/cpuinfo 2>/dev/null | cut -d: -f2 | sed -E 's/^ *//; s/\(R\)//g; s/\(TM\)//g; s/  +/ /g')
+    CPU_MODEL="${CPU_MODEL:0:64}"
   fi
 
   export CPU_VENDOR CPU_MODEL
@@ -627,8 +629,8 @@ post_to_api() {
 
   [[ "${DEV_MODE:-}" == "true" ]] && echo "[DEBUG] post_to_api() DIAGNOSTICS=$DIAGNOSTICS RANDOM_UUID=$RANDOM_UUID NSAPP=$NSAPP" >&2
 
-  # Set type for later status updates (respect pre-set value, e.g. "turnkey")
-  TELEMETRY_TYPE="${TELEMETRY_TYPE:-lxc}"
+  # Set type for later status updates
+  TELEMETRY_TYPE="lxc"
 
   local pve_version=""
   if command -v pveversion &>/dev/null; then
@@ -664,7 +666,7 @@ post_to_api() {
 {
     "random_id": "${RANDOM_UUID}",
     "execution_id": "${EXECUTION_ID:-${RANDOM_UUID}}",
-    "type": "${TELEMETRY_TYPE}",
+    "type": "lxc",
     "nsapp": "${NSAPP:-unknown}",
     "status": "installing",
     "ct_type": ${CT_TYPE:-1},
@@ -1325,11 +1327,16 @@ post_addon_to_api() {
     error_category=$(categorize_error "$exit_code")
   fi
 
-  # Detect OS info
+  # Detect OS info (single read)
   local os_type="" os_version=""
   if [[ -f /etc/os-release ]]; then
-    os_type=$(grep "^ID=" /etc/os-release | cut -d= -f2 | tr -d '"')
-    os_version=$(grep "^VERSION_ID=" /etc/os-release | cut -d= -f2 | tr -d '"')
+    while IFS='=' read -r _k _v; do
+      _v="${_v//\"/}"
+      case "$_k" in
+      ID) os_type="$_v" ;;
+      VERSION_ID) os_version="$_v" ;;
+      esac
+    done </etc/os-release
   fi
 
   local JSON_PAYLOAD

misc/core.func

@@ -1644,7 +1644,7 @@ function get_lxc_ip() {
       local ip
 
       # Try direct interface lookup for eth0 FIRST (most reliable for LXC) - IPv4
-      ip=$(ip -4 addr show eth0 2>/dev/null | awk '/inet / {print $2}' | cut -d/ -f1 | head -n1)
+      ip=$(ip -4 addr show eth0 2>/dev/null | awk '/inet / {sub(/\/.*/, "", $2); print $2; exit}')
       if [[ -n "$ip" && "$ip" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
         echo "$ip"
         return 0
@@ -1652,11 +1652,14 @@ function get_lxc_ip() {
 
       # Fallback: Try hostname -I (returns IPv4 first if available)
       if command -v hostname >/dev/null 2>&1; then
-        ip=$(hostname -I 2>/dev/null | awk '{print $1}')
-        if [[ -n "$ip" && "$ip" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
-          echo "$ip"
-          return 0
-        fi
+        local -a _ips
+        read -ra _ips <<<"$(hostname -I 2>/dev/null)"
+        for ip in "${_ips[@]}"; do
+          if [[ "$ip" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+            echo "$ip"
+            return 0
+          fi
+        done
       fi
 
       # Try routing table with IPv4 targets
@@ -1674,7 +1677,7 @@ function get_lxc_ip() {
       done
 
       # IPv6 fallback: Try direct interface lookup for eth0
-      ip=$(ip -6 addr show eth0 scope global 2>/dev/null | awk '/inet6 / {print $2}' | cut -d/ -f1 | head -n1)
+      ip=$(ip -6 addr show eth0 scope global 2>/dev/null | awk '/inet6 / {sub(/\/.*/, "", $2); print $2; exit}')
       if [[ -n "$ip" && "$ip" =~ : ]]; then
         echo "$ip"
         return 0
@@ -1682,11 +1685,14 @@ function get_lxc_ip() {
 
       # IPv6 fallback: Try hostname -I for IPv6
       if command -v hostname >/dev/null 2>&1; then
-        ip=$(hostname -I 2>/dev/null | tr ' ' '\n' | grep -E ':' | head -n1)
-        if [[ -n "$ip" && "$ip" =~ : ]]; then
-          echo "$ip"
-          return 0
-        fi
+        local -a _ips6
+        read -ra _ips6 <<<"$(hostname -I 2>/dev/null)"
+        for ip in "${_ips6[@]}"; do
+          [[ "$ip" == *:* ]] && {
+            echo "$ip"
+            return 0
+          }
+        done
       fi
 
       # IPv6 fallback: Use routing table with IPv6 targets

misc/install.func

@@ -116,14 +116,14 @@ setting_up_container() {
     (chown root:root / 2>/dev/null) || true
   fi
 
+  local _host_ip=""
   for ((i = RETRY_NUM; i > 0; i--)); do
-    if [ "$(hostname -I)" != "" ]; then
-      break
-    fi
+    _host_ip=$(hostname -I 2>/dev/null | awk '{print $1}')
+    [[ -n "$_host_ip" ]] && break
     echo 1>&2 -en "${CROSS}${RD} No Network! "
     sleep $RETRY_EVERY
   done
-  if [ "$(hostname -I)" = "" ]; then
+  if [[ -z "$_host_ip" ]]; then
     echo 1>&2 -e "\n${CROSS}${RD} No Network After $RETRY_NUM Tries${CL}"
     echo -e "${NETWORK}Check Network Settings"
     exit 121
@@ -131,8 +131,7 @@ setting_up_container() {
   rm -rf /usr/lib/python3.*/EXTERNALLY-MANAGED
   systemctl disable -q --now systemd-networkd-wait-online.service
   msg_ok "Set up Container OS"
-  #msg_custom "${CM}" "${GN}" "Network Connected: ${BL}$(hostname -I)"
-  msg_ok "Network Connected: ${BL}$(hostname -I)"
+  msg_ok "Network Connected: ${BL}${_host_ip}"
   post_progress_to_api
 }
 

misc/tools.func

@@ -700,7 +700,7 @@ manage_tool_repository() {
   local gpg_key_url="${4:-}"
   local distro_id repo_component suite
 
