Update Nginx client_max_body_size for Passbolt

Increase client_max_body_size to 15M in Nginx configuration and reload Nginx.

CHANGELOG.md

@@ -409,17 +409,8 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit
 
 ## 2026-02-25
 
-### 🆕 New Scripts
-
-  - Zerobyte ([#12321](https://github.com/community-scripts/ProxmoxVE/pull/12321))
-
 ### 🚀 Updated Scripts
 
-  - #### 🐞 Bug Fixes
-
-    - Passbolt: Update Nginx config `client_max_body_size` [@tremor021](https://github.com/tremor021) ([#12313](https://github.com/community-scripts/ProxmoxVE/pull/12313))
-    - Zammad: configure Elasticsearch before zammad start [@MickLesk](https://github.com/MickLesk) ([#12308](https://github.com/community-scripts/ProxmoxVE/pull/12308))
-
   - #### 🔧 Refactor
 
     - OpenProject: Various fixes [@tremor021](https://github.com/tremor021) ([#12246](https://github.com/community-scripts/ProxmoxVE/pull/12246))
@@ -430,10 +421,6 @@ Exercise vigilance regarding copycat or coat-tailing sites that seek to exploit
 
     - Fix detection of ssh keys [@1-tempest](https://github.com/1-tempest) ([#12230](https://github.com/community-scripts/ProxmoxVE/pull/12230))
 
-  - #### 🔧 Refactor
-
-    - core: remove duplicate traps, consolidate error handling and harden signal traps [@MickLesk](https://github.com/MickLesk) ([#12316](https://github.com/community-scripts/ProxmoxVE/pull/12316))
-
 ### 📂 Github
 
   - github: improvements for node drift wf [@MickLesk](https://github.com/MickLesk) ([#12309](https://github.com/community-scripts/ProxmoxVE/pull/12309))

ct/headers/zerobyte

@@ -1,6 +0,0 @@
- _____                   __          __     
-/__  /  ___  _________  / /_  __  __/ /____ 
-  / /  / _ \/ ___/ __ \/ __ \/ / / / __/ _ \
- / /__/  __/ /  / /_/ / /_/ / /_/ / /_/  __/
-/____/\___/_/   \____/_.___/\__, /\__/\___/ 
-                           /____/           

ct/zerobyte.sh

@@ -1,71 +0,0 @@
-#!/usr/bin/env bash
-source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
-# Copyright (c) 2021-2026 community-scripts ORG
-# Author: community-scripts
-# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
-# Source: https://github.com/nicotsx/zerobyte
-
-APP="Zerobyte"
-var_tags="${var_tags:-backup;encryption;restic}"
-var_cpu="${var_cpu:-2}"
-var_ram="${var_ram:-6144}"
-var_disk="${var_disk:-10}"
-var_os="${var_os:-debian}"
-var_version="${var_version:-13}"
-var_unprivileged="${var_unprivileged:-1}"
-
-header_info "$APP"
-variables
-color
-catch_errors
-
-function update_script() {
-  header_info
-  check_container_storage
-  check_container_resources
-
-  if [[ ! -d /opt/zerobyte ]]; then
-    msg_error "No ${APP} Installation Found!"
-    exit
-  fi
-
-  if check_for_gh_release "zerobyte" "nicotsx/zerobyte"; then
-    msg_info "Stopping Service"
-    systemctl stop zerobyte
-    msg_ok "Stopped Service"
-
-    msg_info "Backing up Configuration"
-    cp /opt/zerobyte/.env /opt/zerobyte.env.bak
-    msg_ok "Backed up Configuration"
-    
-    NODE_VERSION="24" setup_nodejs
-    CLEAN_INSTALL=1 fetch_and_deploy_gh_release "zerobyte" "nicotsx/zerobyte" "tarball"
-
-    msg_info "Building Zerobyte"
-    export NODE_OPTIONS="--max-old-space-size=3072"
-    cd /opt/zerobyte
-    $STD bun install
-    $STD node ./node_modules/vite/bin/vite.js build
-    msg_ok "Built Zerobyte"
-
-    msg_info "Restoring Configuration"
-    cp /opt/zerobyte.env.bak /opt/zerobyte/.env
-    rm -f /opt/zerobyte.env.bak
-    msg_ok "Restored Configuration"
-
-    msg_info "Starting Service"
-    systemctl start zerobyte
-    msg_ok "Started Service"
-    msg_ok "Updated successfully!"
-  fi
-  exit
-}
-
-start
-build_container
-description
-
-msg_ok "Completed Successfully!\n"
-echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
-echo -e "${INFO}${YW} Access it using the following URL:${CL}"
-echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:4096${CL}"

