2026-03-22 03:30:21 +00:00
|
|
|
/** Static configuration maps for app session routing and display */
|
|
|
|
|
|
|
|
|
|
export type DisplayMode = 'panel' | 'overlay' | 'fullscreen'
|
|
|
|
|
|
|
|
|
|
export const DISPLAY_MODE_KEY = 'archipelago_app_display_mode'
|
|
|
|
|
|
|
|
|
|
/** Container apps: direct port access (avoids root-relative asset breakage under /app/xxx/ proxy) */
|
|
|
|
|
export const APP_PORTS: Record<string, number> = {
|
|
|
|
|
'bitcoin-knots': 8334,
|
release(v1.7.37-alpha): bitcoin-core install fixes + dynamic node UI + full-archive default
Install flow
- api/rpc/package/install.rs: always append the literal image URL as a
last-resort pull candidate in do_pull_image, so images not carried by
any configured mirror (docker.io/bitcoin/bitcoin:28.4) still install
instead of masquerading as a generic pull failure across every mirror.
- api/rpc/package/install.rs: write_bitcoin_conf now skips on any stat
error, not just "file exists". Once bitcoin-knots' first-boot chowns
/var/lib/archipelago/bitcoin into the container's user namespace (700
perms, UID 100100/100101), the archipelago daemon can't even traverse
in — try_exists returns Err which unwrap_or(false) treated as "not
present" and drove a doomed write. Now errors out of the directory
traversal are treated as "conf already owned by container user" and
the write is skipped. Mirrors the lnd.conf pattern.
- api/rpc/package/install.rs: drop the hardcoded `prune=550` from the
conf default. Operators with multi-TB drives shouldn't be silently
pruned; users who want a pruned node can set it in bitcoin.conf
themselves. Full archive is the only honest default.
- api/rpc/package/config.rs: bitcoin-core now passes explicit
-server/-rpcbind/-rpcallowip/-rpcport/-printtoconsole/-datadir CLI
args. Vanilla bitcoin/bitcoin:28.4 has no entrypoint wrapper and
reads conf + argv only; without these the RPC listens on 127.0.0.1
inside the container and rootlessport can't reach it, so the
bitcoin-ui companion gets 502 on every /bitcoin-rpc/ call.
Bitcoin Knots keeps its own entrypoint-driven defaults.
- container/docker_packages.rs: split bitcoin-core out of the shared
AppMetadata arm. bitcoin-core now surfaces as "Bitcoin Core" with
bitcoin-core.svg and a Reference-implementation description; the
bitcoin + bitcoin-knots ids keep the Knots branding. Fixes the home
card showing "Bitcoin Knots" for a Core install.
Bitcoin node UI (docker/bitcoin-ui)
- index.html: impl name/tagline/logo now dynamic. applyImplBranding()
reads subversion from getnetworkinfo — /Satoshi:X/Knots:Y/ resolves
to Bitcoin Knots, plain /Satoshi:X/ resolves to Bitcoin Core. Both
get their own icon and subtitle. Settings modal replaced its
hardcoded Regtest/txindex=1/port-18443 placeholders with live values
from getblockchaininfo + getindexinfo + getzmqnotifications.
- index.html: new Storage info card (Full Archive · X GB /
Pruned · X GB from blockchainInfo.pruned + size_on_disk) visible on
the main dashboard, same level as Network. Settings modal mirrors it
with the prune height when applicable.
- Dockerfile + assets/: bitcoin-core.svg, bitcoin-knots.webp, and the
bg-network.jpg used by the dashboard are now COPY'd into the image
under /usr/share/nginx/html/assets. Previously the <img src> pointed
at paths that 404'd into the SPA fallback and the onerror handler
hid the broken logo silently.
Frontend
- appSession/appSessionConfig.ts: add bitcoin-core to APP_PORTS (8334),
HTTPS_PROXY_PATHS (/app/bitcoin-ui/), and APP_TITLES (Bitcoin Core).
Without these the AppSessionFrame showed "No URL found for
bitcoin-core" and the home/app-list title fell through to the raw id.
- settings/AccountInfoSection.vue: backfill What's New entries for
v1.7.31 through v1.7.37 that had been missed in earlier cuts.
Release plumbing
- releases/v1.7.37-alpha/: binary + frontend tarball.
