Tinyauth: v5 Support & add Debian Version

CHANGELOG.md

@@ -410,55 +410,8 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit
 
 </details>
 
-## 2026-03-04
-
-### 🚀 Updated Scripts
-
-  - #### 🐞 Bug Fixes
-
-    - jellyseer/overseer migration corrupting /usr/bin/update [@MickLesk](https://github.com/MickLesk) ([#12539](https://github.com/community-scripts/ProxmoxVE/pull/12539))
-    - PowerDNS: use gsqlite3 backend instead of BIND [@MickLesk](https://github.com/MickLesk) ([#12538](https://github.com/community-scripts/ProxmoxVE/pull/12538))
-    - addon migrations: /usr/bin/update replacement to prevent syntax error [@MickLesk](https://github.com/MickLesk) ([#12540](https://github.com/community-scripts/ProxmoxVE/pull/12540))
-    - fix(immich): correct LibRaw clone URL to official upstream [@DenislavDenev](https://github.com/DenislavDenev) ([#12526](https://github.com/community-scripts/ProxmoxVE/pull/12526))
-
-### 💾 Core
-
-  - #### 🐞 Bug Fixes
-
-    - tools: fall back to distro packages for psql [@MickLesk](https://github.com/MickLesk) ([#12542](https://github.com/community-scripts/ProxmoxVE/pull/12542))
-    - fix: whitelist var_searchdomain and fix the handling of var_ns and va… [@tommoyer](https://github.com/tommoyer) ([#12521](https://github.com/community-scripts/ProxmoxVE/pull/12521))
-
 ## 2026-03-03
 
-### 🆕 New Scripts
-
-  - Tinyauth: v5 Support & add Debian Version [@MickLesk](https://github.com/MickLesk) ([#12501](https://github.com/community-scripts/ProxmoxVE/pull/12501))
-
-### 🚀 Updated Scripts
-
-  - #### 🐞 Bug Fixes
-
-    - cross-seed: install build-essential to resolve missing `make` error [@Copilot](https://github.com/Copilot) ([#12522](https://github.com/community-scripts/ProxmoxVE/pull/12522))
-    - meshcentral: increased disk space to 4GB [@MickLesk](https://github.com/MickLesk) ([#12509](https://github.com/community-scripts/ProxmoxVE/pull/12509))
-
-  - #### 🔧 Refactor
-
-    - opnsense-vm: harden temp dir, bridge detection and network selection [@MickLesk](https://github.com/MickLesk) ([#12513](https://github.com/community-scripts/ProxmoxVE/pull/12513))
-
-### 🗑️ Deleted Scripts
-
-  - Remove Unifi Network Server scripts (dead APT repo) [@Copilot](https://github.com/Copilot) ([#12500](https://github.com/community-scripts/ProxmoxVE/pull/12500))
-
-### 💾 Core
-
-  - #### ✨ New Features
-
-    - core: recovery - add ENOSPC disk-full detection with auto-retry using * 2 hdd [@MickLesk](https://github.com/MickLesk) ([#12511](https://github.com/community-scripts/ProxmoxVE/pull/12511))
-
-### 📚 Documentation
-
-  - Fix config_path casing in reactive-resume.json [@ScubyG](https://github.com/ScubyG) ([#12525](https://github.com/community-scripts/ProxmoxVE/pull/12525))
-
 ### 🌐 Website
 
   - #### 🐞 Bug Fixes

ct/alpine-komodo.sh

@@ -48,11 +48,9 @@ function update_script() {
   fi
 
   msg_info "Migrating update function"
-  TMP_UPDATE=$(mktemp)
-  cat <<'MIGRATION_EOF' >"$TMP_UPDATE"
+  cat <<'MIGRATION_EOF' >/usr/bin/update
 bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/tools/addon/komodo.sh)"
 MIGRATION_EOF
-  mv "$TMP_UPDATE" /usr/bin/update
   chmod +x /usr/bin/update
 
   ln -sf /usr/bin/update /usr/bin/update_komodo 2>/dev/null || true

ct/coolify.sh

@@ -46,11 +46,9 @@ function update_script() {
   fi
 
   msg_info "Migrating update function"
-  TMP_UPDATE=$(mktemp)
-  cat <<'MIGRATION_EOF' >"$TMP_UPDATE"
+  cat <<'MIGRATION_EOF' >/usr/bin/update
 bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/tools/addon/coolify.sh)"
 MIGRATION_EOF
-  mv "$TMP_UPDATE" /usr/bin/update
   chmod +x /usr/bin/update
 
   ln -sf /usr/bin/update /usr/bin/update_coolify 2>/dev/null || true

ct/cross-seed.sh

@@ -25,7 +25,6 @@ function update_script() {
   check_container_resources
 
   NODE_VERSION="24" setup_nodejs
-  ensure_dependencies build-essential
 
   if command -v cross-seed &>/dev/null; then
     current_version=$(cross-seed --version)

ct/dockge.sh

@@ -48,11 +48,9 @@ function update_script() {
   fi
 
   msg_info "Migrating update function"
-  TMP_UPDATE=$(mktemp)
-  cat <<'MIGRATION_EOF' >"$TMP_UPDATE"
+  cat <<'MIGRATION_EOF' >/usr/bin/update
 bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/tools/addon/dockge.sh)"
 MIGRATION_EOF
-  mv "$TMP_UPDATE" /usr/bin/update
   chmod +x /usr/bin/update
 
