Add coredns (ct)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

.github/changelogs/2026/04.md

@@ -1,3 +1,143 @@
+## 2026-04-25
+
+### 🚀 Updated Scripts
+
+  - #### 🐞 Bug Fixes
+
+    - VictoriaMetrics: Stop vmagent/vmalert before update [@irishpadres](https://github.com/irishpadres) ([#14016](https://github.com/community-scripts/ProxmoxVE/pull/14016))
+    - Domain-Monitor: start apache2 after stop instead of reload [@omertahaoztop](https://github.com/omertahaoztop) ([#14019](https://github.com/community-scripts/ProxmoxVE/pull/14019))
+    - Transmute: Fix ffmpeg detection [@tremor021](https://github.com/tremor021) ([#14008](https://github.com/community-scripts/ProxmoxVE/pull/14008))
+
+  - #### 🔧 Refactor
+
+    - Refactor: Technitium DNS [@tremor021](https://github.com/tremor021) ([#14013](https://github.com/community-scripts/ProxmoxVE/pull/14013))
+
+## 2026-04-24
+
+### 🆕 New Scripts
+
+  - Apprise-API ([#13934](https://github.com/community-scripts/ProxmoxVE/pull/13934))
+- fireshare ([#13995](https://github.com/community-scripts/ProxmoxVE/pull/13995))
+- Transmute ([#13935](https://github.com/community-scripts/ProxmoxVE/pull/13935))
+- Jitsi-Meet ([#13897](https://github.com/community-scripts/ProxmoxVE/pull/13897))
+
+### 🚀 Updated Scripts
+
+  - Update wger.sh [@Soppster1029](https://github.com/Soppster1029) ([#13977](https://github.com/community-scripts/ProxmoxVE/pull/13977))
+
+  - #### 🔧 Refactor
+
+    - Refactor: Ghostfolio [@MickLesk](https://github.com/MickLesk) ([#13990](https://github.com/community-scripts/ProxmoxVE/pull/13990))
+
+## 2026-04-23
+
+### 🚀 Updated Scripts
+
+  - #### 🐞 Bug Fixes
+
+    - mealie: start.sh missing after failed update [@MickLesk](https://github.com/MickLesk) ([#13958](https://github.com/community-scripts/ProxmoxVE/pull/13958))
+    - twingate-connector: perform real apt upgrade during update flow [@MickLesk](https://github.com/MickLesk) ([#13959](https://github.com/community-scripts/ProxmoxVE/pull/13959))
+
+  - #### ✨ New Features
+
+    - core: auto-size NODE_OPTIONS heap [@MickLesk](https://github.com/MickLesk) ([#13960](https://github.com/community-scripts/ProxmoxVE/pull/13960))
+
+  - #### 🔧 Refactor
+
+    - Update scripts to match standard [@tremor021](https://github.com/tremor021) ([#13956](https://github.com/community-scripts/ProxmoxVE/pull/13956))
+
+### 💾 Core
+
+  - #### 🐞 Bug Fixes
+
+    - tools.func: upgrade Node.js minor/patch on same major version [@MickLesk](https://github.com/MickLesk) ([#13957](https://github.com/community-scripts/ProxmoxVE/pull/13957))
+    - core: hotfix - prefer silent mode on PHS env conflict [@MickLesk](https://github.com/MickLesk) ([#13951](https://github.com/community-scripts/ProxmoxVE/pull/13951))
+
+  - #### 🔧 Refactor
+
+    - core: improve system update information / lxc stack upgrade [@MickLesk](https://github.com/MickLesk) ([#13970](https://github.com/community-scripts/ProxmoxVE/pull/13970))
+
+## 2026-04-22
+
+### 🆕 New Scripts
+
+  - Dashy ([#13817](https://github.com/community-scripts/ProxmoxVE/pull/13817))
+- Mini-QR ([#13902](https://github.com/community-scripts/ProxmoxVE/pull/13902))
+- ownfoil ([#13904](https://github.com/community-scripts/ProxmoxVE/pull/13904))
+- ERPNext ([#13921](https://github.com/community-scripts/ProxmoxVE/pull/13921))
+
+### 🚀 Updated Scripts
+
+  - #### 🐞 Bug Fixes
+
+    - add --clear to uv venv in update_script() to prevent interactive prompt [@MickLesk](https://github.com/MickLesk) ([#13926](https://github.com/community-scripts/ProxmoxVE/pull/13926))
+
+### 💾 Core
+
+  - #### ✨ New Features
+
+    - core: Add PHS_VERBOSE env var to skip verbose mode prompts [@gormanity](https://github.com/gormanity) ([#13797](https://github.com/community-scripts/ProxmoxVE/pull/13797))
+
+## 2026-04-21
+
+### 🆕 New Scripts
+
+  - gogs ([#13896](https://github.com/community-scripts/ProxmoxVE/pull/13896))
+- anchor ([#13895](https://github.com/community-scripts/ProxmoxVE/pull/13895))
+- minthcm ([#13903](https://github.com/community-scripts/ProxmoxVE/pull/13903))
+- foldergram ([#13900](https://github.com/community-scripts/ProxmoxVE/pull/13900))
+
+### 🚀 Updated Scripts
+
+  - OpenCloud: Pin version to 6.1.0 [@vhsdream](https://github.com/vhsdream) ([#13890](https://github.com/community-scripts/ProxmoxVE/pull/13890))
+
+  - #### 🐞 Bug Fixes
+
+    - Domain-Locker: Update dependencies [@tremor021](https://github.com/tremor021) ([#13901](https://github.com/community-scripts/ProxmoxVE/pull/13901))
+    - homelable: fix install failure by correcting password-reset chmod target [@Copilot](https://github.com/Copilot) ([#13894](https://github.com/community-scripts/ProxmoxVE/pull/13894))
+
+  - #### ✨ New Features
+
+    - FileFlows: Update dependencies [@tremor021](https://github.com/tremor021) ([#13917](https://github.com/community-scripts/ProxmoxVE/pull/13917))
+
+## 2026-04-20
+
+### 🆕 New Scripts
+
+  - WhoDB ([#13880](https://github.com/community-scripts/ProxmoxVE/pull/13880))
+
+### 🚀 Updated Scripts
+
+  - pangolin: create migration tables before data transfer to prevent role loss [@MickLesk](https://github.com/MickLesk) ([#13874](https://github.com/community-scripts/ProxmoxVE/pull/13874))
+
+  - #### 🐞 Bug Fixes
+
+    - Pangolin: pre-apply schema migrations to prevent data loss [@MickLesk](https://github.com/MickLesk) ([#13861](https://github.com/community-scripts/ProxmoxVE/pull/13861))
+    - ActualBudget: change migration messages to warnings [@MickLesk](https://github.com/MickLesk) ([#13860](https://github.com/community-scripts/ProxmoxVE/pull/13860))
+    - slskd: migrate config keys for 0.25.0 breaking change [@MickLesk](https://github.com/MickLesk) ([#13862](https://github.com/community-scripts/ProxmoxVE/pull/13862))
+
+  - #### ✨ New Features
+
+    - Wanderer: add pocketbase CLI wrapper with env [@MickLesk](https://github.com/MickLesk) ([#13863](https://github.com/community-scripts/ProxmoxVE/pull/13863))
+    - feat(homelable): add password reset utility script [@davidsoncabista](https://github.com/davidsoncabista) ([#13798](https://github.com/community-scripts/ProxmoxVE/pull/13798))
+
+  - #### 🔧 Refactor
+
+    - Several Scripts: Bump NodeJS to align Node.js versions with upstream for 5 scripts [@MickLesk](https://github.com/MickLesk) ([#13875](https://github.com/community-scripts/ProxmoxVE/pull/13875))
+    - Refactor: PMG Post Install [@MickLesk](https://github.com/MickLesk) ([#13693](https://github.com/community-scripts/ProxmoxVE/pull/13693))
+
+### 💾 Core
+
+  - #### 🐞 Bug Fixes
+
+    - core: detect Perl breakage after LXC stack upgrade and improve storage validation [@MickLesk](https://github.com/MickLesk) ([#13879](https://github.com/community-scripts/ProxmoxVE/pull/13879))
+
+## 2026-04-19
+
+### 🆕 New Scripts
+
+  - nametag ([#13849](https://github.com/community-scripts/ProxmoxVE/pull/13849))
+
 ## 2026-04-18
 
