Bot Updating Package Versions

2026-03-03 00:43:34 +09:00 · 2024-08-17 03:20:39 +00:00 · 2024-08-15 04:22:26 +00:00 · 2024-08-10 03:27:12 +00:00 · 2024-08-07 08:30:01 -04:00 · 2024-08-07 12:08:32 +00:00
11 changed files with 298 additions and 321 deletions
--- a/.github/workflows/permissions.yml
+++ b/.github/workflows/permissions.yml
@@ -5,6 +5,8 @@ on:
      - '**/run'
      - '**/finish'
      - '**/check'
+      - 'root/migrations/*'
+
 jobs:
  permission_check:
    uses: linuxserver/github-workflows/.github/workflows/init-svc-executable-permissions.yml@v1
--- a/10
+++ b/10
@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:1

-FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.19
+FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.20

 # set version label
 ARG BUILD_DATE
@@ -27,6 +27,7 @@ RUN \
  apk add --no-cache \
    fail2ban \
    gnupg \
+    iptables-legacy \
    memcached \
    nginx-mod-http-brotli \
    nginx-mod-http-dav-ext \
@@ -64,6 +65,7 @@ RUN \
    php83-pdo_sqlite \
    php83-pear \
    php83-pecl-apcu \
+    php83-pecl-mcrypt \
    php83-pecl-memcached \
    php83-pecl-redis \
    php83-pgsql \
@@ -76,8 +78,6 @@ RUN \
    php83-xmlreader \
    php83-xsl \
    whois && \
-  apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community \
-    php83-pecl-mcrypt && \
  echo "**** install certbot plugins ****" && \
  if [ -z ${CERTBOT_VERSION+x} ]; then \
    CERTBOT_VERSION=$(curl -sL  https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
@@ -86,7 +86,7 @@ RUN \
  pip install -U --no-cache-dir \
    pip \
    wheel && \
-  pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.19/ \
+  pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.20/ \
    certbot==${CERTBOT_VERSION} \
    certbot-dns-acmedns \
    certbot-dns-aliyun \
@@ -110,7 +110,6 @@ RUN \
    certbot-dns-glesys \
    certbot-dns-godaddy \
    certbot-dns-google \
-    certbot-dns-google-domains \
    certbot-dns-he \
    certbot-dns-hetzner \
    certbot-dns-infomaniak \
@@ -170,6 +169,7 @@ RUN \
  tar xf \
    /tmp/proxy-confs.tar.gz -C \
    /defaults/nginx/proxy-confs --strip-components=1 --exclude=linux*/.editorconfig --exclude=linux*/.gitattributes --exclude=linux*/.github --exclude=linux*/.gitignore --exclude=linux*/LICENSE && \
+  printf "Linuxserver.io version: ${VERSION}\nBuild-date: ${BUILD_DATE}" > /build_version && \
  echo "**** cleanup ****" && \
  apk del --purge \
    build-dependencies && \
--- a/Dockerfile.aarch64
+++ b/Dockerfile.aarch64
@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:1

-FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.19
+FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.20