-  distro_id=$(awk -F= '/^ID=/{print $2}' /etc/os-release | tr -d '"')
+  distro_id=$(get_os_info id)
 
   case "$tool_name" in
   mariadb)
@@ -714,7 +714,7 @@ manage_tool_repository() {
 
     # Get suite for fallback handling
     local distro_codename
-    distro_codename=$(awk -F= '/^VERSION_CODENAME=/{print $2}' /etc/os-release)
+    distro_codename=$(get_os_info codename)
     suite=$(get_fallback_suite "$distro_id" "$distro_codename" "$repo_url/$distro_id")
 
     # Setup new repository using deb822 format
@@ -745,7 +745,7 @@ manage_tool_repository() {
 
     # Setup repository
     local distro_codename
-    distro_codename=$(awk -F= '/^VERSION_CODENAME=/{print $2}' /etc/os-release)
+    distro_codename=$(get_os_info codename)
 
     # Suite mapping with fallback for newer releases not yet supported by upstream
     if [[ "$distro_id" == "debian" ]]; then
@@ -816,7 +816,7 @@ EOF
 
     # NodeSource uses deb822 format with GPG from repo
     local distro_codename
-    distro_codename=$(awk -F= '/^VERSION_CODENAME=/{print $2}' /etc/os-release)
+    distro_codename=$(get_os_info codename)
 
     # Download GPG key from NodeSource with retry logic
     if ! download_gpg_key "$gpg_key_url" "/etc/apt/keyrings/nodesource.gpg" "dearmor"; then
@@ -858,7 +858,7 @@ EOF
 
     # Setup repository
     local distro_codename
-    distro_codename=$(awk -F= '/^VERSION_CODENAME=/{print $2}' /etc/os-release)
+    distro_codename=$(get_os_info codename)
     cat <<EOF >/etc/apt/sources.list.d/php.sources
 Types: deb
 URIs: https://packages.sury.org/php
@@ -886,7 +886,7 @@ EOF
 
     # Setup repository
     local distro_codename
-    distro_codename=$(awk -F= '/^VERSION_CODENAME=/{print $2}' /etc/os-release)
+    distro_codename=$(get_os_info codename)
     cat <<EOF >/etc/apt/sources.list.d/postgresql.sources
 Types: deb
 URIs: http://apt.postgresql.org/pub/repos/apt
@@ -1323,10 +1323,16 @@ get_os_info() {
 
   # Cache OS info to avoid repeated file reads
   if [[ -z "${_OS_ID:-}" ]]; then
-    export _OS_ID=$(awk -F= '/^ID=/{gsub(/"/,"",$2); print $2}' /etc/os-release)
-    export _OS_CODENAME=$(awk -F= '/^VERSION_CODENAME=/{gsub(/"/,"",$2); print $2}' /etc/os-release)
-    export _OS_VERSION=$(awk -F= '/^VERSION_ID=/{gsub(/"/,"",$2); print $2}' /etc/os-release)
-    export _OS_VERSION_FULL=$(awk -F= '/^VERSION=/{gsub(/"/,"",$2); print $2}' /etc/os-release)
+    local _line
+    while IFS='=' read -r _key _val; do
+      _val="${_val//\"/}"
+      case "$_key" in
+      ID) export _OS_ID="$_val" ;;
+      VERSION_CODENAME) export _OS_CODENAME="$_val" ;;
+      VERSION_ID) export _OS_VERSION="$_val" ;;
+      VERSION) export _OS_VERSION_FULL="$_val" ;;
+      esac
+    done </etc/os-release
   fi
 
   case "$field" in
@@ -2144,8 +2150,8 @@ fetch_and_deploy_gh_tag() {
   local repo="$2"
   local version="${3:-latest}"
   local target="${4:-/opt/$app}"
-  local app_lc=""
-  app_lc="$(echo "${app,,}" | tr -d ' ')"
+  local app_lc="${app,,}"
+  app_lc="${app_lc// /}"
   local version_file="$HOME/.${app_lc}"
 
   if [[ "$version" == "latest" ]]; then
@@ -2221,8 +2227,8 @@ check_for_gh_tag() {
   local app="$1"
   local repo="$2"
   local prefix="${3:-}"
-  local app_lc=""
-  app_lc="$(echo "${app,,}" | tr -d ' ')"
+  local app_lc="${app,,}"
+  app_lc="${app_lc// /}"
   local current_file="$HOME/.${app_lc}"
 
   msg_info "Checking for update: ${app}"
@@ -2272,8 +2278,8 @@ check_for_gh_release() {
   local source="$2"
   local pinned_version_in="${3:-}" # optional
   local pin_reason="${4:-}"        # optional reason shown to user
-  local app_lc=""
-  app_lc="$(echo "${app,,}" | tr -d ' ')"
+  local app_lc="${app,,}"
+  app_lc="${app_lc// /}"
   local current_file="$HOME/.${app_lc}"
 
   msg_info "Checking for update: ${app}"
@@ -2600,7 +2606,8 @@ create_self_signed_cert() {
   local APP_NAME="${1:-${APPLICATION}}"
   local HOSTNAME="$(hostname -f)"
   local IP="$(hostname -I | awk '{print $1}')"
-  local APP_NAME_LC=$(echo "${APP_NAME,,}" | tr -d ' ')
+  local APP_NAME_LC="${APP_NAME,,}"
+  APP_NAME_LC="${APP_NAME_LC// /}"
   local CERT_DIR="/etc/ssl/${APP_NAME_LC}"
   local CERT_KEY="${CERT_DIR}/${APP_NAME_LC}.key"
   local CERT_CRT="${CERT_DIR}/${APP_NAME_LC}.crt"
@@ -2647,7 +2654,7 @@ function download_with_progress() {
 