- releases/manifest.json: v1.7.37-alpha, sha256/size refreshed.
- Cargo.toml / package.json: version bumps.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-22 11:03:47 -04:00
|
|
|
'bitcoin-core': 8334,
|
2026-03-22 03:30:21 +00:00
|
|
|
'bitcoin-ui': 8334,
|
|
|
|
|
'electrumx': 50002,
|
|
|
|
|
'electrs': 50002,
|
|
|
|
|
'archy-electrs-ui': 50002,
|
|
|
|
|
'mempool-electrs': 50002,
|
|
|
|
|
'btcpay-server': 23000,
|
2026-05-19 21:45:17 -04:00
|
|
|
'saleor': 9010,
|
2026-05-05 11:29:18 -04:00
|
|
|
'lnd': 18083,
|
|
|
|
|
'archy-lnd-ui': 18083,
|
2026-03-22 03:30:21 +00:00
|
|
|
'mempool': 4080,
|
|
|
|
|
'mempool-web': 4080,
|
|
|
|
|
'archy-mempool-web': 4080,
|
|
|
|
|
'homeassistant': 8123,
|
|
|
|
|
'grafana': 3000,
|
|
|
|
|
'searxng': 8888,
|
|
|
|
|
'ollama': 11434,
|
|
|
|
|
'onlyoffice': 8044,
|
|
|
|
|
'nextcloud': 8085,
|
|
|
|
|
'vaultwarden': 8082,
|
|
|
|
|
'jellyfin': 8096,
|
|
|
|
|
'photoprism': 2342,
|
|
|
|
|
'immich': 2283,
|
|
|
|
|
'immich_server': 2283,
|
|
|
|
|
'filebrowser': 8083,
|
2026-05-17 17:30:04 -04:00
|
|
|
'nginx-proxy-manager': 8081,
|
2026-04-28 15:00:58 -04:00
|
|
|
'gitea': 3001,
|
2026-03-22 03:30:21 +00:00
|
|
|
'portainer': 9000,
|
2026-05-19 15:52:50 -04:00
|
|
|
'netbird': 8087,
|
2026-05-05 11:29:18 -04:00
|
|
|
'tailscale': 8240,
|
2026-04-28 15:00:58 -04:00
|
|
|
'uptime-kuma': 3002,
|
2026-03-22 03:30:21 +00:00
|
|
|
'fedimint': 8175,
|
|
|
|
|
'fedimintd': 8175,
|
|
|
|
|
'fedimint-gateway': 8176,
|
2026-04-30 16:29:56 -04:00
|
|
|
'indeedhub': 7778,
|
2026-04-11 19:59:36 +01:00
|
|
|
'botfights': 9100,
|
2026-03-22 03:30:21 +00:00
|
|
|
'dwn': 3100,
|
|
|
|
|
'endurain': 8080,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/** Apps that need nginx proxy for iframe embedding.
|
2026-04-30 16:29:56 -04:00
|
|
|
* IndeeHub web UI is on 7778. Port 7777 is the Nostr relay. */
|
2026-04-28 15:00:58 -04:00
|
|
|
export const PROXY_APPS: Record<string, string> = {
|
|
|
|
|
'gitea': '/app/gitea/',
|
|
|
|
|
'nginx-proxy-manager': '/app/nginx-proxy-manager/',
|
|
|
|
|
'uptime-kuma': '/app/uptime-kuma/',
|
|
|
|
|
}
|
2026-03-22 03:30:21 +00:00
|
|
|
|
2026-05-05 11:29:18 -04:00
|
|
|
/** App launches use direct ports. Do not route through /app/... path proxies. */
|
2026-03-22 03:30:21 +00:00
|
|
|
export const HTTPS_PROXY_PATHS: Record<string, string> = {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/** External HTTPS apps -- always loaded directly */
|
|
|
|
|
export const EXTERNAL_URLS: Record<string, string> = {
|
|
|
|
|
'nwnn': 'https://nwnn.l484.com',
|
|
|
|
|
'484-kitchen': 'https://484.kitchen',
|
|
|
|
|
'call-the-operator': 'https://cta.tx1138.com',
|
2026-05-17 19:22:18 -04:00
|
|
|
'arch-presentation': 'https://present.l484.com',
|
2026-03-22 03:30:21 +00:00
|
|
|
'syntropy-institute': 'https://syntropy.institute',
|
|
|
|
|
't-zero': 'https://teeminuszero.net',
|
|
|
|
|
'nostrudel': 'https://nostrudel.ninja',
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export const APP_TITLES: Record<string, string> = {
|
release(v1.7.37-alpha): bitcoin-core install fixes + dynamic node UI + full-archive default
Install flow
- api/rpc/package/install.rs: always append the literal image URL as a
last-resort pull candidate in do_pull_image, so images not carried by
any configured mirror (docker.io/bitcoin/bitcoin:28.4) still install
instead of masquerading as a generic pull failure across every mirror.