 ### 🆕 New Scripts

CHANGELOG.md

@@ -41,6 +41,9 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit
 
 
 
+
+
+
 
 
 
@@ -54,7 +57,7 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit
 
 
 <details>
-<summary><h4>April (18 entries)</h4></summary>
+<summary><h4>April (25 entries)</h4></summary>
 
 [View April 2026 Changelog](.github/changelogs/2026/04.md)
 
@@ -445,6 +448,64 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit
 
 </details>
 
+## 2026-04-28
+
+### 🚀 Updated Scripts
+
+  - Fix Dawarich Install/Update [@Jerry1098](https://github.com/Jerry1098) ([#14078](https://github.com/community-scripts/ProxmoxVE/pull/14078))
+
+## 2026-04-27
+
+### 🚀 Updated Scripts
+
+  - Add pamUsername column to userOrgs table [@JVKeller](https://github.com/JVKeller) ([#14075](https://github.com/community-scripts/ProxmoxVE/pull/14075))
+
+  - #### 🐞 Bug Fixes
+
+    - Dawarich: run db:migrate before assets:precompile [@MickLesk](https://github.com/MickLesk) ([#14051](https://github.com/community-scripts/ProxmoxVE/pull/14051))
+    - TechnitiumDNS: always install .NET 10 if not already present [@MickLesk](https://github.com/MickLesk) ([#14049](https://github.com/community-scripts/ProxmoxVE/pull/14049))
+
+  - #### 💥 Breaking Changes
+
+    - PatchMon: v2.0.0 migration [@vhsdream](https://github.com/vhsdream) ([#14015](https://github.com/community-scripts/ProxmoxVE/pull/14015))
+
+### 💾 Core
+
+  - #### 🔧 Refactor
+
+    - Update build.func - fixed spelling mistake [@m1ckywill](https://github.com/m1ckywill) ([#14047](https://github.com/community-scripts/ProxmoxVE/pull/14047))
+
+### 🧰 Tools
+
+  - #### 🐞 Bug Fixes
+
+    - update-lxcs/apps: avoid pct exec on containers mid-shutdown [@MickLesk](https://github.com/MickLesk) ([#14050](https://github.com/community-scripts/ProxmoxVE/pull/14050))
+
+  - #### ✨ New Features
+
+    - Add patchmon-agent report execution in update script [@heinemannj](https://github.com/heinemannj) ([#14054](https://github.com/community-scripts/ProxmoxVE/pull/14054))
+
+## 2026-04-26
+
+### 🆕 New Scripts
+
+  - TREK ([#14017](https://github.com/community-scripts/ProxmoxVE/pull/14017))
+
+### 🚀 Updated Scripts
+
+  - fix(2fauth): handle stale backup directory on update [@omertahaoztop](https://github.com/omertahaoztop) ([#14018](https://github.com/community-scripts/ProxmoxVE/pull/14018))
+
+  - #### 🐞 Bug Fixes
+
+    -  Increase Frigate default CPU cores from 4 to 8 [@MickLesk](https://github.com/MickLesk) ([#14039](https://github.com/community-scripts/ProxmoxVE/pull/14039))
+    - Technitium DNS: Ensure directories exist before running service [@tremor021](https://github.com/tremor021) ([#14030](https://github.com/community-scripts/ProxmoxVE/pull/14030))
+
+### 💾 Core
+
+  - #### 🐞 Bug Fixes
+
+    - core: Correct deb822 repository flat path detection [@MickLesk](https://github.com/MickLesk) ([#14037](https://github.com/community-scripts/ProxmoxVE/pull/14037))
+
 ## 2026-04-25
 