   # Content-Length aus HTTP-Header holen
   local content_length
-  content_length=$(curl -fsSLI "$url" | awk '/Content-Length/ {print $2}' | tr -d '\r' || true)
+  content_length=$(curl -fsSLI "$url" | awk '/Content-Length/ {gsub(/\r/,""); print $2}' || true)
 
   if [[ -z "$content_length" ]]; then
     if ! curl -fL# -o "$output" "$url"; then
@@ -2766,7 +2773,8 @@ function fetch_and_deploy_codeberg_release() {
   local target="${5:-/opt/$app}"
   local asset_pattern="${6:-}"
 
-  local app_lc=$(echo "${app,,}" | tr -d ' ')
+  local app_lc="${app,,}"
+  app_lc="${app_lc// /}"
   local version_file="$HOME/.${app_lc}"
 
   local api_timeouts=(60 120 240)
@@ -3318,7 +3326,8 @@ function fetch_and_deploy_gh_release() {
     fi
   fi
 
-  local app_lc=$(echo "${app,,}" | tr -d ' ')
+  local app_lc="${app,,}"
+  app_lc="${app_lc// /}"
   local version_file="$HOME/.${app_lc}"
 
   local api_timeouts=(60 120 240)
@@ -4409,7 +4418,7 @@ function setup_hwaccel() {
       # Parse comma-separated numbers
       IFS=',' read -ra nums <<<"$selection"
       for num in "${nums[@]}"; do
-        num=$(echo "$num" | tr -d ' ')
+        num="${num// /}"
         if [[ "$num" =~ ^[0-9]+$ ]] && ((num >= 1 && num <= gpu_count)); then
           SELECTED_INDICES+=("$((num - 1))")
         fi
@@ -4451,9 +4460,9 @@ function setup_hwaccel() {
   # OS Detection
   # ═══════════════════════════════════════════════════════════════════════════
   local os_id os_codename os_version
-  os_id=$(grep -oP '(?<=^ID=).+' /etc/os-release 2>/dev/null | tr -d '"' || echo "debian")
-  os_codename=$(grep -oP '(?<=^VERSION_CODENAME=).+' /etc/os-release 2>/dev/null | tr -d '"' || echo "unknown")
-  os_version=$(grep -oP '(?<=^VERSION_ID=).+' /etc/os-release 2>/dev/null | tr -d '"' || echo "")
+  os_id=$(get_os_info id)
+  os_codename=$(get_os_info codename)
+  os_version=$(get_os_info version)
   [[ -z "$os_id" ]] && os_id="debian"
 
   local in_ct="${CTTYPE:-0}"
@@ -5339,8 +5348,8 @@ function setup_imagemagick() {
 function setup_java() {
   local JAVA_VERSION="${JAVA_VERSION:-21}"
   local DISTRO_ID DISTRO_CODENAME
-  DISTRO_ID=$(awk -F= '/^ID=/{print $2}' /etc/os-release | tr -d '"')
-  DISTRO_CODENAME=$(awk -F= '/VERSION_CODENAME/ { print $2 }' /etc/os-release)
+  DISTRO_ID=$(get_os_info id)
+  DISTRO_CODENAME=$(get_os_info codename)
   local DESIRED_PACKAGE="temurin-${JAVA_VERSION}-jdk"
 
   # Prepare repository (cleanup + validation)
@@ -5595,7 +5604,7 @@ EOF
     if [[ -n "$CURRENT_VERSION" ]]; then
       # Get available distro version
       local DISTRO_VERSION=""
-      DISTRO_VERSION=$(apt-cache policy mariadb-server 2>/dev/null | grep -E "Candidate:" | awk '{print $2}' | grep -oP '^\d+:\K\d+\.\d+\.\d+' || echo "")
+      DISTRO_VERSION=$(apt-cache policy mariadb-server 2>/dev/null | awk '/Candidate:/ {sub(/^[0-9]+:/, "", $2); print $2}' || echo "")
 
       if [[ -n "$DISTRO_VERSION" ]]; then
         # Compare versions - if current is higher, keep it
@@ -5996,8 +6005,8 @@ function setup_mysql() {
   local MYSQL_VERSION="${MYSQL_VERSION:-8.0}"
   local USE_MYSQL_REPO="${USE_MYSQL_REPO:-true}"
   local DISTRO_ID DISTRO_CODENAME
-  DISTRO_ID=$(awk -F= '/^ID=/{print $2}' /etc/os-release | tr -d '"')
-  DISTRO_CODENAME=$(awk -F= '/^VERSION_CODENAME=/{print $2}' /etc/os-release)
+  DISTRO_ID=$(get_os_info id)
+  DISTRO_CODENAME=$(get_os_info codename)
 
   # Ensure non-interactive mode for all apt operations
   export DEBIAN_FRONTEND=noninteractive
@@ -6343,7 +6352,7 @@ function setup_nodejs() {
 
       # Check if the module is already installed
       if $STD npm list -g --depth=0 "$MODULE_NAME" 2>&1 | grep -q "$MODULE_NAME@"; then
-        MODULE_INSTALLED_VERSION="$(npm list -g --depth=0 "$MODULE_NAME" 2>&1 | grep "$MODULE_NAME@" | awk -F@ '{print $2}' 2>/dev/null | tr -d '[:space:]' || echo '')"
+        MODULE_INSTALLED_VERSION="$(npm list -g --depth=0 "$MODULE_NAME" 2>&1 | awk -F@ -v mod="$MODULE_NAME" '$0 ~ mod"@" {gsub(/[[:space:]]/, "", $2); print $2}' || echo '')"
         if [[ "$MODULE_REQ_VERSION" != "latest" && "$MODULE_REQ_VERSION" != "$MODULE_INSTALLED_VERSION" ]]; then
           msg_info "Updating $MODULE_NAME from v$MODULE_INSTALLED_VERSION to v$MODULE_REQ_VERSION"
           if ! $STD npm install -g "${MODULE_NAME}@${MODULE_REQ_VERSION}" 2>/dev/null; then
@@ -6414,8 +6423,8 @@ function setup_php() {
   local PHP_APACHE="${PHP_APACHE:-NO}"
   local PHP_FPM="${PHP_FPM:-NO}"
   local DISTRO_ID DISTRO_CODENAME
-  DISTRO_ID=$(awk -F= '/^ID=/{print $2}' /etc/os-release | tr -d '"')
-  DISTRO_CODENAME=$(awk -F= '/^VERSION_CODENAME=/{print $2}' /etc/os-release)
+  DISTRO_ID=$(get_os_info id)
+  DISTRO_CODENAME=$(get_os_info codename)
 