   ln -sf /usr/bin/update /usr/bin/update_dockge 2>/dev/null || true

ct/dokploy.sh

@@ -46,11 +46,9 @@ function update_script() {
   fi
 
   msg_info "Migrating update function"
-  TMP_UPDATE=$(mktemp)
-  cat <<'MIGRATION_EOF' >"$TMP_UPDATE"
+  cat <<'MIGRATION_EOF' >/usr/bin/update
 bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/tools/addon/dokploy.sh)"
 MIGRATION_EOF
-  mv "$TMP_UPDATE" /usr/bin/update
   chmod +x /usr/bin/update
 
   ln -sf /usr/bin/update /usr/bin/update_dokploy 2>/dev/null || true

ct/headers/tinyauth

@@ -1,6 +0,0 @@
-  _______                         __  __  
- /_  __(_)___  __  ______ ___  __/ /_/ /_ 
-  / / / / __ \/ / / / __ `/ / / / __/ __ \
- / / / / / / / /_/ / /_/ / /_/ / /_/ / / /
-/_/ /_/_/ /_/\__, /\__,_/\__,_/\__/_/ /_/ 
-            /____/                        

ct/headers/unifi

@@ -0,0 +1,6 @@
+   __  __      _ _____ 
+  / / / /___  (_) __(_)
+ / / / / __ \/ / /_/ / 
+/ /_/ / / / / / __/ /  
+\____/_/ /_/_/_/ /_/   
+                       

ct/immich.sh

@@ -337,7 +337,7 @@ function compile_libraw() {
   if [[ "$LIBRAW_REVISION" != "$(grep 'libraw' ~/.immich_library_revisions | awk '{print $2}')" ]]; then
     msg_info "Recompiling libraw"
     [[ -d "$SOURCE" ]] && rm -rf "$SOURCE"
-    $STD git clone https://github.com/LibRaw/LibRaw.git "$SOURCE"
+    $STD git clone https://github.com/libraw/libraw.git "$SOURCE"
     cd "$SOURCE"
     $STD git reset --hard "$LIBRAW_REVISION"
     $STD autoreconf --install

ct/jellyseerr.sh

@@ -45,15 +45,14 @@ function update_script() {
     fi
 
     msg_info "Switching update script to Seerr"
-    TMP_UPDATE=$(mktemp)
-    cat <<'EOF' >"$TMP_UPDATE"
+    cat <<'EOF' >/usr/bin/update
+#!/usr/bin/env bash
 bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/ct/seerr.sh)"
 EOF
-    mv "$TMP_UPDATE" /usr/bin/update
     chmod +x /usr/bin/update
     msg_ok "Switched update script to Seerr"
     msg_warn "Please type 'update' again to complete the migration"
-    exit 0
+    exit
   fi
 
   msg_info "Updating Jellyseerr"

ct/komodo.sh

@@ -52,11 +52,9 @@ function update_script() {
   fi
 
   msg_info "Migrating update function"
-  TMP_UPDATE=$(mktemp)
-  cat <<'MIGRATION_EOF' >"$TMP_UPDATE"
+  cat <<'MIGRATION_EOF' >/usr/bin/update
 bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/tools/addon/komodo.sh)"
 MIGRATION_EOF
-  mv "$TMP_UPDATE" /usr/bin/update
   chmod +x /usr/bin/update
 
   ln -sf /usr/bin/update /usr/bin/update_komodo 2>/dev/null || true

ct/meshcentral.sh

@@ -9,7 +9,7 @@ APP="MeshCentral"
 var_tags="${var_tags:-remote-management}"
 var_cpu="${var_cpu:-1}"
 var_ram="${var_ram:-512}"
-var_disk="${var_disk:-4}"
+var_disk="${var_disk:-2}"
 var_os="${var_os:-debian}"
 var_version="${var_version:-13}"
 var_unprivileged="${var_unprivileged:-1}"

ct/overseerr.sh

@@ -44,11 +44,10 @@ function update_script() {
     fi
 
     msg_info "Switching update script to Seerr"
-    TMP_UPDATE=$(mktemp)
-    cat <<'EOF' >"$TMP_UPDATE"
+    cat <<'EOF' >/usr/bin/update
+#!/usr/bin/env bash
 bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/ct/seerr.sh)"
 EOF
-    mv "$TMP_UPDATE" /usr/bin/update
     chmod +x /usr/bin/update
     msg_ok "Switched update script to Seerr"
     msg_warn "Please type 'update' again to complete the migration"

ct/runtipi.sh

@@ -46,11 +46,9 @@ function update_script() {
   fi
 
   msg_info "Migrating update function"
-  TMP_UPDATE=$(mktemp)
-  cat <<'MIGRATION_EOF' >"$TMP_UPDATE"
+  cat <<'MIGRATION_EOF' >/usr/bin/update
 bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/tools/addon/runtipi.sh)"
 MIGRATION_EOF
-  mv "$TMP_UPDATE" /usr/bin/update
   chmod +x /usr/bin/update
 
