refactor: update dependencies and remove unused code
- Added new dependencies: `adler2`, `crc32fast`, `flate2`, `miniz_oxide`, and `libredox`. - Updated existing dependencies: `tokio-rustls` to version 0.26.4 and `filetime` to version 0.2.27. - Removed the `backup.rs` file as it is no longer needed. - Introduced tests for configuration and credential management. - Enhanced the `identity` module to generate W3C compliant DID documents. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
11
.claude/memory/MEMORY.md
Normal file
11
.claude/memory/MEMORY.md
Normal file
@@ -0,0 +1,11 @@
|
||||
# Archipelago Project Memory Index
|
||||
|
||||
- [pending-features.md](pending-features.md) — Feature requests: kiosk mode, sideloading, Nostr login, etc.
|
||||
- [second-server.md](second-server.md) — Second dev server (archipelago-2 via Tailscale)
|
||||
- [third-server.md](third-server.md) — Third dev server (archipelago-3 via Tailscale)
|
||||
- [deploy-automation.md](deploy-automation.md) — Deploy script automation TODOs
|
||||
- [claude-proxy-setup.md](claude-proxy-setup.md) — Claude proxy OAuth setup details
|
||||
- [project-plan.md](project-plan.md) — Overall project plan status
|
||||
- [iso-build-session-2026-03-10.md](iso-build-session-2026-03-10.md) — ISO build session notes
|
||||
- [unbundled-iso.md](unbundled-iso.md) — Unbundled ISO approach notes
|
||||
- [web-only-apps.md](web-only-apps.md) — Web-only apps (L484 category) and iframe compatibility
|
||||
9
.claude/memory/claude-proxy-setup.md
Normal file
9
.claude/memory/claude-proxy-setup.md
Normal file
@@ -0,0 +1,9 @@
|
||||
---
|
||||
name: claude-proxy-oauth-primary-only
|
||||
description: Only the primary server (192.168.1.228) uses OAuth proxy for Claude. Second server uses standard API key.
|
||||
type: feedback
|
||||
---
|
||||
|
||||
- Only the primary dev server (192.168.1.228) uses the Claude Max OAuth proxy for AIUI
|
||||
- The second dev server and any other deployments should use a standard Anthropic API key (`ANTHROPIC_API_KEY` env var)
|
||||
- Do not replicate the OAuth proxy setup to other servers
|
||||
18
.claude/memory/deploy-automation.md
Normal file
18
.claude/memory/deploy-automation.md
Normal file
@@ -0,0 +1,18 @@
|
||||
---
|
||||
name: deploy-automation-todos
|
||||
description: Items to incorporate into the deploy script for automated setup — Claude API key, AIUI nginx config, swap
|
||||
type: project
|
||||
---
|
||||
|
||||
## Deploy Script Automation TODOs
|
||||
|
||||
These items should be added to `scripts/deploy-to-target.sh` so new server deploys are self-contained:
|
||||
|
||||
1. **Claude API key setup**: After deploying the proxy, auto-configure `/opt/archipelago/claude-proxy/.env.local` with the `ANTHROPIC_API_KEY`. On non-primary servers, use the standard API key (not OAuth). The key is: `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`
|
||||
|
||||
2. **AIUI nginx location block**: Ensure nginx config includes a proper `/aiui/` location block so static JS/CSS files are served with correct MIME types. Without this, AIUI fails to load modules.
|
||||
|
||||
3. **Swap space**: Deploy script should check for swap and create 4GB if missing (`fallocate -l 4G /swapfile && mkswap && swapon + fstab entry`).
|
||||
|
||||
4. **Primary server (192.168.1.228)**: 4GB swap configured on 2026-03-11.
|
||||
5. **Second server (archipelago-2)**: 4GB swap configured on 2026-03-11.
|
||||
26
.claude/memory/pending-features.md
Normal file
26
.claude/memory/pending-features.md
Normal file
@@ -0,0 +1,26 @@
|
||||
---
|
||||
name: pending-ui-features
|
||||
description: Feature requests — completed and pending items for the next deployment cycle
|
||||
type: project
|
||||
---
|
||||
|
||||
## Completed (2026-03-11)
|
||||
|
||||
1. **IndieHub in iframe** — Restored. Removed forced new-tab check in `mustOpenInNewTab()`.
