diff --git a/.claude/memory/reference_tailscale_nodes.md b/.claude/memory/reference_tailscale_nodes.md index 8d03050e..cf5b9084 100644 --- a/.claude/memory/reference_tailscale_nodes.md +++ b/.claude/memory/reference_tailscale_nodes.md @@ -1,21 +1,25 @@ --- -name: Tailscale node addresses -description: Complete list of all Tailscale node IPs and hostnames for SSH access +name: Node inventory and SSH access +description: Complete list of all Archipelago nodes — LAN and Tailscale IPs, SSH commands, build capabilities, deploy methods type: reference --- -## Tailscale Nodes - -| Name | Tailscale IP | Hostname | SSH | -|------|-------------|----------|-----| -| Arch 1 | 100.82.97.63 | — | `ssh -i ~/.ssh/archipelago-deploy archipelago@100.82.97.63` | -| Arch 2 | 100.122.84.60 | archipelago-2.tail2b6225.ts.net | `ssh -i ~/.ssh/archipelago-deploy archipelago@archipelago-2.tail2b6225.ts.net` | -| Arch 3 | 100.124.105.113 | archipelago-3.tail2b6225.ts.net | `ssh -i ~/.ssh/archipelago-deploy archipelago@100.124.105.113` | - -Note: `archipelago-3.tail2b6225.ts.net` and `100.124.105.113` are the SAME machine. - ## LAN Nodes -| Name | IP | SSH | -|------|-----|-----| -| Primary (.228) | 192.168.1.228 | `ssh -i ~/.ssh/archipelago-deploy archipelago@192.168.1.228` | -| Secondary (.198) | 192.168.1.198 | `ssh -i ~/.ssh/archipelago-deploy archipelago@192.168.1.198` | +| Name | IP | SSH | Notes | +|------|-----|-----|-------| +| Primary (.228) | 192.168.1.228 | `ssh -i ~/.ssh/archipelago-deploy archipelago@192.168.1.228` | Full build env, CI runner, OAuth proxy | +| Secondary (.198) | 192.168.1.198 | `ssh -i ~/.ssh/archipelago-deploy archipelago@192.168.1.198` | Full build env | + +## Tailscale Nodes +| Name | Tailscale IP | Hostname | SSH | Build? | +|------|-------------|----------|-----|--------| +| Arch 1 | 100.82.97.63 | — | `ssh -i ~/.ssh/archipelago-deploy archipelago@100.82.97.63` | Unknown | +| Arch 2 | 100.122.84.60 | archipelago-2.tail2b6225.ts.net | `ssh -i ~/.ssh/archipelago-deploy archipelago@archipelago-2.tail2b6225.ts.net` | Yes (Node, Rust, Podman) | +| Arch 3 | 100.124.105.113 | archipelago-3.tail2b6225.ts.net | `ssh -i ~/.ssh/archipelago-deploy archipelago@100.124.105.113` | No (Podman only, copy pre-built artifacts) | +| Arch Atob | 100.113.33.31 | — | `ssh -i ~/.ssh/archipelago-deploy archipelago@100.113.33.31` | Unknown | + +## Deploy Methods +- **LAN nodes (.228, .198):** `./scripts/deploy-to-target.sh --both` +- **Arch 2:** `ARCHIPELAGO_TARGET="archipelago@archipelago-2.tail2b6225.ts.net" ./scripts/deploy-to-target.sh --live` +- **Arch 3:** SCP pre-built binary + frontend tarball (no build tools). Do NOT relay through .228 — SSH directly from Mac. +- **All nodes:** Use `~/.ssh/archipelago-deploy` key diff --git a/image-recipe/build-auto-installer-iso.sh b/image-recipe/build-auto-installer-iso.sh index ea06a3c5..834fad2a 100755 --- a/image-recipe/build-auto-installer-iso.sh +++ b/image-recipe/build-auto-installer-iso.sh @@ -1904,6 +1904,12 @@ fi PROFILE chmod +x /mnt/target/etc/profile.d/archipelago.sh +# Ensure reboot/shutdown work without sudo for the archipelago user +# profile.d only runs for login shells; .bashrc handles SSH interactive sessions +if ! grep -q '/sbin' /mnt/target/home/archipelago/.bashrc 2>/dev/null; then + echo 'export PATH="$PATH:/sbin:/usr/sbin"' >> /mnt/target/home/archipelago/.bashrc +fi + # Systemd service: use the production version from rootfs (configs/archipelago.service) # Do NOT overwrite — the rootfs already has the correct User=archipelago, no DEV_MODE version if [ ! -f /mnt/target/etc/systemd/system/archipelago.service ]; then diff --git a/scripts/image-versions.sh b/scripts/image-versions.sh index 7edd620f..461dc399 100644 --- a/scripts/image-versions.sh +++ b/scripts/image-versions.sh @@ -4,13 +4,17 @@ # # Usage: source /opt/archipelago/image-versions.sh 2>/dev/null || true # source "$(dirname "$0")/image-versions.sh" 2>/dev/null || true +# +# Tags MUST match what's actually in the registry at 80.71.235.15:3000/archipelago/ +# Run: podman images --format '{{.Repository}}:{{.Tag}}' | grep '80.71' | sort +# to verify against the registry. # Archipelago app registry ARCHY_REGISTRY="80.71.235.15:3000/archipelago" # Bitcoin stack -BITCOIN_KNOTS_IMAGE="$ARCHY_REGISTRY/bitcoin-knots:28.1" -LND_IMAGE="$ARCHY_REGISTRY/lnd:v0.18.5-beta" +BITCOIN_KNOTS_IMAGE="$ARCHY_REGISTRY/bitcoin-knots:latest" +LND_IMAGE="$ARCHY_REGISTRY/lnd:v0.18.4-beta" ELECTRUMX_IMAGE="$ARCHY_REGISTRY/electrumx:v1.18.0" # Mempool stack @@ -25,22 +29,22 @@ POSTGRES_IMAGE="$ARCHY_REGISTRY/postgres:15.17" BTCPAY_POSTGRES_IMAGE="$ARCHY_REGISTRY/postgres:15.17" # Apps -HOMEASSISTANT_IMAGE="$ARCHY_REGISTRY/home-assistant:2024.12.5" -GRAFANA_IMAGE="$ARCHY_REGISTRY/grafana:11.4.0" -UPTIME_KUMA_IMAGE="$ARCHY_REGISTRY/uptime-kuma:1.23.17" -JELLYFIN_IMAGE="$ARCHY_REGISTRY/jellyfin:10.10.3" +HOMEASSISTANT_IMAGE="$ARCHY_REGISTRY/home-assistant:2024.1" +GRAFANA_IMAGE="$ARCHY_REGISTRY/grafana:10.2.0" +UPTIME_KUMA_IMAGE="$ARCHY_REGISTRY/uptime-kuma:1" +JELLYFIN_IMAGE="$ARCHY_REGISTRY/jellyfin:10.8.13" PHOTOPRISM_IMAGE="$ARCHY_REGISTRY/photoprism:240915" -OLLAMA_IMAGE="$ARCHY_REGISTRY/ollama:0.5.4" -VAULTWARDEN_IMAGE="$ARCHY_REGISTRY/vaultwarden:1.32.5" -NEXTCLOUD_IMAGE="$ARCHY_REGISTRY/nextcloud:29.0.16" -SEARXNG_IMAGE="$ARCHY_REGISTRY/searxng:2026.3.20-6c7e9c197" -ONLYOFFICE_IMAGE="$ARCHY_REGISTRY/onlyoffice:8.2.3.1" +OLLAMA_IMAGE="$ARCHY_REGISTRY/ollama:latest" +VAULTWARDEN_IMAGE="$ARCHY_REGISTRY/vaultwarden:1.30.0-alpine" +NEXTCLOUD_IMAGE="$ARCHY_REGISTRY/nextcloud:28" +SEARXNG_IMAGE="$ARCHY_REGISTRY/searxng:latest" +ONLYOFFICE_IMAGE="$ARCHY_REGISTRY/onlyoffice:latest" FILEBROWSER_IMAGE="$ARCHY_REGISTRY/filebrowser:v2.27.0" -NPM_IMAGE="$ARCHY_REGISTRY/nginx-proxy-manager:2.14.0" -PORTAINER_IMAGE="$ARCHY_REGISTRY/portainer:2.21.5" +NPM_IMAGE="$ARCHY_REGISTRY/nginx-proxy-manager:latest" +PORTAINER_IMAGE="$ARCHY_REGISTRY/portainer:latest" # Networking -TAILSCALE_IMAGE="$ARCHY_REGISTRY/tailscale:v1.78.3" +TAILSCALE_IMAGE="$ARCHY_REGISTRY/tailscale:stable" ALPINE_TOR_IMAGE="$ARCHY_REGISTRY/alpine-tor:0.4.8.13" ADGUARDHOME_IMAGE="$ARCHY_REGISTRY/adguardhome:v0.107.55" @@ -78,4 +82,4 @@ PENPOT_EXPORTER_IMAGE="$ARCHY_REGISTRY/penpot-exporter:2.4" PENPOT_FRONTEND_IMAGE="$ARCHY_REGISTRY/penpot-frontend:2.4" # Base images -NGINX_ALPINE_IMAGE="$ARCHY_REGISTRY/nginx:1.29.6-alpine" +NGINX_ALPINE_IMAGE="$ARCHY_REGISTRY/nginx:1.27.4-alpine"