lfg2025/archy
1
0
Fork 0
Code Issues 9 Pull Requests Actions Packages Projects Releases 44 Wiki Activity
archy/CLAUDE.md

60 lines
2.4 KiB
Markdown
Raw Normal View History

docs: trim CLAUDE.md — lean, updated for CI/CD and registry Removed duplication with rules/ files, updated infrastructure table (git.tx1138.com, app registry, CI runner, ISO debugging), trimmed from 404 lines to ~120. Security rules kept via reference to rules/. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 12:03:04 +00:00
# CLAUDE.md — Archipelago (Archy)
feat: complete Phase 1 foundation hardening + three-mode UI design doc Phase 1a — Gradient Removal: - Replaced all gradient-button/gradient-card with glass-button/path-option-card - Removed banned gradient CSS classes Phase 1b — Security Hardening: - SecretsManager: AES-256-GCM encryption (core/security) - electrs_status: credentials from env vars instead of hardcoded - port_manager: RwLock proper error handling (no unwrap) - Pinned all 11 :latest manifest images to specific versions - parmanode converter: pinned inferred image versions Phase 1c — Code Quality: - Split rpc.rs (1795 lines) into 6 handler modules (auth, node, container, package, peers) - Removed sideload code (UI, store, RPC client, 3 doc files) - Fixed body background flash on logout/refresh - Replaced 30 TypeScript `any` types with proper types - Deleted HelloWorld.vue, removed TODO comments - Added set -euo pipefail to all shell scripts - Made deploy script verbose with timestamps and elapsed time Also adds: - CLAUDE.md project guide - docs/three-mode-ui-design.md — design spec for Easy/Pro/Chat UI modes - OnlineStatusPill component Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-04 05:23:42 +00:00
docs: trim CLAUDE.md — lean, updated for CI/CD and registry Removed duplication with rules/ files, updated infrastructure table (git.tx1138.com, app registry, CI runner, ISO debugging), trimmed from 404 lines to ~120. Security rules kept via reference to rules/. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 12:03:04 +00:00
Archipelago is a **Bitcoin Node OS** — bootable, self-sovereign personal server. Flash to USB, install on hardware, manage via web UI.
feat: complete Phase 1 foundation hardening + three-mode UI design doc Phase 1a — Gradient Removal: - Replaced all gradient-button/gradient-card with glass-button/path-option-card - Removed banned gradient CSS classes Phase 1b — Security Hardening: - SecretsManager: AES-256-GCM encryption (core/security) - electrs_status: credentials from env vars instead of hardcoded - port_manager: RwLock proper error handling (no unwrap) - Pinned all 11 :latest manifest images to specific versions - parmanode converter: pinned inferred image versions Phase 1c — Code Quality: - Split rpc.rs (1795 lines) into 6 handler modules (auth, node, container, package, peers) - Removed sideload code (UI, store, RPC client, 3 doc files) - Fixed body background flash on logout/refresh - Replaced 30 TypeScript `any` types with proper types - Deleted HelloWorld.vue, removed TODO comments - Added set -euo pipefail to all shell scripts - Made deploy script verbose with timestamps and elapsed time Also adds: - CLAUDE.md project guide - docs/three-mode-ui-design.md — design spec for Easy/Pro/Chat UI modes - OnlineStatusPill component Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-04 05:23:42 +00:00
chore: Debian 12 → 13 (Trixie) migration, service hardening - Update all references from Debian 12 (Bookworm) to Debian 13 (Trixie) - Enable SystemCallArchitectures, RestrictAddressFamilies, RestrictRealtime in archipelago.service (safe on systemd 256+ which respects NoNewPrivileges=no) - Update GLIBC compatibility checks from 2.36 to 2.40 - ISO filename, build container, and docs updated throughout Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 21:32:08 +02:00
**Stack**: Rust backend + Vue 3 + TypeScript (strict) + Vite 7 + Tailwind + Pinia + Podman on Debian 13
fix: container orchestration stability, AIUI inclusion, lnd-ui port, version 1.3.0 Container stability: - Merge scan results instead of full replacement (prevents UI flapping) - Absence threshold: 3 consecutive missed scans before removing from state - container-list RPC uses cached scanner state for consistency - Increased Podman API timeout 30s → 60s (scanner + health monitor) - Keep crashed containers visible as "exited" instead of podman rm -f - Resolve host-gateway IP via ip route (podman 4.3.x compatibility) ISO build fixes: - AIUI web app inclusion: searches 5 paths + CI step to copy from build server - Claude API proxy: systemctl enable with symlink fallback - AIUI nginx: try_files =404 (was /aiui/index.html redirect loop) - Build version set to 1.3.0 Container fixes: - lnd-ui: nginx listens on 8080 (was 80, Permission denied in rootless) - first-boot: image-versions.sh sourced from correct path with validation - first-boot: host-gateway resolved to actual gateway IP Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-02 01:28:11 +01:00
