Feature/start tunnel (#3037)

* fix live-build resolv.conf * improved debuggability * wip: start-tunnel * fixes for trixie and tor * non-free-firmware on trixie * wip * web server WIP * wip: tls refactor * FE patchdb, mocks, and most endpoints * fix editing records and patch mocks * refactor complete * finish api * build and formatter update * minor change toi viewing addresses and fix build * fixes * more providers * endpoint for getting config * fix tests * api fixes * wip: separate port forward controller into parts * simplify iptables rules * bump sdk * misc fixes * predict next subnet and ip, use wan ips, and form validation * refactor: break big components apart and address todos (#3043) * refactor: break big components apart and address todos * starttunnel readme, fix pf mocks, fix adding tor domain in startos --------- Co-authored-by: Matt Hill <mattnine@protonmail.com> * better tui * tui tweaks * fix: address comments * better regex for subnet * fixes * better validation * handle rpc errors * build fixes * fix: address comments (#3044) * fix: address comments * fix unread notification mocks * fix row click for notification --------- Co-authored-by: Matt Hill <mattnine@protonmail.com> * fix raspi build * fix build * fix build * fix build * fix build * try to fix build * fix tests * fix tests * fix rsync tests * delete useless effectful test --------- Co-authored-by: Matt Hill <mattnine@protonmail.com> Co-authored-by: Alex Inkin <alexander@inkin.ru>
2026-03-30 20:14:49 +00:00 · 2025-11-07 03:12:05 -07:00
parent 1ea525feaa
commit 68f401bfa3
229 changed files with 17255 additions and 10553 deletions
--- a/web/projects/ui/src/app/services/api/api.fixures.ts
+++ b/web/projects/ui/src/app/services/api/api.fixures.ts
@@ -110,7 +110,7 @@ export namespace Mock {
      squashfs: {
        aarch64: {
          publishedAt: '2025-04-21T20:58:48.140749883Z',
-          url: 'https://alpha-registry-x.start9.com/startos/v0.4.0-alpha.11/startos-0.4.0-alpha.11-33ae46f~dev_aarch64.squashfs',
+          url: 'https://alpha-registry-x.start9.com/startos/v0.4.0-alpha.12/startos-0.4.0-alpha.12-33ae46f~dev_aarch64.squashfs',
          commitment: {
            hash: '4elBFVkd/r8hNadKmKtLIs42CoPltMvKe2z3LRqkphk=',
            size: 1343500288,
@@ -122,7 +122,7 @@ export namespace Mock {
        },
        'aarch64-nonfree': {
          publishedAt: '2025-04-21T21:07:00.249285116Z',
-          url: 'https://alpha-registry-x.start9.com/startos/v0.4.0-alpha.11/startos-0.4.0-alpha.11-33ae46f~dev_aarch64-nonfree.squashfs',
+          url: 'https://alpha-registry-x.start9.com/startos/v0.4.0-alpha.12/startos-0.4.0-alpha.12-33ae46f~dev_aarch64-nonfree.squashfs',
          commitment: {
            hash: 'MrCEi4jxbmPS7zAiGk/JSKlMsiuKqQy6RbYOxlGHOIQ=',
            size: 1653075968,
@@ -134,7 +134,7 @@ export namespace Mock {
        },
        raspberrypi: {
          publishedAt: '2025-04-21T21:16:12.933319237Z',
-          url: 'https://alpha-registry-x.start9.com/startos/v0.4.0-alpha.11/startos-0.4.0-alpha.11-33ae46f~dev_raspberrypi.squashfs',
+          url: 'https://alpha-registry-x.start9.com/startos/v0.4.0-alpha.12/startos-0.4.0-alpha.12-33ae46f~dev_raspberrypi.squashfs',
          commitment: {
            hash: '/XTVQRCqY3RK544PgitlKu7UplXjkmzWoXUh2E4HCw0=',
            size: 1490731008,
@@ -146,7 +146,7 @@ export namespace Mock {
        },
        x86_64: {
          publishedAt: '2025-04-21T21:14:20.246908903Z',
