Bot Updating Package Versions

Bot Updating Templated Files
2026-02-22 20:30:31 +09:00 · 2026-02-20 19:07:58 +00:00 · 2026-02-13 19:12:15 +00:00 · 2026-02-13 19:10:06 +00:00 · 2026-02-06 19:09:30 +00:00 · 2026-01-30 19:03:30 +00:00
20 changed files with 747 additions and 464 deletions
--- a/.editorconfig
+++ b/.editorconfig
--- a/.github/CONTRIBUTING.md
+++ b/.github/CONTRIBUTING.md
@@ -6,7 +6,7 @@
 * Read, and fill the Pull Request template
  * If this is a fix for a typo (in code, documentation, or the README) please file an issue and let us sort it out. We do not need a PR
  * If the PR is addressing an existing issue include, closes #\<issue number>, in the body of the PR commit message
-* If you want to discuss changes, you can also bring it up in [#dev-talk](https://discordapp.com/channels/354974912613449730/757585807061155840) in our [Discord server](https://discord.gg/YWrKVTn)
+* If you want to discuss changes, you can also bring it up in [#dev-talk](https://discordapp.com/channels/354974912613449730/757585807061155840) in our [Discord server](https://linuxserver.io/discord)

 ## Common files

@@ -105,10 +105,10 @@ docker build \
  -t linuxserver/heimdall:latest .
 ```

-The ARM variants can be built on x86_64 hardware using `multiarch/qemu-user-static`
+The ARM variants can be built on x86_64 hardware and vice versa using `lscr.io/linuxserver/qemu-static`

 ```bash
-docker run --rm --privileged multiarch/qemu-user-static:register --reset
+docker run --rm --privileged lscr.io/linuxserver/qemu-static --reset
 ```

 Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64`.
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -1,7 +1,7 @@
 blank_issues_enabled: false
 contact_links:
  - name: Discord chat support
-    url: https://discord.gg/YWrKVTn
+    url: https://linuxserver.io/discord
    about: Realtime support / chat with the community and the team.

  - name: Discourse discussion forum
--- a/.github/ISSUE_TEMPLATE/issue.bug.yml
+++ b/.github/ISSUE_TEMPLATE/issue.bug.yml
--- a/.github/ISSUE_TEMPLATE/issue.feature.yml
+++ b/.github/ISSUE_TEMPLATE/issue.feature.yml
--- a/.github/workflows/call_issue_pr_tracker.yml
+++ b/.github/workflows/call_issue_pr_tracker.yml
@@ -8,6 +8,9 @@ on:
  pull_request_review:
    types: [submitted,edited,dismissed]

+permissions:
+  contents: read
+
 jobs:
  manage-project:
    permissions:
--- a/.github/workflows/call_issues_cron.yml
+++ b/.github/workflows/call_issues_cron.yml
@@ -4,6 +4,9 @@ on:
    - cron:  '14 15 * * *'
  workflow_dispatch:

+permissions:
+  contents: read
+
 jobs:
  stale:
    permissions:
--- a/.github/workflows/external_trigger.yml
+++ b/.github/workflows/external_trigger.yml
@@ -3,6 +3,9 @@ name: External Trigger Main
 on:
  workflow_dispatch:

+permissions:
+  contents: read
+
 jobs:
  external-trigger-development:
    runs-on: ubuntu-latest
@@ -15,7 +18,10 @@ jobs:
          SKIP_EXTERNAL_TRIGGER: ${{ vars.SKIP_EXTERNAL_TRIGGER }}
        run: |
          printf "# External trigger for docker-heimdall\n\n" >> $GITHUB_STEP_SUMMARY
-          if grep -q "^heimdall_development" <<< "${SKIP_EXTERNAL_TRIGGER}"; then
+          if grep -q "^heimdall_development_" <<< "${SKIP_EXTERNAL_TRIGGER}"; then
+            echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY
+            echo "> Github organizational variable \`SKIP_EXTERNAL_TRIGGER\` contains \`heimdall_development_\`; will skip trigger if version matches." >> $GITHUB_STEP_SUMMARY
+          elif grep -q "^heimdall_development" <<< "${SKIP_EXTERNAL_TRIGGER}"; then
            echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
            echo "> Github organizational variable \`SKIP_EXTERNAL_TRIGGER\` contains \`heimdall_development\`; skipping trigger." >> $GITHUB_STEP_SUMMARY
            exit 0
@@ -25,6 +31,11 @@ jobs:
          printf "\n## Retrieving external version\n\n" >> $GITHUB_STEP_SUMMARY
          EXT_RELEASE=$(curl -u "${{ secrets.CR_USER }}:${{ secrets.CR_PAT }}" -sX GET "https://api.github.com/repos/linuxserver/Heimdall/commits/2.x" | jq -r '. | .sha' | cut -c1-8)
          echo "Type is \`github_commit\`" >> $GITHUB_STEP_SUMMARY
+          if grep -q "^heimdall_development_${EXT_RELEASE}" <<< "${SKIP_EXTERNAL_TRIGGER}"; then
+            echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
+            echo "> Github organizational variable \`SKIP_EXTERNAL_TRIGGER\` matches current external release; skipping trigger." >> $GITHUB_STEP_SUMMARY
+            exit 0
+          fi
          if [ -z "${EXT_RELEASE}" ] || [ "${EXT_RELEASE}" == "null" ]; then
            echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
            echo "> Can't retrieve external version, exiting" >> $GITHUB_STEP_SUMMARY
@@ -35,24 +46,43 @@ jobs:
              "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
            exit 1
          fi
-          EXT_RELEASE=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g')
-          echo "External version: \`${EXT_RELEASE}\`" >> $GITHUB_STEP_SUMMARY
+          EXT_RELEASE_SANITIZED=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g')
+          echo "Sanitized external version: \`${EXT_RELEASE_SANITIZED}\`" >> $GITHUB_STEP_SUMMARY
          echo "Retrieving last pushed version" >> $GITHUB_STEP_SUMMARY
          image="linuxserver/heimdall"
          tag="development"
          token=$(curl -sX GET \
            "https://ghcr.io/token?scope=repository%3Alinuxserver%2Fheimdall%3Apull" \
            | jq -r '.token')
-            multidigest=$(curl -s \
+          multidigest=$(curl -s \
+            --header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
+            --header "Accept: application/vnd.oci.image.index.v1+json" \
+            --header "Authorization: Bearer ${token}" \
+            "https://ghcr.io/v2/${image}/manifests/${tag}")
+          if jq -e '.layers // empty' <<< "${multidigest}" >/dev/null 2>&1; then
+            # If there's a layer element it's a single-arch manifest so just get that digest
+            digest=$(jq -r '.config.digest' <<< "${multidigest}")
+          else
+            # Otherwise it's multi-arch or has manifest annotations
+            if jq -e '.manifests[]?.annotations // empty' <<< "${multidigest}" >/dev/null 2>&1; then
+              # Check for manifest annotations and delete if found
+              multidigest=$(jq 'del(.manifests[] | select(.annotations))' <<< "${multidigest}")
+            fi
+            if [[ $(jq '.manifests | length' <<< "${multidigest}") -gt 1 ]]; then
+              # If there's still more than one digest, it's multi-arch
+              multidigest=$(jq -r ".manifests[] | select(.platform.architecture == \"amd64\").digest?" <<< "${multidigest}")
+            else
+              # Otherwise it's single arch
+              multidigest=$(jq -r ".manifests[].digest?" <<< "${multidigest}")
+            fi
+            if digest=$(curl -s \
              --header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
+              --header "Accept: application/vnd.oci.image.manifest.v1+json" \
              --header "Authorization: Bearer ${token}" \
-              "https://ghcr.io/v2/${image}/manifests/${tag}" \
-              | jq -r 'first(.manifests[].digest)')
-            digest=$(curl -s \
-              --header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
-              --header "Authorization: Bearer ${token}" \
-              "https://ghcr.io/v2/${image}/manifests/${multidigest}" \
-              | jq -r '.config.digest')
+              "https://ghcr.io/v2/${image}/manifests/${multidigest}"); then
+              digest=$(jq -r '.config.digest' <<< "${digest}");
+            fi
+          fi
          image_info=$(curl -sL \
            --header "Authorization: Bearer ${token}" \
            "https://ghcr.io/v2/${image}/blobs/${digest}")
@@ -73,8 +103,8 @@ jobs:
            exit 1
          fi
          echo "Last pushed version: \`${IMAGE_VERSION}\`" >> $GITHUB_STEP_SUMMARY
-          if [ "${EXT_RELEASE}" == "${IMAGE_VERSION}" ]; then
-            echo "Version \`${EXT_RELEASE}\` already pushed, exiting" >> $GITHUB_STEP_SUMMARY
+          if [ "${EXT_RELEASE_SANITIZED}" == "${IMAGE_VERSION}" ]; then
+            echo "Sanitized version \`${EXT_RELEASE_SANITIZED}\` already pushed, exiting" >> $GITHUB_STEP_SUMMARY
            exit 0
          elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-heimdall/job/development/lastBuild/api/json | jq -r '.building') == "true" ]; then
            echo "New version \`${EXT_RELEASE}\` found; but there already seems to be an active build on Jenkins; exiting" >> $GITHUB_STEP_SUMMARY
@@ -89,8 +119,8 @@ jobs:
                "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
            else
              printf "\n## Trigger new build\n\n" >> $GITHUB_STEP_SUMMARY
-              echo "New version \`${EXT_RELEASE}\` found; old version was \`${IMAGE_VERSION}\`. Triggering new build" >> $GITHUB_STEP_SUMMARY
-              if "${artifacts_found}" == "true" ]]; then
+              echo "New sanitized version \`${EXT_RELEASE_SANITIZED}\` found; old version was \`${IMAGE_VERSION}\`. Triggering new build" >> $GITHUB_STEP_SUMMARY
+              if [[ "${artifacts_found}" == "true" ]]; then
                echo "All artifacts seem to be uploaded." >> $GITHUB_STEP_SUMMARY
              fi
              response=$(curl -iX POST \
@@ -109,7 +139,7 @@ jobs:
                --data-urlencode "description=GHA external trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \
                --data-urlencode "Submit=Submit"
              echo "**** Notifying Discord ****"
-              TRIGGER_REASON="A version change was detected for heimdall tag development. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE}"
+              TRIGGER_REASON="A version change was detected for heimdall tag development. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE_SANITIZED}"
              curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903,
                "description": "**Build Triggered** \n**Reason:** '"${TRIGGER_REASON}"' \n**Build URL:** '"${buildurl}display/redirect"' \n"}],
                "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
--- a/.github/workflows/external_trigger_scheduler.yml
+++ b/.github/workflows/external_trigger_scheduler.yml
@@ -5,6 +5,9 @@ on:
    - cron:  '39 * * * *'
  workflow_dispatch:

+permissions:
+  contents: read
+
 jobs:
  external-trigger-scheduler:
    runs-on: ubuntu-latest
--- a/.github/workflows/greetings.yml
+++ b/.github/workflows/greetings.yml
@@ -2,8 +2,14 @@ name: Greetings

 on: [pull_request_target, issues]

+permissions:
+  contents: read
+
 jobs:
  greeting:
+    permissions:
+      issues: write
+      pull-requests: write
    runs-on: ubuntu-latest
    steps:
    - uses: actions/first-interaction@v1
--- a/.github/workflows/package_trigger_scheduler.yml
+++ b/.github/workflows/package_trigger_scheduler.yml
@@ -5,6 +5,9 @@ on:
    - cron:  '14 18 * * 5'
  workflow_dispatch:

+permissions:
+  contents: read
+
 jobs:
  package-trigger-scheduler:
    runs-on: ubuntu-latest
@@ -27,9 +30,18 @@ jobs:
            fi
            printf "\n## Evaluating \`%s\`\n\n" ${br} >> $GITHUB_STEP_SUMMARY
            JENKINS_VARS=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-heimdall/${br}/jenkins-vars.yml)
-            if [[ "${br}" == $(yq -r '.ls_branch' <<< "${JENKINS_VARS}") ]]; then
+            if ! curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-heimdall/${br}/Jenkinsfile >/dev/null 2>&1; then
+              echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
+              echo "> No Jenkinsfile found. Branch is either deprecated or is an early dev branch." >> $GITHUB_STEP_SUMMARY
+              skipped_branches="${skipped_branches}${br} "
+            elif [[ "${br}" == $(yq -r '.ls_branch' <<< "${JENKINS_VARS}") ]]; then
              echo "Branch appears to be live; checking workflow." >> $GITHUB_STEP_SUMMARY
-              if [[ $(yq -r '.skip_package_check' <<< "${JENKINS_VARS}") == "true" ]]; then
+              README_VARS=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-heimdall/${br}/readme-vars.yml)
+              if [[ $(yq -r '.project_deprecation_status' <<< "${README_VARS}") == "true" ]]; then
+                echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
+                echo "> Branch appears to be deprecated; skipping trigger." >> $GITHUB_STEP_SUMMARY
+                skipped_branches="${skipped_branches}${br} "
+              elif [[ $(yq -r '.skip_package_check' <<< "${JENKINS_VARS}") == "true" ]]; then
                echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
                echo "> Skipping branch ${br} due to \`skip_package_check\` being set in \`jenkins-vars.yml\`." >> $GITHUB_STEP_SUMMARY
                skipped_branches="${skipped_branches}${br} "
@@ -37,7 +49,7 @@ jobs:
                echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
                echo "> Github organizational variable \`SKIP_PACKAGE_TRIGGER\` contains \`heimdall_${br}\`; skipping trigger." >> $GITHUB_STEP_SUMMARY
                skipped_branches="${skipped_branches}${br} "
-              elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-heimdall/job/${br}/lastBuild/api/json | jq -r '.building') == "true" ]; then
+              elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-heimdall/job/${br}/lastBuild/api/json | jq -r '.building' 2>/dev/null) == "true" ]; then
                echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
                echo "> There already seems to be an active build on Jenkins; skipping package trigger for ${br}" >> $GITHUB_STEP_SUMMARY
                skipped_branches="${skipped_branches}${br} "
@@ -49,6 +61,11 @@ jobs:
                response=$(curl -iX POST \
                  https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-heimdall/job/${br}/buildWithParameters?PACKAGE_CHECK=true \
                  --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|")
+                if [[ -z "${response}" ]]; then
+                  echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
+                  echo "> Jenkins build could not be triggered. Skipping branch."
