backend: harden rootless app lifecycle orchestration
This commit is contained in:
@@ -18,6 +18,7 @@
|
||||
body {
|
||||
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', 'Roboto', 'Oxygen', 'Ubuntu', sans-serif;
|
||||
min-height: 100vh;
|
||||
background: #000;
|
||||
color: white;
|
||||
overflow-x: hidden;
|
||||
}
|
||||
@@ -555,6 +556,87 @@
|
||||
</button>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="glass-card p-6 mb-8">
|
||||
<div class="flex flex-col lg:flex-row lg:items-start lg:justify-between gap-4 mb-6">
|
||||
<div>
|
||||
<h2 class="text-xl font-semibold text-white mb-2">Transaction Relay Sharing</h2>
|
||||
<p class="text-white/70 text-sm">Trusted peer access for broadcasting transactions through this node</p>
|
||||
</div>
|
||||
<div class="px-3 py-2 bg-white/5 rounded-lg text-sm">
|
||||
<span class="text-white/60">Local node</span>
|
||||
<span class="ml-2 font-medium text-yellow-300" id="relaySyncStatus">Checking...</span>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="grid grid-cols-1 lg:grid-cols-3 gap-4 mb-5">
|
||||
<div class="p-4 bg-white/5 rounded-lg">
|
||||
<div class="text-xs uppercase tracking-wide text-white/50 mb-2">HTTPS Endpoint</div>
|
||||
<div class="text-sm text-white/80 font-mono break-all min-h-[1.5rem]" id="relayHttpsEndpoint">Not configured</div>
|
||||
</div>
|
||||
<div class="p-4 bg-white/5 rounded-lg">
|
||||
<div class="text-xs uppercase tracking-wide text-white/50 mb-2">HTTP Endpoint</div>
|
||||
<div class="text-sm text-white/80 font-mono break-all min-h-[1.5rem]" id="relayHttpEndpoint">Not configured</div>
|
||||
</div>
|
||||
<div class="p-4 bg-white/5 rounded-lg">
|
||||
<div class="text-xs uppercase tracking-wide text-white/50 mb-2">Tor Endpoint</div>
|
||||
<div class="text-sm text-white/80 font-mono break-all min-h-[1.5rem]" id="relayTorEndpoint">Not configured</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="grid grid-cols-1 xl:grid-cols-2 gap-6">
|
||||
<div class="space-y-4">
|
||||
<div class="grid grid-cols-1 md:grid-cols-3 gap-3">
|
||||
<label class="flex items-center justify-between gap-3 p-3 bg-white/5 rounded-lg">
|
||||
<span class="text-white/80 text-sm">Allow peer use</span>
|
||||
<input id="relayEnabledToggle" type="checkbox" class="h-5 w-5 accent-orange-500" onchange="saveRelaySettings()">
|
||||
</label>
|
||||
<label class="flex items-center justify-between gap-3 p-3 bg-white/5 rounded-lg">
|
||||
<span class="text-white/80 text-sm">Allow requests</span>
|
||||
<input id="relayRequestsToggle" type="checkbox" class="h-5 w-5 accent-orange-500" onchange="saveRelaySettings()">
|
||||
</label>
|
||||
<label class="flex items-center justify-between gap-3 p-3 bg-white/5 rounded-lg">
|
||||
<span class="text-white/80 text-sm">Serve over Tor</span>
|
||||
<input id="relayTorToggle" type="checkbox" class="h-5 w-5 accent-orange-500" onchange="saveRelaySettings()">
|
||||
</label>
|
||||
</div>
|
||||
|
||||
<div class="grid grid-cols-1 md:grid-cols-2 gap-3">
|
||||
<input id="relayHttpsInput" class="w-full px-3 py-2 rounded-lg bg-black/40 border border-white/10 text-sm text-white placeholder-white/35" placeholder="https://rpc.example.com/">
|
||||
<input id="relayHttpInput" class="w-full px-3 py-2 rounded-lg bg-black/40 border border-white/10 text-sm text-white placeholder-white/35" placeholder="http://192.168.1.2/">
|
||||
</div>
|
||||
<div class="grid grid-cols-1 md:grid-cols-[1fr_auto] gap-3">
|
||||
<input id="relayTorInput" class="w-full px-3 py-2 rounded-lg bg-black/40 border border-white/10 text-sm text-white placeholder-white/35" placeholder="http://exampleonion.onion/">