   ln -sf /usr/bin/update /usr/bin/update_runtipi 2>/dev/null || true

ct/unifi.sh

@@ -0,0 +1,47 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2026 tteck
+# Author: tteck (tteckster)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://ui.com/download/unifi
+
+APP="Unifi"
+var_tags="${var_tags:-network;unifi}"
+var_cpu="${var_cpu:-2}"
+var_ram="${var_ram:-2048}"
+var_disk="${var_disk:-8}"
+var_os="${var_os:-debian}"
+var_version="${var_version:-12}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  header_info
+  check_container_storage
+  check_container_resources
+  if [[ ! -d /usr/lib/unifi ]]; then
+    msg_error "No ${APP} Installation Found!"
+    exit
+  fi
+
+  JAVA_VERSION="21" setup_java
+
+  msg_info "Updating ${APP}"
+  $STD apt update --allow-releaseinfo-change
+  ensure_dependencies unifi
+  msg_ok "Updated successfully!"
+  exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}https://${IP}:8443${CL}"

frontend/public/json/github-versions.json

@@ -1,5 +1,5 @@
 {
-  "generated": "2026-03-04T06:16:35Z",
+  "generated": "2026-03-03T06:17:56Z",
   "versions": [
     {
       "slug": "2fauth",
@@ -242,9 +242,9 @@
     {
       "slug": "cosmos",
       "repo": "azukaar/Cosmos-Server",
-      "version": "v0.21.7",
+      "version": "v0.21.6",
       "pinned": false,
-      "date": "2026-03-03T18:15:29Z"
+      "date": "2026-02-28T22:00:49Z"
     },
     {
       "slug": "cronicle",
@@ -298,9 +298,9 @@
     {
       "slug": "docmost",
       "repo": "docmost/docmost",
-      "version": "v0.70.0",
+      "version": "v0.25.3",
       "pinned": false,
-      "date": "2026-03-03T20:33:08Z"
+      "date": "2026-02-10T02:58:23Z"
     },
     {
       "slug": "domain-locker",
@@ -438,9 +438,9 @@
     {
       "slug": "ghostfolio",
       "repo": "ghostfolio/ghostfolio",
-      "version": "2.246.0",
+      "version": "2.245.0",
       "pinned": false,
-      "date": "2026-03-03T19:37:20Z"
+      "date": "2026-03-01T09:09:57Z"
     },
     {
       "slug": "gitea",
@@ -452,9 +452,9 @@
     {
       "slug": "gitea-mirror",
       "repo": "RayLabsHQ/gitea-mirror",
-      "version": "v3.12.0",
+      "version": "v3.11.0",
       "pinned": false,
-      "date": "2026-03-04T02:53:42Z"
+      "date": "2026-03-02T10:19:59Z"
     },
     {
       "slug": "glance",
@@ -557,9 +557,9 @@
     {
       "slug": "homebox",
       "repo": "sysadminsmedia/homebox",
-      "version": "v0.24.0",
+      "version": "v0.23.1",
       "pinned": false,
-      "date": "2026-03-03T16:09:55Z"
+      "date": "2026-02-01T22:53:32Z"
     },
     {
       "slug": "homepage",
@@ -613,9 +613,9 @@
     {
       "slug": "jackett",
       "repo": "Jackett/Jackett",
-      "version": "v0.24.1275",
+      "version": "v0.24.1261",
       "pinned": false,
-      "date": "2026-03-04T05:53:40Z"
+      "date": "2026-03-03T05:54:20Z"
     },
     {
       "slug": "jellystat",
@@ -669,9 +669,9 @@
     {
       "slug": "kima-hub",
       "repo": "Chevron7Locked/kima-hub",
-      "version": "v1.6.1",
+      "version": "v1.6.0",
       "pinned": false,
-      "date": "2026-03-03T16:13:53Z"
+      "date": "2026-03-02T05:43:31Z"
     },
     {
       "slug": "kimai",
@@ -753,9 +753,9 @@
     {
       "slug": "libretranslate",
       "repo": "LibreTranslate/LibreTranslate",
-      "version": "v1.9.5",
+      "version": "v1.9.4",
       "pinned": false,
-      "date": "2026-03-03T18:25:04Z"
+      "date": "2026-02-24T17:06:05Z"
     },
     {
       "slug": "lidarr",
@@ -872,9 +872,9 @@
     {
       "slug": "metube",
       "repo": "alexta69/metube",
-      "version": "2026.03.03",
+      "version": "2026.03.02",
       "pinned": false,
-      "date": "2026-03-03T19:15:55Z"
+      "date": "2026-03-02T19:19:10Z"
     },
     {
       "slug": "miniflux",
@@ -921,9 +921,9 @@
     {
       "slug": "netbox",
       "repo": "netbox-community/netbox",
-      "version": "v4.5.4",
+      "version": "v4.5.3",
       "pinned": false,
-      "date": "2026-03-03T20:32:16Z"
+      "date": "2026-02-17T15:39:18Z"
     },
     {
       "slug": "nextcloud-exporter",
@@ -942,9 +942,9 @@
     {
       "slug": "nightscout",
       "repo": "nightscout/cgm-remote-monitor",
-      "version": "v15.0.6",
+      "version": "v15.0.5",
       "pinned": false,
-      "date": "2026-03-03T23:04:35Z"
+      "date": "2026-03-01T21:22:37Z"
     },
     {
       "slug": "nocodb",
@@ -1229,9 +1229,9 @@
     {
       "slug": "pulse",
       "repo": "rcourtman/Pulse",
-      "version": "v5.1.18",
+      "version": "v5.1.17",
       "pinned": false,
-      "date": "2026-03-03T22:09:15Z"
+      "date": "2026-03-02T20:15:31Z"
     },
     {
       "slug": "pve-scripts-local",
@@ -1446,9 +1446,9 @@
     {
       "slug": "sonobarr",
       "repo": "Dodelidoo-Labs/sonobarr",
-      "version": "0.12.1",
+      "version": "0.11.0",
       "pinned": false,
-      "date": "2026-03-03T13:43:02Z"
+      "date": "2026-01-21T19:07:21Z"
     },
     {
       "slug": "speedtest-tracker",
@@ -1467,9 +1467,9 @@
     {
       "slug": "sportarr",
       "repo": "Sportarr/Sportarr",
-      "version": "v4.0.985.1060",
+      "version": "v4.0.983.1057",
       "pinned": false,
-      "date": "2026-03-04T01:00:04Z"
+      "date": "2026-01-26T18:54:50Z"
     },
     {
       "slug": "stirling-pdf",
@@ -1562,13 +1562,6 @@
       "pinned": false,
       "date": "2026-02-13T16:30:09Z"
     },
-    {
-      "slug": "tinyauth",
-      "repo": "steveiliop56/tinyauth",
-      "version": "v5.0.0",
-      "pinned": false,
-      "date": "2026-03-02T18:43:57Z"
-    },
     {
       "slug": "traccar",
       "repo": "traccar/traccar",
@@ -1579,9 +1572,9 @@
     {
       "slug": "tracearr",
       "repo": "connorgallopo/Tracearr",
-      "version": "v1.4.21",
+      "version": "v1.4.19",
       "pinned": false,
-      "date": "2026-03-03T18:43:20Z"
+      "date": "2026-02-28T21:25:47Z"
     },
     {
       "slug": "tracktor",
@@ -1649,9 +1642,9 @@
     {
       "slug": "upgopher",
       "repo": "wanetty/upgopher",
-      "version": "v1.15.2",
+      "version": "v1.14.0",
       "pinned": false,
-      "date": "2026-03-03T13:40:45Z"
+      "date": "2026-02-24T22:43:34Z"
     },
     {
       "slug": "upsnap",
@@ -1740,9 +1733,9 @@
     {
       "slug": "wealthfolio",
       "repo": "afadil/wealthfolio",
-      "version": "v3.0.3",
+      "version": "v3.0.2",
       "pinned": false,
-      "date": "2026-03-03T21:47:55Z"
+      "date": "2026-03-03T05:01:49Z"
     },
     {
       "slug": "web-check",

