2026-01-16 18:21:27 +08:00
17 changed files with 1090 additions and 1448 deletions
--- a/.github/CONTRIBUTING.md
+++ b/.github/CONTRIBUTING.md
@ -6,7 +6,7 @@
 * Read, and fill the Pull Request template
  * If this is a fix for a typo (in code, documentation, or the README) please file an issue and let us sort it out. We do not need a PR
  * If the PR is addressing an existing issue include, closes #\<issue number>, in the body of the PR commit message
-* If you want to discuss changes, you can also bring it up in [#dev-talk](https://discordapp.com/channels/354974912613449730/757585807061155840) in our [Discord server](https://linuxserver.io/discord)
+* If you want to discuss changes, you can also bring it up in [#dev-talk](https://discordapp.com/channels/354974912613449730/757585807061155840) in our [Discord server](https://discord.gg/YWrKVTn)
 ## Common files
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@ -1,7 +1,7 @@
 blank_issues_enabled: false
 contact_links:
  - name: Discord chat support
-    url: https://linuxserver.io/discord
+    url: https://discord.gg/YWrKVTn
    about: Realtime support / chat with the community and the team.
  - name: Discourse discussion forum
--- a/.github/workflows/call_issue_pr_tracker.yml
+++ b/.github/workflows/call_issue_pr_tracker.yml
@ -8,9 +8,6 @@ on:
  pull_request_review:
    types: [submitted,edited,dismissed]
 permissions:
  contents: read
 jobs:
  manage-project:
    permissions:
--- a/.github/workflows/call_issues_cron.yml
+++ b/.github/workflows/call_issues_cron.yml
@ -4,9 +4,6 @@ on:
    - cron:  '18 13 * * *'
  workflow_dispatch:
 permissions:
  contents: read
 jobs:
  stale:
    permissions:
--- a/.github/workflows/external_trigger.yml
+++ b/.github/workflows/external_trigger.yml
@ -3,9 +3,6 @@ name: External Trigger Main
 on:
  workflow_dispatch:
 permissions:
  contents: read
 jobs:
  external-trigger-master:
    runs-on: ubuntu-latest
@ -18,10 +15,7 @@ jobs:
          SKIP_EXTERNAL_TRIGGER: ${{ vars.SKIP_EXTERNAL_TRIGGER }}
        run: |
          printf "# External trigger for docker-gitqlient\n\n" >> $GITHUB_STEP_SUMMARY
-          if grep -q "^gitqlient_master_" <<< "${SKIP_EXTERNAL_TRIGGER}"; then
+          if grep -q "^gitqlient_master" <<< "${SKIP_EXTERNAL_TRIGGER}"; then
            echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY
            echo "> Github organizational variable \`SKIP_EXTERNAL_TRIGGER\` contains \`gitqlient_master_\`; will skip trigger if version matches." >> $GITHUB_STEP_SUMMARY
          elif grep -q "^gitqlient_master" <<< "${SKIP_EXTERNAL_TRIGGER}"; then
            echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
            echo "> Github organizational variable \`SKIP_EXTERNAL_TRIGGER\` contains \`gitqlient_master\`; skipping trigger." >> $GITHUB_STEP_SUMMARY
            exit 0
@ -29,13 +23,8 @@ jobs:
          echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY
          echo "> External trigger running off of master branch. To disable this trigger, add \`gitqlient_master\` into the Github organizational variable \`SKIP_EXTERNAL_TRIGGER\`." >> $GITHUB_STEP_SUMMARY
          printf "\n## Retrieving external version\n\n" >> $GITHUB_STEP_SUMMARY
-          EXT_RELEASE=$(curl -u "${{ secrets.CR_USER }}:${{ secrets.CR_PAT }}" -sX GET "https://api.github.com/repos/francescmaestre/GitQlient/releases/latest" | jq -r '. | .tag_name')
+          EXT_RELEASE=$(curl -u "${{ secrets.CR_USER }}:${{ secrets.CR_PAT }}" -sX GET "https://api.github.com/repos/francescmm/GitQlient/releases/latest" | jq -r '. | .tag_name')
          echo "Type is \`github_stable\`" >> $GITHUB_STEP_SUMMARY
          if grep -q "^gitqlient_master_${EXT_RELEASE}" <<< "${SKIP_EXTERNAL_TRIGGER}"; then
            echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
            echo "> Github organizational variable \`SKIP_EXTERNAL_TRIGGER\` matches current external release; skipping trigger." >> $GITHUB_STEP_SUMMARY
            exit 0
          fi
          if [ -z "${EXT_RELEASE}" ] || [ "${EXT_RELEASE}" == "null" ]; then
            echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
            echo "> Can't retrieve external version, exiting" >> $GITHUB_STEP_SUMMARY
@ -46,8 +35,8 @@ jobs:
              "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
            exit 1
          fi
-          EXT_RELEASE_SANITIZED=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g')
+          EXT_RELEASE=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g')
-          echo "Sanitized external version: \`${EXT_RELEASE_SANITIZED}\`" >> $GITHUB_STEP_SUMMARY
+          echo "External version: \`${EXT_RELEASE}\`" >> $GITHUB_STEP_SUMMARY
          echo "Retrieving last pushed version" >> $GITHUB_STEP_SUMMARY
          image="linuxserver/gitqlient"
          tag="latest"
@ -103,8 +92,8 @@ jobs:
            exit 1
          fi
          echo "Last pushed version: \`${IMAGE_VERSION}\`" >> $GITHUB_STEP_SUMMARY
-          if [ "${EXT_RELEASE_SANITIZED}" == "${IMAGE_VERSION}" ]; then
+          if [ "${EXT_RELEASE}" == "${IMAGE_VERSION}" ]; then
-            echo "Sanitized version \`${EXT_RELEASE_SANITIZED}\` already pushed, exiting" >> $GITHUB_STEP_SUMMARY
+            echo "Version \`${EXT_RELEASE}\` already pushed, exiting" >> $GITHUB_STEP_SUMMARY
            exit 0
          elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-gitqlient/job/master/lastBuild/api/json | jq -r '.building') == "true" ]; then
            echo "New version \`${EXT_RELEASE}\` found; but there already seems to be an active build on Jenkins; exiting" >> $GITHUB_STEP_SUMMARY
@ -119,7 +108,7 @@ jobs:
                "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
            else
              printf "\n## Trigger new build\n\n" >> $GITHUB_STEP_SUMMARY
-              echo "New sanitized version \`${EXT_RELEASE_SANITIZED}\` found; old version was \`${IMAGE_VERSION}\`. Triggering new build" >> $GITHUB_STEP_SUMMARY
+              echo "New version \`${EXT_RELEASE}\` found; old version was \`${IMAGE_VERSION}\`. Triggering new build" >> $GITHUB_STEP_SUMMARY
              if [[ "${artifacts_found}" == "true" ]]; then
                echo "All artifacts seem to be uploaded." >> $GITHUB_STEP_SUMMARY
              fi
@ -139,7 +128,7 @@ jobs:
                --data-urlencode "description=GHA external trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \
                --data-urlencode "Submit=Submit"
              echo "**** Notifying Discord ****"
-              TRIGGER_REASON="A version change was detected for gitqlient tag latest. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE_SANITIZED}"
+              TRIGGER_REASON="A version change was detected for gitqlient tag latest. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE}"
              curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903,
                "description": "**Build Triggered** \n**Reason:** '"${TRIGGER_REASON}"' \n**Build URL:** '"${buildurl}display/redirect"' \n"}],
                "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
--- a/.github/workflows/external_trigger_scheduler.yml
+++ b/.github/workflows/external_trigger_scheduler.yml
@ -5,9 +5,6 @@ on:
    - cron:  '46 * * * *'
  workflow_dispatch:
 permissions:
  contents: read
 jobs:
  external-trigger-scheduler:
    runs-on: ubuntu-latest
--- a/.github/workflows/greetings.yml
+++ b/.github/workflows/greetings.yml
@ -2,14 +2,8 @@ name: Greetings
 on: [pull_request_target, issues]
 permissions:
  contents: read
 jobs:
  greeting:
    permissions:
      issues: write
      pull-requests: write
    runs-on: ubuntu-latest
    steps:
    - uses: actions/first-interaction@v1
--- a/.github/workflows/package_trigger_scheduler.yml
+++ b/.github/workflows/package_trigger_scheduler.yml
@ -5,9 +5,6 @@ on:
    - cron:  '21 11 * * 1'
  workflow_dispatch:
 permissions:
  contents: read
 jobs:
  package-trigger-scheduler:
    runs-on: ubuntu-latest
--- a/18
+++ b/18
@ -1,6 +1,4 @@
-# syntax=docker/dockerfile:1
+FROM ghcr.io/linuxserver/baseimage-alpine:3.21 AS buildstage
 FROM ghcr.io/linuxserver/baseimage-alpine:3.23 AS buildstage
 ARG GITQLIENT_RELEASE
@ -13,24 +11,23 @@ RUN \
 RUN \
  echo "**** grab source ****" && \
-  git clone https://github.com/francescmaestre/GitQlient.git
+  git clone https://github.com/francescmm/GitQlient.git
 RUN \
  echo "**** build gitqclient ****" && \
  mkdir -p /build-out/usr && \
  if [ -z ${GITQLIENT_RELEASE+x} ]; then \
-    GITQLIENT_RELEASE=$(curl -sX GET "https://api.github.com/repos/francescmaestre/GitQlient/releases/latest" \
+    GITQLIENT_RELEASE=$(curl -sX GET "https://api.github.com/repos/francescmm/GitQlient/releases/latest" \
    | awk '/tag_name/{print $4;exit}' FS='[""]'); \
  fi && \