**Version**: 1.3.0 | **Target**: x86_64 and ARM64
feat: complete Phase 1 foundation hardening + three-mode UI design doc Phase 1a — Gradient Removal: - Replaced all gradient-button/gradient-card with glass-button/path-option-card - Removed banned gradient CSS classes Phase 1b — Security Hardening: - SecretsManager: AES-256-GCM encryption (core/security) - electrs_status: credentials from env vars instead of hardcoded - port_manager: RwLock proper error handling (no unwrap) - Pinned all 11 :latest manifest images to specific versions - parmanode converter: pinned inferred image versions Phase 1c — Code Quality: - Split rpc.rs (1795 lines) into 6 handler modules (auth, node, container, package, peers) - Removed sideload code (UI, store, RPC client, 3 doc files) - Fixed body background flash on logout/refresh - Replaced 30 TypeScript `any` types with proper types - Deleted HelloWorld.vue, removed TODO comments - Added set -euo pipefail to all shell scripts - Made deploy script verbose with timestamps and elapsed time Also adds: - CLAUDE.md project guide - docs/three-mode-ui-design.md — design spec for Easy/Pro/Chat UI modes - OnlineStatusPill component Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-04 05:23:42 +00:00
docs: trim CLAUDE.md — lean, updated for CI/CD and registry Removed duplication with rules/ files, updated infrastructure table (git.tx1138.com, app registry, CI runner, ISO debugging), trimmed from 404 lines to ~120. Security rules kept via reference to rules/. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 12:03:04 +00:00
## Beta Freeze (2026-03-18)
feat: rootless podman, session hardening, boot stability, sidebar fix Rootless podman migration (TASK-11): - Remove sudo from all podman calls in PodmanClient + 8 backend files - Remove sudo from all podman/docker calls in deploy script - Restore full systemd security hardening: NoNewPrivileges, RestrictAddressFamilies, MemoryDenyWriteExecute, RestrictRealtime, RestrictNamespaces, RestrictSUIDSGID, SystemCallFilter, ProtectSystem=strict - Enable loginctl linger for rootless container persistence - Remove Ollama from auto-deploy (marketplace-only) Session & auth hardening: - Increase MAX_CONCURRENT_SESSIONS 20→50 (prevents eviction storms) - Debounced 401 redirect in rpc-client.ts (prevents redirect storms) Boot stability: - optimize-debian.sh: adds chrony, swap, removes policy-rc.d - deploy script: pre-restart chrony + swap setup - ISO build: chrony package, swap file creation - BootScreen: no longer clears localStorage (prevents splash replay) - RootRedirect: sole owner of localStorage clearing on server ready UI fixes: - Sidebar opacity default changed from 0→visible (fixes missing sidebar after page-persistence login without entrance animation) - Console.log/error wrapped in import.meta.env.DEV guards - Remove unused route import from RootRedirect Beta tracking: - CLAUDE.md: beta freeze protocol added - MASTER_PLAN.md: TASK-11, TASK-17, phase structure - BETA-PROGRESS.md: initial tracking doc - Tagged v1.2.0-alpha.1 as pre-rootless baseline Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 13:53:27 +00:00
feat: standalone WireGuard from first install, fix networking stack Standalone WireGuard (wg0:51820): - New archipelago-wg.service creates wg0 independent of NostrVPN - Keypair generated on first-boot, persisted on LUKS partition - vpn.create-peer uses wg genkey/pubkey (no nvpn dependency) - wg-address service depends on archipelago-wg, not nostr-vpn Networking fixes: - Remove nos.lol from default relays (requires PoW, events rejected) - Add Tor hidden service for private relay (port 7777) — NAT'd peers can reach relay over Tor for NostrVPN signaling - Fix Tor hostname sync race: wait loop before copying hostname files - Add tor-hostnames + wireguard dirs to LUKS partition setup - Include relay in hostname sync loops (setup-tor.sh + first-boot) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-08 20:27:38 +02:00
Phase 1: Feature Testing (internal). Feature set is locked.
