28 changed files with 367 additions and 642 deletions
--- a/.editorconfig
+++ b/.editorconfig
@ -15,6 +15,6 @@ trim_trailing_whitespace = false
 indent_style = space
 indent_size = 2
-[{**.sh,root/etc/s6-overlay/s6-rc.d/**,root/etc/cont-init.d/**,root/etc/services.d/**}]
+[{**.sh,root/etc/cont-init.d/**,root/etc/services.d/**}]
 indent_style = space
 indent_size = 4
--- a/.github/workflows/call_invalid_helper.yml
+++ b/.github/workflows/call_invalid_helper.yml
@ -0,0 +1,12 @@
 name: Comment on invalid interaction
 on:
  issues:
    types:
      - labeled
 jobs:
  add-comment-on-invalid:
    if: github.event.label.name == 'invalid'
    permissions:
      issues: write
    uses: linuxserver/github-workflows/.github/workflows/invalid-interaction-helper.yml@v1
    secrets: inherit
--- a/.github/workflows/call_issue_pr_tracker.yml
+++ b/.github/workflows/call_issue_pr_tracker.yml
@ -1,14 +0,0 @@
 name: Issue & PR Tracker
 on:
  issues:
    types: [opened,reopened,labeled,unlabeled]
  pull_request_target:
    types: [opened,reopened,review_requested,review_request_removed,labeled,unlabeled]
 jobs:
  manage-project:
    permissions:
      issues: write
    uses: linuxserver/github-workflows/.github/workflows/issue-pr-tracker.yml@v1
    secrets: inherit
--- a/.github/workflows/call_issues_cron.yml
+++ b/.github/workflows/call_issues_cron.yml
@ -1,13 +0,0 @@
 name: Mark stale issues and pull requests
 on:
  schedule:
    - cron:  '35 15 * * *'
  workflow_dispatch:
 jobs:
  stale:
    permissions:
      issues: write
      pull-requests: write
    uses: linuxserver/github-workflows/.github/workflows/issues-cron.yml@v1
    secrets: inherit
--- a/.github/workflows/greetings.yml
+++ b/.github/workflows/greetings.yml
@ -8,6 +8,6 @@ jobs:
    steps:
    - uses: actions/first-interaction@v1
      with:
-        issue-message: 'Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.'
+        issue-message: 'Thanks for opening your first issue here! Be sure to follow the [bug](https://github.com/linuxserver/docker-swag/blob/master/.github/ISSUE_TEMPLATE/issue.bug.yml) or [feature](https://github.com/linuxserver/docker-swag/blob/master/.github/ISSUE_TEMPLATE/issue.feature.yml) issue templates!'
        pr-message: 'Thanks for opening this pull request! Be sure to follow the [pull request template](https://github.com/linuxserver/docker-swag/blob/master/.github/PULL_REQUEST_TEMPLATE.md)!'
        repo-token: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/package_trigger_scheduler.yml
+++ b/.github/workflows/package_trigger_scheduler.yml
@ -2,7 +2,7 @@ name: Package Trigger Scheduler
 on:
  schedule:
-    - cron:  '1 3 * * 6'
+    - cron:  '03 5 * * 4'
  workflow_dispatch:
 jobs:
--- a/.github/workflows/permissions.yml
+++ b/.github/workflows/permissions.yml
@ -1,10 +0,0 @@
 name: Permission check
 on:
  pull_request_target:
    paths:
      - '**/run'
      - '**/finish'
      - '**/check'
 jobs:
  permission_check:
    uses: linuxserver/github-workflows/.github/workflows/init-svc-executable-permissions.yml@v1
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@ -0,0 +1,23 @@
 name: Mark stale issues and pull requests
 on:
  schedule:
  - cron: "30 1 * * *"
 jobs:
  stale:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/stale@v6.0.1
      with:
        stale-issue-message: "This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions."
        stale-pr-message: "This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions."
        stale-issue-label: 'no-issue-activity'
        stale-pr-label: 'no-pr-activity'
        days-before-stale: 30
        days-before-close: 365
        exempt-issue-labels: 'awaiting-approval,work-in-progress'
        exempt-pr-labels: 'awaiting-approval,work-in-progress'
        repo-token: ${{ secrets.GITHUB_TOKEN }}
--- a/4
+++ b/4
@ -113,7 +113,6 @@ RUN \
    certbot-dns-gehirn \
    certbot-dns-godaddy \
    certbot-dns-google \
    certbot-dns-google-domains \
    certbot-dns-he \
    certbot-dns-hetzner \
    certbot-dns-infomaniak \
@ -126,7 +125,6 @@ RUN \
    certbot-dns-njalla \
    certbot-dns-nsone \
    certbot-dns-ovh \
    certbot-dns-porkbun \
    certbot-dns-rfc2136 \
    certbot-dns-route53 \
    certbot-dns-sakuracloud \
@ -159,8 +157,6 @@ RUN \
  mkdir -p /defaults/fail2ban && \
  mv /etc/fail2ban/action.d /defaults/fail2ban/ && \
  mv /etc/fail2ban/filter.d /defaults/fail2ban/ && \
  echo "**** define allowipv6 to silence warning ****" && \
  sed -i 's/#allowipv6 = auto/allowipv6 = auto/g' /etc/fail2ban/fail2ban.conf && \
  echo "**** copy proxy confs to /defaults ****" && \
  mkdir -p \
    /defaults/nginx/proxy-confs && \
--- a/Dockerfile.aarch64
+++ b/Dockerfile.aarch64
@ -113,7 +113,6 @@ RUN \
    certbot-dns-gehirn \
    certbot-dns-godaddy \
    certbot-dns-google \
    certbot-dns-google-domains \
    certbot-dns-he \
    certbot-dns-hetzner \
    certbot-dns-infomaniak \
@ -126,7 +125,6 @@ RUN \
    certbot-dns-njalla \
    certbot-dns-nsone \
    certbot-dns-ovh \
    certbot-dns-porkbun \
    certbot-dns-rfc2136 \
    certbot-dns-route53 \
    certbot-dns-sakuracloud \
@ -159,8 +157,6 @@ RUN \
  mkdir -p /defaults/fail2ban && \
  mv /etc/fail2ban/action.d /defaults/fail2ban/ && \
  mv /etc/fail2ban/filter.d /defaults/fail2ban/ && \
  echo "**** define allowipv6 to silence warning ****" && \
  sed -i 's/#allowipv6 = auto/allowipv6 = auto/g' /etc/fail2ban/fail2ban.conf && \
  echo "**** copy proxy confs to /defaults ****" && \
  mkdir -p \
    /defaults/nginx/proxy-confs && \
--- a/Dockerfile.armhf
+++ b/Dockerfile.armhf
@ -113,7 +113,6 @@ RUN \
    certbot-dns-gehirn \
    certbot-dns-godaddy \
    certbot-dns-google \
    certbot-dns-google-domains \
    certbot-dns-he \
    certbot-dns-hetzner \
    certbot-dns-infomaniak \
@ -126,7 +125,6 @@ RUN \
    certbot-dns-njalla \
    certbot-dns-nsone \
    certbot-dns-ovh \
    certbot-dns-porkbun \
    certbot-dns-rfc2136 \
    certbot-dns-route53 \
    certbot-dns-sakuracloud \
@ -159,8 +157,6 @@ RUN \
  mkdir -p /defaults/fail2ban && \
  mv /etc/fail2ban/action.d /defaults/fail2ban/ && \
  mv /etc/fail2ban/filter.d /defaults/fail2ban/ && \
  echo "**** define allowipv6 to silence warning ****" && \
  sed -i 's/#allowipv6 = auto/allowipv6 = auto/g' /etc/fail2ban/fail2ban.conf && \
  echo "**** copy proxy confs to /defaults ****" && \
  mkdir -p \
    /defaults/nginx/proxy-confs && \
--- a/91
+++ b/91
@ -57,7 +57,7 @@ pipeline {
          env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/commit/' + env.GIT_COMMIT
          env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DOCKERHUB_IMAGE + '/tags/'
          env.PULL_REQUEST = env.CHANGE_ID
-          env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE .editorconfig ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.yml ./.github/ISSUE_TEMPLATE/issue.feature.yml ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/call_issue_pr_tracker.yml ./.github/workflows/call_issues_cron.yml ./.github/workflows/permissions.yml ./.github/workflows/external_trigger.yml ./.github/workflows/package_trigger.yml ./root/donate.txt'
+          env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE .editorconfig ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.yml ./.github/ISSUE_TEMPLATE/issue.feature.yml ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/stale.yml ./.github/workflows/external_trigger.yml ./.github/workflows/package_trigger.yml ./root/donate.txt'
        }
        script{
          env.LS_RELEASE_NUMBER = sh(
@ -230,14 +230,17 @@ pipeline {
          }
          sh '''curl -sL https://raw.githubusercontent.com/linuxserver/docker-shellcheck/master/checkrun.sh | /bin/bash'''
          sh '''#! /bin/bash
                set -e
                docker pull ghcr.io/linuxserver/lsiodev-spaces-file-upload:latest
                docker run --rm \
-                  -v ${WORKSPACE}:/mnt \
+                -e DESTINATION=\"${IMAGE}/${META_TAG}/shellcheck-result.xml\" \
-                  -e AWS_ACCESS_KEY_ID=\"${S3_KEY}\" \
+                -e FILE_NAME="shellcheck-result.xml" \
-                  -e AWS_SECRET_ACCESS_KEY=\"${S3_SECRET}\" \
+                -e MIMETYPE="text/xml" \
-                  ghcr.io/linuxserver/baseimage-alpine:3.17 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
+                -v ${WORKSPACE}:/mnt \
-                    apk add --no-cache py3-pip && \
+                -e SECRET_KEY=\"${S3_SECRET}\" \
-                    pip install s3cmd && \
+                -e ACCESS_KEY=\"${S3_KEY}\" \
-                    s3cmd put --no-preserve --acl-public -m text/xml /mnt/shellcheck-result.xml s3://ci-tests.linuxserver.io/${IMAGE}/${META_TAG}/shellcheck-result.xml" || :'''
+                -t ghcr.io/linuxserver/lsiodev-spaces-file-upload:latest \
                python /upload.py'''
        }
      }
    }
@ -274,7 +277,7 @@ pipeline {
                echo "Jenkinsfile is up to date."
