misc fixes for alpha.16 (#3091)

* port misc fixes from feature/nvidia

* switch back to official tor proxy on 9050

* refactor OpenUI

* fix typo

* fixes, plus getServiceManifest

* fix EffectCreator, bump to beta.47

* fixes

core/src/auth.rs

@@ -184,7 +184,11 @@ async fn cli_login<C: SessionAuthContext>(
 where
     CliContext: CallRemote<C>,
 {
-    let password = rpassword::prompt_password("Password: ")?;
+    let password = if let Ok(password) = std::env::var("PASSWORD") {
+        password
+    } else {
+        rpassword::prompt_password("Password: ")?
+    };
 
     ctx.call_remote::<C>(
         &parent_method.into_iter().chain(method).join("."),

core/src/control.rs

@@ -56,8 +56,7 @@ pub async fn restart(ctx: RpcContext, ControlParams { id }: ControlParams) -> Re
                 .as_idx_mut(&id)
                 .or_not_found(&id)?
                 .as_status_info_mut()
-                .as_desired_mut()
-                .map_mutate(|s| Ok(s.restart()))
+                .restart()
         })
         .await
         .result?;

core/src/net/gateway.rs

@@ -703,22 +703,22 @@ async fn watch_ip(
                                             .into_iter()
                                             .map(IpNet::try_from)
                                             .try_collect()?;
-                                        let tables = ip4_proxy.route_data().await?.into_iter().filter_map(|d|d.table).collect::<Vec<_>>();
-                                        if !tables.is_empty() {
-                                            let rules = String::from_utf8(Command::new("ip").arg("rule").arg("list").invoke(ErrorKind::Network).await?)?;
-                                            for table in tables {
-                                                for subnet in subnets.iter().filter(|s| s.addr().is_ipv4()) {
-                                                    let subnet_string = subnet.trunc().to_string();
-                                                    let rule = ["from", &subnet_string, "lookup", &table.to_string()];
-                                                    if !rules.contains(&rule.join(" ")) {
-                                                        if rules.contains(&rule[..2].join(" ")) {
-                                                            Command::new("ip").arg("rule").arg("del").args(&rule[..2]).invoke(ErrorKind::Network).await?;
-                                                        }
-                                                        Command::new("ip").arg("rule").arg("add").args(rule).invoke(ErrorKind::Network).await?;
-                                                    }
-                                                }
-                                            }
-                                        }
+                                        // let tables = ip4_proxy.route_data().await?.into_iter().filter_map(|d|d.table).collect::<Vec<_>>();
+                                        // if !tables.is_empty() {
+                                        //     let rules = String::from_utf8(Command::new("ip").arg("rule").arg("list").invoke(ErrorKind::Network).await?)?;
+                                        //     for table in tables {
+                                        //         for subnet in subnets.iter().filter(|s| s.addr().is_ipv4()) {
+                                        //             let subnet_string = subnet.trunc().to_string();
+                                        //             let rule = ["from", &subnet_string, "lookup", &table.to_string()];
+                                        //             if !rules.contains(&rule.join(" ")) {
+                                        //                 if rules.contains(&rule[..2].join(" ")) {
+                                        //                     Command::new("ip").arg("rule").arg("del").args(&rule[..2]).invoke(ErrorKind::Network).await?;
+                                        //                 }
+                                        //                 Command::new("ip").arg("rule").arg("add").args(rule).invoke(ErrorKind::Network).await?;
+                                        //             }
+                                        //         }
+                                        //     }
+                                        // }
                                         let wan_ip = if !subnets.is_empty()
                                             && !matches!(
                                                 device_type,

core/src/net/socks.rs

@@ -15,7 +15,7 @@ use crate::util::future::NonDetachingJoinHandle;
 
 pub const DEFAULT_SOCKS_LISTEN: SocketAddr = SocketAddr::V4(SocketAddrV4::new(
     Ipv4Addr::new(HOST_IP[0], HOST_IP[1], HOST_IP[2], HOST_IP[3]),
-    9050,
+    1080,
 ));
 
 pub struct SocksController {

core/src/net/tor/ctor.rs

@@ -43,7 +43,6 @@ const STARTING_HEALTH_TIMEOUT: u64 = 120; // 2min
 
 const TOR_CONTROL: SocketAddr =
     SocketAddr::V4(SocketAddrV4::new(Ipv4Addr::new(127, 0, 1, 1), 9051));
-const TOR_SOCKS: SocketAddr = SocketAddr::V4(SocketAddrV4::new(Ipv4Addr::new(127, 0, 1, 1), 9050));
 
