archy/apps/bitcoin-core/manifest.yml

app:
  id: bitcoin-core
  name: Bitcoin Core
  version: 28.4.0
  description: Reference Bitcoin Core node with dynamic prune/full-mode startup based on host disk.

  container_name: bitcoin-core

  container:
    image: 146.59.87.168:3000/lfg2025/bitcoin:28.4
    pull_policy: if-not-present
    network: archy-net
    entrypoint: ["sh", "-lc"]
    custom_args:
      # Sync-speed flags: -par=0 uses every core (was capped at 2 by
      # --cpus=2, now removed for bitcoin/electrumx). -dbcache sized to
      # the IBD sweet spot - 4GB on full nodes, 1GB on pruned. Container
      # --memory=8g (config.rs::get_memory_limit) leaves headroom for
      # mempool + connections.
      - >-
        BITCOIND="$(command -v bitcoind || true)";
        if [ -z "$BITCOIND" ]; then
          BITCOIND="$(find /opt -path '*/bin/bitcoind' -type f 2>/dev/null | sort | tail -n 1)";
        fi;
        if [ -z "$BITCOIND" ]; then
          echo "bitcoind not found in image" >&2;
          exit 127;
        fi;
        RPC_USER="$(printenv BITCOIN_RPC_USER)";
        RPC_PASS="$(printenv BITCOIN_RPC_PASS)";
        RPC_TXRELAY_AUTH="$(printenv BITCOIN_RPC_TXRELAY_RPCAUTH || true)";
        DISK_GB_VALUE="$(printenv DISK_GB || true)";
        RPC_HEADROOM="-rpcthreads=16 -rpcworkqueue=256";
        RPC_TXRELAY_FLAGS="-rpcwhitelistdefault=0";
        if [ -n "$RPC_TXRELAY_AUTH" ]; then
          RPC_TXRELAY_FLAGS="$RPC_TXRELAY_FLAGS -rpcauth=$RPC_TXRELAY_AUTH -rpcwhitelist=txrelay:sendrawtransaction,testmempoolaccept,getmempoolinfo,getrawmempool,getmempoolentry,getnetworkinfo,getblockchaininfo,getblockcount,getblockhash,getblockheader,getrawtransaction,decoderawtransaction,decodescript,estimatesmartfee";
        fi;
        if [ "${DISK_GB_VALUE:-0}" -lt 1000 ]; then
          exec "$BITCOIND" -datadir=/home/bitcoin/.bitcoin -noconf -server=1 -prune=550 -rpcallowip=0.0.0.0/0 -rpcbind=0.0.0.0:8332 -listen=1 -bind=0.0.0.0:8333 -dbcache=1024 -par=0 -maxconnections=125 $RPC_HEADROOM $RPC_TXRELAY_FLAGS -rpcuser="$RPC_USER" -rpcpassword="$RPC_PASS";
        else
          exec "$BITCOIND" -datadir=/home/bitcoin/.bitcoin -noconf -server=1 -txindex=1 -rpcallowip=0.0.0.0/0 -rpcbind=0.0.0.0:8332 -listen=1 -bind=0.0.0.0:8333 -dbcache=4096 -par=0 -maxconnections=125 $RPC_HEADROOM $RPC_TXRELAY_FLAGS -rpcuser="$RPC_USER" -rpcpassword="$RPC_PASS";
        fi
    derived_env:
      - key: DISK_GB
        template: "{{DISK_GB}}"
    secret_env:
      - key: BITCOIN_RPC_PASS
        secret_file: bitcoin-rpc-password
      - key: BITCOIN_RPC_TXRELAY_RPCAUTH
        secret_file: bitcoin-rpc-txrelay-rpcauth
    data_uid: "100101:100101"

  dependencies:
    - storage: 500Gi

  resources:
    cpu_limit: 0
    memory_limit: 4Gi
    disk_limit: 500Gi

  security:
    capabilities: [CHOWN, FOWNER, SETUID, SETGID, DAC_OVERRIDE]
    readonly_root: false
    network_policy: isolated

  ports:
    - host: 8332
      container: 8332
      protocol: tcp
    - host: 8333
      container: 8333
      protocol: tcp

  volumes:
    - type: bind
      source: /var/lib/archipelago/bitcoin
      target: /home/bitcoin/.bitcoin
      options: [rw]

  environment:
    - BITCOIN_RPC_USER=archipelago

  health_check:
    type: tcp
    endpoint: localhost:8332
    interval: 30s
    timeout: 5s
    retries: 3