- api/rpc/package/install.rs: write_bitcoin_conf now skips on any stat
error, not just "file exists". Once bitcoin-knots' first-boot chowns
/var/lib/archipelago/bitcoin into the container's user namespace (700
perms, UID 100100/100101), the archipelago daemon can't even traverse
in — try_exists returns Err which unwrap_or(false) treated as "not
present" and drove a doomed write. Now errors out of the directory
traversal are treated as "conf already owned by container user" and
the write is skipped. Mirrors the lnd.conf pattern.
- api/rpc/package/install.rs: drop the hardcoded `prune=550` from the
conf default. Operators with multi-TB drives shouldn't be silently
pruned; users who want a pruned node can set it in bitcoin.conf
themselves. Full archive is the only honest default.
- api/rpc/package/config.rs: bitcoin-core now passes explicit
-server/-rpcbind/-rpcallowip/-rpcport/-printtoconsole/-datadir CLI
args. Vanilla bitcoin/bitcoin:28.4 has no entrypoint wrapper and
reads conf + argv only; without these the RPC listens on 127.0.0.1
inside the container and rootlessport can't reach it, so the
bitcoin-ui companion gets 502 on every /bitcoin-rpc/ call.
Bitcoin Knots keeps its own entrypoint-driven defaults.
- container/docker_packages.rs: split bitcoin-core out of the shared
AppMetadata arm. bitcoin-core now surfaces as "Bitcoin Core" with
bitcoin-core.svg and a Reference-implementation description; the
bitcoin + bitcoin-knots ids keep the Knots branding. Fixes the home
card showing "Bitcoin Knots" for a Core install.
Bitcoin node UI (docker/bitcoin-ui)
- index.html: impl name/tagline/logo now dynamic. applyImplBranding()
reads subversion from getnetworkinfo — /Satoshi:X/Knots:Y/ resolves
to Bitcoin Knots, plain /Satoshi:X/ resolves to Bitcoin Core. Both
get their own icon and subtitle. Settings modal replaced its
hardcoded Regtest/txindex=1/port-18443 placeholders with live values
from getblockchaininfo + getindexinfo + getzmqnotifications.
- index.html: new Storage info card (Full Archive · X GB /
Pruned · X GB from blockchainInfo.pruned + size_on_disk) visible on
the main dashboard, same level as Network. Settings modal mirrors it
with the prune height when applicable.
- Dockerfile + assets/: bitcoin-core.svg, bitcoin-knots.webp, and the
bg-network.jpg used by the dashboard are now COPY'd into the image
under /usr/share/nginx/html/assets. Previously the <img src> pointed
at paths that 404'd into the SPA fallback and the onerror handler
hid the broken logo silently.
Frontend
- appSession/appSessionConfig.ts: add bitcoin-core to APP_PORTS (8334),
HTTPS_PROXY_PATHS (/app/bitcoin-ui/), and APP_TITLES (Bitcoin Core).
Without these the AppSessionFrame showed "No URL found for
bitcoin-core" and the home/app-list title fell through to the raw id.
- settings/AccountInfoSection.vue: backfill What's New entries for
v1.7.31 through v1.7.37 that had been missed in earlier cuts.
Release plumbing
- releases/v1.7.37-alpha/: binary + frontend tarball.
- releases/manifest.json: v1.7.37-alpha, sha256/size refreshed.