 ### 🚀 Updated Scripts
@@ -1007,158 +1068,4 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit
 
   - #### ✨ New Features
 
-    - Refactor/Feature-Bump/Security: Update-Cron-LXCs (Now Local Mode!) [@MickLesk](https://github.com/MickLesk) ([#13339](https://github.com/community-scripts/ProxmoxVE/pull/13339))
-
-## 2026-03-26
-
-### 🆕 New Scripts
-
-  - BirdNET ([#13313](https://github.com/community-scripts/ProxmoxVE/pull/13313))
-
-### 🚀 Updated Scripts
-
-  - #### 🐞 Bug Fixes
-
-    - Immich: Bump to 2.6.2 | use start.sh in service, ensure DB_HOSTNAME in .env | Fix Rights Issue with ZFS Shares [@MickLesk](https://github.com/MickLesk) ([#13199](https://github.com/community-scripts/ProxmoxVE/pull/13199))
-
-  - #### ✨ New Features
-
-    - SparkyFitness: add garmin microservice as addon [@tomfrenzel](https://github.com/tomfrenzel) ([#12642](https://github.com/community-scripts/ProxmoxVE/pull/12642))
-    - Frigate: bump to v0.17.1 & change build order [@MickLesk](https://github.com/MickLesk) ([#13304](https://github.com/community-scripts/ProxmoxVE/pull/13304))
-
-### 💾 Core
-
-  - #### 🐞 Bug Fixes
-
-    - tools.func: pin npm to 11.11.0 to work around Node.js 22.22.2 regression [@MickLesk](https://github.com/MickLesk) ([#13296](https://github.com/community-scripts/ProxmoxVE/pull/13296))
-
-  - #### ✨ New Features
-
-    - core: APT/APK Mirror Fallback for CDN Failures [@MickLesk](https://github.com/MickLesk) ([#13316](https://github.com/community-scripts/ProxmoxVE/pull/13316))
-    - core/tools: replace generic return 1 exit_codes with more specific exit_codes [@MickLesk](https://github.com/MickLesk) ([#13311](https://github.com/community-scripts/ProxmoxVE/pull/13311))
-
-  - #### 🔧 Refactor
-
-    - core: use /usr/bin/install to prevent function shadowing [@MickLesk](https://github.com/MickLesk) ([#13299](https://github.com/community-scripts/ProxmoxVE/pull/13299))
-
-### 🧰 Tools
-
-  - #### 🐞 Bug Fixes
-
-    - SparkyFitness-Garmin: fix app name [@tomfrenzel](https://github.com/tomfrenzel) ([#13325](https://github.com/community-scripts/ProxmoxVE/pull/13325))
-
-## 2026-03-25
-
-### 🚀 Updated Scripts
-
-  - #### ✨ New Features
-
-    - Komodo v2: migrate env vars to v2 and update source [@MickLesk](https://github.com/MickLesk) ([#13262](https://github.com/community-scripts/ProxmoxVE/pull/13262))
-
-### 💾 Core
-
-  - #### 🔧 Refactor
-
-    - core: make shell command substitutions safe with || true [@MickLesk](https://github.com/MickLesk) ([#13279](https://github.com/community-scripts/ProxmoxVE/pull/13279))
-
-## 2026-03-24
-
-### 🆕 New Scripts
-
-  - Homebrew (Addon) ([#13249](https://github.com/community-scripts/ProxmoxVE/pull/13249))
-- NextExplorer ([#13252](https://github.com/community-scripts/ProxmoxVE/pull/13252))
-
-### 🚀 Updated Scripts
-
-  - #### ✨ New Features
-
-    - Turnkey: modernize turnkey.sh with shared libraries  [@MickLesk](https://github.com/MickLesk) ([#13242](https://github.com/community-scripts/ProxmoxVE/pull/13242))
-
-  - #### 🔧 Refactor
-
-    - chore: replace helper-scripts.com with community-scripts.com [@MickLesk](https://github.com/MickLesk) ([#13244](https://github.com/community-scripts/ProxmoxVE/pull/13244))
-
-### 🗑️ Deleted Scripts
-
-  - Remove: Booklore [@MickLesk](https://github.com/MickLesk) ([#13265](https://github.com/community-scripts/ProxmoxVE/pull/13265))
-
-## 2026-03-23
-
-### 🚀 Updated Scripts
-
-  - #### 🔧 Refactor
-
-    - core: harden shell scripts against injection and insecure permissions [@MickLesk](https://github.com/MickLesk) ([#13239](https://github.com/community-scripts/ProxmoxVE/pull/13239))
-
-## 2026-03-22
-
-### 🆕 New Scripts
-
-  - versitygw ([#13180](https://github.com/community-scripts/ProxmoxVE/pull/13180))
-
-### 🚀 Updated Scripts
-
-  - #### 🐞 Bug Fixes
-
-    - Adventurelog: pin DRF <3.15 to fix coreapi module removal [@MickLesk](https://github.com/MickLesk) ([#13194](https://github.com/community-scripts/ProxmoxVE/pull/13194))
-
-  - #### ✨ New Features
-
-    - ConvertX: add libreoffice-writer for ODT/document conversions [@MickLesk](https://github.com/MickLesk) ([#13196](https://github.com/community-scripts/ProxmoxVE/pull/13196))
-
-  - #### 🔧 Refactor
-
-    - iSponsorblockTV: add AVX CPU check before installation [@MickLesk](https://github.com/MickLesk) ([#13197](https://github.com/community-scripts/ProxmoxVE/pull/13197))
-
-### 💾 Core
-
-  - #### 🐞 Bug Fixes
-
-    - core: guard against empty IPv6 address in static mode [@MickLesk](https://github.com/MickLesk) ([#13195](https://github.com/community-scripts/ProxmoxVE/pull/13195))
-
-## 2026-03-21
-
-### 🚀 Updated Scripts
-
-  - #### 🐞 Bug Fixes
-
-    - Anytype-server: wait for MongoDB readiness before rs.initiate() [@MickLesk](https://github.com/MickLesk) ([#13165](https://github.com/community-scripts/ProxmoxVE/pull/13165))
-    - Frigate: use correct CPU model fallback path [@MickLesk](https://github.com/MickLesk) ([#13164](https://github.com/community-scripts/ProxmoxVE/pull/13164))
-    - iSponsorBlockTV: Fix release fetching  [@tremor021](https://github.com/tremor021) ([#13157](https://github.com/community-scripts/ProxmoxVE/pull/13157))
-    - Isponsorblocktv: use quoted heredoc to prevent unbound variable error during CLI wrapper creation [@Copilot](https://github.com/Copilot) ([#13146](https://github.com/community-scripts/ProxmoxVE/pull/13146))
-
-  - #### ✨ New Features
-
-    - Headscale: Enable TUN [@tremor021](https://github.com/tremor021) ([#13158](https://github.com/community-scripts/ProxmoxVE/pull/13158))
-
-### 💾 Core
-
-  - #### 🐞 Bug Fixes
-
-    - core: add missing -searchdomain/-nameserver prefix in base_settings [@MickLesk](https://github.com/MickLesk) ([#13166](https://github.com/community-scripts/ProxmoxVE/pull/13166))
-
-## 2026-03-20
-
-### 🆕 New Scripts
-
-  - iSponsorBlockTV ([#13123](https://github.com/community-scripts/ProxmoxVE/pull/13123))
-- Alpine-Wakapi ([#13119](https://github.com/community-scripts/ProxmoxVE/pull/13119))
-- teleport ([#13086](https://github.com/community-scripts/ProxmoxVE/pull/13086))
-
-### 🚀 Updated Scripts
-
-  - #### 🐞 Bug Fixes
-
-    - Reactive-Resume: add git dependency for v5.0.13+ [@MickLesk](https://github.com/MickLesk) ([#13133](https://github.com/community-scripts/ProxmoxVE/pull/13133))
-    - Scanopy: increase default CPU, RAM, and HDD to prevent OOM during Rust build [@Copilot](https://github.com/Copilot) ([#13130](https://github.com/community-scripts/ProxmoxVE/pull/13130))
-
-  - #### ✨ New Features
-
-    - Immich: v2.6.1 [@vhsdream](https://github.com/vhsdream) ([#13111](https://github.com/community-scripts/ProxmoxVE/pull/13111))
-    - VM's: add input validation and hostname sanitization to all VM scripts [@MickLesk](https://github.com/MickLesk) ([#12973](https://github.com/community-scripts/ProxmoxVE/pull/12973))
-
-### 🧰 Tools
-
-  - #### 🔧 Refactor
-
-    - Harden code-server addon install script [@MickLesk](https://github.com/MickLesk) ([#13116](https://github.com/community-scripts/ProxmoxVE/pull/13116))
+    - Refactor/Feature-Bump/Security: Update-Cron-LXCs (Now Local Mode!) [@MickLesk](https://github.com/MickLesk) ([#13339](https://github.com/community-scripts/ProxmoxVE/pull/13339))

ct/2fauth.sh

@@ -24,7 +24,7 @@ function update_script() {
   check_container_storage
   check_container_resources
 