-          url: 'https://alpha-registry-x.start9.com/startos/v0.4.0-alpha.11/startos-0.4.0-alpha.11-33ae46f~dev_x86_64.squashfs',
+          url: 'https://alpha-registry-x.start9.com/startos/v0.4.0-alpha.12/startos-0.4.0-alpha.12-33ae46f~dev_x86_64.squashfs',
          commitment: {
            hash: '/6romKTVQGSaOU7FqSZdw0kFyd7P+NBSYNwM3q7Fe44=',
            size: 1411657728,
@@ -158,7 +158,7 @@ export namespace Mock {
        },
        'x86_64-nonfree': {
          publishedAt: '2025-04-21T21:15:17.955265284Z',
-          url: 'https://alpha-registry-x.start9.com/startos/v0.4.0-alpha.11/startos-0.4.0-alpha.11-33ae46f~dev_x86_64-nonfree.squashfs',
+          url: 'https://alpha-registry-x.start9.com/startos/v0.4.0-alpha.12/startos-0.4.0-alpha.12-33ae46f~dev_x86_64-nonfree.squashfs',
          commitment: {
            hash: 'HCRq9sr/0t85pMdrEgNBeM4x11zVKHszGnD1GDyZbSE=',
            size: 1731035136,
@@ -385,7 +385,7 @@ export namespace Mock {
            docsUrl: 'https://bitcoin.org',
            releaseNotes: 'Even better support for Bitcoin and wallets!',
            osVersion: '0.3.6',
-            sdkVersion: '0.4.0-beta.41',
+            sdkVersion: '0.4.0-beta.42',
            gitHash: 'fakehash',
            icon: BTC_ICON,
            sourceVersion: null,
@@ -420,7 +420,7 @@ export namespace Mock {
            docsUrl: 'https://bitcoinknots.org',
            releaseNotes: 'Even better support for Bitcoin and wallets!',
            osVersion: '0.3.6',
-            sdkVersion: '0.4.0-beta.41',
+            sdkVersion: '0.4.0-beta.42',
            gitHash: 'fakehash',
            icon: BTC_ICON,
            sourceVersion: null,
@@ -465,7 +465,7 @@ export namespace Mock {
            docsUrl: 'https://bitcoin.org',
            releaseNotes: 'Even better support for Bitcoin and wallets!',
            osVersion: '0.3.6',
-            sdkVersion: '0.4.0-beta.41',
+            sdkVersion: '0.4.0-beta.42',
            gitHash: 'fakehash',
            icon: BTC_ICON,
            sourceVersion: null,
@@ -500,7 +500,7 @@ export namespace Mock {
            docsUrl: 'https://bitcoinknots.org',
            releaseNotes: 'Even better support for Bitcoin and wallets!',
            osVersion: '0.3.6',
-            sdkVersion: '0.4.0-beta.41',
+            sdkVersion: '0.4.0-beta.42',
            gitHash: 'fakehash',
            icon: BTC_ICON,
            sourceVersion: null,
@@ -547,7 +547,7 @@ export namespace Mock {
            docsUrl: 'https://lightning.engineering/',
            releaseNotes: 'Upstream release to 0.17.5',
            osVersion: '0.3.6',
-            sdkVersion: '0.4.0-beta.41',
+            sdkVersion: '0.4.0-beta.42',
            gitHash: 'fakehash',
            icon: LND_ICON,
            sourceVersion: null,
@@ -595,7 +595,7 @@ export namespace Mock {
            docsUrl: 'https://lightning.engineering/',
            releaseNotes: 'Upstream release to 0.17.4',
            osVersion: '0.3.6',
-            sdkVersion: '0.4.0-beta.41',
+            sdkVersion: '0.4.0-beta.42',
            gitHash: 'fakehash',
            icon: LND_ICON,
            sourceVersion: null,
@@ -647,7 +647,7 @@ export namespace Mock {
          docsUrl: 'https://bitcoin.org',
          releaseNotes: 'Even better support for Bitcoin and wallets!',
          osVersion: '0.3.6',
-          sdkVersion: '0.4.0-beta.41',
+          sdkVersion: '0.4.0-beta.42',
          gitHash: 'fakehash',
          icon: BTC_ICON,
          sourceVersion: null,