 # set version label
 ARG BUILD_DATE
@@ -27,6 +27,7 @@ RUN \
  apk add --no-cache \
    fail2ban \
    gnupg \
+    iptables-legacy \
    memcached \
    nginx-mod-http-brotli \
    nginx-mod-http-dav-ext \
@@ -64,6 +65,7 @@ RUN \
    php83-pdo_sqlite \
    php83-pear \
    php83-pecl-apcu \
+    php83-pecl-mcrypt \
    php83-pecl-memcached \
    php83-pecl-redis \
    php83-pgsql \
@@ -76,8 +78,6 @@ RUN \
    php83-xmlreader \
    php83-xsl \
    whois && \
-  apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community \
-    php83-pecl-mcrypt && \
  echo "**** install certbot plugins ****" && \
  if [ -z ${CERTBOT_VERSION+x} ]; then \
    CERTBOT_VERSION=$(curl -sL  https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
@@ -86,7 +86,7 @@ RUN \
  pip install -U --no-cache-dir \
    pip \
    wheel && \
-  pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.19/ \
+  pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.20/ \
    certbot==${CERTBOT_VERSION} \
    certbot-dns-acmedns \
    certbot-dns-aliyun \
@@ -110,7 +110,6 @@ RUN \
    certbot-dns-glesys \
    certbot-dns-godaddy \
    certbot-dns-google \
-    certbot-dns-google-domains \
    certbot-dns-he \
    certbot-dns-hetzner \
    certbot-dns-infomaniak \
@@ -170,6 +169,7 @@ RUN \
  tar xf \
    /tmp/proxy-confs.tar.gz -C \
    /defaults/nginx/proxy-confs --strip-components=1 --exclude=linux*/.editorconfig --exclude=linux*/.gitattributes --exclude=linux*/.github --exclude=linux*/.gitignore --exclude=linux*/LICENSE && \
+  printf "Linuxserver.io version: ${VERSION}\nBuild-date: ${BUILD_DATE}" > /build_version && \
  echo "**** cleanup ****" && \
  apk del --purge \
    build-dependencies && \
--- a/53
+++ b/53
@@ -245,7 +245,7 @@ pipeline {
                  -v ${WORKSPACE}:/mnt \
                  -e AWS_ACCESS_KEY_ID=\"${S3_KEY}\" \
                  -e AWS_SECRET_ACCESS_KEY=\"${S3_SECRET}\" \
-                  ghcr.io/linuxserver/baseimage-alpine:3.19 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
+                  ghcr.io/linuxserver/baseimage-alpine:3.20 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
                    apk add --no-cache python3 && \
                    python3 -m venv /lsiopy && \
                    pip install --no-cache-dir -U pip && \
@@ -295,7 +295,7 @@ pipeline {
                echo "Jenkinsfile is up to date."
              fi
              echo "Starting Stage 2 - Delete old templates"
-              OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml Dockerfile.armhf"
+              OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml"
              for i in ${OLD_TEMPLATES}; do
                if [[ -f "${i}" ]]; then
                  TEMPLATES_TO_DELETE="${i} ${TEMPLATES_TO_DELETE}"
@@ -352,7 +352,7 @@ pipeline {
              fi
              echo "Starting Stage 4 - External repo updates: Docs, Unraid Template and Readme Sync to Docker Hub"
              mkdir -p ${TEMPDIR}/docs
-              git clone https://github.com/linuxserver/docker-documentation.git ${TEMPDIR}/docs/docker-documentation
+              git clone --depth=1 https://github.com/linuxserver/docker-documentation.git ${TEMPDIR}/docs/docker-documentation
              if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}"  ]] && [[ (! -f ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md) || ("$(md5sum ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')") ]]; then
                cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md ${TEMPDIR}/docs/docker-documentation/docs/images/
                cd ${TEMPDIR}/docs/docker-documentation
@@ -370,8 +370,8 @@ pipeline {
                echo "Docs update not needed, skipping"
              fi
              mkdir -p ${TEMPDIR}/unraid
-              git clone https://github.com/linuxserver/docker-templates.git ${TEMPDIR}/unraid/docker-templates
-              git clone https://github.com/linuxserver/templates.git ${TEMPDIR}/unraid/templates
+              git clone --depth=1 https://github.com/linuxserver/docker-templates.git ${TEMPDIR}/unraid/docker-templates
+              git clone --depth=1 https://github.com/linuxserver/templates.git ${TEMPDIR}/unraid/templates
              if [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-logo.png ]]; then
                sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-logo.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml
              elif [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-icon.png ]]; then
@@ -525,6 +525,7 @@ pipeline {
          --label \"org.opencontainers.image.title=Swag\" \
          --label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
          --no-cache --pull -t ${IMAGE}:${META_TAG} --platform=linux/amd64 \
+          --provenance=false --sbom=false \
          --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
      }
    }
@@ -556,6 +557,7 @@ pipeline {
              --label \"org.opencontainers.image.title=Swag\" \
              --label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
              --no-cache --pull -t ${IMAGE}:amd64-${META_TAG} --platform=linux/amd64 \
+              --provenance=false --sbom=false \
              --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
          }
        }
@@ -584,6 +586,7 @@ pipeline {
              --label \"org.opencontainers.image.title=Swag\" \
              --label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
              --no-cache --pull -f Dockerfile.aarch64 -t ${IMAGE}:arm64v8-${META_TAG} --platform=linux/arm64 \
+              --provenance=false --sbom=false \
              --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
            sh "docker tag ${IMAGE}:arm64v8-${META_TAG} ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}"
            retry(5) {
@@ -700,14 +703,14 @@ pipeline {
                set -e
                docker pull ghcr.io/linuxserver/ci:latest
                if [ "${MULTIARCH}" == "true" ]; then
-                  docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
+                  docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} --platform=arm64
                  docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
                fi
                docker run --rm \
                --shm-size=1gb \
                -v /var/run/docker.sock:/var/run/docker.sock \
                -e IMAGE=\"${IMAGE}\" \
-                -e DELAY_START=\"${CI_DELAY}\" \
+                -e DOCKER_LOGS_TIMEOUT=\"${CI_DELAY}\" \
                -e TAGS=\"${CI_TAGS}\" \
                -e META_TAG=\"${META_TAG}\" \
                -e PORT=\"${CI_PORT}\" \
@@ -791,7 +794,7 @@ pipeline {
                  echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
                  echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
                  if [ "${CI}" == "false" ]; then
-                    docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
+                    docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} --platform=arm64
                    docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
                  fi
                  for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
@@ -815,35 +818,13 @@ pipeline {
                      docker push ${MANIFESTIMAGE}:amd64-${SEMVER}
                      docker push ${MANIFESTIMAGE}:arm64v8-${SEMVER}
                    fi
-                    docker manifest push --purge ${MANIFESTIMAGE}:latest || :
-                    docker manifest create ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm64v8-latest
-                    docker manifest annotate ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:arm64v8-latest --os linux --arch arm64 --variant v8
-                    docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG} || :
-                    docker manifest create ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
-                    docker manifest annotate ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} --os linux --arch arm64 --variant v8
-                    docker manifest push --purge ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} || :
-                    docker manifest create ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
-                    docker manifest annotate ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} --os linux --arch arm64 --variant v8
+                  done
+                  for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
+                    docker buildx imagetools create -t ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm64v8-latest
+                    docker buildx imagetools create -t ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
+                    docker buildx imagetools create -t ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
                    if [ -n "${SEMVER}" ]; then
-                      docker manifest push --purge ${MANIFESTIMAGE}:${SEMVER} || :
-                      docker manifest create ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
-                      docker manifest annotate ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} --os linux --arch arm64 --variant v8
-                    fi
-                    token=$(curl -sX GET "https://ghcr.io/token?scope=repository%3Alinuxserver%2F${CONTAINER_NAME}%3Apull" | jq -r '.token')
-                    digest=$(curl -s \
-                      --header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
-                      --header "Authorization: Bearer ${token}" \
-                      "https://ghcr.io/v2/linuxserver/${CONTAINER_NAME}/manifests/arm32v7-latest")
-                    if [[ $(echo "$digest" | jq -r '.layers') != "null" ]]; then
-                      docker manifest push --purge ${MANIFESTIMAGE}:arm32v7-latest || :
-                      docker manifest create ${MANIFESTIMAGE}:arm32v7-latest ${MANIFESTIMAGE}:amd64-latest
-                      docker manifest push --purge ${MANIFESTIMAGE}:arm32v7-latest
-                    fi
-                    docker manifest push --purge ${MANIFESTIMAGE}:latest
-                    docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG} 
-                    docker manifest push --purge ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} 
-                    if [ -n "${SEMVER}" ]; then
-                      docker manifest push --purge ${MANIFESTIMAGE}:${SEMVER} 
+                      docker buildx imagetools create -t ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
                    fi
                  done
               '''
--- a/README.md
+++ b/README.md
@@ -28,7 +28,7 @@ Find us at:

 # [linuxserver/swag](https://github.com/linuxserver/docker-swag)

-[![Scarf.io pulls](https://scarf.sh/installs-badge/linuxserver-ci/linuxserver%2Fswag?color=94398d&label-color=555555&logo-color=ffffff&style=for-the-badge&package-type=docker)](https://scarf.sh/gateway/linuxserver-ci/docker/linuxserver%2Fswag)
+[![Scarf.io pulls](https://scarf.sh/installs-badge/linuxserver-ci/linuxserver%2Fswag?color=94398d&label-color=555555&logo-color=ffffff&style=for-the-badge&package-type=docker)](https://scarf.sh)
 [![GitHub Stars](https://img.shields.io/github/stars/linuxserver/docker-swag.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&logo=github)](https://github.com/linuxserver/docker-swag)
 [![GitHub Release](https://img.shields.io/github/release/linuxserver/docker-swag.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&logo=github)](https://github.com/linuxserver/docker-swag/releases)
 [![GitHub Package Repository](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=GitHub%20Package&logo=github)](https://github.com/linuxserver/docker-swag/packages)
@@ -76,7 +76,7 @@ The architectures supported by this image are:

 ### Certbot Plugins

-SWAG includes many Certbot plugins out of the box, but not all plugins can be includes.
+SWAG includes many Certbot plugins out of the box, but not all plugins can be included.
 If you need a plugin that is not included, the quickest way to have the plugin available is to use our [Universal Package Install Docker Mod](https://github.com/linuxserver/docker-mods/tree/universal-package-install).

 Set the following environment variables on your container:
@@ -227,7 +227,7 @@ Containers are configured using parameters passed at runtime (such as those abov
 | `-e VALIDATION=http` | Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set). |
 | `-e SUBDOMAINS=www,` | Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only) |
 | `-e CERTPROVIDER=` | Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt. |
-| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `dynudns`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. |
+| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `dynudns`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. |
 | `-e PROPAGATION=` | Optionally override (in seconds) the default propagation time for the dns plugins. |
 | `-e EMAIL=` | Optional e-mail address used for cert expiration notifications (Required for ZeroSSL). |
 | `-e ONLY_SUBDOMAINS=false` | If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true` |
@@ -400,6 +400,8 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64