              fi
              # Stage 2 - Delete old templates
-              OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml"
+              OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md\n.github/ISSUE_TEMPLATE/issue.bug.md\n.github/ISSUE_TEMPLATE/issue.feature.md"
              for i in ${OLD_TEMPLATES}; do
                if [[ -f "${i}" ]]; then
                  TEMPLATES_TO_DELETE="${i} ${TEMPLATES_TO_DELETE}"
@ -291,7 +294,7 @@ pipeline {
                git commit -m 'Bot Updating Templated Files'
                git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all
                echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
-                echo "Deleting old and deprecated templates"
+                echo "Deleting old templates"
                rm -Rf ${TEMPDIR}
                exit 0
              else
@ -439,8 +442,7 @@ pipeline {
      }
      steps {
        echo "Running on node: ${NODE_NAME}"
-        sh "sed -r -i 's|(^FROM .*)|\\1\\n\\nENV LSIO_FIRST_PARTY=true|g' Dockerfile"
+        sh "docker build \
        sh "docker buildx build \
          --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \
          --label \"org.opencontainers.image.authors=linuxserver.io\" \
          --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-swag/packages\" \
@ -453,7 +455,7 @@ pipeline {
          --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \
          --label \"org.opencontainers.image.title=Swag\" \
          --label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
-          --no-cache --pull -t ${IMAGE}:${META_TAG} --platform=linux/amd64 \
+          --no-cache --pull -t ${IMAGE}:${META_TAG} \
          --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
      }
    }
@ -470,8 +472,7 @@ pipeline {
        stage('Build X86') {
          steps {
            echo "Running on node: ${NODE_NAME}"
-            sh "sed -r -i 's|(^FROM .*)|\\1\\n\\nENV LSIO_FIRST_PARTY=true|g' Dockerfile"
+            sh "docker build \
            sh "docker buildx build \
              --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \
              --label \"org.opencontainers.image.authors=linuxserver.io\" \
              --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-swag/packages\" \
@ -484,7 +485,7 @@ pipeline {
              --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \
              --label \"org.opencontainers.image.title=Swag\" \
              --label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
-              --no-cache --pull -t ${IMAGE}:amd64-${META_TAG} --platform=linux/amd64 \
+              --no-cache --pull -t ${IMAGE}:amd64-${META_TAG} \
              --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
          }
        }
@ -498,8 +499,7 @@ pipeline {
            sh '''#! /bin/bash
                  echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
               '''
-            sh "sed -r -i 's|(^FROM .*)|\\1\\n\\nENV LSIO_FIRST_PARTY=true|g' Dockerfile.armhf"
+            sh "docker build \
            sh "docker buildx build \
              --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \
              --label \"org.opencontainers.image.authors=linuxserver.io\" \
              --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-swag/packages\" \
@ -512,7 +512,7 @@ pipeline {
              --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \
              --label \"org.opencontainers.image.title=Swag\" \
              --label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
-              --no-cache --pull -f Dockerfile.armhf -t ${IMAGE}:arm32v7-${META_TAG} --platform=linux/arm/v7 \
+              --no-cache --pull -f Dockerfile.armhf -t ${IMAGE}:arm32v7-${META_TAG} \
              --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
            sh "docker tag ${IMAGE}:arm32v7-${META_TAG} ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}"
            retry(5) {
@ -533,8 +533,7 @@ pipeline {
            sh '''#! /bin/bash
                  echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
               '''
-            sh "sed -r -i 's|(^FROM .*)|\\1\\n\\nENV LSIO_FIRST_PARTY=true|g' Dockerfile.aarch64"
+            sh "docker build \
            sh "docker buildx build \
              --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \
              --label \"org.opencontainers.image.authors=linuxserver.io\" \
              --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-swag/packages\" \
@ -547,7 +546,7 @@ pipeline {
              --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \
              --label \"org.opencontainers.image.title=Swag\" \
              --label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
-              --no-cache --pull -f Dockerfile.aarch64 -t ${IMAGE}:arm64v8-${META_TAG} --platform=linux/arm64 \
+              --no-cache --pull -f Dockerfile.aarch64 -t ${IMAGE}:arm64v8-${META_TAG} \
              --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
            sh "docker tag ${IMAGE}:arm64v8-${META_TAG} ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}"
            retry(5) {
@ -576,12 +575,26 @@ pipeline {
              else
                LOCAL_CONTAINER=${IMAGE}:${META_TAG}
              fi
-              touch ${TEMPDIR}/package_versions.txt
+              if [ "${DIST_IMAGE}" == "alpine" ]; then
-              docker run --rm \
+                docker run --rm --entrypoint '/bin/sh' -v ${TEMPDIR}:/tmp ${LOCAL_CONTAINER} -c '\
-                -v /var/run/docker.sock:/var/run/docker.sock:ro \
+                  apk info -v > /tmp/package_versions.txt && \
-                -v ${TEMPDIR}:/tmp \
+                  sort -o /tmp/package_versions.txt  /tmp/package_versions.txt && \
-                ghcr.io/anchore/syft:latest \
+                  chmod 777 /tmp/package_versions.txt'
-                ${LOCAL_CONTAINER} -o table=/tmp/package_versions.txt
+              elif [ "${DIST_IMAGE}" == "ubuntu" ]; then
                docker run --rm --entrypoint '/bin/sh' -v ${TEMPDIR}:/tmp ${LOCAL_CONTAINER} -c '\
                  apt list -qq --installed | sed "s#/.*now ##g" | cut -d" " -f1 > /tmp/package_versions.txt && \
                  sort -o /tmp/package_versions.txt  /tmp/package_versions.txt && \
                  chmod 777 /tmp/package_versions.txt'
              elif [ "${DIST_IMAGE}" == "fedora" ]; then
                docker run --rm --entrypoint '/bin/sh' -v ${TEMPDIR}:/tmp ${LOCAL_CONTAINER} -c '\
                  rpm -qa > /tmp/package_versions.txt && \
                  sort -o /tmp/package_versions.txt  /tmp/package_versions.txt && \
                  chmod 777 /tmp/package_versions.txt'
              elif [ "${DIST_IMAGE}" == "arch" ]; then
                docker run --rm --entrypoint '/bin/sh' -v ${TEMPDIR}:/tmp ${LOCAL_CONTAINER} -c '\
                  pacman -Q > /tmp/package_versions.txt && \
                  chmod 777 /tmp/package_versions.txt'
              fi
              NEW_PACKAGE_TAG=$(md5sum ${TEMPDIR}/package_versions.txt | cut -c1-8 )
              echo "Package tag sha from current packages in buit container is ${NEW_PACKAGE_TAG} comparing to old ${PACKAGE_TAG} from github"
              if [ "${NEW_PACKAGE_TAG}" != "${PACKAGE_TAG}" ]; then
@ -792,19 +805,19 @@ pipeline {
                  echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
                  if [ "${CI}" == "false" ]; then
                    docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}
                    docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm32v7-${META_TAG}
                    docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
                    docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm32v7-${META_TAG}
                    docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
                  fi
                  for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
                    docker tag ${IMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG}
                    docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-latest
                    docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG}
                    docker tag ${IMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG}
                    docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-latest
                    docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG}
                    docker tag ${IMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
                    docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-latest
                    docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-latest
                    docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-latest
                    docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG}
                    docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG}
                    docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
                    if [ -n "${SEMVER}" ]; then
                      docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${SEMVER}
@ -812,13 +825,13 @@ pipeline {
                      docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
