feat: Discover view, Fleet dashboard, MeshMap, type fixes

- New Discover.vue (app store redesign)
- Fleet.vue dashboard for .228
- MeshMap.vue component
- Fixed Discover.vue type errors (unused var, type predicate)
- Various UI updates (Apps, Dashboard, Marketplace, Mesh, Web5)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Dorian
2026-03-19 16:12:01 +00:00
parent 851d8001d6
commit 623c0fa954
18 changed files with 3067 additions and 174 deletions

View File

@@ -1,78 +1,42 @@
---
name: Repo Cleanup & Dev Environment Overhaul (2026-03-18)
description: Major session — repo cleanup to archy-archive, demo seeding, dev-start.sh rewrite, ThunderHub/Fedimint/ecash, Podman install, wallet mock endpoints
name: v1.3.0 Deploy Status
description: March 19 session — pentest remediation, container reliability, deployment to .228/.198
type: project
---
## What Was Done
## v1.3.0 Deployed (2026-03-19)
### 1. Repo Cleanup
- Moved ~200 files (docs, scripts, loops, legacy Docker UIs, duplicate videos) to `~/Projects/archy-archive/` (outside repo)
- Kept: all active docs (BETA-PROGRESS, MASTER_PLAN, architecture, ADRs, api-reference, developer-guide, troubleshooting, operations-runbook), all source code, active scripts
- Three "user's call" docs kept: `multi-node-architecture.md`, `marketplace-protocol.md`, `app-developer-guide.md`
### .228 — Fully deployed and verified
- All 33 pentest security fixes live (including backend auth on /lnd-connect-info)
- ElectrumX headers.subscribe fix — synced at block 941k+
- Container reliability: memory limits in scripts, crash recovery coordination, health badges
- Backend bound to 127.0.0.1:5678 (systemd + nginx)
- Frontend: iframe auto-retry, TransactionsModal, health-aware badges, What's New v1.3.0
- 31 containers running, all healthy
### 2. docker-compose.yml Switched from Regtest to Signet
- All Bitcoin/LND/Fedimint containers now use **signet** (not regtest)
- Ports updated: RPC 38332, P2P 38333
- Removed archived `bitcoin-ui` and `lnd-ui` nginx services (referenced deleted `docker/` dir)
- Added ThunderHub service (port 3010) to main compose
### .198 — Partially deployed, needs attention
- Binary deployed but machine chronically overloaded (8GB RAM, load 10+)
- Bitcoin RPC 401 FIXED (secrets dir was root-owned)
- SearXNG settings.yml created, LND Tor REST port 8080 added
- Tor uses archipelago torrc NOT system torrc — needs consolidation
- Jellyfin stopped to save resources
- ElectrumX indexing (pruned data, will be slow)
### 3. New Testnet Compose (`docker-compose.testnet.yml`)
- Standalone signet stack: bitcoind + LND + ThunderHub + Fedimint
- Config at `testnet/thunderhub-config.yaml`
- README at `testnet/README.md` with faucet links and commands
### Deploy lessons learned
- `cargo clean -p` + rebuild doesn't always recompile if rsync preserved timestamps
- Fix: append blank line to force mtime change, or use `cargo build --release` after manual touch
- Atomic binary swap: `cp new, mv over running` works; `cp over running` fails with "Text file busy"
- systemd `Restart=always` prevents `systemctl stop` + `cp` — must use atomic mv
### 4. Mock Backend Enhancements (`neode-ui/mock-backend.js`)
- **Container socket auto-detection**: tries `DOCKER_HOST` → Podman TMPDIR socket → Docker socket → null (simulation). No more `/var/run/docker.sock` spam
- **8 static dev apps** (was 6): added ThunderHub (port 3010) and Fedimint (port 8175)
