Bot Updating Package Versions

Rebase to alpine 3.17 with php8.1 (master)

.github/CONTRIBUTING.md

@@ -6,7 +6,7 @@
 * Read, and fill the Pull Request template
   * If this is a fix for a typo (in code, documentation, or the README) please file an issue and let us sort it out. We do not need a PR
   * If the PR is addressing an existing issue include, closes #\<issue number>, in the body of the PR commit message
-* If you want to discuss changes, you can also bring it up in [#dev-talk](https://discordapp.com/channels/354974912613449730/757585807061155840) in our [Discord server](https://linuxserver.io/discord)
+* If you want to discuss changes, you can also bring it up in [#dev-talk](https://discordapp.com/channels/354974912613449730/757585807061155840) in our [Discord server](https://discord.gg/YWrKVTn)
 
 ## Common files
 
@@ -24,7 +24,7 @@
 ## Readme
 
 If you would like to change our readme, please __**do not**__ directly edit the readme, as it is auto-generated on each commit.
-Instead edit the [readme-vars.yml](https://github.com/linuxserver/docker-heimdall/edit/development/readme-vars.yml).
+Instead edit the [readme-vars.yml](https://github.com/linuxserver/docker-heimdall/edit/master/readme-vars.yml).
 
 These variables are used in a template for our [Jenkins Builder](https://github.com/linuxserver/docker-jenkins-builder) as part of an ansible play.
 Most of these variables are also carried over to [docs.linuxserver.io](https://docs.linuxserver.io/images/docker-heimdall)
@@ -105,17 +105,17 @@ docker build \
   -t linuxserver/heimdall:latest .
 ```
 
-The ARM variants can be built on x86_64 hardware and vice versa using `lscr.io/linuxserver/qemu-static`
+The ARM variants can be built on x86_64 hardware using `multiarch/qemu-user-static`
 
 ```bash
-docker run --rm --privileged lscr.io/linuxserver/qemu-static --reset
+docker run --rm --privileged multiarch/qemu-user-static:register --reset
 ```
 
 Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64`.
 
 ## Update the changelog
 
-If you are modifying the Dockerfiles or any of the startup scripts in [root](https://github.com/linuxserver/docker-heimdall/tree/development/root), add an entry to the changelog
+If you are modifying the Dockerfiles or any of the startup scripts in [root](https://github.com/linuxserver/docker-heimdall/tree/master/root), add an entry to the changelog
 
 ```yml
 changelogs:

.github/ISSUE_TEMPLATE/config.yml

@@ -1,7 +1,7 @@
 blank_issues_enabled: false
 contact_links:
   - name: Discord chat support
-    url: https://linuxserver.io/discord
+    url: https://discord.gg/YWrKVTn
     about: Realtime support / chat with the community and the team.
 
   - name: Discourse discussion forum

.github/ISSUE_TEMPLATE/issue.bug.yml

@@ -53,6 +53,7 @@ body:
       options:
         - x86-64
         - arm64
+        - armhf
     validations:
       required: true
   - type: textarea
@@ -67,10 +68,10 @@ body:
   - type: textarea
     attributes:
       description: |
-        Provide a full docker log, output of "docker logs heimdall"
+        Provide a full docker log, output of "docker logs linuxserver.io"
       label: Container logs
       placeholder: |
-        Output of `docker logs heimdall`
+        Output of `docker logs linuxserver.io`
       render: bash
     validations:
       required: true

.github/PULL_REQUEST_TEMPLATE.md

@@ -21,7 +21,7 @@
 
 ------------------------------
 
- - [ ] I have read the [contributing](https://github.com/linuxserver/docker-heimdall/blob/development/.github/CONTRIBUTING.md) guideline and understand that I have made the correct modifications
+ - [ ] I have read the [contributing](https://github.com/linuxserver/docker-heimdall/blob/master/.github/CONTRIBUTING.md) guideline and understand that I have made the correct modifications
 
 ------------------------------
 

.github/workflows/call_invalid_helper.yml

@@ -0,0 +1,12 @@
+name: Comment on invalid interaction
+on:
+  issues:
+    types:
+      - labeled
+jobs:
+  add-comment-on-invalid:
+    if: github.event.label.name == 'invalid'
+    permissions:
+      issues: write
+    uses: linuxserver/github-workflows/.github/workflows/invalid-interaction-helper.yml@v1
+    secrets: inherit

.github/workflows/call_issue_pr_tracker.yml

@@ -1,19 +0,0 @@
-name: Issue & PR Tracker
-
-on:
-  issues:
-    types: [opened,reopened,labeled,unlabeled,closed]
-  pull_request_target:
-    types: [opened,reopened,review_requested,review_request_removed,labeled,unlabeled,closed]
-  pull_request_review:
-    types: [submitted,edited,dismissed]
-
-permissions:
-  contents: read
-
-jobs:
-  manage-project:
-    permissions:
-      issues: write
-    uses: linuxserver/github-workflows/.github/workflows/issue-pr-tracker.yml@v1
-    secrets: inherit

.github/workflows/call_issues_cron.yml

@@ -1,16 +0,0 @@
-name: Mark stale issues and pull requests
-on:
-  schedule:
-    - cron:  '14 15 * * *'
-  workflow_dispatch:
-
-permissions:
-  contents: read
-
-jobs:
-  stale:
-    permissions:
-      issues: write
-      pull-requests: write
-    uses: linuxserver/github-workflows/.github/workflows/issues-cron.yml@v1
-    secrets: inherit

.github/workflows/external_trigger.yml

@@ -3,86 +3,49 @@ name: External Trigger Main
 on:
   workflow_dispatch:
 
-permissions:
-  contents: read
-
 jobs:
-  external-trigger-development:
+  external-trigger-master:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4.1.1
+      - uses: actions/checkout@v3.1.0
 