-  if [[ ! -d "/opt/2fauth" ]]; then
+  if [[ ! -d /opt/2fauth ]]; then
     msg_error "No ${APP} Installation Found!"
     exit
   fi
@@ -34,7 +34,8 @@ function update_script() {
     $STD apt -y upgrade
 
     msg_info "Creating Backup"
-    mv "/opt/2fauth" "/opt/2fauth-backup"
+    rm -rf /opt/2fauth-backup
+    mv /opt/2fauth /opt/2fauth-backup
     if ! dpkg -l | grep -q 'php8.4'; then
       cp /etc/nginx/conf.d/2fauth.conf /etc/nginx/conf.d/2fauth.conf.bak
     fi
@@ -46,15 +47,17 @@ function update_script() {
     fi
     fetch_and_deploy_gh_release "2fauth" "Bubka/2FAuth" "tarball"
     setup_composer
-    mv "/opt/2fauth-backup/.env" "/opt/2fauth/.env"
-    mv "/opt/2fauth-backup/storage" "/opt/2fauth/storage"
-    cd "/opt/2fauth" || return
-    chown -R www-data: "/opt/2fauth"
-    chmod -R 755 "/opt/2fauth"
+    cp /opt/2fauth-backup/.env /opt/2fauth/.env
+    cp -r /opt/2fauth-backup/storage /opt/2fauth/storage
+    cd /opt/2fauth || return
     export COMPOSER_ALLOW_SUPERUSER=1
     $STD composer install --no-dev --prefer-dist
     php artisan 2fauth:install
+    chown -R www-data: /opt/2fauth
+    chmod -R 755 /opt/2fauth
+    $STD systemctl restart php8.4-fpm
     $STD systemctl restart nginx
+    rm -rf /opt/2fauth-backup
     msg_ok "Updated successfully!"
   fi
   exit

ct/coredns.sh

@@ -0,0 +1,56 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/coredns/coredns
+
+APP="CoreDNS"
+var_tags="${var_tags:-dns;network}"
+var_cpu="${var_cpu:-1}"
+var_ram="${var_ram:-256}"
+var_disk="${var_disk:-1}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-13}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+
+  if [[ ! -f /usr/local/bin/coredns ]]; then
+    msg_error "No ${APP} Installation Found!"
+    exit
+  fi
+
+  if check_for_gh_release "coredns" "coredns/coredns"; then
+    msg_info "Stopping Service"
+    systemctl stop coredns
+    msg_ok "Stopped Service"
+
+    fetch_and_deploy_gh_release "coredns" "coredns/coredns" "prebuild" "latest" "/usr/local/bin" \
+      "coredns_*_linux_$(dpkg --print-architecture).tgz"
+    chmod +x /usr/local/bin/coredns
+
+    msg_info "Starting Service"
+    systemctl start coredns
+    msg_ok "Started Service"
+    msg_ok "Updated successfully!"
+  fi
+  exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed Successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} CoreDNS is listening on port 53 (DNS)${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}dns://${IP}${CL}"

ct/dawarich.sh

@@ -53,6 +53,18 @@ function update_script() {
     export PATH="/root/.rbenv/shims:/root/.rbenv/bin:$PATH"
     eval "$(/root/.rbenv/bin/rbenv init - bash)"
 
+    if ! grep -q "OTP_ENCRYPTION_PRIMARY_KEY" /opt/dawarich/.env; then
+      echo "OTP_ENCRYPTION_PRIMARY_KEY=$(openssl rand -hex 64)" >>/opt/dawarich/.env
+    fi
+
+    if ! grep -q "OTP_ENCRYPTION_DETERMINISTIC_KEY" /opt/dawarich/.env; then
+      echo "OTP_ENCRYPTION_DETERMINISTIC_KEY=$(openssl rand -hex 64)" >>/opt/dawarich/.env
+    fi
+
+    if ! grep -q "OTP_ENCRYPTION_KEY_DERIVATION_SALT" /opt/dawarich/.env; then
+      echo "OTP_ENCRYPTION_KEY_DERIVATION_SALT=$(openssl rand -hex 64)" >>/opt/dawarich/.env
+    fi
+
     set -a && source /opt/dawarich/.env && set +a
 
     $STD bundle config set --local deployment 'true'
@@ -67,8 +79,8 @@ function update_script() {
       $STD npm install
     fi
 
-    $STD bundle exec rake assets:precompile
     $STD bundle exec rails db:migrate
+    $STD bundle exec rake assets:precompile
     $STD bundle exec rake data:migrate
     msg_ok "Ran Migrations"
 

ct/frigate.sh

@@ -7,7 +7,7 @@ source <(curl -fsSL https://git.community-scripts.org/community-scripts/ProxmoxV
 
 APP="Frigate"
 var_tags="${var_tags:-nvr}"
-var_cpu="${var_cpu:-4}"
+var_cpu="${var_cpu:-8}"
 var_ram="${var_ram:-4096}"
 var_disk="${var_disk:-20}"
 var_os="${var_os:-debian}"

ct/headers/coredns

@@ -0,0 +1,6 @@
+   ______                ____  _   _______
+  / ____/___  ________  / __ \/ | / / ___/
+ / /   / __ \/ ___/ _ \/ / / /  |/ /\__ \ 
+/ /___/ /_/ / /  /  __/ /_/ / /|  /___/ / 
+\____/\____/_/   \___/_____/_/ |_//____/  
+                                          

ct/headers/trek

@@ -0,0 +1,6 @@
+  __________  ________ __
+ /_  __/ __ \/ ____/ //_/
+  / / / /_/ / __/ / ,<   
+ / / / _, _/ /___/ /| |  
+/_/ /_/ |_/_____/_/ |_|  
+                         

ct/pangolin.sh

@@ -76,6 +76,7 @@ function update_script() {
     if [[ -f "$DB" ]]; then
       sqlite3 "$DB" "ALTER TABLE 'orgs' ADD COLUMN 'settingsLogRetentionDaysConnection' integer DEFAULT 0 NOT NULL;" 2>/dev/null || true
       sqlite3 "$DB" "ALTER TABLE 'clientSitesAssociationsCache' ADD COLUMN 'isJitMode' integer DEFAULT 0 NOT NULL;" 2>/dev/null || true
+      sqlite3 "$DB" "ALTER TABLE 'userOrgs' ADD COLUMN 'pamUsername' text;" 2>/dev/null || true
 
       # Create new role-mapping tables and migrate data before drizzle-kit
       # drops the roleId columns from userOrgs and userInvites.

