starred/ProxmoxVE
1
0
Fork 0
mirror of https://github.com/community-scripts/ProxmoxVE.git synced 2026-02-05 00:29:55 +03:00
Code Issues 11 Packages Projects Releases 10 Wiki Activity

NginxProxyManager - fail APT broken package openresty #2425

New Issue
Open
opened 2026-02-05 04:47:40 +03:00 by OVERLORD · 19 comments
OVERLORD commented 2026-02-05 04:47:40 +03:00
Owner
Copy Link

Originally created by @lubbertkramer on GitHub (Feb 1, 2026).

Have you read and understood the above guidelines?

yes

🔎 Did you run the script with verbose mode enabled?

Yes, verbose mode was enabled and the output is included below

📜 What is the name of the script you are using?

nginxproxymanager

📂 What was the exact command used to execute the script?

bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/ct/cloudflare-ddns.sh)"

⚙️ What settings are you using?

  • Default Settings
  • Advanced Settings

🖥️ Which Linux distribution are you using?

Debian 13

📈 Which Proxmox version are you on?

9.1.4

📝 Provide a clear and concise description of the issue.

⚙️ Using User Defaults (default.vars) on node pve1
💡 PVE Version 9.1.4 (Kernel: 6.17.4-2-pve)
🆔 Container ID: 100
🖥️ Operating System: debian (13)
📦 Container Type: Unprivileged
💾 Disk Size: 8 GB
🧠 CPU Cores: 2
🛠️ RAM Size: 2048 MiB
🚀 Creating a Nginx Proxy Manager LXC using the above default settings

✔️ Storage space validated
✔️ Storage local (Free: 817.8GB Used: 1.4GB) [Template]
✔️ Storage local-zfs (Free: 817.8GB Used: 71.9GB) [Container]
✔️ Storage 'local-zfs' (zfspool) validated
✔️ Template storage 'local' validated
✔️ Cluster is quorate
✔️ Template search completed
✔️ Template debian-13-standard_13.1-2_amd64.tar.zst [local]
✔️ LXC Container 100 was successfully created.
✔️ Started LXC Container
✔️ Network in LXC is reachable (ping)
✔️ Customized LXC Container
✔️ Set up Container OS
✔️ Network Connected: 192.168.1.226
✔️ IPv4 Internet Connected
✖️ IPv6 Internet Not Connected
✔️ Git DNS: github.com:(✔️ ) raw.githubusercontent.com:(✔️ ) api.github.com:(✔️ ) git.community-scripts.org:(✔️ )
✔️ Updated Container OS
✔️ Installed Dependencies
✔️ Installed Python Dependencies
✔️ Set up Certbot
✖️ in line 51: exit code 100 (APT: Package manager error (broken packages / dependency problems))
→ apt update
--- Last 10 lines of silent log ---

Hit:1 http://deb.debian.org/debian trixie InRelease
Hit:2 http://deb.debian.org/debian trixie-updates InRelease
Hit:3 http://security.debian.org trixie-security InRelease
Get:4 http://openresty.org/package/debian bookworm InRelease [2,596 B]
Err:4 http://openresty.org/package/debian bookworm InRelease
Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on E52218E7087897DC6DEA6D6D97DB7443D5EDEB74 is not bound: No binding signature at time 2025-12-13T01:36:05Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z
Reading package lists...
Warning: OpenPGP signature verification failed: http://openresty.org/package/debian bookworm InRelease: Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on E52218E7087897DC6DEA6D6D97DB7443D5EDEB74 is not bound: No binding signature at time 2025-12-13T01:36:05Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z
Error: The repository 'http://openresty.org/package/debian bookworm InRelease' is not signed.

📋 View full log (853 lines): /root/.install-9cf7828d.log
✖️ Installation failed in container 100 (exit code: 100)

🔄 Steps to reproduce the issue.

Install with
bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/ct/cloudflare-ddns.sh)"

on Proxmox 9.1.4 results in the following error

Paste the full error output (if available).

