Tinyauth: v5 Support & add Debian Version

CHANGELOG.md

@@ -412,30 +412,6 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit
 
 ## 2026-03-03
 
-### 🆕 New Scripts
-
-  - Tinyauth: v5 Support & add Debian Version [@MickLesk](https://github.com/MickLesk) ([#12501](https://github.com/community-scripts/ProxmoxVE/pull/12501))
-
-### 🚀 Updated Scripts
-
-  - #### 🐞 Bug Fixes
-
-    - meshcentral: increased disk space to 4GB [@MickLesk](https://github.com/MickLesk) ([#12509](https://github.com/community-scripts/ProxmoxVE/pull/12509))
-
-  - #### 🔧 Refactor
-
-    - opnsense-vm: harden temp dir, bridge detection and network selection [@MickLesk](https://github.com/MickLesk) ([#12513](https://github.com/community-scripts/ProxmoxVE/pull/12513))
-
-### 🗑️ Deleted Scripts
-
-  - Remove Unifi Network Server scripts (dead APT repo) [@Copilot](https://github.com/Copilot) ([#12500](https://github.com/community-scripts/ProxmoxVE/pull/12500))
-
-### 💾 Core
-
-  - #### ✨ New Features
-
-    - core: recovery - add ENOSPC disk-full detection with auto-retry using * 2 hdd [@MickLesk](https://github.com/MickLesk) ([#12511](https://github.com/community-scripts/ProxmoxVE/pull/12511))
-
 ### 🌐 Website
 
   - #### 🐞 Bug Fixes

ct/cross-seed.sh

@@ -25,7 +25,6 @@ function update_script() {
   check_container_resources
 
   NODE_VERSION="24" setup_nodejs
-  ensure_dependencies build-essential
 
   if command -v cross-seed &>/dev/null; then
     current_version=$(cross-seed --version)

ct/headers/tinyauth

@@ -1,6 +0,0 @@
-  _______                         __  __  
- /_  __(_)___  __  ______ ___  __/ /_/ /_ 
-  / / / / __ \/ / / / __ `/ / / / __/ __ \
- / / / / / / / /_/ / /_/ / /_/ / /_/ / / /
-/_/ /_/_/ /_/\__, /\__,_/\__,_/\__/_/ /_/ 
-            /____/                        

ct/headers/unifi

@@ -0,0 +1,6 @@
+   __  __      _ _____ 
+  / / / /___  (_) __(_)
+ / / / / __ \/ / /_/ / 
+/ /_/ / / / / / __/ /  
+\____/_/ /_/_/_/ /_/   
+                       

ct/meshcentral.sh

@@ -9,7 +9,7 @@ APP="MeshCentral"
 var_tags="${var_tags:-remote-management}"
 var_cpu="${var_cpu:-1}"
 var_ram="${var_ram:-512}"
-var_disk="${var_disk:-4}"
+var_disk="${var_disk:-2}"
 var_os="${var_os:-debian}"
 var_version="${var_version:-13}"
 var_unprivileged="${var_unprivileged:-1}"

ct/unifi.sh

@@ -0,0 +1,47 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2026 tteck
+# Author: tteck (tteckster)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://ui.com/download/unifi
+
+APP="Unifi"
+var_tags="${var_tags:-network;unifi}"
+var_cpu="${var_cpu:-2}"
+var_ram="${var_ram:-2048}"
+var_disk="${var_disk:-8}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-12}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+  if [[ ! -d /usr/lib/unifi ]]; then
+    msg_error "No ${APP} Installation Found!"
+    exit
+  fi
+
+  JAVA_VERSION="21" setup_java
+
+  msg_info "Updating ${APP}"
+  $STD apt update --allow-releaseinfo-change
+  ensure_dependencies unifi
+  msg_ok "Updated successfully!"
+  exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}https://${IP}:8443${CL}"

