lfg2025/archy
1
0
Fork 0
Code Issues 9 Pull Requests Actions Packages Projects Releases 44 Wiki Activity

refactor: migrate container registry from 80.71.235.15:3000 to git.tx1138.com/lfg2025

Browse Source 
All hardcoded references to the old IP-based registry replaced across
Rust backend, Vue frontend, shell scripts, Dockerfiles, CI, and docs.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Dorian 2026-04-11 09:33:10 -04:00
parent ed4e95a914
commit c917814d32
23 changed files with 57 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitea/workflows/build-iso-dev.yml
View File

@ -86,7 +86,7 @@ jobs:
run: |
sudo mkdir -p /etc/containers/registries.conf.d
echo '[[registry]]
location = "80.71.235.15:3000"
location = "git.tx1138.com"
insecure = true' | sudo tee /etc/containers/registries.conf.d/archipelago.conf
- name: Build unbundled ISO

4
core/archipelago/src/api/rpc/package/config.rs
View File

@ -4,7 +4,7 @@ use anyhow::{Context, Result};
/// Trusted Docker registries. Only images from these sources are allowed.
#[allow(dead_code)]
pub(super) const TRUSTED_REGISTRIES: &[&str] = &["docker.io/", "ghcr.io/", "localhost/", "80.71.235.15:3000/"];
pub(super) const TRUSTED_REGISTRIES: &[&str] = &["docker.io/", "ghcr.io/", "localhost/", "git.tx1138.com/"];
/// Validate Docker image against trusted registry allowlist.
pub(super) fn is_valid_docker_image(image: &str) -> bool {
@ -21,7 +21,7 @@ pub(super) fn is_valid_docker_image(image: &str) -> bool {
Some(r) => r,
None => return false,
};
matches!(registry, "docker.io" | "ghcr.io" | "localhost" | "80.71.235.15:3000")
matches!(registry, "docker.io" | "ghcr.io" | "localhost" | "git.tx1138.com")
}
/// Per-app Linux capabilities needed beyond the default cap-drop=ALL.

2
core/archipelago/src/api/rpc/package/install.rs
View File

@ -987,7 +987,7 @@ autopilot.active=false\n",
.find(|d| std::path::Path::new(d).join("Dockerfile").exists())
.unwrap_or_else(|| ui_dir.to_string());
let image_base = image_base.to_string();
let registry = "80.71.235.15:3000/archipelago";
let registry = "git.tx1138.com/lfg2025";
let registry_image = format!("{}/{}:latest", registry, image_base);
let local_image = format!("localhost/{}:latest", image_base);
tokio::spawn(async move {

