starred/ProxmoxVE

Fork 0

mirror of https://github.com/community-scripts/ProxmoxVE.git synced 2026-04-25 09:15:59 +03:00

[GH-ISSUE #12146] PatchMon: After Update v1.4.1 -> v1.4.2 App is broken #2546

New issue

Closed

opened 2026-02-26 12:52:48 +03:00 by kerem · 5 comments

kerem commented

2026-02-26 12:52:48 +03:00

Owner

Originally created by @heinemannj on GitHub (Feb 21, 2026).
Original GitHub issue: https://github.com/community-scripts/ProxmoxVE/issues/12146

Originally assigned to: @vhsdream on GitHub.

✅ Have you read and understood the above guidelines?

yes

🔎 Did you run the script with verbose mode enabled?

Yes, verbose mode was enabled and the output is included below

📜 What is the name of the script you are using?

PatchMon

📂 What was the exact command used to execute the script?

update

⚙️ What settings are you using?

Default Settings
Advanced Settings

🖥️ Which Linux distribution are you using?

Debian 13

📈 Which Proxmox version are you on?

pve-manager/9.1.5/80cf92a64bef6889 (running kernel: 6.17.4-2-pve)

📝 Provide a clear and concise description of the issue.

After Update v1.4.1 -> v1.4.2 via LXC update command, PatchMon App is broken.

🔄 Steps to reproduce the issue.

❌ Paste the full error output (if available).

root@patchmon:~# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
root@patchmon:~#

root@patchmon:~# cat /etc/nginx/sites-available/patchmon.conf
server {
    listen 3000;
        listen [::]:3000;
    server_name localhost;
    root /usr/share/nginx/html;
    index index.html;

    tcp_nopush on;
    gzip on;
    gzip_vary on;
    gzip_min_length 1024;
    gzip_types
        text/plain
        text/css
        text/xml
        text/javascript
        application/javascript
        application/xml+rss
        application/json
        application/xml;

    # Security headers
    add_header X-Frame-Options DENY always;
    add_header X-Content-Type-Options nosniff always;
    add_header X-XSS-Protection "1; mode=block" always;
    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
    
    # Prevent search engine indexing
    add_header X-Robots-Tag "noindex, nofollow, noarchive, nosnippet" always;

    # Bull Board proxy - must come before the root location to avoid conflicts
    location /bullboard {
        proxy_pass http://127.0.0.1:3001;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header Cookie $http_cookie;  # Forward cookies to backend
        proxy_cache_bypass $http_upgrade;
        proxy_read_timeout 300s;
        proxy_connect_timeout 75s;
        
        # Enable cookie passthrough in both directions
        proxy_pass_header Set-Cookie;
        proxy_cookie_path / /;

        # Preserve original client IP through proxy chain
        proxy_set_header X-Original-Forwarded-For $http_x_forwarded_for;

        # CORS headers for Bull Board - let backend handle CORS properly
        # Note: Backend handles CORS with proper origin validation and credentials

        # Handle preflight requests
        if ($request_method = 'OPTIONS') {
            return 204;
        }
    }

    # Handle client-side routing
    location / {
        root /opt/patchmon/frontend/dist;
        try_files $uri $uri/ /index.html;
    }

    # API proxy
    location /api/ {
        proxy_pass http://127.0.0.1:3001;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
        proxy_set_header X-Forwarded-Host $host;

        # Allow larger request bodies for logo/branding uploads (base64-encoded)
        # Default nginx limit is 1MB which is too small for image uploads
        client_max_body_size 10m;

        # For the Websocket connection:
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_cache_bypass $http_upgrade;
        proxy_read_timeout 300s;
        proxy_connect_timeout 75s;

        # Preserve original client IP through proxy chain
        proxy_set_header X-Original-Forwarded-For $http_x_forwarded_for;

        # CORS headers for API calls - let backend handle CORS properly
        # Note: Backend handles CORS with proper origin validation and credentials