frontend/public/json/github-versions.json

@@ -1,5 +1,5 @@
 {
-  "generated": "2026-02-25T12:14:52Z",
+  "generated": "2026-02-25T06:25:10Z",
   "versions": [
     {
       "slug": "2fauth",
@@ -39,9 +39,9 @@
     {
       "slug": "ampache",
       "repo": "ampache/ampache",
-      "version": "7.9.1",
+      "version": "7.9.0",
       "pinned": false,
-      "date": "2026-02-25T08:52:58Z"
+      "date": "2026-02-19T07:01:25Z"
     },
     {
       "slug": "argus",
@@ -823,9 +823,9 @@
     {
       "slug": "manyfold",
       "repo": "manyfold3d/manyfold",
-      "version": "v0.133.0",
+      "version": "v0.132.1",
       "pinned": false,
-      "date": "2026-02-25T10:40:26Z"
+      "date": "2026-02-09T22:02:28Z"
     },
     {
       "slug": "mealie",
@@ -995,13 +995,6 @@
       "pinned": false,
       "date": "2026-02-03T09:00:43Z"
     },
-    {
-      "slug": "openproject",
-      "repo": "jemalloc/jemalloc",
-      "version": "5.3.0",
-      "pinned": false,
-      "date": "2022-05-06T19:14:21Z"
-    },
     {
       "slug": "ots",
       "repo": "Luzifer/ots",

frontend/public/json/zerobyte.json

@@ -1,40 +0,0 @@
-{
-    "name": "Zerobyte",
-    "slug": "zerobyte",
-    "categories": [
-        7
-    ],
-    "date_created": "2026-02-25",
-    "type": "ct",
-    "updateable": true,
-    "privileged": false,
-    "interface_port": 4096,
-    "documentation": "https://github.com/nicotsx/zerobyte#readme",
-    "website": "https://github.com/nicotsx/zerobyte",
-    "logo": "https://cdn.jsdelivr.net/gh/selfhst/icons@main/webp/zerobyte.webp",
-    "config_path": "/opt/zerobyte/.env",
-    "description": "Zerobyte is a backup automation tool built on top of Restic that provides a modern web interface to schedule, manage, and monitor encrypted backups across multiple storage backends including NFS, SMB, WebDAV, SFTP, S3, and local directories.",
-    "install_methods": [
-        {
-            "type": "default",
-            "script": "ct/zerobyte.sh",
-            "resources": {
-                "cpu": 2,
-                "ram": 6144,
-                "hdd": 10,
-                "os": "Debian",
-                "version": "13"
-            }
-        }
-    ],
-    "default_credentials": {
-        "username": null,
-        "password": null
-    },
-    "notes": [
-        {
-            "text": "For remote mount support (NFS, SMB, WebDAV, SFTP), enable FUSE device passthrough on the LXC container. (FUSE is pre-configured)",
-            "type": "info"
-        }
-    ]
-}

install/zammad-install.sh

@@ -28,23 +28,12 @@ setup_deb822_repo \
   "stable" \
   "main"
 $STD apt install -y elasticsearch
-sed -i 's/^#\{0,2\} *-Xms[0-9]*g.*/-Xms2g/' /etc/elasticsearch/jvm.options
-sed -i 's/^#\{0,2\} *-Xmx[0-9]*g.*/-Xmx2g/' /etc/elasticsearch/jvm.options
-cat <<EOF >>/etc/elasticsearch/elasticsearch.yml
-discovery.type: single-node
-xpack.security.enabled: false
-bootstrap.memory_lock: false
-EOF
+sed -i 's/^-Xms.*/-Xms2g/' /etc/elasticsearch/jvm.options
+sed -i 's/^-Xmx.*/-Xmx2g/' /etc/elasticsearch/jvm.options
 $STD /usr/share/elasticsearch/bin/elasticsearch-plugin install ingest-attachment -b
 systemctl daemon-reload
 systemctl enable -q elasticsearch
 systemctl restart -q elasticsearch
-for i in $(seq 1 30); do
-  if curl -s http://localhost:9200 >/dev/null 2>&1; then
-    break
-  fi
-  sleep 2
-done
 msg_ok "Setup Elasticsearch"
 
 msg_info "Installing Zammad"

