alpha.16 (#3068)

* add support for idmapped mounts to start-sdk

* misc fixes

* misc fixes

* add default to textarea

* fix iptables masquerade rule

* fix textarea types

* more fixes

* better logging for rsync

* fix tty size

* fix wg conf generation for android

* disable file mounts on dependencies

* mostly there, some styling issues (#3069)

* mostly there, some styling issues

* fix: address comments (#3070)

* fix: address comments

* fix: fix

* show SSL for any address with secure protocol and ssl added

* better sorting and messaging

---------

Co-authored-by: Alex Inkin <alexander@inkin.ru>

* fixes for nextcloud

* allow sidebar navigation during service state traansitions

* wip: x-forwarded headers

* implement x-forwarded-for proxy

* lowercase domain names and fix warning popover bug

* fix http2 websockets

* fix websocket retry behavior

* add arch filters to s9pk pack

* use docker for start-cli install

* add version range to package signer on registry

* fix rcs < 0

* fix user information parsing

* refactor service interface getters

* disable idmaps

* build fixes

* update docker login action

* streamline build

* add start-cli workflow

* rename

* riscv64gc

* fix ui packing

* no default features on cli

* make cli depend on GIT_HASH

* more build fixes

* more build fixes

* interpolate arch within dockerfile

* fix tests

* add launch ui to service page plus other small improvements (#3075)

* add launch ui to service page plus other small improvements

* revert translation disable

* add spinner to service list if service is health and loading

* chore: some visual tune up

* chore: update Taiga UI

---------

Co-authored-by: waterplea <alexander@inkin.ru>

* fix backups

* feat: use arm hosted runners and don't fail when apt package does not exist (#3076)

---------

Co-authored-by: Matt Hill <mattnine@protonmail.com>
Co-authored-by: Shadowy Super Coder <musashidisciple@proton.me>
Co-authored-by: Matt Hill <MattDHill@users.noreply.github.com>
Co-authored-by: Alex Inkin <alexander@inkin.ru>
Co-authored-by: Remco Ros <remcoros@live.nl>

sdk/package/lib/mainFn/Daemon.ts

@@ -51,7 +51,9 @@ export class Daemon<
         )
       const res = new Daemon(subc, startCommand)
       effects.onLeaveContext(() => {
-        res.stop().catch((e) => console.error(asError(e)))
+        res
+          .term({ destroySubcontainer: true })
+          .catch((e) => console.error(asError(e)))
       })
       return res
     }
@@ -72,7 +74,7 @@ export class Daemon<
           this.commandController = await this.startCommand()
           if (!this.shouldBeRunning) {
             // handles race condition if stopped while starting
-            await this.stop()
+            await this.term()
             break
           }
           const success = await this.commandController.wait().then(
@@ -107,12 +109,7 @@ export class Daemon<
   async term(termOptions?: {
     signal?: NodeJS.Signals | undefined
     timeout?: number | undefined
-  }) {
-    return this.stop(termOptions)
-  }
-  async stop(termOptions?: {
-    signal?: NodeJS.Signals | undefined
-    timeout?: number | undefined
+    destroySubcontainer?: boolean
   }) {
     this.shouldBeRunning = false
     this.exitedSuccess = false
@@ -122,7 +119,9 @@ export class Daemon<
         .catch((e) => console.error(asError(e)))
       this.commandController = null
       this.onExitFns = []
-      await this.subcontainer?.destroy()
+      if (termOptions?.destroySubcontainer) {
+        await this.subcontainer?.destroy()
+      }
     }
   }
   subcontainerRc(): SubContainerRc<Manifest> | null {
@@ -132,6 +131,6 @@ export class Daemon<
     this.onExitFns.push(fn)
   }
   onDrop(): void {
-    this.stop().catch((e) => console.error(asError(e)))
+    this.term().catch((e) => console.error(asError(e)))
   }
 }

sdk/package/lib/mainFn/Daemons.ts

@@ -55,7 +55,7 @@ export type ExecCommandOptions = {
   runAsInit?: boolean
   env?:
     | {
-        [variable: string]: string
+        [variable in string]?: string
       }
     | undefined
   cwd?: string | undefined
@@ -412,16 +412,12 @@ export class Daemons<Manifest extends T.SDKManifest, Ids extends string>
   }
 
