chore(release): stage v1.7.53-alpha

This commit is contained in:
archipelago 2026-05-05 13:59:50 -04:00
parent 745cb1c626
commit 5e6ee1633e
13 changed files with 61 additions and 66 deletions

View File

@ -1,5 +1,11 @@
# Changelog # Changelog
## v1.7.53-alpha (2026-05-05)
- Bitcoin Knots/Core config generation no longer duplicates RPC bind and port settings between `bitcoin.conf` and container command args, fixing `Unable to bind all endpoints for RPC server` startup failures.
- Legacy Bitcoin container healthchecks no longer depend on `bitcoin-cli`, which is absent from current Knots images and can wedge Podman healthcheck runners.
- Update checks now prefer manifest OTA releases over stale git remotes unless `ARCHIPELAGO_GIT_UPDATES` is explicitly enabled, so installed nodes can see published releases from the VPS mirror.
## v1.7.52-alpha (2026-05-05) ## v1.7.52-alpha (2026-05-05)
- Tailscale now launches the local installed web UI on port `8240` and starts `tailscaled` before `tailscale web`, fixing unreachable installs after container creation. - Tailscale now launches the local installed web UI on port `8240` and starts `tailscaled` before `tailscale web`, fixing unreachable installs after container creation.

2
core/Cargo.lock generated
View File

@ -80,7 +80,7 @@ checksum = "a23eb6b1614318a8071c9b2521f36b424b2c83db5eb3a0fead4a6c0809af6e61"
[[package]] [[package]]
name = "archipelago" name = "archipelago"
version = "1.7.52-alpha" version = "1.7.53-alpha"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"archipelago-container", "archipelago-container",

View File

@ -1,6 +1,6 @@
[package] [package]
name = "archipelago" name = "archipelago"
version = "1.7.52-alpha" version = "1.7.53-alpha"
edition = "2021" edition = "2021"
description = "Archipelago Bitcoin Node OS - Native backend" description = "Archipelago Bitcoin Node OS - Native backend"
authors = ["Archipelago Team"] authors = ["Archipelago Team"]

View File

@ -164,11 +164,10 @@ pub(super) fn is_readonly_compatible(app_id: &str) -> bool {
/// Get container health check arguments for podman run. /// Get container health check arguments for podman run.
/// Returns (health-cmd, interval, retries) args to append to run_args. /// Returns (health-cmd, interval, retries) args to append to run_args.
pub(super) fn get_health_check_args(app_id: &str, _rpc_pass: &str) -> Vec<String> { pub(super) fn get_health_check_args(app_id: &str, _rpc_pass: &str) -> Vec<String> {
// bitcoin-cli reads the .cookie file from -datadir automatically (no plaintext creds needed)
let btc_health =
"bitcoin-cli -datadir=/home/bitcoin/.bitcoin getblockchaininfo || exit 1".to_string();
let (cmd, interval, retries) = match app_id { let (cmd, interval, retries) = match app_id {
"bitcoin" | "bitcoin-core" | "bitcoin-knots" => (btc_health.as_str(), "30s", "3"), // Bitcoin images do not consistently ship bitcoin-cli/curl/nc. Rely on
// process state here; manifests still describe the desired TCP check.
"bitcoin" | "bitcoin-core" | "bitcoin-knots" => return vec![],
"lnd" => ("lncli getinfo || exit 1", "30s", "3"), "lnd" => ("lncli getinfo || exit 1", "30s", "3"),
"btcpay-server" | "btcpayserver" => { "btcpay-server" | "btcpayserver" => {
("curl -sf http://localhost:49392/ || exit 1", "30s", "3") ("curl -sf http://localhost:49392/ || exit 1", "30s", "3")