frontend/public/json/meshcentral.json

@@ -21,7 +21,7 @@
       "resources": {
         "cpu": 1,
         "ram": 512,
-        "hdd": 4,
+        "hdd": 2,
         "os": "debian",
         "version": "13"
       }

frontend/public/json/reactive-resume.json

@@ -12,7 +12,7 @@
   "documentation": "https://docs.rxresume.org/",
   "website": "https://rxresume.org",
   "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/reactive-resume.webp",
-  "config_path": "/opt/Reactive-Resume/.env",
+  "config_path": "/opt/reactive-resume/.env",
   "description": "A one-of-a-kind resume builder that keeps your privacy in mind. Completely secure, customizable, portable, open-source and free forever.",
   "install_methods": [
     {

frontend/public/json/tinyauth.json

@@ -1,51 +1,51 @@
 {
-  "name": "Tinyauth",
-  "slug": "tinyauth",
-  "categories": [
-    6
-  ],
-  "date_created": "2026-03-03",
-  "type": "ct",
-  "updateable": true,
-  "privileged": false,
-  "interface_port": 3000,
-  "documentation": "https://tinyauth.app",
-  "config_path": "/opt/tinyauth/.env",
-  "website": "https://tinyauth.app",
-  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/tinyauth.webp",
-  "description": "Tinyauth is a simple authentication middleware that adds simple username/password login or OAuth with Google, Github and any generic provider to all of your docker apps.",
-  "install_methods": [
-    {
-      "type": "default",
-      "script": "ct/tinyauth.sh",
-      "resources": {
-        "cpu": 1,
-        "ram": 512,
-        "hdd": 4,
-        "os": "debian",
-        "version": "13"
-      }
+    "name": "Tinyauth",
+    "slug": "tinyauth",
+    "categories": [
+        6
+    ],
+    "date_created": "2025-05-06",
+    "type": "ct",
+    "updateable": true,
+    "privileged": false,
+    "interface_port": 3000,
+    "documentation": "https://tinyauth.app",
+    "config_path": "/opt/tinyauth/.env",
+    "website": "https://tinyauth.app",
+    "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/tinyauth.webp",
+    "description": "Tinyauth is a simple authentication middleware that adds simple username/password login or OAuth with Google, Github and any generic provider to all of your docker apps.",
+    "install_methods": [
+        {
+            "type": "default",
+            "script": "ct/tinyauth.sh",
+            "resources": {
+                "cpu": 1,
+                "ram": 512,
+                "hdd": 4,
+                "os": "debian",
+                "version": "13"
+            }
+        },
+        {
+            "type": "alpine",
+            "script": "ct/alpine-tinyauth.sh",
+            "resources": {
+                "cpu": 1,
+                "ram": 256,
+                "hdd": 2,
+                "os": "alpine",
+                "version": "3.23"
+            }
+        }
+    ],
+    "default_credentials": {
+        "username": null,
+        "password": null
     },
-    {
-      "type": "alpine",
-      "script": "ct/alpine-tinyauth.sh",
-      "resources": {
-        "cpu": 1,
-        "ram": 256,
-        "hdd": 2,
-        "os": "alpine",
-        "version": "3.23"
-      }
-    }
-  ],
-  "default_credentials": {
-    "username": null,
-    "password": null
-  },
-  "notes": [
-    {
-      "text": "The default credentials are located in `/opt/tinyauth/credentials.txt`.",
-      "type": "info"
-    }
-  ]
+    "notes": [
+        {
+            "text": "The default credentials are located in `/opt/tinyauth/credentials.txt`.",
+            "type": "info"
+        }
+    ]
 }

