wip: iroh

* refactor: fix multiple comments

* styling changes, add documentation to sidebar

* translations for dns page

* refactor: subtle colors

* rearrange service page

---------

Co-authored-by: Matt Hill <mattnine@protonmail.com>

.github/workflows/startos-iso.yaml

@@ -45,7 +45,7 @@ on:
       - next/*
 
 env:
-  NODEJS_VERSION: "20.16.0"
+  NODEJS_VERSION: "22.17.1"
   ENVIRONMENT: '${{ fromJson(format(''["{0}", ""]'', github.event.inputs.environment || ''dev''))[github.event.inputs.environment == ''NONE''] }}'
 
 jobs:
@@ -93,8 +93,18 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
+      - name: Configure sccache
+        uses: actions/github-script@v7
+        with:
+          script: |
+            core.exportVariable('ACTIONS_RESULTS_URL', process.env.ACTIONS_RESULTS_URL || '');
+            core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env.ACTIONS_RUNTIME_TOKEN || '');
+
       - name: Make
         run: make ARCH=${{ matrix.arch }} compiled-${{ matrix.arch }}.tar
+        env:
+          SCCACHE_GHA_ENABLED: on
+          SCCACHE_GHA_VERSION: 0
 
       - uses: actions/upload-artifact@v4
         with:

.github/workflows/test.yaml

@@ -11,7 +11,7 @@ on:
       - next/*
 
 env:
-  NODEJS_VERSION: "20.16.0"
+  NODEJS_VERSION: "22.17.1"
   ENVIRONMENT: dev-unstable
 
 jobs:

.gitignore

@@ -1,8 +1,5 @@
 .DS_Store
 .idea
-system-images/binfmt/binfmt.tar
-system-images/compat/compat.tar
-system-images/util/util.tar
 /*.img
 /*.img.gz
 /*.img.xz

CONTRIBUTING.md

@@ -1,7 +1,6 @@
 # Contributing to StartOS
 
-This guide is for contributing to the StartOS. If you are interested in packaging a service for StartOS, visit the [service packaging guide](https://docs.start9.com/latest/developer-docs/). If you are interested in promoting, providing technical support, creating tutorials, or helping in other ways, please visit the [Start9 website](https://start9.com/contribute).
-
+This guide is for contributing to the StartOS. If you are interested in packaging a service for StartOS, visit the [service packaging guide](https://docs.start9.com/latest/packaging-guide/). If you are interested in promoting, providing technical support, creating tutorials, or helping in other ways, please visit the [Start9 website](https://start9.com/contribute).
 
 ## Collaboration
 
@@ -13,64 +12,77 @@ This guide is for contributing to the StartOS. If you are interested in packagin
 ```bash
 /
 ├── assets/
+├── container-runtime/
 ├── core/
 ├── build/
 ├── debian/
 ├── web/
 ├── image-recipe/
 ├── patch-db
-└── system-images/
+└── sdk/
 ```
+
 #### assets
+
 screenshots for the StartOS README
 
+#### container-runtime
+
+A NodeJS program that dynamically loads maintainer scripts and communicates with the OS to manage packages
+
 #### core
-An API, daemon (startd), CLI (start-cli), and SDK (start-sdk) that together provide the core functionality of StartOS.
+
+An API, daemon (startd), and CLI (start-cli) that together provide the core functionality of StartOS.
 
 #### build
+
 Auxiliary files and scripts to include in deployed StartOS images
 
 #### debian
+
 Maintainer scripts for the StartOS Debian package
 
 #### web
+
 Web UIs served under various conditions and used to interact with StartOS APIs.
 
 #### image-recipe
+
 Scripts for building StartOS images
 
 #### patch-db (submodule)
+
 A diff based data store used to synchronize data between the web interfaces and server.
 
-#### system-images
-Docker images that assist with creating backups.
+#### sdk
+
+A typescript sdk for building start-os packages
 
 ## Environment Setup
 
 #### Clone the StartOS repository
+
 ```sh
-git clone https://github.com/Start9Labs/start-os.git
+git clone https://github.com/Start9Labs/start-os.git --recurse-submodules
 cd start-os
 ```
 
-#### Load the PatchDB submodule
-```sh
-git submodule update --init --recursive
-```
-
 #### Continue to your project of interest for additional instructions:
+
 - [`core`](core/README.md)
 - [`web-interfaces`](web-interfaces/README.md)
 - [`build`](build/README.md)
 - [`patch-db`](https://github.com/Start9Labs/patch-db)
 
 ## Building
+
 This project uses [GNU Make](https://www.gnu.org/software/make/) to build its components. To build any specific component, simply run `make <TARGET>` replacing `<TARGET>` with the name of the target you'd like to build
 
 ### Requirements
+
 - [GNU Make](https://www.gnu.org/software/make/)
 - [Docker](https://docs.docker.com/get-docker/)
-- [NodeJS v18.15.0](https://docs.npmjs.com/downloading-and-installing-node-js-and-npm)
+- [NodeJS v20.16.0](https://docs.npmjs.com/downloading-and-installing-node-js-and-npm)
 - [sed](https://www.gnu.org/software/sed/)
 - [grep](https://www.gnu.org/software/grep/)
 - [awk](https://www.gnu.org/software/gawk/)
@@ -79,41 +91,43 @@ This project uses [GNU Make](https://www.gnu.org/software/make/) to build its co
 - [brotli](https://github.com/google/brotli)
 
 ### Environment variables
+
 - `PLATFORM`: which platform you would like to build for. Must be one of `x86_64`, `x86_64-nonfree`, `aarch64`, `aarch64-nonfree`, `raspberrypi`
-    - NOTE: `nonfree` images are for including `nonfree` firmware packages in the built ISO
+  - NOTE: `nonfree` images are for including `nonfree` firmware packages in the built ISO
 - `ENVIRONMENT`: a hyphen separated set of feature flags to enable
-    - `dev`: enables password ssh (INSECURE!) and does not compress frontends
-    - `unstable`: enables assertions that will cause errors on unexpected inconsistencies that are undesirable in production use either for performance or reliability reasons
-    - `docker`: use `docker` instead of `podman`
+  - `dev`: enables password ssh (INSECURE!) and does not compress frontends
+  - `unstable`: enables assertions that will cause errors on unexpected inconsistencies that are undesirable in production use either for performance or reliability reasons
+  - `docker`: use `docker` instead of `podman`
 - `GIT_BRANCH_AS_HASH`: set to `1` to use the current git branch name as the git hash so that the project does not need to be rebuilt on each commit
 
 ### Useful Make Targets
+
 - `iso`: Create a full `.iso` image
-    - Only possible from Debian
-    - Not available for `PLATFORM=raspberrypi`
-    - Additional Requirements:
-        - [debspawn](https://github.com/lkhq/debspawn)
+  - Only possible from Debian
+  - Not available for `PLATFORM=raspberrypi`
+  - Additional Requirements:
+    - [debspawn](https://github.com/lkhq/debspawn)
 - `img`: Create a full `.img` image
-    - Only possible from Debian
-    - Only available for `PLATFORM=raspberrypi`
-    - Additional Requirements:
-        - [debspawn](https://github.com/lkhq/debspawn)
+  - Only possible from Debian
+  - Only available for `PLATFORM=raspberrypi`
+  - Additional Requirements:
+    - [debspawn](https://github.com/lkhq/debspawn)
 - `format`: Run automatic code formatting for the project
-    - Additional Requirements:
-        - [rust](https://rustup.rs/)
+  - Additional Requirements:
+    - [rust](https://rustup.rs/)
 - `test`: Run automated tests for the project
-    - Additional Requirements:
-        - [rust](https://rustup.rs/)
+  - Additional Requirements:
+    - [rust](https://rustup.rs/)
 - `update`: Deploy the current working project to a device over ssh as if through an over-the-air update
-    - Requires an argument `REMOTE` which is the ssh address of the device, i.e. `start9@192.168.122.2`
+  - Requires an argument `REMOTE` which is the ssh address of the device, i.e. `start9@192.168.122.2`
 - `reflash`: Deploy the current working project to a device over ssh as if using a live `iso` image to reflash it
-    - Requires an argument `REMOTE` which is the ssh address of the device, i.e. `start9@192.168.122.2`
+  - Requires an argument `REMOTE` which is the ssh address of the device, i.e. `start9@192.168.122.2`
 - `update-overlay`: Deploy the current working project to a device over ssh to the in-memory overlay without restarting it
-    - WARNING: changes will be reverted after the device is rebooted
-    - WARNING: changes to `init` will not take effect as the device is already initialized
-    - Requires an argument `REMOTE` which is the ssh address of the device, i.e. `start9@192.168.122.2`
+  - WARNING: changes will be reverted after the device is rebooted
+  - WARNING: changes to `init` will not take effect as the device is already initialized
+  - Requires an argument `REMOTE` which is the ssh address of the device, i.e. `start9@192.168.122.2`
 - `wormhole`: Deploy the `startbox` to a device using [magic-wormhole](https://github.com/magic-wormhole/magic-wormhole)
-    - When the build it complete will emit a command to paste into the shell of the device to upgrade it
-    - Additional Requirements:
-        - [magic-wormhole](https://github.com/magic-wormhole/magic-wormhole)
-- `clean`: Delete all compiled artifacts
+  - When the build it complete will emit a command to paste into the shell of the device to upgrade it
+  - Additional Requirements:
+    - [magic-wormhole](https://github.com/magic-wormhole/magic-wormhole)
+- `clean`: Delete all compiled artifacts

DEVELOPMENT.md

@@ -25,15 +25,15 @@ docker buildx create --use
 curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh # proceed with default installation
 curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/master/install.sh | bash
 source ~/.bashrc
-nvm install 20
-nvm use 20
-nvm alias default 20 # this prevents your machine from reverting back to another version
+nvm install 22
+nvm use 22
+nvm alias default 22 # this prevents your machine from reverting back to another version
 ```
 
 ## Cloning the repository
 