34
core/archipelago/src/api/rpc/package/stacks.rs
View File

@ -49,7 +49,7 @@ async fn adopt_stack_if_exists(
})))
}
const REGISTRY: &str = "80.71.235.15:3000/archipelago";
const REGISTRY: &str = "git.tx1138.com/lfg2025";
/// Pull an image with retry and exponential backoff (3 attempts).
async fn pull_image_with_retry(image: &str) -> Result<()> {
@ -116,9 +116,9 @@ impl RpcHandler {
}
let images = [
"80.71.235.15:3000/archipelago/immich-postgres:14-vectorchord0.4.3-pgvectors0.2.0",
"80.71.235.15:3000/archipelago/valkey:7-alpine",
"80.71.235.15:3000/archipelago/immich-server:release",
"git.tx1138.com/lfg2025/immich-postgres:14-vectorchord0.4.3-pgvectors0.2.0",
"git.tx1138.com/lfg2025/valkey:7-alpine",
"git.tx1138.com/lfg2025/immich-server:release",
];
for img in &images {
pull_image_with_retry(img).await?;
@ -156,7 +156,7 @@ impl RpcHandler {
"POSTGRES_USER=postgres",
"-e",
"POSTGRES_DB=immich",
"80.71.235.15:3000/archipelago/immich-postgres:14-vectorchord0.4.3-pgvectors0.2.0",
"git.tx1138.com/lfg2025/immich-postgres:14-vectorchord0.4.3-pgvectors0.2.0",
])
.output()
.await;
@ -172,7 +172,7 @@ impl RpcHandler {
"unless-stopped",
"--network",
"immich-net",
"80.71.235.15:3000/archipelago/valkey:7-alpine",
"git.tx1138.com/lfg2025/valkey:7-alpine",
])
.output()
.await;
@ -204,7 +204,7 @@ impl RpcHandler {
"REDIS_HOSTNAME=immich_redis",
"-e",
"UPLOAD_LOCATION=/usr/src/app/upload",
"80.71.235.15:3000/archipelago/immich-server:release",
"git.tx1138.com/lfg2025/immich-server:release",
])
.output()
.await
@ -237,11 +237,11 @@ impl RpcHandler {
}
let images = [
"80.71.235.15:3000/archipelago/postgres:15",
"80.71.235.15:3000/archipelago/valkey:8.1",
"80.71.235.15:3000/archipelago/penpot-backend:2.4",
"80.71.235.15:3000/archipelago/penpot-exporter:2.4",
"80.71.235.15:3000/archipelago/penpot-frontend:2.4",
"git.tx1138.com/lfg2025/postgres:15",
"git.tx1138.com/lfg2025/valkey:8.1",
"git.tx1138.com/lfg2025/penpot-backend:2.4",
"git.tx1138.com/lfg2025/penpot-exporter:2.4",
"git.tx1138.com/lfg2025/penpot-frontend:2.4",
];
for img in &images {
pull_image_with_retry(img).await?;
@ -284,7 +284,7 @@ impl RpcHandler {
"POSTGRES_USER=penpot",
"-e",
"POSTGRES_PASSWORD=penpot",
"80.71.235.15:3000/archipelago/postgres:15",
"git.tx1138.com/lfg2025/postgres:15",
])
.output()
.await;
@ -302,7 +302,7 @@ impl RpcHandler {
"penpot-net",
"-e",
"VALKEY_EXTRA_FLAGS=--maxmemory 128mb --maxmemory-policy volatile-lfu",
"80.71.235.15:3000/archipelago/valkey:8.1",
"git.tx1138.com/lfg2025/valkey:8.1",
])
.output()
.await;
@ -338,7 +338,7 @@ impl RpcHandler {
"PENPOT_OBJECTS_STORAGE_FS_DIRECTORY=/opt/data/assets",
"-e",
"PENPOT_FLAGS=disable-email-verification enable-smtp enable-prepl-server disable-secure-session-cookies",
"80.71.235.15:3000/archipelago/penpot-backend:2.4",
"git.tx1138.com/lfg2025/penpot-backend:2.4",
])
.output()
.await;
@ -360,7 +360,7 @@ impl RpcHandler {
"PENPOT_PUBLIC_URI=http://penpot-frontend:8080",
"-e",
"PENPOT_REDIS_URI=redis://penpot-valkey/0",
"80.71.235.15:3000/archipelago/penpot-exporter:2.4",
"git.tx1138.com/lfg2025/penpot-exporter:2.4",
])
.output()
.await;
@ -384,7 +384,7 @@ impl RpcHandler {
&format!("PENPOT_PUBLIC_URI=http://{}:9001", host_ip),
"-e",
"PENPOT_FLAGS=disable-email-verification enable-smtp enable-prepl-server disable-secure-session-cookies",
"80.71.235.15:3000/archipelago/penpot-frontend:2.4",
"git.tx1138.com/lfg2025/penpot-frontend:2.4",
])
.output()
.await