  bitcoin_integration:
    rpc_access: admin
    sync_required: true
    testnet_support: false
    pruning_support: true
Initial commit 2026-01-24 22:01:51 +00:00			`app:`
			`id: bitcoin-core`
chore: release v1.7.49-alpha 2026-04-30 16:29:56 -04:00			`name: Bitcoin Core`
release(v1.7.35-alpha): rootless-netns self-heal + app update button + bitcoin-core 28.4 + Node DID unification - core/archipelago/src/bootstrap.rs (NEW): embed scripts/container-doctor.sh and image-recipe/configs/archipelago-doctor.{service,timer} via include_str! and sync to disk + enable the timer on every archipelago startup. Idempotent (content-hash compare), dev-box symlink guard keeps the git checkout untouched, best-effort (warn-only on failure) so bootstrap never blocks server readiness. Wired in main.rs as a background tokio task. - scripts/container-doctor.sh: add fix_rootless_netns_egress(). Detects when the rootless-netns has lost its pasta tap (container-to-container still works but outbound DNS/TCP fails) via an nsenter probe into aardvark-dns; with a two-probe 10s debounce to rule out transients and a host-precheck that bails out if the host itself is offline. When the rootless-netns is truly broken, does a graceful podman stop --all / start --all so pasta + aardvark-dns rebuild the netns from scratch. Bitcoin-knots and every other outbound container recover in one cycle. - core/archipelago/src/update.rs: host_sudo → pub(crate) so bootstrap.rs can reuse the existing systemd-run escape hatch. - apps/bitcoin-core/manifest.yml: bump app version 24.0.0 → 28.4.0 and image bitcoin/bitcoin:24.0 → bitcoin/bitcoin:28.4. Resources aligned with the real container-specs.sh large-disk tune (4 GiB memory cap, cpu_limit: 0 so bitcoind can run -par=auto across every core). - neode-ui/src/views/apps/AppCard.vue + Apps.vue: add an Update button + Updating spinner to every app card that has available-update set. Wires through serverStore.updatePackage(id) — the same RPC the detail view already calls. common.update / common.updating i18n keys added in en.json and es.json. - core/archipelago/src/identity_manager.rs: add create_from_signing_key() that mirrors an existing Ed25519 key as a manager-level identity with a deterministic id (`node-<pubkey16>`). Idempotent across restarts, gets the hex-SVG master avatar. - core/archipelago/src/server.rs: the auto-create path on first boot now mirrors the node's own signing_key (seed-derived on onboarded installs) as a "Node" identity instead of generating a random "Default" keypair. Once this ships, the DID on the Web5 DID Status card (via node.did RPC), the Node entry on the Identities page (via identity.list), and the DID used for peer-to-peer connects (via server_info.pubkey) all resolve to the same seed-derived pubkey. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-04-22 08:29:56 -04:00			`version: 28.4.0`
chore: release v1.7.49-alpha 2026-04-30 16:29:56 -04:00			`description: Reference Bitcoin Core node with dynamic prune/full-mode startup based on host disk.`
feat(orchestrator): complete container migration and release hardening 2026-04-28 15:00:58 -04:00
chore: release v1.7.49-alpha 2026-04-30 16:29:56 -04:00			`container_name: bitcoin-core`
release(v1.7.35-alpha): rootless-netns self-heal + app update button + bitcoin-core 28.4 + Node DID unification - core/archipelago/src/bootstrap.rs (NEW): embed scripts/container-doctor.sh and image-recipe/configs/archipelago-doctor.{service,timer} via include_str! and sync to disk + enable the timer on every archipelago startup. Idempotent (content-hash compare), dev-box symlink guard keeps the git checkout untouched, best-effort (warn-only on failure) so bootstrap never blocks server readiness. Wired in main.rs as a background tokio task. - scripts/container-doctor.sh: add fix_rootless_netns_egress(). Detects when the rootless-netns has lost its pasta tap (container-to-container still works but outbound DNS/TCP fails) via an nsenter probe into aardvark-dns; with a two-probe 10s debounce to rule out transients and a host-precheck that bails out if the host itself is offline. When the rootless-netns is truly broken, does a graceful podman stop --all / start --all so pasta + aardvark-dns rebuild the netns from scratch. Bitcoin-knots and every other outbound container recover in one cycle. - core/archipelago/src/update.rs: host_sudo → pub(crate) so bootstrap.rs can reuse the existing systemd-run escape hatch. - apps/bitcoin-core/manifest.yml: bump app version 24.0.0 → 28.4.0 and image bitcoin/bitcoin:24.0 → bitcoin/bitcoin:28.4. Resources aligned with the real container-specs.sh large-disk tune (4 GiB memory cap, cpu_limit: 0 so bitcoind can run -par=auto across every core). - neode-ui/src/views/apps/AppCard.vue + Apps.vue: add an Update button + Updating spinner to every app card that has available-update set. Wires through serverStore.updatePackage(id) — the same RPC the detail view already calls. common.update / common.updating i18n keys added in en.json and es.json. - core/archipelago/src/identity_manager.rs: add create_from_signing_key() that mirrors an existing Ed25519 key as a manager-level identity with a deterministic id (`node-<pubkey16>`). Idempotent across restarts, gets the hex-SVG master avatar. - core/archipelago/src/server.rs: the auto-create path on first boot now mirrors the node's own signing_key (seed-derived on onboarded installs) as a "Node" identity instead of generating a random "Default" keypair. Once this ships, the DID on the Web5 DID Status card (via node.did RPC), the Node entry on the Identities page (via identity.list), and the DID used for peer-to-peer connects (via server_info.pubkey) all resolve to the same seed-derived pubkey. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-04-22 08:29:56 -04:00
Initial commit 2026-01-24 22:01:51 +00:00			`container:`
chore: release v1.7.49-alpha 2026-04-30 16:29:56 -04:00			`image: 146.59.87.168:3000/lfg2025/bitcoin:28.4`
feat(orchestrator): complete container migration and release hardening 2026-04-28 15:00:58 -04:00			`pull_policy: if-not-present`
			`network: archy-net`
			`entrypoint: ["sh", "-lc"]`
			`custom_args:`
chore: release v1.7.47-alpha Sync-perf tuning for bitcoin/bitcoin-core/bitcoin-knots/electrumx. - Drop the --cpus=2 cap on bitcoin/electrumx variants. Script verification is parallelizable; the cap halved IBD speed on 4-8 core machines. - Bump bitcoin --memory 4g→8g so dbcache=4096 has headroom for mempool + connection buffers + I/O. 4g was OOM-prone during heavy IBD. - Bump electrumx --memory 1g→2g + add CACHE_MB=2048 + MAX_SEND=10MB. - bitcoin-core CLI args gain -dbcache=4096 -par=0 -maxconnections=125. - bitcoin-knots manifest matched (1024MB pruned / 4096MB full + par=0). Future v2: host-RAM-aware dbcache scaling. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-04-29 15:47:51 -04:00			`# Sync-speed flags: -par=0 uses every core (was capped at 2 by`