 ```sh
-git clone --recursive https://github.com/Start9Labs/start-os.git --branch next/minor
+git clone --recursive https://github.com/Start9Labs/start-os.git --branch next/major
 cd start-os
 ```
 

Makefile

@@ -1,3 +1,6 @@
+ls-files = $(shell git ls-files --cached --others --exclude-standard $1) 
+PROFILE = release
+
 PLATFORM_FILE := $(shell ./check-platform.sh)
 ENVIRONMENT_FILE := $(shell ./check-environment.sh)
 GIT_HASH_FILE := $(shell ./check-git-hash.sh)
@@ -9,23 +12,27 @@ IMAGE_TYPE=$(shell if [ "$(PLATFORM)" = raspberrypi ]; then echo img; else echo
 WEB_UIS := web/dist/raw/ui/index.html web/dist/raw/setup-wizard/index.html web/dist/raw/install-wizard/index.html
 COMPRESSED_WEB_UIS := web/dist/static/ui/index.html web/dist/static/setup-wizard/index.html web/dist/static/install-wizard/index.html
 FIRMWARE_ROMS := ./firmware/$(PLATFORM) $(shell jq --raw-output '.[] | select(.platform[] | contains("$(PLATFORM)")) | "./firmware/$(PLATFORM)/" + .id + ".rom.gz"' build/lib/firmware.json)
-BUILD_SRC := $(shell git ls-files build) build/lib/depends build/lib/conflicts $(FIRMWARE_ROMS)
-DEBIAN_SRC := $(shell git ls-files debian/)
-IMAGE_RECIPE_SRC := $(shell git ls-files image-recipe/)
+BUILD_SRC := $(call ls-files, build) build/lib/depends build/lib/conflicts $(FIRMWARE_ROMS)
+DEBIAN_SRC := $(call ls-files, debian/)
+IMAGE_RECIPE_SRC := $(call ls-files, image-recipe/)
 STARTD_SRC := core/startos/startd.service $(BUILD_SRC)
-COMPAT_SRC := $(shell git ls-files system-images/compat/)
-UTILS_SRC := $(shell git ls-files system-images/utils/)
-BINFMT_SRC := $(shell git ls-files system-images/binfmt/)
-CORE_SRC := $(shell git ls-files core) $(shell git ls-files --recurse-submodules patch-db) $(GIT_HASH_FILE)
-WEB_SHARED_SRC := $(shell git ls-files web/projects/shared) $(shell ls -p web/ | grep -v / | sed 's/^/web\//g') web/node_modules/.package-lock.json web/config.json patch-db/client/dist/index.js sdk/baseDist/package.json web/patchdb-ui-seed.json sdk/dist/package.json
-WEB_UI_SRC := $(shell git ls-files web/projects/ui)
-WEB_SETUP_WIZARD_SRC := $(shell git ls-files web/projects/setup-wizard)
-WEB_INSTALL_WIZARD_SRC := $(shell git ls-files web/projects/install-wizard)
+CORE_SRC := $(call ls-files, core) $(shell git ls-files --recurse-submodules patch-db) $(GIT_HASH_FILE)
+WEB_SHARED_SRC := $(call ls-files, web/projects/shared) $(call ls-files, web/projects/marketplace) $(shell ls -p web/ | grep -v / | sed 's/^/web\//g') web/node_modules/.package-lock.json web/config.json patch-db/client/dist/index.js sdk/baseDist/package.json web/patchdb-ui-seed.json sdk/dist/package.json
+WEB_UI_SRC := $(call ls-files, web/projects/ui)
+WEB_SETUP_WIZARD_SRC := $(call ls-files, web/projects/setup-wizard)
+WEB_INSTALL_WIZARD_SRC := $(call ls-files, web/projects/install-wizard)
 PATCH_DB_CLIENT_SRC := $(shell git ls-files --recurse-submodules patch-db/client)
 GZIP_BIN := $(shell which pigz || which gzip)
 TAR_BIN := $(shell which gtar || which tar)
-COMPILED_TARGETS := core/target/$(ARCH)-unknown-linux-musl/release/startbox core/target/$(ARCH)-unknown-linux-musl/release/containerbox system-images/compat/docker-images/$(ARCH).tar system-images/utils/docker-images/$(ARCH).tar system-images/binfmt/docker-images/$(ARCH).tar container-runtime/rootfs.$(ARCH).squashfs
-ALL_TARGETS := $(STARTD_SRC) $(ENVIRONMENT_FILE) $(GIT_HASH_FILE) $(VERSION_FILE) $(COMPILED_TARGETS) cargo-deps/$(ARCH)-unknown-linux-musl/release/startos-backup-fs $(shell if [ "$(PLATFORM)" = "raspberrypi" ]; then echo cargo-deps/aarch64-unknown-linux-musl/release/pi-beep; fi)  $(shell /bin/bash -c 'if [[ "${ENVIRONMENT}" =~ (^|-)unstable($$|-) ]]; then echo cargo-deps/$(ARCH)-unknown-linux-musl/release/tokio-console; fi') $(PLATFORM_FILE) 
+COMPILED_TARGETS := core/target/$(ARCH)-unknown-linux-musl/$(PROFILE)/startbox core/target/$(ARCH)-unknown-linux-musl/release/containerbox container-runtime/rootfs.$(ARCH).squashfs
+ALL_TARGETS := $(STARTD_SRC) $(ENVIRONMENT_FILE) $(GIT_HASH_FILE) $(VERSION_FILE) $(COMPILED_TARGETS) cargo-deps/$(ARCH)-unknown-linux-musl/release/startos-backup-fs $(PLATFORM_FILE) \
+	$(shell if [ "$(PLATFORM)" = "raspberrypi" ]; then \
+		echo cargo-deps/aarch64-unknown-linux-musl/release/pi-beep; \
+	fi) \
+	$(shell /bin/bash -c 'if [[ "${ENVIRONMENT}" =~ (^|-)unstable($$|-) ]]; then \
+		echo cargo-deps/$(ARCH)-unknown-linux-musl/release/tokio-console; \
+		echo cargo-deps/$(ARCH)-unknown-linux-musl/release/flamegraph; \
+	fi')
 REBUILD_TYPES = 1
 
 ifeq ($(REMOTE),)
@@ -49,7 +56,7 @@ endif
 
 .DELETE_ON_ERROR:
 
-.PHONY: all metadata install clean format cli uis ui reflash deb $(IMAGE_TYPE) squashfs sudo wormhole wormhole-deb test test-core test-sdk test-container-runtime registry
+.PHONY: all metadata install clean format cli uis ui reflash deb $(IMAGE_TYPE) squashfs wormhole wormhole-deb test test-core test-sdk test-container-runtime registry
 
 all: $(ALL_TARGETS)
 
@@ -58,12 +65,7 @@ touch:
 
 metadata: $(VERSION_FILE) $(PLATFORM_FILE) $(ENVIRONMENT_FILE) $(GIT_HASH_FILE)
 
-sudo:
-	sudo true
-
 clean:
-	rm -f system-images/**/*.tar
-	rm -rf system-images/compat/target
 	rm -rf core/target
 	rm -rf core/startos/bindings
 	rm -rf web/.angular
@@ -98,17 +100,20 @@ test: | test-core test-sdk test-container-runtime
 test-core: $(CORE_SRC) $(ENVIRONMENT_FILE) 
 	./core/run-tests.sh
 
-test-sdk: $(shell git ls-files sdk) sdk/base/lib/osBindings/index.ts
+test-sdk: $(call ls-files, sdk) sdk/base/lib/osBindings/index.ts
 	cd sdk && make test
 
-test-container-runtime: container-runtime/node_modules/.package-lock.json $(shell git ls-files container-runtime/src) container-runtime/package.json container-runtime/tsconfig.json 
+test-container-runtime: container-runtime/node_modules/.package-lock.json $(call ls-files, container-runtime/src) container-runtime/package.json container-runtime/tsconfig.json 
 	cd container-runtime && npm test
 
 cli:
-	cd core && ./install-cli.sh
+	./core/install-cli.sh
 
 registry:
-	cd core && ./build-registrybox.sh
+	./core/build-registrybox.sh
+
+tunnel:
+	./core/build-tunnelbox.sh
 
 deb: results/$(BASENAME).deb
 
@@ -116,25 +121,27 @@ debian/control: build/lib/depends build/lib/conflicts
 	./debuild/control.sh
 
 results/$(BASENAME).deb: dpkg-build.sh $(DEBIAN_SRC) $(ALL_TARGETS)
-	PLATFORM=$(PLATFORM) ./dpkg-build.sh
+	PLATFORM=$(PLATFORM) REQUIRES=debian ./build/os-compat/run-compat.sh ./dpkg-build.sh
 
 $(IMAGE_TYPE): results/$(BASENAME).$(IMAGE_TYPE)
 
 squashfs: results/$(BASENAME).squashfs
 
 results/$(BASENAME).$(IMAGE_TYPE) results/$(BASENAME).squashfs: $(IMAGE_RECIPE_SRC) results/$(BASENAME).deb
-	./image-recipe/run-local-build.sh "results/$(BASENAME).deb"
+	REQUIRES=debian ./build/os-compat/run-compat.sh ./image-recipe/run-local-build.sh "results/$(BASENAME).deb"
 
 # For creating os images. DO NOT USE
 install: $(ALL_TARGETS) 
 	$(call mkdir,$(DESTDIR)/usr/bin)
 	$(call mkdir,$(DESTDIR)/usr/sbin)
-	$(call cp,core/target/$(ARCH)-unknown-linux-musl/release/startbox,$(DESTDIR)/usr/bin/startbox)
+	$(call cp,core/target/$(ARCH)-unknown-linux-musl/$(PROFILE)/startbox,$(DESTDIR)/usr/bin/startbox)
 	$(call ln,/usr/bin/startbox,$(DESTDIR)/usr/bin/startd)
 	$(call ln,/usr/bin/startbox,$(DESTDIR)/usr/bin/start-cli)
-	$(call ln,/usr/bin/startbox,$(DESTDIR)/usr/bin/start-sdk)
 	if [ "$(PLATFORM)" = "raspberrypi" ]; then $(call cp,cargo-deps/aarch64-unknown-linux-musl/release/pi-beep,$(DESTDIR)/usr/bin/pi-beep); fi
-	if /bin/bash -c '[[ "${ENVIRONMENT}" =~ (^|-)unstable($$|-) ]]'; then $(call cp,cargo-deps/$(ARCH)-unknown-linux-musl/release/tokio-console,$(DESTDIR)/usr/bin/tokio-console); fi
+	if /bin/bash -c '[[ "${ENVIRONMENT}" =~ (^|-)unstable($$|-) ]]'; then \
+		$(call cp,cargo-deps/$(ARCH)-unknown-linux-musl/release/tokio-console,$(DESTDIR)/usr/bin/tokio-console); \
+		$(call cp,cargo-deps/$(ARCH)-unknown-linux-musl/release/flamegraph,$(DESTDIR)/usr/bin/flamegraph); \
+	fi
 	$(call cp,cargo-deps/$(ARCH)-unknown-linux-musl/release/startos-backup-fs,$(DESTDIR)/usr/bin/startos-backup-fs)
 	$(call ln,/usr/bin/startos-backup-fs,$(DESTDIR)/usr/sbin/mount.backup-fs)
 	
@@ -152,10 +159,6 @@ install: $(ALL_TARGETS)
 	$(call cp,GIT_HASH.txt,$(DESTDIR)/usr/lib/startos/GIT_HASH.txt)
 	$(call cp,VERSION.txt,$(DESTDIR)/usr/lib/startos/VERSION.txt)
 
-	$(call mkdir,$(DESTDIR)/usr/lib/startos/system-images)
-	$(call cp,system-images/compat/docker-images/$(ARCH).tar,$(DESTDIR)/usr/lib/startos/system-images/compat.tar)
-	$(call cp,system-images/utils/docker-images/$(ARCH).tar,$(DESTDIR)/usr/lib/startos/system-images/utils.tar)
-	
 	$(call cp,firmware/$(PLATFORM),$(DESTDIR)/usr/lib/startos/firmware)
 
 update-overlay: $(ALL_TARGETS)
@@ -167,10 +170,10 @@ update-overlay: $(ALL_TARGETS)
 	$(MAKE) install REMOTE=$(REMOTE) SSHPASS=$(SSHPASS) PLATFORM=$(PLATFORM)
 	$(call ssh,"sudo systemctl start startd")
 
-wormhole: core/target/$(ARCH)-unknown-linux-musl/release/startbox
+wormhole: core/target/$(ARCH)-unknown-linux-musl/$(PROFILE)/startbox
 	@echo "Paste the following command into the shell of your StartOS server:"
 	@echo
-	@wormhole send core/target/$(ARCH)-unknown-linux-musl/release/startbox 2>&1 | awk -Winteractive '/wormhole receive/ { printf "sudo /usr/lib/startos/scripts/chroot-and-upgrade \"cd /usr/bin && rm startbox && wormhole receive --accept-file %s && chmod +x startbox\"\n", $$3 }'
+	@wormhole send core/target/$(ARCH)-unknown-linux-musl/$(PROFILE)/startbox 2>&1 | awk -Winteractive '/wormhole receive/ { printf "sudo /usr/lib/startos/scripts/chroot-and-upgrade \"cd /usr/bin && rm startbox && wormhole receive --accept-file %s && chmod +x startbox\"\n", $$3 }'
 
 wormhole-deb: results/$(BASENAME).deb
 	@echo "Paste the following command into the shell of your StartOS server:"
@@ -182,7 +185,7 @@ wormhole-squashfs: results/$(BASENAME).squashfs
 	$(eval SQFS_SIZE := $(shell du -s --bytes results/$(BASENAME).squashfs | awk '{print $$1}'))
 	@echo "Paste the following command into the shell of your StartOS server:"
 	@echo
-	@wormhole send results/$(BASENAME).squashfs 2>&1 | awk -Winteractive '/wormhole receive/ { printf "sudo sh -c '"'"'/usr/lib/startos/scripts/prune-images $(SQFS_SIZE) && cd /media/startos/images && wormhole receive --accept-file %s && mv $(BASENAME).squashfs $(SQFS_SUM).rootfs && ln -rsf ./$(SQFS_SUM).rootfs ../config/current.rootfs && sync && reboot'"'"'\n", $$3 }'
+	@wormhole send results/$(BASENAME).squashfs 2>&1 | awk -Winteractive '/wormhole receive/ { printf "sudo sh -c '"'"'/usr/lib/startos/scripts/prune-images $(SQFS_SIZE) && /usr/lib/startos/scripts/prune-boot && cd /media/startos/images && wormhole receive --accept-file %s && CHECKSUM=$(SQFS_SUM) /usr/lib/startos/scripts/use-img ./$(BASENAME).squashfs'"'"'\n", $$3 }'
 
 update: $(ALL_TARGETS)
 	@if [ -z "$(REMOTE)" ]; then >&2 echo "Must specify REMOTE" && false; fi
@@ -190,10 +193,10 @@ update: $(ALL_TARGETS)
 	$(MAKE) install REMOTE=$(REMOTE) SSHPASS=$(SSHPASS) DESTDIR=/media/startos/next PLATFORM=$(PLATFORM)
 	$(call ssh,'sudo /media/startos/next/usr/lib/startos/scripts/chroot-and-upgrade --no-sync "apt-get install -y $(shell cat ./build/lib/depends)"')
 
-update-startbox: core/target/$(ARCH)-unknown-linux-musl/release/startbox # only update binary (faster than full update)
+update-startbox: core/target/$(ARCH)-unknown-linux-musl/$(PROFILE)/startbox # only update binary (faster than full update)
 	@if [ -z "$(REMOTE)" ]; then >&2 echo "Must specify REMOTE" && false; fi
 	$(call ssh,'sudo /usr/lib/startos/scripts/chroot-and-upgrade --create')
-	$(call cp,core/target/$(ARCH)-unknown-linux-musl/release/startbox,/media/startos/next/usr/bin/startbox)
+	$(call cp,core/target/$(ARCH)-unknown-linux-musl/$(PROFILE)/startbox,/media/startos/next/usr/bin/startbox)
 	$(call ssh,'sudo /media/startos/next/usr/lib/startos/scripts/chroot-and-upgrade --no-sync true')
 
 update-deb: results/$(BASENAME).deb # better than update, but only available from debian
@@ -208,9 +211,9 @@ update-squashfs: results/$(BASENAME).squashfs
 	$(eval SQFS_SUM := $(shell b3sum results/$(BASENAME).squashfs))
 	$(eval SQFS_SIZE := $(shell du -s --bytes results/$(BASENAME).squashfs | awk '{print $$1}'))
 	$(call ssh,'/usr/lib/startos/scripts/prune-images $(SQFS_SIZE)')
-	$(call cp,results/$(BASENAME).squashfs,/media/startos/images/$(SQFS_SUM).rootfs)
-	$(call ssh,'sudo ln -rsf /media/startos/images/$(SQFS_SUM).rootfs /media/startos/config/current.rootfs')
-	$(call ssh,'sudo reboot')
+	$(call ssh,'/usr/lib/startos/scripts/prune-boot')
+	$(call cp,results/$(BASENAME).squashfs,/media/startos/images/next.rootfs)
+	$(call ssh,'sudo CHECKSUM=$(SQFS_SUM) /usr/lib/startos/scripts/use-img /media/startos/images/next.rootfs')
 
 emulate-reflash: $(ALL_TARGETS)
 	@if [ -z "$(REMOTE)" ]; then >&2 echo "Must specify REMOTE" && false; fi
@@ -222,10 +225,14 @@ emulate-reflash: $(ALL_TARGETS)
 upload-ota: results/$(BASENAME).squashfs
 	TARGET=$(TARGET) KEY=$(KEY) ./upload-ota.sh
 
-container-runtime/debian.$(ARCH).squashfs:
+container-runtime/debian.$(ARCH).squashfs: ./container-runtime/download-base-image.sh
 	ARCH=$(ARCH) ./container-runtime/download-base-image.sh
 
-container-runtime/node_modules/.package-lock.json: container-runtime/package.json container-runtime/package-lock.json sdk/dist/package.json
+container-runtime/package-lock.json: sdk/dist/package.json
+	npm --prefix container-runtime i
+	touch container-runtime/package-lock.json
+
+container-runtime/node_modules/.package-lock.json: container-runtime/package-lock.json
 	npm --prefix container-runtime ci
 	touch container-runtime/node_modules/.package-lock.json
 
@@ -234,28 +241,28 @@ sdk/base/lib/osBindings/index.ts: $(shell if [ "$(REBUILD_TYPES)" -ne 0 ]; then
 	rsync -ac --delete core/startos/bindings/ sdk/base/lib/osBindings/
 	touch sdk/base/lib/osBindings/index.ts
 
-core/startos/bindings/index.ts: $(shell git ls-files core) $(ENVIRONMENT_FILE)
+core/startos/bindings/index.ts: $(call ls-files, core) $(ENVIRONMENT_FILE)
 	rm -rf core/startos/bindings
 	./core/build-ts.sh
 	ls core/startos/bindings/*.ts | sed 's/core\/startos\/bindings\/\([^.]*\)\.ts/export { \1 } from ".\/\1";/g' | grep -v '"./index"' | tee core/startos/bindings/index.ts
 	npm --prefix sdk exec -- prettier --config ./sdk/base/package.json -w ./core/startos/bindings/*.ts
 	touch core/startos/bindings/index.ts
 
-sdk/dist/package.json sdk/baseDist/package.json: $(shell git ls-files sdk) sdk/base/lib/osBindings/index.ts
+sdk/dist/package.json sdk/baseDist/package.json: $(call ls-files, sdk) sdk/base/lib/osBindings/index.ts
 	(cd sdk && make bundle)
 	touch sdk/dist/package.json
 	touch sdk/baseDist/package.json
 
 # TODO: make container-runtime its own makefile?
-container-runtime/dist/index.js: container-runtime/node_modules/.package-lock.json $(shell git ls-files container-runtime/src) container-runtime/package.json container-runtime/tsconfig.json 
+container-runtime/dist/index.js: container-runtime/node_modules/.package-lock.json $(call ls-files, container-runtime/src) container-runtime/package.json container-runtime/tsconfig.json 
 	npm --prefix container-runtime run build
 
 container-runtime/dist/node_modules/.package-lock.json container-runtime/dist/package.json container-runtime/dist/package-lock.json: container-runtime/package.json container-runtime/package-lock.json sdk/dist/package.json container-runtime/install-dist-deps.sh
 	./container-runtime/install-dist-deps.sh
 	touch container-runtime/dist/node_modules/.package-lock.json
 
-container-runtime/rootfs.$(ARCH).squashfs: container-runtime/debian.$(ARCH).squashfs container-runtime/container-runtime.service container-runtime/update-image.sh container-runtime/deb-install.sh container-runtime/dist/index.js container-runtime/dist/node_modules/.package-lock.json core/target/$(ARCH)-unknown-linux-musl/release/containerbox | sudo
-	ARCH=$(ARCH) ./container-runtime/update-image.sh
+container-runtime/rootfs.$(ARCH).squashfs: container-runtime/debian.$(ARCH).squashfs container-runtime/container-runtime.service container-runtime/update-image.sh container-runtime/deb-install.sh container-runtime/dist/index.js container-runtime/dist/node_modules/.package-lock.json core/target/$(ARCH)-unknown-linux-musl/release/containerbox
+	ARCH=$(ARCH) REQUIRES=linux ./build/os-compat/run-compat.sh ./container-runtime/update-image.sh
 
 build/lib/depends build/lib/conflicts: build/dpkg-deps/*
 	build/dpkg-deps/generate.sh
@@ -263,24 +270,19 @@ build/lib/depends build/lib/conflicts: build/dpkg-deps/*
 $(FIRMWARE_ROMS): build/lib/firmware.json download-firmware.sh $(PLATFORM_FILE)
 	./download-firmware.sh $(PLATFORM)
 
-system-images/compat/docker-images/$(ARCH).tar: $(COMPAT_SRC)
-	cd system-images/compat && make docker-images/$(ARCH).tar && touch docker-images/$(ARCH).tar
-
-system-images/utils/docker-images/$(ARCH).tar: $(UTILS_SRC)
-	cd system-images/utils && make docker-images/$(ARCH).tar && touch docker-images/$(ARCH).tar
-
-system-images/binfmt/docker-images/$(ARCH).tar: $(BINFMT_SRC)
-	cd system-images/binfmt && make docker-images/$(ARCH).tar && touch docker-images/$(ARCH).tar
-
-core/target/$(ARCH)-unknown-linux-musl/release/startbox: $(CORE_SRC) $(COMPRESSED_WEB_UIS) web/patchdb-ui-seed.json $(ENVIRONMENT_FILE)
-	ARCH=$(ARCH) ./core/build-startbox.sh
-	touch core/target/$(ARCH)-unknown-linux-musl/release/startbox
+core/target/$(ARCH)-unknown-linux-musl/$(PROFILE)/startbox: $(CORE_SRC) $(COMPRESSED_WEB_UIS) web/patchdb-ui-seed.json $(ENVIRONMENT_FILE)
+	ARCH=$(ARCH) PROFILE=$(PROFILE) ./core/build-startbox.sh
+	touch core/target/$(ARCH)-unknown-linux-musl/$(PROFILE)/startbox
 
 core/target/$(ARCH)-unknown-linux-musl/release/containerbox: $(CORE_SRC) $(ENVIRONMENT_FILE)
 	ARCH=$(ARCH) ./core/build-containerbox.sh
 	touch core/target/$(ARCH)-unknown-linux-musl/release/containerbox
 
-web/node_modules/.package-lock.json: web/package.json sdk/baseDist/package.json
+web/package-lock.json: web/package.json sdk/baseDist/package.json
+	npm --prefix web i
+	touch web/package-lock.json
+
+web/node_modules/.package-lock.json: web/package-lock.json
 	npm --prefix web ci
 	touch web/node_modules/.package-lock.json
 
@@ -298,7 +300,7 @@ web/dist/raw/setup-wizard/index.html: $(WEB_SETUP_WIZARD_SRC) $(WEB_SHARED_SRC)
 	touch web/dist/raw/setup-wizard/index.html
 
 web/dist/raw/install-wizard/index.html: $(WEB_INSTALL_WIZARD_SRC) $(WEB_SHARED_SRC) web/.angular/.updated
-	npm --prefix web run build:install-wiz
+	npm --prefix web run build:install
 	touch web/dist/raw/install-wizard/index.html
 
 $(COMPRESSED_WEB_UIS): $(WEB_UIS) $(ENVIRONMENT_FILE)
@@ -334,3 +336,6 @@ cargo-deps/$(ARCH)-unknown-linux-musl/release/tokio-console:
 
 cargo-deps/$(ARCH)-unknown-linux-musl/release/startos-backup-fs:
 	ARCH=$(ARCH) PREINSTALL="apk add fuse3 fuse3-dev fuse3-static musl-dev pkgconfig" ./build-cargo-dep.sh --git https://github.com/Start9Labs/start-fs.git startos-backup-fs
+
+cargo-deps/$(ARCH)-unknown-linux-musl/release/flamegraph:
+	ARCH=$(ARCH) PREINSTALL="apk add musl-dev pkgconfig" ./build-cargo-dep.sh flamegraph

README.md

@@ -13,9 +13,6 @@
   <a href="https://twitter.com/start9labs">
     <img alt="X (formerly Twitter) Follow" src="https://img.shields.io/twitter/follow/start9labs">
   </a>
-  <a href="https://mastodon.start9labs.com">
-    <img src="https://img.shields.io/mastodon/follow/000000001?domain=https%3A%2F%2Fmastodon.start9labs.com&label=Follow&style=social">
-  </a>
   <a href="https://matrix.to/#/#community:matrix.start9labs.com">
     <img alt="Static Badge" src="https://img.shields.io/badge/community-matrix-yellow?logo=matrix">
   </a>

build/dpkg-deps/depends

@@ -36,6 +36,7 @@ man-db
 ncdu
 net-tools
 network-manager
+nfs-common
 nvme-cli
 nyx
 openssh-server
@@ -43,6 +44,7 @@ podman
 postgresql
 psmisc
 qemu-guest-agent
+rfkill
 rsync
 samba-common-bin
 smartmontools

build/dpkg-deps/generate.sh

@@ -8,8 +8,8 @@ IFS="-" read -ra FEATURES <<< "$ENVIRONMENT"
 
 feature_file_checker='
 /^#/ { next }
-/^\+ [a-z0-9]+$/ { next }
-/^- [a-z0-9]+$/ { next }
+/^\+ [a-z0-9-]+$/ { next }
+/^- [a-z0-9-]+$/ { next }
 { exit 1 }
 '
 

build/dpkg-deps/unstable.depends

@@ -1,2 +1,3 @@
 + gdb
-+ heaptrack
++ heaptrack
++ linux-perf

build/lib/scripts/check-monitor

@@ -1,8 +0,0 @@
-#!/bin/sh
-
-
-if cat /sys/class/drm/*/status | grep -qw connected; then
-    exit 0
-else
-    exit 1
-fi

build/lib/scripts/chroot-and-upgrade

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-SOURCE_DIR="$(dirname "${BASH_SOURCE[0]}")"
+SOURCE_DIR="$(dirname $(realpath "${BASH_SOURCE[0]}"))"
 
 if [ "$UID" -ne 0 ]; then
     >&2 echo 'Must be run as root'

build/lib/scripts/enable-kiosk

@@ -27,7 +27,6 @@ user_pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false);
 user_pref("browser.newtabpage.activity-stream.feeds.asrouterfeed", false);
 user_pref("browser.newtabpage.activity-stream.feeds.topsites", false);
 user_pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false);
-user_pref("browser.onboarding.enabled", false);
 user_pref("browser.ping-centre.telemetry", false);
 user_pref("browser.pocket.enabled",	false);
 user_pref("browser.safebrowsing.blockedURIs.enabled", false);
@@ -43,7 +42,7 @@ user_pref("browser.startup.homepage_override.mstone", "ignore");
 user_pref("browser.theme.content-theme", 0);
 user_pref("browser.theme.toolbar-theme", 0);
 user_pref("browser.urlbar.groupLabels.enabled", false);
-user_pref("browser.urlbar.suggest.searches" false);
+user_pref("browser.urlbar.suggest.searches", false);
 user_pref("datareporting.policy.firstRunURL", "");
 user_pref("datareporting.healthreport.service.enabled", false);
 user_pref("datareporting.healthreport.uploadEnabled", false);
@@ -52,10 +51,9 @@ user_pref("dom.securecontext.allowlist_onions", true);
 user_pref("dom.securecontext.whitelist_onions", true);
 user_pref("experiments.enabled", false);
 user_pref("experiments.activeExperiment", false);
-user_pref("experiments.supported", false);
 user_pref("extensions.activeThemeID", "firefox-compact-dark@mozilla.org");
 user_pref("extensions.blocklist.enabled", false);
-user_pref("extensions.getAddons.cache.enabled", false);
+user_pref("extensions.htmlaboutaddons.recommendations.enabled", false);
 user_pref("extensions.pocket.enabled", false);
 user_pref("extensions.update.enabled", false);
 user_pref("extensions.shield-recipe-client.enabled", false);
@@ -69,6 +67,10 @@ user_pref("network.connectivity-service.enabled", false);
 user_pref("network.proxy.autoconfig_url", "file:///usr/lib/startos/proxy.pac");
 user_pref("network.proxy.socks_remote_dns", true);
 user_pref("network.proxy.type", 2);
+user_pref("privacy.resistFingerprinting", true);
+//Enable letterboxing if we want the window size sent to the server to snap to common resolutions:
+//user_pref("privacy.resistFingerprinting.letterboxing", true);
+user_pref("privacy.trackingprotection.enabled", true);
 user_pref("signon.rememberSignons", false);
 user_pref("toolkit.telemetry.archive.enabled", false);
 user_pref("toolkit.telemetry.bhrPing.enabled", false);
@@ -81,6 +83,17 @@ user_pref("toolkit.telemetry.shutdownPingSender.enabled", false);
 user_pref("toolkit.telemetry.unified", false);
 user_pref("toolkit.telemetry.updatePing.enabled", false);
 user_pref("toolkit.telemetry.cachedClientID", "");
+//Blocking automatic Mozilla CDN server requests
+user_pref("extensions.getAddons.showPane", false);
+user_pref("extensions.getAddons.cache.enabled", false);
+//user_pref("services.settings.server", ""); // Remote settings server (HSTS preload updates and Cerfiticate Revocation Lists are fetched)
+user_pref("browser.aboutHomeSnippets.updateUrl", "");
+user_pref("browser.newtabpage.activity-stream.feeds.snippets", false);
+user_pref("browser.newtabpage.activity-stream.feeds.section.topstories", false);
+user_pref("browser.newtabpage.activity-stream.feeds.system.topstories", false);
+user_pref("browser.newtabpage.activity-stream.feeds.discoverystreamfeed", false);
+user_pref("browser.safebrowsing.provider.mozilla.updateURL", "");
+user_pref("browser.safebrowsing.provider.mozilla.gethashURL", "");
 EOF
 
 ln -sf /usr/lib/$(uname -m)-linux-gnu/pkcs11/p11-kit-trust.so /usr/lib/firefox-esr/libnssckbi.so
@@ -91,15 +104,6 @@ cat > /home/kiosk/kiosk.sh << 'EOF'
 while ! curl "http://localhost" > /dev/null; do
     sleep 1
 done
-while ! /usr/lib/startos/scripts/check-monitor; do
-    sleep 15
-done
-(
-    while /usr/lib/startos/scripts/check-monitor; do
-        sleep 15
-    done
-    killall firefox-esr
-) &
 matchbox-window-manager -use_titlebar no &
 cp -r /home/kiosk/fx-profile /home/kiosk/fx-profile-tmp
 firefox-esr http://localhost --profile /home/kiosk/fx-profile-tmp

build/lib/scripts/forward-port

@@ -0,0 +1,26 @@
+#!/bin/bash
+
+if [ -z "$iiface" ] || [ -z "$oiface" ] || [ -z "$sip" ] || [ -z "$dip" ] || [ -z "$sport" ] || [ -z "$dport" ]; then
+    >&2 echo 'missing required env var'
+    exit 1
+fi
+
+kind="-A"
+
+if [ "$UNDO" = 1 ]; then
+    kind="-D"
+fi
+
+iptables -t nat "$kind" POSTROUTING -o $iiface -j MASQUERADE
+iptables -t nat "$kind" PREROUTING -i $iiface -p tcp --dport $sport -j DNAT --to-destination $dip:$dport
+iptables -t nat "$kind" PREROUTING -i $iiface -p udp --dport $sport -j DNAT --to-destination $dip:$dport
+iptables -t nat "$kind" PREROUTING -i $oiface -s $dip/24 -d $sip -p tcp --dport $sport -j DNAT --to-destination $dip:$dport
+iptables -t nat "$kind" PREROUTING -i $oiface -s $dip/24 -d $sip -p udp --dport $sport -j DNAT --to-destination $dip:$dport
+iptables -t nat "$kind" POSTROUTING -o $oiface -s $dip/24 -d $dip/32 -p tcp --dport $dport -j SNAT --to-source $sip:$sport
+iptables -t nat "$kind" POSTROUTING -o $oiface -s $dip/24 -d $dip/32 -p udp --dport $dport -j SNAT --to-source $sip:$sport
+
+
+iptables -t nat "$kind" PREROUTING -i $iiface -s $sip/32 -d $sip -p tcp --dport $sport -j DNAT --to-destination $dip:$dport
+iptables -t nat "$kind" PREROUTING -i $iiface -s $sip/32 -d $sip -p udp --dport $sport -j DNAT --to-destination $dip:$dport
+iptables -t nat "$kind" POSTROUTING -o $oiface -s $sip/32 -d $dip/32 -p tcp --dport $dport -j SNAT --to-source $sip:$sport
+iptables -t nat "$kind" POSTROUTING -o $oiface -s $sip/32 -d $dip/32 -p udp --dport $dport -j SNAT --to-source $sip:$sport

build/lib/scripts/prune-boot

@@ -0,0 +1,35 @@
+#!/bin/bash
+
+set -e
+
+if [ "$UID" -ne 0 ]; then
+    >&2 echo 'Must be run as root'
+    exit 1
+fi
+
+# Get the current kernel version
+current_kernel=$(uname -r)
+
+echo "Current kernel: $current_kernel"
+echo "Searching for old kernel files in /boot..."
+
+# Extract base kernel version (without possible suffixes)
+current_base=$(echo "$current_kernel" | sed 's/-.*//')
+
+cd /boot || { echo "/boot directory not found!"; exit 1; }
+
+for file in vmlinuz-* initrd.img-* System.map-* config-*; do
+    # Extract version from filename
+    version=$(echo "$file" | sed -E 's/^[^0-9]*([0-9][^ ]*).*/\1/')
+    # Skip if file matches current kernel version
+    if [[ "$file" == *"$current_kernel"* ]]; then
+        continue
+    fi
+    # Compare versions, delete if less than current
+    if dpkg --compare-versions "$version" lt "$current_kernel"; then
+        echo "Deleting $file (version $version is older than $current_kernel)"
+        sudo rm -f "$file"
+    fi
+done
+
+echo "Old kernel files deleted."

build/lib/scripts/use-img

@@ -0,0 +1,61 @@
+#!/bin/bash
+
+set -e
+
+if [ "$UID" -ne 0 ]; then
+    >&2 echo 'Must be run as root'
+    exit 1
+fi
+
+if [ -z "$1" ]; then
+    >&2 echo "usage: $0 <SQUASHFS>"
+    exit 1
+fi
+
+VERSION=$(unsquashfs -cat $1 /usr/lib/startos/VERSION.txt)
+GIT_HASH=$(unsquashfs -cat $1 /usr/lib/startos/GIT_HASH.txt)
+B3SUM=$(b3sum $1 | head -c 32)
+
+if [ -n "$CHECKSUM" ] && [ "$CHECKSUM" != "$B3SUM" ]; then
+    >&2 echo "CHECKSUM MISMATCH"
+    exit 2
+fi
+
+mv $1 /media/startos/images/${B3SUM}.rootfs
+ln -rsf /media/startos/images/${B3SUM}.rootfs /media/startos/config/current.rootfs
+
+unsquashfs -n -f -d / /media/startos/images/${B3SUM}.rootfs boot
+
+umount -R /media/startos/next 2> /dev/null || true
+umount -R /media/startos/lower 2> /dev/null || true
+umount -R /media/startos/upper 2> /dev/null || true
+
+rm -rf /media/startos/lower /media/startos/upper /media/startos/next
+mkdir /media/startos/upper
+mount -t tmpfs tmpfs /media/startos/upper
+mkdir -p /media/startos/lower /media/startos/upper/data /media/startos/upper/work /media/startos/next
+mount /media/startos/images/${B3SUM}.rootfs /media/startos/lower
+mount -t overlay \
+  -olowerdir=/media/startos/lower,upperdir=/media/startos/upper/data,workdir=/media/startos/upper/work \
+  overlay /media/startos/next
+mkdir -p /media/startos/next/media/startos/root
+mount --bind /media/startos/root /media/startos/next/media/startos/root
+mkdir -p /media/startos/next/dev
+mkdir -p /media/startos/next/sys
+mkdir -p /media/startos/next/proc
+mkdir -p /media/startos/next/boot
+mount --bind /dev /media/startos/next/dev
+mount --bind /sys /media/startos/next/sys
+mount --bind /proc /media/startos/next/proc
+mount --bind /boot /media/startos/next/boot
+
+chroot /media/startos/next update-grub2
+
+umount -R /media/startos/next
+umount -R /media/startos/upper
+umount -R /media/startos/lower
+rm -rf /media/startos/lower /media/startos/upper /media/startos/next
+
+sync
+
+reboot

build/os-compat/buildenv.Dockerfile

@@ -0,0 +1,56 @@
+FROM debian:bookworm
+
+RUN apt-get update && \
+    apt-get install -y \
+    ca-certificates \
+    curl \
+    gpg \
+    build-essential \
+    sed \
+    grep \
+    gawk \
+    jq \
+    gzip \
+    brotli \
+    qemu-user-static \
+    binfmt-support \
+    squashfs-tools \
+    git \
+    debspawn \
+    rsync \
+    b3sum \
+    fuse-overlayfs \
+    sudo \
+    systemd \
+    systemd-container \
+    systemd-sysv \
+    dbus \
+    dbus-user-session
+
+RUN systemctl mask \
+    systemd-firstboot.service \
+    systemd-udevd.service \
+    getty@tty1.service \
+    console-getty.service
+
+RUN git config --global --add safe.directory /root/start-os
+
+RUN mkdir -p /etc/debspawn && \
+    echo "AllowUnsafePermissions=true" > /etc/debspawn/global.toml
+
+ENV NVM_DIR=~/.nvm
+ENV NODE_VERSION=22
+RUN mkdir -p $NVM_DIR && \
+    curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/master/install.sh | bash && \
+    . $NVM_DIR/nvm.sh \
+    nvm install $NODE_VERSION && \
+    nvm use $NODE_VERSION && \
+    nvm alias default $NODE_VERSION && \
+    ln -s $(which node) /usr/bin/node && \
+    ln -s $(which npm) /usr/bin/npm
+
+RUN mkdir -p /root/start-os
+WORKDIR /root/start-os
+
+COPY docker-entrypoint.sh /docker-entrypoint.sh
+ENTRYPOINT [ "/docker-entrypoint.sh" ]

build/os-compat/docker-entrypoint.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+exec /lib/systemd/systemd --unit=multi-user.target --show-status=false --log-target=journal

build/os-compat/run-compat.sh

@@ -0,0 +1,27 @@
+#!/bin/bash
+
+if [ "$FORCE_COMPAT" = 1 ] || ( [ "$REQUIRES" = "linux" ] && [ "$(uname -s)" != "Linux" ] ) || ( [ "$REQUIRES" = "debian" ] && ! which dpkg > /dev/null ); then
+    project_pwd="$(cd "$(dirname "${BASH_SOURCE[0]}")"/../.. && pwd)/"
+    pwd="$(pwd)/"
+    if ! [[ "$pwd" = "$project_pwd"* ]]; then
+        >&2 echo "Must be run from start-os project dir"
+        exit 1
+    fi
+    rel_pwd="${pwd#"$project_pwd"}"
+
+    SYSTEMD_TTY="-P"
+    USE_TTY=
+    if tty -s; then
+        USE_TTY="-it"
+        SYSTEMD_TTY="-t"
+    fi
+
+    docker run -d --rm --name os-compat --privileged --security-opt apparmor=unconfined -v "${project_pwd}:/root/start-os" -v /lib/modules:/lib/modules:ro start9/build-env
+    while ! docker exec os-compat systemctl is-active --quiet multi-user.target 2> /dev/null; do sleep .5; done
+    docker exec -eARCH -eENVIRONMENT -ePLATFORM -eGIT_BRANCH_AS_HASH $USE_TTY -w "/root/start-os${rel_pwd}" os-compat $@
+    code=$?
+    docker stop os-compat
+    exit $code
+else 
+    exec $@
+fi

check-git-hash.sh

@@ -7,6 +7,7 @@ else
 fi
 
 if ! [ -f ./GIT_HASH.txt ] || [ "$(cat ./GIT_HASH.txt)" != "$GIT_HASH" ]; then
+    >&2 echo Git hash changed from "$([ -f ./GIT_HASH.txt ] && cat ./GIT_HASH.txt)" to "$GIT_HASH"
     echo -n "$GIT_HASH" > ./GIT_HASH.txt
 fi
 

container-runtime/container-runtime-failure.service

@@ -0,0 +1,6 @@
+[Unit]
+Description=StartOS Container Runtime Failure Handler
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/start-container rebuild

container-runtime/container-runtime.service

@@ -1,11 +1,11 @@
 [Unit]
 Description=StartOS Container Runtime
+OnFailure=container-runtime-failure.service
 
 [Service]
 Type=simple
-ExecStart=/usr/bin/node --experimental-detect-module --unhandled-rejections=warn /usr/lib/startos/init/index.js
-Restart=always
-RestartSec=3
+ExecStart=/usr/bin/node --experimental-detect-module --trace-warnings --unhandled-rejections=warn /usr/lib/startos/init/index.js
+Restart=no
 
 [Install]
 WantedBy=multi-user.target

container-runtime/deb-install.sh

@@ -10,7 +10,7 @@ apt-get install -y curl rsync qemu-user-static
 
 curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash
 source ~/.bashrc
-nvm install 20
+nvm install 22
 ln -s $(which node) /usr/bin/node
 
 sed -i '/\(^\|#\)Storage=/c\Storage=persistent' /etc/systemd/journald.conf

container-runtime/download-base-image.sh

@@ -1,7 +1,5 @@
 #!/bin/bash
-
 cd "$(dirname "${BASH_SOURCE[0]}")"
-
 set -e
 
 DISTRO=debian
@@ -16,8 +14,9 @@ elif [ "$_ARCH" = "aarch64" ]; then
     _ARCH=arm64
 fi
 
-URL="https://images.linuxcontainers.org/$(curl -fsSL https://images.linuxcontainers.org/meta/1.0/index-system | grep "^$DISTRO;$VERSION;$_ARCH;$FLAVOR;" | head -n1 | sed 's/^.*;//g')/rootfs.squashfs"
+BASE_URL="https://images.linuxcontainers.org$(curl -fsSL https://images.linuxcontainers.org/meta/1.0/index-system | grep "^$DISTRO;$VERSION;$_ARCH;$FLAVOR;" | head -n1 | sed 's/^.*;//g')"
+OUTPUT_FILE="debian.${ARCH}.squashfs"
 
-echo "Downloading $URL to debian.${ARCH}.squashfs"
-
-curl -fsSL "$URL" > debian.${ARCH}.squashfs
+echo "Downloading ${BASE_URL}/rootfs.squashfs to $OUTPUT_FILE"
+curl -fsSL "${BASE_URL}/rootfs.squashfs" > "$OUTPUT_FILE"
+curl -fsSL "$BASE_URL/SHA256SUMS" | grep 'rootfs\.squashfs' | awk '{print $1"  '"$OUTPUT_FILE"'"}' | shasum -a 256 -c

container-runtime/package.json

@@ -26,8 +26,9 @@
     "isomorphic-fetch": "^3.0.0",
     "jsonpath": "^1.1.1",
     "lodash.merge": "^4.6.2",
+    "mime": "^4.0.7",
     "node-fetch": "^3.1.0",
-    "ts-matches": "^5.5.1",
+    "ts-matches": "^6.3.2",
     "tslib": "^2.5.3",
     "typescript": "^5.1.3",
     "yaml": "^2.3.1"

container-runtime/src/Adapters/EffectCreator.ts

@@ -1,4 +1,9 @@
-import { types as T, utils } from "@start9labs/start-sdk"
+import {
+  ExtendedVersion,
+  types as T,
+  utils,
+  VersionRange,
+} from "@start9labs/start-sdk"
 import * as net from "net"
 import { object, string, number, literals, some, unknown } from "ts-matches"
 import { Effects } from "../Models/Effects"
@@ -6,23 +11,19 @@ import { Effects } from "../Models/Effects"
 import { CallbackHolder } from "../Models/CallbackHolder"
 import { asError } from "@start9labs/start-sdk/base/lib/util"
 const matchRpcError = object({
-  error: object(
-    {
-      code: number,
-      message: string,
-      data: some(
-        string,
-        object(
-          {
-            details: string,
-            debug: string,
-          },
-          ["debug"],
-        ),
-      ),
-    },
-    ["data"],
-  ),
+  error: object({
+    code: number,
+    message: string,
+    data: some(
+      string,
+      object({
+        details: string,
+        debug: string.nullable().optional(),
+      }),
+    )
+      .nullable()
+      .optional(),
+  }),
 })
 const testRpcError = matchRpcError.test
 const testRpcResult = object({
@@ -34,13 +35,13 @@ const SOCKET_PATH = "/media/startos/rpc/host.sock"
 let hostSystemId = 0
 
 export type EffectContext = {
-  procedureId: string | null
+  eventId: string | null
   callbacks?: CallbackHolder
   constRetry?: () => void
 }
 
 const rpcRoundFor =
-  (procedureId: string | null) =>
+  (eventId: string | null) =>
   <K extends T.EffectMethod | "clearCallbacks">(
     method: K,
     params: Record<string, unknown>,
@@ -51,7 +52,7 @@ const rpcRoundFor =
         JSON.stringify({
           id,
           method,
-          params: { ...params, procedureId: procedureId || undefined },
+          params: { ...params, eventId: eventId ?? undefined },
         }) + "\n",
       )
     })
@@ -102,9 +103,21 @@ const rpcRoundFor =
   }
 
 export function makeEffects(context: EffectContext): Effects {
-  const rpcRound = rpcRoundFor(context.procedureId)
+  const rpcRound = rpcRoundFor(context.eventId)
   const self: Effects = {
+    eventId: context.eventId,
+    child: (name) =>
+      makeEffects({ ...context, callbacks: context.callbacks?.child(name) }),
     constRetry: context.constRetry,
+    isInContext: !!context.callbacks,
+    onLeaveContext:
+      context.callbacks?.onLeaveContext?.bind(context.callbacks) ||
+      (() => {
+        console.warn(
+          "no context for this effects object",
+          new Error().stack?.replace(/^Error/, ""),
+        )
+      }),
     clearCallbacks(...[options]: Parameters<T.Effects["clearCallbacks"]>) {
       return rpcRound("clear-callbacks", {
         ...options,
@@ -126,22 +139,20 @@ export function makeEffects(context: EffectContext): Effects {
           ...options,
         }) as ReturnType<T.Effects["action"]["getInput"]>
       },
-      request(...[options]: Parameters<T.Effects["action"]["request"]>) {
-        return rpcRound("action.request", {
+      createTask(...[options]: Parameters<T.Effects["action"]["createTask"]>) {
+        return rpcRound("action.create-task", {
           ...options,
-        }) as ReturnType<T.Effects["action"]["request"]>
+        }) as ReturnType<T.Effects["action"]["createTask"]>
       },
       run(...[options]: Parameters<T.Effects["action"]["run"]>) {
         return rpcRound("action.run", {
           ...options,
         }) as ReturnType<T.Effects["action"]["run"]>
       },
-      clearRequests(
-        ...[options]: Parameters<T.Effects["action"]["clearRequests"]>
-      ) {