frontend/public/json/github-versions.json

@@ -1,5 +1,5 @@
 {
-  "generated": "2026-03-03T12:12:16Z",
+  "generated": "2026-03-03T06:17:56Z",
   "versions": [
     {
       "slug": "2fauth",
@@ -1562,13 +1562,6 @@
       "pinned": false,
       "date": "2026-02-13T16:30:09Z"
     },
-    {
-      "slug": "tinyauth",
-      "repo": "steveiliop56/tinyauth",
-      "version": "v5.0.0",
-      "pinned": false,
-      "date": "2026-03-02T18:43:57Z"
-    },
     {
       "slug": "traccar",
       "repo": "traccar/traccar",

frontend/public/json/meshcentral.json

@@ -21,7 +21,7 @@
       "resources": {
         "cpu": 1,
         "ram": 512,
-        "hdd": 4,
+        "hdd": 2,
         "os": "debian",
         "version": "13"
       }

frontend/public/json/tinyauth.json

@@ -1,51 +1,51 @@
 {
-  "name": "Tinyauth",
-  "slug": "tinyauth",
-  "categories": [
-    6
-  ],
-  "date_created": "2026-03-03",
-  "type": "ct",
-  "updateable": true,
-  "privileged": false,
-  "interface_port": 3000,
-  "documentation": "https://tinyauth.app",
-  "config_path": "/opt/tinyauth/.env",
-  "website": "https://tinyauth.app",
-  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/tinyauth.webp",
-  "description": "Tinyauth is a simple authentication middleware that adds simple username/password login or OAuth with Google, Github and any generic provider to all of your docker apps.",
-  "install_methods": [
-    {
-      "type": "default",
-      "script": "ct/tinyauth.sh",
-      "resources": {
-        "cpu": 1,
-        "ram": 512,
-        "hdd": 4,
-        "os": "debian",
-        "version": "13"
-      }
+    "name": "Tinyauth",
+    "slug": "tinyauth",
+    "categories": [
+        6
+    ],
+    "date_created": "2025-05-06",
+    "type": "ct",
+    "updateable": true,
+    "privileged": false,
+    "interface_port": 3000,
+    "documentation": "https://tinyauth.app",
+    "config_path": "/opt/tinyauth/.env",
+    "website": "https://tinyauth.app",
+    "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/tinyauth.webp",
+    "description": "Tinyauth is a simple authentication middleware that adds simple username/password login or OAuth with Google, Github and any generic provider to all of your docker apps.",
+    "install_methods": [
+        {
+            "type": "default",
+            "script": "ct/tinyauth.sh",
+            "resources": {
+                "cpu": 1,
+                "ram": 512,
+                "hdd": 4,
+                "os": "debian",
+                "version": "13"
+            }
+        },
+        {
+            "type": "alpine",
+            "script": "ct/alpine-tinyauth.sh",
+            "resources": {
+                "cpu": 1,
+                "ram": 256,
+                "hdd": 2,
+                "os": "alpine",
+                "version": "3.23"
+            }
+        }
+    ],
+    "default_credentials": {
+        "username": null,
+        "password": null
     },
-    {
-      "type": "alpine",
-      "script": "ct/alpine-tinyauth.sh",
-      "resources": {
-        "cpu": 1,
-        "ram": 256,
-        "hdd": 2,
-        "os": "alpine",
-        "version": "3.23"
-      }
-    }
-  ],
-  "default_credentials": {
-    "username": null,
-    "password": null
-  },
-  "notes": [
-    {
-      "text": "The default credentials are located in `/opt/tinyauth/credentials.txt`.",
-      "type": "info"
-    }
-  ]
+    "notes": [
+        {
+            "text": "The default credentials are located in `/opt/tinyauth/credentials.txt`.",
+            "type": "info"
+        }
+    ]
 }