        # Handle preflight requests
        if ($request_method = 'OPTIONS') {
            return 204;
        }
    }


    # Custom branding assets (logos, favicons) - served from mounted volume
    # This allows logos to persist across container restarts
    location /assets/ {
        alias /opt/patchmon/frontend/dist/assets;
        expires 1h;
        add_header Cache-Control "public, must-revalidate";
        add_header Access-Control-Allow-Origin *;
        access_log off;
    }

    # Static assets caching (exclude Bull Board and API assets like Swagger UI)
    location ~* ^/(?!bullboard|api/).*\.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
        root /opt/patchmon/frontend/dist;
        expires 1y;
        add_header Cache-Control "public, immutable";
        access_log off;
    }

    # Health check endpoint
    location /health {
        access_log off;
        return 200 "healthy\n";
        add_header Content-Type text/plain;
    }
}

root@patchmon:~# cat /opt/patchmon/frontend/.env
VITE_API_URL=http ://192.168.178.106 /api/v1
VITE_APP_NAME=PatchMon
VITE_APP_VERSION=1.4.2

root@patchmon:~# cat /opt/patchmon/backend/.env
# Database Configuration
DATABASE_URL="postgresql://patchmon_usr:QBQb7GxzjRgOx@localhost:5432/patchmon_db"
PM_DB_CONN_MAX_ATTEMPTS=30
PM_DB_CONN_WAIT_INTERVAL=2

# Database Connection Pool Configuration (Prisma)
DB_CONNECTION_LIMIT=30       # Maximum connections per instance (default: 30)
DB_POOL_TIMEOUT=20          # Seconds to wait for available connection (default: 20)
DB_CONNECT_TIMEOUT=10       # Seconds to wait for initial connection (default: 10)
DB_IDLE_TIMEOUT=300         # Seconds before closing idle connections (default: 300)
DB_MAX_LIFETIME=1800        # Maximum lifetime of a connection in seconds (default: 1800)

# Database Transaction Timeout Configuration
DB_TRANSACTION_MAX_WAIT=10000    # Milliseconds to wait for transaction slot (default: 10000 = 10s)
DB_TRANSACTION_TIMEOUT=30000     # Milliseconds for transaction to complete (default: 30000 = 30s)
DB_TRANSACTION_LONG_TIMEOUT=60000 # Milliseconds for long-running transactions (default: 60000 = 60s)

# JWT Configuration
JWT_SECRET=7540c847ce74fd22da09211fdd0b46cf574f24bcb4555ccbfdf19d08a59955354819806b976ce503a29e56885275629a1e6450fa6659faba0cade2a17ac9ad4f
JWT_EXPIRES_IN=1h
JWT_REFRESH_EXPIRES_IN=7d

# Server Configuration
PORT=3001
SERVER_PROTOCOL=http 
  SERVER_HOST=192.168.178.106 
  SERVER_PORT=3000
NODE_ENV=production
TRUST_PROXY=1

# API Configuration
API_VERSION=v1

# CORS Configuration
CORS_ORIGIN=http://192.168.178.106:3000

# Session Configuration
SESSION_INACTIVITY_TIMEOUT_MINUTES=30

# User Configuration
DEFAULT_USER_ROLE=user

# Rate Limiting (times in milliseconds)
RATE_LIMIT_WINDOW_MS=900000
RATE_LIMIT_MAX=5000
AUTH_RATE_LIMIT_WINDOW_MS=600000
AUTH_RATE_LIMIT_MAX=500
AGENT_RATE_LIMIT_WINDOW_MS=60000
AGENT_RATE_LIMIT_MAX=1000

# Account Lockout Configuration
MAX_LOGIN_ATTEMPTS=5
LOCKOUT_DURATION_MINUTES=15

# Password Complexity Configuration
PASSWORD_MIN_LENGTH=8
PASSWORD_REQUIRE_UPPERCASE=true
PASSWORD_REQUIRE_LOWERCASE=true
PASSWORD_REQUIRE_NUMBER=true
PASSWORD_REQUIRE_SPECIAL=true

