lfg2025/archy
1
0
Fork 0
Code Issues 9 Pull Requests Actions Packages Projects Releases 44 Wiki Activity

feat(settings): per-service FIPS/Tor transport preference

Browse Source 
Adds a user-configurable toggle for how each peer-to-peer service
reaches federated peers. Three options per service:

- Auto (default) — FIPS preferred, Tor fallback (current behavior).
- FIPS only — fail rather than fall through to Tor.
- Tor only — explicit opt-in to onion anonymity for that service.

Services covered (matching the UI rows):
- Federation — state sync, invites, peer notifications
- Peers — address/DID rotation broadcasts
- Peer Files — content catalog download/browse/preview
- Messaging — archipelago channel + mesh bridge
- Mesh File Sharing — content_ref blob fetches

Implementation:
- settings::transport — persisted struct + process-wide OnceLock handle
  (so deep call sites don't need data_dir threaded through signatures).
  On-disk file: <data_dir>/settings/transport_preferences.json; missing
  or corrupt → defaults (Auto everywhere).
- settings::transport::init() called from main.rs after config load.
- fips::dial::PeerRequest gains a .service(kind) builder; send_* checks
  the preference before choosing a transport. FIPS-only fails loudly
  when FIPS is unavailable (so users who pick it know when something
  falls back).
- Every FIPS-first migration site tags its PeerRequest with the
  matching PeerService so the toggle actually applies.
- transport.preferences + transport.set-preference RPCs added; wired
  into the dispatcher.
- neode-ui/src/views/settings/TransportPrefsCard.vue — standalone card
  with a 5-row Auto/FIPS/Tor tri-state. Not wired into Settings.vue —
  the user places components themselves (see feedback_ui_entry_points).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Dorian 2026-04-19 01:44:41 -04:00
parent dbd19006f2
commit 8b88c45262
16 changed files with 478 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
core/archipelago/src/api/rpc/content.rs
View File

@ -237,6 +237,7 @@ impl RpcHandler {
let path = format!("/content/{}", content_id);
let (response, _transport) =
crate::fips::dial::PeerRequest::new(fips_npub.as_deref(), onion, &path)
.service(crate::settings::transport::PeerService::PeerFiles)
.header("X-Federation-DID", local_did)
.timeout(std::time::Duration::from_secs(120))
.send_get()
@ -293,6 +294,7 @@ impl RpcHandler {
let (response, _transport) =
crate::fips::dial::PeerRequest::new(fips_npub.as_deref(), onion, "/content")
.service(crate::settings::transport::PeerService::PeerFiles)
.timeout(std::time::Duration::from_secs(30))
.send_get()
.await
@ -352,6 +354,7 @@ impl RpcHandler {
let path = format!("/content/{}", content_id);
let (response, _transport) =
crate::fips::dial::PeerRequest::new(fips_npub.as_deref(), onion, &path)
.service(crate::settings::transport::PeerService::PeerFiles)
.header("X-Federation-DID", local_did)
.header("X-Payment-Token", token_str)
.timeout(std::time::Duration::from_secs(120))
@ -412,6 +415,7 @@ impl RpcHandler {
let (response, _transport) =
crate::fips::dial::PeerRequest::new(fips_npub.as_deref(), onion, &path)
.service(crate::settings::transport::PeerService::PeerFiles)
.timeout(std::time::Duration::from_secs(30))
.send_get()
.await

2
core/archipelago/src/api/rpc/dispatcher.rs
View File

@ -363,6 +363,8 @@ impl RpcHandler {
"transport.peers" => self.handle_transport_peers().await,
"transport.send" => self.handle_transport_send(params).await,
"transport.set-mode" => self.handle_transport_set_mode(params).await,
"transport.preferences" => self.handle_transport_preferences().await,
"transport.set-preference" => self.handle_transport_set_preference(params).await,
// Server settings
"server.set-name" => self.handle_server_set_name(params).await,