--- Last 10 lines of silent log ---

Hit:1 http://deb.debian.org/debian trixie InRelease
Hit:2 http://deb.debian.org/debian trixie-updates InRelease
Hit:3 http://security.debian.org trixie-security InRelease
Get:4 http://openresty.org/package/debian bookworm InRelease [2,596 B]
Err:4 http://openresty.org/package/debian bookworm InRelease
Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on E52218E7087897DC6DEA6D6D97DB7443D5EDEB74 is not bound: No binding signature at time 2025-12-13T01:36:05Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z
Reading package lists...
Warning: OpenPGP signature verification failed: http://openresty.org/package/debian bookworm InRelease: Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on E52218E7087897DC6DEA6D6D97DB7443D5EDEB74 is not bound: No binding signature at time 2025-12-13T01:36:05Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z
Error: The repository 'http://openresty.org/package/debian bookworm InRelease' is not signed.

📋 View full log (853 lines): /root/.install-9cf7828d.log
✖️ Installation failed in container 100 (exit code: 100)

🖼️ Additional context (optional).

No response

Originally created by @lubbertkramer on GitHub (Feb 1, 2026). ### ✅ Have you read and understood the above guidelines? yes ### 🔎 Did you run the script with verbose mode enabled? Yes, verbose mode was enabled and the output is included below ### 📜 What is the name of the script you are using? nginxproxymanager ### 📂 What was the exact command used to execute the script? bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/ct/cloudflare-ddns.sh)" ### ⚙️ What settings are you using? - [x] Default Settings - [ ] Advanced Settings ### 🖥️ Which Linux distribution are you using? Debian 13 ### 📈 Which Proxmox version are you on? 9.1.4 ### 📝 Provide a clear and concise description of the issue. ⚙️ Using User Defaults (default.vars) on node pve1 💡 PVE Version 9.1.4 (Kernel: 6.17.4-2-pve) 🆔 Container ID: 100 🖥️ Operating System: debian (13) 📦 Container Type: Unprivileged 💾 Disk Size: 8 GB 🧠 CPU Cores: 2 🛠️ RAM Size: 2048 MiB 🚀 Creating a Nginx Proxy Manager LXC using the above default settings ✔️ Storage space validated ✔️ Storage local (Free: 817.8GB Used: 1.4GB) [Template] ✔️ Storage local-zfs (Free: 817.8GB Used: 71.9GB) [Container] ✔️ Storage 'local-zfs' (zfspool) validated ✔️ Template storage 'local' validated ✔️ Cluster is quorate ✔️ Template search completed ✔️ Template debian-13-standard_13.1-2_amd64.tar.zst [local] ✔️ LXC Container 100 was successfully created. ✔️ Started LXC Container ✔️ Network in LXC is reachable (ping) ✔️ Customized LXC Container ✔️ Set up Container OS ✔️ Network Connected: 192.168.1.226 ✔️ IPv4 Internet Connected ✖️ IPv6 Internet Not Connected ✔️ Git DNS: github.com:(✔️ ) raw.githubusercontent.com:(✔️ ) api.github.com:(✔️ ) git.community-scripts.org:(✔️ ) ✔️ Updated Container OS ✔️ Installed Dependencies ✔️ Installed Python Dependencies ✔️ Set up Certbot ✖️ in line 51: exit code 100 (APT: Package manager error (broken packages / dependency problems)) → apt update --- Last 10 lines of silent log --- Hit:1 http://deb.debian.org/debian trixie InRelease Hit:2 http://deb.debian.org/debian trixie-updates InRelease Hit:3 http://security.debian.org trixie-security InRelease Get:4 http://openresty.org/package/debian bookworm InRelease [2,596 B] Err:4 http://openresty.org/package/debian bookworm InRelease Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on E52218E7087897DC6DEA6D6D97DB7443D5EDEB74 is not bound: No binding signature at time 2025-12-13T01:36:05Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z Reading package lists... Warning: OpenPGP signature verification failed: http://openresty.org/package/debian bookworm InRelease: Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on E52218E7087897DC6DEA6D6D97DB7443D5EDEB74 is not bound: No binding signature at time 2025-12-13T01:36:05Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z Error: The repository 'http://openresty.org/package/debian bookworm InRelease' is not signed. ----------------------------------- 📋 View full log (853 lines): /root/.install-9cf7828d.log ✖️ Installation failed in container 100 (exit code: 100) ### 🔄 Steps to reproduce the issue. Install with bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/ct/cloudflare-ddns.sh)" on Proxmox 9.1.4 results in the following error ### ❌ Paste the full error output (if available). --- Last 10 lines of silent log --- Hit:1 http://deb.debian.org/debian trixie InRelease Hit:2 http://deb.debian.org/debian trixie-updates InRelease Hit:3 http://security.debian.org trixie-security InRelease Get:4 http://openresty.org/package/debian bookworm InRelease [2,596 B] Err:4 http://openresty.org/package/debian bookworm InRelease Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on E52218E7087897DC6DEA6D6D97DB7443D5EDEB74 is not bound: No binding signature at time 2025-12-13T01:36:05Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z Reading package lists... Warning: OpenPGP signature verification failed: http://openresty.org/package/debian bookworm InRelease: Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on E52218E7087897DC6DEA6D6D97DB7443D5EDEB74 is not bound: No binding signature at time 2025-12-13T01:36:05Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z Error: The repository 'http://openresty.org/package/debian bookworm InRelease' is not signed. ----------------------------------- 📋 View full log (853 lines): /root/.install-9cf7828d.log ✖️ Installation failed in container 100 (exit code: 100) ### 🖼️ Additional context (optional). _No response_
OVERLORD added the not a script issueexternal labels 2026-02-05 04:47:40 +03:00
OVERLORD commented 2026-02-05 04:47:56 +03:00
Author
Owner
Copy Link

