community-scripts/ProxmoxVE
1
0
Fork 0
mirror of https://github.com/community-scripts/ProxmoxVE.git synced 2025-12-10 03:59:39 -06:00
Code Issues Packages Projects Releases 267 Wiki Activity

Feature: extend advanced settings with more options & inherit app defaults (#9776)

Browse Source
This commit is contained in:
CanbiZ 2025-12-09 16:01:31 +01:00 committed by GitHub
parent 1458aade19
commit bea9a62cce
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 512 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

164
docs/misc/build.func/BUILD_FUNC_ADVANCED_SETTINGS.md Normal file
View File

@ -0,0 +1,164 @@
# Advanced Settings Wizard Reference
## Overview
The Advanced Settings wizard provides a 28-step interactive configuration for LXC container creation. It allows users to customize every aspect of the container while inheriting sensible defaults from the CT script.
## Key Features
- **Inherit App Defaults**: All `var_*` values from CT scripts pre-populate wizard fields
- **Back Navigation**: Press Cancel/Back to return to previous step
- **App Default Hints**: Each dialog shows `(App default: X)` to indicate script defaults
- **Full Customization**: Every configurable option is accessible
## Wizard Steps
| Step | Title | Variable(s) | Description |
| ---- | ------------------------ | --------------------------------- | ----------------------------------------------------- |
| 1 | Container Type | `var_unprivileged` | Privileged (0) or Unprivileged (1) container |
| 2 | Root Password | `var_pw` | Set password or use automatic login |
| 3 | Container ID | `var_ctid` | Unique container ID (auto-suggested) |
| 4 | Hostname | `var_hostname` | Container hostname |
| 5 | Disk Size | `var_disk` | Disk size in GB |
| 6 | CPU Cores | `var_cpu` | Number of CPU cores |
| 7 | RAM Size | `var_ram` | RAM size in MiB |
| 8 | Network Bridge | `var_brg` | Network bridge (vmbr0, etc.) |
| 9 | IPv4 Configuration | `var_net`, `var_gateway` | DHCP or static IP with gateway |
| 10 | IPv6 Configuration | `var_ipv6_method` | Auto, DHCP, Static, or None |
| 11 | MTU Size | `var_mtu` | Network MTU (default: 1500) |
| 12 | DNS Search Domain | `var_searchdomain` | DNS search domain |
| 13 | DNS Server | `var_ns` | Custom DNS server IP |
| 14 | MAC Address | `var_mac` | Custom MAC address (auto-generated if empty) |
| 15 | VLAN Tag | `var_vlan` | VLAN tag ID |
| 16 | Tags | `var_tags` | Container tags (comma/semicolon separated) |
| 17 | SSH Settings | `var_ssh` | SSH key selection and root access |
| 18 | FUSE Support | `var_fuse` | Enable FUSE for rclone, mergerfs, AppImage |
| 19 | TUN/TAP Support | `var_tun` | Enable for VPN apps (WireGuard, OpenVPN, Tailscale) |
| 20 | Nesting Support | `var_nesting` | Enable for Docker, LXC in LXC, Podman |
| 21 | GPU Passthrough | `var_gpu` | Auto-detect and pass through Intel/AMD/NVIDIA GPUs |
| 22 | Keyctl Support | `var_keyctl` | Enable for Docker, systemd-networkd |
| 23 | APT Cacher Proxy | `var_apt_cacher`, `var_apt_cacher_ip` | Use apt-cacher-ng for faster downloads |
| 24 | Container Timezone | `var_timezone` | Set timezone (e.g., Europe/Berlin) |
| 25 | Container Protection | `var_protection` | Prevent accidental deletion |
| 26 | Device Node Creation | `var_mknod` | Allow mknod (experimental, kernel 5.3+) |
| 27 | Mount Filesystems | `var_mount_fs` | Allow specific mounts: nfs, cifs, fuse, etc. |
| 28 | Verbose Mode & Confirm | `var_verbose` | Enable verbose output + final confirmation |
## Default Value Inheritance
The wizard inherits defaults from multiple sources:
```text
CT Script (var_*) → default.vars → app.vars → User Input
```
### Example: VPN Container (alpine-wireguard.sh)
```bash