1
core/archipelago/src/api/rpc/federation/handlers.rs
View File

@ -656,6 +656,7 @@ impl RpcHandler {
&node.onion,
"/rpc/v1",
)
.service(crate::settings::transport::PeerService::Peers)
.timeout(std::time::Duration::from_secs(30));
match req.send_json(&body).await {

1
core/archipelago/src/api/rpc/mesh/typed_messages.rs
View File

@ -742,6 +742,7 @@ impl RpcHandler {
let (resp, transport) =
crate::fips::dial::PeerRequest::new(fips_npub.as_deref(), &onion_bare, &path)
.service(crate::settings::transport::PeerService::MeshFileSharing)
.timeout(std::time::Duration::from_secs(120))
.send_get()
.await

1
core/archipelago/src/api/rpc/tor/mod.rs
View File

@ -442,6 +442,7 @@ pub(super) async fn notify_federation_peers_address_change(
&peer.onion,
"/rpc/v1",
)
.service(crate::settings::transport::PeerService::Peers)
.timeout(std::time::Duration::from_secs(30));
match req.send_json(&payload).await {
Ok((_, transport)) => {

40
core/archipelago/src/api/rpc/transport.rs
View File

@ -108,6 +108,46 @@ impl RpcHandler {
}))
}
/// transport.preferences — Return the user's per-service transport
/// preferences. The UI renders these as five FIPS/Auto/Tor rows.
pub(super) async fn handle_transport_preferences(&self) -> Result<serde_json::Value> {
let prefs = crate::settings::transport::snapshot().await;
Ok(serde_json::to_value(prefs)?)
}
/// transport.set-preference — Change a single service preference.
/// Persists to disk and hot-swaps the in-memory handle so future
/// calls see the new value without restart.
pub(super) async fn handle_transport_set_preference(
&self,
params: Option<serde_json::Value>,
) -> Result<serde_json::Value> {
use crate::settings::transport::{set, PeerService, TransportPref};
let params = params
.as_ref()
.ok_or_else(|| anyhow::anyhow!("Missing params"))?;
let service: PeerService = serde_json::from_value(
params
.get("service")
.cloned()
.ok_or_else(|| anyhow::anyhow!("Missing 'service' param"))?,
)
.map_err(|e| anyhow::anyhow!("Invalid service: {}", e))?;
let pref: TransportPref = serde_json::from_value(
params
.get("pref")
.cloned()
.ok_or_else(|| anyhow::anyhow!("Missing 'pref' param"))?,
)
.map_err(|e| anyhow::anyhow!("Invalid pref: {}", e))?;
set(&self.config.data_dir, service, pref).await?;
info!(service = ?service, pref = ?pref, "Transport preference updated");
let current = crate::settings::transport::snapshot().await;
Ok(serde_json::to_value(current)?)
}
/// transport.set-mode — Toggle mesh-only (off-grid) mode.
pub(super) async fn handle_transport_set_mode(
&self,

1
core/archipelago/src/federation/invites.rs
View File

@ -232,6 +232,7 @@ async fn notify_join(
});
let _ = crate::fips::dial::PeerRequest::new(remote_fips_npub, remote_onion, "/rpc/v1")
.service(crate::settings::transport::PeerService::Federation)
.timeout(std::time::Duration::from_secs(30))
.send_json(&body)
.await;

2
core/archipelago/src/federation/sync.rs
View File

@ -28,6 +28,7 @@ pub async fn sync_with_peer(
});
let (resp, transport) = PeerRequest::new(peer.fips_npub.as_deref(), &peer.onion, "/rpc/v1")
.service(crate::settings::transport::PeerService::Federation)
.header("X-Federation-DID", local_did)
.header("X-Federation-Sig", signature)
.header("X-Federation-Timestamp", timestamp)
@ -111,6 +112,7 @@ pub async fn deploy_to_peer(
});
let (resp, transport) = PeerRequest::new(peer.fips_npub.as_deref(), &peer.onion, "/rpc/v1")
.service(crate::settings::transport::PeerService::Federation)
.header("X-Federation-DID", local_did)
.header("X-Federation-Sig", signature)
.header("X-Federation-Timestamp", timestamp)