ct/patchmon.sh

@@ -29,63 +29,75 @@ function update_script() {
     exit
   fi
 
-  if ! grep -q "PORT=3001" /opt/patchmon/backend/.env; then
-    msg_warn "⚠️ The next PatchMon update will include breaking changes (port changes)."
-    msg_warn "See details here: https://github.com/community-scripts/ProxmoxVE/pull/11888"
-    msg_warn "Press Enter to continue with the update, or Ctrl+C to abort..."
-    read -r
-  fi
-
-  RELEASE="v1.4.2"
-  NODE_VERSION="24" setup_nodejs
+  RELEASE="v2.0.1"
   if check_for_gh_release "PatchMon" "PatchMon/PatchMon" "${RELEASE}"; then
     msg_info "Stopping Service"
     systemctl stop patchmon-server
     msg_ok "Stopped Service"
 
-    msg_info "Creating Backup"
-    cp /opt/patchmon/backend/.env /opt/backend.env
-    cp /opt/patchmon/frontend/.env /opt/frontend.env
-    msg_ok "Backup Created"
-
-    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "PatchMon" "PatchMon/PatchMon" "tarball" "${RELEASE}" "/opt/patchmon"
-
-    msg_info "Updating PatchMon"
-    VERSION=$(get_latest_github_release "PatchMon/PatchMon")
-    SERVER_PORT="$(sed -n '/SERVER_PORT/s/[^=]*=//p' /opt/backend.env)"
-    sed -i 's/PORT=3399/PORT=3001/' /opt/backend.env
-    sed -i -e "s/VERSION=.*/VERSION=$VERSION/" \
-      -e '/^VITE_API_URL/d' /opt/frontend.env
-    export NODE_ENV=production
-    cd /opt/patchmon
-    $STD npm install --no-audit --no-fund --no-save --ignore-scripts
-    cd /opt/patchmon/frontend
-    mv /opt/frontend.env /opt/patchmon/frontend/.env
-    $STD npm install --no-audit --no-fund --no-save --ignore-scripts --include=dev
-    $STD npm run build
-    cd /opt/patchmon/backend
-    mv /opt/backend.env /opt/patchmon/backend/.env
-    $STD npm run db:generate
-    $STD npx prisma migrate deploy
-    cp /opt/patchmon/docker/nginx.conf.template /etc/nginx/sites-available/patchmon.conf
-    sed -i -e 's|proxy_pass .*|proxy_pass http://127.0.0.1:3001;|' \
-      -e '\|try_files |i\        root /opt/patchmon/frontend/dist;' \
-      -e 's|alias.*|alias /opt/patchmon/frontend/dist/assets;|' \
-      -e '\|expires 1y|i\        root /opt/patchmon/frontend/dist;' /etc/nginx/sites-available/patchmon.conf
-    if [[ -n "$SERVER_PORT" ]] && [[ "$SERVER_PORT" != "443" ]]; then
-      sed -i "s/listen [[:digit:]].*/listen ${SERVER_PORT};/" /etc/nginx/sites-available/patchmon.conf
+    if [[ -d /opt/patchmon/backend ]]; then
+      msg_info "Legacy install detected - creating full backup, please wait..."
+      $STD tar czf ~/patchmon_legacy.tar.gz /opt/patchmon
+      cp /opt/patchmon/backend/.env /opt/legacy.env
+      msg_ok "Full backup saved in /root"
+      msg_info "Starting migration to PatchMon v2.x.x"
+      systemctl disable -q --now nginx
+      $STD npm cache clean --force
+      $STD apt autoremove --purge -y {nginx,nodejs}
+      if [[ -f /etc/apt/sources.list.d/nodesource.sources ]]; then
+        cp /etc/apt/sources.list.d/nodesource.sources /etc/apt/sources.list.d/nodesource.sources.bak
+        rm -f /etc/apt/sources.list.d/nodesource.sources
+      elif [[ -f /etc/apt/sources.list.d/nodesource.list ]]; then
+        cp /etc/apt/sources.list.d/nodesource.list /etc/apt/sources.list.d/nodesource.list.bak
+        rm -f /etc/apt/sources.list.d/nodesource.list
+      fi
+      rm -rf /opt/patchmon
+      mkdir -p /opt/patchmon/agents
+      cp /opt/legacy.env /opt/patchmon/.env
+      sed -i -e 's/^PORT=.*/PORT=3000/' \
+        -e 's/^NODE_/APP_/' \
+        -e '/^SERVER_*/d' \
+        -e '/^# API*/,+2d' /opt/patchmon/.env
+      {
+        echo ""
+        echo "SESSION_SECRET=$(openssl rand -hex 64)"
+        echo "AI_ENCRYPTION_KEY=$(openssl rand -hex 64)"
+        echo "AGENT_BINARIES_DIR=/opt/patchmon/agents"
+      } >>/opt/patchmon/.env
+      sed -i -e '\|Directory|s|/backend||' \
+        -e 's|^ExecStart=.*|ExecStart=/opt/patchmon/patchmon-server|' \
+        -e 's|^Environment=NODE_.*|EnvironmentFile=/opt/patchmon/.env|' \
+        /etc/systemd/system/patchmon-server.service
+      systemctl daemon-reload
+      rm /opt/legacy.env
+      msg_ok "Migration complete!"
     fi
-    ln -sf /etc/nginx/sites-available/patchmon.conf /etc/nginx/sites-enabled/
-    rm -f /etc/nginx/sites-enabled/default
-    $STD nginx -t
-    systemctl restart nginx
-    msg_ok "Updated PatchMon"
+
+    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "PatchMon" "PatchMon/PatchMon" "singlefile" "${RELEASE}" "/opt/patchmon" "patchmon-server-linux-amd64"
+    mv /opt/patchmon/PatchMon /opt/patchmon/patchmon-server
+
+    msg_info "Fetching PatchMon agent binaries"
+    [[ ! -d /opt/patchmon/agents ]] && mkdir -p /opt/patchmon/agents
+    FILE_URL="https://github.com/PatchMon/PatchMon/releases/download/${RELEASE}/patchmon-agent-"
+    AGENT_NAME=(
+      "linux-amd64"
+      "linux-arm64"
+      "linux-arm"
+      "linux-386"
+      "freebsd-amd64"
+      "freebsd-arm64"
+      "freebsd-arm"
+      "freebsd-386"
+      "windows-amd64.exe"
+      "windows-arm64.exe"
+    )
+    for arch in "${AGENT_NAME[@]}"; do
+      curl_with_retry "${FILE_URL}${arch}" "/opt/patchmon/agents/patchmon-agent-${arch}"
+      [[ "${arch}" != *.exe ]] && chmod 755 "/opt/patchmon/agents/patchmon-agent-${arch}"
+    done
+    msg_ok "Fetched PatchMon agent binaries"
 
     msg_info "Starting Service"
-    if grep -q '/usr/bin/node' /etc/systemd/system/patchmon-server.service; then
-      sed -i 's|ExecStart=.*|ExecStart=/usr/bin/npm run start|' /etc/systemd/system/patchmon-server.service
-      systemctl daemon-reload
-    fi
     systemctl start patchmon-server
     msg_ok "Started Service"
     msg_ok "Updated successfully!"