                    fi
                    docker push ${MANIFESTIMAGE}:amd64-${META_TAG}
                    docker push ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG}
                    docker push ${MANIFESTIMAGE}:amd64-latest
                    docker push ${MANIFESTIMAGE}:arm32v7-${META_TAG}
                    docker push ${MANIFESTIMAGE}:arm32v7-latest
                    docker push ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG}
                    docker push ${MANIFESTIMAGE}:arm64v8-${META_TAG}
                    docker push ${MANIFESTIMAGE}:amd64-latest
                    docker push ${MANIFESTIMAGE}:arm32v7-latest
                    docker push ${MANIFESTIMAGE}:arm64v8-latest
                    docker push ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG}
                    docker push ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG}
                    docker push ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
                    if [ -n "${SEMVER}" ]; then
                      docker push ${MANIFESTIMAGE}:amd64-${SEMVER}
@ -964,12 +977,12 @@ pipeline {
          sh 'echo "build aborted"'
        }
        else if (currentBuild.currentResult == "SUCCESS"){
-          sh ''' curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/jenkins-avatar.png","embeds": [{"color": 1681177,\
+          sh ''' curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://wiki.jenkins-ci.org/download/attachments/2916393/headshot.png","embeds": [{"color": 1681177,\
                 "description": "**Build:**  '${BUILD_NUMBER}'\\n**CI Results:**  '${CI_URL}'\\n**ShellCheck Results:**  '${SHELLCHECK_URL}'\\n**Status:**  Success\\n**Job:** '${RUN_DISPLAY_URL}'\\n**Change:** '${CODE_URL}'\\n**External Release:**: '${RELEASE_LINK}'\\n**DockerHub:** '${DOCKERHUB_LINK}'\\n"}],\
                 "username": "Jenkins"}' ${BUILDS_DISCORD} '''
        }
        else {
-          sh ''' curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/jenkins-avatar.png","embeds": [{"color": 16711680,\
+          sh ''' curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://wiki.jenkins-ci.org/download/attachments/2916393/headshot.png","embeds": [{"color": 16711680,\
                 "description": "**Build:**  '${BUILD_NUMBER}'\\n**CI Results:**  '${CI_URL}'\\n**ShellCheck Results:**  '${SHELLCHECK_URL}'\\n**Status:**  failure\\n**Job:** '${RUN_DISPLAY_URL}'\\n**Change:** '${CODE_URL}'\\n**External Release:**: '${RELEASE_LINK}'\\n**DockerHub:** '${DOCKERHUB_LINK}'\\n"}],\
                 "username": "Jenkins"}' ${BUILDS_DISCORD} '''
        }
--- a/README.md
+++ b/README.md
@ -56,7 +56,7 @@ The architectures supported by this image are:
 | :----: | :----: | ---- |
 | x86-64 | ✅ | amd64-\<version tag\> |
 | arm64 | ✅ | arm64v8-\<version tag\> |
-| armhf | ✅ | arm32v7-\<version tag\> |
+| armhf| ✅ | arm32v7-\<version tag\> |
 ## Application Setup
@ -154,7 +154,7 @@ services:
    environment:
      - PUID=1000
      - PGID=1000
-      - TZ=Etc/UTC
+      - TZ=Europe/London
      - URL=yourdomain.url
      - VALIDATION=http
      - SUBDOMAINS=www, #optional
@ -181,7 +181,7 @@ docker run -d \
  --cap-add=NET_ADMIN \
  -e PUID=1000 \
  -e PGID=1000 \
-  -e TZ=Etc/UTC \
+  -e TZ=Europe/London \
  -e URL=yourdomain.url \
  -e VALIDATION=http \
  -e SUBDOMAINS=www, `#optional` \
@ -197,7 +197,6 @@ docker run -d \
  -v /path/to/appdata/config:/config \
  --restart unless-stopped \
  lscr.io/linuxserver/swag:latest
 ```
 ## Parameters
@ -210,12 +209,12 @@ Container images are configured using parameters passed at runtime (such as thos
 | `-p 80` | Http port (required for http validation and http -> https redirect) |
 | `-e PUID=1000` | for UserID - see below for explanation |
 | `-e PGID=1000` | for GroupID - see below for explanation |
-| `-e TZ=Etc/UTC` | specify a timezone to use, see this [list](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List). |
+| `-e TZ=Europe/London` | Specify a timezone to use EG Europe/London. |
 | `-e URL=yourdomain.url` | Top url you have control over (`customdomain.com` if you own it, or `customsubdomain.ddnsprovider.com` if dynamic dns). |
 | `-e VALIDATION=http` | Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set). |
 | `-e SUBDOMAINS=www,` | Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only) |
 | `-e CERTPROVIDER=` | Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt. |
-| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `duckdns`, `dynu`, `gandi`, `gehirn`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. |
+| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `duckdns`, `dynu`, `gandi`, `gehirn`, `godaddy`, `google`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. |
 | `-e PROPAGATION=` | Optionally override (in seconds) the default propagation time for the dns plugins. |
 | `-e EMAIL=` | Optional e-mail address used for cert expiration notifications (Required for ZeroSSL). |
 | `-e ONLY_SUBDOMAINS=false` | If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true` |
@ -336,12 +335,6 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
 ## Versions
 * **25.03.23:** - Fix renewal post hook.
 * **10.03.23:** - Cleanup unused csr and keys folders. See [certbot 2.3.0 release notes](https://github.com/certbot/certbot/releases/tag/v2.3.0).
 * **09.03.23:** - Add Google Domains DNS support, `google-domains`.
 * **02.03.23:** - Set permissions on crontabs during init.
 * **09.02.23:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) proxy.conf, authelia-location.conf and authelia-server.conf - Add Authentik configs, update Authelia configs.
 * **06.02.23:** - Add porkbun support back in.
 * **21.01.23:** - Unpin certbot version (allow certbot 2.x). !!BREAKING CHANGE!! We are temporarily removing the certbot porkbun plugin until a new version is released that is compatible with certbot 2.x.
 * **20.01.23:** - Rebase to alpine 3.17 with php8.1.
 * **16.01.23:** - Remove nchan module because it keeps causing crashes.
--- a/package_versions.txt
+++ b/package_versions.txt
@ -1,340 +1,204 @@
-NAME                            VERSION                TYPE   
+alpine-baselayout-3.4.0-r0
-ConfigArgParse                  1.5.3                  python  
+alpine-baselayout-data-3.4.0-r0
-PyJWT                           2.6.0                  python  
+alpine-keys-2.4-r1
-PyYAML                          6.0                    python  
+alpine-release-3.17.1-r0
-acme                            2.5.0                  python  
+aom-libs-3.5.0-r0
-alpine-baselayout               3.4.0-r0               apk     
+apache2-utils-2.4.55-r0
-alpine-baselayout-data          3.4.0-r0               apk     
+apk-tools-2.12.10-r1
-alpine-keys                     2.4-r1                 apk     
+apr-1.7.1-r0
-alpine-release                  3.17.3-r0              apk     
+apr-util-1.6.1-r14
-aom-libs                        3.5.0-r0               apk     
+argon2-libs-20190702-r2
-apache2-utils                   2.4.56-r0              apk     
+bash-5.2.15-r0
-apk-tools                       2.12.10-r1             apk     
+brotli-libs-1.0.9-r9
-apr                             1.7.2-r0               apk     
+busybox-1.35.0-r29
-apr-util                        1.6.3-r0               apk     
+busybox-binsh-1.35.0-r29
-argon2-libs                     20190702-r2            apk     
+c-client-2007f-r14
-attrs                           22.2.0                 python  
+ca-certificates-20220614-r4
-azure-common                    1.1.28                 python  
+ca-certificates-bundle-20220614-r4
-azure-core                      1.26.4                 python  
+coreutils-9.1-r0
-azure-identity                  1.12.0                 python  
+curl-7.87.0-r1
-azure-mgmt-core                 1.4.0                  python  
+fail2ban-1.0.2-r0
-azure-mgmt-dns                  8.0.0                  python  
+fontconfig-2.14.1-r0
-bash                            5.2.15-r0              apk     
+freetype-2.12.1-r0
-beautifulsoup4                  4.12.2                 python  
+gdbm-1.23-r0
-boto3                           1.26.109               python  
+git-2.38.3-r1
-botocore                        1.29.109               python  
+git-perl-2.38.3-r1
-brotli-libs                     1.0.9-r9               apk     
+gmp-6.2.1-r2
-bs4                             0.0.1                  python  
+gnupg-2.2.40-r0
-busybox                         1.35.0                 binary  
+gnupg-dirmngr-2.2.40-r0
-busybox                         1.35.0-r29             apk     
+gnupg-gpgconf-2.2.40-r0
-busybox-binsh                   1.35.0-r29             apk     
+gnupg-utils-2.2.40-r0
-c-client                        2007f-r14              apk     
+gnupg-wks-client-2.2.40-r0
-ca-certificates                 20220614-r4            apk     
+gnutls-3.7.8-r2
-ca-certificates-bundle          20220614-r4            apk     
+gpg-2.2.40-r0
-cachetools                      5.3.0                  python  
+gpg-agent-2.2.40-r0
-certbot                         2.5.0                  python  
+gpg-wks-server-2.2.40-r0
-certbot-dns-acmedns             0.1.0                  python  
+gpgsm-2.2.40-r0
-certbot-dns-aliyun              2.0.0                  python  
+gpgv-2.2.40-r0
