fix: service file crash on fresh installs, CI workflow portability
All checks were successful
Build Archipelago ISO (dev) / build-iso (push) Successful in 16m0s

- Remove MemoryDenyWriteExecute=yes from archipelago.service — ring
  (rustls) and secp256k1 (bitcoin/nostr) crypto libraries need
  executable memory mappings that this restriction blocks
- Add + prefix to ExecStartPre so mkdir/chown run as root
- Use $HOME/archy instead of /home/archipelago/archy in CI workflows
  so builds work on both .228 and VPS CI runners

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Dorian
2026-04-07 13:08:21 +01:00
parent 2daadb7a1d
commit b07bf574ef
3 changed files with 12 additions and 9 deletions

View File

@@ -13,13 +13,14 @@ jobs:
- name: Checkout
run: |
# Direct fetch + sync (actions/checkout token is broken on this Gitea)
cd /home/archipelago/archy && git fetch origin main && git reset --hard origin/main
REPO_DIR="$HOME/archy"
cd "$REPO_DIR" && git fetch origin main && git reset --hard origin/main
echo "=== Source at commit: $(git log --oneline -1) ==="
rsync -a --delete \
--exclude '.git' --exclude 'node_modules' --exclude 'target' \
--exclude 'image-recipe/build' --exclude 'image-recipe/results' \
--exclude 'web/dist' \
/home/archipelago/archy/ "$GITHUB_WORKSPACE/"
"$REPO_DIR/" "$GITHUB_WORKSPACE/"
cd "$GITHUB_WORKSPACE"
echo "=== Workspace version: $(grep '^version' core/archipelago/Cargo.toml) ==="
[ -f "scripts/first-boot-containers.sh" ] && echo " first-boot-containers.sh: PRESENT" || echo " first-boot-containers.sh: MISSING"

View File

@@ -13,11 +13,12 @@ jobs:
- name: Checkout
run: |
# Direct clone using stored credentials (actions/checkout token is broken)
cd /home/archipelago/archy && git fetch origin main && git reset --hard origin/main
REPO_DIR="$HOME/archy"
cd "$REPO_DIR" && git fetch origin main && git reset --hard origin/main
echo "=== Source at commit: $(git log --oneline -1) ==="
echo "=== Syncing to workspace ==="
rsync -a --delete --exclude='.git' --exclude='target/' --exclude='node_modules/' \
/home/archipelago/archy/ "$GITHUB_WORKSPACE/" || cp -a /home/archipelago/archy/* "$GITHUB_WORKSPACE/"
"$REPO_DIR/" "$GITHUB_WORKSPACE/" || cp -a "$REPO_DIR"/* "$GITHUB_WORKSPACE/"
cd "$GITHUB_WORKSPACE"
echo "=== Workspace version: $(grep '^version' core/archipelago/Cargo.toml) ==="
echo "=== Key files ==="
@@ -45,7 +46,7 @@ jobs:
run: |
WORK_DIR="image-recipe/build/auto-installer"
mkdir -p "$WORK_DIR"
CACHED="/home/archipelago/archy/image-recipe/build/auto-installer/debian-live-installer.iso"
CACHED="$HOME/archy/image-recipe/build/auto-installer/debian-live-installer.iso"
if [ -f "$CACHED" ] && [ ! -f "$WORK_DIR/debian-live-installer.iso" ]; then
cp "$CACHED" "$WORK_DIR/debian-live-installer.iso"
echo "Cached Debian Live ISO copied ($(du -h "$WORK_DIR/debian-live-installer.iso" | cut -f1))"