install/zerobyte-install.sh

@@ -1,96 +0,0 @@
-#!/usr/bin/env bash
-
-# Copyright (c) 2021-2026 community-scripts ORG
-# Author: community-scripts
-# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
-# Source: https://github.com/nicotsx/zerobyte
-
-source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
-color
-verb_ip6
-catch_errors
-setting_up_container
-network_check
-update_os
-
-msg_info "Installing Dependencies"
-echo "davfs2 davfs2/suid_file boolean false" | debconf-set-selections
-$STD apt-get install -y \
-  bzip2 \
-  fuse3 \
-  sshfs \
-  davfs2 \
-  openssh-client
-msg_ok "Installed Dependencies"
-
-fetch_and_deploy_gh_release "restic" "restic/restic" "singlefile" "latest" "/usr/local/bin" "restic_*_linux_amd64.bz2"
-mv /usr/local/bin/restic /usr/local/bin/restic.bz2
-bzip2 -d /usr/local/bin/restic.bz2
-chmod +x /usr/local/bin/restic
-
-fetch_and_deploy_gh_release "rclone" "rclone/rclone" "prebuild" "latest" "/opt/rclone" "rclone-*-linux-amd64.zip"
-ln -sf /opt/rclone/rclone /usr/local/bin/rclone
-
-fetch_and_deploy_gh_release "shoutrrr" "nicholas-fedor/shoutrrr" "prebuild" "latest" "/opt/shoutrrr" "shoutrrr_linux_amd64_*.tar.gz"
-ln -sf /opt/shoutrrr/shoutrrr /usr/local/bin/shoutrrr
-
-msg_info "Installing Bun"
-export BUN_INSTALL="/root/.bun"
-curl -fsSL https://bun.sh/install | $STD bash
-ln -sf /root/.bun/bin/bun /usr/local/bin/bun
-ln -sf /root/.bun/bin/bunx /usr/local/bin/bunx
-msg_ok "Installed Bun"
-
-NODE_VERSION="24" setup_nodejs
-fetch_and_deploy_gh_release "zerobyte" "nicotsx/zerobyte" "tarball"
-
-msg_info "Building Zerobyte (Patience)"
-cd /opt/zerobyte
-export VITE_RESTIC_VERSION=$(cat ~/.restic)
-export VITE_RCLONE_VERSION=$(cat ~/.rclone)
-export VITE_SHOUTRRR_VERSION=$(cat ~/.shoutrrr)
-export NODE_OPTIONS="--max-old-space-size=3072"
-$STD bun install
-$STD node ./node_modules/vite/bin/vite.js build
-msg_ok "Built Zerobyte"
-
-msg_info "Configuring Zerobyte"
-mkdir -p /var/lib/zerobyte/{data,restic/cache,repositories,volumes}
-APP_SECRET=$(openssl rand -hex 32)
-cat <<EOF >/opt/zerobyte/.env
-BASE_URL=http://${LOCAL_IP}:4096
-APP_SECRET=${APP_SECRET}
-PORT=4096
-ZEROBYTE_DATABASE_URL=/var/lib/zerobyte/data/zerobyte.db
-RESTIC_CACHE_DIR=/var/lib/zerobyte/restic/cache
-ZEROBYTE_REPOSITORIES_DIR=/var/lib/zerobyte/repositories
-ZEROBYTE_VOLUMES_DIR=/var/lib/zerobyte/volumes
-MIGRATIONS_PATH=/opt/zerobyte/app/drizzle
-NODE_ENV=production
-EOF
-msg_ok "Configured Zerobyte"
-
-msg_info "Creating Service"
-cat <<EOF >/etc/systemd/system/zerobyte.service
-[Unit]
-Description=Zerobyte Backup Automation
-After=network.target
-
-[Service]
-Type=simple
-User=root
-WorkingDirectory=/opt/zerobyte
-EnvironmentFile=/opt/zerobyte/.env
-ExecStart=/usr/local/bin/bun .output/server/index.mjs
-Restart=on-failure
-RestartSec=5
-
-[Install]
-WantedBy=multi-user.target
-EOF
-systemctl enable -q --now zerobyte
-msg_ok "Created Service"
-
-motd_ssh
-customize
-cleanup_lxc

misc/api.func

@@ -312,8 +312,7 @@ json_escape() {
   s=${s//$'\r'/}
   s=${s//$'\t'/\\t}
   # Remove any remaining control characters (0x00-0x1F except those already handled)
-  # Also remove DEL (0x7F) and invalid high bytes that break JSON parsers
-  s=$(printf '%s' "$s" | tr -d '\000-\010\013\014\016-\037\177')
+  s=$(printf '%s' "$s" | tr -d '\000-\010\013\014\016-\037')
   printf '%s' "$s"
 }
 