16
core/archipelago/src/container/image_versions.rs
View File

@ -194,11 +194,11 @@ pub fn pinned_image_for_app(app_id: &str) -> Option<String> {
}
/// Extract version tag from a full image reference.
/// e.g. "80.71.235.15:3000/archipelago/lnd:v0.18.4-beta" → "v0.18.4-beta"
/// e.g. "git.tx1138.com/lfg2025/lnd:v0.18.4-beta" → "v0.18.4-beta"
/// Returns "latest" if no tag or tag is empty.
pub fn extract_version_from_image(image: &str) -> String {
// Split off the tag after the last colon, but only if it comes after the last slash
// (to avoid splitting on registry port like "80.71.235.15:3000")
// (to avoid splitting on registry port like "registry.example.com:3000")
if let Some(slash_pos) = image.rfind('/') {
let after_slash = &image[slash_pos..];
if let Some(colon_pos) = after_slash.rfind(':') {
@ -259,11 +259,11 @@ mod tests {
#[test]
fn test_extract_version() {
assert_eq!(
extract_version_from_image("80.71.235.15:3000/archipelago/lnd:v0.18.4-beta"),
extract_version_from_image("git.tx1138.com/lfg2025/lnd:v0.18.4-beta"),
"v0.18.4-beta"
);
assert_eq!(
extract_version_from_image("80.71.235.15:3000/archipelago/grafana:10.2.0"),
extract_version_from_image("git.tx1138.com/lfg2025/grafana:10.2.0"),
"10.2.0"
);
assert_eq!(
@ -271,7 +271,7 @@ mod tests {
"latest"
);
assert_eq!(
extract_version_from_image("80.71.235.15:3000/archipelago/bitcoin-knots:latest"),
extract_version_from_image("git.tx1138.com/lfg2025/bitcoin-knots:latest"),
"latest"
);
}
@ -279,7 +279,7 @@ mod tests {
#[test]
fn test_parse_image_versions() {
let content = r#"
ARCHY_REGISTRY="80.71.235.15:3000/archipelago"
ARCHY_REGISTRY="git.tx1138.com/lfg2025"
LND_IMAGE="$ARCHY_REGISTRY/lnd:v0.18.4-beta"
GRAFANA_IMAGE="$ARCHY_REGISTRY/grafana:10.2.0"
# comment
@ -288,11 +288,11 @@ NOT_AN_IMAGE="something"
let parsed = parse_image_versions(content);
assert_eq!(
parsed.get("LND_IMAGE"),
Some(&"80.71.235.15:3000/archipelago/lnd:v0.18.4-beta".to_string())
Some(&"git.tx1138.com/lfg2025/lnd:v0.18.4-beta".to_string())
);
assert_eq!(
parsed.get("GRAFANA_IMAGE"),
Some(&"80.71.235.15:3000/archipelago/grafana:10.2.0".to_string())
Some(&"git.tx1138.com/lfg2025/grafana:10.2.0".to_string())
);
assert!(!parsed.contains_key("NOT_AN_IMAGE"));
assert!(!parsed.contains_key("ARCHY_REGISTRY"));

2
docker/bitcoin-ui/Dockerfile
View File

@ -1,4 +1,4 @@
FROM 80.71.235.15:3000/archipelago/nginx:1.27.4-alpine
FROM git.tx1138.com/lfg2025/nginx:1.27.4-alpine
COPY index.html /usr/share/nginx/html/
COPY 50x.html /usr/share/nginx/html/
COPY nginx.conf /etc/nginx/conf.d/default.conf

2
docker/electrs-ui/Dockerfile
View File

@ -1,4 +1,4 @@
FROM 80.71.235.15:3000/archipelago/nginx:1.27.4-alpine
FROM git.tx1138.com/lfg2025/nginx:1.27.4-alpine
COPY index.html /usr/share/nginx/html/
COPY 50x.html /usr/share/nginx/html/
COPY qrcode.js /usr/share/nginx/html/

2
docker/fips-ui/Dockerfile
View File

@ -1,4 +1,4 @@
FROM 80.71.235.15:3000/archipelago/nginx:1.27.4-alpine
FROM git.tx1138.com/lfg2025/nginx:1.27.4-alpine
COPY index.html /usr/share/nginx/html/
COPY nginx.conf /etc/nginx/conf.d/default.conf
RUN sed -i 's/^user nginx;/user root;/' /etc/nginx/nginx.conf && \

