Start9/start-os
2
0
Fork 0
mirror of https://github.com/Start9Labs/start-os.git synced 2026-04-01 21:13:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

merge into: Start9:fix/migrate-locale
Branches Tags
Start9:master Start9:plugins Start9:next/major Start9:fix/dry-runs Start9:feat/restart Start9:feat/generate-certificate Start9:fix/migrate-locale Start9:mcp Start9:fix/wifi Start9:bugfix/alpha.20 Start9:st/port-labels Start9:fix/docs_urls Start9:fix/a20 Start9:feat/preferred-port-design Start9:sdk-comments Start9:chore/ts-bindings Start9:claude Start9:feature/outbound-gateways Start9:fix/volume-mount-propagation Start9:fix/wifi-ssh Start9:bugfix/registry-info-short Start9:feature/agents Start9:chore/sdk-comments Start9:fix/fe-2 Start9:fix/service_load_order Start9:fix/arch Start9:feature/consolidate-setup Start9:feature/nvidia Start9:refactor/project-structure Start9:feat/random-sub Start9:feature/dev-qol Start9:refactor/ts-bindings Start9:tunel Start9:feature/iroh Start9:next/minor Start9:next/patch Start9:feature/secure-erase
Start9:v0.4.0-beta.0 Start9:v0.4.0-alpha.23 Start9:v0.4.0-alpha.22 Start9:v0.4.0-alpha.21 Start9:v0.4.0-alpha.20 Start9:v0.4.0-alpha.19 Start9:v0.4.0-alpha.18 Start9:v0.4.0-alpha.17 Start9:v0.4.0-alpha.16 Start9:v0.4.0-alpha.15 Start9:v0.4.0-alpha.14 Start9:v0.4.0-alpha.13 Start9:v0.4.0-alpha.12 Start9:v0.4.0-alpha.11 Start9:v0.4.0-alpha.10 Start9:v0.4.0-alpha.9 Start9:v0.4.0-alpha.8 Start9:sdk Start9:v0.3.6-alpha.0 Start9:v0.3.5.1 Start9:v0.3.5 Start9:v0.3.4.4-hotfix Start9:v0.3.4.4 Start9:v0.3.4.3 Start9:v0.3.4.2 Start9:latest Start9:v0.3.4.1-custom Start9:v0.3.4.1-rc.1 Start9:v0.3.4.1 Start9:v0.3.4 Start9:v0.3.4-rc.2 Start9:v0.3.4-rc.1 Start9:v0.3.3 Start9:v0.3.2.1 Start9:v0.3.2 Start9:v0.3.1.1 Start9:v0.3.1 Start9:v0.3.0.3 Start9:v0.3.0.2 Start9:v0.3.0.1 Start9:v0.3.0 Start9:v0.2.17 Start9:v0.2.16 Start9:v0.2.15 Start9:v0.2.14 Start9:v0.2.13 Start9:v0.2.12 Start9:v0.2.11 Start9:v0.2.10 Start9:v0.2.9 Start9:v0.2.8 Start9:v0.2.7 Start9:v0.2.6
...
pull from: Start9:master
Branches Tags
Start9:master Start9:plugins Start9:next/major Start9:fix/dry-runs Start9:feat/restart Start9:feat/generate-certificate Start9:fix/migrate-locale Start9:mcp Start9:fix/wifi Start9:bugfix/alpha.20 Start9:st/port-labels Start9:fix/docs_urls Start9:fix/a20 Start9:feat/preferred-port-design Start9:sdk-comments Start9:chore/ts-bindings Start9:claude Start9:feature/outbound-gateways Start9:fix/volume-mount-propagation Start9:fix/wifi-ssh Start9:bugfix/registry-info-short Start9:feature/agents Start9:chore/sdk-comments Start9:fix/fe-2 Start9:fix/service_load_order Start9:fix/arch Start9:feature/consolidate-setup Start9:feature/nvidia Start9:refactor/project-structure Start9:feat/random-sub Start9:feature/dev-qol Start9:refactor/ts-bindings Start9:tunel Start9:feature/iroh Start9:next/minor Start9:next/patch Start9:feature/secure-erase
Start9:v0.4.0-beta.0 Start9:v0.4.0-alpha.23 Start9:v0.4.0-alpha.22 Start9:v0.4.0-alpha.21 Start9:v0.4.0-alpha.20 Start9:v0.4.0-alpha.19 Start9:v0.4.0-alpha.18 Start9:v0.4.0-alpha.17 Start9:v0.4.0-alpha.16 Start9:v0.4.0-alpha.15 Start9:v0.4.0-alpha.14 Start9:v0.4.0-alpha.13 Start9:v0.4.0-alpha.12 Start9:v0.4.0-alpha.11 Start9:v0.4.0-alpha.10 Start9:v0.4.0-alpha.9 Start9:v0.4.0-alpha.8 Start9:sdk Start9:v0.3.6-alpha.0 Start9:v0.3.5.1 Start9:v0.3.5 Start9:v0.3.4.4-hotfix Start9:v0.3.4.4 Start9:v0.3.4.3 Start9:v0.3.4.2 Start9:latest Start9:v0.3.4.1-custom Start9:v0.3.4.1-rc.1 Start9:v0.3.4.1 Start9:v0.3.4 Start9:v0.3.4-rc.2 Start9:v0.3.4-rc.1 Start9:v0.3.3 Start9:v0.3.2.1 Start9:v0.3.2 Start9:v0.3.1.1 Start9:v0.3.1 Start9:v0.3.0.3 Start9:v0.3.0.2 Start9:v0.3.0.1 Start9:v0.3.0 Start9:v0.2.17 Start9:v0.2.16 Start9:v0.2.15 Start9:v0.2.14 Start9:v0.2.13 Start9:v0.2.12 Start9:v0.2.11 Start9:v0.2.10 Start9:v0.2.9 Start9:v0.2.8 Start9:v0.2.7 Start9:v0.2.6

29 Commits
fix/migrat ... master

Author SHA1 Message Date
Aiden McClelland
0eedcf58f5 feat: support data URLs, http(s) URLs, and file:// URLs in registry set-icon CLI 2026-04-01 08:50:59 -06:00
Aiden McClelland
208e9a5e3a feat: add registry os promote command for cross-registry OS version promotion 
Batch promotes an entire OS version (metadata + all iso/squashfs/img assets
across all platforms) from one registry to another, mirroring the existing
package promote command.
 2026-03-31 22:12:35 -06:00
Aiden McClelland
7c304eef02 chore: regenerate SDK TypeScript bindings for metrics types 2026-03-31 20:52:41 -06:00
Aiden McClelland
3de91687f1 chore: fix formatting in v0_3_6_alpha_0 migration logging 2026-03-31 20:52:00 -06:00
Aiden McClelland
0d80a1c0b1 fix: handle null value in list_service_interfaces 
Return an empty map instead of failing when the watched value is null.
 2026-03-31 20:51:33 -06:00
Aiden McClelland
48f50e3c6c feat: add package promote command for cross-registry promotion 
Allows promoting a package version from one registry to another by
fetching package info from the source and re-signing/publishing each
s9pk variant to the destination.
 2026-03-31 20:51:22 -06:00
Aiden McClelland
3e0bbe47ad fix: skip btrfs readonly check on preen to avoid false failures 
The btrfs check --readonly command can produce false positives. Skip it
for the preen strategy and only run the repair path when aggressive
repair is requested.
 2026-03-31 20:51:02 -06:00
Aiden McClelland
a3575cf9a3 chore: remove arch and platform fields from ServerInfo 
These are static platform constants and don't need to be stored in the
database or exposed in the public model. Use crate::ARCH directly where
needed.
 2026-03-31 20:50:48 -06:00
Aiden McClelland
5443f8dab1 chore: bump startos to 0.4.0-beta.0 and start-sdk to 1.0.0 2026-03-31 20:03:03 -06:00
Aiden McClelland
c6fd58f714 feat: rename ghost and synapse packages to legacy variants 
Add ghost→ghost-legacy and synapse→synapse-legacy ID renames in v1
manifest compat, container runtime, and v0.3.6 migration (volume
renames).
 2026-03-31 19:57:16 -06:00
Aiden McClelland
40ac974a0c feat: replace PostgreSQL metrics with SQLite and add metrics query API 
Migrate registry metrics from PostgreSQL/sqlx to embedded SQLite via
rusqlite. Add new metrics CLI subcommands (summary, users, downloads)
with i18n support. Record os_version in user activity and package
download requests. Remove old PostgreSQL schema and setup script.
 2026-03-31 19:56:49 -06:00
Aiden McClelland
cbcff17ebc chore: refactor release scripts to download OS images from registry 
Replace GitHub Actions artifact downloads with registry-based OS image
retrieval via start-cli. Add publish-tunnel subcommand, registry_url
helper, and remove old S3/RUN_ID workflows. Also clean up old deb
versions in publish-deb.sh before copying new ones.
 2026-03-31 19:56:33 -06:00
Matt Hill
8e8f457393 fix locale bug with postgres for 0351 migration 2026-03-31 16:12:32 -06:00
Matt Hill
886aa5d7db remove unnecessary warnings 2026-03-31 13:47:20 -06:00
Aiden McClelland
653a0a1428 Merge pull request #2867 from Start9Labs/next/major 
StartOS 0.4.0
 2026-03-30 19:29:39 -06:00
Matt Hill
0b004a19ae wrap text in release notes 2026-03-30 14:59:20 -06:00
Aiden McClelland
ce1da028ce fix: extract hairpin check into platform-conditional function 
The hairpin NAT check uses Linux-specific APIs (bind_device, raw fd
conversion). Extract it into a separate function with #[cfg(target_os)]
so the entire block is excluded on non-Linux platforms, rather than
guarding only the unsafe block.
 2026-03-30 14:38:13 -06:00
Aiden McClelland
0d4dcf6c61 fix: correct platform extraction in ISO deploy and re-enable raspberrypi 
The sed-based platform extraction was greedy, turning "x86_64" into "64".
Replace with explicit platform list iteration. Exclude raspberrypi from
deploy. Re-enable raspberrypi as a platform choice for builds.
 2026-03-30 12:11:22 -06:00
crissuper20
8359712cd9 Fix/startos UI empty interface (#3143) 
fix: give StartOS UI interface a non-empty id

The iface object in StartOsUiComponent had id: '' (empty string).
Any plugin whose action calls sdk.serviceInterface.get() with
that id triggers an RPC to the host with an empty
serviceInterfaceId, which Rust's ServiceInterfaceId type rejects
via its ID regex (^[a-z0-9]+(-[a-z0-9]+)*$).

The container runtime appends the method name to every error
message as "${msg}@${method}", so the empty-string failure
surfaces in the UI as:

  Action Failed: Deserialization Error: Invalid ID: @get-service-interface

Setting id: 'startos-ui' makes it a valid, stable identifier
that passes the regex and accurately names the interface.
 2026-03-30 12:00:14 -06:00
Aiden McClelland
f46cdc6ee5 fix: correct hairpin NAT rules and bind hairpin check to gateway interface 
The POSTROUTING MASQUERADE rules in forward-port failed to handle two
hairpin scenarios:

1. Host-to-target hairpin (OUTPUT DNAT): when sip is a WAN IP (tunnel
   case), the old rule matched `-s sip` but the actual source of
   locally-originated packets is a local interface IP, not the WAN IP.
   Fix: use `-m addrtype --src-type LOCAL -m conntrack --ctorigdst sip`
   to match any local source while tying the rule to the specific sip.

2. Same-subnet self-hairpin (PREROUTING DNAT): when a WireGuard peer
   connects to itself via the tunnel's public IP, traffic is DNAT'd back
   to the peer. Without MASQUERADE the response takes a loopback shortcut,
   bypassing the tunnel server's conntrack and breaking NAT reversal.
   Fix: add `-s dip/dprefix -d dip` to masquerade same-subnet traffic,
   which also subsumes the old bridge_subnet rule.

Also bind the hairpin detection socket to the gateway interface and local
IP for consistency with the echoip client.
 2026-03-30 11:52:53 -06:00
Aiden McClelland
c96b38f915 fix: bind echoip client to gateway's specific IPv4 to avoid EADDRINUSE 
Using Ipv4Addr::UNSPECIFIED (0.0.0.0) as the local address with
SO_BINDTODEVICE caused bind(0.0.0.0:0) to fail with "Address in use"
on interfaces where port 443 was already in use. Binding to the
gateway's actual IPv4 address instead still forces IPv4 DNS filtering
while avoiding the kernel-level conflict.
 2026-03-30 08:12:21 -06:00
Matt Hill
c1c8dc8f9c fixes #3150 2026-03-29 20:48:30 -06:00
Matt Hill
e3b7277ccd fix: correct false breakage detection for flavored packages and confi… (#3149) 
fix: correct false breakage detection for flavored packages and config changes

Two bugs caused the UI to incorrectly warn about dependency breakages:

1. dryUpdate (version path): Flavored package versions (e.g. #knots:27.0.0:0)
   failed exver.satisfies() against flavorless ranges (e.g. >=26.0.0) due to
   flavor mismatch. Now checks the manifest's `satisfies` declarations,
   matching the pattern already used in DepErrorService. Added `satisfies`
   field to PackageVersionInfo so it's available from registry data.

2. checkConflicts (config path): fast-json-patch's compare() treated missing
   keys as conflicts (add ops) and used positional array comparison, diverging
   from the backend's conflicts() semantics. Replaced with a conflicts()
   function that mirrors core/src/service/action.rs — missing keys are not
   conflicts, and arrays use set-based comparison.

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-29 13:07:52 -06:00
Matt Hill
b0b4b41c42 feat: unified restart notification with reason-specific messaging (#3147) 
* feat: unified restart notification with reason-specific messaging

Replace statusInfo.updated (bool) with serverInfo.restart (nullable enum)
to unify all restart-needed scenarios under a single PatchDB field.

Backend sets the restart reason in RPC handlers for hostname change (mdns),
language change, kiosk toggle, and OS update download. Init clears it on
boot. The update flow checks this field to prevent updates when a restart
is already pending.

Frontend shows a persistent action bar with reason-specific i18n messages
instead of per-feature restart dialogs. For .local hostname changes, the
existing "open new address" dialog is preserved — the restart toast
appears after the user logs in on the new address.

Also includes migration in v0_4_0_alpha_23 to remove statusInfo.updated
and initialize serverInfo.restart.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix broken styling and improve settings layout

* refactor: move restart field from ServerInfo to ServerStatus

The restart reason belongs with other server state (shutting_down,
restarting, update_progress) rather than on the top-level ServerInfo.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix PR comment

---------

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-authored-by: Aiden McClelland <me@drbonez.dev>
 2026-03-29 02:23:59 -06:00
Aiden McClelland
bbbc8f7440 fix: correct BIOS boot partition type GUID for backup target filtering 
The BIOS_BOOT_TYPE_GUID constant had the wrong value, so
find_bios_boot_partition never matched the actual BIOS boot partition
created by the gpt crate. This caused it to appear as an available
backup target.
 2026-03-28 20:00:59 -06:00
Aiden McClelland
c7a4dd617e fix: resolve tunnel add delay and connectivity loss in gateway watcher 
Split poll_ip_info into two phases: write IP info (addresses, subnets,
gateway, DNS, NTP) to the watch immediately, then fetch WAN IP in a
second pass. Previously the echoip HTTP fetch (5s timeout per URL)
blocked the write and was repeatedly cancelled by D-Bus signals during
interface activation, preventing the gateway from ever appearing.

Replace PolicyRoutingCleanup Drop with gc_policy_routing. The old Drop
spawned async route flushes that raced with new apply_policy_routing
calls when the watcher restarted on device_added, wiping freshly-created
routing tables for existing interfaces like eth0. Now policy routing is
managed idempotently by apply_policy_routing, and stale rules are
garbage-collected at the start of each watcher iteration.
 2026-03-28 20:00:36 -06:00
Aiden McClelland
d6b81f3c9b fix: assorted fixes across container-runtime, core, and sdk 
- Fix parseInt callback in container-runtime to avoid extra map arguments
- Use proper error propagation in list_service_interfaces instead of unwrap_or_default
- Handle non-plain objects by reference in deepEqual
 2026-03-27 15:58:52 -06:00
Aiden McClelland
879f953a9f feat: delete ext2_saved subvolume after btrfs-convert 
Removes the ext2_saved subvolume (created by btrfs-convert to preserve
original ext4 metadata) before running defrag to reclaim space.
 2026-03-26 23:38:54 -06:00
Matt Hill
782f2e83bf ensure correct locale on 035 update (#3145) 2026-03-26 21:35:25 -06:00
81 changed files with 2029 additions and 1555 deletions
Expand all files Collapse all files

43
.github/workflows/startos-iso.yaml vendored
View File

@@ -29,7 +29,7 @@ on:
- aarch64
- aarch64-nonfree
- aarch64-nvidia
# - raspberrypi
- raspberrypi
- riscv64
- riscv64-nonfree
deploy:
@@ -296,6 +296,18 @@ jobs:
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
echo "Version: $VERSION"
- name: Determine platforms
id: platforms
run: |
INPUT="${{ github.event.inputs.platform }}"
if [ "$INPUT" = "ALL" ]; then
PLATFORMS="x86_64 x86_64-nonfree x86_64-nvidia aarch64 aarch64-nonfree aarch64-nvidia riscv64 riscv64-nonfree"
else
PLATFORMS="$INPUT"
fi
echo "list=$PLATFORMS" >> "$GITHUB_OUTPUT"
echo "Platforms: $PLATFORMS"
- name: Download squashfs artifacts
uses: actions/download-artifact@v8
with:
@@ -347,10 +359,12 @@ jobs:
run: |
VERSION="${{ steps.version.outputs.version }}"
cd artifacts
for file in *.iso *.squashfs; do
[ -f "$file" ] || continue
echo "Uploading $file..."
s3cmd put -P "$file" "${{ env.S3_BUCKET }}/v${VERSION}/$file"
for PLATFORM in ${{ steps.platforms.outputs.list }}; do
for file in *_${PLATFORM}.squashfs *_${PLATFORM}.iso; do
[ -f "$file" ] || continue
echo "Uploading $file..."
s3cmd put -P "$file" "${{ env.S3_BUCKET }}/v${VERSION}/$file"
done
done
- name: Register OS version
@@ -363,13 +377,14 @@ jobs:
run: |
VERSION="${{ steps.version.outputs.version }}"
cd artifacts
for file in *.squashfs *.iso; do
[ -f "$file" ] || continue
PLATFORM=$(echo "$file" | sed 's/.*_\([^.]*\)\.\(squashfs\|iso\)$/\1/')
echo "Indexing $file for platform $PLATFORM..."
start-cli --registry="${{ env.REGISTRY }}" registry os asset add \
--platform="$PLATFORM" \
--version="$VERSION" \
"$file" \
"${{ env.S3_CDN }}/v${VERSION}/$file"
for PLATFORM in ${{ steps.platforms.outputs.list }}; do
for file in *_${PLATFORM}.squashfs *_${PLATFORM}.iso; do
[ -f "$file" ] || continue
echo "Indexing $file for platform $PLATFORM..."
start-cli --registry="${{ env.REGISTRY }}" registry os asset add \
--platform="$PLATFORM" \
--version="$VERSION" \
"$file" \
"${{ env.S3_CDN }}/v${VERSION}/$file"
done
done

7
build/apt/publish-deb.sh
View File

@@ -83,11 +83,16 @@ if [ ${#DEB_FILES[@]} -eq 0 ]; then
exit 1
fi
# Copy each deb to the pool, renaming to standard format
# Copy each deb to the pool, removing old versions of the same package+arch
for deb in "${DEB_FILES[@]}"; do
PKG_NAME="$(dpkg-deb --field "$deb" Package)"
PKG_ARCH="$(dpkg-deb --field "$deb" Architecture)"
POOL_DIR="$REPO_DIR/pool/${COMPONENT}/${PKG_NAME:0:1}/${PKG_NAME}"
mkdir -p "$POOL_DIR"
# Remove old versions for the same architecture
for old in "$POOL_DIR"/${PKG_NAME}_*_${PKG_ARCH}.deb; do
[ -f "$old" ] && rm -v "$old"
done
cp "$deb" "$POOL_DIR/"
dpkg-name -o "$POOL_DIR/$(basename "$deb")" 2>/dev/null || true
echo "Added: $(basename "$deb") -> pool/${COMPONENT}/${PKG_NAME:0:1}/${PKG_NAME}/"

23
build/lib/scripts/forward-port
View File

@@ -58,15 +58,18 @@ iptables -t nat -A ${NAME}_OUTPUT -d "$sip" -p udp --dport "$sport" -j DNAT --to
iptables -A ${NAME}_FORWARD -d $dip -p tcp --dport $dport -m state --state NEW -j ACCEPT
iptables -A ${NAME}_FORWARD -d $dip -p udp --dport $dport -m state --state NEW -j ACCEPT
# NAT hairpin: masquerade traffic from the bridge subnet or host to the DNAT
# target, so replies route back through the host for proper NAT reversal.
# Container-to-container hairpin (source is on the bridge subnet)
if [ -n "$bridge_subnet" ]; then
iptables -t nat -A ${NAME}_POSTROUTING -s "$bridge_subnet" -d "$dip" -p tcp --dport "$dport" -j MASQUERADE
iptables -t nat -A ${NAME}_POSTROUTING -s "$bridge_subnet" -d "$dip" -p udp --dport "$dport" -j MASQUERADE
fi
# Host-to-container hairpin (host connects to its own gateway IP, source is sip)
iptables -t nat -A ${NAME}_POSTROUTING -s "$sip" -d "$dip" -p tcp --dport "$dport" -j MASQUERADE
iptables -t nat -A ${NAME}_POSTROUTING -s "$sip" -d "$dip" -p udp --dport "$dport" -j MASQUERADE
# NAT hairpin: masquerade so replies route back through this host for proper
# NAT reversal instead of taking a direct path that bypasses conntrack.
# Host-to-target hairpin: locally-originated packets whose original destination
# was sip (before OUTPUT DNAT rewrote it to dip). Using --ctorigdst ties the
# rule to this specific sip, so multiple WAN IPs forwarding the same port to
# different targets each get their own masquerade.
iptables -t nat -A ${NAME}_POSTROUTING -m addrtype --src-type LOCAL -m conntrack --ctorigdst "$sip" -d "$dip" -p tcp --dport "$dport" -j MASQUERADE
iptables -t nat -A ${NAME}_POSTROUTING -m addrtype --src-type LOCAL -m conntrack --ctorigdst "$sip" -d "$dip" -p udp --dport "$dport" -j MASQUERADE
# Same-subnet hairpin: when traffic originates from the same subnet as the DNAT
# target (e.g. a container reaching another container, or a WireGuard peer
# connecting to itself via the tunnel's public IP).
iptables -t nat -A ${NAME}_POSTROUTING -s "$dip/$dprefix" -d "$dip" -p tcp --dport "$dport" -j MASQUERADE
iptables -t nat -A ${NAME}_POSTROUTING -s "$dip/$dprefix" -d "$dip" -p udp --dport "$dport" -j MASQUERADE
exit $err