- Cargo.toml / package.json: version bumps.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-22 11:03:47 -04:00
|
|
|
'bitcoin-knots': 'Bitcoin Knots', 'bitcoin-core': 'Bitcoin Core',
|
2026-05-19 20:11:22 -04:00
|
|
|
'btcpay-server': 'BTCPay Server', 'saleor': 'Saleor', 'indeedhub': 'Indeehub',
|
2026-04-12 06:10:56 -04:00
|
|
|
'botfights': 'BotFights', 'gitea': 'Gitea', '484-kitchen': '484 Kitchen', 'arch-presentation': 'Presentation',
|
2026-03-22 03:30:21 +00:00
|
|
|
'homeassistant': 'Home Assistant', 'uptime-kuma': 'Uptime Kuma',
|
release(v1.7.38-alpha): onboarding auto-heal + silent returning logins + app-store trim
- auth.rs now infers onboarding-complete from setup_complete + password_hash so
nodes stop bouncing users through the intro wizard after browser clear / update
/ reboot; the flag self-heals to disk on next check
- frontend: "backend uncertain" no longer defaults to /onboarding/intro —
useOnboarding returns null + callers poll / retry instead of flashing the wizard
- login sounds (synthwave, welcome voice, pop, whoosh, oomph) gated by
isFirstInstallPhase(); typing sounds unaffected
- removed FIPS app, Nostr Relay, Nostr VPN, Routstr, Penpot from catalog,
frontend config, Rust AppMetadata + install dispatch + install_penpot_stack;
docker/fips-ui + docker/nostr-vpn-ui + apps/penpot dirs and 5 icons deleted;
15 image versions deleted from tx1138, .168, gitea-local registries (.160
Gitea was 502 at release time — follow-up)
- AIUI baked into frontend release tarball via demo/aiui/; deploy-to-target
falls back to demo/aiui/ when the AIUI sibling checkout is missing
- prebuild hook syncs app-catalog/catalog.json → public/catalog.json so the
two copies can no longer drift (was the source of the "apps still visible"
bug — public/ had stale data)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-22 13:02:24 -04:00
|
|
|
'nginx-proxy-manager': 'Nginx Proxy Manager',
|
2026-03-22 03:30:21 +00:00
|
|
|
'call-the-operator': 'Call The Operator', 'syntropy-institute': 'Syntropy Institute',
|
|
|
|
|
't-zero': 'T-Zero', 'nostrudel': 'noStrudel',
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/** Apps that set X-Frame-Options and MUST open in a new tab (can't iframe) */
|
|
|
|
|
export const NEW_TAB_APPS = new Set([
|
|
|
|
|
'btcpay-server',
|
|
|
|
|
'grafana',
|
|
|
|
|
'photoprism',
|
|
|
|
|
'homeassistant',
|
|
|
|
|
'vaultwarden',
|
|
|
|
|
'nextcloud',
|
|
|
|
|
'uptime-kuma',
|
|
|
|
|
'portainer',
|
|
|
|
|
'onlyoffice',
|
|
|
|
|
'nginx-proxy-manager',
|
2026-04-28 15:00:58 -04:00
|
|
|
'gitea',
|
2026-03-22 03:30:21 +00:00
|
|
|
'tailscale',
|
|
|
|
|
])
|
|
|
|
|
|
|
|
|
|
/** Sites known to block iframes -- skip the timeout and go straight to fallback */
|
|
|
|
|
export const IFRAME_BLOCKED_APPS = new Set<string>([])
|
|
|
|
|
|
2026-04-28 15:00:58 -04:00
|
|
|
/** Resolve app URL using direct port mapping (source of truth) */
|
2026-05-19 21:45:17 -04:00
|
|
|
export function resolveAppUrl(id: string, routeQueryPath?: string, runtimeUrl?: string): string {
|
2026-03-22 03:30:21 +00:00
|
|
|
// External HTTPS apps
|
|
|
|
|
const ext = EXTERNAL_URLS[id]
|
|
|
|
|
if (ext) return ext
|
|
|
|
|
|
2026-05-01 05:02:39 -04:00
|
|
|
// Bitcoin UI is a host-network companion on :8334. Do not launch it via
|
|
|
|
|
// /app/bitcoin-ui/: the static UI is built for root and renders a blank
|
|
|
|
|
// shell when proxied under a path prefix on some nodes.
|
chore: release v1.7.45-alpha
Resilience-validated release. Three full sweeps of the new resilience
harness against .228 confirm no shipstoppers.