Only: bug fixes, security hardening, ISO build fixes, UI polish, testing.
docs: trim CLAUDE.md — lean, updated for CI/CD and registry Removed duplication with rules/ files, updated infrastructure table (git.tx1138.com, app registry, CI runner, ISO debugging), trimmed from 404 lines to ~120. Security rules kept via reference to rules/. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 12:03:04 +00:00
Track: `docs/BETA-PROGRESS.md` | Checklist: `docs/BETA-RELEASE-CHECKLIST.md`
feat: rootless podman, session hardening, boot stability, sidebar fix Rootless podman migration (TASK-11): - Remove sudo from all podman calls in PodmanClient + 8 backend files - Remove sudo from all podman/docker calls in deploy script - Restore full systemd security hardening: NoNewPrivileges, RestrictAddressFamilies, MemoryDenyWriteExecute, RestrictRealtime, RestrictNamespaces, RestrictSUIDSGID, SystemCallFilter, ProtectSystem=strict - Enable loginctl linger for rootless container persistence - Remove Ollama from auto-deploy (marketplace-only) Session & auth hardening: - Increase MAX_CONCURRENT_SESSIONS 20→50 (prevents eviction storms) - Debounced 401 redirect in rpc-client.ts (prevents redirect storms) Boot stability: - optimize-debian.sh: adds chrony, swap, removes policy-rc.d - deploy script: pre-restart chrony + swap setup - ISO build: chrony package, swap file creation - BootScreen: no longer clears localStorage (prevents splash replay) - RootRedirect: sole owner of localStorage clearing on server ready UI fixes: - Sidebar opacity default changed from 0→visible (fixes missing sidebar after page-persistence login without entrance animation) - Console.log/error wrapped in import.meta.env.DEV guards - Remove unused route import from RootRedirect Beta tracking: - CLAUDE.md: beta freeze protocol added - MASTER_PLAN.md: TASK-11, TASK-17, phase structure - BETA-PROGRESS.md: initial tracking doc - Tagged v1.2.0-alpha.1 as pre-rootless baseline Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 13:53:27 +00:00
feat: complete Phase 1 foundation hardening + three-mode UI design doc Phase 1a — Gradient Removal: - Replaced all gradient-button/gradient-card with glass-button/path-option-card - Removed banned gradient CSS classes Phase 1b — Security Hardening: - SecretsManager: AES-256-GCM encryption (core/security) - electrs_status: credentials from env vars instead of hardcoded - port_manager: RwLock proper error handling (no unwrap) - Pinned all 11 :latest manifest images to specific versions - parmanode converter: pinned inferred image versions Phase 1c — Code Quality: - Split rpc.rs (1795 lines) into 6 handler modules (auth, node, container, package, peers) - Removed sideload code (UI, store, RPC client, 3 doc files) - Fixed body background flash on logout/refresh - Replaced 30 TypeScript `any` types with proper types - Deleted HelloWorld.vue, removed TODO comments - Added set -euo pipefail to all shell scripts - Made deploy script verbose with timestamps and elapsed time Also adds: - CLAUDE.md project guide - docs/three-mode-ui-design.md — design spec for Easy/Pro/Chat UI modes - OnlineStatusPill component Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-04 05:23:42 +00:00
## Quick Reference
```bash
docs: trim CLAUDE.md — lean, updated for CI/CD and registry Removed duplication with rules/ files, updated infrastructure table (git.tx1138.com, app registry, CI runner, ISO debugging), trimmed from 404 lines to ~120. Security rules kept via reference to rules/. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 12:03:04 +00:00
cd neode-ui && npm start # Local dev (mock backend :5959, Vite :8100)
cd neode-ui && npm run build # Build (outputs to web/dist/neode-ui/)