  cd /GitQlient && \
  git checkout "${GITQLIENT_RELEASE}" && \
  qmake-qt5 GitQlient.pro \
    PREFIX=/build-out/usr \
    VERSION=${GITQLIENT_RELEASE:1} && \
  make -j 4 && \
  make install
-FROM ghcr.io/linuxserver/baseimage-selkies:alpine323
+FROM ghcr.io/linuxserver/baseimage-kasmvnc:alpine321
 # set version label
 ARG BUILD_DATE
@ -38,15 +35,12 @@ ARG VERSION
 LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}"
 LABEL maintainer="thelamer"
 # title
 ENV TITLE=GitQlient
 COPY --from=buildstage /build-out/ /
 RUN \
  echo "**** add icon ****" && \
  curl -o \
-    /usr/share/selkies/www/icon.png \
+    /kclient/public/icon.png \
    https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/gitqlient-icon.png && \
  echo "**** install packages ****" && \
  apk add --no-cache \
@ -67,6 +61,6 @@ RUN \
 COPY /root /
 # ports and volumes
-EXPOSE 3001
+EXPOSE 3000
 VOLUME /config
--- a/Dockerfile.aarch64
+++ b/Dockerfile.aarch64
@ -1,6 +1,4 @@
-# syntax=docker/dockerfile:1
+FROM ghcr.io/linuxserver/baseimage-alpine:arm64v8-3.21 AS buildstage
 FROM ghcr.io/linuxserver/baseimage-alpine:arm64v8-3.23 AS buildstage
 ARG GITQLIENT_RELEASE
@ -13,24 +11,23 @@ RUN \
 RUN \
  echo "**** grab source ****" && \
-  git clone https://github.com/francescmaestre/GitQlient.git
+  git clone https://github.com/francescmm/GitQlient.git
 RUN \
  echo "**** build gitqclient ****" && \
  mkdir -p /build-out/usr && \
  if [ -z ${GITQLIENT_RELEASE+x} ]; then \
-    GITQLIENT_RELEASE=$(curl -sX GET "https://api.github.com/repos/francescmaestre/GitQlient/releases/latest" \
+    GITQLIENT_RELEASE=$(curl -sX GET "https://api.github.com/repos/francescmm/GitQlient/releases/latest" \
    | awk '/tag_name/{print $4;exit}' FS='[""]'); \
  fi && \
  cd /GitQlient && \
  git checkout "${GITQLIENT_RELEASE}" && \
  qmake-qt5 GitQlient.pro \
    PREFIX=/build-out/usr \
    VERSION=${GITQLIENT_RELEASE:1} && \
  make -j 4 && \
  make install
-FROM ghcr.io/linuxserver/baseimage-selkies:arm64v8-alpine323
+FROM ghcr.io/linuxserver/baseimage-kasmvnc:arm64v8-alpine321
 # set version label
 ARG BUILD_DATE
@ -38,15 +35,12 @@ ARG VERSION
 LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}"
 LABEL maintainer="thelamer"
 # title
 ENV TITLE=GitQlient
 COPY --from=buildstage /build-out/ /
 RUN \
  echo "**** add icon ****" && \
  curl -o \
-    /usr/share/selkies/www/icon.png \
+    /kclient/public/icon.png \
    https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/gitqlient-icon.png && \
  echo "**** install packages ****" && \
  apk add --no-cache \
@ -67,6 +61,6 @@ RUN \
 COPY /root /
 # ports and volumes
-EXPOSE 3001
+EXPOSE 3000
 VOLUME /config
--- a/164
+++ b/164
@ -20,7 +20,7 @@ pipeline {
    QUAYIO_API_TOKEN=credentials('quayio-repo-api-token')
    GIT_SIGNING_KEY=credentials('484fbca6-9a4f-455e-b9e3-97ac98785f5f')
    EXT_GIT_BRANCH = 'master'
-    EXT_USER = 'francescmaestre'
+    EXT_USER = 'francescmm'
    EXT_REPO = 'GitQlient'
    BUILD_VERSION_ARG = 'GITQLIENT_RELEASE'
    LS_USER = 'linuxserver'
@ -33,8 +33,8 @@ pipeline {
    MULTIARCH = 'true'
    CI = 'true'
    CI_WEB = 'true'
-    CI_PORT = '3001'
+    CI_PORT = '3000'
-    CI_SSL = 'true'
+    CI_SSL = 'false'
    CI_DELAY = '120'
    CI_DOCKERENV = 'TZ=US/Pacific'
    CI_AUTH = 'user:password'
@ -59,23 +59,11 @@ pipeline {
      steps{
        echo "Running on node: ${NODE_NAME}"
        sh '''#! /bin/bash
-              echo "Pruning builder"
+              containers=$(docker ps -aq)
              docker builder prune -f --builder container || :
              containers=$(docker ps -q)
              if [[ -n "${containers}" ]]; then
-                BUILDX_CONTAINER_ID=$(docker ps -qf 'name=buildx_buildkit')
+                docker stop ${containers}
                for container in ${containers}; do
                  if [[ "${container}" == "${BUILDX_CONTAINER_ID}" ]]; then
                    echo "skipping buildx container in docker stop"
                  else
                    echo "Stopping container ${container}"
                    docker stop ${container}
                  fi
                done
              fi
-              docker system prune -f --volumes || :
+              docker system prune -af --volumes || : '''
              docker image prune -af || :
           '''
        script{
          env.EXIT_STATUS = ''
          env.LS_RELEASE = sh(
@ -97,11 +85,7 @@ pipeline {
          env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DOCKERHUB_IMAGE + '/tags/'
          env.PULL_REQUEST = env.CHANGE_ID
          env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE .editorconfig ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.yml ./.github/ISSUE_TEMPLATE/issue.feature.yml ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/call_issue_pr_tracker.yml ./.github/workflows/call_issues_cron.yml ./.github/workflows/permissions.yml ./.github/workflows/external_trigger.yml'
          if ( env.SYFT_IMAGE_TAG == null ) {
            env.SYFT_IMAGE_TAG = 'latest'
          }
        }
        echo "Using syft image tag ${SYFT_IMAGE_TAG}"
        sh '''#! /bin/bash
              echo "The default github branch detected as ${GH_DEFAULT_BRANCH}" '''
        script{
@ -218,7 +202,6 @@ pipeline {
          env.META_TAG = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
          env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN
          env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache'
          env.CITEST_IMAGETAG = 'latest'
        }
      }
    }
@ -244,7 +227,6 @@ pipeline {
          env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN
          env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DEV_DOCKERHUB_IMAGE + '/tags/'
          env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache'
          env.CITEST_IMAGETAG = 'develop'
        }
      }
    }
@ -270,7 +252,6 @@ pipeline {
          env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/pull/' + env.PULL_REQUEST
          env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.PR_DOCKERHUB_IMAGE + '/tags/'
          env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache'
          env.CITEST_IMAGETAG = 'develop'
        }
      }
    }
@ -293,7 +274,7 @@ pipeline {
                  -v ${WORKSPACE}:/mnt \
                  -e AWS_ACCESS_KEY_ID=\"${S3_KEY}\" \
                  -e AWS_SECRET_ACCESS_KEY=\"${S3_SECRET}\" \
-                  ghcr.io/linuxserver/baseimage-alpine:3 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
+                  ghcr.io/linuxserver/baseimage-alpine:3.20 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
                    apk add --no-cache python3 && \
                    python3 -m venv /lsiopy && \
                    pip install --no-cache-dir -U pip && \
@ -628,16 +609,13 @@ pipeline {
                    echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
                    echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
                    echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
                    if [[ "${PACKAGE_CHECK}" != "true" ]]; then
                      declare -A pids
                      IFS=',' read -ra CACHE <<< "$BUILDCACHE"
                      for i in "${CACHE[@]}"; do
                        docker push ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} &
                        pids[$!]="$i"
                      done
-                      for p in "${!pids[@]}"; do
+                      for p in $(jobs -p); do
-                        wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; }
+                        wait "$p" || { echo "job $p failed" >&2; exit 1; }
                      done
                    fi
                '''
@ -697,16 +675,13 @@ pipeline {
                        echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
                        echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
                        echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
                        if [[ "${PACKAGE_CHECK}" != "true" ]]; then
                          declare -A pids
                          IFS=',' read -ra CACHE <<< "$BUILDCACHE"
                          for i in "${CACHE[@]}"; do
                            docker push ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} &
                            pids[$!]="$i"
                          done
-                          for p in "${!pids[@]}"; do
+                          for p in $(jobs -p); do
-                            wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; }
+                            wait "$p" || { echo "job $p failed" >&2; exit 1; }
                          done
                        fi
                    '''
@ -760,14 +735,12 @@ pipeline {
