Add database container ID variable and implement
fix_external_id function to modify the external_id
column for MariaDB compatibility. This resolves user
creation failures by ensuring the column definition
matches MariaDB requirements. Execute the fix during
panel startup before user creation.
Remove the run_migrations function from the startup script as
database migrations are now handled automatically by the
application during initialization, simplifying the startup
process and reducing redundant operations.
* 🚀 feat: Add database migrations to startup
Add database migrations execution to the panel startup
process. This ensures the database schema is properly
initialized before the application starts. The migration
runs with the --force flag to allow non-interactive
execution in containerized environments.
* 🔧 fix: Add error handling for database migrations
Add error handling to the database migration step to detect
and abort if migrations fail. This prevents the panel from
starting in an inconsistent state when database changes
encounter errors.
* fix: 🐛 Remove interactive terminal flag from docker exec
Remove the `-t` flag from docker exec commands in the startup
script. The `-t` flag allocates a pseudo-terminal which is
unnecessary for non-interactive command execution and can cause
issues in automated environments. Keep the `-i` flag for stdin
input handling.
* 🛡️ fix: add error handling to startup scripts
Add error checking to key generation and cache
optimization commands. Exit with status code 1 if
either command fails, preventing silent failures
during panel startup.
* 🔤 Update Unicode scanner to v2026.03.0
refactor: Expand common Unicode exclusions and improve
documentation
Update version to 2026.03.0 across all references. Enhance the
--exclude-common flag to cover additional typography characters
including soft hyphens, superscripts, subscripts, Roman numerals,
combining diacritical marks, and the replacement character. These
additions reduce false positives in documentation and markdown
repositories while maintaining security against actual threats.
Improve help text clarity for the --exclude-common option.
* fix:🔧 Correct Roman numeral range and remove false positives
Correct the Roman numeral Unicode range from U+2179 to U+217F to
include the complete set of Roman numeral characters. Remove checks
for combining diacritical marks (U+0300-U+030C) and the replacement
character (U+FFFD) as these are not security threats and cause false
positives in legitimate text processing.
* 🔧 refactor: improve docs and version display
Update help text to clarify --exclude-common behavior and
mention soft hyphen exclusion. Replace hardcoded version
string with VERSION variable for dynamic version display
in header output.
* 🔤 docs: clarify exclude-common flag behavior
Update help text to clarify that --exclude-common also suppresses
AI-confusion and homograph checks. Fix alignment of header banner
text to center properly within the box borders.
* 🔤 refactor: improve Unicode detection logic
Reorganize help text for better readability by rewrapping
lines at 72 characters. Remove soft hyphen from common
Unicode exclusions and refine Roman numeral detection to
exclude Latin-lookalike confusables (I, VI, X, v, x) while
maintaining detection of other Roman numeral characters.
* 🔤Expand Unicode exclusion patterns
Expand the --exclude-common option to cover additional
common Unicode characters including common spaces, angle
quotes, and per mille sign. Update documentation and add
clarifying notes about superscript character coverage to
reduce false positives in documentation and markdown
repositories.
* fix: 🔧 Expand subscript digit range to U+2089
Extend the subscript digits Unicode range from U+2080-U+2084
to U+2080-U+2089 to include all subscript digits. Update the
regex pattern from ^208[0-4]$ to ^208[0-9]$ to match the
complete range of subscript digit characters.
* docs: 📝 Add clarification on subscript digits range
Add explanatory comment to clarify that the subscript digits
regex pattern ^208[0-9]$ covers Unicode range U+2085-U+2089,
which are not currently included in the harmful_patterns list.
This documents the intentional broader matching for future
compatibility.
* Improve Docker downgrade robustness and version reporting
Enhances the downgrade_docker function to retry apt-get installs, verify package installation after errors, and provide more detailed status and version reporting for containerd. Also updates package hold/unhold logic to include docker-ce-rootless-extras and improves logging in both run.sh and test-script.sh for better diagnostics and validation.
* Refactor variable assignment and improve containerd version check
Refactored variable assignments in run.sh and test-script.sh to use separate declaration and assignment for better readability and shell compatibility. Updated the containerd version check in test-script.sh to accept both '1.7.28' and 'v1.7.28' formats.
* Implement active polling for Docker startup readiness
Replaces fixed sleep delays with active polling loops to ensure Docker and containerd are fully ready before proceeding. Updates run.sh and test-script.sh to address the 'two runs needed' bug, adds a dedicated test for Docker startup polling, and expands bug fix test coverage.
* Fix variable expansion in mock docker script heredoc
Changed the heredoc delimiter in the mock docker script to allow variable expansion, ensuring the correct state file path is used. Removed the need for a post-processing sed command.