   # Parse version for compatibility checks
   local PHP_MAJOR="${PHP_VERSION%%.*}"
@@ -6462,7 +6471,7 @@ function setup_php() {
   local FILTERED_MODULES=""
   IFS=',' read -ra ALL_MODULES <<<"$COMBINED_MODULES"
   for mod in "${ALL_MODULES[@]}"; do
-    mod=$(echo "$mod" | tr -d '[:space:]')
+    mod="${mod//[[:space:]]/}"
     [[ -z "$mod" ]] && continue
 
     # Skip if it's a known built-in module
@@ -6479,7 +6488,7 @@ function setup_php() {
   done
 
   # Deduplicate
-  COMBINED_MODULES=$(echo "$FILTERED_MODULES" | tr ',' '\n' | awk '!seen[$0]++' | paste -sd, -)
+  COMBINED_MODULES=$(awk -v RS=',' '!seen[$0]++{printf "%s%s", sep, $0; sep=","}' <<<"$FILTERED_MODULES")
 
   # Get current PHP-CLI version
   local CURRENT_PHP=""
@@ -6548,7 +6557,7 @@ EOF
 
   IFS=',' read -ra MODULES <<<"$COMBINED_MODULES"
   for mod in "${MODULES[@]}"; do
-    mod=$(echo "$mod" | tr -d '[:space:]')
+    mod="${mod//[[:space:]]/}"
     [[ -z "$mod" ]] && continue
 
     local pkg_name="php${PHP_VERSION}-${mod}"
@@ -6727,8 +6736,8 @@ setup_postgresql() {
   local PG_MODULES="${PG_MODULES:-}"
   local USE_PGDG_REPO="${USE_PGDG_REPO:-true}"
   local DISTRO_ID DISTRO_CODENAME
-  DISTRO_ID=$(awk -F= '/^ID=/{print $2}' /etc/os-release | tr -d '"')
-  DISTRO_CODENAME=$(awk -F= '/^VERSION_CODENAME=/{print $2}' /etc/os-release)
+  DISTRO_ID=$(get_os_info id)
+  DISTRO_CODENAME=$(get_os_info codename)
 
   # Ensure non-interactive mode for all apt operations
   export DEBIAN_FRONTEND=noninteractive
@@ -7571,8 +7580,8 @@ EOF
 function setup_clickhouse() {
   local CLICKHOUSE_VERSION="${CLICKHOUSE_VERSION:-latest}"
   local DISTRO_ID DISTRO_CODENAME
-  DISTRO_ID=$(awk -F= '/^ID=/{print $2}' /etc/os-release | tr -d '"')
-  DISTRO_CODENAME=$(awk -F= '/^VERSION_CODENAME=/{print $2}' /etc/os-release)
+  DISTRO_ID=$(get_os_info id)
+  DISTRO_CODENAME=$(get_os_info codename)
 
   # Ensure non-interactive mode for all apt operations
   export DEBIAN_FRONTEND=noninteractive
@@ -7786,7 +7795,7 @@ function setup_rust() {
 
       # Check if already installed
       if echo "$CRATE_LIST" | grep -q "^${NAME} "; then
-        INSTALLED_VER=$(echo "$CRATE_LIST" | grep "^${NAME} " | head -1 | awk '{print $2}' 2>/dev/null | tr -d 'v:' || echo '')
+        INSTALLED_VER=$(echo "$CRATE_LIST" | grep "^${NAME} " | head -1 | awk '{gsub(/[v:]/, "", $2); print $2}' || echo '')
 
         if [[ -n "$VER" && "$VER" != "$INSTALLED_VER" ]]; then
           msg_info "Upgrading $NAME from v$INSTALLED_VER to v$VER"

turnkey/turnkey.sh

@@ -1,23 +1,10 @@
 #!/usr/bin/env bash
-# Copyright (c) 2021-2026 community-scripts ORG
+# Copyright (c) 2021-2026 tteck
 # Author: tteck (tteckster)
-# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# License: MIT
+# https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
 
-# Source shared libraries
-source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/api.func)
-source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/core.func)
-source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/error_handler.func)
-load_functions
-catch_errors
-
-APP="TurnKey LXC"
-NSAPP="turnkey"
-DIAGNOSTICS="no"
-METHOD="default"
-RANDOM_UUID="$(cat /proc/sys/kernel/random/uuid)"
-EXECUTION_ID="${RANDOM_UUID}"
-
-header_info() {
+function header_info {
   clear
   cat <<"EOF"
  ______              __ __           __   _  _______
@@ -28,343 +15,281 @@ header_info() {
 EOF
 }
 