 ## Versions

+* **24.07.14:** - Rebase to Alpine 3.20. Remove deprecated Google Domains certbot plugin. Existing users should update their nginx confs to avoid http2 deprecation warnings.
+* **01.07.24:** - Fall back to iptables-legacy if iptables doesn't work.
 * **23.03.24:** - Fix perms on the generated `priv-fullchain-bundle.pem`.
 * **14.03.24:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-location.conf, authelia-server.conf - Update Authelia conf samples with support for 4.38.
 * **11.03.24:** - Restore support for DynuDNS using `certbot-dns-dynudns`.
--- a/jenkins-vars.yml
+++ b/jenkins-vars.yml
@@ -6,7 +6,6 @@ external_type: pip_version
 release_type: stable
 release_tag: latest
 ls_branch: master
-build_armhf: false
 repo_vars:
  - EXT_PIP = 'certbot'
  - BUILD_VERSION_ARG = 'CERTBOT_VERSION'
--- a/package_versions.txt
+++ b/package_versions.txt
@@ -1,52 +1,50 @@
 NAME                            VERSION                TYPE                    
-ConfigArgParse                  1.7                    python                   
-PyJWT                           2.8.0                  python                   
-PyNamecheap                     0.0.3                  python                   
-PyYAML                          6.0.1                  python                   
 Simple Launcher                 1.1.0.14               dotnet  (+5 duplicates)  
-acme                            2.10.0                 python                   
-alpine-baselayout               3.4.3-r2               apk                      
-alpine-baselayout-data          3.4.3-r2               apk                      
+acme                            2.11.0                 python                   
+alpine-baselayout               3.6.5-r0               apk                      
+alpine-baselayout-data          3.6.5-r0               apk                      
 alpine-keys                     2.4-r1                 apk                      
-alpine-release                  3.19.1-r0              apk                      
-aom-libs                        3.7.1-r0               apk                      
-apache2-utils                   2.4.59-r0              apk                      
+alpine-release                  3.20.2-r0              apk                      
+aom-libs                        3.9.1-r0               apk                      
+apache2-utils                   2.4.62-r0              apk                      
 apk-tools                       2.14.4-r0              apk                      
 apr                             1.7.4-r0               apk                      
 apr-util                        1.6.3-r1               apk                      
 argon2-libs                     20190702-r5            apk                      
-attrs                           23.2.0                 python                   
+attrs                           24.2.0                 python                   
+autocommand                     2.2.2                  python                   
 azure-common                    1.1.28                 python                   
-azure-core                      1.30.1                 python                   
-azure-identity                  1.16.0                 python                   
+azure-core                      1.30.2                 python                   
+azure-identity                  1.17.1                 python                   
 azure-mgmt-core                 1.4.0                  python                   
 azure-mgmt-dns                  8.1.0                  python                   
-bash                            5.2.21-r0              apk                      
+backports-tarfile               1.2.0                  python                   
+bash                            5.2.26-r0              apk                      
 beautifulsoup4                  4.12.3                 python                   
-boto3                           1.34.103               python                   
-botocore                        1.34.103               python                   
-brotli-libs                     1.1.0-r1               apk                      
+boto3                           1.35.0                 python                   
+botocore                        1.35.0                 python                   
+brotli-libs                     1.1.0-r2               apk                      
 bs4                             0.0.2                  python                   
-busybox                         1.36.1-r15             apk                      
-busybox-binsh                   1.36.1-r15             apk                      
-c-ares                          1.27.0-r0              apk                      
+busybox                         1.36.1-r29             apk                      
+busybox-binsh                   1.36.1-r29             apk                      
+c-ares                          1.28.1-r0              apk                      
 c-client                        2007f-r15              apk                      
-ca-certificates                 20240226-r0            apk                      
-ca-certificates-bundle          20240226-r0            apk                      
-cachetools                      5.3.3                  python                   
+ca-certificates                 20240705-r0            apk                      
+ca-certificates-bundle          20240705-r0            apk                      
+cachetools                      5.4.0                  python                   
 catatonit                       0.2.0-r0               apk                      
-certbot                         2.10.0                 python                   
+certbot                         2.11.0                 python                   
 certbot-dns-acmedns             0.1.0                  python                   
 certbot-dns-aliyun              2.0.0                  python                   
 certbot-dns-azure               2.5.0                  python                   
 certbot-dns-bunny               0.0.9                  python                   
-certbot-dns-cloudflare          2.10.0                 python                   
+certbot-dns-cloudflare          2.11.0                 python                   
 certbot-dns-cpanel              0.4.0                  python                   
 certbot-dns-desec               1.2.1                  python                   
-certbot-dns-digitalocean        2.10.0                 python                   
+certbot-dns-digitalocean        2.11.0                 python                   
 certbot-dns-directadmin         1.0.4                  python                   
-certbot-dns-dnsimple            2.10.0                 python                   
-certbot-dns-dnsmadeeasy         2.10.0                 python                   
+certbot-dns-dnsimple            2.11.0                 python                   
+certbot-dns-dnsmadeeasy         2.11.0                 python                   
 certbot-dns-dnspod              0.1.0                  python                   
 certbot-dns-do                  0.31.0                 python                   
 certbot-dns-domeneshop          0.2.9                  python                   
@@ -54,296 +52,312 @@ certbot-dns-dreamhost           1.0                    python
 certbot-dns-duckdns             1.3                    python                   
 certbot-dns-dynudns             0.0.6                  python                   
 certbot-dns-freedns             0.2.0                  python                   
-certbot-dns-gehirn              2.10.0                 python                   
+certbot-dns-gehirn              2.11.0                 python                   
 certbot-dns-glesys              2.1.0                  python                   
 certbot-dns-godaddy             2.8.0                  python                   
-certbot-dns-google              2.10.0                 python                   
-certbot-dns-google-domains      0.1.11                 python                   
+certbot-dns-google              2.11.0                 python                   
 certbot-dns-he                  1.0.0                  python                   
-certbot-dns-hetzner             2.0.0                  python                   
+certbot-dns-hetzner             2.0.1                  python                   
 certbot-dns-infomaniak          0.2.2                  python                   
 certbot-dns-inwx                2.2.0                  python                   
 certbot-dns-ionos               2024.1.8               python                   
-certbot-dns-linode              2.10.0                 python                   
+certbot-dns-linode              2.11.0                 python                   
 certbot-dns-loopia              1.0.1                  python                   
-certbot-dns-luadns              2.10.0                 python                   
+certbot-dns-luadns              2.11.0                 python                   
 certbot-dns-namecheap           1.0.0                  python                   
 certbot-dns-netcup              1.4.3                  python                   
 certbot-dns-njalla              1.0.0                  python                   
-certbot-dns-nsone               2.10.0                 python                   
-certbot-dns-ovh                 2.10.0                 python                   
+certbot-dns-nsone               2.11.0                 python                   
+certbot-dns-ovh                 2.11.0                 python                   
 certbot-dns-porkbun             0.8                    python                   
-certbot-dns-rfc2136             2.10.0                 python                   
-certbot-dns-route53             2.10.0                 python                   
-certbot-dns-sakuracloud         2.10.0                 python                   
+certbot-dns-rfc2136             2.11.0                 python                   
+certbot-dns-route53             2.11.0                 python                   
+certbot-dns-sakuracloud         2.11.0                 python                   
 certbot-dns-standalone          1.1                    python                   
 certbot-dns-transip             0.5.2                  python                   
 certbot-dns-vultr               1.1.0                  python                   
 certbot-plugin-gandi            1.5.0                  python                   
-certifi                         2024.2.2               python                   
-cffi                            1.16.0                 python                   
+certifi                         2024.7.4               python                   
+cffi                            1.17.0                 python                   
 charset-normalizer              3.3.2                  python                   
-cloudflare                      2.20.0                 python                   
-composer                        2.7.6                  binary                   
+cloudflare                      2.19.4                 python                   
+composer                        2.7.7                  binary                   
+configargparse                  1.7                    python                   
 configobj                       5.0.8                  python                   
-coreutils                       9.4-r2                 apk                      
-coreutils-env                   9.4-r2                 apk                      
-coreutils-fmt                   9.4-r2                 apk                      
-coreutils-sha512sum             9.4-r2                 apk                      
-cryptography                    42.0.7                 python                   
-curl                            8.5.0-r0               apk                      
-dataclasses-json                0.5.14                 python                   
+coreutils                       9.5-r1                 apk                      
+coreutils-env                   9.5-r1                 apk                      
+coreutils-fmt                   9.5-r1                 apk                      
+coreutils-sha512sum             9.5-r1                 apk                      
+cryptography                    43.0.0                 python                   
+curl                            8.9.0-r0               apk                      
