Add robust retry logic for APT operations in misc/build.func and misc/install.func. Introduces an apt_retry helper and multiple fallback steps: disable by-hash, switch to a country mirror (ftp.de.debian.org), wait and retry to allow mirror sync, and as a last resort temporarily relax APT verification to allow insecure repositories to complete updates. Ensures cleanup and restores secure settings where possible, with clearer failure handling and messages to increase resilience of package installation during container builds and installs.
tools/pve/cron-update-lxcs.sh: add show_status, run_now and rotate_log functions; expose new menu options (Status, Run, Rotate) and enlarge menu. Consolidate license line formatting.
tools/pve/update-lxcs-cron.sh: tighten variable scoping, improve ostype detection and logging, add fallback for hostname, handle unknown OS types, harden apt workflow (retry with By-Hash workaround and refresh lists), skip template containers correctly, add error reporting on container updates, and use a timed shutdown. Update author/license header.
Overall: adds manual control and status/log rotation to the cron manager and makes the container updater more robust and safer for Debian/Ubuntu-based containers.
Improve APT retry logic to handle failures caused by by-hash/CDN issues. Both misc/build.func and misc/install.func now write an apt config to disable Acquire::By-Hash, remove /var/lib/apt/lists/* and retry apt-get update/install; if that still fails they substitute deb.debian.org with ftp.debian.org as a fallback. This makes container builds and package updates more robust against CDN/hash-related apt failures.
Set PYTHONPATH and run manage.py migrate for Baserow so backend, premium, and enterprise source packages are discovered during migrations. In the LobeHub installer, copy all files from scripts/migrateServerDB into the .next/standalone directory (instead of only docker.cjs) so required migration and helper files are included.
Add container templates, install scripts, and metadata for Baserow, LabCA, and LobeHub. New ct/*.sh scripts provide container build and update logic (fetching GitHub releases, backup/restore, build steps). New install/*.sh scripts install dependencies, configure PostgreSQL/Node/uv/PNPM as needed, run migrations, and create systemd services for each app. Corresponding json/*.json entries add metadata (ports, resource defaults, docs, and notes) for UI/registry integration.
Debian auto-starts nginx on install with default config (port 80).
'enable --now' is a no-op if already running. Use explicit restart
to pick up our port 8000 config.
ES snapshot repo defaults to Docker path /usr/share/elasticsearch/data/snapshot
but our elasticsearch.yml uses path.repo: /var/lib/elasticsearch/snapshot.
Add ES_SNAPSHOT_DIR=/var/lib/elasticsearch/snapshot to match.
run.sh needs env vars (TA_CACHE_DIR etc) before Django starts.
- Add set -a/source .env in run.sh so vars are available
- Symlink .env to backend/ so Django's load_dotenv('.env') finds it
- Fixes 'unable to open database file' (CACHE_DIR defaulting to /cache)
Move Django management commands (migrate, collectstatic, ta_envcheck,
ta_connection, ta_startup) into run.sh startup wrapper that:
- Waits up to 60s for ElasticSearch to be healthy
- Runs all init commands before starting uvicorn
- Matches Docker's run.sh approach
This fixes ta_startup failing during install because ES wasn't ready.
The commands now run at every service start with ES readiness check.
TubeArchivist requires nginx to serve the frontend SPA and proxy API
requests to Django. Without nginx, only API routes work.
Changes:
- Add nginx with config matching Docker's nginx.conf (port 8000)
- Add TA_APP_DIR, TA_CACHE_DIR, TA_MEDIA_DIR env vars for bare-metal paths
- Run Django migrate, collectstatic, ta_envcheck, ta_connection, ta_startup
- Add celery worker + beat scheduler as separate systemd services
- Fix interface port from 8080 to 8000 (nginx)
- Add migrations step to update script
PG_DB_PASS is auto-generated by setup_postgresql_db and stored in
.env. No user-facing credentials are generated - accounts are
created via the web UI.
bench setup production generates supervisor.conf but doesn't
symlink it into /etc/supervisor/conf.d/. Without the link,
supervisord has no programs and gunicorn never starts (502).
Add: symlink + supervisorctl reread/update after bench setup.
bench setup role spawns a subprocess that checks for ansible on
PATH. The binaries are inside the uv venv and not discoverable.
Symlink ansible* to /usr/local/bin/ to make them available.
bench setup production internally runs:
sudo <uv-venv-python> -m pip install ansible
but uv tool environments don't include pip by default.
Fix: run ensurepip + pip install ansible before bench setup
production to satisfy the dependency.
The build creates /opt/teable/static/ as a real directory.
ln -sf on an existing directory creates the symlink INSIDE it
instead of replacing it. Must rm -rf first.
Build process reorganizes apps/nestjs-backend/static/ creating a
nested static/static/{plugin,system} structure. The code resolves
paths like 'static/system/automation-robot.png' relative to cwd,
so the symlink must point to the inner static/ directory.
Adds fallback: checks for nested structure first, falls back to
direct path if not present.
- NestJS backend expects /opt/teable/static/ at workspace root
- Actual files live in apps/nestjs-backend/static/
- Fixes ENOENT on automation-robot.png during startup