2
docker/lnd-ui/Dockerfile
View File

@ -1,4 +1,4 @@
FROM 80.71.235.15:3000/archipelago/nginx:1.27.4-alpine
FROM git.tx1138.com/lfg2025/nginx:1.27.4-alpine
# Copy the HTML file
COPY index.html /usr/share/nginx/html/

2
docker/nostr-vpn-ui/Dockerfile
View File

@ -1,4 +1,4 @@
FROM 80.71.235.15:3000/archipelago/nginx:1.27.4-alpine
FROM git.tx1138.com/lfg2025/nginx:1.27.4-alpine
COPY index.html /usr/share/nginx/html/
COPY nginx.conf /etc/nginx/conf.d/default.conf
RUN sed -i 's/^user nginx;/user root;/' /etc/nginx/nginx.conf && \

4
docs/container-architecture.html
View File

@ -842,8 +842,8 @@
</ul>
<h4>Registry</h4>
<ul>
<li>Private registry at <code>80.71.235.15:3000/archipelago/</code></li>
<li>HTTP only (insecure, self-hosted Gitea)</li>
<li>Private registry at <code>git.tx1138.com/lfg2025/</code></li>
<li>HTTPS (self-hosted Gitea)</li>
<li>All images pre-pulled into registry; nodes pull on first boot</li>
</ul>
</div>

12
image-recipe/build-auto-installer-iso.sh
View File

@ -216,7 +216,7 @@ check_tools() {
mkdir -p /etc/containers/registries.conf.d
cat > /etc/containers/registries.conf.d/archipelago.conf <<'REGCONF'
[[registry]]
location = "80.71.235.15:3000"
location = "git.tx1138.com"
insecure = true
REGCONF
fi
@ -986,7 +986,7 @@ fi
# If built against a newer GLIBC, the binary will fail at runtime.
# Rebuild with: FROM debian:13 AS builder
echo " Extracting NostrVPN binary..."
_NVPN_IMG="${NOSTR_VPN_IMAGE:-80.71.235.15:3000/archipelago/nostr-vpn:v0.3.7}"
_NVPN_IMG="${NOSTR_VPN_IMAGE:-git.tx1138.com/lfg2025/nostr-vpn:v0.3.7}"
NVPN_IMAGE_ID="$($CONTAINER_CMD images -q "$_NVPN_IMG" 2>/dev/null)"
if [ -z "$NVPN_IMAGE_ID" ]; then
$CONTAINER_CMD pull "$_NVPN_IMG" 2>/dev/null || true
@ -1017,11 +1017,11 @@ fi
# Extract nostr-rs-relay binary from container image (native system service for VPN signaling)
echo " Extracting nostr-rs-relay binary..."
RELAY_IMAGE="$($CONTAINER_CMD images -q 80.71.235.15:3000/archipelago/nostr-rs-relay:0.9.0 2>/dev/null)"
RELAY_IMAGE="$($CONTAINER_CMD images -q git.tx1138.com/lfg2025/nostr-rs-relay:0.9.0 2>/dev/null)"
if [ -z "$RELAY_IMAGE" ]; then
$CONTAINER_CMD pull 80.71.235.15:3000/archipelago/nostr-rs-relay:0.9.0 2>/dev/null || true
$CONTAINER_CMD pull git.tx1138.com/lfg2025/nostr-rs-relay:0.9.0 2>/dev/null || true
fi
RELAY_CONTAINER=$($CONTAINER_CMD create 80.71.235.15:3000/archipelago/nostr-rs-relay:0.9.0 2>/dev/null) || true
RELAY_CONTAINER=$($CONTAINER_CMD create git.tx1138.com/lfg2025/nostr-rs-relay:0.9.0 2>/dev/null) || true
if [ -n "$RELAY_CONTAINER" ]; then
$CONTAINER_CMD cp "$RELAY_CONTAINER:/usr/local/bin/nostr-rs-relay" "$ARCH_DIR/bin/nostr-rs-relay" 2>/dev/null && \
chmod +x "$ARCH_DIR/bin/nostr-rs-relay" && \
@ -2112,7 +2112,7 @@ ln -sf /var/lib/archipelago/containers/storage /mnt/target/home/archipelago/.loc
# Configure Archipelago app registry (HTTP, insecure)
cat > /mnt/target/home/archipelago/.config/containers/registries.conf <<'REGCONF'
[[registry]]
location = "80.71.235.15:3000"
location = "git.tx1138.com"
insecure = true
REGCONF
chown -R 1000:1000 /mnt/target/home/archipelago/.config