   async term() {
-    try {
-      for (let result of await Promise.allSettled(
-        this.healthDaemons.map((x) => x.term()),
-      )) {
-        if (result.status === "rejected") {
-          console.error(result.reason)
-        }
+    for (let result of await Promise.allSettled(
+      this.healthDaemons.map((x) => x.term({ destroySubcontainer: true })),
+    )) {
+      if (result.status === "rejected") {
+        console.error(result.reason)
       }
-    } finally {
-      this.effects.setMainStatus({ status: "stopped" })
     }
   }
 

sdk/package/lib/mainFn/HealthDaemon.ts

@@ -54,6 +54,7 @@ export class HealthDaemon<Manifest extends SDKManifest> {
   async term(termOptions?: {
     signal?: NodeJS.Signals | undefined
     timeout?: number | undefined
+    destroySubcontainer?: boolean
   }) {
     this.healthWatchers = []
     this.running = false
@@ -87,7 +88,7 @@ export class HealthDaemon<Manifest extends SDKManifest> {
       this.started = performance.now()
     } else {
       console.debug(`Stopping ${this.id}...`)
-      ;(await this.daemon)?.stop()
+      ;(await this.daemon)?.term()
       this.turnOffHealthCheck()
 
       this.setHealth({ result: "starting", message: null })
@@ -143,7 +144,6 @@ export class HealthDaemon<Manifest extends SDKManifest> {
         const response: HealthCheckResult = await Promise.resolve(
           this.ready.fn(),
         ).catch((err) => {
-          console.error(asError(err))
           return {
             result: "failure",
             message: "message" in err ? err.message : String(err),
@@ -188,6 +188,9 @@ export class HealthDaemon<Manifest extends SDKManifest> {
       performance.now() - this.started <= (this.ready.gracePeriod ?? 10_000)
     )
       result = "starting"
+    if (result === "failure") {
+      console.error(`Health Check ${this.id} failed:`, health.message)
+    }
     await this.effects.setHealth({
       ...health,
       id: this.id,

sdk/package/lib/mainFn/Mounts.ts

@@ -1,5 +1,5 @@
 import * as T from "../../../base/lib/types"
-import { MountOptions } from "../util/SubContainer"
+import { IdMap, MountOptions } from "../util/SubContainer"
 
 type MountArray = { mountpoint: string; options: MountOptions }[]
 
@@ -14,6 +14,23 @@ type SharedOptions = {
    * defaults to "directory"
    * */
   type?: "file" | "directory" | "infer"
+  // /**
+  //  * Whether to map uids/gids for the mount
+  //  *
+  //  * https://www.kernel.org/doc/html/latest/filesystems/idmappings.html
+  //  */
+  // idmap?: {
+  //   /** The (starting) id of the data on the filesystem (u) */
+  //   fromId: number
+  //   /** The (starting) id of the data in the mount point (k) */
+  //   toId: number
+  //   /**
+  //    * Optional: the number of incremental ids to map (r)
+  //    *
+  //    * defaults to 1
+  //    * */
+  //   range?: number
+  // }[]
 }
 
 type VolumeOpts<Manifest extends T.SDKManifest> = {
@@ -114,6 +131,7 @@ export class Mounts<
             subpath: v.subpath,
             readonly: v.readonly,
             filetype: v.type ?? "directory",
+            idmap: [],
           },
         })),
       )
@@ -124,6 +142,7 @@ export class Mounts<
             type: "assets",
             subpath: a.subpath,
             filetype: a.type ?? "directory",
+            idmap: [],
           },
         })),
       )
@@ -137,6 +156,7 @@ export class Mounts<
             subpath: d.subpath,
             readonly: d.readonly,
             filetype: d.type ?? "directory",
+            idmap: [],
           },
         })),
       )

sdk/package/lib/mainFn/index.ts

@@ -3,7 +3,7 @@ import { Daemons } from "./Daemons"
 import "../../../base/lib/interfaces/ServiceInterfaceBuilder"
 import "../../../base/lib/interfaces/Origin"
 
-export const DEFAULT_SIGTERM_TIMEOUT = 30_000
+export const DEFAULT_SIGTERM_TIMEOUT = 60_000
 /**
  * Used to ensure that the main function is running with the valid proofs.
  * We first do the folowing order of things