# Redis Configuration
REDIS_HOST=localhost
REDIS_PORT=6379
REDIS_DB=0

# Redis Connection Timeouts (milliseconds)
# Increase these if you see "Command timed out" errors, especially with high network latency
# REDIS_CONNECT_TIMEOUT_MS=60000    # Time to wait for initial connection (default: 60s)
# REDIS_COMMAND_TIMEOUT_MS=60000    # Time to wait for Redis commands to complete (default: 60s)

# BullMQ Lock Configuration (milliseconds)
# These settings prevent "Missing lock" or "could not renew lock" errors when Redis is slow.
# lockDuration: How long a job can run before its lock expires (default: 120000 = 120s)
# lockRenewTime: How often to renew the lock to prevent expiration (default: 20000 = 20s)
# Increase lockDuration if you see lock expiration errors with long-running jobs
# Decrease lockRenewTime if lock renewals are timing out (must be < lockDuration and < REDIS_COMMAND_TIMEOUT_MS)
# BULLMQ_LOCK_DURATION_MS=120000
# BULLMQ_LOCK_RENEW_TIME_MS=20000

# Logging
# Set ENABLE_LOGGING=true (exactly "true") or the backend will not log at all.
# LOG_LEVEL: debug | info | warn | error (default: info)
# LOG_TO_CONSOLE=true: send logs to stdout/stderr (use this when viewing logs in Docker/systemd).
#   If unset in production, logs go only to logs/error.log and logs/combined.log.
LOG_LEVEL=info
ENABLE_LOGGING=true
# LOG_TO_CONSOLE=true

# TFA Configuration (optional - used if TFA is enabled)
TFA_REMEMBER_ME_EXPIRES_IN=30d
TFA_MAX_REMEMBER_SESSIONS=5
TFA_SUSPICIOUS_ACTIVITY_THRESHOLD=3

# TFA Rate Limiting (separate from login lockout)
MAX_TFA_ATTEMPTS=5
TFA_LOCKOUT_DURATION_MINUTES=30

# Timezone Configuration
# Set the timezone for timestamps and logs (e.g., 'UTC', 'America/New_York', 'Europe/London')
# Defaults to UTC if not set. This ensures consistent timezone handling across the application.
TZ=UTC

# ===================
# OIDC Configuration
# ===================
# Set to 'true' to enable OIDC authentication
OIDC_ENABLED=false

# OIDC Provider Discovery URL (ends with /.well-known/openid-configuration or the base issuer URL)
# For Authentik: https://auth.example.com/application/o/patchmon/
# For Keycloak: https://keycloak.example.com/realms/myrealm
OIDC_ISSUER_URL=

# Client credentials from your IdP
OIDC_CLIENT_ID=
OIDC_CLIENT_SECRET=

# Redirect URI - must match what's configured in your IdP
OIDC_REDIRECT_URI=https://patchmon.example.com/api/v1/auth/oidc/callback

# Scopes to request (space-separated)
# Include 'groups' scope if using group-based role mapping
OIDC_SCOPES=openid email profile groups

# Auto-create users on first OIDC login
OIDC_AUTO_CREATE_USERS=true

# Default role for auto-created users: 'admin' or 'user'
OIDC_DEFAULT_ROLE=user

# Optional: Disable local password authentication entirely
OIDC_DISABLE_LOCAL_AUTH=false

# Optional: Button text for the SSO login button
OIDC_BUTTON_TEXT=Login with SSO

# ===================
# OIDC Group Mapping
# ===================
# Map IdP groups to PatchMon roles
# Users in OIDC_ADMIN_GROUP get 'admin' role
# Users in OIDC_USER_GROUP get 'user' role
# Users in neither get OIDC_DEFAULT_ROLE
OIDC_ADMIN_GROUP=PatchMon Admins
OIDC_USER_GROUP=PatchMon Users

# Sync roles on every login (set to 'true' to update role based on current groups)
# When false, role is only set on first login
OIDC_SYNC_ROLES=true

🖼️ Additional context (optional).

