archy

lfg2025/archy

Fork 0

Commit Graph

Author	SHA1	Message	Date
Dorian	8ffb10d7e0	fix: ISO build freshness, WireGuard startup, VPN status, kiosk remote doubling - ISO builder: run npm ci before npm run build to prevent stale UI artifacts - Unbundled ISO: clean container-images dir to prevent bundled tars leaking - WireGuard: use After=network.target instead of network-online.target for faster wg0 startup on install - VPN status: check actual nvpn0 interface instead of config tunnel_ip to prevent NostrVPN from showing standalone WireGuard IP - ContainerApps: filter out not-installed bundled apps (fixes Bitcoin Knots appearing on clean unbundled installs) - Kiosk: persist kiosk mode to localStorage before /kiosk redirect so App.vue can skip remote relay (fixes input doubling with companion app) - IndeedHub: fix port mapping and X-Forwarded-Prefix passthrough Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-11 13:01:10 -04:00
Dorian	b30f41f3d7	feat: standalone WireGuard from first install, fix networking stack Standalone WireGuard (wg0:51820): - New archipelago-wg.service creates wg0 independent of NostrVPN - Keypair generated on first-boot, persisted on LUKS partition - vpn.create-peer uses wg genkey/pubkey (no nvpn dependency) - wg-address service depends on archipelago-wg, not nostr-vpn Networking fixes: - Remove nos.lol from default relays (requires PoW, events rejected) - Add Tor hidden service for private relay (port 7777) — NAT'd peers can reach relay over Tor for NostrVPN signaling - Fix Tor hostname sync race: wait loop before copying hostname files - Add tor-hostnames + wireguard dirs to LUKS partition setup - Include relay in hostname sync loops (setup-tor.sh + first-boot) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-08 20:27:38 +02:00

Author

SHA1

Message

Date

Dorian

8ffb10d7e0

fix: ISO build freshness, WireGuard startup, VPN status, kiosk remote doubling

- ISO builder: run npm ci before npm run build to prevent stale UI artifacts
- Unbundled ISO: clean container-images dir to prevent bundled tars leaking
- WireGuard: use After=network.target instead of network-online.target for
  faster wg0 startup on install
- VPN status: check actual nvpn0 interface instead of config tunnel_ip to
  prevent NostrVPN from showing standalone WireGuard IP
- ContainerApps: filter out not-installed bundled apps (fixes Bitcoin Knots
  appearing on clean unbundled installs)
- Kiosk: persist kiosk mode to localStorage before /kiosk redirect so
  App.vue can skip remote relay (fixes input doubling with companion app)
- IndeedHub: fix port mapping and X-Forwarded-Prefix passthrough

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-11 13:01:10 -04:00

Dorian

b30f41f3d7

feat: standalone WireGuard from first install, fix networking stack

Standalone WireGuard (wg0:51820):
- New archipelago-wg.service creates wg0 independent of NostrVPN
- Keypair generated on first-boot, persisted on LUKS partition
- vpn.create-peer uses wg genkey/pubkey (no nvpn dependency)
- wg-address service depends on archipelago-wg, not nostr-vpn

Networking fixes:
- Remove nos.lol from default relays (requires PoW, events rejected)
- Add Tor hidden service for private relay (port 7777) — NAT'd peers
  can reach relay over Tor for NostrVPN signaling
- Fix Tor hostname sync race: wait loop before copying hostname files
- Add tor-hostnames + wireguard dirs to LUKS partition setup
- Include relay in hostname sync loops (setup-tor.sh + first-boot)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-04-08 20:27:38 +02:00

2 Commits