                        echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
                        echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
                        if [[ "${PACKAGE_CHECK}" != "true" ]]; then
                          declare -A pids
                          IFS=',' read -ra CACHE <<< "$BUILDCACHE"
                          for i in "${CACHE[@]}"; do
                            docker push ${i}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} &
                            pids[$!]="$i"
                          done
-                          for p in "${!pids[@]}"; do
+                          for p in $(jobs -p); do
-                            wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; }
+                            wait "$p" || { echo "job $p failed" >&2; exit 1; }
                          done
                        fi
                    '''
@ -778,8 +751,7 @@ pipeline {
                  if [[ -n "${containers}" ]]; then
                    docker stop ${containers}
                  fi
-                  docker system prune -f --volumes || :
+                  docker system prune -af --volumes || :
                  docker image prune -af || :
               '''
          }
        }
@ -805,7 +777,7 @@ pipeline {
              docker run --rm \
                -v /var/run/docker.sock:/var/run/docker.sock:ro \
                -v ${TEMPDIR}:/tmp \
-                ghcr.io/anchore/syft:${SYFT_IMAGE_TAG} \
+                ghcr.io/anchore/syft:latest \
                ${LOCAL_CONTAINER} -o table=/tmp/package_versions.txt
              NEW_PACKAGE_TAG=$(md5sum ${TEMPDIR}/package_versions.txt | cut -c1-8 )
              echo "Package tag sha from current packages in buit container is ${NEW_PACKAGE_TAG} comparing to old ${PACKAGE_TAG} from github"
@ -892,7 +864,7 @@ pipeline {
                    CI_DOCKERENV="LSIO_FIRST_PARTY=true"
                  fi
                fi
-                docker pull ghcr.io/linuxserver/ci:${CITEST_IMAGETAG}
+                docker pull ghcr.io/linuxserver/ci:latest
                if [ "${MULTIARCH}" == "true" ]; then
                  docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} --platform=arm64
                  docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
@ -915,10 +887,7 @@ pipeline {
                -e WEB_AUTH=\"${CI_AUTH}\" \
                -e WEB_PATH=\"${CI_WEBPATH}\" \
                -e NODE_NAME=\"${NODE_NAME}\" \
-                -e SYFT_IMAGE_TAG=\"${CI_SYFT_IMAGE_TAG:-${SYFT_IMAGE_TAG}}\" \
+                -t ghcr.io/linuxserver/ci:latest \
                -e COMMIT_SHA=\"${COMMIT_SHA}\" \
                -e BUILD_NUMBER=\"${BUILD_NUMBER}\" \
                -t ghcr.io/linuxserver/ci:${CITEST_IMAGETAG} \
                python3 test_build.py'''
        }
      }
@ -944,11 +913,9 @@ pipeline {
                          CACHEIMAGE=${i}
                      fi
                  done
-                  docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${META_TAG} -t ${PUSHIMAGE}:latest -t ${PUSHIMAGE}:${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \
+                  docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${META_TAG} -t ${PUSHIMAGE}:latest -t ${PUSHIMAGE}:${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER}
                    { if [[ "${PUSHIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
                  if [ -n "${SEMVER}" ]; then
-                    docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \
+                    docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER}
                      { if [[ "${PUSHIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
                  fi
                done
              '''
@ -973,27 +940,20 @@ pipeline {
                          CACHEIMAGE=${i}
                      fi
                  done
-                  docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${META_TAG} -t ${MANIFESTIMAGE}:amd64-latest -t ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \
+                  docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${META_TAG} -t ${MANIFESTIMAGE}:amd64-latest -t ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER}
-                    { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
+                  docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${META_TAG} -t ${MANIFESTIMAGE}:arm64v8-latest -t ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
                  docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${META_TAG} -t ${MANIFESTIMAGE}:arm64v8-latest -t ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || \
                    { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
                  if [ -n "${SEMVER}" ]; then
-                    docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \
+                    docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER}
-                      { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
+                    docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${SEMVER} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
                    docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${SEMVER} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || \
                      { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
                  fi
                done
                for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
-                  docker buildx imagetools create -t ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm64v8-latest || \
+                  docker buildx imagetools create -t ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm64v8-latest
-                    { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
+                  docker buildx imagetools create -t ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
-                  docker buildx imagetools create -t ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} || \
+
-                    { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
+                  docker buildx imagetools create -t ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
                  docker buildx imagetools create -t ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} || \
                    { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
                  if [ -n "${SEMVER}" ]; then
-                    docker buildx imagetools create -t ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} || \
+                    docker buildx imagetools create -t ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
                      { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
                  fi
                done
              '''
@ -1011,41 +971,23 @@ pipeline {
        environment name: 'EXIT_STATUS', value: ''
      }
      steps {
        echo "Pushing New tag for current commit ${META_TAG}"
        sh '''curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/git/tags \
        -d '{"tag":"'${META_TAG}'",\
             "object": "'${COMMIT_SHA}'",\
             "message": "Tagging Release '${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}' to master",\
             "type": "commit",\
             "tagger": {"name": "LinuxServer-CI","email": "ci@linuxserver.io","date": "'${GITHUB_DATE}'"}}' '''
        echo "Pushing New release for Tag"
        sh '''#! /bin/bash
-              echo "Auto-generating release notes"
+              curl -H "Authorization: token ${GITHUB_TOKEN}" -s https://api.github.com/repos/${EXT_USER}/${EXT_REPO}/releases/latest | jq '. |.body' | sed 's:^.\\(.*\\).$:\\1:' > releasebody.json
-              if [ "$(git tag --points-at HEAD)" != "" ]; then
+              echo '{"tag_name":"'${META_TAG}'",\
-                echo "Existing tag points to current commit, suggesting no new LS changes"
+                     "target_commitish": "master",\
-                AUTO_RELEASE_NOTES="No changes"
+                     "name": "'${META_TAG}'",\
-              else
+                     "body": "**CI Report:**\\n\\n'${CI_URL:-N/A}'\\n\\n**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**Remote Changes:**\\n\\n' > start
-                AUTO_RELEASE_NOTES=$(curl -fsL -H "Authorization: token ${GITHUB_TOKEN}" -H "Accept: application/vnd.github+json" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases/generate-notes  \
+              printf '","draft": false,"prerelease": false}' >> releasebody.json
-                  -d '{"tag_name":"'${META_TAG}'",\
+              paste -d'\\0' start releasebody.json > releasebody.json.done
-                      "target_commitish": "master"}' \