140
build/manage-release.sh
View File

@@ -8,6 +8,7 @@ S3_BUCKET="s3://startos-images"
S3_CDN="https://startos-images.nyc3.cdn.digitaloceanspaces.com"
START9_GPG_KEY="2D63C217"
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
ARCHES="aarch64 aarch64-nonfree aarch64-nvidia riscv64 riscv64-nonfree x86_64 x86_64-nonfree x86_64-nvidia"
CLI_ARCHES="aarch64 riscv64 x86_64"
@@ -83,16 +84,21 @@ resolve_gh_user() {
GH_GPG_KEY=$(git config user.signingkey 2>/dev/null || true)
}
# Fetch the URL for an OS asset from the registry index.
# Usage: registry_url <iso|squashfs|img> <platform>
registry_url() {
local ext=$1 platform=$2
if [ -z "${_REGISTRY_INDEX:-}" ]; then
_REGISTRY_INDEX=$(start-cli --registry=$REGISTRY registry os index)
fi
echo "$_REGISTRY_INDEX" | jq -r ".versions[\"$VERSION\"].$ext[\"$platform\"].urls[0]"
}
# --- Subcommands ---
cmd_download() {
require_version
if [ -z "${RUN_ID:-}" ]; then
read -rp "RUN_ID (OS images, leave blank to skip): " RUN_ID
fi
RUN_ID=$(parse_run_id "${RUN_ID:-}")
if [ -z "${ST_RUN_ID:-}" ]; then
read -rp "ST_RUN_ID (start-tunnel, leave blank to skip): " ST_RUN_ID
fi
@@ -105,14 +111,14 @@ cmd_download() {
ensure_release_dir
if [ -n "$RUN_ID" ]; then
for arch in $ARCHES; do
while ! gh run download -R $REPO "$RUN_ID" -n "$arch.squashfs" -D "$(pwd)"; do sleep 1; done
# Download OS images from registry (deployed by GitHub workflow)
echo "Downloading OS images from registry..."
for arch in $ARCHES; do
for ext in squashfs iso; do
echo " $ext $arch"
start-cli --registry=$REGISTRY registry os asset get "$ext" "$VERSION" "$arch" -d "$(pwd)"
done
for arch in $ARCHES; do
while ! gh run download -R $REPO "$RUN_ID" -n "$arch.iso" -D "$(pwd)"; do sleep 1; done
done
fi
done
if [ -n "$ST_RUN_ID" ]; then
for arch in $CLI_ARCHES; do
@@ -143,19 +149,12 @@ cmd_pull() {
gh release download -R $REPO "v$VERSION" -p "$file" -D "$(pwd)" --clobber
done
# Download ISOs and squashfs from S3 CDN
# Download ISOs and squashfs from registry
echo "Downloading OS images from registry..."
for arch in $ARCHES; do
for ext in squashfs iso; do
# Get the actual filename from the GH release asset list or body
local filename
filename=$(gh release view -R $REPO "v$VERSION" --json assets -q ".assets[].name" | grep "_${arch}\\.${ext}$" || true)
if [ -z "$filename" ]; then
filename=$(gh release view -R $REPO "v$VERSION" --json body -q .body | grep -oP "[^ ]*_${arch}\\.${ext}" | head -1 || true)
fi
if [ -n "$filename" ]; then
echo "Downloading $filename from S3..."
curl -fSL -o "$filename" "$S3_CDN/v$VERSION/$filename"
fi
echo " $ext $arch"
start-cli --registry=$REGISTRY registry os asset get "$ext" "$VERSION" "$arch" -d "$(pwd)"
done
done
}
@@ -170,14 +169,12 @@ cmd_upload() {
require_version
enter_release_dir
# OS images (iso/squashfs) are already on S3 via the GitHub workflow.
# Upload only debs and CLI binaries to the GitHub Release.
for file in $(release_files); do
case "$file" in
*.iso|*.squashfs)
s3cmd put -P "$file" "$S3_BUCKET/v$VERSION/$file"
;;
*)
gh release upload -R $REPO "v$VERSION" "$file"
;;
*.iso|*.squashfs) ;;
*) gh release upload -R $REPO "v$VERSION" "$file" ;;
esac
done
}
@@ -248,6 +245,24 @@ cmd_cosign() {
echo "Done. Personal signatures for $GH_USER added to v$VERSION."
}
cmd_publish_tunnel() {
require_version
enter_release_dir
local tunnel_debs=()
for file in start-tunnel*.deb; do
[ -f "$file" ] && tunnel_debs+=("$file")
done
if [ ${#tunnel_debs[@]} -eq 0 ]; then
>&2 echo "No start-tunnel .deb files found in release directory"
exit 1
fi
echo "Publishing start-tunnel debs to apt repository..."
"$SCRIPT_DIR/apt/publish-deb.sh" "${tunnel_debs[@]}"
}
cmd_notes() {
require_version
enter_release_dir
@@ -255,14 +270,14 @@ cmd_notes() {
cat << EOF
# ISO Downloads
- [x86_64/AMD64]($S3_CDN/v$VERSION/$(ls *_x86_64-nonfree.iso))
- [x86_64/AMD64 + NVIDIA]($S3_CDN/v$VERSION/$(ls *_x86_64-nvidia.iso))
- [x86_64/AMD64-slim (FOSS-only)]($S3_CDN/v$VERSION/$(ls *_x86_64.iso) "Without proprietary software or drivers")
- [aarch64/ARM64]($S3_CDN/v$VERSION/$(ls *_aarch64-nonfree.iso))
- [aarch64/ARM64 + NVIDIA]($S3_CDN/v$VERSION/$(ls *_aarch64-nvidia.iso))
- [aarch64/ARM64-slim (FOSS-Only)]($S3_CDN/v$VERSION/$(ls *_aarch64.iso) "Without proprietary software or drivers")
- [RISCV64 (RVA23)]($S3_CDN/v$VERSION/$(ls *_riscv64-nonfree.iso))
- [RISCV64 (RVA23)-slim (FOSS-only)]($S3_CDN/v$VERSION/$(ls *_riscv64.iso) "Without proprietary software or drivers")
- [x86_64/AMD64]($(registry_url iso x86_64-nonfree))
- [x86_64/AMD64 + NVIDIA]($(registry_url iso x86_64-nvidia))
- [x86_64/AMD64-slim (FOSS-only)]($(registry_url iso x86_64) "Without proprietary software or drivers")
- [aarch64/ARM64]($(registry_url iso aarch64-nonfree))
- [aarch64/ARM64 + NVIDIA]($(registry_url iso aarch64-nvidia))
- [aarch64/ARM64-slim (FOSS-Only)]($(registry_url iso aarch64) "Without proprietary software or drivers")
- [RISCV64 (RVA23)]($(registry_url iso riscv64-nonfree))
- [RISCV64 (RVA23)-slim (FOSS-only)]($(registry_url iso riscv64) "Without proprietary software or drivers")
EOF
cat << 'EOF'
@@ -318,9 +333,8 @@ EOF
cmd_full_release() {
cmd_download
cmd_register
cmd_upload
cmd_index
cmd_publish_tunnel
cmd_sign
cmd_notes
}
@@ -330,22 +344,23 @@ usage() {
Usage: manage-release.sh <subcommand>
Subcommands:
download Download artifacts from GitHub Actions runs
Requires: RUN_ID, ST_RUN_ID, CLI_RUN_ID (any combination)
pull Download an existing release from the GH tag and S3
register Register the version in the Start9 registry
upload Upload artifacts to GitHub Releases and S3
index Add assets to the registry index
sign Sign all artifacts with Start9 org key (+ personal key if available)
and upload signatures.tar.gz
cosign Add personal GPG signature to an existing release's signatures
(requires 'pull' first so you can verify assets before signing)
notes Print release notes with download links and checksums
full-release Run: download → register → upload → index → sign → notes
download Download OS images from registry + other artifacts from GH Actions
OS images are pulled via start-cli from the registry (deployed by GH workflow)
Requires: ST_RUN_ID, CLI_RUN_ID (any combination)
pull Download an existing release from the GH tag and S3
register Register the version in the Start9 registry
upload Upload artifacts to GitHub Releases and S3
index Add assets to the registry index
publish-tunnel Publish start-tunnel .deb files to the apt repository
sign Sign all artifacts with Start9 org key (+ personal key if available)
and upload signatures.tar.gz
cosign Add personal GPG signature to an existing release's signatures
(requires 'pull' first so you can verify assets before signing)
notes Print release notes with download links and checksums
full-release Run: download → register → upload → publish-tunnel → sign → notes
Environment variables:
VERSION (required) Release version
RUN_ID GitHub Actions run ID for OS images (download subcommand)
ST_RUN_ID GitHub Actions run ID for start-tunnel (download subcommand)
CLI_RUN_ID GitHub Actions run ID for start-cli (download subcommand)
GH_USER Override GitHub username (default: autodetected via gh cli)
@@ -354,14 +369,15 @@ EOF
}
case "${1:-}" in
download) cmd_download ;;
pull) cmd_pull ;;
register) cmd_register ;;
upload) cmd_upload ;;
index) cmd_index ;;
sign) cmd_sign ;;
cosign) cmd_cosign ;;
notes) cmd_notes ;;
full-release) cmd_full_release ;;
*) usage; exit 1 ;;
download) cmd_download ;;
pull) cmd_pull ;;
register) cmd_register ;;
upload) cmd_upload ;;
index) cmd_index ;;
publish-tunnel) cmd_publish_tunnel ;;
sign) cmd_sign ;;
cosign) cmd_cosign ;;
notes) cmd_notes ;;
full-release) cmd_full_release ;;
*) usage; exit 1 ;;
esac

2
container-runtime/package-lock.json generated
View File

@@ -37,7 +37,7 @@
},
"../sdk/dist": {
"name": "@start9labs/start-sdk",
"version": "0.4.0-beta.66",
"version": "1.0.0",
"license": "MIT",
"dependencies": {
"@iarna/toml": "^3.0.0",

8
container-runtime/src/Adapters/Systems/SystemForEmbassy/index.ts
View File

@@ -396,6 +396,12 @@ export class SystemForEmbassy implements System {
if (this.manifest.id === "nostr") {
this.manifest.id = "nostr-rs-relay"
}
if (this.manifest.id === "ghost") {
this.manifest.id = "ghost-legacy"
}
if (this.manifest.id === "synapse") {
this.manifest.id = "synapse-legacy"
}
}
async init(
@@ -494,7 +500,7 @@ export class SystemForEmbassy implements System {
const host = new MultiHost({ effects, id })
const internalPorts = new Set(
Object.values(interfaceValue["tor-config"]?.["port-mapping"] ?? {})
.map(Number.parseInt)
.map((v) => parseInt(v))
.concat(
...Object.values(interfaceValue["lan-config"] ?? {}).map(
(c) => c.internal,

40
core/Cargo.lock generated
View File

@@ -1967,6 +1967,18 @@ dependencies = [
"once_cell",
]
[[package]]
name = "fallible-iterator"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2acce4a10f12dc2fb14a218589d4f1f62ef011b2d0cc4b3cb1bba8e94da14649"
[[package]]
name = "fallible-streaming-iterator"
version = "0.1.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7360491ce676a36bf9bb3c56c1aa791658183a54d2744120f27285738d90465a"
[[package]]
name = "fastrand"
version = "2.3.0"
@@ -3562,6 +3574,17 @@ dependencies = [
"redox_syscall 0.7.3",
]
[[package]]
name = "libsqlite3-sys"
version = "0.32.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fbb8270bb4060bd76c6e96f20c52d80620f1d82a3470885694e41e0f81ef6fe7"
dependencies = [
"cc",
"pkg-config",
"vcpkg",
]
[[package]]
name = "libyml"
version = "0.0.5"
@@ -5444,6 +5467,20 @@ dependencies = [
"windows-sys 0.52.0",
]
[[package]]
name = "rusqlite"
version = "0.34.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "37e34486da88d8e051c7c0e23c3f15fd806ea8546260aa2fec247e97242ec143"
dependencies = [
"bitflags 2.11.0",
"fallible-iterator",
"fallible-streaming-iterator",
"hashlink",
"libsqlite3-sys",
"smallvec",
]
[[package]]
name = "rust-argon2"
version = "3.0.0"
@@ -6439,7 +6476,7 @@ dependencies = [
[[package]]
name = "start-os"
version = "0.4.0-alpha.23"
version = "0.4.0-beta.0"
dependencies = [
"aes",
"async-acme",
@@ -6536,6 +6573,7 @@ dependencies = [
"reqwest_cookie_store",
"rpassword",
"rpc-toolkit",
"rusqlite",
"rust-argon2",
"rust-i18n",
"semver",

5
core/Cargo.toml
View File

@@ -15,7 +15,7 @@ license = "MIT"
name = "start-os"
readme = "README.md"
repository = "https://github.com/Start9Labs/start-os"
version = "0.4.0-alpha.23" # VERSION_BUMP
version = "0.4.0-beta.0" # VERSION_BUMP
[lib]
name = "startos"
@@ -182,6 +182,7 @@ qrcode = "0.14.1"
r3bl_tui = "0.7.6"
rand = "0.9.2"
regex = "1.10.2"
rusqlite = { version = "0.34", features = ["bundled"] }
reqwest = { version = "0.12.25", features = [
"http2",
"json",
@@ -250,5 +251,3 @@ opt-level = 3
[profile.dev.package.backtrace]
opt-level = 3
[profile.dev.package.sqlx-macros]
opt-level = 3

127
core/locales/i18n.yaml
View File

@@ -1826,6 +1826,21 @@ registry.os.version.signer-not-authorized:
fr_FR: "Le signataire %{signer} n'est pas autorisé à signer pour v%{version}"
pl_PL: "Sygnatariusz %{signer} nie jest autoryzowany do podpisywania v%{version}"
# registry/os/promote.rs
registry.os.promote.need-from-or-to:
en_US: "At least one of --from or --to must be specified"
de_DE: "Mindestens --from oder --to muss angegeben werden"
es_ES: "Se debe especificar al menos --from o --to"
fr_FR: "Au moins --from ou --to doit être spécifié"
pl_PL: "Należy podać przynajmniej --from lub --to"
registry.os.promote.version-not-found:
en_US: "OS version %{version} not found on source registry"
de_DE: "OS-Version %{version} nicht in der Quell-Registry gefunden"
es_ES: "Versión del SO %{version} no encontrada en el registro de origen"
fr_FR: "Version OS %{version} introuvable dans le registre source"
pl_PL: "Wersja OS %{version} nie znaleziona w rejestrze źródłowym"
# registry/package/mod.rs
registry.package.remove-not-exist:
en_US: "%{id}@%{version}%{sighash} does not exist, so not removed"
@@ -1870,6 +1885,20 @@ registry.package.add-mirror.unauthorized:
fr_FR: "Non autorisé"
pl_PL: "Brak autoryzacji"
registry.package.promote.need-from-or-to:
en_US: "At least one of --from or --to must be specified"
de_DE: "Mindestens --from oder --to muss angegeben werden"
es_ES: "Se debe especificar al menos --from o --to"
fr_FR: "Au moins --from ou --to doit être spécifié"
pl_PL: "Należy podać przynajmniej --from lub --to"
registry.package.promote.version-not-found:
en_US: "Version %{version} of %{id} not found on source registry"
de_DE: "Version %{version} von %{id} nicht in der Quell-Registry gefunden"
es_ES: "Versión %{version} de %{id} no encontrada en el registro de origen"
fr_FR: "Version %{version} de %{id} introuvable dans le registre source"
pl_PL: "Wersja %{version} pakietu %{id} nie znaleziona w rejestrze źródłowym"
registry.package.cannot-remove-last-mirror:
en_US: "Cannot remove last mirror from an s9pk"
de_DE: "Letzter Spiegel kann nicht aus einem s9pk entfernt werden"
@@ -2902,6 +2931,13 @@ help.arg.force-uninstall:
fr_FR: "Ignorer les erreurs dans le script de désinitialisation du service"
pl_PL: "Ignoruj błędy w skrypcie deinicjalizacji usługi"
help.arg.from-registry-url:
en_US: "Source registry URL to promote from"
de_DE: "Quell-Registry-URL zum Heraufstufen"
es_ES: "URL del registro de origen para promover"
fr_FR: "URL du registre source pour la promotion"
pl_PL: "URL rejestru źródłowego do promowania"
help.arg.host-url:
en_US: "URL of the StartOS server"
de_DE: "URL des StartOS-Servers"
@@ -2923,6 +2959,13 @@ help.arg.icon-path:
fr_FR: "Chemin vers le fichier d'icône du service"
pl_PL: "Ścieżka do pliku ikony usługi"
help.arg.icon-source:
en_US: "Icon source: file path, file:// URL, http(s):// URL, or data: URL"
de_DE: "Icon-Quelle: Dateipfad, file://-URL, http(s)://-URL oder data:-URL"
es_ES: "Fuente del icono: ruta de archivo, URL file://, URL http(s):// o URL data:"
fr_FR: "Source de l'icône : chemin de fichier, URL file://, URL http(s):// ou URL data:"
pl_PL: "Źródło ikony: ścieżka pliku, URL file://, URL http(s):// lub URL data:"
help.arg.image-id:
en_US: "Docker image identifier"
de_DE: "Docker-Image-Kennung"
@@ -3007,6 +3050,34 @@ help.arg.merge:
fr_FR: "Fusionner avec la plage de versions existante au lieu de remplacer"
pl_PL: "Połącz z istniejącym zakresem wersji zamiast zastępować"
help.arg.metrics-after:
en_US: "Start of time range (RFC 3339 timestamp)"
de_DE: "Beginn des Zeitraums (RFC 3339 Zeitstempel)"
es_ES: "Inicio del rango de tiempo (marca de tiempo RFC 3339)"
fr_FR: "Début de la plage temporelle (horodatage RFC 3339)"
pl_PL: "Początek zakresu czasu (znacznik czasu RFC 3339)"
help.arg.metrics-before:
en_US: "End of time range (RFC 3339 timestamp)"
de_DE: "Ende des Zeitraums (RFC 3339 Zeitstempel)"
es_ES: "Fin del rango de tiempo (marca de tiempo RFC 3339)"
fr_FR: "Fin de la plage temporelle (horodatage RFC 3339)"
pl_PL: "Koniec zakresu czasu (znacznik czasu RFC 3339)"
help.arg.metrics-pkg-id:
en_US: "Filter by package ID"
de_DE: "Nach Paket-ID filtern"
es_ES: "Filtrar por ID de paquete"
fr_FR: "Filtrer par identifiant de paquet"
pl_PL: "Filtruj według identyfikatora pakietu"
help.arg.metrics-version:
en_US: "Filter by version"
de_DE: "Nach Version filtern"
es_ES: "Filtrar por versión"
fr_FR: "Filtrer par version"
pl_PL: "Filtruj według wersji"
help.arg.mirror-url:
en_US: "URL of the mirror"
de_DE: "URL des Spiegels"
@@ -3126,13 +3197,6 @@ help.arg.port:
fr_FR: "Numéro de port"
pl_PL: "Numer portu"
help.arg.postgres-connection-url:
en_US: "PostgreSQL connection URL"
de_DE: "PostgreSQL-Verbindungs-URL"
es_ES: "URL de conexión PostgreSQL"
fr_FR: "URL de connexion PostgreSQL"
pl_PL: "URL połączenia PostgreSQL"
help.arg.proxy-url:
en_US: "HTTP/SOCKS proxy URL"
de_DE: "HTTP/SOCKS-Proxy-URL"
@@ -3357,6 +3421,13 @@ help.arg.target-version-range:
fr_FR: "Contrainte de plage de version cible"
pl_PL: "Ograniczenie zakresu wersji docelowej"
help.arg.to-registry-url:
en_US: "Destination registry URL to promote to"
de_DE: "Ziel-Registry-URL zum Heraufstufen"
es_ES: "URL del registro de destino para promover"
fr_FR: "URL du registre de destination pour la promotion"
pl_PL: "URL rejestru docelowego do promowania"
help.arg.tor-proxy-url:
en_US: "Tor SOCKS proxy URL"
de_DE: "Tor-SOCKS-Proxy-URL"
@@ -4457,6 +4528,13 @@ about.commands-registry-db:
fr_FR: "Commandes pour interagir avec la base de données, comme dump et apply"
pl_PL: "Polecenia interakcji z bazą danych, np. dump i apply"
about.commands-registry-metrics:
en_US: "Query registry usage metrics"
de_DE: "Registry-Nutzungsmetriken abfragen"
es_ES: "Consultar métricas de uso del registro"
fr_FR: "Consulter les métriques d'utilisation du registre"
pl_PL: "Zapytaj o metryki użycia rejestru"
about.commands-registry-info:
en_US: "View or edit registry information"
de_DE: "Registry-Informationen anzeigen oder bearbeiten"
@@ -4898,6 +4976,27 @@ about.get-listen-address-for-webserver:
fr_FR: "Obtenir l'adresse d'écoute du serveur web"
pl_PL: "Pobierz adres nasłuchiwania serwera internetowego"
about.get-metrics-downloads:
en_US: "Count package download requests with optional filters"
de_DE: "Paket-Download-Anfragen mit optionalen Filtern zählen"
es_ES: "Contar solicitudes de descarga de paquetes con filtros opcionales"
fr_FR: "Compter les demandes de téléchargement de paquets avec filtres optionnels"
pl_PL: "Zlicz żądania pobrania pakietów z opcjonalnymi filtrami"
about.get-metrics-summary:
en_US: "Get a summary of registry usage metrics"
de_DE: "Zusammenfassung der Registry-Nutzungsmetriken abrufen"
es_ES: "Obtener un resumen de las métricas de uso del registro"
fr_FR: "Obtenir un résumé des métriques d'utilisation du registre"
pl_PL: "Pobierz podsumowanie metryk użycia rejestru"
about.get-metrics-users:
en_US: "Count unique active users within a time range"
de_DE: "Eindeutige aktive Benutzer in einem Zeitraum zählen"
es_ES: "Contar usuarios activos únicos dentro de un rango de tiempo"
fr_FR: "Compter les utilisateurs actifs uniques dans un intervalle de temps"
pl_PL: "Zlicz unikalnych aktywnych użytkowników w zakresie czasu"
about.get-os-versions-info:
en_US: "Get OS versions info"
de_DE: "Informationen zu Betriebssystemversionen abrufen"
@@ -5234,6 +5333,20 @@ about.persist-new-notification:
fr_FR: "Persister une nouvelle notification"
pl_PL: "Utrwal nowe powiadomienie"
about.promote-os-registry:
en_US: "Promote an OS version from one registry to another"
de_DE: "Eine OS-Version von einer Registry in eine andere heraufstufen"
es_ES: "Promover una versión del SO de un registro a otro"
fr_FR: "Promouvoir une version OS d'un registre à un autre"
pl_PL: "Promuj wersję OS z jednego rejestru do drugiego"
about.promote-package-registry:
en_US: "Promote a package from one registry to another"
de_DE: "Ein Paket von einer Registry in eine andere heraufstufen"
es_ES: "Promover un paquete de un registro a otro"
fr_FR: "Promouvoir un paquet d'un registre à un autre"
pl_PL: "Promuj pakiet z jednego rejestru do drugiego"
about.publish-s9pk:
en_US: "Publish s9pk to S3 bucket and index on registry"
de_DE: "S9pk in S3-Bucket veröffentlichen und in Registry indizieren"

29
core/src/db/model/public.rs
View File

@@ -55,8 +55,6 @@ impl Public {
) -> Result<Self, Error> {
Ok(Self {
server_info: ServerInfo {
arch: get_arch(),
platform: get_platform(),
id: account.server_id.clone(),
version: Current::default().semver(),
name: account.hostname.name.clone(),
@@ -125,10 +123,10 @@ impl Public {
},
status_info: ServerStatus {
backup_progress: None,
updated: false,
update_progress: None,
shutting_down: false,
restarting: false,
restart: None,
},
unread_notification_count: 0,
password_hash: account.password.clone(),
@@ -160,14 +158,6 @@ impl Public {
}
}
fn get_arch() -> InternedString {
(*ARCH).into()
}
fn get_platform() -> InternedString {
(&*PLATFORM).into()
}
pub fn default_echoip_urls() -> Vec<Url> {
vec![
"https://ipconfig.io".parse().unwrap(),
@@ -180,10 +170,6 @@ pub fn default_echoip_urls() -> Vec<Url> {
#[model = "Model<Self>"]
#[ts(export)]
pub struct ServerInfo {
#[serde(default = "get_arch")]
pub arch: InternedString,
#[serde(default = "get_platform")]
pub platform: InternedString,
pub id: String,
pub name: InternedString,
pub hostname: InternedString,
@@ -220,6 +206,16 @@ pub struct ServerInfo {
pub keyboard: Option<KeyboardOptions>,
}
#[derive(Debug, Clone, PartialEq, Eq, Deserialize, Serialize, TS)]
#[serde(rename_all = "lowercase")]
#[ts(export)]
pub enum RestartReason {
Mdns,
Language,
Kiosk,
Update,
}
#[derive(Debug, Default, Deserialize, Serialize, HasModel, TS)]
#[serde(rename_all = "camelCase")]
#[model = "Model<Self>"]
@@ -364,12 +360,13 @@ pub struct BackupProgress {
#[ts(export)]
pub struct ServerStatus {
pub backup_progress: Option<BTreeMap<PackageId, BackupProgress>>,
pub updated: bool,
pub update_progress: Option<FullProgress>,
#[serde(default)]
pub shutting_down: bool,
#[serde(default)]
pub restarting: bool,
#[serde(default)]
pub restart: Option<RestartReason>,
}
#[derive(Debug, Default, Deserialize, Serialize, HasModel, TS)]

13
core/src/disk/fsck/btrfs.rs
View File

@@ -2,24 +2,11 @@ use std::io::Cursor;
use std::path::Path;
use tokio::process::Command;
use tracing::instrument;
use crate::Error;
use crate::disk::fsck::RequiresReboot;
use crate::util::Invoke;
#[instrument(skip_all)]
pub async fn btrfs_check_readonly(logicalname: impl AsRef<Path>) -> Result<RequiresReboot, Error> {
Command::new("btrfs")
.arg("check")
.arg("--readonly")
.arg(logicalname.as_ref())
.invoke(crate::ErrorKind::DiskManagement)
.await?;
Ok(RequiresReboot(false))
}
pub async fn btrfs_check_repair(logicalname: impl AsRef<Path>) -> Result<RequiresReboot, Error> {
Command::new("btrfs")
.arg("check")

4
core/src/disk/fsck/mod.rs
View File

@@ -4,7 +4,7 @@ use color_eyre::eyre::eyre;
use tokio::process::Command;
use crate::Error;
use crate::disk::fsck::btrfs::{btrfs_check_readonly, btrfs_check_repair};
use crate::disk::fsck::btrfs::btrfs_check_repair;
use crate::disk::fsck::ext4::{e2fsck_aggressive, e2fsck_preen};
use crate::util::Invoke;
@@ -71,7 +71,7 @@ impl RepairStrategy {
logicalname: impl AsRef<Path> + std::fmt::Debug,
) -> Result<RequiresReboot, Error> {
match self {
RepairStrategy::Preen => btrfs_check_readonly(logicalname).await,
RepairStrategy::Preen => Ok(RequiresReboot(false)),
RepairStrategy::Aggressive => btrfs_check_repair(logicalname).await,
}
}

7
core/src/disk/main.rs
View File

@@ -344,12 +344,17 @@ pub async fn mount_fs<P: AsRef<Path>>(
.arg(&blockdev_path)
.invoke(ErrorKind::DiskManagement)
.await?;
// Defragment after conversion for optimal performance
// Delete ext2_saved subvolume and defragment after conversion
let tmp_mount = datadir.as_ref().join(format!("{name}.convert-tmp"));
tokio::fs::create_dir_all(&tmp_mount).await?;
BlockDev::new(&blockdev_path)
.mount(&tmp_mount, ReadWrite)
.await?;
Command::new("btrfs")
.args(["subvolume", "delete"])
.arg(tmp_mount.join("ext2_saved"))
.invoke(ErrorKind::DiskManagement)
.await?;
Command::new("btrfs")
.args(["filesystem", "defragment", "-r"])
.arg(&tmp_mount)