-certbot-dns-azure               2.1.0                  python  
+icu-data-en-72.1-r1
-certbot-dns-cloudflare          2.5.0                  python  
+icu-libs-72.1-r1
-certbot-dns-cpanel              0.4.0                  python  
+ip6tables-1.8.8-r2
-certbot-dns-desec               1.2.1                  python  
+iptables-1.8.8-r2
-certbot-dns-digitalocean        2.5.0                  python  
+jq-1.6-r2
-certbot-dns-directadmin         1.0.3                  python  
+libacl-2.3.1-r1
-certbot-dns-dnsimple            2.5.0                  python  
+libassuan-2.5.5-r1
-certbot-dns-dnsmadeeasy         2.5.0                  python  
+libattr-2.5.1-r2
-certbot-dns-dnspod              0.1.0                  python  
+libavif-0.11.1-r0
-certbot-dns-do                  0.31.0                 python  
+libbsd-0.11.7-r0
-certbot-dns-domeneshop          0.2.9                  python  
+libbz2-1.0.8-r4
-certbot-dns-duckdns             1.3                    python  
+libc-utils-0.7.2-r3
-certbot-dns-dynu                0.0.4                  python  
+libcrypto3-3.0.8-r0
-certbot-dns-gehirn              2.5.0                  python  
+libcurl-7.87.0-r1
-certbot-dns-godaddy             0.2.2                  python  
+libdav1d-1.0.0-r2
-certbot-dns-google              2.5.0                  python  
+libedit-20221030.3.1-r0
-certbot-dns-google-domains      0.1.9                  python  
+libevent-2.1.12-r5
-certbot-dns-he                  1.0.0                  python  
+libexpat-2.5.0-r0
-certbot-dns-hetzner             2.0.0                  python  
+libffi-3.4.4-r0
-certbot-dns-infomaniak          0.2.1                  python  
+libgcc-12.2.1_git20220924-r4
-certbot-dns-inwx                2.2.0                  python  
+libgcrypt-1.10.1-r0
-certbot-dns-ionos               2022.11.24             python  
+libgd-2.3.3-r3
-certbot-dns-linode              2.5.0                  python  
+libgpg-error-1.46-r1
-certbot-dns-loopia              1.0.1                  python  
+libice-1.0.10-r1
-certbot-dns-luadns              2.5.0                  python  
+libidn-1.41-r0
-certbot-dns-netcup              1.2.0                  python  
+libintl-0.21.1-r1
-certbot-dns-njalla              1.0.0                  python  
+libjpeg-turbo-2.1.4-r0
-certbot-dns-nsone               2.5.0                  python  
+libksba-1.6.3-r0
-certbot-dns-ovh                 2.5.0                  python  
+libldap-2.6.3-r6
-certbot-dns-porkbun             0.8                    python  
+libmaxminddb-libs-1.7.1-r0
-certbot-dns-rfc2136             2.5.0                  python  
+libmcrypt-2.5.8-r10
-certbot-dns-route53             2.5.0                  python  
+libmd-1.0.4-r0
-certbot-dns-sakuracloud         2.5.0                  python  
+libmemcached-libs-1.0.18-r5
-certbot-dns-standalone          1.1                    python  
+libmnl-1.0.5-r0
-certbot-dns-transip             0.5.2                  python  
+libnftnl-1.2.4-r0
-certbot-dns-vultr               1.0.3                  python  
+libpng-1.6.38-r0
-certbot-plugin-gandi            1.4.3                  python  
+libpq-15.1-r0
-certifi                         2022.12.7              python  
+libproc-3.3.17-r2
-cffi                            1.15.1                 python  
+libsasl-2.1.28-r3
-charset-normalizer              3.1.0                  python  
+libseccomp-2.5.4-r0
-cloudflare                      2.11.1                 python  
+libsm-1.2.3-r1
-configobj                       5.0.8                  python  
+libsodium-1.0.18-r2
-coreutils                       9.1-r0                 apk     
+libssl3-3.0.8-r0
-cryptography                    40.0.1                 python  
+libstdc++-12.2.1_git20220924-r4
-curl                            7.88.1-r1              apk     
+libtasn1-4.19.0-r0
-dataclasses-json                0.5.7                  python  
+libunistring-1.1-r0
-distro                          1.8.0                  python  
+libuuid-2.38.1-r1
-dns-lexicon                     3.11.7                 python  
+libwebp-1.2.4-r1
-dnslib                          0.9.23                 python  
+libx11-1.8.4-r0
-dnspython                       2.3.0                  python  
+libxau-1.0.10-r0
-domeneshop                      0.4.3                  python  
+libxcb-1.15-r0
-fail2ban                        1.0.2                  python  
+libxdmcp-1.1.4-r0
-fail2ban                        1.0.2-r0               apk     
+libxext-1.3.5-r0
-filelock                        3.11.0                 python  
+libxml2-2.10.3-r1
-fontconfig                      2.14.1-r0              apk     
+libxpm-3.5.15-r0
-freetype                        2.12.1-r0              apk     
+libxslt-1.1.37-r0
-future                          0.18.3                 python  
+libxt-1.2.1-r0
-gdbm                            1.23-r0                apk     
+libzip-1.9.2-r2
-git                             2.38.4-r1              apk     
+linux-pam-1.5.2-r1
-git-perl                        2.38.4-r1              apk     
+logrotate-3.20.1-r3
-gmp                             6.2.1-r2               apk     
+lz4-libs-1.9.4-r1
-gnupg                           2.2.40-r0              apk     
+memcached-1.6.17-r0
-gnupg-dirmngr                   2.2.40-r0              apk     
+mpdecimal-2.5.1-r1
-gnupg-gpgconf                   2.2.40-r0              apk     
+musl-1.2.3-r4
-gnupg-utils                     2.2.40-r0              apk     
+musl-utils-1.2.3-r4
-gnupg-wks-client                2.2.40-r0              apk     
+nano-7.0-r0
-gnutls                          3.7.8-r3               apk     
+ncurses-libs-6.3_p20221119-r0
-google-api-core                 2.11.0                 python  
+ncurses-terminfo-base-6.3_p20221119-r0
-google-api-python-client        2.84.0                 python  
+nettle-3.8.1-r0
-google-auth                     2.17.2                 python  
+nghttp2-libs-1.51.0-r0
-google-auth-httplib2            0.1.0                  python  
+nginx-1.22.1-r0
-googleapis-common-protos        1.59.0                 python  
+nginx-mod-devel-kit-1.22.1-r0
-gpg                             2.2.40-r0              apk     
+nginx-mod-http-brotli-1.22.1-r0
-gpg-agent                       2.2.40-r0              apk     
+nginx-mod-http-dav-ext-1.22.1-r0
-gpg-wks-server                  2.2.40-r0              apk     
+nginx-mod-http-echo-1.22.1-r0
-gpgsm                           2.2.40-r0              apk     
+nginx-mod-http-fancyindex-1.22.1-r0
-gpgv                            2.2.40-r0              apk     
+nginx-mod-http-geoip2-1.22.1-r0
-httplib2                        0.22.0                 python  
+nginx-mod-http-headers-more-1.22.1-r0
-icu-data-en                     72.1-r1                apk     
+nginx-mod-http-image-filter-1.22.1-r0
-icu-libs                        72.1-r1                apk     
+nginx-mod-http-perl-1.22.1-r0
-idna                            3.4                    python  
+nginx-mod-http-redis2-1.22.1-r0
-importlib-metadata              6.2.0                  python  
+nginx-mod-http-set-misc-1.22.1-r0
-ip6tables                       1.8.8-r2               apk     
+nginx-mod-http-upload-progress-1.22.1-r0
-iptables                        1.8.8-r2               apk     
+nginx-mod-http-xslt-filter-1.22.1-r0
-isodate                         0.6.1                  python  
+nginx-mod-mail-1.22.1-r0
-jmespath                        1.0.1                  python  
+nginx-mod-rtmp-1.22.1-r0
-josepy                          1.13.0                 python  
+nginx-mod-stream-1.22.1-r0
-jq                              1.6-r2                 apk     
+nginx-mod-stream-geoip2-1.22.1-r0
-jsonlines                       3.1.0                  python  
+nginx-vim-1.22.1-r0
-jsonpickle                      3.0.1                  python  
+npth-1.6-r2
-libacl                          2.3.1-r1               apk     
+oniguruma-6.9.8-r0
-libassuan                       2.5.5-r1               apk     
+openssl-3.0.7-r2
-libattr                         2.5.1-r2               apk     
+p11-kit-0.24.1-r1
-libavif                         0.11.1-r0              apk     
+pcre-8.45-r2
-libbsd                          0.11.7-r0              apk     
+pcre2-10.42-r0
-libbz2                          1.0.8-r4               apk     
+perl-5.36.0-r0
-libc-utils                      0.7.2-r3               apk     
+perl-error-0.17029-r1
-libcrypto3                      3.0.8-r3               apk     
+perl-git-2.38.3-r1
-libcurl                         7.88.1-r1              apk     
+php81-8.1.15-r0
-libdav1d                        1.0.0-r2               apk     
+php81-bcmath-8.1.15-r0
-libedit                         20221030.3.1-r0        apk     
+php81-bz2-8.1.15-r0
-libevent                        2.1.12-r5              apk     
+php81-common-8.1.15-r0
-libexpat                        2.5.0-r0               apk     
+php81-ctype-8.1.15-r0
-libffi                          3.4.4-r0               apk     
+php81-curl-8.1.15-r0
-libgcc                          12.2.1_git20220924-r4  apk     
+php81-dom-8.1.15-r0
-libgcrypt                       1.10.1-r0              apk     
+php81-exif-8.1.15-r0
-libgd                           2.3.3-r3               apk     
+php81-fileinfo-8.1.14-r0