frontend/public/json/unifi.json

@@ -0,0 +1,42 @@
+{
+  "name": "UniFi Network Server",
+  "slug": "unifi",
+  "categories": [
+    4
+  ],
+  "date_created": "2024-05-02",
+  "type": "ct",
+  "updateable": true,
+  "privileged": false,
+  "interface_port": 8443,
+  "documentation": "https://help.ui.com/hc/en-us/articles/360012282453-Self-Hosting-a-UniFi-Network-Server",
+  "website": "https://www.ui.com/",
+  "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/ubiquiti-unifi.webp",
+  "config_path": "",
+  "description": "UniFi Network Server is a software that helps manage and monitor UniFi networks (Wi-Fi, Ethernet, etc.) by providing an intuitive user interface and advanced features. It allows network administrators to configure, monitor, and upgrade network devices, as well as view network statistics, client devices, and historical events. The aim of the application is to make the management of UniFi networks easier and more efficient.",
+  "disable": true,
+  "disable_description": "This script is disabled because UniFi no longer delivers APT packages for Debian systems. The installation relies on APT repositories that are no longer maintained or available. For more details, see: https://github.com/community-scripts/ProxmoxVE/issues/11876",
+  "install_methods": [
+    {
+      "type": "default",
+      "script": "ct/unifi.sh",
+      "resources": {
+        "cpu": 2,
+        "ram": 2048,
+        "hdd": 8,
+        "os": "debian",
+        "version": "12"
+      }
+    }
+  ],
+  "default_credentials": {
+    "username": null,
+    "password": null
+  },
+  "notes": [
+    {
+      "text": "For non-AVX CPUs, MongoDB 4.4 is installed. Please note this is a legacy solution that may present security risks and could become unsupported in future updates.",
+      "type": "warning"
+    }
+  ]
+}

install/cross-seed-install.sh

@@ -13,10 +13,6 @@ setting_up_container
 network_check
 update_os
 
-msg_info "Installing Dependencies"
-$STD apt install -y build-essential
-msg_ok "Installed Dependencies"
-
 NODE_VERSION="24" setup_nodejs
 
 msg_info "Setup Cross-Seed"

install/immich-install.sh

@@ -232,7 +232,7 @@ msg_ok "(2/5) Compiled libheif"
 msg_info "(3/5) Compiling libraw"
 SOURCE=${SOURCE_DIR}/libraw
 : "${LIBRAW_REVISION:=$(jq -cr '.revision' $BASE_DIR/server/sources/libraw.json)}"
-$STD git clone https://github.com/LibRaw/LibRaw.git "$SOURCE"
+$STD git clone https://github.com/libraw/libraw.git "$SOURCE"
 cd "$SOURCE"
 $STD git reset --hard "$LIBRAW_REVISION"
 $STD autoreconf --install

install/powerdns-install.sh

@@ -38,12 +38,6 @@ msg_info "Setting up PowerDNS"
 $STD apt install -y \
   pdns-server \
   pdns-backend-sqlite3
-sed -i 's/^launch=$/# launch=/' /etc/powerdns/pdns.conf
-rm -f /etc/powerdns/pdns.d/bind.conf
-cat <<EOF >/etc/powerdns/pdns.d/gsqlite3.conf
-launch+=gsqlite3
-gsqlite3-database=/opt/poweradmin/powerdns.db
-EOF
 msg_ok "Setup PowerDNS"
 
 fetch_and_deploy_gh_release "poweradmin" "poweradmin/poweradmin" "tarball"
@@ -132,10 +126,7 @@ cat <<EOF >/etc/apache2/sites-enabled/poweradmin.conf
 EOF
 $STD a2enmod rewrite headers
 chown -R www-data:www-data /opt/poweradmin
-chown pdns:pdns /opt/poweradmin/powerdns.db
-chmod 664 /opt/poweradmin/powerdns.db
-usermod -aG pdns www-data
-$STD systemctl restart pdns apache2
+$STD systemctl restart apache2
 msg_info "Created Service"
 