2
core/src/disk/mod.rs
View File

@@ -103,7 +103,7 @@ impl OsPartitionInfo {
}
}
const BIOS_BOOT_TYPE_GUID: &str = "21686148-6449-6e6f-744e-656564726548";
const BIOS_BOOT_TYPE_GUID: &str = "21686148-6449-6E6F-744E-656564454649";
/// Find the BIOS boot partition on the same disk as `known_part`.
async fn find_bios_boot_partition(known_part: &Path) -> Result<Option<PathBuf>, Error> {

3
core/src/hostname.rs
View File

@@ -7,7 +7,7 @@ use tracing::instrument;
use ts_rs::TS;
use crate::context::RpcContext;
use crate::db::model::public::ServerInfo;
use crate::db::model::public::{RestartReason, ServerInfo};
use crate::prelude::*;
use crate::util::Invoke;
@@ -272,6 +272,7 @@ pub async fn set_hostname_rpc(
}
if let Some(hostname) = &hostname {
hostname.save(server_info)?;
server_info.as_status_info_mut().as_restart_mut().ser(&Some(RestartReason::Mdns))?;
}
ServerHostnameInfo::load(server_info)
})

2
core/src/init.rs
View File

@@ -371,11 +371,11 @@ pub async fn init(
let ram = get_mem_info().await?.total.0 as u64 * 1024 * 1024;
let devices = lshw().await?;
let status_info = ServerStatus {
updated: false,
update_progress: None,
backup_progress: None,
shutting_down: false,
restarting: false,
restart: None,
};
db.mutate(|v| {
let server_info = v.as_public_mut().as_server_info_mut();

266
core/src/net/gateway.rs
View File

@@ -241,11 +241,19 @@ pub async fn check_port(
.await
.map_or(false, |r| r.is_ok());
let local_ipv4 = ip_info
.subnets
.iter()
.find_map(|s| match s.addr() {
IpAddr::V4(v4) => Some(v4),
_ => None,
})
.unwrap_or(Ipv4Addr::UNSPECIFIED);
let client = reqwest::Client::builder();
#[cfg(target_os = "linux")]
let client = client
.interface(gateway.as_str())
.local_address(IpAddr::V4(Ipv4Addr::UNSPECIFIED));
.local_address(IpAddr::V4(local_ipv4));
let client = client.build()?;
let mut res = None;
@@ -282,12 +290,7 @@ pub async fn check_port(
));
};
let hairpinning = tokio::time::timeout(
Duration::from_secs(5),
tokio::net::TcpStream::connect(SocketAddr::new(ip.into(), port)),
)
.await
.map_or(false, |r| r.is_ok());
let hairpinning = check_hairpin(gateway, local_ipv4, ip, port).await;
Ok(CheckPortRes {
ip,
@@ -298,6 +301,30 @@ pub async fn check_port(
})
}
#[cfg(target_os = "linux")]
async fn check_hairpin(gateway: GatewayId, local_ipv4: Ipv4Addr, ip: Ipv4Addr, port: u16) -> bool {
let hairpinning = tokio::time::timeout(Duration::from_secs(5), async {
let dest = SocketAddr::new(ip.into(), port);
let socket = socket2::Socket::new(socket2::Domain::IPV4, socket2::Type::STREAM, None)?;
socket.bind_device(Some(gateway.as_str().as_bytes()))?;
socket.bind(&SocketAddr::new(IpAddr::V4(local_ipv4), 0).into())?;
socket.set_nonblocking(true)?;
let socket = unsafe {
use std::os::fd::{FromRawFd, IntoRawFd};
tokio::net::TcpSocket::from_raw_fd(socket.into_raw_fd())
};
socket.connect(dest).await.map(|_| ())
})
.await
.map_or(false, |r| r.is_ok());
hairpinning
}
#[cfg(not(target_os = "linux"))]
async fn check_hairpin(_: GatewayId, _: Ipv4Addr, _: Ipv4Addr, _: u16) -> bool {
false
}
#[derive(Debug, Clone, Deserialize, Serialize, Parser, TS)]
#[group(skip)]
#[serde(rename_all = "camelCase")]
@@ -765,6 +792,7 @@ async fn watcher(
}
changed
});
gc_policy_routing(&ifaces).await;
for result in futures::future::join_all(jobs).await {
result.log_err();
}
@@ -783,12 +811,16 @@ async fn watcher(
}
}
async fn get_wan_ipv4(iface: &str, base_url: &Url) -> Result<Option<Ipv4Addr>, Error> {
async fn get_wan_ipv4(
iface: &str,
base_url: &Url,
local_ipv4: Ipv4Addr,
) -> Result<Option<Ipv4Addr>, Error> {
let client = reqwest::Client::builder();
#[cfg(target_os = "linux")]
let client = client
.interface(iface)
.local_address(IpAddr::V4(Ipv4Addr::UNSPECIFIED));
.local_address(IpAddr::V4(local_ipv4));
let url = base_url.join("/ip").with_kind(ErrorKind::ParseUrl)?;
let text = client
.build()?
@@ -806,15 +838,43 @@ async fn get_wan_ipv4(iface: &str, base_url: &Url) -> Result<Option<Ipv4Addr>, E
Ok(Some(trimmed.parse()?))
}
struct PolicyRoutingCleanup {
struct PolicyRoutingGuard {
table_id: u32,
iface: String,
}
impl Drop for PolicyRoutingCleanup {
fn drop(&mut self) {
let table_str = self.table_id.to_string();
let iface = std::mem::take(&mut self.iface);
tokio::spawn(async move {
/// Remove stale per-interface policy-routing state (fwmark rules, routing
/// tables, iptables CONNMARK rules) for interfaces that no longer exist.
async fn gc_policy_routing(active_ifaces: &BTreeSet<GatewayId>) {
let active_tables: BTreeSet<u32> = active_ifaces
.iter()
.filter_map(|iface| if_nametoindex(iface.as_str()).ok().map(|idx| 1000 + idx))
.collect();
// GC fwmark ip rules at priority 50 and their routing tables.
if let Ok(rules) = Command::new("ip")
.arg("rule")
.arg("show")
.invoke(ErrorKind::Network)
.await
.and_then(|b| String::from_utf8(b).with_kind(ErrorKind::Utf8))
{
for line in rules.lines() {
let line = line.trim();
if !line.starts_with("50:") {
continue;
}
let Some(pos) = line.find("lookup ") else {
continue;
};
let token = line[pos + 7..].split_whitespace().next().unwrap_or("");
let Ok(table_id) = token.parse::<u32>() else {
continue;
};
if table_id < 1000 || active_tables.contains(&table_id) {
continue;
}
let table_str = table_id.to_string();
tracing::debug!("gc_policy_routing: removing stale table {table_id}");
Command::new("ip")
.arg("rule")
.arg("del")
@@ -835,25 +895,46 @@ impl Drop for PolicyRoutingCleanup {
.invoke(ErrorKind::Network)
.await
.ok();
Command::new("iptables")
.arg("-t")
.arg("mangle")
.arg("-D")
.arg("PREROUTING")
.arg("-i")
.arg(&iface)
.arg("-m")
.arg("conntrack")
.arg("--ctstate")
.arg("NEW")
.arg("-j")
.arg("CONNMARK")
.arg("--set-mark")
.arg(&table_str)
.invoke(ErrorKind::Network)
.await
.ok();
});
}
}
// GC iptables CONNMARK set-mark rules for defunct interfaces.
if let Ok(rules) = Command::new("iptables")
.arg("-t")
.arg("mangle")
.arg("-S")
.arg("PREROUTING")
.invoke(ErrorKind::Network)
.await
.and_then(|b| String::from_utf8(b).with_kind(ErrorKind::Utf8))
{
// Rules look like:
// -A PREROUTING -i wg0 -m conntrack --ctstate NEW -j CONNMARK --set-mark 1005
for line in rules.lines() {
let parts: Vec<&str> = line.split_whitespace().collect();
if parts.first() != Some(&"-A") {
continue;
}
if !parts.contains(&"--set-mark") {
continue;
}
let Some(iface_idx) = parts.iter().position(|&p| p == "-i") else {
continue;
};
let Some(&iface) = parts.get(iface_idx + 1) else {
continue;
};
if active_ifaces.contains(&GatewayId::from(InternedString::intern(iface))) {
continue;
}
tracing::debug!("gc_policy_routing: removing stale iptables rule for {iface}");
let mut cmd = Command::new("iptables");
cmd.arg("-t").arg("mangle").arg("-D");
for &arg in &parts[1..] {
cmd.arg(arg);
}
cmd.invoke(ErrorKind::Network).await.ok();
}
}
}
@@ -985,11 +1066,8 @@ async fn watch_ip(
} else {
None
};
let policy_guard: Option<PolicyRoutingCleanup> =
policy_table_id.map(|t| PolicyRoutingCleanup {
table_id: t,
iface: iface.as_str().to_owned(),
});
let policy_guard: Option<PolicyRoutingGuard> =
policy_table_id.map(|t| PolicyRoutingGuard { table_id: t });
loop {
until
@@ -1016,7 +1094,7 @@ async fn watch_ip(
}
async fn apply_policy_routing(
guard: &PolicyRoutingCleanup,
guard: &PolicyRoutingGuard,
iface: &GatewayId,
lan_ip: &OrdSet<IpAddr>,
) -> Result<(), Error> {
@@ -1250,7 +1328,7 @@ async fn poll_ip_info(
ip4_proxy: &Ip4ConfigProxy<'_>,
ip6_proxy: &Ip6ConfigProxy<'_>,
dhcp4_proxy: &Option<Dhcp4ConfigProxy<'_>>,
policy_guard: &Option<PolicyRoutingCleanup>,
policy_guard: &Option<PolicyRoutingGuard>,
iface: &GatewayId,
echoip_ratelimit_state: &mut BTreeMap<Url, Instant>,
db: Option<&TypedPatchDb<Database>>,
@@ -1299,6 +1377,49 @@ async fn poll_ip_info(
apply_policy_routing(guard, iface, &lan_ip).await?;
}
// Write IP info to the watch immediately so the gateway appears in the
// DB without waiting for the (slow) WAN IP fetch. The echoip HTTP
// request has a 5-second timeout per URL and is easily cancelled by
// D-Bus signals via the Until mechanism, which would prevent the
// gateway from ever appearing if we waited.
let mut ip_info = IpInfo {
name: name.clone(),
scope_id,
device_type,
subnets: subnets.clone(),
lan_ip,
wan_ip: None,
ntp_servers,
dns_servers,
};
write_to.send_if_modified(|m: &mut OrdMap<GatewayId, NetworkInterfaceInfo>| {
let (name, secure, gateway_type, prev_wan_ip) =
m.get(iface).map_or((None, None, None, None), |i| {
(
i.name.clone(),
i.secure,
i.gateway_type,
i.ip_info.as_ref().and_then(|i| i.wan_ip),
)
});
ip_info.wan_ip = prev_wan_ip;
let ip_info = Arc::new(ip_info);
m.insert(
iface.clone(),
NetworkInterfaceInfo {
name,
secure,
ip_info: Some(ip_info.clone()),
gateway_type,
},
)
.filter(|old| &old.ip_info == &Some(ip_info))
.is_none()
});
// Now fetch the WAN IP in a second pass. Even if this is slow or
// gets cancelled, the gateway already has valid ip_info above.
let echoip_urls = if let Some(db) = db {
db.peek()
.await
@@ -1322,7 +1443,14 @@ async fn poll_ip_info(
Some(NetworkInterfaceType::Bridge | NetworkInterfaceType::Loopback)
)
{
match get_wan_ipv4(iface.as_str(), &echoip_url).await {
let local_ipv4 = subnets
.iter()
.find_map(|s| match s.addr() {
IpAddr::V4(v4) => Some(v4),
_ => None,
})
.unwrap_or(Ipv4Addr::UNSPECIFIED);
match get_wan_ipv4(iface.as_str(), &echoip_url, local_ipv4).await {
Ok(a) => {
wan_ip = a;
}
@@ -1349,41 +1477,25 @@ async fn poll_ip_info(
);
tracing::debug!("{e:?}");
}
let mut ip_info = IpInfo {
name: name.clone(),
scope_id,
device_type,
subnets,
lan_ip,
wan_ip,
ntp_servers,
dns_servers,
};
write_to.send_if_modified(|m: &mut OrdMap<GatewayId, NetworkInterfaceInfo>| {
let (name, secure, gateway_type, prev_wan_ip) =
m.get(iface).map_or((None, None, None, None), |i| {
(
i.name.clone(),
i.secure,
i.gateway_type,
i.ip_info.as_ref().and_then(|i| i.wan_ip),
)
});
ip_info.wan_ip = ip_info.wan_ip.or(prev_wan_ip);
let ip_info = Arc::new(ip_info);
m.insert(
iface.clone(),
NetworkInterfaceInfo {
name,
secure,
ip_info: Some(ip_info.clone()),
gateway_type,
},
)
.filter(|old| &old.ip_info == &Some(ip_info))
.is_none()
});
// Update with WAN IP if we obtained one
if wan_ip.is_some() {
write_to.send_if_modified(|m: &mut OrdMap<GatewayId, NetworkInterfaceInfo>| {
let Some(entry) = m.get_mut(iface) else {
return false;
};
let Some(ref existing_ip) = entry.ip_info else {
return false;
};
if existing_ip.wan_ip == wan_ip {
return false;
}
let mut updated = (**existing_ip).clone();
updated.wan_ip = wan_ip;
entry.ip_info = Some(Arc::new(updated));
true
});
}
Ok(())
}

43
core/src/registry/context.rs
View File

@@ -14,8 +14,8 @@ use patch_db::json_ptr::ROOT;
use reqwest::{Client, Proxy};
use rpc_toolkit::yajrc::RpcError;
use rpc_toolkit::{CallRemote, Context, Empty, RpcRequest};
use rusqlite::Connection;
use serde::{Deserialize, Serialize};
use sqlx::PgPool;
use tokio::sync::broadcast::Sender;
use tracing::instrument;
use ts_rs::TS;
@@ -34,6 +34,7 @@ use crate::registry::signer::SignerInfo;
use crate::rpc_continuations::RpcContinuations;
use crate::sign::AnyVerifyingKey;
use crate::util::io::{append_file, read_file_to_string};
use crate::util::sync::SyncMutex;
const DEFAULT_REGISTRY_LISTEN: SocketAddr =
SocketAddr::new(std::net::IpAddr::V4(Ipv4Addr::LOCALHOST), 5959);
@@ -57,12 +58,6 @@ pub struct RegistryConfig {
pub tor_proxy: Option<Url>,
#[arg(short = 'd', long = "datadir", help = "help.arg.data-directory")]
pub datadir: Option<PathBuf>,
#[arg(
short = 'u',
long = "pg-connection-url",
help = "help.arg.postgres-connection-url"
)]
pub pg_connection_url: Option<String>,
}
impl ContextConfig for RegistryConfig {
fn next(&mut self) -> Option<PathBuf> {
@@ -93,7 +88,7 @@ pub struct RegistryContextSeed {
pub rpc_continuations: RpcContinuations,
pub client: Client,
pub shutdown: Sender<()>,
pub pool: Option<PgPool>,
pub metrics_db: SyncMutex<Connection>,
}
#[derive(Clone)]
@@ -124,13 +119,29 @@ impl RegistryContext {
.clone()
.map(Ok)
.unwrap_or_else(|| "socks5h://tor.startos:9050".parse())?;
let pool: Option<PgPool> = match &config.pg_connection_url {
Some(url) => match PgPool::connect(url.as_str()).await {
Ok(pool) => Some(pool),
Err(_) => None,
},
None => None,
};
let metrics_db_path = datadir.join("metrics.db");
let metrics_db = Connection::open(&metrics_db_path).with_kind(ErrorKind::Database)?;
metrics_db
.execute_batch(
"CREATE TABLE IF NOT EXISTS user_activity (
id INTEGER PRIMARY KEY AUTOINCREMENT,
created_at TEXT NOT NULL,
server_id TEXT NOT NULL,
arch TEXT,
os_version TEXT
);
CREATE TABLE IF NOT EXISTS package_request (
id INTEGER PRIMARY KEY AUTOINCREMENT,
created_at TEXT NOT NULL,
pkg_id TEXT NOT NULL,
version TEXT
);
CREATE INDEX IF NOT EXISTS idx_user_activity_created_at ON user_activity(created_at);
CREATE INDEX IF NOT EXISTS idx_package_request_created_at ON package_request(created_at);
CREATE INDEX IF NOT EXISTS idx_package_request_pkg_id ON package_request(pkg_id);",
)
.with_kind(ErrorKind::Database)?;
let metrics_db = SyncMutex::new(metrics_db);
if config.registry_hostname.is_empty() {
return Err(Error::new(
eyre!("{}", t!("registry.context.missing-hostname")),
@@ -154,7 +165,7 @@ impl RegistryContext {
.build()
.with_kind(crate::ErrorKind::ParseUrl)?,
shutdown,
pool,
metrics_db,
})))
}
}

2
core/src/registry/device_info.rs
View File

@@ -233,7 +233,7 @@ impl HardwareInfo {
pub async fn load(ctx: &RpcContext) -> Result<Self, Error> {
let s = ctx.db.peek().await.into_public().into_server_info();
Ok(Self {
arch: s.as_arch().de()?,
arch: InternedString::intern(&*crate::ARCH),
ram: s.as_ram().de()?,
devices: Some(s.as_devices().de()?),
})

23
core/src/registry/info.rs
View File

@@ -1,5 +1,4 @@
use std::collections::BTreeMap;
use std::path::PathBuf;
use clap::Parser;
use imbl_value::InternedString;
@@ -107,8 +106,8 @@ pub async fn set_icon(
#[serde(rename_all = "camelCase")]
#[ts(export)]
pub struct CliSetIconParams {
#[arg(help = "help.arg.icon-path")]
pub icon: PathBuf,
#[arg(help = "help.arg.icon-source")]
pub icon: String,
}
pub async fn cli_set_icon(
@@ -120,7 +119,23 @@ pub async fn cli_set_icon(
..
}: HandlerArgs<CliContext, CliSetIconParams>,
) -> Result<(), Error> {
let data_url = DataUrl::from_path(icon).await?;
let data_url = if icon.starts_with("data:") {
icon.parse::<DataUrl<'static>>()
.with_kind(ErrorKind::ParseUrl)?
} else if icon.starts_with("https://") || icon.starts_with("http://") {
let res = ctx
.client
.get(&icon)
.send()
.await
.with_kind(ErrorKind::Network)?;
DataUrl::from_response(res).await?
} else {
let path = icon
.strip_prefix("file://")
.unwrap_or(&icon);
DataUrl::from_path(path).await?
};
ctx.call_remote::<RegistryContext>(
&parent_method.into_iter().chain(method).join("."),
imbl_value::json!({

25
core/src/registry/metrics-db/registry-sqlx-data.sh
View File

@@ -1,25 +0,0 @@
#!/bin/bash
cd "$(dirname "${BASH_SOURCE[0]}")"
TMP_DIR=$(mktemp -d)
mkdir $TMP_DIR/pgdata
docker run -d --rm --name=tmp_postgres -e POSTGRES_PASSWORD=password -v $TMP_DIR/pgdata:/var/lib/postgresql/data postgres
(
set -e
ctr=0
until docker exec tmp_postgres psql -U postgres 2> /dev/null || [ $ctr -ge 5 ]; do
ctr=$[ctr + 1]
sleep 5;
done
PG_IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' tmp_postgres)
cat "./registry_schema.sql" | docker exec -i tmp_postgres psql -U postgres -d postgres -f-
cd ../../..
DATABASE_URL=postgres://postgres:password@$PG_IP/postgres PLATFORM=$(uname -m) cargo sqlx prepare -- --lib --profile=test --workspace
echo "Subscript Complete"
)
docker stop tmp_postgres
sudo rm -rf $TMP_DIR