# CT script sets:
var_tun="${var_tun:-1}" # TUN enabled by default
# In Advanced Settings Step 19:
# Dialog shows: "(App default: 1)" and pre-selects "Yes"
```
### Example: Media Server (jellyfin.sh)
```bash
# CT script sets:
var_gpu="${var_gpu:-yes}" # GPU enabled by default
# In Advanced Settings Step 21:
# Dialog shows: "(App default: yes)" and pre-selects "Yes"
```
## Feature Matrix
| Feature | Variable | When to Enable |
| ----------------- | ---------------- | --------------------------------------------------- |
| FUSE | `var_fuse` | rclone, mergerfs, AppImage, SSHFS |
| TUN/TAP | `var_tun` | WireGuard, OpenVPN, Tailscale, VPN containers |
| Nesting | `var_nesting` | Docker, Podman, LXC-in-LXC, systemd-nspawn |
| GPU Passthrough | `var_gpu` | Plex, Jellyfin, Emby, Frigate, Ollama, ComfyUI |
| Keyctl | `var_keyctl` | Docker (unprivileged), systemd-networkd |
| Protection | `var_protection` | Production containers, prevent accidental deletion |
| Mknod | `var_mknod` | Device node creation (experimental) |
| Mount FS | `var_mount_fs` | NFS mounts, CIFS shares, custom filesystems |
| APT Cacher | `var_apt_cacher` | Speed up downloads with local apt-cacher-ng |
## Confirmation Summary
Step 28 displays a comprehensive summary before creation:
```text
Container Type: Unprivileged
Container ID: 100
Hostname: jellyfin
Resources:
Disk: 8 GB
CPU: 2 cores
RAM: 2048 MiB
Network:
Bridge: vmbr0
IPv4: dhcp
IPv6: auto
Features:
FUSE: no | TUN: no
Nesting: Enabled | Keyctl: Disabled
GPU: yes | Protection: No
Advanced:
Timezone: Europe/Berlin
APT Cacher: no
Verbose: no
```
## Usage Examples
### Skip to Advanced Settings
```bash
# Run script, select "Advanced" from menu
bash -c "$(curl -fsSL https://...jellyfin.sh)"
# Then select option 3 "Advanced"
```
### Pre-set Defaults via Environment
```bash
# Set defaults before running
export var_cpu=4
export var_ram=4096
export var_gpu=yes
bash -c "$(curl -fsSL https://...jellyfin.sh)"
# Advanced settings will inherit these values
```
### Non-Interactive with All Options
```bash
# Set all variables for fully automated deployment
export var_unprivileged=1
export var_cpu=2
export var_ram=2048
export var_disk=8
export var_net=dhcp
export var_fuse=no
export var_tun=no
export var_gpu=yes
export var_nesting=1
export var_protection=no
export var_verbose=no
bash -c "$(curl -fsSL https://...jellyfin.sh)"
```
## Notes
- **Cancel at Step 1**: Exits the script entirely
- **Cancel at Steps 2-28**: Goes back to previous step
- **Empty fields**: Use default value
- **Keyctl**: Automatically enabled for unprivileged containers
- **Nesting**: Enabled by default (required for many apps)

41
docs/misc/build.func/BUILD_FUNC_ENVIRONMENT_VARIABLES.md
View File

@ -66,17 +66,36 @@ This document provides a comprehensive reference of all environment variables us
### Feature Flags ### Feature Flags
| Variable | Description | Default | Set In | Used In | | Variable | Description | Default | Set In | Used In |
| --------------------- | --------------------------- | ------- | --------------- | ------------------ | | ---------------- | ------------------------------ | ------- | ------------------------------- | ------------------ |
| `ENABLE_FUSE` | Enable FUSE support | "true" | base_settings() | Container features | | `var_fuse` | Enable FUSE support | "no" | CT script / Advanced Settings | Container features |
| `ENABLE_TUN` | Enable TUN/TAP support | "true" | base_settings() | Container features | | `var_tun` | Enable TUN/TAP support | "no" | CT script / Advanced Settings | Container features |
| `ENABLE_KEYCTL` | Enable keyctl support | "true" | base_settings() | Container features | | `var_nesting` | Enable nesting support | "1" | CT script / Advanced Settings | Container features |