@@ -983,7 +982,7 @@ EOF
   fi
 
   # All 3 attempts failed — do NOT set POST_UPDATE_DONE=true.
-  # This allows the EXIT trap (on_exit in error_handler.func) to retry.
+  # This allows the EXIT trap (api_exit_script) to retry with 3 fresh attempts.
   # No infinite loop risk: EXIT trap fires exactly once.
 }
 

misc/build.func

@@ -4098,12 +4098,6 @@ EOF'
 
   # Installation failed?
   if [[ $install_exit_code -ne 0 ]]; then
-    # Prevent job-control signals from suspending the script during recovery.
-    # In non-interactive shells (bash -c), background processes (spinner) can
-    # trigger terminal-related signals that stop the entire process group.
-    # TSTP = Ctrl+Z, TTIN = bg read from tty, TTOU = bg write to tty (tostop)
-    trap '' TSTP TTIN TTOU
-
     msg_error "Installation failed in container ${CTID} (exit code: ${install_exit_code})"
 
     # Copy install log from container BEFORE API call so get_error_text() can read it
@@ -4179,12 +4173,7 @@ EOF'
     fi
 
     # Report failure to telemetry API (now with log available on host)
-    # NOTE: Do NOT use msg_info/spinner here — the background spinner process
-    # causes SIGTSTP in non-interactive shells (bash -c "$(curl ...)"), which
-    # stops the entire process group and prevents the recovery dialog from appearing.
-    $STD echo -e "${TAB}⏳ Reporting failure to telemetry..."
     post_update_to_api "failed" "$install_exit_code"
-    $STD echo -e "${TAB}${CM:-✔} Failure reported"
 
     # Defense-in-depth: Ensure error handling stays disabled during recovery.
     # Some functions (e.g. silent/$STD) unconditionally re-enable set -Eeuo pipefail
@@ -4548,12 +4537,8 @@ EOF'
 
     # Force one final status update attempt after cleanup
     # This ensures status is updated even if the first attempt failed (e.g., HTTP 400)
-    $STD echo -e "${TAB}⏳ Finalizing telemetry report..."
     post_update_to_api "failed" "$install_exit_code" "force"
-    $STD echo -e "${TAB}${CM:-✔} Telemetry finalized"
 
-    # Restore default job-control signal handling before exit
-    trap - TSTP TTIN TTOU
     exit $install_exit_code
   fi
 
@@ -5623,21 +5608,44 @@ ensure_log_on_host() {
   fi
 }
 
-# ==============================================================================
-# TRAP MANAGEMENT
-# ==============================================================================
-# All traps (ERR, EXIT, INT, TERM, HUP) are set by catch_errors() in
-# error_handler.func — called at the top of this file after sourcing.
+# ------------------------------------------------------------------------------
+# api_exit_script()
 #
-# Do NOT set duplicate traps here. The handlers in error_handler.func
-# (on_exit, on_interrupt, on_terminate, on_hangup, error_handler) already:
-#   - Send telemetry via post_update_to_api / _send_abort_telemetry
-#   - Stop orphaned containers via _stop_container_if_installing
-#   - Collect logs via ensure_log_on_host
-#   - Clean up lock files and spinner processes
-#
-# Previously, inline traps here overwrote catch_errors() traps, causing:
-#   - error_handler() never fired (no error output, no cleanup dialog)
-#   - on_hangup() never fired (SSH disconnect → stuck records)
-#   - Duplicated logic in two places (hard to debug)
-# ==============================================================================
+# - Exit trap handler for reporting to API telemetry
+# - Captures exit code and reports to PocketBase using centralized error descriptions
+# - Uses explain_exit_code() from api.func for consistent error messages
+# - ALWAYS sends telemetry FIRST before log collection to prevent pct pull
+#   hangs from blocking status updates (container may be dead/unresponsive)
+# - For non-zero exit codes: posts "failed" status
+# - For zero exit codes where post_update_to_api was never called:
+#   catches orphaned "installing" records (e.g., script exited cleanly
+#   but description() was never reached)
+# ------------------------------------------------------------------------------
+api_exit_script() {
+  local exit_code=$?
+  if [ $exit_code -ne 0 ]; then
+    # ALWAYS send telemetry FIRST - ensure status is reported even if
+    # ensure_log_on_host hangs (e.g. pct pull on dead container)
+    post_update_to_api "failed" "$exit_code" 2>/dev/null || true
+    # Best-effort log collection (non-critical after telemetry is sent)
+    if declare -f ensure_log_on_host >/dev/null 2>&1; then
+      ensure_log_on_host 2>/dev/null || true
+    fi
+    # Stop orphaned container if we're in the install phase
+    if [[ "${CONTAINER_INSTALLING:-}" == "true" && -n "${CTID:-}" ]] && command -v pct &>/dev/null; then
+      pct stop "$CTID" 2>/dev/null || true
+    fi
+  elif [[ "${POST_TO_API_DONE:-}" == "true" && "${POST_UPDATE_DONE:-}" != "true" ]]; then
+    # Script exited with 0 but never sent a completion status
+    # exit_code=0 is never an error — report as success
+    post_update_to_api "done" "0"
+  fi
+}
+
+if command -v pveversion >/dev/null 2>&1; then
+  trap 'api_exit_script' EXIT
+fi
+trap 'local _ec=$?; if [[ $_ec -ne 0 ]]; then post_update_to_api "failed" "$_ec" 2>/dev/null || true; if declare -f ensure_log_on_host &>/dev/null; then ensure_log_on_host 2>/dev/null || true; fi; fi' ERR
+trap 'post_update_to_api "failed" "129" 2>/dev/null || true; if [[ -n "${CTID:-}" ]] && command -v pct &>/dev/null; then pct stop "$CTID" 2>/dev/null || true; fi; exit 129' SIGHUP
+trap 'post_update_to_api "failed" "130" 2>/dev/null || true; if [[ -n "${CTID:-}" ]] && command -v pct &>/dev/null; then pct stop "$CTID" 2>/dev/null || true; fi; exit 130' SIGINT
+trap 'post_update_to_api "failed" "143" 2>/dev/null || true; if [[ -n "${CTID:-}" ]] && command -v pct &>/dev/null; then pct stop "$CTID" 2>/dev/null || true; fi; exit 143' SIGTERM

