lfg2025/archy
1
0
Fork 0
Code Issues 9 Pull Requests Actions Packages Projects Releases 44 Wiki Activity
archy/.claude/memory/project_repo_cleanup_and_dev_env.md
Dorian 84a56c80de security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul 
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation

Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)

UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet

Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00

4.5 KiB
Raw Blame History

name, description, type
name description type
Repo Cleanup & Dev Environment Overhaul (2026-03-18) Major session — repo cleanup to archy-archive, demo seeding, dev-start.sh rewrite, ThunderHub/Fedimint/ecash, Podman install, wallet mock endpoints project

What Was Done

1. Repo Cleanup

  • Moved ~200 files (docs, scripts, loops, legacy Docker UIs, duplicate videos) to ~/Projects/archy-archive/ (outside repo)
  • Kept: all active docs (BETA-PROGRESS, MASTER_PLAN, architecture, ADRs, api-reference, developer-guide, troubleshooting, operations-runbook), all source code, active scripts
  • Three "user's call" docs kept: multi-node-architecture.md, marketplace-protocol.md, app-developer-guide.md

2. docker-compose.yml Switched from Regtest to Signet

  • All Bitcoin/LND/Fedimint containers now use signet (not regtest)
  • Ports updated: RPC 38332, P2P 38333
  • Removed archived bitcoin-ui and lnd-ui nginx services (referenced deleted docker/ dir)
  • Added ThunderHub service (port 3010) to main compose

3. New Testnet Compose (docker-compose.testnet.yml)

  • Standalone signet stack: bitcoind + LND + ThunderHub + Fedimint
  • Config at testnet/thunderhub-config.yaml
  • README at testnet/README.md with faucet links and commands

4. Mock Backend Enhancements (neode-ui/mock-backend.js)

  • Container socket auto-detection: tries DOCKER_HOST → Podman TMPDIR socket → Docker socket → null (simulation). No more /var/run/docker.sock spam
  • 8 static dev apps (was 6): added ThunderHub (port 3010) and Fedimint (port 8175)
  • 25+ new RPC endpoints: lnd.getinfo, lnd.newaddress, lnd.createinvoice, lnd.payinvoice, lnd.sendcoins, lnd.listchannels, lnd.openchannel, lnd.closechannel, wallet.ecash-balance, wallet.ecash-send, wallet.ecash-receive, wallet.ecash-history, wallet.networking-profits, bitcoin.getinfo, system.stats, update.status, network.list-requests, dev.faucet, etc.
  • Fedimint version synced to 0.10.0, port fixed from 8174 → 8175
  • 5 realistic notifications (was empty array)
  • Mock ThunderHub UI at /app/thunderhub/ — full HTML dashboard

5. Dev Scripts Fixed

  • neode-ui/start-dev.sh: removed broken start-docker-apps.sh call, fixed EAGAIN via safe while read loop
  • neode-ui/stop-dev.sh: removed broken stop-docker-apps.sh call
  • neode-ui/package.json: removed stale prebuild, added --raw to concurrently (fixes EAGAIN pgrep spawn)
  • scripts/dev-start.sh: complete rewrite with 8 options including boot mode and testnet stack

6. ThunderHub Added Everywhere

  • Icon: neode-ui/public/assets/img/app-icons/thunderhub.svg
  • Mock backend: portMappings, marketplaceMetadata, staticDevApps, marketplace.get()
  • Marketplace.vue: getCuratedAppList(), recommended tier
  • appLauncher.ts: PORT_TO_APP_ID '3010': 'thunderhub'

7. Podman Installed on Mac

  • podman 5.8.1 + podman-compose 1.5.0 via Homebrew
  • Machine initialized and running

8. Home Wallet Card

  • Fixed lnd.getinfo response to include balance_sats and channel_balance_sats
  • Fixed lnd.gettransactions to use amount_sats and include incoming_pending_count
  • Added Faucet button (green) — calls dev.faucet RPC
  • Grid changed from 3-col to 4-col (Send, Receive, Faucet, Web5)

9. Developer Onboarding Docs

  • neode-ui/README.md: full rewrite
  • neode-ui/DEV-SCRIPTS.md: updated with actual 8 static apps

Current State / Resume Here

  • npm start works — no Docker needed, all wallet actions mocked, 8 apps visible
  • Send/Receive modals open from Home wallet card — if still issues, check browser console
  • Faucet button calls dev.faucet and refreshes balances
  • Not yet tested: podman-compose -f docker-compose.testnet.yml up (signet sync ~10 min)
  • Not yet committed — all changes are local, uncommitted
  • Demo prod server not redeployed — push changes then redeploy via Portainer

Key Files Modified This Session

  • neode-ui/mock-backend.js (major — container socket, 25+ RPC endpoints, ThunderHub mock UI)
  • neode-ui/src/views/Home.vue (faucet button, 4-col grid)
  • neode-ui/src/views/Marketplace.vue (ThunderHub entry)
  • neode-ui/src/stores/appLauncher.ts (ThunderHub port)
  • neode-ui/start-dev.sh, neode-ui/stop-dev.sh, neode-ui/package.json
  • scripts/dev-start.sh (complete rewrite)
  • docker-compose.yml (regtest→signet, ThunderHub, removed archived UIs)
  • docker-compose.testnet.yml (new)
  • testnet/thunderhub-config.yaml, testnet/README.md (new)
  • neode-ui/public/assets/img/app-icons/thunderhub.svg (new)
  • neode-ui/README.md, neode-ui/DEV-SCRIPTS.md (rewrites)