Update Fedimint configuration and enhance onboarding process
- Upgraded Fedimint version to v0.10.0 in docker-compose.yml and manifest.yml, adding support for the built-in Guardian UI. - Modified .gitignore to exclude deploy-config.sh script. - Enhanced onboarding process in AuthManager to persist onboarding state and validate password strength during user setup. - Updated API to handle onboarding completion and password change requests, ensuring a smoother user experience. - Improved configuration management to support Nostr discovery and Tor proxy settings, enhancing node identity features.
This commit is contained in:
@@ -5,10 +5,24 @@ alwaysApply: true
|
||||
|
||||
# Archipelago Development Workflow
|
||||
|
||||
## Priority: Deploy-Test-Fix Loop
|
||||
|
||||
**This is the primary workflow. Follow it for every change.**
|
||||
|
||||
1. **Make the change** the user requests
|
||||
2. **SSH and build to live server** - Run `./scripts/deploy-to-target.sh --live` once done
|
||||
3. **Test that it works** - Verify apps launch and show their UI in a new browser tab on their server port (e.g. http://192.168.1.228:4080 for Mempool)
|
||||
4. **If broken, fix and repeat** - Debug, fix, redeploy, and test again until complete
|
||||
5. **End loop** only when everything works
|
||||
|
||||
Do not leave deployment or testing to the user. The agent has SSH access to perform all building and work on the live server.
|
||||
|
||||
## Deployment Strategy
|
||||
|
||||
**Always deploy to live system for testing** - The target device (192.168.1.228) is a development machine, so deploy changes directly to the live system rather than using dev servers.
|
||||
|
||||
**When making changes, always run deploy** - After editing code (frontend, backend, scripts, or configs), run `./scripts/deploy-to-target.sh --live` to sync, build, and deploy. Do not leave the user to deploy manually.
|
||||
|
||||
### Backend: build on server via rsync (never on macOS)
|
||||
- **Always** deploy backend by: (1) rsync `core/` to `archipelago@192.168.1.228:~/archy/core/`, then (2) SSH and run `cargo build --release` on the server, then copy binary to `/usr/local/bin/` and restart `archipelago.service`.
|
||||
- Use `sshpass -p "archipelago"` for non-interactive rsync/SSH. **Action these builds** when making backend changes; do not build the Rust binary on macOS and copy it (causes Exec format error on Linux).
|
||||
@@ -27,9 +41,17 @@ This command:
|
||||
- Backend: `/usr/local/bin/archipelago`
|
||||
4. Restarts services (systemd + nginx)
|
||||
|
||||
### Deploy to Both Servers
|
||||
|
||||
```bash
|
||||
./scripts/deploy-to-target.sh --both
|
||||
```
|
||||
|
||||
Deploys to 192.168.1.228 first (builds there), then copies binary and web-ui to 192.168.1.198 (which has no rsync/cargo).
|
||||
|
||||
### Target Environment
|
||||
|
||||
- **Host**: archipelago@192.168.1.228
|
||||
- **Host**: archipelago@192.168.1.228 (primary), archipelago@192.168.1.198 (secondary)
|
||||
- **OS**: Debian-based server
|
||||
- **Container Runtime**: Podman (root context for system services)
|
||||
- **Web Server**: Nginx
|
||||
@@ -60,12 +82,33 @@ The deployment scripts require SSH key authentication. If you encounter `Permiss
|
||||
- Systemd service: `/etc/systemd/system/archipelago.service`
|
||||
- Nginx config: `/etc/nginx/sites-available/archipelago`
|
||||
|
||||
## App Icons
|
||||
|
||||
**Single source of truth**: `neode-ui/public/assets/img/app-icons/`
|
||||
|
||||
- All app icons live here. Do not duplicate icons elsewhere.
|
||||
- Naming: `{app-id}.{png|webp|svg}` (e.g. `fedimint.png`, `mempool.webp`)
|
||||
- References use `/assets/img/app-icons/{filename}`. Build outputs copy from this folder.
|
||||
- See `neode-ui/public/assets/img/app-icons/README.md` for details.
|
||||
|
||||
## App Integration Standards
|
||||
|
||||
**When adding or fixing apps, always verify end-to-end:**
|
||||
|
||||
1. **Test the app UI on its port** - After getting an app working, confirm the web UI loads at its configured port (e.g. `http://192.168.1.228:4080` for Mempool).