50
core/archipelago/src/fips/dial.rs
View File

@ -232,12 +232,18 @@ pub async fn is_service_active() -> bool {
/// Tor (fallback). The call sites migrating off direct-Tor dialing build
/// one of these and call [`send_json`] / [`send_get`]; the helper handles
/// dial, timeout, fallback, and cross-transport auth headers.
///
/// The optional `service` field ties the request to a user-configurable
/// transport preference (see `crate::settings::transport`). Leaving it
/// unset picks Auto (FIPS preferred, Tor fallback) — the same default as
/// before the Settings UI landed.
pub struct PeerRequest<'a> {
pub fips_npub: Option<&'a str>,
pub onion_host: &'a str,
pub path: &'a str,
pub headers: Vec<(&'a str, String)>,
pub timeout: std::time::Duration,
pub service: Option<crate::settings::transport::PeerService>,
}
impl<'a> PeerRequest<'a> {
@ -252,9 +258,18 @@ impl<'a> PeerRequest<'a> {
path,
headers: Vec::new(),
timeout: std::time::Duration::from_secs(30),
service: None,
}
}
/// Tie this request to a user-configurable service preference. If
/// the user has set that service to `Fips` or `Tor`, the builder
/// respects it.
pub fn service(mut self, s: crate::settings::transport::PeerService) -> Self {
self.service = Some(s);
self
}
pub fn header(mut self, name: &'a str, value: impl Into<String>) -> Self {
self.headers.push((name, value.into()));
self
@ -265,14 +280,32 @@ impl<'a> PeerRequest<'a> {
self
}
/// Resolved preference: user setting if `service` was set, else Auto.
async fn preference(&self) -> crate::settings::transport::TransportPref {
match self.service {
Some(s) => crate::settings::transport::get(s).await,
None => crate::settings::transport::TransportPref::Auto,
}
}
/// POST a JSON body. Returns the `reqwest::Response` — caller decides
/// how to interpret the status code.
pub async fn send_json<B: serde::Serialize>(
&self,
body: &B,
) -> Result<(reqwest::Response, crate::transport::TransportKind)> {
if let Some(resp) = self.try_fips_post_json(body).await? {
return Ok((resp, crate::transport::TransportKind::Fips));
use crate::settings::transport::TransportPref;
let pref = self.preference().await;
// FIPS-only or Auto: try FIPS first.
if matches!(pref, TransportPref::Auto | TransportPref::Fips) {
if let Some(resp) = self.try_fips_post_json(body).await? {
return Ok((resp, crate::transport::TransportKind::Fips));
}
if pref == TransportPref::Fips {
anyhow::bail!(
"User set transport preference to FIPS only, but peer is unreachable over FIPS"
);
}
}
let resp = self.send_tor_post_json(body).await?;
Ok((resp, crate::transport::TransportKind::Tor))
@ -282,8 +315,17 @@ impl<'a> PeerRequest<'a> {
pub async fn send_get(
&self,
) -> Result<(reqwest::Response, crate::transport::TransportKind)> {
if let Some(resp) = self.try_fips_get().await? {
return Ok((resp, crate::transport::TransportKind::Fips));
use crate::settings::transport::TransportPref;
let pref = self.preference().await;
if matches!(pref, TransportPref::Auto | TransportPref::Fips) {
if let Some(resp) = self.try_fips_get().await? {
return Ok((resp, crate::transport::TransportKind::Fips));
}
if pref == TransportPref::Fips {
anyhow::bail!(
"User set transport preference to FIPS only, but peer is unreachable over FIPS"
);
}
}
let resp = self.send_tor_get().await?;
Ok((resp, crate::transport::TransportKind::Tor))