| `ENABLE_MOUNT` | Enable mount support | "true" | base_settings() | Container features | | `var_keyctl` | Enable keyctl support | "0" | CT script / Advanced Settings | Container features |
| `ENABLE_NESTING` | Enable nesting support | "false" | base_settings() | Container features | | `var_mknod` | Allow device node creation | "0" | CT script / Advanced Settings | Container features |
| `ENABLE_PRIVILEGED` | Enable privileged mode | "false" | base_settings() | Container features | | `var_mount_fs` | Allowed filesystem mounts | "" | CT script / Advanced Settings | Container features |
| `ENABLE_UNPRIVILEGED` | Enable unprivileged mode | "true" | base_settings() | Container features | | `var_protection` | Enable container protection | "no" | CT script / Advanced Settings | Container creation |
| `VERBOSE` | Enable verbose output | "false" | Environment | Logging | | `var_timezone` | Container timezone | "" | CT script / Advanced Settings | Container creation |
| `SSH` | Enable SSH key provisioning | "true" | base_settings() | SSH setup | | `var_verbose` | Enable verbose output | "no" | Environment / Advanced Settings | Logging |
| `var_ssh` | Enable SSH key provisioning | "no" | CT script / Advanced Settings | SSH setup |
| `ENABLE_FUSE` | FUSE flag (internal) | "no" | Advanced Settings | Container creation |
| `ENABLE_TUN` | TUN/TAP flag (internal) | "no" | Advanced Settings | Container creation |
| `ENABLE_NESTING` | Nesting flag (internal) | "1" | Advanced Settings | Container creation |
| `ENABLE_KEYCTL` | Keyctl flag (internal) | "0" | Advanced Settings | Container creation |
| `ENABLE_MKNOD` | Mknod flag (internal) | "0" | Advanced Settings | Container creation |
| `PROTECT_CT` | Protection flag (internal) | "no" | Advanced Settings | Container creation |
| `CT_TIMEZONE` | Timezone setting (internal) | "" | Advanced Settings | Container creation |
| `VERBOSE` | Verbose mode flag | "no" | Environment | Logging |
| `SSH` | SSH access flag | "no" | Advanced Settings | SSH setup |
### APT Cacher Configuration
| Variable | Description | Default | Set In | Used In |
| ------------------ | ------------------------ | ------- | ----------------------------- | ------------------- |
| `var_apt_cacher` | Enable APT cacher proxy | "no" | CT script / Advanced Settings | Package management |
| `var_apt_cacher_ip`| APT cacher server IP | "" | CT script / Advanced Settings | Package management |
| `APT_CACHER` | APT cacher flag | "no" | Advanced Settings | Container creation |
| `APT_CACHER_IP` | APT cacher IP (internal) | "" | Advanced Settings | Container creation |
### GPU Passthrough Variables ### GPU Passthrough Variables

10
docs/misc/build.func/README.md
View File

@ -6,6 +6,16 @@ This directory contains comprehensive documentation for the `build.func` script,
## Documentation Files ## Documentation Files
### 🎛️ [BUILD_FUNC_ADVANCED_SETTINGS.md](./BUILD_FUNC_ADVANCED_SETTINGS.md)
Complete reference for the 28-step Advanced Settings wizard, including all configurable options and their inheritance behavior.
**Contents:**
- All 28 wizard steps explained
- Default value inheritance
- Feature matrix (when to enable each feature)
- Confirmation summary format
- Usage examples
### 📊 [BUILD_FUNC_FLOWCHART.md](./BUILD_FUNC_FLOWCHART.md) ### 📊 [BUILD_FUNC_FLOWCHART.md](./BUILD_FUNC_FLOWCHART.md)
Visual ASCII flowchart showing the main execution flow, decision trees, and key decision points in the build.func script. Visual ASCII flowchart showing the main execution flow, decision trees, and key decision points in the build.func script.