* Update script version to 2025.12.0
Bump displayed version number from 2025.11.1 to 2025.12.0 in all relevant echo statements within run.sh.
* Add allowlist support with ranges and comments
Introduces enhanced allowlist parsing in the Unicode Security Scanner, supporting single codes, code ranges, and inline comments. Updates documentation and test suite to verify allowlist functionality, including range and inline comment handling. Also adds a GitHub Actions workflow for automated scanner testing on Ubuntu and macOS.
* Simplify test command in CI workflow
Refactored the test step to use 'if ./run.sh ...' directly, removing the explicit check of the exit code for improved readability.
* Unify test workflow for multiple OS platforms
Replaces separate macOS and Ubuntu jobs with a matrix strategy to run tests on both platforms. Adds shell defaults and improves test steps with more robust output validation.
* Add timeout handling for dpkg queries
Updated run.sh to use 'timeout' for all dpkg -l queries to prevent script hangs if the dpkg database is locked. Enhanced test-script.sh with a new test_dpkg_hang function and integrated it into the bug fix test suite to verify proper timeout handling for dpkg database hangs.
* Update script version to 2025.11.1
Bump displayed version in casaos-fix-docker-api-version/run.sh from 2025.11.0 to 2025.11.1 for consistency across script output and help messages.
* Refactor variable assignment for POSIX compliance
Updated variable assignment in run.sh and test-script.sh to use separate declaration and assignment lines, improving POSIX shell compatibility and readability.
* Improve test-script.sh mock dpkg usage and variable handling
Refactored test_dpkg_hang to declare local variables upfront, avoid SC2155 issues, and use explicit paths for the mock dpkg command. Updated PATH handling and hash table clearing to ensure the mock is used, and improved the test script to override dpkg for more reliable testing.
* Remove local keyword from test_script variable
The 'local' keyword was removed from the 'test_script' variable declaration in test-script.sh to ensure compatibility and correct scoping outside of functions.
* Add CI workflow and test script for CasaOS Docker fix
Introduces a GitHub Actions workflow to automate testing of the CasaOS Docker API version fix script. Adds a comprehensive test-script.sh for simulating Docker upgrades, verifying the fix, and testing edge cases. Enhances run.sh with non-interactive mode support and colored output, and updates confirmation prompts to respect the NON_INTERACTIVE environment variable.
* Fix color variable typo and improve version check
Corrects the YIGHLIGHT variable to YELLOW for output coloring. Updates Docker API version comparison to use awk for proper numeric comparison. Also improves error reporting in test_fix_script by capturing and returning the actual exit code.
* Add CasaOS version check hang handling and tests
Introduces timeout handling for 'casaos -v' in run.sh to prevent script hangs if CasaOS is in a broken state. Updates test-script.sh to add a dedicated test for CasaOS version check hang handling and includes it in the bug fix test suite. Updates workflow to run the new bug fix tests. Script version updated to 2025.11.0.
* Fix local variable assignment in test-script.sh
Refactored the assignment of the 'output' variable to avoid combining declaration and command substitution, improving compatibility and clarity in the script.
* Fix local variable assignment in test-script.sh
Separated declaration and assignment of the 'output' variable to avoid issues with local scoping in subshells. This improves compatibility and reliability of the test script.
* Add timeouts to Docker and service commands
Introduces timeout to various Docker, containerd, and systemctl commands throughout the script to prevent hanging if services are unresponsive. Adds functions to prevent and restore service auto-start during package installation, improving reliability during upgrades and downgrades. Updates script version to 1.6.3.
* Add Raspbian support to OS check comments
Updated the comments in check_docker_availability to include Raspbian 11 and 12, clarifying supported OS versions.
* Improve service autostart prevention logic in run.sh
Enhances error handling and sudo detection when configuring policy-rc.d to prevent or restore service autostart. Fixes a missing echo statement and improves backup restoration by using find instead of ls for safer file handling.
* Improve network and timeout handling in Docker fix script
Enhances casaos-fix-docker-api-version/run.sh with better network connectivity checks, retry logic for GPG key download, and timeout handling for apt operations and Docker installation. Updates script version to 1.6.3 and improves user feedback for common failure scenarios, making the script more robust against slow or unreliable networks.
* Update script version to 1.6.2 in run.sh
Changed displayed version from 1.6.3 to 1.6.2 in all relevant echo statements for consistency with the actual script version.
* Improve apt-get update error handling in run.sh
Refactored the logic for checking apt-get update exit status to more reliably detect failures and timeouts by separating the command execution from the error check. This enhances robustness when updating package lists, especially on slow or unreliable networks.