 motd_ssh

install/unifi-install.sh

@@ -0,0 +1,53 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2026 tteck
+# Author: tteck (tteckster)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://ui.com/download/unifi
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apt install -y apt-transport-https
+curl -fsSL "https://dl.ui.com/unifi/unifi-repo.gpg" -o "/usr/share/keyrings/unifi-repo.gpg"
+cat <<EOF | sudo tee /etc/apt/sources.list.d/100-ubnt-unifi.sources >/dev/null
+Types: deb
+URIs: https://www.ui.com/downloads/unifi/debian
+Suites: stable
+Components: ubiquiti
+Architectures: amd64
+Signed-By: /usr/share/keyrings/unifi-repo.gpg
+EOF
+$STD apt update
+msg_ok "Installed Dependencies"
+
+JAVA_VERSION="21" setup_java
+
+if lscpu | grep -q 'avx'; then
+  MONGO_VERSION="8.0" setup_mongodb
+else
+  msg_error "No AVX detected (CPU-Flag)! We have discontinued support for this. You are welcome to try it manually with a Debian LXC, but due to the many issues with Unifi, we currently only support AVX CPUs."
+  exit 10
+fi
+
+if ! dpkg -l | grep -q 'libssl1.1'; then
+  msg_info "Installing libssl (if needed)"
+  curl -fsSL "https://security.debian.org/debian-security/pool/updates/main/o/openssl/libssl1.1_1.1.1w-0+deb11u4_amd64.deb" -o "/tmp/libssl.deb"
+  $STD dpkg -i /tmp/libssl.deb
+  rm -f /tmp/libssl.deb
+  msg_ok "Installed libssl1.1"
+fi
+
+msg_info "Installing UniFi Network Server"
+$STD apt install -y unifi
+msg_ok "Installed UniFi Network Server"
+
+motd_ssh
+customize
+cleanup_lxc

misc/build.func

@@ -1033,7 +1033,7 @@ load_vars_file() {
     var_apt_cacher var_apt_cacher_ip var_brg var_cpu var_disk var_fuse var_gpu var_keyctl
     var_gateway var_hostname var_ipv6_method var_mac var_mknod var_mount_fs var_mtu
     var_net var_nesting var_ns var_protection var_pw var_ram var_tags var_timezone var_tun var_unprivileged
-    var_verbose var_vlan var_ssh var_ssh_authorized_key var_container_storage var_template_storage var_searchdomain
+    var_verbose var_vlan var_ssh var_ssh_authorized_key var_container_storage var_template_storage
   )
 
   # Whitelist check helper
@@ -3620,13 +3620,13 @@ $PCT_OPTIONS_STRING"
   # Add storage if specified
   if [ -n "$SD" ]; then
     PCT_OPTIONS_STRING="$PCT_OPTIONS_STRING
-  -searchdomain $SD"
+  $SD"
   fi
 
   # Add nameserver if specified
   if [ -n "$NS" ]; then
     PCT_OPTIONS_STRING="$PCT_OPTIONS_STRING
-  -nameserver $NS"
+  $NS"
   fi
 
   # Network configuration
@@ -4222,7 +4222,6 @@ EOF'
     local is_network_issue=false
     local is_apt_issue=false
     local is_cmd_not_found=false
-    local is_disk_full=false
     local error_explanation=""
     if declare -f explain_exit_code >/dev/null 2>&1; then
       error_explanation="$(explain_exit_code "$install_exit_code")"
@@ -4243,14 +4242,6 @@ EOF'
       ;;
     esac
 
-    # Disk full / ENOSPC detection: errno -28 (ENOSPC), exit 228 (custom handler), exit 23 (curl write error)
-    if [[ $install_exit_code -eq 228 || $install_exit_code -eq 23 ]]; then
-      is_disk_full=true
-    fi
-    if [[ -f "$combined_log" ]] && grep -qiE 'ENOSPC|no space left on device|No space left on device|Disk quota exceeded|errno -28' "$combined_log"; then
-      is_disk_full=true
-    fi
-
     # Command not found detection
     if [[ $install_exit_code -eq 127 ]]; then
       is_cmd_not_found=true
@@ -4287,9 +4278,6 @@ EOF'
       if grep -qiE ': command not found|No such file or directory.*/s?bin/' "$combined_log"; then
         is_cmd_not_found=true
       fi
-      if grep -qiE 'ENOSPC|no space left on device|Disk quota exceeded|errno -28' "$combined_log"; then
-        is_disk_full=true
-      fi
     fi
 
     # Show error explanation if available
@@ -4311,12 +4299,6 @@ EOF'
       echo ""
     fi
 
-    if [[ "$is_disk_full" == true ]]; then
-      echo -e "${TAB}${INFO} The container ran out of disk space during installation (${GN}ENOSPC${CL})."
-      echo -e "${TAB}${INFO} Current disk size: ${GN}${DISK_SIZE} GB${CL}. A rebuild with doubled disk may resolve this."
-      echo ""
-    fi
-
     if [[ "$is_cmd_not_found" == true ]]; then
       local missing_cmd=""
       if [[ -f "$combined_log" ]]; then
@@ -4336,7 +4318,7 @@ EOF'
     echo -e "  ${GN}3)${CL} Retry with verbose mode (full rebuild)"
 
     local next_option=4
-    local APT_OPTION="" OOM_OPTION="" DNS_OPTION="" DISK_OPTION=""
+    local APT_OPTION="" OOM_OPTION="" DNS_OPTION=""
 
     if [[ "$is_apt_issue" == true ]]; then
       if [[ "$var_os" == "alpine" ]]; then
@@ -4361,18 +4343,6 @@ EOF'
       fi
     fi
 