|
||||
2. **App uninstall fix** — Backend now logs errors and returns structured response instead of silently swallowing.
|
||||
3. **Login music stops after auth** — Added `stopAllAudio()` + router afterEach guard.
|
||||
4. **Container scanner dev_mode gate removed** — Scanner runs always now.
|
||||
5. **BotFights app** — Added as web-only app with SVG icon. Opens in new tab (X-Frame-Options blocks iframe).
|
||||
6. **L484 web apps** — Added 6 web-only apps: NWNN, 484 Kitchen, Call the Operator, Arch Presentation, Syntropy Institute, T-0. L484 category in marketplace.
|
||||
7. **Kiosk mode** — `/kiosk` route added, `setup-kiosk.sh` installs systemd service, systemd units in image-recipe/configs/. No full-screen iframe overlay — uses standard appLauncher.
|
||||
8. **AIUI first-install fix** — nginx `try_files` changed to `=404`, Chat.vue probes AIUI availability before loading iframe.
|
||||
9. **Web-only apps in My Apps** — Injected synthetic PackageDataEntry objects in Apps.vue. Web-only apps sorted first (alphabetically before container apps). No uninstall/start/stop buttons. Launch uses appLauncher with correct URLs.
|
||||
|
||||
## Pending
|
||||
|
||||
1. **Nostr NIP-07 login for containers** — Sign into container apps using onboarding Nostr keys. Not started.
|
||||
2. **App sideloading** — Settings page to load apps via Docker/OCI image URL. Not started.
|
||||
3. **Encrypted Nostr peer handshake (NIP-04/NIP-44)** — Exchange Tor onion addresses via encrypted DMs instead of public relay events. Not started. Currently onion addresses are published in plaintext on relays.
|
||||
4. **Third server deploy** — archipelago-3.tail2b6225.ts.net needs SSH key setup and first deploy.
|
||||
5. **Kiosk auto-start on servers** — setup-kiosk.sh exists but needs to be run on each server that has a display attached. Not confirmed running on .228.
|
||||
6. **Deploy to .198** — Secondary server not yet deployed with latest changes.
|
||||
23
.claude/memory/second-server.md
Normal file
23
.claude/memory/second-server.md
Normal file
@@ -0,0 +1,23 @@
|
||||
---
|
||||
name: second-dev-server
|
||||
description: Second dev server accessible via Tailscale at archipelago-2.tail2b6225.ts.net, Ryzen 7 7840U, 14GB RAM
|
||||
type: project
|
||||
---
|
||||
|
||||
- Hostname: archipelago-2.tail2b6225.ts.net (Tailscale)
|
||||
- SSH: `ssh -i ~/.ssh/archipelago-deploy archipelago@archipelago-2.tail2b6225.ts.net`
|
||||
- Password: ThunderDome6574839201!
|
||||
- CPU: AMD Ryzen 7 7840U (faster than primary i3-8100T)
|
||||
- RAM: 14GB
|
||||
- Disk: 916GB NVMe
|
||||
- OS: Debian 12 (Bookworm) x86_64
|
||||
- Has: Podman 4.3.1, Node.js v20.20.1, Rust 1.94.0, Nginx 1.22.1
|
||||
- Swap: 4GB configured
|
||||
- Deploy: `ARCHIPELAGO_TARGET="archipelago@archipelago-2.tail2b6225.ts.net" ./scripts/deploy-to-target.sh --live`
|
||||
- Does NOT use OAuth proxy — uses standard ANTHROPIC_API_KEY for Claude/AIUI
|
||||
- First-boot containers created on 2026-03-11 (Bitcoin Knots, LND, Fedimint, PhotoPrism, Ollama, etc.)
|
||||
|
||||
## Pending Fixes for Next Deploy
|
||||
- **AIUI MIME type error**: Nginx needs a `/aiui/` location block serving correct MIME types for JS files. Currently JS files get wrong content-type causing module load failures.
|
||||
- **Self-signed cert warnings**: Expected on fresh deploy, not a bug.
|
||||
- **Container connection errors in AIUI console**: Expected until all containers finish starting and syncing.
