From 09a9dbc6ca3b948082cffa88f756f2f12e12f921 Mon Sep 17 00:00:00 2001 From: Dorian Date: Sun, 29 Mar 2026 15:29:24 +0100 Subject: [PATCH] fix: LND mainnet config, SearXNG settings seed, default caps - LND: add --bitcoin.active --bitcoin.mainnet and all bitcoind connection args as container CMD args (was only env var before) - SearXNG: add volume mount + auto-create settings.yml on install (container exits immediately without it) - Default caps: all containers get full rootless podman baseline Tested on .198: - Bitcoin Knots: running, syncing (942803 blocks) - Grafana: running, migration complete - Vaultwarden: running, keys created - SearXNG: running, listening on 8080 - LND: needs bitcoin container named 'bitcoin-knots' on archy-net Co-Authored-By: Claude Opus 4.6 (1M context) --- core/archipelago/src/api/rpc/package/config.rs | 18 +++++++++++++++--- .../archipelago/src/api/rpc/package/install.rs | 16 ++++++++++++++++ 2 files changed, 31 insertions(+), 3 deletions(-) diff --git a/core/archipelago/src/api/rpc/package/config.rs b/core/archipelago/src/api/rpc/package/config.rs index eb6511d2..1bb0ba70 100644 --- a/core/archipelago/src/api/rpc/package/config.rs +++ b/core/archipelago/src/api/rpc/package/config.rs @@ -392,9 +392,21 @@ pub(super) async fn get_app_config( "8080:8080".to_string(), ], vec!["/var/lib/archipelago/lnd:/root/.lnd".to_string()], - vec!["BITCOIN_ACTIVE=1".to_string()], - None, + vec![], None, + Some(vec![ + "--bitcoin.active".to_string(), + "--bitcoin.mainnet".to_string(), + "--bitcoin.node=bitcoind".to_string(), + format!("--bitcoind.rpcuser={}", rpc_user), + format!("--bitcoind.rpcpass={}", rpc_pass), + "--bitcoind.rpchost=bitcoin-knots:8332".to_string(), + "--bitcoind.zmqpubrawblock=tcp://bitcoin-knots:28332".to_string(), + "--bitcoind.zmqpubrawtx=tcp://bitcoin-knots:28333".to_string(), + "--rpclisten=0.0.0.0:10009".to_string(), + "--restlisten=0.0.0.0:8080".to_string(), + "--listen=0.0.0.0:9735".to_string(), + ]), ), "btcpay-server" | "btcpayserver" => ( vec!["23000:49392".to_string()], @@ -483,7 +495,7 @@ pub(super) async fn get_app_config( ), "searxng" => ( vec!["8888:8080".to_string()], - vec![], + vec!["/var/lib/archipelago/searxng:/etc/searxng".to_string()], vec![], None, None, diff --git a/core/archipelago/src/api/rpc/package/install.rs b/core/archipelago/src/api/rpc/package/install.rs index 825eabc4..39cb4cb9 100644 --- a/core/archipelago/src/api/rpc/package/install.rs +++ b/core/archipelago/src/api/rpc/package/install.rs @@ -173,6 +173,22 @@ impl RpcHandler { self.write_bitcoin_conf(&rpc_user, &rpc_pass).await; } + // Pre-install: SearXNG settings.yml (required or container exits immediately) + if package_id == "searxng" { + let searx_dir = "/var/lib/archipelago/searxng"; + let settings_path = format!("{}/settings.yml", searx_dir); + if !tokio::fs::try_exists(&settings_path).await.unwrap_or(false) { + let secret: [u8; 32] = rand::random(); + let secret_hex = hex::encode(secret); + let settings = format!( + "use_default_settings: true\ngeneral:\n instance_name: Archipelago Search\nserver:\n secret_key: \"{}\"\n bind_address: \"0.0.0.0\"\n port: 8080\n limiter: false\nui:\n default_theme: simple\n", + secret_hex + ); + let _ = tokio::fs::write(&settings_path, settings).await; + info!("Created SearXNG settings.yml"); + } + } + // Port mappings (skip for host-network containers) if !is_tailscale { for port in &ports {