       - name: External Trigger
-        if: github.ref == 'refs/heads/development'
+        if: github.ref == 'refs/heads/master'
-        env:
-          SKIP_EXTERNAL_TRIGGER: ${{ vars.SKIP_EXTERNAL_TRIGGER }}
         run: |
-          printf "# External trigger for docker-heimdall\n\n" >> $GITHUB_STEP_SUMMARY
+          if [ -n "${{ secrets.PAUSE_EXTERNAL_TRIGGER_HEIMDALL_MASTER }}" ]; then
-          if grep -q "^heimdall_development_" <<< "${SKIP_EXTERNAL_TRIGGER}"; then
+            echo "**** Github secret PAUSE_EXTERNAL_TRIGGER_HEIMDALL_MASTER is set; skipping trigger. ****"
-            echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY
-            echo "> Github organizational variable \`SKIP_EXTERNAL_TRIGGER\` contains \`heimdall_development_\`; will skip trigger if version matches." >> $GITHUB_STEP_SUMMARY
-          elif grep -q "^heimdall_development" <<< "${SKIP_EXTERNAL_TRIGGER}"; then
-            echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
-            echo "> Github organizational variable \`SKIP_EXTERNAL_TRIGGER\` contains \`heimdall_development\`; skipping trigger." >> $GITHUB_STEP_SUMMARY
-            exit 0
-          fi
-          echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY
-          echo "> External trigger running off of development branch. To disable this trigger, add \`heimdall_development\` into the Github organizational variable \`SKIP_EXTERNAL_TRIGGER\`." >> $GITHUB_STEP_SUMMARY
-          printf "\n## Retrieving external version\n\n" >> $GITHUB_STEP_SUMMARY
-          EXT_RELEASE=$(curl -u "${{ secrets.CR_USER }}:${{ secrets.CR_PAT }}" -sX GET "https://api.github.com/repos/linuxserver/Heimdall/commits/2.x" | jq -r '. | .sha' | cut -c1-8)
-          echo "Type is \`github_commit\`" >> $GITHUB_STEP_SUMMARY
-          if grep -q "^heimdall_development_${EXT_RELEASE}" <<< "${SKIP_EXTERNAL_TRIGGER}"; then
-            echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
-            echo "> Github organizational variable \`SKIP_EXTERNAL_TRIGGER\` matches current external release; skipping trigger." >> $GITHUB_STEP_SUMMARY
             exit 0
           fi
+          echo "**** External trigger running off of master branch. To disable this trigger, set a Github secret named \"PAUSE_EXTERNAL_TRIGGER_HEIMDALL_MASTER\". ****"
+          echo "**** Retrieving external version ****"
+          EXT_RELEASE=$(curl -u "${{ secrets.CR_USER }}:${{ secrets.CR_PAT }}" -sX GET "https://api.github.com/repos/linuxserver/Heimdall/releases/latest" | jq -r '. | .tag_name')
           if [ -z "${EXT_RELEASE}" ] || [ "${EXT_RELEASE}" == "null" ]; then
-            echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
+            echo "**** Can't retrieve external version, exiting ****"
-            echo "> Can't retrieve external version, exiting" >> $GITHUB_STEP_SUMMARY
+            FAILURE_REASON="Can't retrieve external version for heimdall branch master"
-            FAILURE_REASON="Can't retrieve external version for heimdall branch development"
             GHA_TRIGGER_URL="https://github.com/linuxserver/docker-heimdall/actions/runs/${{ github.run_id }}"
             curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680,
               "description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n**Trigger URL:** '"${GHA_TRIGGER_URL}"' \n"}],
               "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
             exit 1
           fi
-          EXT_RELEASE_SANITIZED=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g')
+          EXT_RELEASE=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g')
-          echo "Sanitized external version: \`${EXT_RELEASE_SANITIZED}\`" >> $GITHUB_STEP_SUMMARY
+          echo "**** External version: ${EXT_RELEASE} ****"
-          echo "Retrieving last pushed version" >> $GITHUB_STEP_SUMMARY
+          echo "**** Retrieving last pushed version ****"
           image="linuxserver/heimdall"
-          tag="development"
+          tag="latest"
           token=$(curl -sX GET \
             "https://ghcr.io/token?scope=repository%3Alinuxserver%2Fheimdall%3Apull" \
             | jq -r '.token')
-          multidigest=$(curl -s \
+            multidigest=$(curl -s \
-            --header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
-            --header "Accept: application/vnd.oci.image.index.v1+json" \
-            --header "Authorization: Bearer ${token}" \
-            "https://ghcr.io/v2/${image}/manifests/${tag}")
-          if jq -e '.layers // empty' <<< "${multidigest}" >/dev/null 2>&1; then
-            # If there's a layer element it's a single-arch manifest so just get that digest
-            digest=$(jq -r '.config.digest' <<< "${multidigest}")
-          else
-            # Otherwise it's multi-arch or has manifest annotations
-            if jq -e '.manifests[]?.annotations // empty' <<< "${multidigest}" >/dev/null 2>&1; then
-              # Check for manifest annotations and delete if found
-              multidigest=$(jq 'del(.manifests[] | select(.annotations))' <<< "${multidigest}")
-            fi
-            if [[ $(jq '.manifests | length' <<< "${multidigest}") -gt 1 ]]; then
-              # If there's still more than one digest, it's multi-arch
-              multidigest=$(jq -r ".manifests[] | select(.platform.architecture == \"amd64\").digest?" <<< "${multidigest}")
-            else
-              # Otherwise it's single arch
-              multidigest=$(jq -r ".manifests[].digest?" <<< "${multidigest}")
-            fi
-            if digest=$(curl -s \
               --header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
-              --header "Accept: application/vnd.oci.image.manifest.v1+json" \
               --header "Authorization: Bearer ${token}" \
-              "https://ghcr.io/v2/${image}/manifests/${multidigest}"); then
+              "https://ghcr.io/v2/${image}/manifests/${tag}" \
-              digest=$(jq -r '.config.digest' <<< "${digest}");
+              | jq -r 'first(.manifests[].digest)')
-            fi
+            digest=$(curl -s \
-          fi
+              --header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
+              --header "Authorization: Bearer ${token}" \
+              "https://ghcr.io/v2/${image}/manifests/${multidigest}" \
+              | jq -r '.config.digest')
           image_info=$(curl -sL \
             --header "Authorization: Bearer ${token}" \
             "https://ghcr.io/v2/${image}/blobs/${digest}")
@@ -94,54 +57,40 @@ jobs:
           IMAGE_RELEASE=$(echo ${image_info} | jq -r '.Labels.build_version' | awk '{print $3}')
           IMAGE_VERSION=$(echo ${IMAGE_RELEASE} | awk -F'-ls' '{print $1}')
           if [ -z "${IMAGE_VERSION}" ]; then
-            echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
+            echo "**** Can't retrieve last pushed version, exiting ****"
-            echo "Can't retrieve last pushed version, exiting" >> $GITHUB_STEP_SUMMARY
+            FAILURE_REASON="Can't retrieve last pushed version for heimdall tag latest"
-            FAILURE_REASON="Can't retrieve last pushed version for heimdall tag development"
             curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680,
               "description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}],
               "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
             exit 1
           fi
-          echo "Last pushed version: \`${IMAGE_VERSION}\`" >> $GITHUB_STEP_SUMMARY
+          echo "**** Last pushed version: ${IMAGE_VERSION} ****"
-          if [ "${EXT_RELEASE_SANITIZED}" == "${IMAGE_VERSION}" ]; then
+          if [ "${EXT_RELEASE}" == "${IMAGE_VERSION}" ]; then
-            echo "Sanitized version \`${EXT_RELEASE_SANITIZED}\` already pushed, exiting" >> $GITHUB_STEP_SUMMARY
+            echo "**** Version ${EXT_RELEASE} already pushed, exiting ****"
             exit 0
-          elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-heimdall/job/development/lastBuild/api/json | jq -r '.building') == "true" ]; then
+          elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-heimdall/job/master/lastBuild/api/json | jq -r '.building') == "true" ]; then
-            echo "New version \`${EXT_RELEASE}\` found; but there already seems to be an active build on Jenkins; exiting" >> $GITHUB_STEP_SUMMARY
+            echo "**** New version ${EXT_RELEASE} found; but there already seems to be an active build on Jenkins; exiting ****"
             exit 0
           else
-            if [[ "${artifacts_found}" == "false" ]]; then
+            echo "**** New version ${EXT_RELEASE} found; old version was ${IMAGE_VERSION}. Triggering new build ****"
-              echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
+            response=$(curl -iX POST \
-              echo "> New version detected, but not all artifacts are published yet; skipping trigger" >> $GITHUB_STEP_SUMMARY
+              https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-heimdall/job/master/buildWithParameters?PACKAGE_CHECK=false \
-              FAILURE_REASON="New version ${EXT_RELEASE} for heimdall tag development is detected, however not all artifacts are uploaded to upstream release yet. Will try again later."
+              --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|")
-              curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903,
+            echo "**** Jenkins job queue url: ${response%$'\r'} ****"
-                "description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}],
+            echo "**** Sleeping 10 seconds until job starts ****"
-                "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
+            sleep 10
-            else
+            buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url')
-              printf "\n## Trigger new build\n\n" >> $GITHUB_STEP_SUMMARY
+            buildurl="${buildurl%$'\r'}"
-              echo "New sanitized version \`${EXT_RELEASE_SANITIZED}\` found; old version was \`${IMAGE_VERSION}\`. Triggering new build" >> $GITHUB_STEP_SUMMARY
+            echo "**** Jenkins job build url: ${buildurl} ****"
-              if [[ "${artifacts_found}" == "true" ]]; then
+            echo "**** Attempting to change the Jenkins job description ****"
-                echo "All artifacts seem to be uploaded." >> $GITHUB_STEP_SUMMARY
+            curl -iX POST \
-              fi
+              "${buildurl}submitDescription" \
-              response=$(curl -iX POST \
+              --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \
-                https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-heimdall/job/development/buildWithParameters?PACKAGE_CHECK=false \
+              --data-urlencode "description=GHA external trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \
-                --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|")
+              --data-urlencode "Submit=Submit"
-              echo "Jenkins [job queue url](${response%$'\r'})" >> $GITHUB_STEP_SUMMARY
+            echo "**** Notifying Discord ****"
-              echo "Sleeping 10 seconds until job starts" >> $GITHUB_STEP_SUMMARY
+            TRIGGER_REASON="A version change was detected for heimdall tag latest. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE}"
-              sleep 10
+            curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903,
-              buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url')
+              "description": "**Build Triggered** \n**Reason:** '"${TRIGGER_REASON}"' \n**Build URL:** '"${buildurl}display/redirect"' \n"}],
-              buildurl="${buildurl%$'\r'}"
+              "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
-              echo "Jenkins job [build url](${buildurl})" >> $GITHUB_STEP_SUMMARY
-              echo "Attempting to change the Jenkins job description" >> $GITHUB_STEP_SUMMARY
-              curl -iX POST \
-                "${buildurl}submitDescription" \
-                --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \
-                --data-urlencode "description=GHA external trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \
-                --data-urlencode "Submit=Submit"
-              echo "**** Notifying Discord ****"
-              TRIGGER_REASON="A version change was detected for heimdall tag development. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE_SANITIZED}"
-              curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903,
-                "description": "**Build Triggered** \n**Reason:** '"${TRIGGER_REASON}"' \n**Build URL:** '"${buildurl}display/redirect"' \n"}],
-                "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
-            fi
           fi

.github/workflows/external_trigger_scheduler.yml

@@ -2,47 +2,42 @@ name: External Trigger Scheduler
 
 on:
   schedule:
-    - cron:  '39 * * * *'
+    - cron:  '35 * * * *'
   workflow_dispatch:
 
-permissions:
-  contents: read
-
 jobs:
   external-trigger-scheduler:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4.1.1
+      - uses: actions/checkout@v3.1.0
         with:
           fetch-depth: '0'
 
       - name: External Trigger Scheduler
         run: |
-          printf "# External trigger scheduler for docker-heimdall\n\n" >> $GITHUB_STEP_SUMMARY
+          echo "**** Branches found: ****"
-          printf "Found the branches:\n\n%s\n" "$(git for-each-ref --format='- %(refname:lstrip=3)' refs/remotes)" >> $GITHUB_STEP_SUMMARY
+          git for-each-ref --format='%(refname:short)' refs/remotes
-          for br in $(git for-each-ref --format='%(refname:lstrip=3)' refs/remotes)
+          echo "**** Pulling the yq docker image ****"
+          docker pull ghcr.io/linuxserver/yq
+          for br in $(git for-each-ref --format='%(refname:short)' refs/remotes)
           do
-            if [[ "${br}" == "HEAD" ]]; then
+            br=$(echo "$br" | sed 's|origin/||g')
-              printf "\nSkipping %s.\n" ${br} >> $GITHUB_STEP_SUMMARY
+            echo "**** Evaluating branch ${br} ****"
-              continue
+            ls_branch=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-heimdall/${br}/jenkins-vars.yml \
-            fi
+              | docker run --rm -i --entrypoint yq ghcr.io/linuxserver/yq -r .ls_branch)
-            printf "\n## Evaluating \`%s\`\n\n" ${br} >> $GITHUB_STEP_SUMMARY
+            if [ "$br" == "$ls_branch" ]; then
-            ls_jenkins_vars=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-heimdall/${br}/jenkins-vars.yml)
+              echo "**** Branch ${br} appears to be live; checking workflow. ****"
-            ls_branch=$(echo "${ls_jenkins_vars}" | yq -r '.ls_branch')
-            ls_trigger=$(echo "${ls_jenkins_vars}" | yq -r '.external_type')
-            if [[ "${br}" == "${ls_branch}" ]] && [[ "${ls_trigger}" != "os" ]]; then
-              echo "Branch appears to be live and trigger is not os; checking workflow." >> $GITHUB_STEP_SUMMARY
               if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-heimdall/${br}/.github/workflows/external_trigger.yml > /dev/null 2>&1; then
-                echo "Triggering external trigger workflow for branch." >> $GITHUB_STEP_SUMMARY
+                echo "**** Workflow exists. Triggering external trigger workflow for branch ${br} ****."
                 curl -iX POST \
                   -H "Authorization: token ${{ secrets.CR_PAT }}" \
                   -H "Accept: application/vnd.github.v3+json" \
                   -d "{\"ref\":\"refs/heads/${br}\"}" \
                   https://api.github.com/repos/linuxserver/docker-heimdall/actions/workflows/external_trigger.yml/dispatches
               else
-                echo "Skipping branch due to no external trigger workflow present." >> $GITHUB_STEP_SUMMARY
+                echo "**** Workflow doesn't exist; skipping trigger. ****"
               fi
             else
-              echo "Skipping branch due to being detected as dev branch or having no external version." >> $GITHUB_STEP_SUMMARY
+              echo "**** ${br} appears to be a dev branch; skipping trigger. ****"
             fi
           done

.github/workflows/greetings.yml

@@ -2,18 +2,12 @@ name: Greetings
 
 on: [pull_request_target, issues]
 
-permissions:
-  contents: read
-
 jobs:
   greeting:
-    permissions:
-      issues: write
-      pull-requests: write
     runs-on: ubuntu-latest
     steps:
     - uses: actions/first-interaction@v1
       with:
         issue-message: 'Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.'
-        pr-message: 'Thanks for opening this pull request! Be sure to follow the [pull request template](https://github.com/linuxserver/docker-heimdall/blob/development/.github/PULL_REQUEST_TEMPLATE.md)!'
+        pr-message: 'Thanks for opening this pull request! Be sure to follow the [pull request template](https://github.com/linuxserver/docker-heimdall/blob/master/.github/PULL_REQUEST_TEMPLATE.md)!'
         repo-token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/package_trigger.yml