-libgpg-error                    1.46-r1                apk     
+php81-fpm-8.1.14-r0
-libice                          1.0.10-r1              apk     
+php81-ftp-8.1.15-r0
-libidn                          1.41-r0                apk     
+php81-gd-8.1.15-r0
-libintl                         0.21.1-r1              apk     
+php81-gmp-8.1.15-r0
-libjpeg-turbo                   2.1.4-r0               apk     
+php81-iconv-8.1.15-r0
-libksba                         1.6.3-r0               apk     
+php81-imap-8.1.15-r0
-libldap                         2.6.3-r6               apk     
+php81-intl-8.1.15-r0
-libmaxminddb-libs               1.7.1-r0               apk     
+php81-ldap-8.1.15-r0
-libmcrypt                       2.5.8-r10              apk     
+php81-mbstring-8.1.15-r0
-libmd                           1.0.4-r0               apk     
+php81-mysqli-8.1.15-r0
-libmemcached-libs               1.0.18-r5              apk     
+php81-mysqlnd-8.1.15-r0
-libmnl                          1.0.5-r0               apk     
+php81-opcache-8.1.15-r0
-libnftnl                        1.2.4-r0               apk     
+php81-openssl-8.1.15-r0
-libpng                          1.6.38-r0              apk     
+php81-pdo-8.1.15-r0
-libpq                           15.2-r0                apk     
+php81-pdo_mysql-8.1.15-r0
-libproc                         3.3.17-r2              apk     
+php81-pdo_odbc-8.1.15-r0
-libsasl                         2.1.28-r3              apk     
+php81-pdo_pgsql-8.1.15-r0
-libseccomp                      2.5.4-r0               apk     
+php81-pdo_sqlite-8.1.15-r0
-libsm                           1.2.3-r1               apk     
+php81-pear-8.1.15-r0
-libsodium                       1.0.18-r2              apk     
+php81-pecl-apcu-5.1.22-r0
-libssl3                         3.0.8-r3               apk     
+php81-pecl-igbinary-3.2.12-r0
-libstdc++                       12.2.1_git20220924-r4  apk     
+php81-pecl-mailparse-3.1.4-r0
-libtasn1                        4.19.0-r0              apk     
+php81-pecl-mcrypt-1.0.4-r0
-libunistring                    1.1-r0                 apk     
+php81-pecl-memcached-3.2.0-r0
-libuuid                         2.38.1-r1              apk     
+php81-pecl-redis-5.3.7-r0
-libwebp                         1.2.4-r1               apk     
+php81-pecl-xmlrpc-1.0.0_rc3-r0
-libx11                          1.8.4-r0               apk     
+php81-pgsql-8.1.15-r0
-libxau                          1.0.10-r0              apk     
+php81-phar-8.1.15-r0
-libxcb                          1.15-r0                apk     
+php81-posix-8.1.15-r0
-libxdmcp                        1.1.4-r0               apk     
+php81-session-8.1.15-r0
-libxext                         1.3.5-r0               apk     
+php81-simplexml-8.1.14-r0
-libxml2                         2.10.3-r1              apk     
+php81-soap-8.1.15-r0
-libxpm                          3.5.15-r0              apk     
+php81-sockets-8.1.15-r0
-libxslt                         1.1.37-r1              apk     
+php81-sodium-8.1.15-r0
-libxt                           1.2.1-r0               apk     
+php81-sqlite3-8.1.15-r0
-libzip                          1.9.2-r2               apk     
+php81-tokenizer-8.1.15-r0
-linux-pam                       1.5.2-r1               apk     
+php81-xml-8.1.15-r0
-logrotate                       3.20.1-r3              apk     
+php81-xmlreader-8.1.15-r0
-loopialib                       0.2.0                  python  
+php81-xmlwriter-8.1.14-r0
-lxml                            4.9.2                  python  
+php81-xsl-8.1.15-r0
-lz4-libs                        1.9.4-r1               apk     
+php81-zip-8.1.15-r0
-marshmallow                     3.19.0                 python  
+pinentry-1.2.1-r0
-marshmallow-enum                1.5.1                  python  
+popt-1.19-r0
-memcached                       1.6.17                 binary  
+procps-3.3.17-r2
-memcached                       1.6.17-r0              apk     
+python3-3.10.10-r0
-mock                            5.0.1                  python  
+readline-8.2.0-r0
-mpdecimal                       2.5.1-r1               apk     
+scanelf-1.3.5-r1
-msal                            1.21.0                 python  
+shadow-4.13-r0
-msal-extensions                 1.0.0                  python  
+skalibs-2.12.0.1-r0
-msrest                          0.7.1                  python  
+sqlite-libs-3.40.1-r0
-musl                            1.2.3-r4               apk     
+ssl_client-1.35.0-r29
-musl-utils                      1.2.3-r4               apk     
+tiff-4.4.0-r1
-mypy-extensions                 1.0.0                  python  
+tzdata-2022f-r1
-nano                            7.0-r0                 apk     
+unixodbc-2.3.11-r0
-ncurses-libs                    6.3_p20221119-r0       apk     
+utmps-libs-0.1.2.0-r1
-ncurses-terminfo-base           6.3_p20221119-r0       apk     
+whois-5.5.14-r0
-netcat-openbsd                  1.130-r4               apk     
+xz-5.2.9-r0
-nettle                          3.8.1-r0               apk     
+xz-libs-5.2.9-r0
-nghttp2-libs                    1.51.0-r0              apk     
+zlib-1.2.13-r0
-nginx                           1.22.1-r0              apk     
+zstd-libs-1.5.2-r9
 nginx-mod-devel-kit             1.22.1-r0              apk     
 nginx-mod-http-brotli           1.22.1-r0              apk     
 nginx-mod-http-dav-ext          1.22.1-r0              apk     
 nginx-mod-http-echo             1.22.1-r0              apk     
 nginx-mod-http-fancyindex       1.22.1-r0              apk     
 nginx-mod-http-geoip2           1.22.1-r0              apk     
 nginx-mod-http-headers-more     1.22.1-r0              apk     
 nginx-mod-http-image-filter     1.22.1-r0              apk     
 nginx-mod-http-perl             1.22.1-r0              apk     
 nginx-mod-http-redis2           1.22.1-r0              apk     
 nginx-mod-http-set-misc         1.22.1-r0              apk     
 nginx-mod-http-upload-progress  1.22.1-r0              apk     
 nginx-mod-http-xslt-filter      1.22.1-r0              apk     
 nginx-mod-mail                  1.22.1-r0              apk     
 nginx-mod-rtmp                  1.22.1-r0              apk     
 nginx-mod-stream                1.22.1-r0              apk     
 nginx-mod-stream-geoip2         1.22.1-r0              apk     
 nginx-vim                       1.22.1-r0              apk     
 npth                            1.6-r2                 apk     
 oauth2client                    4.1.3                  python  
 oauthlib                        3.2.2                  python  
 oniguruma                       6.9.8-r0               apk     
 openssl                         3.0.8-r3               apk     
 p11-kit                         0.24.1-r1              apk     
 packaging                       23.0                   python  
 parsedatetime                   2.6                    python  
 pcre                            8.45-r2                apk     
 pcre2                           10.42-r0               apk     
 perl                            5.36.0-r0              apk     
 perl-error                      0.17029-r1             apk     
 perl-git                        2.38.4-r1              apk     
 php-cli                         8.1.17                 binary  
 php-fpm                         8.1.17                 binary  
 php81                           8.1.17-r0              apk     
 php81-bcmath                    8.1.17-r0              apk     
 php81-bz2                       8.1.17-r0              apk     
 php81-common                    8.1.17-r0              apk     
 php81-ctype                     8.1.17-r0              apk     
 php81-curl                      8.1.17-r0              apk     
 php81-dom                       8.1.17-r0              apk     
 php81-exif                      8.1.17-r0              apk     
 php81-fileinfo                  8.1.17-r0              apk     
 php81-fpm                       8.1.17-r0              apk     
 php81-ftp                       8.1.17-r0              apk     
 php81-gd                        8.1.17-r0              apk     
 php81-gmp                       8.1.17-r0              apk     
 php81-iconv                     8.1.17-r0              apk     
 php81-imap                      8.1.17-r0              apk     
 php81-intl                      8.1.17-r0              apk     
 php81-ldap                      8.1.17-r0              apk     
 php81-mbstring                  8.1.17-r0              apk     
 php81-mysqli                    8.1.17-r0              apk     
 php81-mysqlnd                   8.1.17-r0              apk     
 php81-opcache                   8.1.17-r0              apk     
 php81-openssl                   8.1.17-r0              apk     
 php81-pdo                       8.1.17-r0              apk     
 php81-pdo_mysql                 8.1.17-r0              apk     
 php81-pdo_odbc                  8.1.17-r0              apk     
 php81-pdo_pgsql                 8.1.17-r0              apk     
 php81-pdo_sqlite                8.1.17-r0              apk     
 php81-pear                      8.1.17-r0              apk     
 php81-pecl-apcu                 5.1.22-r0              apk     