No response

Originally created by @heinemannj on GitHub (Feb 21, 2026). Original GitHub issue: https://github.com/community-scripts/ProxmoxVE/issues/12146 Originally assigned to: @vhsdream on GitHub. ### ✅ Have you read and understood the above guidelines? yes ### 🔎 Did you run the script with verbose mode enabled? Yes, verbose mode was enabled and the output is included below ### 📜 What is the name of the script you are using? PatchMon ### 📂 What was the exact command used to execute the script? update ### ⚙️ What settings are you using? - [x] Default Settings - [ ] Advanced Settings ### 🖥️ Which Linux distribution are you using? Debian 13 ### 📈 Which Proxmox version are you on? pve-manager/9.1.5/80cf92a64bef6889 (running kernel: 6.17.4-2-pve) ### 📝 Provide a clear and concise description of the issue. After Update v1.4.1 -> v1.4.2 via LXC update command, PatchMon App is broken. <img width="767" height="441" alt="Image" src="https://github.com/user-attachments/assets/5376d5e1-34f1-4f1e-93ac-bdaf38e6c4d1" /> ### 🔄 Steps to reproduce the issue. <img width="1262" height="908" alt="Image" src="https://github.com/user-attachments/assets/76647c60-90f2-48d1-9bbf-fcfcb3f53ed1" /> <img width="1414" height="881" alt="Image" src="https://github.com/user-attachments/assets/d96fd75f-d228-439e-8b12-c79fda2f7893" /> <img width="1306" height="906" alt="Image" src="https://github.com/user-attachments/assets/fea7c19c-b268-4261-9117-6582caa649ee" /> ### ❌ Paste the full error output (if available). ``` root@patchmon:~# nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful root@patchmon:~# ``` ``` root@patchmon:~# cat /etc/nginx/sites-available/patchmon.conf server { listen 3000; listen [::]:3000; server_name localhost; root /usr/share/nginx/html; index index.html; tcp_nopush on; gzip on; gzip_vary on; gzip_min_length 1024; gzip_types text/plain text/css text/xml text/javascript application/javascript application/xml+rss application/json application/xml; # Security headers add_header X-Frame-Options DENY always; add_header X-Content-Type-Options nosniff always; add_header X-XSS-Protection "1; mode=block" always; add_header Referrer-Policy "strict-origin-when-cross-origin" always; # Prevent search engine indexing add_header X-Robots-Tag "noindex, nofollow, noarchive, nosnippet" always; # Bull Board proxy - must come before the root location to avoid conflicts location /bullboard { proxy_pass http://127.0.0.1:3001; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; proxy_set_header X-Forwarded-Host $host; proxy_set_header Cookie $http_cookie; # Forward cookies to backend proxy_cache_bypass $http_upgrade; proxy_read_timeout 300s; proxy_connect_timeout 75s; # Enable cookie passthrough in both directions proxy_pass_header Set-Cookie; proxy_cookie_path / /; # Preserve original client IP through proxy chain proxy_set_header X-Original-Forwarded-For $http_x_forwarded_for; # CORS headers for Bull Board - let backend handle CORS properly # Note: Backend handles CORS with proper origin validation and credentials # Handle preflight requests if ($request_method = 'OPTIONS') { return 204; } } # Handle client-side routing location / { root /opt/patchmon/frontend/dist; try_files $uri $uri/ /index.html; } # API proxy location /api/ { proxy_pass http://127.0.0.1:3001; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; proxy_set_header X-Forwarded-Host $host; # Allow larger request bodies