-        return rpcRound("action.clear-requests", {
+      clearTasks(...[options]: Parameters<T.Effects["action"]["clearTasks"]>) {
+        return rpcRound("action.clear-tasks", {
           ...options,
-        }) as ReturnType<T.Effects["action"]["clearRequests"]>
+        }) as ReturnType<T.Effects["action"]["clearTasks"]>
       },
     },
     bind(...[options]: Parameters<T.Effects["bind"]>) {
@@ -186,13 +197,6 @@ export function makeEffects(context: EffectContext): Effects {
         T.Effects["exportServiceInterface"]
       >
     }) as Effects["exportServiceInterface"],
-    exposeForDependents(
-      ...[options]: Parameters<T.Effects["exposeForDependents"]>
-    ) {
-      return rpcRound("expose-for-dependents", options) as ReturnType<
-        T.Effects["exposeForDependents"]
-      >
-    },
     getContainerIp(...[options]: Parameters<T.Effects["getContainerIp"]>) {
       return rpcRound("get-container-ip", options) as ReturnType<
         T.Effects["getContainerIp"]
@@ -254,6 +258,7 @@ export function makeEffects(context: EffectContext): Effects {
       return rpcRound("mount", options) as ReturnType<T.Effects["mount"]>
     },
     restart(...[]: Parameters<T.Effects["restart"]>) {
+      console.log("Restarting service...")
       return rpcRound("restart", {}) as ReturnType<T.Effects["restart"]>
     },
     setDependencies(
@@ -293,15 +298,6 @@ export function makeEffects(context: EffectContext): Effects {
     shutdown(...[]: Parameters<T.Effects["shutdown"]>) {
       return rpcRound("shutdown", {}) as ReturnType<T.Effects["shutdown"]>
     },
-    store: {
-      get: async (options: any) =>
-        rpcRound("store.get", {
-          ...options,
-          callback: context.callbacks?.addCallback(options.callback) || null,
-        }) as any,
-      set: async (options: any) =>
-        rpcRound("store.set", options) as ReturnType<T.Effects["store"]["set"]>,
-    } as T.Effects["store"],
     getDataVersion() {
       return rpcRound("get-data-version", {}) as ReturnType<
         T.Effects["getDataVersion"]
@@ -313,5 +309,15 @@ export function makeEffects(context: EffectContext): Effects {
       >
     },
   }
+  if (context.callbacks?.onLeaveContext)
+    self.onLeaveContext(() => {
+      self.isInContext = false
+      self.onLeaveContext = () => {
+        console.warn(
+          "this effects object is already out of context",
+          new Error().stack?.replace(/^Error/, ""),
+        )
+      }
+    })
   return self
 }

container-runtime/src/Adapters/RpcListener.ts

@@ -12,9 +12,15 @@ import {
   any,
   shape,
   anyOf,
+  literals,
 } from "ts-matches"
 
-import { types as T, utils } from "@start9labs/start-sdk"
+import {
+  ExtendedVersion,
+  types as T,
+  utils,
+  VersionRange,
+} from "@start9labs/start-sdk"
 import * as fs from "fs"
 
 import { CallbackHolder } from "../Models/CallbackHolder"
@@ -26,20 +32,16 @@ type MaybePromise<T> = T | Promise<T>
 export const matchRpcResult = anyOf(
   object({ result: any }),
   object({
-    error: object(
-      {
-        code: number,
-        message: string,
-        data: object(
-          {
-            details: string,
-            debug: any,
-          },
-          ["details", "debug"],
-        ),
-      },
-      ["data"],
-    ),
+    error: object({
+      code: number,
+      message: string,
+      data: object({
+        details: string.optional(),
+        debug: any.optional(),
+      })
+        .nullable()
+        .optional(),
+    }),
   }),
 )
 
@@ -54,38 +56,26 @@ const isResult = object({ result: any }).test
 
 const idType = some(string, number, literal(null))
 type IdType = null | string | number | undefined
-const runType = object(
-  {
-    id: idType,
-    method: literal("execute"),
-    params: object(
-      {
-        id: string,
-        procedure: string,
-        input: any,
-        timeout: number,
-      },
-      ["timeout"],
-    ),
-  },
-  ["id"],
-)
-const sandboxRunType = object(
-  {
-    id: idType,
-    method: literal("sandbox"),
-    params: object(
-      {
-        id: string,
-        procedure: string,
-        input: any,
-        timeout: number,
-      },
-      ["timeout"],
-    ),
-  },
-  ["id"],
-)
+const runType = object({
+  id: idType.optional(),
+  method: literal("execute"),
+  params: object({
+    id: string,
+    procedure: string,
+    input: any,
+    timeout: number.nullable().optional(),
+  }),
+})
+const sandboxRunType = object({
+  id: idType.optional(),
+  method: literal("sandbox"),
+  params: object({
+    id: string,
+    procedure: string,
+    input: any,
+    timeout: number.nullable().optional(),
+  }),
+})
 const callbackType = object({
   method: literal("callback"),
   params: object({
@@ -93,44 +83,37 @@ const callbackType = object({
     args: array,
   }),
 })
-const initType = object(
-  {
-    id: idType,
-    method: literal("init"),
-  },
-  ["id"],
-)
-const startType = object(
-  {
-    id: idType,
-    method: literal("start"),
-  },
-  ["id"],
-)
-const stopType = object(
-  {
-    id: idType,
-    method: literal("stop"),
-  },
-  ["id"],
-)
-const exitType = object(
-  {
-    id: idType,
-    method: literal("exit"),
-  },
-  ["id"],
-)
-const evalType = object(
-  {
-    id: idType,
-    method: literal("eval"),
-    params: object({
-      script: string,
-    }),
-  },
-  ["id"],
-)
+const initType = object({
+  id: idType.optional(),
+  method: literal("init"),
+  params: object({
+    id: string,
+    kind: literals("install", "update", "restore").nullable(),
+  }),
+})
+const startType = object({
+  id: idType.optional(),
+  method: literal("start"),
+})
+const stopType = object({
+  id: idType.optional(),
+  method: literal("stop"),
+})
+const exitType = object({
+  id: idType.optional(),
+  method: literal("exit"),
+  params: object({
+    id: string,
+    target: string.nullable(),
+  }),
+})
+const evalType = object({
+  id: idType.optional(),
+  method: literal("eval"),
+  params: object({
+    script: string,
+  }),
+})
 
 const jsonParse = (x: string) => JSON.parse(x)
 
@@ -171,6 +154,8 @@ export class RpcListener {
     if (!fs.existsSync(SOCKET_PARENT)) {
       fs.mkdirSync(SOCKET_PARENT, { recursive: true })
     }
+    if (fs.existsSync(SOCKET_PATH)) fs.rmSync(SOCKET_PATH, { force: true })
+
     this.unixSocketServer.listen(SOCKET_PATH)
 
     this.unixSocketServer.on("connection", (s) => {
@@ -238,21 +223,6 @@ export class RpcListener {
     return this._system
   }
 
-  private callbackHolders: Map<string, CallbackHolder> = new Map()
-  private removeCallbackHolderFor(procedure: string) {
-    const prev = this.callbackHolders.get(procedure)
-    if (prev) {
-      this.callbackHolders.delete(procedure)
-      this.callbacks?.removeChild(prev)
-    }
-  }
-  private callbackHolderFor(procedure: string): CallbackHolder {
-    this.removeCallbackHolderFor(procedure)
-    const callbackHolder = this.callbacks!.child()
-    this.callbackHolders.set(procedure, callbackHolder)
-    return callbackHolder
-  }
-
   callCallback(callback: number, args: any[]): void {
     if (this.callbacks) {
       this.callbacks
@@ -272,11 +242,11 @@ export class RpcListener {
       .when(runType, async ({ id, params }) => {
         const system = this.system
         const procedure = jsonPath.unsafeCast(params.procedure)
-        const { input, timeout, id: procedureId } = params
+        const { input, timeout, id: eventId } = params
         const result = this.getResult(
           procedure,
           system,
-          procedureId,
+          eventId,
           timeout,
           input,
         )
@@ -286,11 +256,11 @@ export class RpcListener {
       .when(sandboxRunType, async ({ id, params }) => {
         const system = this.system
         const procedure = jsonPath.unsafeCast(params.procedure)
-        const { input, timeout, id: procedureId } = params
+        const { input, timeout, id: eventId } = params
         const result = this.getResult(
           procedure,
           system,
-          procedureId,
+          eventId,
           timeout,
           input,
         )
@@ -302,9 +272,10 @@ export class RpcListener {
         return null
       })
       .when(startType, async ({ id }) => {
-        const callbacks = this.callbackHolderFor("main")
+        const callbacks =
+          this.callbacks?.getChild("main") || this.callbacks?.child("main")
         const effects = makeEffects({
-          procedureId: null,
+          eventId: null,
           callbacks,
         })
         return handleRpc(
@@ -313,21 +284,35 @@ export class RpcListener {
         )
       })
       .when(stopType, async ({ id }) => {
-        this.removeCallbackHolderFor("main")
+        this.callbacks?.removeChild("main")
         return handleRpc(
           id,
           this.system.stop().then((result) => ({ result })),
         )
       })
-      .when(exitType, async ({ id }) => {
+      .when(exitType, async ({ id, params }) => {
         return handleRpc(
           id,
           (async () => {
-            if (this._system) await this._system.exit()
+            if (this._system) {
+              let target = null
+              if (params.target)
+                try {
+                  target = ExtendedVersion.parse(params.target)
+                } catch (_) {
+                  target = VersionRange.parse(params.target).normalize()
+                }
+              await this._system.exit(
+                makeEffects({
+                  eventId: params.id,
+                }),
+                target,
+              )
+            }
           })().then((result) => ({ result })),
         )
       })
-      .when(initType, async ({ id }) => {
+      .when(initType, async ({ id, params }) => {
         return handleRpc(
           id,
           (async () => {
@@ -335,16 +320,19 @@ export class RpcListener {
               const system = await this.getDependencies.system()
               this.callbacks = new CallbackHolder(
                 makeEffects({
-                  procedureId: null,
+                  eventId: params.id,
                 }),
               )
-              const callbacks = this.callbackHolderFor("containerInit")
-              await system.containerInit(
+              const callbacks = this.callbacks.child("init")
+              console.error("Initializing...")
+              await system.init(
                 makeEffects({
-                  procedureId: null,
+                  eventId: params.id,
                   callbacks,
                 }),
+                params.kind,
               )
+              console.error("Initialization complete.")
               this._system = system
             }
           })().then((result) => ({ result })),
@@ -377,7 +365,7 @@ export class RpcListener {
         )
       })
       .when(
-        shape({ id: idType, method: string }, ["id"]),
+        shape({ id: idType.optional(), method: string }),
         ({ id, method }) => ({
           jsonrpc,
           id,
@@ -411,8 +399,8 @@ export class RpcListener {
   private getResult(
     procedure: typeof jsonPath._TYPE,
     system: System,
-    procedureId: string,
-    timeout: number | undefined,
+    eventId: string,
+    timeout: number | null | undefined,
     input: any,
   ) {
     const ensureResultTypeShape = (
@@ -420,9 +408,9 @@ export class RpcListener {
     ): { result: any } => {
       return { result }
     }
-    const callbacks = this.callbackHolderFor(procedure)
+    const callbacks = this.callbacks?.child(procedure)
     const effects = makeEffects({
-      procedureId,
+      eventId,
       callbacks,
     })
 
@@ -430,16 +418,6 @@ export class RpcListener {
       switch (procedure) {
         case "/backup/create":
           return system.createBackup(effects, timeout || null)
-        case "/backup/restore":
-          return system.restoreBackup(effects, timeout || null)
-        case "/packageInit":
-          return system.packageInit(effects, timeout || null)
-        case "/packageUninit":
-          return system.packageUninit(
-            effects,
-            string.optional().unsafeCast(input),
-            timeout || null,
-          )
         default:
           const procedures = unNestPath(procedure)
           switch (true) {
@@ -461,14 +439,10 @@ export class RpcListener {
     })().then(ensureResultTypeShape, (error) =>
       matches(error)
         .when(
-          object(
-            {
-              error: string,
-              code: number,
-            },
-            ["code"],
-            { code: 0 },
-          ),
+          object({
+            error: string,
+            code: number.defaultTo(0),
+          }),
           (error) => ({
             error: {
               code: error.code,

container-runtime/src/Adapters/Systems/SystemForEmbassy/DockerProcedureContainer.ts

@@ -7,13 +7,22 @@ import { Volume } from "./matchVolume"
 import {
   CommandOptions,
   ExecOptions,
-  ExecSpawnable,
+  SubContainerOwned,
 } from "@start9labs/start-sdk/package/lib/util/SubContainer"
+import { Mounts } from "@start9labs/start-sdk/package/lib/mainFn/Mounts"
+import { Manifest } from "@start9labs/start-sdk/base/lib/osBindings"
+import { BackupEffects } from "@start9labs/start-sdk/package/lib/backup/Backups"
+import { Drop } from "@start9labs/start-sdk/package/lib/util"
+import { SDKManifest } from "@start9labs/start-sdk/base/lib/types"
 export const exec = promisify(cp.exec)
 export const execFile = promisify(cp.execFile)
 
-export class DockerProcedureContainer {
-  private constructor(private readonly subcontainer: ExecSpawnable) {}
+export class DockerProcedureContainer extends Drop {
+  private constructor(
+    private readonly subcontainer: SubContainer<SDKManifest>,
+  ) {
+    super()
+  }
 
   static async of(
     effects: T.Effects,
@@ -21,7 +30,7 @@ export class DockerProcedureContainer {
     data: DockerProcedure,
     volumes: { [id: VolumeId]: Volume },
     name: string,
-    options: { subcontainer?: ExecSpawnable } = {},
+    options: { subcontainer?: SubContainer<SDKManifest> } = {},
   ) {
     const subcontainer =
       options?.subcontainer ??
@@ -41,9 +50,10 @@ export class DockerProcedureContainer {
     volumes: { [id: VolumeId]: Volume },
     name: string,
   ) {
-    const subcontainer = await SubContainer.of(
-      effects,
+    const subcontainer = await SubContainerOwned.of(
+      effects as BackupEffects,
       { imageId: data.image },
+      null,
       name,
     )
 
@@ -57,13 +67,19 @@ export class DockerProcedureContainer {
         const volumeMount = volumes[mount]
         if (volumeMount.type === "data") {
           await subcontainer.mount(
-            { type: "volume", id: mount, subpath: null, readonly: false },
-            mounts[mount],
+            Mounts.of().mountVolume({
+              volumeId: mount,
+              subpath: null,
+              mountpoint: mounts[mount],
+              readonly: false,
+            }),
           )
         } else if (volumeMount.type === "assets") {
           await subcontainer.mount(
-            { type: "assets", subpath: mount },
-            mounts[mount],
+            Mounts.of().mountAssets({
+              subpath: mount,
+              mountpoint: mounts[mount],
+            }),
           )
         } else if (volumeMount.type === "certificate") {
           const hostnames = [
@@ -95,21 +111,22 @@ export class DockerProcedureContainer {
             key,
           )
         } else if (volumeMount.type === "pointer") {
-          await effects
-            .mount({
-              location: path,
-              target: {
-                packageId: volumeMount["package-id"],
-                subpath: volumeMount.path,
-                readonly: volumeMount.readonly,
-                volumeId: volumeMount["volume-id"],
-              },
-            })
-            .catch(console.warn)
+          await effects.mount({
+            location: path,
+            target: {
+              packageId: volumeMount["package-id"],
+              subpath: volumeMount.path,
+              readonly: volumeMount.readonly,
+              volumeId: volumeMount["volume-id"],
+              filetype: "directory",
+            },
+          })
         } else if (volumeMount.type === "backup") {
           await subcontainer.mount(
-            { type: "backup", subpath: null },
-            mounts[mount],
+            Mounts.of().mountBackups({
+              subpath: null,
+              mountpoint: mounts[mount],
+            }),
           )
         }
       }
@@ -151,7 +168,11 @@ export class DockerProcedureContainer {
     }
   }
 
-  async spawn(commands: string[]): Promise<cp.ChildProcess> {
-    return await this.subcontainer.spawn(commands)
+  // async spawn(commands: string[]): Promise<cp.ChildProcess> {
+  //   return await this.subcontainer.spawn(commands)
+  // }
+
+  onDrop(): void {
+    this.subcontainer.destroy?.()
   }
 }

container-runtime/src/Adapters/Systems/SystemForEmbassy/MainLoop.ts

@@ -6,6 +6,8 @@ import { Daemon } from "@start9labs/start-sdk/package/lib/mainFn/Daemon"
 import { Effects } from "../../../Models/Effects"
 import { off } from "node:process"
 import { CommandController } from "@start9labs/start-sdk/package/lib/mainFn/CommandController"
+import { SDKManifest } from "@start9labs/start-sdk/base/lib/types"
+import { SubContainerRc } from "@start9labs/start-sdk/package/lib/util/SubContainer"
 
 const EMBASSY_HEALTH_INTERVAL = 15 * 1000
 const EMBASSY_PROPERTIES_LOOP = 30 * 1000
@@ -15,8 +17,13 @@ const EMBASSY_PROPERTIES_LOOP = 30 * 1000
  * Also, this has an ability to clean itself up too if need be.
  */
 export class MainLoop {
+  private subcontainerRc?: SubContainerRc<SDKManifest>
   get mainSubContainerHandle() {
-    return this.mainEvent?.daemon?.subContainerHandle
+    this.subcontainerRc =
+      this.subcontainerRc ??
+      this.mainEvent?.daemon?.subcontainerRc() ??
+      undefined
+    return this.subcontainerRc
   }
   private healthLoops?: {
     name: string
@@ -24,7 +31,7 @@ export class MainLoop {
   }[]
 
   private mainEvent?: {
-    daemon: Daemon
+    daemon: Daemon<SDKManifest>
   }
 
   private constructor(
@@ -55,28 +62,20 @@ export class MainLoop {
     if (jsMain) {
       throw new Error("Unreachable")
     }
-    const daemon = new Daemon(async () => {
-      const subcontainer = await DockerProcedureContainer.createSubContainer(
-        effects,
-        this.system.manifest.id,
-        this.system.manifest.main,
-        this.system.manifest.volumes,
-        `Main - ${currentCommand.join(" ")}`,
-      )
-      return CommandController.of()(
-        this.effects,
-        subcontainer,
-        currentCommand,
-        {
-          runAsInit: true,
-          env: {
-            TINI_SUBREAPER: "true",
-          },
-          sigtermTimeout: utils.inMs(
-            this.system.manifest.main["sigterm-timeout"],
-          ),
-        },
-      )
+    const subcontainer = await DockerProcedureContainer.createSubContainer(
+      effects,
+      this.system.manifest.id,
+      this.system.manifest.main,
+      this.system.manifest.volumes,
+      `Main - ${currentCommand.join(" ")}`,
+    )
+    const daemon = await Daemon.of()(this.effects, subcontainer, {
+      command: currentCommand,
+      runAsInit: true,
+      env: {
+        TINI_SUBREAPER: "true",
+      },
+      sigtermTimeout: utils.inMs(this.system.manifest.main["sigterm-timeout"]),
     })
 
     daemon.start()

container-runtime/src/Adapters/Systems/SystemForEmbassy/__fixtures__/rtlConfig.ts

@@ -0,0 +1,153 @@
+export default {
+  nodes: {
+    type: "list",
+    subtype: "union",
+    name: "Lightning Nodes",
+    description: "List of Lightning Network node instances to manage",
+    range: "[1,*)",
+    default: ["lnd"],
+    spec: {
+      type: "string",
+      "display-as": "{{name}}",
+      "unique-by": "name",
+      name: "Node Implementation",
+      tag: {
+        id: "type",
+        name: "Type",
+        description:
+          "- LND: Lightning Network Daemon from Lightning Labs\n- CLN: Core Lightning from Blockstream\n",
+        "variant-names": {
+          lnd: "Lightning Network Daemon (LND)",
+          "c-lightning": "Core Lightning (CLN)",
+        },
+      },
+      default: "lnd",
+      variants: {
+        lnd: {
+          name: {
+            type: "string",
+            name: "Node Name",
+            description: "Name of this node in the list",
+            default: "StartOS LND",
+            nullable: false,
+          },
+          "connection-settings": {
+            type: "union",
+            name: "Connection Settings",
+            description: "The Lightning Network Daemon node to connect to.",
+            tag: {
+              id: "type",
+              name: "Type",
+              description:
+                "- Internal: The Lightning Network Daemon service installed to your StartOS server.\n- External: A Lightning Network Daemon instance running on a remote device (advanced).\n",
+              "variant-names": {
+                internal: "Internal",
+                external: "External",
+              },
+            },
+            default: "internal",
+            variants: {
+              internal: {},
+              external: {
+                address: {
+                  type: "string",
+                  name: "Public Address",
+                  description:
+                    "The public address of your LND REST server\nNOTE: RTL does not support a .onion URL here\n",
+                  nullable: false,
+                },
+                "rest-port": {
+                  type: "number",
+                  name: "REST Port",
+                  description:
+                    "The port that your Lightning Network Daemon REST server is bound to",
+                  nullable: false,
+                  range: "[0,65535]",
+                  integral: true,
+                  default: 8080,
+                },
+                macaroon: {
+                  type: "string",
+                  name: "Macaroon",
+                  description:
+                    'Your admin.macaroon file, Base64URL encoded. This is the same as the value after "macaroon=" in your lndconnect URL.',
+                  nullable: false,
+                  masked: true,
+                  pattern: "[=A-Za-z0-9_-]+",
+                  "pattern-description":
+                    "Macaroon must be encoded in Base64URL format (only A-Z, a-z, 0-9, _, - and = allowed)",
+                },
+              },
+            },
+          },
+        },
+        "c-lightning": {
+          name: {
+            type: "string",
+            name: "Node Name",
+            description: "Name of this node in the list",
+            default: "StartOS CLN",
+            nullable: false,
+          },
+          "connection-settings": {
+            type: "union",
+            name: "Connection Settings",
+            description: "The Core Lightning (CLN) node to connect to.",
+            tag: {
+              id: "type",
+              name: "Type",
+              description:
+                "- Internal: The Core Lightning (CLN) service installed to your StartOS server.\n- External: A Core Lightning (CLN) instance running on a remote device (advanced).\n",
+              "variant-names": {
+                internal: "Internal",
+                external: "External",
+              },
+            },
+            default: "internal",
+            variants: {
+              internal: {},
+              external: {
+                address: {
+                  type: "string",
+                  name: "Public Address",
+                  description:
+                    "The public address of your CLNRest server\nNOTE: RTL does not support a .onion URL here\n",
+                  nullable: false,
+                },
+                "rest-port": {
+                  type: "number",
+                  name: "CLNRest Port",
+                  description: "The port that your CLNRest server is bound to",
+                  nullable: false,
+                  range: "[0,65535]",
+                  integral: true,
+                  default: 3010,
+                },
+                macaroon: {
+                  type: "string",
+                  name: "Rune",
+                  description:
+                    "Your CLNRest unrestricted Rune, Base64URL encoded.",
+                  nullable: false,
+                  masked: true,
+                },
+              },
+            },
+          },
+        },
+      },
+    },
+  },
+  password: {
+    type: "string",
+    name: "Password",
+    description: "The password for your Ride the Lightning dashboard",
+    nullable: false,
+    copyable: true,
+    masked: true,
+    default: {
+      charset: "a-z,A-Z,0-9",
+      len: 22,
+    },
+  },
+}

container-runtime/src/Adapters/Systems/SystemForEmbassy/__snapshots__/transformConfigSpec.test.ts.snap

@@ -1,5 +1,30 @@
 // Jest Snapshot v1, https://goo.gl/fbAQLP
 
+exports[`transformConfigSpec transformConfigSpec(RTL) 1`] = `
+{
+  "password": {
+    "default": {
+      "charset": "a-z,A-Z,0-9",
+      "len": 22,
+    },
+    "description": "The password for your Ride the Lightning dashboard",
+    "disabled": false,
+    "generate": null,
+    "immutable": false,
+    "inputmode": "text",
+    "masked": true,
+    "maxLength": null,
+    "minLength": null,
+    "name": "Password",
+    "patterns": [],
+    "placeholder": null,
+    "required": true,
+    "type": "text",
+    "warning": null,
+  },
+}
+`;
+
 exports[`transformConfigSpec transformConfigSpec(bitcoind) 1`] = `
 {
   "advanced": {

container-runtime/src/Adapters/Systems/SystemForEmbassy/index.ts

@@ -1,5 +1,8 @@
 import {
   ExtendedVersion,
+  FileHelper,
+  getDataVersion,
+  overlaps,
   types as T,
   utils,
   VersionRange,
@@ -55,8 +58,21 @@ function todo(): never {
 
 const MANIFEST_LOCATION = "/usr/lib/startos/package/embassyManifest.json"
 export const EMBASSY_JS_LOCATION = "/usr/lib/startos/package/embassy.js"
-const EMBASSY_POINTER_PATH_PREFIX = "/embassyConfig" as utils.StorePath
-const EMBASSY_DEPENDS_ON_PATH_PREFIX = "/embassyDependsOn" as utils.StorePath
+
+const configFile = FileHelper.json(
+  {
+    volumeId: "embassy",
+    subpath: "config.json",
+  },
+  matches.any,
+)
+const dependsOnFile = FileHelper.json(
+  {
+    volumeId: "embassy",
+    subpath: "dependsOn.json",
+  },
+  dictionary([string, array(string)]),
+)
 
 const matchResult = object({
   result: any,
@@ -94,47 +110,48 @@ const fromReturnType = <A>(a: U.ResultType<A>): A => {
   return assertNever(a)
 }
 
-const matchSetResult = object(
-  {
-    "depends-on": dictionary([string, array(string)]),
-    dependsOn: dictionary([string, array(string)]),
-    signal: literals(
-      "SIGTERM",
-      "SIGHUP",
-      "SIGINT",
-      "SIGQUIT",
-      "SIGILL",
-      "SIGTRAP",
-      "SIGABRT",
-      "SIGBUS",
-      "SIGFPE",
-      "SIGKILL",
-      "SIGUSR1",
-      "SIGSEGV",
-      "SIGUSR2",
-      "SIGPIPE",
-      "SIGALRM",
-      "SIGSTKFLT",
-      "SIGCHLD",
-      "SIGCONT",
-      "SIGSTOP",
-      "SIGTSTP",
-      "SIGTTIN",
-      "SIGTTOU",
-      "SIGURG",
-      "SIGXCPU",
-      "SIGXFSZ",
-      "SIGVTALRM",
-      "SIGPROF",
-      "SIGWINCH",
-      "SIGIO",
-      "SIGPWR",
-      "SIGSYS",
-      "SIGINFO",
-    ),
-  },
-  ["depends-on", "dependsOn"],
-)
+const matchSetResult = object({
+  "depends-on": dictionary([string, array(string)])
+    .nullable()
+    .optional(),
+  dependsOn: dictionary([string, array(string)])
+    .nullable()
+    .optional(),
+  signal: literals(
+    "SIGTERM",
+    "SIGHUP",
+    "SIGINT",
+    "SIGQUIT",
+    "SIGILL",
+    "SIGTRAP",
+    "SIGABRT",
+    "SIGBUS",
+    "SIGFPE",
+    "SIGKILL",
+    "SIGUSR1",
+    "SIGSEGV",
+    "SIGUSR2",
+    "SIGPIPE",
+    "SIGALRM",
+    "SIGSTKFLT",
+    "SIGCHLD",
+    "SIGCONT",
+    "SIGSTOP",
+    "SIGTSTP",
+    "SIGTTIN",
+    "SIGTTOU",
+    "SIGURG",
+    "SIGXCPU",
+    "SIGXFSZ",
+    "SIGVTALRM",
+    "SIGPROF",
+    "SIGWINCH",
+    "SIGIO",
+    "SIGPWR",
+    "SIGSYS",
+    "SIGINFO",
+  ),
+})
 
 type OldGetConfigRes = {
   config?: null | Record<string, unknown>
@@ -174,14 +191,14 @@ export type PackagePropertiesV2 = {
 }
 export type PackagePropertyString = {
   type: "string"
-  description?: string
+  description?: string | null
   value: string
   /** Let's the ui make this copyable button */
-  copyable?: boolean
+  copyable?: boolean | null
   /** Let the ui create a qr for this field */
-  qr?: boolean
+  qr?: boolean | null
   /** Hiding the value unless toggled off for field */
-  masked?: boolean
+  masked?: boolean | null
 }
 export type PackagePropertyObject = {
   value: PackagePropertiesV2
@@ -225,17 +242,14 @@ const matchPackagePropertyObject: Parser<unknown, PackagePropertyObject> =
   })
 
 const matchPackagePropertyString: Parser<unknown, PackagePropertyString> =
-  object(
-    {
-      type: literal("string"),
-      description: string,
-      value: string,
-      copyable: boolean,
-      qr: boolean,
-      masked: boolean,
-    },
-    ["copyable", "description", "qr", "masked"],
-  )
+  object({
+    type: literal("string"),
+    description: string.nullable().optional(),
+    value: string,
+    copyable: boolean.nullable().optional(),
+    qr: boolean.nullable().optional(),
+    masked: boolean.nullable().optional(),
+  })
 setMatchPackageProperties(
   dictionary([
     string,
@@ -275,6 +289,7 @@ function convertProperties(
 
 const DEFAULT_REGISTRY = "https://registry.start9.com"
 export class SystemForEmbassy implements System {
+  private version: ExtendedVersion
   currentRunning: MainLoop | undefined
   static async of(manifestLocation: string = MANIFEST_LOCATION) {
     const moduleCode = await import(EMBASSY_JS_LOCATION)
@@ -296,11 +311,37 @@ export class SystemForEmbassy implements System {
   constructor(
     readonly manifest: Manifest,
     readonly moduleCode: Partial<U.ExpectedExports>,
-  ) {}
+  ) {
+    this.version = ExtendedVersion.parseEmver(manifest.version)
+    if (
+      this.manifest.id === "bitcoind" &&
+      this.manifest.title.toLowerCase().includes("knots")
+    )
+      this.version.flavor = "knots"
 
-  async containerInit(effects: Effects): Promise<void> {
+    if (
+      this.manifest.id === "lnd" ||
+      this.manifest.id === "ride-the-lightning" ||
+      this.manifest.id === "datum"
+    ) {
+      this.version.upstream.prerelease = ["beta"]
+    } else if (
+      this.manifest.id === "lightning-terminal" ||
+      this.manifest.id === "robosats"
+    ) {
+      this.version.upstream.prerelease = ["alpha"]
+    }
+  }
+
+  async init(
+    effects: Effects,
+    kind: "install" | "update" | "restore" | null,
+  ): Promise<void> {
+    if (kind === "restore") {
+      await this.restoreBackup(effects, null)
+    }
     for (let depId in this.manifest.dependencies) {
-      if (this.manifest.dependencies[depId].config) {
+      if (this.manifest.dependencies[depId]?.config) {
         await this.dependenciesAutoconfig(effects, depId, null)
       }
     }
@@ -308,6 +349,9 @@ export class SystemForEmbassy implements System {
     await this.exportActions(effects)
     await this.exportNetwork(effects)
     await this.containerSetDependencies(effects)
+    if (kind === "install" || kind === "update") {
+      await this.packageInit(effects, null)
+    }
   }
   async containerSetDependencies(effects: T.Effects) {
     const oldDeps: Record<string, string[]> = Object.fromEntries(
@@ -347,16 +391,23 @@ export class SystemForEmbassy implements System {
   }
 
   async packageInit(effects: Effects, timeoutMs: number | null): Promise<void> {
-    const previousVersion = await effects.getDataVersion()
+    const previousVersion = await getDataVersion(effects)
     if (previousVersion) {
-      if (
-        (await this.migration(effects, { from: previousVersion }, timeoutMs))
-          .configured
-      ) {
-        await effects.action.clearRequests({ only: ["needs-config"] })
+      const migrationRes = await this.migration(
+        effects,
+        { from: previousVersion },
+        timeoutMs,
+      )
+      if (migrationRes) {
+        if (migrationRes.configured)
+          await effects.action.clearTasks({ only: ["needs-config"] })
+        await configFile.write(
+          effects,
+          await this.getConfig(effects, timeoutMs),
+        )
       }
     } else if (this.manifest.config) {
-      await effects.action.request({
+      await effects.action.createTask({
         packageId: this.manifest.id,
         actionId: "config",
         severity: "critical",
@@ -364,9 +415,11 @@ export class SystemForEmbassy implements System {
         reason: "This service must be configured before it can be run",
       })
     }
+
     await effects.setDataVersion({
-      version: ExtendedVersion.parseEmver(this.manifest.version).toString(),
+      version: this.version.toString(),
     })
+    // @FullMetal: package hacks go here
   }
   async exportNetwork(effects: Effects) {
     for (const [id, interfaceValue] of Object.entries(
@@ -441,7 +494,7 @@ export class SystemForEmbassy implements System {
               masked: false,
               path: "",
               schemeOverride: null,
-              search: {},
+              query: {},
               username: null,
             }),
           ])
@@ -456,13 +509,18 @@ export class SystemForEmbassy implements System {
   ): Promise<T.ActionInput | null> {
     if (actionId === "config") {
       const config = await this.getConfig(effects, timeoutMs)
-      return { spec: config.spec, value: config.config }
+      return {
+        eventId: effects.eventId!,
+        spec: config.spec,
+        value: config.config,
+      }
     } else if (actionId === "properties") {
       return null
     } else {
       const oldSpec = this.manifest.actions?.[actionId]?.["input-spec"]
       if (!oldSpec) return null
       return {
+        eventId: effects.eventId!,
         spec: transformConfigSpec(oldSpec as OldConfigSpec),
         value: null,
       }
@@ -543,14 +601,14 @@ export class SystemForEmbassy implements System {
     }
     await effects.action.clear({ except: Object.keys(actions) })
   }
-  async packageUninit(
+  async uninit(
     effects: Effects,
-    nextVersion: Optional<string>,
-    timeoutMs: number | null,
+    target: ExtendedVersion | VersionRange | null,
+    timeoutMs?: number | null,
   ): Promise<void> {
     await this.currentRunning?.clean({ timeout: timeoutMs ?? undefined })
-    if (nextVersion) {
-      await this.migration(effects, { to: nextVersion }, timeoutMs)
+    if (target) {
+      await this.migration(effects, { to: target }, timeoutMs ?? null)
     }
     await effects.setMainStatus({ status: "stopped" })
   }
@@ -577,11 +635,21 @@ export class SystemForEmbassy implements System {
       const moduleCode = await this.moduleCode
       await moduleCode.createBackup?.(polyfillEffects(effects, this.manifest))
     }
+    const dataVersion = await effects.getDataVersion()
+    if (dataVersion)
+      await fs.writeFile("/media/startos/backup/dataVersion.txt", dataVersion, {
+        encoding: "utf-8",
+      })
   }
   async restoreBackup(
     effects: Effects,
     timeoutMs: number | null,
   ): Promise<void> {
+    const store = await fs
+      .readFile("/media/startos/backup/store.json", {
+        encoding: "utf-8",
+      })
+      .catch((_) => null)
     const restoreBackup = this.manifest.backup.restore
     if (restoreBackup.type === "docker") {
       const commands = [restoreBackup.entrypoint, ...restoreBackup.args]
@@ -600,6 +668,13 @@ export class SystemForEmbassy implements System {
       const moduleCode = await this.moduleCode
       await moduleCode.restoreBackup?.(polyfillEffects(effects, this.manifest))
     }
+
+    const dataVersion = await fs
+      .readFile("/media/startos/backup/dataVersion.txt", {
+        encoding: "utf-8",
+      })
+      .catch((_) => null)
+    if (dataVersion) await effects.setDataVersion({ version: dataVersion })
   }
   async getConfig(effects: Effects, timeoutMs: number | null) {
     return this.getConfigUncleaned(effects, timeoutMs).then(convertToNewConfig)
@@ -649,10 +724,7 @@ export class SystemForEmbassy implements System {
       structuredClone(newConfigWithoutPointers as Record<string, unknown>),
     )
     await updateConfig(effects, this.manifest, spec, newConfig)
-    await effects.store.set({
-      path: EMBASSY_POINTER_PATH_PREFIX,
-      value: newConfig,
-    })
+    await configFile.write(effects, newConfig)
     const setConfigValue = this.manifest.config?.set
     if (!setConfigValue) return
     if (setConfigValue.type === "docker") {
@@ -706,15 +778,11 @@ export class SystemForEmbassy implements System {
     rawDepends: { [x: string]: readonly string[] },
     configuring: boolean,
   ) {
-    const storedDependsOn = (await effects.store.get({
-      packageId: this.manifest.id,
-      path: EMBASSY_DEPENDS_ON_PATH_PREFIX,
-    })) as Record<string, readonly string[]>
-
+    const storedDependsOn = await dependsOnFile.read().once()
     const requiredDeps = {
       ...Object.fromEntries(
-        Object.entries(this.manifest.dependencies || {})
-          ?.filter((x) => x[1].requirement.type === "required")
+        Object.entries(this.manifest.dependencies ?? {})
+          .filter(([k, v]) => v?.requirement.type === "required")
           .map((x) => [x[0], []]) || [],
       ),
     }
@@ -728,10 +796,7 @@ export class SystemForEmbassy implements System {
         ? storedDependsOn
         : requiredDeps
 
-    await effects.store.set({
-      path: EMBASSY_DEPENDS_ON_PATH_PREFIX,
-      value: dependsOn,
-    })
+    await dependsOnFile.write(effects, dependsOn)
 
     await effects.setDependencies({
       dependencies: Object.entries(dependsOn).flatMap(
@@ -755,31 +820,33 @@ export class SystemForEmbassy implements System {
 