frontend/public/json/unifi.json

@@ -0,0 +1,42 @@
+{
+  "name": "UniFi Network Server",
+  "slug": "unifi",
+  "categories": [
+    4
+  ],
+  "date_created": "2024-05-02",
+  "type": "ct",
+  "updateable": true,
+  "privileged": false,
+  "interface_port": 8443,
+  "documentation": "https://help.ui.com/hc/en-us/articles/360012282453-Self-Hosting-a-UniFi-Network-Server",
+  "website": "https://www.ui.com/",
+  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/ubiquiti-unifi.webp",
+  "config_path": "",
+  "description": "UniFi Network Server is a software that helps manage and monitor UniFi networks (Wi-Fi, Ethernet, etc.) by providing an intuitive user interface and advanced features. It allows network administrators to configure, monitor, and upgrade network devices, as well as view network statistics, client devices, and historical events. The aim of the application is to make the management of UniFi networks easier and more efficient.",
+  "disable": true,
+  "disable_description": "This script is disabled because UniFi no longer delivers APT packages for Debian systems. The installation relies on APT repositories that are no longer maintained or available. For more details, see: https://github.com/community-scripts/ProxmoxVE/issues/11876",
+  "install_methods": [
+    {
+      "type": "default",
+      "script": "ct/unifi.sh",
+      "resources": {
+        "cpu": 2,
+        "ram": 2048,
+        "hdd": 8,
+        "os": "debian",
+        "version": "12"
+      }
+    }
+  ],
+  "default_credentials": {
+    "username": null,
+    "password": null
+  },
+  "notes": [
+    {
+      "text": "For non-AVX CPUs, MongoDB 4.4 is installed. Please note this is a legacy solution that may present security risks and could become unsupported in future updates.",
+      "type": "warning"
+    }
+  ]
+}

install/cross-seed-install.sh

@@ -13,10 +13,6 @@ setting_up_container
 network_check
 update_os
 
-msg_info "Installing Dependencies"
-$STD apt install -y build-essential
-msg_ok "Installed Dependencies"
-
 NODE_VERSION="24" setup_nodejs
 
 msg_info "Setup Cross-Seed"

install/unifi-install.sh

@@ -0,0 +1,53 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2026 tteck
+# Author: tteck (tteckster)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://ui.com/download/unifi
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt install -y apt-transport-https
+curl -fsSL "https://dl.ui.com/unifi/unifi-repo.gpg" -o "/usr/share/keyrings/unifi-repo.gpg"
+cat <<EOF | sudo tee /etc/apt/sources.list.d/100-ubnt-unifi.sources >/dev/null
+Types: deb
+URIs: https://www.ui.com/downloads/unifi/debian
+Suites: stable
+Components: ubiquiti
+Architectures: amd64
+Signed-By: /usr/share/keyrings/unifi-repo.gpg
+EOF
+$STD apt update
+msg_ok "Installed Dependencies"
+
+JAVA_VERSION="21" setup_java
+
+if lscpu | grep -q 'avx'; then
+  MONGO_VERSION="8.0" setup_mongodb
+else
+  msg_error "No AVX detected (CPU-Flag)! We have discontinued support for this. You are welcome to try it manually with a Debian LXC, but due to the many issues with Unifi, we currently only support AVX CPUs."
+  exit 10
+fi
+
+if ! dpkg -l | grep -q 'libssl1.1'; then
+  msg_info "Installing libssl (if needed)"
+  curl -fsSL "https://security.debian.org/debian-security/pool/updates/main/o/openssl/libssl1.1_1.1.1w-0+deb11u4_amd64.deb" -o "/tmp/libssl.deb"
+  $STD dpkg -i /tmp/libssl.deb
+  rm -f /tmp/libssl.deb
+  msg_ok "Installed libssl1.1"
+fi
+
+msg_info "Installing UniFi Network Server"
+$STD apt install -y unifi
+msg_ok "Installed UniFi Network Server"
+
+motd_ssh
+customize
+cleanup_lxc

misc/build.func

@@ -4222,7 +4222,6 @@ EOF'
     local is_network_issue=false
     local is_apt_issue=false
     local is_cmd_not_found=false
-    local is_disk_full=false
     local error_explanation=""
     if declare -f explain_exit_code >/dev/null 2>&1; then
       error_explanation="$(explain_exit_code "$install_exit_code")"
@@ -4243,14 +4242,6 @@ EOF'
       ;;
     esac
 