-# Validate if a container ID is available (cluster-aware)
-validate_container_id() {
+set -euo pipefail
+shopt -s expand_aliases
+alias die='EXIT=$? LINE=$LINENO error_exit'
+trap die ERR
+function error_exit() {
+  trap - ERR
+  local DEFAULT='Unknown failure occured.'
+  local REASON="\e[97m${1:-$DEFAULT}\e[39m"
+  local FLAG="\e[91m[ERROR] \e[93m$EXIT@$LINE"
+  msg "$FLAG $REASON" 1>&2
+  [ ! -z ${CTID-} ] && cleanup_ctid
+  exit $EXIT
+}
+function warn() {
+  local REASON="\e[97m$1\e[39m"
+  local FLAG="\e[93m[WARNING]\e[39m"
+  msg "$FLAG $REASON"
+}
+function info() {
+  local REASON="$1"
+  local FLAG="\e[36m[INFO]\e[39m"
+  msg "$FLAG $REASON"
+}
+function msg() {
+  local TEXT="$1"
+  echo -e "$TEXT"
+}
+function validate_container_id() {
   local ctid="$1"
-  [[ "$ctid" =~ ^[0-9]+$ ]] || return 1
-
-  # Cluster-wide check via pvesh
-  if command -v pvesh &>/dev/null; then
-    local cluster_ids
-    cluster_ids=$(pvesh get /cluster/resources --type vm --output-format json 2>/dev/null |
-      grep -oP '"vmid":\s*\K[0-9]+' 2>/dev/null || true)
-    if [[ -n "$cluster_ids" ]] && echo "$cluster_ids" | grep -qw "$ctid"; then
-      return 1
-    fi
+  # Check if ID is numeric
+  if ! [[ "$ctid" =~ ^[0-9]+$ ]]; then
+    return 1
   fi
-
-  # Local fallback
+  # Check if config file exists for VM or LXC
   if [[ -f "/etc/pve/qemu-server/${ctid}.conf" ]] || [[ -f "/etc/pve/lxc/${ctid}.conf" ]]; then
     return 1
   fi
-
-  # Check all cluster nodes
-  if [[ -d "/etc/pve/nodes" ]]; then
-    for node_dir in /etc/pve/nodes/*/; do
-      if [[ -f "${node_dir}qemu-server/${ctid}.conf" ]] || [[ -f "${node_dir}lxc/${ctid}.conf" ]]; then
-        return 1
-      fi
-    done
-  fi
-
-  # Check LVM volumes
+  # Check if ID is used in LVM logical volumes
   if lvs --noheadings -o lv_name 2>/dev/null | grep -qE "(^|[-_])${ctid}($|[-_])"; then
     return 1
   fi
   return 0
 }
-
-get_valid_container_id() {
-  local suggested_id="${1:-$(pvesh get /cluster/nextid 2>/dev/null || echo 100)}"
+function get_valid_container_id() {
+  local suggested_id="${1:-$(pvesh get /cluster/nextid)}"
   while ! validate_container_id "$suggested_id"; do
     suggested_id=$((suggested_id + 1))
   done
   echo "$suggested_id"
 }
-
-cleanup_ctid() {
-  if pct status "$CTID" &>/dev/null; then
-    if [[ "$(pct status "$CTID" | awk '{print $2}')" == "running" ]]; then
-      pct stop "$CTID"
+function cleanup_ctid() {
+  if pct status $CTID &>/dev/null; then
+    if [ "$(pct status $CTID | awk '{print $2}')" == "running" ]; then
+      pct stop $CTID
     fi
-    pct destroy "$CTID"
+    pct destroy $CTID
   fi
 }
 
