archy/image-recipe/scripts/build-backend.sh

70 lines
1.9 KiB
Bash
Raw Normal View History

chore: baseline codex hardening before lifecycle refactor Snapshots the in-flight hardening work so subsequent reconcile/Quadlet phases land on a clean before/after diff. Changes: - core/container/src/podman_client.rs: image_uses_insecure_registry() whitelist for the OVH (146.59.87.168:3000) and legacy Hetzner (23.182.128.160:3000) HTTP mirrors; podman_network_settings() lifts custom networks into the Networks map so containers can join them. - core/archipelago/src/container/prod_orchestrator.rs: ensure_container_network() creates per-manifest networks on demand; apply_data_uid() now goes through host_sudo for mkdir -p + chown so bind-mount roots get created and chowned without password prompts. - core/archipelago/src/api/rpc/package/{install,update,stacks}.rs: podman pull adds --tls-verify=false only for whitelisted registries. - core/archipelago/src/bootstrap.rs: removes stale dev-mode systemd override on startup (live nodes carried it from old installers). - core/archipelago/src/config.rs: ignore ARCHIPELAGO_DEV_MODE in prod binaries — it had been silently rerouting volumes to /tmp. - apps/bitcoin-{core,knots}/manifest.yml: locate bitcoind at runtime so image-layout differences don't break entrypoint. - scripts/app-catalog-image-smoke-test.py: production catalog/image smoke test that probes a target node before users click Install. - .gitignore: cover .codex, .pnpm-store, __pycache__, *.bak. Removes filebrowser.rs.bak and two stale catalog.json.bak files (verified identical to live counterparts). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-01 08:52:29 -04:00
#!/bin/bash
# Build Archipelago backend binary for Debian Linux
set -e
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
BACKEND_DIR="$PROJECT_ROOT/core/archipelago"
OUTPUT_DIR="$SCRIPT_DIR/../build/backend"
echo "🔨 Building Archipelago backend..."
echo " Source: $BACKEND_DIR"
echo " Output: $OUTPUT_DIR"
echo ""
# Create output directory
mkdir -p "$OUTPUT_DIR"
# Check if we should use Docker
USE_DOCKER=false
if [[ "$OSTYPE" == "darwin"* ]]; then
USE_DOCKER=true
echo "🍎 macOS detected - using Docker for Linux build"
elif ! command -v rustc >/dev/null 2>&1; then
USE_DOCKER=true
echo "⚠️ Rust not found - using Docker"
fi
if [ "$USE_DOCKER" = true ]; then
echo "🐳 Building in Docker container..."
docker run --rm \
-v "$PROJECT_ROOT:/workspace" \
-v "$OUTPUT_DIR:/output" \
-w /workspace/core/archipelago \
rust:trixie \
sh -c '
echo "📦 Installing build dependencies..."
apt-get update && apt-get install -y pkg-config libssl-dev
echo "🔨 Building Archipelago backend..."
cargo build --release
echo "📋 Copying binary to output..."
cp ../target/release/archipelago /output/
echo "✅ Build complete!"
ls -lh /output/archipelago
'
else
# Native Linux build
echo "🐧 Building natively..."
cd "$BACKEND_DIR"
cargo build --release
cp "../target/release/archipelago" "$OUTPUT_DIR/archipelago"
fi
# Strip binary for smaller size
if [ -f "$OUTPUT_DIR/archipelago" ]; then
if command -v strip >/dev/null 2>&1 && [[ "$OSTYPE" != "darwin"* ]]; then
strip "$OUTPUT_DIR/archipelago"
fi
echo ""
echo "✅ Backend built: $OUTPUT_DIR/archipelago"
ls -lh "$OUTPUT_DIR/archipelago"
else
echo "❌ Build failed - binary not found"
exit 1
fi