lfg2025/archy
1
0
Fork 0
Code Issues 9 Pull Requests Actions Packages Projects Releases 44 Wiki Activity

fix: LND config escaping in SSH heredoc, Tailscale fallback for build source

Browse Source 
- Fix shell escaping in LND config sync block (single-quoted SSH context
  doesn't need backslash-escaped dollars)
- deploy-tailscale.sh BUILD_SOURCE auto-detects Tailscale IP when LAN
  unreachable (fixes "No binary on .228" error)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Dorian 2026-03-22 17:01:02 +00:00
parent ed9b63fa72
commit 47c42d4d1b
2 changed files with 26 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
scripts/deploy-tailscale.sh
View File

@ -32,7 +32,18 @@ TARGET_DIR="/home/archipelago/archy"
SSH_KEY="${ARCHIPELAGO_SSH_KEY:-$HOME/.ssh/archipelago-deploy}"
SSH_OPTS="-o StrictHostKeyChecking=no -o ServerAliveInterval=15 -o ServerAliveCountMax=4 -o ConnectTimeout=10 -i $SSH_KEY"
BUILD_SOURCE="archipelago@${DEFAULT_PRIMARY:-192.168.1.228}"
BUILD_SOURCE_LAN="archipelago@${DEFAULT_PRIMARY:-192.168.1.228}"
BUILD_SOURCE_TS="archipelago@$(tailscale status 2>/dev/null | grep 'archipelago-0' | awk '{print $1}')"
# Try LAN first, fall back to Tailscale
if ssh -o StrictHostKeyChecking=no -o ConnectTimeout=5 -i "$SSH_KEY" "$BUILD_SOURCE_LAN" "echo ok" >/dev/null 2>&1; then
BUILD_SOURCE="$BUILD_SOURCE_LAN"
elif [ "$BUILD_SOURCE_TS" != "archipelago@" ] && ssh -o StrictHostKeyChecking=no -o ConnectTimeout=5 -i "$SSH_KEY" "$BUILD_SOURCE_TS" "echo ok" >/dev/null 2>&1; then
BUILD_SOURCE="$BUILD_SOURCE_TS"
echo "Build source: using Tailscale IP (LAN unreachable)"
else
BUILD_SOURCE="$BUILD_SOURCE_LAN"
echo "WARNING: Build source may be unreachable"
fi
BUILD_DIR="/home/archipelago/archy"
# Node registry

27
scripts/deploy-to-target.sh
View File

@ -1526,23 +1526,24 @@ LNDCONF
else
# Always ensure LND config has correct RPC credentials from secrets
LND_CONF=/var/lib/archipelago/lnd/lnd.conf
CURRENT_PASS=\$(sudo grep "bitcoind.rpcpass=" "\$LND_CONF" 2>/dev/null | cut -d= -f2)
CURRENT_PASS=$(sudo grep "bitcoind.rpcpass=" "$LND_CONF" 2>/dev/null | cut -d= -f2)
NEEDS_FIX=0
grep -q "rpccookie" "\$LND_CONF" 2>/dev/null && NEEDS_FIX=1
grep -q "rpchost=127.0.0.1" "\$LND_CONF" 2>/dev/null && NEEDS_FIX=1
[ "\$CURRENT_PASS" != "$BITCOIN_RPC_PASS" ] && NEEDS_FIX=1
if [ "\$NEEDS_FIX" = "1" ]; then
grep -q "rpccookie" "$LND_CONF" 2>/dev/null && NEEDS_FIX=1
grep -q "rpchost=127.0.0.1" "$LND_CONF" 2>/dev/null && NEEDS_FIX=1
RPC_PASS_EXPECTED=$(sudo cat /var/lib/archipelago/secrets/bitcoin-rpc-password 2>/dev/null)
[ "$CURRENT_PASS" != "$RPC_PASS_EXPECTED" ] && NEEDS_FIX=1
if [ "$NEEDS_FIX" = "1" ]; then
echo " Syncing LND config with current RPC credentials..."
sudo sed -i "/bitcoind.rpccookie/d" "\$LND_CONF"
sudo sed -i "s|bitcoind.rpchost=127.0.0.1:8332|bitcoind.rpchost=bitcoin-knots:8332|" "\$LND_CONF"
sudo sed -i "s|bitcoind.rpcpass=.*|bitcoind.rpcpass=$BITCOIN_RPC_PASS|" "\$LND_CONF"
if ! sudo grep -q "bitcoind.rpcuser=" "\$LND_CONF" 2>/dev/null; then
sudo sed -i "/bitcoind.rpchost=/a bitcoind.rpcuser=$BITCOIN_RPC_USER" "\$LND_CONF"
sudo sed -i "/bitcoind.rpccookie/d" "$LND_CONF"
sudo sed -i "s|bitcoind.rpchost=127.0.0.1:8332|bitcoind.rpchost=bitcoin-knots:8332|" "$LND_CONF"
sudo sed -i "s|bitcoind.rpcpass=.*|bitcoind.rpcpass=$RPC_PASS_EXPECTED|" "$LND_CONF"
if ! sudo grep -q "bitcoind.rpcuser=" "$LND_CONF" 2>/dev/null; then
sudo sed -i "/bitcoind.rpchost=/a bitcoind.rpcuser=archipelago" "$LND_CONF"
fi
if ! sudo grep -q "bitcoind.rpcpass=" "\$LND_CONF" 2>/dev/null; then
sudo sed -i "/bitcoind.rpcuser=/a bitcoind.rpcpass=$BITCOIN_RPC_PASS" "\$LND_CONF"
if ! sudo grep -q "bitcoind.rpcpass=" "$LND_CONF" 2>/dev/null; then
sudo sed -i "/bitcoind.rpcuser=/a bitcoind.rpcpass=$RPC_PASS_EXPECTED" "$LND_CONF"
fi
sudo chown 100000:100000 "\$LND_CONF"
sudo chown 100000:100000 "$LND_CONF"
RESTART_LND=1
echo " LND config updated"
fi