-select_storage() {
-  local class="$1" content content_label
-  case "$class" in
-  container)
-    content='rootdir'
-    content_label='Container'
-    ;;
-  template)
-    content='vztmpl'
-    content_label='Container template'
-    ;;
-  *)
-    msg_error "Invalid storage class '$class'"
-    return 1
-    ;;
-  esac
-
-  local -a MENU=()
-  local MSG_MAX_LENGTH=0
-
-  while read -r line; do
-    local TAG TYPE FREE ITEM OFFSET=2
-    TAG=$(echo "$line" | awk '{print $1}')
-    TYPE=$(echo "$line" | awk '{printf "%-10s", $2}')
-    FREE=$(echo "$line" | numfmt --field 4-6 --from-unit=K --to=iec --format %.2f | awk '{printf( "%9sB", $6)}')
-    ITEM="  Type: $TYPE Free: $FREE "
-    ((${#ITEM} + OFFSET > MSG_MAX_LENGTH)) && MSG_MAX_LENGTH=$((${#ITEM} + OFFSET))
-    MENU+=("$TAG" "$ITEM" "OFF")
-  done < <(pvesm status -content "$content" | awk 'NR>1')
-
-  if [[ $((${#MENU[@]} / 3)) -eq 0 ]]; then
-    msg_error "'$content_label' needs to be selected for at least one storage location."
-    return 1
-  elif [[ $((${#MENU[@]} / 3)) -eq 1 ]]; then
-    printf '%s' "${MENU[0]}"
-  else
-    local STORAGE
-    while [[ -z "${STORAGE:+x}" ]]; do
-      STORAGE=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "Storage Pools" --radiolist \
-        "Which storage pool for the ${content_label,,}?\n\n" \
-        16 $((MSG_MAX_LENGTH + 23)) 6 \
-        "${MENU[@]}" 3>&1 1>&2 2>&3) || exit_script
-    done
-    printf '%s' "$STORAGE"
-  fi
-}
-
-# ==============================================================================
-# MAIN
-# ==============================================================================
-
-# Cleanup on error: destroy container, report telemetry, and restart monitor
-turnkey_cleanup() {
-  local exit_code=$?
-  if [[ $exit_code -ne 0 ]]; then
-    # Report failure to telemetry
-    if [[ "${POST_TO_API_DONE:-}" == "true" && "${POST_UPDATE_DONE:-}" != "true" ]]; then
-      post_update_to_api "failed" "$exit_code" 2>/dev/null || true
-    fi
-    # Destroy failed container
-    if [[ -n "${CTID:-}" ]]; then
-      cleanup_ctid 2>/dev/null || true
-    fi
-  fi
-  if [[ -f /etc/systemd/system/ping-instances.service ]]; then
-    systemctl start ping-instances.service 2>/dev/null || true
-  fi
-}
-trap turnkey_cleanup EXIT
-
 # Stop Proxmox VE Monitor-All if running
 if systemctl is-active -q ping-instances.service; then
   systemctl stop ping-instances.service
 fi
-
-pve_check
-shell_check
-root_check
-
-# Read diagnostics preference (same logic as build.func diagnostics_check)
-DIAG_CONFIG="/usr/local/community-scripts/diagnostics"
-if [[ -f "$DIAG_CONFIG" ]]; then
-  DIAGNOSTICS=$(awk -F '=' '/^DIAGNOSTICS/ {print $2}' "$DIAG_CONFIG") || true
-  DIAGNOSTICS="${DIAGNOSTICS:-no}"
-fi
-
 header_info
-whiptail --backtitle "Proxmox VE Helper Scripts" --title "TurnKey LXCs" --yesno \
-  "This will allow for the creation of one of the many TurnKey LXC Containers. Proceed?" 10 68 || exit_script
-
-# Update template catalog early so the menu reflects the latest available templates
-msg_info "Updating LXC template list"
-pveam update >/dev/null
-msg_ok "Updated LXC template list"
-
-# Build TurnKey selection menu dynamically from available templates
-declare -A TURNKEY_TEMPLATES
+whiptail --backtitle "Proxmox VE Helper Scripts" --title "TurnKey LXCs" --yesno "This will allow for the creation of one of the many TurnKey LXC Containers. Proceed?" 10 68
 TURNKEY_MENU=()
 MSG_MAX_LENGTH=0
-while IFS=$'\t' read -r TEMPLATE_FILE TAG ITEM; do
-  TURNKEY_TEMPLATES["$TAG"]="$TEMPLATE_FILE"
+while read -r TAG ITEM; do
   OFFSET=2
-  ((${#ITEM} + OFFSET > MSG_MAX_LENGTH)) && MSG_MAX_LENGTH=$((${#ITEM} + OFFSET))
+  ((${#ITEM} + OFFSET > MSG_MAX_LENGTH)) && MSG_MAX_LENGTH=${#ITEM}+OFFSET
   TURNKEY_MENU+=("$TAG" "$ITEM " "OFF")
-done < <(pveam available -section turnkeylinux | awk '{
-  tpl = $2
-  if (match(tpl, /debian-([0-9]+)-turnkey-([^_]+)_([^_]+)_/, m)) {
-    app = m[2]; deb = m[1]; ver = m[3]
-    display = app
-    gsub(/-/, " ", display)
-    n = split(display, words, " ")
-    display = ""
-    for (i = 1; i <= n; i++) {
-      words[i] = toupper(substr(words[i], 1, 1)) substr(words[i], 2)
-      display = display (i > 1 ? " " : "") words[i]
-    }
-    tag = app "-" deb
-    printf "%s\t%s\t%s | Debian %s | %s\n", tpl, tag, display, deb, ver
-  }
-}' | sort -t$'\t' -k2,2)
+done < <(
+  cat <<EOF
+ansible Ansible
+bookstack BookStack
+core Core
+faveo-helpdesk Faveo Helpdesk
+fileserver File Server
+gallery Gallery
+gameserver Game Server
+gitea Gitea
+gitlab GitLab
+invoice-ninja Invoice Ninja
+mediaserver Media Server
+nextcloud Nextcloud
+observium Observium
+odoo Odoo
+openldap OpenLDAP
+openvpn OpenVPN
+owncloud ownCloud
+phpbb phpBB
+torrentserver Torrent Server
+wireguard WireGuard
+wordpress Wordpress
+zoneminder ZoneMinder
+EOF
+)
+turnkey=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "TurnKey LXCs" --radiolist "\nSelect a TurnKey LXC to create:\n" 16 $((MSG_MAX_LENGTH + 58)) 6 "${TURNKEY_MENU[@]}" 3>&1 1>&2 2>&3 | tr -d '"')
+[ -z "$turnkey" ] && {
+  whiptail --backtitle "Proxmox VE Helper Scripts" --title "No TurnKey LXC Selected" --msgbox "It appears that no TurnKey LXC container was selected" 10 68
+  msg "Done"
+  exit
+}
 
-if [[ ${#TURNKEY_MENU[@]} -eq 0 ]]; then
-  msg_error "No TurnKey templates found. Check your internet connection or template repository."
-  exit 1
-fi
-
-selected=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "TurnKey LXCs" --radiolist \
-  "\nSelect a TurnKey LXC to create:\n" 20 $((MSG_MAX_LENGTH + 58)) 12 \
-  "${TURNKEY_MENU[@]}" 3>&1 1>&2 2>&3 | tr -d '"') || exit_script
-
-if [[ -z "$selected" ]]; then
-  whiptail --backtitle "Proxmox VE Helper Scripts" --title "No TurnKey LXC Selected" \
-    --msgbox "It appears that no TurnKey LXC container was selected" 10 68
-  exit_script
-fi
-
-# Extract template filename and app name from selection
-TEMPLATE="${TURNKEY_TEMPLATES[$selected]}"
-turnkey="${selected%-*}"
-
-# Generate random password
+# Setup script environment
 PASS="$(openssl rand -base64 8)"
-
-# Prompt for Container ID
-NEXT_ID=$(pvesh get /cluster/nextid 2>/dev/null || echo 100)
+# Prompt user to confirm container ID
 while true; do
-  CTID=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "Container ID" \
-    --inputbox "Enter the container ID..." 8 40 "$NEXT_ID" 3>&1 1>&2 2>&3) || exit_script
+  CTID=$(whiptail --backtitle "Container ID" --title "Choose the Container ID" --inputbox "Enter the container ID..." 8 40 $(pvesh get /cluster/nextid) 3>&1 1>&2 2>&3)
 
-  if [[ -z "$CTID" ]]; then
-    msg_error "No Container ID selected"
-    exit_script
-  fi
+  # Check if user cancelled
+  [ -z "$CTID" ] && die "No Container ID selected"
 