- **25+ new RPC endpoints**: lnd.getinfo, lnd.newaddress, lnd.createinvoice, lnd.payinvoice, lnd.sendcoins, lnd.listchannels, lnd.openchannel, lnd.closechannel, wallet.ecash-balance, wallet.ecash-send, wallet.ecash-receive, wallet.ecash-history, wallet.networking-profits, bitcoin.getinfo, system.stats, update.status, network.list-requests, dev.faucet, etc.
- **Fedimint version** synced to 0.10.0, port fixed from 8174 → 8175
- **5 realistic notifications** (was empty array)
- **Mock ThunderHub UI** at `/app/thunderhub/` — full HTML dashboard
### Backlog for next session
1. .198 stabilization (reduce containers for 8GB, apply memory limits via container recreation)
2. .198 Tor consolidation (system tor vs archipelago tor process)
3. BTCPay iframe cross-origin error (needs nginx proxy config)
4. Tailscale admin page in iframe
5. ElectrumX UI: Tor first as connect option
6. Stagger animation fix + fleet dashboard + map tab
7. Deploy to Tailscale nodes (Arch 1/2/3)
8. App iframe error page — auto-retry now works, but needs polish
### 5. Dev Scripts Fixed
- `neode-ui/start-dev.sh`: removed broken `start-docker-apps.sh` call, fixed EAGAIN via safe `while read` loop
- `neode-ui/stop-dev.sh`: removed broken `stop-docker-apps.sh` call
- `neode-ui/package.json`: removed stale `prebuild`, added `--raw` to concurrently (fixes EAGAIN pgrep spawn)
- `scripts/dev-start.sh`: complete rewrite with 8 options including boot mode and testnet stack
### 6. ThunderHub Added Everywhere
- Icon: `neode-ui/public/assets/img/app-icons/thunderhub.svg`
- Mock backend: portMappings, marketplaceMetadata, staticDevApps, marketplace.get()
- Marketplace.vue: getCuratedAppList(), recommended tier
- appLauncher.ts: PORT_TO_APP_ID `'3010': 'thunderhub'`
### 7. Podman Installed on Mac
- `podman 5.8.1` + `podman-compose 1.5.0` via Homebrew
- Machine initialized and running
### 8. Home Wallet Card
- Fixed `lnd.getinfo` response to include `balance_sats` and `channel_balance_sats`
- Fixed `lnd.gettransactions` to use `amount_sats` and include `incoming_pending_count`
- Added **Faucet button** (green) — calls `dev.faucet` RPC
- Grid changed from 3-col to 4-col (Send, Receive, Faucet, Web5)
### 9. Developer Onboarding Docs
- `neode-ui/README.md`: full rewrite
- `neode-ui/DEV-SCRIPTS.md`: updated with actual 8 static apps
## Current State / Resume Here
- **`npm start` works** — no Docker needed, all wallet actions mocked, 8 apps visible
- **Send/Receive modals** open from Home wallet card — if still issues, check browser console
- **Faucet button** calls dev.faucet and refreshes balances
- **Not yet tested**: `podman-compose -f docker-compose.testnet.yml up` (signet sync ~10 min)
- **Not yet committed** — all changes are local, uncommitted
- **Demo prod server** not redeployed — push changes then redeploy via Portainer
## Key Files Modified This Session
- `neode-ui/mock-backend.js` (major — container socket, 25+ RPC endpoints, ThunderHub mock UI)
- `neode-ui/src/views/Home.vue` (faucet button, 4-col grid)
- `neode-ui/src/views/Marketplace.vue` (ThunderHub entry)
- `neode-ui/src/stores/appLauncher.ts` (ThunderHub port)
- `neode-ui/start-dev.sh`, `neode-ui/stop-dev.sh`, `neode-ui/package.json`
- `scripts/dev-start.sh` (complete rewrite)
- `docker-compose.yml` (regtest→signet, ThunderHub, removed archived UIs)
- `docker-compose.testnet.yml` (new)
- `testnet/thunderhub-config.yaml`, `testnet/README.md` (new)
- `neode-ui/public/assets/img/app-icons/thunderhub.svg` (new)
- `neode-ui/README.md`, `neode-ui/DEV-SCRIPTS.md` (rewrites)
**Why:** Track deployment state for session continuity.
**How to apply:** Read at start of next session. Check .198 load before attempting operations.