@phellarv commented on GitHub (Feb 1, 2026):

Same error on ProxMox 8.4.16

@phellarv commented on GitHub (Feb 1, 2026): Same error on ProxMox 8.4.16
OVERLORD commented 2026-02-05 04:48:03 +03:00
Author
Owner
Copy Link

@MickLesk commented on GitHub (Feb 1, 2026):

Report it there:
https://github.com/openresty/openresty

@MickLesk commented on GitHub (Feb 1, 2026): Report it there: https://github.com/openresty/openresty
OVERLORD commented 2026-02-05 04:48:06 +03:00
Author
Owner
Copy Link

@e4glenight commented on GitHub (Feb 1, 2026):

Same using a live LXC when apt-get update :

root@nginxproxymanager:~# apt-get update Hit:1 http://deb.debian.org/debian trixie InRelease Hit:2 http://security.debian.org trixie-security InRelease Hit:3 http://openresty.org/package/debian bookworm InRelease Err:3 http://openresty.org/package/debian bookworm InRelease Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on E52218E7087897DC6DEA6D6D97DB7443D5EDEB74 is not bound: No binding signature at time 2025-12-13T01:36:05Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z Hit:4 http://deb.debian.org/debian trixie-updates InRelease Hit:5 https://deb.nodesource.com/node_22.x nodistro InRelease Err:5 https://deb.nodesource.com/node_22.x nodistro InRelease Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on 6F71F525282841EEDAF851B42F59B5F99B1BE0B4 is not bound: No binding signature at time 2026-01-23T18:12:38Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z Reading package lists... Done W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. OpenPGP signature verification failed: http://openresty.org/package/debian bookworm InRelease: Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on E52218E7087897DC6DEA6D6D97DB7443D5EDEB74 is not bound: No binding signature at time 2025-12-13T01:36:05Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. OpenPGP signature verification failed: https://deb.nodesource.com/node_22.x nodistro InRelease: Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on 6F71F525282841EEDAF851B42F59B5F99B1BE0B4 is not bound: No binding signature at time 2026-01-23T18:12:38Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z W: Failed to fetch https://deb.nodesource.com/node_22.x/dists/nodistro/InRelease Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on 6F71F525282841EEDAF851B42F59B5F99B1BE0B4 is not bound: No binding signature at time 2026-01-23T18:12:38Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z W: Failed to fetch http://openresty.org/package/debian/dists/bookworm/InRelease Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on E52218E7087897DC6DEA6D6D97DB7443D5EDEB74 is not bound: No binding signature at time 2025-12-13T01:36:05Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z W: Some index files failed to download. They have been ignored, or old ones used instead.