@@ -682,7 +682,7 @@ export namespace Mock {
          docsUrl: 'https://bitcoinknots.org',
          releaseNotes: 'Even better support for Bitcoin and wallets!',
          osVersion: '0.3.6',
-          sdkVersion: '0.4.0-beta.41',
+          sdkVersion: '0.4.0-beta.42',
          gitHash: 'fakehash',
          icon: BTC_ICON,
          sourceVersion: null,
@@ -727,7 +727,7 @@ export namespace Mock {
          docsUrl: 'https://lightning.engineering/',
          releaseNotes: 'Upstream release and minor fixes.',
          osVersion: '0.3.6',
-          sdkVersion: '0.4.0-beta.41',
+          sdkVersion: '0.4.0-beta.42',
          gitHash: 'fakehash',
          icon: LND_ICON,
          sourceVersion: null,
@@ -775,7 +775,7 @@ export namespace Mock {
          marketingSite: '',
          releaseNotes: 'Upstream release and minor fixes.',
          osVersion: '0.3.6',
-          sdkVersion: '0.4.0-beta.41',
+          sdkVersion: '0.4.0-beta.42',
          gitHash: 'fakehash',
          icon: PROXY_ICON,
          sourceVersion: null,
--- a/web/projects/ui/src/app/services/api/embassy-live-api.service.ts
+++ b/web/projects/ui/src/app/services/api/embassy-live-api.service.ts
@@ -794,10 +794,18 @@ export class LiveApiService extends ApiService {
        )
        return res.body
      }
-      const computedDigest = Buffer.from(blake3(data)).toString('base64')
-      if (`blake3=:${computedDigest}:` === digest) return res.body
-      console.debug(computedDigest, digest)
-      throw new Error('File digest mismatch.')
+      const [alg, hash] = digest.split('=', 2)
+      if (alg === 'blake3') {
+        if (
+          Buffer.from(blake3(data)).compare(
+            Buffer.from(hash?.replace(/:/g, '') || '', 'base64'),
+          ) !== 0
+        ) {
+          throw new Error('File digest mismatch.')
+        }
+      } else {
+        console.warn(`Unknown Repr-Digest algorithm ${alg}`)
+      }
    }
    return res.body
  }
--- a/web/projects/ui/src/app/services/api/mock-patch.ts
+++ b/web/projects/ui/src/app/services/api/mock-patch.ts
@@ -194,7 +194,7 @@ export const mockPatchData: DataModel = {
        staticServers: null,
      },
    },
-    unreadNotificationCount: 4,
+    unreadNotificationCount: 5,
    // password is asdfasdf
    passwordHash:
      '$argon2d$v=19$m=1024,t=1,p=1$YXNkZmFzZGZhc2RmYXNkZg$Ceev1I901G6UwU+hY0sHrFZ56D+o+LNJ',
--- a/web/projects/ui/src/app/services/badge.service.ts
+++ b/web/projects/ui/src/app/services/badge.service.ts
@@ -1,23 +1,11 @@
 import { inject, Injectable } from '@angular/core'
 import { PatchDB } from 'patch-db-client'
-import {
-  combineLatest,
-  EMPTY,
-  filter,
-  first,
-  map,
-  Observable,
-  pairwise,
-  shareReplay,
-  startWith,
-  switchMap,
-} from 'rxjs'
-import { ConnectionService } from 'src/app/services/connection.service'
-import { OSService } from 'src/app/services/os.service'
+import { combineLatest, EMPTY, map, Observable, shareReplay } from 'rxjs'
+import { LocalPackagesService } from 'src/app/services/local-packages.service'
 import { MarketplaceService } from 'src/app/services/marketplace.service'
 import { NotificationService } from 'src/app/services/notification.service'
+import { OSService } from 'src/app/services/os.service'
 import { DataModel } from 'src/app/services/patch-db/data-model'
-import { getManifest } from 'src/app/utils/get-package-data'
 import { FilterUpdatesPipe } from '../routes/portal/routes/updates/filter-updates.pipe'