misc/core.func

@@ -607,7 +607,6 @@ stop_spinner() {
 
   unset SPINNER_PID SPINNER_MSG
   stty sane 2>/dev/null || true
-  stty -tostop 2>/dev/null || true
 }
 
 # ==============================================================================

misc/error_handler.func

@@ -199,16 +199,11 @@ error_handler() {
     return 0
   fi
 
-  # Stop spinner and restore cursor FIRST — before any output
-  # This prevents spinner text overlapping with error messages
-  if declare -f stop_spinner >/dev/null 2>&1; then
-    stop_spinner 2>/dev/null || true
-  fi
-  printf "\e[?25h"
-
   local explanation
   explanation="$(explain_exit_code "$exit_code")"
 
+  printf "\e[?25h"
+
   # ALWAYS report failure to API immediately - don't wait for container checks
   # This ensures we capture failures that occur before/after container exists
   if declare -f post_update_to_api &>/dev/null; then
@@ -364,39 +359,9 @@ _send_abort_telemetry() {
   command -v curl &>/dev/null || return 0
   [[ "${DIAGNOSTICS:-no}" == "no" ]] && return 0
   [[ -z "${RANDOM_UUID:-}" ]] && return 0
-
-  # Collect last 20 log lines for error diagnosis (best-effort)
-  local error_text=""
-  if [[ -n "${INSTALL_LOG:-}" && -s "${INSTALL_LOG}" ]]; then
-    error_text=$(tail -n 20 "$INSTALL_LOG" 2>/dev/null | sed 's/\x1b\[[0-9;]*[a-zA-Z]//g; s/\\/\\\\/g; s/"/\\"/g; s/\r//g' | tr '\n' '|' | sed 's/|$//' | tr -d '\000-\010\013\014\016-\037\177') || true
-  fi
-
-  # Calculate duration if start time is available
-  local duration=""
-  if [[ -n "${DIAGNOSTICS_START_TIME:-}" ]]; then
-    duration=$(($(date +%s) - DIAGNOSTICS_START_TIME))
-  fi
-
-  # Build JSON payload with error context
-  local payload
-  payload="{\"random_id\":\"${RANDOM_UUID}\",\"execution_id\":\"${EXECUTION_ID:-${RANDOM_UUID}}\",\"type\":\"${TELEMETRY_TYPE:-lxc}\",\"nsapp\":\"${NSAPP:-${app:-unknown}}\",\"status\":\"failed\",\"exit_code\":${exit_code}"
-  [[ -n "$error_text" ]] && payload="${payload},\"error\":\"${error_text}\""
-  [[ -n "$duration" ]] && payload="${payload},\"duration\":${duration}"
-  payload="${payload}}"
-
-  local api_url="${TELEMETRY_URL:-https://telemetry.community-scripts.org/telemetry}"
-
-  # 2 attempts (retry once on failure) — original had no retry
-  local attempt
-  for attempt in 1 2; do
-    if curl -fsS -m 5 -X POST "$api_url" \
-      -H "Content-Type: application/json" \
-      -d "$payload" &>/dev/null; then
-      return 0
-    fi
-    [[ $attempt -eq 1 ]] && sleep 1
-  done
-  return 0
+  curl -fsS -m 5 -X POST "${TELEMETRY_URL:-https://telemetry.community-scripts.org/telemetry}" \
+    -H "Content-Type: application/json" \
+    -d "{\"random_id\":\"${RANDOM_UUID}\",\"execution_id\":\"${EXECUTION_ID:-${RANDOM_UUID}}\",\"type\":\"${TELEMETRY_TYPE:-lxc}\",\"nsapp\":\"${NSAPP:-${app:-unknown}}\",\"status\":\"failed\",\"exit_code\":${exit_code}}" &>/dev/null || true
 }
 