828
core/src/registry/metrics-db/registry_schema.sql
View File

@@ -1,828 +0,0 @@
--
-- PostgreSQL database dump
--
-- Dumped from database version 14.12 (Ubuntu 14.12-0ubuntu0.22.04.1)
-- Dumped by pg_dump version 14.12 (Ubuntu 14.12-0ubuntu0.22.04.1)
SET statement_timeout = 0;
SET lock_timeout = 0;
SET idle_in_transaction_session_timeout = 0;
SET client_encoding = 'UTF8';
SET standard_conforming_strings = on;
SELECT pg_catalog.set_config('search_path', '', false);
SET check_function_bodies = false;
SET xmloption = content;
SET client_min_messages = warning;
SET row_security = off;
SET default_tablespace = '';
SET default_table_access_method = heap;
--
-- Name: admin; Type: TABLE; Schema: public; Owner: alpha_admin
--
CREATE TABLE public.admin (
id character varying NOT NULL,
created_at timestamp with time zone NOT NULL,
pass_hash character varying NOT NULL,
deleted_at timestamp with time zone
);
ALTER TABLE public.admin OWNER TO alpha_admin;
--
-- Name: admin_pkgs; Type: TABLE; Schema: public; Owner: alpha_admin
--
CREATE TABLE public.admin_pkgs (
id bigint NOT NULL,
admin character varying NOT NULL,
pkg_id character varying NOT NULL
);
ALTER TABLE public.admin_pkgs OWNER TO alpha_admin;
--
-- Name: admin_pkgs_id_seq; Type: SEQUENCE; Schema: public; Owner: alpha_admin
--
CREATE SEQUENCE public.admin_pkgs_id_seq
START WITH 1
INCREMENT BY 1
NO MINVALUE
NO MAXVALUE
CACHE 1;
ALTER TABLE public.admin_pkgs_id_seq OWNER TO alpha_admin;
--
-- Name: admin_pkgs_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: alpha_admin
--
ALTER SEQUENCE public.admin_pkgs_id_seq OWNED BY public.admin_pkgs.id;
--
-- Name: category; Type: TABLE; Schema: public; Owner: alpha_admin
--
CREATE TABLE public.category (
id bigint NOT NULL,
created_at timestamp with time zone NOT NULL,
name character varying NOT NULL,
description character varying NOT NULL,
priority bigint DEFAULT 0 NOT NULL
);
ALTER TABLE public.category OWNER TO alpha_admin;
--
-- Name: category_id_seq; Type: SEQUENCE; Schema: public; Owner: alpha_admin
--
CREATE SEQUENCE public.category_id_seq
START WITH 1
INCREMENT BY 1
NO MINVALUE
NO MAXVALUE
CACHE 1;
ALTER TABLE public.category_id_seq OWNER TO alpha_admin;
--
-- Name: category_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: alpha_admin
--
ALTER SEQUENCE public.category_id_seq OWNED BY public.category.id;
--
-- Name: eos_hash; Type: TABLE; Schema: public; Owner: alpha_admin
--
CREATE TABLE public.eos_hash (
id bigint NOT NULL,
version character varying NOT NULL,
hash character varying NOT NULL
);
ALTER TABLE public.eos_hash OWNER TO alpha_admin;
--
-- Name: eos_hash_id_seq; Type: SEQUENCE; Schema: public; Owner: alpha_admin
--
CREATE SEQUENCE public.eos_hash_id_seq
START WITH 1
INCREMENT BY 1
NO MINVALUE
NO MAXVALUE
CACHE 1;
ALTER TABLE public.eos_hash_id_seq OWNER TO alpha_admin;
--
-- Name: eos_hash_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: alpha_admin
--
ALTER SEQUENCE public.eos_hash_id_seq OWNED BY public.eos_hash.id;
--
-- Name: error_log_record; Type: TABLE; Schema: public; Owner: alpha_admin
--
CREATE TABLE public.error_log_record (
id bigint NOT NULL,
created_at timestamp with time zone NOT NULL,
epoch character varying NOT NULL,
commit_hash character varying NOT NULL,
source_file character varying NOT NULL,
line bigint NOT NULL,
target character varying NOT NULL,
level character varying NOT NULL,
message character varying NOT NULL,
incidents bigint NOT NULL
);
ALTER TABLE public.error_log_record OWNER TO alpha_admin;
--
-- Name: error_log_record_id_seq; Type: SEQUENCE; Schema: public; Owner: alpha_admin
--
CREATE SEQUENCE public.error_log_record_id_seq
START WITH 1
INCREMENT BY 1
NO MINVALUE
NO MAXVALUE
CACHE 1;
ALTER TABLE public.error_log_record_id_seq OWNER TO alpha_admin;
--
-- Name: error_log_record_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: alpha_admin
--
ALTER SEQUENCE public.error_log_record_id_seq OWNED BY public.error_log_record.id;
--
-- Name: metric; Type: TABLE; Schema: public; Owner: alpha_admin
--
CREATE TABLE public.metric (
id bigint NOT NULL,
created_at timestamp with time zone NOT NULL,
version character varying NOT NULL,
pkg_id character varying NOT NULL
);
ALTER TABLE public.metric OWNER TO alpha_admin;
--
-- Name: metric_id_seq; Type: SEQUENCE; Schema: public; Owner: alpha_admin
--
CREATE SEQUENCE public.metric_id_seq
START WITH 1
INCREMENT BY 1
NO MINVALUE
NO MAXVALUE
CACHE 1;
ALTER TABLE public.metric_id_seq OWNER TO alpha_admin;
--
-- Name: metric_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: alpha_admin
--
ALTER SEQUENCE public.metric_id_seq OWNED BY public.metric.id;
--
-- Name: os_version; Type: TABLE; Schema: public; Owner: alpha_admin
--
CREATE TABLE public.os_version (
id bigint NOT NULL,
created_at timestamp with time zone NOT NULL,
updated_at timestamp with time zone NOT NULL,
number character varying NOT NULL,
headline character varying NOT NULL,
release_notes character varying NOT NULL,
arch character varying
);
ALTER TABLE public.os_version OWNER TO alpha_admin;
--
-- Name: os_version_id_seq; Type: SEQUENCE; Schema: public; Owner: alpha_admin
--
CREATE SEQUENCE public.os_version_id_seq
START WITH 1
INCREMENT BY 1
NO MINVALUE
NO MAXVALUE
CACHE 1;
ALTER TABLE public.os_version_id_seq OWNER TO alpha_admin;
--
-- Name: os_version_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: alpha_admin
--
ALTER SEQUENCE public.os_version_id_seq OWNED BY public.os_version.id;
--
-- Name: persistent_migration; Type: TABLE; Schema: public; Owner: alpha_admin
--
CREATE TABLE public.persistent_migration (
id integer NOT NULL,
version integer NOT NULL,
label character varying,
"timestamp" timestamp with time zone NOT NULL
);
ALTER TABLE public.persistent_migration OWNER TO alpha_admin;
--
-- Name: persistent_migration_id_seq; Type: SEQUENCE; Schema: public; Owner: alpha_admin
--
CREATE SEQUENCE public.persistent_migration_id_seq
AS integer
START WITH 1
INCREMENT BY 1
NO MINVALUE
NO MAXVALUE
CACHE 1;
ALTER TABLE public.persistent_migration_id_seq OWNER TO alpha_admin;
--
-- Name: persistent_migration_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: alpha_admin
--
ALTER SEQUENCE public.persistent_migration_id_seq OWNED BY public.persistent_migration.id;
--
-- Name: pkg_category; Type: TABLE; Schema: public; Owner: alpha_admin
--
CREATE TABLE public.pkg_category (
id bigint NOT NULL,
created_at timestamp with time zone NOT NULL,
category_id bigint NOT NULL,
pkg_id character varying NOT NULL
);
ALTER TABLE public.pkg_category OWNER TO alpha_admin;
--
-- Name: pkg_dependency; Type: TABLE; Schema: public; Owner: alpha_admin
--
CREATE TABLE public.pkg_dependency (
id bigint NOT NULL,
created_at timestamp with time zone NOT NULL,
pkg_id character varying NOT NULL,
pkg_version character varying NOT NULL,
dep_id character varying NOT NULL,
dep_version_range character varying NOT NULL
);
ALTER TABLE public.pkg_dependency OWNER TO alpha_admin;
--
-- Name: pkg_dependency_id_seq; Type: SEQUENCE; Schema: public; Owner: alpha_admin
--
CREATE SEQUENCE public.pkg_dependency_id_seq
START WITH 1
INCREMENT BY 1
NO MINVALUE
NO MAXVALUE
CACHE 1;
ALTER TABLE public.pkg_dependency_id_seq OWNER TO alpha_admin;
--
-- Name: pkg_dependency_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: alpha_admin
--
ALTER SEQUENCE public.pkg_dependency_id_seq OWNED BY public.pkg_dependency.id;
--
-- Name: pkg_record; Type: TABLE; Schema: public; Owner: alpha_admin
--
CREATE TABLE public.pkg_record (
created_at timestamp with time zone NOT NULL,
updated_at timestamp with time zone,
pkg_id character varying NOT NULL,
hidden boolean DEFAULT false NOT NULL
);
ALTER TABLE public.pkg_record OWNER TO alpha_admin;
--
-- Name: service_category_id_seq; Type: SEQUENCE; Schema: public; Owner: alpha_admin
--
CREATE SEQUENCE public.service_category_id_seq
START WITH 1
INCREMENT BY 1
NO MINVALUE
NO MAXVALUE
CACHE 1;
ALTER TABLE public.service_category_id_seq OWNER TO alpha_admin;
--
-- Name: service_category_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: alpha_admin
--
ALTER SEQUENCE public.service_category_id_seq OWNED BY public.pkg_category.id;
--
-- Name: upload; Type: TABLE; Schema: public; Owner: alpha_admin
--
CREATE TABLE public.upload (
id bigint NOT NULL,
uploader character varying NOT NULL,
pkg_id character varying NOT NULL,
pkg_version character varying NOT NULL,
created_at timestamp with time zone NOT NULL
);
ALTER TABLE public.upload OWNER TO alpha_admin;
--
-- Name: upload_id_seq; Type: SEQUENCE; Schema: public; Owner: alpha_admin
--
CREATE SEQUENCE public.upload_id_seq
START WITH 1
INCREMENT BY 1
NO MINVALUE
NO MAXVALUE
CACHE 1;
ALTER TABLE public.upload_id_seq OWNER TO alpha_admin;
--
-- Name: upload_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: alpha_admin
--
ALTER SEQUENCE public.upload_id_seq OWNED BY public.upload.id;
--
-- Name: user_activity; Type: TABLE; Schema: public; Owner: alpha_admin
--
CREATE TABLE public.user_activity (
id bigint NOT NULL,
created_at timestamp with time zone NOT NULL,
server_id character varying NOT NULL,
os_version character varying,
arch character varying
);
ALTER TABLE public.user_activity OWNER TO alpha_admin;
--
-- Name: user_activity_id_seq; Type: SEQUENCE; Schema: public; Owner: alpha_admin
--
CREATE SEQUENCE public.user_activity_id_seq
START WITH 1
INCREMENT BY 1
NO MINVALUE
NO MAXVALUE
CACHE 1;
ALTER TABLE public.user_activity_id_seq OWNER TO alpha_admin;
--
-- Name: user_activity_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: alpha_admin
--
ALTER SEQUENCE public.user_activity_id_seq OWNED BY public.user_activity.id;
--
-- Name: version; Type: TABLE; Schema: public; Owner: alpha_admin
--
CREATE TABLE public.version (
created_at timestamp with time zone NOT NULL,
updated_at timestamp with time zone,
number character varying NOT NULL,
release_notes character varying NOT NULL,
os_version character varying NOT NULL,
pkg_id character varying NOT NULL,
title character varying NOT NULL,
desc_short character varying NOT NULL,
desc_long character varying NOT NULL,
icon_type character varying NOT NULL,
deprecated_at timestamp with time zone
);
ALTER TABLE public.version OWNER TO alpha_admin;
--
-- Name: version_platform; Type: TABLE; Schema: public; Owner: alpha_admin
--
CREATE TABLE public.version_platform (
created_at timestamp with time zone NOT NULL,
updated_at timestamp with time zone,
pkg_id character varying NOT NULL,
version_number character varying NOT NULL,
arch character varying NOT NULL,
ram bigint,
device jsonb
);
ALTER TABLE public.version_platform OWNER TO alpha_admin;
--
-- Name: admin_pkgs id; Type: DEFAULT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.admin_pkgs ALTER COLUMN id SET DEFAULT nextval('public.admin_pkgs_id_seq'::regclass);
--
-- Name: category id; Type: DEFAULT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.category ALTER COLUMN id SET DEFAULT nextval('public.category_id_seq'::regclass);
--
-- Name: eos_hash id; Type: DEFAULT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.eos_hash ALTER COLUMN id SET DEFAULT nextval('public.eos_hash_id_seq'::regclass);
--
-- Name: error_log_record id; Type: DEFAULT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.error_log_record ALTER COLUMN id SET DEFAULT nextval('public.error_log_record_id_seq'::regclass);
--
-- Name: metric id; Type: DEFAULT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.metric ALTER COLUMN id SET DEFAULT nextval('public.metric_id_seq'::regclass);
--
-- Name: os_version id; Type: DEFAULT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.os_version ALTER COLUMN id SET DEFAULT nextval('public.os_version_id_seq'::regclass);
--
-- Name: persistent_migration id; Type: DEFAULT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.persistent_migration ALTER COLUMN id SET DEFAULT nextval('public.persistent_migration_id_seq'::regclass);
--
-- Name: pkg_category id; Type: DEFAULT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.pkg_category ALTER COLUMN id SET DEFAULT nextval('public.service_category_id_seq'::regclass);
--
-- Name: pkg_dependency id; Type: DEFAULT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.pkg_dependency ALTER COLUMN id SET DEFAULT nextval('public.pkg_dependency_id_seq'::regclass);
--
-- Name: upload id; Type: DEFAULT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.upload ALTER COLUMN id SET DEFAULT nextval('public.upload_id_seq'::regclass);
--
-- Name: user_activity id; Type: DEFAULT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.user_activity ALTER COLUMN id SET DEFAULT nextval('public.user_activity_id_seq'::regclass);
--
-- Name: admin admin_pkey; Type: CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.admin
ADD CONSTRAINT admin_pkey PRIMARY KEY (id);
--
-- Name: admin_pkgs admin_pkgs_pkey; Type: CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.admin_pkgs
ADD CONSTRAINT admin_pkgs_pkey PRIMARY KEY (id);
--
-- Name: category category_pkey; Type: CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.category
ADD CONSTRAINT category_pkey PRIMARY KEY (id);
--
-- Name: eos_hash eos_hash_pkey; Type: CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.eos_hash
ADD CONSTRAINT eos_hash_pkey PRIMARY KEY (id);
--
-- Name: error_log_record error_log_record_pkey; Type: CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.error_log_record
ADD CONSTRAINT error_log_record_pkey PRIMARY KEY (id);
--
-- Name: metric metric_pkey; Type: CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.metric
ADD CONSTRAINT metric_pkey PRIMARY KEY (id);
--
-- Name: os_version os_version_pkey; Type: CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.os_version
ADD CONSTRAINT os_version_pkey PRIMARY KEY (id);
--
-- Name: persistent_migration persistent_migration_pkey; Type: CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.persistent_migration
ADD CONSTRAINT persistent_migration_pkey PRIMARY KEY (id);
--
-- Name: pkg_category pkg_category_pkey; Type: CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.pkg_category
ADD CONSTRAINT pkg_category_pkey PRIMARY KEY (id);
--
-- Name: pkg_dependency pkg_dependency_pkey; Type: CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.pkg_dependency
ADD CONSTRAINT pkg_dependency_pkey PRIMARY KEY (id);
--
-- Name: admin_pkgs unique_admin_pkg; Type: CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.admin_pkgs
ADD CONSTRAINT unique_admin_pkg UNIQUE (pkg_id, admin);
--
-- Name: error_log_record unique_log_record; Type: CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.error_log_record
ADD CONSTRAINT unique_log_record UNIQUE (epoch, commit_hash, source_file, line, target, level, message);
--
-- Name: category unique_name; Type: CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.category
ADD CONSTRAINT unique_name UNIQUE (name);
--
-- Name: pkg_category unique_pkg_category; Type: CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.pkg_category
ADD CONSTRAINT unique_pkg_category UNIQUE (pkg_id, category_id);
--
-- Name: pkg_dependency unique_pkg_dep_version; Type: CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.pkg_dependency
ADD CONSTRAINT unique_pkg_dep_version UNIQUE (pkg_id, pkg_version, dep_id);
--
-- Name: eos_hash unique_version; Type: CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.eos_hash
ADD CONSTRAINT unique_version UNIQUE (version);
--
-- Name: upload upload_pkey; Type: CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.upload
ADD CONSTRAINT upload_pkey PRIMARY KEY (id);
--
-- Name: user_activity user_activity_pkey; Type: CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.user_activity
ADD CONSTRAINT user_activity_pkey PRIMARY KEY (id);
--
-- Name: version version_pkey; Type: CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.version
ADD CONSTRAINT version_pkey PRIMARY KEY (pkg_id, number);
--
-- Name: version_platform version_platform_pkey; Type: CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.version_platform
ADD CONSTRAINT version_platform_pkey PRIMARY KEY (pkg_id, version_number, arch);
--
-- Name: category_name_idx; Type: INDEX; Schema: public; Owner: alpha_admin
--
CREATE UNIQUE INDEX category_name_idx ON public.category USING btree (name);
--
-- Name: pkg_record_pkg_id_idx; Type: INDEX; Schema: public; Owner: alpha_admin
--
CREATE UNIQUE INDEX pkg_record_pkg_id_idx ON public.pkg_record USING btree (pkg_id);
--
-- Name: version_number_idx; Type: INDEX; Schema: public; Owner: alpha_admin
--
CREATE INDEX version_number_idx ON public.version USING btree (number);
--
-- Name: admin_pkgs admin_pkgs_admin_fkey; Type: FK CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.admin_pkgs
ADD CONSTRAINT admin_pkgs_admin_fkey FOREIGN KEY (admin) REFERENCES public.admin(id) ON UPDATE RESTRICT ON DELETE RESTRICT;
--
-- Name: metric metric_pkg_id_fkey; Type: FK CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.metric
ADD CONSTRAINT metric_pkg_id_fkey FOREIGN KEY (pkg_id) REFERENCES public.pkg_record(pkg_id) ON UPDATE RESTRICT ON DELETE RESTRICT;
--
-- Name: pkg_category pkg_category_category_id_fkey; Type: FK CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.pkg_category
ADD CONSTRAINT pkg_category_category_id_fkey FOREIGN KEY (category_id) REFERENCES public.category(id) ON UPDATE RESTRICT ON DELETE RESTRICT;
--
-- Name: pkg_category pkg_category_pkg_id_fkey; Type: FK CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.pkg_category
ADD CONSTRAINT pkg_category_pkg_id_fkey FOREIGN KEY (pkg_id) REFERENCES public.pkg_record(pkg_id) ON UPDATE RESTRICT ON DELETE RESTRICT;
--
-- Name: pkg_dependency pkg_dependency_dep_id_fkey; Type: FK CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.pkg_dependency
ADD CONSTRAINT pkg_dependency_dep_id_fkey FOREIGN KEY (dep_id) REFERENCES public.pkg_record(pkg_id) ON UPDATE RESTRICT ON DELETE RESTRICT;
--
-- Name: pkg_dependency pkg_dependency_pkg_id_fkey; Type: FK CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.pkg_dependency
ADD CONSTRAINT pkg_dependency_pkg_id_fkey FOREIGN KEY (pkg_id) REFERENCES public.pkg_record(pkg_id) ON UPDATE RESTRICT ON DELETE RESTRICT;
--
-- Name: upload upload_pkg_id_fkey; Type: FK CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.upload
ADD CONSTRAINT upload_pkg_id_fkey FOREIGN KEY (pkg_id) REFERENCES public.pkg_record(pkg_id) ON UPDATE RESTRICT ON DELETE RESTRICT;
--
-- Name: upload upload_uploader_fkey; Type: FK CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.upload
ADD CONSTRAINT upload_uploader_fkey FOREIGN KEY (uploader) REFERENCES public.admin(id) ON UPDATE RESTRICT ON DELETE RESTRICT;
--
-- Name: version version_pkg_id_fkey; Type: FK CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.version
ADD CONSTRAINT version_pkg_id_fkey FOREIGN KEY (pkg_id) REFERENCES public.pkg_record(pkg_id) ON UPDATE RESTRICT ON DELETE RESTRICT;
--
-- Name: version_platform version_platform_pkg_id_fkey; Type: FK CONSTRAINT; Schema: public; Owner: alpha_admin
--
ALTER TABLE ONLY public.version_platform
ADD CONSTRAINT version_platform_pkg_id_fkey FOREIGN KEY (pkg_id) REFERENCES public.pkg_record(pkg_id) ON UPDATE RESTRICT ON DELETE RESTRICT;
--
-- PostgreSQL database dump complete
--

436
core/src/registry/metrics.rs Normal file
View File

@@ -0,0 +1,436 @@
use clap::Parser;
use rpc_toolkit::{Context, HandlerExt, ParentHandler, from_fn_async};
use serde::{Deserialize, Serialize};
use ts_rs::TS;
use crate::context::CliContext;
use crate::prelude::*;
use crate::registry::context::RegistryContext;
use crate::util::serde::{HandlerExtSerde, WithIoFormat, display_serializable};
pub fn metrics_api<C: Context>() -> ParentHandler<C> {
ParentHandler::new()
.subcommand(
"summary",
from_fn_async(get_summary)
.with_metadata("admin", Value::Bool(true))
.with_display_serializable()
.with_custom_display_fn(|handle, result| display_summary(handle.params, result))
.with_about("about.get-metrics-summary")
.with_call_remote::<CliContext>(),
)
.subcommand(
"users",
from_fn_async(get_users)
.with_metadata("admin", Value::Bool(true))
.with_display_serializable()
.with_custom_display_fn(|handle, result| display_users(handle.params, result))
.with_about("about.get-metrics-users")
.with_call_remote::<CliContext>(),
)
.subcommand(
"downloads",
from_fn_async(get_downloads)
.with_metadata("admin", Value::Bool(true))
.with_display_serializable()
.with_custom_display_fn(|handle, result| {
display_downloads(handle.params, result)
})
.with_about("about.get-metrics-downloads")
.with_call_remote::<CliContext>(),
)
}
// --- summary ---
#[derive(Debug, Serialize, Deserialize, TS)]
#[serde(rename_all = "camelCase")]
#[ts(export)]
pub struct CountEntry {
pub label: String,
pub count: u64,
}
#[derive(Debug, Serialize, Deserialize, TS)]
#[serde(rename_all = "camelCase")]
#[ts(export)]
pub struct MetricsSummary {
pub total_checkins: u64,
pub unique_servers: u64,
pub total_package_requests: u64,
pub by_arch: Vec<CountEntry>,
pub by_os_version: Vec<CountEntry>,
}
pub async fn get_summary(ctx: RegistryContext) -> Result<MetricsSummary, Error> {
tokio::task::spawn_blocking(move || {
ctx.metrics_db.peek(|conn| {
let total_checkins: u64 = conn
.query_row("SELECT COUNT(*) FROM user_activity", [], |row| row.get(0))
.with_kind(ErrorKind::Database)?;
let unique_servers: u64 = conn
.query_row(
"SELECT COUNT(DISTINCT server_id) FROM user_activity",
[],
|row| row.get(0),
)
.with_kind(ErrorKind::Database)?;
let total_package_requests: u64 = conn
.query_row("SELECT COUNT(*) FROM package_request", [], |row| row.get(0))
.with_kind(ErrorKind::Database)?;
let by_arch = query_count_entries(
conn,
"SELECT COALESCE(arch, 'unknown'), COUNT(*) FROM user_activity GROUP BY arch ORDER BY COUNT(*) DESC",
)?;
let by_os_version = query_count_entries(
conn,
"SELECT COALESCE(os_version, 'unknown'), COUNT(*) FROM user_activity GROUP BY os_version ORDER BY COUNT(*) DESC",
)?;
Ok(MetricsSummary {
total_checkins,
unique_servers,
total_package_requests,
by_arch,
by_os_version,
})
})
})
.await
.with_kind(ErrorKind::Unknown)?
}
fn display_summary<T>(params: WithIoFormat<T>, summary: MetricsSummary) -> Result<(), Error> {
use prettytable::*;
if let Some(format) = params.format {
return display_serializable(format, summary);
}
println!("Total check-ins: {}", summary.total_checkins);
println!("Unique servers: {}", summary.unique_servers);
println!("Total package requests: {}", summary.total_package_requests);
if !summary.by_arch.is_empty() {
println!();
let mut table = Table::new();
table.add_row(row![bc => "ARCHITECTURE", "COUNT"]);
for entry in &summary.by_arch {
table.add_row(row![&entry.label, entry.count]);
}
table.print_tty(false)?;
}
if !summary.by_os_version.is_empty() {
println!();
let mut table = Table::new();
table.add_row(row![bc => "OS VERSION", "COUNT"]);
for entry in &summary.by_os_version {
table.add_row(row![&entry.label, entry.count]);
}
table.print_tty(false)?;
}
Ok(())
}
// --- users ---
#[derive(Debug, Deserialize, Serialize, Parser, TS)]
#[group(skip)]
#[command(rename_all = "kebab-case")]
#[serde(rename_all = "camelCase")]
#[ts(export)]
pub struct GetUsersParams {
/// Start of time range (RFC 3339)
#[ts(type = "string | null")]
#[arg(long, help = "help.arg.metrics-after")]
pub after: Option<String>,
/// End of time range (RFC 3339)
#[ts(type = "string | null")]
#[arg(long, help = "help.arg.metrics-before")]
pub before: Option<String>,
}
#[derive(Debug, Serialize, Deserialize, TS)]
#[serde(rename_all = "camelCase")]
#[ts(export)]
pub struct UsersResponse {
pub unique_servers: u64,
pub total_checkins: u64,
}
pub async fn get_users(
ctx: RegistryContext,
GetUsersParams { after, before }: GetUsersParams,
) -> Result<UsersResponse, Error> {
tokio::task::spawn_blocking(move || {
ctx.metrics_db.peek(|conn| {
let (where_clause, params) = time_range_where(&after, &before);
let unique_servers: u64 = conn
.query_row(
&format!("SELECT COUNT(DISTINCT server_id) FROM user_activity{where_clause}"),
rusqlite::params_from_iter(&params),
|row| row.get(0),
)
.with_kind(ErrorKind::Database)?;
let total_checkins: u64 = conn
.query_row(
&format!("SELECT COUNT(*) FROM user_activity{where_clause}"),
rusqlite::params_from_iter(&params),
|row| row.get(0),
)
.with_kind(ErrorKind::Database)?;
Ok(UsersResponse {
unique_servers,
total_checkins,
})
})
})
.await
.with_kind(ErrorKind::Unknown)?
}
fn display_users<T>(params: WithIoFormat<T>, response: UsersResponse) -> Result<(), Error> {
if let Some(format) = params.format {
return display_serializable(format, response);
}
println!("Unique servers: {}", response.unique_servers);
println!("Total check-ins: {}", response.total_checkins);
Ok(())
}
// --- downloads ---
#[derive(Debug, Deserialize, Serialize, Parser, TS)]
#[group(skip)]
#[command(rename_all = "kebab-case")]
#[serde(rename_all = "camelCase")]
#[ts(export)]
pub struct GetDownloadsParams {
/// Filter by package ID
#[ts(type = "string | null")]
#[arg(long, help = "help.arg.metrics-pkg-id")]
pub pkg_id: Option<String>,
/// Filter by version
#[ts(type = "string | null")]
#[arg(long, help = "help.arg.metrics-version")]
pub version: Option<String>,
/// Start of time range (RFC 3339)
#[ts(type = "string | null")]
#[arg(long, help = "help.arg.metrics-after")]
pub after: Option<String>,
/// End of time range (RFC 3339)
#[ts(type = "string | null")]
#[arg(long, help = "help.arg.metrics-before")]
pub before: Option<String>,
}
#[derive(Debug, Serialize, Deserialize, TS)]
#[serde(rename_all = "camelCase")]
#[ts(export)]
pub struct PackageVersionCount {
pub pkg_id: String,
pub version: String,
pub count: u64,
}
#[derive(Debug, Serialize, Deserialize, TS)]
#[serde(rename_all = "camelCase")]
#[ts(export)]
pub struct DownloadsResponse {
pub total_requests: u64,
pub by_package: Vec<CountEntry>,
pub by_package_version: Vec<PackageVersionCount>,
}
pub async fn get_downloads(
ctx: RegistryContext,
GetDownloadsParams {
pkg_id,
version,
after,
before,
}: GetDownloadsParams,
) -> Result<DownloadsResponse, Error> {
tokio::task::spawn_blocking(move || {
ctx.metrics_db.peek(|conn| {
let (where_clause, params) =
downloads_where(&pkg_id, &version, &after, &before);
let total_requests: u64 = conn
.query_row(
&format!("SELECT COUNT(*) FROM package_request{where_clause}"),
rusqlite::params_from_iter(&params),
|row| row.get(0),
)
.with_kind(ErrorKind::Database)?;
let by_package = query_count_entries_with_params(
conn,
&format!(
"SELECT pkg_id, COUNT(*) FROM package_request{where_clause} GROUP BY pkg_id ORDER BY COUNT(*) DESC"
),
&params,
)?;
let by_package_version = {
let mut stmt = conn
.prepare(&format!(
"SELECT pkg_id, COALESCE(version, 'unknown'), COUNT(*) FROM package_request{where_clause} GROUP BY pkg_id, version ORDER BY pkg_id, COUNT(*) DESC"
))
.with_kind(ErrorKind::Database)?;
let rows = stmt
.query_map(rusqlite::params_from_iter(&params), |row| {
Ok(PackageVersionCount {
pkg_id: row.get(0)?,
version: row.get(1)?,
count: row.get(2)?,
})
})
.with_kind(ErrorKind::Database)?;
rows.map(|r| r.with_kind(ErrorKind::Database))
.collect::<Result<Vec<_>, _>>()?
};
Ok(DownloadsResponse {
total_requests,
by_package,
by_package_version,
})
})
})
.await
.with_kind(ErrorKind::Unknown)?
}
fn display_downloads(
params: WithIoFormat<GetDownloadsParams>,
response: DownloadsResponse,
) -> Result<(), Error> {
use prettytable::*;
if let Some(format) = params.format {
return display_serializable(format, response);
}
println!("Total requests: {}", response.total_requests);
if !response.by_package.is_empty() {
println!();
let mut table = Table::new();
table.add_row(row![bc => "PACKAGE", "COUNT"]);
for entry in &response.by_package {
table.add_row(row![&entry.label, entry.count]);
}
table.print_tty(false)?;
}
if !response.by_package_version.is_empty() {
println!();
let mut table = Table::new();
table.add_row(row![bc => "PACKAGE", "VERSION", "COUNT"]);
for entry in &response.by_package_version {
table.add_row(row![&entry.pkg_id, &entry.version, entry.count]);
}
table.print_tty(false)?;
}
Ok(())
}
// --- helpers ---
fn query_count_entries(
conn: &rusqlite::Connection,
sql: &str,
) -> Result<Vec<CountEntry>, Error> {
query_count_entries_with_params(conn, sql, &[])
}
fn query_count_entries_with_params(
conn: &rusqlite::Connection,
sql: &str,
params: &[String],
) -> Result<Vec<CountEntry>, Error> {
let mut stmt = conn.prepare(sql).with_kind(ErrorKind::Database)?;
let rows = stmt
.query_map(rusqlite::params_from_iter(params), |row| {
Ok(CountEntry {
label: row.get(0)?,
count: row.get(1)?,
})
})
.with_kind(ErrorKind::Database)?;
rows.map(|r| r.with_kind(ErrorKind::Database))
.collect()
}
fn time_range_where(
after: &Option<String>,
before: &Option<String>,
) -> (String, Vec<String>) {
let mut conditions = Vec::new();
let mut params = Vec::new();
if let Some(a) = after {
params.push(a.clone());
conditions.push(format!("created_at >= ?{}", params.len()));
}
if let Some(b) = before {
params.push(b.clone());
conditions.push(format!("created_at < ?{}", params.len()));
}
let clause = if conditions.is_empty() {
String::new()
} else {
format!(" WHERE {}", conditions.join(" AND "))
};
(clause, params)
}
fn downloads_where(
pkg_id: &Option<String>,
version: &Option<String>,
after: &Option<String>,
before: &Option<String>,
) -> (String, Vec<String>) {
let mut conditions = Vec::new();
let mut params = Vec::new();
if let Some(id) = pkg_id {
params.push(id.clone());
conditions.push(format!("pkg_id = ?{}", params.len()));
}
if let Some(v) = version {
params.push(v.clone());
conditions.push(format!("version = ?{}", params.len()));
}
if let Some(a) = after {
params.push(a.clone());
conditions.push(format!("created_at >= ?{}", params.len()));
}
if let Some(b) = before {
params.push(b.clone());
conditions.push(format!("created_at < ?{}", params.len()));
}
let clause = if conditions.is_empty() {
String::new()
} else {
format!(" WHERE {}", conditions.join(" AND "))
};
(clause, params)
}