for logo/branding uploads (base64-encoded) # Default nginx limit is 1MB which is too small for image uploads client_max_body_size 10m; # For the Websocket connection: proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_cache_bypass $http_upgrade; proxy_read_timeout 300s; proxy_connect_timeout 75s; # Preserve original client IP through proxy chain proxy_set_header X-Original-Forwarded-For $http_x_forwarded_for; # CORS headers for API calls - let backend handle CORS properly # Note: Backend handles CORS with proper origin validation and credentials # Handle preflight requests if ($request_method = 'OPTIONS') { return 204; } } # Custom branding assets (logos, favicons) - served from mounted volume # This allows logos to persist across container restarts location /assets/ { alias /opt/patchmon/frontend/dist/assets; expires 1h; add_header Cache-Control "public, must-revalidate"; add_header Access-Control-Allow-Origin *; access_log off; } # Static assets caching (exclude Bull Board and API assets like Swagger UI) location ~* ^/(?!bullboard|api/).*\.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ { root /opt/patchmon/frontend/dist; expires 1y; add_header Cache-Control "public, immutable"; access_log off; } # Health check endpoint location /health { access_log off; return 200 "healthy\n"; add_header Content-Type text/plain; } } ``` ``` root@patchmon:~# cat /opt/patchmon/frontend/.env VITE_API_URL=http ://192.168.178.106 /api/v1 VITE_APP_NAME=PatchMon VITE_APP_VERSION=1.4.2 ``` ``` root@patchmon:~# cat /opt/patchmon/backend/.env # Database Configuration DATABASE_URL="postgresql://patchmon_usr:QBQb7GxzjRgOx@localhost:5432/patchmon_db" PM_DB_CONN_MAX_ATTEMPTS=30 PM_DB_CONN_WAIT_INTERVAL=2 # Database Connection Pool Configuration (Prisma) DB_CONNECTION_LIMIT=30 # Maximum connections per instance (default: 30) DB_POOL_TIMEOUT=20 # Seconds to wait for available connection (default: 20) DB_CONNECT_TIMEOUT=10 # Seconds to wait for initial connection (default: 10) DB_IDLE_TIMEOUT=300 # Seconds before closing idle connections (default: 300) DB_MAX_LIFETIME=1800 # Maximum lifetime of a connection in seconds (default: 1800) # Database Transaction Timeout Configuration DB_TRANSACTION_MAX_WAIT=10000 # Milliseconds to wait for transaction slot (default: 10000 = 10s) DB_TRANSACTION_TIMEOUT=30000 # Milliseconds for transaction to complete (default: 30000 = 30s) DB_TRANSACTION_LONG_TIMEOUT=60000 # Milliseconds for long-running transactions (default: 60000 = 60s) # JWT Configuration JWT_SECRET=7540c847ce74fd22da09211fdd0b46cf574f24bcb4555ccbfdf19d08a59955354819806b976ce503a29e56885275629a1e6450fa6659faba0cade2a17ac9ad4f JWT_EXPIRES_IN=1h JWT_REFRESH_EXPIRES_IN=7d # Server Configuration PORT=3001 SERVER_PROTOCOL=http SERVER_HOST=192.168.178.106 SERVER_PORT=3000 NODE_ENV=production TRUST_PROXY=1 # API Configuration API_VERSION=v1 # CORS Configuration CORS_ORIGIN=http://192.168.178.106:3000 # Session Configuration SESSION_INACTIVITY_TIMEOUT_MINUTES=30 # User Configuration DEFAULT_USER_ROLE=user # Rate Limiting (times in milliseconds) RATE_LIMIT_WINDOW_MS=900000 RATE_LIMIT_MAX=5000 AUTH_RATE_LIMIT_WINDOW_MS=600000 AUTH_RATE_LIMIT_MAX=500 AGENT_RATE_LIMIT_WINDOW_MS=60000 AGENT_RATE_LIMIT_MAX=1000 # Account Lockout Configuration MAX_LOGIN_ATTEMPTS=5 LOCKOUT_DURATION_MINUTES=15 # Password Complexity Configuration PASSWORD_MIN_LENGTH=8 PASSWORD_REQUIRE_UPPERCASE=true