@Injectable({
@@ -35,32 +23,9 @@ export class BadgeService {
  private readonly marketplaceService = inject(MarketplaceService)
  private readonly filterUpdatesPipe = inject(FilterUpdatesPipe)

-  private readonly local$ = inject(ConnectionService).pipe(
-    filter(Boolean),
-    switchMap(() => this.patch.watch$('packageData').pipe(first())),
-    switchMap(outer =>
-      this.patch.watch$('packageData').pipe(
-        pairwise(),
-        filter(([prev, curr]) =>
-          Object.values(prev).some(p => {
-            const { id } = getManifest(p)
-
-            return (
-              !curr[id] ||
-              (p.stateInfo.installingInfo &&
-                !curr[id]?.stateInfo.installingInfo)
-            )
-          }),
-        ),
-        map(([_, curr]) => curr),
-        startWith(outer),
-      ),
-    ),
-  )
-
  private readonly updates$ = combineLatest([
    this.marketplaceService.marketplace$,
-    this.local$,
+    inject(LocalPackagesService),
  ]).pipe(
    map(
      ([marketplace, local]) =>
--- a/web/projects/ui/src/app/services/gateway.service.ts
+++ b/web/projects/ui/src/app/services/gateway.service.ts
@@ -24,6 +24,11 @@ export class GatewayService {
        map(gateways =>
          Object.entries(gateways)
            .filter(([_, val]) => !!val?.ipInfo)
+            .filter(
+              ([_, val]) =>
+                val?.ipInfo?.deviceType !== 'bridge' &&
+                val?.ipInfo?.deviceType !== 'loopback',
+            )
            .map(([id, val]) => {
              const subnets =
                val.ipInfo?.subnets.map(s => utils.IpNet.parse(s)) ?? []
--- a/web/projects/ui/src/app/services/local-packages.service.ts
+++ b/web/projects/ui/src/app/services/local-packages.service.ts
@@ -0,0 +1,34 @@
+import { inject, Injectable } from '@angular/core'
+import { PatchDB } from 'patch-db-client'
+import { map, Observable, shareReplay } from 'rxjs'
+import {
+  DataModel,
+  InstalledState,
+  PackageDataEntry,
+  UpdatingState,
+} from 'src/app/services/patch-db/data-model'
+import { isInstalled, isUpdating } from 'src/app/utils/get-package-data'
+
+@Injectable({
+  providedIn: 'root',
+})
+export class LocalPackagesService extends Observable<
+  Record<string, PackageDataEntry<InstalledState | UpdatingState>>
+> {
+  private readonly stream$ = inject<PatchDB<DataModel>>(PatchDB)
+    .watch$('packageData')
+    .pipe(
+      map(pkgs =>
+        Object.entries(pkgs).reduce(
+          (acc, [id, val]) =>
+            isInstalled(val) || isUpdating(val) ? { ...acc, [id]: val } : acc,
+          {},
+        ),
+      ),
+      shareReplay({ bufferSize: 1, refCount: true }),
+    )
+
+  constructor() {
+    super(subscriber => this.stream$.subscribe(subscriber))
+  }
+}
--- a/web/projects/ui/src/app/services/notification.service.ts
+++ b/web/projects/ui/src/app/services/notification.service.ts
@@ -95,21 +95,26 @@ export class NotificationService {

  viewModal(notification: ServerNotification<number>, full = false) {
    const { data, createdAt, code, title, message } = notification
-    const label = code === 1 ? 'Backup Report' : (title as i18nKey)
-    const component = code === 1 ? REPORT : MARKDOWN
-    const content = code === 1 ? data : of(data)
-
    this.markSeen([notification])
-    this.dialogs
-      .openComponent(full ? message : component, {
-        label,
-        data: {
-          content,
-          timestamp: createdAt,
-        },
-        size: code === 1 ? 'm' : 'l',
-      })
-      .subscribe()
+
+    if (code === 1) {
+      // Backup Report
+      this.dialogs
+        .openComponent(full ? message : REPORT, {
+          label: 'Backup Report',
+          data: { content: data, createdAt },
+        })
+        .subscribe()
+    } else {
+      // Markdown viewer
+      this.dialogs
+        .openComponent(full ? message : MARKDOWN, {
+          label: title as i18nKey,
+          data: of(data),
+          size: 'l',
+        })
+        .subscribe()
+    }
  }

  private async updateCount(toAdjust: number) {
--- a/web/projects/ui/src/app/services/storage.service.ts
+++ b/web/projects/ui/src/app/services/storage.service.ts
@@ -1,4 +1,5 @@
-import { Inject, Injectable, DOCUMENT } from '@angular/core'
+import { inject, Injectable } from '@angular/core'
+import { WA_LOCAL_STORAGE } from '@ng-web-apis/common'

 const PREFIX = '_startos/'

@@ -6,9 +7,7 @@ const PREFIX = '_startos/'
  providedIn: 'root',
 })
 export class StorageService {
-  private readonly storage = this.document.defaultView!.localStorage
-
-  constructor(@Inject(DOCUMENT) private readonly document: Document) {}
+  private readonly storage = inject(WA_LOCAL_STORAGE)

  get<T>(key: string): T {
    return JSON.parse(String(this.storage.getItem(`${PREFIX}${key}`)))