 php81-pecl-igbinary             3.2.12-r0              apk     
 php81-pecl-mailparse            3.1.4-r0               apk     
 php81-pecl-mcrypt               1.0.6-r0               apk     
 php81-pecl-memcached            3.2.0-r0               apk     
 php81-pecl-redis                5.3.7-r0               apk     
 php81-pecl-xmlrpc               1.0.0_rc3-r0           apk     
 php81-pgsql                     8.1.17-r0              apk     
 php81-phar                      8.1.17-r0              apk     
 php81-posix                     8.1.17-r0              apk     
 php81-session                   8.1.17-r0              apk     
 php81-simplexml                 8.1.17-r0              apk     
 php81-soap                      8.1.17-r0              apk     
 php81-sockets                   8.1.17-r0              apk     
 php81-sodium                    8.1.17-r0              apk     
 php81-sqlite3                   8.1.17-r0              apk     
 php81-tokenizer                 8.1.17-r0              apk     
 php81-xml                       8.1.17-r0              apk     
 php81-xmlreader                 8.1.17-r0              apk     
 php81-xmlwriter                 8.1.17-r0              apk     
 php81-xsl                       8.1.17-r0              apk     
 php81-zip                       8.1.17-r0              apk     
 pinentry                        1.2.1-r0               apk     
 pip                             23.0.1                 python  
 pkb-client                      1.2                    python  
 popt                            1.19-r0                apk     
 portalocker                     2.7.0                  python  
 procps                          3.3.17-r2              apk     
 protobuf                        4.22.1                 python  
 publicsuffixlist                0.9.3                  python  
 pyOpenSSL                       23.1.1                 python  
 pyRFC3339                       1.1                    python  
 pyacmedns                       0.4                    python  
 pyasn1                          0.4.8                  python  
 pyasn1-modules                  0.2.8                  python  
 pycparser                       2.21                   python  
 pyparsing                       3.0.9                  python  
 python                          3.10.11                binary  
 python-dateutil                 2.8.2                  python  
 python-digitalocean             1.17.0                 python  
 python-transip                  0.6.0                  python  
 python3                         3.10.11-r0             apk     
 pytz                            2023.3                 python  
 readline                        8.2.0-r0               apk     
 requests                        2.28.2                 python  
 requests-file                   1.5.1                  python  
 requests-mock                   1.10.0                 python  
 requests-oauthlib               1.3.1                  python  
 rsa                             4.9                    python  
 s3transfer                      0.6.0                  python  
 scanelf                         1.3.5-r1               apk     
 setuptools                      65.5.0                 python  
 shadow                          4.13-r0                apk     
 six                             1.16.0                 python  
 skalibs                         2.12.0.1-r0            apk     
 soupsieve                       2.4                    python  
 sqlite-libs                     3.40.1-r0              apk     
 ssl_client                      1.35.0-r29             apk     
 tiff                            4.4.0-r3               apk     
 tldextract                      3.4.0                  python  
 typing-inspect                  0.8.0                  python  
 typing_extensions               4.5.0                  python  
 tzdata                          2023c-r0               apk     
 unixodbc                        2.3.11-r0              apk     
 uritemplate                     4.1.1                  python  
 urllib3                         1.26.15                python  
 utmps-libs                      0.1.2.0-r1             apk     
 wheel                           0.40.0                 python  
 whois                           5.5.14-r0              apk     
 xz                              5.2.9-r0               apk     
 xz-libs                         5.2.9-r0               apk     
 zipp                            3.15.0                 python  
 zlib                            1.2.13-r0              apk     
 zope.interface                  6.0                    python  
 zstd-libs                       1.5.5-r0               apk     
--- a/readme-vars.yml
+++ b/readme-vars.yml
@ -51,7 +51,7 @@ opt_param_usage_include_env: true
 opt_param_env_vars:
  - { env_var: "SUBDOMAINS", env_value: "www,", desc: "Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only)" }
  - { env_var: "CERTPROVIDER", env_value: "", desc: "Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt." }
-  - { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `duckdns`, `dynu`, `gandi`, `gehirn`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." }
+  - { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `duckdns`, `dynu`, `gandi`, `gehirn`, `godaddy`, `google`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." }
  - { env_var: "PROPAGATION", env_value: "", desc: "Optionally override (in seconds) the default propagation time for the dns plugins." }
  - { env_var: "EMAIL", env_value: "", desc: "Optional e-mail address used for cert expiration notifications (Required for ZeroSSL)." }
  - { env_var: "ONLY_SUBDOMAINS", env_value: "false", desc: "If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true`" }
@ -154,12 +154,6 @@ app_setup_block: |
 # changelog
 changelogs:
  - { date: "25.03.23:", desc: "Fix renewal post hook." }
  - { date: "10.03.23:", desc: "Cleanup unused csr and keys folders. See [certbot 2.3.0 release notes](https://github.com/certbot/certbot/releases/tag/v2.3.0)." }
  - { date: "09.03.23:", desc: "Add Google Domains DNS support, `google-domains`." }
  - { date: "02.03.23:", desc: "Set permissions on crontabs during init." }
  - { date: "09.02.23:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) proxy.conf, authelia-location.conf and authelia-server.conf - Add Authentik configs, update Authelia configs." }
  - { date: "06.02.23:", desc: "Add porkbun support back in." }
  - { date: "21.01.23:", desc: "Unpin certbot version (allow certbot 2.x). !!BREAKING CHANGE!! We are temporarily removing the certbot porkbun plugin until a new version is released that is compatible with certbot 2.x." }
  - { date: "20.01.23:", desc: "Rebase to alpine 3.17 with php8.1." }
  - { date: "16.01.23:", desc: "Remove nchan module because it keeps causing crashes." }
--- a/root/defaults/dns-conf/google-domains.ini
+++ b/root/defaults/dns-conf/google-domains.ini
@ -1,4 +0,0 @@
 # Instructions: https://github.com/aaomidi/certbot-dns-google-domains#credentials
 # Replace with your value
 dns_google_domains_access_token = abcdef
 dns_google_domains_zone = example.com
--- a/root/defaults/dns-conf/netcup.ini
+++ b/root/defaults/dns-conf/netcup.ini
@ -1,5 +1,3 @@
 # Recommended PROPAGATION value in environment for netcup is 900
 dns_netcup_customer_id  = 123456
 dns_netcup_api_key      = 0123456789abcdef0123456789abcdef01234567
 dns_netcup_api_password = abcdef0123456789abcdef01234567abcdef0123
--- a/root/defaults/dns-conf/route53.ini
+++ b/root/defaults/dns-conf/route53.ini
@ -1,5 +1,5 @@
 # Instructions: https://github.com/certbot/certbot/blob/master/certbot-dns-route53/certbot_dns_route53/__init__.py#L18
 # Replace with your values
 [default]
-; aws_access_key_id=AKIAIOSFODNN7EXAMPLE
+aws_access_key_id=AKIAIOSFODNN7EXAMPLE
-; aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
+aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
--- a/root/defaults/etc/letsencrypt/renewal-hooks/post/10-nginx
+++ b/root/defaults/etc/letsencrypt/renewal-hooks/post/10-nginx
@ -5,7 +5,7 @@
 . /config/.donoteditthisfile.conf
 if [[ ! "${ORIGVALIDATION}" = "dns" ]] && [[ ! "${ORIGVALIDATION}" = "duckdns" ]]; then
-    if pgrep -f "s6-supervise svc-nginx" >/dev/null; then
+    if pgrep -f "s6-supervise nginx" >/dev/null; then
        s6-svc -u /run/service/svc-nginx
    fi
 else
--- a/root/defaults/nginx/authelia-location.conf.sample
+++ b/root/defaults/nginx/authelia-location.conf.sample
@ -1,29 +1,15 @@
-## Version 2023/02/09 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-location.conf.sample
+## Version 2022/08/20 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-location.conf.sample
 # Make sure that your authelia container is in the same user defined bridge network and is named authelia
 # Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
 # Make sure that the authelia configuration.yml has 'path: "authelia"' defined
 ## Send a subrequest to Authelia to verify if the user is authenticated and has permission to access the resource.
 auth_request /authelia/api/verify;
-## If the subreqest returns 200 pass to the backend, if the subrequest returns 401 redirect to the portal.