			`# --cpus=2, now removed for bitcoin/electrumx). -dbcache sized to`
chore: baseline codex hardening before lifecycle refactor Snapshots the in-flight hardening work so subsequent reconcile/Quadlet phases land on a clean before/after diff. Changes: - core/container/src/podman_client.rs: image_uses_insecure_registry() whitelist for the OVH (146.59.87.168:3000) and legacy Hetzner (23.182.128.160:3000) HTTP mirrors; podman_network_settings() lifts custom networks into the Networks map so containers can join them. - core/archipelago/src/container/prod_orchestrator.rs: ensure_container_network() creates per-manifest networks on demand; apply_data_uid() now goes through host_sudo for mkdir -p + chown so bind-mount roots get created and chowned without password prompts. - core/archipelago/src/api/rpc/package/{install,update,stacks}.rs: podman pull adds --tls-verify=false only for whitelisted registries. - core/archipelago/src/bootstrap.rs: removes stale dev-mode systemd override on startup (live nodes carried it from old installers). - core/archipelago/src/config.rs: ignore ARCHIPELAGO_DEV_MODE in prod binaries — it had been silently rerouting volumes to /tmp. - apps/bitcoin-{core,knots}/manifest.yml: locate bitcoind at runtime so image-layout differences don't break entrypoint. - scripts/app-catalog-image-smoke-test.py: production catalog/image smoke test that probes a target node before users click Install. - .gitignore: cover .codex, .pnpm-store, __pycache__, *.bak. Removes filebrowser.rs.bak and two stale catalog.json.bak files (verified identical to live counterparts). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-01 08:52:29 -04:00			`# the IBD sweet spot - 4GB on full nodes, 1GB on pruned. Container`
chore: release v1.7.47-alpha Sync-perf tuning for bitcoin/bitcoin-core/bitcoin-knots/electrumx. - Drop the --cpus=2 cap on bitcoin/electrumx variants. Script verification is parallelizable; the cap halved IBD speed on 4-8 core machines. - Bump bitcoin --memory 4g→8g so dbcache=4096 has headroom for mempool + connection buffers + I/O. 4g was OOM-prone during heavy IBD. - Bump electrumx --memory 1g→2g + add CACHE_MB=2048 + MAX_SEND=10MB. - bitcoin-core CLI args gain -dbcache=4096 -par=0 -maxconnections=125. - bitcoin-knots manifest matched (1024MB pruned / 4096MB full + par=0). Future v2: host-RAM-aware dbcache scaling. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-04-29 15:47:51 -04:00			`# --memory=8g (config.rs::get_memory_limit) leaves headroom for`
			`# mempool + connections.`
feat(orchestrator): complete container migration and release hardening 2026-04-28 15:00:58 -04:00			`- >-`
chore: baseline codex hardening before lifecycle refactor Snapshots the in-flight hardening work so subsequent reconcile/Quadlet phases land on a clean before/after diff. Changes: - core/container/src/podman_client.rs: image_uses_insecure_registry() whitelist for the OVH (146.59.87.168:3000) and legacy Hetzner (23.182.128.160:3000) HTTP mirrors; podman_network_settings() lifts custom networks into the Networks map so containers can join them. - core/archipelago/src/container/prod_orchestrator.rs: ensure_container_network() creates per-manifest networks on demand; apply_data_uid() now goes through host_sudo for mkdir -p + chown so bind-mount roots get created and chowned without password prompts. - core/archipelago/src/api/rpc/package/{install,update,stacks}.rs: podman pull adds --tls-verify=false only for whitelisted registries. - core/archipelago/src/bootstrap.rs: removes stale dev-mode systemd override on startup (live nodes carried it from old installers). - core/archipelago/src/config.rs: ignore ARCHIPELAGO_DEV_MODE in prod binaries — it had been silently rerouting volumes to /tmp. - apps/bitcoin-{core,knots}/manifest.yml: locate bitcoind at runtime so image-layout differences don't break entrypoint. - scripts/app-catalog-image-smoke-test.py: production catalog/image smoke test that probes a target node before users click Install. - .gitignore: cover .codex, .pnpm-store, __pycache__, *.bak. Removes filebrowser.rs.bak and two stale catalog.json.bak files (verified identical to live counterparts). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-01 08:52:29 -04:00			`BITCOIND="$(command -v bitcoind \|\| true)";`
			`if [ -z "$BITCOIND" ]; then`
			`BITCOIND="$(find /opt -path '*/bin/bitcoind' -type f 2>/dev/null \| sort \| tail -n 1)";`
			`fi;`
			`if [ -z "$BITCOIND" ]; then`
			`echo "bitcoind not found in image" >&2;`
			`exit 127;`
			`fi;`
chore: release v1.7.84-alpha 2026-06-11 04:44:58 -04:00			`RPC_USER="$(printenv BITCOIN_RPC_USER)";`
			`RPC_PASS="$(printenv BITCOIN_RPC_PASS)";`
			`RPC_TXRELAY_AUTH="$(printenv BITCOIN_RPC_TXRELAY_RPCAUTH \|\| true)";`
			`DISK_GB_VALUE="$(printenv DISK_GB \|\| true)";`
			`RPC_HEADROOM="-rpcthreads=16 -rpcworkqueue=256";`
			`RPC_TXRELAY_FLAGS="-rpcwhitelistdefault=0";`
			`if [ -n "$RPC_TXRELAY_AUTH" ]; then`
			`RPC_TXRELAY_FLAGS="$RPC_TXRELAY_FLAGS -rpcauth=$RPC_TXRELAY_AUTH -rpcwhitelist=txrelay:sendrawtransaction,testmempoolaccept,getmempoolinfo,getrawmempool,getmempoolentry,getnetworkinfo,getblockchaininfo,getblockcount,getblockhash,getblockheader,getrawtransaction,decoderawtransaction,decodescript,estimatesmartfee";`
			`fi;`
			`if [ "${DISK_GB_VALUE:-0}" -lt 1000 ]; then`
			`exec "$BITCOIND" -datadir=/home/bitcoin/.bitcoin -noconf -server=1 -prune=550 -rpcallowip=0.0.0.0/0 -rpcbind=0.0.0.0:8332 -listen=1 -bind=0.0.0.0:8333 -dbcache=1024 -par=0 -maxconnections=125 $RPC_HEADROOM $RPC_TXRELAY_FLAGS -rpcuser="$RPC_USER" -rpcpassword="$RPC_PASS";`
feat(orchestrator): complete container migration and release hardening 2026-04-28 15:00:58 -04:00			`else`
chore: release v1.7.84-alpha 2026-06-11 04:44:58 -04:00			`exec "$BITCOIND" -datadir=/home/bitcoin/.bitcoin -noconf -server=1 -txindex=1 -rpcallowip=0.0.0.0/0 -rpcbind=0.0.0.0:8332 -listen=1 -bind=0.0.0.0:8333 -dbcache=4096 -par=0 -maxconnections=125 $RPC_HEADROOM $RPC_TXRELAY_FLAGS -rpcuser="$RPC_USER" -rpcpassword="$RPC_PASS";`
feat(orchestrator): complete container migration and release hardening 2026-04-28 15:00:58 -04:00			`fi`
			`derived_env:`
			`- key: DISK_GB`
			`template: "{{DISK_GB}}"`
			`secret_env:`
			`- key: BITCOIN_RPC_PASS`
			`secret_file: bitcoin-rpc-password`
chore: release v1.7.84-alpha 2026-06-11 04:44:58 -04:00			`- key: BITCOIN_RPC_TXRELAY_RPCAUTH`
			`secret_file: bitcoin-rpc-txrelay-rpcauth`
feat(orchestrator): complete container migration and release hardening 2026-04-28 15:00:58 -04:00			`data_uid: "100101:100101"`