+                  continue
+                fi
                echo "Jenkins [job queue url](${response%$'\r'})" >> $GITHUB_STEP_SUMMARY
                echo "Sleeping 10 seconds until job starts" >> $GITHUB_STEP_SUMMARY
                sleep 10
@@ -56,11 +73,14 @@ jobs:
                buildurl="${buildurl%$'\r'}"
                echo "Jenkins job [build url](${buildurl})" >> $GITHUB_STEP_SUMMARY
                echo "Attempting to change the Jenkins job description" >> $GITHUB_STEP_SUMMARY
-                curl -iX POST \
+                if ! curl -ifX POST \
                  "${buildurl}submitDescription" \
                  --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \
                  --data-urlencode "description=GHA package trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \
-                  --data-urlencode "Submit=Submit"
+                  --data-urlencode "Submit=Submit"; then
+                  echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
+                  echo "> Unable to change the Jenkins job description."
+                fi
                sleep 20
              fi
            else
@@ -70,13 +90,14 @@ jobs:
          if [[ -n "${triggered_branches}" ]] || [[ -n "${skipped_branches}" ]]; then
            if [[ -n "${triggered_branches}" ]]; then
              NOTIFY_BRANCHES="**Triggered:** ${triggered_branches} \n"
+              NOTIFY_BUILD_URL="**Build URL:** https://ci.linuxserver.io/blue/organizations/jenkins/Docker-Pipeline-Builders%2Fdocker-heimdall/activity/ \n"
+              echo "**** Package check build(s) triggered for branch(es): ${triggered_branches} ****"
            fi
            if [[ -n "${skipped_branches}" ]]; then
              NOTIFY_BRANCHES="${NOTIFY_BRANCHES}**Skipped:** ${skipped_branches} \n"
            fi
-            echo "**** Package check build(s) triggered for branch(es): ${triggered_branches} ****"
            echo "**** Notifying Discord ****"
            curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903,
-              "description": "**Package Check Build(s) Triggered for heimdall** \n'"${NOTIFY_BRANCHES}"'**Build URL:** '"https://ci.linuxserver.io/blue/organizations/jenkins/Docker-Pipeline-Builders%2Fdocker-heimdall/activity/"' \n"}],
+              "description": "**Package Check Build(s) for heimdall** \n'"${NOTIFY_BRANCHES}"''"${NOTIFY_BUILD_URL}"'"}],
              "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
          fi
--- a/.github/workflows/permissions.yml
+++ b/.github/workflows/permissions.yml
--- a/22
+++ b/22
@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:1

-FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.20
+FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.22

 # set version label
 ARG BUILD_DATE
@@ -12,13 +12,13 @@ LABEL maintainer="aptalca"
 RUN \
  echo "**** install runtime packages ****" && \
  apk add --no-cache \
-    php83-dom \
-    php83-intl \
-    php83-opcache \
-    php83-pdo_mysql \
-    php83-pdo_pgsql \
-    php83-pdo_sqlite \
-    php83-tokenizer && \
+    php84-dom \
+    php84-intl \
+    php84-opcache \
+    php84-pdo_mysql \
+    php84-pdo_pgsql \
+    php84-pdo_sqlite \
+    php84-tokenizer && \
  echo "**** configure nginx ****" && \
  echo 'fastcgi_param  PHP_AUTH_USER      $remote_user; # Heimdall user authorization' >> \
    /etc/nginx/fastcgi_params && \
@@ -26,7 +26,11 @@ RUN \
    /etc/nginx/fastcgi_params && \
  echo "**** configure php opcache ****" && \
  echo 'opcache.validate_timestamps=0' >> \
-    /etc/php83/conf.d/00_opcache.ini && \
+    /etc/php84/conf.d/00_opcache.ini && \
+  echo "**** configure php-fpm to pass env vars ****" && \
+  sed -E -i 's/^;?clear_env ?=.*$/clear_env = no/g' /etc/php84/php-fpm.d/www.conf && \
+  if ! grep -qxF 'clear_env = no' /etc/php84/php-fpm.d/www.conf; then echo 'clear_env = no' >> /etc/php84/php-fpm.d/www.conf; fi && \
+  echo "env[PATH] = /usr/local/bin:/usr/bin:/bin" >> /etc/php84/php-fpm.conf && \
  echo "**** install heimdall ****" && \
  mkdir -p \
    /heimdall && \
--- a/Dockerfile.aarch64
+++ b/Dockerfile.aarch64
@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:1

-FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.20
+FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.22

 # set version label
 ARG BUILD_DATE
@@ -12,13 +12,13 @@ LABEL maintainer="aptalca"
 RUN \
  echo "**** install runtime packages ****" && \
  apk add --no-cache \
-    php83-dom \
-    php83-intl \
-    php83-opcache \
-    php83-pdo_mysql \
-    php83-pdo_pgsql \
-    php83-pdo_sqlite \
-    php83-tokenizer && \
+    php84-dom \
+    php84-intl \
+    php84-opcache \
+    php84-pdo_mysql \
+    php84-pdo_pgsql \
+    php84-pdo_sqlite \
+    php84-tokenizer && \
  echo "**** configure nginx ****" && \
  echo 'fastcgi_param  PHP_AUTH_USER      $remote_user; # Heimdall user authorization' >> \
    /etc/nginx/fastcgi_params && \
@@ -26,7 +26,11 @@ RUN \
    /etc/nginx/fastcgi_params && \
  echo "**** configure php opcache ****" && \
  echo 'opcache.validate_timestamps=0' >> \
-    /etc/php83/conf.d/00_opcache.ini && \
+    /etc/php84/conf.d/00_opcache.ini && \
+  echo "**** configure php-fpm to pass env vars ****" && \
+  sed -E -i 's/^;?clear_env ?=.*$/clear_env = no/g' /etc/php84/php-fpm.d/www.conf && \
+  if ! grep -qxF 'clear_env = no' /etc/php84/php-fpm.d/www.conf; then echo 'clear_env = no' >> /etc/php84/php-fpm.d/www.conf; fi && \
+  echo "env[PATH] = /usr/local/bin:/usr/bin:/bin" >> /etc/php84/php-fpm.conf && \
  echo "**** install heimdall ****" && \
  mkdir -p \
    /heimdall && \
--- a/396
+++ b/396
@@ -8,7 +8,7 @@ pipeline {
  }
  // Input to determine if this is a package check
  parameters {
-     string(defaultValue: 'false', description: 'package check run', name: 'PACKAGE_CHECK')
+    string(defaultValue: 'false', description: 'package check run', name: 'PACKAGE_CHECK')
  }
  // Configuration for the variables used for this specific repo
  environment {
@@ -59,11 +59,23 @@ pipeline {
      steps{
        echo "Running on node: ${NODE_NAME}"
        sh '''#! /bin/bash
-              containers=$(docker ps -aq)
+              echo "Pruning builder"
+              docker builder prune -f --builder container || :
+              containers=$(docker ps -q)
              if [[ -n "${containers}" ]]; then
-                docker stop ${containers}
+                BUILDX_CONTAINER_ID=$(docker ps -qf 'name=buildx_buildkit')
+                for container in ${containers}; do
+                  if [[ "${container}" == "${BUILDX_CONTAINER_ID}" ]]; then
+                    echo "skipping buildx container in docker stop"
+                  else
+                    echo "Stopping container ${container}"
+                    docker stop ${container}
+                  fi
+                done
              fi
-              docker system prune -af --volumes || : '''
+              docker system prune -f --volumes || :
+              docker image prune -af || :
+           '''
        script{
          env.EXIT_STATUS = ''
          env.LS_RELEASE = sh(
@@ -85,7 +97,11 @@ pipeline {
          env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DOCKERHUB_IMAGE + '/tags/'
          env.PULL_REQUEST = env.CHANGE_ID
          env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE .editorconfig ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.yml ./.github/ISSUE_TEMPLATE/issue.feature.yml ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/call_issue_pr_tracker.yml ./.github/workflows/call_issues_cron.yml ./.github/workflows/permissions.yml ./.github/workflows/external_trigger.yml'
+          if ( env.SYFT_IMAGE_TAG == null ) {
+            env.SYFT_IMAGE_TAG = 'latest'
+          }
        }
+        echo "Using syft image tag ${SYFT_IMAGE_TAG}"
        sh '''#! /bin/bash
              echo "The default github branch detected as ${GH_DEFAULT_BRANCH}" '''
        script{
@@ -201,6 +217,8 @@ pipeline {
          env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
          env.META_TAG = 'development-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
          env.EXT_RELEASE_TAG = 'development-version-' + env.EXT_RELEASE_CLEAN
+          env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache'
+          env.CITEST_IMAGETAG = 'latest'
        }
      }
    }
@@ -225,6 +243,8 @@ pipeline {
          env.META_TAG = 'development-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
          env.EXT_RELEASE_TAG = 'development-version-' + env.EXT_RELEASE_CLEAN
          env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DEV_DOCKERHUB_IMAGE + '/tags/'
+          env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache'
+          env.CITEST_IMAGETAG = 'develop'
        }
      }
    }
@@ -249,6 +269,8 @@ pipeline {
          env.EXT_RELEASE_TAG = 'development-version-' + env.EXT_RELEASE_CLEAN
          env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/pull/' + env.PULL_REQUEST
          env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.PR_DOCKERHUB_IMAGE + '/tags/'
+          env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache'
+          env.CITEST_IMAGETAG = 'develop'
        }
      }
    }
@@ -271,7 +293,7 @@ pipeline {
                  -v ${WORKSPACE}:/mnt \
                  -e AWS_ACCESS_KEY_ID=\"${S3_KEY}\" \
                  -e AWS_SECRET_ACCESS_KEY=\"${S3_SECRET}\" \
-                  ghcr.io/linuxserver/baseimage-alpine:3.20 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
+                  ghcr.io/linuxserver/baseimage-alpine:3.23 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
                    apk add --no-cache python3 && \
                    python3 -m venv /lsiopy && \
                    pip install --no-cache-dir -U pip && \
@@ -345,6 +367,35 @@ pipeline {
              else
                echo "No templates to delete"
              fi
+              echo "Starting Stage 2.5 - Update init diagram"
+              if ! grep -q 'init_diagram:' readme-vars.yml; then
+                echo "Adding the key 'init_diagram' to readme-vars.yml"
+                sed -i '\\|^#.*changelog.*$|d' readme-vars.yml
+                sed -i 's|^changelogs:|# init diagram\\ninit_diagram:\\n\\n# changelog\\nchangelogs:|' readme-vars.yml
+              fi
+              mkdir -p ${TEMPDIR}/d2
+              docker run --rm -v ${TEMPDIR}/d2:/output -e PUID=$(id -u) -e PGID=$(id -g) -e RAW="true" ghcr.io/linuxserver/d2-builder:latest ${CONTAINER_NAME}:development
+              ls -al ${TEMPDIR}/d2
+              yq -ei ".init_diagram |= load_str(\\"${TEMPDIR}/d2/${CONTAINER_NAME}-development.d2\\")" readme-vars.yml
+              if [[ $(md5sum readme-vars.yml | cut -c1-8) != $(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/readme-vars.yml | cut -c1-8) ]]; then
+                echo "'init_diagram' has been updated. Updating repo and exiting build, new one will trigger based on commit."