|
||||
<button class="glass-button px-4 py-2 rounded-lg text-sm font-medium" onclick="createRelayTorService()">Create Tor</button>
|
||||
</div>
|
||||
<button class="gradient-button px-4 py-2 rounded-lg text-sm font-medium" onclick="saveRelaySettings()">Save Sharing Settings</button>
|
||||
</div>
|
||||
|
||||
<div class="space-y-4">
|
||||
<div class="grid grid-cols-1 md:grid-cols-[1fr_auto] gap-3">
|
||||
<select id="relayPeerSelect" class="w-full px-3 py-2 rounded-lg bg-black/40 border border-white/10 text-sm text-white" onchange="saveRelaySettings()">
|
||||
<option value="">No trusted nodes available</option>
|
||||
</select>
|
||||
<button id="relayRequestButton" class="glass-button px-4 py-2 rounded-lg text-sm font-medium" onclick="requestPeerRelay()">Request Access</button>
|
||||
</div>
|
||||
<textarea id="relayRequestMessage" class="w-full px-3 py-2 rounded-lg bg-black/40 border border-white/10 text-sm text-white placeholder-white/35 min-h-[5rem]" placeholder="Optional note for the peer"></textarea>
|
||||
<div class="p-3 bg-white/5 rounded-lg">
|
||||
<div class="flex items-center justify-between gap-3">
|
||||
<span class="text-white/70 text-sm">Restricted RPC user</span>
|
||||
<span class="text-white/90 text-sm font-mono" id="relayCredentialUser">txrelay</span>
|
||||
</div>
|
||||
<div class="text-xs mt-2 text-white/50" id="relayCredentialStatus">Credential status unavailable</div>
|
||||
</div>
|
||||
<div>
|
||||
<div class="text-sm font-semibold text-white mb-2">Relay Requests</div>
|
||||
<div class="space-y-2" id="relayRequestsList">
|
||||
<div class="text-sm text-white/50 p-3 bg-white/5 rounded-lg">No relay requests</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="text-sm text-white/60" id="relayStatusMessage"></div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- Settings Modal -->
|
||||
@@ -608,6 +690,7 @@
|
||||
// RPC Configuration - Use local Nginx proxy within container
|
||||
const RPC_ENDPOINT = 'bitcoin-rpc/';
|
||||
const STATUS_ENDPOINT = 'bitcoin-status';
|
||||
const ARCHY_RPC_ENDPOINT = 'rpc/v1';
|
||||
console.log('[Bitcoin UI] RPC Endpoint:', RPC_ENDPOINT);
|
||||
|
||||
// Make RPC call to Bitcoin node via local proxy
|
||||
@@ -654,6 +737,220 @@
|
||||
return response.json();
|
||||
}
|
||||
|
||||
function cookieValue(name) {
|
||||
return document.cookie
|
||||
.split('; ')
|
||||
.find(row => row.startsWith(`${name}=`))
|
||||
?.split('=')
|
||||
.slice(1)
|
||||
.join('=') || '';
|
||||
}
|
||||
|
||||
async function callArchyRPC(method, params = {}) {
|
||||
const headers = { 'Content-Type': 'application/json' };
|
||||
const csrf = cookieValue('csrf');
|
||||
if (csrf) headers['X-CSRF-Token'] = decodeURIComponent(csrf);
|
||||
const response = await fetch(ARCHY_RPC_ENDPOINT, {
|
||||
method: 'POST',
|
||||
headers,
|
||||
credentials: 'include',
|
||||
cache: 'no-store',
|
||||
body: JSON.stringify({ method, params })
|
||||
});
|
||||
const body = await response.json().catch(() => ({}));
|
||||
if (!response.ok || body.error) {
|
||||
throw new Error(body.error?.message || `Archipelago RPC ${response.status}`);
|
||||
}
|
||||
return body.result;
|
||||
}
|
||||
|
||||
function escapeHtml(value) {
|
||||
return String(value ?? '').replace(/[&<>"']/g, char => ({
|
||||
'&': '&',
|
||||
'<': '<',
|
||||
'>': '>',
|
||||
'"': '"',
|
||||
"'": '''
|
||||
}[char]));
|
||||
}
|
||||
|
||||
function setText(id, value, fallback = 'Not configured') {
|
||||
const el = document.getElementById(id);
|
||||
if (el) el.textContent = value || fallback;
|
||||
}
|