@@ -0,0 +1,38 @@
+name: Package Trigger Main
+
+on:
+  workflow_dispatch:
+
+jobs:
+  package-trigger-master:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3.1.0
+
+      - name: Package Trigger
+        if: github.ref == 'refs/heads/master'
+        run: |
+          if [ -n "${{ secrets.PAUSE_PACKAGE_TRIGGER_HEIMDALL_MASTER }}" ]; then
+            echo "**** Github secret PAUSE_PACKAGE_TRIGGER_HEIMDALL_MASTER is set; skipping trigger. ****"
+            exit 0
+          fi
+          if [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-heimdall/job/master/lastBuild/api/json | jq -r '.building') == "true" ]; then
+            echo "**** There already seems to be an active build on Jenkins; skipping package trigger ****"
+            exit 0
+          fi
+          echo "**** Package trigger running off of master branch. To disable, set a Github secret named \"PAUSE_PACKAGE_TRIGGER_HEIMDALL_MASTER\". ****"
+          response=$(curl -iX POST \
+            https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-heimdall/job/master/buildWithParameters?PACKAGE_CHECK=true \
+            --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|")
+          echo "**** Jenkins job queue url: ${response%$'\r'} ****"
+          echo "**** Sleeping 10 seconds until job starts ****"
+          sleep 10
+          buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url')
+          buildurl="${buildurl%$'\r'}"
+          echo "**** Jenkins job build url: ${buildurl} ****"
+          echo "**** Attempting to change the Jenkins job description ****"
+          curl -iX POST \
+            "${buildurl}submitDescription" \
+            --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \
+            --data-urlencode "description=GHA package trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \
+            --data-urlencode "Submit=Submit"

.github/workflows/package_trigger_scheduler.yml

@@ -2,102 +2,49 @@ name: Package Trigger Scheduler
 
 on:
   schedule:
-    - cron:  '14 18 * * 5'
+    - cron:  '54 7 * * 0'
   workflow_dispatch:
 
-permissions:
-  contents: read
-
 jobs:
   package-trigger-scheduler:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4.1.1
+      - uses: actions/checkout@v3.1.0
         with:
           fetch-depth: '0'
 
       - name: Package Trigger Scheduler
-        env:
-          SKIP_PACKAGE_TRIGGER: ${{ vars.SKIP_PACKAGE_TRIGGER }}
         run: |
-          printf "# Package trigger scheduler for docker-heimdall\n\n" >> $GITHUB_STEP_SUMMARY
+          echo "**** Branches found: ****"
-          printf "Found the branches:\n\n%s\n" "$(git for-each-ref --format='- %(refname:lstrip=3)' refs/remotes)" >> $GITHUB_STEP_SUMMARY
+          git for-each-ref --format='%(refname:short)' refs/remotes
-          for br in $(git for-each-ref --format='%(refname:lstrip=3)' refs/remotes)
+          echo "**** Pulling the yq docker image ****"
+          docker pull ghcr.io/linuxserver/yq
+          for br in $(git for-each-ref --format='%(refname:short)' refs/remotes)
           do
-            if [[ "${br}" == "HEAD" ]]; then
+            br=$(echo "$br" | sed 's|origin/||g')
-              printf "\nSkipping %s.\n" ${br} >> $GITHUB_STEP_SUMMARY
+            echo "**** Evaluating branch ${br} ****"
-              continue
+            ls_branch=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-heimdall/${br}/jenkins-vars.yml \
-            fi
+              | docker run --rm -i --entrypoint yq ghcr.io/linuxserver/yq -r .ls_branch)
-            printf "\n## Evaluating \`%s\`\n\n" ${br} >> $GITHUB_STEP_SUMMARY
+            if [ "${br}" == "${ls_branch}" ]; then
-            JENKINS_VARS=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-heimdall/${br}/jenkins-vars.yml)
+              echo "**** Branch ${br} appears to be live; checking workflow. ****"
-            if ! curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-heimdall/${br}/Jenkinsfile >/dev/null 2>&1; then
+              if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-heimdall/${br}/.github/workflows/package_trigger.yml > /dev/null 2>&1; then
-              echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
+                echo "**** Workflow exists. Triggering package trigger workflow for branch ${br}. ****"
-              echo "> No Jenkinsfile found. Branch is either deprecated or is an early dev branch." >> $GITHUB_STEP_SUMMARY
-              skipped_branches="${skipped_branches}${br} "
-            elif [[ "${br}" == $(yq -r '.ls_branch' <<< "${JENKINS_VARS}") ]]; then
-              echo "Branch appears to be live; checking workflow." >> $GITHUB_STEP_SUMMARY
-              README_VARS=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-heimdall/${br}/readme-vars.yml)
-              if [[ $(yq -r '.project_deprecation_status' <<< "${README_VARS}") == "true" ]]; then
-                echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
-                echo "> Branch appears to be deprecated; skipping trigger." >> $GITHUB_STEP_SUMMARY
-                skipped_branches="${skipped_branches}${br} "
-              elif [[ $(yq -r '.skip_package_check' <<< "${JENKINS_VARS}") == "true" ]]; then
-                echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
-                echo "> Skipping branch ${br} due to \`skip_package_check\` being set in \`jenkins-vars.yml\`." >> $GITHUB_STEP_SUMMARY
-                skipped_branches="${skipped_branches}${br} "
-              elif grep -q "^heimdall_${br}" <<< "${SKIP_PACKAGE_TRIGGER}"; then
-                echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
-                echo "> Github organizational variable \`SKIP_PACKAGE_TRIGGER\` contains \`heimdall_${br}\`; skipping trigger." >> $GITHUB_STEP_SUMMARY
-                skipped_branches="${skipped_branches}${br} "
-              elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-heimdall/job/${br}/lastBuild/api/json | jq -r '.building' 2>/dev/null) == "true" ]; then
-                echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
-                echo "> There already seems to be an active build on Jenkins; skipping package trigger for ${br}" >> $GITHUB_STEP_SUMMARY
-                skipped_branches="${skipped_branches}${br} "
-              else
-                echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY
-                echo "> Triggering package trigger for branch ${br}" >> $GITHUB_STEP_SUMMARY
-                printf "> To disable, add \`heimdall_%s\` into the Github organizational variable \`SKIP_PACKAGE_TRIGGER\`.\n\n" "${br}" >> $GITHUB_STEP_SUMMARY
                 triggered_branches="${triggered_branches}${br} "
-                response=$(curl -iX POST \
+                curl -iX POST \
-                  https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-heimdall/job/${br}/buildWithParameters?PACKAGE_CHECK=true \
+                  -H "Authorization: token ${{ secrets.CR_PAT }}" \
-                  --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|")
+                  -H "Accept: application/vnd.github.v3+json" \
-                if [[ -z "${response}" ]]; then
+                  -d "{\"ref\":\"refs/heads/${br}\"}" \
-                  echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
+                  https://api.github.com/repos/linuxserver/docker-heimdall/actions/workflows/package_trigger.yml/dispatches
-                  echo "> Jenkins build could not be triggered. Skipping branch."
+                sleep 30
-                  continue
+              else
-                fi
+                echo "**** Workflow doesn't exist; skipping trigger. ****"
-                echo "Jenkins [job queue url](${response%$'\r'})" >> $GITHUB_STEP_SUMMARY
-                echo "Sleeping 10 seconds until job starts" >> $GITHUB_STEP_SUMMARY
-                sleep 10
-                buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url')
-                buildurl="${buildurl%$'\r'}"
-                echo "Jenkins job [build url](${buildurl})" >> $GITHUB_STEP_SUMMARY
-                echo "Attempting to change the Jenkins job description" >> $GITHUB_STEP_SUMMARY
-                if ! curl -ifX POST \
-                  "${buildurl}submitDescription" \
-                  --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \
-                  --data-urlencode "description=GHA package trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \
-                  --data-urlencode "Submit=Submit"; then
-                  echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
-                  echo "> Unable to change the Jenkins job description."
-                fi
-                sleep 20
               fi
             else
-              echo "Skipping branch ${br} due to being detected as dev branch." >> $GITHUB_STEP_SUMMARY
+              echo "**** ${br} appears to be a dev branch; skipping trigger. ****"
             fi
           done
-          if [[ -n "${triggered_branches}" ]] || [[ -n "${skipped_branches}" ]]; then
+          echo "**** Package check build(s) triggered for branch(es): ${triggered_branches} ****"
-            if [[ -n "${triggered_branches}" ]]; then
+          echo "**** Notifying Discord ****"
-              NOTIFY_BRANCHES="**Triggered:** ${triggered_branches} \n"
+          curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903,
-              NOTIFY_BUILD_URL="**Build URL:** https://ci.linuxserver.io/blue/organizations/jenkins/Docker-Pipeline-Builders%2Fdocker-heimdall/activity/ \n"
+            "description": "**Package Check Build(s) Triggered for heimdall** \n**Branch(es):** '"${triggered_branches}"' \n**Build URL:** '"https://ci.linuxserver.io/blue/organizations/jenkins/Docker-Pipeline-Builders%2Fdocker-heimdall/activity/"' \n"}],
-              echo "**** Package check build(s) triggered for branch(es): ${triggered_branches} ****"
+            "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
-            fi
-            if [[ -n "${skipped_branches}" ]]; then
-              NOTIFY_BRANCHES="${NOTIFY_BRANCHES}**Skipped:** ${skipped_branches} \n"
-            fi
-            echo "**** Notifying Discord ****"
-            curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903,
-              "description": "**Package Check Build(s) for heimdall** \n'"${NOTIFY_BRANCHES}"''"${NOTIFY_BUILD_URL}"'"}],
-              "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
-          fi

.github/workflows/permissions.yml

@@ -1,12 +1,9 @@
 name: Permission check
 on:
-  pull_request_target:
+  pull_request:
     paths:
       - '**/run'
       - '**/finish'
-      - '**/check'
-      - 'root/migrations/*'
-
 jobs:
   permission_check:
     uses: linuxserver/github-workflows/.github/workflows/init-svc-executable-permissions.yml@v1

.github/workflows/stale.yml

@@ -0,0 +1,23 @@
+name: Mark stale issues and pull requests
+
+on:
+  schedule:
+  - cron: "30 1 * * *"
+
+jobs:
+  stale:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/stale@v6.0.1
+      with:
+        stale-issue-message: "This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions."
+        stale-pr-message: "This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions."
+        stale-issue-label: 'no-issue-activity'
+        stale-pr-label: 'no-pr-activity'
+        days-before-stale: 30
+        days-before-close: 365
+        exempt-issue-labels: 'awaiting-approval,work-in-progress'
+        exempt-pr-labels: 'awaiting-approval,work-in-progress'
+        repo-token: ${{ secrets.GITHUB_TOKEN }}

Dockerfile

@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:1
 
-FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.22
+FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.17
 
 # set version label
 ARG BUILD_DATE
@@ -9,34 +9,31 @@ ARG HEIMDALL_RELEASE
 LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}"
 LABEL maintainer="aptalca"
 