Big user-visible:
- Bitcoin RPC auth durably correct via host-rendered nginx.conf bind-mount,
replaces fragile post-start exec that failed under restricted-cap rootless
podman ("crun: write cgroup.procs: Permission denied")
- Multi-container stack installs (indeedhub, immich, btcpay, mempool) now
emit phase events at every boundary so the progress bar advances
- Apps no longer vanish from the dashboard mid-install (absent-scanner skips
packages in transitional states)
- Indeedhub fresh installs work end-to-end (was 8500+ restart loop): five
missing env vars (DATABASE_PORT, QUEUE_HOST, QUEUE_PORT,
S3_PRIVATE_BUCKET_NAME, AES_MASTER_SECRET) added to install code
- Tailscale install fixed: --entrypoint string was being passed as a single
shell-line arg; switched to custom_args array
- Catalog cleaned of broken entries (dwn, endurain, ollama removed; nextcloud
restored on docker.io)
- Bitcoin Core update path uses correct image (was looking for nonexistent
lfg2025/bitcoin:28.4)
- ISO installs now allocate swap on the encrypted data partition
Infra:
- New resilience harness (scripts/resilience/) — black-box state-machine
tester, every app × every transition. Run before each release.
Sweep #3 final: PASS 107 / FAIL 12 / SKIP 14. The 12 fails are 1 cosmetic
(homeassistant trusted_hosts), 8 harness/timing false-positives, and 3
non-shipstopper tracked items. Down from 23 in baseline sweep #1.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-29 12:31:45 -04:00
|
|
|
if (id === 'bitcoin-knots' || id === 'bitcoin-core' || id === 'bitcoin-ui') {
|
2026-05-01 05:02:39 -04:00
|
|
|
return 'http://' + window.location.hostname + ':8334'
|
chore: release v1.7.45-alpha
Resilience-validated release. Three full sweeps of the new resilience
harness against .228 confirm no shipstoppers.
Big user-visible:
- Bitcoin RPC auth durably correct via host-rendered nginx.conf bind-mount,
replaces fragile post-start exec that failed under restricted-cap rootless
podman ("crun: write cgroup.procs: Permission denied")
- Multi-container stack installs (indeedhub, immich, btcpay, mempool) now
emit phase events at every boundary so the progress bar advances
- Apps no longer vanish from the dashboard mid-install (absent-scanner skips
packages in transitional states)
- Indeedhub fresh installs work end-to-end (was 8500+ restart loop): five
missing env vars (DATABASE_PORT, QUEUE_HOST, QUEUE_PORT,
S3_PRIVATE_BUCKET_NAME, AES_MASTER_SECRET) added to install code
- Tailscale install fixed: --entrypoint string was being passed as a single
shell-line arg; switched to custom_args array
- Catalog cleaned of broken entries (dwn, endurain, ollama removed; nextcloud
restored on docker.io)
- Bitcoin Core update path uses correct image (was looking for nonexistent
lfg2025/bitcoin:28.4)
- ISO installs now allocate swap on the encrypted data partition
Infra:
- New resilience harness (scripts/resilience/) — black-box state-machine
tester, every app × every transition. Run before each release.
Sweep #3 final: PASS 107 / FAIL 12 / SKIP 14. The 12 fails are 1 cosmetic
(homeassistant trusted_hosts), 8 harness/timing false-positives, and 3
non-shipstopper tracked items. Down from 23 in baseline sweep #1.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-29 12:31:45 -04:00
|
|
|
}
|
|
|
|
|
|
2026-05-05 11:29:18 -04:00
|
|
|
// Local apps launch by host port.
|
2026-03-22 03:30:21 +00:00
|
|
|
const port = APP_PORTS[id]
|
|
|
|
|
if (!port) return ''
|
2026-04-28 15:00:58 -04:00
|
|
|
|
2026-05-05 11:29:18 -04:00
|
|
|
let base = 'http://' + window.location.hostname + ':' + String(port)
|
2026-03-22 03:30:21 +00:00
|
|
|
if (routeQueryPath) base += routeQueryPath
|
|
|
|
|
return base
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/** Resolve a human-readable title for an app */
|
|
|
|
|
export function resolveAppTitle(id: string): string {
|
|
|
|
|
return APP_TITLES[id] || id.replace(/-/g, ' ').replace(/\b\w/g, c => c.toUpperCase())
|
|
|
|
|
}
|