View File

@ -260,7 +260,7 @@ impl RpcHandler {
// bitcoin_rpc_credentials() generates + persists on first // bitcoin_rpc_credentials() generates + persists on first
// call (OnceCell-cached), so this is idempotent. // call (OnceCell-cached), so this is idempotent.
let _ = crate::bitcoin_rpc::bitcoin_rpc_credentials().await; let _ = crate::bitcoin_rpc::bitcoin_rpc_credentials().await;
ensure_bitcoin_rpc_bindings().await? ensure_bitcoin_rpc_config().await?
} else { } else {
false false
}; };
@ -1175,14 +1175,14 @@ impl RpcHandler {
// user" and skip. Matches the lnd.conf behavior below. // user" and skip. Matches the lnd.conf behavior below.
match tokio::fs::metadata(&conf_path).await { match tokio::fs::metadata(&conf_path).await {
Ok(_) => { Ok(_) => {
ensure_bitcoin_rpc_bindings().await?; ensure_bitcoin_rpc_config().await?;
info!("bitcoin.conf already exists, ensured RPC bind settings"); info!("bitcoin.conf already exists, ensured Bitcoin RPC config");
return Ok(()); return Ok(());
} }
Err(e) if e.kind() == std::io::ErrorKind::NotFound => {} Err(e) if e.kind() == std::io::ErrorKind::NotFound => {}
Err(_) => { Err(_) => {
ensure_bitcoin_rpc_bindings().await?; ensure_bitcoin_rpc_config().await?;
info!("bitcoin.conf path inaccessible, ensured RPC bind settings via host helper"); info!("bitcoin.conf path inaccessible, ensured Bitcoin RPC config via host helper");
return Ok(()); return Ok(());
} }
} }
@ -1205,9 +1205,7 @@ impl RpcHandler {
# rpcauth: salted hash only no plaintext password in config or CLI\n\ # rpcauth: salted hash only no plaintext password in config or CLI\n\
{}\n\ {}\n\
server=1\n\ server=1\n\
rpcbind=0.0.0.0\n\
rpcallowip=0.0.0.0/0\n\ rpcallowip=0.0.0.0/0\n\
rpcport=8332\n\
listen=1\n\ listen=1\n\
printtoconsole=1\n", printtoconsole=1\n",
rpcauth_line rpcauth_line
@ -2029,7 +2027,7 @@ async fn wait_for_adopted_container(package_id: &str, container_name: &str) -> R
)) ))
} }
async fn ensure_bitcoin_rpc_bindings() -> Result<bool> { async fn ensure_bitcoin_rpc_config() -> Result<bool> {
let script = r#" let script = r#"
set -eu set -eu
conf=/var/lib/archipelago/bitcoin/bitcoin.conf conf=/var/lib/archipelago/bitcoin/bitcoin.conf
@ -2044,9 +2042,7 @@ ensure_line() {
fi fi
} }
ensure_line server=1 ensure_line server=1
ensure_line rpcbind=0.0.0.0
ensure_line rpcallowip=0.0.0.0/0 ensure_line rpcallowip=0.0.0.0/0
ensure_line rpcport=8332
ensure_line listen=1 ensure_line listen=1
[ "$changed" -eq 0 ] && exit 0 [ "$changed" -eq 0 ] && exit 0
exit 2 exit 2

View File

@ -4,26 +4,9 @@ use anyhow::{Context, Result};
impl RpcHandler { impl RpcHandler {
/// Check for available system updates. /// Check for available system updates.
/// Tries git-based check first (if repo exists), falls back to manifest-based. /// Prefer manifest-based OTA so installed nodes with a checked-out repo do
/// not depend on a potentially stale git remote. Git remains a dev fallback.
pub(super) async fn handle_update_check(&self) -> Result<serde_json::Value> { pub(super) async fn handle_update_check(&self) -> Result<serde_json::Value> {
// Manifest override: when ARCHIPELAGO_UPDATE_URL is explicitly set,
// the operator wants OTA via manifest — typically a dev box where
// ~/archy/.git exists but isn't the intended update surface.
// Without this short-circuit the dev box always advertises "Pull
// & Rebuild" and can never exercise the manifest OTA path.
let manifest_override = std::env::var("ARCHIPELAGO_UPDATE_URL").is_ok();
let repo_dir = std::path::PathBuf::from(
std::env::var("HOME").unwrap_or_else(|_| "/home/archipelago".to_string()),
)
.join("archy");
if !manifest_override && repo_dir.join(".git").exists() {
if let Ok(git_status) = self.git_check_update(&repo_dir).await {
return Ok(git_status);
}
}
// Fall back to manifest-based check
let state = update::check_for_updates(&self.config.data_dir).await?; let state = update::check_for_updates(&self.config.data_dir).await?;
let update_info = state.available_update.as_ref().map(|u| { let update_info = state.available_update.as_ref().map(|u| {
@ -35,10 +18,30 @@ impl RpcHandler {
}) })
}); });
if update_info.is_some() {
return Ok(serde_json::json!({
"current_version": state.current_version,
"last_check": state.last_check,
"update_available": true,
"update": update_info,
"manifest_mirror": state.manifest_mirror,
}));
}
let repo_dir = std::path::PathBuf::from(
std::env::var("HOME").unwrap_or_else(|_| "/home/archipelago".to_string()),
)
.join("archy");
if std::env::var("ARCHIPELAGO_GIT_UPDATES").is_ok() && repo_dir.join(".git").exists() {
if let Ok(git_status) = self.git_check_update(&repo_dir).await {
return Ok(git_status);
}
}
Ok(serde_json::json!({ Ok(serde_json::json!({
"current_version": state.current_version, "current_version": state.current_version,
"last_check": state.last_check, "last_check": state.last_check,
"update_available": update_info.is_some(), "update_available": false,
"update": update_info, "update": update_info,
"manifest_mirror": state.manifest_mirror, "manifest_mirror": state.manifest_mirror,
})) }))