-    # Disk full / ENOSPC detection: errno -28 (ENOSPC), exit 228 (custom handler), exit 23 (curl write error)
-    if [[ $install_exit_code -eq 228 || $install_exit_code -eq 23 ]]; then
-      is_disk_full=true
-    fi
-    if [[ -f "$combined_log" ]] && grep -qiE 'ENOSPC|no space left on device|No space left on device|Disk quota exceeded|errno -28' "$combined_log"; then
-      is_disk_full=true
-    fi
-
     # Command not found detection
     if [[ $install_exit_code -eq 127 ]]; then
       is_cmd_not_found=true
@@ -4287,9 +4278,6 @@ EOF'
       if grep -qiE ': command not found|No such file or directory.*/s?bin/' "$combined_log"; then
         is_cmd_not_found=true
       fi
-      if grep -qiE 'ENOSPC|no space left on device|Disk quota exceeded|errno -28' "$combined_log"; then
-        is_disk_full=true
-      fi
     fi
 
     # Show error explanation if available
@@ -4311,12 +4299,6 @@ EOF'
       echo ""
     fi
 
-    if [[ "$is_disk_full" == true ]]; then
-      echo -e "${TAB}${INFO} The container ran out of disk space during installation (${GN}ENOSPC${CL})."
-      echo -e "${TAB}${INFO} Current disk size: ${GN}${DISK_SIZE} GB${CL}. A rebuild with doubled disk may resolve this."
-      echo ""
-    fi
-
     if [[ "$is_cmd_not_found" == true ]]; then
       local missing_cmd=""
       if [[ -f "$combined_log" ]]; then
@@ -4336,7 +4318,7 @@ EOF'
     echo -e "  ${GN}3)${CL} Retry with verbose mode (full rebuild)"
 
     local next_option=4
-    local APT_OPTION="" OOM_OPTION="" DNS_OPTION="" DISK_OPTION=""
+    local APT_OPTION="" OOM_OPTION="" DNS_OPTION=""
 
     if [[ "$is_apt_issue" == true ]]; then
       if [[ "$var_os" == "alpine" ]]; then
@@ -4361,18 +4343,6 @@ EOF'
       fi
     fi
 
-    if [[ "$is_disk_full" == true ]]; then
-      local disk_recovery_attempt="${DISK_RECOVERY_ATTEMPT:-0}"
-      if [[ $disk_recovery_attempt -lt 2 ]]; then
-        local new_disk=$((DISK_SIZE * 2))
-        echo -e "  ${GN}${next_option})${CL} Retry with more disk space (Disk: ${DISK_SIZE}→${new_disk} GB)"
-        DISK_OPTION=$next_option
-        next_option=$((next_option + 1))
-      else
-        echo -e "  ${DGN}-)${CL} ${DGN}Disk resize retry exhausted (already retried ${disk_recovery_attempt}x)${CL}"
-      fi
-    fi
-
     if [[ "$is_network_issue" == true ]]; then
       echo -e "  ${GN}${next_option})${CL} Retry with DNS override in LXC (8.8.8.8 / 1.1.1.1)"
       DNS_OPTION=$next_option
@@ -4533,35 +4503,6 @@ EOF'
           return $?
         fi
 
-        if [[ -n "${DISK_OPTION}" && "${response}" == "${DISK_OPTION}" ]]; then
-          # Retry with doubled disk size
-          handled=true
-          echo -e "\n${TAB}${HOLD}${YW}Removing container ${CTID} for rebuild with more disk space...${CL}"
-          pct stop "$CTID" &>/dev/null || true
-          pct destroy "$CTID" &>/dev/null || true
-          echo -e "${BFR}${CM}${GN}Container ${CTID} removed${CL}"
-          echo ""
-          local old_ctid="$CTID"
-          local old_disk="$DISK_SIZE"
-          export CTID=$(get_valid_container_id "$CTID")
-          export DISK_SIZE=$((DISK_SIZE * 2))
-          export var_disk="$DISK_SIZE"
-          export VERBOSE="yes"
-          export var_verbose="yes"
-          export DISK_RECOVERY_ATTEMPT=$((${DISK_RECOVERY_ATTEMPT:-0} + 1))
-
-          echo -e "${YW}Rebuilding with increased disk space (attempt ${DISK_RECOVERY_ATTEMPT}/2):${CL}"
-          echo -e "  Container ID: ${old_ctid} → ${CTID}"
-          echo -e "  Disk: ${old_disk} → ${GN}${DISK_SIZE}${CL} GB (x2)"
-          echo -e "  RAM: ${RAM_SIZE} MiB | CPU: ${CORE_COUNT} cores"
-          echo -e "  Network: ${NET:-dhcp} | Bridge: ${BRG:-vmbr0}"
-          echo -e "  Verbose: ${GN}enabled${CL}"
-          echo ""
-          msg_info "Restarting installation..."
-          build_container
-          return $?
-        fi
-
         if [[ -n "${DNS_OPTION}" && "${response}" == "${DNS_OPTION}" ]]; then
           # Retry with DNS override in LXC
           handled=true