ct/technitiumdns.sh

@@ -32,8 +32,8 @@ function update_script() {
     systemctl daemon-reload
     systemctl enable -q --now technitium
   fi
-  if is_package_installed "aspnetcore-runtime-8.0" || is_package_installed "aspnetcore-runtime-9.0"; then
-    $STD apt remove -y aspnetcore-runtime-*
+  if ! is_package_installed "aspnetcore-runtime-10.0"; then
+    $STD apt remove -y aspnetcore-runtime-8.0 aspnetcore-runtime-9.0 2>/dev/null || true
     [ -f /etc/apt/sources.list.d/microsoft-prod.list ] && rm -f /etc/apt/sources.list.d/microsoft-prod.list
     [ -f /usr/share/keyrings/microsoft-prod.gpg ] && rm -f /usr/share/keyrings/microsoft-prod.gpg
     setup_deb822_repo \

ct/trek.sh

@@ -0,0 +1,84 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/mauriceboe/TREK
+
+APP="TREK"
+var_tags="${var_tags:-travel;planning;collaboration}"
+var_cpu="${var_cpu:-2}"
+var_ram="${var_ram:-2048}"
+var_disk="${var_disk:-8}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-13}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+
+  if [[ ! -d /opt/trek ]]; then
+    msg_error "No ${APP} Installation Found!"
+    exit
+  fi
+
+  if check_for_gh_release "trek" "mauriceboe/TREK"; then
+    msg_info "Stopping Service"
+    systemctl stop trek
+    msg_ok "Stopped Service"
+
+    msg_info "Backing up Data"
+    cp /opt/trek/server/.env /opt/trek.env.bak
+    mv /opt/trek/data /opt/trek-data.bak
+    mv /opt/trek/uploads /opt/trek-uploads.bak
+    msg_ok "Backed up Data"
+
+    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "trek" "mauriceboe/TREK" "tarball"
+
+    msg_info "Building Client"
+    cd /opt/trek/client
+    $STD npm ci
+    $STD npm run build
+    mkdir -p /opt/trek/server/public
+    cp -r /opt/trek/client/dist/* /opt/trek/server/public/
+    cp -r /opt/trek/client/public/fonts /opt/trek/server/public/fonts 2>/dev/null || true
+    msg_ok "Built Client"
+
+    msg_info "Installing Server Dependencies"
+    cd /opt/trek/server
+    $STD npm ci
+    msg_ok "Installed Server Dependencies"
+
+    msg_info "Restoring Data"
+    mv /opt/trek-data.bak /opt/trek/data
+    mv /opt/trek-uploads.bak /opt/trek/uploads
+    rm -rf /opt/trek/server/data /opt/trek/server/uploads
+    ln -s /opt/trek/data /opt/trek/server/data
+    ln -s /opt/trek/uploads /opt/trek/server/uploads
+    cp /opt/trek.env.bak /opt/trek/server/.env
+    rm -f /opt/trek.env.bak
+    msg_ok "Restored Data"
+
+    msg_info "Starting Service"
+    systemctl start trek
+    msg_ok "Started Service"
+    msg_ok "Updated Successfully!"
+  fi
+  exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed Successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:3000${CL}"

install/coredns-install.sh

@@ -0,0 +1,55 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/coredns/coredns
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+fetch_and_deploy_gh_release "coredns" "coredns/coredns" "prebuild" "latest" "/usr/local/bin" \
+  "coredns_*_linux_$(dpkg --print-architecture).tgz"
+chmod +x /usr/local/bin/coredns
+
+msg_info "Configuring CoreDNS"
+mkdir -p /etc/coredns
+cat <<EOF >/etc/coredns/Corefile
+. {
+    forward . 1.1.1.1 1.0.0.1
+    cache 30
+    log
+    errors
+    health :8080
+    ready :8181
+}
+EOF
+msg_ok "Configured CoreDNS"
+
+msg_info "Creating Service"
+cat <<EOF >/etc/systemd/system/coredns.service
+[Unit]
+Description=CoreDNS DNS Server
+After=network.target
+
+[Service]
+Type=simple
+ExecStart=/usr/local/bin/coredns -conf /etc/coredns/Corefile
+Restart=on-failure
+RestartSec=5
+LimitNOFILE=1048576
+
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl enable -q --now coredns
+msg_ok "Created Service"
+
+motd_ssh
+customize
+cleanup_lxc

install/dawarich-install.sh

@@ -46,10 +46,16 @@ msg_ok "Set up Directories"
 
 msg_info "Configuring Environment"
 SECRET_KEY_BASE=$(openssl rand -hex 64)
+OTP_ENCRYPTION_PRIMARY_KEY=$(openssl rand -hex 64)
+OTP_ENCRYPTION_DETERMINISTIC_KEY=$(openssl rand -hex 64)
+OTP_ENCRYPTION_KEY_DERIVATION_SALT=$(openssl rand -hex 64)
 RELEASE=$(get_latest_github_release "Freika/dawarich")
 cat <<EOF >/opt/dawarich/.env
 RAILS_ENV=production
 SECRET_KEY_BASE=${SECRET_KEY_BASE}
+OTP_ENCRYPTION_PRIMARY_KEY=${OTP_ENCRYPTION_PRIMARY_KEY}
+OTP_ENCRYPTION_DETERMINISTIC_KEY=${OTP_ENCRYPTION_DETERMINISTIC_KEY}
+OTP_ENCRYPTION_KEY_DERIVATION_SALT=${OTP_ENCRYPTION_KEY_DERIVATION_SALT}
 DATABASE_HOST=localhost
 DATABASE_USERNAME=${PG_DB_USER}
 DATABASE_PASSWORD=${PG_DB_PASS}

install/patchmon-install.sh

@@ -14,74 +14,90 @@ network_check
 update_os
 
 msg_info "Installing Dependencies"
-$STD apt install -y \
-  build-essential \
-  nginx \
-  redis-server
+$STD apt install -y redis-server
 msg_ok "Installed Dependencies"
 
-NODE_VERSION="24" setup_nodejs
 PG_VERSION="17" setup_postgresql
 PG_DB_NAME="patchmon_db" PG_DB_USER="patchmon_usr" setup_postgresql_db
 