./scripts/deploy-to-target.sh --live # Deploy to live server (.228)
feat: complete Phase 1 foundation hardening + three-mode UI design doc Phase 1a — Gradient Removal: - Replaced all gradient-button/gradient-card with glass-button/path-option-card - Removed banned gradient CSS classes Phase 1b — Security Hardening: - SecretsManager: AES-256-GCM encryption (core/security) - electrs_status: credentials from env vars instead of hardcoded - port_manager: RwLock proper error handling (no unwrap) - Pinned all 11 :latest manifest images to specific versions - parmanode converter: pinned inferred image versions Phase 1c — Code Quality: - Split rpc.rs (1795 lines) into 6 handler modules (auth, node, container, package, peers) - Removed sideload code (UI, store, RPC client, 3 doc files) - Fixed body background flash on logout/refresh - Replaced 30 TypeScript `any` types with proper types - Deleted HelloWorld.vue, removed TODO comments - Added set -euo pipefail to all shell scripts - Made deploy script verbose with timestamps and elapsed time Also adds: - CLAUDE.md project guide - docs/three-mode-ui-design.md — design spec for Easy/Pro/Chat UI modes - OnlineStatusPill component Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-04 05:23:42 +00:00
```
## Architecture
```
chore: Debian 12 → 13 (Trixie) migration, service hardening - Update all references from Debian 12 (Bookworm) to Debian 13 (Trixie) - Enable SystemCallArchitectures, RestrictAddressFamilies, RestrictRealtime in archipelago.service (safe on systemd 256+ which respects NoNewPrivileges=no) - Update GLIBC compatibility checks from 2.36 to 2.40 - ISO filename, build container, and docs updated throughout Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 21:32:08 +02:00
Debian 13
docs: trim CLAUDE.md — lean, updated for CI/CD and registry Removed duplication with rules/ files, updated infrastructure table (git.tx1138.com, app registry, CI runner, ISO debugging), trimmed from 404 lines to ~120. Security rules kept via reference to rules/. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 12:03:04 +00:00
├── Podman (rootless, user archipelago)
├── Nginx (80/443 → backend, app proxies)
├── Rust Backend (core/) on 127.0.0.1:5678
feat: complete Phase 1 foundation hardening + three-mode UI design doc Phase 1a — Gradient Removal: - Replaced all gradient-button/gradient-card with glass-button/path-option-card - Removed banned gradient CSS classes Phase 1b — Security Hardening: - SecretsManager: AES-256-GCM encryption (core/security) - electrs_status: credentials from env vars instead of hardcoded - port_manager: RwLock proper error handling (no unwrap) - Pinned all 11 :latest manifest images to specific versions - parmanode converter: pinned inferred image versions Phase 1c — Code Quality: - Split rpc.rs (1795 lines) into 6 handler modules (auth, node, container, package, peers) - Removed sideload code (UI, store, RPC client, 3 doc files) - Fixed body background flash on logout/refresh - Replaced 30 TypeScript `any` types with proper types - Deleted HelloWorld.vue, removed TODO comments - Added set -euo pipefail to all shell scripts - Made deploy script verbose with timestamps and elapsed time Also adds: - CLAUDE.md project guide - docs/three-mode-ui-design.md — design spec for Easy/Pro/Chat UI modes - OnlineStatusPill component Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-04 05:23:42 +00:00
└── Vue.js UI (neode-ui/)
```
docs: trim CLAUDE.md — lean, updated for CI/CD and registry Removed duplication with rules/ files, updated infrastructure table (git.tx1138.com, app registry, CI runner, ISO debugging), trimmed from 404 lines to ~120. Security rules kept via reference to rules/. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 12:03:04 +00:00
