* fix(jellyfin): use setup_hwaccel for robust hardware acceleration
Replaces manual hardware acceleration setup with the centralized
setup_hwaccel function from tools.func.
This fixes the installation failure in privileged containers where
/dev/dri does not exist (e.g., when no GPU is passed through).
The setup_hwaccel function includes:
- Proper error handling for missing /dev/dri
- GPU vendor detection (Intel, AMD, NVIDIA)
- Graceful fallback when no GPU is available
Fixes: Installation fails with 'chgrp: cannot access /dev/dri'
when creating privileged containers without GPU passthrough.
* refactor(hwaccel): standardize hardware acceleration across all install scripts
Migrated all install scripts to use the centralized setup_hwaccel function:
- plex-install.sh
- emby-install.sh
- ersatztv-install.sh
- frigate-install.sh
- tdarr-install.sh
- unmanic-install.sh
- channels-install.sh
- ollama-install.sh
- immich-install.sh (added error handling)
Enhanced setup_hwaccel function in tools.func:
- Added -d /dev/dri check before setting permissions
- Added error handling (2>/dev/null || true) for all /dev/dri operations
- Added adduser error handling for video/render groups
- No longer fails if no GPU is detected (graceful skip)
- Added intel-media-va-driver for newer Intel GPUs
- Improved AMD APU support with firmware packages
- Better NVIDIA handling (warning instead of failure)
This fixes installation failures in privileged containers without GPU
passthrough, where /dev/dri does not exist.
Supports: Ubuntu, Debian 12 (Bookworm), Debian 13 (Trixie)
GPU Support: Intel, AMD, NVIDIA (manual driver)
* refactor(hwaccel): complete migration for all GPU apps
Migrated remaining GPU apps to setup_hwaccel:
- fileflows-install.sh
- openwebui-install.sh (added setup_hwaccel - was missing)
- tunarr-install.sh
Also fixed tools/pve/hw-acceleration.sh:
- Added error handling for /dev/dri operations
- Added chmod 660 /dev/dri/* that was missing
- Added error suppression for adduser commands
All 13 GPU apps (var_gpu=yes) now use centralized setup_hwaccel:
jellyfin, plex, emby, ersatztv, frigate, tdarr, unmanic,
channels, ollama, immich, fileflows, openwebui, tunarr
* feat(hwaccel): complete Intel non-free driver support and GID sync
Enhanced setup_hwaccel function:
- Auto-detect Intel GPU generation (Gen 9+ for non-free drivers)
- Debian 12 (Bookworm): Add non-free repo + intel-media-va-driver-non-free
- Debian 13 (Trixie): Add non-free repo + libvpl2 + mesa-opencl-icd
- Ubuntu: Use ubuntu repos with intel-media-va-driver
- Fallback to open drivers if non-free fails
- GID sync for video/render groups (moved from install scripts)
OpenWebUI: Added Intel oneAPI support when installing Ollama
- Intel Level Zero GPU support
- Intel oneAPI Base Toolkit
- Same setup as standalone Ollama install
Cleanup:
- Removed duplicate GID sync from tdarr-install.sh
- Removed duplicate GID sync from unmanic-install.sh
* fix(ersatztv): remove duplicate HW acceleration code
Removed manual Intel HW acceleration setup that remained after
setup_hwaccel migration. The non-free driver prompt is no longer
needed as setup_hwaccel auto-detects Intel GPU generation.
Add error suppression and || true to awk commands that parse rustc version.
Prevents 'Operation not permitted' errors in containers with restricted syscalls.
- load_vars_file() now supports force parameter to override existing variables
- App Defaults uses force=yes to properly apply saved user preferences
- Added safety check for SSH_KEYS_FILE in install_ssh_keys_into_ct()
- Initialize ENABLE_GPU, ENABLE_NESTING, ENABLE_KEYCTL, ENABLE_MKNOD, PROTECT_CT, CT_TIMEZONE in base_settings()
- Added fallback defaults in echo_default() to prevent unbound variable errors when advanced_settings is skipped
* fix(build): load app defaults before applying base_settings
App defaults were loaded after base_settings, causing saved values to be ignored.
Now loads var_* from app defaults file before calling base_settings.
* fix(cleanup): suppress composer root warning in cleanup_lxc
Composer's clear-cache command prompts for confirmation when run as root,
causing scripts to hang at 'Cleaning up' stage. Set COMPOSER_ALLOW_SUPERUSER=1
to suppress the interactive prompt.
Fixes#9952 (Heimdall Dashboard), also affects BentoPDF and other PHP apps.
* Fix COMPOSER_ALLOW_SUPERUSER export in cleanup_lxc
Exports COMPOSER_ALLOW_SUPERUSER before running composer clear-cache to ensure the environment variable is set correctly during cleanup.
- SSH access dialog is now always displayed regardless of password or SSH keys
- Added step indicator to SSH settings dialogs for consistency
- configure_ssh_settings() now accepts optional step_info parameter
- Updated documentation for SSH configuration functions
Fixes#9753
* Switch container exec from bash to sh in fix_gpu_gids
Replaces bash with sh for container execution in fix_gpu_gids and updates device matching logic to use a POSIX-compliant case statement. This improves compatibility with containers that may not have bash installed.
* fix(apt): auto-recover from interrupted dpkg operations
When a previous installation is interrupted (e.g., by script error or
user cancellation), dpkg can be left in an inconsistent state requiring
'dpkg --configure -a' to fix.
