Modernize and simplify VM installer and lobehub installation flows.
Key changes:
- install/lobehub-install.sh: consolidated apt invocation, replaced manual ParadeDB .deb download with fetch_and_deploy_gh_release helper, added postgresql pg_search preload configuration and restart, moved pnpm installation into setup_nodejs via NODE_MODULE, and adjusted build env handling.
- vm/almalinux-10-vm.sh: major refactor to source shared functions from COMMUNITY_SCRIPTS_URL, add load_functions, centralize cloud-init handling (configure_cloudinit_ssh_keys / setup_cloud_init), replace many custom UI/helper functions with standardized helpers and exit_script, update traps and error handling, simplify prompts/defaults, use $STD for apt operations, and streamline image customization and VM creation flow.
- Added vm/headers/almalinux-10-vm containing the VM header art and title.
These changes centralize common logic, improve cloud-init integration, reduce duplicated code, and make maintenance easier.
Seed a default admin account and harden the installer; update symlink behavior and LXC hook argument handling.
- Install: downgrade Node setup to 22, write ADMIN_EMAIL/ADMIN_PASSWORD into /opt/trek/server/.env for initial boot, chmod the file, wait for app health, then remove plaintext creds from the env and print the default admin credentials. Remove previous DB patching script and credentials file generation. Add health-check failure handling.
- ct/trek.sh: check for /opt/trek instead of ~/.trek, run npm ci without --production, and recreate server data/uploads by removing any existing dirs and creating explicit symlinks.
- Installer: mirror symlink strategy used in the container (rm then ln -s) and ensure generated ENCRYPTION_KEY note; add ADMIN_EMAIL default.
- json: set default username to admin@trek.local, update notes about seeded admin, ENCRYPTION_KEY storage, and APP_URL recommendation.
- tools/pve/lxc-prehook.sh: fix append_unique_line_in_ct to pass positional arguments into the bash -c snippet safely (avoid parent-shell expansion).
These changes ensure a reproducible default admin creation flow without leaving plaintext credentials, improve symlink handling, and fix a bug in the LXC prehook.
Improve robustness by adding input validation and sanitization. Replace SIGINT/SIGTERM trap payloads with numeric exit codes (130 and 143). Sanitize hostname to allowed characters and notify the user if it was adjusted. Add validation loops and user messages for CPU cores and RAM (positive integers), MAC address format (XX:XX:XX:XX:XX:XX), VLAN (1-4094 or default), and MTU (576-65520 or default). Minor output ordering tweaks to ensure values are echoed after processing.
- Remove unused send_line_to_vm function (replaced by virt-customize)
- Quote $VMID and add guard in cleanup_vmid
- Guard cleanup() against unset TEMP_DIR and quote variable
- Remove unused CLOUDINIT_PASSWORD variable
- Separate local declaration from assignment in get_image_url()
- Add retry loop for apt-get install (matches apt-get update pattern)
- Fix timeout message to match actual loop duration (~5-6 min)
Bug fixes:
- Add ~20 missing fi statements throughout advanced_settings(), check_root(),
arch_check(), ssh_check(), select_os(), start_script(), etc.
- Fix pve_check() missing elif/else/fi structure
- Fix DISK_SIZE unbound variable, initialized before machine type dialog
- Fix error_handler() with ${VMID:-} guard to prevent unbound variable error
Architecture improvement:
- Migrate from send_line_to_vm serial console approach to virt-customize with
a first-boot systemd service, consistent with other VM scripts
- First-boot service handles: clock sync (NTP + HTTP fallback), package
installation, swap setup, and UniFi OS installer execution
New features:
- Root password prompt with confirmation
- SSH public key support
- SSH enabled by default
- Cloud-init password override with user-set password
- Port 11443 readiness check after VM boot
- Elapsed time counter during wait loops
Remove storage type detection and explicit pvesm alloc/qm set steps, and inline EFI/disk/CD configuration into the initial qm create call. Uses unified storage refs (efidisk0 ${STORAGE}:1,efitype=4m,pre-enrolled-keys=0 and scsi0 ${STORAGE}:${DISK_SIZE},${DISK_CACHE}${THIN%,}) and sets the ISO via -cdrom local:iso/${FILENAME}. Adds a success message and streamlines VM creation by eliminating per-storage branching and manual allocation logic.
Remove interactive ISO storage detection/selection and associated ISO_PATH logic. Default to a fixed cache directory (/var/lib/vz/template/iso) via CACHE_DIR and update CACHE_FILE and mkdir usage accordingly. Also update VM configuration to reference the local ISO store (local:iso/<file>) instead of the previously selectable storage. This simplifies ISO handling by avoiding pvesm/whiptail prompts; note this hardcodes the ISO location and removes support for alternate ISO storages.
Introduce an interactive script (vm/cachyos-vm.sh) to create and configure a CachyOS VM on Proxmox. The script validates Proxmox environment and architecture, offers default and advanced settings via whiptail, detects storage/ISO locations, downloads the CachyOS desktop ISO, allocates EFI and main disks, creates and configures the VM (network, CPU, memory, disks, boot order, OVMF), sets a rich VM description, and optionally starts the VM. Also add an ASCII header file (vm/headers/cachyos-vm) used by the script.
Make SSH key provisioning explicit and interactive for cloud-init VMs. Default CLOUDINIT_SSH_KEYS is now empty; new helper functions discover and extract public keys from common host files, count them, and present a whiptail menu (import all host keys, paste one key, specify a file, or none). configure_cloudinit_ssh_keys writes selected keys to a temp file and sets CLOUDINIT_SSH_KEYS accordingly (removing the temp file if empty). setup_cloud_init now only applies --sshkeys when CLOUDINIT_SSH_KEYS is explicitly provided and logs the source, and vm/docker-vm.sh invokes the key selection UI for cloud-init VMs.