* Add timeouts to snap commands in Docker check
Introduces timeout to 'snap list' and 'snap remove' commands in the Docker Snap removal logic to prevent script hangs if snapd is unresponsive. Adds handling for timeout exit codes and improves warning messages.
* Add Docker API compatibility check for CasaOS
Introduces a function to verify Docker API version compatibility with CasaOS. If Docker API version is 1.52 or higher, applies a systemd override to set DOCKER_MIN_API_VERSION for improved compatibility with older CasaOS versions.
* Add containerd version check and fix for LXC/Proxmox
Introduces detection for LXC/Proxmox environments and checks containerd.io version for compatibility with AppArmor. Downgrades containerd.io to 1.7.28-1 if a problematic version is detected, addressing potential 'permission denied' errors in containers.
* Update installer version to V1.0.0 in run.sh
Changed the displayed version in the welcome message from V0.4 to V1.0.0 to reflect the latest release of the BigBear CasaOS Installer.
* Improve Docker API version checks and cleanup
Enhanced Docker API version verification with clearer messaging for newer versions and added checks for GPG key conflicts. Improved Docker repository setup by removing old GPG keys and refined Docker runtime cleanup to handle network namespace files more safely.
* Update script version to 1.6.1
Bump displayed version in casaos-fix-docker-api-version/run.sh from 1.6.0 to 1.6.1 for consistency across script output and help messages.
* Update README for Docker 28.0.x and API changes
Revised documentation to reflect support for Docker 28.0.x (API 1.47/1.48) instead of 24.0.7, clarified compatibility notes for CasaOS versions, and updated instructions for LXC/Proxmox environments. Also improved versioning details and troubleshooting steps for Docker and containerd.io installations.
* Remove testing instructions from README
Deleted the section describing how to test the fix script and related usage details from the README. This streamlines the documentation and removes references to the test script.
* Improve Docker version resolution in run.sh
Updated the script to correctly compare Docker API versions using bc for numeric comparison. Enhanced the Docker version resolver to support all 28.x.x releases, not just 28.0.x, and improved filtering and sorting to select the latest available version.
* Update script to support Docker 28.x series
Replaces references to Docker 28.0.x with 28.x throughout the script to reflect support for all 28.x versions. Updates compatibility checks, messages, and comments to include API versions 1.47 and 1.48, ensuring broader compatibility with CasaOS.
* Update runc issue links to markdown format in README
Changed plain URLs referencing the opencontainers/runc issue to markdown link format for improved readability in the documentation.
* Improve Docker API version compatibility check
Updated the version check logic in run.sh to use awk for decimal comparison and support Docker API versions 1.47 to 1.51, ensuring compatibility with CasaOS. Adjusted warning messages to reflect the broader compatible range and upcoming breaking changes in API 1.52.
* Update script version to 1.6.2
Bump displayed version in casaos-fix-docker-api-version/run.sh from 1.6.1 to 1.6.2 for consistency across script output and usage instructions.
* Update script version to 1.6.1 in run.sh
Changed displayed version from 1.6.2 to 1.6.1 in all relevant echo statements for consistency with the actual script version.
* Update script to use Docker 28.0.x for CasaOS
Switches all logic, messaging, and checks from Docker 24.0.x (API 1.43) to Docker 28.0.x (API 1.47) for CasaOS compatibility. Updates comments, version checks, and instructions to reflect the new recommended Docker version and API, ensuring modern features and stability.
* Update script version to 1.6.0
Bump displayed version from 1.5.0 to 1.6.0 in all relevant echo statements for consistency with the latest release.
* Add Docker API override method for newer distros
Introduces functions to apply and remove a Docker API override using DOCKER_MIN_API_VERSION=1.24 for distributions where Docker 24.0.x is unavailable (e.g., Ubuntu 24.04+, Debian trixie). Updates messaging and main logic to support this alternative fix, allowing CasaOS to work with newer Docker versions without requiring a downgrade.
* Update script version to 1.5.0 in run.sh
Changed displayed version from 1.4.0 to 1.5.0 in all relevant echo statements to reflect the latest script version.
* Refactor Docker repository setup into function
Extracted Docker repository setup steps into a reusable setup_docker_repository function. Updated main installation and downgrade logic to use this function, reducing code duplication and improving maintainability.
* Update Docker version handling for CasaOS compatibility
Refactored script to use Docker 24.0.x version pattern for improved compatibility with CasaOS, replacing hardcoded 24.0.7 references. Added OS version checks to prevent installation on unsupported distributions, improved error messaging, and streamlined Docker installation logic to handle version patterns and fallback scenarios.