+# environment settings
+ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
+
 RUN \
   echo "**** install runtime packages ****" && \
-  apk add --no-cache \
+  apk add --no-cache --upgrade \
-    php84-dom \
+    php81-ctype \
-    php84-intl \
+    php81-curl \
-    php84-opcache \
+    php81-intl \
-    php84-pdo_mysql \
+    php81-pdo_pgsql \
-    php84-pdo_pgsql \
+    php81-pdo_sqlite \
-    php84-pdo_sqlite \
+    php81-pdo_mysql \
-    php84-tokenizer && \
+    php81-tokenizer \
+    php81-zip && \
   echo "**** configure nginx ****" && \
   echo 'fastcgi_param  PHP_AUTH_USER      $remote_user; # Heimdall user authorization' >> \
     /etc/nginx/fastcgi_params && \
   echo 'fastcgi_param  PHP_AUTH_PW        $http_authorization; # Heimdall user authorization' >> \
     /etc/nginx/fastcgi_params && \
-  echo "**** configure php opcache ****" && \
-  echo 'opcache.validate_timestamps=0' >> \
-    /etc/php84/conf.d/00_opcache.ini && \
-  echo "**** configure php-fpm to pass env vars ****" && \
-  sed -E -i 's/^;?clear_env ?=.*$/clear_env = no/g' /etc/php84/php-fpm.d/www.conf && \
-  if ! grep -qxF 'clear_env = no' /etc/php84/php-fpm.d/www.conf; then echo 'clear_env = no' >> /etc/php84/php-fpm.d/www.conf; fi && \
-  echo "env[PATH] = /usr/local/bin:/usr/bin:/bin" >> /etc/php84/php-fpm.conf && \
   echo "**** install heimdall ****" && \
   mkdir -p \
     /heimdall && \
   if [ -z ${HEIMDALL_RELEASE+x} ]; then \
-    HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/commits/2.x" \
+    HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/releases/latest" \
-    | awk '/sha/{print $4;exit}' FS='[""]'); \
+    | awk '/tag_name/{print $4;exit}' FS='[""]'); \
   fi && \
   curl -o \
     /tmp/heimdall.tar.gz -L \
@@ -46,7 +43,6 @@ RUN \
   tar xf \
     /tmp/heimdall.tar.gz -C \
     /app/www-tmp --strip-components=1 && \
-  printf "Linuxserver.io version: ${VERSION}\nBuild-date: ${BUILD_DATE}" > /build_version && \
   echo "**** cleanup ****" && \
   rm -rf \
     /tmp/*

Dockerfile.aarch64

@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:1
 
-FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.22
+FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.17
 
 # set version label
 ARG BUILD_DATE
@@ -9,34 +9,31 @@ ARG HEIMDALL_RELEASE
 LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}"
 LABEL maintainer="aptalca"
 
+# environment settings
+ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
+
 RUN \
   echo "**** install runtime packages ****" && \
-  apk add --no-cache \
+  apk add --no-cache --upgrade \
-    php84-dom \
+    php81-ctype \
-    php84-intl \
+    php81-curl \
-    php84-opcache \
+    php81-intl \
-    php84-pdo_mysql \
+    php81-pdo_pgsql \
-    php84-pdo_pgsql \
+    php81-pdo_sqlite \
-    php84-pdo_sqlite \
+    php81-pdo_mysql \
-    php84-tokenizer && \
+    php81-tokenizer \
+    php81-zip && \
   echo "**** configure nginx ****" && \
   echo 'fastcgi_param  PHP_AUTH_USER      $remote_user; # Heimdall user authorization' >> \
     /etc/nginx/fastcgi_params && \
   echo 'fastcgi_param  PHP_AUTH_PW        $http_authorization; # Heimdall user authorization' >> \
     /etc/nginx/fastcgi_params && \
-  echo "**** configure php opcache ****" && \
-  echo 'opcache.validate_timestamps=0' >> \
-    /etc/php84/conf.d/00_opcache.ini && \
-  echo "**** configure php-fpm to pass env vars ****" && \
-  sed -E -i 's/^;?clear_env ?=.*$/clear_env = no/g' /etc/php84/php-fpm.d/www.conf && \
-  if ! grep -qxF 'clear_env = no' /etc/php84/php-fpm.d/www.conf; then echo 'clear_env = no' >> /etc/php84/php-fpm.d/www.conf; fi && \
-  echo "env[PATH] = /usr/local/bin:/usr/bin:/bin" >> /etc/php84/php-fpm.conf && \
   echo "**** install heimdall ****" && \
   mkdir -p \
     /heimdall && \
   if [ -z ${HEIMDALL_RELEASE+x} ]; then \
-    HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/commits/2.x" \
+    HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/releases/latest" \
-    | awk '/sha/{print $4;exit}' FS='[""]'); \
+    | awk '/tag_name/{print $4;exit}' FS='[""]'); \
   fi && \
   curl -o \
     /tmp/heimdall.tar.gz -L \
@@ -46,7 +43,6 @@ RUN \
   tar xf \
     /tmp/heimdall.tar.gz -C \
     /app/www-tmp --strip-components=1 && \
-  printf "Linuxserver.io version: ${VERSION}\nBuild-date: ${BUILD_DATE}" > /build_version && \
   echo "**** cleanup ****" && \
   rm -rf \
     /tmp/*

Dockerfile.armhf

@@ -0,0 +1,55 @@
+# syntax=docker/dockerfile:1
+
+FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm32v7-3.17
+
+# set version label
+ARG BUILD_DATE
+ARG VERSION
+ARG HEIMDALL_RELEASE
+LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}"
+LABEL maintainer="aptalca"
+
+# environment settings
+ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
+
+RUN \
+  echo "**** install runtime packages ****" && \
+  apk add --no-cache --upgrade \
+    php81-ctype \
+    php81-curl \
+    php81-intl \
+    php81-pdo_pgsql \
+    php81-pdo_sqlite \
+    php81-pdo_mysql \
+    php81-tokenizer \
+    php81-zip && \
+  echo "**** configure nginx ****" && \
+  echo 'fastcgi_param  PHP_AUTH_USER      $remote_user; # Heimdall user authorization' >> \
+    /etc/nginx/fastcgi_params && \
+  echo 'fastcgi_param  PHP_AUTH_PW        $http_authorization; # Heimdall user authorization' >> \
+    /etc/nginx/fastcgi_params && \
+  echo "**** install heimdall ****" && \
+  mkdir -p \
+    /heimdall && \
+  if [ -z ${HEIMDALL_RELEASE+x} ]; then \
+    HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/releases/latest" \
+    | awk '/tag_name/{print $4;exit}' FS='[""]'); \
+  fi && \
+  curl -o \
+    /tmp/heimdall.tar.gz -L \
+    "https://github.com/linuxserver/Heimdall/archive/${HEIMDALL_RELEASE}.tar.gz" && \
+  mkdir -p \
+    /app/www-tmp && \
+  tar xf \
+    /tmp/heimdall.tar.gz -C \
+    /app/www-tmp --strip-components=1 && \
+  echo "**** cleanup ****" && \
+  rm -rf \
+    /tmp/*
+
+# add local files
+COPY root/ /
+
+# ports and volumes
+EXPOSE 80 443
+VOLUME /config

README.md

@@ -1,10 +1,12 @@
-<!-- DO NOT EDIT THIS FILE MANUALLY -->
+<!-- DO NOT EDIT THIS FILE MANUALLY  -->
-<!-- Please read https://github.com/linuxserver/docker-heimdall/blob/development/.github/CONTRIBUTING.md -->
+<!-- Please read the https://github.com/linuxserver/docker-heimdall/blob/master/.github/CONTRIBUTING.md -->
+
 [![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)](https://linuxserver.io)
 
 [![Blog](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=Blog)](https://blog.linuxserver.io "all the things you can do with our containers including How-To guides, opinions and much more!")
-[![Discord](https://img.shields.io/discord/354974912613449730.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=Discord&logo=discord)](https://linuxserver.io/discord "realtime support / chat with the community and the team.")
+[![Discord](https://img.shields.io/discord/354974912613449730.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=Discord&logo=discord)](https://discord.gg/YWrKVTn "realtime support / chat with the community and the team.")
 [![Discourse](https://img.shields.io/discourse/https/discourse.linuxserver.io/topics.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&logo=discourse)](https://discourse.linuxserver.io "post on our community forum.")
+[![Fleet](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=Fleet)](https://fleet.linuxserver.io "an online web interface which displays all of our maintained images.")
 [![GitHub](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=GitHub&logo=github)](https://github.com/linuxserver "view the source for all of our repositories.")
 [![Open Collective](https://img.shields.io/opencollective/all/linuxserver.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=Supporters&logo=open%20collective)](https://opencollective.com/linuxserver "please consider helping us by either donating or contributing to our budget")
 
@@ -19,14 +21,15 @@ The [LinuxServer.io](https://linuxserver.io) team brings you another container r
 Find us at:
 
 * [Blog](https://blog.linuxserver.io) - all the things you can do with our containers including How-To guides, opinions and much more!
-* [Discord](https://linuxserver.io/discord) - realtime support / chat with the community and the team.
+* [Discord](https://discord.gg/YWrKVTn) - realtime support / chat with the community and the team.
 * [Discourse](https://discourse.linuxserver.io) - post on our community forum.
+* [Fleet](https://fleet.linuxserver.io) - an online web interface which displays all of our maintained images.
 * [GitHub](https://github.com/linuxserver) - view the source for all of our repositories.
 * [Open Collective](https://opencollective.com/linuxserver) - please consider helping us by either donating or contributing to our budget
 
 # [linuxserver/heimdall](https://github.com/linuxserver/docker-heimdall)
 
-[![Scarf.io pulls](https://scarf.sh/installs-badge/linuxserver-ci/linuxserver%2Fheimdall?color=94398d&label-color=555555&logo-color=ffffff&style=for-the-badge&package-type=docker)](https://scarf.sh)
+[![Scarf.io pulls](https://scarf.sh/installs-badge/linuxserver-ci/linuxserver%2Fheimdall?color=94398d&label-color=555555&logo-color=ffffff&style=for-the-badge&package-type=docker)](https://scarf.sh/gateway/linuxserver-ci/docker/linuxserver%2Fheimdall)
 [![GitHub Stars](https://img.shields.io/github/stars/linuxserver/docker-heimdall.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&logo=github)](https://github.com/linuxserver/docker-heimdall)
 [![GitHub Release](https://img.shields.io/github/release/linuxserver/docker-heimdall.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&logo=github)](https://github.com/linuxserver/docker-heimdall/releases)
 [![GitHub Package Repository](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=GitHub%20Package&logo=github)](https://github.com/linuxserver/docker-heimdall/packages)
@@ -34,8 +37,8 @@ Find us at:
 [![Quay.io](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=Quay.io)](https://quay.io/repository/linuxserver.io/heimdall)
 [![Docker Pulls](https://img.shields.io/docker/pulls/linuxserver/heimdall.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=pulls&logo=docker)](https://hub.docker.com/r/linuxserver/heimdall)
 [![Docker Stars](https://img.shields.io/docker/stars/linuxserver/heimdall.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=stars&logo=docker)](https://hub.docker.com/r/linuxserver/heimdall)
-[![Jenkins Build](https://img.shields.io/jenkins/build?labelColor=555555&logoColor=ffffff&style=for-the-badge&jobUrl=https%3A%2F%2Fci.linuxserver.io%2Fjob%2FDocker-Pipeline-Builders%2Fjob%2Fdocker-heimdall%2Fjob%2Fdevelopment%2F&logo=jenkins)](https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-heimdall/job/development/)
+[![Jenkins Build](https://img.shields.io/jenkins/build?labelColor=555555&logoColor=ffffff&style=for-the-badge&jobUrl=https%3A%2F%2Fci.linuxserver.io%2Fjob%2FDocker-Pipeline-Builders%2Fjob%2Fdocker-heimdall%2Fjob%2Fmaster%2F&logo=jenkins)](https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-heimdall/job/master/)
-[![LSIO CI](https://img.shields.io/badge/dynamic/yaml?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=CI&query=CI&url=https%3A%2F%2Fci-tests.linuxserver.io%2Flinuxserver%2Fheimdall%2Fdevelopment%2Fci-status.yml)](https://ci-tests.linuxserver.io/linuxserver/heimdall/development/index.html)
+[![LSIO CI](https://img.shields.io/badge/dynamic/yaml?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=CI&query=CI&url=https%3A%2F%2Fci-tests.linuxserver.io%2Flinuxserver%2Fheimdall%2Flatest%2Fci-status.yml)](https://ci-tests.linuxserver.io/linuxserver/heimdall/latest/index.html)
 
 [Heimdall](https://heimdall.site) is a way to organise all those links to your most used web sites and web applications in a simple way.
 