+              curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done'''
                  | jq -r '.body' | sed 's|## What.s Changed||')
              fi
              echo "Pushing New tag for current commit ${META_TAG}"
              curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/git/tags \
                -d '{"tag":"'${META_TAG}'",\
                  "object": "'${COMMIT_SHA}'",\
                  "message": "Tagging Release '${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}' to master",\
                  "type": "commit",\
                  "tagger": {"name": "LinuxServer-CI","email": "ci@linuxserver.io","date": "'${GITHUB_DATE}'"}}'
              echo "Pushing New release for Tag"
              curl -H "Authorization: token ${GITHUB_TOKEN}" -s https://api.github.com/repos/${EXT_USER}/${EXT_REPO}/releases/latest | jq -r '. |.body' > releasebody.json
              jq -n \
                --arg tag_name "$META_TAG" \
                --arg target_commitish "master" \
                --arg ci_url "${CI_URL:-N/A}" \
                --arg ls_notes "$AUTO_RELEASE_NOTES" \
                --arg remote_notes "$(cat releasebody.json)" \
                '{
                  "tag_name": $tag_name,
                  "target_commitish": $target_commitish,
                  "name": $tag_name,
                  "body": ("**CI Report:**\\n\\n" + $ci_url + "\\n\\n**LinuxServer Changes:**\\n\\n" + $ls_notes + "\\n\\n**Remote Changes:**\\n\\n" + $remote_notes),
                  "draft": false,
                  "prerelease": false                }' > releasebody.json.done
              curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done
        '''
      }
    }
    // Add protection to the release branch
@ -1220,22 +1162,12 @@ EOF
    }
    cleanup {
      sh '''#! /bin/bash
-            echo "Pruning builder!!"
+            echo "Performing docker system prune!!"
-            docker builder prune -f --builder container || :
+            containers=$(docker ps -aq)
            containers=$(docker ps -q)
            if [[ -n "${containers}" ]]; then
-              BUILDX_CONTAINER_ID=$(docker ps -qf 'name=buildx_buildkit')
+              docker stop ${containers}
              for container in ${containers}; do
                if [[ "${container}" == "${BUILDX_CONTAINER_ID}" ]]; then
                  echo "skipping buildx container in docker stop"
                else
                  echo "Stopping container ${container}"
                  docker stop ${container}
                fi
              done
            fi
-            docker system prune -f --volumes || :
+            docker system prune -af --volumes || :
            docker image prune -af || :
         '''
      cleanWs()
    }
--- a/README.md
+++ b/README.md
@ -3,8 +3,9 @@
 [![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)](https://linuxserver.io)
 [![Blog](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=Blog)](https://blog.linuxserver.io "all the things you can do with our containers including How-To guides, opinions and much more!")
-[![Discord](https://img.shields.io/discord/354974912613449730.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=Discord&logo=discord)](https://linuxserver.io/discord "realtime support / chat with the community and the team.")
+[![Discord](https://img.shields.io/discord/354974912613449730.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=Discord&logo=discord)](https://discord.gg/YWrKVTn "realtime support / chat with the community and the team.")
 [![Discourse](https://img.shields.io/discourse/https/discourse.linuxserver.io/topics.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&logo=discourse)](https://discourse.linuxserver.io "post on our community forum.")
 [![Fleet](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=Fleet)](https://fleet.linuxserver.io "an online web interface which displays all of our maintained images.")
 [![GitHub](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=GitHub&logo=github)](https://github.com/linuxserver "view the source for all of our repositories.")
 [![Open Collective](https://img.shields.io/opencollective/all/linuxserver.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=Supporters&logo=open%20collective)](https://opencollective.com/linuxserver "please consider helping us by either donating or contributing to our budget")
@ -19,8 +20,9 @@ The [LinuxServer.io](https://linuxserver.io) team brings you another container r
 Find us at:
 * [Blog](https://blog.linuxserver.io) - all the things you can do with our containers including How-To guides, opinions and much more!
-* [Discord](https://linuxserver.io/discord) - realtime support / chat with the community and the team.
+* [Discord](https://discord.gg/YWrKVTn) - realtime support / chat with the community and the team.
 * [Discourse](https://discourse.linuxserver.io) - post on our community forum.
 * [Fleet](https://fleet.linuxserver.io) - an online web interface which displays all of our maintained images.
 * [GitHub](https://github.com/linuxserver) - view the source for all of our repositories.
 * [Open Collective](https://opencollective.com/linuxserver) - please consider helping us by either donating or contributing to our budget
@ -53,121 +55,69 @@ The architectures supported by this image are:
 | :----: | :----: | ---- |
 | x86-64 | ✅ | amd64-\<version tag\> |
 | arm64 | ✅ | arm64v8-\<version tag\> |
 | armhf | ❌ | |
 ## Application Setup
 The application can be accessed at:
 * http://yourhost:3000/
 * https://yourhost:3001/
-### Strict reverse proxies
+**Modern GUI desktop apps have issues with the latest Docker and syscall compatibility, you can use Docker with the `--security-opt seccomp=unconfined` setting to allow these syscalls on hosts with older Kernels or libseccomp**
 This image uses a self-signed certificate by default. This naturally means the scheme is `https`.
 If you are using a reverse proxy which validates certificates, you need to [disable this check for the container](https://docs.linuxserver.io/faq#strict-proxy).
 **Modern GUI desktop apps may have compatibility issues with the latest Docker syscall restrictions. You can use Docker with the `--security-opt seccomp=unconfined` setting to allow these syscalls on hosts with older Kernels or libseccomp versions.**
 ### Security
 >[!WARNING]
->This container provides privileged access to the host system. Do not expose it to the Internet unless you have secured it properly.
+>Do not put this on the Internet if you do not know what you are doing.
-**HTTPS is required for full functionality.** Modern browser features such as WebCodecs, used for video and audio, will not function over an insecure HTTP connection.
+By default this container has no authentication and the optional environment variables `CUSTOM_USER` and `PASSWORD` to enable basic http auth via the embedded NGINX server should only be used to locally secure the container from unwanted access on a local network. If exposing this to the Internet we recommend putting it behind a reverse proxy, such as [SWAG](https://github.com/linuxserver/docker-swag), and ensuring a secure authentication solution is in place. From the web interface a terminal can be launched and it is configured for passwordless sudo, so anyone with access to it can install and run whatever they want along with probing your local network.
-By default, this container has no authentication. The optional `CUSTOM_USER` and `PASSWORD` environment variables enable basic HTTP auth, which is suitable only for securing the container on a trusted local network. For internet exposure, we strongly recommend placing the container behind a reverse proxy, such as [SWAG](https://github.com/linuxserver/docker-swag), with a robust authentication mechanism.
+### Options in all KasmVNC based GUI containers
-The web interface includes a terminal with passwordless `sudo` access. Any user with access to the GUI can gain root control within the container, install arbitrary software, and probe your local network.
+This container is based on [Docker Baseimage KasmVNC](https://github.com/linuxserver/docker-baseimage-kasmvnc) which means there are additional environment variables and run configurations to enable or disable specific functionality.
-While not generally recommended, certain legacy environments specifically those with older hardware or outdated Linux distributions may require the deactivation of the standard seccomp profile to get containerized desktop software to run. This can be achieved by utilizing the `--security-opt seccomp=unconfined` parameter. It is critical to use this option only when absolutely necessary as it disables a key security layer of Docker, elevating the potential for container escape vulnerabilities.