357
misc/build.func
View File

@ -816,6 +816,7 @@ _build_current_app_vars_tmp() {
_apt_cacher_ip="${APT_CACHER_IP:-}" _apt_cacher_ip="${APT_CACHER_IP:-}"
_fuse="${ENABLE_FUSE:-no}" _fuse="${ENABLE_FUSE:-no}"
_tun="${ENABLE_TUN:-no}" _tun="${ENABLE_TUN:-no}"
_gpu="${ENABLE_GPU:-no}"
_nesting="${ENABLE_NESTING:-1}" _nesting="${ENABLE_NESTING:-1}"
_keyctl="${ENABLE_KEYCTL:-0}" _keyctl="${ENABLE_KEYCTL:-0}"
_mknod="${ENABLE_MKNOD:-0}" _mknod="${ENABLE_MKNOD:-0}"
@ -865,6 +866,7 @@ _build_current_app_vars_tmp() {
[ -n "$_fuse" ] && echo "var_fuse=$(_sanitize_value "$_fuse")" [ -n "$_fuse" ] && echo "var_fuse=$(_sanitize_value "$_fuse")"
[ -n "$_tun" ] && echo "var_tun=$(_sanitize_value "$_tun")" [ -n "$_tun" ] && echo "var_tun=$(_sanitize_value "$_tun")"
[ -n "$_gpu" ] && echo "var_gpu=$(_sanitize_value "$_gpu")"
[ -n "$_nesting" ] && echo "var_nesting=$(_sanitize_value "$_nesting")" [ -n "$_nesting" ] && echo "var_nesting=$(_sanitize_value "$_nesting")"
[ -n "$_keyctl" ] && echo "var_keyctl=$(_sanitize_value "$_keyctl")" [ -n "$_keyctl" ] && echo "var_keyctl=$(_sanitize_value "$_keyctl")"
[ -n "$_mknod" ] && echo "var_mknod=$(_sanitize_value "$_mknod")" [ -n "$_mknod" ] && echo "var_mknod=$(_sanitize_value "$_mknod")"
@ -1011,38 +1013,49 @@ advanced_settings() {
# Initialize defaults # Initialize defaults
TAGS="community-script;${var_tags:-}" TAGS="community-script;${var_tags:-}"
local STEP=1 local STEP=1
local MAX_STEP=20 local MAX_STEP=28
# Store values for back navigation # Store values for back navigation - inherit from var_* app defaults
local _ct_type="${CT_TYPE:-1}" local _ct_type="${var_unprivileged:-1}"
local _pw="" local _pw=""
local _pw_display="Automatic Login" local _pw_display="Automatic Login"
local _ct_id="$NEXTID" local _ct_id="$NEXTID"
local _hostname="$NSAPP" local _hostname="$NSAPP"
local _disk_size="$var_disk" local _disk_size="${var_disk:-4}"
local _core_count="$var_cpu" local _core_count="${var_cpu:-1}"
local _ram_size="$var_ram" local _ram_size="${var_ram:-1024}"
local _bridge="vmbr0" local _bridge="${var_brg:-vmbr0}"
local _net="dhcp" local _net="${var_net:-dhcp}"
local _gate="" local _gate="${var_gateway:-}"
local _ipv6_method="auto" local _ipv6_method="${var_ipv6_method:-auto}"
local _ipv6_addr="" local _ipv6_addr=""
local _ipv6_gate="" local _ipv6_gate=""
local _apt_cacher_ip="" local _apt_cacher="${var_apt_cacher:-no}"
local _mtu="" local _apt_cacher_ip="${var_apt_cacher_ip:-}"
local _sd="" local _mtu="${var_mtu:-}"
local _ns="" local _sd="${var_searchdomain:-}"
local _mac="" local _ns="${var_ns:-}"
local _vlan="" local _mac="${var_mac:-}"
local _vlan="${var_vlan:-}"
local _tags="$TAGS" local _tags="$TAGS"
local _enable_fuse="no" local _enable_fuse="${var_fuse:-no}"
local _enable_tun="${var_tun:-no}"
local _enable_gpu="${var_gpu:-no}" local _enable_gpu="${var_gpu:-no}"
local _verbose="no" local _enable_nesting="${var_nesting:-1}"
local _enable_keyctl="0" local _verbose="${var_verbose:-no}"
local _enable_mknod="0" local _enable_keyctl="${var_keyctl:-0}"
local _mount_fs="" local _enable_mknod="${var_mknod:-0}"
local _protect_ct="no" local _mount_fs="${var_mount_fs:-}"
local _ct_timezone="" local _protect_ct="${var_protection:-no}"
# Detect host timezone for default (if not set via var_timezone)
local _host_timezone=""
if command -v timedatectl >/dev/null 2>&1; then
_host_timezone=$(timedatectl show --value --property=Timezone 2>/dev/null || echo "")
elif [ -f /etc/timezone ]; then
_host_timezone=$(cat /etc/timezone 2>/dev/null || echo "")
fi
local _ct_timezone="${var_timezone:-$_host_timezone}"
# Helper to show current progress # Helper to show current progress
show_progress() { show_progress() {
@ -1498,14 +1511,17 @@ advanced_settings() {