11
core/archipelago/src/main.rs
View File

@ -56,6 +56,7 @@ mod rate_limit;
pub mod seed;
mod server;
mod session;
mod settings;
mod state;
mod streaming;
mod totp;
@ -87,6 +88,16 @@ async fn main() -> Result<()> {
let config = Config::load().await?;
info!("📁 Data directory: {}", config.data_dir.display());
// Load user transport preferences so peer-to-peer call sites can
// consult them from any module without threading a handle through
// deep async chains. Missing/corrupt file → default (Auto everywhere).
if let Err(e) = settings::transport::init(&config.data_dir).await {
tracing::warn!(
"Failed to initialise transport preferences: {} — using defaults",
e
);
}
// Write PID marker early so we can detect crashes on next startup
crash_recovery::write_pid_marker(&config.data_dir).await?;

1
core/archipelago/src/mesh/mod.rs
View File

@ -865,6 +865,7 @@ impl MeshService {
&peer_onion_owned,
"/archipelago/mesh-typed",
)
.service(crate::settings::transport::PeerService::Messaging)
.timeout(std::time::Duration::from_secs(120));
match req.send_json(&body).await {
Ok((resp, transport)) if resp.status().is_success() => {

3
core/archipelago/src/network/dwn_sync.rs
View File

@ -184,6 +184,7 @@ async fn sync_single_peer(
// Step 1: Check peer health
let (health_resp, _) = PeerRequest::new(fips_npub, onion, "/dwn/health")
.service(crate::settings::transport::PeerService::Federation)
.timeout(std::time::Duration::from_secs(30))
.send_get()
.await
@ -208,6 +209,7 @@ async fn sync_single_peer(
});
let (pull_res, _) = PeerRequest::new(fips_npub, onion, "/dwn")
.service(crate::settings::transport::PeerService::Federation)
.timeout(std::time::Duration::from_secs(30))
.send_json(&pull_body)
.await
@ -265,6 +267,7 @@ async fn sync_single_peer(
// Best-effort push — don't fail the whole sync if a batch fails.
match PeerRequest::new(fips_npub, onion, "/dwn")
.service(crate::settings::transport::PeerService::Federation)
.timeout(std::time::Duration::from_secs(30))
.send_json(&push_body)
.await

2
core/archipelago/src/node_message.rs
View File

@ -280,6 +280,7 @@ pub async fn send_to_peer(
onion,
"/archipelago/node-message",
)
.service(crate::settings::transport::PeerService::Messaging)
.timeout(std::time::Duration::from_secs(60))
.send_json(&body)
.await
@ -310,6 +311,7 @@ pub async fn send_to_peer(
pub async fn check_peer_reachable(onion: &str, fips_npub: Option<&str>) -> Result<bool> {
validate_onion(onion)?;
match crate::fips::dial::PeerRequest::new(fips_npub, onion, "/health")
.service(crate::settings::transport::PeerService::Messaging)
.timeout(std::time::Duration::from_secs(30))
.send_get()
.await

7
core/archipelago/src/settings/mod.rs Normal file
View File

@ -0,0 +1,7 @@
//! User-editable settings that are not part of the initial onboarding
//! flow. Each submodule persists a focused slice of preferences to
//! `<data_dir>/settings/*.json` and exposes a process-wide handle so
//! call sites (deep in the transport / RPC / ingest stacks) don't need
//! to thread a data_dir or Arc through the entire call graph.
pub mod transport;