+                mkdir -p ${TEMPDIR}/repo
+                git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO}
+                cd ${TEMPDIR}/repo/${LS_REPO}
+                git checkout -f development
+                cp ${WORKSPACE}/readme-vars.yml ${TEMPDIR}/repo/${LS_REPO}/readme-vars.yml
+                git add readme-vars.yml
+                git commit -m 'Bot Updating Templated Files'
+                git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git development
+                git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git development
+                echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
+                echo "Updating templates and exiting build, new one will trigger based on commit"
+                rm -Rf ${TEMPDIR}
+                exit 0
+              else
+                echo "false" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
+                echo "Init diagram is unchanged"
+              fi
              echo "Starting Stage 3 - Update templates"
              CURRENTHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8)
              cd ${TEMPDIR}/docker-${CONTAINER_NAME}
@@ -553,8 +604,45 @@ pipeline {
          --label \"org.opencontainers.image.title=Heimdall\" \
          --label \"org.opencontainers.image.description=[Heimdall](https://heimdall.site) is a way to organise all those links to your most used web sites and web applications in a simple way.    Simplicity is the key to Heimdall.    Why not use it as your browser start page? It even has the ability to include a search bar using either Google, Bing or DuckDuckGo.  \" \
          --no-cache --pull -t ${IMAGE}:${META_TAG} --platform=linux/amd64 \
-          --provenance=false --sbom=false \
+          --provenance=true --sbom=true --builder=container --load \
          --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
+        sh '''#! /bin/bash
+              set -e
+              IFS=',' read -ra CACHE <<< "$BUILDCACHE"
+              for i in "${CACHE[@]}"; do
+                docker tag ${IMAGE}:${META_TAG} ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER}
+              done
+           '''
+        withCredentials([
+          [
+            $class: 'UsernamePasswordMultiBinding',
+            credentialsId: 'Quay.io-Robot',
+            usernameVariable: 'QUAYUSER',
+            passwordVariable: 'QUAYPASS'
+          ]
+        ]) {
+          retry_backoff(5,5) {
+              sh '''#! /bin/bash
+                    set -e
+                    echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin
+                    echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
+                    echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
+                    echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
+
+                    if [[ "${PACKAGE_CHECK}" != "true" ]]; then
+                      declare -A pids
+                      IFS=',' read -ra CACHE <<< "$BUILDCACHE"
+                      for i in "${CACHE[@]}"; do
+                        docker push ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} &
+                        pids[$!]="$i"
+                      done
+                      for p in "${!pids[@]}"; do
+                        wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; }
+                      done
+                    fi
+                '''
+          }
+        }
      }
    }
    // Build MultiArch Docker containers for push to LS Repo
@@ -585,8 +673,45 @@ pipeline {
              --label \"org.opencontainers.image.title=Heimdall\" \
              --label \"org.opencontainers.image.description=[Heimdall](https://heimdall.site) is a way to organise all those links to your most used web sites and web applications in a simple way.    Simplicity is the key to Heimdall.    Why not use it as your browser start page? It even has the ability to include a search bar using either Google, Bing or DuckDuckGo.  \" \
              --no-cache --pull -t ${IMAGE}:amd64-${META_TAG} --platform=linux/amd64 \
-              --provenance=false --sbom=false \
+              --provenance=true --sbom=true --builder=container --load \
              --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
+            sh '''#! /bin/bash
+                  set -e
+                  IFS=',' read -ra CACHE <<< "$BUILDCACHE"
+                  for i in "${CACHE[@]}"; do
+                    docker tag ${IMAGE}:amd64-${META_TAG} ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER}
+                  done
+               '''
+            withCredentials([
+              [
+                $class: 'UsernamePasswordMultiBinding',
+                credentialsId: 'Quay.io-Robot',
+                usernameVariable: 'QUAYUSER',
+                passwordVariable: 'QUAYPASS'
+              ]
+            ]) {
+              retry_backoff(5,5) {
+                  sh '''#! /bin/bash
+                        set -e
+                        echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin
+                        echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
+                        echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
+                        echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
+
+                        if [[ "${PACKAGE_CHECK}" != "true" ]]; then
+                          declare -A pids
+                          IFS=',' read -ra CACHE <<< "$BUILDCACHE"
+                          for i in "${CACHE[@]}"; do
+                            docker push ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} &
+                            pids[$!]="$i"
+                          done
+                          for p in "${!pids[@]}"; do
+                            wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; }
+                          done
+                        fi
+                    '''
+              }
+            }
          }
        }
        stage('Build ARM64') {
@@ -595,10 +720,6 @@ pipeline {
          }
          steps {
            echo "Running on node: ${NODE_NAME}"
-            echo 'Logging into Github'
-            sh '''#! /bin/bash
-                  echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
-               '''
            sh "sed -r -i 's|(^FROM .*)|\\1\\n\\nENV LSIO_FIRST_PARTY=true|g' Dockerfile.aarch64"
            sh "docker buildx build \
              --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \
@@ -614,18 +735,52 @@ pipeline {
              --label \"org.opencontainers.image.title=Heimdall\" \
              --label \"org.opencontainers.image.description=[Heimdall](https://heimdall.site) is a way to organise all those links to your most used web sites and web applications in a simple way.    Simplicity is the key to Heimdall.    Why not use it as your browser start page? It even has the ability to include a search bar using either Google, Bing or DuckDuckGo.  \" \
              --no-cache --pull -f Dockerfile.aarch64 -t ${IMAGE}:arm64v8-${META_TAG} --platform=linux/arm64 \
-              --provenance=false --sbom=false \
+              --provenance=true --sbom=true --builder=container --load \
              --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
-            sh "docker tag ${IMAGE}:arm64v8-${META_TAG} ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}"
-            retry_backoff(5,5) {
-              sh "docker push ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}"
+            sh '''#! /bin/bash
+                  set -e
+                  IFS=',' read -ra CACHE <<< "$BUILDCACHE"
+                  for i in "${CACHE[@]}"; do
+                    docker tag ${IMAGE}:arm64v8-${META_TAG} ${i}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
+                  done
+               '''
+            withCredentials([
+              [
+                $class: 'UsernamePasswordMultiBinding',
+                credentialsId: 'Quay.io-Robot',
+                usernameVariable: 'QUAYUSER',
+                passwordVariable: 'QUAYPASS'
+              ]
+            ]) {
+              retry_backoff(5,5) {
+                  sh '''#! /bin/bash
+                        set -e
+                        echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin
+                        echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
+                        echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
+                        echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
+                        if [[ "${PACKAGE_CHECK}" != "true" ]]; then
+                          declare -A pids
+                          IFS=',' read -ra CACHE <<< "$BUILDCACHE"
+                          for i in "${CACHE[@]}"; do
+                            docker push ${i}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} &
+                            pids[$!]="$i"
+                          done
+                          for p in "${!pids[@]}"; do
+                            wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; }
+                          done
+                        fi
+                    '''
+              }
            }
            sh '''#! /bin/bash
                  containers=$(docker ps -aq)
                  if [[ -n "${containers}" ]]; then
                    docker stop ${containers}
                  fi
-                  docker system prune -af --volumes || : '''
+                  docker system prune -f --volumes || :
+                  docker image prune -af || :
+               '''
          }
        }
      }
@@ -650,7 +805,7 @@ pipeline {
              docker run --rm \
                -v /var/run/docker.sock:/var/run/docker.sock:ro \
                -v ${TEMPDIR}:/tmp \
-                ghcr.io/anchore/syft:latest \
+                ghcr.io/anchore/syft:${SYFT_IMAGE_TAG} \
                ${LOCAL_CONTAINER} -o table=/tmp/package_versions.txt
              NEW_PACKAGE_TAG=$(md5sum ${TEMPDIR}/package_versions.txt | cut -c1-8 )
              echo "Package tag sha from current packages in buit container is ${NEW_PACKAGE_TAG} comparing to old ${PACKAGE_TAG} from github"
@@ -737,7 +892,7 @@ pipeline {
                    CI_DOCKERENV="LSIO_FIRST_PARTY=true"
                  fi
                fi
-                docker pull ghcr.io/linuxserver/ci:latest
+                docker pull ghcr.io/linuxserver/ci:${CITEST_IMAGETAG}
                if [ "${MULTIARCH}" == "true" ]; then
                  docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} --platform=arm64
                  docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
@@ -760,7 +915,10 @@ pipeline {
                -e WEB_AUTH=\"${CI_AUTH}\" \
                -e WEB_PATH=\"${CI_WEBPATH}\" \
                -e NODE_NAME=\"${NODE_NAME}\" \
-                -t ghcr.io/linuxserver/ci:latest \
+                -e SYFT_IMAGE_TAG=\"${CI_SYFT_IMAGE_TAG:-${SYFT_IMAGE_TAG}}\" \
+                -e COMMIT_SHA=\"${COMMIT_SHA}\" \
+                -e BUILD_NUMBER=\"${BUILD_NUMBER}\" \
+                -t ghcr.io/linuxserver/ci:${CITEST_IMAGETAG} \
                python3 test_build.py'''
        }
      }
@@ -775,37 +933,25 @@ pipeline {
        environment name: 'EXIT_STATUS', value: ''
      }
      steps {
-        withCredentials([
-          [
-            $class: 'UsernamePasswordMultiBinding',
-            credentialsId: 'Quay.io-Robot',
-            usernameVariable: 'QUAYUSER',
-            passwordVariable: 'QUAYPASS'
-          ]
-        ]) {
-          retry_backoff(5,5) {
-            sh '''#! /bin/bash
-                  set -e
-                  echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin
-                  echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
-                  echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
-                  echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
-                  for PUSHIMAGE in "${GITHUBIMAGE}" "${GITLABIMAGE}" "${QUAYIMAGE}" "${IMAGE}"; do
-                    docker tag ${IMAGE}:${META_TAG} ${PUSHIMAGE}:${META_TAG}
-                    docker tag ${PUSHIMAGE}:${META_TAG} ${PUSHIMAGE}:development
-                    docker tag ${PUSHIMAGE}:${META_TAG} ${PUSHIMAGE}:${EXT_RELEASE_TAG}
-                    if [ -n "${SEMVER}" ]; then
-                      docker tag ${PUSHIMAGE}:${META_TAG} ${PUSHIMAGE}:${SEMVER}
-                    fi
-                    docker push ${PUSHIMAGE}:development
-                    docker push ${PUSHIMAGE}:${META_TAG}
-                    docker push ${PUSHIMAGE}:${EXT_RELEASE_TAG}
-                    if [ -n "${SEMVER}" ]; then
-                      docker push ${PUSHIMAGE}:${SEMVER}
-                    fi
+        retry_backoff(5,5) {
+          sh '''#! /bin/bash
+                set -e
+                for PUSHIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
+                  [[ ${PUSHIMAGE%%/*} =~ \\. ]] && PUSHIMAGEPLUS="${PUSHIMAGE}" || PUSHIMAGEPLUS="docker.io/${PUSHIMAGE}"
+                  IFS=',' read -ra CACHE <<< "$BUILDCACHE"
+                  for i in "${CACHE[@]}"; do
+                      if [[ "${PUSHIMAGEPLUS}" == "$(cut -d "/" -f1 <<< ${i})"* ]]; then
+                          CACHEIMAGE=${i}
+                      fi
                  done
-               '''
-          }
+                  docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${META_TAG} -t ${PUSHIMAGE}:development -t ${PUSHIMAGE}:${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \
+                    { if [[ "${PUSHIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
+                  if [ -n "${SEMVER}" ]; then
+                    docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \
+                      { if [[ "${PUSHIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
+                  fi
+                done
+              '''
        }
      }
    }
@@ -816,57 +962,41 @@ pipeline {
        environment name: 'EXIT_STATUS', value: ''
      }
      steps {
-        withCredentials([
-          [
-            $class: 'UsernamePasswordMultiBinding',
-            credentialsId: 'Quay.io-Robot',
-            usernameVariable: 'QUAYUSER',
-            passwordVariable: 'QUAYPASS'
-          ]
-        ]) {
-          retry_backoff(5,5) {
-            sh '''#! /bin/bash
-                  set -e
-                  echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin
-                  echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
-                  echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
-                  echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
-                  if [ "${CI}" == "false" ]; then
-                    docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} --platform=arm64
-                    docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
+        retry_backoff(5,5) {
+          sh '''#! /bin/bash
+                set -e
+                for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
+                  [[ ${MANIFESTIMAGE%%/*} =~ \\. ]] && MANIFESTIMAGEPLUS="${MANIFESTIMAGE}" || MANIFESTIMAGEPLUS="docker.io/${MANIFESTIMAGE}"
+                  IFS=',' read -ra CACHE <<< "$BUILDCACHE"
+                  for i in "${CACHE[@]}"; do
+                      if [[ "${MANIFESTIMAGEPLUS}" == "$(cut -d "/" -f1 <<< ${i})"* ]]; then
+                          CACHEIMAGE=${i}
+                      fi
+                  done
+                  docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${META_TAG} -t ${MANIFESTIMAGE}:amd64-development -t ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \
+                    { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
+                  docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${META_TAG} -t ${MANIFESTIMAGE}:arm64v8-development -t ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || \
+                    { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
+                  if [ -n "${SEMVER}" ]; then
+                    docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \
+                      { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
+                    docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${SEMVER} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || \
+                      { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
                  fi
-                  for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
-                    docker tag ${IMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG}
-                    docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-development
-                    docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG}
-                    docker tag ${IMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
-                    docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-development
-                    docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
-                    if [ -n "${SEMVER}" ]; then
-                      docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${SEMVER}
-                      docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
-                    fi
-                    docker push ${MANIFESTIMAGE}:amd64-${META_TAG}
-                    docker push ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG}
-                    docker push ${MANIFESTIMAGE}:amd64-development
-                    docker push ${MANIFESTIMAGE}:arm64v8-${META_TAG}
-                    docker push ${MANIFESTIMAGE}:arm64v8-development
-                    docker push ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
-                    if [ -n "${SEMVER}" ]; then
-                      docker push ${MANIFESTIMAGE}:amd64-${SEMVER}
-                      docker push ${MANIFESTIMAGE}:arm64v8-${SEMVER}
-                    fi
-                  done
-                  for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
-                    docker buildx imagetools create -t ${MANIFESTIMAGE}:development ${MANIFESTIMAGE}:amd64-development ${MANIFESTIMAGE}:arm64v8-development
-                    docker buildx imagetools create -t ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
-                    docker buildx imagetools create -t ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
-                    if [ -n "${SEMVER}" ]; then
-                      docker buildx imagetools create -t ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
-                    fi
-                  done
-               '''
-          }
+                done
+                for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
+                  docker buildx imagetools create -t ${MANIFESTIMAGE}:development ${MANIFESTIMAGE}:amd64-development ${MANIFESTIMAGE}:arm64v8-development || \
+                    { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
+                  docker buildx imagetools create -t ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} || \
+                    { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
+                  docker buildx imagetools create -t ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} || \
+                    { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
+                  if [ -n "${SEMVER}" ]; then
+                    docker buildx imagetools create -t ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} || \
+                      { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
+                  fi
+                done
+              '''
        }
      }
    }
@@ -881,23 +1011,41 @@ pipeline {
        environment name: 'EXIT_STATUS', value: ''
      }
      steps {
-        echo "Pushing New tag for current commit ${META_TAG}"
-        sh '''curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/git/tags \
-        -d '{"tag":"'${META_TAG}'",\
-             "object": "'${COMMIT_SHA}'",\
-             "message": "Tagging Release '${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}' to development",\
-             "type": "commit",\
-             "tagger": {"name": "LinuxServer-CI","email": "ci@linuxserver.io","date": "'${GITHUB_DATE}'"}}' '''
-        echo "Pushing New release for Tag"
        sh '''#! /bin/bash
-              curl -H "Authorization: token ${GITHUB_TOKEN}" -s https://api.github.com/repos/${EXT_USER}/${EXT_REPO}/commits/${EXT_RELEASE_CLEAN} | jq '.commit.message' | sed 's:^.\\(.*\\).$:\\1:' > releasebody.json
-              echo '{"tag_name":"'${META_TAG}'",\
-                     "target_commitish": "development",\
-                     "name": "'${META_TAG}'",\
-                     "body": "**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**'${EXT_REPO}' Changes:**\\n\\n' > start
-              printf '","draft": false,"prerelease": true}' >> releasebody.json
-              paste -d'\\0' start releasebody.json > releasebody.json.done
-              curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done'''
+              echo "Auto-generating release notes"
+              if [ "$(git tag --points-at HEAD)" != "" ]; then
+                echo "Existing tag points to current commit, suggesting no new LS changes"
+                AUTO_RELEASE_NOTES="No changes"
+              else
+                AUTO_RELEASE_NOTES=$(curl -fsL -H "Authorization: token ${GITHUB_TOKEN}" -H "Accept: application/vnd.github+json" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases/generate-notes  \
+                  -d '{"tag_name":"'${META_TAG}'",\
+                      "target_commitish": "development"}' \
+                  | jq -r '.body' | sed 's|## What.s Changed||')
+              fi
+              echo "Pushing New tag for current commit ${META_TAG}"
+              curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/git/tags \
+                -d '{"tag":"'${META_TAG}'",\
+                  "object": "'${COMMIT_SHA}'",\
+                  "message": "Tagging Release '${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}' to development",\
+                  "type": "commit",\
+                  "tagger": {"name": "LinuxServer-CI","email": "ci@linuxserver.io","date": "'${GITHUB_DATE}'"}}'
+              echo "Pushing New release for Tag"
+              curl -H "Authorization: token ${GITHUB_TOKEN}" -s https://api.github.com/repos/${EXT_USER}/${EXT_REPO}/commits/${EXT_RELEASE_CLEAN} | jq -r '.commit.message' > releasebody.json
+              jq -n \
+                --arg tag_name "$META_TAG" \
+                --arg target_commitish "development" \
+                --arg ci_url "${CI_URL:-N/A}" \
+                --arg ls_notes "$AUTO_RELEASE_NOTES" \
+                --arg remote_notes "$(cat releasebody.json)" \
+                '{
+                  "tag_name": $tag_name,
+                  "target_commitish": $target_commitish,
+                  "name": $tag_name,
+                  "body": ("**CI Report:**\\n\\n" + $ci_url + "\\n\\n**LinuxServer Changes:**\\n\\n" + $ls_notes + "\\n\\n**Remote Changes:**\\n\\n" + $remote_notes),
+                  "draft": false,
+                  "prerelease": true                }' > releasebody.json.done
+              curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done
+        '''
      }
    }
    // Add protection to the release branch
@@ -1072,12 +1220,22 @@ EOF
    }
    cleanup {
      sh '''#! /bin/bash
-            echo "Performing docker system prune!!"
-            containers=$(docker ps -aq)
+            echo "Pruning builder!!"
+            docker builder prune -f --builder container || :
+            containers=$(docker ps -q)
            if [[ -n "${containers}" ]]; then
-              docker stop ${containers}
+              BUILDX_CONTAINER_ID=$(docker ps -qf 'name=buildx_buildkit')
+              for container in ${containers}; do
+                if [[ "${container}" == "${BUILDX_CONTAINER_ID}" ]]; then
+                  echo "skipping buildx container in docker stop"
+                else
+                  echo "Stopping container ${container}"
+                  docker stop ${container}
+                fi
+              done
            fi
-            docker system prune -af --volumes || :
+            docker system prune -f --volumes || :
+            docker image prune -af || :
         '''
      cleanWs()
    }
--- a/0
+++ b/0
--- a/README.md
+++ b/README.md
@@ -3,9 +3,8 @@
 [![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)](https://linuxserver.io)

 [![Blog](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=Blog)](https://blog.linuxserver.io "all the things you can do with our containers including How-To guides, opinions and much more!")
-[![Discord](https://img.shields.io/discord/354974912613449730.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=Discord&logo=discord)](https://discord.gg/YWrKVTn "realtime support / chat with the community and the team.")
+[![Discord](https://img.shields.io/discord/354974912613449730.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=Discord&logo=discord)](https://linuxserver.io/discord "realtime support / chat with the community and the team.")
 [![Discourse](https://img.shields.io/discourse/https/discourse.linuxserver.io/topics.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&logo=discourse)](https://discourse.linuxserver.io "post on our community forum.")
-[![Fleet](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=Fleet)](https://fleet.linuxserver.io "an online web interface which displays all of our maintained images.")
 [![GitHub](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=GitHub&logo=github)](https://github.com/linuxserver "view the source for all of our repositories.")
 [![Open Collective](https://img.shields.io/opencollective/all/linuxserver.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=Supporters&logo=open%20collective)](https://opencollective.com/linuxserver "please consider helping us by either donating or contributing to our budget")

@@ -20,9 +19,8 @@ The [LinuxServer.io](https://linuxserver.io) team brings you another container r
 Find us at:

 * [Blog](https://blog.linuxserver.io) - all the things you can do with our containers including How-To guides, opinions and much more!
-* [Discord](https://discord.gg/YWrKVTn) - realtime support / chat with the community and the team.
+* [Discord](https://linuxserver.io/discord) - realtime support / chat with the community and the team.
 * [Discourse](https://discourse.linuxserver.io) - post on our community forum.
-* [Fleet](https://fleet.linuxserver.io) - an online web interface which displays all of our maintained images.
 * [GitHub](https://github.com/linuxserver) - view the source for all of our repositories.
 * [Open Collective](https://opencollective.com/linuxserver) - please consider helping us by either donating or contributing to our budget

@@ -59,7 +57,6 @@ The architectures supported by this image are:
 | :----: | :----: | ---- |
 | x86-64 | ✅ | amd64-\<version tag\> |
 | arm64 | ✅ | arm64v8-\<version tag\> |
-| armhf | ❌ | |

 ## Version Tags

@@ -82,6 +79,9 @@ This image now supports password protection through htpasswd. Run the following

 To help you get started creating a container from this image you can either use docker-compose or the docker cli.

+>[!NOTE]
+>Unless a parameter is flagged as 'optional', it is *mandatory* and a value must be provided.