 # ------------------------------------------------------------------------------
@@ -472,12 +437,6 @@ on_exit() {
 # - Exits with code 130 (128 + SIGINT=2)
 # ------------------------------------------------------------------------------
 on_interrupt() {
-  # Stop spinner and restore cursor before any output
-  if declare -f stop_spinner >/dev/null 2>&1; then
-    stop_spinner 2>/dev/null || true
-  fi
-  printf "\e[?25h" 2>/dev/null || true
-
   _send_abort_telemetry "130"
   _stop_container_if_installing
   if declare -f msg_error >/dev/null 2>&1; then
@@ -497,12 +456,6 @@ on_interrupt() {
 # - Exits with code 143 (128 + SIGTERM=15)
 # ------------------------------------------------------------------------------
 on_terminate() {
-  # Stop spinner and restore cursor before any output
-  if declare -f stop_spinner >/dev/null 2>&1; then
-    stop_spinner 2>/dev/null || true
-  fi
-  printf "\e[?25h" 2>/dev/null || true
-
   _send_abort_telemetry "143"
   _stop_container_if_installing
   if declare -f msg_error >/dev/null 2>&1; then
@@ -525,11 +478,6 @@ on_terminate() {
 # - Exits with code 129 (128 + SIGHUP=1)
 # ------------------------------------------------------------------------------
 on_hangup() {
-  # Stop spinner (no cursor restore needed — terminal is already gone)
-  if declare -f stop_spinner >/dev/null 2>&1; then
-    stop_spinner 2>/dev/null || true
-  fi
-
   _send_abort_telemetry "129"
   _stop_container_if_installing
   exit 129

misc/tools.func

@@ -783,25 +783,16 @@ github_api_call() {
 
   for attempt in $(seq 1 $max_retries); do
     local http_code
-    http_code=$(curl -sSL -w "%{http_code}" -o "$output_file" \
+    http_code=$(curl -fsSL -w "%{http_code}" -o "$output_file" \
       -H "Accept: application/vnd.github+json" \
       -H "X-GitHub-Api-Version: 2022-11-28" \
       "${header_args[@]}" \
-      "$url" 2>/dev/null) || true
+      "$url" 2>/dev/null || echo "000")
 
     case "$http_code" in
     200)
       return 0
       ;;
-    401)
-      msg_error "GitHub API authentication failed (HTTP 401)."
-      if [[ -n "${GITHUB_TOKEN:-}" ]]; then
-        msg_error "Your GITHUB_TOKEN appears to be invalid or expired."
-      else
-        msg_error "The repository may require authentication. Try: export GITHUB_TOKEN=\"ghp_your_token\""
-      fi
-      return 1
-      ;;
     403)
       # Rate limit - check if we can retry
       if [[ $attempt -lt $max_retries ]]; then
@@ -810,22 +801,11 @@ github_api_call() {
         retry_delay=$((retry_delay * 2))
         continue
       fi
-      msg_error "GitHub API rate limit exceeded (HTTP 403)."
-      msg_error "To increase the limit, export a GitHub token before running the script:"
-      msg_error "  export GITHUB_TOKEN=\"ghp_your_token_here\""
+      msg_error "GitHub API rate limit exceeded. Set GITHUB_TOKEN to increase limits."
       return 1
       ;;
     404)
-      msg_error "GitHub repository or release not found (HTTP 404): $url"
-      return 1
-      ;;
-    000 | "")
-      if [[ $attempt -lt $max_retries ]]; then
-        sleep "$retry_delay"
-        continue
-      fi
-      msg_error "GitHub API connection failed (no response)."
-      msg_error "Check your network/DNS: curl -sSL https://api.github.com/rate_limit"
+      msg_error "GitHub API endpoint not found: $url"
       return 1
       ;;
     *)
@@ -833,7 +813,7 @@ github_api_call() {
         sleep "$retry_delay"
         continue
       fi
-      msg_error "GitHub API call failed (HTTP $http_code)."
+      msg_error "GitHub API call failed with HTTP $http_code"
       return 1
       ;;
     esac
@@ -853,18 +833,14 @@ codeberg_api_call() {
 