@@ -47,9 +50,9 @@ Why not use it as your browser start page? It even has the ability to include a
 
 ## Supported Architectures
 
-We utilise the docker manifest for multi-platform awareness. More information is available from docker [here](https://distribution.github.io/distribution/spec/manifest-v2-2/#manifest-list) and our announcement [here](https://blog.linuxserver.io/2019/02/21/the-lsio-pipeline-project/).
+We utilise the docker manifest for multi-platform awareness. More information is available from docker [here](https://github.com/docker/distribution/blob/master/docs/spec/manifest-v2-2.md#manifest-list) and our announcement [here](https://blog.linuxserver.io/2019/02/21/the-lsio-pipeline-project/).
 
-Simply pulling `lscr.io/linuxserver/heimdall:development` should retrieve the correct image for your arch, but you can also pull specific arch images via tags.
+Simply pulling `lscr.io/linuxserver/heimdall:latest` should retrieve the correct image for your arch, but you can also pull specific arch images via tags.
 
 The architectures supported by this image are:
 
@@ -57,6 +60,7 @@ The architectures supported by this image are:
 | :----: | :----: | ---- |
 | x86-64 | ✅ | amd64-\<version tag\> |
 | arm64 | ✅ | arm64v8-\<version tag\> |
+| armhf | ✅ | arm32v7-\<version tag\> |
 
 ## Version Tags
 
@@ -66,37 +70,34 @@ This image provides various versions that are available via tags. Please read th
 | :----: | :----: |--- |
 | latest | ✅ | Stable Heimdall releases. |
 | development | ✅ | Latest commit from the github 2.x branch. |
-
 ## Application Setup
 
 Access the web gui at http://SERVERIP:PORT
 
+
 ### Adding password protection
 
 This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. Uncomment the `basic auth` lines in `/config/nginx/site-confs/default.conf` and restart the container.
 
 ## Usage
 
-To help you get started creating a container from this image you can either use docker-compose or the docker cli.
+Here are some example snippets to help you get started creating a container.
-
->[!NOTE]
->Unless a parameter is flagged as 'optional', it is *mandatory* and a value must be provided.
 
 ### docker-compose (recommended, [click here for more info](https://docs.linuxserver.io/general/docker-compose))
 
 ```yaml
 ---
+version: "2.1"
 services:
   heimdall:
-    image: lscr.io/linuxserver/heimdall:development
+    image: lscr.io/linuxserver/heimdall:latest
     container_name: heimdall
     environment:
       - PUID=1000
       - PGID=1000
       - TZ=Etc/UTC
-      - ALLOW_INTERNAL_REQUESTS=false #optional
     volumes:
-      - /path/to/heimdall/config:/config
+      - /path/to/appdata/config:/config
     ports:
       - 80:80
       - 443:443
@@ -111,27 +112,26 @@ docker run -d \
   -e PUID=1000 \
   -e PGID=1000 \
   -e TZ=Etc/UTC \
-  -e ALLOW_INTERNAL_REQUESTS=false `#optional` \
   -p 80:80 \
   -p 443:443 \
-  -v /path/to/heimdall/config:/config \
+  -v /path/to/appdata/config:/config \
   --restart unless-stopped \
-  lscr.io/linuxserver/heimdall:development
+  lscr.io/linuxserver/heimdall:latest
+
 ```
 
 ## Parameters
 
-Containers are configured using parameters passed at runtime (such as those above). These parameters are separated by a colon and indicate `<external>:<internal>` respectively. For example, `-p 8080:80` would expose port `80` from inside the container to be accessible from the host's IP on port `8080` outside the container.
+Container images are configured using parameters passed at runtime (such as those above). These parameters are separated by a colon and indicate `<external>:<internal>` respectively. For example, `-p 8080:80` would expose port `80` from inside the container to be accessible from the host's IP on port `8080` outside the container.
 
 | Parameter | Function |
 | :----: | --- |
-| `-p 80:80` | http gui |
+| `-p 80` | http gui |
-| `-p 443:443` | https gui |
+| `-p 443` | https gui |
 | `-e PUID=1000` | for UserID - see below for explanation |
 | `-e PGID=1000` | for GroupID - see below for explanation |
 | `-e TZ=Etc/UTC` | specify a timezone to use, see this [list](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List). |
-| `-e ALLOW_INTERNAL_REQUESTS=false` | By default, Heimdall blocks lookup requests to private or reserved IP addresses, if your instance is not exposed to the internet, or is behind some level of authentication, you can set this to `true` to allow requests to private IP addresses. |
+| `-v /config` | Contains all relevant configuration files. |
-| `-v /config` | Persistent config files |
 
 ## Environment variables from files (Docker secrets)
 
@@ -140,10 +140,10 @@ You can set any environment variable from a file by using a special prepend `FIL
 As an example:
 
 ```bash
--e FILE__MYVAR=/run/secrets/mysecretvariable
+-e FILE__PASSWORD=/run/secrets/mysecretpassword
 ```
 
-Will set the environment variable `MYVAR` based on the contents of the `/run/secrets/mysecretvariable` file.
+Will set the environment variable `PASSWORD` based on the contents of the `/run/secrets/mysecretpassword` file.
 
 ## Umask for running applications
 
@@ -152,20 +152,15 @@ Keep in mind umask is not chmod it subtracts from permissions based on it's valu
 
 ## User / Group Identifiers
 
-When using volumes (`-v` flags), permissions issues can arise between the host OS and the container, we avoid this issue by allowing you to specify the user `PUID` and group `PGID`.
+When using volumes (`-v` flags) permissions issues can arise between the host OS and the container, we avoid this issue by allowing you to specify the user `PUID` and group `PGID`.
 
 Ensure any volume directories on the host are owned by the same user you specify and any permissions issues will vanish like magic.
 
-In this instance `PUID=1000` and `PGID=1000`, to find yours use `id your_user` as below:
+In this instance `PUID=1000` and `PGID=1000`, to find yours use `id user` as below:
 
 ```bash
-id your_user
+  $ id username
-```
+    uid=1000(dockeruser) gid=1000(dockergroup) groups=1000(dockergroup)
-
-Example output:
-
-```text
-uid=1000(your_user) gid=1000(your_user) groups=1000(your_user)
 ```
 
 ## Docker Mods
@@ -176,101 +171,53 @@ We publish various [Docker Mods](https://github.com/linuxserver/docker-mods) to
 
 ## Support Info
 
-* Shell access whilst the container is running:
+* Shell access whilst the container is running: `docker exec -it heimdall /bin/bash`
-
+* To monitor the logs of the container in realtime: `docker logs -f heimdall`
-    ```bash
+* container version number
-    docker exec -it heimdall /bin/bash
+  * `docker inspect -f '{{ index .Config.Labels "build_version" }}' heimdall`
-    ```
+* image version number
-
+  * `docker inspect -f '{{ index .Config.Labels "build_version" }}' lscr.io/linuxserver/heimdall:latest`
-* To monitor the logs of the container in realtime:
-
-    ```bash
-    docker logs -f heimdall
-    ```
-
-* Container version number:
-
-    ```bash
-    docker inspect -f '{{ index .Config.Labels "build_version" }}' heimdall
-    ```
-
-* Image version number:
-
-    ```bash
-    docker inspect -f '{{ index .Config.Labels "build_version" }}' lscr.io/linuxserver/heimdall:development
-    ```
 
 ## Updating Info
 
-Most of our images are static, versioned, and require an image update and container recreation to update the app inside. With some exceptions (noted in the relevant readme.md), we do not recommend or support updating apps inside the container. Please consult the [Application Setup](#application-setup) section above to see if it is recommended for the image.
+Most of our images are static, versioned, and require an image update and container recreation to update the app inside. With some exceptions (ie. nextcloud, plex), we do not recommend or support updating apps inside the container. Please consult the [Application Setup](#application-setup) section above to see if it is recommended for the image.
 
 Below are the instructions for updating containers:
 
 ### Via Docker Compose
 
-* Update images:
+* Update all images: `docker-compose pull`
-    * All images:
+  * or update a single image: `docker-compose pull heimdall`
-
+* Let compose update all containers as necessary: `docker-compose up -d`
-        ```bash
+  * or update a single container: `docker-compose up -d heimdall`
-        docker-compose pull
+* You can also remove the old dangling images: `docker image prune`
-        ```
-
-    * Single image:
-
-        ```bash
-        docker-compose pull heimdall
-        ```
-
-* Update containers:
-    * All containers:
-
-        ```bash
-        docker-compose up -d
-        ```
-
-    * Single container:
-
-        ```bash
-        docker-compose up -d heimdall
-        ```
-
-* You can also remove the old dangling images:
-
-    ```bash
-    docker image prune
-    ```
 
 ### Via Docker Run
 
-* Update the image:
+* Update the image: `docker pull lscr.io/linuxserver/heimdall:latest`
-
+* Stop the running container: `docker stop heimdall`
-    ```bash
+* Delete the container: `docker rm heimdall`
-    docker pull lscr.io/linuxserver/heimdall:development
-    ```
-
-* Stop the running container:
-
-    ```bash
-    docker stop heimdall
-    ```
-
-* Delete the container:
-
-    ```bash
-    docker rm heimdall
-    ```
-
 * Recreate a new container with the same docker run parameters as instructed above (if mapped correctly to a host folder, your `/config` folder and settings will be preserved)
-* You can also remove the old dangling images:
+* You can also remove the old dangling images: `docker image prune`
 
-    ```bash
+### Via Watchtower auto-updater (only use if you don't remember the original parameters)
-    docker image prune
+
-    ```
+* Pull the latest image at its tag and replace it with the same env variables in one run:
+
+  ```bash
+  docker run --rm \
+  -v /var/run/docker.sock:/var/run/docker.sock \
+  containrrr/watchtower \
+  --run-once heimdall
+  ```
+
+* You can also remove the old dangling images: `docker image prune`
+
+**Note:** We do not endorse the use of Watchtower as a solution to automated updates of existing Docker containers. In fact we generally discourage automated updates. However, this is a useful tool for one-time manual updates of containers where you have forgotten the original parameters. In the long term, we highly recommend using [Docker Compose](https://docs.linuxserver.io/general/docker-compose).
 