235
core/archipelago/src/settings/transport.rs Normal file
View File

@ -0,0 +1,235 @@
//! Per-service transport preferences.
//!
//! The user picks, for each peer-to-peer service, whether to prefer
//! FIPS (mesh overlay), Tor (hidden service fallback), or leave it on
//! Auto (FIPS preferred, Tor fallback — the default). Preferences are
//! persisted to `<data_dir>/settings/transport_preferences.json` and
//! cached in a process-wide handle so that calls from the transport,
//! RPC, and ingest stacks can consult them without threading data_dir
//! through every signature.
//!
//! Services covered (matching the Settings UI):
//! - `federation` — state sync, invites, peer notifications
//! - `peers` — address/DID rotation broadcast
//! - `peer_files` — content download / browse / preview
//! - `messaging` — archipelago channel + mesh-typed relay
//! - `mesh_file_sharing`— content_ref blob fetches over onion
//!
//! Unknown files parse as `default()` so a missing or corrupt
//! preferences file is equivalent to "Auto everywhere."
use anyhow::{Context, Result};
use serde::{Deserialize, Serialize};
use std::path::Path;
use std::sync::OnceLock;
use tokio::sync::RwLock;
const FILE_PATH: &str = "settings/transport_preferences.json";
/// Which transport to use for a given service.
#[derive(Clone, Copy, Debug, PartialEq, Eq, Serialize, Deserialize, Default)]
#[serde(rename_all = "snake_case")]
pub enum TransportPref {
/// FIPS preferred, Tor fallback. The default.
#[default]
Auto,
/// FIPS only. If FIPS is unavailable or the peer has no npub,
/// requests fail rather than leaking over Tor.
Fips,
/// Tor only. Useful when the user explicitly wants onion anonymity
/// for a given surface (e.g., first-contact messaging).
Tor,
}
/// Enum of peer-facing services that have a preference knob.
#[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, Serialize, Deserialize)]
#[serde(rename_all = "snake_case")]
pub enum PeerService {
Federation,
Peers,
PeerFiles,
Messaging,
MeshFileSharing,
}
impl PeerService {
#[allow(dead_code)]
pub fn as_str(&self) -> &'static str {
match self {
Self::Federation => "federation",
Self::Peers => "peers",
Self::PeerFiles => "peer_files",
Self::Messaging => "messaging",
Self::MeshFileSharing => "mesh_file_sharing",
}
}
}
/// Persisted shape. One field per service so the on-disk file is
/// self-describing and trivially diff-able.
#[derive(Clone, Debug, Default, Serialize, Deserialize)]
#[serde(default)]
pub struct TransportPreferences {
pub federation: TransportPref,
pub peers: TransportPref,
pub peer_files: TransportPref,
pub messaging: TransportPref,
pub mesh_file_sharing: TransportPref,
}
impl TransportPreferences {
pub fn for_service(&self, s: PeerService) -> TransportPref {
match s {
PeerService::Federation => self.federation,
PeerService::Peers => self.peers,
PeerService::PeerFiles => self.peer_files,
PeerService::Messaging => self.messaging,
PeerService::MeshFileSharing => self.mesh_file_sharing,
}
}
pub fn set_for_service(&mut self, s: PeerService, pref: TransportPref) {
match s {
PeerService::Federation => self.federation = pref,
PeerService::Peers => self.peers = pref,
PeerService::PeerFiles => self.peer_files = pref,
PeerService::Messaging => self.messaging = pref,
PeerService::MeshFileSharing => self.mesh_file_sharing = pref,
}
}
}
// ── Process-wide handle ─────────────────────────────────────────────────
static HANDLE: OnceLock<RwLock<TransportPreferences>> = OnceLock::new();