This change:
- Adds dpkg --configure -a check to ensure_apt_working()
- Adds dpkg --configure -a to retry logic in install_packages_with_retry()
- Adds dpkg --configure -a to retry logic in upgrade_packages_with_retry()
Fixes: Omada Controller update failing after interrupted installation
Reported-in: #9663
* core: enhance storage type validation and error codes
Improve storage validation for LXC container creation with
explicit checks for unsupported storage types.
Changes:
- Add validation for storage types that don't support containers:
- iscsidirect (exit 212) - VMs only
- iscsi/zfs (exit 213) - no rootdir support
- cephfs (exit 219) - use RBD instead
- pbs (exit 224) - backups only
- Add connectivity check for network storage (linstor, rbd, nfs, cifs)
- Simplify storage content validation using pvesm status
- Reorganize Proxmox error codes (200-231) for consistency
- Update error messages to be more descriptive and actionable
This helps users identify storage compatibility issues early
before container creation fails with cryptic errors.
* Update build.func
Enhances the setup_java function to attempt a package purge and reinstall if a Temurin JDK is detected but its version cannot be determined. This helps recover from inconsistent or broken JDK installations.
* Refactor Core
Refactored misc/alpine-install.func to improve error handling, network checks, and MOTD setup. Added misc/alpine-tools.func and misc/error_handler.func for modular tool installation and error management. Enhanced misc/api.func with detailed exit code explanations and telemetry functions. Updated misc/core.func for better initialization, validation, and execution helpers. Removed misc/create_lxc.sh as part of cleanup.
* Delete config-file.func
* Update install.func
* Refactor stop_all_services function and variable names
Refactor service stopping logic and improve variable handling
* Refactor installation script and update copyright
Updated copyright information and adjusted package installation commands. Enhanced IPv6 disabling logic and improved container customization process.
* Update install.func
* Update license comment format in install.func
* Refactor IPv6 handling and enhance MOTD and SSH
Refactor IPv6 handling and update OS function. Enhance MOTD with additional details and configure SSH settings.
* big core refactor
* Enhance IPv6 configuration menu options
Updated IPv6 Address Management menu options for clarity and added a new option for fully disabling IPv6.
* Update default Node.js version to 24 LTS
* Update misc/alpine-tools.func
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
* indention
* remove debugf and duplicate codes
* Update whiptail backtitles and error codes
Removed '[dev]' from whiptail --backtitle strings for consistency. Refactored custom exit codes in build.func and error_handler.func: updated Proxmox error codes, shifted MySQL/MariaDB codes to 260-263, and removed unused MongoDB code. Updated error descriptions to match new codes.
* comments
* Refactor error handling and clean up debug comments
Standardized bash variable checks, removed unnecessary debug and commented code, and clarified error handling logic in container build and setup scripts. These changes improve code readability and maintainability without altering functional behavior.
* Update build.func
* feat: Improve LXC network checks and LINSTOR storage handling
Enhanced LXC container network setup to check for both IPv4 and IPv6 addresses, added connectivity (ping) tests, and provided troubleshooting tips on failure. Updated storage validation to support LINSTOR, including cluster connectivity checks and special handling for LINSTOR template storage.
---------
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
* Update SSL key and certificate paths for Actual Budget
* Use lowercase app name for certificate paths
* revert changes at actualbudget
---------
Co-authored-by: CanbiZ <47820557+MickLesk@users.noreply.github.com>
Reworks the PHP installation logic to always remove conflicting PHP versions before pinning and repository setup, ensuring only the desired version is present. Simplifies module installation by letting apt-get handle missing modules and improves error handling for individual package installations. Removes pre-checks and warnings for unavailable modules, streamlining the process and reducing complexity.
Enhances the PHP setup function to enforce APT pinning for PHP versions during updates and installations, ensuring correct version selection. Adds logic to remove conflicting PHP versions, improves module availability checks, and provides clearer messaging for installed and missing modules.
Enhances the setup_php function to enforce explicit PHP version pinning during installation, adds checks for available versions and missing modules, and improves error handling. The script now verifies the installed PHP version matches the requested version and provides fallback installation logic if version-constrained installs fail.
Replaces previous IPv6 disabling method with a dedicated 'disable' option, storing sysctl settings in /etc/sysctl.d/99-disable-ipv6.conf. Updates build and install scripts to clarify the difference between 'none' (no assignment) and 'disable' (fully disables IPv6), adds user warnings, and disables IPv6 listeners in nginx if present.
* Enhance IPv6 disabling logic in install script
Updated verb_ip6 to check both IPV6_METHOD and DISABLEIPV6 variables. Added disabling for all, default, and loopback interfaces, improved messaging, and redirected sysctl output to /dev/null for cleaner logs.
* Improve IPv6 disabling logic in install scripts
Updated both alpine-install.func and install.func to enhance IPv6 disabling by checking IPV6_METHOD and adding more sysctl settings. Also improved messaging and removed suppression of sysctl output in install.func.
Enhances the setup_postgresql function to prioritize the PostgreSQL upstream repository for Debian trixie, forky, and sid, with a fallback to native Debian packages if the repo is unavailable or packages cannot be installed. Adds logic for installing dependencies, restoring backups, enabling the service, updating PATH, and installing optional modules for native package installations.
* tools.func: improve Rust setup and crate installation logic
Enhances the setup_rust function to better handle Rust toolchain installation, updates, and verification. Improves global crate installation by handling upgrades, version checks, and error reporting, and adds more informative messaging throughout the process.
* Update tools.func
* Refine comment on setting default Rust toolchain
Removed redundant comment about fixing old installations.