 ### Image Update Notifications - Diun (Docker Image Update Notifier)
 
->[!TIP]
+* We recommend [Diun](https://crazymax.dev/diun/) for update notifications. Other tools that automatically update containers unattended are not recommended or supported.
->We recommend [Diun](https://crazymax.dev/diun/) for update notifications. Other tools that automatically update containers unattended are not recommended or supported.
 
 ## Building locally
 
@@ -282,39 +229,38 @@ cd docker-heimdall
 docker build \
   --no-cache \
   --pull \
-  -t lscr.io/linuxserver/heimdall:development .
+  -t lscr.io/linuxserver/heimdall:latest .
 ```
 
-The ARM variants can be built on x86_64 hardware and vice versa using `lscr.io/linuxserver/qemu-static`
+The ARM variants can be built on x86_64 hardware using `multiarch/qemu-user-static`
 
 ```bash
-docker run --rm --privileged lscr.io/linuxserver/qemu-static --reset
+docker run --rm --privileged multiarch/qemu-user-static:register --reset
 ```
 
 Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64`.
 
 ## Versions
 
-* **17.07.25:** - Rebase to Alpine 3.22, enable PHP environment passthrough.
-* **27.06.24:** - Rebase to Alpine 3.20. Existing users should update their nginx confs to avoid http2 deprecation warnings.
-* **07.03.24:** - Enable the opcache and disable file revalidation.
-* **06.03.24:** - Existing users should update: site-confs/default.conf - Cleanup default site conf.
-* **23.12.23:** - Rebase to Alpine 3.19 with php 8.3.
-* **25.05.23:** - Rebase to Alpine 3.18, deprecate armhf.
-* **13.04.23:** - Move ssl.conf include to default.conf.
 * **20.01.23:** - Rebase to alpine 3.17 with php8.1.
 * **14.11.22:** - Rebasing to alpine 3.15 with php8. Restructure nginx configs ([see changes announcement](https://info.linuxserver.io/issues/2022-08-20-nginx-base)).
-* **04.11.22:** - Build commits to upstream branch 2.x.
+* **04.11.22:** - Build commits to upstream branch 2.x for the `development` tag.
 * **13.03.21:** - Make searchproviders.yaml user configurable.
-* **11.03.21:** - Rebase to alpine 3.14.
 * **10.02.21:** - Revert to alpine 3.12 as php 7.4 broke laravel.
 * **10.02.21:** - Rebasing to alpine 3.13.
+* **17.08.20:** - Add php7-curl.
 * **01.06.20:** - Rebasing to alpine 3.12.
+* **17.01.20:** - Use nginx from baseimage.
 * **19.12.19:** - Rebasing to alpine 3.11.
-* **15.07.19:** - Save laravel.log to /config, install heimdall during first start.
+* **16.07.19:** - Save laravel.log to /config/log/heimdall.
 * **28.06.19:** - Rebasing to alpine 3.10.
+* **01.04.19:** - Fix permission detect logic.
+* **26.03.19:** - Install Heimdall during container start to prevent delayed start due to overlayfs bug with recursive chown.
 * **23.03.19:** - Switching to new Base images, shift to arm32v7 tag.
+* **15.03.19:** - Clarify docker image tags in readme.
 * **22.02.19:** - Rebasing to alpine 3.9.
+* **16.01.18:** - Generate random app key in .env for new installs.
+* **20.11.18:** - Upgrade baseimage packages during build.
 * **04.11.18:** - Add php7-zip.
 * **31.10.18:** - Add queue service.
 * **17.10.18:** - Symlink avatars folder.

jenkins-vars.yml

@@ -2,10 +2,10 @@
 
 # jenkins variables
 project_name: docker-heimdall
-external_type: github_commit
+external_type: github_stable
-release_type: prerelease
+release_type: stable
-release_tag: development
+release_tag: latest
-ls_branch: development
+ls_branch: master
 repo_vars:
   - EXT_GIT_BRANCH = '2.x'
   - EXT_USER = 'linuxserver'
@@ -24,6 +24,6 @@ repo_vars:
   - CI_PORT='80'
   - CI_SSL='false'
   - CI_DELAY='120'
-  - CI_DOCKERENV=''
+  - CI_DOCKERENV='TZ=US/Pacific'
-  - CI_AUTH=''
+  - CI_AUTH='user:password'
   - CI_WEBPATH=''

package_versions.txt

@@ -1,245 +1,85 @@
-NAME                                VERSION           TYPE           
+alpine-baselayout-3.4.0-r0
-Hidden Input                        1, 0, 0, 0        binary          
+alpine-baselayout-data-3.4.0-r0
-acl-libs                            2.3.2-r1          apk             
+alpine-keys-2.4-r1
-alpine-baselayout                   3.7.0-r0          apk             
+alpine-release-3.17.2-r0
-alpine-baselayout-data              3.7.0-r0          apk             
+apache2-utils-2.4.55-r0
-alpine-keys                         2.5-r0            apk             
+apk-tools-2.12.10-r1
-alpine-release                      3.22.3-r0         apk             
+apr-1.7.2-r0
-apache2-utils                       2.4.66-r0         apk             
+apr-util-1.6.3-r0
-apk-tools                           2.14.9-r3         apk             
+argon2-libs-20190702-r2
-apr                                 1.7.5-r0          apk             
+bash-5.2.15-r0
-apr-util                            1.6.3-r1          apk             
+brotli-libs-1.0.9-r9
-argon2-libs                         20190702-r5       apk             
+busybox-1.35.0-r29
-aws/aws-crt-php                     v1.2.7            php-composer    
+busybox-binsh-1.35.0-r29
-aws/aws-sdk-php                     3.349.3           php-composer    
+ca-certificates-20220614-r4
-barryvdh/laravel-ide-helper         v3.5.5            php-composer    
+ca-certificates-bundle-20220614-r4
-barryvdh/reflection-docblock        v2.3.1            php-composer    
+coreutils-9.1-r0
-bash                                5.2.37-r0         apk             
+curl-7.87.0-r2
-brick/math                          0.12.3            php-composer    
+git-2.38.4-r0
-brotli-libs                         1.1.0-r2          apk             
+icu-data-en-72.1-r1
-busybox                             1.37.0-r20        apk             
+icu-libs-72.1-r1
-busybox-binsh                       1.37.0-r20        apk             
+jq-1.6-r2
-c-ares                              1.34.6-r0         apk             
+libacl-2.3.1-r1
-ca-certificates                     20250911-r0       apk             
+libattr-2.5.1-r2
-ca-certificates-bundle              20250911-r0       apk             
+libbz2-1.0.8-r4
-carbonphp/carbon-doctrine-types     3.2.0             php-composer    
+libc-utils-0.7.2-r3
-catatonit                           0.2.1-r0          apk             
+libcrypto3-3.0.8-r0
-clue/stream-filter                  v1.7.0            php-composer    
+libcurl-7.87.0-r2
-composer                            2.9.5             binary          
+libedit-20221030.3.1-r0
-composer/class-map-generator        1.6.1             php-composer    
+libexpat-2.5.0-r0
-composer/pcre                       3.3.2             php-composer    
+libgcc-12.2.1_git20220924-r4
-coreutils                           9.7-r1            apk             
+libintl-0.21.1-r1
-coreutils-env                       9.7-r1            apk             
+libpq-15.2-r0
-coreutils-fmt                       9.7-r1            apk             
+libproc-3.3.17-r2
-coreutils-sha512sum                 9.7-r1            apk             
+libssl3-3.0.8-r0
-curl                                8.14.1-r2         apk             
+libstdc++-12.2.1_git20220924-r4
-dflydev/dot-access-data             v3.0.3            php-composer    
+libuuid-2.38.1-r1
-doctrine/inflector                  2.0.10            php-composer    
+libxml2-2.10.3-r1
-doctrine/lexer                      3.0.1             php-composer    
+libzip-1.9.2-r2
-dragonmantank/cron-expression       v3.4.0            php-composer    
+linux-pam-1.5.2-r1
-egulias/email-validator             4.0.4             php-composer    
+logrotate-3.20.1-r3
-enshrined/svg-sanitize              0.21.0            php-composer    
+musl-1.2.3-r4
-fakerphp/faker                      v1.24.1           php-composer    
+musl-utils-1.2.3-r4
-filp/whoops                         2.18.3            php-composer    
+nano-7.0-r0
-findutils                           4.10.0-r0         apk             
+ncurses-libs-6.3_p20221119-r0
-fruitcake/php-cors                  v1.3.0            php-composer    
+ncurses-terminfo-base-6.3_p20221119-r0
-git                                 2.49.1-r0         apk             
+nghttp2-libs-1.51.0-r0
-git-init-template                   2.49.1-r0         apk             
+nginx-1.22.1-r0
-graham-campbell/bounded-cache       v3.0.0            php-composer    
+oniguruma-6.9.8-r0
-graham-campbell/github              v12.8.0           php-composer    
+openssl-3.0.8-r0
-graham-campbell/manager             v5.2.0            php-composer    
+pcre-8.45-r2
-graham-campbell/result-type         v1.1.3            php-composer    
+pcre2-10.42-r0
-guzzlehttp/guzzle                   7.9.3             php-composer    
+php81-8.1.16-r0
-guzzlehttp/promises                 2.2.0             php-composer    
+php81-common-8.1.16-r0
-guzzlehttp/psr7                     2.7.1             php-composer    
+php81-ctype-8.1.16-r0
-guzzlehttp/uri-template             v1.0.4            php-composer    
+php81-curl-8.1.16-r0
-hamcrest/hamcrest-php               v2.1.1            php-composer    
+php81-fileinfo-8.1.16-r0
-icu-data-en                         76.1-r1           apk             
+php81-fpm-8.1.16-r0
-icu-libs                            76.1-r1           apk             
+php81-intl-8.1.16-r0
-jq                                  1.8.1-r0          apk             
+php81-mbstring-8.1.16-r0
-knplabs/github-api                  v3.16.0           php-composer    
+php81-mysqlnd-8.1.16-r0
-laravel/framework                   v11.45.1          php-composer    
+php81-openssl-8.1.16-r0
-laravel/prompts                     v0.3.6            php-composer    
+php81-pdo-8.1.16-r0
-laravel/serializable-closure        v2.0.4            php-composer    
+php81-pdo_mysql-8.1.16-r0
-laravel/tinker                      v2.10.1           php-composer    
+php81-pdo_pgsql-8.1.16-r0
-laravel/ui                          v4.6.1            php-composer    
+php81-pdo_sqlite-8.1.16-r0
-lcobucci/jwt                        5.5.0             php-composer    
+php81-session-8.1.16-r0
-league/commonmark                   2.7.0             php-composer    
+php81-simplexml-8.1.16-r0
-league/config                       v1.2.0            php-composer    
+php81-tokenizer-8.1.16-r0
-league/flysystem                    3.30.0            php-composer    
+php81-xml-8.1.16-r0
-league/flysystem-aws-s3-v3          3.29.0            php-composer    
+php81-xmlwriter-8.1.16-r0
-league/flysystem-local              3.30.0            php-composer    
+php81-zip-8.1.16-r0
-league/mime-type-detection          1.16.0            php-composer    
+popt-1.19-r0
-league/uri                          7.5.1             php-composer    
+procps-3.3.17-r2
-league/uri-interfaces               7.5.0             php-composer    
+readline-8.2.0-r0
-libapk2                             2.14.9-r3         apk             
+scanelf-1.3.5-r1
-libattr                             2.5.2-r2          apk             
+shadow-4.13-r0
-libbsd                              0.12.2-r0         apk             
+skalibs-2.12.0.1-r0
-libbz2                              1.0.8-r6          apk             
+sqlite-libs-3.40.1-r0
-libcrypto3                          3.5.5-r0          apk             
+ssl_client-1.35.0-r29
-libcurl                             8.14.1-r2         apk             
+tzdata-2022f-r1