/// Initialise the handle from `<data_dir>/settings/transport_preferences.json`.
/// Must be called early in startup — before any call that reads `get()`.
/// Idempotent: second call reloads.
pub async fn init(data_dir: &Path) -> Result<()> {
let prefs = load_from_disk(data_dir).await;
match HANDLE.get() {
Some(lock) => {
*lock.write().await = prefs;
}
None => {
HANDLE
.set(RwLock::new(prefs))
.map_err(|_| anyhow::anyhow!("transport prefs already initialised"))?;
}
}
Ok(())
}
/// Read the current preference for a service. Returns `Auto` if the
/// handle wasn't initialised (tests, fallbacks).
pub async fn get(service: PeerService) -> TransportPref {
match HANDLE.get() {
Some(lock) => lock.read().await.for_service(service),
None => TransportPref::Auto,
}
}
/// Read the whole preferences block for the Settings UI.
pub async fn snapshot() -> TransportPreferences {
match HANDLE.get() {
Some(lock) => lock.read().await.clone(),
None => TransportPreferences::default(),
}
}
/// Update a single service preference, persist to disk, and update the
/// handle. Callers must pass `data_dir` because the on-disk file lives
/// under it — the handle alone doesn't know where to write.
pub async fn set(
data_dir: &Path,
service: PeerService,
pref: TransportPref,
) -> Result<()> {
let new_prefs = {
let lock = HANDLE.get_or_init(|| RwLock::new(TransportPreferences::default()));
let mut w = lock.write().await;
w.set_for_service(service, pref);
w.clone()
};
save_to_disk(data_dir, &new_prefs).await
}
// ── On-disk I/O ─────────────────────────────────────────────────────────
async fn load_from_disk(data_dir: &Path) -> TransportPreferences {
let path = data_dir.join(FILE_PATH);
let s = match tokio::fs::read_to_string(&path).await {
Ok(s) => s,
Err(_) => return TransportPreferences::default(),
};
serde_json::from_str(&s).unwrap_or_default()
}
async fn save_to_disk(data_dir: &Path, prefs: &TransportPreferences) -> Result<()> {
let path = data_dir.join(FILE_PATH);
if let Some(parent) = path.parent() {
tokio::fs::create_dir_all(parent)
.await
.with_context(|| format!("create {}", parent.display()))?;
}
let body = serde_json::to_string_pretty(prefs)
.context("serialize TransportPreferences")?;
tokio::fs::write(&path, body)
.await
.with_context(|| format!("write {}", path.display()))?;
Ok(())
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn default_is_all_auto() {
let p = TransportPreferences::default();
for s in [
PeerService::Federation,
PeerService::Peers,
PeerService::PeerFiles,
PeerService::Messaging,
PeerService::MeshFileSharing,
] {
assert_eq!(p.for_service(s), TransportPref::Auto);
}
}
#[test]
fn set_then_read_for_service() {
let mut p = TransportPreferences::default();
p.set_for_service(PeerService::Federation, TransportPref::Fips);
assert_eq!(p.for_service(PeerService::Federation), TransportPref::Fips);
assert_eq!(p.for_service(PeerService::Peers), TransportPref::Auto);
}
#[test]
fn json_round_trips() {
let mut p = TransportPreferences::default();
p.set_for_service(PeerService::Messaging, TransportPref::Tor);
let s = serde_json::to_string(&p).unwrap();
let back: TransportPreferences = serde_json::from_str(&s).unwrap();
assert_eq!(
back.for_service(PeerService::Messaging),
TransportPref::Tor
);
}
#[test]
fn service_names_round_trip() {
for s in [
PeerService::Federation,
PeerService::Peers,
PeerService::PeerFiles,
PeerService::Messaging,
PeerService::MeshFileSharing,
] {
let json = serde_json::to_value(s).unwrap();
assert_eq!(json.as_str().unwrap(), s.as_str());
}
}
}