+#### Optional environment variables
 ### Options in all Selkies-based GUI containers
 This container is based on [Docker Baseimage Selkies](https://github.com/linuxserver/docker-baseimage-selkies), which provides the following environment variables and run configurations to customize its functionality.
 #### Optional Environment Variables
 | Variable | Description |
 | :----: | --- |
-| PIXELFLUX_WAYLAND | **Experimental** If set to true the container will initialize in Wayland mode running [Smithay](https://github.com/Smithay/smithay) and Labwc while enabling zero copy encoding with a GPU |
+| CUSTOM_PORT | Internal port the container listens on for http if it needs to be swapped from the default 3000. |
-| CUSTOM_PORT | Internal port the container listens on for http if it needs to be swapped from the default `3000` |
+| CUSTOM_HTTPS_PORT | Internal port the container listens on for https if it needs to be swapped from the default 3001. |
 | CUSTOM_HTTPS_PORT | Internal port the container listens on for https if it needs to be swapped from the default `3001` |
 | CUSTOM_WS_PORT | Internal port the container listens on for websockets if it needs to be swapped from the default 8082 |
 | CUSTOM_USER | HTTP Basic auth username, abc is default. |
 | DRI_NODE | Enable VAAPI stream encoding and use the specified device IE `/dev/dri/renderD128` |
 | DRINODE | Specify which GPU to use for DRI3 acceleration IE `/dev/dri/renderD129` |
 | PASSWORD | HTTP Basic auth password, abc is default. If unset there will be no auth |
 | SUBFOLDER | Subfolder for the application if running a subfolder reverse proxy, need both slashes IE `/subfolder/` |
-| TITLE | The page title displayed on the web browser, default "Selkies" |
+| TITLE | The page title displayed on the web browser, default "KasmVNC Client". |
-| DASHBOARD | Allows the user to set their dashboard. Options: `selkies-dashboard`, `selkies-dashboard-zinc`, `selkies-dashboard-wish` |
+| FM_HOME | This is the home directory (landing) for the file manager, default "/config". |
-| FILE_MANAGER_PATH | Modifies the default upload/download file path, path must have proper permissions for abc user |
+| START_DOCKER | If set to false a container with privilege will not automatically start the DinD Docker setup. |
-| START_DOCKER | If set to false a container with privilege will not automatically start the DinD Docker setup |
+| DRINODE | If mounting in /dev/dri for [DRI3 GPU Acceleration](https://www.kasmweb.com/kasmvnc/docs/master/gpu_acceleration.html) allows you to specify the device to use IE `/dev/dri/renderD128` |
-| DISABLE_IPV6 | If set to true or any value this will disable IPv6 |
+| DISABLE_IPV6 | If set to true or any value this will disable IPv6 | 
 | LC_ALL | Set the Language for the container to run as IE `fr_FR.UTF-8` `ar_AE.UTF-8` |
-| NO_DECOR | If set the application will run without window borders for use as a PWA. (Decor can be enabled and disabled with Ctrl+Shift+d) |
+| NO_DECOR | If set the application will run without window borders in openbox for use as a PWA. |
 | NO_FULL | Do not autmatically fullscreen applications when using openbox. |
 | NO_GAMEPAD | Disable userspace gamepad interposer injection. |
 | DISABLE_ZINK | Do not set the Zink environment variables if a video card is detected (userspace applications will use CPU rendering) |
 | DISABLE_DRI3 | Do not use DRI3 acceleration if a video card is detected (userspace applications will use CPU rendering) |
 | MAX_RES | Pass a larger maximum resolution for the container default is 16k `15360x8640` |
 | WATERMARK_PNG | Full path inside the container to a watermark png IE `/usr/share/selkies/www/icon.png` |
 | WATERMARK_LOCATION | Where to paint the image over the stream integer options below |
-**`WATERMARK_LOCATION` Options:**
+#### Optional run configurations
 - **1**: Top Left
 - **2**: Top Right
 - **3**: Bottom Left
 - **4**: Bottom Right
 - **5**: Centered
 - **6**: Animated
-#### Optional Run Configurations
+| Variable | Description |
 | Argument | Description |
 | :----: | --- |
-| `--privileged` | Starts a Docker-in-Docker (DinD) environment. For better performance, mount the Docker data directory from the host, e.g., `-v /path/to/docker-data:/var/lib/docker`. |
+| `--privileged` | Will start a Docker in Docker (DinD) setup inside the container to use docker in an isolated environment. For increased performance mount the Docker directory inside the container to the host IE `-v /home/user/docker-data:/var/lib/docker`. |
-| `-v /var/run/docker.sock:/var/run/docker.sock` | Mounts the host's Docker socket to manage host containers from within this container. |
+| `-v /var/run/docker.sock:/var/run/docker.sock` | Mount in the host level Docker socket to either interact with it via CLI or use Docker enabled applications. |
 | `--device /dev/dri:/dev/dri` | Mount a GPU into the container, this can be used in conjunction with the `DRINODE` environment variable to leverage a host video card for GPU accelerated applications. Only **Open Source** drivers are supported IE (Intel,AMDGPU,Radeon,ATI,Nouveau) |
 ### Language Support - Internationalization
-To launch the desktop session in a different language, set the `LC_ALL` environment variable. For example:
+The environment variable `LC_ALL` can be used to start this container in a different language than English simply pass for example to launch the Desktop session in French `LC_ALL=fr_FR.UTF-8`. Some languages like Chinese, Japanese, or Korean will be missing fonts needed to render properly known as cjk fonts, but others may exist and not be installed inside the container depending on what underlying distribution you are running. We only ensure fonts for Latin characters are present. Fonts can be installed with a mod on startup.
-*   `-e LC_ALL=zh_CN.UTF-8` - Chinese
+To install cjk fonts on startup as an example pass the environment variables (Alpine base):
 *   `-e LC_ALL=ja_JP.UTF-8` - Japanese
 *   `-e LC_ALL=ko_KR.UTF-8` - Korean
 *   `-e LC_ALL=ar_AE.UTF-8` - Arabic
 *   `-e LC_ALL=ru_RU.UTF-8` - Russian
 *   `-e LC_ALL=es_MX.UTF-8` - Spanish (Latin America)
 *   `-e LC_ALL=de_DE.UTF-8` - German
 *   `-e LC_ALL=fr_FR.UTF-8` - French
 *   `-e LC_ALL=nl_NL.UTF-8` - Netherlands
 *   `-e LC_ALL=it_IT.UTF-8` - Italian
 ### SealSkin Compatibility
 This container is compatible with [SealSkin](https://github.com/linuxserver/docker-sealskin).
 SealSkin is a self-hosted, client-server platform that provides secure authentication and collaboration features while using a browser extension to intercept user actions such as clicking a link or downloading a file and redirect them to a secure, isolated application environment running on a remote server.
 *   **SealSkin Server:** [Get it Here](https://github.com/linuxserver/docker-sealskin)
 *   **Browser Extension:** [Install Here](https://chromewebstore.google.com/detail/sealskin-isolation/lclgfmnljgacfdpmmmjmfpdelndbbfhk)
 ### All GPU Acceleration - use sane resolutions
 When using 3d acceleration via Nvidia DRM or DRI3 it is important to clamp the virtual display to a reasonable max resolution. This can be achieved with the environment setting: 
 * `-e MAX_RESOLUTION=3840x2160`
 This will set the total virtual framebuffer to 4K, you can also set a manual resolution to achieve this.
 By default the virtual monitor in the session is 16K to support large monitors and dual display configurations. Leaving it this large has no impact on CPU based performance but costs GPU memory usage and memory bandwidth when leveraging one for acceleration. If you have performance issues in an accelerated session, try clamping the resolution to 1080p and work up from there:
 ```
-e SELKIES_MANUAL_WIDTH=1920
+-e DOCKER_MODS=linuxserver/mods:universal-package-install 
-e SELKIES_MANUAL_HEIGHT=1080
+-e INSTALL_PACKAGES=font-noto-cjk
-e MAX_RESOLUTION=1920x1080
+-e LC_ALL=zh_CN.UTF-8
 ```
-### DRI3 GPU Acceleration
+The web interface has the option for "IME Input Mode" in Settings which will allow non english characters to be used from a non en_US keyboard on the client. Once enabled it will perform the same as a local Linux installation set to your locale.