Hope they will update soon.

@e4glenight commented on GitHub (Feb 1, 2026): Same using a live LXC when apt-get update : `root@nginxproxymanager:~# apt-get update Hit:1 http://deb.debian.org/debian trixie InRelease Hit:2 http://security.debian.org trixie-security InRelease Hit:3 http://openresty.org/package/debian bookworm InRelease Err:3 http://openresty.org/package/debian bookworm InRelease Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on E52218E7087897DC6DEA6D6D97DB7443D5EDEB74 is not bound: No binding signature at time 2025-12-13T01:36:05Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z Hit:4 http://deb.debian.org/debian trixie-updates InRelease Hit:5 https://deb.nodesource.com/node_22.x nodistro InRelease Err:5 https://deb.nodesource.com/node_22.x nodistro InRelease Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on 6F71F525282841EEDAF851B42F59B5F99B1BE0B4 is not bound: No binding signature at time 2026-01-23T18:12:38Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z Reading package lists... Done W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. OpenPGP signature verification failed: http://openresty.org/package/debian bookworm InRelease: Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on E52218E7087897DC6DEA6D6D97DB7443D5EDEB74 is not bound: No binding signature at time 2025-12-13T01:36:05Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. OpenPGP signature verification failed: https://deb.nodesource.com/node_22.x nodistro InRelease: Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on 6F71F525282841EEDAF851B42F59B5F99B1BE0B4 is not bound: No binding signature at time 2026-01-23T18:12:38Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z W: Failed to fetch https://deb.nodesource.com/node_22.x/dists/nodistro/InRelease Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on 6F71F525282841EEDAF851B42F59B5F99B1BE0B4 is not bound: No binding signature at time 2026-01-23T18:12:38Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z W: Failed to fetch http://openresty.org/package/debian/dists/bookworm/InRelease Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on E52218E7087897DC6DEA6D6D97DB7443D5EDEB74 is not bound: No binding signature at time 2025-12-13T01:36:05Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z W: Some index files failed to download. They have been ignored, or old ones used instead.` Hope they will update soon.
OVERLORD commented 2026-02-05 04:48:08 +03:00
Author
Owner
Copy Link

@MickLesk commented on GitHub (Feb 1, 2026):

If anyone create an Upstream issue 🤷🏼‍♂️😀

@MickLesk commented on GitHub (Feb 1, 2026): If anyone create an Upstream issue 🤷🏼‍♂️😀
OVERLORD commented 2026-02-05 04:48:12 +03:00
Author
Owner
Copy Link

@coltc50 commented on GitHub (Feb 1, 2026):

Same here...

@coltc50 commented on GitHub (Feb 1, 2026): Same here...
OVERLORD commented 2026-02-05 04:48:15 +03:00
Author
Owner
Copy Link

@jodur commented on GitHub (Feb 1, 2026):

I have exactly the same problem. I also tried an alternative install with a apline LXC container, but also stalled at openrestly install.
Problem is that the library is not updated for new OS.
see: https://github.com/openresty/openresty/issues/1094

I also found a post of someone who compiled oprestly to work on Debian trixie:
https://ramon.vanraaij.eu/nginx-proxy-manager-on-debian-trixie-the-upgrade-survival-guide/

@jodur commented on GitHub (Feb 1, 2026): I have exactly the same problem. I also tried an alternative install with a apline LXC container, but also stalled at openrestly install. Problem is that the library is not updated for new OS. see: [https://github.com/openresty/openresty/issues/1094](https://github.com/openresty/openresty/issues/1094) I also found a post of someone who compiled oprestly to work on Debian trixie: [https://ramon.vanraaij.eu/nginx-proxy-manager-on-debian-trixie-the-upgrade-survival-guide/](https://ramon.vanraaij.eu/nginx-proxy-manager-on-debian-trixie-the-upgrade-survival-guide/)
OVERLORD commented 2026-02-05 04:48:17 +03:00
Author
Owner
Copy Link

@MickLesk commented on GitHub (Feb 1, 2026):

Thats wrong, we use the bookworm Repo of openresty, Not Trixie. Its clearly an gpg issue.