* Update Debian trixie and Raspberry Pi OS guidance
Clarified instructions for Debian trixie users, specifying Docker 24.0.x support on bookworm. Improved Raspberry Pi OS messaging to recommend reinstalling with the stable release based on Debian bookworm.
* Resolve Docker and containerd versions at runtime
Replaces hardcoded Docker version with runtime resolution for the latest available 24.0.x version. Adds logic to resolve and verify the exact containerd.io version, improving compatibility and reliability of the installation process. Removes fallback pattern matching for containerd installation and enhances error handling and messaging.
Enhanced the Docker downgrade function by cleaning up old Docker repository configurations, forcing a fresh apt cache, and using --purge and autoremove to ensure a cleaner removal of Docker and its dependencies. Updated script version to 1.3.0.
* Enhance Docker fix script with robust checks and diagnostics
Added functions to detect and remove Snap-based Docker installations, check for multiple Docker binaries, verify dockerd binary and API versions, and ensure all Docker processes are terminated before upgrade. Improved diagnostics and troubleshooting guidance for cases where the Docker API version does not change as expected. Updated README with new features, troubleshooting steps, and instructions for using the test script.
* Improve Snap Docker removal and error handling
Enhances the script to better handle the removal of Docker installed via Snap. Adds verification after removal, improved warning messages, and halts execution if Snap Docker cannot be removed, prompting the user for manual intervention.
* Bump script version to 1.2.1 in run.sh
Updated the displayed version number in the CasaOS Docker Version Fix Script from 1.2.0 to 1.2.1.
* Remove Docker permissions fix and update menu options
Eliminated the 'Fix Docker Permissions' function and related menu entry. Updated menu numbering and adjusted overlay2 and full reset functions to let Docker handle directory structure and permissions automatically.
* Update toolkit version in run.sh header
Changed the displayed version in the run.sh script header from V0.0.1 to V0.1.0 to reflect the current version.
* Add user to docker group and improve Docker service handling
Introduces a function to add the current user to the docker group if not running as root, with instructions for group change to take effect. Also enables docker.socket and docker service before starting them, and updates step numbering for CasaOS service restart.
* Remove manual Docker directory permission fixes
Eliminated explicit chown and chmod operations on Docker directories and subdirectories. The script now relies on Docker to set its own directory permissions on startup, simplifying the cleanup process and reducing potential permission issues.
* Update script version to 1.2.0 in run.sh
Bumped the displayed version number in the CasaOS Docker Version Fix Script from 1.1.0 to 1.2.0.
Enhances error handling and package management in the CasaOS Docker version fix script. Adds SUDO detection, improves version/package display, ensures clean removal before downgrade, adds timeouts to container tests, and clarifies user prompts and backup logic for safer operations.
Introduces a script and documentation to resolve Docker API version incompatibility and related runtime errors for CasaOS, including overlay2 permission issues and CVE-2025-52881 AppArmor problems in LXC/Proxmox environments. The script automates Docker downgrade, containerd version management, permission fixes, and service restarts to restore compatibility and stability.
* 🔍 feat(unicode-scanner): Add binary file scanning option
Enhance Unicode security scanner with optional binary file scanning:
- Implement `--include-binary` flag to scan binary files
- Add comprehensive binary file detection logic
- Update help text and version number
- Improve file type detection using file command and extensions
* 🔧 refactor: Improve variable declaration in run.sh
Separate variable declaration and assignment for better
readability and adherence to shellcheck recommendations.
This change ensures clearer code structure and potential
improved static analysis compatibility.
Update URLs for various app configuration files to point to the
new big-bear-universal-apps repository. This ensures that the
latest configuration files are sourced from the correct location.
* 🧪 test(favicon-generator): Add comprehensive test suite for run.sh
Implement a robust test script to validate favicon generation
script functionality. The test suite covers:
- Handling of no arguments
- Non-existent file input
- ImageMagick dependency check
- Full favicon generation workflow
- File output verification
Ensures script reliability and provides clear test coverage
for different scenarios.
* 🔧 fix(generate-favicons): Properly quote temp directory path
Ensure the temporary directory path is correctly quoted to prevent
potential shell expansion or injection issues. This change improves
script safety by properly escaping the directory path in the trap
command.