;; ;;
# ═══════════════════════════════════════════════════════════════════════════ # ═══════════════════════════════════════════════════════════════════════════
# STEP 18: FUSE & Verbose Mode # STEP 18: FUSE Support
# ═══════════════════════════════════════════════════════════════════════════ # ═══════════════════════════════════════════════════════════════════════════
18) 18)
local fuse_default_flag="--defaultno"
[[ "$_enable_fuse" == "yes" || "$_enable_fuse" == "1" ]] && fuse_default_flag=""
if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \ if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
--title "FUSE SUPPORT" \ --title "FUSE SUPPORT" \
--ok-button "Next" --cancel-button "Back" \ --ok-button "Next" --cancel-button "Back" \
--defaultno \ $fuse_default_flag \
--yesno "\nEnable FUSE support?\n\nRequired for: rclone, mergerfs, AppImage, etc." 12 58; then --yesno "\nEnable FUSE support?\n\nRequired for: rclone, mergerfs, AppImage, etc.\n\n(App default: ${var_fuse:-no})" 14 58; then
_enable_fuse="yes" _enable_fuse="yes"
else else
if [ $? -eq 1 ]; then if [ $? -eq 1 ]; then
@ -1515,30 +1531,69 @@ advanced_settings() {
continue continue
fi fi
fi fi
((STEP++))
;;
# ═══════════════════════════════════════════════════════════════════════════
# STEP 19: TUN/TAP Support
# ═══════════════════════════════════════════════════════════════════════════
19)
local tun_default_flag="--defaultno"
[[ "$_enable_tun" == "yes" || "$_enable_tun" == "1" ]] && tun_default_flag=""
if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \ if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
--title "VERBOSE MODE" \ --title "TUN/TAP SUPPORT" \
--defaultno \ --ok-button "Next" --cancel-button "Back" \
--yesno "\nEnable Verbose Mode?\n\nShows detailed output during installation." 12 58; then $tun_default_flag \
_verbose="yes" --yesno "\nEnable TUN/TAP device support?\n\nRequired for: VPN apps (WireGuard, OpenVPN, Tailscale),\nnetwork tunneling, and containerized networking.\n\n(App default: ${var_tun:-no})" 14 62; then
_enable_tun="yes"
else else
_verbose="no" if [ $? -eq 1 ]; then
_enable_tun="no"
else
((STEP--))
continue
fi
fi fi
((STEP++)) ((STEP++))
;; ;;
# ═══════════════════════════════════════════════════════════════════════════ # ═══════════════════════════════════════════════════════════════════════════
# STEP 19: GPU Passthrough # STEP 20: Nesting Support
# ═══════════════════════════════════════════════════════════════════════════ # ═══════════════════════════════════════════════════════════════════════════
19) 20)
local gpu_default="OFF" local nesting_default_flag=""
[[ "$_enable_gpu" == "yes" ]] && gpu_default="ON" [[ "$_enable_nesting" == "0" || "$_enable_nesting" == "no" ]] && nesting_default_flag="--defaultno"
if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
--title "NESTING SUPPORT" \
--ok-button "Next" --cancel-button "Back" \
$nesting_default_flag \
--yesno "\nEnable Nesting?\n\nRequired for: Docker, LXC inside LXC, Podman,\nand other containerization tools.\n\n(App default: ${var_nesting:-1})" 14 58; then
_enable_nesting="1"
else
if [ $? -eq 1 ]; then
_enable_nesting="0"
else
((STEP--))
continue
fi
fi
((STEP++))
;;
# ═══════════════════════════════════════════════════════════════════════════
# STEP 21: GPU Passthrough
# ═══════════════════════════════════════════════════════════════════════════
21)
local gpu_default_flag="--defaultno"
[[ "$_enable_gpu" == "yes" ]] && gpu_default_flag=""
if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \ if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
--title "GPU PASSTHROUGH" \ --title "GPU PASSTHROUGH" \
--ok-button "Next" --cancel-button "Back" \ --ok-button "Next" --cancel-button "Back" \