4
image-recipe/scripts/install-podman.sh
View File

@ -28,10 +28,10 @@ EOF
mkdir -p /home/archipelago/.config/containers/registries.conf.d
cat > /home/archipelago/.config/containers/registries.conf.d/000-shortnames.conf <<EOF
[registries.search]
registries = ['80.71.235.15:3000', 'docker.io', 'quay.io', 'ghcr.io']
registries = ['git.tx1138.com', 'docker.io', 'quay.io', 'ghcr.io']
[registries.insecure]
registries = ['80.71.235.15:3000']
registries = ['git.tx1138.com']
[registries.block]
registries = []

2
neode-ui/src/stores/container.ts
View File

@ -31,7 +31,7 @@ export const BUNDLED_APPS: BundledApp[] = [
{
id: 'bitcoin-knots',
name: 'Bitcoin Knots',
image: '80.71.235.15:3000/archipelago/bitcoin-knots:latest',
image: 'git.tx1138.com/lfg2025/bitcoin-knots:latest',
description: 'Full Bitcoin node with additional features',
icon: '₿',
ports: [{ host: 8334, container: 80 }],

2
neode-ui/src/views/MarketplaceAppDetails.vue
View File

@ -444,7 +444,7 @@ const features = computed(() => {
})
/** App dependency definitions */
const R = '80.71.235.15:3000/archipelago'
const R = 'git.tx1138.com/lfg2025'
const APP_DEPENDENCIES: Record<string, { id: string; title: string; dockerImage: string }[]> = {
'electrumx': [{ id: 'bitcoin-knots', title: 'Bitcoin Knots', dockerImage: `${R}/bitcoin-knots:latest` }],
'lnd': [{ id: 'bitcoin-knots', title: 'Bitcoin Knots', dockerImage: `${R}/bitcoin-knots:latest` }],

2
neode-ui/src/views/discover/curatedApps.ts
View File

@ -1,6 +1,6 @@
import type { MarketplaceApp } from './types'
const R = '80.71.235.15:3000/archipelago'
const R = 'git.tx1138.com/lfg2025'
export function getCuratedAppList(): MarketplaceApp[] {
return [

2
neode-ui/src/views/marketplace/marketplaceData.ts
View File

@ -33,7 +33,7 @@ export interface InstallProgress {
}
/** Archipelago app registry — all app images are mirrored here */
const REGISTRY = '80.71.235.15:3000/archipelago'
const REGISTRY = 'git.tx1138.com/lfg2025'
/** Marketplace app ID -> backend package keys (for "Already Installed" when first-boot/deploy created them) */
export const INSTALLED_ALIASES: Record<string, string[]> = {

