fix: deploy error visibility, trap cleanup, variable quoting, frontend resilience
- S10: Add warnings to silent health check failures in deploy scripts - S11: Add trap cleanup for temp dirs in deploy and tailscale scripts - S12: Quote 20+ critical unquoted variables across deploy scripts - S13: Extract hardcoded IPs to deploy-config-defaults.sh - S15: Add --memory=256m to UI container runs - F16: Remove in-memory JWT, use cookie-only auth in filebrowser client - F17: Add meta tag fallback for CSRF token in RPC client - F19: Track and clear setTimeout in AppSession on unmount Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -100,10 +100,13 @@ if ! mkdir "$LOCK_DIR" 2>/dev/null; then
|
||||
echo "ERROR: Deploy already in progress for $TARGET_HOST (lock: $LOCK_DIR)"
|
||||
exit 1
|
||||
fi
|
||||
echo $$ > "$LOCK_DIR/pid"
|
||||
# Clean up lock on exit (normal, error, or signal)
|
||||
cleanup_lock() { rm -rf "$LOCK_DIR"; }
|
||||
trap cleanup_lock EXIT
|
||||
echo $$ > "$LOCK_DIR"/pid
|
||||
# Temp directory for intermediate files (cleaned up on exit)
|
||||
TMPDIR="/tmp/archipelago-deploy-$$"
|
||||
mkdir -p "$TMPDIR"
|
||||
# Clean up lock and temp files on exit (normal, error, or signal)
|
||||
cleanup_deploy() { rm -rf "$LOCK_DIR" "$TMPDIR"; }
|
||||
trap cleanup_deploy EXIT
|
||||
|
||||
# Dry run mode: show what would be deployed without executing
|
||||
if [[ "$DRY_RUN" == "true" ]]; then
|
||||
@@ -199,7 +202,7 @@ fi
|
||||
echo " Connected."
|
||||
|
||||
# Disk space pre-flight — abort if target is dangerously full
|
||||
DISK_PCT=$(ssh $SSH_OPTS $TARGET_HOST "df / | tail -1 | awk '{print \$(NF-1)}' | tr -d '%'" 2>/dev/null)
|
||||
DISK_PCT=$(ssh $SSH_OPTS "$TARGET_HOST" "df / | tail -1 | awk '{print \$(NF-1)}' | tr -d '%'" 2>/dev/null)
|
||||
if [ -n "$DISK_PCT" ] && [ "$DISK_PCT" -gt 85 ] 2>/dev/null; then
|
||||
echo "ERROR: Target disk at ${DISK_PCT}% — need <85% for safe deploy. Free space and retry."
|
||||
exit 1
|
||||
@@ -227,7 +230,7 @@ ssh $SSH_OPTS "$TARGET_HOST" '
|
||||
# Pre-deploy health check (informational — warns but does not block)
|
||||
progress "Pre-deploy health check"
|
||||
TARGET_IP_ONLY="$(echo "$TARGET_HOST" | cut -d@ -f2)"
|
||||
PRE_HEALTH=$(curl -s -o /dev/null -w '%{http_code}' --connect-timeout 5 "http://$TARGET_IP_ONLY/health" 2>/dev/null || echo "000")
|
||||
PRE_HEALTH=$(curl -s -o /dev/null -w '%{http_code}' --connect-timeout 5 "http://$TARGET_IP_ONLY/health" 2>/dev/null || { echo "WARNING: Pre-deploy health check failed for $TARGET_IP_ONLY" >&2; echo "000"; })
|
||||
if [ "$PRE_HEALTH" = "200" ]; then
|
||||
echo " Server health: OK (200)"
|
||||
else
|
||||
@@ -273,7 +276,7 @@ if [ "$CANARY" = true ]; then
|
||||
CANARY_OK=false
|
||||
for i in $(seq 1 12); do
|
||||
sleep 5
|
||||
CANARY_HEALTH=$(curl -s --max-time 5 "http://192.168.1.198/health" 2>/dev/null || echo "")
|
||||
CANARY_HEALTH=$(curl -s --max-time 5 "http://192.168.1.198/health" 2>/dev/null || { echo "WARNING: Canary health check failed for 192.168.1.198" >&2; echo ""; })
|
||||
if [ "$CANARY_HEALTH" = "OK" ]; then
|
||||
echo " ✅ Canary .198 healthy after $((i * 5))s"
|
||||
CANARY_OK=true
|
||||
@@ -298,12 +301,12 @@ if [ "$BOTH" = true ]; then
|
||||
echo ""
|
||||
echo "📤 Copying to 192.168.1.198 (no rsync/cargo on that node)..."