--defaultno \ $gpu_default_flag \
--yesno "\nEnable GPU Passthrough?\n\nAutomatically detects and passes through available GPUs\n(Intel/AMD/NVIDIA) for hardware acceleration.\n\nRecommended for: Media servers, AI/ML, Transcoding" 14 62; then --yesno "\nEnable GPU Passthrough?\n\nAutomatically detects and passes through available GPUs\n(Intel/AMD/NVIDIA) for hardware acceleration.\n\nRecommended for: Media servers, AI/ML, Transcoding\n\n(App default: ${var_gpu:-no})" 16 62; then
_enable_gpu="yes" _enable_gpu="yes"
else else
if [ $? -eq 1 ]; then if [ $? -eq 1 ]; then
@ -1552,13 +1607,179 @@ advanced_settings() {
;; ;;
# ═══════════════════════════════════════════════════════════════════════════ # ═══════════════════════════════════════════════════════════════════════════
# STEP 20: Confirmation # STEP 22: Keyctl Support (Docker/systemd)
# ═══════════════════════════════════════════════════════════════════════════ # ═══════════════════════════════════════════════════════════════════════════
20) 22)
local keyctl_default_flag="--defaultno"
[[ "$_enable_keyctl" == "1" ]] && keyctl_default_flag=""
if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
--title "KEYCTL SUPPORT" \
--ok-button "Next" --cancel-button "Back" \
$keyctl_default_flag \
--yesno "\nEnable Keyctl support?\n\nRequired for: Docker containers, systemd-networkd,\nand kernel keyring operations.\n\nNote: Automatically enabled for unprivileged containers.\n\n(App default: ${var_keyctl:-0})" 16 62; then
_enable_keyctl="1"
else
if [ $? -eq 1 ]; then
_enable_keyctl="0"
else
((STEP--))
continue
fi
fi
((STEP++))
;;
# ═══════════════════════════════════════════════════════════════════════════
# STEP 23: APT Cacher Proxy
# ═══════════════════════════════════════════════════════════════════════════
23)
local apt_cacher_default_flag="--defaultno"
[[ "$_apt_cacher" == "yes" ]] && apt_cacher_default_flag=""
if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
--title "APT CACHER PROXY" \
--ok-button "Next" --cancel-button "Back" \
$apt_cacher_default_flag \
--yesno "\nUse APT Cacher-NG proxy?\n\nSpeeds up package downloads by caching them locally.\nRequires apt-cacher-ng running on your network.\n\n(App default: ${var_apt_cacher:-no})" 14 62; then
_apt_cacher="yes"
# Ask for IP if enabled
if result=$(whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
--title "APT CACHER IP" \
--inputbox "\nEnter APT Cacher-NG server IP address:" 10 58 "$_apt_cacher_ip" \
3>&1 1>&2 2>&3); then
_apt_cacher_ip="$result"
fi
else
if [ $? -eq 1 ]; then
_apt_cacher="no"
_apt_cacher_ip=""
else
((STEP--))
continue
fi
fi
((STEP++))
;;
# ═══════════════════════════════════════════════════════════════════════════
# STEP 24: Container Timezone
# ═══════════════════════════════════════════════════════════════════════════
24)
local tz_hint="$_ct_timezone"
[[ -z "$tz_hint" ]] && tz_hint="(empty - will use host timezone)"
if result=$(whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
--title "CONTAINER TIMEZONE" \
--ok-button "Next" --cancel-button "Back" \
--inputbox "\nSet container timezone.\n\nExamples: Europe/Berlin, America/New_York, Asia/Tokyo\n\nHost timezone: ${_host_timezone:-unknown}\n\nLeave empty to inherit from host." 16 62 "$_ct_timezone" \
3>&1 1>&2 2>&3); then
_ct_timezone="$result"
((STEP++))
else
((STEP--))
fi
;;
# ═══════════════════════════════════════════════════════════════════════════
# STEP 25: Container Protection
# ═══════════════════════════════════════════════════════════════════════════
25)
local protect_default_flag="--defaultno"
[[ "$_protect_ct" == "yes" || "$_protect_ct" == "1" ]] && protect_default_flag=""
if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
--title "CONTAINER PROTECTION" \
--ok-button "Next" --cancel-button "Back" \