 distro                          1.9.0                  python                   
 dns-lexicon                     3.17.0                 python                   
-dnslib                          0.9.24                 python                   
+dnslib                          0.9.25                 python                   
 dnspython                       2.6.1                  python                   
 domeneshop                      0.4.4                  python                   
-fail2ban                        1.0.2                  python                   
-fail2ban                        1.0.2-r3               apk                      
-fail2ban-pyc                    1.0.2-r3               apk                      
-filelock                        3.14.0                 python                   
+fail2ban                        1.1.0                  python                   
+fail2ban                        1.1.0-r0               apk                      
+fail2ban-pyc                    1.1.0-r0               apk                      
+filelock                        3.15.4                 python                   
 findutils                       4.9.0-r5               apk                      
-fontconfig                      2.14.2-r4              apk                      
+fontconfig                      2.15.0-r1              apk                      
 freetype                        2.13.2-r0              apk                      
 future                          1.0.0                  python                   
 gdbm                            1.23-r1                apk                      
-git                             2.43.0-r0              apk                      
-git-perl                        2.43.0-r0              apk                      
-gmp                             6.3.0-r0               apk                      
-gnupg                           2.4.4-r0               apk                      
-gnupg-dirmngr                   2.4.4-r0               apk                      
-gnupg-gpgconf                   2.4.4-r0               apk                      
-gnupg-keyboxd                   2.4.4-r0               apk                      
-gnupg-utils                     2.4.4-r0               apk                      
-gnupg-wks-client                2.4.4-r0               apk                      
-gnutls                          3.8.4-r0               apk                      
-google-api-core                 2.19.0                 python                   
-google-api-python-client        2.129.0                python                   
-google-auth                     2.29.0                 python                   
+git                             2.45.2-r0              apk                      
+git-init-template               2.45.2-r0              apk                      
+git-perl                        2.45.2-r0              apk                      
+gmp                             6.3.0-r1               apk                      
+gnupg                           2.4.5-r0               apk                      
+gnupg-dirmngr                   2.4.5-r0               apk                      
+gnupg-gpgconf                   2.4.5-r0               apk                      
+gnupg-keyboxd                   2.4.5-r0               apk                      
+gnupg-utils                     2.4.5-r0               apk                      
+gnupg-wks-client                2.4.5-r0               apk                      
+gnutls                          3.8.5-r0               apk                      
+google-api-core                 2.19.1                 python                   
+google-api-python-client        2.141.0                python                   
+google-auth                     2.33.0                 python                   
 google-auth-httplib2            0.2.0                  python                   
-googleapis-common-protos        1.63.0                 python                   
-gpg                             2.4.4-r0               apk                      
-gpg-agent                       2.4.4-r0               apk                      
-gpg-wks-server                  2.4.4-r0               apk                      
-gpgsm                           2.4.4-r0               apk                      
-gpgv                            2.4.4-r0               apk                      
+googleapis-common-protos        1.63.2                 python                   
+gpg                             2.4.5-r0               apk                      
+gpg-agent                       2.4.5-r0               apk                      
+gpg-wks-server                  2.4.5-r0               apk                      
+gpgsm                           2.4.5-r0               apk                      
+gpgv                            2.4.5-r0               apk                      
 httplib2                        0.22.0                 python                   
-icu-data-en                     74.1-r0                apk                      
-icu-libs                        74.1-r0                apk                      
+icu-data-en                     74.2-r0                apk                      
+icu-libs                        74.2-r0                apk                      
 idna                            3.7                    python                   
+importlib-metadata              8.0.0                  python                   
+importlib-resources             6.4.0                  python                   
+inflect                         7.3.1                  python                   
 iptables                        1.8.10-r3              apk                      
+iptables-legacy                 1.8.10-r3              apk                      
 isodate                         0.6.1                  python                   
+jaraco-context                  5.3.0                  python                   
+jaraco-functools                4.0.1                  python                   
+jaraco-text                     3.12.1                 python                   
 jmespath                        1.0.1                  python                   
 josepy                          1.14.0                 python                   
 jq                              1.7.1-r0               apk                      
 jsonlines                       4.0.0                  python                   
-jsonpickle                      3.0.4                  python                   
-libacl                          2.3.1-r4               apk                      
-libassuan                       2.5.6-r1               apk                      
-libattr                         2.5.1-r5               apk                      
-libavif                         1.0.3-r0               apk                      
-libbsd                          0.11.7-r3              apk                      
+jsonpickle                      3.2.2                  python                   
+libacl                          2.3.2-r0               apk                      
+libassuan                       2.5.7-r0               apk                      
+libattr                         2.5.2-r0               apk                      
+libavif                         1.0.4-r0               apk                      
+libbsd                          0.12.2-r0              apk                      
 libbz2                          1.0.8-r6               apk                      
-libc-utils                      0.7.2-r5               apk                      
-libcrypto3                      3.1.4-r6               apk                      
-libcurl                         8.5.0-r0               apk                      
-libdav1d                        1.3.0-r1               apk                      
-libedit                         20230828.3.1-r3        apk                      
+libcrypto3                      3.3.1-r3               apk                      
+libcurl                         8.9.0-r0               apk                      
+libdav1d                        1.4.2-r0               apk                      
+libedit                         20240517.3.1-r0        apk                      
 libevent                        2.1.12-r7              apk                      
 libexpat                        2.6.2-r0               apk                      
-libffi                          3.4.4-r3               apk                      
-libgcc                          13.2.1_git20231014-r0  apk                      
+libffi                          3.4.6-r0               apk                      
+libgcc                          13.2.1_git20240309-r0  apk                      
 libgcrypt                       1.10.3-r0              apk                      
-libgd                           2.3.3-r8               apk                      
-libgpg-error                    1.47-r2                apk                      
-libice                          1.1.1-r5               apk                      
-libidn2                         2.3.4-r4               apk                      
-libintl                         0.22.3-r0              apk                      
-libjpeg-turbo                   3.0.1-r0               apk                      
-libksba                         1.6.5-r0               apk                      
-libldap                         2.6.6-r1               apk                      
-libmaxminddb-libs               1.7.1-r2               apk                      
+libgd                           2.3.3-r9               apk                      
+libgpg-error                    1.49-r0                apk                      
+libice                          1.1.1-r6               apk                      
+libidn2                         2.3.7-r0               apk                      
+libintl                         0.22.5-r0              apk                      
+libip4tc                        1.8.10-r3              apk                      
+libip6tc                        1.8.10-r3              apk                      
+libjpeg-turbo                   3.0.3-r0               apk                      
+libksba                         1.6.6-r0               apk                      
+libldap                         2.6.7-r0               apk                      
+libmaxminddb-libs               1.9.1-r0               apk                      
 libmcrypt                       2.5.8-r10              apk                      
 libmd                           1.1.0-r0               apk                      
 libmemcached-libs               1.1.4-r1               apk                      
 libmnl                          1.0.5-r2               apk                      
-libncursesw                     6.4_p20231125-r0       apk                      
+libncursesw                     6.4_p20240420-r0       apk                      
 libnftnl                        1.2.6-r0               apk                      
-libpanelw                       6.4_p20231125-r0       apk                      
-libpng                          1.6.40-r0              apk                      
-libpq                           16.2-r1                apk                      
+libpanelw                       6.4_p20240420-r0       apk                      
+libpng                          1.6.43-r0              apk                      
+libpq                           16.3-r0                apk                      
 libproc2                        4.0.4-r0               apk                      
-libsasl                         2.1.28-r5              apk                      
-libseccomp                      2.5.5-r0               apk                      
+libpsl                          0.21.5-r1              apk                      
+libsasl                         2.1.28-r6              apk                      
+libseccomp                      2.5.5-r1               apk                      
 libsharpyuv                     1.3.2-r0               apk                      
-libsm                           1.2.4-r3               apk                      
+libsm                           1.2.4-r4               apk                      
 libsodium                       1.0.19-r0              apk                      
-libssl3                         3.1.4-r6               apk                      