vm/opnsense-vm.sh

@@ -105,15 +105,7 @@ function check_disk_space() {
   return 0
 }
 
-# Use disk-backed temp directory to avoid tmpfs/RAM size limits in /tmp
-if [ -d "/var/tmp" ] && check_disk_space "/var/tmp" 20; then
-  TEMP_DIR=$(mktemp -d /var/tmp/opnsense-vm.XXXXXX)
-elif [ -d "/tmp" ] && check_disk_space "/tmp" 20; then
-  TEMP_DIR=$(mktemp -d)
-else
-  # Fallback: try /var/tmp anyway, disk space check will catch it later
-  TEMP_DIR=$(mktemp -d /var/tmp/opnsense-vm.XXXXXX)
-fi
+TEMP_DIR=$(mktemp -d)
 pushd $TEMP_DIR >/dev/null
 function send_line_to_vm() {
   echo -e "${DGN}Sending line: ${YW}$1${CL}"
@@ -268,10 +260,6 @@ function exit-script() {
   exit
 }
 
-function get_available_bridges() {
-  ip -o link show type bridge 2>/dev/null | awk -F': ' '{print $2}' | sort
-}
-
 function default_settings() {
   VMID=$(get_valid_nextid)
   FORMAT=",efitype=4m"
@@ -291,17 +279,11 @@ function default_settings() {
   VLAN=""
   MAC=$GEN_MAC
   WAN_MAC=$GEN_MAC_LAN
-  WAN_BRG=""
+  WAN_BRG="vmbr1"
   MTU=""
   START_VM="yes"
   METHOD="default"
 
-  # Detect available bridges
-  local AVAILABLE_BRIDGES
-  AVAILABLE_BRIDGES=$(get_available_bridges)
-  local BRIDGE_COUNT
-  BRIDGE_COUNT=$(echo "$AVAILABLE_BRIDGES" | wc -l)
-
   echo -e "${DGN}Using Virtual Machine ID: ${BGN}${VMID}${CL}"
   echo -e "${DGN}Using Hostname: ${BGN}${HN}${CL}"
   echo -e "${DGN}Allocated Cores: ${BGN}${CORE_COUNT}${CL}"
@@ -315,34 +297,26 @@ function default_settings() {
   echo -e "${DGN}Using LAN VLAN: ${BGN}Default${CL}"
   echo -e "${DGN}Using LAN MAC Address: ${BGN}${MAC}${CL}"
 