   async migration(
     effects: Effects,
-    version: { from: string } | { to: string },
+    version:
+      | { from: VersionRange | ExtendedVersion }
+      | { to: VersionRange | ExtendedVersion },
     timeoutMs: number | null,
-  ): Promise<{ configured: boolean }> {
+  ): Promise<{ configured: boolean } | null> {
     let migration
     let args: [string, ...string[]]
     if ("from" in version) {
-      args = [version.from, "from"]
-      const fromExver = ExtendedVersion.parse(version.from)
+      if (overlaps(this.version, version.from)) return null
+      args = [version.from.toString(), "from"]
       if (!this.manifest.migrations) return { configured: true }
       migration = Object.entries(this.manifest.migrations.from)
         .map(
           ([version, procedure]) =>
             [VersionRange.parseEmver(version), procedure] as const,
         )
-        .find(([versionEmver, _]) => versionEmver.satisfiedBy(fromExver))
+        .find(([versionEmver, _]) => overlaps(versionEmver, version.from))
     } else {
-      args = [version.to, "to"]
-      const toExver = ExtendedVersion.parse(version.to)
+      if (overlaps(this.version, version.to)) return null
+      args = [version.to.toString(), "to"]
       if (!this.manifest.migrations) return { configured: true }
       migration = Object.entries(this.manifest.migrations.to)
         .map(
           ([version, procedure]) =>
             [VersionRange.parseEmver(version), procedure] as const,
         )
-        .find(([versionEmver, _]) => versionEmver.satisfiedBy(toExver))
+        .find(([versionEmver, _]) => overlaps(versionEmver, version.to))
     }
 
     if (migration) {
@@ -815,7 +882,7 @@ export class SystemForEmbassy implements System {
         })) as any
       }
     }
-    return { configured: true }
+    return null
   }
   async properties(
     effects: Effects,
@@ -969,43 +1036,52 @@ export class SystemForEmbassy implements System {
     timeoutMs: number | null,
   ): Promise<void> {
     // TODO: docker
-    const oldConfig = (await effects.store.get({
-      packageId: id,
-      path: EMBASSY_POINTER_PATH_PREFIX,
-      callback: () => {
-        this.dependenciesAutoconfig(effects, id, timeoutMs)
-      },
-    })) as U.Config
-    if (!oldConfig) return
-    const moduleCode = await this.moduleCode
-    const method = moduleCode?.dependencies?.[id]?.autoConfigure
-    if (!method) return
-    const newConfig = (await method(
-      polyfillEffects(effects, this.manifest),
-      JSON.parse(JSON.stringify(oldConfig)),
-    ).then((x) => {
-      if ("result" in x) return x.result
-      if ("error" in x) throw new Error("Error getting config: " + x.error)
-      throw new Error("Error getting config: " + x["error-code"][1])
-    })) as any
-    const diff = partialDiff(oldConfig, newConfig)
-    if (diff) {
-      await effects.action.request({
-        actionId: "config",
+    await effects.mount({
+      location: `/media/embassy/${id}`,
+      target: {
         packageId: id,
-        replayId: `${id}/config`,
-        severity: "important",
-        reason: `Configure this dependency for the needs of ${this.manifest.title}`,
-        input: {
-          kind: "partial",
-          value: diff.diff,
-        },
-        when: {
-          condition: "input-not-matches",
-          once: false,
-        },
+        volumeId: "embassy",
+        subpath: null,
+        readonly: true,
+        filetype: "directory",
+      },
+    })
+    configFile
+      .withPath(`/media/embassy/${id}/config.json`)
+      .read()
+      .onChange(effects, async (oldConfig: U.Config) => {
+        if (!oldConfig) return { cancel: false }
+        const moduleCode = await this.moduleCode
+        const method = moduleCode?.dependencies?.[id]?.autoConfigure
+        if (!method) return { cancel: true }
+        const newConfig = (await method(
+          polyfillEffects(effects, this.manifest),
+          JSON.parse(JSON.stringify(oldConfig)),
+        ).then((x) => {
+          if ("result" in x) return x.result
+          if ("error" in x) throw new Error("Error getting config: " + x.error)
+          throw new Error("Error getting config: " + x["error-code"][1])
+        })) as any
+        const diff = partialDiff(oldConfig, newConfig)
+        if (diff) {
+          await effects.action.createTask({
+            actionId: "config",
+            packageId: id,
+            replayId: `${id}/config`,
+            severity: "important",
+            reason: `Configure this dependency for the needs of ${this.manifest.title}`,
+            input: {
+              kind: "partial",
+              value: diff.diff,
+            },
+            when: {
+              condition: "input-not-matches",
+              once: false,
+            },
+          })
+        }
+        return { cancel: false }
       })
-    }
   }
 }
 
@@ -1107,11 +1183,21 @@ async function updateConfig(
     ) {
       if (specValue.target === "config") {
         const jp = require("jsonpath")
-        const remoteConfig = await effects.store.get({
-          packageId: specValue["package-id"],
-          callback: () => effects.restart(),
-          path: EMBASSY_POINTER_PATH_PREFIX,
+        const depId = specValue["package-id"]
+        await effects.mount({
+          location: `/media/embassy/${depId}`,
+          target: {
+            packageId: depId,
+            volumeId: "embassy",
+            subpath: null,
+            readonly: true,
+            filetype: "directory",
+          },
         })
+        const remoteConfig = configFile
+          .withPath(`/media/embassy/${depId}/config.json`)
+          .read()
+          .once()
         console.debug(remoteConfig)
         const configValue = specValue.multi
           ? jp.query(remoteConfig, specValue.selector)
@@ -1152,14 +1238,14 @@ async function updateConfig(
         const url: string =
           filled === null || filled.addressInfo === null
             ? ""
-            : catchFn(() =>
-                utils.hostnameInfoToAddress(
-                  specValue.target === "lan-address"
+            : catchFn(
+                () =>
+                  (specValue.target === "lan-address"
                     ? filled.addressInfo!.localHostnames[0] ||
-                        filled.addressInfo!.onionHostnames[0]
+                      filled.addressInfo!.onionHostnames[0]
                     : filled.addressInfo!.onionHostnames[0] ||
-                        filled.addressInfo!.localHostnames[0],
-                ),
+                      filled.addressInfo!.localHostnames[0]
+                  ).hostname.value,
               ) || ""
         mutConfigValue[key] = url
       }

container-runtime/src/Adapters/Systems/SystemForEmbassy/matchManifest.ts

@@ -14,123 +14,113 @@ import {
 import { matchVolume } from "./matchVolume"
 import { matchDockerProcedure } from "../../../Models/DockerProcedure"
 
-const matchJsProcedure = object(
-  {
-    type: literal("script"),
-    args: array(unknown),
-  },
-  ["args"],
-  {
-    args: [],
-  },
-)
+const matchJsProcedure = object({
+  type: literal("script"),
+  args: array(unknown).nullable().optional().defaultTo([]),
+})
 
 const matchProcedure = some(matchDockerProcedure, matchJsProcedure)
 export type Procedure = typeof matchProcedure._TYPE
 
-const matchAction = object(
-  {
-    name: string,
-    description: string,
-    warning: string,
-    implementation: matchProcedure,
-    "allowed-statuses": array(literals("running", "stopped")),
-    "input-spec": unknown,
-  },
-  ["warning", "input-spec", "input-spec"],
-)
-export const matchManifest = object(
-  {
-    id: string,
-    title: string,
-    version: string,
-    main: matchDockerProcedure,
-    assets: object(
-      {
-        assets: string,
-        scripts: string,
-      },
-      ["assets", "scripts"],
+const matchAction = object({
+  name: string,
+  description: string,
+  warning: string.nullable().optional(),
+  implementation: matchProcedure,
+  "allowed-statuses": array(literals("running", "stopped")),
+  "input-spec": unknown.nullable().optional(),
+})
+export const matchManifest = object({
+  id: string,
+  title: string,
+  version: string,
+  main: matchDockerProcedure,
+  assets: object({
+    assets: string.nullable().optional(),
+    scripts: string.nullable().optional(),
+  })
+    .nullable()
+    .optional(),
+  "health-checks": dictionary([
+    string,
+    every(
+      matchProcedure,
+      object({
+        name: string,
+        ["success-message"]: string.nullable().optional(),
+      }),
     ),
-    "health-checks": dictionary([
-      string,
-      every(
-        matchProcedure,
-        object(
-          {
-            name: string,
-            ["success-message"]: string,
-          },
-          ["success-message"],
-        ),
-      ),
-    ]),
-    config: object({
-      get: matchProcedure,
-      set: matchProcedure,
+  ]),
+  config: object({
+    get: matchProcedure,
+    set: matchProcedure,
+  })
+    .nullable()
+    .optional(),
+  properties: matchProcedure.nullable().optional(),
+  volumes: dictionary([string, matchVolume]),
+  interfaces: dictionary([
+    string,
+    object({
+      name: string,
+      description: string,
+      "tor-config": object({
+        "port-mapping": dictionary([string, string]),
+      })
+        .nullable()
+        .optional(),
+      "lan-config": dictionary([
+        string,
+        object({
+          ssl: boolean,
+          internal: number,
+        }),
+      ])
+        .nullable()
+        .optional(),
+      ui: boolean,
+      protocols: array(string),
     }),
-    properties: matchProcedure,
-    volumes: dictionary([string, matchVolume]),
-    interfaces: dictionary([
-      string,
-      object(
-        {
-          name: string,
-          description: string,
-          "tor-config": object({
-            "port-mapping": dictionary([string, string]),
-          }),
-          "lan-config": dictionary([
-            string,
-            object({
-              ssl: boolean,
-              internal: number,
-            }),
-          ]),
-          ui: boolean,
-          protocols: array(string),
-        },
-        ["lan-config", "tor-config"],
+  ]),
+  backup: object({
+    create: matchProcedure,
+    restore: matchProcedure,
+  }),
+  migrations: object({
+    to: dictionary([string, matchProcedure]),
+    from: dictionary([string, matchProcedure]),
+  })
+    .nullable()
+    .optional(),
+  dependencies: dictionary([
+    string,
+    object({
+      version: string,
+      requirement: some(
+        object({
+          type: literal("opt-in"),
+          how: string,
+        }),
+        object({
+          type: literal("opt-out"),
+          how: string,
+        }),
+        object({
+          type: literal("required"),
+        }),
       ),
-    ]),
-    backup: object({
-      create: matchProcedure,
-      restore: matchProcedure,
-    }),
-    migrations: object({
-      to: dictionary([string, matchProcedure]),
-      from: dictionary([string, matchProcedure]),
-    }),
-    dependencies: dictionary([
-      string,
-      object(
-        {
-          version: string,
-          requirement: some(
-            object({
-              type: literal("opt-in"),
-              how: string,
-            }),
-            object({
-              type: literal("opt-out"),
-              how: string,
-            }),
-            object({
-              type: literal("required"),
-            }),
-          ),
-          description: string,
-          config: object({
-            check: matchProcedure,
-            "auto-configure": matchProcedure,
-          }),
-        },
-        ["description", "config"],
-      ),
-    ]),
+      description: string.nullable().optional(),
+      config: object({
+        check: matchProcedure,
+        "auto-configure": matchProcedure,
+      })
+        .nullable()
+        .optional(),
+    })
+      .nullable()
+      .optional(),
+  ]),
 
-    actions: dictionary([string, matchAction]),
-  },
-  ["config", "actions", "properties", "migrations", "dependencies"],
-)
+  actions: dictionary([string, matchAction]),
+})
 export type Manifest = typeof matchManifest._TYPE

container-runtime/src/Adapters/Systems/SystemForEmbassy/matchVolume.ts

@@ -1,12 +1,9 @@
 import { object, literal, string, boolean, some } from "ts-matches"
 
-const matchDataVolume = object(
-  {
-    type: literal("data"),
-    readonly: boolean,
-  },
-  ["readonly"],
-)
+const matchDataVolume = object({
+  type: literal("data"),
+  readonly: boolean.optional(),
+})
 const matchAssetVolume = object({
   type: literal("assets"),
 })

container-runtime/src/Adapters/Systems/SystemForEmbassy/polyfillEffects.ts

@@ -135,12 +135,9 @@ export const polyfillEffects = (
         [input.command, ...(input.args || [])].join(" "),
       )
       const daemon = promiseSubcontainer.then((subcontainer) =>
-        daemons.runCommand()(
-          effects,
-          subcontainer,
-          [input.command, ...(input.args || [])],
-          {},
-        ),
+        daemons.runCommand()(effects, subcontainer, {
+          command: [input.command, ...(input.args || [])],
+        }),
       )
       return {
         wait: () =>
@@ -169,12 +166,12 @@ export const polyfillEffects = (
           { imageId: manifest.main.image },
           commands,
           {
-            mounts: Mounts.of().addVolume(
-              input.volumeId,
-              null,
-              "/drive",
-              false,
-            ),
+            mounts: Mounts.of().mountVolume({
+              volumeId: input.volumeId,
+              subpath: null,
+              mountpoint: "/drive",
+              readonly: false,
+            }),
           },
           commands.join(" "),
         )
@@ -206,12 +203,12 @@ export const polyfillEffects = (
           { imageId: manifest.main.image },
           commands,
           {
-            mounts: Mounts.of().addVolume(
-              input.volumeId,
-              null,
-              "/drive",
-              false,
-            ),
+            mounts: Mounts.of().mountVolume({
+              volumeId: input.volumeId,
+              subpath: null,
+              mountpoint: "/drive",
+              readonly: false,
+            }),
           },
           commands.join(" "),
         )

container-runtime/src/Adapters/Systems/SystemForEmbassy/transformConfigSpec.test.ts

@@ -1,5 +1,10 @@
-import { matchOldConfigSpec, transformConfigSpec } from "./transformConfigSpec"
-import fixtureEmbasyPagesConfig from "./__fixtures__/embasyPagesConfig"
+import {
+  matchOldConfigSpec,
+  matchOldValueSpecList,
+  transformConfigSpec,
+} from "./transformConfigSpec"
+import fixtureEmbassyPagesConfig from "./__fixtures__/embassyPagesConfig"
+import fixtureRTLConfig from "./__fixtures__/rtlConfig"
 import searNXG from "./__fixtures__/searNXG"
 import bitcoind from "./__fixtures__/bitcoind"
 import nostr from "./__fixtures__/nostr"
@@ -8,14 +13,25 @@ import nostrConfig2 from "./__fixtures__/nostrConfig2"
 describe("transformConfigSpec", () => {
   test("matchOldConfigSpec(embassyPages.homepage.variants[web-page])", () => {
     matchOldConfigSpec.unsafeCast(
-      fixtureEmbasyPagesConfig.homepage.variants["web-page"],
+      fixtureEmbassyPagesConfig.homepage.variants["web-page"],
     )
   })
   test("matchOldConfigSpec(embassyPages)", () => {
-    matchOldConfigSpec.unsafeCast(fixtureEmbasyPagesConfig)
+    matchOldConfigSpec.unsafeCast(fixtureEmbassyPagesConfig)
   })
   test("transformConfigSpec(embassyPages)", () => {
-    const spec = matchOldConfigSpec.unsafeCast(fixtureEmbasyPagesConfig)
+    const spec = matchOldConfigSpec.unsafeCast(fixtureEmbassyPagesConfig)
+    expect(transformConfigSpec(spec)).toMatchSnapshot()
+  })
+
+  test("matchOldConfigSpec(RTL.nodes)", () => {
+    matchOldValueSpecList.unsafeCast(fixtureRTLConfig.nodes)
+  })
+  test("matchOldConfigSpec(RTL)", () => {
+    matchOldConfigSpec.unsafeCast(fixtureRTLConfig)
+  })
+  test("transformConfigSpec(RTL)", () => {
+    const spec = matchOldConfigSpec.unsafeCast(fixtureRTLConfig)
     expect(transformConfigSpec(spec)).toMatchSnapshot()
   })
 

container-runtime/src/Adapters/Systems/SystemForEmbassy/transformConfigSpec.ts

@@ -47,6 +47,7 @@ export function transformConfigSpec(oldSpec: OldConfigSpec): IST.InputSpec {
         immutable: false,
       }
     } else if (oldVal.type === "list") {
+      if (isUnionList(oldVal)) return inputSpec
       newVal = getListSpec(oldVal)
     } else if (oldVal.type === "number") {
       const range = Range.from(oldVal.range)
@@ -177,15 +178,17 @@ export function transformOldConfigToNew(
       }
     }
 
-    if (isList(val) && isObjectList(val)) {
+    if (isList(val)) {
       if (!config[key]) return obj
 
-      newVal = (config[key] as object[]).map((obj) =>
-        transformOldConfigToNew(
-          matchOldConfigSpec.unsafeCast(val.spec.spec),
-          obj,
-        ),
-      )
+      if (isObjectList(val)) {
+        newVal = (config[key] as object[]).map((obj) =>
+          transformOldConfigToNew(
+            matchOldConfigSpec.unsafeCast(val.spec.spec),
+            obj,
+          ),
+        )
+      } else if (isUnionList(val)) return obj
     }
 
     if (isPointer(val)) {
@@ -203,6 +206,7 @@ export function transformNewConfigToOld(
   spec: OldConfigSpec,
   config: Record<string, any>,
 ): Record<string, any> {
+  if (!config) return config
   return Object.entries(spec).reduce((obj, [key, val]) => {
     let newVal = config[key]
 
@@ -223,13 +227,15 @@ export function transformNewConfigToOld(
       }
     }
 
-    if (isList(val) && isObjectList(val)) {
-      newVal = (config[key] as object[]).map((obj) =>
-        transformNewConfigToOld(
-          matchOldConfigSpec.unsafeCast(val.spec.spec),
-          obj,
-        ),
-      )
+    if (isList(val)) {
+      if (isObjectList(val)) {
+        newVal = (config[key] as object[]).map((obj) =>
+          transformNewConfigToOld(
+            matchOldConfigSpec.unsafeCast(val.spec.spec),
+            obj,
+          ),
+        )
+      } else if (isUnionList(val)) return obj
     }
 
     return {
@@ -375,15 +381,17 @@ function isNumberList(
 ): val is OldValueSpecList & { subtype: "number" } {
   return val.subtype === "number"
 }
-
 function isObjectList(
   val: OldValueSpecList,
 ): val is OldValueSpecList & { subtype: "object" } {
-  if (["union"].includes(val.subtype)) {
-    throw new Error("Invalid list subtype. enum, string, and object permitted.")
-  }
   return val.subtype === "object"
 }
+function isUnionList(
+  val: OldValueSpecList,
+): val is OldValueSpecList & { subtype: "union" } {
+  return val.subtype === "union"
+}
+
 export type OldConfigSpec = Record<string, OldValueSpec>
 const [_matchOldConfigSpec, setMatchOldConfigSpec] = deferred<unknown>()
 export const matchOldConfigSpec = _matchOldConfigSpec as Parser<
@@ -396,100 +404,71 @@ export const matchOldDefaultString = anyOf(
 )
 type OldDefaultString = typeof matchOldDefaultString._TYPE
 
-export const matchOldValueSpecString = object(
-  {
-    type: literals("string"),
-    name: string,
-    masked: boolean,
-    copyable: boolean,
-    nullable: boolean,
-    placeholder: string,
-    pattern: string,
-    "pattern-description": string,
-    default: matchOldDefaultString,
-    textarea: boolean,
-    description: string,
-    warning: string,
-  },
-  [
-    "masked",
-    "copyable",
-    "nullable",
-    "placeholder",
-    "pattern",
-    "pattern-description",
-    "default",
-    "textarea",
-    "description",
-    "warning",
-  ],
-)
+export const matchOldValueSpecString = object({
+  type: literals("string"),
+  name: string,
+  masked: boolean.nullable().optional(),
+  copyable: boolean.nullable().optional(),
+  nullable: boolean.nullable().optional(),
+  placeholder: string.nullable().optional(),
+  pattern: string.nullable().optional(),
+  "pattern-description": string.nullable().optional(),
+  default: matchOldDefaultString.nullable().optional(),
+  textarea: boolean.nullable().optional(),
+  description: string.nullable().optional(),
+  warning: string.nullable().optional(),
+})
 
-export const matchOldValueSpecNumber = object(
-  {
-    type: literals("number"),
-    nullable: boolean,
-    name: string,
-    range: string,
-    integral: boolean,
-    default: number,
-    description: string,
-    warning: string,
-    units: string,
-    placeholder: anyOf(number, string),
-  },
-  ["default", "description", "warning", "units", "placeholder"],
-)
+export const matchOldValueSpecNumber = object({
+  type: literals("number"),
+  nullable: boolean,
+  name: string,
+  range: string,
+  integral: boolean,
+  default: number.nullable().optional(),
+  description: string.nullable().optional(),
+  warning: string.nullable().optional(),
+  units: string.nullable().optional(),
+  placeholder: anyOf(number, string).nullable().optional(),
+})
 type OldValueSpecNumber = typeof matchOldValueSpecNumber._TYPE
 
-export const matchOldValueSpecBoolean = object(
-  {
-    type: literals("boolean"),
-    default: boolean,
-    name: string,
-    description: string,
-    warning: string,
-  },
-  ["description", "warning"],
-)
+export const matchOldValueSpecBoolean = object({
+  type: literals("boolean"),
+  default: boolean,
+  name: string,
+  description: string.nullable().optional(),
+  warning: string.nullable().optional(),
+})
 type OldValueSpecBoolean = typeof matchOldValueSpecBoolean._TYPE
 
-const matchOldValueSpecObject = object(
-  {
-    type: literals("object"),
-    spec: _matchOldConfigSpec,
-    name: string,
-    description: string,
-    warning: string,
-  },
-  ["description", "warning"],
-)
+const matchOldValueSpecObject = object({
+  type: literals("object"),
+  spec: _matchOldConfigSpec,
+  name: string,
+  description: string.nullable().optional(),
+  warning: string.nullable().optional(),
+})
 type OldValueSpecObject = typeof matchOldValueSpecObject._TYPE
 
-const matchOldValueSpecEnum = object(
-  {
-    values: array(string),
-    "value-names": dictionary([string, string]),
-    type: literals("enum"),
-    default: string,
-    name: string,
-    description: string,
-    warning: string,
-  },
-  ["description", "warning"],
-)
+const matchOldValueSpecEnum = object({
+  values: array(string),
+  "value-names": dictionary([string, string]),
+  type: literals("enum"),
+  default: string,
+  name: string,
+  description: string.nullable().optional(),
+  warning: string.nullable().optional(),
+})
 type OldValueSpecEnum = typeof matchOldValueSpecEnum._TYPE
 
-const matchOldUnionTagSpec = object(
-  {
-    id: string, // The name of the field containing one of the union variants
-    "variant-names": dictionary([string, string]), // The name of each variant
-    name: string,
-    description: string,
-    warning: string,
-  },
-  ["description", "warning"],
-)
+const matchOldUnionTagSpec = object({
+  id: string, // The name of the field containing one of the union variants
+  "variant-names": dictionary([string, string]), // The name of each variant
+  name: string,
+  description: string.nullable().optional(),
+  warning: string.nullable().optional(),
+})
 const matchOldValueSpecUnion = object({
   type: literals("union"),
   tag: matchOldUnionTagSpec,
@@ -514,57 +493,51 @@ setOldUniqueBy(
   ),
 )
 
-const matchOldListValueSpecObject = object(
-  {
-    spec: _matchOldConfigSpec, // this is a mapped type of the config object at this level, replacing the object's values with specs on those values
-    "unique-by": matchOldUniqueBy, // indicates whether duplicates can be permitted in the list
-    "display-as": string, // this should be a handlebars template which can make use of the entire config which corresponds to 'spec'
-  },
-  ["display-as", "unique-by"],
-)
-const matchOldListValueSpecString = object(
-  {
-    masked: boolean,
-    copyable: boolean,
-    pattern: string,
-    "pattern-description": string,
-    placeholder: string,
-  },
-  ["pattern", "pattern-description", "placeholder", "copyable", "masked"],
-)
+const matchOldListValueSpecObject = object({
+  spec: _matchOldConfigSpec, // this is a mapped type of the config object at this level, replacing the object's values with specs on those values
+  "unique-by": matchOldUniqueBy.nullable().optional(), // indicates whether duplicates can be permitted in the list
+  "display-as": string.nullable().optional(), // this should be a handlebars template which can make use of the entire config which corresponds to 'spec'
+})
+const matchOldListValueSpecUnion = object({
+  "unique-by": matchOldUniqueBy.nullable().optional(),
+  "display-as": string.nullable().optional(),
+  tag: matchOldUnionTagSpec,
+  variants: dictionary([string, _matchOldConfigSpec]),
+})
+const matchOldListValueSpecString = object({
+  masked: boolean.nullable().optional(),
+  copyable: boolean.nullable().optional(),
+  pattern: string.nullable().optional(),
+  "pattern-description": string.nullable().optional(),
+  placeholder: string.nullable().optional(),
+})
 
 const matchOldListValueSpecEnum = object({
   values: array(string),
   "value-names": dictionary([string, string]),
 })
-const matchOldListValueSpecNumber = object(
-  {
-    range: string,
-    integral: boolean,
-    units: string,
-    placeholder: anyOf(number, string),
-  },
-  ["units", "placeholder"],
-)
+const matchOldListValueSpecNumber = object({
+  range: string,
+  integral: boolean,
+  units: string.nullable().optional(),
+  placeholder: anyOf(number, string).nullable().optional(),
+})
 
 // represents a spec for a list
-const matchOldValueSpecList = every(
-  object(
-    {
-      type: literals("list"),
-      range: string, // '[0,1]' (inclusive) OR '[0,*)' (right unbounded), normal math rules
-      default: anyOf(
-        array(string),
-        array(number),
-        array(matchOldDefaultString),
-        array(object),
-      ),
-      name: string,
-      description: string,
-      warning: string,
-    },
-    ["description", "warning"],
-  ),
+export const matchOldValueSpecList = every(
+  object({
+    type: literals("list"),
+    range: string, // '[0,1]' (inclusive) OR '[0,*)' (right unbounded), normal math rules
+    default: anyOf(
+      array(string),
+      array(number),
+      array(matchOldDefaultString),
+      array(object),
+    ),
+    name: string,
+    description: string.nullable().optional(),
+    warning: string.nullable().optional(),
+  }),
   anyOf(
     object({
       subtype: literals("string"),
@@ -582,6 +555,10 @@ const matchOldValueSpecList = every(
       subtype: literals("number"),
       spec: matchOldListValueSpecNumber,
     }),
+    object({
+      subtype: literals("union"),
+      spec: matchOldListValueSpecUnion,
+    }),
   ),
 )
 type OldValueSpecList = typeof matchOldValueSpecList._TYPE

container-runtime/src/Adapters/Systems/SystemForStartOs.ts

@@ -1,7 +1,6 @@
 import { System } from "../../Interfaces/System"
 import { Effects } from "../../Models/Effects"
-import { T, utils } from "@start9labs/start-sdk"
-import { Optional } from "ts-matches/lib/parsers/interfaces"
+import { ExtendedVersion, T, utils, VersionRange } from "@start9labs/start-sdk"
 
 export const STARTOS_JS_LOCATION = "/usr/lib/startos/package/index.js"
 
@@ -11,6 +10,7 @@ type RunningMain = {
 
 export class SystemForStartOs implements System {
   private runningMain: RunningMain | undefined
+  private starting: boolean = false
 
   static of() {
     return new SystemForStartOs(require(STARTOS_JS_LOCATION))
@@ -19,22 +19,23 @@ export class SystemForStartOs implements System {
   constructor(readonly abi: T.ABI) {
     this
   }
-  async containerInit(effects: Effects): Promise<void> {
-    return void (await this.abi.containerInit({ effects }))
-  }
-  async packageInit(
+
+  async init(
     effects: Effects,
+    kind: "install" | "update" | "restore" | null,
+  ): Promise<void> {
+    return void (await this.abi.init({ effects, kind }))
+  }
+
+  async exit(
+    effects: Effects,
+    target: ExtendedVersion | VersionRange | null,
     timeoutMs: number | null = null,
   ): Promise<void> {
-    return void (await this.abi.packageInit({ effects }))
-  }
-  async packageUninit(
-    effects: Effects,
-    nextVersion: Optional<string> = null,
-    timeoutMs: number | null = null,
-  ): Promise<void> {
-    return void (await this.abi.packageUninit({ effects, nextVersion }))
+    await this.stop()
+    return void (await this.abi.uninit({ effects, target }))
   }
+
   async createBackup(
     effects: T.Effects,
     timeoutMs: number | null,
@@ -43,14 +44,6 @@ export class SystemForStartOs implements System {
       effects,
     }))
   }
-  async restoreBackup(
-    effects: T.Effects,
-    timeoutMs: number | null,
-  ): Promise<void> {
-    return void (await this.abi.restoreBackup({
-      effects,
-    }))
-  }
   getActionInput(
     effects: Effects,
     id: string,
@@ -71,28 +64,31 @@ export class SystemForStartOs implements System {
     return action.run({ effects, input })
   }
 
-  async exit(): Promise<void> {}
-
   async start(effects: Effects): Promise<void> {
-    if (this.runningMain) return
-    effects.constRetry = utils.once(() => effects.restart())
-    let mainOnTerm: () => Promise<void> | undefined
-    const started = async (onTerm: () => Promise<void>) => {
-      await effects.setMainStatus({ status: "running" })
-      mainOnTerm = onTerm
-      return null
-    }
-    const daemons = await (
-      await this.abi.main({
-        effects,
-        started,
-      })
-    ).build()
-    this.runningMain = {
-      stop: async () => {
-        if (mainOnTerm) await mainOnTerm()
-        await daemons.term()
-      },
+    try {
+      if (this.runningMain || this.starting) return
+      this.starting = true
+      effects.constRetry = utils.once(() => effects.restart())
+      let mainOnTerm: () => Promise<void> | undefined
+      const started = async (onTerm: () => Promise<void>) => {
+        await effects.setMainStatus({ status: "running" })
+        mainOnTerm = onTerm
+        return null
+      }
+      const daemons = await (
+        await this.abi.main({
+          effects,
+          started,
+        })
+      ).build()
+      this.runningMain = {
+        stop: async () => {
+          if (mainOnTerm) await mainOnTerm()
+          await daemons.term()
+        },
+      }
+    } finally {
+      this.starting = false
     }
   }
 

container-runtime/src/Interfaces/System.ts

@@ -1,13 +1,13 @@
-import { types as T } from "@start9labs/start-sdk"
+import {
+  ExtendedVersion,
+  types as T,
+  VersionRange,
+} from "@start9labs/start-sdk"
 import { Effects } from "../Models/Effects"
 import { CallbackHolder } from "../Models/CallbackHolder"
-import { Optional } from "ts-matches/lib/parsers/interfaces"
 
 export type Procedure =
-  | "/packageInit"
-  | "/packageUninit"
   | "/backup/create"
-  | "/backup/restore"
   | `/actions/${string}/getInput`
   | `/actions/${string}/run`
 
@@ -15,20 +15,15 @@ export type ExecuteResult =
   | { ok: unknown }
   | { err: { code: number; message: string } }
 export type System = {
-  containerInit(effects: T.Effects): Promise<void>
+  init(
+    effects: T.Effects,
+    kind: "install" | "update" | "restore" | null,
+  ): Promise<void>
 
   start(effects: T.Effects): Promise<void>
   stop(): Promise<void>
 
-  packageInit(effects: Effects, timeoutMs: number | null): Promise<void>
-  packageUninit(
-    effects: Effects,
-    nextVersion: Optional<string>,
-    timeoutMs: number | null,
-  ): Promise<void>
-
   createBackup(effects: T.Effects, timeoutMs: number | null): Promise<void>
-  restoreBackup(effects: T.Effects, timeoutMs: number | null): Promise<void>
   runAction(
     effects: Effects,
     actionId: string,
@@ -41,7 +36,10 @@ export type System = {
     timeoutMs: number | null,
   ): Promise<T.ActionInput | null>
 
-  exit(): Promise<void>
+  exit(
+    effects: Effects,
+    target: ExtendedVersion | VersionRange | null,
+  ): Promise<void>
 }
 
 export type RunningMain = {

container-runtime/src/Models/CallbackHolder.ts

@@ -14,7 +14,8 @@ export class CallbackHolder {
   constructor(private effects?: T.Effects) {}
 
   private callbacks = new Map<number, Function>()
-  private children: WeakRef<CallbackHolder>[] = []
+  private onLeaveContextCallbacks: Function[] = []
+  private children: Map<string, CallbackHolder> = new Map()
   private newId() {
     return CallbackIdCell.inc++
   }
@@ -32,23 +33,30 @@ export class CallbackHolder {
       })
     return id
   }
-  child(): CallbackHolder {
-    const child = new CallbackHolder()
-    this.children.push(new WeakRef(child))
+  child(name: string): CallbackHolder {
+    this.removeChild(name)
+    const child = new CallbackHolder(this.effects)
+    this.children.set(name, child)
     return child
   }
-  removeChild(child: CallbackHolder) {
-    this.children = this.children.filter((c) => {
-      const ref = c.deref()
-      return ref && ref !== child
-    })
+
+  getChild(name: string): CallbackHolder | null {
+    return this.children.get(name) || null
+  }
+
+  removeChild(name: string) {
+    const child = this.children.get(name)
+    if (child) {
+      child.leaveContext()
+      this.children.delete(name)
+    }
   }
   private getCallback(index: number): Function | undefined {
     let callback = this.callbacks.get(index)
     if (callback) this.callbacks.delete(index)
     else {
-      for (let i = 0; i < this.children.length; i++) {
-        callback = this.children[i].deref()?.getCallback(index)
+      for (let [_, child] of this.children) {
+        callback = child.getCallback(index)
         if (callback) return callback
       }
     }
@@ -57,6 +65,25 @@ export class CallbackHolder {
   callCallback(index: number, args: any[]): Promise<unknown> {
     const callback = this.getCallback(index)
     if (!callback) return Promise.resolve()
-    return Promise.resolve().then(() => callback(...args))
+    return Promise.resolve()
+      .then(() => callback(...args))
+      .catch((e) => console.error("callback failed", e))
+  }
+  onLeaveContext(fn: Function) {
+    this.onLeaveContextCallbacks.push(fn)
+  }
+  leaveContext() {
+    for (let [_, child] of this.children) {
+      child.leaveContext()
+    }
+    this.children = new Map()
+    for (let fn of this.onLeaveContextCallbacks) {
+      try {
+        fn()
+      } catch (e) {
+        console.warn(e)
+      }
+    }
+    this.onLeaveContextCallbacks = []
   }
 }

container-runtime/src/Models/DockerProcedure.ts

@@ -17,31 +17,25 @@ const Path = string
 
 export type VolumeId = string
 export type Path = string
-export const matchDockerProcedure = object(
-  {
-    type: literal("docker"),
-    image: string,
-    system: boolean,
-    entrypoint: string,
-    args: array(string),
-    mounts: dictionary([VolumeId, Path]),
-    "io-format": literals(
-      "json",
-      "json-pretty",
-      "yaml",
-      "cbor",
-      "toml",
-      "toml-pretty",
-    ),
-    "sigterm-timeout": some(number, matchDuration),
-    inject: boolean,
-  },
-  ["io-format", "sigterm-timeout", "system", "args", "inject", "mounts"],
-  {
-    "sigterm-timeout": 30,
-    inject: false,
-    args: [],
-  },
-)
+export const matchDockerProcedure = object({
+  type: literal("docker"),
+  image: string,
+  system: boolean.optional(),
+  entrypoint: string,
+  args: array(string).defaultTo([]),
+  mounts: dictionary([VolumeId, Path]).optional(),
+  "io-format": literals(
+    "json",
+    "json-pretty",
+    "yaml",
+    "cbor",
+    "toml",
+    "toml-pretty",
+  )
+    .nullable()
+    .optional(),
+  "sigterm-timeout": some(number, matchDuration).onMismatch(30),
+  inject: boolean.defaultTo(false),
+})
 
 export type DockerProcedure = typeof matchDockerProcedure._TYPE

container-runtime/update-image.sh

@@ -4,8 +4,8 @@ cd "$(dirname "${BASH_SOURCE[0]}")"
 
 set -e
 
-if mountpoint tmp/combined; then sudo umount -R tmp/combined; fi
-if mountpoint tmp/lower; then sudo umount tmp/lower; fi
+if mountpoint -q tmp/combined; then sudo umount -R tmp/combined; fi
+if mountpoint -q tmp/lower; then sudo umount tmp/lower; fi
 sudo rm -rf tmp
 mkdir -p tmp/lower tmp/upper tmp/work tmp/combined
 if which squashfuse > /dev/null; then
@@ -13,7 +13,11 @@ if which squashfuse > /dev/null; then
 else
     sudo mount debian.${ARCH}.squashfs tmp/lower
 fi
-sudo mount -t overlay -olowerdir=tmp/lower,upperdir=tmp/upper,workdir=tmp/work overlay tmp/combined
+if which fuse-overlayfs > /dev/null; then
+    sudo fuse-overlayfs -olowerdir=tmp/lower,upperdir=tmp/upper,workdir=tmp/work overlay tmp/combined
+else
+    sudo mount -t overlay -olowerdir=tmp/lower,upperdir=tmp/upper,workdir=tmp/work overlay tmp/combined
+fi
 
 QEMU=
 if [ "$ARCH" != "$(uname -m)" ]; then
@@ -33,8 +37,12 @@ sudo rsync -a --copy-unsafe-links dist/ tmp/combined/usr/lib/startos/init/
 sudo chown -R 0:0 tmp/combined/usr/lib/startos/
 sudo cp container-runtime.service tmp/combined/lib/systemd/system/container-runtime.service
 sudo chown 0:0 tmp/combined/lib/systemd/system/container-runtime.service
-sudo cp ../core/target/$ARCH-unknown-linux-musl/release/containerbox tmp/combined/usr/bin/start-cli
-sudo chown 0:0 tmp/combined/usr/bin/start-cli
+sudo cp container-runtime-failure.service tmp/combined/lib/systemd/system/container-runtime-failure.service
+sudo chown 0:0 tmp/combined/lib/systemd/system/container-runtime-failure.service
+sudo cp ../core/target/$ARCH-unknown-linux-musl/release/containerbox tmp/combined/usr/bin/start-container
+echo -e '#!/bin/bash\nexec start-container $@' | sudo tee tmp/combined/usr/bin/start-cli # TODO: remove
+sudo chmod +x tmp/combined/usr/bin/start-cli
+sudo chown 0:0 tmp/combined/usr/bin/start-container
 echo container-runtime | sha256sum | head -c 32 | cat - <(echo) | sudo tee tmp/combined/etc/machine-id
 cat deb-install.sh | sudo systemd-nspawn --console=pipe -D tmp/combined $QEMU /bin/bash