* ✨ feat(configure-thread-border-router): Add script to configure Thread border router
This commit adds a new script `run.sh` to the `configure-thread-border-router` directory. The script performs the following tasks:
- Checks if the script is running as root
- Displays a welcome message with links to the community and support options
- Checks the kernel configuration for `CONFIG_IPV6_ROUTER_PREF` and `CONFIG_IPV6_ROUTE_INFO`
- Checks the status of IPv6 forwarding and provides an option to disable it
- Checks the version of NetworkManager and provides a warning if it's below 1.42
- Displays a list of available network interfaces, their status, IPv6 addresses, and Router Advertisement (RA) settings
- Prompts the user to select the interfaces to configure
- Applies the necessary RA settings to the selected interfaces
The goal of this script is to simplify the configuration of a Thread border router by automating the setup of the required network settings.
* 🔧 Update shebang to use env for better portability
Replaces hardcoded bash path with /usr/bin/env bash
This ensures the script uses the first bash in the user's PATH
Improves cross-system compatibility and script flexibility
* 🔧 Improve IPv6 configuration script robustness
Enhance script reliability and user experience by:
- Adding input validation for interface selection
- Implementing idempotent configuration updates
- Improving quoting and shellcheck compatibility
- Adding more precise error handling for network settings
* ✨ feat: add homoglyph and unicode lookalikes list
Add a large set of unicodealikes and homoglyphs to the
check-for-unicode script to improve detection of visually similar
characters used in homograph and prompt-injection attacks.
Key changes:
- Include Cyrillic small and capital letters that resemble Latin
characters (addresses CVE-2017-5116 style homograph risks).
- Add Greek, Armenian, Thai, and other script characters that are
commonly used as lookalikes.
- Add Mathematical Alphanumeric Symbols and Fullwidth Latin
characters used in obfuscated/prompt-injection attacks.
- Expand comments and groupings to clarify character sources and
attack vectors.
Why:
- Improve security by catching more spoofed or obfuscated input that
could be used for phishing, homograph attacks, or adversarial
prompt manipulation.
* 🔒 feat(security): Add Unicode attack vector test suite
Implement comprehensive test suite for Unicode-based security
vulnerabilities, including:
- Trojan Source attacks
- Homograph attacks
- Bidirectional text overrides
- Zero-width character injections
- Mathematical symbol impersonation
These tests help identify potential security risks in code
parsing and input validation mechanisms.
* 📝 docs(readme): Update documentation for Unicode Security Scanner v2.0.0
Enhance README with comprehensive usage instructions, advanced scanning
options, and detailed example outputs. Add sections for:
- Command line options
- Basic and advanced usage scenarios
- Improved example outputs (standard and JSON modes)
- Testing and validation information
- Allowlist configuration details
Highlights:
- Expanded CLI option documentation
- Added JSON output format example
- Included test suite overview
- Demonstrated severity filtering
- Showcased allowlist configuration
* 🤖 feat(unicode): Add comprehensive AI+ security release v2.0.0
Implement major security enhancements for Unicode detection:
- Expand Unicode pattern detection to 150+ patterns
- Add homograph detection for multiple scripts
- Introduce advanced CLI options for flexible scanning
- Improve false positive handling with byte-aligned matching
- Enhance cross-platform compatibility
- Implement structured JSON output and severity filtering
- Add comprehensive test suite with attack vector coverage
Addresses critical security concerns in AI and supply chain contexts
* 🎯 Add Unicode Exclusion Flags and Enhanced Test Suite
Implement advanced Unicode detection with context-aware exclusion
flags for emojis and common typography. Adds comprehensive test
coverage for UI and documentation scenarios, reducing false
positives while maintaining robust security checks.
- Bump installer version from v0.3 to v0.4
- Update uninstall script URL to GitHub raw source
- Simplify uninstall script download logic
- Remove SSL bypass condition for get.casaos.io
* feat: Implement comprehensive Ubuntu/Debian server update script
This commit introduces a major overhaul of the server update script, adding a wide range of new features and improvements:
- Adds support for configuration file to customize script behavior
- Implements detailed logging to both log file and JSON format
- Adds color and Unicode symbols for better visual appeal
- Tracks performance metrics and statistics during the update process
- Includes default configuration with various options to enable/disable features
- Adds helper functions for formatting and displaying content
- Checks for and installs missing dependencies (e.g., `bc` for calculations)
- Provides a decorative header with version information and branding
- Improves overall code structure and readability
These changes aim to make the script more user-friendly, configurable, and robust, providing a comprehensive solution for keeping Ubuntu and Debian servers up-to-date.
* feat(update-ubuntu-or-debian-server): Enhance README with new features and details
This commit significantly enhances the README file for the "update-ubuntu-or-debian-server" script. The key changes include:
- Added badges for license and last commit
- Expanded the table of contents with more detailed sections
- Provided a comprehensive overview of the script's features, including core functionality, safety and security, monitoring and reporting, and configuration management
- Detailed the prerequisites and automatic dependency installation
- Included quick start instructions for both basic usage and manual installation
- Documented the available command-line options
- Provided information about the configuration, system health checks, security features, performance monitoring, email notifications, automation and scheduling, file locations, advanced usage, troubleshooting, contributing, license, support, and version history
These changes aim to make the README more informative, user-friendly, and comprehensive, helping users better understand the capabilities and usage of the script.