PASSWORD_REQUIRE_LOWERCASE=true PASSWORD_REQUIRE_NUMBER=true PASSWORD_REQUIRE_SPECIAL=true # Redis Configuration REDIS_HOST=localhost REDIS_PORT=6379 REDIS_DB=0 # Redis Connection Timeouts (milliseconds) # Increase these if you see "Command timed out" errors, especially with high network latency # REDIS_CONNECT_TIMEOUT_MS=60000 # Time to wait for initial connection (default: 60s) # REDIS_COMMAND_TIMEOUT_MS=60000 # Time to wait for Redis commands to complete (default: 60s) # BullMQ Lock Configuration (milliseconds) # These settings prevent "Missing lock" or "could not renew lock" errors when Redis is slow. # lockDuration: How long a job can run before its lock expires (default: 120000 = 120s) # lockRenewTime: How often to renew the lock to prevent expiration (default: 20000 = 20s) # Increase lockDuration if you see lock expiration errors with long-running jobs # Decrease lockRenewTime if lock renewals are timing out (must be < lockDuration and < REDIS_COMMAND_TIMEOUT_MS) # BULLMQ_LOCK_DURATION_MS=120000 # BULLMQ_LOCK_RENEW_TIME_MS=20000 # Logging # Set ENABLE_LOGGING=true (exactly "true") or the backend will not log at all. # LOG_LEVEL: debug | info | warn | error (default: info) # LOG_TO_CONSOLE=true: send logs to stdout/stderr (use this when viewing logs in Docker/systemd). # If unset in production, logs go only to logs/error.log and logs/combined.log. LOG_LEVEL=info ENABLE_LOGGING=true # LOG_TO_CONSOLE=true # TFA Configuration (optional - used if TFA is enabled) TFA_REMEMBER_ME_EXPIRES_IN=30d TFA_MAX_REMEMBER_SESSIONS=5 TFA_SUSPICIOUS_ACTIVITY_THRESHOLD=3 # TFA Rate Limiting (separate from login lockout) MAX_TFA_ATTEMPTS=5 TFA_LOCKOUT_DURATION_MINUTES=30 # Timezone Configuration # Set the timezone for timestamps and logs (e.g., 'UTC', 'America/New_York', 'Europe/London') # Defaults to UTC if not set. This ensures consistent timezone handling across the application. TZ=UTC # =================== # OIDC Configuration # =================== # Set to 'true' to enable OIDC authentication OIDC_ENABLED=false # OIDC Provider Discovery URL (ends with /.well-known/openid-configuration or the base issuer URL) # For Authentik: https://auth.example.com/application/o/patchmon/ # For Keycloak: https://keycloak.example.com/realms/myrealm OIDC_ISSUER_URL= # Client credentials from your IdP OIDC_CLIENT_ID= OIDC_CLIENT_SECRET= # Redirect URI - must match what's configured in your IdP OIDC_REDIRECT_URI=https://patchmon.example.com/api/v1/auth/oidc/callback # Scopes to request (space-separated) # Include 'groups' scope if using group-based role mapping OIDC_SCOPES=openid email profile groups # Auto-create users on first OIDC login OIDC_AUTO_CREATE_USERS=true # Default role for auto-created users: 'admin' or 'user' OIDC_DEFAULT_ROLE=user # Optional: Disable local password authentication entirely OIDC_DISABLE_LOCAL_AUTH=false # Optional: Button text for the SSO login button OIDC_BUTTON_TEXT=Login with SSO # =================== # OIDC Group Mapping # =================== # Map IdP groups to PatchMon roles # Users in OIDC_ADMIN_GROUP get 'admin' role # Users in OIDC_USER_GROUP get 'user' role # Users in neither get OIDC_DEFAULT_ROLE OIDC_ADMIN_GROUP=PatchMon Admins OIDC_USER_GROUP=PatchMon Users # Sync roles on every login (set to 'true' to update role based on current groups) # When false, role is only set on first login OIDC_SYNC_ROLES=true ``` ### 🖼️ Additional context (optional). _No response_