 sudo truncate -s 0 tmp/combined/etc/machine-id

core/README.md

@@ -14,7 +14,7 @@
 ## Artifacts
 
 The StartOS backend is packed into a single binary `startbox` that is symlinked under
-several different names for different behaviour:
+several different names for different behavior:
 
 - `startd`: This is the main daemon of StartOS
 - `start-cli`: This is a CLI tool that will allow you to issue commands to

core/build-containerbox.sh

@@ -26,11 +26,11 @@ if [[ "${ENVIRONMENT}" =~ (^|-)unstable($|-) ]]; then
 	RUSTFLAGS="--cfg tokio_unstable"
 fi
 
-alias 'rust-musl-builder'='docker run $USE_TTY --rm -e "RUSTFLAGS=$RUSTFLAGS" -v "$HOME/.cargo/registry":/root/.cargo/registry -v "$HOME/.cargo/git":/root/.cargo/git -v "$(pwd)":/home/rust/src -w /home/rust/src -P messense/rust-musl-cross:$ARCH-musl'
+source ./core/builder-alias.sh
 
 echo "FEATURES=\"$FEATURES\""
 echo "RUSTFLAGS=\"$RUSTFLAGS\""
-rust-musl-builder sh -c "cd core && cargo build --release --no-default-features --features container-runtime,$FEATURES --locked --bin containerbox --target=$ARCH-unknown-linux-musl"
+rust-musl-builder sh -c "cd core && cargo build --release --no-default-features --features cli-container,$FEATURES --locked --bin containerbox --target=$ARCH-unknown-linux-musl"
 if [ "$(ls -nd core/target/$ARCH-unknown-linux-musl/release/containerbox | awk '{ print $3 }')" != "$UID" ]; then
 	rust-musl-builder sh -c "cd core && chown -R $UID:$UID target && chown -R $UID:$UID /root/.cargo"
 fi

core/build-registrybox.sh

@@ -26,11 +26,11 @@ if [[ "${ENVIRONMENT}" =~ (^|-)unstable($|-) ]]; then
 	RUSTFLAGS="--cfg tokio_unstable"
 fi
 
-alias 'rust-musl-builder'='docker run $USE_TTY --rm -e "RUSTFLAGS=$RUSTFLAGS" -v "$HOME/.cargo/registry":/root/.cargo/registry -v "$HOME/.cargo/git":/root/.cargo/git -v "$(pwd)":/home/rust/src -w /home/rust/src -P messense/rust-musl-cross:$ARCH-musl'
+source ./core/builder-alias.sh
 
 echo "FEATURES=\"$FEATURES\""
 echo "RUSTFLAGS=\"$RUSTFLAGS\""
-rust-musl-builder sh -c "cd core && cargo build --release --no-default-features --features cli,registry,$FEATURES --locked --bin registrybox --target=$ARCH-unknown-linux-musl"
+rust-musl-builder sh -c "cd core && cargo build --release --no-default-features --features cli-registry,registry,$FEATURES --locked --bin registrybox --target=$ARCH-unknown-linux-musl"
 if [ "$(ls -nd core/target/$ARCH-unknown-linux-musl/release/registrybox | awk '{ print $3 }')" != "$UID" ]; then
 	rust-musl-builder sh -c "cd core && chown -R $UID:$UID target && chown -R $UID:$UID /root/.cargo"
 fi

core/build-startbox.sh

@@ -1,5 +1,10 @@
 #!/bin/bash
 
+PROFILE=${PROFILE:-release}
+if [ "${PROFILE}" = "release" ]; then
+	BUILD_FLAGS="--release"
+fi
+
 cd "$(dirname "${BASH_SOURCE[0]}")"
 
 set -ea
@@ -26,11 +31,11 @@ if [[ "${ENVIRONMENT}" =~ (^|-)unstable($|-) ]]; then
 	RUSTFLAGS="--cfg tokio_unstable"
 fi
 
-alias 'rust-musl-builder'='docker run $USE_TTY --rm -e "RUSTFLAGS=$RUSTFLAGS" -v "$HOME/.cargo/registry":/root/.cargo/registry -v "$HOME/.cargo/git":/root/.cargo/git -v "$(pwd)":/home/rust/src -w /home/rust/src -P messense/rust-musl-cross:$ARCH-musl'
+source ./core/builder-alias.sh
 
 echo "FEATURES=\"$FEATURES\""
 echo "RUSTFLAGS=\"$RUSTFLAGS\""
-rust-musl-builder sh -c "cd core && cargo build --release --no-default-features --features cli,daemon,$FEATURES --locked --bin startbox --target=$ARCH-unknown-linux-musl"
-if [ "$(ls -nd core/target/$ARCH-unknown-linux-musl/release/startbox | awk '{ print $3 }')" != "$UID" ]; then
+rust-musl-builder sh -c "cd core && cargo build $BUILD_FLAGS --no-default-features --features cli,startd,$FEATURES --locked --bin startbox --target=$ARCH-unknown-linux-musl"
+if [ "$(ls -nd core/target/$ARCH-unknown-linux-musl/${PROFILE}/startbox | awk '{ print $3 }')" != "$UID" ]; then
 	rust-musl-builder sh -c "cd core && chown -R $UID:$UID target && chown -R $UID:$UID /root/.cargo"
 fi

core/build-ts.sh

@@ -26,7 +26,7 @@ if [[ "${ENVIRONMENT}" =~ (^|-)unstable($|-) ]]; then
 	RUSTFLAGS="--cfg tokio_unstable"
 fi
 
-alias 'rust-musl-builder'='docker run $USE_TTY --rm -e "RUSTFLAGS=$RUSTFLAGS" -v "$HOME/.cargo/registry":/root/.cargo/registry -v "$HOME/.cargo/git":/root/.cargo/git -v "$(pwd)":/home/rust/src -w /home/rust/src -P messense/rust-musl-cross:$ARCH-musl'
+source ./core/builder-alias.sh
 
 echo "FEATURES=\"$FEATURES\""
 echo "RUSTFLAGS=\"$RUSTFLAGS\""

core/build-tunnelbox.sh

@@ -0,0 +1,36 @@
+#!/bin/bash
+
+cd "$(dirname "${BASH_SOURCE[0]}")"
+
+set -ea
+shopt -s expand_aliases
+
+if [ -z "$ARCH" ]; then
+	ARCH=$(uname -m)
+fi
+
+if [ "$ARCH" = "arm64" ]; then
+  ARCH="aarch64"
+fi
+
+USE_TTY=
+if tty -s; then
+	USE_TTY="-it"
+fi
+
+cd ..
+FEATURES="$(echo $ENVIRONMENT | sed 's/-/,/g')"
+RUSTFLAGS=""
+
+if [[ "${ENVIRONMENT}" =~ (^|-)unstable($|-) ]]; then
+	RUSTFLAGS="--cfg tokio_unstable"
+fi
+
+source ./core/builder-alias.sh
+
+echo "FEATURES=\"$FEATURES\""
+echo "RUSTFLAGS=\"$RUSTFLAGS\""
+rust-musl-builder sh -c "cd core && cargo build --release --no-default-features --features cli-tunnel,tunnel,$FEATURES --locked --bin tunnelbox --target=$ARCH-unknown-linux-musl"
+if [ "$(ls -nd core/target/$ARCH-unknown-linux-musl/release/tunnelbox | awk '{ print $3 }')" != "$UID" ]; then
+	rust-musl-builder sh -c "cd core && chown -R $UID:$UID target && chown -R $UID:$UID /root/.cargo"
+fi

core/builder-alias.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+alias 'rust-musl-builder'='docker run $USE_TTY --rm -e "RUSTFLAGS=$RUSTFLAGS" -e SCCACHE_GHA_ENABLED -e SCCACHE_GHA_VERSION -e ACTIONS_RESULTS_URL -e ACTIONS_RUNTIME_TOKEN -v "$HOME/.cargo/registry":/root/.cargo/registry -v "$HOME/.cargo/git":/root/.cargo/git -v "$HOME/.cache/sccache":/root/.cache/sccache -v "$(pwd)":/home/rust/src -w /home/rust/src -P start9/rust-musl-cross:$ARCH-musl'

core/helpers/src/os_api.rs

@@ -0,0 +1,82 @@
+use std::sync::Arc;
+
+use color_eyre::Report;
+use models::InterfaceId;
+use models::PackageId;
+use serde_json::Value;
+use tokio::sync::mpsc;
+
+pub struct RuntimeDropped;
+
+pub struct Callback {
+    id: Arc<String>,
+    sender: mpsc::UnboundedSender<(Arc<String>, Vec<Value>)>,
+}
+impl Callback {
+    pub fn new(id: String, sender: mpsc::UnboundedSender<(Arc<String>, Vec<Value>)>) -> Self {
+        Self {
+            id: Arc::new(id),
+            sender,
+        }
+    }
+    pub fn is_listening(&self) -> bool {
+        self.sender.is_closed()
+    }
+    pub fn call(&self, args: Vec<Value>) -> Result<(), RuntimeDropped> {
+        self.sender
+            .send((self.id.clone(), args))
+            .map_err(|_| RuntimeDropped)
+    }
+}
+
+#[derive(serde::Deserialize, serde::Serialize, Debug, Clone)]
+#[serde(rename_all = "camelCase")]
+pub struct AddressSchemaOnion {
+    pub id: InterfaceId,
+    pub external_port: u16,
+}
+#[derive(serde::Deserialize, serde::Serialize, Debug, Clone)]
+#[serde(rename_all = "camelCase")]
+pub struct AddressSchemaLocal {
+    pub id: InterfaceId,
+    pub external_port: u16,
+}
+
+#[derive(serde::Deserialize, serde::Serialize, Debug, Clone)]
+#[serde(rename_all = "camelCase")]
+pub struct Address(pub String);
+#[derive(serde::Deserialize, serde::Serialize, Debug, Clone)]
+#[serde(rename_all = "camelCase")]
+pub struct Domain;
+#[derive(serde::Deserialize, serde::Serialize, Debug, Clone)]
+#[serde(rename_all = "camelCase")]
+pub struct Name;
+
+#[async_trait::async_trait]
+#[allow(unused_variables)]
+pub trait OsApi: Send + Sync + 'static {
+    async fn get_service_config(
+        &self,
+        id: PackageId,
+        path: &str,
+        callback: Option<Callback>,
+    ) -> Result<Vec<Value>, Report>;
+
+    async fn bind_local(
+        &self,
+        internal_port: u16,
+        address_schema: AddressSchemaLocal,
+    ) -> Result<Address, Report>;
+    async fn bind_onion(
+        &self,
+        internal_port: u16,
+        address_schema: AddressSchemaOnion,
+    ) -> Result<Address, Report>;
+
+    async fn unbind_local(&self, id: InterfaceId, external: u16) -> Result<(), Report>;
+    async fn unbind_onion(&self, id: InterfaceId, external: u16) -> Result<(), Report>;
+    fn set_started(&self) -> Result<(), Report>;
+    async fn restart(&self) -> Result<(), Report>;
+    async fn start(&self) -> Result<(), Report>;
+    async fn stop(&self) -> Result<(), Report>;
+}

core/install-cli.sh

@@ -16,4 +16,4 @@ if [ "$PLATFORM" = "arm64" ]; then
   PLATFORM="aarch64"
 fi
 
-cargo install --path=./startos --no-default-features --features=cli,docker,registry --bin start-cli --locked
+cargo install --path=./startos --no-default-features --features=cli,docker --bin start-cli --locked

core/models/Cargo.toml

@@ -6,12 +6,15 @@ edition = "2021"
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-axum = "0.7.5"
-base64 = "0.21.4"
+arti-client = { version = "0.33", default-features = false, git = "https://github.com/Start9Labs/arti.git", branch = "patch/disable-exit" }
+axum = "0.8.4"
+base64 = "0.22.1"
 color-eyre = "0.6.2"
 ed25519-dalek = { version = "2.0.0", features = ["serde"] }
+gpt = "4.1.0"
 lazy_static = "1.4"
-mbrman = "0.5.2"
+lettre = { version = "0.11", default-features = false }
+mbrman = "0.6.0"
 exver = { version = "0.2.0", git = "https://github.com/Start9Labs/exver-rs.git", features = [
   "serde",
 ] }
@@ -21,23 +24,17 @@ openssl = { version = "0.10.57", features = ["vendored"] }
 patch-db = { version = "*", path = "../../patch-db/patch-db", features = [
   "trace",
 ] }
-rand = "0.8.5"
+rand = "0.9.1"
 regex = "1.10.2"
 reqwest = "0.12"
 rpc-toolkit = { git = "https://github.com/Start9Labs/rpc-toolkit.git", branch = "master" }
 rustls = "0.23"
 serde = { version = "1.0", features = ["derive", "rc"] }
 serde_json = "1.0"
-sqlx = { version = "0.7.2", features = [
-  "chrono",
-  "runtime-tokio-rustls",
-  "postgres",
-] }
 ssh-key = "0.6.2"
-ts-rs = { git = "https://github.com/dr-bonez/ts-rs.git", branch = "feature/top-level-as" } # "8"
-thiserror = "1.0"
+ts-rs = "9"
+thiserror = "2.0"
 tokio = { version = "1", features = ["full"] }
-torut = { git = "https://github.com/Start9Labs/torut.git", branch = "update/dependencies" }
 tracing = "0.1.39"
-yasi = "0.1.5"
+yasi = { version = "0.1.6", features = ["serde", "ts-rs"] }
 zbus = "5"

core/models/bindings/ServiceInterfaceId.ts

@@ -1,3 +1,3 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 
-export type ServiceInterfaceId = string;
+export type ServiceInterfaceId = string;

core/models/src/errors.rs

@@ -10,6 +10,7 @@ use rpc_toolkit::yajrc::{
     RpcError, INVALID_PARAMS_ERROR, INVALID_REQUEST_ERROR, METHOD_NOT_FOUND_ERROR, PARSE_ERROR,
 };
 use serde::{Deserialize, Serialize};
+use tokio::task::JoinHandle;
 
 use crate::InvalidId;
 
@@ -91,6 +92,9 @@ pub enum ErrorKind {
     Cancelled = 73,
     Git = 74,
     DBus = 75,
+    InstallFailed = 76,
+    UpdateFailed = 77,
+    Smtp = 78,
 }
 impl ErrorKind {
     pub fn as_str(&self) -> &'static str {
@@ -171,6 +175,9 @@ impl ErrorKind {
             Cancelled => "Cancelled",
             Git => "Git Error",
             DBus => "DBus Error",
+            InstallFailed => "Install Failed",
+            UpdateFailed => "Update Failed",
+            Smtp => "SMTP Error",
         }
     }
 }
@@ -185,6 +192,7 @@ pub struct Error {
     pub source: color_eyre::eyre::Error,
     pub kind: ErrorKind,
     pub revision: Option<Revision>,
+    pub task: Option<JoinHandle<()>>,
 }
 
 impl Display for Error {
@@ -198,6 +206,7 @@ impl Error {
             source: source.into(),
             kind,
             revision: None,
+            task: None,
         }
     }
     pub fn clone_output(&self) -> Self {
@@ -209,8 +218,20 @@ impl Error {
             .into(),
             kind: self.kind,
             revision: self.revision.clone(),
+            task: None,
         }
     }
+    pub fn with_task(mut self, task: JoinHandle<()>) -> Self {
+        self.task = Some(task);
+        self
+    }
+    pub async fn wait(mut self) -> Self {
+        if let Some(task) = &mut self.task {
+            task.await.log_err();
+        }
+        self.task.take();
+        self
+    }
 }
 impl axum::response::IntoResponse for Error {
     fn into_response(self) -> axum::response::Response {
@@ -269,11 +290,6 @@ impl From<patch_db::Error> for Error {
         Error::new(e, ErrorKind::Database)
     }
 }
-impl From<sqlx::Error> for Error {
-    fn from(e: sqlx::Error) -> Self {
-        Error::new(e, ErrorKind::Database)
-    }
-}
 impl From<ed25519_dalek::SignatureError> for Error {
     fn from(e: ed25519_dalek::SignatureError) -> Self {
         Error::new(e, ErrorKind::InvalidSignature)
@@ -284,11 +300,6 @@ impl From<std::net::AddrParseError> for Error {
         Error::new(e, ErrorKind::ParseNetAddress)
     }
 }
-impl From<torut::control::ConnError> for Error {
-    fn from(e: torut::control::ConnError) -> Self {
-        Error::new(e, ErrorKind::Tor)
-    }
-}
 impl From<ipnet::AddrParseError> for Error {
     fn from(e: ipnet::AddrParseError) -> Self {
         Error::new(e, ErrorKind::ParseNetAddress)
@@ -304,6 +315,16 @@ impl From<mbrman::Error> for Error {
         Error::new(e, ErrorKind::DiskManagement)
     }
 }
+impl From<gpt::GptError> for Error {
+    fn from(e: gpt::GptError) -> Self {
+        Error::new(e, ErrorKind::DiskManagement)
+    }
+}
+impl From<gpt::mbr::MBRError> for Error {
+    fn from(e: gpt::mbr::MBRError) -> Self {
+        Error::new(e, ErrorKind::DiskManagement)
+    }
+}
 impl From<InvalidUri> for Error {
     fn from(e: InvalidUri) -> Self {
         Error::new(eyre!("{}", e), ErrorKind::ParseUrl)
@@ -324,8 +345,8 @@ impl From<reqwest::Error> for Error {
         Error::new(e, kind)
     }
 }
-impl From<torut::onion::OnionAddressParseError> for Error {
-    fn from(e: torut::onion::OnionAddressParseError) -> Self {
+impl From<arti_client::Error> for Error {
+    fn from(e: arti_client::Error) -> Self {
         Error::new(e, ErrorKind::Tor)
     }
 }
@@ -351,6 +372,21 @@ impl From<patch_db::value::Error> for Error {
         }
     }
 }
+impl From<lettre::error::Error> for Error {
+    fn from(e: lettre::error::Error) -> Self {
+        Error::new(e, ErrorKind::Smtp)
+    }
+}
+impl From<lettre::transport::smtp::Error> for Error {
+    fn from(e: lettre::transport::smtp::Error) -> Self {
+        Error::new(e, ErrorKind::Smtp)
+    }
+}
+impl From<lettre::address::AddressError> for Error {
+    fn from(e: lettre::address::AddressError) -> Self {
+        Error::new(e, ErrorKind::Smtp)
+    }
+}
 
 #[derive(Clone, Deserialize, Serialize)]
 pub struct ErrorData {
@@ -526,6 +562,7 @@ where
             source: e.into(),
             kind,
             revision: None,
+            task: None,
         })
     }
 
@@ -539,6 +576,7 @@ where
                 kind,
                 source,
                 revision: None,
+                task: None,
             }
         })
     }
@@ -561,6 +599,7 @@ impl<T> ResultExt<T, Error> for Result<T, Error> {
             source: e.source,
             kind,
             revision: e.revision,
+            task: e.task,
         })
     }
 
@@ -574,6 +613,7 @@ impl<T> ResultExt<T, Error> for Result<T, Error> {
                 kind,
                 source,
                 revision: e.revision,
+                task: e.task,
             }
         })
     }

core/models/src/id/gateway.rs

@@ -0,0 +1,58 @@
+use std::convert::Infallible;
+use std::path::Path;
+use std::str::FromStr;
+
+use serde::{Deserialize, Serialize};
+use ts_rs::TS;
+use yasi::InternedString;
+
+#[derive(Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Hash, Serialize, TS)]
+#[ts(type = "string")]
+pub struct GatewayId(InternedString);
+impl GatewayId {
+    pub fn as_str(&self) -> &str {
+        &*self.0
+    }
+}
+impl<T> From<T> for GatewayId
+where
+    T: Into<InternedString>,
+{
+    fn from(value: T) -> Self {
+        Self(value.into())
+    }
+}
+impl FromStr for GatewayId {
+    type Err = Infallible;
+    fn from_str(s: &str) -> Result<Self, Self::Err> {
+        Ok(GatewayId(InternedString::intern(s)))
+    }
+}
+impl AsRef<GatewayId> for GatewayId {
+    fn as_ref(&self) -> &GatewayId {
+        self
+    }
+}
+impl std::fmt::Display for GatewayId {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        write!(f, "{}", &self.0)
+    }
+}
+impl AsRef<str> for GatewayId {
+    fn as_ref(&self) -> &str {
+        self.0.as_ref()
+    }
+}
+impl AsRef<Path> for GatewayId {
+    fn as_ref(&self) -> &Path {
+        self.0.as_ref()
+    }
+}
+impl<'de> Deserialize<'de> for GatewayId {
+    fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
+    where
+        D: serde::de::Deserializer<'de>,
+    {
+        Ok(GatewayId(serde::Deserialize::deserialize(deserializer)?))
+    }
+}

core/models/src/id/host.rs

@@ -60,20 +60,3 @@ impl AsRef<Path> for HostId {
         self.0.as_ref().as_ref()
     }
 }
-impl<'q> sqlx::Encode<'q, sqlx::Postgres> for HostId {
-    fn encode_by_ref(
-        &self,
-        buf: &mut <sqlx::Postgres as sqlx::database::HasArguments<'q>>::ArgumentBuffer,
-    ) -> sqlx::encode::IsNull {
-        <&str as sqlx::Encode<'q, sqlx::Postgres>>::encode_by_ref(&&**self, buf)
-    }
-}
-impl sqlx::Type<sqlx::Postgres> for HostId {
-    fn type_info() -> sqlx::postgres::PgTypeInfo {
-        <&str as sqlx::Type<sqlx::Postgres>>::type_info()
-    }
-
-    fn compatible(ty: &sqlx::postgres::PgTypeInfo) -> bool {
-        <&str as sqlx::Type<sqlx::Postgres>>::compatible(ty)
-    }
-}

core/models/src/id/mod.rs

@@ -6,6 +6,7 @@ use serde::{Deserialize, Deserializer, Serialize, Serializer};
 use yasi::InternedString;
 
 mod action;
+mod gateway;
 mod health_check;
 mod host;
 mod image;
@@ -16,6 +17,7 @@ mod service_interface;
 mod volume;
 
 pub use action::ActionId;
+pub use gateway::GatewayId;
 pub use health_check::HealthCheckId;
 pub use host::HostId;
 pub use image::ImageId;
@@ -116,20 +118,3 @@ impl Serialize for Id {
         serializer.serialize_str(self)
     }
 }
-impl<'q> sqlx::Encode<'q, sqlx::Postgres> for Id {
-    fn encode_by_ref(
-        &self,
-        buf: &mut <sqlx::Postgres as sqlx::database::HasArguments<'q>>::ArgumentBuffer,
-    ) -> sqlx::encode::IsNull {
-        <&str as sqlx::Encode<'q, sqlx::Postgres>>::encode_by_ref(&&**self, buf)
-    }
-}
-impl sqlx::Type<sqlx::Postgres> for Id {
-    fn type_info() -> sqlx::postgres::PgTypeInfo {
-        <&str as sqlx::Type<sqlx::Postgres>>::type_info()
-    }
-
-    fn compatible(ty: &sqlx::postgres::PgTypeInfo) -> bool {
-        <&str as sqlx::Type<sqlx::Postgres>>::compatible(ty)
-    }
-}

core/models/src/id/package.rs

@@ -87,20 +87,3 @@ impl Serialize for PackageId {
         Serialize::serialize(&self.0, serializer)
     }
 }
-impl<'q> sqlx::Encode<'q, sqlx::Postgres> for PackageId {
-    fn encode_by_ref(
-        &self,
-        buf: &mut <sqlx::Postgres as sqlx::database::HasArguments<'q>>::ArgumentBuffer,
-    ) -> sqlx::encode::IsNull {
-        <&str as sqlx::Encode<'q, sqlx::Postgres>>::encode_by_ref(&&**self, buf)
-    }
-}
-impl sqlx::Type<sqlx::Postgres> for PackageId {
-    fn type_info() -> sqlx::postgres::PgTypeInfo {
-        <&str as sqlx::Type<sqlx::Postgres>>::type_info()
-    }
-
-    fn compatible(ty: &sqlx::postgres::PgTypeInfo) -> bool {
-        <&str as sqlx::Type<sqlx::Postgres>>::compatible(ty)
-    }
-}

core/models/src/id/replay.rs

@@ -9,6 +9,14 @@ use yasi::InternedString;
 #[derive(Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Hash, Serialize, TS)]
 #[ts(type = "string")]
 pub struct ReplayId(InternedString);
+impl<T> From<T> for ReplayId
+where
+    T: Into<InternedString>,
+{
+    fn from(value: T) -> Self {
+        Self(value.into())
+    }
+}
 impl FromStr for ReplayId {
     type Err = Infallible;
     fn from_str(s: &str) -> Result<Self, Self::Err> {

core/models/src/id/service_interface.rs

@@ -44,23 +44,6 @@ impl AsRef<Path> for ServiceInterfaceId {
         self.0.as_ref().as_ref()
     }
 }
-impl<'q> sqlx::Encode<'q, sqlx::Postgres> for ServiceInterfaceId {
-    fn encode_by_ref(
-        &self,
-        buf: &mut <sqlx::Postgres as sqlx::database::HasArguments<'q>>::ArgumentBuffer,
-    ) -> sqlx::encode::IsNull {
-        <&str as sqlx::Encode<'q, sqlx::Postgres>>::encode_by_ref(&&**self, buf)
-    }
-}
-impl sqlx::Type<sqlx::Postgres> for ServiceInterfaceId {
-    fn type_info() -> sqlx::postgres::PgTypeInfo {
-        <&str as sqlx::Type<sqlx::Postgres>>::type_info()
-    }
-
-    fn compatible(ty: &sqlx::postgres::PgTypeInfo) -> bool {
-        <&str as sqlx::Type<sqlx::Postgres>>::compatible(ty)
-    }
-}
 impl FromStr for ServiceInterfaceId {
     type Err = <Id as FromStr>::Err;
     fn from_str(s: &str) -> Result<Self, Self::Err> {

core/models/src/id/volume.rs

@@ -1,10 +1,11 @@
 use std::borrow::Borrow;
 use std::path::Path;
+use std::str::FromStr;
 
 use serde::{Deserialize, Deserializer, Serialize};
 use ts_rs::TS;
 
-use crate::Id;
+use crate::{Id, InvalidId};
 
 #[derive(Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Hash, TS)]
 #[ts(type = "string")]
@@ -12,6 +13,15 @@ pub enum VolumeId {
     Backup,
     Custom(Id),
 }
+impl FromStr for VolumeId {
+    type Err = InvalidId;
+    fn from_str(s: &str) -> Result<Self, Self::Err> {
+        Ok(match s {
+            "BACKUP" => VolumeId::Backup,
+            s => VolumeId::Custom(Id::try_from(s.to_owned())?),
+        })
+    }
+}
 impl std::fmt::Display for VolumeId {
     fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
         match self {

core/models/src/js_engine_types.rs

@@ -1,164 +0,0 @@
-use std::future::Future;
-use std::pin::Pin;
-use std::sync::Arc;
-use std::time::Duration;
-
-use color_eyre::eyre::bail;
-use container_init::{Input, Output, ProcessId, RpcId};
-use tokio::sync::mpsc::{UnboundedReceiver, UnboundedSender};
-use tokio::sync::Mutex;
-
-/// Used by the js-executor, it is the ability to just create a command in an already running exec
-pub type ExecCommand = Arc<
-    dyn Fn(
-            String,
-            Vec<String>,
-            UnboundedSender<container_init::Output>,
-            Option<Duration>,
-        ) -> Pin<Box<dyn Future<Output = Result<RpcId, String>> + 'static>>
-        + Send
-        + Sync
-        + 'static,
->;
-
-/// Used by the js-executor, it is the ability to just create a command in an already running exec
-pub type SendKillSignal = Arc<
-    dyn Fn(RpcId, u32) -> Pin<Box<dyn Future<Output = Result<(), String>> + 'static>>
-        + Send
-        + Sync
-        + 'static,
->;
-
-pub trait CommandInserter {
-    fn insert_command(
-        &self,
-        command: String,
-        args: Vec<String>,
-        sender: UnboundedSender<container_init::Output>,
-        timeout: Option<Duration>,
-    ) -> Pin<Box<dyn Future<Output = Option<RpcId>>>>;
-
-    fn send_signal(&self, id: RpcId, command: u32) -> Pin<Box<dyn Future<Output = ()>>>;
-}
-
-pub type ArcCommandInserter = Arc<Mutex<Option<Box<dyn CommandInserter>>>>;
-
-pub struct ExecutingCommand {
-    rpc_id: RpcId,
-    /// Will exist until killed
-    command_inserter: Arc<Mutex<Option<ArcCommandInserter>>>,
-    owned_futures: Arc<Mutex<Vec<Pin<Box<dyn Future<Output = ()>>>>>>,
-}
-
-impl ExecutingCommand {
-    pub async fn new(
-        command_inserter: ArcCommandInserter,
-        command: String,
-        args: Vec<String>,
-        timeout: Option<Duration>,
-    ) -> Result<ExecutingCommand, color_eyre::Report> {
-        let (sender, receiver) = tokio::sync::mpsc::unbounded_channel::<Output>();
-        let rpc_id = {
-            let locked_command_inserter = command_inserter.lock().await;
-            let locked_command_inserter = match &*locked_command_inserter {
-                Some(a) => a,
-                None => bail!("Expecting containers.main in the package manifest".to_string()),
-            };
-            match locked_command_inserter
-                .insert_command(command, args, sender, timeout)
-                .await
-            {
-                Some(a) => a,
-                None => bail!("Couldn't get command started ".to_string()),
-            }
-        };
-        let executing_commands = ExecutingCommand {
-            rpc_id,
-            command_inserter: Arc::new(Mutex::new(Some(command_inserter.clone()))),
-            owned_futures: Default::default(),
-        };
-        // let waiting = self.wait()
-        Ok(executing_commands)
-    }
-
-    async fn wait(
-        rpc_id: RpcId,
-        mut outputs: UnboundedReceiver<Output>,
-    ) -> Result<String, (Option<i32>, String)> {
-        let (process_id_send, process_id_recv) = tokio::sync::oneshot::channel::<ProcessId>();
-        let mut answer = String::new();
-        let mut command_error = String::new();
-        let mut status: Option<i32> = None;
-        let mut process_id_send = Some(process_id_send);
-        while let Some(output) = outputs.recv().await {
-            match output {
-                Output::ProcessId(process_id) => {
-                    if let Some(process_id_send) = process_id_send.take() {
-                        if let Err(err) = process_id_send.send(process_id) {
-                            tracing::error!(
-                                "Could not get a process id {process_id:?} sent for {rpc_id:?}"
-                            );
-                            tracing::debug!("{err:?}");
-                        }
-                    }
-                }
-                Output::Line(value) => {
-                    answer.push_str(&value);
-                    answer.push('\n');
-                }
-                Output::Error(error) => {
-                    command_error.push_str(&error);
-                    command_error.push('\n');
-                }
-                Output::Done(error_code) => {
-                    status = error_code;
-                    break;
-                }
-            }
-        }
-        if !command_error.is_empty() {
-            return Err((status, command_error));
-        }
-
-        Ok(answer)
-    }
-
-    async fn send_signal(&self, signal: u32) {
-        let locked = self.command_inserter.lock().await;
-        let inner = match &*locked {
-            Some(a) => a,
-            None => return,
-        };
-        let locked = inner.lock().await;
-        let command_inserter = match &*locked {
-            Some(a) => a,
-            None => return,
-        };
-        command_inserter.send_signal(self.rpc_id, signal);
-    }
-    /// Should only be called when output::done
-    async fn killed(&self) {
-        *self.owned_futures.lock().await = Default::default();
-        *self.command_inserter.lock().await = Default::default();
-    }
-    pub fn rpc_id(&self) -> RpcId {
-        self.rpc_id
-    }
-}
-
-impl Drop for ExecutingCommand {
-    fn drop(&mut self) {
-        let command_inserter = self.command_inserter.clone();
-        let rpc_id = self.rpc_id.clone();
-        tokio::spawn(async move {
-            let command_inserter_lock = command_inserter.lock().await;
-            let command_inserter = match &*command_inserter_lock {
-                Some(a) => a,
-                None => {
-                    return;
-                }
-            };
-            command_inserter.send_kill_command(rpc_id, 9).await;
-        });
-    }
-}

core/models/src/procedure_name.rs

@@ -4,25 +4,15 @@ use crate::ActionId;
 
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub enum ProcedureName {
-    GetConfig,
-    SetConfig,
     CreateBackup,
-    RestoreBackup,
     GetActionInput(ActionId),
     RunAction(ActionId),
-    PackageInit,
-    PackageUninit,
 }
 
 impl ProcedureName {
     pub fn js_function_name(&self) -> String {
         match self {
-            ProcedureName::PackageInit => "/packageInit".to_string(),
-            ProcedureName::PackageUninit => "/packageUninit".to_string(),
-            ProcedureName::SetConfig => "/config/set".to_string(),
-            ProcedureName::GetConfig => "/config/get".to_string(),
             ProcedureName::CreateBackup => "/backup/create".to_string(),
-            ProcedureName::RestoreBackup => "/backup/restore".to_string(),
             ProcedureName::RunAction(id) => format!("/actions/{}/run", id),
             ProcedureName::GetActionInput(id) => format!("/actions/{}/getInput", id),
         }

core/startos/Cargo.toml

@@ -2,7 +2,7 @@
 authors = ["Aiden McClelland <me@drbonez.dev>"]
 description = "The core of StartOS"
 documentation = "https://docs.rs/start-os"
-edition = "2021"
+edition = "2024"
 keywords = [
   "self-hosted",
   "raspberry-pi",
@@ -14,7 +14,7 @@ keywords = [
 name = "start-os"
 readme = "README.md"
 repository = "https://github.com/Start9Labs/start-os"
-version = "0.3.6-alpha.18" # VERSION_BUMP
+version = "0.4.0-alpha.10" # VERSION_BUMP
 license = "MIT"
 
 [lib]
@@ -37,18 +37,36 @@ path = "src/main.rs"
 name = "registrybox"
 path = "src/main.rs"
 
+[[bin]]
+name = "tunnelbox"
+path = "src/main.rs"
+
 [features]
-cli = []
-container-runtime = ["procfs", "tty-spawn"]
-daemon = ["mail-send"]
-registry = []
-default = ["cli", "daemon", "registry", "container-runtime"]
+cli = ["cli-startd", "cli-registry", "cli-tunnel"]
+cli-container = ["procfs", "pty-process"]
+cli-registry = []
+cli-startd = []
+cli-tunnel = []
+default = ["cli", "startd", "registry", "cli-container", "tunnel"]
 dev = []
-unstable = ["console-subscriber", "tokio/tracing"]
 docker = []
+registry = []
+startd = []
 test = []
+tunnel = []
+unstable = ["console-subscriber", "tokio/tracing"]
 
 [dependencies]
+arti-client = { version = "0.33", features = [
+  "compression",
+  "experimental-api",
+  "rustls",
+  "static",
+  "tokio",
+  "ephemeral-keystore",
+  "onion-service-client",
+  "onion-service-service",
+], default-features = false, git = "https://github.com/Start9Labs/arti.git", branch = "patch/disable-exit" }
 aes = { version = "0.7.5", features = ["ctr"] }
 async-acme = { version = "0.6.0", git = "https://github.com/dr-bonez/async-acme.git", features = [
   "use_rustls",
@@ -61,28 +79,30 @@ async-compression = { version = "0.4.4", features = [
 ] }
 async-stream = "0.3.5"
 async-trait = "0.1.74"
-axum = { version = "0.7.3", features = ["ws"] }
+axum = { version = "0.8.4", features = ["ws"] }
 barrage = "0.2.3"
-backhand = "0.18.0"
+backhand = "0.23.0"
 base32 = "0.5.0"
 base64 = "0.22.1"
 base64ct = "1.6.0"
 basic-cookies = "0.1.4"
+bech32 = "0.11.0"
 blake3 = { version = "1.5.0", features = ["mmap", "rayon"] }
 bytes = "1"
 chrono = { version = "0.4.31", features = ["serde"] }
 clap = { version = "4.4.12", features = ["string"] }
 color-eyre = "0.6.2"
-console = "0.15.7"
-console-subscriber = { version = "0.3.0", optional = true }
+console = "0.16.0"
+console-subscriber = { version = "0.4.1", optional = true }
 const_format = "0.2.34"
 cookie = "0.18.0"
-cookie_store = "0.21.0"
+cookie_store = "0.22.0"
 der = { version = "0.7.9", features = ["derive", "pem"] }
 digest = "0.10.7"
 divrem = "1.0.0"
+dns-lookup = "3.0.0"
 ed25519 = { version = "2.2.3", features = ["pkcs8", "pem", "alloc"] }
-ed25519-dalek = { version = "2.1.1", features = [
+ed25519-dalek = { version = "2.2.0", features = [
   "serde",
   "zeroize",
   "rand_core",
@@ -96,9 +116,11 @@ exver = { version = "0.2.0", git = "https://github.com/Start9Labs/exver-rs.git",
 fd-lock-rs = "0.1.4"
 form_urlencoded = "1.2.1"
 futures = "0.3.28"
-gpt = "3.1.0"
+gpt = "4.1.0"
 helpers = { path = "../helpers" }
 hex = "0.4.3"
+hickory-client = "0.25.2"
+hickory-server = "0.25.2"
 hmac = "0.12.1"
 http = "1.0.0"
 http-body-util = "0.1"
@@ -116,30 +138,40 @@ id-pool = { version = "0.2.2", default-features = false, features = [
   "serde",
   "u16",
 ] }
-imbl = "2.0.3"
-imbl-value = "0.1.2"
+imbl = { version = "6", features = ["serde", "small-chunks"] }
+imbl-value = { version = "0.4.3", features = ["ts-rs"] }
 include_dir = { version = "0.7.3", features = ["metadata"] }
 indexmap = { version = "2.0.2", features = ["serde"] }
-indicatif = { version = "0.17.7", features = ["tokio"] }
+indicatif = { version = "0.18.0", features = ["tokio"] }
+inotify = "0.11.0"
 integer-encoding = { version = "4.0.0", features = ["tokio_async"] }
 ipnet = { version = "2.8.0", features = ["serde"] }
-iprange = { version = "0.6.7", features = ["serde"] }
+iroh = { version = "0.91.2", features = ["discovery-pkarr-dht"] }
 isocountry = "0.3.2"
-itertools = "0.13.0"
+itertools = "0.14.0"
 jaq-core = "0.10.1"
 jaq-std = "0.10.0"
-josekit = "0.8.4"
+josekit = "0.10.3"
 jsonpath_lib = { git = "https://github.com/Start9Labs/jsonpath.git" }
 lazy_async_pool = "0.3.3"
 lazy_format = "2.0"
-lazy_static = "1.4.0"
+lazy_static = "1.5.0"
+lettre = { version = "0.11.18", default-features = false, features = [
+  "smtp-transport",
+  "pool",
+  "hostname",
+  "builder",
+  "tokio1-rustls",
+  "rustls-platform-verifier",
+  "aws-lc-rs",
+] }
 libc = "0.2.149"
 log = "0.4.20"
 mio = "1"
-mbrman = "0.5.2"
+mbrman = "0.6.0"
 models = { version = "*", path = "../models" }
 new_mime_guess = "4"
-nix = { version = "0.29.0", features = [
+nix = { version = "0.30.1", features = [
   "fs",
   "mount",
   "net",
@@ -148,7 +180,7 @@ nix = { version = "0.29.0", features = [
   "signal",
   "user",
 ] }
-nom = "7.1.3"
+nom = "8.0.0"
 num = "0.4.1"
 num_enum = "0.7.0"
 num_cpus = "1.16.0"
@@ -163,68 +195,81 @@ pbkdf2 = "0.12.2"
 pin-project = "1.1.3"
 pkcs8 = { version = "0.10.2", features = ["std"] }
 prettytable-rs = "0.10.0"
-procfs = { version = "0.16.0", optional = true }
+procfs = { version = "0.17.0", optional = true }
 proptest = "1.3.1"
-proptest-derive = "0.5.0"
+proptest-derive = "0.6.0"
+pty-process = { version = "0.5.1", optional = true }
 qrcode = "0.14.1"
-rand = "0.9.0"
+rand = "0.9.2"
 regex = "1.10.2"
 reqwest = { version = "0.12.4", features = ["stream", "json", "socks"] }
-reqwest_cookie_store = "0.8.0"
+reqwest_cookie_store = "0.9.0"
 rpassword = "7.2.0"
 rpc-toolkit = { git = "https://github.com/Start9Labs/rpc-toolkit.git", branch = "master" }
-rust-argon2 = "2.0.0"
+rust-argon2 = "3.0.0"
 rustyline-async = "0.4.1"
+safelog = { version = "0.4.8", git = "https://github.com/Start9Labs/arti.git", branch = "patch/disable-exit" }
 semver = { version = "1.0.20", features = ["serde"] }
 serde = { version = "1.0", features = ["derive", "rc"] }
 serde_cbor = { package = "ciborium", version = "0.2.1" }
 serde_json = "1.0"
-serde_toml = { package = "toml", version = "0.8.2" }
+serde_toml = { package = "toml", version = "0.9.5" }
 serde_urlencoded = "0.7"
 serde_with = { version = "3.4.0", features = ["macros", "json"] }
-serde_yaml = { package = "serde_yml", version = "0.0.10" }
+serde_yaml = { package = "serde_yml", version = "0.0.12" }
+sha-crypt = "0.5.0"
 sha2 = "0.10.2"
 shell-words = "1"
 signal-hook = "0.3.17"
 simple-logging = "2.0.2"
-socket2 = "0.5.7"
-sqlx = { version = "0.7.2", features = [
-  "chrono",
+socket2 = { version = "0.6.0", features = ["all"] }
+socks5-impl = { version = "0.7.2", features = ["server"] }
+sqlx = { version = "0.8.6", features = [
   "runtime-tokio-rustls",
   "postgres",
-] }
+], default-features = false }
 sscanf = "0.4.1"
 ssh-key = { version = "0.6.2", features = ["ed25519"] }
 tar = "0.4.40"
-thiserror = "1.0.49"
+termion = "4.0.5"
+thiserror = "2.0.12"
 textwrap = "0.16.1"
 tokio = { version = "1.38.1", features = ["full"] }
 tokio-rustls = "0.26.0"
-tokio-socks = "0.5.1"
 tokio-stream = { version = "0.1.14", features = ["io-util", "sync", "net"] }
 tokio-tar = { git = "https://github.com/dr-bonez/tokio-tar.git" }
-tokio-tungstenite = { version = "0.23.1", features = ["native-tls", "url"] }
+tokio-tungstenite = { version = "0.27.0", features = ["native-tls", "url"] }
 tokio-util = { version = "0.7.9", features = ["io"] }
-torut = { git = "https://github.com/Start9Labs/torut.git", branch = "update/dependencies", features = [
-  "serialize",
-] }
+tor-cell = { version = "0.33", git = "https://github.com/Start9Labs/arti.git", branch = "patch/disable-exit" }
+tor-hscrypto = { version = "0.33", features = [
+  "full",
+], git = "https://github.com/Start9Labs/arti.git", branch = "patch/disable-exit" }
+tor-hsservice = { version = "0.33", git = "https://github.com/Start9Labs/arti.git", branch = "patch/disable-exit" }
+tor-keymgr = { version = "0.33", features = [
+  "ephemeral-keystore",
+], git = "https://github.com/Start9Labs/arti.git", branch = "patch/disable-exit" }
+tor-llcrypto = { version = "0.33", features = [
+  "full",
+], git = "https://github.com/Start9Labs/arti.git", branch = "patch/disable-exit" }
+tor-proto = { version = "0.33", git = "https://github.com/Start9Labs/arti.git", branch = "patch/disable-exit" }
+tor-rtcompat = { version = "0.33", features = [
+  "tokio",
+  "rustls",
+], git = "https://github.com/Start9Labs/arti.git", branch = "patch/disable-exit" }
 tower-service = "0.3.3"
 tracing = "0.1.39"
 tracing-error = "0.2.0"
 tracing-futures = "0.2.5"
 tracing-journald = "0.3.0"
 tracing-subscriber = { version = "0.3.17", features = ["env-filter"] }
-trust-dns-server = "0.23.1"
-ts-rs = { git = "https://github.com/dr-bonez/ts-rs.git", branch = "feature/top-level-as" } # "8.1.0"
-tty-spawn = { version = "0.4.0", optional = true }
-typed-builder = "0.18.0"
+ts-rs = "9.0.1"
+typed-builder = "0.21.0"
 unix-named-pipe = "0.2.0"
 url = { version = "2.4.1", features = ["serde"] }
 urlencoding = "2.1.3"
 uuid = { version = "1.4.1", features = ["v4"] }
 zbus = "5.1.1"
 zeroize = "1.6.0"
-mail-send = { git = "https://github.com/dr-bonez/mail-send.git", branch = "main", optional = true }
 rustls = "0.23.20"
 rustls-pki-types = { version = "1.10.1", features = ["alloc"] }
 

core/startos/src/account.rs

@@ -1,12 +1,13 @@
 use std::time::SystemTime;
 
+use imbl_value::InternedString;
 use openssl::pkey::{PKey, Private};
 use openssl::x509::X509;
-use torut::onion::TorSecretKeyV3;
 
 use crate::db::model::DatabaseModel;
-use crate::hostname::{generate_hostname, generate_id, Hostname};
+use crate::hostname::{Hostname, generate_hostname, generate_id};
 use crate::net::ssl::{generate_key, make_root_cert};
+use crate::net::tor::TorSecretKey;