* feat: Improve backup script and table of contents formatting
This commit includes the following changes:
1. Update the table of contents in the README.md file to remove the emoji
prefixes and improve the formatting.
2. Modify the backup script (run.sh) to use a more robust method for
capturing the package selections. Instead of using `dpkg --get-selections
>`, the script now uses `sudo sh -c "dpkg --get-selections > ..."` to
ensure proper file redirection.
3. Enhance the progress bar implementation in the backup script to use
floating-point precision for the sleep interval, with a minimum value of
0.05 seconds. This ensures a smoother progress display, even for short
backup durations.
* feat(maintenance-window): Improve maintenance window handling
The changes in this commit improve the handling of the maintenance window
in the script. The previous implementation had issues with maintenance
windows that crossed midnight. The new implementation converts the times
to minutes since midnight and handles both the normal case (start <= end)
and the wrap-around case (start > end) correctly.
Additionally, the commit moves the "check_problematic_packages" function
call to before the package updates, ensuring that any problematic packages
are identified and excluded before the system is updated.
* feat(config): Safely parse configuration file
Implement a more secure way to load the configuration file by
parsing it line by line and only allowing known configuration
variables to be set. This prevents the execution of arbitrary
commands that could be present in the configuration file.
* feat(server-config): Update configuration variable handling
Modify the script to use `printf -v` to safely set configuration
variables and export them. This ensures that variables are properly
initialized and available for use throughout the script.
* feat(update-ubuntu-or-debian-server): Improve retry logic and progress reporting
The changes in this commit improve the retry logic and progress reporting in the `update-ubuntu-or-debian-server/run.sh` script. The key changes are:
- Refactor the `retry_operation` function to accept the command as an array, making it more flexible and easier to use.
- Update the `retry_operation` function to store the failed commands in the `FAILED_OPERATIONS` array.
- Improve the progress reporting by using the `show_progress_bar` function instead of `show_progress` for the package list update.
- Update the package upgrade and full upgrade steps to use the improved `retry_operation` function.
- Update the package autoremoval and cache cleanup steps to use the improved `retry_operation` function.
These changes aim to make the script more robust and provide better feedback to the user during the update process.
* feat(logging): Improve JSON logging with jq or manual escaping
The changes in this commit improve the JSON logging functionality in the
script. If the `jq` command is available, it is used to generate the JSON
log entries. If `jq` is not available, the script falls back to manual
escaping of the log message to ensure proper JSON formatting.
* feat: Use indirect variable expansion for config value
The changes update the way the script retrieves the configuration value
for auto-proceeding. Instead of using `eval echo`, it now uses indirect
variable expansion to directly access the value of the configuration
variable.
Refine password validation to separately check length and character
requirements for better clarity. Add detailed error messages showing
password length and value on failure. Implement automatic Portainer
restart attempts on validation failure to maintain service availability.
* ✨ feat: Add Portainer password reset script
This commit introduces a new script `run.sh` that allows users to easily reset the Portainer administrator password. The script performs the following key changes:
- Checks if Docker is running and accessible
- Finds the Portainer container and its associated data volume
- Detects the deployment type (container, service, or stack)
- Stops the Portainer instance based on the deployment type
- Provides a user prompt to confirm the password reset
- Resets the Portainer administrator password
The script is designed to be user-friendly, providing clear instructions and error handling to ensure a smooth password reset process. This feature will help Portainer users who have lost or forgotten their administrator password, allowing them to regain access to their Portainer instance.
* 🔧 feat(reset-portainer-password): Add support for Portainer stacks
This commit adds support for resetting the Portainer administrator password
when Portainer is deployed as a Docker stack. Previously, the script only
supported Portainer containers and services.
The key changes are:
- Detect if Portainer is deployed as a stack and find the corresponding
service name
- Scale down the Portainer stack service to 0 replicas before resetting the
password
- Scale up the Portainer stack service to 1 replica after resetting the
password
- Improve the logic for finding the Portainer data volume or bind mount
- Update the README with information about bind mounts
* 🔧 refactor: Improve error handling in Portainer password reset script
The changes in this commit focus on improving the error handling in the Portainer password reset script. The main changes are:
- Replaced the `check_command` function with a more generic `handle_error` function that prints the error message and exits the script.
- Simplified the error handling in various places by using the `|| handle_error` pattern instead of explicit error checking.