-fetch_and_deploy_gh_release "PatchMon" "PatchMon/PatchMon" "tarball" "v1.4.2" "/opt/patchmon"
+RELEASE="v2.0.1"
+fetch_and_deploy_gh_release "PatchMon" "PatchMon/PatchMon" "singlefile" "$RELEASE" "/opt/patchmon" "patchmon-server-linux-amd64"
+mv /opt/patchmon/PatchMon /opt/patchmon/patchmon-server
 
 msg_info "Configuring PatchMon"
-VERSION=$(get_latest_github_release "PatchMon/PatchMon")
-export NODE_ENV=production
-cd /opt/patchmon
-$STD npm install --no-audit --no-fund --no-save --ignore-scripts
-
-cd /opt/patchmon/frontend
-cat <<EOF >./.env
-VITE_APP_NAME=PatchMon
-VITE_APP_VERSION=${VERSION}
-EOF
-$STD npm install --no-audit --no-fund --no-save --ignore-scripts --include=dev
-$STD npm run build
-
+cat <<EOF >/opt/patchmon/.env
+DATABASE_URL="postgresql://$PG_DB_USER:$PG_DB_PASS@localhost:5432/$PG_DB_NAME"
 JWT_SECRET="$(openssl rand -hex 64)"
-mv /opt/patchmon/backend/env.example /opt/patchmon/backend/.env
-sed -i -e "s|DATABASE_URL=.*|DATABASE_URL=\"postgresql://$PG_DB_USER:$PG_DB_PASS@localhost:5432/$PG_DB_NAME\"|" \
-  -e "/JWT_SECRET/s/[=$].*/=$JWT_SECRET/" \
-  -e "\|CORS_ORIGIN|s|localhost|$LOCAL_IP|" \
-  -e "/PORT=3001/aSERVER_PROTOCOL=http \\
-  SERVER_HOST=$LOCAL_IP \\
-  SERVER_PORT=3000" \
-  -e '/_ENV=production/aTRUST_PROXY=1' \
-  -e '/REDIS_USER=.*/,+1d' /opt/patchmon/backend/.env
+SESSION_SECRET="$(openssl rand -hex 64)"
+AI_ENCRYPTION_KEY="$(openssl rand -hex 64)"
+CORS_ORIGIN=http://${LOCAL_IP}:3000
+PORT=3000
+APP_ENV=production
 
-cd /opt/patchmon/backend
-$STD npm run db:generate
-$STD npx prisma migrate deploy
+# Redis
+REDIS_HOST=localhost
+REDIS_PORT=6379
+
+## OIDC / SSO (when OIDC_ENABLED=true, issuer/client/secret/redirect required)
+# OIDC_ENABLED=false
+# OIDC_ISSUER_URL=
+# OIDC_CLIENT_ID=
+# OIDC_CLIENT_SECRET=
+# OIDC_REDIRECT_URI=
+# OIDC_SCOPES=openid email profile groups
+# OIDC_AUTO_CREATE_USERS=false
+# OIDC_DEFAULT_ROLE=user
+# OIDC_DISABLE_LOCAL_AUTH=false
+# OIDC_BUTTON_TEXT=Login with SSO
+# OIDC_SESSION_TTL=600
+# OIDC_POST_LOGOUT_URI=
+# OIDC_SYNC_ROLES=false
+# OIDC_ADMIN_GROUP=
+# OIDC_SUPERADMIN_GROUP=
+# OIDC_HOST_MANAGER_GROUP=
+# OIDC_READONLY_GROUP=
+# OIDC_USER_GROUP=
+# OIDC_ENFORCE_HTTPS=true
+
+AGENT_BINARIES_DIR=/opt/patchmon/agents
+EOF
 msg_ok "Configured PatchMon"
 
-msg_info "Configuring Nginx"
-cp /opt/patchmon/docker/nginx.conf.template /etc/nginx/sites-available/patchmon.conf
-sed -i -e 's|proxy_pass .*|proxy_pass http://127.0.0.1:3001;|' \
-  -e '\|try_files |i\        root /opt/patchmon/frontend/dist;' \
-  -e 's|alias.*|alias /opt/patchmon/frontend/dist/assets;|' \
-  -e '\|expires 1y|i\        root /opt/patchmon/frontend/dist;' /etc/nginx/sites-available/patchmon.conf
-ln -sf /etc/nginx/sites-available/patchmon.conf /etc/nginx/sites-enabled/
-rm -f /etc/nginx/sites-enabled/default
-$STD nginx -t
-systemctl restart nginx
-msg_ok "Configured Nginx"
+msg_info "Fetching PatchMon agent binaries"
+mkdir -p /opt/patchmon/agents
+FILE_URL="https://github.com/PatchMon/PatchMon/releases/download/${RELEASE}/patchmon-agent-"
+AGENT_NAME=(
+  "linux-amd64"
+  "linux-arm64"
+  "linux-arm"
+  "linux-386"
+  "freebsd-amd64"
+  "freebsd-arm64"
+  "freebsd-arm"
+  "freebsd-386"
+  "windows-amd64.exe"
+  "windows-arm64.exe"
+)
+for arch in "${AGENT_NAME[@]}"; do
+  curl_with_retry "${FILE_URL}${arch}" "/opt/patchmon/agents/patchmon-agent-${arch}"
+  [[ "${arch}" != *.exe ]] && chmod 755 "/opt/patchmon/agents/patchmon-agent-${arch}"
+done
+msg_ok "Fetched PatchMon agent binaries"
 
 msg_info "Creating service"
 cat <<EOF >/etc/systemd/system/patchmon-server.service
 [Unit]
-Description=PatchMon Service
+Description=PatchMon Server
 After=network.target postgresql.service
 
 [Service]
 Type=simple
-WorkingDirectory=/opt/patchmon/backend
-ExecStart=/usr/bin/npm run start
+WorkingDirectory=/opt/patchmon
+ExecStart=/opt/patchmon/patchmon-server
 Restart=always
 RestartSec=10
-Environment=NODE_ENV=production
 Environment=PATH=/usr/bin:/usr/local/bin
+EnvironmentFile=/opt/patchmon/.env
 NoNewPrivileges=true
 PrivateTmp=true
 ProtectSystem=strict

install/technitiumdns-install.sh

@@ -28,6 +28,7 @@ fetch_and_deploy_from_url "https://download.technitium.com/dns/DnsServerPortable
 echo "${RELEASE}" >~/.technitium
 
 msg_info "Creating service"
+mkdir -p /etc/dns /var/log/technitium/dns
 sed -i '/^User=/d;/^Group=/d' /opt/technitium/dns/systemd.service
 cp /opt/technitium/dns/systemd.service /etc/systemd/system/technitium.service
 systemctl enable -q --now technitium