+
 ### docker-compose (recommended, [click here for more info](https://docs.linuxserver.io/general/docker-compose))

 ```yaml
@@ -94,6 +94,7 @@ services:
      - PUID=1000
      - PGID=1000
      - TZ=Etc/UTC
+      - ALLOW_INTERNAL_REQUESTS=false #optional
    volumes:
      - /path/to/heimdall/config:/config
    ports:
@@ -110,6 +111,7 @@ docker run -d \
  -e PUID=1000 \
  -e PGID=1000 \
  -e TZ=Etc/UTC \
+  -e ALLOW_INTERNAL_REQUESTS=false `#optional` \
  -p 80:80 \
  -p 443:443 \
  -v /path/to/heimdall/config:/config \
@@ -123,11 +125,12 @@ Containers are configured using parameters passed at runtime (such as those abov

 | Parameter | Function |
 | :----: | --- |
-| `-p 80` | http gui |
-| `-p 443` | https gui |
+| `-p 80:80` | http gui |
+| `-p 443:443` | https gui |
 | `-e PUID=1000` | for UserID - see below for explanation |
 | `-e PGID=1000` | for GroupID - see below for explanation |
 | `-e TZ=Etc/UTC` | specify a timezone to use, see this [list](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List). |
+| `-e ALLOW_INTERNAL_REQUESTS=false` | By default, Heimdall blocks lookup requests to private or reserved IP addresses, if your instance is not exposed to the internet, or is behind some level of authentication, you can set this to `true` to allow requests to private IP addresses. |
 | `-v /config` | Persistent config files |

 ## Environment variables from files (Docker secrets)
@@ -282,16 +285,17 @@ docker build \
  -t lscr.io/linuxserver/heimdall:development .
 ```

-The ARM variants can be built on x86_64 hardware using `multiarch/qemu-user-static`
+The ARM variants can be built on x86_64 hardware and vice versa using `lscr.io/linuxserver/qemu-static`

 ```bash
-docker run --rm --privileged multiarch/qemu-user-static:register --reset
+docker run --rm --privileged lscr.io/linuxserver/qemu-static --reset
 ```

 Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64`.

 ## Versions

+* **17.07.25:** - Rebase to Alpine 3.22, enable PHP environment passthrough.
 * **27.06.24:** - Rebase to Alpine 3.20. Existing users should update their nginx confs to avoid http2 deprecation warnings.
 * **07.03.24:** - Enable the opcache and disable file revalidation.
 * **06.03.24:** - Existing users should update: site-confs/default.conf - Cleanup default site conf.
--- a/package_versions.txt
+++ b/package_versions.txt
@@ -1,251 +1,245 @@
-NAME                                VERSION                TYPE           
-Hidden Input                        1, 0, 0, 0             dotnet          
-alpine-baselayout                   3.6.5-r0               apk             
-alpine-baselayout-data              3.6.5-r0               apk             
-alpine-keys                         2.4-r1                 apk             
-alpine-release                      3.20.3-r0              apk             
-apache2-utils                       2.4.62-r0              apk             
-apk-tools                           2.14.4-r0              apk             
-apr                                 1.7.5-r0               apk             
-apr-util                            1.6.3-r1               apk             
-argon2-libs                         20190702-r5            apk             
-aws/aws-crt-php                     v1.2.4                 php-composer    
-aws/aws-sdk-php                     3.299.1                php-composer    
-barryvdh/laravel-ide-helper         v2.15.1                php-composer    
-barryvdh/reflection-docblock        v2.1.1                 php-composer    
-bash                                5.2.26-r0              apk             
-brick/math                          0.11.0                 php-composer    
-brotli-libs                         1.1.0-r2               apk             
-busybox                             1.36.1-r29             apk             
-busybox-binsh                       1.36.1-r29             apk             
-c-ares                              1.33.1-r0              apk             
-ca-certificates                     20240705-r0            apk             
-ca-certificates-bundle              20240705-r0            apk             
-carbonphp/carbon-doctrine-types     2.1.0                  php-composer    
-catatonit                           0.2.0-r0               apk             
-clue/stream-filter                  v1.7.0                 php-composer    
-composer                            2.8.1                  binary          
-composer/class-map-generator        1.1.0                  php-composer    
-composer/pcre                       3.1.1                  php-composer    
-coreutils                           9.5-r1                 apk             
-coreutils-env                       9.5-r1                 apk             
-coreutils-fmt                       9.5-r1                 apk             
-coreutils-sha512sum                 9.5-r1                 apk             
-curl                                8.9.1-r2               apk             
-dflydev/dot-access-data             v3.0.2                 php-composer    
-doctrine/cache                      2.2.0                  php-composer    
-doctrine/dbal                       3.8.2                  php-composer    
-doctrine/deprecations               1.1.3                  php-composer    
-doctrine/event-manager              2.0.0                  php-composer    
-doctrine/inflector                  2.0.9                  php-composer    
-doctrine/instantiator               2.0.0                  php-composer    
-doctrine/lexer                      3.0.1                  php-composer    
-dragonmantank/cron-expression       v3.3.3                 php-composer    
-egulias/email-validator             4.0.2                  php-composer    
-fakerphp/faker                      v1.23.1                php-composer    
-filp/whoops                         2.15.4                 php-composer    
-findutils                           4.9.0-r5               apk             
-fruitcake/php-cors                  v1.3.0                 php-composer    
-git                                 2.45.2-r0              apk             
-git-init-template                   2.45.2-r0              apk             
-graham-campbell/bounded-cache       v2.2.0                 php-composer    
-graham-campbell/github              v12.4.0                php-composer    
-graham-campbell/manager             v5.1.0                 php-composer    
-graham-campbell/result-type         v1.1.2                 php-composer    
-guzzlehttp/guzzle                   7.8.1                  php-composer    
-guzzlehttp/promises                 2.0.2                  php-composer    
-guzzlehttp/psr7                     2.6.2                  php-composer    
-guzzlehttp/uri-template             v1.0.3                 php-composer    
-hamcrest/hamcrest-php               v2.0.1                 php-composer    
-icu-data-en                         74.2-r0                apk             
-icu-libs                            74.2-r0                apk             
-jq                                  1.7.1-r0               apk             
-knplabs/github-api                  v3.13.0                php-composer    
-laravel/framework                   v10.44.0               php-composer    
-laravel/prompts                     v0.1.15                php-composer    
-laravel/serializable-closure        v1.3.3                 php-composer    
-laravel/tinker                      v2.9.0                 php-composer    
-laravel/ui                          v4.4.0                 php-composer    
-laravelcollective/html              v6.4.1                 php-composer    
-lcobucci/jwt                        5.2.0                  php-composer    
-league/commonmark                   2.4.2                  php-composer    
-league/config                       v1.2.0                 php-composer    
-league/flysystem                    3.24.0                 php-composer    
-league/flysystem-aws-s3-v3          3.24.0                 php-composer    
-league/flysystem-local              3.23.1                 php-composer    
-league/mime-type-detection          1.15.0                 php-composer    
-libacl                              2.3.2-r0               apk             
-libattr                             2.5.2-r0               apk             
-libbsd                              0.12.2-r0              apk             
-libbz2                              1.0.8-r6               apk             
-libcrypto3                          3.3.2-r1               apk             
-libcurl                             8.9.1-r2               apk             
-libedit                             20240517.3.1-r0        apk             
-libexpat                            2.6.3-r0               apk             
-libgcc                              13.2.1_git20240309-r0  apk             
-libidn2                             2.3.7-r0               apk             
-libintl                             0.22.5-r0              apk             
-libmd                               1.1.0-r0               apk             
-libncursesw                         6.4_p20240420-r1       apk             
-libpq                               16.4-r0                apk             
-libproc2                            4.0.4-r0               apk             
-libpsl                              0.21.5-r1              apk             
-libssl3                             3.3.2-r1               apk             
-libstdc++                           13.2.1_git20240309-r0  apk             
-libunistring                        1.2-r0                 apk             
-libuuid                             2.40.1-r1              apk             
-libxml2                             2.12.7-r0              apk             
-libzip                              1.10.1-r0              apk             
-linux-pam                           1.6.0-r0               apk             
-logrotate                           3.21.0-r1              apk             
-mockery/mockery                     1.6.7                  php-composer    
-monolog/monolog                     3.5.0                  php-composer    
-mtdowling/jmespath.php              2.7.0                  php-composer    
-musl                                1.2.5-r0               apk             
-musl-utils                          1.2.5-r0               apk             
-myclabs/deep-copy                   1.11.1                 php-composer    
-nano                                8.0-r0                 apk             
-ncurses-terminfo-base               6.4_p20240420-r1       apk             
-nesbot/carbon                       2.72.3                 php-composer    
-netcat-openbsd                      1.226-r0               apk             
-nette/schema                        v1.3.0                 php-composer    
-nette/utils                         v4.0.4                 php-composer    
-nghttp2-libs                        1.62.1-r0              apk             
-nginx                               1.26.2-r0              apk             
-nikic/php-parser                    v5.0.0                 php-composer    
-nunomaduro/collision                v6.4.0                 php-composer    
-nunomaduro/termwind                 v1.15.1                php-composer    
-oniguruma                           6.9.9-r0               apk             
-openssl                             3.3.2-r1               apk             
-pcre                                8.45-r3                apk             
-pcre2                               10.43-r0               apk             
-phar-io/manifest                    2.0.3                  php-composer    
-phar-io/version                     3.2.1                  php-composer    
-php-http/cache-plugin               1.8.1                  php-composer    
-php-http/client-common              2.7.1                  php-composer    
-php-http/discovery                  1.19.2                 php-composer    
-php-http/httplug                    2.4.0                  php-composer    
-php-http/message                    1.16.0                 php-composer    
-php-http/message-factory            1.1.0                  php-composer    
-php-http/multipart-stream-builder   1.3.0                  php-composer    
-php-http/promise                    1.3.0                  php-composer    
-php83                               8.3.13-r0              apk             
-php83-common                        8.3.13-r0              apk             
-php83-ctype                         8.3.13-r0              apk             
-php83-curl                          8.3.13-r0              apk             
-php83-dom                           8.3.13-r0              apk             
-php83-fileinfo                      8.3.13-r0              apk             
-php83-fpm                           8.3.13-r0              apk             
-php83-iconv                         8.3.13-r0              apk             
-php83-intl                          8.3.13-r0              apk             
-php83-mbstring                      8.3.13-r0              apk             
-php83-mysqlnd                       8.3.13-r0              apk             
-php83-opcache                       8.3.13-r0              apk             
-php83-openssl                       8.3.13-r0              apk             
-php83-pdo                           8.3.13-r0              apk             
-php83-pdo_mysql                     8.3.13-r0              apk             
-php83-pdo_pgsql                     8.3.13-r0              apk             
-php83-pdo_sqlite                    8.3.13-r0              apk             
-php83-phar                          8.3.13-r0              apk             
-php83-session                       8.3.13-r0              apk             