-    if [[ "$is_disk_full" == true ]]; then
-      local disk_recovery_attempt="${DISK_RECOVERY_ATTEMPT:-0}"
-      if [[ $disk_recovery_attempt -lt 2 ]]; then
-        local new_disk=$((DISK_SIZE * 2))
-        echo -e "  ${GN}${next_option})${CL} Retry with more disk space (Disk: ${DISK_SIZE}→${new_disk} GB)"
-        DISK_OPTION=$next_option
-        next_option=$((next_option + 1))
-      else
-        echo -e "  ${DGN}-)${CL} ${DGN}Disk resize retry exhausted (already retried ${disk_recovery_attempt}x)${CL}"
-      fi
-    fi
-
     if [[ "$is_network_issue" == true ]]; then
       echo -e "  ${GN}${next_option})${CL} Retry with DNS override in LXC (8.8.8.8 / 1.1.1.1)"
       DNS_OPTION=$next_option
@@ -4533,35 +4503,6 @@ EOF'
           return $?
         fi
 
-        if [[ -n "${DISK_OPTION}" && "${response}" == "${DISK_OPTION}" ]]; then
-          # Retry with doubled disk size
-          handled=true
-          echo -e "\n${TAB}${HOLD}${YW}Removing container ${CTID} for rebuild with more disk space...${CL}"
-          pct stop "$CTID" &>/dev/null || true
-          pct destroy "$CTID" &>/dev/null || true
-          echo -e "${BFR}${CM}${GN}Container ${CTID} removed${CL}"
-          echo ""
-          local old_ctid="$CTID"
-          local old_disk="$DISK_SIZE"
-          export CTID=$(get_valid_container_id "$CTID")
-          export DISK_SIZE=$((DISK_SIZE * 2))
-          export var_disk="$DISK_SIZE"
-          export VERBOSE="yes"
-          export var_verbose="yes"
-          export DISK_RECOVERY_ATTEMPT=$((${DISK_RECOVERY_ATTEMPT:-0} + 1))
-
-          echo -e "${YW}Rebuilding with increased disk space (attempt ${DISK_RECOVERY_ATTEMPT}/2):${CL}"
-          echo -e "  Container ID: ${old_ctid} → ${CTID}"
-          echo -e "  Disk: ${old_disk} → ${GN}${DISK_SIZE}${CL} GB (x2)"
-          echo -e "  RAM: ${RAM_SIZE} MiB | CPU: ${CORE_COUNT} cores"
-          echo -e "  Network: ${NET:-dhcp} | Bridge: ${BRG:-vmbr0}"
-          echo -e "  Verbose: ${GN}enabled${CL}"
-          echo ""
-          msg_info "Restarting installation..."
-          build_container
-          return $?
-        fi
-
         if [[ -n "${DNS_OPTION}" && "${response}" == "${DNS_OPTION}" ]]; then
           # Retry with DNS override in LXC
           handled=true

misc/tools.func

@@ -6500,13 +6500,14 @@ function setup_postgresql() {
   local SUITE
   case "$DISTRO_CODENAME" in
   trixie | forky | sid)
+
     if verify_repo_available "https://apt.postgresql.org/pub/repos/apt" "trixie-pgdg"; then
       SUITE="trixie-pgdg"
+
     else
-      msg_warn "PGDG repo not available for ${DISTRO_CODENAME}, falling back to distro packages"
-      USE_PGDG_REPO=false setup_postgresql
-      return $?
+      SUITE="bookworm-pgdg"
     fi
+
     ;;
   *)
     SUITE=$(get_fallback_suite "$DISTRO_ID" "$DISTRO_CODENAME" "https://apt.postgresql.org/pub/repos/apt")

vm/opnsense-vm.sh

@@ -105,15 +105,7 @@ function check_disk_space() {
   return 0
 }
 
-# Use disk-backed temp directory to avoid tmpfs/RAM size limits in /tmp
-if [ -d "/var/tmp" ] && check_disk_space "/var/tmp" 20; then
-  TEMP_DIR=$(mktemp -d /var/tmp/opnsense-vm.XXXXXX)
-elif [ -d "/tmp" ] && check_disk_space "/tmp" 20; then
-  TEMP_DIR=$(mktemp -d)
-else
-  # Fallback: try /var/tmp anyway, disk space check will catch it later
-  TEMP_DIR=$(mktemp -d /var/tmp/opnsense-vm.XXXXXX)
-fi
+TEMP_DIR=$(mktemp -d)
 pushd $TEMP_DIR >/dev/null
 function send_line_to_vm() {
   echo -e "${DGN}Sending line: ${YW}$1${CL}"
@@ -268,10 +260,6 @@ function exit-script() {
   exit
 }
 
-function get_available_bridges() {
-  ip -o link show type bridge 2>/dev/null | awk -F': ' '{print $2}' | sort
-}
-
 function default_settings() {
   VMID=$(get_valid_nextid)
   FORMAT=",efitype=4m"
@@ -291,17 +279,11 @@ function default_settings() {
   VLAN=""
   MAC=$GEN_MAC
   WAN_MAC=$GEN_MAC_LAN
-  WAN_BRG=""
+  WAN_BRG="vmbr1"
   MTU=""
   START_VM="yes"
   METHOD="default"
 
-  # Detect available bridges
-  local AVAILABLE_BRIDGES
-  AVAILABLE_BRIDGES=$(get_available_bridges)
-  local BRIDGE_COUNT
-  BRIDGE_COUNT=$(echo "$AVAILABLE_BRIDGES" | wc -l)
-
   echo -e "${DGN}Using Virtual Machine ID: ${BGN}${VMID}${CL}"
   echo -e "${DGN}Using Hostname: ${BGN}${HN}${CL}"
   echo -e "${DGN}Allocated Cores: ${BGN}${CORE_COUNT}${CL}"
@@ -315,34 +297,26 @@ function default_settings() {
   echo -e "${DGN}Using LAN VLAN: ${BGN}Default${CL}"
   echo -e "${DGN}Using LAN MAC Address: ${BGN}${MAC}${CL}"
 