|
||||
12
.claude/memory/third-server.md
Normal file
12
.claude/memory/third-server.md
Normal file
@@ -0,0 +1,12 @@
|
||||
---
|
||||
name: third-dev-server
|
||||
description: Third dev server accessible via Tailscale at archipelago-3.tail2b6225.ts.net, password ThisIsWeb54321@
|
||||
type: project
|
||||
---
|
||||
|
||||
- Hostname: archipelago-3.tail2b6225.ts.net (Tailscale)
|
||||
- SSH: `sshpass -p 'ThisIsWeb54321@' ssh -o StrictHostKeyChecking=no archipelago@archipelago-3.tail2b6225.ts.net`
|
||||
- Password: ThisIsWeb54321@
|
||||
- Deploy: `ARCHIPELAGO_TARGET="archipelago@archipelago-3.tail2b6225.ts.net" ./scripts/deploy-to-target.sh --live`
|
||||
- SSH key NOT yet installed — need to copy `~/.ssh/archipelago-deploy.pub` manually
|
||||
- Added 2026-03-11
|
||||
34
.claude/memory/web-only-apps.md
Normal file
34
.claude/memory/web-only-apps.md
Normal file
@@ -0,0 +1,34 @@
|
||||
---
|
||||
name: web-only-apps
|
||||
description: Web-only apps (no container) — L484 category, BotFights, IndieHub. Iframe compatibility, nginx proxying, My Apps injection.
|
||||
type: project
|
||||
---
|
||||
|
||||
## Web-Only Apps (added 2026-03-11)
|
||||
|
||||
These apps are external websites embedded via iframe — no Docker container. They show as "installed" in both the marketplace and My Apps.
|
||||
|
||||
### L484 Category
|
||||
- **NWNN** (nwnn.l484.com) — News aggregator. No X-Frame-Options. Works in iframe directly.
|
||||
- **484 Kitchen** (484.kitchen) — K484 platform. X-Frame-Options: SAMEORIGIN. Proxied via `/ext/484-kitchen/`.
|
||||
- **Call the Operator** (cta.tx1138.com) — Decentralization portal. No X-Frame-Options. Works in iframe directly.
|
||||
- **Arch Presentation** (present.l484.com) — Archipelago presentation. X-Frame-Options: SAMEORIGIN. Proxied via `/ext/arch-presentation/`.
|
||||
- **Syntropy Institute** (syntropy.institute) — Medicine Reimagined. No X-Frame-Options. Works in iframe directly.
|
||||
- **T-0** (teeminuszero.net) — Decentralization documentary. No X-Frame-Options. Works in iframe directly.
|
||||
|
||||
### Other Web-Only Apps
|
||||
- **BotFights** (botfights.net) — X-Frame-Options: SAMEORIGIN + CSP + COEP/COOP/CORP. Proxied via `/ext/botfights/`. Nginx strips all blocking headers.
|
||||
- **IndeeHub** (archipelago.indeehub.studio) — No X-Frame-Options. Works in iframe directly.
|
||||
|
||||
### Nginx External Proxies
|
||||
Sites with X-Frame-Options get reverse-proxied through nginx at `/ext/{app-id}/`:
|
||||
- `proxy_hide_header X-Frame-Options` strips upstream header
|
||||
- `add_header X-Content-Type-Options "nosniff" always` prevents server-level X-Frame-Options inheritance
|
||||
- BotFights also strips `Cross-Origin-Embedder-Policy`, `Cross-Origin-Opener-Policy`, `Cross-Origin-Resource-Policy`
|
||||
- Proxy locations in both HTTP and HTTPS server blocks of nginx-archipelago.conf
|
||||
|
||||
### Frontend Implementation
|
||||
- **appLauncher.ts**: `EXTERNAL_PROXY` map rewrites external URLs to proxy paths in `toEmbeddableUrl()`
|
||||
- **Apps.vue**: `WEB_ONLY_APPS` constant with synthetic `PackageDataEntry` objects. Sorted first alphabetically. No uninstall/start/stop buttons.
|
||||
- **Marketplace.vue**: `dockerImage: ''` + `webUrl` in `getCuratedAppList()`. L484 category.
|
||||
- **Icons**: `neode-ui/public/assets/img/app-icons/{app-id}.png` (or .svg)
|
||||
Reference in New Issue
Block a user