 use crate::prelude::*;
 use crate::util::serde::Pem;
 
@@ -19,28 +20,28 @@ fn hash_password(password: &str) -> Result<String, Error> {
     .with_kind(crate::ErrorKind::PasswordHashGeneration)
 }
 
-#[derive(Debug, Clone)]
+#[derive(Clone)]
 pub struct AccountInfo {
     pub server_id: String,
     pub hostname: Hostname,
     pub password: String,
-    pub tor_keys: Vec<TorSecretKeyV3>,
+    pub tor_keys: Vec<TorSecretKey>,
     pub root_ca_key: PKey<Private>,
     pub root_ca_cert: X509,
     pub ssh_key: ssh_key::PrivateKey,
-    pub compat_s9pk_key: ed25519_dalek::SigningKey,
+    pub developer_key: ed25519_dalek::SigningKey,
 }
 impl AccountInfo {
     pub fn new(password: &str, start_time: SystemTime) -> Result<Self, Error> {
         let server_id = generate_id();
         let hostname = generate_hostname();
-        let tor_key = vec![TorSecretKeyV3::generate()];
+        let tor_key = vec![TorSecretKey::generate()];
         let root_ca_key = generate_key()?;
         let root_ca_cert = make_root_cert(&root_ca_key, &hostname, start_time)?;
         let ssh_key = ssh_key::PrivateKey::from(ssh_key::private::Ed25519Keypair::random(
             &mut ssh_key::rand_core::OsRng::default(),
         ));
-        let compat_s9pk_key =
+        let developer_key =
             ed25519_dalek::SigningKey::generate(&mut ssh_key::rand_core::OsRng::default());
         Ok(Self {
             server_id,
@@ -50,7 +51,7 @@ impl AccountInfo {
             root_ca_key,
             root_ca_cert,
             ssh_key,
-            compat_s9pk_key,
+            developer_key,
         })
     }
 
@@ -59,7 +60,13 @@ impl AccountInfo {
         let hostname = Hostname(db.as_public().as_server_info().as_hostname().de()?);
         let password = db.as_private().as_password().de()?;
         let key_store = db.as_private().as_key_store();
-        let tor_addrs = db.as_public().as_server_info().as_host().as_onions().de()?;
+        let tor_addrs = db
+            .as_public()
+            .as_server_info()
+            .as_network()
+            .as_host()
+            .as_onions()
+            .de()?;
         let tor_keys = tor_addrs
             .into_iter()
             .map(|tor_addr| key_store.as_onion().get_key(&tor_addr))
@@ -68,7 +75,7 @@ impl AccountInfo {
         let root_ca_key = cert_store.as_root_key().de()?.0;
         let root_ca_cert = cert_store.as_root_cert().de()?.0;
         let ssh_key = db.as_private().as_ssh_privkey().de()?.0;
-        let compat_s9pk_key = db.as_private().as_compat_s9pk_key().de()?.0;
+        let compat_s9pk_key = db.as_private().as_developer_key().de()?.0;
 
         Ok(Self {
             server_id,
@@ -78,7 +85,7 @@ impl AccountInfo {
             root_ca_key,
             root_ca_cert,
             ssh_key,
-            compat_s9pk_key,
+            developer_key: compat_s9pk_key,
         })
     }
 
@@ -89,20 +96,24 @@ impl AccountInfo {
         server_info
             .as_pubkey_mut()
             .ser(&self.ssh_key.public_key().to_openssh()?)?;
-        server_info.as_host_mut().as_onions_mut().ser(
-            &self
-                .tor_keys
-                .iter()
-                .map(|tor_key| tor_key.public().get_onion_address())
-                .collect(),
-        )?;
+        server_info
+            .as_network_mut()
+            .as_host_mut()
+            .as_onions_mut()
+            .ser(
+                &self
+                    .tor_keys
+                    .iter()
+                    .map(|tor_key| tor_key.onion_address())
+                    .collect(),
+            )?;
         db.as_private_mut().as_password_mut().ser(&self.password)?;
         db.as_private_mut()
             .as_ssh_privkey_mut()
             .ser(Pem::new_ref(&self.ssh_key))?;
         db.as_private_mut()
-            .as_compat_s9pk_key_mut()
-            .ser(Pem::new_ref(&self.compat_s9pk_key))?;
+            .as_developer_key_mut()
+            .ser(Pem::new_ref(&self.developer_key))?;
         let key_store = db.as_private_mut().as_key_store_mut();
         for tor_key in &self.tor_keys {
             key_store.as_onion_mut().insert_key(tor_key)?;
@@ -121,4 +132,17 @@ impl AccountInfo {
         self.password = hash_password(password)?;
         Ok(())
     }
+
+    pub fn hostnames(&self) -> impl IntoIterator<Item = InternedString> + Send + '_ {
+        [
+            self.hostname.no_dot_host_name(),
+            self.hostname.local_domain_name(),
+        ]
+        .into_iter()
+        .chain(
+            self.tor_keys
+                .iter()
+                .map(|k| InternedString::from_display(&k.onion_address())),
+        )
+    }
 }

core/startos/src/action.rs

@@ -2,18 +2,19 @@ use std::fmt;
 
 use clap::{CommandFactory, FromArgMatches, Parser};
 pub use models::ActionId;
-use models::PackageId;
+use models::{PackageId, ReplayId};
 use qrcode::QrCode;
-use rpc_toolkit::{from_fn_async, Context, HandlerExt, ParentHandler};
+use rpc_toolkit::{Context, HandlerExt, ParentHandler, from_fn_async};
 use serde::{Deserialize, Serialize};
 use tracing::instrument;
 use ts_rs::TS;
 
 use crate::context::{CliContext, RpcContext};
+use crate::db::model::package::TaskSeverity;
 use crate::prelude::*;
 use crate::rpc_continuations::Guid;
 use crate::util::serde::{
-    display_serializable, HandlerExtSerde, StdinDeserializable, WithIoFormat,
+    HandlerExtSerde, StdinDeserializable, WithIoFormat, display_serializable,
 };
 
 pub fn action_api<C: Context>() -> ParentHandler<C> {
@@ -38,12 +39,20 @@ pub fn action_api<C: Context>() -> ParentHandler<C> {
                 .with_about("Run service action")
                 .with_call_remote::<CliContext>(),
         )
+        .subcommand(
+            "clear-task",
+            from_fn_async(clear_task)
+                .no_display()
+                .with_about("Clear a service task")
+                .with_call_remote::<CliContext>(),
+        )
 }
 
 #[derive(Debug, Clone, Deserialize, Serialize, TS)]
 #[ts(export)]
 #[serde(rename_all = "camelCase")]
 pub struct ActionInput {
+    pub event_id: Guid,
     #[ts(type = "Record<string, unknown>")]
     pub spec: Value,
     #[ts(type = "Record<string, unknown> | null")]
@@ -83,6 +92,28 @@ pub enum ActionResult {
     #[serde(rename = "1")]
     V1(ActionResultV1),
 }
+impl ActionResult {
+    pub fn upcast(self) -> Self {
+        match self {
+            Self::V0(ActionResultV0 {
+                message,
+                value,
+                copyable,
+                qr,
+            }) => Self::V1(ActionResultV1 {
+                title: "Action Complete".into(),
+                message: Some(message),
+                result: value.map(|value| ActionResultValue::Single {
+                    value,
+                    copyable,
+                    qr,
+                    masked: false,
+                }),
+            }),
+            Self::V1(a) => Self::V1(a),
+        }
+    }
+}
 impl fmt::Display for ActionResult {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
         match self {
@@ -222,20 +253,25 @@ impl fmt::Display for ActionResultV1 {
     }
 }
 
-pub fn display_action_result<T: Serialize>(params: WithIoFormat<T>, result: Option<ActionResult>) {
+pub fn display_action_result<T: Serialize>(
+    params: WithIoFormat<T>,
+    result: Option<ActionResult>,
+) -> Result<(), Error> {
     let Some(result) = result else {
-        return;
+        return Ok(());
     };
     if let Some(format) = params.format {
         return display_serializable(format, result);
     }
-    println!("{result}")
+    println!("{result}");
+    Ok(())
 }
 
 #[derive(Deserialize, Serialize, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct RunActionParams {
     pub package_id: PackageId,
+    pub event_id: Option<Guid>,
     pub action_id: ActionId,
     #[ts(optional, type = "any")]
     pub input: Option<Value>,
@@ -244,6 +280,7 @@ pub struct RunActionParams {
 #[derive(Parser)]
 struct CliRunActionParams {
     pub package_id: PackageId,
+    pub event_id: Option<Guid>,
     pub action_id: ActionId,
     #[command(flatten)]
     pub input: StdinDeserializable<Option<Value>>,
@@ -252,12 +289,14 @@ impl From<CliRunActionParams> for RunActionParams {
     fn from(
         CliRunActionParams {
             package_id,
+            event_id,
             action_id,
             input,
         }: CliRunActionParams,
     ) -> Self {
         Self {
             package_id,
+            event_id,
             action_id,
             input: input.0,
         }
@@ -297,6 +336,7 @@ pub async fn run_action(
     ctx: RpcContext,
     RunActionParams {
         package_id,
+        event_id,
         action_id,
         input,
     }: RunActionParams,
@@ -306,6 +346,54 @@ pub async fn run_action(
         .await
         .as_ref()
         .or_not_found(lazy_format!("Manager for {}", package_id))?
-        .run_action(Guid::new(), action_id, input.unwrap_or_default())
+        .run_action(
+            event_id.unwrap_or_default(),
+            action_id,
+            input.unwrap_or_default(),
+        )
         .await
+        .map(|res| res.map(ActionResult::upcast))
+}
+
+#[derive(Deserialize, Serialize, Parser, TS)]
+#[serde(rename_all = "camelCase")]
+#[command(rename_all = "kebab-case")]
+pub struct ClearTaskParams {
+    pub package_id: PackageId,
+    pub replay_id: ReplayId,
+    #[arg(long)]
+    #[serde(default)]
+    pub force: bool,
+}
+
+#[instrument(skip_all)]
+pub async fn clear_task(
+    ctx: RpcContext,
+    ClearTaskParams {
+        package_id,
+        replay_id,
+        force,
+    }: ClearTaskParams,
+) -> Result<(), Error> {
+    ctx.db
+        .mutate(|db| {
+            if let Some(task) = db
+                .as_public_mut()
+                .as_package_data_mut()
+                .as_idx_mut(&package_id)
+                .or_not_found(&package_id)?
+                .as_tasks_mut()
+                .remove(&replay_id)?
+            {
+                if !force && task.as_task().as_severity().de()? == TaskSeverity::Critical {
+                    return Err(Error::new(
+                        eyre!("Cannot clear critical task"),
+                        ErrorKind::InvalidRequest,
+                    ));
+                }
+            }
+            Ok(())
+        })
+        .await
+        .result
 }

core/startos/src/auth.rs

@@ -3,27 +3,27 @@ use std::collections::BTreeMap;
 use chrono::{DateTime, Utc};
 use clap::Parser;
 use color_eyre::eyre::eyre;
-use imbl_value::{json, InternedString};
+use imbl_value::{InternedString, json};
 use itertools::Itertools;
 use josekit::jwk::Jwk;
 use rpc_toolkit::yajrc::RpcError;
-use rpc_toolkit::{from_fn_async, Context, HandlerArgs, HandlerExt, ParentHandler};
+use rpc_toolkit::{CallRemote, Context, HandlerArgs, HandlerExt, ParentHandler, from_fn_async};
 use serde::{Deserialize, Serialize};
+use tokio::io::AsyncWriteExt;
 use tracing::instrument;
 use ts_rs::TS;
 
 use crate::context::{CliContext, RpcContext};
-use crate::db::model::DatabaseModel;
 use crate::middleware::auth::{
-    AsLogoutSessionId, HasLoggedOutSessions, HashSessionToken, LoginRes,
+    AsLogoutSessionId, AuthContext, HasLoggedOutSessions, HashSessionToken, LoginRes,
 };
 use crate::prelude::*;
 use crate::util::crypto::EncryptedWire;
-use crate::util::serde::{display_serializable, HandlerExtSerde, WithIoFormat};
-use crate::{ensure_code, Error, ResultExt};
+use crate::util::io::create_file_mod;
+use crate::util::serde::{HandlerExtSerde, WithIoFormat, display_serializable};
+use crate::{Error, ResultExt, ensure_code};
 
 #[derive(Debug, Clone, Default, Deserialize, Serialize, TS)]
-#[ts(as = "BTreeMap::<String, Session>")]
 pub struct Sessions(pub BTreeMap<InternedString, Session>);
 impl Sessions {
     pub fn new() -> Self {
@@ -41,6 +41,33 @@ impl Map for Sessions {
     }
 }
 
+pub async fn write_shadow(password: &str) -> Result<(), Error> {
+    let hash: String = sha_crypt::sha512_simple(password, &sha_crypt::Sha512Params::default())
+        .map_err(|e| Error::new(eyre!("{e:?}"), ErrorKind::Serialization))?;
+    let shadow_contents = tokio::fs::read_to_string("/etc/shadow").await?;
+    let mut shadow_file =
+        create_file_mod("/media/startos/config/overlay/etc/shadow", 0o640).await?;
+    for line in shadow_contents.lines() {
+        match line.split_once(":") {
+            Some((user, rest)) if user == "start9" || user == "kiosk" => {
+                let (_, rest) = rest.split_once(":").ok_or_else(|| {
+                    Error::new(eyre!("malformed /etc/shadow"), ErrorKind::ParseSysInfo)
+                })?;
+                shadow_file
+                    .write_all(format!("{user}:{hash}:{rest}\n").as_bytes())
+                    .await?;
+            }
+            _ => {
+                shadow_file.write_all(line.as_bytes()).await?;
+                shadow_file.write_all(b"\n").await?;
+            }
+        }
+    }
+    shadow_file.sync_all().await?;
+    tokio::fs::copy("/media/startos/config/overlay/etc/shadow", "/etc/shadow").await?;
+    Ok(())
+}
+
 #[derive(Clone, Serialize, Deserialize, TS)]
 #[serde(untagged)]
 #[ts(export)]
@@ -83,31 +110,34 @@ impl std::str::FromStr for PasswordType {
         })
     }
 }
-pub fn auth<C: Context>() -> ParentHandler<C> {
+pub fn auth<C: Context, AC: AuthContext>() -> ParentHandler<C>
+where
+    CliContext: CallRemote<AC>,
+{
     ParentHandler::new()
         .subcommand(
             "login",
-            from_fn_async(login_impl)
+            from_fn_async(login_impl::<AC>)
                 .with_metadata("login", Value::Bool(true))
                 .no_cli(),
         )
         .subcommand(
             "login",
-            from_fn_async(cli_login)
+            from_fn_async(cli_login::<AC>)
                 .no_display()
-                .with_about("Log in to StartOS server"),
+                .with_about("Log in a new auth session"),
         )
         .subcommand(
             "logout",
-            from_fn_async(logout)
+            from_fn_async(logout::<AC>)
                 .with_metadata("get_session", Value::Bool(true))
                 .no_display()
-                .with_about("Log out of StartOS server")
+                .with_about("Log out of current auth session")
                 .with_call_remote::<CliContext>(),
         )
         .subcommand(
             "session",
-            session::<C>().with_about("List or kill StartOS sessions"),
+            session::<C, AC>().with_about("List or kill auth sessions"),
         )
         .subcommand(
             "reset-password",
@@ -117,7 +147,7 @@ pub fn auth<C: Context>() -> ParentHandler<C> {
             "reset-password",
             from_fn_async(cli_reset_password)
                 .no_display()
-                .with_about("Reset StartOS password"),
+                .with_about("Reset password"),
         )
         .subcommand(
             "get-pubkey",
@@ -143,17 +173,20 @@ fn gen_pwd() {
 }
 
 #[instrument(skip_all)]
-async fn cli_login(
+async fn cli_login<C: AuthContext>(
     HandlerArgs {
         context: ctx,
         parent_method,
         method,
         ..
     }: HandlerArgs<CliContext>,
-) -> Result<(), RpcError> {
+) -> Result<(), RpcError>
+where
+    CliContext: CallRemote<C>,
+{
     let password = rpassword::prompt_password("Password: ")?;
 
-    ctx.call_remote::<RpcContext>(
+    ctx.call_remote::<C>(
         &parent_method.into_iter().chain(method).join("."),
         json!({
             "password": password,
@@ -181,66 +214,52 @@ pub fn check_password(hash: &str, password: &str) -> Result<(), Error> {
     Ok(())
 }
 
-pub fn check_password_against_db(db: &DatabaseModel, password: &str) -> Result<(), Error> {
-    let pw_hash = db.as_private().as_password().de()?;
-    check_password(&pw_hash, password)?;
-    Ok(())
-}
-
 #[derive(Deserialize, Serialize, TS)]
 #[serde(rename_all = "camelCase")]
 #[ts(export)]
 pub struct LoginParams {
-    password: Option<PasswordType>,
+    password: String,
     #[ts(skip)]
     #[serde(rename = "__auth_userAgent")] // from Auth middleware
     user_agent: Option<String>,
     #[serde(default)]
     ephemeral: bool,
-    #[serde(default)]
-    #[ts(type = "any")]
-    metadata: Value,
 }
 
 #[instrument(skip_all)]
-pub async fn login_impl(
-    ctx: RpcContext,
+pub async fn login_impl<C: AuthContext>(
+    ctx: C,
     LoginParams {
         password,
         user_agent,
         ephemeral,
-        metadata,
     }: LoginParams,
 ) -> Result<LoginRes, Error> {
-    let password = password.unwrap_or_default().decrypt(&ctx)?;
-
-    if ephemeral {
-        check_password_against_db(&ctx.db.peek().await, &password)?;
+    let tok = if ephemeral {
+        C::check_password(&ctx.db().peek().await, &password)?;
         let hash_token = HashSessionToken::new();
-        ctx.ephemeral_sessions.mutate(|s| {
+        ctx.ephemeral_sessions().mutate(|s| {
             s.0.insert(
                 hash_token.hashed().clone(),
                 Session {
                     logged_in: Utc::now(),
                     last_active: Utc::now(),
                     user_agent,
-                    metadata,
                 },
             )
         });
         Ok(hash_token.to_login_res())
     } else {
-        ctx.db
+        ctx.db()
             .mutate(|db| {
-                check_password_against_db(db, &password)?;
+                C::check_password(db, &password)?;
                 let hash_token = HashSessionToken::new();
-                db.as_private_mut().as_sessions_mut().insert(
+                C::access_sessions(db).insert(
                     hash_token.hashed(),
                     &Session {
                         logged_in: Utc::now(),
                         last_active: Utc::now(),
                         user_agent,
-                        metadata,
                     },
                 )?;
 
@@ -248,7 +267,11 @@ pub async fn login_impl(
             })
             .await
             .result
-    }
+    }?;
+
+    ctx.post_login_hook(&password).await?;
+
+    Ok(tok)
 }
 
 #[derive(Deserialize, Serialize, Parser, TS)]
@@ -260,8 +283,8 @@ pub struct LogoutParams {
     session: InternedString,
 }
 
-pub async fn logout(
-    ctx: RpcContext,
+pub async fn logout<C: AuthContext>(
+    ctx: C,
     LogoutParams { session }: LogoutParams,
 ) -> Result<Option<HasLoggedOutSessions>, Error> {
     Ok(Some(
@@ -277,10 +300,7 @@ pub struct Session {
     pub logged_in: DateTime<Utc>,
     #[ts(type = "string")]
     pub last_active: DateTime<Utc>,
-    #[ts(skip)]
     pub user_agent: Option<String>,
-    #[ts(type = "any")]
-    pub metadata: Value,
 }
 
 #[derive(Deserialize, Serialize, TS)]
@@ -292,29 +312,30 @@ pub struct SessionList {
     sessions: Sessions,
 }
 
-pub fn session<C: Context>() -> ParentHandler<C> {
+pub fn session<C: Context, AC: AuthContext>() -> ParentHandler<C>
+where
+    CliContext: CallRemote<AC>,
+{
     ParentHandler::new()
         .subcommand(
             "list",
-            from_fn_async(list)
+            from_fn_async(list::<AC>)
                 .with_metadata("get_session", Value::Bool(true))
                 .with_display_serializable()
-                .with_custom_display_fn(|handle, result| {
-                    Ok(display_sessions(handle.params, result))
-                })
-                .with_about("Display all server sessions")
+                .with_custom_display_fn(|handle, result| display_sessions(handle.params, result))
+                .with_about("Display all auth sessions")
                 .with_call_remote::<CliContext>(),
         )
         .subcommand(
             "kill",
-            from_fn_async(kill)
+            from_fn_async(kill::<AC>)
                 .no_display()
-                .with_about("Terminate existing server session(s)")
+                .with_about("Terminate existing auth session(s)")
                 .with_call_remote::<CliContext>(),
         )
 }
 
-fn display_sessions(params: WithIoFormat<ListParams>, arg: SessionList) {
+fn display_sessions(params: WithIoFormat<ListParams>, arg: SessionList) -> Result<(), Error> {
     use prettytable::*;
 
     if let Some(format) = params.format {
@@ -327,7 +348,6 @@ fn display_sessions(params: WithIoFormat<ListParams>, arg: SessionList) {
         "LOGGED IN",
         "LAST ACTIVE",
         "USER AGENT",
-        "METADATA",
     ]);
     for (id, session) in arg.sessions.0 {
         let mut row = row![
@@ -335,7 +355,6 @@ fn display_sessions(params: WithIoFormat<ListParams>, arg: SessionList) {
             &format!("{}", session.logged_in),
             &format!("{}", session.last_active),
             session.user_agent.as_deref().unwrap_or("N/A"),
-            &format!("{}", session.metadata),
         ];
         if Some(id) == arg.current {
             row.iter_mut()
@@ -344,7 +363,8 @@ fn display_sessions(params: WithIoFormat<ListParams>, arg: SessionList) {
         }
         table.add_row(row);
     }
-    table.print_tty(false).unwrap();
+    table.print_tty(false)?;
+    Ok(())
 }
 
 #[derive(Deserialize, Serialize, Parser, TS)]
@@ -359,12 +379,12 @@ pub struct ListParams {
 
 // #[command(display(display_sessions))]
 #[instrument(skip_all)]
-pub async fn list(
-    ctx: RpcContext,
+pub async fn list<C: AuthContext>(
+    ctx: C,
     ListParams { session, .. }: ListParams,
 ) -> Result<SessionList, Error> {
-    let mut sessions = ctx.db.peek().await.into_private().into_sessions().de()?;
-    ctx.ephemeral_sessions.peek(|s| {
+    let mut sessions = C::access_sessions(&mut ctx.db().peek().await).de()?;
+    ctx.ephemeral_sessions().peek(|s| {
         sessions
             .0
             .extend(s.0.iter().map(|(k, v)| (k.clone(), v.clone())))
@@ -398,7 +418,7 @@ pub struct KillParams {
 }
 
 #[instrument(skip_all)]
-pub async fn kill(ctx: RpcContext, KillParams { ids }: KillParams) -> Result<(), Error> {
+pub async fn kill<C: AuthContext>(ctx: C, KillParams { ids }: KillParams) -> Result<(), Error> {
     HasLoggedOutSessions::new(ids.into_iter().map(KillSessionId::new), &ctx).await?;
     Ok(())
 }

core/startos/src/backup/backup_bulk.rs

@@ -13,9 +13,8 @@ use tokio::io::AsyncWriteExt;
 use tracing::instrument;
 use ts_rs::TS;
 
-use super::target::{BackupTargetId, PackageBackupInfo};
 use super::PackageBackupReport;
-use crate::auth::check_password_against_db;
+use super::target::{BackupTargetId, PackageBackupInfo};
 use crate::backup::os::OsBackup;
 use crate::backup::{BackupReport, ServerBackupReport};
 use crate::context::RpcContext;
@@ -24,7 +23,8 @@ use crate::db::model::{Database, DatabaseModel};
 use crate::disk::mount::backup::BackupMountGuard;
 use crate::disk::mount::filesystem::ReadWrite;
 use crate::disk::mount::guard::{GenericMountGuard, TmpMountGuard};
-use crate::notifications::{notify, NotificationLevel};
+use crate::middleware::auth::AuthContext;
+use crate::notifications::{NotificationLevel, notify};
 use crate::prelude::*;
 use crate::util::io::dir_copy;
 use crate::util::serde::IoFormat;
@@ -170,7 +170,7 @@ pub async fn backup_all(
     let ((fs, package_ids, server_id), status_guard) = (
         ctx.db
             .mutate(|db| {
-                check_password_against_db(db, &password)?;
+                RpcContext::check_password(db, &password)?;
                 let fs = target_id.load(db)?;
                 let package_ids = if let Some(ids) = package_ids {
                     ids.into_iter().collect()
@@ -223,18 +223,7 @@ fn assure_backing_up<'a>(
         .as_server_info_mut()
         .as_status_info_mut()
         .as_backup_progress_mut();
-    if backing_up
-        .clone()
-        .de()?
-        .iter()
-        .flat_map(|x| x.values())
-        .fold(false, |acc, x| {
-            if !x.complete {
-                return true;
-            }
-            acc
-        })
-    {
+    if backing_up.transpose_ref().is_some() {
         return Err(Error::new(
             eyre!("Server is already backing up!"),
             ErrorKind::InvalidRequest,
@@ -287,6 +276,22 @@ async fn perform_backup(
                         timestamp: Utc::now(),
                     },
                 );
+
+                ctx.db
+                    .mutate(|db| {
+                        if let Some(progress) = db
+                            .as_public_mut()
+                            .as_server_info_mut()
+                            .as_status_info_mut()
+                            .as_backup_progress_mut()
+                            .transpose_mut()
+                        {
+                            progress.insert(&id, &BackupProgress { complete: true })?;
+                        }
+                        Ok(())
+                    })
+                    .await
+                    .result?;
             }
             backup_report.insert(
                 id.clone(),

core/startos/src/backup/mod.rs

@@ -3,7 +3,7 @@ use std::collections::BTreeMap;
 use chrono::{DateTime, Utc};
 use models::{HostId, PackageId};
 use reqwest::Url;
-use rpc_toolkit::{from_fn_async, Context, HandlerExt, ParentHandler};
+use rpc_toolkit::{Context, HandlerExt, ParentHandler, from_fn_async};
 use serde::{Deserialize, Serialize};
 
 use crate::context::CliContext;

core/startos/src/backup/os.rs

@@ -4,10 +4,10 @@ use openssl::x509::X509;
 use patch_db::Value;
 use serde::{Deserialize, Serialize};
 use ssh_key::private::Ed25519Keypair;
-use torut::onion::TorSecretKeyV3;
 
 use crate::account::AccountInfo;
-use crate::hostname::{generate_hostname, generate_id, Hostname};
+use crate::hostname::{Hostname, generate_hostname, generate_id};
+use crate::net::tor::TorSecretKey;
 use crate::prelude::*;
 use crate::util::crypto::ed25519_expand_key;
 use crate::util::serde::{Base32, Base64, Pem};
@@ -36,7 +36,7 @@ impl<'de> Deserialize<'de> for OsBackup {
             v => {
                 return Err(serde::de::Error::custom(&format!(
                     "Unknown backup version {v}"
-                )))
+                )));
             }
         })
     }
@@ -85,8 +85,11 @@ impl OsBackupV0 {
                     &mut ssh_key::rand_core::OsRng::default(),
                     ssh_key::Algorithm::Ed25519,
                 )?,
-                tor_keys: vec![TorSecretKeyV3::from(self.tor_key.0)],
-                compat_s9pk_key: ed25519_dalek::SigningKey::generate(
+                tor_keys: TorSecretKey::from_bytes(self.tor_key.0)
+                    .ok()
+                    .into_iter()
+                    .collect(),
+                developer_key: ed25519_dalek::SigningKey::generate(
                     &mut ssh_key::rand_core::OsRng::default(),
                 ),
             },
@@ -116,8 +119,11 @@ impl OsBackupV1 {
                 root_ca_key: self.root_ca_key.0,
                 root_ca_cert: self.root_ca_cert.0,
                 ssh_key: ssh_key::PrivateKey::from(Ed25519Keypair::from_seed(&self.net_key.0)),
-                tor_keys: vec![TorSecretKeyV3::from(ed25519_expand_key(&self.net_key.0))],
-                compat_s9pk_key: ed25519_dalek::SigningKey::from_bytes(&self.net_key),
+                tor_keys: TorSecretKey::from_bytes(ed25519_expand_key(&self.net_key.0))
+                    .ok()
+                    .into_iter()
+                    .collect(),
+                developer_key: ed25519_dalek::SigningKey::from_bytes(&self.net_key),
             },
             ui: self.ui,
         }
@@ -134,7 +140,7 @@ struct OsBackupV2 {
     root_ca_key: Pem<PKey<Private>>,                 // PEM Encoded OpenSSL Key
     root_ca_cert: Pem<X509>,                         // PEM Encoded OpenSSL X509 Certificate
     ssh_key: Pem<ssh_key::PrivateKey>,               // PEM Encoded OpenSSH Key
-    tor_keys: Vec<TorSecretKeyV3>,                   // Base64 Encoded Ed25519 Expanded Secret Key
+    tor_keys: Vec<TorSecretKey>,                     // Base64 Encoded Ed25519 Expanded Secret Key
     compat_s9pk_key: Pem<ed25519_dalek::SigningKey>, // PEM Encoded ED25519 Key
     ui: Value,                                       // JSON Value
 }
@@ -149,7 +155,7 @@ impl OsBackupV2 {
                 root_ca_cert: self.root_ca_cert.0,
                 ssh_key: self.ssh_key.0,
                 tor_keys: self.tor_keys,
-                compat_s9pk_key: self.compat_s9pk_key.0,
+                developer_key: self.compat_s9pk_key.0,
             },
             ui: self.ui,
         }
@@ -162,7 +168,7 @@ impl OsBackupV2 {
             root_ca_cert: Pem(backup.account.root_ca_cert.clone()),
             ssh_key: Pem(backup.account.ssh_key.clone()),
             tor_keys: backup.account.tor_keys.clone(),
-            compat_s9pk_key: Pem(backup.account.compat_s9pk_key.clone()),
+            compat_s9pk_key: Pem(backup.account.developer_key.clone()),
             ui: backup.ui.clone(),
         }
     }

core/startos/src/backup/restore.rs

@@ -2,7 +2,7 @@ use std::collections::BTreeMap;
 use std::sync::Arc;
 
 use clap::Parser;
-use futures::{stream, StreamExt};
+use futures::{StreamExt, stream};
 use models::PackageId;
 use patch_db::json_ptr::ROOT;
 use serde::{Deserialize, Serialize};
@@ -11,6 +11,7 @@ use tracing::instrument;
 use ts_rs::TS;
 
 use super::target::BackupTargetId;
+use crate::PLATFORM;
 use crate::backup::os::OsBackup;
 use crate::context::setup::SetupResult;
 use crate::context::{RpcContext, SetupContext};
@@ -20,9 +21,11 @@ use crate::disk::mount::filesystem::ReadWrite;
 use crate::disk::mount::guard::{GenericMountGuard, TmpMountGuard};
 use crate::init::init;
 use crate::prelude::*;
+use crate::progress::ProgressUnits;
 use crate::s9pk::S9pk;
 use crate::service::service_map::DownloadInstallFuture;
 use crate::setup::SetupExecuteProgress;
+use crate::system::sync_kiosk;
 use crate::util::serde::IoFormat;
 
 #[derive(Deserialize, Serialize, Parser, TS)]
@@ -80,6 +83,7 @@ pub async fn recover_full_embassy(
     recovery_source: TmpMountGuard,
     server_id: &str,
     recovery_password: &str,
+    kiosk: Option<bool>,
     SetupExecuteProgress {
         init_phases,
         restore_phase,
@@ -105,8 +109,12 @@ pub async fn recover_full_embassy(
     )
     .with_kind(ErrorKind::PasswordHashGeneration)?;
 
+    let kiosk = Some(kiosk.unwrap_or(true)).filter(|_| &*PLATFORM != "raspberrypi");
+    sync_kiosk(kiosk).await?;
+
     let db = ctx.db().await?;
-    db.put(&ROOT, &Database::init(&os_backup.account)?).await?;
+    db.put(&ROOT, &Database::init(&os_backup.account, kiosk)?)
+        .await?;
     drop(db);
 
     let init_result = init(&ctx.webserver, &ctx.config, init_phases).await?;
@@ -129,6 +137,7 @@ pub async fn recover_full_embassy(
         .collect();
     let tasks = restore_packages(&rpc_ctx, backup_guard, ids).await?;
     restore_phase.set_total(tasks.len() as u64);
+    restore_phase.set_units(Some(ProgressUnits::Steps));
     let restore_phase = Arc::new(Mutex::new(restore_phase));
     stream::iter(tasks)
         .for_each_concurrent(5, |(id, res)| {
@@ -166,6 +175,7 @@ async fn restore_packages(
             .install(
                 ctx.clone(),
                 || S9pk::open(s9pk_path, Some(&id)),
+                None, // TODO: pull from metadata?
                 Some(backup_dir),
                 None,
             )

core/startos/src/backup/target/cifs.rs

@@ -4,17 +4,17 @@ use std::path::{Path, PathBuf};
 use clap::Parser;
 use color_eyre::eyre::eyre;
 use imbl_value::InternedString;
-use rpc_toolkit::{from_fn_async, Context, HandlerExt, ParentHandler};
+use rpc_toolkit::{Context, HandlerExt, ParentHandler, from_fn_async};
 use serde::{Deserialize, Serialize};
 use ts_rs::TS;
 
 use super::{BackupTarget, BackupTargetId};
 use crate::context::{CliContext, RpcContext};
 use crate::db::model::DatabaseModel;
-use crate::disk::mount::filesystem::cifs::Cifs;
 use crate::disk::mount::filesystem::ReadOnly;
+use crate::disk::mount::filesystem::cifs::Cifs;
 use crate::disk::mount::guard::{GenericMountGuard, TmpMountGuard};
-use crate::disk::util::{recovery_info, StartOsRecoveryInfo};
+use crate::disk::util::{StartOsRecoveryInfo, recovery_info};
 use crate::prelude::*;
 use crate::util::serde::KeyVal;
 

core/startos/src/backup/target/mod.rs

@@ -2,15 +2,15 @@ use std::collections::BTreeMap;
 use std::path::{Path, PathBuf};
 
 use chrono::{DateTime, Utc};
-use clap::builder::ValueParserFactory;
 use clap::Parser;
+use clap::builder::ValueParserFactory;
 use color_eyre::eyre::eyre;
-use digest::generic_array::GenericArray;
 use digest::OutputSizeUser;
+use digest::generic_array::GenericArray;
 use exver::Version;
 use imbl_value::InternedString;
 use models::{FromStrParser, PackageId};
-use rpc_toolkit::{from_fn_async, Context, HandlerExt, ParentHandler};
+use rpc_toolkit::{Context, HandlerExt, ParentHandler, from_fn_async};
 use serde::{Deserialize, Serialize};
 use sha2::Sha256;
 use tokio::sync::Mutex;
@@ -27,10 +27,10 @@ use crate::disk::mount::filesystem::{FileSystem, MountType, ReadWrite};
 use crate::disk::mount::guard::{GenericMountGuard, TmpMountGuard};
 use crate::disk::util::PartitionInfo;
 use crate::prelude::*;
-use crate::util::serde::{
-    deserialize_from_str, display_serializable, serialize_display, HandlerExtSerde, WithIoFormat,
-};
 use crate::util::VersionString;
+use crate::util::serde::{
+    HandlerExtSerde, WithIoFormat, deserialize_from_str, display_serializable, serialize_display,
+};
 
 pub mod cifs;
 
@@ -157,7 +157,7 @@ pub fn target<C: Context>() -> ParentHandler<C> {
             from_fn_async(info)
                 .with_display_serializable()
                 .with_custom_display_fn::<CliContext, _>(|params, info| {
-                    Ok(display_backup_info(params.params, info))
+                    display_backup_info(params.params, info)
                 })
                 .with_about("Display package backup information")
                 .with_call_remote::<CliContext>(),
@@ -227,7 +227,7 @@ pub struct PackageBackupInfo {
     pub timestamp: DateTime<Utc>,
 }
 
-fn display_backup_info(params: WithIoFormat<InfoParams>, info: BackupInfo) {
+fn display_backup_info(params: WithIoFormat<InfoParams>, info: BackupInfo) -> Result<(), Error> {
     use prettytable::*;
 
     if let Some(format) = params.format {
@@ -260,7 +260,8 @@ fn display_backup_info(params: WithIoFormat<InfoParams>, info: BackupInfo) {
         ];
         table.add_row(row);
     }
-    table.print_tty(false).unwrap();
+    table.print_tty(false)?;
+    Ok(())
 }
 
 #[derive(Deserialize, Serialize, Parser, TS)]
@@ -296,7 +297,7 @@ pub async fn info(
 }
 
 lazy_static::lazy_static! {
-    static ref USER_MOUNTS: Mutex<BTreeMap<BackupTargetId, BackupMountGuard<TmpMountGuard>>> =
+    static ref USER_MOUNTS: Mutex<BTreeMap<BackupTargetId, Result<BackupMountGuard<TmpMountGuard>, TmpMountGuard>>> =
         Mutex::new(BTreeMap::new());
 }
 
@@ -305,8 +306,11 @@ lazy_static::lazy_static! {
 #[command(rename_all = "kebab-case")]
 pub struct MountParams {
     target_id: BackupTargetId,
-    server_id: String,
+    #[arg(long)]
+    server_id: Option<String>,
     password: String,
+    #[arg(long)]
+    allow_partial: bool,
 }
 
 #[instrument(skip_all)]
@@ -316,24 +320,63 @@ pub async fn mount(
         target_id,
         server_id,
         password,
+        allow_partial,
     }: MountParams,
 ) -> Result<String, Error> {
+    let server_id = if let Some(server_id) = server_id {
+        server_id
+    } else {
+        ctx.db
+            .peek()
+            .await
+            .into_public()
+            .into_server_info()
+            .into_id()
+            .de()?
+    };
+
     let mut mounts = USER_MOUNTS.lock().await;
 
-    if let Some(existing) = mounts.get(&target_id) {
-        return Ok(existing.path().display().to_string());
-    }
+    let existing = mounts.get(&target_id);
 
-    let guard = BackupMountGuard::mount(
-        TmpMountGuard::mount(&target_id.clone().load(&ctx.db.peek().await)?, ReadWrite).await?,
-        &server_id,
-        &password,
-    )
-    .await?;
+    let base = match existing {
+        Some(Ok(a)) => return Ok(a.path().display().to_string()),
+        Some(Err(e)) => e.clone(),
+        None => {
+            TmpMountGuard::mount(&target_id.clone().load(&ctx.db.peek().await)?, ReadWrite).await?
+        }
+    };
+
+    let guard = match BackupMountGuard::mount(base.clone(), &server_id, &password).await {
+        Ok(a) => a,
+        Err(e) => {
+            if allow_partial {
+                mounts.insert(target_id, Err(base.clone()));
+                let enc_key = BackupMountGuard::<TmpMountGuard>::load_metadata(
+                    base.path(),
+                    &server_id,
+                    &password,
+                )
+                .await
+                .map(|(_, k)| k);
+                return Err(e)
+                    .with_ctx(|e| (
+                        e.kind,
+                        format!(
+                            "\nThe base filesystem did successfully mount at {:?}\nWrapped Key: {:?}",
+                            base.path(),
+                            enc_key
+                        )
+                    ));
+            } else {
+                return Err(e);
+            }
+        }
+    };
 
     let res = guard.path().display().to_string();
 
-    mounts.insert(target_id, guard);
+    mounts.insert(target_id, Ok(guard));
 
     Ok(res)
 }
@@ -350,11 +393,17 @@ pub async fn umount(_: RpcContext, UmountParams { target_id }: UmountParams) ->
     let mut mounts = USER_MOUNTS.lock().await; // TODO: move to context
     if let Some(target_id) = target_id {
         if let Some(existing) = mounts.remove(&target_id) {
-            existing.unmount().await?;
+            match existing {
+                Ok(e) => e.unmount().await?,
+                Err(e) => e.unmount().await?,
+            }
         }
     } else {
         for (_, existing) in std::mem::take(&mut *mounts) {
-            existing.unmount().await?;
+            match existing {
+                Ok(e) => e.unmount().await?,
+                Err(e) => e.unmount().await?,