Initial commit 2026-01-24 22:01:51 +00:00			`dependencies:`
feat(orchestrator): complete container migration and release hardening 2026-04-28 15:00:58 -04:00			`- storage: 500Gi`

Initial commit 2026-01-24 22:01:51 +00:00			`resources:`
feat(orchestrator): complete container migration and release hardening 2026-04-28 15:00:58 -04:00			`cpu_limit: 0`
			`memory_limit: 4Gi`
Initial commit 2026-01-24 22:01:51 +00:00			`disk_limit: 500Gi`
feat(orchestrator): complete container migration and release hardening 2026-04-28 15:00:58 -04:00
Initial commit 2026-01-24 22:01:51 +00:00			`security:`
feat(orchestrator): complete container migration and release hardening 2026-04-28 15:00:58 -04:00			`capabilities: [CHOWN, FOWNER, SETUID, SETGID, DAC_OVERRIDE]`
			`readonly_root: false`
Initial commit 2026-01-24 22:01:51 +00:00			`network_policy: isolated`
feat(orchestrator): complete container migration and release hardening 2026-04-28 15:00:58 -04:00
Initial commit 2026-01-24 22:01:51 +00:00			`ports:`
			`- host: 8332`
			`container: 8332`
feat(orchestrator): complete container migration and release hardening 2026-04-28 15:00:58 -04:00			`protocol: tcp`
Initial commit 2026-01-24 22:01:51 +00:00			`- host: 8333`
			`container: 8333`
feat(orchestrator): complete container migration and release hardening 2026-04-28 15:00:58 -04:00			`protocol: tcp`