||||
|
||||
function renderRelayRequests(requests = []) {
|
||||
const list = document.getElementById('relayRequestsList');
|
||||
if (!list) return;
|
||||
if (!requests.length) {
|
||||
list.innerHTML = '<div class="text-sm text-white/50 p-3 bg-white/5 rounded-lg">No relay requests</div>';
|
||||
return;
|
||||
}
|
||||
list.innerHTML = requests.map(req => {
|
||||
const name = escapeHtml(req.peer_name || req.peer_onion || req.peer_pubkey);
|
||||
const message = req.message ? `<div class="text-xs text-white/50 mt-1">${escapeHtml(req.message)}</div>` : '';
|
||||
const endpoint = req.approved_endpoint ? `<div class="text-xs text-white/50 mt-1 font-mono break-all">${escapeHtml(req.approved_endpoint)}</div>` : '';
|
||||
const statusClass = req.status === 'approved'
|
||||
? 'text-green-300'
|
||||
: req.status === 'rejected'
|
||||
? 'text-red-300'
|
||||
: 'text-yellow-300';
|
||||
const actions = req.direction === 'incoming' && req.status === 'pending'
|
||||
? `<div class="flex gap-2 mt-3">
|
||||
<button class="glass-button px-3 py-2 rounded-lg text-xs font-medium" onclick="approveRelayRequest('${escapeHtml(req.id)}')">Approve</button>
|
||||
<button class="glass-button px-3 py-2 rounded-lg text-xs font-medium" onclick="rejectRelayRequest('${escapeHtml(req.id)}')">Reject</button>
|
||||
</div>`
|
||||
: '';
|
||||
return `<div class="p-3 bg-white/5 rounded-lg">
|
||||
<div class="flex items-center justify-between gap-3">
|
||||
<div class="text-sm text-white/80">${name}</div>
|
||||
<div class="text-xs uppercase ${statusClass}">${escapeHtml(req.direction)} · ${escapeHtml(req.status)}</div>
|
||||
</div>
|
||||
${message}
|
||||
${endpoint}
|
||||
${actions}
|
||||
</div>`;
|
||||
}).join('');
|
||||
}
|
||||
|
||||
function renderRelayPeers(peers = [], selectedPeer = '', localSynced = true) {
|
||||
const select = document.getElementById('relayPeerSelect');
|
||||
const button = document.getElementById('relayRequestButton');
|
||||
if (!select) return;
|
||||
if (!localSynced) {
|
||||
select.innerHTML = '<option value="">Local Bitcoin node must finish syncing first</option>';
|
||||
select.disabled = true;
|
||||
if (button) button.disabled = true;
|
||||
return;
|
||||
}
|
||||
if (!peers.length) {
|
||||
select.innerHTML = '<option value="">No trusted nodes available</option>';
|
||||
select.disabled = true;
|
||||
if (button) button.disabled = true;
|
||||
return;
|
||||
}
|
||||
select.disabled = false;
|
||||
if (button) button.disabled = false;
|
||||
select.innerHTML = '<option value="">Choose a trusted node</option>' + peers.map(peer => {
|
||||
const label = escapeHtml(peer.name || peer.onion || peer.pubkey.slice(0, 16));
|
||||
const approved = peer.relay_approved ? ' · approved' : '';
|
||||
const selected = peer.pubkey === selectedPeer ? ' selected' : '';
|
||||
return `<option value="${escapeHtml(peer.pubkey)}"${selected}>${label}${approved}</option>`;
|
||||
}).join('');
|
||||
}
|
||||
|
||||
async function loadRelayAccess() {
|
||||
const statusEl = document.getElementById('relayStatusMessage');
|
||||
try {
|
||||
const relay = await callArchyRPC('bitcoin.relay-status');
|
||||
const settings = relay.settings || {};
|
||||
const local = relay.local_node || {};
|
||||
setText('relayHttpsEndpoint', settings.https_endpoint);
|
||||
setText('relayHttpEndpoint', settings.http_endpoint);
|
||||
setText('relayTorEndpoint', settings.tor_endpoint);
|
||||
const syncEl = document.getElementById('relaySyncStatus');
|
||||
if (syncEl) {
|
||||
syncEl.textContent = local.synced ? 'Synchronized' : 'Not synchronized';
|
||||