**Data paths**: `/var/lib/archipelago/{app-id}/` (data), `/opt/archipelago/web-ui/` (frontend), `/usr/local/bin/archipelago` (binary)
feat: complete Phase 1 foundation hardening + three-mode UI design doc Phase 1a — Gradient Removal: - Replaced all gradient-button/gradient-card with glass-button/path-option-card - Removed banned gradient CSS classes Phase 1b — Security Hardening: - SecretsManager: AES-256-GCM encryption (core/security) - electrs_status: credentials from env vars instead of hardcoded - port_manager: RwLock proper error handling (no unwrap) - Pinned all 11 :latest manifest images to specific versions - parmanode converter: pinned inferred image versions Phase 1c — Code Quality: - Split rpc.rs (1795 lines) into 6 handler modules (auth, node, container, package, peers) - Removed sideload code (UI, store, RPC client, 3 doc files) - Fixed body background flash on logout/refresh - Replaced 30 TypeScript `any` types with proper types - Deleted HelloWorld.vue, removed TODO comments - Added set -euo pipefail to all shell scripts - Made deploy script verbose with timestamps and elapsed time Also adds: - CLAUDE.md project guide - docs/three-mode-ui-design.md — design spec for Easy/Pro/Chat UI modes - OnlineStatusPill component Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-04 05:23:42 +00:00
docs: trim CLAUDE.md — lean, updated for CI/CD and registry Removed duplication with rules/ files, updated infrastructure table (git.tx1138.com, app registry, CI runner, ISO debugging), trimmed from 404 lines to ~120. Security rules kept via reference to rules/. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 12:03:04 +00:00
## Critical Rules
feat: complete Phase 1 foundation hardening + three-mode UI design doc Phase 1a — Gradient Removal: - Replaced all gradient-button/gradient-card with glass-button/path-option-card - Removed banned gradient CSS classes Phase 1b — Security Hardening: - SecretsManager: AES-256-GCM encryption (core/security) - electrs_status: credentials from env vars instead of hardcoded - port_manager: RwLock proper error handling (no unwrap) - Pinned all 11 :latest manifest images to specific versions - parmanode converter: pinned inferred image versions Phase 1c — Code Quality: - Split rpc.rs (1795 lines) into 6 handler modules (auth, node, container, package, peers) - Removed sideload code (UI, store, RPC client, 3 doc files) - Fixed body background flash on logout/refresh - Replaced 30 TypeScript `any` types with proper types - Deleted HelloWorld.vue, removed TODO comments - Added set -euo pipefail to all shell scripts - Made deploy script verbose with timestamps and elapsed time Also adds: - CLAUDE.md project guide - docs/three-mode-ui-design.md — design spec for Easy/Pro/Chat UI modes - OnlineStatusPill component Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-04 05:23:42 +00:00
feat: standalone WireGuard from first install, fix networking stack Standalone WireGuard (wg0:51820): - New archipelago-wg.service creates wg0 independent of NostrVPN - Keypair generated on first-boot, persisted on LUKS partition - vpn.create-peer uses wg genkey/pubkey (no nvpn dependency) - wg-address service depends on archipelago-wg, not nostr-vpn Networking fixes: - Remove nos.lol from default relays (requires PoW, events rejected) - Add Tor hidden service for private relay (port 7777) — NAT'd peers can reach relay over Tor for NostrVPN signaling - Fix Tor hostname sync race: wait loop before copying hostname files - Add tor-hostnames + wireguard dirs to LUKS partition setup - Include relay in hostname sync loops (setup-tor.sh + first-boot) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-08 20:27:38 +02:00