5
core/src/registry/mod.rs
View File

@@ -27,6 +27,7 @@ pub mod context;
pub mod db;
pub mod device_info;
pub mod info;
pub mod metrics;
mod migrations;
pub mod os;
pub mod package;
@@ -100,6 +101,10 @@ pub fn registry_api<C: Context>() -> ParentHandler<C> {
"db",
db::db_api::<C>().with_about("about.commands-registry-db"),
)
.subcommand(
"metrics",
metrics::metrics_api::<C>().with_about("about.commands-registry-metrics"),
)
}
pub fn registry_router(ctx: RegistryContext) -> Router {

7
core/src/registry/os/mod.rs
View File

@@ -8,6 +8,7 @@ pub const SIG_CONTEXT: &str = "startos";
pub mod asset;
pub mod index;
pub mod promote;
pub mod version;
pub fn os_api<C: Context>() -> ParentHandler<C> {
@@ -28,4 +29,10 @@ pub fn os_api<C: Context>() -> ParentHandler<C> {
"version",
version::version_api::<C>().with_about("about.commands-add-remove-list-versions"),
)
.subcommand(
"promote",
from_fn_async(promote::cli_os_promote)
.no_display()
.with_about("about.promote-os-registry"),
)
}

114
core/src/registry/os/promote.rs Normal file
View File

@@ -0,0 +1,114 @@
use clap::Parser;
use exver::Version;
use imbl_value::InternedString;
use serde::{Deserialize, Serialize};
use url::Url;
use crate::context::CliContext;
use crate::prelude::*;
use crate::registry::os::SIG_CONTEXT;
use crate::registry::os::index::OsIndex;
use crate::registry::package::promote::{call_registry, resolve_registry_url};
use crate::sign::commitment::blake3::Blake3Commitment;
use crate::sign::ed25519::Ed25519;
use crate::sign::{AnySignature, SignatureScheme};
#[derive(Debug, Deserialize, Serialize, Parser)]
#[group(skip)]
#[command(rename_all = "kebab-case")]
#[serde(rename_all = "camelCase")]
pub struct CliOsPromoteParams {
#[arg(long, help = "help.arg.from-registry-url")]
pub from: Option<Url>,
#[arg(long, help = "help.arg.to-registry-url")]
pub to: Option<Url>,
#[arg(help = "help.arg.os-version")]
pub version: Version,
}
pub async fn cli_os_promote(
ctx: CliContext,
CliOsPromoteParams { from, to, version }: CliOsPromoteParams,
) -> Result<(), Error> {
if from.is_none() && to.is_none() {
return Err(Error::new(
eyre!("{}", t!("registry.os.promote.need-from-or-to")),
ErrorKind::InvalidRequest,
));
}
let from_url = resolve_registry_url(from.as_ref(), &ctx)?;
let to_url = resolve_registry_url(to.as_ref(), &ctx)?;
// Fetch OS index from source registry
let res: Value = call_registry(&ctx, from_url, "os.index", imbl_value::json!({})).await?;
let os_index: OsIndex = from_value(res)?;
// Find the target version
let version_info = os_index
.versions
.0
.get(&version)
.ok_or_else(|| {
Error::new(
eyre!(
"{}",
t!(
"registry.os.promote.version-not-found",
version = &version
)
),
ErrorKind::NotFound,
)
})?;
// Add the version to the target registry
call_registry(
&ctx,
to_url.clone(),
"os.version.add",
imbl_value::json!({
"version": &version,
"headline": &version_info.headline,
"releaseNotes": &version_info.release_notes,
"sourceVersion": &version_info.source_version,
}),
)
.await?;
// Promote all assets for each type and platform
promote_assets(&ctx, &to_url, &version, &version_info.iso, "os.asset.add.iso").await?;
promote_assets(&ctx, &to_url, &version, &version_info.squashfs, "os.asset.add.squashfs").await?;
promote_assets(&ctx, &to_url, &version, &version_info.img, "os.asset.add.img").await?;
Ok(())
}
async fn promote_assets(
ctx: &CliContext,
to_url: &Url,
version: &Version,
assets: &std::collections::BTreeMap<InternedString, crate::registry::asset::RegistryAsset<Blake3Commitment>>,
method: &str,
) -> Result<(), Error> {
for (platform, asset) in assets {
let commitment = &asset.commitment;
let signature =
AnySignature::Ed25519(Ed25519.sign_commitment(ctx.developer_key()?, commitment, SIG_CONTEXT)?);
call_registry(
ctx,
to_url.clone(),
method,
imbl_value::json!({
"version": version,
"platform": platform,
"url": &asset.urls[0],
"signature": signature,
"commitment": commitment,
}),
)
.await?;
}
Ok(())
}

63
core/src/registry/os/version/mod.rs
View File

@@ -1,12 +1,14 @@
use std::collections::BTreeMap;
use chrono::{DateTime, NaiveDate, NaiveDateTime, Utc};
use chrono::Utc;
use clap::Parser;
use exver::{Version, VersionRange};
use imbl_value::InternedString;
use itertools::Itertools;
use rpc_toolkit::{Context, HandlerExt, ParentHandler, from_fn_async};
use rusqlite::params;
use serde::{Deserialize, Serialize};
use tracing::warn;
use ts_rs::TS;
use crate::context::CliContext;
@@ -159,33 +161,6 @@ pub struct GetOsVersionParams {
pub device_info: Option<DeviceInfo>,
}
struct PgDateTime(DateTime<Utc>);
impl sqlx::Type<sqlx::Postgres> for PgDateTime {
fn type_info() -> <sqlx::Postgres as sqlx::Database>::TypeInfo {
sqlx::postgres::PgTypeInfo::with_oid(sqlx::postgres::types::Oid(1184))
}
}
impl sqlx::Encode<'_, sqlx::Postgres> for PgDateTime {
fn encode_by_ref(
&self,
buf: &mut <sqlx::Postgres as sqlx::Database>::ArgumentBuffer<'_>,
) -> Result<sqlx::encode::IsNull, sqlx::error::BoxDynError> {
fn postgres_epoch_datetime() -> NaiveDateTime {
NaiveDate::from_ymd_opt(2000, 1, 1)
.expect("expected 2000-01-01 to be a valid NaiveDate")
.and_hms_opt(0, 0, 0)
.expect("expected 2000-01-01T00:00:00 to be a valid NaiveDateTime")
}
let micros = (self.0.naive_utc() - postgres_epoch_datetime())
.num_microseconds()
.ok_or_else(|| format!("NaiveDateTime out of range for Postgres: {:?}", self.0))?;
micros.encode(buf)
}
fn size_hint(&self) -> usize {
std::mem::size_of::<i64>()
}
}
pub async fn get_version(
ctx: RegistryContext,
GetOsVersionParams {
@@ -199,16 +174,28 @@ pub async fn get_version(
{
let source = source.or_else(|| device_info.as_ref().map(|d| d.os.version.clone()));
let platform = platform.or_else(|| device_info.as_ref().map(|d| d.os.platform.clone()));
if let (Some(pool), Some(server_id), Some(arch)) = (&ctx.pool, server_id, &platform) {
let created_at = Utc::now();
sqlx::query("INSERT INTO user_activity (created_at, server_id, arch) VALUES ($1, $2, $3)")
.bind(PgDateTime(created_at))
.bind(server_id)
.bind(&**arch)
.execute(pool)
.await
.with_kind(ErrorKind::Database)?;
if let (Some(server_id), Some(arch)) = (server_id, &platform) {
const MAX_SERVER_ID_LEN: usize = 256;
if server_id.len() <= MAX_SERVER_ID_LEN {
let created_at = Utc::now().to_rfc3339();
let arch = arch.to_string();
let os_version = source.as_ref().map(|v| v.to_string());
let ctx = ctx.clone();
tokio::task::spawn_blocking(move || {
ctx.metrics_db.mutate(|conn| {
if let Err(e) = conn.execute(
concat!(
"INSERT INTO user_activity ",
"(created_at, server_id, arch, os_version) ",
"VALUES (?1, ?2, ?3, ?4)"
),
params![created_at, server_id, arch, os_version],
) {
warn!("failed to record user activity metric: {e}");
}
});
});
}
}
let target = target.unwrap_or(VersionRange::Any);
let mut res = to_value::<BTreeMap<Version, OsVersionInfo>>(

24
core/src/registry/package/get.rs
View File

@@ -8,6 +8,10 @@ use itertools::Itertools;
use serde::{Deserialize, Serialize};
use ts_rs::TS;
use chrono::Utc;
use rusqlite::params;
use tracing::warn;
use crate::PackageId;
use crate::context::CliContext;
use crate::prelude::*;
@@ -233,6 +237,25 @@ pub async fn get_package(ctx: RegistryContext, params: GetPackageParams) -> Resu
}
}
if let Some(id) = &params.id {
if params.target_version.is_some() {
let created_at = Utc::now().to_rfc3339();
let pkg_id = id.to_string();
let version = best
.get(id)
.and_then(|b| b.keys().last())
.map(|v| v.to_string());
let ctx = ctx.clone();
tokio::task::spawn_blocking(move || {
ctx.metrics_db.mutate(|conn| {
if let Err(e) = conn.execute(
"INSERT INTO package_request (created_at, pkg_id, version) VALUES (?1, ?2, ?3)",
params![created_at, pkg_id, version],
) {
warn!("failed to record package request metric: {e}");
}
});
});
}
let categories = peek
.as_index()
.as_package()
@@ -615,6 +638,7 @@ fn check_matching_info_short() {
sdk_version: None,
hardware_acceleration: false,
plugins: BTreeSet::new(),
satisfies: BTreeSet::new(),
},
icon: DataUrl::from_vec("image/png", vec![]),
dependency_metadata: BTreeMap::new(),

2
core/src/registry/package/index.rs
View File

@@ -110,6 +110,8 @@ pub struct PackageMetadata {
pub hardware_acceleration: bool,
#[serde(default)]
pub plugins: BTreeSet<PluginId>,
#[serde(default)]
pub satisfies: BTreeSet<VersionString>,
}
#[derive(Debug, Deserialize, Serialize, HasModel, TS)]

7
core/src/registry/package/mod.rs
View File

@@ -8,6 +8,7 @@ pub mod add;
pub mod category;
pub mod get;
pub mod index;
pub mod promote;
pub mod signer;
pub fn package_api<C: Context>() -> ParentHandler<C> {
@@ -98,6 +99,12 @@ pub fn package_api<C: Context>() -> ParentHandler<C> {
.no_display()
.with_about("about.download-s9pk"),
)
.subcommand(
"promote",
from_fn_async(promote::cli_promote)
.no_display()
.with_about("about.promote-package-registry"),
)
.subcommand(
"category",
category::category_api::<C>().with_about("about.update-categories-registry"),

144
core/src/registry/package/promote.rs Normal file
View File

@@ -0,0 +1,144 @@
use clap::Parser;
use http::HeaderMap;
use imbl_value::InternedString;
use serde::{Deserialize, Serialize};
use url::Url;
use crate::PackageId;
use crate::context::CliContext;
use crate::prelude::*;
use crate::registry::package::get::{GetPackageResponseFull, PackageDetailLevel};
use crate::s9pk::v2::SIG_CONTEXT;
use crate::sign::ed25519::Ed25519;
use crate::sign::{AnySignature, SignatureScheme};
use crate::util::VersionString;
#[derive(Debug, Deserialize, Serialize, Parser)]
#[group(skip)]
#[command(rename_all = "kebab-case")]
#[serde(rename_all = "camelCase")]
pub struct CliPromoteParams {
#[arg(long, help = "help.arg.from-registry-url")]
pub from: Option<Url>,
#[arg(long, help = "help.arg.to-registry-url")]
pub to: Option<Url>,
#[arg(help = "help.arg.package-id")]
pub id: PackageId,
#[arg(help = "help.arg.package-version")]
pub version: VersionString,
}
pub fn registry_rpc_url(url: &Url) -> Result<Url, Error> {
let mut url = url.clone();
url.path_segments_mut()
.map_err(|_| eyre!("Url cannot be base"))
.with_kind(ErrorKind::ParseUrl)?
.push("rpc")
.push("v0");
Ok(url)
}
pub fn resolve_registry_url(explicit: Option<&Url>, ctx: &CliContext) -> Result<Url, Error> {
if let Some(url) = explicit {
registry_rpc_url(url)
} else if let Some(url) = &ctx.registry_url {
Ok(url.clone())
} else {
Err(Error::new(
eyre!("{}", t!("registry.context.registry-required")),
ErrorKind::InvalidRequest,
))
}
}
pub async fn call_registry(
ctx: &CliContext,
url: Url,
method: &str,
params: Value,
) -> Result<Value, Error> {
let sig_context = url.host().as_ref().map(InternedString::from_display);
crate::middleware::auth::signature::call_remote(
ctx,
url,
HeaderMap::new(),
sig_context.as_deref(),
method,
params,
)
.await
.map_err(Error::from)
}
pub async fn cli_promote(
ctx: CliContext,
CliPromoteParams {
from,
to,
id,
version,
}: CliPromoteParams,
) -> Result<(), Error> {
if from.is_none() && to.is_none() {
return Err(Error::new(
eyre!("{}", t!("registry.package.promote.need-from-or-to")),
ErrorKind::InvalidRequest,
));
}
let from_url = resolve_registry_url(from.as_ref(), &ctx)?;
let to_url = resolve_registry_url(to.as_ref(), &ctx)?;
// Fetch package info from source registry
let res: Value = call_registry(
&ctx,
from_url,
"package.get",
imbl_value::json!({
"id": &id,
"otherVersions": PackageDetailLevel::Full,
}),
)
.await?;
let response: GetPackageResponseFull = from_value(res)?;
// Find the target version
let version_info = response
.best
.get(&version)
.or_else(|| response.other_versions.get(&version))
.ok_or_else(|| {
Error::new(
eyre!(
"{}",
t!(
"registry.package.promote.version-not-found",
id = &id,
version = &version
)
),
ErrorKind::NotFound,
)
})?;
// Promote each s9pk variant to the target registry
for (_, asset) in &version_info.s9pks {
let commitment = &asset.commitment;
let signature = Ed25519.sign_commitment(ctx.developer_key()?, commitment, SIG_CONTEXT)?;
call_registry(
&ctx,
to_url.clone(),
"package.add",
imbl_value::json!({
"urls": &asset.urls,
"signature": AnySignature::Ed25519(signature),
"commitment": commitment,
}),
)
.await?;
}
Ok(())
}

8
core/src/s9pk/v2/compat.rs
View File

@@ -194,10 +194,15 @@ impl TryFrom<ManifestV1> for Manifest {
if &*value.id == "nostr" {
value.id = "nostr-rs-relay".parse()?;
}
if &*value.id == "ghost" {
value.id = "ghost-legacy".parse()?;
}
if &*value.id == "synapse" {
value.id = "synapse-legacy".parse()?;
}
Ok(Self {
id: value.id,
version: version.into(),
satisfies: BTreeSet::new(),
can_migrate_from: VersionRange::any(),
can_migrate_to: VersionRange::none(),
metadata: PackageMetadata {
@@ -219,6 +224,7 @@ impl TryFrom<ManifestV1> for Manifest {
PackageProcedure::Script(_) => false,
},
plugins: BTreeSet::new(),
satisfies: BTreeSet::new(),
},
images: BTreeMap::new(),
volumes: value

1
core/src/s9pk/v2/manifest.rs
View File

@@ -32,7 +32,6 @@ pub(crate) fn current_version() -> Version {
pub struct Manifest {
pub id: PackageId,
pub version: VersionString,
pub satisfies: BTreeSet<VersionString>,
#[ts(type = "string")]
pub can_migrate_to: VersionRange,
#[ts(type = "string")]

2
core/src/service/effects/dependency.rs
View File

@@ -358,7 +358,7 @@ pub async fn check_dependencies(
};
let manifest = package.as_state_info().as_manifest(ManifestPreference::New);
let installed_version = manifest.as_version().de()?.into_version();
let satisfies = manifest.as_satisfies().de()?;
let satisfies = manifest.as_metadata().as_satisfies().de()?;
let installed_version = Some(installed_version.clone().into());
let is_running = package
.as_status_info()

9
core/src/service/effects/net/interface.rs
View File

@@ -134,8 +134,9 @@ pub async fn list_service_interfaces(
.expect("valid json pointer");
let mut watch = context.seed.ctx.db.watch(ptr).await;
let res = imbl_value::from_value(watch.peek_and_mark_seen()?)
.unwrap_or_default();
let Some(res) = from_value(watch.peek_and_mark_seen()?)? else {
return Ok(BTreeMap::new());
};
if let Some(callback) = callback {
let callback = callback.register(&context.seed.persistent_container);
@@ -174,9 +175,7 @@ pub async fn clear_service_interfaces(
.as_idx_mut(&package_id)
.or_not_found(&package_id)?
.as_service_interfaces_mut()
.mutate(|s| {
Ok(s.retain(|id, _| except.contains(id)))
})
.mutate(|s| Ok(s.retain(|id, _| except.contains(id))))
})
.await
.result?;

22
core/src/system/mod.rs
View File

@@ -16,6 +16,7 @@ use ts_rs::TS;
use crate::bins::set_locale;
use crate::context::{CliContext, RpcContext};
use crate::db::model::public::RestartReason;
use crate::disk::util::{get_available, get_used};
use crate::logs::{LogSource, LogsParams, SYSTEM_UNIT};
use crate::prelude::*;
@@ -351,10 +352,9 @@ pub fn kiosk<C: Context>() -> ParentHandler<C> {
from_fn_async(|ctx: RpcContext| async move {
ctx.db
.mutate(|db| {
db.as_public_mut()
.as_server_info_mut()
.as_kiosk_mut()
.ser(&Some(true))
let server_info = db.as_public_mut().as_server_info_mut();
server_info.as_kiosk_mut().ser(&Some(true))?;
server_info.as_status_info_mut().as_restart_mut().ser(&Some(RestartReason::Kiosk))
})
.await
.result?;
@@ -369,10 +369,9 @@ pub fn kiosk<C: Context>() -> ParentHandler<C> {
from_fn_async(|ctx: RpcContext| async move {
ctx.db
.mutate(|db| {
db.as_public_mut()
.as_server_info_mut()
.as_kiosk_mut()
.ser(&Some(false))
let server_info = db.as_public_mut().as_server_info_mut();
server_info.as_kiosk_mut().ser(&Some(false))?;
server_info.as_status_info_mut().as_restart_mut().ser(&Some(RestartReason::Kiosk))
})
.await
.result?;
@@ -1367,10 +1366,11 @@ pub async fn set_language(
save_language(&*language).await?;
ctx.db
.mutate(|db| {
db.as_public_mut()
.as_server_info_mut()
let server_info = db.as_public_mut().as_server_info_mut();
server_info
.as_language_mut()
.ser(&Some(language.clone()))
.ser(&Some(language.clone()))?;
server_info.as_status_info_mut().as_restart_mut().ser(&Some(RestartReason::Language))
})
.await
.result?;

45
core/src/update/mod.rs
View File

@@ -19,6 +19,7 @@ use ts_rs::TS;
use crate::PLATFORM;
use crate::context::{CliContext, RpcContext};
use crate::db::model::public::RestartReason;
use crate::notifications::{NotificationLevel, notify};
use crate::prelude::*;
use crate::progress::{
@@ -81,8 +82,9 @@ pub async fn update_system(
.into_public()
.into_server_info()
.into_status_info()
.into_updated()
.into_restart()
.de()?
== Some(RestartReason::Update)
{
return Err(Error::new(
eyre!("{}", t!("update.already-updated-restart-required")),
@@ -281,10 +283,18 @@ async fn maybe_do_update(
let start_progress = progress.snapshot();
let status = ctx
.db
ctx.db
.mutate(|db| {
let mut status = peeked.as_public().as_server_info().as_status_info().de()?;
let server_info = db.as_public_mut().as_server_info_mut();
if server_info.as_status_info().as_restart().de()?.is_some() {
return Err(Error::new(
eyre!("{}", t!("update.already-updated-restart-required")),
crate::ErrorKind::InvalidRequest,
));
}
let mut status = server_info.as_status_info().de()?;
if status.update_progress.is_some() {
return Err(Error::new(
eyre!("{}", t!("update.already-updating")),
@@ -293,22 +303,12 @@ async fn maybe_do_update(
}
status.update_progress = Some(start_progress);
db.as_public_mut()
.as_server_info_mut()
.as_status_info_mut()
.ser(&status)?;
Ok(status)
server_info.as_status_info_mut().ser(&status)?;
Ok(())
})
.await
.result?;
if status.updated {
return Err(Error::new(
eyre!("{}", t!("update.already-updated-restart-required")),
crate::ErrorKind::InvalidRequest,
));
}
let progress_task = NonDetachingJoinHandle::from(tokio::spawn(progress.clone().sync_to_db(
ctx.db.clone(),
|db| {
@@ -338,10 +338,15 @@ async fn maybe_do_update(
Ok(()) => {
ctx.db
.mutate(|db| {
let status_info =
db.as_public_mut().as_server_info_mut().as_status_info_mut();
status_info.as_update_progress_mut().ser(&None)?;
status_info.as_updated_mut().ser(&true)
let server_info = db.as_public_mut().as_server_info_mut();
server_info
.as_status_info_mut()
.as_update_progress_mut()
.ser(&None)?;
server_info
.as_status_info_mut()
.as_restart_mut()
.ser(&Some(RestartReason::Update))
})
.await
.result?;

12
core/src/version/mod.rs
View File

@@ -63,8 +63,9 @@ mod v0_4_0_alpha_20;
mod v0_4_0_alpha_21;
mod v0_4_0_alpha_22;
mod v0_4_0_alpha_23;
mod v0_4_0_beta_0;
pub type Current = v0_4_0_alpha_23::Version; // VERSION_BUMP
pub type Current = v0_4_0_beta_0::Version; // VERSION_BUMP
impl Current {
#[instrument(skip(self, db))]
@@ -195,7 +196,8 @@ enum Version {
V0_4_0_alpha_20(Wrapper<v0_4_0_alpha_20::Version>),
V0_4_0_alpha_21(Wrapper<v0_4_0_alpha_21::Version>),
V0_4_0_alpha_22(Wrapper<v0_4_0_alpha_22::Version>),
V0_4_0_alpha_23(Wrapper<v0_4_0_alpha_23::Version>), // VERSION_BUMP
V0_4_0_alpha_23(Wrapper<v0_4_0_alpha_23::Version>),
V0_4_0_beta_0(Wrapper<v0_4_0_beta_0::Version>), // VERSION_BUMP
Other(exver::Version),
}
@@ -261,7 +263,8 @@ impl Version {
Self::V0_4_0_alpha_20(v) => DynVersion(Box::new(v.0)),
Self::V0_4_0_alpha_21(v) => DynVersion(Box::new(v.0)),
Self::V0_4_0_alpha_22(v) => DynVersion(Box::new(v.0)),
Self::V0_4_0_alpha_23(v) => DynVersion(Box::new(v.0)), // VERSION_BUMP
Self::V0_4_0_alpha_23(v) => DynVersion(Box::new(v.0)),
Self::V0_4_0_beta_0(v) => DynVersion(Box::new(v.0)), // VERSION_BUMP
Self::Other(v) => {
return Err(Error::new(
eyre!("unknown version {v}"),
@@ -319,7 +322,8 @@ impl Version {
Version::V0_4_0_alpha_20(Wrapper(x)) => x.semver(),
Version::V0_4_0_alpha_21(Wrapper(x)) => x.semver(),
Version::V0_4_0_alpha_22(Wrapper(x)) => x.semver(),
Version::V0_4_0_alpha_23(Wrapper(x)) => x.semver(), // VERSION_BUMP
Version::V0_4_0_alpha_23(Wrapper(x)) => x.semver(),
Version::V0_4_0_beta_0(Wrapper(x)) => x.semver(), // VERSION_BUMP
Version::Other(x) => x.clone(),
}
}