|
||||
TARGET_198="archipelago@192.168.1.198"
|
||||
if ! scp $SSH_OPTS archipelago@192.168.1.228:$TARGET_DIR/core/target/release/archipelago /tmp/archipelago-both 2>/dev/null; then
|
||||
if ! scp $SSH_OPTS "archipelago@192.168.1.228:$TARGET_DIR/core/target/release/archipelago" /tmp/archipelago-both 2>/dev/null; then
|
||||
echo " ERROR: Failed to copy binary from .228 — is the build available?"
|
||||
exit 1
|
||||
fi
|
||||
scp $SSH_OPTS /tmp/archipelago-both "$TARGET_198:/tmp/archipelago-new"
|
||||
ssh $SSH_OPTS archipelago@192.168.1.228 "cd $TARGET_DIR && tar cf - web/dist/neode-ui 2>/dev/null" | ssh $SSH_OPTS "$TARGET_198" "mkdir -p /tmp/web-deploy && cd /tmp/web-deploy && tar xf -"
|
||||
ssh $SSH_OPTS "archipelago@192.168.1.228" "cd '$TARGET_DIR' && tar cf - web/dist/neode-ui 2>/dev/null" | ssh $SSH_OPTS "$TARGET_198" "mkdir -p /tmp/web-deploy && cd /tmp/web-deploy && tar xf -"
|
||||
ssh $SSH_OPTS "$TARGET_198" '
|
||||
sudo systemctl stop archipelago
|
||||
sudo cp /tmp/archipelago-new /usr/local/bin/archipelago
|
||||
@@ -342,7 +345,7 @@ if [ "$BOTH" = true ]; then
|
||||
echo " Syncing nginx snippets to 198..."
|
||||
ssh $SSH_OPTS "$TARGET_198" "sudo mkdir -p /etc/nginx/snippets" 2>/dev/null || true
|
||||
for f in "$SNIPPETS_DIR"/*.conf; do
|
||||
[ -f "$f" ] && scp $SSH_OPTS "$f" "$TARGET_198:/tmp/nginx-snippet-$(basename $f)" 2>/dev/null || true
|
||||
[ -f "$f" ] && scp $SSH_OPTS "$f" "$TARGET_198:/tmp/nginx-snippet-$(basename "$f")" 2>/dev/null || true
|
||||
done
|
||||
ssh $SSH_OPTS "$TARGET_198" '
|
||||
for f in /tmp/nginx-snippet-*.conf; do
|
||||
@@ -432,7 +435,7 @@ MANIFEST_198_EOF
|
||||
HEALTH_198="fail"
|
||||
for i in $(seq 1 12); do
|
||||
sleep 5
|
||||
HEALTH_198=$(curl -s --max-time 5 "http://192.168.1.198/health" 2>/dev/null || echo "")
|
||||
HEALTH_198=$(curl -s --max-time 5 "http://192.168.1.198/health" 2>/dev/null || { echo "WARNING: Health check failed for 192.168.1.198" >&2; echo ""; })
|
||||
if [ "$HEALTH_198" = "OK" ]; then
|
||||
echo " ✅ 192.168.1.198 deployed (health OK after $((i * 5))s)"
|
||||
break
|
||||
@@ -550,7 +553,7 @@ if [ "$LIVE" = true ]; then
|
||||
if [ -d "$SNIPPETS_DIR" ]; then
|
||||
ssh $SSH_OPTS "$TARGET_HOST" "sudo mkdir -p /etc/nginx/snippets" 2>/dev/null || true
|
||||
for f in "$SNIPPETS_DIR"/*.conf; do
|
||||
[ -f "$f" ] && scp $SSH_OPTS "$f" "$TARGET_HOST:/tmp/nginx-snippet-$(basename $f)" 2>/dev/null || true
|
||||
[ -f "$f" ] && scp $SSH_OPTS "$f" "$TARGET_HOST:/tmp/nginx-snippet-$(basename "$f")" 2>/dev/null || true
|
||||
done
|
||||
ssh $SSH_OPTS "$TARGET_HOST" '
|
||||
