The Build report step was failing the entire job because `du -h` and
`tar tf` on root-owned rootfs.tar returned permission denied. Added
sudo and continue-on-error: true so the report never fails the build.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- CI: configure root podman with insecure registry so FileBrowser
image can be pulled during ISO build
- CI: chmod u+rwX on workspace and act cache to fix cleanup failure
- ISO: auto-login on tty1 (no password prompt on console)
- Frontend: add console.log debug output for onboarding routing,
health checks, and 401 redirects to diagnose session issues
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The checkout action post-cleanup fails on root-owned files in the
workspace, marking the build as failed even though the ISO was built.
Chown the entire act cache dir so cleanup succeeds.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
CI build report: checks rootfs contents (nginx, SSL, keyboard, kiosk,
lid config, backend, frontend) and ISO contents after build. Reports
in the Actions log so build issues are immediately visible.
First-boot diagnostics: one-shot systemd service runs 30s after first
boot, logs service status, nginx test, SSL certs, LUKS, podman,
kiosk, console-setup, disk, network, and journal errors to
/var/log/archipelago-first-boot-diag.log. Only runs once (ConditionPathExists).
SSH in and cat the log to debug any fresh install issues.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
sudo doesn't inherit env vars. Use absolute path and pass it
explicitly so the ISO build finds the freshly built binary
instead of falling through to podman build from source.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Remove 'local' keyword in ISO build script (not in a function)
- Add workspace permission fix step so runner can clean up after sudo
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Copy the Debian Live ISO from the server's existing build cache
into the CI workspace before running the ISO build. Saves ~10 min.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Remove the cp to /usr/local/bin that caused 'Text file busy'.
The ISO build script now accepts ARCHIPELAGO_BIN env var to find
the freshly built binary instead of requiring it installed.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
On Linux, rm on a running binary works (process keeps its fd).
Then cp creates a new inode. Restart service after.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The running binary locks the file, causing 'Text file busy' on cp.
Stop the service, copy, then restart.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The full URL form was 404. The short form lets Gitea resolve from
its configured action sources (GitHub proxy). This worked for build #7.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The runner cwd is the workspace itself, so deleting it removes the
shell's cwd. cd to home first, then clean workspace before clone.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The actions/checkout@v4 action was 404 on git.tx1138.com causing
instant build failures. Use manual git clone for reliability with
host-mode runner.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Workflow builds both variants on push to main. Manual trigger
lets you choose bundled, unbundled, or both. ISOs auto-copied
to FileBrowser /Builds/ folder for easy download.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Added YAML frontmatter to all 8 polish-* skills and sweep skill
so Claude can auto-invoke them
- New bitcoin-conventions skill with PROUX UX methodology, sats display,
address validation, Tor preferences, Lightning patterns
- Path-specific rules for containers (security hardening) and frontend
(Vue/glassmorphism conventions)
- Gitea Actions: nightly security review and weekly dependency audit
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