@MickLesk commented on GitHub (Feb 1, 2026): Thats wrong, we use the bookworm Repo of openresty, Not Trixie. Its clearly an gpg issue.
OVERLORD commented 2026-02-05 04:48:19 +03:00
Author
Owner
Copy Link

@e4glenight commented on GitHub (Feb 1, 2026):

i've got the same problems with node_22. is the same issues you think ?

@e4glenight commented on GitHub (Feb 1, 2026): i've got the same problems with node_22. is the same issues you think ?
OVERLORD commented 2026-02-05 04:48:31 +03:00
Author
Owner
Copy Link

@MickLesk commented on GitHub (Feb 1, 2026):

For Node gpg we have a Script in Discussions.

@MickLesk commented on GitHub (Feb 1, 2026): For Node gpg we have a Script in Discussions.
OVERLORD commented 2026-02-05 04:48:36 +03:00
Author
Owner
Copy Link

@e4glenight commented on GitHub (Feb 1, 2026):

For Node gpg we have a Script in Discussions.

so when its ready you can tell me here ? :)

@e4glenight commented on GitHub (Feb 1, 2026): > For Node gpg we have a Script in Discussions. so when its ready you can tell me here ? :)
OVERLORD commented 2026-02-05 04:48:39 +03:00
Author
Owner
Copy Link

@MickLesk commented on GitHub (Feb 1, 2026):

search in discussion -> guide. im on mobile

@MickLesk commented on GitHub (Feb 1, 2026): search in discussion -> guide. im on mobile
OVERLORD commented 2026-02-05 04:48:46 +03:00
Author
Owner
Copy Link

@MickLesk commented on GitHub (Feb 2, 2026):

https://github.com/openresty/openresty/issues/1097

@MickLesk commented on GitHub (Feb 2, 2026): https://github.com/openresty/openresty/issues/1097
OVERLORD commented 2026-02-05 04:48:50 +03:00
Author
Owner
Copy Link

@e4glenight commented on GitHub (Feb 2, 2026):

search in discussion -> guide. im on mobile

Hello, i've found if any ask :
don't know why but the scipt didn't detect the policy error, so i've remove the check for force the GPG refresh, and worked well then.

Hope Openrestry send an update soon !

Thanks again @MickLesk

@e4glenight commented on GitHub (Feb 2, 2026): > search in discussion -> guide. im on mobile Hello, i've found if any ask : [](https://github.com/community-scripts/ProxmoxVE/discussions/11295) don't know why but the scipt didn't detect the policy error, so i've remove the check for force the GPG refresh, and worked well then. Hope Openrestry send an update soon ! Thanks again @MickLesk
OVERLORD commented 2026-02-05 04:48:52 +03:00
Author
Owner
Copy Link

@TheCustomFHD commented on GitHub (Feb 4, 2026):

Sorry for my uneducated question, but why do we need OpenResty? cant we just grab NGINX from Debian Mirrors for now instead of completly disabling the ability to install this?

And if not, this ticket shows a bit of config/scripts that would temporarly allow SHA-1 again, but i got no clue how to do this while using this script. am i meant to run/edit this on the host or where?

Another question, why was the script entirely disabled, instead of just putting a massive warning with an alternative script that temporarly adds [trusted=yes] or so to the affected mirror until this is fixed?

@TheCustomFHD commented on GitHub (Feb 4, 2026): Sorry for my uneducated question, but why do we need OpenResty? cant we just grab NGINX from Debian Mirrors for now instead of completly disabling the ability to install this? And if not, [this ticket](https://github.com/openresty/openresty/issues/1097) shows a bit of config/scripts that would temporarly allow SHA-1 again, but i got no clue how to do this while using this script. am i meant to run/edit this on the host or where? Another question, why was the script entirely disabled, instead of just putting a massive warning with an alternative script that temporarly adds [trusted=yes] or so to the affected mirror until this is fixed?
OVERLORD commented 2026-02-05 04:48:55 +03:00
Author
Owner
Copy Link

@MickLesk commented on GitHub (Feb 4, 2026):

Because NPM need openresty?