-libstdc++                       13.2.1_git20231014-r0  apk                      
+libssl3                         3.3.1-r3               apk                      
+libstdc++                       13.2.1_git20240309-r0  apk                      
 libtasn1                        4.19.0-r2              apk                      
-libunistring                    1.1-r2                 apk                      
-libuuid                         2.39.3-r0              apk                      
+libunistring                    1.2-r0                 apk                      
+libuuid                         2.40.1-r1              apk                      
 libwebp                         1.3.2-r0               apk                      
-libx11                          1.8.7-r0               apk                      
-libxau                          1.0.11-r3              apk                      
-libxcb                          1.16-r0                apk                      
-libxdmcp                        1.1.4-r3               apk                      
-libxext                         1.3.5-r3               apk                      
-libxml2                         2.11.7-r0              apk                      
+libx11                          1.8.9-r1               apk                      
+libxau                          1.0.11-r4              apk                      
+libxcb                          1.16.1-r0              apk                      
+libxdmcp                        1.1.5-r1               apk                      
+libxext                         1.3.6-r2               apk                      
+libxml2                         2.12.7-r0              apk                      
 libxpm                          3.5.17-r0              apk                      
-libxslt                         1.1.39-r0              apk                      
-libxt                           1.3.0-r4               apk                      
+libxslt                         1.1.39-r1              apk                      
+libxt                           1.3.0-r5               apk                      
 libxtables                      1.8.10-r3              apk                      
 libzip                          1.10.1-r0              apk                      
-linux-pam                       1.5.3-r7               apk                      
+linux-pam                       1.6.0-r0               apk                      
 logrotate                       3.21.0-r1              apk                      
 loopialib                       0.2.0                  python                   
-lxml                            5.2.1                  python                   
+lxml                            5.3.0                  python                   
 lz4-libs                        1.9.4-r5               apk                      
-marshmallow                     3.21.2                 python                   
-memcached                       1.6.22-r0              apk                      
+memcached                       1.6.27-r0              apk                      
 mock                            5.1.0                  python                   
-mpdecimal                       2.5.1-r2               apk                      
-msal                            1.28.0                 python                   
-msal-extensions                 1.1.0                  python                   
-musl                            1.2.4_git20230717-r4   apk                      
-musl-utils                      1.2.4_git20230717-r4   apk                      
-mypy-extensions                 1.0.0                  python                   
-nano                            7.2-r1                 apk                      
-ncurses-terminfo-base           6.4_p20231125-r0       apk                      
+more-itertools                  10.3.0                 python                   
+mpdecimal                       4.0.0-r0               apk                      
+msal                            1.30.0                 python                   
+msal-extensions                 1.2.0                  python                   
+musl                            1.2.5-r0               apk                      
+musl-utils                      1.2.5-r0               apk                      
+my-test-package                 1.0                    python                   
+nano                            8.0-r0                 apk                      
+ncurses-terminfo-base           6.4_p20240420-r0       apk                      
 netcat-openbsd                  1.226-r0               apk                      
 nettle                          3.9.1-r0               apk                      
-nghttp2-libs                    1.58.0-r0              apk                      
-nginx                           1.24.0-r16             apk                      
-nginx-mod-devel-kit             1.24.0-r16             apk                      
-nginx-mod-http-brotli           1.24.0-r16             apk                      
-nginx-mod-http-dav-ext          1.24.0-r16             apk                      
-nginx-mod-http-echo             1.24.0-r16             apk                      
-nginx-mod-http-fancyindex       1.24.0-r16             apk                      
-nginx-mod-http-geoip2           1.24.0-r16             apk                      
-nginx-mod-http-headers-more     1.24.0-r16             apk                      
-nginx-mod-http-image-filter     1.24.0-r16             apk                      
-nginx-mod-http-perl             1.24.0-r16             apk                      
-nginx-mod-http-redis2           1.24.0-r16             apk                      
-nginx-mod-http-set-misc         1.24.0-r16             apk                      
-nginx-mod-http-upload-progress  1.24.0-r16             apk                      
-nginx-mod-http-xslt-filter      1.24.0-r16             apk                      
-nginx-mod-mail                  1.24.0-r16             apk                      
-nginx-mod-rtmp                  1.24.0-r16             apk                      
-nginx-mod-stream                1.24.0-r16             apk                      
-nginx-mod-stream-geoip2         1.24.0-r16             apk                      
-nginx-vim                       1.24.0-r16             apk                      
+nghttp2-libs                    1.62.1-r0              apk                      
+nginx                           1.26.2-r0              apk                      
+nginx-mod-devel-kit             1.26.2-r0              apk                      
+nginx-mod-http-brotli           1.26.2-r0              apk                      
+nginx-mod-http-dav-ext          1.26.2-r0              apk                      
+nginx-mod-http-echo             1.26.2-r0              apk                      
+nginx-mod-http-fancyindex       1.26.2-r0              apk                      
+nginx-mod-http-geoip2           1.26.2-r0              apk                      
+nginx-mod-http-headers-more     1.26.2-r0              apk                      
+nginx-mod-http-image-filter     1.26.2-r0              apk                      
+nginx-mod-http-perl             1.26.2-r0              apk                      
+nginx-mod-http-redis2           1.26.2-r0              apk                      
+nginx-mod-http-set-misc         1.26.2-r0              apk                      
+nginx-mod-http-upload-progress  1.26.2-r0              apk                      
+nginx-mod-http-xslt-filter      1.26.2-r0              apk                      
+nginx-mod-mail                  1.26.2-r0              apk                      
+nginx-mod-rtmp                  1.26.2-r0              apk                      
+nginx-mod-stream                1.26.2-r0              apk                      
+nginx-mod-stream-geoip2         1.26.2-r0              apk                      
+nginx-vim                       1.26.2-r0              apk                      
 npth                            1.6-r4                 apk                      
 oniguruma                       6.9.9-r0               apk                      
-openssl                         3.1.4-r6               apk                      
+openssl                         3.3.1-r3               apk                      
+ordered-set                     4.1.0                  python                   
 p11-kit                         0.25.3-r0              apk                      
-packaging                       24.0                   python                   
+packaging                       24.1                   python                   
 parsedatetime                   2.6                    python                   
 pcre                            8.45-r3                apk                      
-pcre2                           10.42-r2               apk                      
+pcre2                           10.43-r0               apk                      
 perl                            5.38.2-r0              apk                      
 perl-error                      0.17029-r2             apk                      
-perl-git                        2.43.0-r0              apk                      
-php83                           8.3.7-r0               apk                      
-php83-bcmath                    8.3.7-r0               apk                      
-php83-bz2                       8.3.7-r0               apk                      
-php83-common                    8.3.7-r0               apk                      
-php83-ctype                     8.3.7-r0               apk                      
-php83-curl                      8.3.7-r0               apk                      
-php83-dom                       8.3.7-r0               apk                      
-php83-exif                      8.3.7-r0               apk                      
-php83-fileinfo                  8.3.7-r0               apk                      
-php83-fpm                       8.3.7-r0               apk                      
-php83-ftp                       8.3.7-r0               apk                      
-php83-gd                        8.3.7-r0               apk                      
-php83-gmp                       8.3.7-r0               apk                      
-php83-iconv                     8.3.7-r0               apk                      
-php83-imap                      8.3.7-r0               apk                      
-php83-intl                      8.3.7-r0               apk                      
-php83-ldap                      8.3.7-r0               apk                      
-php83-mbstring                  8.3.7-r0               apk                      
-php83-mysqli                    8.3.7-r0               apk                      
-php83-mysqlnd                   8.3.7-r0               apk                      
-php83-opcache                   8.3.7-r0               apk                      
-php83-openssl                   8.3.7-r0               apk                      
-php83-pdo                       8.3.7-r0               apk                      
-php83-pdo_mysql                 8.3.7-r0               apk                      
-php83-pdo_odbc                  8.3.7-r0               apk                      
-php83-pdo_pgsql                 8.3.7-r0               apk                      
-php83-pdo_sqlite                8.3.7-r0               apk                      
-php83-pear                      8.3.7-r0               apk                      
+perl-git                        2.45.2-r0              apk                      
+php83                           8.3.10-r0              apk                      
+php83-bcmath                    8.3.10-r0              apk                      
+php83-bz2                       8.3.10-r0              apk                      
+php83-common                    8.3.10-r0              apk                      
+php83-ctype                     8.3.10-r0              apk                      
+php83-curl                      8.3.10-r0              apk                      
+php83-dom                       8.3.10-r0              apk                      
+php83-exif                      8.3.10-r0              apk                      
+php83-fileinfo                  8.3.10-r0              apk                      
+php83-fpm                       8.3.10-r0              apk                      