54
core/src/version/v0_3_6_alpha_0.rs
View File

@@ -40,6 +40,22 @@ lazy_static::lazy_static! {
);
}
/// All pre-0.4.0 StartOS images were initialized with the en_GB.UTF-8 locale.
/// The current trixie image does not ship it. Without it PostgreSQL starts
/// but refuses connections, breaking the migration.
async fn ensure_en_gb_locale() -> Result<(), Error> {
Command::new("localedef")
.arg("-i")
.arg("en_GB")
.arg("-c")
.arg("-f")
.arg("UTF-8")
.arg("en_GB.UTF-8")
.invoke(crate::ErrorKind::Database)
.await?;
Ok(())
}
#[tracing::instrument(skip_all)]
async fn init_postgres(datadir: impl AsRef<Path>) -> Result<PgPool, Error> {
let db_dir = datadir.as_ref().join("main/postgresql");
@@ -91,6 +107,12 @@ async fn init_postgres(datadir: impl AsRef<Path>) -> Result<PgPool, Error> {
crate::disk::mount::util::bind(&db_dir, "/var/lib/postgresql", false).await?;
// The cluster may have been created with a locale not present on the
// current image (e.g. en_GB.UTF-8 on a server that predates the trixie
// image). Detect and generate it before starting PostgreSQL, otherwise
// PG will start but refuse connections.
ensure_en_gb_locale().await?;
Command::new("systemctl")
.arg("start")
.arg(format!("postgresql@{pg_version}-main.service"))
@@ -326,6 +348,28 @@ impl VersionT for Version {
.await?;
}
if tokio::fs::metadata("/media/startos/data/package-data/volumes/ghost")
.await
.is_ok()
{
tokio::fs::rename(
"/media/startos/data/package-data/volumes/ghost",
"/media/startos/data/package-data/volumes/ghost-legacy",
)
.await?;
}
if tokio::fs::metadata("/media/startos/data/package-data/volumes/synapse")
.await
.is_ok()
{
tokio::fs::rename(
"/media/startos/data/package-data/volumes/synapse",
"/media/startos/data/package-data/volumes/synapse-legacy",
)
.await?;
}
// Load bundled migration images (start9/compat, start9/utils,
// tonistiigi/binfmt) so the v1->v2 s9pk conversion doesn't need
// internet access.
@@ -356,7 +400,10 @@ impl VersionT for Version {
loop {
interval.tick().await;
if let Some(ref id) = *current_package.borrow() {
tracing::info!("{}", t!("migration.migrating-package", package = id.to_string()));
tracing::info!(
"{}",
t!("migration.migrating-package", package = id.to_string())
);
}
}
})
@@ -401,7 +448,10 @@ impl VersionT for Version {
false
};
tracing::info!("{}", t!("migration.migrating-package", package = id.to_string()));
tracing::info!(
"{}",
t!("migration.migrating-package", package = id.to_string())
);
current_package.send_replace(Some(id.clone()));
if let Err(e) = async {

9
core/src/version/v0_4_0_alpha_23.rs
View File

@@ -28,7 +28,14 @@ impl VersionT for Version {
&V0_3_0_COMPAT
}
#[instrument(skip_all)]
fn up(self, _db: &mut Value, _: Self::PreUpRes) -> Result<Value, Error> {
fn up(self, db: &mut Value, _: Self::PreUpRes) -> Result<Value, Error> {
let status_info = db["public"]["serverInfo"]["statusInfo"]
.as_object_mut();
if let Some(m) = status_info {
m.remove("updated");
m.insert("restart".into(), Value::Null);
}
Ok(Value::Null)
}
fn down(self, _db: &mut Value) -> Result<(), Error> {

37
core/src/version/v0_4_0_beta_0.rs Normal file
View File

@@ -0,0 +1,37 @@
use exver::{PreReleaseSegment, VersionRange};
use super::v0_3_5::V0_3_0_COMPAT;
use super::{VersionT, v0_4_0_alpha_23};
use crate::prelude::*;
lazy_static::lazy_static! {
static ref V0_4_0_beta_0: exver::Version = exver::Version::new(
[0, 4, 0],
[PreReleaseSegment::String("beta".into()), 0.into()]
);
}
#[derive(Clone, Copy, Debug, Default)]
pub struct Version;
impl VersionT for Version {
type Previous = v0_4_0_alpha_23::Version;
type PreUpRes = ();
async fn pre_up(self) -> Result<Self::PreUpRes, Error> {
Ok(())
}
fn semver(self) -> exver::Version {
V0_4_0_beta_0.clone()
}
fn compat(self) -> &'static VersionRange {
&V0_3_0_COMPAT
}
#[instrument(skip_all)]
fn up(self, _db: &mut Value, _: Self::PreUpRes) -> Result<Value, Error> {
Ok(Value::Null)
}
fn down(self, _db: &mut Value) -> Result<(), Error> {
Ok(())
}
}

3
sdk/base/lib/osBindings/CountEntry.ts Normal file
View File

@@ -0,0 +1,3 @@
// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
export type CountEntry = { label: string; count: bigint }

9
sdk/base/lib/osBindings/DownloadsResponse.ts Normal file
View File

@@ -0,0 +1,9 @@
// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
import type { CountEntry } from './CountEntry'
import type { PackageVersionCount } from './PackageVersionCount'
export type DownloadsResponse = {
totalRequests: bigint
byPackage: Array<CountEntry>
byPackageVersion: Array<PackageVersionCount>
}

20
sdk/base/lib/osBindings/GetDownloadsParams.ts Normal file
View File

@@ -0,0 +1,20 @@
// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
export type GetDownloadsParams = {
/**
* Filter by package ID
*/
pkgId: string | null
/**
* Filter by version
*/
version: string | null
/**
* Start of time range (RFC 3339)
*/
after: string | null
/**
* End of time range (RFC 3339)
*/
before: string | null
}

12
sdk/base/lib/osBindings/GetUsersParams.ts Normal file
View File

@@ -0,0 +1,12 @@
// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
export type GetUsersParams = {
/**
* Start of time range (RFC 3339)
*/
after: string | null
/**
* End of time range (RFC 3339)
*/
before: string | null
}

2
sdk/base/lib/osBindings/Manifest.ts
View File

@@ -15,7 +15,6 @@ import type { VolumeId } from './VolumeId'
export type Manifest = {
id: PackageId
version: Version
satisfies: Array<Version>
canMigrateTo: string
canMigrateFrom: string
images: { [key: ImageId]: ImageConfig }
@@ -37,4 +36,5 @@ export type Manifest = {
sdkVersion: string | null
hardwareAcceleration: boolean
plugins: Array<PluginId>
satisfies: Array<Version>
}

10
sdk/base/lib/osBindings/MetricsSummary.ts Normal file
View File

@@ -0,0 +1,10 @@
// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
import type { CountEntry } from './CountEntry'
export type MetricsSummary = {
totalCheckins: bigint
uniqueServers: bigint
totalPackageRequests: bigint
byArch: Array<CountEntry>
byOsVersion: Array<CountEntry>
}

7
sdk/base/lib/osBindings/PackageVersionCount.ts Normal file
View File

@@ -0,0 +1,7 @@
// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
export type PackageVersionCount = {
pkgId: string
version: string
count: bigint
}

2
sdk/base/lib/osBindings/PackageVersionInfo.ts
View File

@@ -10,6 +10,7 @@ import type { MerkleArchiveCommitment } from './MerkleArchiveCommitment'
import type { PackageId } from './PackageId'
import type { PluginId } from './PluginId'
import type { RegistryAsset } from './RegistryAsset'
import type { Version } from './Version'
export type PackageVersionInfo = {
icon: DataUrl
@@ -31,4 +32,5 @@ export type PackageVersionInfo = {
sdkVersion: string | null
hardwareAcceleration: boolean
plugins: Array<PluginId>
satisfies: Array<Version>
}

3
sdk/base/lib/osBindings/RestartReason.ts Normal file
View File

@@ -0,0 +1,3 @@
// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
export type RestartReason = 'mdns' | 'language' | 'kiosk' | 'update'

2
sdk/base/lib/osBindings/ServerInfo.ts
View File

@@ -7,8 +7,6 @@ import type { ServerStatus } from './ServerStatus'
import type { SmtpValue } from './SmtpValue'
export type ServerInfo = {
arch: string
platform: string
id: string
name: string
hostname: string

3
sdk/base/lib/osBindings/ServerStatus.ts
View File

@@ -2,11 +2,12 @@
import type { BackupProgress } from './BackupProgress'
import type { FullProgress } from './FullProgress'
import type { PackageId } from './PackageId'
import type { RestartReason } from './RestartReason'
export type ServerStatus = {
backupProgress: { [key: PackageId]: BackupProgress } | null
updated: boolean
updateProgress: FullProgress | null
shuttingDown: boolean
restarting: boolean
restart: RestartReason | null
}

3
sdk/base/lib/osBindings/UsersResponse.ts Normal file
View File

@@ -0,0 +1,3 @@
// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
export type UsersResponse = { uniqueServers: bigint; totalCheckins: bigint }

8
sdk/base/lib/osBindings/index.ts
View File

@@ -74,6 +74,7 @@ export { ClearTasksParams } from './ClearTasksParams'
export { CliSetIconParams } from './CliSetIconParams'
export { ContactInfo } from './ContactInfo'
export { ControlParams } from './ControlParams'
export { CountEntry } from './CountEntry'
export { CreateSubcontainerFsParams } from './CreateSubcontainerFsParams'
export { CreateTaskParams } from './CreateTaskParams'
export { CurrentDependencies } from './CurrentDependencies'
@@ -90,6 +91,7 @@ export { DestroySubcontainerFsParams } from './DestroySubcontainerFsParams'
export { DeviceFilter } from './DeviceFilter'
export { DnsSettings } from './DnsSettings'
export { DomainSettings } from './DomainSettings'
export { DownloadsResponse } from './DownloadsResponse'
export { Duration } from './Duration'
export { EchoParams } from './EchoParams'
export { EditSignerParams } from './EditSignerParams'
@@ -110,6 +112,7 @@ export { GenerateCertificateParams } from './GenerateCertificateParams'
export { GenerateCertificateResponse } from './GenerateCertificateResponse'
export { GetActionInputParams } from './GetActionInputParams'
export { GetContainerIpParams } from './GetContainerIpParams'
export { GetDownloadsParams } from './GetDownloadsParams'
export { GetHostInfoParams } from './GetHostInfoParams'
export { GetOsAssetParams } from './GetOsAssetParams'
export { GetOsVersionParams } from './GetOsVersionParams'
@@ -124,6 +127,7 @@ export { GetSslCertificateParams } from './GetSslCertificateParams'
export { GetSslKeyParams } from './GetSslKeyParams'
export { GetStatusParams } from './GetStatusParams'
export { GetSystemSmtpParams } from './GetSystemSmtpParams'
export { GetUsersParams } from './GetUsersParams'
export { GigaBytes } from './GigaBytes'
export { GitHash } from './GitHash'
export { Governor } from './Governor'
@@ -175,6 +179,7 @@ export { MetricsDisk } from './MetricsDisk'
export { MetricsFollowResponse } from './MetricsFollowResponse'
export { MetricsGeneral } from './MetricsGeneral'
export { MetricsMemory } from './MetricsMemory'
export { MetricsSummary } from './MetricsSummary'
export { Metrics } from './Metrics'
export { ModifyNotificationBeforeParams } from './ModifyNotificationBeforeParams'
export { ModifyNotificationParams } from './ModifyNotificationParams'
@@ -202,6 +207,7 @@ export { PackageInfoShort } from './PackageInfoShort'
export { PackageInfo } from './PackageInfo'
export { PackagePlugin } from './PackagePlugin'
export { PackageState } from './PackageState'
export { PackageVersionCount } from './PackageVersionCount'
export { PackageVersionInfo } from './PackageVersionInfo'
export { PartitionInfo } from './PartitionInfo'
export { PassthroughInfo } from './PassthroughInfo'
@@ -236,6 +242,7 @@ export { RenameGatewayParams } from './RenameGatewayParams'
export { ReplayId } from './ReplayId'
export { RequestCommitment } from './RequestCommitment'
export { ResetPasswordParams } from './ResetPasswordParams'
export { RestartReason } from './RestartReason'
export { RestorePackageParams } from './RestorePackageParams'
export { RunActionParams } from './RunActionParams'
export { Security } from './Security'
@@ -299,6 +306,7 @@ export { UrlPluginClearUrlsParams } from './UrlPluginClearUrlsParams'
export { UrlPluginExportUrlParams } from './UrlPluginExportUrlParams'
export { UrlPluginRegisterParams } from './UrlPluginRegisterParams'
export { UrlPluginRegistration } from './UrlPluginRegistration'
export { UsersResponse } from './UsersResponse'
export { VerifyCifsParams } from './VerifyCifsParams'
export { VersionSignerParams } from './VersionSignerParams'
export { Version } from './Version'

17
sdk/base/lib/util/deepEqual.ts
View File

@@ -1,7 +1,10 @@
/**
* Performs a deep structural equality check across all provided arguments.
* Returns true only if every argument is deeply equal to every other argument.
* Handles primitives, arrays, and plain objects recursively.
* Handles primitives, arrays, and plain objects (JSON-like) recursively.
*
* Non-plain objects (Set, Map, Date, etc.) are compared by reference only,
* since Object.keys() does not enumerate their contents.
*
* @param args - Two or more values to compare for deep equality
* @returns True if all arguments are deeply equal
@@ -23,6 +26,18 @@ export function deepEqual(...args: unknown[]) {
}
if (objects.length !== args.length) return false
if (objects.some(Array.isArray) && !objects.every(Array.isArray)) return false
if (
objects.some(
(x) => !Array.isArray(x) && Object.getPrototypeOf(x) !== Object.prototype,
)
) {
return (
objects.reduce<object | null>(
(a, b) => (a === b ? a : null),
objects[0],
) !== null
)
}
const allKeys = new Set(objects.flatMap((x) => Object.keys(x)))
for (const key of allKeys) {
for (const x of objects) {

2
sdk/package/lib/StartSdk.ts
View File

@@ -70,7 +70,7 @@ import { createVolumes } from './util/Volume'
import { getDataVersion, setDataVersion } from './version'
/** The minimum StartOS version required by this SDK release */
export const OSVersion = testTypeVersion('0.4.0-alpha.23')
export const OSVersion = testTypeVersion('0.4.0-beta.0')
// prettier-ignore
type AnyNeverCond<T extends any[], Then, Else> =

4
sdk/package/package-lock.json generated
View File

@@ -1,12 +1,12 @@
{
"name": "@start9labs/start-sdk",
"version": "0.4.0-beta.66",
"version": "1.0.0",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "@start9labs/start-sdk",
"version": "0.4.0-beta.66",
"version": "1.0.0",
"license": "MIT",
"dependencies": {
"@iarna/toml": "^3.0.0",

2
sdk/package/package.json
View File

@@ -1,6 +1,6 @@
{
"name": "@start9labs/start-sdk",
"version": "0.4.0-beta.66",
"version": "1.0.0",
"description": "Software development kit to facilitate packaging services for StartOS",
"main": "./package/lib/index.js",
"types": "./package/lib/index.d.ts",

4
web/package-lock.json generated
View File

@@ -1,12 +1,12 @@
{
"name": "startos-ui",
"version": "0.4.0-alpha.23",
"version": "0.4.0-beta.0",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "startos-ui",
"version": "0.4.0-alpha.23",
"version": "0.4.0-beta.0",
"license": "MIT",
"dependencies": {
"@angular/cdk": "^21.2.1",

2
web/package.json
View File

@@ -1,6 +1,6 @@
{
"name": "startos-ui",
"version": "0.4.0-alpha.23",
"version": "0.4.0-beta.0",
"author": "Start9 Labs, Inc",
"homepage": "https://start9.com/",
"license": "MIT",

275
web/projects/setup-wizard/src/app/pages/drives.page.ts
View File

@@ -4,8 +4,16 @@ import {
HostListener,
inject,
} from '@angular/core'
import {
AbstractControl,
FormControl,
FormGroup,
ReactiveFormsModule,
ValidatorFn,
Validators,
} from '@angular/forms'
import { Router } from '@angular/router'
import { FormsModule } from '@angular/forms'
import { WA_IS_MOBILE } from '@ng-web-apis/platform'
import {
DialogService,
DiskInfo,
@@ -14,13 +22,14 @@ import {
i18nPipe,
toGuid,
} from '@start9labs/shared'
import { WA_IS_MOBILE } from '@ng-web-apis/platform'
import { TuiMapperPipe, TuiValidator } from '@taiga-ui/cdk'
import {
TuiButton,
TuiError,
TuiIcon,
TuiLoader,
TuiInput,
TuiNotification,
TUI_VALIDATION_ERRORS,
TuiTitle,
} from '@taiga-ui/core'
import {
@@ -29,49 +38,55 @@ import {
TuiSelect,
TuiTooltip,
} from '@taiga-ui/kit'
import { TuiCardLarge, TuiHeader } from '@taiga-ui/layout'
import { PolymorpheusComponent } from '@taiga-ui/polymorpheus'
import { filter, Subscription } from 'rxjs'
import { TuiCardLarge, TuiForm, TuiHeader } from '@taiga-ui/layout'
import { distinctUntilChanged, filter, Subscription } from 'rxjs'
import { PRESERVE_OVERWRITE } from '../components/preserve-overwrite.dialog'
import { ApiService } from '../services/api.service'
import { StateService } from '../services/state.service'
import { PRESERVE_OVERWRITE } from '../components/preserve-overwrite.dialog'
@Component({
template: `
@if (!shuttingDown) {
<section tuiCardLarge="compact">
<header tuiHeader>
<h2 tuiTitle>{{ 'Select Drives' | i18n }}</h2>
</header>
@if (loading) {
@if (loading) {
<section tuiCardLarge="compact">
<header tuiHeader>
<h2 tuiTitle>{{ 'Select Drives' | i18n }}</h2>
</header>
<tui-loader />
} @else if (drives.length === 0) {
</section>
} @else if (drives.length === 0) {
<section tuiCardLarge="compact">
<header tuiHeader>
<h2 tuiTitle>{{ 'Select Drives' | i18n }}</h2>
</header>
<p tuiNotification size="m" appearance="warning">
{{
'No drives found. Please connect a drive and click Refresh.'
| i18n
}}
</p>
} @else {
<tui-textfield
[stringify]="stringify"
[disabledItemHandler]="osDisabled"
>
<footer>
<button tuiButton appearance="secondary" (click)="refresh()">
{{ 'Refresh' | i18n }}
</button>
</footer>
</section>
} @else {
<form tuiCardLarge="compact" tuiForm [formGroup]="form">
<header tuiHeader>
<h2 tuiTitle>{{ 'Select Drives' | i18n }}</h2>
</header>
<tui-textfield [stringify]="stringify">
<label tuiLabel>{{ 'OS Drive' | i18n }}</label>
@if (mobile) {
<select
tuiSelect
[ngModel]="selectedOsDrive"
(ngModelChange)="onOsDriveChange($event)"
formControlName="osDrive"
[items]="drives"
></select>
} @else {
<input
tuiSelect
[ngModel]="selectedOsDrive"
(ngModelChange)="onOsDriveChange($event)"
/>
<input tuiSelect formControlName="osDrive" />
}
@if (!mobile) {
<tui-data-list-wrapper
@@ -82,24 +97,28 @@ import { PRESERVE_OVERWRITE } from '../components/preserve-overwrite.dialog'
}
<tui-icon [tuiTooltip]="osDriveTooltip" />
</tui-textfield>
@if (form.controls.osDrive.touched && form.controls.osDrive.invalid) {
<tui-error formControlName="osDrive" />
}
<tui-textfield
[stringify]="stringify"
[disabledItemHandler]="dataDisabled"
>
<tui-textfield [stringify]="stringify">
<label tuiLabel>{{ 'Data Drive' | i18n }}</label>
@if (mobile) {
<select
tuiSelect
[(ngModel)]="selectedDataDrive"
(ngModelChange)="onDataDriveChange($event)"
formControlName="dataDrive"
[items]="drives"
[tuiValidator]="
form.controls.osDrive.value | tuiMapper: dataValidator
"
></select>
} @else {
<input
tuiSelect
[(ngModel)]="selectedDataDrive"
(ngModelChange)="onDataDriveChange($event)"
formControlName="dataDrive"
[tuiValidator]="
form.controls.osDrive.value | tuiMapper: dataValidator
"
/>
}
@if (!mobile) {
@@ -117,6 +136,11 @@ import { PRESERVE_OVERWRITE } from '../components/preserve-overwrite.dialog'
}
<tui-icon [tuiTooltip]="dataDriveTooltip" />
</tui-textfield>
@if (
form.controls.dataDrive.touched && form.controls.dataDrive.invalid
) {
<tui-error formControlName="dataDrive" />
}
<ng-template #driveContent let-drive>
<span tuiTitle>
@@ -126,24 +150,14 @@ import { PRESERVE_OVERWRITE } from '../components/preserve-overwrite.dialog'
</span>
</span>
</ng-template>
}
<footer>
@if (drives.length === 0) {
<button tuiButton appearance="secondary" (click)="refresh()">
{{ 'Refresh' | i18n }}
</button>
} @else {
<button
tuiButton
[disabled]="!selectedOsDrive || !selectedDataDrive"
(click)="continue()"
>
<footer>
<button tuiButton [disabled]="form.invalid" (click)="continue()">
{{ 'Continue' | i18n }}
</button>
}
</footer>
</section>
</footer>
</form>
}
}
`,
styles: `
@@ -152,20 +166,34 @@ import { PRESERVE_OVERWRITE } from '../components/preserve-overwrite.dialog'
}
`,
imports: [
FormsModule,
ReactiveFormsModule,
TuiCardLarge,
TuiForm,
TuiButton,
TuiError,
TuiIcon,
TuiLoader,
TuiInput,
TuiNotification,
TuiSelect,
TuiDataListWrapper,
TuiTooltip,
TuiValidator,
TuiMapperPipe,
TuiHeader,
TuiTitle,
i18nPipe,
],
providers: [
{
provide: TUI_VALIDATION_ERRORS,
useFactory: () => {
const i18n = inject(i18nPipe)
return {
required: i18n.transform('Required'),
}
},
},
],
})
export default class DrivesPage {
private readonly api = inject(ApiService)
@@ -188,29 +216,63 @@ export default class DrivesPage {
}
readonly osDriveTooltip = this.i18n.transform(
'The drive where the StartOS operating system will be installed.',
'The drive where the StartOS operating system will be installed. Minimum 18 GB.',
)
readonly dataDriveTooltip = this.i18n.transform(
'The drive where your StartOS data (services, settings, etc.) will be stored. This can be the same as the OS drive or a separate drive.',
'The drive where your StartOS data (services, settings, etc.) will be stored. This can be the same as the OS drive or a separate drive. Minimum 20 GB, or 38 GB if using a single drive for both OS and data.',
)
private readonly MIN_OS = 18 * 2 ** 30 // 18 GiB
private readonly MIN_DATA = 20 * 2 ** 30 // 20 GiB
private readonly MIN_BOTH = 38 * 2 ** 30 // 38 GiB
private readonly osCapacityValidator: ValidatorFn = ({
value,
}: AbstractControl) => {
if (!value) return null
return value.capacity < this.MIN_OS
? {
tooSmallOs: this.i18n.transform('OS drive must be at least 18 GB'),
}
: null
}
readonly form = new FormGroup({
osDrive: new FormControl<DiskInfo | null>(null, [
Validators.required,
this.osCapacityValidator,
]),
dataDrive: new FormControl<DiskInfo | null>(null, [Validators.required]),
})
readonly dataValidator =
(osDrive: DiskInfo | null): ValidatorFn =>
({ value }: AbstractControl) => {
if (!value) return null
const sameAsOs = osDrive && value.logicalname === osDrive.logicalname
const min = sameAsOs ? this.MIN_BOTH : this.MIN_DATA
if (value.capacity < min) {
return sameAsOs
? {
tooSmallBoth: this.i18n.transform(
'OS + data combined require at least 38 GB',
),
}
: {
tooSmallData: this.i18n.transform(
'Data drive must be at least 20 GB',
),
}
}
return null
}
drives: DiskInfo[] = []
loading = true
shuttingDown = false
private dialogSub?: Subscription
selectedOsDrive: DiskInfo | null = null
selectedDataDrive: DiskInfo | null = null
preserveData: boolean | null = null
readonly osDisabled = (drive: DiskInfo): boolean =>
drive.capacity < this.MIN_OS
dataDisabled = (drive: DiskInfo): boolean => drive.capacity < this.MIN_DATA
readonly driveName = (drive: DiskInfo): string =>
[drive.vendor, drive.model].filter(Boolean).join(' ') ||
this.i18n.transform('Unknown Drive')
@@ -228,51 +290,40 @@ export default class DrivesPage {
async ngOnInit() {
await this.loadDrives()
this.form.controls.osDrive.valueChanges.subscribe(drive => {
if (drive) {
this.form.controls.osDrive.markAsTouched()
}
})
this.form.controls.dataDrive.valueChanges
.pipe(distinctUntilChanged())
.subscribe(drive => {
this.preserveData = null
if (drive) {
this.form.controls.dataDrive.markAsTouched()
if (toGuid(drive)) {
this.showPreserveOverwriteDialog()
}
}
})
}
async refresh() {
this.loading = true
this.selectedOsDrive = null
this.selectedDataDrive = null
this.form.reset()
this.preserveData = null
await this.loadDrives()
}
onOsDriveChange(osDrive: DiskInfo | null) {
this.selectedOsDrive = osDrive
this.dataDisabled = (drive: DiskInfo) => {
if (osDrive && drive.logicalname === osDrive.logicalname) {
return drive.capacity < this.MIN_BOTH
}
return drive.capacity < this.MIN_DATA
}
// Clear data drive if it's now invalid
if (this.selectedDataDrive && this.dataDisabled(this.selectedDataDrive)) {
this.selectedDataDrive = null
this.preserveData = null
}
}
onDataDriveChange(drive: DiskInfo | null) {
this.preserveData = null
if (!drive) {
return
}
const hasStartOSData = !!toGuid(drive)
if (hasStartOSData) {
this.showPreserveOverwriteDialog()
}
}
continue() {
if (!this.selectedOsDrive || !this.selectedDataDrive) return
const osDrive = this.form.controls.osDrive.value
const dataDrive = this.form.controls.dataDrive.value
if (!osDrive || !dataDrive) return
const sameDevice =
this.selectedOsDrive.logicalname === this.selectedDataDrive.logicalname
const dataHasStartOS = !!toGuid(this.selectedDataDrive)
const sameDevice = osDrive.logicalname === dataDrive.logicalname
const dataHasStartOS = !!toGuid(dataDrive)
// Scenario 1: Same drive, has StartOS data, preserving → no warning
if (sameDevice && dataHasStartOS && this.preserveData) {
@@ -292,7 +343,7 @@ export default class DrivesPage {
private showPreserveOverwriteDialog() {
let selectionMade = false
const drive = this.selectedDataDrive
const drive = this.form.controls.dataDrive.value
const filesystem =
drive?.filesystem ||
drive?.partitions.find(p => p.guid)?.filesystem ||
@@ -304,20 +355,20 @@ export default class DrivesPage {
data: { isExt4 },
})
.subscribe({
next: preserve => {
selectionMade = true
this.preserveData = preserve
this.cdr.markForCheck()
},
complete: () => {
if (!selectionMade) {
// Dialog was dismissed without selection - clear the data drive
this.selectedDataDrive = null
this.preserveData = null
next: preserve => {
selectionMade = true
this.preserveData = preserve
this.cdr.markForCheck()
}
},
})
},
complete: () => {
if (!selectionMade) {
// Dialog was dismissed without selection - clear the data drive
this.form.controls.dataDrive.reset()
this.preserveData = null
this.cdr.markForCheck()
}
},
})
}
private showOsDriveWarning() {
@@ -360,13 +411,15 @@ export default class DrivesPage {
}
private async installOs(wipe: boolean) {
const osDrive = this.form.controls.osDrive.value!
const dataDrive = this.form.controls.dataDrive.value!
const loader = this.loader.open('Installing StartOS').subscribe()
try {
const result = await this.api.installOs({
osDrive: this.selectedOsDrive!.logicalname,
osDrive: osDrive.logicalname,
dataDrive: {
logicalname: this.selectedDataDrive!.logicalname,
logicalname: dataDrive.logicalname,
wipe,
},
})

