fix: bulletproof first-boot container creation and install reliability
Remove the Bitcoin RPC 60-second gate that blocked 13+ dependent containers (mempool, electrumx, btcpay, lnd, fedimint) from being created on first boot. Containers now always get created and auto-restart via health monitor once Bitcoin becomes responsive — the designed recovery path. Additional hardening: - Validate archy-net creation with retry (silent failure broke DNS) - Verify critical images are loaded, re-load from tarballs if missing - Create SearXNG settings.yml before container start (was missing) - Run reconciler automatically after first-boot failures - Add load-images as explicit systemd dependency with 900s timeout - Propagate config write errors in install.rs (bitcoin.conf, lnd.conf) - FileBrowser password change: retry loop (6 attempts) + 0o600 perms - Post-start verification: detect containers that exit immediately - Add 2s dependency waits between container starts Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -412,11 +412,13 @@ load_spec_searxng() {
|
||||
SPEC_IMAGE="${SEARXNG_IMAGE}"
|
||||
SPEC_PORTS="8888:8080"
|
||||
SPEC_MEMORY="$(mem_limit searxng)"
|
||||
SPEC_VOLUMES="/var/lib/archipelago/searxng:/etc/searxng"
|
||||
SPEC_HEALTH_CMD="curl -sf http://localhost:8080/ || exit 1"
|
||||
SPEC_READONLY="true"
|
||||
SPEC_TMPFS="/tmp:rw,noexec,nosuid,size=256m /run:rw,noexec,nosuid,size=64m /etc/searxng:rw,noexec,nosuid,size=16m"
|
||||
SPEC_TMPFS="/tmp:rw,noexec,nosuid,size=256m /run:rw,noexec,nosuid,size=64m"
|
||||
SPEC_TIER="3"
|
||||
SPEC_CAPS=""
|
||||
SPEC_DATA_DIR="/var/lib/archipelago/searxng"
|
||||
}
|
||||
|
||||
load_spec_onlyoffice() {
|
||||
|
||||
Reference in New Issue
Block a user