-php83-simplexml                     8.3.13-r0              apk             
-php83-tokenizer                     8.3.13-r0              apk             
-php83-xml                           8.3.13-r0              apk             
-php83-xmlwriter                     8.3.13-r0              apk             
-php83-zip                           8.3.13-r0              apk             
-phpdocumentor/reflection-common     2.2.0                  php-composer    
-phpdocumentor/type-resolver         1.8.0                  php-composer    
-phpoption/phpoption                 1.9.2                  php-composer    
-phpstan/phpdoc-parser               1.25.0                 php-composer    
-phpunit/php-code-coverage           9.2.30                 php-composer    
-phpunit/php-file-iterator           3.0.6                  php-composer    
-phpunit/php-invoker                 3.1.1                  php-composer    
-phpunit/php-text-template           2.0.4                  php-composer    
-phpunit/php-timer                   5.0.3                  php-composer    
-phpunit/phpunit                     9.6.16                 php-composer    
-popt                                1.19-r3                apk             
-procps-ng                           4.0.4-r0               apk             
-psr/cache                           3.0.0                  php-composer    
-psr/clock                           1.0.0                  php-composer    
-psr/container                       2.0.2                  php-composer    
-psr/event-dispatcher                1.0.0                  php-composer    
-psr/http-client                     1.0.3                  php-composer    
-psr/http-factory                    1.0.2                  php-composer    
-psr/http-message                    2.0                    php-composer    
-psr/log                             3.0.0                  php-composer    
-psr/simple-cache                    3.0.0                  php-composer    
-psy/psysh                           v0.12.0                php-composer    
-ralouphie/getallheaders             3.0.3                  php-composer    
-ramsey/collection                   2.0.0                  php-composer    
-ramsey/uuid                         4.7.5                  php-composer    
-readline                            8.2.10-r0              apk             
-scanelf                             1.3.7-r2               apk             
-sebastian/cli-parser                1.0.1                  php-composer    
-sebastian/code-unit                 1.0.8                  php-composer    
-sebastian/code-unit-reverse-lookup  2.0.3                  php-composer    
-sebastian/comparator                4.0.8                  php-composer    
-sebastian/complexity                2.0.3                  php-composer    
-sebastian/diff                      4.0.5                  php-composer    
-sebastian/environment               5.1.5                  php-composer    
-sebastian/exporter                  4.0.5                  php-composer    
-sebastian/global-state              5.0.6                  php-composer    
-sebastian/lines-of-code             1.0.4                  php-composer    
-sebastian/object-enumerator         4.0.4                  php-composer    
-sebastian/object-reflector          2.0.4                  php-composer    
-sebastian/recursion-context         4.0.5                  php-composer    
-sebastian/resource-operations       3.0.3                  php-composer    
-sebastian/type                      3.2.1                  php-composer    
-sebastian/version                   3.0.2                  php-composer    
-shadow                              4.15.1-r0              apk             
-skalibs                             2.14.1.1-r0            apk             
-spatie/backtrace                    1.5.3                  php-composer    
-spatie/flare-client-php             1.4.4                  php-composer    
-spatie/ignition                     1.12.0                 php-composer    
-spatie/laravel-ignition             2.4.2                  php-composer    
-sqlite-libs                         3.45.3-r1              apk             
-squizlabs/php_codesniffer           3.9.0                  php-composer    
-ssl_client                          1.36.1-r29             apk             
-symfony/cache                       v6.4.3                 php-composer    
-symfony/cache-contracts             v3.4.0                 php-composer    
-symfony/console                     v6.4.3                 php-composer    
-symfony/css-selector                v7.0.3                 php-composer    
-symfony/deprecation-contracts       v3.4.0                 php-composer    
-symfony/error-handler               v6.4.3                 php-composer    
-symfony/event-dispatcher            v7.0.3                 php-composer    
-symfony/event-dispatcher-contracts  v3.4.0                 php-composer    
-symfony/finder                      v6.4.0                 php-composer    
-symfony/http-foundation             v6.4.3                 php-composer    
-symfony/http-kernel                 v6.4.3                 php-composer    
-symfony/mailer                      v6.4.3                 php-composer    
-symfony/mime                        v6.4.3                 php-composer    
-symfony/options-resolver            v7.0.0                 php-composer    
-symfony/polyfill-ctype              v1.29.0                php-composer    
-symfony/polyfill-intl-grapheme      v1.29.0                php-composer    
-symfony/polyfill-intl-idn           v1.29.0                php-composer    
-symfony/polyfill-intl-normalizer    v1.29.0                php-composer    
-symfony/polyfill-mbstring           v1.29.0                php-composer    
-symfony/polyfill-php72              v1.29.0                php-composer    
-symfony/polyfill-php80              v1.29.0                php-composer    
-symfony/polyfill-php83              v1.29.0                php-composer    
-symfony/polyfill-uuid               v1.29.0                php-composer    
-symfony/process                     v6.4.3                 php-composer    
-symfony/routing                     v6.4.3                 php-composer    
-symfony/service-contracts           v3.4.1                 php-composer    
-symfony/string                      v7.0.3                 php-composer    
-symfony/thanks                      v1.2.10                php-composer    
-symfony/translation                 v6.4.3                 php-composer    
-symfony/translation-contracts       v3.4.1                 php-composer    
-symfony/uid                         v6.4.3                 php-composer    
-symfony/var-dumper                  v6.4.3                 php-composer    
-symfony/var-exporter                v7.0.3                 php-composer    
-symfony/yaml                        v6.4.3                 php-composer    
-theseer/tokenizer                   1.2.2                  php-composer    
-tijsverkoyen/css-to-inline-styles   v2.2.7                 php-composer    
-tzdata                              2024b-r0               apk             
-utmps-libs                          0.1.2.2-r1             apk             
-vlucas/phpdotenv                    v5.6.0                 php-composer    
-voku/portable-ascii                 2.0.1                  php-composer    
-webmozart/assert                    1.11.0                 php-composer    
-xz-libs                             5.6.2-r0               apk             
-zlib                                1.3.1-r1               apk             
-zstd-libs                           1.5.6-r0               apk             
+NAME                                VERSION           TYPE           
+Hidden Input                        1, 0, 0, 0        binary          
+acl-libs                            2.3.2-r1          apk             
+alpine-baselayout                   3.7.0-r0          apk             
+alpine-baselayout-data              3.7.0-r0          apk             
+alpine-keys                         2.5-r0            apk             
+alpine-release                      3.22.3-r0         apk             
+apache2-utils                       2.4.66-r0         apk             
+apk-tools                           2.14.9-r3         apk             
+apr                                 1.7.5-r0          apk             
+apr-util                            1.6.3-r1          apk             
+argon2-libs                         20190702-r5       apk             
+aws/aws-crt-php                     v1.2.7            php-composer    
+aws/aws-sdk-php                     3.349.3           php-composer    
+barryvdh/laravel-ide-helper         v3.5.5            php-composer    
+barryvdh/reflection-docblock        v2.3.1            php-composer    
+bash                                5.2.37-r0         apk             
+brick/math                          0.12.3            php-composer    
+brotli-libs                         1.1.0-r2          apk             
+busybox                             1.37.0-r20        apk             
+busybox-binsh                       1.37.0-r20        apk             
+c-ares                              1.34.6-r0         apk             
+ca-certificates                     20250911-r0       apk             
+ca-certificates-bundle              20250911-r0       apk             
+carbonphp/carbon-doctrine-types     3.2.0             php-composer    
+catatonit                           0.2.1-r0          apk             
+clue/stream-filter                  v1.7.0            php-composer    
+composer                            2.9.5             binary          
+composer/class-map-generator        1.6.1             php-composer    
+composer/pcre                       3.3.2             php-composer    
+coreutils                           9.7-r1            apk             
+coreutils-env                       9.7-r1            apk             
+coreutils-fmt                       9.7-r1            apk             
+coreutils-sha512sum                 9.7-r1            apk             
+curl                                8.14.1-r2         apk             
+dflydev/dot-access-data             v3.0.3            php-composer    
+doctrine/inflector                  2.0.10            php-composer    
+doctrine/lexer                      3.0.1             php-composer    
+dragonmantank/cron-expression       v3.4.0            php-composer    
+egulias/email-validator             4.0.4             php-composer    
+enshrined/svg-sanitize              0.21.0            php-composer    
+fakerphp/faker                      v1.24.1           php-composer    
+filp/whoops                         2.18.3            php-composer    
+findutils                           4.10.0-r0         apk             
+fruitcake/php-cors                  v1.3.0            php-composer    
+git                                 2.49.1-r0         apk             
+git-init-template                   2.49.1-r0         apk             
+graham-campbell/bounded-cache       v3.0.0            php-composer    
+graham-campbell/github              v12.8.0           php-composer    
+graham-campbell/manager             v5.2.0            php-composer    
+graham-campbell/result-type         v1.1.3            php-composer    
+guzzlehttp/guzzle                   7.9.3             php-composer    
+guzzlehttp/promises                 2.2.0             php-composer    
+guzzlehttp/psr7                     2.7.1             php-composer    
+guzzlehttp/uri-template             v1.0.4            php-composer    
+hamcrest/hamcrest-php               v2.1.1            php-composer    
+icu-data-en                         76.1-r1           apk             
+icu-libs                            76.1-r1           apk             
+jq                                  1.8.1-r0          apk             
+knplabs/github-api                  v3.16.0           php-composer    
+laravel/framework                   v11.45.1          php-composer    
+laravel/prompts                     v0.3.6            php-composer    
+laravel/serializable-closure        v2.0.4            php-composer    
+laravel/tinker                      v2.10.1           php-composer    
+laravel/ui                          v4.6.1            php-composer    
+lcobucci/jwt                        5.5.0             php-composer    
+league/commonmark                   2.7.0             php-composer    
+league/config                       v1.2.0            php-composer    
+league/flysystem                    3.30.0            php-composer    
+league/flysystem-aws-s3-v3          3.29.0            php-composer    
+league/flysystem-local              3.30.0            php-composer    
+league/mime-type-detection          1.16.0            php-composer    
+league/uri                          7.5.1             php-composer    
+league/uri-interfaces               7.5.0             php-composer    
+libapk2                             2.14.9-r3         apk             
+libattr                             2.5.2-r2          apk             
+libbsd                              0.12.2-r0         apk             
+libbz2                              1.0.8-r6          apk             
+libcrypto3                          3.5.5-r0          apk             
+libcurl                             8.14.1-r2         apk             
+libedit                             20250104.3.1-r1   apk             
+libexpat                            2.7.4-r0          apk             
+libgcc                              14.2.0-r6         apk             
+libidn2                             2.3.7-r0          apk             
+libintl                             0.24.1-r0         apk             