-libedit                             20250104.3.1-r1   apk             
+utmps-libs-0.1.2.0-r1
-libexpat                            2.7.5-r0          apk             
+xz-5.2.9-r0
-libgcc                              14.2.0-r6         apk             
+xz-libs-5.2.9-r0
-libidn2                             2.3.7-r0          apk             
+zlib-1.2.13-r0
-libintl                             0.24.1-r0         apk             
+zstd-libs-1.5.2-r9
-libmd                               1.1.0-r0          apk             
-libncursesw                         6.5_p20250503-r0  apk             
-libpq                               17.9-r0           apk             
-libproc2                            4.0.4-r3          apk             
-libpsl                              0.21.5-r3         apk             
-libssl3                             3.5.5-r0          apk             
-libstdc++                           14.2.0-r6         apk             
-libunistring                        1.3-r0            apk             
-libuuid                             2.41-r9           apk             
-libxml2                             2.13.9-r0         apk             
-libzip                              1.11.4-r0         apk             
-linux-pam                           1.7.0-r4          apk             
-logrotate                           3.21.0-r1         apk             
-mockery/mockery                     1.6.12            php-composer    
-monolog/monolog                     3.9.0             php-composer    
-mtdowling/jmespath.php              2.8.0             php-composer    
-musl                                1.2.5-r10         apk             
-musl-utils                          1.2.5-r10         apk             
-myclabs/deep-copy                   1.13.3            php-composer    
-nano                                8.4-r0            apk             
-ncurses-terminfo-base               6.5_p20250503-r0  apk             
-nesbot/carbon                       3.10.1            php-composer    
-netcat-openbsd                      1.229.1-r0        apk             
-nette/schema                        v1.3.2            php-composer    
-nette/utils                         v4.0.7            php-composer    
-nghttp2-libs                        1.65.0-r0         apk             
-nginx                               1.28.3-r0         apk             
-nikic/php-parser                    v5.5.0            php-composer    
-nunomaduro/collision                v8.5.0            php-composer    
-nunomaduro/termwind                 v2.3.1            php-composer    
-oniguruma                           6.9.10-r0         apk             
-openssl                             3.5.5-r0          apk             
-pcre2                               10.46-r0          apk             
-phar-io/manifest                    2.0.4             php-composer    
-phar-io/version                     3.2.1             php-composer    
-php-http/cache-plugin               2.0.1             php-composer    
-php-http/client-common              2.7.2             php-composer    
-php-http/discovery                  1.20.0            php-composer    
-php-http/httplug                    2.4.1             php-composer    
-php-http/message                    1.16.2            php-composer    
-php-http/multipart-stream-builder   1.4.2             php-composer    
-php-http/promise                    1.3.1             php-composer    
-php84                               8.4.16-r0         apk             
-php84-common                        8.4.16-r0         apk             
-php84-ctype                         8.4.16-r0         apk             
-php84-curl                          8.4.16-r0         apk             
-php84-dom                           8.4.16-r0         apk             
-php84-fileinfo                      8.4.16-r0         apk             
-php84-fpm                           8.4.16-r0         apk             
-php84-iconv                         8.4.16-r0         apk             
-php84-intl                          8.4.16-r0         apk             
-php84-mbstring                      8.4.16-r0         apk             
-php84-mysqlnd                       8.4.16-r0         apk             
-php84-opcache                       8.4.16-r0         apk             
-php84-openssl                       8.4.16-r0         apk             
-php84-pdo                           8.4.16-r0         apk             
-php84-pdo_mysql                     8.4.16-r0         apk             
-php84-pdo_pgsql                     8.4.16-r0         apk             
-php84-pdo_sqlite                    8.4.16-r0         apk             
-php84-phar                          8.4.16-r0         apk             
-php84-session                       8.4.16-r0         apk             
-php84-simplexml                     8.4.16-r0         apk             
-php84-tokenizer                     8.4.16-r0         apk             
-php84-xml                           8.4.16-r0         apk             
-php84-xmlwriter                     8.4.16-r0         apk             
-php84-zip                           8.4.16-r0         apk             
-phpoption/phpoption                 1.9.3             php-composer    
-phpunit/php-code-coverage           10.1.16           php-composer    
-phpunit/php-file-iterator           4.1.0             php-composer    
-phpunit/php-invoker                 4.0.0             php-composer    
-phpunit/php-text-template           3.0.1             php-composer    
-phpunit/php-timer                   6.0.0             php-composer    
-phpunit/phpunit                     10.5.47           php-composer    
-popt                                1.19-r4           apk             
-procps-ng                           4.0.4-r3          apk             
-psr/cache                           3.0.0             php-composer    
-psr/clock                           1.0.0             php-composer    
-psr/container                       2.0.2             php-composer    
-psr/event-dispatcher                1.0.0             php-composer    
-psr/http-client                     1.0.3             php-composer    
-psr/http-factory                    1.1.0             php-composer    
-psr/http-message                    2.0               php-composer    
-psr/log                             3.0.2             php-composer    
-psr/simple-cache                    3.0.0             php-composer    
-psy/psysh                           v0.12.9           php-composer    
-ralouphie/getallheaders             3.0.3             php-composer    
-ramsey/collection                   2.1.1             php-composer    
-ramsey/uuid                         4.9.0             php-composer    
-readline                            8.2.13-r1         apk             
-scanelf                             1.3.8-r1          apk             
-sebastian/cli-parser                2.0.1             php-composer    
-sebastian/code-unit                 2.0.0             php-composer    
-sebastian/code-unit-reverse-lookup  3.0.0             php-composer    
-sebastian/comparator                5.0.3             php-composer    
-sebastian/complexity                3.2.0             php-composer    
-sebastian/diff                      5.1.1             php-composer    
-sebastian/environment               6.1.0             php-composer    
-sebastian/exporter                  5.1.2             php-composer    
-sebastian/global-state              6.0.2             php-composer    
-sebastian/lines-of-code             2.0.2             php-composer    
-sebastian/object-enumerator         5.0.0             php-composer    
-sebastian/object-reflector          3.0.0             php-composer    
-sebastian/recursion-context         5.0.0             php-composer    
-sebastian/type                      4.0.0             php-composer    
-sebastian/version                   4.0.1             php-composer    
-shadow                              4.17.3-r0         apk             
-skalibs-libs                        2.14.4.0-r0       apk             
-spatie/backtrace                    1.7.4             php-composer    
-spatie/error-solutions              1.1.3             php-composer    
-spatie/flare-client-php             1.10.1            php-composer    
-spatie/ignition                     1.15.1            php-composer    
-spatie/laravel-html                 3.12.0            php-composer    
-spatie/laravel-ignition             2.9.1             php-composer    
-sqlite-libs                         3.49.2-r1         apk             
-squizlabs/php_codesniffer           3.13.2            php-composer    
-ssl_client                          1.37.0-r20        apk             
-symfony/cache                       v7.3.1            php-composer    
-symfony/cache-contracts             v3.6.0            php-composer    
-symfony/clock                       v7.3.0            php-composer    
-symfony/console                     v7.3.1            php-composer    
-symfony/css-selector                v7.3.0            php-composer    
-symfony/deprecation-contracts       v3.6.0            php-composer    
-symfony/error-handler               v7.3.1            php-composer    
-symfony/event-dispatcher            v7.3.0            php-composer    
-symfony/event-dispatcher-contracts  v3.6.0            php-composer    
-symfony/finder                      v7.3.0            php-composer    
-symfony/http-foundation             v7.3.1            php-composer    
-symfony/http-kernel                 v7.3.1            php-composer    
-symfony/mailer                      v7.3.1            php-composer    
-symfony/mime                        v7.3.0            php-composer    
-symfony/options-resolver            v7.3.0            php-composer    
-symfony/polyfill-ctype              v1.32.0           php-composer    
-symfony/polyfill-intl-grapheme      v1.32.0           php-composer    
-symfony/polyfill-intl-idn           v1.32.0           php-composer    
-symfony/polyfill-intl-normalizer    v1.32.0           php-composer    
-symfony/polyfill-mbstring           v1.32.0           php-composer    
-symfony/polyfill-php80              v1.32.0           php-composer    
-symfony/polyfill-php83              v1.32.0           php-composer    
-symfony/polyfill-uuid               v1.32.0           php-composer    
-symfony/process                     v7.3.0            php-composer    
-symfony/routing                     v7.3.0            php-composer    
-symfony/service-contracts           v3.6.0            php-composer    
-symfony/string                      v7.3.0            php-composer    
-symfony/thanks                      v1.4.0            php-composer    
-symfony/translation                 v7.3.1            php-composer    
-symfony/translation-contracts       v3.6.0            php-composer    
-symfony/uid                         v7.3.1            php-composer    
-symfony/var-dumper                  v7.3.1            php-composer    
-symfony/var-exporter                v7.3.0            php-composer    