 ### DRI3 GPU Acceleration (KasmVNC interface)
 For accelerated apps or games, render devices can be mounted into the container and leveraged by applications using:
@ -182,28 +132,23 @@ This feature only supports **Open Source** GPU drivers:
 | NVIDIA | nouveau2 drivers only, closed source NVIDIA drivers lack DRI3 support |
 The `DRINODE` environment variable can be used to point to a specific GPU.
 Up to date information can be found [here](https://www.kasmweb.com/kasmvnc/docs/master/gpu_acceleration.html)
-DRI3 will work on aarch64 given the correct drivers are installed inside the container for your chipset.
+### Application management
-### Application Management
+#### PRoot Apps
-There are two methods for installing applications inside the container: PRoot Apps (recommended for persistence) and Native Apps.
+If you run system native installations of software IE `sudo apt-get install filezilla` and then upgrade or destroy/re-create the container that software will be removed and the container will be at a clean state. For some users that will be acceptable and they can update their system packages as well using system native commands like `apt-get upgrade`. If you want Docker to handle upgrading the container and retain your applications and settings we have created [proot-apps](https://github.com/linuxserver/proot-apps) which allow portable applications to be installed to persistent storage in the user's `$HOME` directory and they will work in a confined Docker environment out of the box. These applications and their settings will persist upgrades of the base container and can be mounted into different flavors of KasmVNC based containers on the fly. This can be achieved from the command line with:
 #### PRoot Apps (Persistent)
 Natively installed packages (e.g., via `apt-get install`) will not persist if the container is recreated. To retain applications and their settings across container updates, we recommend using [proot-apps](https://github.com/linuxserver/proot-apps). These are portable applications installed to the user's persistent `$HOME` directory.
 To install an application, use the command line inside the container:
 ```
 proot-apps install filezilla
 ```
-A list of supported applications is available [here](https://github.com/linuxserver/proot-apps?tab=readme-ov-file#supported-apps).
+PRoot Apps is included in all KasmVNC based containers, a list of linuxserver.io supported applications is located [HERE](https://github.com/linuxserver/proot-apps?tab=readme-ov-file#supported-apps).
-#### Native Apps (Non-Persistent)
+#### Native Apps
-You can install packages from the system's native repository using the [universal-package-install](https://github.com/linuxserver/docker-mods/tree/universal-package-install) mod. This method will increase the container's start time and is not persistent. Add the following to your `compose.yaml`:
+It is possible to install extra packages during container start using [universal-package-install](https://github.com/linuxserver/docker-mods/tree/universal-package-install). It might increase starting time significantly. PRoot is preferred.
 ```yaml
  environment:
@ -211,131 +156,6 @@ You can install packages from the system's native repository using the [universa
    - INSTALL_PACKAGES=libfuse2|git|gdb
 ```
 #### Hardening
 These variables can be used to lock down the desktop environment for single-application use cases or to restrict user capabilities.
 ##### Meta Variables
 These variables act as presets, enabling multiple hardening options at once. Individual options can still be set to override the preset.
 | Variable | Description |
 | :----: | --- |
 | **`HARDEN_DESKTOP`** | Enables `DISABLE_OPEN_TOOLS`, `DISABLE_SUDO`, and `DISABLE_TERMINALS`. Also sets related Selkies UI settings (`SELKIES_FILE_TRANSFERS`, `SELKIES_COMMAND_ENABLED`, `SELKIES_UI_SIDEBAR_SHOW_FILES`, `SELKIES_UI_SIDEBAR_SHOW_APPS`) if they are not explicitly set by the user. |
 | **`HARDEN_OPENBOX`** | Enables `DISABLE_CLOSE_BUTTON`, `DISABLE_MOUSE_BUTTONS`, and `HARDEN_KEYBINDS`. It also flags `RESTART_APP` if not set by the user, ensuring the primary application is automatically restarted if closed. |
 ##### Individual Hardening Variables
 | Variable | Description |
 | :--- | --- |
 | **`DISABLE_OPEN_TOOLS`** | If true, disables `xdg-open` and `exo-open` binaries by removing their execute permissions. |
 | **`DISABLE_SUDO`** | If true, disables the `sudo` command by removing its execute permissions and invalidating the passwordless sudo configuration. |
 | **`DISABLE_TERMINALS`** | If true, disables common terminal emulators by removing their execute permissions and hiding them from the Openbox right-click menu. |
 | **`DISABLE_CLOSE_BUTTON`** | If true, removes the close button from window title bars in the Openbox window manager. |
 | **`DISABLE_MOUSE_BUTTONS`** | If true, disables the right-click and middle-click context menus and actions within the Openbox window manager. |
 | **`HARDEN_KEYBINDS`** | If true, disables default Openbox keybinds that can bypass other hardening options (e.g., `Alt+F4` to close windows, `Alt+Escape` to show the root menu). |
 | **`RESTART_APP`** | If true, enables a watchdog service that automatically restarts the main application if it is closed. The user's autostart script is made read-only and root owned to prevent tampering. |
 #### Selkies application settings
 Using environment variables every facet of the application can be configured.
 ##### Booleans and Locking
 Boolean settings accept `true` or `false`. You can also prevent the user from changing a boolean setting in the UI by appending `|locked`. The UI toggle for this setting will be hidden.
 *   **Example**: To force CPU encoding on and prevent the user from disabling it:
    ```bash
    -e SELKIES_USE_CPU="true|locked"
    ```
 ##### Enums and Lists
 These settings accept a comma-separated list of values. Their behavior depends on the number of items provided:
 *   **Multiple Values**: The first item in the list becomes the default selection, and all items in the list become the available options in the UI dropdown.
 *   **Single Value**: The provided value becomes the default, and the UI dropdown is hidden because the choice is locked.
 *   **Example**: Force the encoder to be `jpeg` with no other options available to the user:
    ```bash
    -e SELKIES_ENCODER="jpeg"
    ```
 ##### Ranges
 Range settings define a minimum and maximum for a value (e.g., framerate).
 *   **To set a range**: Use a hyphen-separated `min-max` format. The UI will show a slider.
 *   **To set a fixed value**: Provide a single number. This will lock the value and hide the UI slider.
 *   **Example**: Lock the framerate to exactly 60 FPS.
    ```bash
    -e SELKIES_FRAMERATE="60"
    ```
 ##### Manual Resolution Mode
 The server can be forced to use a single, fixed resolution for all connecting clients. This mode is automatically activated if `SELKIES_MANUAL_WIDTH`, `SELKIES_MANUAL_HEIGHT`, or `SELKIES_IS_MANUAL_RESOLUTION_MODE` is set.
 *   If `SELKIES_MANUAL_WIDTH` and/or `SELKIES_MANUAL_HEIGHT` are set, the resolution is locked to those values.
 *   If `SELKIES_IS_MANUAL_RESOLUTION_MODE` is set to `true` without specifying width or height, the resolution defaults to **1024x768**.