121
neode-ui/src/views/settings/TransportPrefsCard.vue Normal file
View File

@ -0,0 +1,121 @@
<template>
<div class="glass-card p-6 transition-all">
<div class="flex items-center gap-3 mb-2">
<svg class="w-6 h-6 text-cyan-400" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M13 10V3L4 14h7v7l9-11h-7z" />
</svg>
<h2 class="text-xl font-semibold text-white">Transport Preferences</h2>
</div>
<p class="text-white/60 text-sm mb-5">
Pick how each service reaches federated peers. FIPS is the overlay mesh
(fast, authenticated). Tor is the anonymous hidden-service fallback.
<span class="text-white/40">Auto = FIPS first, Tor on failure.</span>
</p>
<div v-if="loading" class="text-white/50 text-sm">Loading</div>
<div v-else-if="error" class="text-red-400 text-sm">{{ error }}</div>
<div v-else class="space-y-3">
<div
v-for="svc in services"
:key="svc.key"
class="flex items-center justify-between gap-4 p-3 bg-white/5 rounded-lg"
>
<div class="min-w-0">
<div class="text-sm font-medium text-white">{{ svc.label }}</div>
<div class="text-xs text-white/50 truncate">{{ svc.hint }}</div>
</div>
<div class="flex items-center gap-1 shrink-0">
<button
v-for="opt in options"
:key="opt.value"
type="button"
class="px-3 py-1.5 rounded text-xs font-medium transition-colors"
:class="classesFor(svc.key, opt.value)"
:disabled="saving === svc.key"
@click="setPref(svc.key, opt.value)"
>
{{ opt.label }}
</button>
</div>
</div>
</div>
</div>
</template>
<script setup lang="ts">
import { onMounted, ref } from 'vue'
import { rpcClient } from '@/api/rpc'
type Pref = 'auto' | 'fips' | 'tor'
type Service = 'federation' | 'peers' | 'peer_files' | 'messaging' | 'mesh_file_sharing'
interface Preferences {
federation: Pref
peers: Pref
peer_files: Pref
messaging: Pref
mesh_file_sharing: Pref
}
const services: { key: Service; label: string; hint: string }[] = [
{ key: 'federation', label: 'Federation', hint: 'State sync, invites, peer notifications' },
{ key: 'peers', label: 'Peer Linking', hint: 'Address + DID rotation broadcasts' },
{ key: 'peer_files', label: 'Peer Files', hint: 'Content catalog download / browse' },
{ key: 'messaging', label: 'Archipelago Messaging', hint: 'Node-to-node chat + mesh bridge' },
{ key: 'mesh_file_sharing', label: 'Mesh File Sharing', hint: 'Blob fetches for shared mesh content' },
]
const options: { value: Pref; label: string }[] = [
{ value: 'auto', label: 'Auto' },
{ value: 'fips', label: 'FIPS' },
{ value: 'tor', label: 'Tor' },
]
const prefs = ref<Preferences | null>(null)
const loading = ref(true)
const saving = ref<Service | null>(null)
const error = ref<string | null>(null)
async function load() {
loading.value = true
error.value = null
try {
prefs.value = await rpcClient.call<Preferences>({ method: 'transport.preferences' })
} catch (e) {
error.value = e instanceof Error ? e.message : 'Failed to load transport preferences'
} finally {
loading.value = false
}
}
function classesFor(service: Service, value: Pref): string {
const active = prefs.value?.[service] === value
if (active) {
if (value === 'fips') return 'bg-cyan-500/30 text-cyan-200 ring-1 ring-cyan-400/50'
if (value === 'tor') return 'bg-purple-500/30 text-purple-200 ring-1 ring-purple-400/50'
return 'bg-white/20 text-white ring-1 ring-white/30'
}
return 'bg-white/5 text-white/60 hover:bg-white/10 hover:text-white/80'
}
async function setPref(service: Service, pref: Pref) {
if (!prefs.value) return
if (prefs.value[service] === pref) return
saving.value = service
const previous = prefs.value[service]
prefs.value[service] = pref
try {
prefs.value = await rpcClient.call<Preferences>({
method: 'transport.set-preference',
params: { service, pref },
})
} catch (e) {
if (prefs.value) prefs.value[service] = previous
error.value = e instanceof Error ? e.message : 'Failed to save preference'
} finally {
saving.value = null
}
}
onMounted(load)
</script>