-  # Determine available network modes based on bridge count
-  local DEFAULT_WAN_BRG
-  DEFAULT_WAN_BRG=$(echo "$AVAILABLE_BRIDGES" | grep -v "^${BRG}$" | head -n1)
-
-  if [ "$BRIDGE_COUNT" -ge 2 ]; then
-    # Multiple bridges available - offer dual or single mode
-    if NETWORK_MODE=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "NETWORK CONFIGURATION" --radiolist --cancel-button Exit-Script \
-      "Choose network setup mode for OPNsense:\n" 14 70 2 \
-      "dual" "Dual Interface (Firewall/Router) - uses ${DEFAULT_WAN_BRG}" ON \
-      "single" "Single Interface (Proxy/VPN/IDS Server)" OFF \
-      3>&1 1>&2 2>&3); then
-      if [ "$NETWORK_MODE" = "dual" ]; then
-        WAN_BRG="$DEFAULT_WAN_BRG"
-        echo -e "${DGN}Network Mode: ${BGN}Dual Interface (Firewall)${CL}"
-        echo -e "${DGN}Using WAN Bridge: ${BGN}${WAN_BRG}${CL}"
-        echo -e "${DGN}Using WAN MAC Address: ${BGN}${WAN_MAC}${CL}"
+  if NETWORK_MODE=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "NETWORK CONFIGURATION" --radiolist --cancel-button Exit-Script \
+    "Choose network setup mode for OPNsense:\n" 14 70 2 \
+    "dual" "Dual Interface (Traditional Firewall/Router)" ON \
+    "single" "Single Interface (Proxy/VPN/IDS Server)" OFF \
+    3>&1 1>&2 2>&3); then
+    if [ "$NETWORK_MODE" = "dual" ]; then
+      echo -e "${DGN}Network Mode: ${BGN}Dual Interface (Firewall)${CL}"
+      echo -e "${DGN}Using WAN MAC Address: ${BGN}${WAN_MAC}${CL}"
+      if ! ip link show "${WAN_BRG}" &>/dev/null; then
+        msg_error "Bridge '${WAN_BRG}' does not exist"
+        exit
       else
-        echo -e "${DGN}Network Mode: ${BGN}Single Interface (Proxy/VPN/IDS)${CL}"
-        WAN_BRG=""
+        echo -e "${DGN}Using WAN Bridge: ${BGN}${WAN_BRG}${CL}"
       fi
     else
-      exit-script
+      echo -e "${DGN}Network Mode: ${BGN}Single Interface (Proxy/VPN/IDS)${CL}"
+      WAN_BRG=""
     fi
   else
-    # Only one bridge available - single interface mode only
-    echo -e "${DGN}Network Mode: ${BGN}Single Interface (Proxy/VPN/IDS)${CL}"
-    echo -e "${YW}  (Only one bridge detected, dual interface requires a second bridge)${CL}"
-    WAN_BRG=""
+    exit-script
   fi
   echo -e "${DGN}Using Interface MTU Size: ${BGN}Default${CL}"
   echo -e "${DGN}Start VM when completed: ${BGN}yes${CL}"
@@ -496,29 +470,13 @@ function advanced_settings() {
     exit-script
   fi
 
-  # Build WAN bridge selection from available bridges (excluding LAN bridge)
-  local WAN_BRIDGES
-  WAN_BRIDGES=$(get_available_bridges | grep -v "^${BRG}$")
-  if [ -z "$WAN_BRIDGES" ]; then
-    msg_error "No additional bridge available for WAN. Only '${BRG}' exists."
-    msg_error "Create a second bridge (e.g. vmbr1) in Proxmox network config first."
-    exit
-  fi
-  local WAN_MENU=()
-  local first=true
-  while IFS= read -r brg; do
-    if $first; then
-      WAN_MENU+=("$brg" "" "ON")
-      first=false
-    else
-      WAN_MENU+=("$brg" "" "OFF")
+  if WAN_BRG=$(whiptail --backtitle "Proxmox VE Helper Scripts" --inputbox "Set a WAN Bridge" 8 58 vmbr1 --title "WAN BRIDGE" --cancel-button Exit-Script 3>&1 1>&2 2>&3); then
+    if [ -z $WAN_BRG ]; then
+      WAN_BRG="vmbr1"
     fi
-  done <<<"$WAN_BRIDGES"
-
-  if WAN_BRG=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "WAN BRIDGE" --radiolist "Select WAN Bridge" 14 58 6 \
-    "${WAN_MENU[@]}" 3>&1 1>&2 2>&3); then
-    if [ -z "$WAN_BRG" ]; then
-      WAN_BRG=$(echo "$WAN_BRIDGES" | head -n1)
+    if ! ip link show "${WAN_BRG}" &>/dev/null; then
+      msg_error "WAN Bridge '${WAN_BRG}' does not exist"
+      exit
     fi
     echo -e "${DGN}Using WAN Bridge: ${BGN}$WAN_BRG${CL}"
   else