- Temporarily disabled `set -e` when running the Portainer password reset helper to properly capture the exit code.
- Improved the logic for finding the Portainer container and volume/mount by using the `||` operator instead of explicit error checking.
These changes make the script more robust and easier to maintain by centralizing the error handling logic and reducing duplication.
* ✨ refactor: improve error handling and rename error function
Replace generic handle_error calls with handle_command_error for clearer
command failure handling in Portainer service scaling and container
operations. Introduce a detailed handle_error function to trap errors,
providing line number, exit code, and failed command for better diagnostics.
Enhance script robustness and maintainability by improving error reporting.
* feat(reset-portainer-password): improve error handling and deployment detection
Enhance error handling with detailed diagnostics on failure using ERR trap.
Refine Docker and Portainer container checks for accuracy and robustness.
Improve volume detection logic to handle mounts and fallback volume names.
Add deployment type detection to distinguish container, service, or stack.
Update script flow to confirm actions and handle different deployment types
appropriately when stopping and restarting Portainer.
This commit introduces a comprehensive Unicode Security Scanner that
detects a wide range of dangerous Unicode characters that can be used
in security attacks, including Trojan Source attacks (CVE-2021-42574)
and other invisible characters. The scanner uses a list of harmful
Unicode patterns in hex format for efficient grep-based scanning.
This commit adds a new script `check-for-unicode/run.sh` that scans files and directories for potentially dangerous Unicode characters. These characters can be exploited in AI systems, cause display/parsing issues, or enable social engineering attacks.
The script detects a comprehensive list of harmful Unicode characters, including:
- Zero-width and invisible characters
- Bidirectional text controls (Trojan Source attacks)
- Annotation and formatting characters
- Line and paragraph separators
- Additional format characters
- Variation selectors
The script can be used to identify these characters in files and directories, helping to improve the security and reliability of systems that process text data.
This commit adds a new script `run.sh` to the `install-cursor` directory. The script
automates the process of downloading and installing the Cursor AI application for
various platforms (macOS, Linux, and Windows).
The key changes include:
- Fetching the latest version information from a JSON file
- Detecting the user's operating system and architecture
- Downloading the appropriate binary for the detected platform
- Verifying the binary's signature and notarization status on macOS
- Installing the application on the user's system
This script aims to simplify the installation process and ensure a smooth user
experience when setting up the Cursor AI application.
This commit adds the LAN IP address to the Nextcloud configuration file
(`config.php`). The changes ensure that Nextcloud can be accessed using the
LAN IP address, in addition to the default `localhost` address.
The key changes are:
- Implement a function `Get_IPs()` to reliably detect the LAN IP address,
prioritizing non-loopback and non-docker interfaces.
- Use the detected LAN IP address to update the `config.php` file, adding it
as an additional entry in the `trusted_domains` setting.
- Backup the original `config.php` file before making changes.
* 🔧 feat(install-casaos): Add function to check and uninstall Docker from Snap
This commit adds a new function `Check_Docker_Snap()` to the `install-casaos/run.sh` script. The purpose of this function is to check if Docker is installed via Snap and provide a prompt to uninstall the Snap version if necessary.
Snap-based Docker installations can cause compatibility issues with CasaOS, so it's recommended to uninstall the Snap version before proceeding with the CasaOS installation. This function helps to ensure a smooth installation process by addressing this potential issue.
The function first checks if Docker is installed via Snap. If so, it displays a warning message and prompts the user to confirm whether they want to uninstall the Snap version. If the user confirms, the function proceeds to uninstall Docker from Snap. If the user declines, the function skips the uninstallation and provides a warning that this may cause issues with CasaOS.
The function is then called within the `Install_Docker()` function to handle the Snap-based Docker installation before proceeding with the main Docker installation.
* 🔖 feat(install-casaos/run.sh): Update CasaOS Installer version
Updates the CasaOS Installer version from V0.1 to V0.3 to reflect the latest
release.
This commit enhances the IP detection and display functionality in the CasaOS installer script. The key changes are:
- Improved the logic to retrieve the CasaOS port from the configuration file, with a fallback to port 80 if the port cannot be determined.
- Implemented a simpler approach to get the first non-loopback IP address, which is usually the LAN IP.
- Added more advanced methods to identify and exclude Docker, virtual, and other non-physical interfaces when retrieving IP addresses.
- Improved the display of the CasaOS URL, showing the IP address and port in a user-friendly format.
These changes aim to provide a more reliable and user-friendly experience when installing CasaOS, ensuring that the correct IP address and port are displayed for easy access to the CasaOS web interface.