View File

@@ -0,0 +1,119 @@
# Plan: Seamless Tailscale Migration for Alpha Testers
## Context
Tailscale nodes (Arch 1/2/3) are alpha tester machines. They need full deployment — binary, frontend, infrastructure, and containers — with zero friction. Currently `deploy-tailscale.sh` only deploys binary + frontend (85 lines), missing ALL infrastructure that `deploy-to-target.sh --live` provides (rootless prereqs, UID mapping, containers, nginx, Tor, HTTPS, dev mode, UFW, etc.).
These nodes may also have old **rootful** containers that need migrating to rootless.
## Approach
**Don't refactor the 1615-line deploy-to-target.sh** — too risky during beta freeze. Instead:
1. **Rewrite `deploy-tailscale.sh`** as a full-deploy script with split-mode SSH resilience
2. **Add `--tailscale` flag** to `deploy-to-target.sh` as a convenience wrapper
3. **Add rootful→rootless migration** as an automatic pre-step
4. **Fix `first-boot-containers.sh`** for rootless (separate concern, for ISO builds)
## Changes
### 1. Rewrite `scripts/deploy-tailscale.sh` (~400 lines)
Currently 85 lines doing only binary+frontend. Rewrite to be a full deploy for any node, using split-mode SSH (each step = separate short SSH session) for Tailscale stability.
**Steps the new script will run (each as its own SSH session):**
1. SSH connectivity check
2. Install prerequisites (rsync, node, npm) if missing
3. Rsync code to target
4. **Rootful→rootless migration** (detect `sudo podman ps -a`, stop & remove old rootful containers)
5. Build frontend (nohup + poll, or skip if copy-only node)
6. Build backend (nohup + poll, or skip if copy-only node)
7. Create rollback backup
8. Deploy binary (build locally or copy from .228)
9. Deploy frontend (build locally or copy from .228)
10. Deploy AIUI
11. Sync nginx config + HTTPS snippets
12. Sync systemd service
13. **Setup rootless prereqs** (sysctl, linger, podman.socket)
14. **Create data dirs + UID mapping** (full chown table from deploy-to-target.sh:670-689)
15. **Dev mode** (ARCHIPELAGO_DEV_MODE=true for HTTP cookies over Tailscale)
16. Deploy nostr-provider.js
17. Deploy Claude API proxy (if ANTHROPIC_API_KEY available)
18. Setup NTP + swap
19. Restart services
20. **Setup HTTPS** (with node's own IP in SAN)
21. **Read Bitcoin RPC credentials** from server secrets
22. **Create all containers** (Bitcoin, Mempool, BTCPay, ElectrumX, LND, Fedimint, Immich, HA, Grafana, Jellyfin, Vaultwarden, SearXNG, FileBrowser)
23. **Setup Tor** hidden services
24. **Fix UFW** forward policy
25. **Fix IndeedHub** NIP-07 (if running)
26. **Transfer custom images** for copy-only nodes (individual tarballs, never combined)
27. Run container doctor
28. Write deploy manifest
29. Post-deploy health check
**Copy-only mode**: When target can't build (Arch 1/3), script detects no `cargo`/`npm` on target and copies pre-built artifacts from .228 via SSH pipe.
**Key sections to port from deploy-to-target.sh:**
- Lines 646-689 — rootless prereqs + UID mapping
- Lines 629-641 — dev mode
- Lines 839-1474 — all container creation
- Lines 1143-1234 — Tor setup
- Lines 1477-1485 — UFW fix
- Lines 1487-1545 — IndeedHub NIP-07
### 2. Add `--tailscale` flag to `deploy-to-target.sh` (~30 lines)
Wrapper that calls `deploy-tailscale.sh` for each node sequentially. Also add `--tailscale-node=arch1|arch2|arch3` for single-node targeting.
### 3. Rootful→rootless migration (in deploy-tailscale.sh step 4)
Auto-detect and handle:
```
ssh TARGET 'ROOTFUL=$(sudo podman ps -a 2>/dev/null | wc -l); if [ $ROOTFUL -gt 1 ]; then sudo podman stop --all; sudo podman rm --all; fi'
```
Data safe — `/var/lib/archipelago/` never deleted, only ownership fixed by UID mapping step.
### 4. Fix `scripts/first-boot-containers.sh` (5 targeted edits)
- **Line 15**: Change root check → archipelago user check (UID 1000)
- **Line 140**: Change `10.88.0.0/16``0.0.0.0/0` (match deploy-to-target.sh)
- **After line 111**: Add rootless prereqs (sysctl, linger, podman.socket)
- **After line 113**: Add full UID mapping block
- **Pin `:latest` tags**: photoprism, ollama, searxng, nginx-proxy-manager, penpot
### 5. Update `scripts/setup-https-dev.sh`
Dynamic SAN — detect node's own IPs (including Tailscale interface) instead of hardcoding .228/.198.
## Files Modified
| File | Change | ~Lines |
|------|--------|--------|
| `scripts/deploy-tailscale.sh` | Full rewrite — complete deploy with split-mode SSH | ~400 |
| `scripts/deploy-to-target.sh` | Add `--tailscale` / `--tailscale-node` flags | ~30 |
| `scripts/first-boot-containers.sh` | Fix for rootless (subnet, UID mapping, prereqs) | ~40 |
| `scripts/setup-https-dev.sh` | Dynamic SAN with Tailscale IPs | ~15 |
| `docs/BETA-PROGRESS.md` | Update TASK-11 status | ~5 |
## Auth State Preservation
All user state in `/var/lib/archipelago/` is **never touched** by deploys:
- `sessions.json`, `user.json`, `identities/`, `secrets/`, `federation/`
## Verification
1. Deploy to Arch 2 first (has build tools, safest test)
2. Then Arch 1/3 (copy-only mode)
3. For each node: `podman ps` shows containers, `curl /health` returns 200, UI loads, login works
4. Run container doctor — 0 fixes needed
## Order
1. Rewrite `deploy-tailscale.sh` (main deliverable)
2. Add `--tailscale` flags to `deploy-to-target.sh`
3. Fix `first-boot-containers.sh`
4. Update `setup-https-dev.sh`
5. Test: Arch 2 → Arch 1 → Arch 3
6. Update BETA-PROGRESS.md