+php83-ftp                       8.3.10-r0              apk                      
+php83-gd                        8.3.10-r0              apk                      
+php83-gmp                       8.3.10-r0              apk                      
+php83-iconv                     8.3.10-r0              apk                      
+php83-imap                      8.3.10-r0              apk                      
+php83-intl                      8.3.10-r0              apk                      
+php83-ldap                      8.3.10-r0              apk                      
+php83-mbstring                  8.3.10-r0              apk                      
+php83-mysqli                    8.3.10-r0              apk                      
+php83-mysqlnd                   8.3.10-r0              apk                      
+php83-opcache                   8.3.10-r0              apk                      
+php83-openssl                   8.3.10-r0              apk                      
+php83-pdo                       8.3.10-r0              apk                      
+php83-pdo_mysql                 8.3.10-r0              apk                      
+php83-pdo_odbc                  8.3.10-r0              apk                      
+php83-pdo_pgsql                 8.3.10-r0              apk                      
+php83-pdo_sqlite                8.3.10-r0              apk                      
+php83-pear                      8.3.10-r0              apk                      
 php83-pecl-apcu                 5.1.23-r0              apk                      
 php83-pecl-igbinary             3.2.15-r0              apk                      
 php83-pecl-mcrypt               1.0.7-r0               apk                      
 php83-pecl-memcached            3.2.0-r0               apk                      
-php83-pecl-msgpack              2.2.0-r1               apk                      
+php83-pecl-msgpack              2.2.0-r2               apk                      
 php83-pecl-redis                6.0.2-r0               apk                      
-php83-pgsql                     8.3.7-r0               apk                      
-php83-phar                      8.3.7-r0               apk                      
-php83-posix                     8.3.7-r0               apk                      
-php83-session                   8.3.7-r0               apk                      
-php83-simplexml                 8.3.7-r0               apk                      
-php83-soap                      8.3.7-r0               apk                      
-php83-sockets                   8.3.7-r0               apk                      
-php83-sodium                    8.3.7-r0               apk                      
-php83-sqlite3                   8.3.7-r0               apk                      
-php83-tokenizer                 8.3.7-r0               apk                      
-php83-xml                       8.3.7-r0               apk                      
-php83-xmlreader                 8.3.7-r0               apk                      
-php83-xmlwriter                 8.3.7-r0               apk                      
-php83-xsl                       8.3.7-r0               apk                      
-php83-zip                       8.3.7-r0               apk                      
-pinentry                        1.2.1-r1               apk                      
-pip                             24.0                   python                   
+php83-pgsql                     8.3.10-r0              apk                      
+php83-phar                      8.3.10-r0              apk                      
+php83-posix                     8.3.10-r0              apk                      
+php83-session                   8.3.10-r0              apk                      
+php83-simplexml                 8.3.10-r0              apk                      
+php83-soap                      8.3.10-r0              apk                      
+php83-sockets                   8.3.10-r0              apk                      
+php83-sodium                    8.3.10-r0              apk                      
+php83-sqlite3                   8.3.10-r0              apk                      
+php83-tokenizer                 8.3.10-r0              apk                      
+php83-xml                       8.3.10-r0              apk                      
+php83-xmlreader                 8.3.10-r0              apk                      
+php83-xmlwriter                 8.3.10-r0              apk                      
+php83-xsl                       8.3.10-r0              apk                      
+php83-zip                       8.3.10-r0              apk                      
+pinentry                        1.3.0-r0               apk                      
+pip                             24.2                   python                   
 pkb-client                      1.2                    python                   
+platformdirs                    4.2.2                  python                   
 popt                            1.19-r3                apk                      
-portalocker                     2.8.2                  python                   
+portalocker                     2.10.1                 python                   
 procps-ng                       4.0.4-r0               apk                      
-proto-plus                      1.23.0                 python                   
-protobuf                        4.25.3                 python                   
-publicsuffixlist                0.9.4                  python                   
-pyOpenSSL                       24.1.0                 python                   
-pyRFC3339                       1.1                    python                   
+proto-plus                      1.24.0                 python                   
+protobuf                        5.27.3                 python                   
 pyacmedns                       0.4                    python                   
 pyasn1                          0.6.0                  python                   
-pyasn1_modules                  0.4.0                  python                   
-pyc                             3.11.9-r0              apk                      
+pyasn1-modules                  0.4.0                  python                   
+pyc                             3.12.3-r1              apk                      
 pycparser                       2.22                   python                   
+pyjwt                           2.9.0                  python                   
+pynamecheap                     0.0.3                  python                   
+pyopenssl                       24.2.1                 python                   
 pyotp                           2.9.0                  python                   
 pyparsing                       3.1.2                  python                   
+pyrfc3339                       1.1                    python                   
 python-dateutil                 2.9.0.post0            python                   
 python-digitalocean             1.17.0                 python                   
 python-transip                  0.6.0                  python                   
-python3                         3.11.9-r0              apk                      
-python3-pyc                     3.11.9-r0              apk                      
-python3-pycache-pyc0            3.11.9-r0              apk                      
+python3                         3.12.3-r1              apk                      
+python3-pyc                     3.12.3-r1              apk                      
+python3-pycache-pyc0            3.12.3-r1              apk                      
 pytz                            2024.1                 python                   
-readline                        8.2.1-r2               apk                      
-requests                        2.31.0                 python                   
-requests-file                   2.0.0                  python                   
+pyyaml                          6.0.2                  python                   
+readline                        8.2.10-r0              apk                      
+requests                        2.32.3                 python                   
+requests-file                   2.1.0                  python                   
 requests-mock                   1.12.1                 python                   
 rsa                             4.9                    python                   
-s3transfer                      0.10.1                 python                   
+s3transfer                      0.10.2                 python                   
 scanelf                         1.3.7-r2               apk                      
-setuptools                      65.5.0                 python                   
-shadow                          4.14.2-r0              apk                      
+setuptools                      72.2.0                 python                   
+shadow                          4.15.1-r0              apk                      
 six                             1.16.0                 python                   
-skalibs                         2.14.0.1-r0            apk                      
-soupsieve                       2.5                    python                   
-sqlite-libs                     3.44.2-r0              apk                      
-ssl_client                      1.36.1-r15             apk                      
-tiff                            4.6.0-r0               apk                      
+skalibs                         2.14.1.1-r0            apk                      
+soupsieve                       2.6                    python                   
+sqlite-libs                     3.45.3-r1              apk                      
+ssl_client                      1.36.1-r29             apk                      
+tiff                            4.6.0t-r0              apk                      
 tldextract                      5.1.2                  python                   
-typing-inspect                  0.9.0                  python                   
-typing_extensions               4.11.0                 python                   
-tzdata                          2024a-r0               apk                      
+tomli                           2.0.1                  python                   
+typeguard                       4.3.0                  python                   
+typing-extensions               4.12.2                 python  (+1 duplicate)   
+tzdata                          2024a-r1               apk                      
 unixodbc                        2.3.12-r0              apk                      
 uritemplate                     4.1.1                  python                   
-urllib3                         2.2.1                  python                   
-utmps-libs                      0.1.2.2-r0             apk                      
+urllib3                         2.2.2                  python                   
+utmps-libs                      0.1.2.2-r1             apk                      
 wheel                           0.43.0                 python                   
-whois                           5.5.20-r0              apk                      
-xz-libs                         5.4.5-r0               apk                      
-zlib                            1.3.1-r0               apk                      
-zope.interface                  6.3                    python                   
-zstd-libs                       1.5.5-r8               apk                      
+wheel                           0.44.0                 python                   
+whois                           5.5.23-r0              apk                      
+xz-libs                         5.6.2-r0               apk                      
+zipp                            3.19.2                 python                   
+zlib                            1.3.1-r1               apk                      
+zope-interface                  7.0.1                  python                   
+zstd-libs                       1.5.6-r0               apk                      
--- a/readme-vars.yml
+++ b/readme-vars.yml
@@ -7,40 +7,24 @@ project_logo: "https://github.com/linuxserver/docker-templates/raw/master/linuxs
 project_blurb: "SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention."
 project_lsio_github_repo_url: "https://github.com/linuxserver/docker-{{ project_name }}"