NPM isnt nGinx

I dont disable Sha value. So we disable the Script until its fixed.

@MickLesk commented on GitHub (Feb 4, 2026): Because NPM need openresty? NPM isnt nGinx I dont disable Sha value. So we disable the Script until its fixed.
OVERLORD commented 2026-02-05 04:48:59 +03:00
Author
Owner
Copy Link

@TheCustomFHD commented on GitHub (Feb 4, 2026):

Oh, i didnt know that, i could have sworn i read somewhere that it doesnt need anything more but normal NGINX, my bad.
Incase id need to install it, would adding a line at line 170-171 with Trusted: yes be enough? This seems to me like the easiest and cleanest workaround atm..

Ive tried this, and i cant get this to work, so probably not.

@TheCustomFHD commented on GitHub (Feb 4, 2026): Oh, i didnt know that, i could have sworn i read somewhere that it doesnt need anything more but normal NGINX, my bad. Incase id need to install it, would adding a line at [line 170-171](https://github.com/community-scripts/ProxmoxVE/blob/main/ct/nginxproxymanager.sh) with `Trusted: yes` be enough? This seems to me like the easiest and cleanest workaround atm.. Ive tried this, and i cant get this to work, so probably not.
OVERLORD commented 2026-02-05 04:49:05 +03:00
Author
Owner
Copy Link

@klein-hirn commented on GitHub (Feb 4, 2026):

As @TheCustomFHD pointed out, there are fixes / workarounds for this issue (re-enabling SHA1 signatures for apt repositories), see also this issue. I like this version as it's one line of code and time-limited.

It still does introduce a potential security risk, SHA1 was disabled in trixie for a reason. For a public-facing server, ignoring dependency updates might be the more serious issue.

@klein-hirn commented on GitHub (Feb 4, 2026): As @TheCustomFHD pointed out, there are fixes / workarounds for this issue (re-enabling SHA1 signatures for apt repositories), see also [this issue](https://github.com/nodesource/distributions/issues/1920). I like this version as it's one line of code and time-limited. It still does introduce a potential security risk, SHA1 was disabled in trixie for a reason. For a public-facing server, ignoring dependency updates might be the more serious issue.
OVERLORD commented 2026-02-05 04:49:08 +03:00
Author
Owner
Copy Link

@MickLesk commented on GitHub (Feb 4, 2026):

And NPM is the entrance for the most homelabs to www. If anyone need the dirty Hack, lets go, but we dont Support this.

Another Solution is to use Debian bookworm.
var_version=12 bash -c "$(curl -fsSL https://raw.....

@MickLesk commented on GitHub (Feb 4, 2026): And NPM is the entrance for the most homelabs to www. If anyone need the dirty Hack, lets go, but we dont Support this. Another Solution is to use Debian bookworm. var_version=12 bash -c "$(curl -fsSL https://raw.....
OVERLORD commented 2026-02-05 04:49:18 +03:00
Author
Owner
Copy Link

@finnsloss commented on GitHub (Feb 5, 2026):

Thank you for the workaround with Debian bookworm, I need to get of of some old hardware fast!
Will do a rebuild when OpenResty is updated.

@finnsloss commented on GitHub (Feb 5, 2026): Thank you for the workaround with Debian bookworm, I need to get of of some old hardware fast! Will do a rebuild when OpenResty is updated.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Implemented in VED waiting push to Main
breaking change
bug
bug
bugfix
deferred
delete script
dependencies
enhancement
external
feature
github
help wanted
in project pipeline
invalid
investigation
json
maintenance
needs triage
new script
new script
nice to have
not a script issue
not planned
organization
pull-request
Mirrored from GitHub Pull Request
 question
refactor
rename script
security
update script
website
wontdo
🛑 Failure to comply with the guidelines
No Label external not a script issue
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/ProxmoxVE#2425
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?