$protect_default_flag \
--yesno "\nEnable Container Protection?\n\nPrevents accidental deletion of this container.\nYou must disable protection before removing.\n\n(App default: ${var_protection:-no})" 14 62; then
_protect_ct="yes"
else
if [ $? -eq 1 ]; then
_protect_ct="no"
else
((STEP--))
continue
fi
fi
((STEP++))
;;
# ═══════════════════════════════════════════════════════════════════════════
# STEP 26: Device Node Creation (mknod)
# ═══════════════════════════════════════════════════════════════════════════
26)
local mknod_default_flag="--defaultno"
[[ "$_enable_mknod" == "1" ]] && mknod_default_flag=""
if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
--title "DEVICE NODE CREATION" \
--ok-button "Next" --cancel-button "Back" \
$mknod_default_flag \
--yesno "\nAllow device node creation (mknod)?\n\nRequired for: Creating device files inside container.\nExperimental feature (requires kernel 5.3+).\n\n(App default: ${var_mknod:-0})" 14 62; then
_enable_mknod="1"
else
if [ $? -eq 1 ]; then
_enable_mknod="0"
else
((STEP--))
continue
fi
fi
((STEP++))
;;
# ═══════════════════════════════════════════════════════════════════════════
# STEP 27: Mount Filesystems
# ═══════════════════════════════════════════════════════════════════════════
27)
local mount_hint=""
[[ -n "$_mount_fs" ]] && mount_hint="$_mount_fs" || mount_hint="(none)"
if result=$(whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
--title "MOUNT FILESYSTEMS" \
--ok-button "Next" --cancel-button "Back" \
--inputbox "\nAllow specific filesystem mounts.\n\nComma-separated list: nfs, cifs, fuse, ext4, etc.\nLeave empty for defaults (none).\n\nCurrent: $mount_hint" 14 62 "$_mount_fs" \
3>&1 1>&2 2>&3); then
_mount_fs="$result"
((STEP++))
else
((STEP--))
fi
;;
# ═══════════════════════════════════════════════════════════════════════════
# STEP 28: Verbose Mode & Confirmation
# ═══════════════════════════════════════════════════════════════════════════
28)
local verbose_default_flag="--defaultno"
[[ "$_verbose" == "yes" ]] && verbose_default_flag=""
if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
--title "VERBOSE MODE" \
$verbose_default_flag \
--yesno "\nEnable Verbose Mode?\n\nShows detailed output during installation." 12 58; then
_verbose="yes"
else
_verbose="no"
fi
# Build summary # Build summary
local ct_type_desc="Unprivileged" local ct_type_desc="Unprivileged"
[[ "$_ct_type" == "0" ]] && ct_type_desc="Privileged" [[ "$_ct_type" == "0" ]] && ct_type_desc="Privileged"
local nesting_desc="Disabled"
[[ "$_enable_nesting" == "1" ]] && nesting_desc="Enabled"
local keyctl_desc="Disabled"
[[ "$_enable_keyctl" == "1" ]] && keyctl_desc="Enabled"
local protect_desc="No"
[[ "$_protect_ct" == "yes" || "$_protect_ct" == "1" ]] && protect_desc="Yes"
local tz_display="${_ct_timezone:-Host TZ}"
local apt_display="${_apt_cacher:-no}"
[[ "$_apt_cacher" == "yes" && -n "$_apt_cacher_ip" ]] && apt_display="$_apt_cacher_ip"
local summary="Container Type: $ct_type_desc local summary="Container Type: $ct_type_desc
Container ID: $_ct_id Container ID: $_ct_id
Hostname: $_hostname Hostname: $_hostname
@ -1573,15 +1794,20 @@ Network:
IPv4: $_net IPv4: $_net
IPv6: $_ipv6_method IPv6: $_ipv6_method
Options: Features:
FUSE: $_enable_fuse FUSE: $_enable_fuse | TUN: $_enable_tun
GPU Passthrough: $_enable_gpu Nesting: $nesting_desc | Keyctl: $keyctl_desc
GPU: $_enable_gpu | Protection: $protect_desc
Advanced:
Timezone: $tz_display
APT Cacher: $apt_display
Verbose: $_verbose" Verbose: $_verbose"
if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \ if whiptail --backtitle "Proxmox VE Helper Scripts [Step $STEP/$MAX_STEP]" \
--title "CONFIRM SETTINGS" \ --title "CONFIRM SETTINGS" \
