Third IP entry mode "auto": user supplies a starting IP, a range
(10.0.0.50-99), or comma-separated ranges; orchestrator walks the
candidates with `ping -c 1 -W 1` and grabs the first N that don't
respond. Skips the gateway and any IPs already assigned this run.
Confirms the picks via yes/no whiptail before locking them in.
Adds iputils-ping to ensure_dependencies.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
- Source misc/core.func and misc/tools.func; reuse ensure_dependencies,
color/formatting/icons.
- Override silent() with a simple log-to-file wrapper so set -e and the
EXIT trap own all failure handling; apply $STD to the curl download
and the bash install in install_loop.
- Replace every "|| exit 0" whiptail bailout with a labeled cancelled()
call so silent exits become diagnosable.
- EXIT trap now prints orphan CTID cleanup hints + the last 20 lines of
the silent log on non-zero exit.
- Drop CLI flag parsing (--dry-run/--help) and inline comments.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Seed a default admin account and harden the installer; update symlink behavior and LXC hook argument handling.
- Install: downgrade Node setup to 22, write ADMIN_EMAIL/ADMIN_PASSWORD into /opt/trek/server/.env for initial boot, chmod the file, wait for app health, then remove plaintext creds from the env and print the default admin credentials. Remove previous DB patching script and credentials file generation. Add health-check failure handling.
- ct/trek.sh: check for /opt/trek instead of ~/.trek, run npm ci without --production, and recreate server data/uploads by removing any existing dirs and creating explicit symlinks.
- Installer: mirror symlink strategy used in the container (rm then ln -s) and ensure generated ENCRYPTION_KEY note; add ADMIN_EMAIL default.
- json: set default username to admin@trek.local, update notes about seeded admin, ENCRYPTION_KEY storage, and APP_URL recommendation.
- tools/pve/lxc-prehook.sh: fix append_unique_line_in_ct to pass positional arguments into the bash -c snippet safely (avoid parent-shell expansion).
These changes ensure a reproducible default admin creation flow without leaving plaintext credentials, improve symlink handling, and fix a bug in the LXC prehook.
Change Foldergram installation to store media and config under /opt/foldergram_media (create media dir, write env file there, update systemd EnvironmentFile). Update ct/foldergram.sh to remove temporary backup/restore during updates. Update json/foldergram.json config_path and add an info note about where to place media. Add tools/pve/ct-batch-create.sh — a new Proxmox CT batch-creator script (interactive/unattended modes, caching, storage selection) to download and deploy multiple community-scripts CTs.
Add a new .github agent (pve-script-creator.agent.md) with workflow and strict rules for generating CT/install/json files. Remove legacy CT/install/json artifacts for alpine-ironclaw and openthread-br (ct/, install/, json/ entries deleted). Also adjust mqttx update logic: set CLEAN_INSTALL=1 and move the update msg_info after fetch_and_deploy_gh_release to ensure a clean deployment before reporting/updating and then run yarn build in the app web dir.
- Add --ignore-engines to yarn install (web/ requires Node 18 exactly,
but works fine with Node 22 + --openssl-legacy-provider)
- Fix prompt formatting: use read -r -p inline instead of echo + read
- Apply same prompt fix to mongo-express addon
MQTTX Web is a static browser-based MQTT client with no backend.
Makes more sense as an addon installable into any existing container
than as a dedicated LXC.
Addon installs into /opt/mqttx, builds web/ with yarn, serves via
Nginx on configurable port (default 8095). Supports install/update/uninstall.
Create /usr/local/bin/update_cronmaster during install and inside update() (using a single-quoted heredoc to avoid variable expansion) and make it executable. The generated updater now exports CRONMASTER_ACTION=update when invoking the fetched cronmaster.sh, and the main script checks CRONMASTER_ACTION instead of type. Also adjust the repository fetch path and remove a duplicate ensure_usr_local_bin_persist call.
Add IronClaw container templates and install scripts (ct/ironclaw.sh, install/ironclaw-install.sh, json/ironclaw.json) to provide automated setup, service unit, and default config for the IronClaw AI agent.
Refactor tools/addon/cronmaster.sh to use the ProxmoxVE misc endpoints, initialize optional telemetry, improve function loading, and strengthen OS detection (Debian/Ubuntu-only). Make service and install behaviors more robust: ensure /usr/local/bin persistence, create/update the update script from the new repo URL, change systemd WantedBy to multi-user.target, enable service quietly, save generated credentials to /root/cronmaster.creds, and use distinct exit codes for unsupported/invalid states. Misc license URL fix and other small reliability improvements.
Replace inconsistent msg_info calls with msg_warn for mirror-list warnings and msg_custom for "Attempting mirror" lines to unify output formatting in misc/build.func and misc/install.func. Simplify tools/pve/update-lxcs-cron.sh by removing the long mirror-probing block and using a straightforward apt-get update + noninteractive dist-upgrade (and cleanup of EXTERNALLY-MANAGED) in containers to reduce complexity and improve maintainability.
Enhance apt-get update handling for Debian/Ubuntu/Devuan containers by adding regional mirror lists and a fallback routine. The script now detects container timezone to prefer regional mirrors, builds a randomized candidate list, probes each mirror (timeout on TCP:80), rewrites /etc/apt/* sources to use a working mirror, and retries apt-get update until success. Keeps the existing non-interactive dist-upgrade and cleans up apt lists as before. This improves reliability of updates inside LXC containers when default mirrors are unreachable or misbehaving.
Replace the previous multi-step APT retry sequence (mirror swaps, sleeps, multiple retries) with a simpler fallback: on apt-get update failure disable Acquire::By-Hash, enable Acquire::AllowInsecureRepositories and attempt updates/installs using --allow-insecure-repositories/--allow-unauthenticated where needed. Restore secure settings and refresh lists afterwards, and preserve/propagate the original command exit status. Apply the same simplification in misc/build.func, misc/install.func and the Proxmox LXC cron updater (tools/pve/update-lxcs-cron.sh) to handle Debian repo desyncs more reliably and reduce complex retry logic.
Display an installation summary (including downloaded script SHA256, source, install path, config, log file, and cron schedule) and make script review optional before install. Add an interactive View menu to inspect the installed worker script, cron configuration, or both; implement view_worker_script, view_cron_config (shows cron entry, human-readable schedule, config contents and excluded patterns, and log file size), and cron_to_human helper. Also update prompt wording and the View option description.
tools/pve/cron-update-lxcs.sh: add show_status, run_now and rotate_log functions; expose new menu options (Status, Run, Rotate) and enlarge menu. Consolidate license line formatting.
tools/pve/update-lxcs-cron.sh: tighten variable scoping, improve ostype detection and logging, add fallback for hostname, handle unknown OS types, harden apt workflow (retry with By-Hash workaround and refresh lists), skip template containers correctly, add error reporting on container updates, and use a timed shutdown. Update author/license header.
Overall: adds manual control and status/log rotation to the cron manager and makes the container updater more robust and safer for Debian/Ubuntu-based containers.
Update script and license links to use GitHub raw URLs. Replace git.community-scripts.org references with https://raw.githubusercontent.com/... for script fetching and https://github.com/... for the LICENSE link in tools/pve/cron-update-lxcs.sh and tools/pve/update-lxcs-cron.sh so the curl examples and REPO_URL point to GitHub-hosted raw content.
Sources core.func, tools.func, error_handler.func, and api.func
instead of inline color vars and msg functions. Adds structured
sections (CONFIGURATION, OS DETECTION, UNINSTALL, INSTALL, MAIN)
matching the qbittorrent-exporter/pihole-exporter pattern.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
