archy/docs/app-manifest-spec.md

127 lines
3.7 KiB
Markdown
Raw Normal View History

chore: baseline codex hardening before lifecycle refactor Snapshots the in-flight hardening work so subsequent reconcile/Quadlet phases land on a clean before/after diff. Changes: - core/container/src/podman_client.rs: image_uses_insecure_registry() whitelist for the OVH (146.59.87.168:3000) and legacy Hetzner (23.182.128.160:3000) HTTP mirrors; podman_network_settings() lifts custom networks into the Networks map so containers can join them. - core/archipelago/src/container/prod_orchestrator.rs: ensure_container_network() creates per-manifest networks on demand; apply_data_uid() now goes through host_sudo for mkdir -p + chown so bind-mount roots get created and chowned without password prompts. - core/archipelago/src/api/rpc/package/{install,update,stacks}.rs: podman pull adds --tls-verify=false only for whitelisted registries. - core/archipelago/src/bootstrap.rs: removes stale dev-mode systemd override on startup (live nodes carried it from old installers). - core/archipelago/src/config.rs: ignore ARCHIPELAGO_DEV_MODE in prod binaries — it had been silently rerouting volumes to /tmp. - apps/bitcoin-{core,knots}/manifest.yml: locate bitcoind at runtime so image-layout differences don't break entrypoint. - scripts/app-catalog-image-smoke-test.py: production catalog/image smoke test that probes a target node before users click Install. - .gitignore: cover .codex, .pnpm-store, __pycache__, *.bak. Removes filebrowser.rs.bak and two stale catalog.json.bak files (verified identical to live counterparts). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-01 08:52:29 -04:00
# App Manifest Specification
## Overview
App manifests define containerized applications in Archipelago. They use YAML format and specify container configuration, dependencies, resources, security policies, and integration metadata.
## File Location
App manifests are stored in `apps/{app-id}/manifest.yml`
## Schema
### Required Fields
```yaml
app:
id: string # Unique app identifier (lowercase, kebab-case)
name: string # Human-readable name
version: string # Semantic version (e.g., "1.0.0")
container:
image: string # Container image (e.g., "bitcoin/bitcoin:26.0")
```
### Optional Fields
```yaml
app:
description: string # App description
container:
image_signature: string # Cosign signature URL (e.g., "cosign://...")
pull_policy: string # "if-not-present" | "always" | "never"
dependencies:
- storage: string # Minimum disk space (e.g., "500Gi")
- app_id: string # Required app dependency
version: string # Version constraint (e.g., ">=26.0")
- string # Simple app dependency
resources:
cpu_limit: number # CPU cores (e.g., 2)
memory_limit: string # Memory limit (e.g., "2Gi", "512Mi")
disk_limit: string # Disk limit (e.g., "500Gi")
security:
capabilities: [string] # Linux capabilities (e.g., ["NET_BIND_SERVICE"])
readonly_root: boolean # Read-only root filesystem (default: true)
network_policy: string # "isolated" | "host" | network name
apparmor_profile: string # AppArmor profile name
ports:
- host: number # Host port
container: number # Container port
protocol: string # "tcp" | "udp" (default: "tcp")
volumes:
- type: string # "bind" | "tmpfs" | "volume"
source: string # Host path
target: string # Container path
options: [string] # Mount options (e.g., ["rw", "noexec"])
environment:
- string # Environment variable (e.g., "NETWORK=mainnet")
devices:
- string # Device path (e.g., "/dev/ttyUSB0")
health_check:
type: string # "http" | "exec"
endpoint: string # HTTP URL or command
path: string # HTTP path (for http type)
interval: string # Check interval (e.g., "30s")
timeout: string # Timeout (e.g., "5s")
retries: number # Failure retries (default: 3)
# Integration-specific metadata
bitcoin_integration:
rpc_access: string # "admin" | "read-only"
sync_required: boolean # Requires synced node
testnet_support: boolean
pruning_support: boolean
lightning_integration:
channel_management: boolean
payment_routing: boolean
nostr_integration:
relay_type: string # "public" | "private"
monetization_enabled: boolean
event_storage: string # "sqlite" | "postgres"
web5_integration:
did_support: boolean
dwn_protocol: boolean
sync_enabled: boolean
networking:
mesh_enabled: boolean
local_network_access: boolean
device_discovery: boolean
routing_protocols: [string] # e.g., ["olsr", "babel"]
```
## Examples
See `apps/` directory for complete examples:
- `apps/bitcoin-core/manifest.yml`
- `apps/lnd/manifest.yml`
- `apps/nostr-rs-relay/manifest.yml`
- `apps/meshtastic/manifest.yml`
## Validation
Manifests are validated on installation:
- Required fields present
- Version format valid
- Resource limits reasonable
- Port conflicts detected
- Dependency cycles prevented
## Versioning
- Use semantic versioning (MAJOR.MINOR.PATCH)
- Breaking changes increment MAJOR
- New features increment MINOR
- Bug fixes increment PATCH