syncEl.className = local.synced ? 'ml-2 font-medium text-green-300' : 'ml-2 font-medium text-yellow-300';
|
||||
}
|
||||
const enabled = document.getElementById('relayEnabledToggle');
|
||||
const requests = document.getElementById('relayRequestsToggle');
|
||||
const tor = document.getElementById('relayTorToggle');
|
||||
if (enabled) enabled.checked = !!settings.enabled_for_peers;
|
||||
if (requests) requests.checked = !!settings.allow_peer_requests;
|
||||
if (tor) tor.checked = !!settings.allow_tor;
|
||||
const httpsInput = document.getElementById('relayHttpsInput');
|
||||
const httpInput = document.getElementById('relayHttpInput');
|
||||
const torInput = document.getElementById('relayTorInput');
|
||||
if (httpsInput && document.activeElement !== httpsInput) httpsInput.value = settings.https_endpoint || '';
|
||||
if (httpInput && document.activeElement !== httpInput) httpInput.value = settings.http_endpoint || '';
|
||||
if (torInput && document.activeElement !== torInput) torInput.value = settings.tor_endpoint || '';
|
||||
renderRelayPeers(relay.trusted_nodes || [], settings.selected_peer_pubkey || '', !!local.synced);
|
||||
renderRelayRequests(relay.requests || []);
|
||||
setText('relayCredentialUser', relay.credentials?.username || 'txrelay', 'txrelay');
|
||||
setText(
|
||||
'relayCredentialStatus',
|
||||
relay.credentials?.available ? `Credential file ready: ${relay.credentials.client_env_path}. ${relay.credentials.restart_hint || ''}` : 'Restricted relay credential will be generated when peer sharing is enabled',
|
||||
'Credential status unavailable'
|
||||
);
|
||||
if (statusEl) statusEl.textContent = '';
|
||||
} catch (error) {
|
||||
console.warn('[Bitcoin UI] relay status failed', error);
|
||||
if (statusEl) statusEl.textContent = `Relay controls unavailable: ${error.message}`;
|
||||
}
|
||||
}
|
||||
|
||||
async function saveRelaySettings() {
|
||||
const statusEl = document.getElementById('relayStatusMessage');
|
||||
const payload = {
|
||||
enabled_for_peers: !!document.getElementById('relayEnabledToggle')?.checked,
|
||||
allow_peer_requests: !!document.getElementById('relayRequestsToggle')?.checked,
|
||||
allow_tor: !!document.getElementById('relayTorToggle')?.checked,
|
||||
allow_https: !!document.getElementById('relayHttpsInput')?.value.trim(),
|
||||
allow_http: !!document.getElementById('relayHttpInput')?.value.trim(),
|
||||
selected_peer_pubkey: document.getElementById('relayPeerSelect')?.value || '',
|
||||
https_endpoint: document.getElementById('relayHttpsInput')?.value.trim() || '',
|
||||
http_endpoint: document.getElementById('relayHttpInput')?.value.trim() || '',
|
||||
tor_endpoint: document.getElementById('relayTorInput')?.value.trim() || ''
|
||||
};
|
||||
try {
|
||||
await callArchyRPC('bitcoin.relay-update-settings', payload);
|
||||
if (statusEl) statusEl.textContent = 'Relay settings saved.';
|
||||
await loadRelayAccess();
|
||||
} catch (error) {
|
||||
if (statusEl) statusEl.textContent = `Save failed: ${error.message}`;
|
||||
}
|
||||
}
|
||||
|
||||
async function requestPeerRelay() {
|
||||
const statusEl = document.getElementById('relayStatusMessage');
|
||||
const peer = document.getElementById('relayPeerSelect')?.value;
|
||||
if (!peer) {
|
||||
if (statusEl) statusEl.textContent = 'Choose a trusted node first.';
|
||||
return;
|
||||
}
|
||||
try {
|
||||
await callArchyRPC('bitcoin.relay-request-peer', {
|
||||
peer_pubkey: peer,
|
||||
message: document.getElementById('relayRequestMessage')?.value || ''
|
||||
});
|
||||
if (statusEl) statusEl.textContent = 'Relay access request sent.';