-project_blurb_optional_extras_enabled: false
-project_blurb_optional_extras: []
-
 # supported architectures
 available_architectures:
  - { arch: "{{ arch_x86_64 }}", tag: "amd64-latest"}
  - { arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"}

-# development version
-development_versions: false
-development_versions_items:
-  - { tag: "latest", desc: "Stable releases" }
-
-
 # container parameters
-common_param_env_vars_enabled: true #PGID, PUID, etc, you can set it to 'optional'
+common_param_env_vars_enabled: true
 param_container_name: "{{ project_name }}"
-param_usage_include_net: false #you can set it to 'optional'
-param_net: "host"
-param_net_desc: "Shares host networking with container."
 param_usage_include_env: true
 param_env_vars:
-  - { env_var: "TZ", env_value: "Europe/London", desc: "Specify a timezone to use EG Europe/London." }
  - { env_var: "URL", env_value: "yourdomain.url", desc: "Top url you have control over (`customdomain.com` if you own it, or `customsubdomain.ddnsprovider.com` if dynamic dns)." }
-  - { env_var: "VALIDATION", env_value: "http", desc: "Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set)." }
+  - { env_var: "VALIDATION", env_value: "http", desc: "Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set).", env_options: ["http", "dns"] }
 param_usage_include_vols: true
 param_volumes:
  - { vol_path: "/config", vol_host_path: "/path/to/{{ project_name }}/config", desc: "Persistent config files" }
 param_usage_include_ports: true
 param_ports:
  - { external_port: "443", internal_port: "443", port_desc: "Https port" }
-param_device_map: false
-param_devices:
-  - { device_path: "/dev/dri", device_host_path: "/dev/dri", desc: "For hardware transcoding" }
 cap_add_param: true
 cap_add_param_vars:
  - { cap_add_var: "NET_ADMIN" }
@@ -50,27 +34,15 @@ opt_param_usage_include_env: true
 opt_param_env_vars:
  - { env_var: "SUBDOMAINS", env_value: "www,", desc: "Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only)" }
  - { env_var: "CERTPROVIDER", env_value: "", desc: "Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt." }
-  - { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `dynudns`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." }
+  - { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `dynudns`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." }
  - { env_var: "PROPAGATION", env_value: "", desc: "Optionally override (in seconds) the default propagation time for the dns plugins." }
  - { env_var: "EMAIL", env_value: "", desc: "Optional e-mail address used for cert expiration notifications (Required for ZeroSSL)." }
  - { env_var: "ONLY_SUBDOMAINS", env_value: "false", desc: "If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true`" }
  - { env_var: "EXTRA_DOMAINS", env_value: "", desc: "Additional fully qualified domain names (comma separated, no spaces) ie. `extradomain.com,subdomain.anotherdomain.org,*.anotherdomain.org`" }
  - { env_var: "STAGING", env_value: "false", desc: "Set to `true` to retrieve certs in staging mode. Rate limits will be much higher, but the resulting cert will not pass the browser's security test. Only to be used for testing purposes." }
-opt_param_usage_include_vols: false
-opt_param_volumes:
-  - { vol_path: "/config", vol_host_path: "/path/to/{{ project_name }}/config", desc: "Persistent config files" }
 opt_param_usage_include_ports: true
 opt_param_ports:
  - { external_port: "80", internal_port: "80", port_desc: "Http port (required for http validation and http -> https redirect)" }
-opt_param_device_map: false
-opt_param_devices:
-  - { device_path: "/dev/dri", device_host_path: "/dev/dri", desc: "For hardware transcoding" }
-opt_cap_add_param: false
-opt_cap_add_param_vars:
-  - { cap_add_var: "NET_ADMIN" }
-
-optional_block_1: false
-optional_block_1_items: ""

 # application setup block
 app_setup_block_enabled: true
@@ -92,7 +64,7 @@ app_setup_block: |

  ### Certbot Plugins

-  SWAG includes many Certbot plugins out of the box, but not all plugins can be includes.
+  SWAG includes many Certbot plugins out of the box, but not all plugins can be included.
  If you need a plugin that is not included, the quickest way to have the plugin available is to use our [Universal Package Install Docker Mod](https://github.com/linuxserver/docker-mods/tree/universal-package-install).