--ok-button "Create LXC" --cancel-button "Back" \ --ok-button "Create LXC" --cancel-button "Back" \
--yesno "$summary\n\nCreate ${APP} LXC with these settings?" 28 58; then --yesno "$summary\n\nCreate ${APP} LXC with these settings?" 32 62; then
((STEP++)) ((STEP++))
else else
((STEP--)) ((STEP--))
@ -1608,11 +1834,30 @@ Options:
IPV6_GATE="$_ipv6_gate" IPV6_GATE="$_ipv6_gate"
TAGS="$_tags" TAGS="$_tags"
ENABLE_FUSE="$_enable_fuse" ENABLE_FUSE="$_enable_fuse"
ENABLE_TUN="$_enable_tun"
ENABLE_GPU="$_enable_gpu" ENABLE_GPU="$_enable_gpu"
ENABLE_NESTING="$_enable_nesting"
ENABLE_KEYCTL="$_enable_keyctl"
ENABLE_MKNOD="$_enable_mknod"
ALLOW_MOUNT_FS="$_mount_fs"
PROTECT_CT="$_protect_ct"
CT_TIMEZONE="$_ct_timezone"
APT_CACHER="$_apt_cacher"
APT_CACHER_IP="$_apt_cacher_ip"
VERBOSE="$_verbose" VERBOSE="$_verbose"
# Update var_gpu based on user choice (for is_gpu_app function) # Update var_* based on user choice (for functions that check these)
var_gpu="$_enable_gpu" var_gpu="$_enable_gpu"
var_fuse="$_enable_fuse"
var_tun="$_enable_tun"
var_nesting="$_enable_nesting"
var_keyctl="$_enable_keyctl"
var_mknod="$_enable_mknod"
var_mount_fs="$_mount_fs"
var_protection="$_protect_ct"
var_timezone="$_ct_timezone"
var_apt_cacher="$_apt_cacher"
var_apt_cacher_ip="$_apt_cacher_ip"
# Format optional values # Format optional values
[[ -n "$_mtu" ]] && MTU=",mtu=$_mtu" || MTU="" [[ -n "$_mtu" ]] && MTU=",mtu=$_mtu" || MTU=""
@ -1648,7 +1893,13 @@ Options:
echo -e "${NETWORK}${BOLD}${DGN}IPv4: ${BGN}$NET${CL}" echo -e "${NETWORK}${BOLD}${DGN}IPv4: ${BGN}$NET${CL}"
echo -e "${NETWORK}${BOLD}${DGN}IPv6: ${BGN}$IPV6_METHOD${CL}" echo -e "${NETWORK}${BOLD}${DGN}IPv6: ${BGN}$IPV6_METHOD${CL}"
echo -e "${FUSE}${BOLD}${DGN}FUSE Support: ${BGN}$ENABLE_FUSE${CL}" echo -e "${FUSE}${BOLD}${DGN}FUSE Support: ${BGN}$ENABLE_FUSE${CL}"
[[ "$ENABLE_TUN" == "yes" ]] && echo -e "${NETWORK}${BOLD}${DGN}TUN/TAP Support: ${BGN}$ENABLE_TUN${CL}"
echo -e "${CONTAINERTYPE}${BOLD}${DGN}Nesting: ${BGN}$([ "$ENABLE_NESTING" == "1" ] && echo "Enabled" || echo "Disabled")${CL}"
[[ "$ENABLE_KEYCTL" == "1" ]] && echo -e "${CONTAINERTYPE}${BOLD}${DGN}Keyctl: ${BGN}Enabled${CL}"
echo -e "${GPU}${BOLD}${DGN}GPU Passthrough: ${BGN}$ENABLE_GPU${CL}" echo -e "${GPU}${BOLD}${DGN}GPU Passthrough: ${BGN}$ENABLE_GPU${CL}"
[[ "$PROTECT_CT" == "yes" || "$PROTECT_CT" == "1" ]] && echo -e "${CONTAINERTYPE}${BOLD}${DGN}Protection: ${BGN}Enabled${CL}"
[[ -n "$CT_TIMEZONE" ]] && echo -e "${INFO}${BOLD}${DGN}Timezone: ${BGN}$CT_TIMEZONE${CL}"
[[ "$APT_CACHER" == "yes" ]] && echo -e "${INFO}${BOLD}${DGN}APT Cacher: ${BGN}$APT_CACHER_IP${CL}"
echo -e "${SEARCH}${BOLD}${DGN}Verbose Mode: ${BGN}$VERBOSE${CL}" echo -e "${SEARCH}${BOLD}${DGN}Verbose Mode: ${BGN}$VERBOSE${CL}"
echo -e "${CREATING}${BOLD}${RD}Creating a ${APP} LXC using the above advanced settings${CL}" echo -e "${CREATING}${BOLD}${RD}Creating a ${APP} LXC using the above advanced settings${CL}"
} }
@ -2317,15 +2568,23 @@ build_container() {
none) ;; none) ;;
esac esac
# Build FEATURES string # Build FEATURES string based on container type and user choices
if [ "$CT_TYPE" == "1" ]; then FEATURES=""
FEATURES="keyctl=1,nesting=1"
else # Nesting support (user configurable, default enabled)
if [ "${ENABLE_NESTING:-1}" == "1" ]; then
FEATURES="nesting=1" FEATURES="nesting=1"
fi fi
# Keyctl for unprivileged containers (needed for Docker)
if [ "$CT_TYPE" == "1" ]; then
[ -n "$FEATURES" ] && FEATURES="$FEATURES,"
FEATURES="${FEATURES}keyctl=1"
fi
if [ "$ENABLE_FUSE" == "yes" ]; then if [ "$ENABLE_FUSE" == "yes" ]; then
FEATURES="$FEATURES,fuse=1" [ -n "$FEATURES" ] && FEATURES="$FEATURES,"
FEATURES="${FEATURES}fuse=1"
fi fi
# Build PCT_OPTIONS as string for export # Build PCT_OPTIONS as string for export