+            }
         }
     }
 

core/startos/src/bins/mod.rs

@@ -2,41 +2,64 @@ use std::collections::VecDeque;
 use std::ffi::OsString;
 use std::path::Path;
 
-#[cfg(feature = "container-runtime")]
+#[cfg(feature = "cli-container")]
 pub mod container_cli;
 pub mod deprecated;
-#[cfg(feature = "registry")]
+#[cfg(any(feature = "registry", feature = "cli-registry"))]
 pub mod registry;
 #[cfg(feature = "cli")]
 pub mod start_cli;
-#[cfg(feature = "daemon")]
+#[cfg(feature = "startd")]
 pub mod start_init;
-#[cfg(feature = "daemon")]
+#[cfg(feature = "startd")]
 pub mod startd;
+#[cfg(any(feature = "tunnel", feature = "cli-tunnel"))]
+pub mod tunnel;
 
 fn select_executable(name: &str) -> Option<fn(VecDeque<OsString>)> {
     match name {
-        #[cfg(feature = "cli")]
-        "start-cli" => Some(start_cli::main),
-        #[cfg(feature = "container-runtime")]
-        "start-cli" => Some(container_cli::main),
-        #[cfg(feature = "daemon")]
+        #[cfg(feature = "startd")]
         "startd" => Some(startd::main),
-        #[cfg(feature = "registry")]
-        "registry" => Some(registry::main),
-        "embassy-cli" => Some(|_| deprecated::renamed("embassy-cli", "start-cli")),
-        "embassy-sdk" => Some(|_| deprecated::renamed("embassy-sdk", "start-sdk")),
+        #[cfg(feature = "startd")]
         "embassyd" => Some(|_| deprecated::renamed("embassyd", "startd")),
+        #[cfg(feature = "startd")]
         "embassy-init" => Some(|_| deprecated::removed("embassy-init")),
+
+        #[cfg(feature = "cli-startd")]
+        "start-cli" => Some(start_cli::main),
+        #[cfg(feature = "cli-startd")]
+        "embassy-cli" => Some(|_| deprecated::renamed("embassy-cli", "start-cli")),
+        #[cfg(feature = "cli-startd")]
+        "embassy-sdk" => Some(|_| deprecated::removed("embassy-sdk")),
+
+        #[cfg(feature = "cli-container")]
+        "start-container" => Some(container_cli::main),
+
+        #[cfg(feature = "registry")]
+        "start-registryd" => Some(registry::main),
+        #[cfg(feature = "cli-registry")]
+        "start-registry" => Some(registry::cli),
+
+        #[cfg(feature = "tunnel")]
+        "start-tunneld" => Some(tunnel::main),
+        #[cfg(feature = "cli-tunnel")]
+        "start-tunnel" => Some(tunnel::cli),
+
         "contents" => Some(|_| {
-            #[cfg(feature = "cli")]
-            println!("start-cli");
-            #[cfg(feature = "container-runtime")]
-            println!("start-cli (container)");
-            #[cfg(feature = "daemon")]
+            #[cfg(feature = "startd")]
             println!("startd");
+            #[cfg(feature = "cli-startd")]
+            println!("start-cli");
+            #[cfg(feature = "cli-container")]
+            println!("start-container");
             #[cfg(feature = "registry")]
-            println!("registry");
+            println!("start-registryd");
+            #[cfg(feature = "cli-registry")]
+            println!("start-registry");
+            #[cfg(feature = "tunnel")]
+            println!("start-tunneld");
+            #[cfg(feature = "cli-tunnel")]
+            println!("start-tunnel");
         }),
         _ => None,
     }

core/startos/src/bins/registry.rs

@@ -2,9 +2,12 @@ use std::ffi::OsString;
 
 use clap::Parser;
 use futures::FutureExt;
+use rpc_toolkit::CliApp;
 use tokio::signal::unix::signal;
 use tracing::instrument;
 
+use crate::context::CliContext;
+use crate::context::config::ClientConfig;
 use crate::net::web_server::{Acceptor, WebServer};
 use crate::prelude::*;
 use crate::registry::context::{RegistryConfig, RegistryContext};
@@ -85,3 +88,30 @@ pub fn main(args: impl IntoIterator<Item = OsString>) {
         }
     }
 }
+
+pub fn cli(args: impl IntoIterator<Item = OsString>) {
+    LOGGER.enable();
+
+    if let Err(e) = CliApp::new(
+        |cfg: ClientConfig| Ok(CliContext::init(cfg.load()?)?),
+        crate::registry::registry_api(),
+    )
+    .run(args)
+    {
+        match e.data {
+            Some(serde_json::Value::String(s)) => eprintln!("{}: {}", e.message, s),
+            Some(serde_json::Value::Object(o)) => {
+                if let Some(serde_json::Value::String(s)) = o.get("details") {
+                    eprintln!("{}: {}", e.message, s);
+                    if let Some(serde_json::Value::String(s)) = o.get("debug") {
+                        tracing::debug!("{}", s)
+                    }
+                }
+            }
+            Some(a) => eprintln!("{}: {}", e.message, a),
+            None => eprintln!("{}", e.message),
+        }
+
+        std::process::exit(e.code);
+    }
+}

core/startos/src/bins/start_cli.rs

@@ -3,8 +3,8 @@ use std::ffi::OsString;
 use rpc_toolkit::CliApp;
 use serde_json::Value;
 
-use crate::context::config::ClientConfig;
 use crate::context::CliContext;
+use crate::context::config::ClientConfig;
 use crate::util::logger::LOGGER;
 use crate::version::{Current, VersionT};
 

core/startos/src/bins/start_init.rs

@@ -1,4 +1,3 @@
-use std::path::Path;
 use std::sync::Arc;
 
 use tokio::process::Command;
@@ -7,9 +6,9 @@ use tracing::instrument;
 use crate::context::config::ServerConfig;
 use crate::context::rpc::InitRpcContextPhases;
 use crate::context::{DiagnosticContext, InitContext, InstallContext, RpcContext, SetupContext};
+use crate::disk::REPAIR_DISK_PATH;
 use crate::disk::fsck::RepairStrategy;
 use crate::disk::main::DEFAULT_PASSWORD;
-use crate::disk::REPAIR_DISK_PATH;
 use crate::firmware::{check_for_firmware_update, update_firmware};
 use crate::init::{InitPhases, STANDBY_MODE_PATH};
 use crate::net::web_server::{UpgradableListener, WebServer};
@@ -48,7 +47,7 @@ async fn setup_or_init(
             update_phase.complete();
             reboot_phase.start();
             return Ok(Err(Shutdown {
-                export_args: None,
+                disk_guid: None,
                 restart: true,
             }));
         }
@@ -103,7 +102,7 @@ async fn setup_or_init(
             .expect("context dropped");
 
         return Ok(Err(Shutdown {
-            export_args: None,
+            disk_guid: None,
             restart: true,
         }));
     }
@@ -117,7 +116,9 @@ async fn setup_or_init(
         server.serve_setup(ctx.clone());
 
         let mut shutdown = ctx.shutdown.subscribe();
-        shutdown.recv().await.expect("context dropped");
+        if let Some(shutdown) = shutdown.recv().await.expect("context dropped") {
+            return Ok(Err(shutdown));
+        }
 
         tokio::task::yield_now().await;
         if let Err(e) = Command::new("killall")
@@ -136,7 +137,7 @@ async fn setup_or_init(
                 return Err(Error::new(
                     eyre!("Setup mode exited before setup completed"),
                     ErrorKind::Unknown,
-                ))
+                ));
             }
         }))
     } else {
@@ -183,7 +184,7 @@ async fn setup_or_init(
                 let mut reboot_phase = handle.add_phase("Rebooting".into(), Some(1));
                 reboot_phase.start();
                 return Ok(Err(Shutdown {
-                    export_args: Some((disk_guid, Path::new(DATA_DIR).to_owned())),
+                    disk_guid: Some(disk_guid),
                     restart: true,
                 }));
             }

core/startos/src/bins/startd.rs

@@ -1,6 +1,5 @@
 use std::cmp::max;
 use std::ffi::OsString;
-use std::net::IpAddr;
 use std::sync::Arc;
 use std::time::Duration;
 
@@ -13,8 +12,7 @@ use tracing::instrument;
 use crate::context::config::ServerConfig;
 use crate::context::rpc::InitRpcContextPhases;
 use crate::context::{DiagnosticContext, InitContext, RpcContext};
-use crate::net::network_interface::SelfContainedNetworkInterfaceListener;
-use crate::net::utils::ipv6_is_local;
+use crate::net::gateway::SelfContainedNetworkInterfaceListener;
 use crate::net::web_server::{Acceptor, UpgradableListener, WebServer};
 use crate::shutdown::Shutdown;
 use crate::system::launch_metrics_task;
@@ -146,7 +144,7 @@ pub fn main(args: impl IntoIterator<Item = OsString>) {
 
     let res = {
         let rt = tokio::runtime::Builder::new_multi_thread()
-            .worker_threads(max(4, num_cpus::get()))
+            .worker_threads(max(1, num_cpus::get()))
             .enable_all()
             .build()
             .expect("failed to initialize runtime");

core/startos/src/bins/tunnel.rs

@@ -0,0 +1,117 @@
+use std::ffi::OsString;
+
+use clap::Parser;
+use futures::FutureExt;
+use rpc_toolkit::CliApp;
+use tokio::signal::unix::signal;
+use tracing::instrument;
+
+use crate::context::CliContext;
+use crate::context::config::ClientConfig;
+use crate::net::web_server::{Acceptor, WebServer};
+use crate::prelude::*;
+use crate::tunnel::context::{TunnelConfig, TunnelContext};
+use crate::util::logger::LOGGER;
+
+#[instrument(skip_all)]
+async fn inner_main(config: &TunnelConfig) -> Result<(), Error> {
+    let server = async {
+        let ctx = TunnelContext::init(config).await?;
+        let mut server = WebServer::new(Acceptor::bind([ctx.listen]).await?);
+        server.serve_tunnel(ctx.clone());
+
+        let mut shutdown_recv = ctx.shutdown.subscribe();
+
+        let sig_handler_ctx = ctx;
+        let sig_handler = tokio::spawn(async move {
+            use tokio::signal::unix::SignalKind;
+            futures::future::select_all(
+                [
+                    SignalKind::interrupt(),
+                    SignalKind::quit(),
+                    SignalKind::terminate(),
+                ]
+                .iter()
+                .map(|s| {
+                    async move {
+                        signal(*s)
+                            .unwrap_or_else(|_| panic!("register {:?} handler", s))
+                            .recv()
+                            .await
+                    }
+                    .boxed()
+                }),
+            )
+            .await;
+            sig_handler_ctx
+                .shutdown
+                .send(())
+                .map_err(|_| ())
+                .expect("send shutdown signal");
+        });
+
+        shutdown_recv
+            .recv()
+            .await
+            .with_kind(crate::ErrorKind::Unknown)?;
+
+        sig_handler.abort();
+
+        Ok::<_, Error>(server)
+    }
+    .await?;
+    server.shutdown().await;
+
+    Ok(())
+}
+
+pub fn main(args: impl IntoIterator<Item = OsString>) {
+    LOGGER.enable();
+
+    let config = TunnelConfig::parse_from(args).load().unwrap();
+
+    let res = {
+        let rt = tokio::runtime::Builder::new_multi_thread()
+            .enable_all()
+            .build()
+            .expect("failed to initialize runtime");
+        rt.block_on(inner_main(&config))
+    };
+
+    match res {
+        Ok(()) => (),
+        Err(e) => {
+            eprintln!("{}", e.source);
+            tracing::debug!("{:?}", e.source);
+            drop(e.source);
+            std::process::exit(e.kind as i32)
+        }
+    }
+}
+
+pub fn cli(args: impl IntoIterator<Item = OsString>) {
+    LOGGER.enable();
+
+    if let Err(e) = CliApp::new(
+        |cfg: ClientConfig| Ok(CliContext::init(cfg.load()?)?),
+        crate::tunnel::api::tunnel_api(),
+    )
+    .run(args)
+    {
+        match e.data {
+            Some(serde_json::Value::String(s)) => eprintln!("{}: {}", e.message, s),
+            Some(serde_json::Value::Object(o)) => {
+                if let Some(serde_json::Value::String(s)) = o.get("details") {
+                    eprintln!("{}: {}", e.message, s);
+                    if let Some(serde_json::Value::String(s)) = o.get("debug") {
+                        tracing::debug!("{}", s)
+                    }
+                }
+            }
+            Some(a) => eprintln!("{}: {}", e.message, a),
+            None => eprintln!("{}", e.message),
+        }
+
+        std::process::exit(e.code);
+    }
+}

core/startos/src/config/hook.rs

@@ -0,0 +1,53 @@
+use helpers::Callback;
+use itertools::Itertools;
+use jsonpath_lib::Compiled;
+use models::PackageId;
+use serde_json::Value;
+
+use crate::context::RpcContext;
+
+pub struct ConfigHook {
+    pub path: Compiled,
+    pub prev: Vec<Value>,
+    pub callback: Callback,
+}
+
+impl RpcContext {
+    pub async fn add_config_hook(&self, id: PackageId, hook: ConfigHook) {
+        let mut hooks = self.config_hooks.lock().await;
+        let prev = hooks.remove(&id).unwrap_or_default();
+        hooks.insert(
+            id,
+            prev.into_iter()
+                .filter(|h| h.callback.is_listening())
+                .chain(std::iter::once(hook))
+                .collect(),
+        );
+    }
+
+    pub async fn call_config_hooks(&self, id: PackageId, config: &Value) {
+        let mut hooks = self.config_hooks.lock().await;
+        let mut prev = hooks.remove(&id).unwrap_or_default();
+        for hook in &mut prev {
+            let new = hook
+                .path
+                .select(config)
+                .unwrap_or_default()
+                .into_iter()
+                .cloned()
+                .collect_vec();
+            if new != hook.prev {
+                hook.callback
+                    .call(vec![Value::Array(new.clone())])
+                    .unwrap_or_default();
+                hook.prev = new;
+            }
+        }
+        hooks.insert(
+            id,
+            prev.into_iter()
+                .filter(|h| h.callback.is_listening())
+                .collect(),
+        );
+    }
+}

core/startos/src/context/cli.rs

@@ -1,27 +1,32 @@
 use std::fs::File;
 use std::io::BufReader;
+use std::net::SocketAddr;
 use std::path::{Path, PathBuf};
 use std::sync::Arc;
 
-use cookie_store::{CookieStore, RawCookie};
+use cookie::{Cookie, Expiration, SameSite};
+use cookie_store::CookieStore;
+use imbl_value::InternedString;
 use josekit::jwk::Jwk;
 use once_cell::sync::OnceCell;
 use reqwest::Proxy;
 use reqwest_cookie_store::CookieStoreMutex;
 use rpc_toolkit::reqwest::{Client, Url};
 use rpc_toolkit::yajrc::RpcError;
-use rpc_toolkit::{call_remote_http, CallRemote, Context, Empty};
+use rpc_toolkit::{CallRemote, Context, Empty};
 use tokio::net::TcpStream;
 use tokio::runtime::Runtime;
 use tokio_tungstenite::{MaybeTlsStream, WebSocketStream};
 use tracing::instrument;
 
 use super::setup::CURRENT_SECRET;
-use crate::context::config::{local_config_path, ClientConfig};
+use crate::context::config::{ClientConfig, local_config_path};
 use crate::context::{DiagnosticContext, InitContext, InstallContext, RpcContext, SetupContext};
-use crate::middleware::auth::LOCAL_AUTH_COOKIE_PATH;
+use crate::developer::{OS_DEVELOPER_KEY_PATH, default_developer_key_path};
+use crate::middleware::auth::AuthContext;
 use crate::prelude::*;
 use crate::rpc_continuations::Guid;
+use crate::tunnel::context::TunnelContext;
 
 #[derive(Debug)]
 pub struct CliContextSeed {
@@ -29,6 +34,10 @@ pub struct CliContextSeed {
     pub base_url: Url,
     pub rpc_url: Url,
     pub registry_url: Option<Url>,
+    pub registry_hostname: Option<InternedString>,
+    pub registry_listen: Option<SocketAddr>,
+    pub tunnel_addr: Option<SocketAddr>,
+    pub tunnel_listen: Option<SocketAddr>,
     pub client: Client,
     pub cookie_store: Arc<CookieStoreMutex>,
     pub cookie_path: PathBuf,
@@ -37,6 +46,11 @@ pub struct CliContextSeed {
 }
 impl Drop for CliContextSeed {
     fn drop(&mut self) {
+        if let Some(rt) = self.runtime.take() {
+            if let Ok(rt) = Arc::try_unwrap(rt) {
+                rt.shutdown_background();
+            }
+        }
         let tmp = format!("{}.tmp", self.cookie_path.display());
         let parent_dir = self.cookie_path.parent().unwrap_or(Path::new("/"));
         if !parent_dir.exists() {
@@ -50,9 +64,8 @@ impl Drop for CliContextSeed {
             true,
         )
         .unwrap();
-        let mut store = self.cookie_store.lock().unwrap();
-        store.remove("localhost", "", "local");
-        store.save_json(&mut *writer).unwrap();
+        let store = self.cookie_store.lock().unwrap();
+        cookie_store::serde::json::save(&store, &mut *writer).unwrap();
         writer.sync_all().unwrap();
         std::fs::rename(tmp, &self.cookie_path).unwrap();
     }
@@ -80,26 +93,14 @@ impl CliContext {
                 .unwrap_or(Path::new("/"))
                 .join(".cookies.json")
         });
-        let cookie_store = Arc::new(CookieStoreMutex::new({
-            let mut store = if cookie_path.exists() {
-                CookieStore::load_json(BufReader::new(
-                    File::open(&cookie_path)
-                        .with_ctx(|_| (ErrorKind::Filesystem, cookie_path.display()))?,
-                ))
-                .map_err(|e| eyre!("{}", e))
-                .with_kind(crate::ErrorKind::Deserialization)?
-            } else {
-                CookieStore::default()
-            };
-            if let Ok(local) = std::fs::read_to_string(LOCAL_AUTH_COOKIE_PATH) {
-                store
-                    .insert_raw(
-                        &RawCookie::new("local", local),
-                        &"http://localhost".parse()?,
-                    )
-                    .with_kind(crate::ErrorKind::Network)?;
-            }
-            store
+        let cookie_store = Arc::new(CookieStoreMutex::new(if cookie_path.exists() {
+            cookie_store::serde::json::load(BufReader::new(
+                File::open(&cookie_path)
+                    .with_ctx(|_| (ErrorKind::Filesystem, cookie_path.display()))?,
+            ))
+            .unwrap_or_default()
+        } else {
+            CookieStore::default()
         }));
 
         Ok(CliContext(Arc::new(CliContextSeed {
@@ -124,9 +125,17 @@ impl CliContext {
                     Ok::<_, Error>(registry)
                 })
                 .transpose()?,
+            registry_hostname: config.registry_hostname,
+            registry_listen: config.registry_listen,
+            tunnel_addr: config.tunnel,
+            tunnel_listen: config.tunnel_listen,
             client: {
                 let mut builder = Client::builder().cookie_provider(cookie_store.clone());
-                if let Some(proxy) = config.proxy {
+                if let Some(proxy) = config.proxy.or_else(|| {
+                    config
+                        .socks_listen
+                        .and_then(|socks| format!("socks5h://{socks}").parse::<Url>().log_err())
+                }) {
                     builder =
                         builder.proxy(Proxy::all(proxy).with_kind(crate::ErrorKind::ParseUrl)?)
                 }
@@ -134,14 +143,9 @@ impl CliContext {
             },
             cookie_store,
             cookie_path,
-            developer_key_path: config.developer_key_path.unwrap_or_else(|| {
-                local_config_path()
-                    .as_deref()
-                    .unwrap_or_else(|| Path::new(super::config::CONFIG_PATH))
-                    .parent()
-                    .unwrap_or(Path::new("/"))
-                    .join("developer.key.pem")
-            }),
+            developer_key_path: config
+                .developer_key_path
+                .unwrap_or_else(default_developer_key_path),
             developer_key: OnceCell::new(),
         })))
     }
@@ -150,20 +154,26 @@ impl CliContext {
     #[instrument(skip_all)]
     pub fn developer_key(&self) -> Result<&ed25519_dalek::SigningKey, Error> {
         self.developer_key.get_or_try_init(|| {
-            if !self.developer_key_path.exists() {
-                return Err(Error::new(eyre!("Developer Key does not exist! Please run `start-cli init` before running this command."), crate::ErrorKind::Uninitialized));
-            }
-            let pair = <ed25519::KeypairBytes as ed25519::pkcs8::DecodePrivateKey>::from_pkcs8_pem(
-                &std::fs::read_to_string(&self.developer_key_path)?,
-            )
-            .with_kind(crate::ErrorKind::Pem)?;
-            let secret = ed25519_dalek::SecretKey::try_from(&pair.secret_key[..]).map_err(|_| {
-                Error::new(
-                    eyre!("pkcs8 key is of incorrect length"),
-                    ErrorKind::OpenSsl,
+            for path in [Path::new(OS_DEVELOPER_KEY_PATH), &self.developer_key_path] {
+                if !path.exists() {
+                    continue;
+                }
+                let pair = <ed25519::KeypairBytes as ed25519::pkcs8::DecodePrivateKey>::from_pkcs8_pem(
+                    &std::fs::read_to_string(&self.developer_key_path)?,
                 )
-            })?;
-            Ok(secret.into())
+                .with_kind(crate::ErrorKind::Pem)?;
+                let secret = ed25519_dalek::SecretKey::try_from(&pair.secret_key[..]).map_err(|_| {
+                    Error::new(
+                        eyre!("pkcs8 key is of incorrect length"),
+                        ErrorKind::OpenSsl,
+                    )
+                })?;
+                return Ok(secret.into())
+            }
+            Err(Error::new(
+                eyre!("Developer Key does not exist! Please run `start-cli init` before running this command."),
+                crate::ErrorKind::Uninitialized
+            ))
         })
     }
 
@@ -180,7 +190,7 @@ impl CliContext {
                     eyre!("Cannot parse scheme from base URL"),
                     crate::ErrorKind::ParseUrl,
                 )
-                .into())
+                .into());
             }
         };
         url.set_scheme(ws_scheme)
@@ -271,27 +281,90 @@ impl Context for CliContext {
 }
 impl CallRemote<RpcContext> for CliContext {
     async fn call_remote(&self, method: &str, params: Value, _: Empty) -> Result<Value, RpcError> {
-        call_remote_http(&self.client, self.rpc_url.clone(), method, params).await
+        if let Ok(local) = std::fs::read_to_string(RpcContext::LOCAL_AUTH_COOKIE_PATH) {
+            self.cookie_store
+                .lock()
+                .unwrap()
+                .insert_raw(
+                    &Cookie::build(("local", local))
+                        .domain("localhost")
+                        .expires(Expiration::Session)
+                        .same_site(SameSite::Strict)
+                        .build(),
+                    &"http://localhost".parse()?,
+                )
+                .with_kind(crate::ErrorKind::Network)?;
+        }
+        crate::middleware::signature::call_remote(
+            self,
+            self.rpc_url.clone(),
+            self.rpc_url.host_str().or_not_found("rpc url hostname")?,
+            method,
+            params,
+        )
+        .await
     }
 }
 impl CallRemote<DiagnosticContext> for CliContext {
     async fn call_remote(&self, method: &str, params: Value, _: Empty) -> Result<Value, RpcError> {
-        call_remote_http(&self.client, self.rpc_url.clone(), method, params).await
+        if let Ok(local) = std::fs::read_to_string(TunnelContext::LOCAL_AUTH_COOKIE_PATH) {
+            self.cookie_store
+                .lock()
+                .unwrap()
+                .insert_raw(
+                    &Cookie::build(("local", local))
+                        .domain("localhost")
+                        .expires(Expiration::Session)
+                        .same_site(SameSite::Strict)
+                        .build(),
+                    &"http://localhost".parse()?,
+                )
+                .with_kind(crate::ErrorKind::Network)?;
+        }
+        crate::middleware::signature::call_remote(
+            self,
+            self.rpc_url.clone(),
+            self.rpc_url.host_str().or_not_found("rpc url hostname")?,
+            method,
+            params,
+        )
+        .await
     }
 }
 impl CallRemote<InitContext> for CliContext {
     async fn call_remote(&self, method: &str, params: Value, _: Empty) -> Result<Value, RpcError> {
-        call_remote_http(&self.client, self.rpc_url.clone(), method, params).await
+        crate::middleware::signature::call_remote(
+            self,
+            self.rpc_url.clone(),
+            self.rpc_url.host_str().or_not_found("rpc url hostname")?,
+            method,
+            params,
+        )
+        .await
     }
 }
 impl CallRemote<SetupContext> for CliContext {
     async fn call_remote(&self, method: &str, params: Value, _: Empty) -> Result<Value, RpcError> {
-        call_remote_http(&self.client, self.rpc_url.clone(), method, params).await
+        crate::middleware::signature::call_remote(
+            self,
+            self.rpc_url.clone(),
+            self.rpc_url.host_str().or_not_found("rpc url hostname")?,
+            method,
+            params,
+        )
+        .await
     }
 }
 impl CallRemote<InstallContext> for CliContext {
     async fn call_remote(&self, method: &str, params: Value, _: Empty) -> Result<Value, RpcError> {
-        call_remote_http(&self.client, self.rpc_url.clone(), method, params).await
+        crate::middleware::signature::call_remote(
+            self,
+            self.rpc_url.clone(),
+            self.rpc_url.host_str().or_not_found("rpc url hostname")?,
+            method,
+            params,
+        )
+        .await
     }
 }
 

core/startos/src/context/config.rs

@@ -3,18 +3,16 @@ use std::net::SocketAddr;
 use std::path::{Path, PathBuf};
 
 use clap::Parser;
+use imbl_value::InternedString;
 use reqwest::Url;
 use serde::de::DeserializeOwned;
 use serde::{Deserialize, Serialize};
-use sqlx::postgres::PgConnectOptions;
-use sqlx::PgPool;
 
+use crate::MAIN_DATA;
 use crate::disk::OsPartitionInfo;
-use crate::init::init_postgres;
 use crate::prelude::*;
 use crate::util::serde::IoFormat;
 use crate::version::VersionT;
-use crate::MAIN_DATA;
 
 pub const DEVICE_CONFIG_PATH: &str = "/media/startos/config/config.yaml"; // "/media/startos/config/config.yaml";
 pub const CONFIG_PATH: &str = "/etc/startos/config.yaml";
@@ -58,7 +56,6 @@ pub trait ContextConfig: DeserializeOwned + Default {
 #[derive(Debug, Default, Deserialize, Serialize, Parser)]
 #[serde(rename_all = "kebab-case")]
 #[command(rename_all = "kebab-case")]
-#[command(name = "start-cli")]
 #[command(version = crate::version::Current::default().semver().to_string())]
 pub struct ClientConfig {
     #[arg(short = 'c', long)]
@@ -67,8 +64,18 @@ pub struct ClientConfig {
     pub host: Option<Url>,
     #[arg(short = 'r', long)]
     pub registry: Option<Url>,
+    #[arg(long)]
+    pub registry_hostname: Option<InternedString>,
+    #[arg(skip)]
+    pub registry_listen: Option<SocketAddr>,
+    #[arg(short = 't', long)]
+    pub tunnel: Option<SocketAddr>,
+    #[arg(skip)]
+    pub tunnel_listen: Option<SocketAddr>,
     #[arg(short = 'p', long)]
     pub proxy: Option<Url>,
+    #[arg(skip)]
+    pub socks_listen: Option<SocketAddr>,
     #[arg(long)]
     pub cookie_path: Option<PathBuf>,
     #[arg(long)]
@@ -81,6 +88,8 @@ impl ContextConfig for ClientConfig {
     fn merge_with(&mut self, other: Self) {
         self.host = self.host.take().or(other.host);
         self.registry = self.registry.take().or(other.registry);
+        self.registry_hostname = self.registry_hostname.take().or(other.registry_hostname);
+        self.tunnel = self.tunnel.take().or(other.tunnel);
         self.proxy = self.proxy.take().or(other.proxy);
         self.cookie_path = self.cookie_path.take().or(other.cookie_path);
         self.developer_key_path = self.developer_key_path.take().or(other.developer_key_path);
@@ -107,15 +116,15 @@ pub struct ServerConfig {
     #[arg(skip)]
     pub os_partitions: Option<OsPartitionInfo>,
     #[arg(long)]
-    pub tor_control: Option<SocketAddr>,
-    #[arg(long)]
-    pub tor_socks: Option<SocketAddr>,
+    pub socks_listen: Option<SocketAddr>,
     #[arg(long)]
     pub revision_cache_size: Option<usize>,
     #[arg(long)]
     pub disable_encryption: Option<bool>,
     #[arg(long)]
     pub multi_arch_s9pks: Option<bool>,
+    #[arg(long)]
+    pub developer_key_path: Option<PathBuf>,
 }
 impl ContextConfig for ServerConfig {
     fn next(&mut self) -> Option<PathBuf> {
@@ -124,14 +133,14 @@ impl ContextConfig for ServerConfig {
     fn merge_with(&mut self, other: Self) {
         self.ethernet_interface = self.ethernet_interface.take().or(other.ethernet_interface);
         self.os_partitions = self.os_partitions.take().or(other.os_partitions);
-        self.tor_control = self.tor_control.take().or(other.tor_control);
-        self.tor_socks = self.tor_socks.take().or(other.tor_socks);
+        self.socks_listen = self.socks_listen.take().or(other.socks_listen);
         self.revision_cache_size = self
             .revision_cache_size
             .take()
             .or(other.revision_cache_size);
         self.disable_encryption = self.disable_encryption.take().or(other.disable_encryption);
         self.multi_arch_s9pks = self.multi_arch_s9pks.take().or(other.multi_arch_s9pks);
+        self.developer_key_path = self.developer_key_path.take().or(other.developer_key_path);
     }
 }
 
@@ -151,16 +160,4 @@ impl ServerConfig {
 
         Ok(db)
     }
-    #[instrument(skip_all)]
-    pub async fn secret_store(&self) -> Result<PgPool, Error> {
-        init_postgres("/media/startos/data").await?;
-        let secret_store =
-            PgPool::connect_with(PgConnectOptions::new().database("secrets").username("root"))
-                .await?;
-        sqlx::migrate!()
-            .run(&secret_store)
-            .await
-            .with_kind(crate::ErrorKind::Database)?;
-        Ok(secret_store)
-    }
 }

core/startos/src/context/diagnostic.rs

@@ -1,15 +1,15 @@
 use std::ops::Deref;
 use std::sync::Arc;
 
-use rpc_toolkit::yajrc::RpcError;
 use rpc_toolkit::Context;
+use rpc_toolkit::yajrc::RpcError;
 use tokio::sync::broadcast::Sender;
 use tracing::instrument;
 
+use crate::Error;
 use crate::context::config::ServerConfig;
 use crate::rpc_continuations::RpcContinuations;
 use crate::shutdown::Shutdown;
-use crate::Error;
 
 pub struct DiagnosticContextSeed {
     pub shutdown: Sender<Shutdown>,

core/startos/src/context/init.rs

@@ -6,10 +6,10 @@ use tokio::sync::broadcast::Sender;
 use tokio::sync::watch;
 use tracing::instrument;
 
+use crate::Error;
 use crate::context::config::ServerConfig;
 use crate::progress::FullProgressTracker;
 use crate::rpc_continuations::RpcContinuations;
-use crate::Error;
 
 pub struct InitContextSeed {
     pub config: ServerConfig,

core/startos/src/context/install.rs

@@ -5,9 +5,9 @@ use rpc_toolkit::Context;
 use tokio::sync::broadcast::Sender;
 use tracing::instrument;
 
+use crate::Error;
 use crate::net::utils::find_eth_iface;
 use crate::rpc_continuations::RpcContinuations;
-use crate::Error;
 
 pub struct InstallContextSeed {
     pub ethernet_interface: String,

core/startos/src/context/rpc.rs

@@ -1,7 +1,9 @@
 use std::collections::{BTreeMap, BTreeSet};
+use std::ffi::OsStr;
 use std::future::Future;
 use std::net::{Ipv4Addr, SocketAddr, SocketAddrV4};
 use std::ops::Deref;
+use std::path::{Path, PathBuf};
 use std::sync::atomic::{AtomicBool, Ordering};
 use std::sync::Arc;
 use std::time::Duration;
@@ -16,7 +18,7 @@ use models::{ActionId, PackageId};
 use reqwest::{Client, Proxy};
 use rpc_toolkit::yajrc::RpcError;
 use rpc_toolkit::{CallRemote, Context, Empty};
-use tokio::sync::{broadcast, watch, Mutex, RwLock};
+use tokio::sync::{broadcast, oneshot, watch, RwLock};
 use tokio::time::Instant;
 use tracing::instrument;
 
@@ -24,23 +26,28 @@ use super::setup::CURRENT_SECRET;
 use crate::account::AccountInfo;
 use crate::auth::Sessions;
 use crate::context::config::ServerConfig;
+use crate::db::model::package::TaskSeverity;
 use crate::db::model::Database;
 use crate::disk::OsPartitionInfo;
 use crate::init::{check_time_is_synchronized, InitResult};
-use crate::lxc::{ContainerId, LxcContainer, LxcManager};
+use crate::install::PKG_ARCHIVE_DIR;
+use crate::lxc::LxcManager;
 use crate::net::net_controller::{NetController, NetService};
+use crate::net::socks::DEFAULT_SOCKS_LISTEN;
 use crate::net::utils::{find_eth_iface, find_wifi_iface};
 use crate::net::web_server::{UpgradableListener, WebServerAcceptorSetter};
 use crate::net::wifi::WpaCli;
 use crate::prelude::*;
 use crate::progress::{FullProgressTracker, PhaseProgressTrackerHandle};
 use crate::rpc_continuations::{Guid, OpenAuthedContinuations, RpcContinuations};
-use crate::service::action::update_requested_actions;
+use crate::service::action::update_tasks;
 use crate::service::effects::callbacks::ServiceCallbacks;
 use crate::service::ServiceMap;
 use crate::shutdown::Shutdown;
+use crate::util::io::delete_file;
 use crate::util::lshw::LshwDevice;
-use crate::util::sync::SyncMutex;
+use crate::util::sync::{SyncMutex, Watch};
+use crate::{DATA_DIR, HOST_IP};
 
 pub struct RpcContextSeed {
     is_closed: AtomicBool,
@@ -56,24 +63,18 @@ pub struct RpcContextSeed {
     pub os_net_service: NetService,
     pub s9pk_arch: Option<&'static str>,
     pub services: ServiceMap,
-    pub metrics_cache: RwLock<Option<crate::system::Metrics>>,
+    pub cancellable_installs: SyncMutex<BTreeMap<PackageId, oneshot::Sender<()>>>,
+    pub metrics_cache: Watch<Option<crate::system::Metrics>>,
     pub shutdown: broadcast::Sender<Option<Shutdown>>,
-    pub tor_socks: SocketAddr,
     pub lxc_manager: Arc<LxcManager>,
     pub open_authed_continuations: OpenAuthedContinuations<Option<InternedString>>,
     pub rpc_continuations: RpcContinuations,
     pub callbacks: Arc<ServiceCallbacks>,
-    pub wifi_manager: Option<Arc<RwLock<WpaCli>>>,
+    pub wifi_manager: Arc<RwLock<Option<WpaCli>>>,
     pub current_secret: Arc<Jwk>,
     pub client: Client,
     pub start_time: Instant,
     pub crons: SyncMutex<BTreeMap<Guid, NonDetachingJoinHandle<()>>>,
-    // #[cfg(feature = "dev")]
-    pub dev: Dev,
-}
-
-pub struct Dev {
-    pub lxc: Mutex<BTreeMap<ContainerId, LxcContainer>>,
 }
 
 pub struct Hardware {
@@ -101,14 +102,16 @@ impl InitRpcContextPhases {
 pub struct CleanupInitPhases {
     cleanup_sessions: PhaseProgressTrackerHandle,
     init_services: PhaseProgressTrackerHandle,
-    check_requested_actions: PhaseProgressTrackerHandle,
+    prune_s9pks: PhaseProgressTrackerHandle,
+    check_tasks: PhaseProgressTrackerHandle,
 }
 impl CleanupInitPhases {
     pub fn new(handle: &FullProgressTracker) -> Self {
         Self {
             cleanup_sessions: handle.add_phase("Cleaning up sessions".into(), Some(1)),
             init_services: handle.add_phase("Initializing services".into(), Some(10)),
-            check_requested_actions: handle.add_phase("Checking action requests".into(), Some(1)),
+            prune_s9pks: handle.add_phase("Pruning S9PKs".into(), Some(1)),
+            check_tasks: handle.add_phase("Checking action requests".into(), Some(1)),
         }
     }
 }
@@ -129,10 +132,7 @@ impl RpcContext {
             run_migrations,
         }: InitRpcContextPhases,
     ) -> Result<Self, Error> {
-        let tor_proxy = config.tor_socks.unwrap_or(SocketAddr::V4(SocketAddrV4::new(
-            Ipv4Addr::new(127, 0, 0, 1),
-            9050,
-        )));
+        let socks_proxy = config.socks_listen.unwrap_or(DEFAULT_SOCKS_LISTEN);
         let (shutdown, _) = tokio::sync::broadcast::channel(1);
 
         load_db.start();
@@ -154,18 +154,9 @@ impl RpcContext {
         {
             (net_ctrl, os_net_service)
         } else {
-            let net_ctrl = Arc::new(
-                NetController::init(
-                    db.clone(),
-                    config
-                        .tor_control
-                        .unwrap_or(SocketAddr::from(([127, 0, 0, 1], 9051))),
-                    tor_proxy,
-                    &account.hostname,
-                )
-                .await?,
-            );
-            webserver.try_upgrade(|a| net_ctrl.net_iface.upgrade_listener(a))?;
+            let net_ctrl =
+                Arc::new(NetController::init(db.clone(), &account.hostname, socks_proxy).await?);
+            webserver.try_upgrade(|a| net_ctrl.net_iface.watcher.upgrade_listener(a))?;
             let os_net_service = net_ctrl.os_bindings().await?;
             (net_ctrl, os_net_service)
         };
@@ -173,8 +164,8 @@ impl RpcContext {
         tracing::info!("Initialized Net Controller");
 
         let services = ServiceMap::default();
-        let metrics_cache = RwLock::<Option<crate::system::Metrics>>::new(None);
-        let tor_proxy_url = format!("socks5h://{tor_proxy}");
+        let metrics_cache = Watch::<Option<crate::system::Metrics>>::new(None);
+        let socks_proxy_url = format!("socks5h://{socks_proxy}");
 
         let crons = SyncMutex::new(BTreeMap::new());
 
@@ -239,15 +230,13 @@ impl RpcContext {
                 Some(crate::ARCH)
             },
             services,
+            cancellable_installs: SyncMutex::new(BTreeMap::new()),
             metrics_cache,
             shutdown,
-            tor_socks: tor_proxy,
             lxc_manager: Arc::new(LxcManager::new()),
             open_authed_continuations: OpenAuthedContinuations::new(),
             rpc_continuations: RpcContinuations::new(),
-            wifi_manager: wifi_interface
-                .clone()
-                .map(|i| Arc::new(RwLock::new(WpaCli::init(i)))),
+            wifi_manager: Arc::new(RwLock::new(wifi_interface.clone().map(|i| WpaCli::init(i)))),
             current_secret: Arc::new(
                 Jwk::generate_ec_key(josekit::jwk::alg::ec::EcCurve::P256).map_err(|e| {
                     tracing::debug!("{:?}", e);
@@ -259,21 +248,11 @@ impl RpcContext {
                 })?,
             ),
             client: Client::builder()
-                .proxy(Proxy::custom(move |url| {
-                    if url.host_str().map_or(false, |h| h.ends_with(".onion")) {
-                        Some(tor_proxy_url.clone())
-                    } else {
-                        None
-                    }
-                }))
+                .proxy(Proxy::all(socks_proxy_url)?)
                 .build()
                 .with_kind(crate::ErrorKind::ParseUrl)?,
             start_time: Instant::now(),