|
||||
2. **Auto-connect dependencies** - Apps must connect to their dependencies on installation:
|
||||
- **Bitcoin node**: LND, Fedimint, BTCPay Server, Mempool all need Bitcoin RPC (host.containers.internal:8332 or bitcoin-knots container).
|
||||
- **LND**: BTCPay Server and other Lightning apps need LND connection.
|
||||
3. **Works out of the box** - After autoinstaller flash, apps should work without manual configuration. Ensure `get_app_config()` in `core/archipelago/src/api/rpc.rs` has correct env vars for each app.
|
||||
|
||||
## Testing Workflow
|
||||
|
||||
1. Make changes locally
|
||||
2. Deploy with `--live` flag
|
||||
3. Test at http://192.168.1.228
|
||||
4. Check logs if needed:
|
||||
4. **Verify each modified app**: Open its UI URL and confirm it loads and connects to dependencies
|
||||
5. **Test with Cursor browser MCP** (when available): After app installs or fixes, use the browser MCP to open the app URL, check for console errors (502, WebSocket failures, etc.), debug, fix, redeploy, and repeat until working.
|
||||
6. Check logs if needed:
|
||||
- Backend: `ssh archipelago@192.168.1.228 'sudo journalctl -u archipelago -f'`
|
||||
- Nginx: `ssh archipelago@192.168.1.228 'sudo tail -f /var/log/nginx/error.log'`
|
||||
5. **Sync changes back to ISO build** (see below)
|
||||
@@ -82,6 +125,47 @@ Common containers:
|
||||
- Bitcoin Knots (ports 8332, 8333)
|
||||
- LND (ports 9735, 10009)
|
||||
|
||||
## ISO Build Debug Workflow (Flash-and-Debug)
|
||||
|
||||
**Primary way to improve ISO builds.** After flashing a new machine from the ISO, SSH in and diagnose. Fix issues in the build, rebuild ISO, reflash, repeat.
|
||||
|
||||
### Debug a Fresh ISO Install
|
||||
|
||||
1. **Flash** the ISO to a test machine (e.g. 192.168.1.198)
|
||||
2. **SSH** after first boot (same user/password as dev: `archipelago`/`archipelago`):
|
||||
```bash
|
||||
ssh-keygen -R 192.168.1.198 # if host key changed after reflash
|
||||
sshpass -p "archipelago" ssh -o StrictHostKeyChecking=no archipelago@192.168.1.198
|
||||
```
|
||||
3. **Run diagnostics** to find issues:
|
||||
```bash
|
||||
# Services
|
||||
systemctl is-active archipelago nginx
|
||||
# Containers
|
||||
sudo podman ps -a
|
||||
# Tor hostname (backend needs this for peer discovery)
|
||||
sudo cat /var/lib/archipelago/tor/hidden_service_archipelago/hostname
|
||||
sudo -u archipelago cat /var/lib/archipelago/tor/hidden_service_archipelago/hostname 2>&1 # should NOT be "Permission denied"
|
||||
# Backend logs
|
||||
sudo journalctl -u archipelago -n 50
|
||||
# Nginx errors
|
||||
sudo tail -20 /var/log/nginx/error.log
|
||||
# RPC reachable?
|
||||
curl -s -X POST http://127.0.0.1:5678/rpc/v1 -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","id":1,"method":"echo","params":{}}'
|
||||
```
|
||||
4. **Fix** issues in `image-recipe/build-auto-installer-iso.sh`, scripts, or configs
|
||||
5. **Rebuild** ISO, **reflash**, **re-diagnose** until clean
|
||||
|
||||
### Common ISO Issues to Check
|
||||
|
||||
| Issue | Check | Fix |
|
||||
|-------|-------|-----|
|
||||
| Tor hostname unreadable | `sudo -u archipelago cat .../hostname` | setup-tor.sh must chmod 711 on tor dir + hidden_service_* dirs, 644 on hostname files |
|
||||
| Node not discoverable | Tor hostname + Nostr publish | Fix Tor perms so node_address is set |
|
||||
| RPC timeouts | nginx error.log | Increase proxy timeouts or optimize slow RPCs |
|
||||
| Missing containers | `sudo podman ps -a` | ISO is minimal; apps install from marketplace |
|
||||
| bitcoin-ui 404 | Port 8334 not listening | Add bitcoin-ui to first-boot or document |
|
||||
|
||||
## ISO Build Integration
|
||||
|
||||
**CRITICAL**: After testing on the live server, always update the ISO build to include your changes.
|
||||
|
||||
Reference in New Issue
Block a user