+  # Validate Container ID
   if ! validate_container_id "$CTID"; then
     SUGGESTED_ID=$(get_valid_container_id "$CTID")
-    if whiptail --backtitle "Proxmox VE Helper Scripts" --title "ID Already In Use" --yesno \
-      "Container/VM ID $CTID is already in use.\n\nWould you like to use the next available ID ($SUGGESTED_ID)?" 10 58; then
+    if whiptail --backtitle "Container ID" --title "ID Already In Use" --yesno "Container/VM ID $CTID is already in use.\n\nWould you like to use the next available ID ($SUGGESTED_ID)?" 10 58; then
       CTID="$SUGGESTED_ID"
       break
     fi
+    # User declined, loop back to input
   else
     break
   fi
 done
-
-# Prompt for Hostname
-HOST_NAME=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "Hostname" \
-  --inputbox "Enter the container hostname..." 8 40 "turnkey-${turnkey}" 3>&1 1>&2 2>&3) || exit_script
-
-# Container options
-PCT_OPTIONS=(
-  -features keyctl=1,nesting=1
-  -hostname "$HOST_NAME"
-  -tags community-script
-  -onboot 1
-  -cores 2
-  -memory 2048
-  -password "$PASS"
-  -net0 name=eth0,bridge=vmbr0,ip=dhcp
-  -unprivileged 1
-  -arch "$(dpkg --print-architecture)"
+# Prompt user to confirm Hostname
+HOST_NAME=$(whiptail --backtitle "Hostname" --title "Choose the Hostname" --inputbox "Enter the containers Hostname..." 8 40 "turnkey-${turnkey}" 3>&1 1>&2 2>&3)
+PCT_OPTIONS="
+    -features keyctl=1,nesting=1
+    -hostname $HOST_NAME
+    -tags community-script
+    -onboot 1
+    -cores 2
+    -memory 2048
+    -password $PASS
+    -net0 name=eth0,bridge=vmbr0,ip=dhcp
+    -unprivileged 1
+  "
+DEFAULT_PCT_OPTIONS=(
+  -arch $(dpkg --print-architecture)
 )
 
-# Storage selection
-TEMPLATE_STORAGE=$(select_storage template) || {
-  msg_error "Failed to select template storage"
-  exit 1
-}
-msg_ok "Using '${BL}${TEMPLATE_STORAGE}${CL}' for template storage"
+# Set the CONTENT and CONTENT_LABEL variables
+function select_storage() {
+  local CLASS=$1
+  local CONTENT
+  local CONTENT_LABEL
+  case $CLASS in
+  container)
+    CONTENT='rootdir'
+    CONTENT_LABEL='Container'
+    ;;
+  template)
+    CONTENT='vztmpl'
+    CONTENT_LABEL='Container template'
+    ;;
+  *) false || die "Invalid storage class." ;;
+  esac
 
-CONTAINER_STORAGE=$(select_storage container) || {
-  msg_error "Failed to select container storage"
-  exit 1
-}
-msg_ok "Using '${BL}${CONTAINER_STORAGE}${CL}' for container storage"
+  # Query all storage locations
+  local -a MENU
+  while read -r line; do
+    local TAG=$(echo $line | awk '{print $1}')
+    local TYPE=$(echo $line | awk '{printf "%-10s", $2}')
+    local FREE=$(echo $line | numfmt --field 4-6 --from-unit=K --to=iec --format %.2f | awk '{printf( "%9sB", $6)}')
+    local ITEM="  Type: $TYPE Free: $FREE "
+    local OFFSET=2
+    if [[ $((${#ITEM} + $OFFSET)) -gt ${MSG_MAX_LENGTH:-} ]]; then
+      local MSG_MAX_LENGTH=$((${#ITEM} + $OFFSET))
+    fi
+    MENU+=("$TAG" "$ITEM" "OFF")
+  done < <(pvesm status -content $CONTENT | awk 'NR>1')
 
-# Download template if not already cached
-if ! pveam list "$TEMPLATE_STORAGE" | grep -q "$TEMPLATE"; then
-  msg_info "Downloading LXC template"
-  pveam download "$TEMPLATE_STORAGE" "$TEMPLATE" >/dev/null || {
-    msg_error "Failed to download LXC template '${TEMPLATE}'"
-    exit 1
-  }
-  msg_ok "Downloaded LXC template"
+  # Select storage location
+  if [ $((${#MENU[@]} / 3)) -eq 0 ]; then
+    warn "'$CONTENT_LABEL' needs to be selected for at least one storage location."
+    die "Unable to detect valid storage location."
+  elif [ $((${#MENU[@]} / 3)) -eq 1 ]; then
+    printf ${MENU[0]}
+  else
+    local STORAGE
+    while [ -z "${STORAGE:+x}" ]; do
+      STORAGE=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "Storage Pools" --radiolist \
+        "Which storage pool would you like to use for the ${CONTENT_LABEL,,}?\n\n" \
+        16 $(($MSG_MAX_LENGTH + 23)) 6 \
+        "${MENU[@]}" 3>&1 1>&2 2>&3) || die "Menu aborted."
+    done
+    printf $STORAGE
+  fi
+}
+
+# Get template storage
+TEMPLATE_STORAGE=$(select_storage template)
+info "Using '$TEMPLATE_STORAGE' for template storage."
+
+# Get container storage
+CONTAINER_STORAGE=$(select_storage container)
+info "Using '$CONTAINER_STORAGE' for container storage."
+
+# Update LXC template list
+msg "Updating LXC template list..."
+pveam update >/dev/null
+
+# Get LXC template string
+mapfile -t TEMPLATES < <(pveam available -section turnkeylinux | awk -v turnkey="${turnkey}" '$0 ~ turnkey {print $2}' | sort -t - -k 2 -V)
+[ ${#TEMPLATES[@]} -gt 0 ] || die "Unable to find a template when searching for '${turnkey}'."
+TEMPLATE="${TEMPLATES[-1]}"
+
+# Download LXC template
+if ! pveam list $TEMPLATE_STORAGE | grep -q $TEMPLATE; then
+  msg "Downloading LXC template (Patience)..."
+  pveam download $TEMPLATE_STORAGE $TEMPLATE >/dev/null ||
+    die "A problem occured while downloading the LXC template."
 fi
 