  Set the following environment variables on your container:
@@ -168,6 +140,8 @@ app_setup_block: |

 # changelog
 changelogs:
+  - { date: "24.07.14:", desc: "Rebase to Alpine 3.20. Remove deprecated Google Domains certbot plugin. Existing users should update their nginx confs to avoid http2 deprecation warnings."}
+  - { date: "01.07.24:", desc: "Fall back to iptables-legacy if iptables doesn't work." }
  - { date: "23.03.24:", desc: "Fix perms on the generated `priv-fullchain-bundle.pem`." }
  - { date: "14.03.24:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-location.conf, authelia-server.conf - Update Authelia conf samples with support for 4.38." }
  - { date: "11.03.24:", desc: "Restore support for DynuDNS using `certbot-dns-dynudns`." }
--- a/root/defaults/dns-conf/google-domains.ini
+++ b/root/defaults/dns-conf/google-domains.ini
@@ -1,4 +0,0 @@
-# Instructions: https://github.com/aaomidi/certbot-dns-google-domains#credentials
-# Replace with your value
-dns_google_domains_access_token = abcdef
-dns_google_domains_zone = example.com
--- a/root/defaults/nginx/site-confs/default.conf.sample
+++ b/root/defaults/nginx/site-confs/default.conf.sample
@@ -1,4 +1,4 @@
-## Version 2024/03/06 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/site-confs/default.conf.sample
+## Version 2024/07/16 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/site-confs/default.conf.sample

 # redirect all traffic to https
 server {
@@ -12,8 +12,8 @@ server {

 # main server block
 server {
-    listen 443 ssl http2 default_server;
-    listen [::]:443 ssl http2 default_server;
+    listen 443 ssl default_server;
+    listen [::]:443 ssl default_server;

    server_name _;

--- a/root/etc/s6-overlay/s6-rc.d/init-fail2ban-config/run
+++ b/root/etc/s6-overlay/s6-rc.d/init-fail2ban-config/run
@@ -1,6 +1,15 @@
 #!/usr/bin/with-contenv bash
 # shellcheck shell=bash

+if ! iptables -L &> /dev/null; then
+  ln -sf /sbin/xtables-legacy-multi /sbin/iptables
+  ln -sf /sbin/xtables-legacy-multi /sbin/iptables-save
+  ln -sf /sbin/xtables-legacy-multi /sbin/iptables-restore
+  ln -sf /sbin/xtables-legacy-multi /sbin/ip6tables
+  ln -sf /sbin/xtables-legacy-multi /sbin/ip6tables-save
+  ln -sf /sbin/xtables-legacy-multi /sbin/ip6tables-restore
+fi
+
 # copy/update the fail2ban config defaults to/in /config
 cp -R /defaults/fail2ban/filter.d /config/fail2ban/
 cp -R /defaults/fail2ban/action.d /config/fail2ban/
Author	SHA1	Message	Date
LinuxServer-CI	ea13c5a885	Bot Updating Package Versions	2024-08-17 03:20:39 +00:00
LinuxServer-CI	ee0f1247d9	Bot Updating Package Versions	2024-08-15 04:22:26 +00:00
LinuxServer-CI	a8cf2c5c40	Bot Updating Package Versions	2024-08-10 03:27:12 +00:00
driz	62faebf642	Merge pull request #497 from linuxserver/readme-typo fix typo	2024-08-07 08:30:01 -04:00
LinuxServer-CI	81e65837ca	Bot Updating Package Versions	2024-08-07 12:08:32 +00:00
driz	a08edc14d2	fix typo	2024-08-07 08:06:25 -04:00
LinuxServer-CI	edf1abd83a	Bot Updating Templated Files	2024-08-07 12:04:22 +00:00
driz	0357efea87	Merge pull request #491 from marblepebble/master Fallback to iptables-legacy if iptables doesn't work	2024-08-07 08:01:42 -04:00
LinuxServer-CI	aa103ce997	Bot Updating Package Versions	2024-08-03 03:20:38 +00:00
marblepebble	20bbf040e0	Merge branch 'master' into master	2024-07-30 21:39:57 +01:00
Ainsley Pereira	e4a6e31b6f	Add iptables-legacy to Dockerfile.aarch64 too	2024-07-30 21:24:12 +01:00
LinuxServer-CI	5b096a8a66	Bot Updating Package Versions	2024-07-27 03:22:59 +00:00
LinuxServer-CI	eb6dba6cbe	Bot Updating Package Versions	2024-07-19 22:27:05 +00:00
LinuxServer-CI	afd6c9d827	Bot Updating Package Versions	2024-07-19 21:42:49 +00:00
Eric Nemchik	daa84f28b4	Merge pull request #492 from linuxserver/3.20 Rebase to 3.20	2024-07-19 16:36:39 -05:00
Eric Nemchik	cd931076e4	remove google-domains certbot plugin Signed-off-by: GitHub <noreply@github.com>	2024-07-17 17:18:24 +00:00
Eric Nemchik	f5ce44887f	keep ipv6 listen separate Signed-off-by: Eric Nemchik <eric@nemchik.com>	2024-07-16 19:48:55 -05:00
Eric Nemchik	875a17dfc7	Rebase to 3.20 Signed-off-by: Eric Nemchik <eric@nemchik.com>	2024-07-14 09:57:01 -05:00
LinuxServer-CI	210134745d	Bot Updating Package Versions	2024-07-13 03:24:57 +00:00
LinuxServer-CI	9d469c2957	Bot Updating Templated Files	2024-07-13 03:20:42 +00:00
LinuxServer-CI	37e64ebdac	Bot Updating Templated Files	2024-07-13 03:19:19 +00:00
LinuxServer-CI	47fc525094	Bot Updating Package Versions	2024-07-06 03:24:36 +00:00
Ainsley Pereira	625b11d21c	Add iptables-legacy and fall back to it if the normal iptables command doesn't work. Fixes #476	2024-07-01 17:28:48 +01:00
LinuxServer-CI	77accb3762	Bot Updating Package Versions	2024-06-29 03:24:09 +00:00
LinuxServer-CI	7dcce8b346	Bot Updating Package Versions	2024-06-22 03:22:28 +00:00
LinuxServer-CI	03286fc238	Bot Updating Package Versions	2024-06-15 03:20:18 +00:00
LinuxServer-CI	7391dc1bcf	Bot Updating Package Versions	2024-06-08 03:20:15 +00:00
LinuxServer-CI	a7ea6a955b	Bot Updating Package Versions	2024-06-06 03:23:13 +00:00
LinuxServer-CI	e149638808	Bot Updating Package Versions	2024-06-01 03:22:21 +00:00
LinuxServer-CI	41cb7cb104	Bot Updating Package Versions	2024-05-25 03:27:08 +00:00
LinuxServer-CI	1499cbe7de	Bot Updating Templated Files	2024-05-25 03:23:50 +00:00
LinuxServer-CI	5a7d49ec43	Bot Updating Templated Files	2024-05-25 03:21:31 +00:00
LinuxServer-CI	efc2f55f48	Bot Updating Package Versions	2024-05-18 03:20:19 +00:00