 #[derive(Debug, Clone, Copy, PartialEq, Eq)]
 pub struct OnionAddress(OnionAddressV3);
@@ -402,10 +401,15 @@ fn event_handler(_event: AsyncEvent<'static>) -> BoxFuture<'static, Result<(), C
 #[derive(Clone)]
 pub struct TorController(Arc<TorControl>);
 impl TorController {
+    const TOR_SOCKS: &[SocketAddr] = &[
+        SocketAddr::V4(SocketAddrV4::new(Ipv4Addr::new(127, 0, 0, 1), 9050)),
+        SocketAddr::V4(SocketAddrV4::new(Ipv4Addr::new(10, 0, 3, 1), 9050)),
+    ];
+
     pub fn new() -> Result<Self, Error> {
         Ok(TorController(Arc::new(TorControl::new(
             TOR_CONTROL,
-            TOR_SOCKS,
+            Self::TOR_SOCKS,
         ))))
     }
 
@@ -508,7 +512,7 @@ impl TorController {
             }
             Ok(Box::new(tcp_stream))
         } else {
-            let mut stream = TcpStream::connect(TOR_SOCKS)
+            let mut stream = TcpStream::connect(Self::TOR_SOCKS[0])
                 .await
                 .with_kind(ErrorKind::Tor)?;
             if let Err(e) = socket2::SockRef::from(&stream).set_keepalive(true) {
@@ -595,7 +599,7 @@ enum TorCommand {
 #[instrument(skip_all)]
 async fn torctl(
     tor_control: SocketAddr,
-    tor_socks: SocketAddr,
+    tor_socks: &[SocketAddr],
     recv: &mut mpsc::UnboundedReceiver<TorCommand>,
     services: &mut Watch<
         BTreeMap<
@@ -641,10 +645,21 @@ async fn torctl(
             tokio::fs::remove_dir_all("/var/lib/tor").await?;
             wipe_state.store(false, std::sync::atomic::Ordering::SeqCst);
         }
-        write_file_atomic(
-            "/etc/tor/torrc",
-            format!("SocksPort {TOR_SOCKS}\nControlPort {TOR_CONTROL}\nCookieAuthentication 1\n"),
-        )
+
+        write_file_atomic("/etc/tor/torrc", {
+            use std::fmt::Write;
+            let mut conf = String::new();
+
+            for tor_socks in tor_socks {
+                writeln!(&mut conf, "SocksPort {tor_socks}").unwrap();
+            }
+            writeln!(
+                &mut conf,
+                "ControlPort {tor_control}\nCookieAuthentication 1"
+            )
+            .unwrap();
+            conf
+        })
         .await?;
         tokio::fs::create_dir_all("/var/lib/tor").await?;
         Command::new("chown")
@@ -976,7 +991,10 @@ struct TorControl {
     >,
 }
 impl TorControl {
-    pub fn new(tor_control: SocketAddr, tor_socks: SocketAddr) -> Self {
+    pub fn new(
+        tor_control: SocketAddr,
+        tor_socks: impl AsRef<[SocketAddr]> + Send + 'static,
+    ) -> Self {
         let (send, mut recv) = mpsc::unbounded_channel();
         let services = Watch::new(BTreeMap::new());
         let mut thread_services = services.clone();
@@ -987,7 +1005,7 @@ impl TorControl {
                 loop {
                     if let Err(e) = torctl(
                         tor_control,
-                        tor_socks,
+                        tor_socks.as_ref(),
                         &mut recv,
                         &mut thread_services,
                         &wipe_state,

core/src/service/effects/callbacks.rs

@@ -36,6 +36,7 @@ struct ServiceCallbackMap {
     >,
     get_status: BTreeMap<PackageId, Vec<CallbackHandler>>,
     get_container_ip: BTreeMap<PackageId, Vec<CallbackHandler>>,
+    get_service_manifest: BTreeMap<PackageId, Vec<CallbackHandler>>,
 }
 
 impl ServiceCallbacks {
@@ -68,6 +69,10 @@ impl ServiceCallbacks {
                 v.retain(|h| h.handle.is_active() && h.seed.strong_count() > 0);
                 !v.is_empty()
             });
+            this.get_service_manifest.retain(|_, v| {
+                v.retain(|h| h.handle.is_active() && h.seed.strong_count() > 0);
+                !v.is_empty()
+            });
         })
     }
 
@@ -250,6 +255,25 @@ impl ServiceCallbacks {
                 .filter(|cb| !cb.0.is_empty())
         })
     }
+
+    pub(super) fn add_get_service_manifest(&self, package_id: PackageId, handler: CallbackHandler) {
+        self.mutate(|this| {
+            this.get_service_manifest
+                .entry(package_id)
+                .or_default()
+                .push(handler)
+        })
+    }
+
+    #[must_use]
+    pub fn get_service_manifest(&self, package_id: &PackageId) -> Option<CallbackHandlers> {
+        self.mutate(|this| {
+            this.get_service_manifest
+                .remove(package_id)
+                .map(CallbackHandlers)
+                .filter(|cb| !cb.0.is_empty())
+        })
+    }
 }
 