1. Do not build Rust on macOS — deploy script handles cross-compilation via rsync + remote build.
2. Always deploy after changes — `./scripts/deploy-to-target.sh --live`
3. Frontend builds to `web/dist/neode-ui/` — not `neode-ui/dist/`
4. Container images: `scripts/image-versions.sh` is the single source of truth. All scripts use `$*_IMAGE` variables, not hardcoded registry paths.
5. Type-check before committing — `cd neode-ui && npx vue-tsc -b --noEmit`
feat: complete Phase 1 foundation hardening + three-mode UI design doc Phase 1a — Gradient Removal: - Replaced all gradient-button/gradient-card with glass-button/path-option-card - Removed banned gradient CSS classes Phase 1b — Security Hardening: - SecretsManager: AES-256-GCM encryption (core/security) - electrs_status: credentials from env vars instead of hardcoded - port_manager: RwLock proper error handling (no unwrap) - Pinned all 11 :latest manifest images to specific versions - parmanode converter: pinned inferred image versions Phase 1c — Code Quality: - Split rpc.rs (1795 lines) into 6 handler modules (auth, node, container, package, peers) - Removed sideload code (UI, store, RPC client, 3 doc files) - Fixed body background flash on logout/refresh - Replaced 30 TypeScript `any` types with proper types - Deleted HelloWorld.vue, removed TODO comments - Added set -euo pipefail to all shell scripts - Made deploy script verbose with timestamps and elapsed time Also adds: - CLAUDE.md project guide - docs/three-mode-ui-design.md — design spec for Easy/Pro/Chat UI modes - OnlineStatusPill component Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-04 05:23:42 +00:00
## App Integration Checklist
feat: standalone WireGuard from first install, fix networking stack Standalone WireGuard (wg0:51820): - New archipelago-wg.service creates wg0 independent of NostrVPN - Keypair generated on first-boot, persisted on LUKS partition - vpn.create-peer uses wg genkey/pubkey (no nvpn dependency) - wg-address service depends on archipelago-wg, not nostr-vpn Networking fixes: - Remove nos.lol from default relays (requires PoW, events rejected) - Add Tor hidden service for private relay (port 7777) — NAT'd peers can reach relay over Tor for NostrVPN signaling - Fix Tor hostname sync race: wait loop before copying hostname files - Add tor-hostnames + wireguard dirs to LUKS partition setup - Include relay in hostname sync loops (setup-tor.sh + first-boot) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-08 20:27:38 +02:00
When adding/fixing apps, check all of these:
docs: trim CLAUDE.md — lean, updated for CI/CD and registry Removed duplication with rules/ files, updated infrastructure table (git.tx1138.com, app registry, CI runner, ISO debugging), trimmed from 404 lines to ~120. Security rules kept via reference to rules/. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 12:03:04 +00:00
- `core/archipelago/src/api/rpc/package/` — config, capabilities, deps
- `neode-ui/src/views/marketplace/marketplaceData.ts` — marketplace entry
- `image-recipe/configs/nginx-archipelago.conf` — proxy rules (HTTP + HTTPS)
- `scripts/image-versions.sh` — pinned image version
- `scripts/first-boot-containers.sh` — first boot creation
- `scripts/deploy-to-target.sh` — deploy logic
