- slink: APP_ENV and APP_SECRET not present in .env.example, sed patterns
never matched → Symfony defaulted to dev mode → WebProfilerBundle crash
(not installed with --no-dev). Now appends APP_ENV=prod + APP_SECRET.
- fleet: use setup_mariadb_db helper instead of manual SQL, reference
MARIADB_DB_PASS, depend on mariadb.service
Lychee's .env.example has '#DB_DATABASE=' (commented out). The sed
pattern '^DB_DATABASE=' didn't match, so Laravel fell back to the
default database name 'forge'. Use '^#\?DB_DATABASE=' to match both
commented and uncommented lines.
- fleet: use setup_mariadb instead of setup_mysql (MariaDB works fine for
Fleet and avoids MySQL repo complexity on trixie)
- tools.func: add missing mysql) case block to manage_tool_repository
(was causing 'Unknown tool repository: mysql' error)
- kan: write .env before build, source it + export for build-time validation
instead of inline exports (cleaner, consistent with codebase pattern)
- puter: set domain to container IP + experimental_no_subdomain so Puter
accepts Host header when accessed via raw IP (default puter.localhost
rejects all non-matching hosts)
- openthread-br: add socat dep for TCP adapters, add --vendor-name/--model-name
(mandatory), bind REST API to 0.0.0.0:8081, configure otbr-web to listen on
all interfaces, update TCP example with socat forkpty pattern
- kan: export BETTER_AUTH_SECRET and POSTGRES_URL before build (required by
@t3-oss/env-nextjs zod validation at build time)
- mysql: remove MariaDB-on-trixie workaround (MySQL repo now has trixie packages),
update GPG key from RPM-GPG-KEY-mysql-2023 to RPM-GPG-KEY-mysql-2025
puter: create config.json with allow_nipio_domains to fix 'Invalid Host Header' on LAN
slink: replace $STD with plain redirects on fallible console commands (silent() hard-exits before || true)
slink: add ORIGIN env var via EnvironmentFile for SvelteKit CSRF to allow LAN login
MySQL APT repo GPG key (RPM-GPG-KEY-mysql-2023) expired 2025-10-22
and no trixie packages exist. Use distro MariaDB which is a drop-in
replacement and natively available.
- Set ADMIN_EMAIL/ADMIN_PASSWORD so admin user is created on first boot
- Generate JWT keypair for authentication to work
- Run doctrine:migrations:migrate for DB schema
- Save credentials to ~/slink.creds
- nginx: add exact-match location for /uploads (no trailing slash)
to handle S3 presigned POST URLs from Plane's storage backend
- ct: fix curl -s to curl -fsSL for consistency with other scripts
TubeArchivist uses TA_CACHE_DIR and TA_MEDIA_DIR directly as URL paths.
In Docker these are /cache and /youtube, matching nginx locations.
Our paths (/opt/tubearchivist/cache, /opt/tubearchivist/media) broke
video playback URLs and file downloads.
Create symlinks /cache and /youtube pointing to data dirs, set env vars
to match Docker defaults. Aligns nginx alias paths with official config.