+auth_request_set $target_url $scheme://$http_host$request_uri;
 error_page 401 = @authelia_proxy_signin;
 ## Translate response headers from Authelia into variables
 auth_request_set $user $upstream_http_remote_user;
 auth_request_set $groups $upstream_http_remote_groups;
 auth_request_set $name $upstream_http_remote_name;
 auth_request_set $email $upstream_http_remote_email;
 auth_request_set $authorization $upstream_http_authorization;
 auth_request_set $proxy_authorization $upstream_http_proxy_authorization;
 ## Inject the response header variables into the request made to the actual upstream
 proxy_set_header Remote-User $user;
 proxy_set_header Remote-Groups $groups;
 proxy_set_header Remote-Name $name;
 proxy_set_header Remote-Email $email;
-proxy_set_header Authorization $authorization;
+error_page 401 =302 https://$http_host/authelia/?rd=$target_url;
 proxy_set_header Proxy-Authorization $proxy_authorization;
 ## Include the Set-Cookie header if present.
 auth_request_set $set_cookie $upstream_http_set_cookie;
 add_header Set-Cookie $set_cookie;
--- a/root/defaults/nginx/authelia-server.conf.sample
+++ b/root/defaults/nginx/authelia-server.conf.sample
@ -1,55 +1,50 @@
-## Version 2023/02/09 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample
+## Version 2022/09/22 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample
 # Make sure that your authelia container is in the same user defined bridge network and is named authelia
 # Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
 # Make sure that the authelia configuration.yml has 'path: "authelia"' defined
 # location for authelia subfolder requests
 location ^~ /authelia {
    auth_request off; # requests to this subfolder must be accessible without authentication
    include /config/nginx/proxy.conf;
    include /config/nginx/resolver.conf;
    set $upstream_authelia authelia;
    proxy_pass http://$upstream_authelia:9091;
 }
 # location for authelia auth requests
 location = /authelia/api/verify {
    internal;
    include /config/nginx/proxy.conf;
    include /config/nginx/resolver.conf;
    set $upstream_authelia authelia;
    proxy_pass http://$upstream_authelia:9091/authelia/api/verify;
    ## Include the Set-Cookie header if present.
    auth_request_set $set_cookie $upstream_http_set_cookie;
    add_header Set-Cookie $set_cookie;
    proxy_pass_request_body off;
    proxy_pass http://$upstream_authelia:9091;
    proxy_set_header Content-Length "";
-}
+
-
+    # Timeout if the real server is dead
-# Virtual location for authelia 401 redirects
+    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
-location @authelia_proxy_signin {
+
-    internal;
+    # [REQUIRED] Needed by Authelia to check authorizations of the resource.
-
+    # Provide either X-Original-URL and X-Forwarded-Proto or
-    ## Set the $target_url variable based on the original request.
+    # X-Forwarded-Proto, X-Forwarded-Host and X-Forwarded-Uri or both.
-    set_escape_uri $target_url $scheme://$http_host$request_uri;
+    # Those headers will be used by Authelia to deduce the target url of the user.
-
+    # Basic Proxy Config
-    ## Include the Set-Cookie header if present.
+    client_body_buffer_size 128k;
-    auth_request_set $set_cookie $upstream_http_set_cookie;
+    proxy_set_header Host $host;
-    add_header Set-Cookie $set_cookie;
+    proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
-
+    proxy_set_header X-Real-IP $remote_addr;
-    ## Set $authelia_backend to route requests to the current domain by default
+    proxy_set_header X-Forwarded-For $remote_addr;
-    set $authelia_backend $http_host;
+    proxy_set_header X-Forwarded-Method $request_method;
-    ## In order for Webauthn to work with multiple domains authelia must operate on a separate subdomain
+    proxy_set_header X-Forwarded-Proto $scheme;
-    ## To use authelia on a separate subdomain:
+    proxy_set_header X-Forwarded-Host $http_host;
-    ##  * comment the $authelia_backend line above
+    proxy_set_header X-Forwarded-Uri $request_uri;
-    ##  * rename /config/nginx/proxy-confs/authelia.conf.sample to /config/nginx/proxy-confs/authelia.conf
+    proxy_set_header X-Forwarded-Ssl on;
-    ##  * make sure that your dns has a cname set for authelia
+    proxy_redirect  http://  $scheme://;
-    ##  * uncomment the $authelia_backend line below and change example.com to your domain
+    proxy_http_version 1.1;
-    ##  * restart the swag container
+    proxy_set_header Connection "";
-    #set $authelia_backend authelia.example.com;
+    proxy_cache_bypass $cookie_session;
-
+    proxy_no_cache $cookie_session;
-    return 302 https://$authelia_backend/authelia/?rd=$target_url;
+    proxy_buffers 4 32k;
    # Advanced Proxy Config
    send_timeout 5m;
    proxy_read_timeout 240;
    proxy_send_timeout 240;
    proxy_connect_timeout 240;
 }
--- a/root/defaults/nginx/authentik-location.conf.sample
+++ b/root/defaults/nginx/authentik-location.conf.sample
@ -1,26 +0,0 @@
 ## Version 2023/02/09 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authentik-location.conf.sample
 # Make sure that your authentik container is in the same user defined bridge network and is named authentik-server
 # Rename /config/nginx/proxy-confs/authentik.subdomain.conf.sample to /config/nginx/proxy-confs/authentik.subdomain.conf
 ## Send a subrequest to Authentik to verify if the user is authenticated and has permission to access the resource.
 auth_request /outpost.goauthentik.io/auth/nginx;
 ## If the subreqest returns 200 pass to the backend, if the subrequest returns 401 redirect to the portal.
 error_page 401 = @goauthentik_proxy_signin;
 ## Translate response headers from Authentik into variables
 auth_request_set $authentik_username $upstream_http_x_authentik_username;
 auth_request_set $authentik_groups $upstream_http_x_authentik_groups;
 auth_request_set $authentik_email $upstream_http_x_authentik_email;
 auth_request_set $authentik_name $upstream_http_x_authentik_name;
 auth_request_set $authentik_uid $upstream_http_x_authentik_uid;
 ## Inject the response header variables into the request made to the actual upstream
 proxy_set_header X-authentik-username $authentik_username;
 proxy_set_header X-authentik-groups $authentik_groups;
 proxy_set_header X-authentik-email $authentik_email;
 proxy_set_header X-authentik-name $authentik_name;
 proxy_set_header X-authentik-uid $authentik_uid;
 ## Include the Set-Cookie header if present.
 auth_request_set $set_cookie $upstream_http_set_cookie;
 add_header Set-Cookie $set_cookie;
--- a/root/defaults/nginx/authentik-server.conf.sample
+++ b/root/defaults/nginx/authentik-server.conf.sample
@ -1,45 +0,0 @@
 ## Version 2023/02/09 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authentik-server.conf.sample
 # Make sure that your authentik container is in the same user defined bridge network and is named authentik-server
 # Rename /config/nginx/proxy-confs/authentik.subdomain.conf.sample to /config/nginx/proxy-confs/authentik.subdomain.conf
 # location for authentik subfolder requests
 location ^~ /outpost.goauthentik.io {
    auth_request off; # requests to this subfolder must be accessible without authentication
    include /config/nginx/proxy.conf;
    include /config/nginx/resolver.conf;
    set $upstream_authentik authentik-server;
    proxy_pass http://$upstream_authentik:9000;
 }
 # location for authentik auth requests
 location = /outpost.goauthentik.io/auth/nginx {
    internal;
    include /config/nginx/proxy.conf;
    include /config/nginx/resolver.conf;
    set $upstream_authentik authentik-server;
    proxy_pass http://$upstream_authentik:9000/outpost.goauthentik.io/auth/nginx;
    ## Include the Set-Cookie header if present.
    auth_request_set $set_cookie $upstream_http_set_cookie;
    add_header Set-Cookie $set_cookie;
    proxy_pass_request_body off;
    proxy_set_header Content-Length "";
 }
 # Virtual location for authentik 401 redirects
 location @goauthentik_proxy_signin {
    internal;
    ## Set the $target_url variable based on the original request.
    set_escape_uri $target_url $scheme://$http_host$request_uri;