4
scripts/bootstrap-switchover.sh
View File

@ -78,7 +78,7 @@ if $DOCKER ps -a --format '{{.Names}}' 2>/dev/null | grep -q '^electrumx$'; then
-e "DAEMON_URL=http://${RPC_USER}:${RPC_PASS}@bitcoin-knots:8332/" \
-e COIN=Bitcoin -e DB_DIRECTORY=/data \
-e "SERVICES=tcp://:50001,rpc://0.0.0.0:8000" \
"${ELECTRUMX_IMAGE:-80.71.235.15:3000/archipelago/electrumx:v1.18.0}"
"${ELECTRUMX_IMAGE:-git.tx1138.com/lfg2025/electrumx:v1.18.0}"
fi
# Mempool API
@ -98,7 +98,7 @@ if $DOCKER ps -a --format '{{.Names}}' 2>/dev/null | grep -q '^mempool-api$'; th
-e "DATABASE_ENABLED=true" -e "DATABASE_HOST=archy-mempool-db" \
-e "DATABASE_DATABASE=mempool" -e "DATABASE_USERNAME=mempool" \
-e "DATABASE_PASSWORD=$(cat "$SECRETS_DIR/mempool-db-password" 2>/dev/null || echo mempoolpass)" \
"${MEMPOOL_API_IMAGE:-80.71.235.15:3000/archipelago/mempool-api:v3.2.0}"
"${MEMPOOL_API_IMAGE:-git.tx1138.com/lfg2025/mempool-api:v3.2.0}"
fi
# Stop Tor tunnel if it was active

2
scripts/deploy-bitcoin-knots.sh
View File

@ -74,7 +74,7 @@ mkdir -p "$BUILD_DIR"
# Create Dockerfile
cat > "$BUILD_DIR/Dockerfile" << 'EOF'
FROM ${NGINX_ALPINE_IMAGE:-80.71.235.15:3000/archipelago/nginx:1.29.6-alpine}
FROM ${NGINX_ALPINE_IMAGE:-git.tx1138.com/lfg2025/nginx:1.29.6-alpine}
# Copy the static UI
COPY index.html /usr/share/nginx/html/

2
scripts/dev-container-test.sh
View File

@ -146,7 +146,7 @@ run_smoke_tests() {
# Test 3: Install a lightweight container (filebrowser — small, fast, no deps)
TESTS=$((TESTS + 1))
local install_img="80.71.235.15:3000/archipelago/filebrowser:v2.27.0"
local install_img="git.tx1138.com/lfg2025/filebrowser:v2.27.0"
# Check if already installed
local fb_state
fb_state=$(ssh $SSH_OPTS "$SSH_HOST" "podman inspect filebrowser --format '{{.State.Status}}' 2>/dev/null || echo 'none'")

2
scripts/first-boot-containers.sh
View File

@ -9,7 +9,7 @@
#
# Image versions: sourced from /opt/archipelago/image-versions.sh (single source of truth).
# All container image references use the $*_IMAGE variables defined there.
# Images pull from the Archipelago app registry (80.71.235.15:3000/archipelago/).
# Images pull from the Archipelago app registry (git.tx1138.com/lfg2025/).
#
# --- PLANNED REFACTOR (post-beta) ---
# This script is ~995 lines and should be split into a modular library.

6
scripts/image-versions.sh
View File

@ -5,12 +5,12 @@
# Usage: source /opt/archipelago/image-versions.sh 2>/dev/null || true
# source "$(dirname "$0")/image-versions.sh" 2>/dev/null || true
#
# Tags MUST match what's actually in the registry at 80.71.235.15:3000/archipelago/
# Run: podman images --format '{{.Repository}}:{{.Tag}}' | grep '80.71' | sort
# Tags MUST match what's actually in the registry at git.tx1138.com/lfg2025/
# Run: podman images --format '{{.Repository}}:{{.Tag}}' | grep 'git.tx1138' | sort
# to verify against the registry.
# Archipelago app registry
ARCHY_REGISTRY="80.71.235.15:3000/archipelago"
ARCHY_REGISTRY="git.tx1138.com/lfg2025"
# Bitcoin stack
BITCOIN_KNOTS_IMAGE="$ARCHY_REGISTRY/bitcoin-knots:latest"

2
scripts/validate-app-manifest.sh
View File

@ -86,7 +86,7 @@ else
# Check trusted registry
TRUSTED=false
for reg in "docker.io" "ghcr.io" "quay.io" "registry.hub.docker.com" "80.71.235.15:3000"; do
for reg in "docker.io" "ghcr.io" "quay.io" "registry.hub.docker.com" "git.tx1138.com"; do
if echo "$IMAGE" | grep -q "$reg"; then
TRUSTED=true
break