Initial commit 2026-01-24 22:01:51 +00:00			`volumes:`
			`- type: bind`
			`source: /var/lib/archipelago/bitcoin`
			`target: /home/bitcoin/.bitcoin`
			`options: [rw]`
feat(orchestrator): complete container migration and release hardening 2026-04-28 15:00:58 -04:00
Initial commit 2026-01-24 22:01:51 +00:00			`environment:`
feat(orchestrator): complete container migration and release hardening 2026-04-28 15:00:58 -04:00			`- BITCOIN_RPC_USER=archipelago`

Initial commit 2026-01-24 22:01:51 +00:00			`health_check:`
feat(orchestrator): complete container migration and release hardening 2026-04-28 15:00:58 -04:00			`type: tcp`
			`endpoint: localhost:8332`
Initial commit 2026-01-24 22:01:51 +00:00			`interval: 30s`
			`timeout: 5s`
			`retries: 3`
feat(orchestrator): complete container migration and release hardening 2026-04-28 15:00:58 -04:00
Initial commit 2026-01-24 22:01:51 +00:00			`bitcoin_integration:`
			`rpc_access: admin`
			`sync_required: true`
feat(orchestrator): complete container migration and release hardening 2026-04-28 15:00:58 -04:00			`testnet_support: false`
Initial commit 2026-01-24 22:01:51 +00:00			`pruning_support: true`