kerem

2026-02-26 12:52:48 +03:00

closed this issue
added the
bug
label

kerem commented

2026-02-26 12:52:48 +03:00

Author

Owner

@MickLesk commented on GitHub (Feb 21, 2026):

@vhsdream 😄

@MickLesk commented on GitHub (Feb 21, 2026): @vhsdream 😄

kerem commented

2026-02-26 12:52:48 +03:00

Author

Owner

@heinemannj commented on GitHub (Feb 21, 2026):

Try to fix:

Stop the daemon

root@patchmon:~# systemctl stop patchmon-server
root@patchmon:~#

in /opt/patchmon/backend/.env:
Remove the indentation for SERVER_HOST and SERVER_PORT

PORT=3001
SERVER_PROTOCOL=http 
SERVER_HOST=192.168.178.106 
SERVER_PORT=3000
NODE_ENV=production
TRUST_PROXY=1

in /opt/patchmon/frontend/.env:
Remove the spaces in the value for VITE_API_URL and add the API port - 3001

root@patchmon:~# cat /opt/patchmon/frontend/.env
VITE_API_URL=http://192.168.178.106:3001/api/v1
VITE_APP_NAME=PatchMon
VITE_APP_VERSION=1.4.2
root@patchmon:~#

Confirm that your Nginx config (/etc/nginx/sites-available/patchmon.conf) is working (remember that listen on line 2 should say listen 3000;) - run nginx -t and look for success. Restart it for good measure - systemctl restart nginx

root@patchmon:~# cat /etc/nginx/sites-available/patchmon.conf
server {
    listen 3000;
        listen [::]:3000;
    server_name localhost;
    root /usr/share/nginx/html;
    index index.html;

root@patchmon:~# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

After all that is done, rather than manually building the frontend, you can just edit /root/.patchmon to have a lower version and then run update.

root@patchmon:~# cat /root/.patchmon
1.4.1

In patchmon LXC update

My final note:

the required correction steps 1-4 are the results of a fresh patchmon LXC installation at yesterday morning:

https://community-scripts.github.io/ProxmoxVE/scripts?id=patchmon

@heinemannj commented on GitHub (Feb 21, 2026): Try to fix: 1. Stop the daemon ``` root@patchmon:~# systemctl stop patchmon-server root@patchmon:~# ``` 2. in /opt/patchmon/backend/.env: Remove the indentation for SERVER_HOST and SERVER_PORT ``` PORT=3001 SERVER_PROTOCOL=http SERVER_HOST=192.168.178.106 SERVER_PORT=3000 NODE_ENV=production TRUST_PROXY=1 ``` 3. in /opt/patchmon/frontend/.env: Remove the spaces in the value for VITE_API_URL and add the API port - 3001 ``` root@patchmon:~# cat /opt/patchmon/frontend/.env VITE_API_URL=http://192.168.178.106:3001/api/v1 VITE_APP_NAME=PatchMon VITE_APP_VERSION=1.4.2 root@patchmon:~# ``` 4. Confirm that your Nginx config (/etc/nginx/sites-available/patchmon.conf) is working (remember that listen on line 2 should say listen 3000;) - run nginx -t and look for success. Restart it for good measure - systemctl restart nginx ``` root@patchmon:~# cat /etc/nginx/sites-available/patchmon.conf server { listen 3000; listen [::]:3000; server_name localhost; root /usr/share/nginx/html; index index.html; ``` ``` root@patchmon:~# nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful ``` 5. After all that is done, rather than manually building the frontend, you can just edit /root/.patchmon to have a lower version and then run update. ``` root@patchmon:~# cat /root/.patchmon 1.4.1 ``` In patchmon LXC `update` <img width="1372" height="898" alt="Image" src="https://github.com/user-attachments/assets/90882bd2-8c5b-4fc9-b692-f5175b04e6e2" /> <img width="1373" height="739" alt="Image" src="https://github.com/user-attachments/assets/639d3674-274a-4d25-af0c-f2c3fa219425" /> My final note: the required correction steps 1-4 are the results of a fresh patchmon LXC installation at yesterday morning: https://community-scripts.github.io/ProxmoxVE/scripts?id=patchmon

kerem commented

2026-02-26 12:52:48 +03:00

Author

Owner

@heinemannj commented on GitHub (Feb 21, 2026):

Apply again steps 1-4.