 pub struct CallbackHandler {

core/src/service/effects/control.rs

@@ -36,8 +36,7 @@ pub async fn restart(context: EffectContext) -> Result<(), Error> {
                 .as_idx_mut(id)
                 .or_not_found(id)?
                 .as_status_info_mut()
-                .as_desired_mut()
-                .map_mutate(|s| Ok(s.restart()))
+                .restart()
         })
         .await
         .result?;

core/src/service/effects/dependency.rs

@@ -14,7 +14,10 @@ use crate::disk::mount::filesystem::bind::{Bind, FileType};
 use crate::disk::mount::filesystem::idmapped::{IdMap, IdMapped};
 use crate::disk::mount::filesystem::{FileSystem, MountType};
 use crate::disk::mount::util::{is_mountpoint, unmount};
+use crate::s9pk::manifest::Manifest;
+use crate::service::effects::callbacks::CallbackHandler;
 use crate::service::effects::prelude::*;
+use crate::service::rpc::CallbackId;
 use crate::status::health_check::NamedHealthCheckResult;
 use crate::util::{FromStrParser, VersionString};
 use crate::volume::data_dir;
@@ -367,3 +370,45 @@ pub async fn check_dependencies(
     }
     Ok(results)
 }
+
+#[derive(Debug, Clone, Serialize, Deserialize, TS, Parser)]
+#[serde(rename_all = "camelCase")]
+#[ts(export)]
+pub struct GetServiceManifestParams {
+    pub package_id: PackageId,
+    #[ts(optional)]
+    #[arg(skip)]
+    pub callback: Option<CallbackId>,
+}
+
+pub async fn get_service_manifest(
+    context: EffectContext,
+    GetServiceManifestParams {
+        package_id,
+        callback,
+    }: GetServiceManifestParams,
+) -> Result<Manifest, Error> {
+    let context = context.deref()?;
+
+    if let Some(callback) = callback {
+        let callback = callback.register(&context.seed.persistent_container);
+        context
+            .seed
+            .ctx
+            .callbacks
+            .add_get_service_manifest(package_id.clone(), CallbackHandler::new(&context, callback));
+    }
+
+    let db = context.seed.ctx.db.peek().await;
+
+    let manifest = db
+        .as_public()
+        .as_package_data()
+        .as_idx(&package_id)
+        .or_not_found(&package_id)?
+        .as_state_info()
+        .as_manifest(ManifestPreference::New)
+        .de()?;
+
+    Ok(manifest)
+}

core/src/service/effects/mod.rs

@@ -88,6 +88,10 @@ pub fn handler<C: Context>() -> ParentHandler<C> {
             "get-installed-packages",
             from_fn_async(dependency::get_installed_packages).no_cli(),
         )
+        .subcommand(
+            "get-service-manifest",
+            from_fn_async(dependency::get_service_manifest).no_cli(),
+        )
         // health
         .subcommand("set-health", from_fn_async(health::set_health).no_cli())
         // subcontainer

core/src/service/mod.rs

@@ -575,6 +575,17 @@ impl Service {
             .await
             .result?;
 
+        // Trigger manifest callbacks after successful installation
+        let manifest = service.seed.persistent_container.s9pk.as_manifest();
+        if let Some(callbacks) = ctx.callbacks.get_service_manifest(&manifest.id) {
+            let manifest_value =
+                serde_json::to_value(manifest).with_kind(ErrorKind::Serialization)?;
+            callbacks
+                .call(imbl::vector![manifest_value.into()])
+                .await
+                .log_err();
+        }
+
         Ok(service)
     }
 

core/src/service/uninstall.rs

@@ -1,5 +1,7 @@
 use std::path::Path;
 
+use imbl::vector;
+
 use crate::context::RpcContext;
 use crate::db::model::package::{InstalledState, InstallingInfo, InstallingState, PackageState};
 use crate::prelude::*;
@@ -65,6 +67,11 @@ pub async fn cleanup(ctx: &RpcContext, id: &PackageId, soft: bool) -> Result<(),
                     ));
                 }
             };
+            // Trigger manifest callbacks with null to indicate uninstall
+            if let Some(callbacks) = ctx.callbacks.get_service_manifest(&manifest.id) {
+                callbacks.call(vector![Value::Null]).await.log_err();
+            }
+
             if !soft {
                 let path = Path::new(DATA_DIR).join(PKG_VOLUME_DIR).join(&manifest.id);
                 if tokio::fs::metadata(&path).await.is_ok() {

core/src/status/mod.rs

@@ -53,6 +53,11 @@ impl Model<StatusInfo> {
         self.as_started_mut().ser(&None)?;
         Ok(())
     }
+    pub fn restart(&mut self) -> Result<(), Error> {
+        self.as_desired_mut().map_mutate(|s| Ok(s.restart()))?;
+        self.as_health_mut().ser(&Default::default())?;
+        Ok(())
+    }
     pub fn init(&mut self) -> Result<(), Error> {
         self.as_started_mut().ser(&None)?;
         self.as_desired_mut().map_mutate(|s| {