View File

@ -304,10 +304,9 @@ fn path_dot(path: &Path) -> String {
async fn run_bitcoin_rpc_repair() -> Result<bool> { async fn run_bitcoin_rpc_repair() -> Result<bool> {
// Older installs can have a container-owned bitcoin.conf with only rpcauth // Older installs can have a container-owned bitcoin.conf with only rpcauth
// and printtoconsole. In that state bitcoind is healthy internally, but the // and printtoconsole. Repair it at startup so OTA fixes existing nodes
// host-network bitcoin-ui proxy to 127.0.0.1:8332 gets connection resets. // without a manual uninstall/reinstall. Bind/port stay in the container
// Repair it at startup so OTA fixes existing nodes without a manual // command line to avoid duplicate RPC endpoint definitions.
// uninstall/reinstall.
let script = r#" let script = r#"
set -eu set -eu
conf=/var/lib/archipelago/bitcoin/bitcoin.conf conf=/var/lib/archipelago/bitcoin/bitcoin.conf
@ -322,9 +321,7 @@ ensure_line() {
fi fi
} }
ensure_line server=1 ensure_line server=1
ensure_line rpcbind=0.0.0.0
ensure_line rpcallowip=0.0.0.0/0 ensure_line rpcallowip=0.0.0.0/0
ensure_line rpcport=8332
ensure_line listen=1 ensure_line listen=1
[ "$changed" -eq 0 ] && exit 0 [ "$changed" -eq 0 ] && exit 0
exit 2 exit 2

View File

@ -56,7 +56,6 @@ listen=1
# RPC # RPC
rpcuser=$RPC_USER rpcuser=$RPC_USER
rpcpassword=$RPC_PASS rpcpassword=$RPC_PASS
rpcbind=0.0.0.0
rpcallowip=10.0.0.0/8 rpcallowip=10.0.0.0/8
rpcallowip=172.16.0.0/12 rpcallowip=172.16.0.0/12
rpcallowip=192.168.0.0/16 rpcallowip=192.168.0.0/16

View File

@ -1,12 +1,12 @@
{ {
"name": "neode-ui", "name": "neode-ui",
"version": "1.7.52-alpha", "version": "1.7.53-alpha",
"lockfileVersion": 3, "lockfileVersion": 3,
"requires": true, "requires": true,
"packages": { "packages": {
"": { "": {
"name": "neode-ui", "name": "neode-ui",
"version": "1.7.52-alpha", "version": "1.7.53-alpha",
"dependencies": { "dependencies": {
"@types/dompurify": "^3.0.5", "@types/dompurify": "^3.0.5",
"@vue-leaflet/vue-leaflet": "^0.10.1", "@vue-leaflet/vue-leaflet": "^0.10.1",

View File

@ -1,7 +1,7 @@
{ {
"name": "neode-ui", "name": "neode-ui",
"private": true, "private": true,
"version": "1.7.52-alpha", "version": "1.7.53-alpha",
"type": "module", "type": "module",
"scripts": { "scripts": {
"start": "./start-dev.sh", "start": "./start-dev.sh",

