🔧 Update scripts and add CA cert update 🔧

Update all container scripts to 202605241245-git and add CA certificate
update step after package installation.
- rootfs/root/docker/setup/00-init.sh: updated to latest template
- rootfs/root/docker/setup/01-system.sh: updated to latest template
- rootfs/root/docker/setup/02-packages.sh: add update-ca-certificates/update-ca-trust step
- rootfs/root/docker/setup/03-files.sh: updated to latest template
- rootfs/root/docker/setup/04-users.sh: updated to latest template
- rootfs/root/docker/setup/05-custom.sh: updated to latest template
- rootfs/root/docker/setup/06-post.sh: updated to latest template
- rootfs/root/docker/setup/07-cleanup.sh: updated to latest template
- rootfs/usr/local/bin/entrypoint.sh: updated to 202605241245-git
- rootfs/usr/local/bin/pkmgr: updated to 202605241245-git
- rootfs/usr/local/etc/docker/functions/entrypoint.sh: updated to 202605241245-git

rootfs/root/docker/setup/00-init.sh
rootfs/root/docker/setup/01-system.sh
rootfs/root/docker/setup/02-packages.sh
rootfs/root/docker/setup/03-files.sh
rootfs/root/docker/setup/04-users.sh
rootfs/root/docker/setup/05-custom.sh
rootfs/root/docker/setup/06-post.sh
rootfs/root/docker/setup/07-cleanup.sh
rootfs/usr/local/bin/entrypoint.sh
rootfs/usr/local/bin/pkmgr
rootfs/usr/local/etc/docker/functions/entrypoint.sh

rootfs/root/docker/setup/05-custom.sh

@@ -1,12 +1,12 @@
 #!/usr/bin/env bash
 # shellcheck shell=bash
 # - - - - - - - - - - - - - - - - - - - - - - - - -
-##@Version           :  202604221922-git
+##@Version           :  202605242100-git
 # @@Author           :  CasjaysDev
 # @@Contact          :  CasjaysDev <docker-admin@casjaysdev.pro>
 # @@License          :  MIT
 # @@Copyright        :  Copyright 2026 CasjaysDev
-# @@Created          :  Wed Apr 22 07:22:57 PM EDT 2026
+# @@Created          :  Sun May 24 09:00:31 PM EDT 2026
 # @@File             :  05-custom.sh
 # @@Description      :  script to run custom
 # @@Changelog        :  newScript
@@ -32,109 +32,12 @@ exitCode=0
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # Main script
 
-# Install Rust developer tools into $CARGO_HOME/bin (which is on PATH
-# via the symlinks created in 02-packages.sh).
-#
-# Strategy: bootstrap `cargo-binstall` first via its upstream installer
-# script, then use it for everything else. binstall fetches prebuilt
-# binaries when the upstream crate publishes them and falls back to a
-# normal `cargo install` otherwise - dramatically faster than
-# source-compiling 30+ tools sequentially.
-export CARGO_HOME="${CARGO_HOME:-/usr/local/share/cargo}"
-export RUSTUP_HOME="${RUSTUP_HOME:-/usr/local/share/rustup}"
-export PATH="${CARGO_HOME}/bin:${PATH}"
-mkdir -p "$CARGO_HOME" "$RUSTUP_HOME"
-
-if command -v cargo >/dev/null 2>&1; then
-  echo "Installing Rust developer tools with $(rustc --version)"
-
-  # cargo-binstall: bootstrap via `cargo install`. Compiles from
-  # crates.io (~3-5 min cold) but avoids the upstream install script's
-  # curl-pipe-to-bash, which has been observed to fail with TLS SAN
-  # errors when fetching the prebuilt binary from github.com inside
-  # certain build environments. Slower but bulletproof.
-  cargo install cargo-binstall --locked \
-    || echo "  WARN: cargo-binstall bootstrap failed - falling through" >&2
-
-  # Use binstall for the remainder. --no-confirm skips prompts;
-  # --locked uses each crate's checked-in Cargo.lock for reproducibility;
-  # binstall transparently falls back to `cargo install` when no
-  # prebuilt binary is available.
-  for tool in \
-    cargo-edit \
-    cargo-watch \
-    cargo-update \
-    cargo-outdated \
-    cargo-expand \
-    cargo-info \
-    cargo-nextest \
-    cargo-llvm-cov \
-    cargo-tarpaulin \
-    cargo-mutants \
-    cargo-audit \
-    cargo-deny \
-    cargo-machete \
-    cargo-msrv \
-    cargo-semver-checks \
-    cargo-make \
-    cargo-deb \
-    cargo-generate \
-    cargo-release \
-    cargo-dist \
-    cargo-chef \
-    cargo-zigbuild \
-    cargo-flamegraph \
-    bacon \
-    mdbook \
-    mdbook-toc \
-    wasm-pack \
-    wasm-bindgen-cli \
-    wasm-tools \
-    sqlx-cli \
-    sea-orm-cli \
-    trunk \
-    samply \
-    just \
-    tokei \
-    hyperfine \
-    cargo-binutils \
-    cargo-cross \
-    flip-link \
-    probe-rs-tools \
-    cargo-ndk \
-    cbindgen \
-    cargo-bloat \
-    cargo-asm \
-    ; do
-    echo "cargo binstall $tool"
-    # Best-effort: skip individual tool failures rather than aborting
-    # the whole build. binstall falls back to `cargo install` when no
-    # prebuilt is available; if both fail (stale deps, etc.), warn
-    # and move on.
-    cargo binstall --no-confirm --locked "$tool" \
-      || echo "  WARN: skipping $tool (install failed)" >&2
-  done
-
-  # Re-link any newly installed cargo-* binaries into /usr/local/bin so
-  # they're discoverable for non-login `docker exec` invocations.
-  for bin in "${CARGO_HOME}"/bin/*; do
-    [ -e "$bin" ] || continue
-    name="$(basename "$bin")"
-    [ -e "/usr/local/bin/${name}" ] || ln -sf "$bin" "/usr/local/bin/${name}"
-  done
-  unset bin name
-
-  # Drop the registry cache + git checkouts; they balloon the image and
-  # get rehydrated on first `cargo build` against a real volume.
-  rm -rf "${CARGO_HOME}/registry" "${CARGO_HOME}/git" 2>/dev/null || true
-else
-  echo "cargo binary not found; skipping Rust dev tools" >&2
-fi
-
-# Always succeed: tool installation is best-effort, the build environment
-# is functional even if some optional dev tools didn't make it. The
-# rustup toolchain itself was already verified by 02-packages.sh.
-exit 0
+# - - - - - - - - - - - - - - - - - - - - - - - - -
+# Set the exit code
+exitCode=$?
+# - - - - - - - - - - - - - - - - - - - - - - - - -
+exit $exitCode
 # - - - - - - - - - - - - - - - - - - - - - - - - -
 # ex: ts=2 sw=2 et filetype=sh
 # - - - - - - - - - - - - - - - - - - - - - - - - -
+