Add robust retry logic for APT operations in misc/build.func and misc/install.func. Introduces an apt_retry helper and multiple fallback steps: disable by-hash, switch to a country mirror (ftp.de.debian.org), wait and retry to allow mirror sync, and as a last resort temporarily relax APT verification to allow insecure repositories to complete updates. Ensures cleanup and restores secure settings where possible, with clearer failure handling and messages to increase resilience of package installation during container builds and installs.
Improve APT retry logic to handle failures caused by by-hash/CDN issues. Both misc/build.func and misc/install.func now write an apt config to disable Acquire::By-Hash, remove /var/lib/apt/lists/* and retry apt-get update/install; if that still fails they substitute deb.debian.org with ftp.debian.org as a fallback. This makes container builds and package updates more robust against CDN/hash-related apt failures.
- setup_deb822_repo: skip Components for any suite ending with /
- Previously only skipped for exactly './' but 'stable/' is also flat
- Fixes Jitsi repo producing 'Malformed entry (absolute Suite Component)'
The missing_cmd grep pipeline in the install error handler runs
under set -o pipefail. When grep finds no match (exit 1), the
entire pipeline fails and triggers the ERR trap recursively,
crashing the recovery menu. Add || true to suppress this.
Change VM app deployer to run CT install scripts during image customization (virt-customize --run) instead of via a first-boot systemd service. Updated docs to reflect live installation, new update workflow (curl the ct/<app>.sh inside the VM), and new troubleshooting/reinstall guidance. misc/vm-app.func now injects function libs, runs a temporary wrapper inside virt-customize (with logging and error handling), removes the first-boot service and update wrapper injection, and updates summary/status messages to mark apps as pre-installed.
- New preflight_repo_access() warns if enterprise repos are active without subscription
- Scans /etc/apt/sources.list.d/ for enterprise.proxmox.com entries
- Tests HTTP access (detects 401/403 Unauthorized)
- Warning only — not a blocker (packages come from pve-no-subscription repo)
- Move run_preflight from build_container() into install_script() after header_info
- Shows: Header → preflight checks → 2s pause → clear (via next header_info call)
- On failure: show summary + exit cleanly (no ERR trap)
- Change all return 1 → return 0 in preflight functions (prevents ERR trap under set -Ee)
- Remove PREFLIGHT_DONE guard from build_container (no longer needed)
Introduce preflight_template_available() in misc/build.func to verify a matching OS/version template exists locally or in the online pveam catalog, and to fail early with a helpful list of available versions when none is found (exit code 225). Integrate this check into run_preflight. Also move the run_preflight invocation inside install_script to run after header_info (so preflight output is visible) and remove the earlier preflight call.
Add preflight/validation exit codes and telemetry reporting for aborted preflight checks. Introduces new exit codes (103-110) and maps them to a new "preflight" error category. Adds post_preflight_to_api(), a fire-and-forget telemetry sender that posts an "aborted" status and detailed error summary (only when diagnostics/UUIDs are present), and extends post_update_to_api() to handle an "aborted" status. Changes are defensive (no blocking failures, short curl timeout) and aim to improve analytics for validation/preflight failures.
- Rename Twenty DB from 'default' to 'twenty_db' (reserved keyword)
- Quote all identifiers in setup_postgresql_db with double quotes
to prevent SQL syntax errors with reserved words