-  # Determine available network modes based on bridge count
-  local DEFAULT_WAN_BRG
-  DEFAULT_WAN_BRG=$(echo "$AVAILABLE_BRIDGES" | grep -v "^${BRG}$" | head -n1)
-
-  if [ "$BRIDGE_COUNT" -ge 2 ]; then
-    # Multiple bridges available - offer dual or single mode
-    if NETWORK_MODE=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "NETWORK CONFIGURATION" --radiolist --cancel-button Exit-Script \
-      "Choose network setup mode for OPNsense:\n" 14 70 2 \
-      "dual" "Dual Interface (Firewall/Router) - uses ${DEFAULT_WAN_BRG}" ON \
-      "single" "Single Interface (Proxy/VPN/IDS Server)" OFF \
-      3>&1 1>&2 2>&3); then
-      if [ "$NETWORK_MODE" = "dual" ]; then
-        WAN_BRG="$DEFAULT_WAN_BRG"
-        echo -e "${DGN}Network Mode: ${BGN}Dual Interface (Firewall)${CL}"
-        echo -e "${DGN}Using WAN Bridge: ${BGN}${WAN_BRG}${CL}"
-        echo -e "${DGN}Using WAN MAC Address: ${BGN}${WAN_MAC}${CL}"
+  if NETWORK_MODE=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "NETWORK CONFIGURATION" --radiolist --cancel-button Exit-Script \
+    "Choose network setup mode for OPNsense:\n" 14 70 2 \
+    "dual" "Dual Interface (Traditional Firewall/Router)" ON \
+    "single" "Single Interface (Proxy/VPN/IDS Server)" OFF \
+    3>&1 1>&2 2>&3); then
+    if [ "$NETWORK_MODE" = "dual" ]; then
+      echo -e "${DGN}Network Mode: ${BGN}Dual Interface (Firewall)${CL}"
+      echo -e "${DGN}Using WAN MAC Address: ${BGN}${WAN_MAC}${CL}"
+      if ! ip link show "${WAN_BRG}" &>/dev/null; then
+        msg_error "Bridge '${WAN_BRG}' does not exist"
+        exit
       else
-        echo -e "${DGN}Network Mode: ${BGN}Single Interface (Proxy/VPN/IDS)${CL}"
-        WAN_BRG=""
+        echo -e "${DGN}Using WAN Bridge: ${BGN}${WAN_BRG}${CL}"
       fi
     else
-      exit-script
+      echo -e "${DGN}Network Mode: ${BGN}Single Interface (Proxy/VPN/IDS)${CL}"
+      WAN_BRG=""
     fi
   else
-    # Only one bridge available - single interface mode only
-    echo -e "${DGN}Network Mode: ${BGN}Single Interface (Proxy/VPN/IDS)${CL}"
-    echo -e "${YW}  (Only one bridge detected, dual interface requires a second bridge)${CL}"
-    WAN_BRG=""
+    exit-script
   fi
   echo -e "${DGN}Using Interface MTU Size: ${BGN}Default${CL}"
   echo -e "${DGN}Start VM when completed: ${BGN}yes${CL}"
@@ -496,29 +470,13 @@ function advanced_settings() {
     exit-script
   fi
 
-  # Build WAN bridge selection from available bridges (excluding LAN bridge)
-  local WAN_BRIDGES
-  WAN_BRIDGES=$(get_available_bridges | grep -v "^${BRG}$")
-  if [ -z "$WAN_BRIDGES" ]; then
-    msg_error "No additional bridge available for WAN. Only '${BRG}' exists."
-    msg_error "Create a second bridge (e.g. vmbr1) in Proxmox network config first."
-    exit
-  fi
-  local WAN_MENU=()
-  local first=true
-  while IFS= read -r brg; do
-    if $first; then
-      WAN_MENU+=("$brg" "" "ON")
-      first=false
-    else
-      WAN_MENU+=("$brg" "" "OFF")
+  if WAN_BRG=$(whiptail --backtitle "Proxmox VE Helper Scripts" --inputbox "Set a WAN Bridge" 8 58 vmbr1 --title "WAN BRIDGE" --cancel-button Exit-Script 3>&1 1>&2 2>&3); then
+    if [ -z $WAN_BRG ]; then
+      WAN_BRG="vmbr1"
     fi
-  done <<<"$WAN_BRIDGES"
-
-  if WAN_BRG=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "WAN BRIDGE" --radiolist "Select WAN Bridge" 14 58 6 \
-    "${WAN_MENU[@]}" 3>&1 1>&2 2>&3); then
-    if [ -z "$WAN_BRG" ]; then
-      WAN_BRG=$(echo "$WAN_BRIDGES" | head -n1)
+    if ! ip link show "${WAN_BRG}" &>/dev/null; then
+      msg_error "WAN Bridge '${WAN_BRG}' does not exist"
+      exit
     fi
     echo -e "${DGN}Using WAN Bridge: ${BGN}$WAN_BRG${CL}"
   else