View File

@ -1,28 +1,27 @@
{ {
"version": "1.7.52-alpha", "version": "1.7.53-alpha",
"release_date": "2026-05-05", "release_date": "2026-05-05",
"changelog": [ "changelog": [
"Tailscale now launches the local installed web UI on port `8240` and starts `tailscaled` before `tailscale web`, fixing unreachable installs after container creation.", "Bitcoin Knots/Core config generation no longer duplicates RPC bind and port settings between `bitcoin.conf` and container command args, fixing `Unable to bind all endpoints for RPC server` startup failures.",
"Grafana install/start/restart now repairs missing rootless host listeners on port `3000`, matching the existing SearXNG, Uptime Kuma, and Gitea recovery path.", "Legacy Bitcoin container healthchecks no longer depend on `bitcoin-cli`, which is absent from current Knots images and can wedge Podman healthcheck runners.",
"Debian 13/Trixie ISO and disk-install paths now force security updates from `trixie-security` during image/install creation so rebuilt release media includes patched base packages.", "Update checks now prefer manifest OTA releases over stale git remotes unless `ARCHIPELAGO_GIT_UPDATES` is explicitly enabled, so installed nodes can see published releases from the VPS mirror."
"Broad `.198` lifecycle audit passes with the current qualified app set; known absent blockers remain `electrumx`, `photoprism`, `dwn`, and `ollama`."
], ],
"components": [ "components": [
{ {
"name": "archipelago", "name": "archipelago",
"current_version": "1.7.52-alpha", "current_version": "1.7.53-alpha",
"new_version": "1.7.52-alpha", "new_version": "1.7.53-alpha",
"download_url": "https://git.tx1138.com/lfg2025/archy/raw/branch/main/releases/v1.7.52-alpha/archipelago", "download_url": "https://git.tx1138.com/lfg2025/archy/raw/branch/main/releases/v1.7.53-alpha/archipelago",
"sha256": "fc47c3bc42f67472252cb854bb03e200a92929ab38aeac519422704486af18d4", "sha256": "86cf408ed84c7a7a72d1b5529aa97561dd02db38aab57c523999d1f5e7bf48b7",
"size_bytes": 42342368 "size_bytes": 42352112
}, },
{ {
"name": "archipelago-frontend-1.7.52-alpha.tar.gz", "name": "archipelago-frontend-1.7.53-alpha.tar.gz",
"current_version": "1.7.52-alpha", "current_version": "1.7.53-alpha",
"new_version": "1.7.52-alpha", "new_version": "1.7.53-alpha",
"download_url": "https://git.tx1138.com/lfg2025/archy/raw/branch/main/releases/v1.7.52-alpha/archipelago-frontend-1.7.52-alpha.tar.gz", "download_url": "https://git.tx1138.com/lfg2025/archy/raw/branch/main/releases/v1.7.53-alpha/archipelago-frontend-1.7.53-alpha.tar.gz",
"sha256": "329e57a0491e91966afcd5a82f5c00920657695b01ecc6c9e99c6814b44abf29", "sha256": "87590acd32cb79866d39d87f37c7a91d85774d06aa318352b24d2b2177ccac31",
"size_bytes": 166462645 "size_bytes": 166460672
} }
] ]
} }

View File

@ -266,10 +266,8 @@ server=1
prune=550 prune=550
rpcuser=archipelago rpcuser=archipelago
rpcpassword=$BTC_RPC_PASS rpcpassword=$BTC_RPC_PASS
rpcbind=0.0.0.0
rpcallowip=127.0.0.1/32 rpcallowip=127.0.0.1/32
rpcallowip=10.88.0.0/16 rpcallowip=10.88.0.0/16
rpcport=8332
listen=1 listen=1
printtoconsole=1 printtoconsole=1
BCONF BCONF

View File

@ -308,9 +308,7 @@ if [ ! -f "$BITCOIN_CONF" ] || ! grep -q "^rpcauth=" "$BITCOIN_CONF" 2>/dev/null
# rpcauth: salted hash only — no plaintext password in config or CLI # rpcauth: salted hash only — no plaintext password in config or CLI
rpcauth=${RPCAUTH} rpcauth=${RPCAUTH}
server=1 server=1
rpcbind=0.0.0.0
rpcallowip=0.0.0.0/0 rpcallowip=0.0.0.0/0
rpcport=8332
listen=1 listen=1
printtoconsole=1 printtoconsole=1
# ZMQ publishers for LND and other services that need real-time block/tx notifications # ZMQ publishers for LND and other services that need real-time block/tx notifications