16
web/projects/shared/src/i18n/dictionaries/de.ts
View File

@@ -399,7 +399,6 @@ export default {
425: 'Ausführen',
426: 'Aktion kann nur ausgeführt werden, wenn der Dienst',
427: 'Verboten',
428: 'kann vorübergehend Probleme verursachen',
429: 'hat unerfüllte Abhängigkeiten. Es wird nicht wie erwartet funktionieren.',
430: 'Container wird neu gebaut',
431: 'Deinstallation wird gestartet',
@@ -485,7 +484,6 @@ export default {
512: 'Der Kiosk-Modus ist auf diesem Gerät nicht verfügbar',
513: 'Aktivieren',
514: 'Deaktivieren',
515: 'Diese Änderung wird nach dem nächsten Neustart wirksam',
516: 'Empfohlen',
517: 'Möchten Sie diese Aufgabe wirklich verwerfen?',
518: 'Verwerfen',
@@ -629,8 +627,8 @@ export default {
697: 'Geben Sie das Passwort ein, das zum Verschlüsseln dieses Backups verwendet wurde.',
698: 'Mehrere Backups gefunden. Wählen Sie aus, welches wiederhergestellt werden soll.',
699: 'Backups',
700: 'Das Laufwerk, auf dem das StartOS-Betriebssystem installiert wird.',
701: 'Das Laufwerk, auf dem Ihre StartOS-Daten (Dienste, Einstellungen usw.) gespeichert werden. Dies kann dasselbe wie das OS-Laufwerk oder ein separates Laufwerk sein.',
700: 'Das Laufwerk, auf dem das StartOS-Betriebssystem installiert wird. Mindestens 18 GB.',
701: 'Das Laufwerk, auf dem Ihre StartOS-Daten (Dienste, Einstellungen usw.) gespeichert werden. Dies kann dasselbe wie das OS-Laufwerk oder ein separates Laufwerk sein. Mindestens 20 GB, oder 38 GB bei Verwendung eines einzelnen Laufwerks für OS und Daten.',
702: 'Versuchen Sie nach der Datenübertragung von diesem Laufwerk nicht, erneut als Start9-Server davon zu booten. Dies kann zu Fehlfunktionen von Diensten, Datenbeschädigung oder Geldverlust führen.',
703: 'Muss mindestens 12 Zeichen lang sein',
704: 'Darf höchstens 64 Zeichen lang sein',
@@ -717,11 +715,15 @@ export default {
799: 'Nach Klick auf "Enroll MOK":',
800: 'Geben Sie bei Aufforderung Ihr StartOS-Passwort ein',
801: 'Ihr System hat Secure Boot aktiviert, was erfordert, dass alle Kernel-Module mit einem vertrauenswürdigen Schlüssel signiert sind. Einige Hardware-Treiber \u2014 wie die für NVIDIA-GPUs \u2014 sind nicht mit dem Standard-Distributionsschlüssel signiert. Die Registrierung des StartOS-Signaturschlüssels ermöglicht es Ihrer Firmware, diesen Modulen zu vertrauen, damit Ihre Hardware vollständig genutzt werden kann.',
802: 'Die Übersetzungen auf Betriebssystemebene sind bereits aktiv. Ein Neustart ist erforderlich, damit die Übersetzungen auf Dienstebene wirksam werden.',
803: 'Dieses Laufwerk verwendet ext4 und wird automatisch in btrfs konvertiert. Ein Backup wird dringend empfohlen, bevor Sie fortfahren.',
804: 'Ich habe ein Backup meiner Daten',
805: 'Öffentliche Domain hinzufügen',
806: 'Ergebnis',
807: 'Nach dem Öffnen der neuen Adresse werden Sie zum Neustart aufgefordert.',
808: 'Ein Neustart ist erforderlich, damit die Dienstschnittstellen den neuen Hostnamen verwenden.',
807: 'Download abgeschlossen. Neustart zum Anwenden.',
808: 'Hostname geändert, Neustart damit installierte Dienste die neue Adresse verwenden',
809: 'Sprache geändert, Neustart damit installierte Dienste die neue Sprache verwenden',
810: 'Kioskmodus geändert, Neustart zum Anwenden',
811: 'OS-Laufwerk muss mindestens 18 GB groß sein',
812: 'Datenlaufwerk muss mindestens 20 GB groß sein',
813: 'OS + Daten zusammen erfordern mindestens 38 GB',
} satisfies i18n

16
web/projects/shared/src/i18n/dictionaries/en.ts
View File

@@ -398,7 +398,6 @@ export const ENGLISH: Record<string, number> = {
'Run': 425, // as in, run a piece of software
'Action can only be executed when service is': 426,
'Forbidden': 427,
'may temporarily experiences issues': 428,
'has unmet dependencies. It will not work as expected.': 429,
'Rebuilding container': 430,
'Beginning uninstall': 431,
@@ -484,7 +483,6 @@ export const ENGLISH: Record<string, number> = {
'Kiosk Mode is unavailable on this device': 512,
'Enable': 513,
'Disable': 514,
'This change will take effect after the next boot': 515,
'Recommended': 516, // as in, we recommend this
'Are you sure you want to dismiss this task?': 517,
'Dismiss': 518, // as in, dismiss or delete a task
@@ -629,8 +627,8 @@ export const ENGLISH: Record<string, number> = {
'Enter the password that was used to encrypt this backup.': 697,
'Multiple backups found. Select which one to restore.': 698,
'Backups': 699,
'The drive where the StartOS operating system will be installed.': 700,
'The drive where your StartOS data (services, settings, etc.) will be stored. This can be the same as the OS drive or a separate drive.': 701,
'The drive where the StartOS operating system will be installed. Minimum 18 GB.': 700,
'The drive where your StartOS data (services, settings, etc.) will be stored. This can be the same as the OS drive or a separate drive. Minimum 20 GB, or 38 GB if using a single drive for both OS and data.': 701,
'After transferring data from this drive, do not attempt to boot into it again as a Start9 Server. This may result in services malfunctioning, data corruption, or loss of funds.': 702,
'Must be 12 characters or greater': 703,
'Must be 64 character or less': 704,
@@ -718,11 +716,15 @@ export const ENGLISH: Record<string, number> = {
'After clicking "Enroll MOK":': 799,
'When prompted, enter your StartOS password': 800,
'Your system has Secure Boot enabled, which requires all kernel modules to be signed with a trusted key. Some hardware drivers \u2014 such as those for NVIDIA GPUs \u2014 are not signed by the default distribution key. Enrolling the StartOS signing key allows your firmware to trust these modules so your hardware can be fully utilized.': 801,
'OS-level translations are already in effect. A restart is required for service-level translations to take effect.': 802,
'This drive uses ext4 and will be automatically converted to btrfs. A backup is strongly recommended before proceeding.': 803,
'I have a backup of my data': 804,
'Add Public Domain': 805,
'Result': 806,
'After opening the new address, you will be prompted to restart.': 807,
'A restart is required for service interfaces to use the new hostname.': 808,
'Download complete. Restart to apply.': 807,
'Hostname changed, restart for installed services to use the new address': 808,
'Language changed, restart for installed services to use the new language': 809,
'Kiosk mode changed, restart to apply': 810,
'OS drive must be at least 18 GB': 811,
'Data drive must be at least 20 GB': 812,
'OS + data combined require at least 38 GB': 813,
}

16
web/projects/shared/src/i18n/dictionaries/es.ts
View File

@@ -399,7 +399,6 @@ export default {
425: 'Ejecutar',
426: 'La acción solo se puede ejecutar cuando el servicio está',
427: 'Prohibido',
428: 'puede experimentar problemas temporales',
429: 'tiene dependencias no satisfechas. No funcionará como se espera.',
430: 'Reconstruyendo contenedor',
431: 'Iniciando desinstalación',
@@ -485,7 +484,6 @@ export default {
512: 'El modo quiosco no está disponible en este dispositivo',
513: 'Activar',
514: 'Desactivar',
515: 'Este cambio tendrá efecto después del próximo inicio',
516: 'Recomendado',
517: '¿Estás seguro de que deseas descartar esta tarea?',
518: 'Descartar',
@@ -629,8 +627,8 @@ export default {
697: 'Introduzca la contraseña que se utilizó para cifrar esta copia de seguridad.',
698: 'Se encontraron varias copias de seguridad. Seleccione cuál restaurar.',
699: 'Copias de seguridad',
700: 'La unidad donde se instalará el sistema operativo StartOS.',
701: 'La unidad donde se almacenarán sus datos de StartOS (servicios, ajustes, etc.). Puede ser la misma que la unidad del sistema operativo o una unidad separada.',
700: 'La unidad donde se instalará el sistema operativo StartOS. Mínimo 18 GB.',
701: 'La unidad donde se almacenarán sus datos de StartOS (servicios, ajustes, etc.). Puede ser la misma que la unidad del sistema operativo o una unidad separada. Mínimo 20 GB, o 38 GB si se usa una sola unidad para el sistema operativo y los datos.',
702: 'Después de transferir datos desde esta unidad, no intente arrancar desde ella nuevamente como un servidor Start9. Esto puede provocar fallos en los servicios, corrupción de datos o pérdida de fondos.',
703: 'Debe tener 12 caracteres o más',
704: 'Debe tener 64 caracteres o menos',
@@ -717,11 +715,15 @@ export default {
799: 'Después de hacer clic en "Enroll MOK":',
800: 'Cuando se le solicite, ingrese su contraseña de StartOS',
801: 'Su sistema tiene Secure Boot habilitado, lo que requiere que todos los módulos del kernel estén firmados con una clave de confianza. Algunos controladores de hardware \u2014 como los de las GPU NVIDIA \u2014 no están firmados con la clave de distribución predeterminada. Registrar la clave de firma de StartOS permite que su firmware confíe en estos módulos para que su hardware pueda utilizarse completamente.',
802: 'Las traducciones a nivel del sistema operativo ya están en vigor. Se requiere un reinicio para que las traducciones a nivel de servicio surtan efecto.',
803: 'Esta unidad usa ext4 y se convertirá automáticamente a btrfs. Se recomienda encarecidamente hacer una copia de seguridad antes de continuar.',
804: 'Tengo una copia de seguridad de mis datos',
805: 'Agregar dominio público',
806: 'Resultado',
807: 'Después de abrir la nueva dirección, se le pedirá que reinicie.',
808: 'Se requiere un reinicio para que las interfaces de servicio utilicen el nuevo nombre de host.',
807: 'Descarga completa. Reiniciar para aplicar.',
808: 'Nombre de host cambiado, reiniciar para que los servicios instalados usen la nueva dirección',
809: 'Idioma cambiado, reiniciar para que los servicios instalados usen el nuevo idioma',
810: 'Modo kiosco cambiado, reiniciar para aplicar',
811: 'La unidad del SO debe tener al menos 18 GB',
812: 'La unidad de datos debe tener al menos 20 GB',
813: 'SO + datos combinados requieren al menos 38 GB',
} satisfies i18n

16
web/projects/shared/src/i18n/dictionaries/fr.ts
View File

@@ -399,7 +399,6 @@ export default {
425: 'Exécuter',
426: 'Action possible uniquement lorsque le service est',
427: 'Interdit',
428: 'peut rencontrer des problèmes temporaires',
429: 'a des dépendances non satisfaites. Il ne fonctionnera pas comme prévu.',
430: 'Reconstruction du conteneur',
431: 'Désinstallation initiée',
@@ -485,7 +484,6 @@ export default {
512: 'Le mode kiosque nest pas disponible sur cet appareil',
513: 'Activer',
514: 'Désactiver',
515: 'Ce changement va prendre effet après le prochain démarrage',
516: 'Recommandé',
517: 'Êtes-vous sûr de vouloir ignorer cette tâche ?',
518: 'Ignorer',
@@ -629,8 +627,8 @@ export default {
697: 'Saisissez le mot de passe utilisé pour chiffrer cette sauvegarde.',
698: 'Plusieurs sauvegardes trouvées. Sélectionnez celle à restaurer.',
699: 'Sauvegardes',
700: 'Le disque sur lequel le système dexploitation StartOS sera installé.',
701: 'Le disque sur lequel vos données StartOS (services, paramètres, etc.) seront stockées. Il peut sagir du même disque que le système ou dun disque séparé.',
700: 'Le disque sur lequel le système dexploitation StartOS sera installé. Minimum 18 Go.',
701: 'Le disque sur lequel vos données StartOS (services, paramètres, etc.) seront stockées. Il peut sagir du même disque que le système ou dun disque séparé. Minimum 20 Go, ou 38 Go si un seul disque est utilisé pour le système et les données.',
702: 'Après le transfert des données depuis ce disque, nessayez pas de démarrer dessus à nouveau en tant que serveur Start9. Cela peut entraîner des dysfonctionnements des services, une corruption des données ou une perte de fonds.',
703: 'Doit comporter au moins 12 caractères',
704: 'Doit comporter au maximum 64 caractères',
@@ -717,11 +715,15 @@ export default {
799: 'Après avoir cliqué sur "Enroll MOK" :',
800: 'Lorsque vous y êtes invité, entrez votre mot de passe StartOS',
801: "Votre système a Secure Boot activé, ce qui exige que tous les modules du noyau soient signés avec une clé de confiance. Certains pilotes matériels \u2014 comme ceux des GPU NVIDIA \u2014 ne sont pas signés par la clé de distribution par défaut. L'enregistrement de la clé de signature StartOS permet à votre firmware de faire confiance à ces modules afin que votre matériel puisse être pleinement utilisé.",
802: "Les traductions au niveau du système d'exploitation sont déjà en vigueur. Un redémarrage est nécessaire pour que les traductions au niveau des services prennent effet.",
803: 'Ce disque utilise ext4 et sera automatiquement converti en btrfs. Il est fortement recommandé de faire une sauvegarde avant de continuer.',
804: "J'ai une sauvegarde de mes données",
805: 'Ajouter un domaine public',
806: 'Résultat',
807: 'Après avoir ouvert la nouvelle adresse, vous serez invité à redémarrer.',
808: "Un redémarrage est nécessaire pour que les interfaces de service utilisent le nouveau nom d'hôte.",
807: 'Téléchargement terminé. Redémarrer pour appliquer.',
808: "Nom d'hôte modifié, redémarrer pour que les services installés utilisent la nouvelle adresse",
809: 'Langue modifiée, redémarrer pour que les services installés utilisent la nouvelle langue',
810: 'Mode kiosque modifié, redémarrer pour appliquer',
811: 'Le disque système doit faire au moins 18 Go',
812: 'Le disque de données doit faire au moins 20 Go',
813: 'Système + données combinés nécessitent au moins 38 Go',
} satisfies i18n

16
web/projects/shared/src/i18n/dictionaries/pl.ts
View File

@@ -399,7 +399,6 @@ export default {
425: 'Uruchom',
426: 'Akcja może być wykonana tylko gdy serwis jest',
427: 'Zabronione',
428: 'może tymczasowo napotkać problemy',
429: 'ma niespełnione zależności. Nie będzie działać zgodnie z oczekiwaniami.',
430: 'Odbudowywanie kontenera',
431: 'Rozpoczynanie odinstalowania',
@@ -485,7 +484,6 @@ export default {
512: 'Tryb kiosku jest niedostępny na tym urządzeniu',
513: 'Włącz',
514: 'Wyłącz',
515: 'Ta zmiana zacznie obowiązywać po następnym uruchomieniu',
516: 'Zalecane',
517: 'Czy na pewno chcesz odrzucić to zadanie?',
518: 'Odrzuć',
@@ -629,8 +627,8 @@ export default {
697: 'Wprowadź hasło użyte do zaszyfrowania tej kopii zapasowej.',
698: 'Znaleziono wiele kopii zapasowych. Wybierz, którą przywrócić.',
699: 'Kopie zapasowe',
700: 'Dysk, na którym zostanie zainstalowany system operacyjny StartOS.',
701: 'Dysk, na którym będą przechowywane dane StartOS (usługi, ustawienia itp.). Może to być ten sam dysk co systemowy lub oddzielny dysk.',
700: 'Dysk, na którym zostanie zainstalowany system operacyjny StartOS. Minimum 18 GB.',
701: 'Dysk, na którym będą przechowywane dane StartOS (usługi, ustawienia itp.). Może to być ten sam dysk co systemowy lub oddzielny dysk. Minimum 20 GB lub 38 GB w przypadku jednego dysku na system i dane.',
702: 'Po przeniesieniu danych z tego dysku nie próbuj ponownie uruchamiać z niego systemu jako serwer Start9. Może to spowodować nieprawidłowe działanie usług, uszkodzenie danych lub utratę środków.',
703: 'Musi mieć co najmniej 12 znaków',
704: 'Musi mieć maksymalnie 64 znaki',
@@ -717,11 +715,15 @@ export default {
799: 'Po kliknięciu "Enroll MOK":',
800: 'Po wyświetleniu monitu wprowadź swoje hasło StartOS',
801: 'Twój system ma włączony Secure Boot, co wymaga, aby wszystkie moduły jądra były podpisane zaufanym kluczem. Niektóre sterowniki sprzętowe \u2014 takie jak te dla GPU NVIDIA \u2014 nie są podpisane domyślnym kluczem dystrybucji. Zarejestrowanie klucza podpisu StartOS pozwala firmware ufać tym modułom, aby sprzęt mógł być w pełni wykorzystany.',
802: 'Tłumaczenia na poziomie systemu operacyjnego są już aktywne. Wymagane jest ponowne uruchomienie, aby tłumaczenia na poziomie usług zaczęły obowiązywać.',
803: 'Ten dysk używa ext4 i zostanie automatycznie skonwertowany na btrfs. Zdecydowanie zaleca się wykonanie kopii zapasowej przed kontynuowaniem.',
804: 'Mam kopię zapasową moich danych',
805: 'Dodaj domenę publiczną',
806: 'Wynik',
807: 'Po otwarciu nowego adresu zostaniesz poproszony o ponowne uruchomienie.',
808: 'Ponowne uruchomienie jest wymagane, aby interfejsy usług używały nowej nazwy hosta.',
807: 'Pobieranie zakończone. Uruchom ponownie, aby zastosować.',
808: 'Nazwa hosta zmieniona, uruchom ponownie, aby zainstalowane usługi używały nowego adresu',
809: 'Język zmieniony, uruchom ponownie, aby zainstalowane usługi używały nowego języka',
810: 'Tryb kiosku zmieniony, uruchom ponownie, aby zastosować',
811: 'Dysk systemowy musi mieć co najmniej 18 GB',
812: 'Dysk danych musi mieć co najmniej 20 GB',
813: 'System + dane łącznie wymagają co najmniej 38 GB',
} satisfies i18n

63
web/projects/start-tunnel/src/app/routes/home/routes/settings/index.ts
View File

@@ -50,45 +50,32 @@ import { CHANGE_PASSWORD } from './change-password'
</button>
}
</div>
<div tuiCell>
<span tuiTitle>
<strong>Change password</strong>
</span>
<button tuiButton size="s" (click)="onChangePassword()">Change</button>
</div>
<div tuiCell>
<span tuiTitle>
<strong>Restart</strong>
<span tuiSubtitle>Restart the VPS</span>
</span>
<button
tuiButton
size="s"
appearance="secondary"
iconStart="@tui.rotate-cw"
[loading]="restarting()"
(click)="onRestart()"
>
Restart
</button>
</div>
<div tuiCell>
<span tuiTitle>
<strong>Logout</strong>
</span>
<button
tuiButton
size="s"
appearance="secondary-destructive"
iconStart="@tui.log-out"
(click)="onLogout()"
>
Logout
</button>
</div>
</div>
<div tuiCardLarge [style.align-items]="'start'">
<button tuiButton size="s" (click)="onChangePassword()">
Change password
</button>
<button
tuiButton
size="s"
iconStart="@tui.rotate-cw"
[loading]="restarting()"
(click)="onRestart()"
>
Reboot VPS
</button>
<button tuiButton size="s" iconStart="@tui.log-out" (click)="onLogout()">
Logout
</button>
</div>
`,
styles: `
:host {
display: flex;
flex-direction: column;
gap: 1rem;
}
[tuiCardLarge] {
background: var(--tui-background-neutral-1);
@@ -148,9 +135,9 @@ export default class Settings {
await this.api.restart()
this.dialogs
.open(
'The VPS is restarting. Please wait 1\u20132 minutes, then refresh the page.',
'The VPS is rebooting. Please wait 1\u20132 minutes, then refresh the page.',
{
label: 'Restarting',
label: 'Rebooting',
},
)
.subscribe()

2
web/projects/start-tunnel/src/styles.scss
View File

@@ -14,7 +14,7 @@ body {
isolation: isolate;
overflow-x: hidden;
background:
conic-gradient(var(--tui-background-base)),
linear-gradient(var(--tui-background-base, #171717), var(--tui-background-base, #171717)),
radial-gradient(circle at top right, #5240a8, transparent 40%),
radial-gradient(circle at bottom right, #9236c9, transparent),
radial-gradient(circle at 25% 100%, #5b65d5, transparent 30%),

44
web/projects/ui/src/app/routes/portal/portal.component.ts
View File

@@ -6,7 +6,7 @@ import {
} from '@angular/core'
import { toSignal } from '@angular/core/rxjs-interop'
import { RouterOutlet } from '@angular/router'
import { ErrorService } from '@start9labs/shared'
import { ErrorService, i18nPipe } from '@start9labs/shared'
import {
TuiButton,
TuiCell,
@@ -39,10 +39,7 @@ import { HeaderComponent } from './components/header/header.component'
@if (update(); as update) {
<tui-action-bar *tuiPopup="bar()">
<span tuiCell="m">
@if (update === true) {
<tui-icon icon="@tui.check" class="g-positive" />
Download complete, restart to apply changes
} @else if (
@if (
update.overall && update.overall !== true && update.overall.total
) {
<tui-progress-circle
@@ -58,9 +55,36 @@ import { HeaderComponent } from './components/header/header.component'
Calculating download size
}
</span>
@if (update === true) {
<button tuiButton size="s" (click)="restart()">Restart</button>
}
</tui-action-bar>
}
@if (restartReason(); as reason) {
<tui-action-bar *tuiPopup="bar()">
<span tuiCell="m">
<tui-icon icon="@tui.refresh-cw" />
@switch (reason) {
@case ('update') {
{{ 'Download complete. Restart to apply.' | i18n }}
}
@case ('mdns') {
{{
'Hostname changed, restart for installed services to use the new address'
| i18n
}}
}
@case ('language') {
{{
'Language changed, restart for installed services to use the new language'
| i18n
}}
}
@case ('kiosk') {
{{ 'Kiosk mode changed, restart to apply' | i18n }}
}
}
</span>
<button tuiButton size="s" appearance="primary" (click)="restart()">
{{ 'Restart' | i18n }}
</button>
</tui-action-bar>
}
`,
@@ -114,6 +138,7 @@ import { HeaderComponent } from './components/header/header.component'
TuiButton,
TuiPopup,
TuiCell,
i18nPipe,
],
})
export class PortalComponent {
@@ -124,6 +149,9 @@ export class PortalComponent {
readonly name = toSignal(this.patch.watch$('serverInfo', 'name'))
readonly update = toSignal(inject(OSService).updating$)
readonly restartReason = toSignal(
this.patch.watch$('serverInfo', 'statusInfo', 'restart'),
)
readonly bar = signal(true)
getProgress(size: number, downloaded: number): number {