install/trek-install.sh

@@ -0,0 +1,79 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2026 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://github.com/mauriceboe/TREK
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt install -y build-essential
+msg_ok "Installed Dependencies"
+
+NODE_VERSION="22" setup_nodejs
+fetch_and_deploy_gh_release "trek" "mauriceboe/TREK" "tarball"
+
+msg_info "Building Client"
+cd /opt/trek/client
+$STD npm ci
+$STD npm run build
+msg_ok "Built Client"
+
+msg_info "Setting up Server"
+cd /opt/trek/server
+$STD npm ci
+mkdir -p /opt/trek/server/public
+cp -r /opt/trek/client/dist/* /opt/trek/server/public/
+cp -r /opt/trek/client/public/fonts /opt/trek/server/public/fonts 2>/dev/null || true
+mkdir -p /opt/trek/{data/logs,uploads/{files,covers,avatars,photos}}
+rm -rf /opt/trek/server/data /opt/trek/server/uploads
+ln -s /opt/trek/data /opt/trek/server/data
+ln -s /opt/trek/uploads /opt/trek/server/uploads
+ENCRYPTION_KEY=$(openssl rand -hex 32)
+ADMIN_EMAIL="admin@trek.local"
+ADMIN_PASSWORD=$(openssl rand -base64 18 | tr -dc 'A-Za-z0-9' | head -c 16)
+cat <<EOF >/opt/trek/server/.env
+NODE_ENV=production
+PORT=3000
+ENCRYPTION_KEY=${ENCRYPTION_KEY}
+ADMIN_EMAIL=${ADMIN_EMAIL}
+ADMIN_PASSWORD=${ADMIN_PASSWORD}
+COOKIE_SECURE=false
+FORCE_HTTPS=false
+LOG_LEVEL=info
+TZ=UTC
+EOF
+chmod 600 /opt/trek/server/.env
+msg_ok "Set up Server"
+
+msg_info "Creating Service"
+cat <<EOF >/etc/systemd/system/trek.service
+[Unit]
+Description=TREK Travel Planner
+After=network.target
+
+[Service]
+Type=simple
+User=root
+WorkingDirectory=/opt/trek/server
+EnvironmentFile=/opt/trek/server/.env
+ExecStart=/usr/bin/node --import tsx src/index.ts
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl enable -q --now trek
+msg_ok "Created Service"
+
+motd_ssh
+customize
+cleanup_lxc

misc/build.func

@@ -5456,14 +5456,14 @@ create_lxc_container() {
     local _has_fallback_option=false
     if [[ "$do_retry" == "yes" ]] && has_previous_os_version_template; then
       _has_fallback_option=true
-      echo "  [1] Run host upgrade now (recommended). WARNING: this runs apt upgrade and updates all Packeages on your host!"
+      echo "  [1] Run host upgrade now (recommended). WARNING: this runs apt upgrade and updates all Packages on your host!"
       echo "  [2] Use an older ${PCT_OSTYPE} template instead (may not work with all scripts)"
       echo "  [3] Ignore"
       echo "  [4] Cancel"
       echo
       read -rp "Select option [1/2/3/4]: " _ans </dev/tty
     else
-      echo "  [1] Run host upgrade now (recommended). WARNING: this runs apt upgrade and updates all Packeages on your host!"
+      echo "  [1] Run host upgrade now (recommended). WARNING: this runs apt upgrade and updates all Packages on your host!"
       echo "  [2] Ignore"
       echo "  [3] Cancel"
       echo

misc/tools.func

@@ -1924,8 +1924,8 @@ setup_deb822_repo() {
     echo "Types: deb"
     echo "URIs: $repo_url"
     echo "Suites: $suite"
-    # Flat repositories (suite="./" or absolute path) must not have Components
-    if [[ "$suite" != "./" && -n "$component" ]]; then
+    # Flat repositories (suite ending with "/" or "./") must not have Components
+    if [[ "$suite" != *"/" && -n "$component" ]]; then
       echo "Components: $component"
     fi
     [[ -n "$architectures" ]] && echo "Architectures: $architectures"

tools/pve/update-apps.sh

@@ -405,11 +405,6 @@ for container in $CHOICE; do
   esac
   exit_code=$?
 
-  if [ "$template" == "false" ] && [ "$status" == "status: stopped" ]; then
-    echo -e "${BL}[Info]${GN} Shutting down${BL} $container ${CL} \n"
-    pct shutdown $container &
-  fi
-
   #5) if build resources are different than run resources, then:
   if [ "$UPDATE_BUILD_RESOURCES" -eq "1" ]; then
     pct set "$container" --cores "$run_cpu" --memory "$run_ram"
@@ -421,6 +416,11 @@ for container in $CHOICE; do
     containers_needing_reboot+=("$container ($container_hostname)")
   fi
 
+  if [ "$template" == "false" ] && [ "$status" == "status: stopped" ]; then
+    echo -e "${BL}[Info]${GN} Shutting down${BL} $container ${CL} \n"
+    pct shutdown $container &>/dev/null &
+  fi
+
   if [ $exit_code -eq 0 ]; then
     msg_ok "Updated container $container"
   elif [ $exit_code -eq 75 ]; then

tools/pve/update-lxcs-cron.sh

@@ -66,10 +66,20 @@ for container in $(pct list | awk '{if(NR>1) print $1}'); do
       pct start "$container"
       sleep 5
       update_container "$container" || echo " [Error] Update failed for $container"
+      # check if patchmon agent is present in container and run a report if found
+      if pct exec "$container" -- [ -e "/usr/local/bin/patchmon-agent" ]; then
+        echo -e "${BL}[Info]${GN} patchmon-agent found in ${BL} $container ${CL}, triggering report. \n"
+        pct exec "$container" -- "/usr/local/bin/patchmon-agent" "report"
+      fi
       echo -e "[Info] Shutting down $container"
       pct shutdown "$container" --timeout 60 &
     elif [ "$status" == "status: running" ]; then
       update_container "$container" || echo " [Error] Update failed for $container"
+      # check if patchmon agent is present in container and run a report if found
+      if pct exec "$container" -- [ -e "/usr/local/bin/patchmon-agent" ]; then
+        echo -e "${BL}[Info]${GN} patchmon-agent found in ${BL} $container ${CL}, triggering report. \n"
+        pct exec "$container" -- "/usr/local/bin/patchmon-agent" "report"
+      fi
     fi
   fi
 done

tools/pve/update-lxcs.sh

@@ -110,15 +110,17 @@ for container in $(pct list | awk '{if(NR>1) print $1}'); do
     elif [ "$status" == "status: running" ]; then
       update_container $container
     fi
-    if pct exec "$container" -- [ -e "/var/run/reboot-required" ]; then
-      # Get the container's hostname and add it to the list
-      container_hostname=$(pct exec "$container" hostname)
-      containers_needing_reboot+=("$container ($container_hostname)")
-    fi
-    # check if patchmon agent is present in container and run a report if found
-    if pct exec "$container" -- [ -e "/usr/local/bin/patchmon-agent" ]; then
-      echo -e "${BL}[Info]${GN} patchmon-agent found in ${BL} $container ${CL}, triggering report. \n"
-      pct exec "$container" -- "/usr/local/bin/patchmon-agent" "report"
+    if [ "$status" == "status: running" ]; then
+      if pct exec "$container" -- [ -e "/var/run/reboot-required" ]; then
+        # Get the container's hostname and add it to the list
+        container_hostname=$(pct exec "$container" hostname)
+        containers_needing_reboot+=("$container ($container_hostname)")
+      fi
+      # check if patchmon agent is present in container and run a report if found
+      if pct exec "$container" -- [ -e "/usr/local/bin/patchmon-agent" ]; then
+        echo -e "${BL}[Info]${GN} patchmon-agent found in ${BL} $container ${CL}, triggering report. \n"
+        pct exec "$container" -- "/usr/local/bin/patchmon-agent" "report"
+      fi
     fi
   fi
 done