   for attempt in $(seq 1 $max_retries); do
     local http_code
-    http_code=$(curl -sSL -w "%{http_code}" -o "$output_file" \
+    http_code=$(curl -fsSL -w "%{http_code}" -o "$output_file" \
       -H "Accept: application/json" \
-      "$url" 2>/dev/null) || true
+      "$url" 2>/dev/null || echo "000")
 
     case "$http_code" in
     200)
       return 0
       ;;
-    401)
-      msg_error "Codeberg API authentication failed (HTTP 401)."
-      return 1
-      ;;
     403)
       # Rate limit - retry
       if [[ $attempt -lt $max_retries ]]; then
@@ -873,20 +849,11 @@ codeberg_api_call() {
         retry_delay=$((retry_delay * 2))
         continue
       fi
-      msg_error "Codeberg API rate limit exceeded (HTTP 403)."
+      msg_error "Codeberg API rate limit exceeded."
       return 1
       ;;
     404)
-      msg_error "Codeberg repository or release not found (HTTP 404): $url"
-      return 1
-      ;;
-    000 | "")
-      if [[ $attempt -lt $max_retries ]]; then
-        sleep "$retry_delay"
-        continue
-      fi
-      msg_error "Codeberg API connection failed (no response)."
-      msg_error "Check your network/DNS: curl -sSL https://codeberg.org"
+      msg_error "Codeberg API endpoint not found: $url"
       return 1
       ;;
     *)
@@ -894,7 +861,7 @@ codeberg_api_call() {
         sleep "$retry_delay"
         continue
       fi
-      msg_error "Codeberg API call failed (HTTP $http_code)."
+      msg_error "Codeberg API call failed with HTTP $http_code"
       return 1
       ;;
     esac
@@ -1474,7 +1441,7 @@ get_latest_github_release() {
 
   if ! github_api_call "https://api.github.com/repos/${repo}/releases/latest" "$temp_file"; then
     rm -f "$temp_file"
-    return 0
+    return 1
   fi
 
   local version
@@ -1482,8 +1449,7 @@ get_latest_github_release() {
   rm -f "$temp_file"
 
   if [[ -z "$version" ]]; then
-    msg_error "Could not determine latest version for ${repo}"
-    return 0
+    return 1
   fi
 
   echo "$version"
@@ -1500,7 +1466,7 @@ get_latest_codeberg_release() {
   # Codeberg API: get all releases and pick the first non-draft/non-prerelease
   if ! codeberg_api_call "https://codeberg.org/api/v1/repos/${repo}/releases" "$temp_file"; then
     rm -f "$temp_file"
-    return 0
+    return 1
   fi
 
   local version
@@ -1514,8 +1480,7 @@ get_latest_codeberg_release() {
   rm -f "$temp_file"
 
   if [[ -z "$version" ]]; then
-    msg_error "Could not determine latest version for ${repo}"
-    return 0
+    return 1
   fi
 
   echo "$version"
@@ -1602,34 +1567,13 @@ get_latest_gh_tag() {
     "${header_args[@]}" \
     "https://api.github.com/repos/${repo}/tags?per_page=100" 2>/dev/null) || true
 
-  if [[ "$http_code" == "401" ]]; then
-    msg_error "GitHub API authentication failed (HTTP 401)."
-    if [[ -n "${GITHUB_TOKEN:-}" ]]; then
-      msg_error "Your GITHUB_TOKEN appears to be invalid or expired."
-    else
-      msg_error "The repository may require authentication. Try: export GITHUB_TOKEN=\"ghp_your_token\""
-    fi
-    rm -f /tmp/gh_tags.json
-    return 1
-  fi
-
   if [[ "$http_code" == "403" ]]; then
-    msg_error "GitHub API rate limit exceeded (HTTP 403)."
-    msg_error "To increase the limit, export a GitHub token before running the script:"
-    msg_error "  export GITHUB_TOKEN=\"ghp_your_token_here\""
-    rm -f /tmp/gh_tags.json
-    return 1
-  fi
-
-  if [[ "$http_code" == "000" || -z "$http_code" ]]; then
-    msg_error "GitHub API connection failed (no response)."
-    msg_error "Check your network/DNS: curl -sSL https://api.github.com/rate_limit"
+    msg_warn "GitHub API rate limit exceeded while fetching tags for ${repo}"
     rm -f /tmp/gh_tags.json
     return 1
   fi
 