-symfony/yaml                        v7.3.1            php-composer    
-theseer/tokenizer                   1.2.3             php-composer    
-tijsverkoyen/css-to-inline-styles   v2.3.0            php-composer    
-tzdata                              2026a-r0          apk             
-utmps-libs                          0.1.3.1-r0        apk             
-vlucas/phpdotenv                    v5.6.2            php-composer    
-voku/portable-ascii                 2.0.3             php-composer    
-webmozart/assert                    1.11.0            php-composer    
-xz-libs                             5.8.1-r0          apk             
-zlib                                1.3.1-r2          apk             
-zstd-libs                           1.5.7-r0          apk             

readme-vars.yml

@@ -11,118 +11,70 @@ project_blurb: |
 
   Why not use it as your browser start page? It even has the ability to include a search bar using either Google, Bing or DuckDuckGo.
 project_lsio_github_repo_url: "https://github.com/linuxserver/docker-{{ project_name }}"
+
 # supported architectures
 available_architectures:
-  - {arch: "{{ arch_x86_64 }}", tag: "amd64-latest"}
+  - { arch: "{{ arch_x86_64 }}", tag: "amd64-latest"}
-  - {arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"}
+  - { arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"}
+  - { arch: "{{ arch_armhf }}", tag: "arm32v7-latest"}
+
 # development version
 development_versions: true
 development_versions_items:
-  - {tag: "latest", desc: "Stable Heimdall releases."}
+  - { tag: "latest", desc: "Stable Heimdall releases." }
-  - {tag: "development", desc: "Latest commit from the github 2.x branch."}
+  - { tag: "development", desc: "Latest commit from the github 2.x branch." }
+
 # container parameters
 common_param_env_vars_enabled: true
 param_container_name: "{{ project_name }}"
 param_usage_include_vols: true
 param_volumes:
-  - {vol_path: "/config", vol_host_path: "/path/to/{{ project_name }}/config", desc: "Persistent config files"}
+  - { vol_path: "/config", vol_host_path: "/path/to/appdata/config", desc: "Contains all relevant configuration files." }
 param_usage_include_ports: true
 param_ports:
-  - {external_port: "80", internal_port: "80", port_desc: "http gui"}
+  - { external_port: "80", internal_port: "80", port_desc: "http gui" }
-  - {external_port: "443", internal_port: "443", port_desc: "https gui"}
+  - { external_port: "443", internal_port: "443", port_desc: "https gui" }
-opt_param_usage_include_env: true
+param_usage_include_env: true
-opt_param_env_vars:
+param_env_vars:
-  - {env_var: "ALLOW_INTERNAL_REQUESTS", env_value: "false", desc: "By default, Heimdall blocks lookup requests to private or reserved IP addresses, if your instance is not exposed to the internet, or is behind some level of authentication, you can set this to `true` to allow requests to private IP addresses."}
+  - { env_var: "TZ", env_value: "Europe/London", desc: "Specify a timezone to use EG Europe/London"}
+
 # application setup block
 app_setup_block_enabled: true
 app_setup_block: |
   Access the web gui at http://SERVERIP:PORT
 
+
   ### Adding password protection
   
   This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. Uncomment the `basic auth` lines in `/config/nginx/site-confs/default.conf` and restart the container.
-# init diagram
+
-init_diagram: |
-  "heimdall:development": {
-    docker-mods
-    base {
-      fix-attr +\nlegacy cont-init
-    }
-    docker-mods -> base
-    legacy-services
-    custom services
-    init-services -> legacy-services
-    init-services -> custom services
-    custom services -> legacy-services
-    legacy-services -> ci-service-check
-    init-migrations -> init-adduser
-    init-nginx-end -> init-config
-    init-os-end -> init-config
-    init-config -> init-config-end
-    init-crontab-config -> init-config-end
-    init-heimdall-config -> init-config-end
-    init-config -> init-crontab-config
-    init-mods-end -> init-custom-files
-    init-adduser -> init-device-perms
-    base -> init-envfile
-    init-os-end -> init-folders
-    init-nginx-end -> init-heimdall-config
-    init-php -> init-keygen
-    base -> init-migrations
-    init-config-end -> init-mods
-    init-mods-package-install -> init-mods-end
-    init-mods -> init-mods-package-install
-    init-samples -> init-nginx
-    init-version-checks -> init-nginx-end
-    init-adduser -> init-os-end
-    init-device-perms -> init-os-end
-    init-envfile -> init-os-end
-    init-keygen -> init-permissions
-    init-nginx -> init-php
-    init-folders -> init-samples
-    init-custom-files -> init-services
-    init-permissions -> init-version-checks
-    init-services -> svc-cron
-    svc-cron -> legacy-services
-    init-services -> svc-nginx
-    svc-nginx -> legacy-services
-    init-services -> svc-php-fpm
-    svc-php-fpm -> legacy-services
-    init-services -> svc-queue
-    svc-queue -> legacy-services
-  }
-  Base Images: {
-    "baseimage-alpine-nginx:3.22" <- "baseimage-alpine:3.22"
-  }
-  "heimdall:development" <- Base Images
 # changelog
 changelogs:
-  - {date: "17.07.25:", desc: "Rebase to Alpine 3.22, enable PHP environment passthrough."}
+  - { date: "20.01.23:", desc: "Rebase to alpine 3.17 with php8.1." }
-  - {date: "27.06.24:", desc: "Rebase to Alpine 3.20. Existing users should update their nginx confs to avoid http2 deprecation warnings."}
+  - { date: "14.11.22:", desc: "Rebasing to alpine 3.15 with php8. Restructure nginx configs ([see changes announcement](https://info.linuxserver.io/issues/2022-08-20-nginx-base))." }
-  - {date: "07.03.24:", desc: "Enable the opcache and disable file revalidation."}
+  - { date: "04.11.22:", desc: "Build commits to upstream branch 2.x for the `development` tag." }
-  - {date: "06.03.24:", desc: "Existing users should update: site-confs/default.conf - Cleanup default site conf."}
+  - { date: "13.03.21:", desc: "Make searchproviders.yaml user configurable." }
-  - {date: "23.12.23:", desc: "Rebase to Alpine 3.19 with php 8.3."}
+  - { date: "10.02.21:", desc: "Revert to alpine 3.12 as php 7.4 broke laravel." }
-  - {date: "25.05.23:", desc: "Rebase to Alpine 3.18, deprecate armhf."}
+  - { date: "10.02.21:", desc: "Rebasing to alpine 3.13." }
-  - {date: "13.04.23:", desc: "Move ssl.conf include to default.conf."}
+  - { date: "17.08.20:", desc: "Add php7-curl." }
-  - {date: "20.01.23:", desc: "Rebase to alpine 3.17 with php8.1."}
+  - { date: "01.06.20:", desc: "Rebasing to alpine 3.12." }
-  - {date: "14.11.22:", desc: "Rebasing to alpine 3.15 with php8. Restructure nginx configs ([see changes announcement](https://info.linuxserver.io/issues/2022-08-20-nginx-base))."}
+  - { date: "17.01.20:", desc: "Use nginx from baseimage." }
-  - {date: "04.11.22:", desc: "Build commits to upstream branch 2.x."}
+  - { date: "19.12.19:", desc: "Rebasing to alpine 3.11." }
-  - {date: "13.03.21:", desc: "Make searchproviders.yaml user configurable."}
+  - { date: "16.07.19:", desc: "Save laravel.log to /config/log/heimdall." }
-  - {date: "11.03.21:", desc: "Rebase to alpine 3.14."}
+  - { date: "28.06.19:", desc: "Rebasing to alpine 3.10." }
-  - {date: "10.02.21:", desc: "Revert to alpine 3.12 as php 7.4 broke laravel."}
+  - { date: "01.04.19:", desc: "Fix permission detect logic." }
-  - {date: "10.02.21:", desc: "Rebasing to alpine 3.13."}
+  - { date: "26.03.19:", desc: "Install Heimdall during container start to prevent delayed start due to overlayfs bug with recursive chown." }
-  - {date: "01.06.20:", desc: "Rebasing to alpine 3.12."}
+  - { date: "23.03.19:", desc: "Switching to new Base images, shift to arm32v7 tag." }
-  - {date: "19.12.19:", desc: "Rebasing to alpine 3.11."}
+  - { date: "15.03.19:", desc: "Clarify docker image tags in readme." }
-  - {date: "15.07.19:", desc: "Save laravel.log to /config, install heimdall during first start."}
+  - { date: "22.02.19:", desc: "Rebasing to alpine 3.9." }
-  - {date: "28.06.19:", desc: "Rebasing to alpine 3.10."}
+  - { date: "16.01.18:", desc: "Generate random app key in .env for new installs." }
-  - {date: "23.03.19:", desc: "Switching to new Base images, shift to arm32v7 tag."}
+  - { date: "20.11.18:", desc: "Upgrade baseimage packages during build." }
-  - {date: "22.02.19:", desc: "Rebasing to alpine 3.9."}
+  - { date: "04.11.18:", desc: "Add php7-zip." }
-  - {date: "04.11.18:", desc: "Add php7-zip."}
+  - { date: "31.10.18:", desc: "Add queue service." }
-  - {date: "31.10.18:", desc: "Add queue service."}
+  - { date: "17.10.18:", desc: "Symlink avatars folder." }
-  - {date: "17.10.18:", desc: "Symlink avatars folder."}
+  - { date: "16.10.18:", desc: "Updated fastcgi_params for user login support." }
-  - {date: "16.10.18:", desc: "Updated fastcgi_params for user login support."}
+  - { date: "07.10.18:", desc: "Symlink `.env` rather than copy. It now resides under `/config/www`" }
-  - {date: "07.10.18:", desc: "Symlink `.env` rather than copy. It now resides under `/config/www`"}
+  - { date: "30.09.18:", desc: "Multi-arch image. Move `.env` to `/config`." }
-  - {date: "30.09.18:", desc: "Multi-arch image. Move `.env` to `/config`."}
+  - { date: "05.09.18:", desc: "Rebase to alpine linux 3.8." }
-  - {date: "05.09.18:", desc: "Rebase to alpine linux 3.8."}
+  - { date: "06.03.18:", desc: "Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default.conf and restart the container, a new default site config with htpasswd support will be created in its place" }
-  - {date: "06.03.18:", desc: "Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default.conf and restart the container, a new default site config with htpasswd support will be created in its place"}
+  - { date: "12.02.18:", desc: "Initial Release." }
-  - {date: "12.02.18:", desc: "Initial Release."}

root/defaults/nginx/site-confs/default.conf.sample

@@ -0,0 +1,34 @@
+## Version 2022/11/14 - Changelog: https://github.com/linuxserver/docker-heimdall/commits/master/root/defaults/nginx/site-confs/default.conf.sample
+
+server {
+    listen 80 default_server;
+    listen [::]:80 default_server;
+
+    listen 443 ssl http2 default_server;
+    listen [::]:443 ssl http2 default_server;
+
+    server_name _;
+
+    root /app/www/public;
+    index index.html index.htm index.php;
+
+    location / {
+        # enable for basic auth
+        #auth_basic "Restricted";
+        #auth_basic_user_file /config/nginx/.htpasswd;
+
+        try_files $uri $uri/ /index.html /index.php$is_args$args;
+    }
+
+    location ~ ^(.+\.php)(.*)$ {
+        fastcgi_split_path_info ^(.+\.php)(.*)$;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    # deny access to .htaccess/.htpasswd files
+    location ~ /\.ht {
+        deny all;
+    }
+}

root/migrations/02-default-location

@@ -5,7 +5,7 @@ DEFAULT_CONF="/config/nginx/site-confs/default.conf"
 OLD_ROOT="root /var/www/localhost/heimdall/public;"
 NEW_ROOT="root /app/www/public;"
 
-if [[ -f "${DEFAULT_CONF}" ]] && grep -q "${OLD_ROOT}" "${DEFAULT_CONF}" 2>/dev/null; then
+if grep -q "${OLD_ROOT}" "${DEFAULT_CONF}" 2>/dev/null; then
     echo "updating root in ${DEFAULT_CONF}"
     sed -i "s|${OLD_ROOT}|${NEW_ROOT}|" "${DEFAULT_CONF}"
 fi