+libmd                               1.1.0-r0          apk             
+libncursesw                         6.5_p20250503-r0  apk             
+libpq                               17.8-r0           apk             
+libproc2                            4.0.4-r3          apk             
+libpsl                              0.21.5-r3         apk             
+libssl3                             3.5.5-r0          apk             
+libstdc++                           14.2.0-r6         apk             
+libunistring                        1.3-r0            apk             
+libuuid                             2.41-r9           apk             
+libxml2                             2.13.9-r0         apk             
+libzip                              1.11.4-r0         apk             
+linux-pam                           1.7.0-r4          apk             
+logrotate                           3.21.0-r1         apk             
+mockery/mockery                     1.6.12            php-composer    
+monolog/monolog                     3.9.0             php-composer    
+mtdowling/jmespath.php              2.8.0             php-composer    
+musl                                1.2.5-r10         apk             
+musl-utils                          1.2.5-r10         apk             
+myclabs/deep-copy                   1.13.3            php-composer    
+nano                                8.4-r0            apk             
+ncurses-terminfo-base               6.5_p20250503-r0  apk             
+nesbot/carbon                       3.10.1            php-composer    
+netcat-openbsd                      1.229.1-r0        apk             
+nette/schema                        v1.3.2            php-composer    
+nette/utils                         v4.0.7            php-composer    
+nghttp2-libs                        1.65.0-r0         apk             
+nginx                               1.28.2-r0         apk             
+nikic/php-parser                    v5.5.0            php-composer    
+nunomaduro/collision                v8.5.0            php-composer    
+nunomaduro/termwind                 v2.3.1            php-composer    
+oniguruma                           6.9.10-r0         apk             
+openssl                             3.5.5-r0          apk             
+pcre2                               10.46-r0          apk             
+phar-io/manifest                    2.0.4             php-composer    
+phar-io/version                     3.2.1             php-composer    
+php-http/cache-plugin               2.0.1             php-composer    
+php-http/client-common              2.7.2             php-composer    
+php-http/discovery                  1.20.0            php-composer    
+php-http/httplug                    2.4.1             php-composer    
+php-http/message                    1.16.2            php-composer    
+php-http/multipart-stream-builder   1.4.2             php-composer    
+php-http/promise                    1.3.1             php-composer    
+php84                               8.4.16-r0         apk             
+php84-common                        8.4.16-r0         apk             
+php84-ctype                         8.4.16-r0         apk             
+php84-curl                          8.4.16-r0         apk             
+php84-dom                           8.4.16-r0         apk             
+php84-fileinfo                      8.4.16-r0         apk             
+php84-fpm                           8.4.16-r0         apk             
+php84-iconv                         8.4.16-r0         apk             
+php84-intl                          8.4.16-r0         apk             
+php84-mbstring                      8.4.16-r0         apk             
+php84-mysqlnd                       8.4.16-r0         apk             
+php84-opcache                       8.4.16-r0         apk             
+php84-openssl                       8.4.16-r0         apk             
+php84-pdo                           8.4.16-r0         apk             
+php84-pdo_mysql                     8.4.16-r0         apk             
+php84-pdo_pgsql                     8.4.16-r0         apk             
+php84-pdo_sqlite                    8.4.16-r0         apk             
+php84-phar                          8.4.16-r0         apk             
+php84-session                       8.4.16-r0         apk             
+php84-simplexml                     8.4.16-r0         apk             
+php84-tokenizer                     8.4.16-r0         apk             
+php84-xml                           8.4.16-r0         apk             
+php84-xmlwriter                     8.4.16-r0         apk             
+php84-zip                           8.4.16-r0         apk             
+phpoption/phpoption                 1.9.3             php-composer    
+phpunit/php-code-coverage           10.1.16           php-composer    
+phpunit/php-file-iterator           4.1.0             php-composer    
+phpunit/php-invoker                 4.0.0             php-composer    
+phpunit/php-text-template           3.0.1             php-composer    
+phpunit/php-timer                   6.0.0             php-composer    
+phpunit/phpunit                     10.5.47           php-composer    
+popt                                1.19-r4           apk             
+procps-ng                           4.0.4-r3          apk             
+psr/cache                           3.0.0             php-composer    
+psr/clock                           1.0.0             php-composer    
+psr/container                       2.0.2             php-composer    
+psr/event-dispatcher                1.0.0             php-composer    
+psr/http-client                     1.0.3             php-composer    
+psr/http-factory                    1.1.0             php-composer    
+psr/http-message                    2.0               php-composer    
+psr/log                             3.0.2             php-composer    
+psr/simple-cache                    3.0.0             php-composer    
+psy/psysh                           v0.12.9           php-composer    
+ralouphie/getallheaders             3.0.3             php-composer    
+ramsey/collection                   2.1.1             php-composer    
+ramsey/uuid                         4.9.0             php-composer    
+readline                            8.2.13-r1         apk             
+scanelf                             1.3.8-r1          apk             
+sebastian/cli-parser                2.0.1             php-composer    
+sebastian/code-unit                 2.0.0             php-composer    
+sebastian/code-unit-reverse-lookup  3.0.0             php-composer    
+sebastian/comparator                5.0.3             php-composer    
+sebastian/complexity                3.2.0             php-composer    
+sebastian/diff                      5.1.1             php-composer    
+sebastian/environment               6.1.0             php-composer    
+sebastian/exporter                  5.1.2             php-composer    
+sebastian/global-state              6.0.2             php-composer    
+sebastian/lines-of-code             2.0.2             php-composer    
+sebastian/object-enumerator         5.0.0             php-composer    
+sebastian/object-reflector          3.0.0             php-composer    
+sebastian/recursion-context         5.0.0             php-composer    
+sebastian/type                      4.0.0             php-composer    
+sebastian/version                   4.0.1             php-composer    
+shadow                              4.17.3-r0         apk             
+skalibs-libs                        2.14.4.0-r0       apk             
+spatie/backtrace                    1.7.4             php-composer    
+spatie/error-solutions              1.1.3             php-composer    
+spatie/flare-client-php             1.10.1            php-composer    
+spatie/ignition                     1.15.1            php-composer    
+spatie/laravel-html                 3.12.0            php-composer    
+spatie/laravel-ignition             2.9.1             php-composer    
+sqlite-libs                         3.49.2-r1         apk             
+squizlabs/php_codesniffer           3.13.2            php-composer    
+ssl_client                          1.37.0-r20        apk             
+symfony/cache                       v7.3.1            php-composer    
+symfony/cache-contracts             v3.6.0            php-composer    
+symfony/clock                       v7.3.0            php-composer    
+symfony/console                     v7.3.1            php-composer    
+symfony/css-selector                v7.3.0            php-composer    
+symfony/deprecation-contracts       v3.6.0            php-composer    
+symfony/error-handler               v7.3.1            php-composer    
+symfony/event-dispatcher            v7.3.0            php-composer    
+symfony/event-dispatcher-contracts  v3.6.0            php-composer    
+symfony/finder                      v7.3.0            php-composer    
+symfony/http-foundation             v7.3.1            php-composer    
+symfony/http-kernel                 v7.3.1            php-composer    
+symfony/mailer                      v7.3.1            php-composer    
+symfony/mime                        v7.3.0            php-composer    
+symfony/options-resolver            v7.3.0            php-composer    
+symfony/polyfill-ctype              v1.32.0           php-composer    
+symfony/polyfill-intl-grapheme      v1.32.0           php-composer    
+symfony/polyfill-intl-idn           v1.32.0           php-composer    
+symfony/polyfill-intl-normalizer    v1.32.0           php-composer    
+symfony/polyfill-mbstring           v1.32.0           php-composer    
+symfony/polyfill-php80              v1.32.0           php-composer    
+symfony/polyfill-php83              v1.32.0           php-composer    
+symfony/polyfill-uuid               v1.32.0           php-composer    
+symfony/process                     v7.3.0            php-composer    
+symfony/routing                     v7.3.0            php-composer    
+symfony/service-contracts           v3.6.0            php-composer    
+symfony/string                      v7.3.0            php-composer    
+symfony/thanks                      v1.4.0            php-composer    
+symfony/translation                 v7.3.1            php-composer    
+symfony/translation-contracts       v3.6.0            php-composer    
+symfony/uid                         v7.3.1            php-composer    
+symfony/var-dumper                  v7.3.1            php-composer    
+symfony/var-exporter                v7.3.0            php-composer    
+symfony/yaml                        v7.3.1            php-composer    
+theseer/tokenizer                   1.2.3             php-composer    
+tijsverkoyen/css-to-inline-styles   v2.3.0            php-composer    
+tzdata                              2025c-r0          apk             
+utmps-libs                          0.1.3.1-r0        apk             
+vlucas/phpdotenv                    v5.6.2            php-composer    
+voku/portable-ascii                 2.0.3             php-composer    
+webmozart/assert                    1.11.0            php-composer    
+xz-libs                             5.8.1-r0          apk             
+zlib                                1.3.1-r2          apk             
+zstd-libs                           1.5.7-r0          apk             
--- a/readme-vars.yml
+++ b/readme-vars.yml
@@ -11,29 +11,28 @@ project_blurb: |

  Why not use it as your browser start page? It even has the ability to include a search bar using either Google, Bing or DuckDuckGo.
 project_lsio_github_repo_url: "https://github.com/linuxserver/docker-{{ project_name }}"
-
 # supported architectures
 available_architectures:
-  - { arch: "{{ arch_x86_64 }}", tag: "amd64-latest"}
-  - { arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"}
-
+  - {arch: "{{ arch_x86_64 }}", tag: "amd64-latest"}
+  - {arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"}
 # development version
 development_versions: true
 development_versions_items:
-  - { tag: "latest", desc: "Stable Heimdall releases." }
-  - { tag: "development", desc: "Latest commit from the github 2.x branch." }
-
+  - {tag: "latest", desc: "Stable Heimdall releases."}
+  - {tag: "development", desc: "Latest commit from the github 2.x branch."}
 # container parameters
 common_param_env_vars_enabled: true
 param_container_name: "{{ project_name }}"
 param_usage_include_vols: true
 param_volumes:
-  - { vol_path: "/config", vol_host_path: "/path/to/{{ project_name }}/config", desc: "Persistent config files" }
+  - {vol_path: "/config", vol_host_path: "/path/to/{{ project_name }}/config", desc: "Persistent config files"}
 param_usage_include_ports: true
 param_ports:
-  - { external_port: "80", internal_port: "80", port_desc: "http gui" }
-  - { external_port: "443", internal_port: "443", port_desc: "https gui" }
-
+  - {external_port: "80", internal_port: "80", port_desc: "http gui"}
+  - {external_port: "443", internal_port: "443", port_desc: "https gui"}
+opt_param_usage_include_env: true
+opt_param_env_vars:
+  - {env_var: "ALLOW_INTERNAL_REQUESTS", env_value: "false", desc: "By default, Heimdall blocks lookup requests to private or reserved IP addresses, if your instance is not exposed to the internet, or is behind some level of authentication, you can set this to `true` to allow requests to private IP addresses."}
 # application setup block
 app_setup_block_enabled: true
 app_setup_block: |
@@ -42,34 +41,88 @@ app_setup_block: |
  ### Adding password protection

  This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. Uncomment the `basic auth` lines in `/config/nginx/site-confs/default.conf` and restart the container.