    ## Include the Set-Cookie header if present.
    auth_request_set $set_cookie $upstream_http_set_cookie;
    add_header Set-Cookie $set_cookie;
    ## Set $authentik_backend to route requests to the current domain by default
    set $authentik_backend $http_host;
    return 302 https://$authentik_backend/outpost.goauthentik.io/start?rd=$target_url;
 }
--- a/root/defaults/nginx/proxy.conf.sample
+++ b/root/defaults/nginx/proxy.conf.sample
@ -1,4 +1,4 @@
-## Version 2023/02/09 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/proxy.conf.sample
+## Version 2022/09/01 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/proxy.conf.sample
 # Timeout if the real server is dead
 proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
@ -25,13 +25,11 @@ proxy_set_header Host $host;
 proxy_set_header Proxy "";
 proxy_set_header Upgrade $http_upgrade;
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-proxy_set_header X-Forwarded-Host $host;
+proxy_set_header X-Forwarded-Host $host:$server_port;
 proxy_set_header X-Forwarded-Method $request_method;
 proxy_set_header X-Forwarded-Port $server_port;
 proxy_set_header X-Forwarded-Proto $scheme;
 proxy_set_header X-Forwarded-Server $host;
 proxy_set_header X-Forwarded-Ssl on;
 proxy_set_header X-Forwarded-Uri $request_uri;
 proxy_set_header X-Original-Method $request_method;
 proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
 proxy_set_header X-Real-IP $remote_addr;
--- a/root/defaults/nginx/site-confs/default.conf.sample
+++ b/root/defaults/nginx/site-confs/default.conf.sample
@ -1,4 +1,4 @@
-## Version 2023/02/09 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/site-confs/default.conf.sample
+## Version 2022/10/03 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/site-confs/default.conf.sample
 # redirect all traffic to https
 server {
@ -29,9 +29,6 @@ server {
    # enable for Authelia (requires authelia-location.conf in the location block)
    #include /config/nginx/authelia-server.conf;
    # enable for Authentik (requires authentik-location.conf in the location block)
    #include /config/nginx/authentik-server.conf;
    location / {
        # enable for basic auth
        #auth_basic "Restricted";
@ -43,9 +40,6 @@ server {
        # enable for Authelia (requires authelia-server.conf in the server block)
        #include /config/nginx/authelia-location.conf;
        # enable for Authentik (requires authentik-server.conf in the server block)
        #include /config/nginx/authentik-location.conf;
        try_files $uri $uri/ /index.html /index.php$is_args$args =404;
    }
--- a/root/etc/s6-overlay/s6-rc.d/init-certbot-config/run
+++ b/root/etc/s6-overlay/s6-rc.d/init-certbot-config/run
@ -24,7 +24,7 @@ for i in "${SANED_VARS[@]}"; do
 done
 # check to make sure DNSPLUGIN is selected if dns validation is used
-if [[ "${VALIDATION}" = "dns" ]] && [[ ! "${DNSPLUGIN}" =~ ^(acmedns|aliyun|azure|cloudflare|cpanel|desec|digitalocean|directadmin|dnsimple|dnsmadeeasy|dnspod|do|domeneshop|duckdns|dynu|gandi|gehirn|godaddy|google|google-domains|he|hetzner|infomaniak|inwx|ionos|linode|loopia|luadns|netcup|njalla|nsone|ovh|porkbun|rfc2136|route53|sakuracloud|standalone|transip|vultr)$ ]]; then
+if [[ "${VALIDATION}" = "dns" ]] && [[ ! "${DNSPLUGIN}" =~ ^(acmedns|aliyun|azure|cloudflare|cpanel|desec|digitalocean|directadmin|dnsimple|dnsmadeeasy|dnspod|do|domeneshop|duckdns|dynu|gandi|gehirn|godaddy|google|he|hetzner|infomaniak|inwx|ionos|linode|loopia|luadns|netcup|njalla|nsone|ovh|rfc2136|route53|sakuracloud|standalone|transip|vultr)$ ]]; then
    echo "Please set the DNSPLUGIN variable to a valid plugin name. See docker info for more details."
    sleep infinity
 fi
@ -41,7 +41,6 @@ lsiown -R abc:abc /config/etc/letsencrypt/renewal-hooks
 # replace nginx service location in renewal hooks
 find /config/etc/letsencrypt/renewal-hooks/ -type f -exec sed -i 's|/run/service/nginx|/run/service/svc-nginx|g' {} \;
 find /config/etc/letsencrypt/renewal-hooks/ -type f -exec sed -i 's|/var/run/s6/services/nginx|/run/service/svc-nginx|g' {} \;
 find /config/etc/letsencrypt/renewal-hooks/ -type f -exec sed -i 's|s6-supervise nginx|s6-supervise svc-nginx|g' {} \;
 # create original config file if it doesn't exist, move non-hidden legacy file to hidden
 if [[ -f "/config/donoteditthisfile.conf" ]]; then
@ -141,10 +140,6 @@ else
    ln -s ../etc/letsencrypt/live/"${URL}" /config/keys/letsencrypt
 fi
 # cleanup unused csr and keys folders
 rm -rf /etc/letsencrypt/csr
 rm -rf /etc/letsencrypt/keys
 # checking for changes in cert variables, revoking certs if necessary
 if [[ ! "${URL}" = "${ORIGURL}" ]] ||
    [[ ! "${SUBDOMAINS}" = "${ORIGSUBDOMAINS}" ]] ||
@ -274,7 +269,7 @@ if [[ "${VALIDATION}" = "dns" ]]; then
        DNSCREDENTIALSPARAM=""
    fi
    # plugins that don't support setting propagation
-    if [[ "${DNSPLUGIN}" =~ ^(azure|gandi|route53|standalone)$ ]]; then
+    if [[ "${DNSPLUGIN}" =~ ^(azure|gandi|standalone)$ ]]; then
        if [[ -n "${PROPAGATION}" ]]; then echo "${DNSPLUGIN} dns plugin does not support setting propagation time"; fi
        PROPAGATIONPARAM=""
    fi
--- a/root/etc/s6-overlay/s6-rc.d/init-crontabs-config/run
+++ b/root/etc/s6-overlay/s6-rc.d/init-crontabs-config/run
@ -1,38 +1,30 @@
 #!/usr/bin/with-contenv bash
 # shellcheck shell=bash
-# make folders
+# if root crontabs do not exist in config
-mkdir -p \
+# copy root crontab from system
-    /config/crontabs
+if [[ ! -f /config/crontabs/root ]] && crontab -l -u root; then
    crontab -l -u root >/config/crontabs/root
 fi
-## root
+# if root crontabs still do not exist in config (were not copied from system)
-# if crontabs do not exist in config
+# copy root crontab from included defaults
 if [[ ! -f /config/crontabs/root ]]; then
-    # copy crontab from system
+    cp /etc/crontabs/root /config/crontabs/
    if crontab -l -u root; then
        crontab -l -u root >/config/crontabs/root
    fi
    # if crontabs still do not exist in config (were not copied from system)
    # copy crontab from included defaults (using -n, do not overwrite an existing file)
    cp -n /etc/crontabs/root /config/crontabs/
 fi
 # set permissions and import user crontabs
 lsiown root:root /config/crontabs/root
 crontab -u root /config/crontabs/root
-## abc
+# if abc crontabs do not exist in config
-# if crontabs do not exist in config
+# copy abc crontab from system
 if [[ ! -f /config/crontabs/abc ]] && crontab -l -u abc; then
    crontab -l -u abc >/config/crontabs/abc
 fi
 # if abc crontabs still do not exist in config (were not copied from system)
 # copy abc crontab from included defaults
 if [[ ! -f /config/crontabs/abc ]]; then
-    # copy crontab from system
+    cp /etc/crontabs/abc /config/crontabs/
    if crontab -l -u abc; then
        crontab -l -u abc >/config/crontabs/abc
    fi
    # if crontabs still do not exist in config (were not copied from system)
    # copy crontab from included defaults (using -n, do not overwrite an existing file)
    cp -n /etc/crontabs/abc /config/crontabs/
 fi
-# set permissions and import user crontabs
+
-lsiown abc:abc /config/crontabs/abc
+# import user crontabs
 crontab -u root /config/crontabs/root
 crontab -u abc /config/crontabs/abc
--- a/root/etc/s6-overlay/s6-rc.d/init-nginx-config/run
+++ b/root/etc/s6-overlay/s6-rc.d/init-nginx-config/run
@ -14,14 +14,6 @@ if [[ ! -f /config/nginx/authelia-server.conf ]]; then
    cp /defaults/nginx/authelia-server.conf.sample /config/nginx/authelia-server.conf
 fi
 # copy authentik config files if they don't exist
 if [[ ! -f /config/nginx/authentik-location.conf ]]; then
    cp /defaults/nginx/authentik-location.conf.sample /config/nginx/authentik-location.conf
 fi
 if [[ ! -f /config/nginx/authentik-server.conf ]]; then
    cp /defaults/nginx/authentik-server.conf.sample /config/nginx/authentik-server.conf
 fi
 # copy old ldap config file to new location
 if [[ -f /config/nginx/ldap.conf ]] && [[ ! -f /config/nginx/ldap-server.conf ]]; then
    cp /config/nginx/ldap.conf /config/nginx/ldap-server.conf