-# Add rootfs if not specified
-[[ " ${PCT_OPTIONS[*]} " =~ " -rootfs " ]] || PCT_OPTIONS+=(-rootfs "${CONTAINER_STORAGE}:${PCT_DISK_SIZE:-8}")
+# Create variable for 'pct' options
+PCT_OPTIONS=(${PCT_OPTIONS[@]:-${DEFAULT_PCT_OPTIONS[@]}})
+[[ " ${PCT_OPTIONS[@]} " =~ " -rootfs " ]] || PCT_OPTIONS+=(-rootfs $CONTAINER_STORAGE:${PCT_DISK_SIZE:-8})
 
-# Set telemetry variables for the selected turnkey
-TELEMETRY_TYPE="turnkey"
-NSAPP="turnkey-${turnkey}"
-CT_TYPE=1
-DISK_SIZE="${PCT_DISK_SIZE:-8}"
-CORE_COUNT=2
-RAM_SIZE=2048
-var_os="turnkey"
-var_version="${turnkey}"
+# Create LXC
+msg "Creating LXC container..."
+pct create $CTID ${TEMPLATE_STORAGE}:vztmpl/${TEMPLATE} ${PCT_OPTIONS[@]} >/dev/null ||
+  die "A problem occured while trying to create container."
 
-# Report installation start to telemetry
-post_to_api
+# Save password
+echo "TurnKey ${turnkey} password: ${PASS}" >>~/turnkey-${turnkey}.creds # file is located in the Proxmox root directory
 
-# Create LXC container
-msg_info "Creating LXC container"
-pct create "$CTID" "${TEMPLATE_STORAGE}:vztmpl/${TEMPLATE}" "${PCT_OPTIONS[@]}" >/dev/null || {
-  msg_error "Failed to create container"
-  exit 1
-}
-msg_ok "Created LXC container (ID: ${BL}${CTID}${CL})"
-
-# Save credentials securely
-CREDS_FILE=~/turnkey-${turnkey}.creds
-echo "TurnKey ${turnkey} password: ${PASS}" >>"$CREDS_FILE"
-chmod 600 "$CREDS_FILE"
-
-# Configure TUN device access for VPN-based turnkeys
-TUN_DEVICE_REQUIRED=("openvpn")
+# If turnkey is "OpenVPN", add access to the tun device
+TUN_DEVICE_REQUIRED=("openvpn") # Setup this way in case future turnkeys also need tun access
 if printf '%s\n' "${TUN_DEVICE_REQUIRED[@]}" | grep -qw "${turnkey}"; then
-  msg_info "Configuring TUN device access for ${turnkey}"
-  {
-    echo "lxc.cgroup2.devices.allow: c 10:200 rwm"
-    echo "lxc.mount.entry: /dev/net/tun dev/net/tun none bind,create=file 0 0"
-  } >>"/etc/pve/lxc/${CTID}.conf"
-  msg_ok "TUN device access configured"
+  info "${turnkey} requires access to /dev/net/tun on the host. Modifying the container configuration to allow this."
+  echo "lxc.cgroup2.devices.allow: c 10:200 rwm" >>/etc/pve/lxc/${CTID}.conf
+  echo "lxc.mount.entry: /dev/net/tun dev/net/tun none bind,create=file 0 0" >>/etc/pve/lxc/${CTID}.conf
   sleep 5
 fi
 
 # Start container
-msg_info "Starting LXC container"
+msg "Starting LXC Container..."
 pct start "$CTID"
-msg_ok "Started LXC container"
 sleep 10
 
-# Detect container IP
-msg_info "Detecting IP address"
+# Get container IP
+set +euo pipefail # Turn off error checking
+max_attempts=5
+attempt=1
 IP=""
-for attempt in $(seq 1 5); do
-  IP=$(pct exec "$CTID" -- ip -4 a show dev eth0 2>/dev/null | grep -oP 'inet \K[^/]+' || true)
-  if [[ -n "$IP" ]]; then
+while [[ $attempt -le $max_attempts ]]; do
+  IP=$(pct exec $CTID ip a show dev eth0 | grep -oP 'inet \K[^/]+')
+  if [[ -n $IP ]]; then
     break
+  else
+    warn "Attempt $attempt: IP address not found. Pausing for 5 seconds..."
+    sleep 5
+    ((attempt++))
   fi
-  [[ $attempt -lt 5 ]] && sleep 5
 done
 
-if [[ -z "$IP" ]]; then
-  msg_warn "IP address not found after 5 attempts"
+if [[ -z $IP ]]; then
+  warn "Maximum number of attempts reached. IP address not found."
   IP="NOT FOUND"
-else
-  msg_ok "IP address: ${BL}${IP}${CL}"
 fi
 
-# Report success to telemetry
-post_update_to_api "done" "none"
+# Start Proxmox VE Monitor-All if available
+if [[ -f /etc/systemd/system/ping-instances.service ]]; then
+  systemctl start ping-instances.service
+fi
 
-# Success summary
+# Success message
 header_info
 echo
-msg_ok "TurnKey ${BL}${turnkey}${CL} LXC container '${BL}${CTID}${CL}' was successfully created."
+info "LXC container '$CTID' was successfully created, and its IP address is ${IP}."
 echo
-echo -e "  ${TAB}${YW}IP Address:${CL}  ${BL}${IP}${CL}"
-echo -e "  ${TAB}${YW}Login:${CL}       ${GN}root${CL}"
-echo -e "  ${TAB}${YW}Password:${CL}    ${GN}${PASS}${CL}"
+info "Proceed to the LXC console to complete the setup."
 echo
-echo -e "  ${TAB}Proceed to the LXC console to complete the TurnKey setup."
-echo -e "  ${TAB}Credentials stored in: ${BL}~/turnkey-${turnkey}.creds${CL}"
+info "login: root"
+info "password: $PASS"
+info "(credentials also stored in the root user's root directory in the 'turnkey-${turnkey}.creds' file.)"
 echo