   if [[ "$http_code" != "200" ]] || [[ ! -s /tmp/gh_tags.json ]]; then
-    msg_error "Unable to fetch tags for ${repo} (HTTP ${http_code})"
     rm -f /tmp/gh_tags.json
     return 1
   fi
@@ -1715,15 +1659,6 @@ check_for_gh_release() {
 
     if [[ "$http_code" == "200" ]] && [[ -s /tmp/gh_check.json ]]; then
       releases_json="[$(</tmp/gh_check.json)]"
-    elif [[ "$http_code" == "401" ]]; then
-      msg_error "GitHub API authentication failed (HTTP 401)."
-      if [[ -n "${GITHUB_TOKEN:-}" ]]; then
-        msg_error "Your GITHUB_TOKEN appears to be invalid or expired."
-      else
-        msg_error "The repository may require authentication. Try: export GITHUB_TOKEN=\"ghp_your_token\""
-      fi
-      rm -f /tmp/gh_check.json
-      return 1
     elif [[ "$http_code" == "403" ]]; then
       msg_error "GitHub API rate limit exceeded (HTTP 403)."
       msg_error "To increase the limit, export a GitHub token before running the script:"
@@ -1744,26 +1679,12 @@ check_for_gh_release() {
 
     if [[ "$http_code" == "200" ]] && [[ -s /tmp/gh_check.json ]]; then
       releases_json=$(</tmp/gh_check.json)
-    elif [[ "$http_code" == "401" ]]; then
-      msg_error "GitHub API authentication failed (HTTP 401)."
-      if [[ -n "${GITHUB_TOKEN:-}" ]]; then
-        msg_error "Your GITHUB_TOKEN appears to be invalid or expired."
-      else
-        msg_error "The repository may require authentication. Try: export GITHUB_TOKEN=\"ghp_your_token\""
-      fi
-      rm -f /tmp/gh_check.json
-      return 1
     elif [[ "$http_code" == "403" ]]; then
       msg_error "GitHub API rate limit exceeded (HTTP 403)."
       msg_error "To increase the limit, export a GitHub token before running the script:"
       msg_error "  export GITHUB_TOKEN=\"ghp_your_token_here\""
       rm -f /tmp/gh_check.json
       return 1
-    elif [[ "$http_code" == "000" || -z "$http_code" ]]; then
-      msg_error "GitHub API connection failed (no response)."
-      msg_error "Check your network/DNS: curl -sSL https://api.github.com/rate_limit"
-      rm -f /tmp/gh_check.json
-      return 1
     else
       msg_error "Unable to fetch releases for ${app} (HTTP ${http_code})"
       rm -f /tmp/gh_check.json
@@ -2687,22 +2608,12 @@ function fetch_and_deploy_gh_release() {
   done
 
   if ! $success; then
-    if [[ "$http_code" == "401" ]]; then
-      msg_error "GitHub API authentication failed (HTTP 401)."
-      if [[ -n "${GITHUB_TOKEN:-}" ]]; then
-        msg_error "Your GITHUB_TOKEN appears to be invalid or expired."
-      else
-        msg_error "The repository may require authentication. Try: export GITHUB_TOKEN=\"ghp_your_token\""
-      fi
-    elif [[ "$http_code" == "403" ]]; then
+    if [[ "$http_code" == "403" ]]; then
       msg_error "GitHub API rate limit exceeded (HTTP 403)."
       msg_error "To increase the limit, export a GitHub token before running the script:"
       msg_error "  export GITHUB_TOKEN=\"ghp_your_token_here\""
-    elif [[ "$http_code" == "000" || -z "$http_code" ]]; then
-      msg_error "GitHub API connection failed (no response)."
-      msg_error "Check your network/DNS: curl -sSL https://api.github.com/rate_limit"
     else
-      msg_error "Failed to fetch release metadata (HTTP $http_code)"
+      msg_error "Failed to fetch release metadata from $api_url after $max_retries attempts (HTTP $http_code)"
     fi
     return 1
   fi

tools/addon/immich-public-proxy.sh

@@ -28,7 +28,7 @@ INSTALL_PATH="/opt/immich-proxy"
 CONFIG_PATH="/opt/immich-proxy/app"
 DEFAULT_PORT=3000
 
-# Initialize all core functions (colors, formatting, icons, $STD mode)
+# Initialize all core functions (colors, formatting, icons, STD mode)
 load_functions
 init_tool_telemetry "" "addon"