10
web/projects/ui/src/app/routes/portal/routes/marketplace/components/controls.component.ts
View File

@@ -31,7 +31,7 @@ import { hasCurrentDeps } from 'src/app/utils/has-deps'
import { MarketplaceAlertsService } from '../services/alerts.service'
type KEYS = 'id' | 'version' | 'alerts' | 'flavor'
type KEYS = 'id' | 'version' | 'alerts' | 'flavor' | 'satisfies'
@Component({
selector: 'marketplace-controls',
@@ -185,9 +185,13 @@ export class MarketplaceControlsComponent {
}
private async dryInstall(url: string | null) {
const { id, version } = this.pkg()
const { id, version, satisfies } = this.pkg()
const packages = await getAllPackages(this.patch)
const breakages = dryUpdate({ id, version }, packages, this.exver)
const breakages = dryUpdate(
{ id, version, satisfies: satisfies || [] },
packages,
this.exver,
)
if (!breakages.length || (await this.alerts.alertBreakages(breakages))) {
this.installOrUpload(url)

2
web/projects/ui/src/app/routes/portal/routes/services/components/controls.component.ts
View File

@@ -36,7 +36,7 @@ import { InterfaceService } from '../../../components/interfaces/interface.servi
<button
tuiButton
iconStart="@tui.rotate-cw"
(click)="controls.restart(manifest())"
(click)="controls.restart(manifest().id)"
>
{{ 'Restart' | i18n }}
</button>

28
web/projects/ui/src/app/routes/portal/routes/services/modals/action-input.component.ts
View File

@@ -14,7 +14,6 @@ import {
TuiNotification,
} from '@taiga-ui/core'
import { injectContext } from '@taiga-ui/polymorpheus'
import * as json from 'fast-json-patch'
import { compare } from 'fast-json-patch'
import { PatchDB } from 'patch-db-client'
import { catchError, EMPTY, endWith, firstValueFrom, from, map } from 'rxjs'
@@ -191,9 +190,7 @@ export class ActionInputModal {
task.actionId === this.actionId &&
task.when?.condition === 'input-not-matches' &&
task.input &&
json
.compare(input, task.input.value)
.some(op => op.op === 'add' || op.op === 'replace'),
conflicts(task.input.value, input),
),
)
.map(id => id)
@@ -214,3 +211,26 @@ export class ActionInputModal {
)
}
}
// Mirrors the Rust backend's `conflicts()` function in core/src/service/action.rs.
// A key in the partial that is missing from the full input is NOT a conflict.
function conflicts(left: unknown, right: unknown): boolean {
if (
typeof left === 'object' &&
left !== null &&
!Array.isArray(left) &&
typeof right === 'object' &&
right !== null &&
!Array.isArray(right)
) {
const l = left as Record<string, unknown>
const r = right as Record<string, unknown>
return Object.keys(l).some(k => (k in r ? conflicts(l[k], r[k]) : false))
}
if (Array.isArray(left) && Array.isArray(right)) {
return left.some(v => right.every(vr => conflicts(v, vr)))
}
return left !== right
}

95
web/projects/ui/src/app/routes/portal/routes/system/routes/general/general.component.ts
View File

@@ -4,11 +4,10 @@ import {
Component,
inject,
INJECTOR,
OnInit,
} from '@angular/core'
import { toSignal } from '@angular/core/rxjs-interop'
import { FormsModule } from '@angular/forms'
import { ActivatedRoute, Router, RouterLink } from '@angular/router'
import { RouterLink } from '@angular/router'
import { WA_WINDOW } from '@ng-web-apis/common'
import {
DialogService,
@@ -48,6 +47,7 @@ import { PatchDB } from 'patch-db-client'
import { filter } from 'rxjs'
import { ABOUT } from 'src/app/routes/portal/components/header/about.component'
import { ApiService } from 'src/app/services/api/embassy-api.service'
import { ConfigService } from 'src/app/services/config.service'
import { OSService } from 'src/app/services/os.service'
import { DataModel } from 'src/app/services/patch-db/data-model'
import { TitleDirective } from 'src/app/services/title.service'
@@ -96,14 +96,10 @@ import { UPDATE } from './update.component'
[disabled]="os.updatingOrBackingUp$ | async"
(click)="onUpdate()"
>
@if (server.statusInfo.updated) {
{{ 'Restart to apply' | i18n }}
@if (os.showUpdate$ | async) {
{{ 'Update' | i18n }}
} @else {
@if (os.showUpdate$ | async) {
{{ 'Update' | i18n }}
} @else {
{{ 'Check for updates' | i18n }}
}
{{ 'Check for updates' | i18n }}
}
</button>
</div>
@@ -278,7 +274,7 @@ import { UPDATE } from './update.component'
TuiAnimated,
],
})
export default class SystemGeneralComponent implements OnInit {
export default class SystemGeneralComponent {
private readonly dialogs = inject(TuiResponsiveDialogService)
private readonly loader = inject(TuiNotificationMiddleService)
private readonly errorService = inject(ErrorService)
@@ -288,20 +284,7 @@ export default class SystemGeneralComponent implements OnInit {
private readonly i18n = inject(i18nPipe)
private readonly injector = inject(INJECTOR)
private readonly win = inject(WA_WINDOW)
private readonly route = inject(ActivatedRoute)
private readonly router = inject(Router)
ngOnInit() {
this.route.queryParams
.pipe(filter(params => params['restart'] === 'hostname'))
.subscribe(async () => {
await this.router.navigate([], {
relativeTo: this.route,
queryParams: {},
})
this.promptHostnameRestart()
})
}
private readonly config = inject(ConfigService)
count = 0
@@ -321,7 +304,6 @@ export default class SystemGeneralComponent implements OnInit {
onLanguageChange(language: Language) {
this.i18nService.setLang(language.name)
this.promptLanguageRestart()
}
// Expose shared utilities for template use
@@ -371,9 +353,7 @@ export default class SystemGeneralComponent implements OnInit {
}
onUpdate() {
if (this.server()?.statusInfo.updated) {
this.restart()
} else if (this.os.updateAvailable$.value) {
if (this.os.updateAvailable$.value) {
this.update()
} else {
this.check()
@@ -400,7 +380,7 @@ export default class SystemGeneralComponent implements OnInit {
),
)
.subscribe(result => {
if (this.win.location.hostname.endsWith('.local')) {
if (this.config.accessType === 'mdns') {
this.confirmNameChange(result)
} else {
this.saveName(result)
@@ -433,24 +413,18 @@ export default class SystemGeneralComponent implements OnInit {
await this.api.setHostname({ name, hostname })
if (wasLocal) {
const { protocol, port } = this.win.location
const portSuffix = port ? ':' + port : ''
const newUrl = `${protocol}//${hostname}.local${portSuffix}/system/general?restart=hostname`
this.dialog
.openConfirm({
label: 'Hostname Changed',
data: {
content:
`${this.i18n.transform('Your server is now reachable at')} ${hostname}.local. ${this.i18n.transform('After opening the new address, you will be prompted to restart.')}` as i18nKey,
`${this.i18n.transform('Your server is now reachable at')} ${hostname}.local` as i18nKey,
yes: 'Open new address',
no: 'Dismiss',
},
})
.pipe(filter(Boolean))
.subscribe(() => this.win.open(newUrl, '_blank'))
} else {
this.promptHostnameRestart()
.subscribe(() => this.win.open(`https://${hostname}.local`, '_blank'))
}
} catch (e: any) {
this.errorService.handleError(e)
@@ -526,7 +500,6 @@ export default class SystemGeneralComponent implements OnInit {
try {
await this.api.toggleKiosk(true)
this.promptRestart()
} catch (e: any) {
this.errorService.handleError(e)
} finally {
@@ -546,7 +519,6 @@ export default class SystemGeneralComponent implements OnInit {
options: [],
})
await this.api.toggleKiosk(true)
this.promptRestart()
} catch (e: any) {
this.errorService.handleError(e)
} finally {
@@ -559,7 +531,6 @@ export default class SystemGeneralComponent implements OnInit {
try {
await this.api.toggleKiosk(false)
this.promptRestart()
} catch (e: any) {
this.errorService.handleError(e)
} finally {
@@ -567,50 +538,6 @@ export default class SystemGeneralComponent implements OnInit {
}
}
private promptRestart() {
this.dialog
.openConfirm({
label: 'Restart to apply',
data: {
content: 'This change will take effect after the next boot',
yes: 'Restart now',
no: 'Later',
},
})
.pipe(filter(Boolean))
.subscribe(() => this.restart())
}
private promptHostnameRestart() {
this.dialog
.openConfirm({
label: 'Restart to apply',
data: {
content:
'A restart is required for service interfaces to use the new hostname.',
yes: 'Restart now',
no: 'Later',
},
})
.pipe(filter(Boolean))
.subscribe(() => this.restart())
}
private promptLanguageRestart() {
this.dialog
.openConfirm({
label: 'Restart to apply',
data: {
content:
'OS-level translations are already in effect. A restart is required for service-level translations to take effect.',
yes: 'Restart now',
no: 'Later',
},
})
.pipe(filter(Boolean))
.subscribe(() => this.restart())
}
private update() {
this.dialogs
.open(UPDATE, {

2
web/projects/ui/src/app/routes/portal/routes/system/routes/startos-ui/startos-ui.component.ts
View File

@@ -54,7 +54,7 @@ export default class StartOsUiComponent {
private readonly i18n = inject(i18nPipe)
readonly iface: T.ServiceInterface = {
id: '',
id: 'startos-ui',
name: 'StartOS UI',
description: this.i18n.transform(
'The web user interface for your StartOS server, accessible from any browser.',

43
web/projects/ui/src/app/routes/portal/routes/updates/item.component.ts
View File

@@ -10,7 +10,6 @@ import { RouterLink } from '@angular/router'
import { MarketplacePkg } from '@start9labs/marketplace'
import {
DialogService,
i18nKey,
i18nPipe,
LocalizePipe,
MarkdownPipe,
@@ -18,10 +17,10 @@ import {
} from '@start9labs/shared'
import {
TuiButton,
TuiExpand,
TuiIcon,
TuiLink,
TuiTitle,
TuiExpand,
} from '@taiga-ui/core'
import { NgDompurifyPipe } from '@taiga-ui/dompurify'
import {
@@ -32,7 +31,6 @@ import {
TuiProgressCircle,
} from '@taiga-ui/kit'
import { PatchDB } from 'patch-db-client'
import { defaultIfEmpty, firstValueFrom } from 'rxjs'
import { InstallingProgressPipe } from 'src/app/routes/portal/routes/services/pipes/install-progress.pipe'
import { MarketplaceService } from 'src/app/services/marketplace.service'
import {
@@ -41,8 +39,6 @@ import {
PackageDataEntry,
UpdatingState,
} from 'src/app/services/patch-db/data-model'
import { getAllPackages } from 'src/app/utils/get-package-data'
import { hasCurrentDeps } from 'src/app/utils/has-deps'
import UpdatesComponent from './updates.component'
@Component({
@@ -106,7 +102,7 @@ import UpdatesComponent from './updates.component'
size="s"
[loading]="!ready()"
[appearance]="error() ? 'destructive' : 'primary'"
(click.stop)="onClick()"
(click.stop)="update()"
>
{{ error() ? ('Retry' | i18n) : ('Update' | i18n) }}
</button>
@@ -199,6 +195,7 @@ import UpdatesComponent from './updates.component'
&[colspan]:only-child {
padding: 0 3rem;
text-align: left;
white-space: normal;
}
}
@@ -273,22 +270,7 @@ export class UpdatesItemComponent {
readonly local =
input.required<PackageDataEntry<InstalledState | UpdatingState>>()
async onClick() {
this.ready.set(false)
this.error.set('')
if (hasCurrentDeps(this.item().id, await getAllPackages(this.patch))) {
if (await this.alert()) {
await this.update()
} else {
this.ready.set(true)
}
} else {
await this.update()
}
}
private async update() {
async update() {
const { id, version } = this.item()
const url = this.parent.current()?.url || ''
@@ -300,21 +282,4 @@ export class UpdatesItemComponent {
this.error.set(e.message)
}
}
private async alert(): Promise<boolean> {
return firstValueFrom(
this.dialog
.openConfirm({
label: 'Warning',
size: 's',
data: {
content:
`${this.i18n.transform('Services that depend on')} ${this.local().stateInfo.manifest.title} ${this.i18n.transform('will no longer work properly and may crash.')}` as i18nKey,
yes: 'Continue',
no: 'Cancel',
},
})
.pipe(defaultIfEmpty(false)),
)
}
}

75
web/projects/ui/src/app/services/api/api.fixures.ts
View File

@@ -24,9 +24,9 @@ export namespace Mock {
export const ServerUpdated: T.ServerStatus = {
backupProgress: null,
updateProgress: null,
updated: true,
restarting: false,
shuttingDown: false,
restart: null,
}
export const RegistryOSUpdate: T.OsVersionInfoMap = {
@@ -459,6 +459,7 @@ export namespace Mock {
gitHash: 'fakehash',
icon: BTC_ICON,
sourceVersion: null,
satisfies: [],
dependencyMetadata: {},
donationUrl: null,
alerts: {
@@ -501,6 +502,7 @@ export namespace Mock {
gitHash: 'fakehash',
icon: BTC_ICON,
sourceVersion: null,
satisfies: [],
dependencyMetadata: {},
donationUrl: null,
alerts: {
@@ -553,6 +555,7 @@ export namespace Mock {
gitHash: 'fakehash',
icon: BTC_ICON,
sourceVersion: null,
satisfies: [],
dependencyMetadata: {},
donationUrl: null,
alerts: {
@@ -595,6 +598,7 @@ export namespace Mock {
gitHash: 'fakehash',
icon: BTC_ICON,
sourceVersion: null,
satisfies: [],
dependencyMetadata: {},
donationUrl: null,
alerts: {
@@ -649,6 +653,7 @@ export namespace Mock {
gitHash: 'fakehash',
icon: LND_ICON,
sourceVersion: null,
satisfies: [],
dependencyMetadata: {
bitcoind: BitcoinDep,
'btc-rpc-proxy': ProxyDep,
@@ -704,6 +709,7 @@ export namespace Mock {
gitHash: 'fakehash',
icon: LND_ICON,
sourceVersion: null,
satisfies: [],
dependencyMetadata: {
bitcoind: BitcoinDep,
'btc-rpc-proxy': ProxyDep,
@@ -757,12 +763,74 @@ export namespace Mock {
upstreamRepo: 'https://github.com/bitcoin/bitcoin',
marketingUrl: 'https://bitcoin.org',
docsUrls: ['https://bitcoin.org'],
releaseNotes: 'Even better support for Bitcoin and wallets!',
releaseNotes: `# Bitcoin Core v27.0.0 Release Notes
## Overview
This is a major release of Bitcoin Core with significant performance improvements, new RPC methods, and critical security patches. We strongly recommend all users upgrade as soon as possible.
## Breaking Changes
- The deprecated \`getinfo\` RPC has been fully removed. Use \`getblockchaininfo\`, \`getnetworkinfo\`, and \`getwalletinfo\` instead.
- Configuration option \`rpcallowip\` no longer accepts hostnames — only CIDR notation is supported (e.g. \`192.168.1.0/24\`).
- The wallet database format has been migrated from BerkeleyDB to SQLite. Existing wallets will be automatically converted on first load. **This migration is irreversible.**
## New Features
- **Compact Block Filters (BIP 158):** Full support for serving compact block filters to light clients over the P2P network. Enable with \`-blockfilterindex=basic -peerblockfilters=1\`.
- **Miniscript support in descriptors:** You can now use miniscript policies inside \`wsh()\` descriptors for more expressive spending conditions.
- **New RPC: \`getdescriptoractivity\`:** Returns all wallet-relevant transactions for a given set of output descriptors within a block range.
## Performance Improvements
- Block validation is now 18% faster due to improved UTXO cache management and parallel script verification.
- Initial block download (IBD) time reduced by approximately 25% on NVMe storage thanks to batched database writes.
- Memory usage during reindex reduced from ~4.2 GB to ~2.8 GB peak.
## Configuration Changes
\`\`\`ini
# New options added in this release
blockfilterindex=basic # Enable BIP 158 compact block filter index
peerblockfilters=1 # Serve compact block filters to peers
shutdownnotify=<cmd> # Execute command on clean shutdown
v2transport=1 # Prefer BIP 324 encrypted P2P connections
\`\`\`
## Bug Fixes
1. Fixed a race condition in the mempool acceptance logic that could cause \`submitblock\` to return stale rejection reasons under high transaction throughput.
2. Corrected fee estimation for transactions with many inputs where the estimator previously overestimated by up to 15%.
3. Resolved an edge case where \`pruneblockchain\` could delete blocks still needed by an in-progress \`rescanblockchain\` operation.
4. Fixed incorrect handling of \`OP_CHECKSIGADD\` in legacy script verification mode that could lead to consensus divergence on certain non-standard transactions.
5. Patched a denial-of-service vector where a malicious peer could send specially crafted \`inv\` messages causing excessive memory allocation in the transaction request tracker.
## Dependency Updates
| Dependency | Old Version | New Version |
|------------|-------------|-------------|
| OpenSSL | 1.1.1w | 3.0.13 |
| libevent | 2.1.12 | 2.2.1 |
| Boost | 1.81.0 | 1.84.0 |
| SQLite | 3.38.5 | 3.45.1 |
| miniupnpc | 2.2.4 | 2.2.7 |
## Migration Guide
For users running Bitcoin Core as a service behind a reverse proxy, note that the default RPC authentication mechanism now uses cookie-based auth by default. If you previously relied on \`rpcuser\`/\`rpcpassword\`, you must explicitly set \`rpcauth\` in your configuration file. See https://github.com/bitcoin/bitcoin/blob/master/share/rpcauth/rpcauth.py for the auth string generator.
## Known Issues
- Wallet encryption with very long passphrases (>1024 characters) may cause the wallet to become temporarily unresponsive during unlock. A fix is planned for v27.0.1.
- The \`listtransactions\` RPC may return duplicate entries when called with \`include_watchonly=true\` on descriptor wallets that share derivation paths across multiple descriptors.
For the full changelog, see https://github.com/bitcoin/bitcoin/blob/v27.0.0/doc/release-notes/release-notes-27.0.0.md#full-changelog-with-detailed-descriptions-of-every-commit-and-pull-request-merged`,
osVersion: '0.4.0',
sdkVersion: '0.4.0-beta.49',
gitHash: 'fakehash',
icon: BTC_ICON,
sourceVersion: null,
satisfies: [],
dependencyMetadata: {},
donationUrl: null,
alerts: {
@@ -805,6 +873,7 @@ export namespace Mock {
gitHash: 'fakehash',
icon: BTC_ICON,
sourceVersion: null,
satisfies: [],
dependencyMetadata: {},
donationUrl: null,
alerts: {
@@ -857,6 +926,7 @@ export namespace Mock {
gitHash: 'fakehash',
icon: LND_ICON,
sourceVersion: null,
satisfies: [],
dependencyMetadata: {
bitcoind: BitcoinDep,
'btc-rpc-proxy': ProxyDep,
@@ -912,6 +982,7 @@ export namespace Mock {
gitHash: 'fakehash',
icon: PROXY_ICON,
sourceVersion: null,
satisfies: [],
dependencyMetadata: {
bitcoind: BitcoinDep,
},

42
web/projects/ui/src/app/services/api/embassy-mock-api.service.ts
View File

@@ -435,14 +435,20 @@ export class MockApiService extends ApiService {
async toggleKiosk(enable: boolean): Promise<null> {
await pauseFor(2000)
const patch = [
this.mockRevision([
{
op: PatchOp.REPLACE,
path: '/serverInfo/kiosk',
value: enable,
},
]
this.mockRevision(patch)
])
this.mockRevision([
{
op: PatchOp.REPLACE,
path: '/serverInfo/statusInfo/restart',
value: 'kiosk',
},
])
return null
}
@@ -450,7 +456,7 @@ export class MockApiService extends ApiService {
async setHostname(params: T.SetServerHostnameParams): Promise<null> {
await pauseFor(1000)
const patch = [
this.mockRevision([
{
op: PatchOp.REPLACE,
path: '/serverInfo/name',
@@ -461,8 +467,14 @@ export class MockApiService extends ApiService {
path: '/serverInfo/hostname',
value: params.hostname,
},
]
this.mockRevision(patch)
])
this.mockRevision([
{
op: PatchOp.REPLACE,
path: '/serverInfo/statusInfo/restart',
value: 'mdns',
},
])
return null
}
@@ -485,14 +497,20 @@ export class MockApiService extends ApiService {
async setLanguage(params: SetLanguageParams): Promise<null> {
await pauseFor(1000)
const patch = [
this.mockRevision([
{
op: PatchOp.REPLACE,
path: '/serverInfo/language',
value: params.language,
},
]
this.mockRevision(patch)
])
this.mockRevision([
{
op: PatchOp.REPLACE,
path: '/serverInfo/statusInfo/restart',
value: 'language',
},
])
return null
}
@@ -1831,11 +1849,11 @@ export class MockApiService extends ApiService {
this.mockRevision(patch2)
setTimeout(async () => {
const patch3: Operation<boolean>[] = [
const patch3: Operation<string>[] = [
{
op: PatchOp.REPLACE,
path: '/serverInfo/statusInfo/updated',
value: true,
path: '/serverInfo/statusInfo/restart',
value: 'update',
},
{
op: PatchOp.REMOVE,

4
web/projects/ui/src/app/services/api/mock-patch.ts
View File

@@ -14,7 +14,6 @@ export const mockPatchData: DataModel = {
snakeHighScore: 0,
},
serverInfo: {
arch: 'x86_64',
id: 'abcdefgh',
version,
lastBackup: new Date(new Date().valueOf() - 604800001).toISOString(),
@@ -227,11 +226,11 @@ export const mockPatchData: DataModel = {
postInitMigrationTodos: {},
statusInfo: {
// currentBackup: null,
updated: false,
updateProgress: null,
restarting: false,
shuttingDown: false,
backupProgress: null,
restart: null,
},
name: 'Random Words',
hostname: 'random-words',
@@ -240,7 +239,6 @@ export const mockPatchData: DataModel = {
ntpSynced: false,
smtp: null,
echoipUrls: ['https://ipconfig.me', 'https://ifconfig.co'],
platform: 'x86_64-nonfree',
zram: true,
governor: 'performance',
ram: 8 * 1024 * 1024 * 1024,

37
web/projects/ui/src/app/services/controls.service.ts
View File

@@ -84,35 +84,16 @@ export class ControlsService {
})
}
async restart({ id, title }: T.Manifest) {
const packages = await getAllPackages(this.patch)
async restart(id: string) {
const loader = this.loader.open('Restarting').subscribe()
defer(() =>
hasCurrentDeps(id, packages)
? this.dialog
.openConfirm({
label: 'Warning',
size: 's',
data: {
content:
`${this.i18n.transform('Services that depend on')} ${title} ${this.i18n.transform('may temporarily experiences issues')}` as i18nKey,
yes: 'Restart',
no: 'Cancel',
},
})
.pipe(filter(Boolean))
: of(null),
).subscribe(async () => {
const loader = this.loader.open('Restarting').subscribe()
try {
await this.api.restartPackage({ id })
} catch (e: any) {
this.errorService.handleError(e)
} finally {
loader.unsubscribe()
}
})
try {
await this.api.restartPackage({ id })
} catch (e: any) {
this.errorService.handleError(e)
} finally {
loader.unsubscribe()
}
}
private alert(content: T.LocaleString): Promise<boolean> {

2
web/projects/ui/src/app/services/os.service.ts
View File

@@ -28,7 +28,7 @@ export class OSService {
.pipe(shareReplay({ bufferSize: 1, refCount: true }))
readonly updating$ = this.statusInfo$.pipe(
map(status => status.updateProgress ?? status.updated),
map(status => status.updateProgress ?? false),
distinctUntilChanged(),
)

22
web/projects/ui/src/app/utils/dry-update.ts
View File

@@ -3,7 +3,11 @@ import { DataModel } from '../services/patch-db/data-model'
import { getManifest } from './get-package-data'
export function dryUpdate(
{ id, version }: { id: string; version: string },
{
id,
version,
satisfies,
}: { id: string; version: string; satisfies: string[] },
pkgs: DataModel['packageData'],
exver: Exver,
): string[] {
@@ -13,10 +17,24 @@ export function dryUpdate(
Object.keys(pkg.currentDependencies || {}).some(
pkgId => pkgId === id,
) &&
!exver.satisfies(
!versionSatisfies(
version,
satisfies,
pkg.currentDependencies[id]?.versionRange || '',
exver,
),
)
.map(pkg => getManifest(pkg).title)
}
function versionSatisfies(
version: string,
satisfies: string[],
range: string,
exver: Exver,
): boolean {
return (
exver.satisfies(version, range) ||
satisfies.some(v => exver.satisfies(v, range))
)
}