Step 3 needs to be corrected again - must be modified by the update script

root@patchmon:~# cat /opt/patchmon/frontend/.env
VITE_API_URL=http://192.168.178.106:3001/api/v1
VITE_APP_NAME=PatchMon
VITE_APP_VERSION=1.4.2
root@patchmon:~#

Go into /opt/patchmon/frontend and delete the dist and node_modules folders - cd /opt/patchmon/frontend && rm -rf ./dist ./node_modules
Then re-install dependencies: export NODE_ENV=production && npm install --no-audit --no-fund --no-save --ignore-scripts --include=dev
Rebuild the frontend: npm run build
If that succeeded, then start Patchmon and tail the journal to ensure it starts up: systemctl start patchmon-server && journalctl -f -u patchmon-server

In personal opinion there is Bug in the update script:

root@patchmon:~# cat /opt/patchmon/frontend/.env
VITE_API_URL=http://192.168.178.106:3001/api/v1

@heinemannj commented on GitHub (Feb 21, 2026): Apply again steps 1-4. Step 3 needs to be corrected again - must be modified by the update script ``` root@patchmon:~# cat /opt/patchmon/frontend/.env VITE_API_URL=http://192.168.178.106:3001/api/v1 VITE_APP_NAME=PatchMon VITE_APP_VERSION=1.4.2 root@patchmon:~# ``` 5. Go into /opt/patchmon/frontend and delete the dist and node_modules folders - `cd /opt/patchmon/frontend && rm -rf ./dist ./node_modules` 6. Then re-install dependencies: `export NODE_ENV=production && npm install --no-audit --no-fund --no-save --ignore-scripts --include=dev` 7. Rebuild the frontend: `npm run build` 8. If that succeeded, then start Patchmon and tail the journal to ensure it starts up: `systemctl start patchmon-server && journalctl -f -u patchmon-server` <img width="1903" height="497" alt="Image" src="https://github.com/user-attachments/assets/8a776cd2-219f-4597-9fab-657c1aa01a43" /> In personal opinion there is Bug in the update script: ``` root@patchmon:~# cat /opt/patchmon/frontend/.env VITE_API_URL=http://192.168.178.106:3001/api/v1 ```

kerem commented

2026-02-26 12:52:48 +03:00

Author

Owner

@zenithar47 commented on GitHub (Feb 21, 2026):

I had a similar issue when updating to 1.4.1 from 1.4.0 using the update script. I originally restored my backup of 1.4.0 to await another version. I used the update script again yesterday to go from 1.4.0 to 1.4.2. The update script included the warning saying there were breaking changes. My original install was 1.3.7, updated to 1.3.8, then 1.4.0.

My backend .env file didn't have any extra spaces, but I did have to add port 3000 to the CORS_ORIGIN variable and update VITE_API_URL to include the new server port 3001 in the frontend .env. I also had to update the port from 3389 to 3001 in /etc/patchmon/config.yml on all the monitored servers. No other changes we needed to get everything back up again for me.

@zenithar47 commented on GitHub (Feb 21, 2026): I had a similar issue when updating to 1.4.1 from 1.4.0 using the update script. I originally restored my backup of 1.4.0 to await another version. I used the update script again yesterday to go from 1.4.0 to 1.4.2. The update script included the warning saying there were breaking changes. My original install was 1.3.7, updated to 1.3.8, then 1.4.0. My backend .env file didn't have any extra spaces, but I did have to add port 3000 to the CORS_ORIGIN variable and update VITE_API_URL to include the new server port 3001 in the frontend .env. I also had to update the port from 3389 to 3001 in /etc/patchmon/config.yml on all the monitored servers. No other changes we needed to get everything back up again for me.

kerem commented

2026-02-26 12:52:48 +03:00

Author

Owner

@vhsdream commented on GitHub (Feb 21, 2026):

There's already a discussion about this and this issue should be closed.

@vhsdream commented on GitHub (Feb 21, 2026): There's already a [discussion](https://github.com/community-scripts/ProxmoxVE/discussions/12092) about this and this issue should be closed.

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/ProxmoxVE#2546

No description provided.

Rows
Columns