feat: complete Phase 1 foundation hardening + three-mode UI design doc Phase 1a — Gradient Removal: - Replaced all gradient-button/gradient-card with glass-button/path-option-card - Removed banned gradient CSS classes Phase 1b — Security Hardening: - SecretsManager: AES-256-GCM encryption (core/security) - electrs_status: credentials from env vars instead of hardcoded - port_manager: RwLock proper error handling (no unwrap) - Pinned all 11 :latest manifest images to specific versions - parmanode converter: pinned inferred image versions Phase 1c — Code Quality: - Split rpc.rs (1795 lines) into 6 handler modules (auth, node, container, package, peers) - Removed sideload code (UI, store, RPC client, 3 doc files) - Fixed body background flash on logout/refresh - Replaced 30 TypeScript `any` types with proper types - Deleted HelloWorld.vue, removed TODO comments - Added set -euo pipefail to all shell scripts - Made deploy script verbose with timestamps and elapsed time Also adds: - CLAUDE.md project guide - docs/three-mode-ui-design.md — design spec for Easy/Pro/Chat UI modes - OnlineStatusPill component Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-04 05:23:42 +00:00
docs: trim CLAUDE.md — lean, updated for CI/CD and registry Removed duplication with rules/ files, updated infrastructure table (git.tx1138.com, app registry, CI runner, ISO debugging), trimmed from 404 lines to ~120. Security rules kept via reference to rules/. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 12:03:04 +00:00
## Git
feat: complete Phase 1 foundation hardening + three-mode UI design doc Phase 1a — Gradient Removal: - Replaced all gradient-button/gradient-card with glass-button/path-option-card - Removed banned gradient CSS classes Phase 1b — Security Hardening: - SecretsManager: AES-256-GCM encryption (core/security) - electrs_status: credentials from env vars instead of hardcoded - port_manager: RwLock proper error handling (no unwrap) - Pinned all 11 :latest manifest images to specific versions - parmanode converter: pinned inferred image versions Phase 1c — Code Quality: - Split rpc.rs (1795 lines) into 6 handler modules (auth, node, container, package, peers) - Removed sideload code (UI, store, RPC client, 3 doc files) - Fixed body background flash on logout/refresh - Replaced 30 TypeScript `any` types with proper types - Deleted HelloWorld.vue, removed TODO comments - Added set -euo pipefail to all shell scripts - Made deploy script verbose with timestamps and elapsed time Also adds: - CLAUDE.md project guide - docs/three-mode-ui-design.md — design spec for Easy/Pro/Chat UI modes - OnlineStatusPill component Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-04 05:23:42 +00:00
docs: trim CLAUDE.md — lean, updated for CI/CD and registry Removed duplication with rules/ files, updated infrastructure table (git.tx1138.com, app registry, CI runner, ISO debugging), trimmed from 404 lines to ~120. Security rules kept via reference to rules/. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 12:03:04 +00:00
Commits: `type: description` (`feat:`, `fix:`, `docs:`, `refactor:`, `test:`, `chore:`, `perf:`)
Push to: `git push tx1138 main`
feat: standalone WireGuard from first install, fix networking stack Standalone WireGuard (wg0:51820): - New archipelago-wg.service creates wg0 independent of NostrVPN - Keypair generated on first-boot, persisted on LUKS partition - vpn.create-peer uses wg genkey/pubkey (no nvpn dependency) - wg-address service depends on archipelago-wg, not nostr-vpn Networking fixes: - Remove nos.lol from default relays (requires PoW, events rejected) - Add Tor hidden service for private relay (port 7777) — NAT'd peers can reach relay over Tor for NostrVPN signaling - Fix Tor hostname sync race: wait loop before copying hostname files - Add tor-hostnames + wireguard dirs to LUKS partition setup - Include relay in hostname sync loops (setup-tor.sh + first-boot) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-08 20:27:38 +02:00
## Compact Instructions
When compacting, preserve: list of modified files, test results, deploy target state, current branch, infrastructure IPs.
Reference in New Issue Copy Permalink