-
+# init diagram
+init_diagram: |
+  "heimdall:development": {
+    docker-mods
+    base {
+      fix-attr +\nlegacy cont-init
+    }
+    docker-mods -> base
+    legacy-services
+    custom services
+    init-services -> legacy-services
+    init-services -> custom services
+    custom services -> legacy-services
+    legacy-services -> ci-service-check
+    init-migrations -> init-adduser
+    init-nginx-end -> init-config
+    init-os-end -> init-config
+    init-config -> init-config-end
+    init-crontab-config -> init-config-end
+    init-heimdall-config -> init-config-end
+    init-config -> init-crontab-config
+    init-mods-end -> init-custom-files
+    init-adduser -> init-device-perms
+    base -> init-envfile
+    init-os-end -> init-folders
+    init-nginx-end -> init-heimdall-config
+    init-php -> init-keygen
+    base -> init-migrations
+    init-config-end -> init-mods
+    init-mods-package-install -> init-mods-end
+    init-mods -> init-mods-package-install
+    init-samples -> init-nginx
+    init-version-checks -> init-nginx-end
+    init-adduser -> init-os-end
+    init-device-perms -> init-os-end
+    init-envfile -> init-os-end
+    init-keygen -> init-permissions
+    init-nginx -> init-php
+    init-folders -> init-samples
+    init-custom-files -> init-services
+    init-permissions -> init-version-checks
+    init-services -> svc-cron
+    svc-cron -> legacy-services
+    init-services -> svc-nginx
+    svc-nginx -> legacy-services
+    init-services -> svc-php-fpm
+    svc-php-fpm -> legacy-services
+    init-services -> svc-queue
+    svc-queue -> legacy-services
+  }
+  Base Images: {
+    "baseimage-alpine-nginx:3.22" <- "baseimage-alpine:3.22"
+  }
+  "heimdall:development" <- Base Images
 # changelog
 changelogs:
-  - { date: "27.06.24:", desc: "Rebase to Alpine 3.20. Existing users should update their nginx confs to avoid http2 deprecation warnings."}
-  - { date: "07.03.24:", desc: "Enable the opcache and disable file revalidation."}
-  - { date: "06.03.24:", desc: "Existing users should update: site-confs/default.conf - Cleanup default site conf." }
-  - { date: "23.12.23:", desc: "Rebase to Alpine 3.19 with php 8.3."}
-  - { date: "25.05.23:", desc: "Rebase to Alpine 3.18, deprecate armhf." }
-  - { date: "13.04.23:", desc: "Move ssl.conf include to default.conf." }
-  - { date: "20.01.23:", desc: "Rebase to alpine 3.17 with php8.1." }
-  - { date: "14.11.22:", desc: "Rebasing to alpine 3.15 with php8. Restructure nginx configs ([see changes announcement](https://info.linuxserver.io/issues/2022-08-20-nginx-base))." }
-  - { date: "04.11.22:", desc: "Build commits to upstream branch 2.x." }
-  - { date: "13.03.21:", desc: "Make searchproviders.yaml user configurable." }
-  - { date: "11.03.21:", desc: "Rebase to alpine 3.14." }
-  - { date: "10.02.21:", desc: "Revert to alpine 3.12 as php 7.4 broke laravel." }
-  - { date: "10.02.21:", desc: "Rebasing to alpine 3.13." }
-  - { date: "01.06.20:", desc: "Rebasing to alpine 3.12." }
-  - { date: "19.12.19:", desc: "Rebasing to alpine 3.11." }
-  - { date: "15.07.19:", desc: "Save laravel.log to /config, install heimdall during first start." }
-  - { date: "28.06.19:", desc: "Rebasing to alpine 3.10." }
-  - { date: "23.03.19:", desc: "Switching to new Base images, shift to arm32v7 tag." }
-  - { date: "22.02.19:", desc: "Rebasing to alpine 3.9." }
-  - { date: "04.11.18:", desc: "Add php7-zip." }
-  - { date: "31.10.18:", desc: "Add queue service." }
-  - { date: "17.10.18:", desc: "Symlink avatars folder." }
-  - { date: "16.10.18:", desc: "Updated fastcgi_params for user login support." }
-  - { date: "07.10.18:", desc: "Symlink `.env` rather than copy. It now resides under `/config/www`" }
-  - { date: "30.09.18:", desc: "Multi-arch image. Move `.env` to `/config`." }
-  - { date: "05.09.18:", desc: "Rebase to alpine linux 3.8." }
-  - { date: "06.03.18:", desc: "Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default.conf and restart the container, a new default site config with htpasswd support will be created in its place" }
-  - { date: "12.02.18:", desc: "Initial Release." }
+  - {date: "17.07.25:", desc: "Rebase to Alpine 3.22, enable PHP environment passthrough."}
+  - {date: "27.06.24:", desc: "Rebase to Alpine 3.20. Existing users should update their nginx confs to avoid http2 deprecation warnings."}
+  - {date: "07.03.24:", desc: "Enable the opcache and disable file revalidation."}
+  - {date: "06.03.24:", desc: "Existing users should update: site-confs/default.conf - Cleanup default site conf."}
+  - {date: "23.12.23:", desc: "Rebase to Alpine 3.19 with php 8.3."}
+  - {date: "25.05.23:", desc: "Rebase to Alpine 3.18, deprecate armhf."}
+  - {date: "13.04.23:", desc: "Move ssl.conf include to default.conf."}
+  - {date: "20.01.23:", desc: "Rebase to alpine 3.17 with php8.1."}
+  - {date: "14.11.22:", desc: "Rebasing to alpine 3.15 with php8. Restructure nginx configs ([see changes announcement](https://info.linuxserver.io/issues/2022-08-20-nginx-base))."}
+  - {date: "04.11.22:", desc: "Build commits to upstream branch 2.x."}
+  - {date: "13.03.21:", desc: "Make searchproviders.yaml user configurable."}
+  - {date: "11.03.21:", desc: "Rebase to alpine 3.14."}
+  - {date: "10.02.21:", desc: "Revert to alpine 3.12 as php 7.4 broke laravel."}
+  - {date: "10.02.21:", desc: "Rebasing to alpine 3.13."}
+  - {date: "01.06.20:", desc: "Rebasing to alpine 3.12."}
+  - {date: "19.12.19:", desc: "Rebasing to alpine 3.11."}
+  - {date: "15.07.19:", desc: "Save laravel.log to /config, install heimdall during first start."}
+  - {date: "28.06.19:", desc: "Rebasing to alpine 3.10."}
+  - {date: "23.03.19:", desc: "Switching to new Base images, shift to arm32v7 tag."}
+  - {date: "22.02.19:", desc: "Rebasing to alpine 3.9."}
+  - {date: "04.11.18:", desc: "Add php7-zip."}
+  - {date: "31.10.18:", desc: "Add queue service."}
+  - {date: "17.10.18:", desc: "Symlink avatars folder."}
+  - {date: "16.10.18:", desc: "Updated fastcgi_params for user login support."}
+  - {date: "07.10.18:", desc: "Symlink `.env` rather than copy. It now resides under `/config/www`"}
+  - {date: "30.09.18:", desc: "Multi-arch image. Move `.env` to `/config`."}
+  - {date: "05.09.18:", desc: "Rebase to alpine linux 3.8."}
+  - {date: "06.03.18:", desc: "Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default.conf and restart the container, a new default site config with htpasswd support will be created in its place"}
+  - {date: "12.02.18:", desc: "Initial Release."}
Author	SHA1	Message	Date
LinuxServer-CI	3d23197670	Bot Updating Package Versions	2026-02-20 19:07:58 +00:00
LinuxServer-CI	39ae72645c	Bot Updating Templated Files	2026-02-13 19:12:15 +00:00
LinuxServer-CI	531a251720	Bot Updating Templated Files	2026-02-13 19:10:06 +00:00
LinuxServer-CI	83c73029f6	Bot Updating Package Versions	2026-02-06 19:09:30 +00:00
LinuxServer-CI	d43ebded70	Bot Updating Package Versions	2026-01-30 19:03:30 +00:00
LinuxServer-CI	5d6fbcd004	Bot Updating Package Versions	2026-01-23 18:54:51 +00:00
LinuxServer-CI	0b9fc0396a	Bot Updating Package Versions	2026-01-02 18:49:15 +00:00
LinuxServer-CI	24b8da221c	Bot Updating Package Versions	2025-12-26 18:46:55 +00:00
LinuxServer-CI	bc944c0b75	Bot Updating Package Versions	2025-12-19 18:47:47 +00:00
LinuxServer-CI	efcb43e748	Bot Updating Package Versions	2025-12-12 18:49:06 +00:00
LinuxServer-CI	99020d7ba6	Bot Updating Package Versions	2025-11-28 18:44:03 +00:00
LinuxServer-CI	d18723b1c3	Bot Updating Package Versions	2025-11-21 18:46:07 +00:00
LinuxServer-CI	d2ea4012ff	Bot Updating Templated Files	2025-11-21 18:41:33 +00:00
LinuxServer-CI	5975a7fc09	Bot Updating Package Versions	2025-11-14 18:45:38 +00:00
LinuxServer-CI	aaebd68d2b	Bot Updating Package Versions	2025-10-24 18:43:30 +00:00
LinuxServer-CI	fede19fabe	Bot Updating Templated Files	2025-10-24 18:40:36 +00:00
LinuxServer-CI	ec06dfbb1f	Bot Updating Package Versions	2025-10-17 18:39:55 +00:00
LinuxServer-CI	27246bd4b0	Bot Updating Package Versions	2025-10-10 18:42:24 +00:00
LinuxServer-CI	90150e342a	Bot Updating Package Versions	2025-10-03 18:41:05 +00:00
LinuxServer-CI	e4241eece8	Bot Updating Package Versions	2025-09-26 18:40:13 +00:00
LinuxServer-CI	41d4456605	Bot Updating Package Versions	2025-09-19 18:41:28 +00:00
LinuxServer-CI	5a10d8f3c0	Bot Updating Package Versions	2025-08-22 18:44:12 +00:00
LinuxServer-CI	dc4e1a3283	Bot Updating Package Versions	2025-08-15 18:47:35 +00:00
LinuxServer-CI	6a0e955c37	Bot Updating Package Versions	2025-08-08 18:48:00 +00:00
LinuxServer-CI	a57c4aacc8	Bot Updating Package Versions	2025-08-01 18:49:44 +00:00
LinuxServer-CI	ffdf07fb6c	Bot Updating Package Versions	2025-07-25 18:48:45 +00:00
LinuxServer-CI	6b66c8ad06	Bot Updating Package Versions	2025-07-21 09:55:35 +00:00
LinuxServer-CI	bf48a950f4	Bot Updating Package Versions	2025-07-20 15:08:52 +00:00
LinuxServer-CI	33b32112ce	Bot Updating Templated Files	2025-07-20 15:05:38 +00:00
LinuxServer-CI	bfe892c486	Bot Updating Templated Files	2025-07-20 15:03:47 +00:00
Adam	9e9e2d66e3	Merge pull request #159 from linuxserver/development-3.22	2025-07-20 16:01:50 +01:00
thespad	7ede2d01f9	Wording	2025-07-20 15:54:07 +01:00
LinuxServer-CI	ec8c19d4d0	Bot Updating Package Versions	2025-07-18 18:47:48 +00:00
thespad	8abdf117bb	Rebase to 3.22	2025-07-17 16:23:54 +01:00
LinuxServer-CI	b8a13c24fd	Bot Updating Package Versions	2025-07-13 16:58:31 +00:00
LinuxServer-CI	e1b7ff630a	Bot Updating Package Versions	2025-07-11 15:52:53 +00:00
LinuxServer-CI	85b5c2b49c	Bot Updating Package Versions	2025-07-10 18:58:05 +00:00
LinuxServer-CI	e98fb76b5e	Bot Updating Templated Files	2025-07-04 18:45:29 +00:00
LinuxServer-CI	e14be89a3d	Bot Updating Templated Files	2025-07-04 18:43:21 +00:00
LinuxServer-CI	ad5b8d1055	Bot Updating Templated Files	2025-06-13 18:44:13 +00:00
LinuxServer-CI	634e06c925	Bot Updating Package Versions	2025-05-23 18:45:00 +00:00
LinuxServer-CI	e94c72db59	Bot Updating Package Versions	2025-05-16 18:45:30 +00:00
LinuxServer-CI	dc94aaeb18	Bot Updating Templated Files	2025-05-16 18:42:30 +00:00
LinuxServer-CI	91094b3d8a	Bot Updating Package Versions	2025-04-18 18:38:57 +00:00
LinuxServer-CI	3b56747736	Bot Updating Package Versions	2025-04-11 18:41:02 +00:00
LinuxServer-CI	9d0cd0cccb	Bot Updating Package Versions	2025-04-04 18:39:41 +00:00
LinuxServer-CI	dba06dc313	Bot Updating Package Versions	2025-03-21 18:41:19 +00:00
LinuxServer-CI	f871f9cffb	Bot Updating Package Versions	2025-03-14 18:38:52 +00:00
LinuxServer-CI	cc172f5532	Bot Updating Package Versions	2025-02-28 18:38:15 +00:00
LinuxServer-CI	f2ab9d7bd4	Bot Updating Package Versions	2025-02-21 18:36:57 +00:00
LinuxServer-CI	0f518fb2ff	Bot Updating Package Versions	2025-02-14 18:40:21 +00:00
LinuxServer-CI	238962b372	Bot Updating Templated Files	2025-02-14 18:36:01 +00:00
LinuxServer-CI	6e6011ca83	Bot Updating Templated Files	2025-01-31 18:41:25 +00:00
LinuxServer-CI	780c98979a	Bot Updating Templated Files	2025-01-31 18:36:18 +00:00
LinuxServer-CI	a0f68066c2	Bot Updating Package Versions	2025-01-24 18:36:45 +00:00
LinuxServer-CI	dfabf2eede	Bot Updating Package Versions	2025-01-17 18:37:47 +00:00
LinuxServer-CI	9c28a7f738	Bot Updating Package Versions	2025-01-10 18:37:25 +00:00
LinuxServer-CI	04488583cd	Bot Updating Package Versions	2024-12-27 18:36:45 +00:00
LinuxServer-CI	2c05453937	Bot Updating Package Versions	2024-12-20 18:41:55 +00:00
LinuxServer-CI	1cc3130021	Bot Updating Templated Files	2024-12-20 18:38:56 +00:00
LinuxServer-CI	29b552ead4	Bot Updating Templated Files	2024-12-20 18:36:10 +00:00
LinuxServer-CI	ce8dfe9941	Bot Updating Package Versions	2024-12-13 18:43:27 +00:00
LinuxServer-CI	f0936015bc	Bot Updating Templated Files	2024-12-06 18:45:32 +00:00
LinuxServer-CI	4861eda2d3	Bot Updating Templated Files	2024-12-06 18:42:29 +00:00
LinuxServer-CI	a509328395	Bot Updating Templated Files	2024-12-06 18:40:20 +00:00
LinuxServer-CI	da90a88ddb	Bot Updating Package Versions	2024-11-29 18:38:07 +00:00
LinuxServer-CI	f380906965	Bot Updating Package Versions	2024-11-22 18:38:28 +00:00
LinuxServer-CI	bf8cad83a2	Bot Updating Templated Files	2024-11-15 18:39:05 +00:00
LinuxServer-CI	a8bf32ca02	Bot Updating Templated Files	2024-11-15 18:37:34 +00:00