|
||||
await loadRelayAccess();
|
||||
} catch (error) {
|
||||
if (statusEl) statusEl.textContent = `Request failed: ${error.message}`;
|
||||
}
|
||||
}
|
||||
|
||||
async function approveRelayRequest(id) {
|
||||
await updateRelayRequest('bitcoin.relay-approve-request', id);
|
||||
}
|
||||
|
||||
async function rejectRelayRequest(id) {
|
||||
await updateRelayRequest('bitcoin.relay-reject-request', id);
|
||||
}
|
||||
|
||||
async function updateRelayRequest(method, id) {
|
||||
const statusEl = document.getElementById('relayStatusMessage');
|
||||
try {
|
||||
await callArchyRPC(method, { id });
|
||||
if (statusEl) statusEl.textContent = 'Relay request updated.';
|
||||
await loadRelayAccess();
|
||||
} catch (error) {
|
||||
if (statusEl) statusEl.textContent = `Update failed: ${error.message}`;
|
||||
}
|
||||
}
|
||||
|
||||
async function createRelayTorService() {
|
||||
const statusEl = document.getElementById('relayStatusMessage');
|
||||
try {
|
||||
await callArchyRPC('bitcoin.relay-create-tor-service');
|
||||
if (statusEl) statusEl.textContent = 'Tor service requested.';
|
||||
await loadRelayAccess();
|
||||
} catch (error) {
|
||||
if (statusEl) statusEl.textContent = `Tor setup failed: ${error.message}`;
|
||||
}
|
||||
}
|
||||
|
||||
// Implementation branding — detected from getnetworkinfo.subversion.
|
||||
// Bitcoin Knots identifies as "/Satoshi:<ver>/Knots:<date>/", Bitcoin Core as "/Satoshi:<ver>/".
|
||||
let brandingApplied = false;
|
||||
@@ -720,11 +1017,11 @@
|
||||
syncStatusText.textContent = status.error || 'Bitcoin node is reconnecting... showing last known values';
|
||||
syncStatusText.className = 'text-yellow-300 text-sm font-medium';
|
||||
} else if (consecutiveRpcFailures < 6) {
|
||||
syncStatusText.textContent = status.error || 'Connecting to Bitcoin node...';
|
||||
syncStatusText.textContent = status.error || 'Bitcoin node is starting or busy syncing...';
|
||||
syncStatusText.className = 'text-yellow-300 text-sm font-medium';
|
||||
} else {
|
||||
syncStatusText.textContent = status.error || 'Bitcoin node is not responding yet';
|
||||
syncStatusText.className = 'text-red-400 text-sm font-medium';
|
||||
syncStatusText.textContent = status.error || 'Bitcoin node is still syncing; retrying automatically...';
|
||||
syncStatusText.className = 'text-yellow-300 text-sm font-medium';
|
||||
}
|
||||
}
|
||||
if (syncIcon) {
|
||||
@@ -910,8 +1207,8 @@
|
||||
if (syncStatusText) {
|
||||
const hasRecentData = lastSuccessfulUpdateAt > 0 && Date.now() - lastSuccessfulUpdateAt < 120000;
|
||||
syncStatusText.textContent = hasRecentData
|
||||
? 'Bitcoin status bridge is reconnecting... keeping last known values'
|
||||
: 'Connecting to Bitcoin status bridge...';
|
||||
? 'Bitcoin status bridge is retrying... keeping last known values'
|
||||
: 'Bitcoin status bridge is starting...';
|
||||
syncStatusText.className = 'text-yellow-300 text-sm font-medium';
|
||||
}
|
||||
}
|
||||
@@ -920,10 +1217,12 @@
|
||||
// Initial update
|
||||
console.log('[Bitcoin UI] Starting initial blockchain info update...');
|
||||
updateBlockchainInfo();
|
||||
loadRelayAccess();
|
||||
|
||||
// Update every 5 seconds
|
||||
console.log('[Bitcoin UI] Setting up 5-second update interval');
|
||||
setInterval(updateBlockchainInfo, 5000);
|
||||
setInterval(loadRelayAccess, 15000);
|
||||
|
||||
function copyRPCInfo() {
|
||||
const info = `RPC Host: ${window.location.hostname}:8332\nRPC User: archipelago\nRPC Password: archipelago123\nRPC Endpoint: ${RPC_ENDPOINT}`;
|
||||
|
||||
Reference in New Issue
Block a user