 *   When this mode is active, the client UI for changing resolution is disabled.
 | Environment Variable | Default Value | Description |
 | --- | --- | --- |
 | `SELKIES_UI_TITLE` | `'Selkies'` | Title in top left corner of sidebar. |
 | `SELKIES_UI_SHOW_LOGO` | `True` | Show the Selkies logo in the sidebar. |
 | `SELKIES_UI_SHOW_SIDEBAR` | `True` | Show the main sidebar UI. |
 | `SELKIES_UI_SHOW_CORE_BUTTONS` | `True` | Show the core components buttons display, audio, microphone, and gamepad. |
 | `SELKIES_UI_SIDEBAR_SHOW_VIDEO_SETTINGS` | `True` | Show the video settings section in the sidebar. |
 | `SELKIES_UI_SIDEBAR_SHOW_SCREEN_SETTINGS` | `True` | Show the screen settings section in the sidebar. |
 | `SELKIES_UI_SIDEBAR_SHOW_AUDIO_SETTINGS` | `True` | Show the audio settings section in the sidebar. |
 | `SELKIES_UI_SIDEBAR_SHOW_STATS` | `True` | Show the stats section in the sidebar. |
 | `SELKIES_UI_SIDEBAR_SHOW_CLIPBOARD` | `True` | Show the clipboard section in the sidebar. |
 | `SELKIES_UI_SIDEBAR_SHOW_FILES` | `True` | Show the file transfer section in the sidebar. |
 | `SELKIES_UI_SIDEBAR_SHOW_APPS` | `True` | Show the applications section in the sidebar. |
 | `SELKIES_UI_SIDEBAR_SHOW_SHARING` | `True` | Show the sharing section in the sidebar. |
 | `SELKIES_UI_SIDEBAR_SHOW_GAMEPADS` | `True` | Show the gamepads section in the sidebar. |
 | `SELKIES_UI_SIDEBAR_SHOW_FULLSCREEN` | `True` | Show the fullscreen button in the sidebar. |
 | `SELKIES_UI_SIDEBAR_SHOW_GAMING_MODE` | `True` | Show the gaming mode button in the sidebar. |
 | `SELKIES_UI_SIDEBAR_SHOW_TRACKPAD` | `True` | Show the virtual trackpad button in the sidebar. |
 | `SELKIES_UI_SIDEBAR_SHOW_KEYBOARD_BUTTON` | `True` | Show the on-screen keyboard button in the display area. |
 | `SELKIES_UI_SIDEBAR_SHOW_SOFT_BUTTONS` | `True` | Show the soft buttons section in the sidebar. |
 | `SELKIES_AUDIO_ENABLED` | `True` | Enable server-to-client audio streaming. |
 | `SELKIES_MICROPHONE_ENABLED` | `True` | Enable client-to-server microphone forwarding. |
 | `SELKIES_GAMEPAD_ENABLED` | `True` | Enable gamepad support. |
 | `SELKIES_CLIPBOARD_ENABLED` | `True` | Enable clipboard synchronization. |
 | `SELKIES_COMMAND_ENABLED` | `True` | Enable parsing of command websocket messages. |
 | `SELKIES_FILE_TRANSFERS` | `'upload,download'` | Allowed file transfer directions (comma-separated: "upload,download"). Set to "" or "none" to disable. |
 | `SELKIES_ENCODER` | `'x264enc,x264enc-striped,jpeg'` | The default video encoders. |
 | `SELKIES_FRAMERATE` | `'8-120'` | Allowed framerate range or a fixed value. |
 | `SELKIES_H264_CRF` | `'5-50'` | Allowed H.264 CRF range or a fixed value. |
 | `SELKIES_JPEG_QUALITY` | `'1-100'` | Allowed JPEG quality range or a fixed value. |
 | `SELKIES_H264_FULLCOLOR` | `False` | Enable H.264 full color range for pixelflux encoders. |
 | `SELKIES_H264_STREAMING_MODE` | `False` | Enable H.264 streaming mode for pixelflux encoders. |
 | `SELKIES_USE_CPU` | `False` | Force CPU-based encoding for pixelflux. |
 | `SELKIES_USE_PAINT_OVER_QUALITY` | `True` | Enable high-quality paint-over for static scenes. |
 | `SELKIES_PAINT_OVER_JPEG_QUALITY` | `'1-100'` | Allowed JPEG paint-over quality range or a fixed value. |
 | `SELKIES_H264_PAINTOVER_CRF` | `'5-50'` | Allowed H.264 paint-over CRF range or a fixed value. |
 | `SELKIES_H264_PAINTOVER_BURST_FRAMES` | `'1-30'` | Allowed H.264 paint-over burst frames range or a fixed value. |
 | `SELKIES_SECOND_SCREEN` | `True` | Enable support for a second monitor/display. |
 | `SELKIES_AUDIO_BITRATE` | `'320000'` | The default audio bitrate. |
 | `SELKIES_IS_MANUAL_RESOLUTION_MODE` | `False` | Lock the resolution to the manual width/height values. |
 | `SELKIES_MANUAL_WIDTH` | `0` | Lock width to a fixed value. Setting this forces manual resolution mode. |
 | `SELKIES_MANUAL_HEIGHT` | `0` | Lock height to a fixed value. Setting this forces manual resolution mode. |
 | `SELKIES_SCALING_DPI` | `'96'` | The default DPI for UI scaling. |
 | `SELKIES_ENABLE_BINARY_CLIPBOARD` | `False` | Allow binary data on the clipboard. |
 | `SELKIES_USE_BROWSER_CURSORS` | `False` | Use browser CSS cursors instead of rendering to canvas. |
 | `SELKIES_USE_CSS_SCALING` | `False` | HiDPI when false, if true a lower resolution is sent from the client and the canvas is stretched. |
 | `SELKIES_PORT` (or `CUSTOM_WS_PORT`) | `8082` | Port for the data websocket server. |
 | `SELKIES_DRI_NODE` (or `DRI_NODE`) | `''` | Path to the DRI render node for VA-API. |
 | `SELKIES_AUDIO_DEVICE_NAME` | `'output.monitor'` | Audio device name for pcmflux capture. |
 | `SELKIES_WATERMARK_PATH` (or `WATERMARK_PNG`) | `''` | Absolute path to the watermark PNG file. |
 | `SELKIES_WATERMARK_LOCATION` (or `WATERMARK_LOCATION`) | `-1` | Watermark location enum (0-6). |
 | `SELKIES_DEBUG` | `False` | Enable debug logging. |
 | `SELKIES_ENABLE_SHARING` | `True` | Master toggle for all sharing features. |
 | `SELKIES_ENABLE_COLLAB` | `True` | Enable collaborative (read-write) sharing link. |
 | `SELKIES_ENABLE_SHARED` | `True` | Enable view-only sharing links. |
 | `SELKIES_ENABLE_PLAYER2` | `True` | Enable sharing link for gamepad player 2. |
 | `SELKIES_ENABLE_PLAYER3` | `True` | Enable sharing link for gamepad player 3. |
 | `SELKIES_ENABLE_PLAYER4` | `True` | Enable sharing link for gamepad player 4. |
 ## Usage
 To help you get started creating a container from this image you can either use docker-compose or the docker cli.
@ -351,6 +171,8 @@ services:
  gitqlient:
    image: lscr.io/linuxserver/gitqlient:latest
    container_name: gitqlient
    security_opt:
      - seccomp:unconfined #optional
    environment:
      - PUID=1000
      - PGID=1000
@ -360,7 +182,6 @@ services:
    ports:
      - 3000:3000
      - 3001:3001
    shm_size: "1gb"
    restart: unless-stopped
 ```
@ -369,13 +190,13 @@ services:
 ```bash
 docker run -d \
  --name=gitqlient \
  --security-opt seccomp=unconfined `#optional` \
  -e PUID=1000 \
  -e PGID=1000 \
  -e TZ=Etc/UTC \
  -p 3000:3000 \
  -p 3001:3001 \
  -v /path/to/config:/config \
  --shm-size="1gb" \
  --restart unless-stopped \
  lscr.io/linuxserver/gitqlient:latest
 ```
@ -386,13 +207,13 @@ Containers are configured using parameters passed at runtime (such as those abov
 | Parameter | Function |
 | :----: | --- |
-| `-p 3000:3000` | HTTP GitQlient desktop gui, must be proxied. |
+| `-p 3000:3000` | GitQlient desktop gui. |
 | `-p 3001:3001` | HTTPS GitQlient desktop gui. |
 | `-e PUID=1000` | for UserID - see below for explanation |
 | `-e PGID=1000` | for GroupID - see below for explanation |
 | `-e TZ=Etc/UTC` | specify a timezone to use, see this [list](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List). |
 | `-v /config` | Users home directory in the container, stores local files and settings |
-| `--shm-size=` | Recommended for all desktop images. |
+| `--security-opt seccomp=unconfined` | For Docker Engine only, many modern gui apps need this to function on older hosts as syscalls are unknown to Docker |
 ## Environment variables from files (Docker secrets)
@ -556,8 +377,6 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
 ## Versions
 * **28.12.25:** - Add Wayland init logic, rebase to Alpine 3.23.
