archy/apps/indeedhub/manifest.yml
archipelago dacdab9f6e chore: release v1.7.45-alpha
Resilience-validated release. Three full sweeps of the new resilience
harness against .228 confirm no shipstoppers.

Big user-visible:
- Bitcoin RPC auth durably correct via host-rendered nginx.conf bind-mount,
  replaces fragile post-start exec that failed under restricted-cap rootless
  podman ("crun: write cgroup.procs: Permission denied")
- Multi-container stack installs (indeedhub, immich, btcpay, mempool) now
  emit phase events at every boundary so the progress bar advances
- Apps no longer vanish from the dashboard mid-install (absent-scanner skips
  packages in transitional states)
- Indeedhub fresh installs work end-to-end (was 8500+ restart loop): five
  missing env vars (DATABASE_PORT, QUEUE_HOST, QUEUE_PORT,
  S3_PRIVATE_BUCKET_NAME, AES_MASTER_SECRET) added to install code
- Tailscale install fixed: --entrypoint string was being passed as a single
  shell-line arg; switched to custom_args array
- Catalog cleaned of broken entries (dwn, endurain, ollama removed; nextcloud
  restored on docker.io)
- Bitcoin Core update path uses correct image (was looking for nonexistent
  lfg2025/bitcoin:28.4)
- ISO installs now allocate swap on the encrypted data partition

Infra:
- New resilience harness (scripts/resilience/) — black-box state-machine
  tester, every app × every transition. Run before each release.

Sweep #3 final: PASS 107 / FAIL 12 / SKIP 14. The 12 fails are 1 cosmetic
(homeassistant trusted_hosts), 8 harness/timing false-positives, and 3
non-shipstopper tracked items. Down from 23 in baseline sweep #1.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-29 12:31:45 -04:00

76 lines
1.6 KiB
YAML

app:
id: indeedhub
name: Indeehub
version: 0.1.0
description: Bitcoin documentary streaming platform featuring God Bless Bitcoin and other educational content about Bitcoin, sovereignty, and decentralized technology. Sign in with your Nostr identity.
category: media
container:
image: 146.59.87.168:3000/lfg2025/indeedhub:latest
pull_policy: always # Pull from registry; falls back to local build
dependencies:
- storage: 1Gi
resources:
cpu_limit: 2
memory_limit: 512Mi
disk_limit: 1Gi
security:
capabilities: []
readonly_root: true
no_new_privileges: true
user: 1001
seccomp_profile: default
network_policy: bridge
apparmor_profile: default
ports:
- host: 7777
container: 3000
protocol: tcp # Web UI (Next.js)
volumes:
- type: tmpfs
target: /tmp
options: [rw,noexec,nosuid,size=64m]
- type: tmpfs
target: /app/.next/cache
options: [rw,noexec,nosuid,size=128m]
environment:
- NODE_ENV=production
- NEXT_TELEMETRY_DISABLED=1
health_check:
type: http
endpoint: http://localhost:3000
path: /
interval: 30s
timeout: 10s
retries: 3
start_period: 40s
interfaces:
main:
name: Web UI
description: Stream Bitcoin documentaries with Nostr identity
type: ui
port: 7777
protocol: http
path: /
metadata:
author: Indeehub Team
website: https://indeedhub.com
source: https://github.com/indeedhub/indeedhub
license: MIT
tags:
- bitcoin
- documentary
- streaming
- media
- education
- nostr