for f in /tmp/nginx-snippet-*.conf; do
|
||||
@@ -887,7 +890,7 @@ MANIFEST_EOF
|
||||
for c in $($DOCKER ps -a --format "{{.Names}}" 2>/dev/null | grep -i lnd-ui); do
|
||||
[ -n "$c" ] && $DOCKER stop "$c" 2>/dev/null; $DOCKER rm -f "$c" 2>/dev/null
|
||||
done
|
||||
$DOCKER run -d --name archy-lnd-ui -p 8081:80 --restart unless-stopped lnd-ui:local
|
||||
$DOCKER run -d --name archy-lnd-ui -p 8081:80 --memory=256m --restart unless-stopped lnd-ui:local
|
||||
' 2>&1 | sed 's/^/ /' || true
|
||||
fi
|
||||
|
||||
@@ -901,7 +904,7 @@ MANIFEST_EOF
|
||||
for c in $($DOCKER ps -a --format "{{.Names}}" 2>/dev/null | grep -i electrs-ui); do
|
||||
[ -n "$c" ] && $DOCKER stop "$c" 2>/dev/null; $DOCKER rm -f "$c" 2>/dev/null
|
||||
done
|
||||
$DOCKER run -d --name archy-electrs-ui --network host --restart unless-stopped electrs-ui:local
|
||||
$DOCKER run -d --name archy-electrs-ui --network host --memory=256m --restart unless-stopped electrs-ui:local
|
||||
' 2>&1 | sed 's/^/ /' || true
|
||||
fi
|
||||
|
||||
@@ -925,7 +928,7 @@ MANIFEST_EOF
|
||||
for c in $($DOCKER ps -a --format "{{.Names}}" 2>/dev/null | grep -i bitcoin-ui); do
|
||||
[ -n "$c" ] && $DOCKER stop "$c" 2>/dev/null; $DOCKER rm -f "$c" 2>/dev/null
|
||||
done
|
||||
$DOCKER run -d --name archy-bitcoin-ui --network host --restart unless-stopped bitcoin-ui:local
|
||||
$DOCKER run -d --name archy-bitcoin-ui --network host --memory=256m --restart unless-stopped bitcoin-ui:local
|
||||
' 2>&1 | sed 's/^/ /' || true
|
||||
fi
|
||||
|
||||
@@ -1708,7 +1711,7 @@ LNDCONF
|
||||
progress "Post-deploy health check"
|
||||
HEALTH_OK=false
|
||||
for i in $(seq 1 12); do
|
||||
POST_HEALTH=$(curl -s -o /dev/null -w '%{http_code}' --connect-timeout 5 "http://$TARGET_IP_ONLY/health" 2>/dev/null || echo "000")
|
||||
POST_HEALTH=$(curl -s -o /dev/null -w '%{http_code}' --connect-timeout 5 "http://$TARGET_IP_ONLY/health" 2>/dev/null || { echo "WARNING: Post-deploy health check failed for $TARGET_IP_ONLY" >&2; echo "000"; })
|
||||
if [ "$POST_HEALTH" = "200" ]; then
|
||||
echo " Health: OK (200) after $((i * 5))s"
|
||||
HEALTH_OK=true
|
||||
@@ -1775,7 +1778,7 @@ else
|
||||
echo "To test frontend dev server:"
|
||||
echo " ssh $TARGET_HOST"
|
||||
echo " cd ~/archy/neode-ui && npm run dev -- --host 0.0.0.0"
|
||||
echo " Then open: http://$(echo $TARGET_HOST | cut -d@ -f2):5173"
|
||||
echo " Then open: http://$(echo "$TARGET_HOST" | cut -d@ -f2):5173"
|
||||
echo ""
|
||||
echo "To deploy to live system:"
|
||||
echo " ./scripts/deploy-to-target.sh --live"
|
||||
|
||||
Reference in New Issue
Block a user