 * **12.07.25:** - Rebase to Selkies and Alpine 3.22, HTTPS IS NOW REQUIRED.
 * **06.12.24:** - Rebase to Alpine 3.21.
 * **23.05.24:** - Rebase to Alpine 3.20.
 * **10.02.24:** - Update Readme with new env vars and ingest proper PWA icon.
--- a/jenkins-vars.yml
+++ b/jenkins-vars.yml
@ -9,7 +9,7 @@ ls_branch: master
 build_armhf: false
 repo_vars:
  - EXT_GIT_BRANCH = 'master'
-  - EXT_USER = 'francescmaestre'
+  - EXT_USER = 'francescmm'
  - EXT_REPO = 'GitQlient'
  - BUILD_VERSION_ARG = 'GITQLIENT_RELEASE'
  - LS_USER = 'linuxserver'
@ -22,8 +22,8 @@ repo_vars:
  - MULTIARCH = 'true'
  - CI = 'true'
  - CI_WEB = 'true'
-  - CI_PORT = '3001'
+  - CI_PORT = '3000'
-  - CI_SSL = 'true'
+  - CI_SSL = 'false'
  - CI_DELAY = '120'
  - CI_DOCKERENV = 'TZ=US/Pacific'
  - CI_AUTH = 'user:password'
--- a/package_versions.txt
+++ b/package_versions.txt
--- a/readme-vars.yml
+++ b/readme-vars.yml
@ -6,7 +6,6 @@ project_url: "https://github.com/francescmm/GitQlient"
 project_logo: "https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/gitqlient-icon.png"
 project_blurb: "[GitQlient]({{ project_url }}) is a multi-platform Git client originally forked from QGit. Nowadays it goes beyond of just a fork and adds a lot of new functionality."
 project_lsio_github_repo_url: "https://github.com/linuxserver/docker-{{ project_name }}"
 project_categories: "Programming"
 project_blurb_optional_extras_enabled: false
 # supported architectures
 available_architectures:
@ -17,22 +16,30 @@ development_versions: false
 # container parameters
 common_param_env_vars_enabled: true
 param_container_name: "{{ project_name }}"
 param_usage_include_env: true
 param_env_vars:
  - {env_var: "TZ", env_value: "Europe/London", desc: "Specify a timezone to use EG Europe/London."}
 param_usage_include_vols: true
 param_volumes:
  - {vol_path: "/config", vol_host_path: "/path/to/config", desc: "Users home directory in the container, stores local files and settings"}
 param_usage_include_ports: true
 param_ports:
-  - {external_port: "3000", internal_port: "3000", port_desc: "HTTP GitQlient desktop gui, must be proxied."}
+  - {external_port: "3000", internal_port: "3000", port_desc: "GitQlient desktop gui."}
  - {external_port: "3001", internal_port: "3001", port_desc: "HTTPS GitQlient desktop gui."}
-custom_params:
+opt_security_opt_param: true
-  - {name: "shm-size", name_compose: "shm_size", value: "1gb", desc: "Recommended for all desktop images."}
+opt_security_opt_param_vars:
-# Selkies blurb settings
+  - {run_var: "seccomp=unconfined", compose_var: "seccomp:unconfined", desc: "For Docker Engine only, many modern gui apps need this to function on older hosts as syscalls are unknown to Docker"}
-selkies_blurb: true
+# Kasm blurb settings
 kasm_blurb: true
 external_http_port: "3000"
 external_https_port: "3001"
 noto_fonts: "font-noto-cjk"
 # application setup block
 app_setup_block_enabled: true
 app_setup_block: |
  The application can be accessed at:
  * http://yourhost:3000/
  * https://yourhost:3001/
 # init diagram
 init_diagram: |
@ -49,61 +56,51 @@ init_diagram: |
    custom services -> legacy-services
    legacy-services -> ci-service-check
    init-migrations -> init-adduser
    init-kasmvnc-end -> init-config
    init-os-end -> init-config
    init-selkies-end -> init-config
    init-config -> init-config-end
    init-crontab-config -> init-config-end
    init-config -> init-crontab-config
    init-mods-end -> init-custom-files
    init-adduser -> init-device-perms
    base -> init-envfile
    init-os-end -> init-kasmvnc
    init-nginx -> init-kasmvnc-config
    init-video -> init-kasmvnc-end
    base -> init-migrations
    init-config-end -> init-mods
    init-mods-package-install -> init-mods-end
    init-mods -> init-mods-package-install
-    init-selkies -> init-nginx
+    init-kasmvnc -> init-nginx
    init-adduser -> init-os-end
    init-device-perms -> init-os-end
    init-envfile -> init-os-end
    init-os-end -> init-selkies
    init-nginx -> init-selkies-config
    init-video -> init-selkies-end
    init-custom-files -> init-services
-    init-selkies-config -> init-video
+    init-kasmvnc-config -> init-video
    init-services -> svc-cron
    svc-cron -> legacy-services
    init-services -> svc-de
    svc-nginx -> svc-de
    svc-xorg -> svc-de
    svc-de -> legacy-services
    init-services -> svc-docker
    svc-de -> svc-docker
    svc-docker -> legacy-services
    init-services -> svc-kasmvnc
    svc-pulseaudio -> svc-kasmvnc
    svc-kasmvnc -> legacy-services
    init-services -> svc-kclient
    svc-kasmvnc -> svc-kclient
    svc-kclient -> legacy-services
    init-services -> svc-nginx
    svc-kclient -> svc-nginx
    svc-nginx -> legacy-services
    init-services -> svc-pulseaudio
    svc-pulseaudio -> legacy-services
    init-services -> svc-selkies
    svc-nginx -> svc-selkies
    svc-pulseaudio -> svc-selkies
    svc-xorg -> svc-selkies
    svc-selkies -> legacy-services
    init-services -> svc-watchdog
    svc-watchdog -> legacy-services
    init-services -> svc-xorg
    svc-xorg -> legacy-services
    init-services -> svc-xsettingsd
    svc-nginx -> svc-xsettingsd
    svc-xorg -> svc-xsettingsd
    svc-xsettingsd -> legacy-services
  }
  Base Images: {
-    "baseimage-selkies:alpine323" <- "baseimage-alpine:3.23"
+    "baseimage-kasmvnc:alpine321" <- "baseimage-alpine:3.21"
  }
  "gitqlient:latest" <- Base Images
 # changelog
 changelogs:
  - {date: "28.12.25:", desc: "Add Wayland init logic, rebase to Alpine 3.23."}
  - {date: "12.07.25:", desc: "Rebase to Selkies and Alpine 3.22, HTTPS IS NOW REQUIRED."}
  - {date: "06.12.24:", desc: "Rebase to Alpine 3.21."}
  - {date: "23.05.24:", desc: "Rebase to Alpine 3.20."}
  - {date: "10.02.24:", desc: "Update Readme with new env vars and ingest proper PWA icon."}
--- a/root/defaults/autostart_wayland
+++ b/root/defaults/autostart_wayland
@ -1,2 +0,0 @@
 #! /bin/bash
 gitqlient
--- a/root/defaults/menu_wayland.xml
+++ b/root/defaults/menu_wayland.xml
@ -1,7 +0,0 @@
 <?xml version="1.0" encoding="utf-8"?>
 <openbox_menu xmlns="http://openbox.org/3.4/menu">
 <menu id="root-menu" label="MENU">
 <item label="foot" icon="/usr/share/icons/hicolor/48x48/apps/foot.png"><action name="Execute"><command>/usr/bin/foot</command></action></item>
 <item label="GitQlient" icon="/usr/share/icons/hicolor/scalable/apps/gitqlient.svg"><action name="Execute"><command>/usr/bin/gitqlient</command></action></item>
 </menu>
 </openbox_menu>