The changes include:
1. Added a new README.md file in the `install-casaos` directory, which provides a simple command to run the CasaOS installation script.
2. Added a new `run.sh` script in the `install-casaos` directory, which is the main CasaOS installation script. This script includes functionality to automatically check SSL certificate validity and disable SSL/TLS certificate verification if necessary for problematic domains.
These changes aim to provide a convenient way for users to install CasaOS on their systems by running a single command.
Adds a video link to the README file for the reset-password-for-casaos
feature. This will provide users with a visual guide on how to reset
their password for CasaOS.
This commit adds a new script to generate a LibreDesk configuration file. The
script prompts the user for the desired location to save the config file, and
then downloads the default config from the BigBearTechWorld/big-bear-casaos
repository and saves it to the specified location. If the file already exists,
the user is asked for confirmation before overwriting it.
* ✨ feat: Add ARP interface finder script and README
This commit adds a new script, `run.sh`, that finds all usable network
interfaces for `arp-scan` and exports them to a configuration file. The
script detects interfaces that are "UP" (usable for scanning), skips
virtual container interfaces (veth), and handles special cases like
`eth0@if46` that might be in different network namespaces.
Additionally, a README file is added to provide instructions on how to
run the command.
* ✨ feat(arp-iface-finder): Use bash shebang for portability
Modify the shebang line in the `run.sh` script to use `#!/usr/bin/env bash`
instead of `#!/bin/bash`. This ensures the script will run on systems
where the bash binary is not located at `/bin/bash`, improving
portability.
The changes update the URL used to fetch the Romm configuration file. The
previous URL was pointing to an outdated location, so the new URL is
updated to fetch the config from the correct location on the master
branch.
This commit introduces a new script called `bigbear-casaos-server-finder/run.sh` that
allows users to discover CasaOS servers on their local network.
The key features of this script include:
- Automatic discovery of available subnets on the system
- Ability to scan multiple ports (configurable) for each IP address
- Parallel scanning to speed up the process
- Logging of the results to a log file
- Handling of missing dependencies (nmap and iproute2)
- User-friendly output with color-coded messages
- Option to select a specific subnet to scan for faster results
This script is designed to help BigBearTechWorld community members easily find
CasaOS servers on their local networks, making it easier to connect to and
manage their CasaOS instances.
portability
Changes the shebang line from `#!/bin/bash` to `#!/usr/bin/env bash` to
ensure the script runs on systems where the bash binary may not be
located at `/bin/bash`.
* ✨ feat: Implement robust network configuration for Pterodactyl
This commit introduces a comprehensive network configuration process for the
Pterodactyl setup. The key changes include:
- Implementing a function to find an available subnet that is not already in use
by the system or other Docker networks. This helps ensure the Pterodactyl
network does not conflict with existing network configurations.
- Calculating the gateway IP address for the selected subnet, which is then
used when creating the Docker network.
- Enhancing the `create_pterodactyl_network()` function to handle network
creation with proper error checking and verification.
- Refactoring the `configure_network()` function to orchestrate the entire
network configuration process, including subnet discovery, gateway
calculation, and network creation.
- Adding detailed comments to explain the purpose and flow of the network
configuration logic.
These changes improve the reliability and robustness of the Pterodactyl setup
by ensuring the network is properly configured and does not interfere with
existing network resources.
* 🔧 feat(setup-pterodactyl-wings): Improve network configuration and
directory setup
This commit introduces the following improvements:
- Provide better error handling and feedback when finding an available subnet
fails
- Display a success message when the Docker network is created successfully
- Enhance the quick setup option by using a spinner to show the progress of
chown commands
- Improve the formatting and messaging throughout the script for better
readability and user experience
The changes aim to provide a more robust and user-friendly setup process for
the Pterodactyl wings component.
Adds a user choice menu to the setup script, allowing the user to either
run the full setup or only execute the chown commands. This provides more
flexibility and control for the user during the setup process.
This commit adds a new script `run.sh` that handles the network configuration and directory setup for Pterodactyl Wings. The key changes include:
- Checks if a UUID argument is provided and exits with an error if not
- Implements functions to check if a subnet is in use, find an available subnet, and get the gateway for a subnet
- Creates the `pterodactyl_nw` Docker network with the available subnet and gateway
- Creates the required directories for Pterodactyl (/var/lib/pterodactyl/volumes, /tmp/pterodactyl, /etc/pterodactyl, /var/log/pterodactyl)
- Sets the appropriate ownership for the created directories
- Restarts the `pterodactyl-wings` container to apply the changes
This script simplifies the setup process for Pterodactyl Wings and helps ensure the network configuration and directory structure are properly set up.