             crons,
-            // #[cfg(feature = "dev")]
-            dev: Dev {
-                lxc: Mutex::new(BTreeMap::new()),
-            },
         });
 
         let res = Self(seed.clone());
@@ -306,8 +285,9 @@ impl RpcContext {
         &self,
         CleanupInitPhases {
             mut cleanup_sessions,
-            init_services,
-            mut check_requested_actions,
+            mut init_services,
+            mut prune_s9pks,
+            mut check_tasks,
         }: CleanupInitPhases,
     ) -> Result<(), Error> {
         cleanup_sessions.start();
@@ -365,39 +345,63 @@ impl RpcContext {
         });
         cleanup_sessions.complete();
 
-        self.services.init(&self, init_services).await?;
-        tracing::info!("Initialized Services");
+        init_services.start();
+        self.services.init(&self).await?;
+        init_services.complete();
 
-        // TODO
-        check_requested_actions.start();
+        prune_s9pks.start();
         let peek = self.db.peek().await;
+        let keep = peek
+            .as_public()
+            .as_package_data()
+            .as_entries()?
+            .into_iter()
+            .map(|(_, pde)| pde.as_s9pk().de())
+            .collect::<Result<BTreeSet<PathBuf>, Error>>()?;
+        let installed_dir = &Path::new(DATA_DIR).join(PKG_ARCHIVE_DIR).join("installed");
+        if tokio::fs::metadata(&installed_dir).await.is_ok() {
+            let mut dir = tokio::fs::read_dir(&installed_dir)
+                .await
+                .with_ctx(|_| (ErrorKind::Filesystem, lazy_format!("dir {installed_dir:?}")))?;
+            while let Some(file) = dir
+                .next_entry()
+                .await
+                .with_ctx(|_| (ErrorKind::Filesystem, lazy_format!("dir {installed_dir:?}")))?
+            {
+                let path = file.path();
+                if path.extension() == Some(OsStr::new("s9pk")) && !keep.contains(&path) {
+                    delete_file(path).await?;
+                }
+            }
+        }
+        prune_s9pks.complete();
+
+        check_tasks.start();
         let mut action_input: OrdMap<PackageId, BTreeMap<ActionId, Value>> = OrdMap::new();
-        let requested_actions: BTreeSet<_> = peek
+        let tasks: BTreeSet<_> = peek
             .as_public()
             .as_package_data()
             .as_entries()?
             .into_iter()
             .map(|(_, pde)| {
-                Ok(pde
-                    .as_requested_actions()
-                    .as_entries()?
-                    .into_iter()
-                    .map(|(_, r)| {
-                        Ok::<_, Error>((
-                            r.as_request().as_package_id().de()?,
-                            r.as_request().as_action_id().de()?,
-                        ))
-                    }))
+                Ok(pde.as_tasks().as_entries()?.into_iter().map(|(_, r)| {
+                    Ok::<_, Error>((
+                        r.as_task().as_package_id().de()?,
+                        r.as_task().as_action_id().de()?,
+                    ))
+                }))
             })
             .flatten_ok()
             .map(|a| a.and_then(|a| a))
             .try_collect()?;
         let procedure_id = Guid::new();
-        for (package_id, action_id) in requested_actions {
+        for (package_id, action_id) in tasks {
             if let Some(service) = self.services.get(&package_id).await.as_ref() {
                 if let Some(input) = service
                     .get_action_input(procedure_id.clone(), action_id.clone())
-                    .await?
+                    .await
+                    .log_err()
+                    .flatten()
                     .and_then(|i| i.value)
                 {
                     action_input
@@ -407,28 +411,47 @@ impl RpcContext {
                 }
             }
         }
-        self.db
-            .mutate(|db| {
-                for (package_id, action_input) in &action_input {
-                    for (action_id, input) in action_input {
-                        for (_, pde) in db.as_public_mut().as_package_data_mut().as_entries_mut()? {
-                            pde.as_requested_actions_mut().mutate(|requested_actions| {
-                                Ok(update_requested_actions(
-                                    requested_actions,
-                                    package_id,
-                                    action_id,
-                                    input,
-                                    false,
-                                ))
-                            })?;
+        for id in
+            self.db
+                .mutate::<Vec<PackageId>>(|db| {
+                    for (package_id, action_input) in &action_input {
+                        for (action_id, input) in action_input {
+                            for (_, pde) in
+                                db.as_public_mut().as_package_data_mut().as_entries_mut()?
+                            {
+                                pde.as_tasks_mut().mutate(|tasks| {
+                                    Ok(update_tasks(tasks, package_id, action_id, input, false))
+                                })?;
+                            }
                         }
                     }
-                }
-                Ok(())
-            })
-            .await
-            .result?;
-        check_requested_actions.complete();
+                    db.as_public()
+                        .as_package_data()
+                        .as_entries()?
+                        .into_iter()
+                        .filter_map(|(id, pkg)| {
+                            (|| {
+                                if pkg.as_tasks().de()?.into_iter().any(|(_, t)| {
+                                    t.active && t.task.severity == TaskSeverity::Critical
+                                }) {
+                                    Ok(Some(id))
+                                } else {
+                                    Ok(None)
+                                }
+                            })()
+                            .transpose()
+                        })
+                        .collect()
+                })
+                .await
+                .result?
+        {
+            let svc = self.services.get(&id).await;
+            if let Some(svc) = &*svc {
+                svc.stop(procedure_id.clone(), false).await?;
+            }
+        }
+        check_tasks.complete();
 
         Ok(())
     }

core/startos/src/context/setup.rs

@@ -10,14 +10,15 @@ use josekit::jwk::Jwk;
 use patch_db::PatchDb;
 use rpc_toolkit::Context;
 use serde::{Deserialize, Serialize};
-use tokio::sync::broadcast::Sender;
 use tokio::sync::OnceCell;
+use tokio::sync::broadcast::Sender;
 use tracing::instrument;
 use ts_rs::TS;
 
+use crate::MAIN_DATA;
 use crate::account::AccountInfo;
-use crate::context::config::ServerConfig;
 use crate::context::RpcContext;
+use crate::context::config::ServerConfig;
 use crate::disk::OsPartitionInfo;
 use crate::hostname::Hostname;
 use crate::net::web_server::{UpgradableListener, WebServer, WebServerAcceptorSetter};
@@ -25,8 +26,8 @@ use crate::prelude::*;
 use crate::progress::FullProgressTracker;
 use crate::rpc_continuations::{Guid, RpcContinuation, RpcContinuations};
 use crate::setup::SetupProgress;
+use crate::shutdown::Shutdown;
 use crate::util::net::WebSocketExt;
-use crate::MAIN_DATA;
 
 lazy_static::lazy_static! {
     pub static ref CURRENT_SECRET: Jwk = Jwk::generate_ec_key(josekit::jwk::alg::ec::EcCurve::P256).unwrap_or_else(|e| {
@@ -54,7 +55,7 @@ impl TryFrom<&AccountInfo> for SetupResult {
             tor_addresses: value
                 .tor_keys
                 .iter()
-                .map(|tor_key| format!("https://{}", tor_key.public().get_onion_address()))
+                .map(|tor_key| format!("https://{}", tor_key.onion_address()))
                 .collect(),
             hostname: value.hostname.clone(),
             lan_address: value.hostname.lan_address(),
@@ -71,7 +72,8 @@ pub struct SetupContextSeed {
     pub progress: FullProgressTracker,
     pub task: OnceCell<NonDetachingJoinHandle<()>>,
     pub result: OnceCell<Result<(SetupResult, RpcContext), Error>>,
-    pub shutdown: Sender<()>,
+    pub disk_guid: OnceCell<Arc<String>>,
+    pub shutdown: Sender<Option<Shutdown>>,
     pub rpc_continuations: RpcContinuations,
 }
 
@@ -97,6 +99,7 @@ impl SetupContext {
             progress: FullProgressTracker::new(),
             task: OnceCell::new(),
             result: OnceCell::new(),
+            disk_guid: OnceCell::new(),
             shutdown,
             rpc_continuations: RpcContinuations::new(),
         })))
@@ -172,7 +175,8 @@ impl SetupContext {
                                         if let Some(progress) = progress {
                                             ws.send(ws::Message::Text(
                                                 serde_json::to_string(&progress)
-                                                    .with_kind(ErrorKind::Serialization)?,
+                                                    .with_kind(ErrorKind::Serialization)?
+                                                    .into(),
                                             ))
                                             .await
                                             .with_kind(ErrorKind::Network)?;

core/startos/src/control.rs

@@ -5,10 +5,10 @@ use serde::{Deserialize, Serialize};
 use tracing::instrument;
 use ts_rs::TS;
 
+use crate::Error;
 use crate::context::RpcContext;
 use crate::prelude::*;
 use crate::rpc_continuations::Guid;
-use crate::Error;
 
 #[derive(Deserialize, Serialize, Parser, TS)]
 #[serde(rename_all = "camelCase")]
@@ -31,13 +31,12 @@ pub async fn start(ctx: RpcContext, ControlParams { id }: ControlParams) -> Resu
 }
 
 pub async fn stop(ctx: RpcContext, ControlParams { id }: ControlParams) -> Result<(), Error> {
-    // TODO: why did this return last_status before?
     ctx.services
         .get(&id)
         .await
         .as_ref()
         .ok_or_else(|| Error::new(eyre!("Manager not found"), crate::ErrorKind::InvalidRequest))?
-        .stop(Guid::new())
+        .stop(Guid::new(), true)
         .await?;
 
     Ok(())
@@ -49,7 +48,7 @@ pub async fn restart(ctx: RpcContext, ControlParams { id }: ControlParams) -> Re
         .await
         .as_ref()
         .ok_or_else(|| Error::new(eyre!("Manager not found"), crate::ErrorKind::InvalidRequest))?
-        .restart(Guid::new())
+        .restart(Guid::new(), false)
         .await?;
 
     Ok(())

core/startos/src/db/mod.rs

@@ -12,7 +12,7 @@ use itertools::Itertools;
 use patch_db::json_ptr::{JsonPointer, ROOT};
 use patch_db::{DiffPatch, Dump, Revision};
 use rpc_toolkit::yajrc::RpcError;
-use rpc_toolkit::{from_fn_async, Context, HandlerArgs, HandlerExt, ParentHandler};
+use rpc_toolkit::{Context, HandlerArgs, HandlerExt, ParentHandler, from_fn_async};
 use serde::{Deserialize, Serialize};
 use tokio::sync::mpsc::{self, UnboundedReceiver};
 use tokio::sync::watch;
@@ -23,7 +23,7 @@ use crate::context::{CliContext, RpcContext};
 use crate::prelude::*;
 use crate::rpc_continuations::{Guid, RpcContinuation};
 use crate::util::net::WebSocketExt;
-use crate::util::serde::{apply_expr, HandlerExtSerde};
+use crate::util::serde::{HandlerExtSerde, apply_expr};
 
 lazy_static::lazy_static! {
     static ref PUBLIC: JsonPointer = "/public".parse().unwrap();
@@ -203,7 +203,9 @@ pub async fn subscribe(
                                 rev = sub.recv() => {
                                     if let Some(rev) = rev {
                                         ws.send(ws::Message::Text(
-                                            serde_json::to_string(&rev).with_kind(ErrorKind::Serialization)?,
+                                            serde_json::to_string(&rev)
+                                                .with_kind(ErrorKind::Serialization)?
+                                                .into(),
                                         ))
                                         .await
                                         .with_kind(ErrorKind::Network)?;

core/startos/src/db/model/mod.rs

@@ -12,6 +12,7 @@ use crate::net::forward::AvailablePorts;
 use crate::net::keys::KeyStore;
 use crate::notifications::Notifications;
 use crate::prelude::*;
+use crate::sign::AnyVerifyingKey;
 use crate::ssh::SshKeys;
 use crate::util::serde::Pem;
 
@@ -27,12 +28,15 @@ pub struct Database {
     pub private: Private,
 }
 impl Database {
-    pub fn init(account: &AccountInfo) -> Result<Self, Error> {
+    pub fn init(account: &AccountInfo, kiosk: Option<bool>) -> Result<Self, Error> {
         Ok(Self {
-            public: Public::init(account)?,
+            public: Public::init(account, kiosk)?,
             private: Private {
                 key_store: KeyStore::new(account)?,
                 password: account.password.clone(),
+                auth_pubkeys: [AnyVerifyingKey::Ed25519((&account.developer_key).into())]
+                    .into_iter()
+                    .collect(),
                 ssh_privkey: Pem(account.ssh_key.clone()),
                 ssh_pubkeys: SshKeys::new(),
                 available_ports: AvailablePorts::new(),
@@ -40,7 +44,7 @@ impl Database {
                 notifications: Notifications::new(),
                 cifs: CifsTargets::new(),
                 package_stores: BTreeMap::new(),
-                compat_s9pk_key: Pem(account.compat_s9pk_key.clone()),
+                developer_key: Pem(account.developer_key.clone()),
             }, // TODO
         })
     }

core/startos/src/db/model/package.rs

@@ -1,14 +1,12 @@
 use std::collections::{BTreeMap, BTreeSet};
+use std::path::PathBuf;
 
 use chrono::{DateTime, Utc};
 use exver::VersionRange;
 use imbl_value::InternedString;
-use models::{
-    ActionId, DataUrl, HealthCheckId, HostId, PackageId, ReplayId, ServiceInterfaceId,
-    VersionString,
-};
-use patch_db::json_ptr::JsonPointer;
+use models::{ActionId, DataUrl, HealthCheckId, HostId, PackageId, ReplayId, ServiceInterfaceId};
 use patch_db::HasModel;
+use patch_db::json_ptr::JsonPointer;
 use reqwest::Url;
 use serde::{Deserialize, Serialize};
 use ts_rs::TS;
@@ -19,7 +17,7 @@ use crate::prelude::*;
 use crate::progress::FullProgress;
 use crate::s9pk::manifest::Manifest;
 use crate::status::MainStatus;
-use crate::util::serde::{is_partial_of, Pem};
+use crate::util::serde::{Pem, is_partial_of};
 
 #[derive(Debug, Default, Deserialize, Serialize, TS)]
 #[ts(export)]
@@ -270,7 +268,7 @@ impl Model<PackageState> {
                 return Err(Error::new(
                     eyre!("could not determine package state to get manifest"),
                     ErrorKind::Database,
-                ))
+                ));
             }
         })
     }
@@ -290,6 +288,7 @@ pub struct InstallingState {
 #[ts(export)]
 pub struct UpdatingState {
     pub manifest: Manifest,
+    pub s9pk: PathBuf,
     pub installing_info: InstallingInfo,
 }
 
@@ -365,7 +364,7 @@ impl Default for ActionVisibility {
 #[ts(export)]
 pub struct PackageDataEntry {
     pub state_info: PackageState,
-    pub data_version: Option<VersionString>,
+    pub s9pk: PathBuf,
     pub status: MainStatus,
     #[ts(type = "string | null")]
     pub registry: Option<Url>,
@@ -376,8 +375,7 @@ pub struct PackageDataEntry {
     pub last_backup: Option<DateTime<Utc>>,
     pub current_dependencies: CurrentDependencies,
     pub actions: BTreeMap<ActionId, ActionMetadata>,
-    #[ts(as = "BTreeMap::<String, ActionRequestEntry>")]
-    pub requested_actions: BTreeMap<ReplayId, ActionRequestEntry>,
+    pub tasks: BTreeMap<ReplayId, TaskEntry>,
     pub service_interfaces: BTreeMap<ServiceInterfaceId, ServiceInterface>,
     pub hosts: Hosts,
     #[ts(type = "string[]")]
@@ -444,8 +442,8 @@ pub enum CurrentDependencyKind {
 #[serde(rename_all = "camelCase")]
 #[ts(export)]
 #[model = "Model<Self>"]
-pub struct ActionRequestEntry {
-    pub request: ActionRequest,
+pub struct TaskEntry {
+    pub task: Task,
     pub active: bool,
 }
 
@@ -453,58 +451,59 @@ pub struct ActionRequestEntry {
 #[serde(rename_all = "camelCase")]
 #[ts(export)]
 #[model = "Model<Self>"]
-pub struct ActionRequest {
+pub struct Task {
     pub package_id: PackageId,
     pub action_id: ActionId,
     #[serde(default)]
-    pub severity: ActionSeverity,
+    pub severity: TaskSeverity,
     #[ts(optional)]
     pub reason: Option<String>,
     #[ts(optional)]
-    pub when: Option<ActionRequestTrigger>,
+    pub when: Option<TaskTrigger>,
     #[ts(optional)]
-    pub input: Option<ActionRequestInput>,
+    pub input: Option<TaskInput>,
 }
 
-#[derive(Clone, Debug, Deserialize, Serialize, TS)]
+#[derive(Clone, Debug, Deserialize, Serialize, TS, PartialEq, Eq, PartialOrd, Ord)]
 #[serde(rename_all = "kebab-case")]
 #[ts(export)]
-pub enum ActionSeverity {
-    Critical,
+pub enum TaskSeverity {
+    Optional,
     Important,
+    Critical,
 }
-impl Default for ActionSeverity {
+impl Default for TaskSeverity {
     fn default() -> Self {
-        ActionSeverity::Important
+        TaskSeverity::Important
     }
 }
 
 #[derive(Clone, Debug, Deserialize, Serialize, TS)]
 #[serde(rename_all = "camelCase")]
 #[ts(export)]
-pub struct ActionRequestTrigger {
+pub struct TaskTrigger {
     #[serde(default)]
     pub once: bool,
-    pub condition: ActionRequestCondition,
+    pub condition: TaskCondition,
 }
 
 #[derive(Clone, Debug, Deserialize, Serialize, TS)]
 #[serde(rename_all = "kebab-case")]
 #[ts(export)]
-pub enum ActionRequestCondition {
+pub enum TaskCondition {
     InputNotMatches,
 }
 
 #[derive(Clone, Debug, Deserialize, Serialize, TS)]
 #[serde(rename_all = "kebab-case")]
 #[serde(tag = "kind")]
-pub enum ActionRequestInput {
+pub enum TaskInput {
     Partial {
         #[ts(type = "Record<string, unknown>")]
         value: Value,
     },
 }
-impl ActionRequestInput {
+impl TaskInput {
     pub fn matches(&self, input: Option<&Value>) -> bool {
         match self {
             Self::Partial { value } => match input {

core/startos/src/db/model/private.rs

@@ -1,4 +1,4 @@
-use std::collections::BTreeMap;
+use std::collections::{BTreeMap, HashSet};
 
 use models::PackageId;
 use patch_db::{HasModel, Value};
@@ -10,6 +10,7 @@ use crate::net::forward::AvailablePorts;
 use crate::net::keys::KeyStore;
 use crate::notifications::Notifications;
 use crate::prelude::*;
+use crate::sign::AnyVerifyingKey;
 use crate::ssh::SshKeys;
 use crate::util::serde::Pem;
 
@@ -19,8 +20,9 @@ use crate::util::serde::Pem;
 pub struct Private {
     pub key_store: KeyStore,
     pub password: String, // argon2 hash
-    #[serde(default = "generate_compat_key")]
-    pub compat_s9pk_key: Pem<ed25519_dalek::SigningKey>,
+    pub auth_pubkeys: HashSet<AnyVerifyingKey>,
+    #[serde(default = "generate_developer_key")]
+    pub developer_key: Pem<ed25519_dalek::SigningKey>,
     pub ssh_privkey: Pem<ssh_key::PrivateKey>,
     pub ssh_pubkeys: SshKeys,
     pub available_ports: AvailablePorts,
@@ -31,7 +33,7 @@ pub struct Private {
     pub package_stores: BTreeMap<PackageId, Value>,
 }
 
-pub fn generate_compat_key() -> Pem<ed25519_dalek::SigningKey> {
+pub fn generate_developer_key() -> Pem<ed25519_dalek::SigningKey> {
     Pem(ed25519_dalek::SigningKey::generate(
         &mut ssh_key::rand_core::OsRng::default(),
     ))

core/startos/src/db/model/public.rs

@@ -1,13 +1,15 @@
 use std::collections::{BTreeMap, BTreeSet};
-use std::net::{IpAddr, Ipv4Addr};
+use std::net::{IpAddr, Ipv4Addr, Ipv6Addr, SocketAddr};
 
 use chrono::{DateTime, Utc};
 use exver::{Version, VersionRange};
+use imbl::{OrdMap, OrdSet};
 use imbl_value::InternedString;
 use ipnet::IpNet;
 use isocountry::CountryCode;
 use itertools::Itertools;
-use models::PackageId;
+use lazy_static::lazy_static;
+use models::{GatewayId, PackageId};
 use openssl::hash::MessageDigest;
 use patch_db::{HasModel, Value};
 use serde::{Deserialize, Serialize};
@@ -16,8 +18,9 @@ use ts_rs::TS;
 use crate::account::AccountInfo;
 use crate::db::model::package::AllPackageData;
 use crate::net::acme::AcmeProvider;
-use crate::net::host::binding::{AddSslOptions, BindInfo, BindOptions, NetInfo};
+use crate::net::forward::START9_BRIDGE_IFACE;
 use crate::net::host::Host;
+use crate::net::host::binding::{AddSslOptions, BindInfo, BindOptions, NetInfo};
 use crate::net::utils::ipv6_is_local;
 use crate::net::vhost::AlpnInfo;
 use crate::prelude::*;
@@ -27,7 +30,7 @@ use crate::util::cpupower::Governor;
 use crate::util::lshw::LshwDevice;
 use crate::util::serde::MaybeUtf8String;
 use crate::version::{Current, VersionT};
-use crate::{ARCH, PLATFORM};
+use crate::{ARCH, HOST_IP, PLATFORM};
 
 #[derive(Debug, Deserialize, Serialize, HasModel, TS)]
 #[serde(rename_all = "camelCase")]
@@ -40,7 +43,7 @@ pub struct Public {
     pub ui: Value,
 }
 impl Public {
-    pub fn init(account: &AccountInfo) -> Result<Self, Error> {
+    pub fn init(account: &AccountInfo, kiosk: Option<bool>) -> Result<Self, Error> {
         Ok(Self {
             server_info: ServerInfo {
                 arch: get_arch(),
@@ -48,44 +51,49 @@ impl Public {
                 id: account.server_id.clone(),
                 version: Current::default().semver(),
                 hostname: account.hostname.no_dot_host_name(),
-                host: Host {
-                    bindings: [(
-                        80,
-                        BindInfo {
-                            enabled: false,
-                            options: BindOptions {
-                                preferred_external_port: 80,
-                                add_ssl: Some(AddSslOptions {
-                                    preferred_external_port: 443,
-                                    alpn: Some(AlpnInfo::Specified(vec![
-                                        MaybeUtf8String("http/1.1".into()),
-                                        MaybeUtf8String("h2".into()),
-                                    ])),
-                                }),
-                                secure: None,
-                            },
-                            net: NetInfo {
-                                assigned_port: None,
-                                assigned_ssl_port: Some(443),
-                                public: false,
-                            },
-                        },
-                    )]
-                    .into_iter()
-                    .collect(),
-                    onions: account
-                        .tor_keys
-                        .iter()
-                        .map(|k| k.public().get_onion_address())
-                        .collect(),
-                    domains: BTreeMap::new(),
-                    hostname_info: BTreeMap::new(),
-                },
                 last_backup: None,
                 package_version_compat: Current::default().compat().clone(),
-                post_init_migration_todos: BTreeSet::new(),
-                network_interfaces: BTreeMap::new(),
-                acme: BTreeMap::new(),
+                post_init_migration_todos: BTreeMap::new(),
+                network: NetworkInfo {
+                    host: Host {
+                        bindings: [(
+                            80,
+                            BindInfo {
+                                enabled: false,
+                                options: BindOptions {
+                                    preferred_external_port: 80,
+                                    add_ssl: Some(AddSslOptions {
+                                        preferred_external_port: 443,
+                                        alpn: Some(AlpnInfo::Specified(vec![
+                                            MaybeUtf8String("http/1.1".into()),
+                                            MaybeUtf8String("h2".into()),
+                                        ])),
+                                    }),
+                                    secure: None,
+                                },
+                                net: NetInfo {
+                                    assigned_port: None,
+                                    assigned_ssl_port: Some(443),
+                                    private_disabled: OrdSet::new(),
+                                    public_enabled: OrdSet::new(),
+                                },
+                            },
+                        )]
+                        .into_iter()
+                        .collect(),
+                        onions: account.tor_keys.iter().map(|k| k.onion_address()).collect(),
+                        public_domains: BTreeMap::new(),
+                        private_domains: BTreeSet::new(),
+                        hostname_info: BTreeMap::new(),
+                    },
+                    wifi: WifiInfo {
+                        enabled: true,
+                        ..Default::default()
+                    },
+                    gateways: OrdMap::new(),
+                    acme: BTreeMap::new(),
+                    dns: Default::default(),
+                },
                 status_info: ServerStatus {
                     backup_progress: None,
                     updated: false,
@@ -93,7 +101,6 @@ impl Public {
                     shutting_down: false,
                     restarting: false,
                 },
-                wifi: WifiInfo::default(),
                 unread_notification_count: 0,
                 password_hash: account.password.clone(),
                 pubkey: ssh_key::PublicKey::from(&account.ssh_key)
@@ -112,6 +119,7 @@ impl Public {
                 smtp: None,
                 ram: 0,
                 devices: Vec::new(),
+                kiosk,
             },
             package_data: AllPackageData::default(),
             ui: serde_json::from_str(include_str!(concat!(
@@ -145,23 +153,17 @@ pub struct ServerInfo {
     pub id: String,
     #[ts(type = "string")]
     pub hostname: InternedString,
-    pub host: Host,
     #[ts(type = "string")]
     pub version: Version,
     #[ts(type = "string")]
     pub package_version_compat: VersionRange,
-    #[ts(type = "string[]")]
-    pub post_init_migration_todos: BTreeSet<Version>,
+    #[ts(type = "Record<string, unknown>")]
+    pub post_init_migration_todos: BTreeMap<Version, Value>,
     #[ts(type = "string | null")]
     pub last_backup: Option<DateTime<Utc>>,
-    #[ts(as = "BTreeMap::<String, NetworkInterfaceInfo>")]
-    #[serde(default)]
-    pub network_interfaces: BTreeMap<InternedString, NetworkInterfaceInfo>,
-    #[serde(default)]
-    pub acme: BTreeMap<AcmeProvider, AcmeSettings>,
+    pub network: NetworkInfo,
     #[serde(default)]
     pub status_info: ServerStatus,
-    pub wifi: WifiInfo,
     #[ts(type = "number")]
     pub unread_notification_count: u64,
     pub password_hash: String,
@@ -176,6 +178,32 @@ pub struct ServerInfo {
     #[ts(type = "number")]
     pub ram: u64,
     pub devices: Vec<LshwDevice>,
+    pub kiosk: Option<bool>,
+}
+
+#[derive(Debug, Default, Deserialize, Serialize, HasModel, TS)]
+#[serde(rename_all = "camelCase")]
+#[model = "Model<Self>"]
+#[ts(export)]
+pub struct NetworkInfo {
+    pub wifi: WifiInfo,
+    pub host: Host,
+    #[ts(as = "BTreeMap::<GatewayId, NetworkInterfaceInfo>")]
+    #[serde(default)]
+    pub gateways: OrdMap<GatewayId, NetworkInterfaceInfo>,
+    #[serde(default)]
+    pub acme: BTreeMap<AcmeProvider, AcmeSettings>,
+    #[serde(default)]
+    pub dns: DnsSettings,
+}
+
+#[derive(Debug, Default, Deserialize, Serialize, HasModel, TS)]
+#[serde(rename_all = "camelCase")]
+#[model = "Model<Self>"]
+#[ts(export)]
+pub struct DnsSettings {
+    pub dhcp_servers: Vec<SocketAddr>,
+    pub static_servers: Option<Vec<SocketAddr>>,
 }
 
 #[derive(Clone, Debug, Default, Deserialize, Serialize, HasModel, TS)]
@@ -184,9 +212,62 @@ pub struct ServerInfo {
 #[ts(export)]
 pub struct NetworkInterfaceInfo {
     pub public: Option<bool>,
+    pub secure: Option<bool>,
     pub ip_info: Option<IpInfo>,
 }
 impl NetworkInterfaceInfo {
+    pub fn loopback() -> (&'static GatewayId, &'static Self) {
+        lazy_static! {
+            static ref LO: GatewayId = GatewayId::from("lo");
+            static ref LOOPBACK: NetworkInterfaceInfo = NetworkInterfaceInfo {
+                public: Some(false),
+                secure: Some(true),
+                ip_info: Some(IpInfo {
+                    name: "lo".into(),
+                    scope_id: 1,
+                    device_type: None,
+                    subnets: [
+                        IpNet::new(Ipv4Addr::LOCALHOST.into(), 8).unwrap(),
+                        IpNet::new(Ipv6Addr::LOCALHOST.into(), 128).unwrap(),
+                    ]
+                    .into_iter()
+                    .collect(),
+                    lan_ip: [
+                        IpAddr::from(Ipv4Addr::LOCALHOST),
+                        IpAddr::from(Ipv6Addr::LOCALHOST)
+                    ]
+                    .into_iter()
+                    .collect(),
+                    wan_ip: None,
+                    ntp_servers: Default::default(),
+                    dns_servers: Default::default(),
+                }),
+            };
+        }
+        (&*LO, &*LOOPBACK)
+    }
+    pub fn lxc_bridge() -> (&'static GatewayId, &'static Self) {
+        lazy_static! {
+            static ref LXCBR0: GatewayId = GatewayId::from(START9_BRIDGE_IFACE);
+            static ref LXC_BRIDGE: NetworkInterfaceInfo = NetworkInterfaceInfo {
+                public: Some(false),
+                secure: Some(true),
+                ip_info: Some(IpInfo {
+                    name: START9_BRIDGE_IFACE.into(),
+                    scope_id: 0,
+                    device_type: None,
+                    subnets: [IpNet::new(HOST_IP.into(), 24).unwrap()]
+                        .into_iter()
+                        .collect(),
+                    lan_ip: [IpAddr::from(HOST_IP)].into_iter().collect(),
+                    wan_ip: None,
+                    ntp_servers: Default::default(),
+                    dns_servers: Default::default(),
+                }),
+            };
+        }
+        (&*LXCBR0, &*LXC_BRIDGE)
+    }
     pub fn public(&self) -> bool {
         self.public.unwrap_or_else(|| {
             !self.ip_info.as_ref().map_or(true, |ip_info| {
@@ -202,11 +283,9 @@ impl NetworkInterfaceInfo {
                     })
                     .collect::<BTreeSet<_>>();
                 if !ip4s.is_empty() {
-                    return ip4s.iter().all(|ip4| {
-                        ip4.is_loopback()
-                    || (ip4.is_private() && !ip4.octets().starts_with(&[10, 59])) // reserving 10.59 for public wireguard configurations
-                    || ip4.is_link_local()
-                    });
+                    return ip4s
+                        .iter()
+                        .all(|ip4| ip4.is_loopback() || ip4.is_private() || ip4.is_link_local());
                 }
                 ip_info.subnets.iter().all(|ipnet| {
                     if let IpAddr::V6(ip6) = ipnet.addr() {
@@ -218,19 +297,34 @@ impl NetworkInterfaceInfo {
             })
         })
     }
+
+    pub fn secure(&self) -> bool {
+        self.secure.unwrap_or_else(|| {
+            self.ip_info.as_ref().map_or(false, |ip_info| {
+                ip_info.device_type == Some(NetworkInterfaceType::Wireguard)
+            })
+        })
+    }
 }
 
-#[derive(Clone, Debug, Default, PartialEq, Eq, Deserialize, Serialize, TS)]
+#[derive(Clone, Debug, Default, PartialEq, Eq, Deserialize, Serialize, TS, HasModel)]
 #[ts(export)]
 #[serde(rename_all = "camelCase")]
+#[model = "Model<Self>"]
 pub struct IpInfo {
+    #[ts(type = "string")]
+    pub name: InternedString,
     pub scope_id: u32,
     pub device_type: Option<NetworkInterfaceType>,
     #[ts(type = "string[]")]
-    pub subnets: BTreeSet<IpNet>,
+    pub subnets: OrdSet<IpNet>,
+    #[ts(type = "string[]")]
+    pub lan_ip: OrdSet<IpAddr>,
     pub wan_ip: Option<Ipv4Addr>,
     #[ts(type = "string[]")]
-    pub ntp_servers: BTreeSet<InternedString>,
+    pub ntp_servers: OrdSet<InternedString>,
+    #[ts(type = "string[]")]
+    pub dns_servers: OrdSet<IpAddr>,
 }
 
 #[derive(Clone, Copy, Debug, PartialEq, Eq, Deserialize, Serialize, TS)]
@@ -250,6 +344,14 @@ pub struct AcmeSettings {
     pub contact: Vec<String>,
 }
 
+#[derive(Debug, Deserialize, Serialize, HasModel, TS)]
+#[serde(rename_all = "camelCase")]
+#[model = "Model<Self>"]
+#[ts(export)]
+pub struct DomainSettings {
+    pub gateway: GatewayId,
+}
+
 #[derive(Debug, Default, Deserialize, Serialize, HasModel, TS)]
 #[model = "Model<Self>"]
 #[ts(export)]
@@ -276,6 +378,7 @@ pub struct ServerStatus {
 #[model = "Model<Self>"]
 #[ts(export)]
 pub struct WifiInfo {
+    pub enabled: bool,
     pub interface: Option<String>,
     pub ssids: BTreeSet<String>,
     pub selected: Option<String>,

core/startos/src/db/prelude.rs

@@ -1,8 +1,9 @@
-use std::collections::BTreeMap;
+use std::collections::{BTreeMap, BTreeSet};
 use std::marker::PhantomData;
 use std::str::FromStr;
 
 use chrono::{DateTime, Utc};
+use imbl::OrdMap;
 pub use imbl_value::Value;
 use patch_db::value::InternedString;
 pub use patch_db::{HasModel, MutateResult, PatchDb};
@@ -199,6 +200,18 @@ where
     }
 }
 
+impl<A, B> Map for OrdMap<A, B>
+where
+    A: serde::Serialize + serde::de::DeserializeOwned + Clone + Ord + AsRef<str>,
+    B: serde::Serialize + serde::de::DeserializeOwned + Clone,
+{
+    type Key = A;
+    type Value = B;
+    fn key_str(key: &Self::Key) -> Result<impl AsRef<str>, Error> {
+        Ok(key.as_ref())
+    }
+}
+
 impl<T: Map> Model<T>
 where
     T::Value: Serialize,
@@ -267,7 +280,7 @@ where
     T::Key: FromStr + Ord + Clone,
     Error: From<<T::Key as FromStr>::Err>,
 {
-    pub fn keys(&self) -> Result<Vec<T::Key>, Error> {
+    pub fn keys(&self) -> Result<BTreeSet<T::Key>, Error> {
         use serde::de::Error;
         match &self.value {
             Value::Object(o) => o

core/startos/src/dependencies.rs

@@ -5,9 +5,9 @@ use models::PackageId;
 use serde::{Deserialize, Serialize};
 use ts_rs::TS;
 
+use crate::Error;
 use crate::prelude::*;
 use crate::util::PathOrUrl;
-use crate::Error;
 
 #[derive(Clone, Debug, Default, Deserialize, Serialize, HasModel, TS)]
 #[model = "Model<Self>"]
@@ -37,7 +37,6 @@ pub struct DepInfo {
 #[derive(Clone, Debug, Deserialize, Serialize, HasModel, TS)]
 #[serde(rename_all = "camelCase")]
 #[model = "Model<Self>"]
-#[ts(export)]
 pub struct DependencyMetadata {
     #[ts(type = "string")]
     pub title: InternedString,

core/startos/src/developer/mod.rs

@@ -1,40 +1,57 @@
-use std::fs::File;
-use std::io::Write;
-use std::path::Path;
+use std::path::{Path, PathBuf};
 
-use ed25519::pkcs8::EncodePrivateKey;
 use ed25519::PublicKeyBytes;
+use ed25519::pkcs8::EncodePrivateKey;
 use ed25519_dalek::{SigningKey, VerifyingKey};
+use tokio::io::AsyncWriteExt;
 use tracing::instrument;
 
 use crate::context::CliContext;
+use crate::context::config::local_config_path;
 use crate::prelude::*;
+use crate::util::io::create_file_mod;
 use crate::util::serde::Pem;
 
+pub const OS_DEVELOPER_KEY_PATH: &str = "/run/startos/developer.key.pem";
+
+pub fn default_developer_key_path() -> PathBuf {
+    local_config_path()
+        .as_deref()
+        .unwrap_or_else(|| Path::new(crate::context::config::CONFIG_PATH))
+        .parent()
+        .unwrap_or(Path::new("/"))
+        .join("developer.key.pem")
+}
+
+pub async fn write_developer_key(
+    secret: &ed25519_dalek::SigningKey,
+    path: impl AsRef<Path>,
+) -> Result<(), Error> {
+    let keypair_bytes = ed25519::KeypairBytes {
+        secret_key: secret.to_bytes(),
+        public_key: Some(PublicKeyBytes(VerifyingKey::from(secret).to_bytes())),
+    };
+    let mut file = create_file_mod(path, 0o046).await?;
+    file.write_all(
+        keypair_bytes
+            .to_pkcs8_pem(base64ct::LineEnding::default())
+            .with_kind(crate::ErrorKind::Pem)?
+            .as_bytes(),
+    )
+    .await?;
+    file.sync_all().await?;
+    Ok(())
+}
+
 #[instrument(skip_all)]
-pub fn init(ctx: CliContext) -> Result<(), Error> {
-    if !ctx.developer_key_path.exists() {
-        let parent = ctx.developer_key_path.parent().unwrap_or(Path::new("/"));
-        if !parent.exists() {
-            std::fs::create_dir_all(parent)
-                .with_ctx(|_| (crate::ErrorKind::Filesystem, parent.display().to_string()))?;
-        }
+pub async fn init(ctx: CliContext) -> Result<(), Error> {
+    if tokio::fs::metadata(OS_DEVELOPER_KEY_PATH).await.is_ok() {
+        println!("Developer key already exists at {}", OS_DEVELOPER_KEY_PATH);
+    } else if tokio::fs::metadata(&ctx.developer_key_path).await.is_err() {
         tracing::info!("Generating new developer key...");
         let secret = SigningKey::generate(&mut ssh_key::rand_core::OsRng::default());
         tracing::info!("Writing key to {}", ctx.developer_key_path.display());
-        let keypair_bytes = ed25519::KeypairBytes {
-            secret_key: secret.to_bytes(),
-            public_key: Some(PublicKeyBytes(VerifyingKey::from(&secret).to_bytes())),
-        };
-        let mut dev_key_file = File::create(&ctx.developer_key_path)
-            .with_ctx(|_| (ErrorKind::Filesystem, ctx.developer_key_path.display()))?;
-        dev_key_file.write_all(
-            keypair_bytes
-                .to_pkcs8_pem(base64ct::LineEnding::default())
-                .with_kind(crate::ErrorKind::Pem)?
-                .as_bytes(),
-        )?;
-        dev_key_file.sync_all()?;
+        write_developer_key(&secret, &ctx.developer_key_path).await?;
         println!(
             "New developer key generated at {}",
             ctx.developer_key_path.display()

core/startos/src/diagnostic.rs

@@ -1,16 +1,16 @@
-use std::path::Path;
 use std::sync::Arc;
 
 use rpc_toolkit::yajrc::RpcError;
 use rpc_toolkit::{
-    from_fn, from_fn_async, CallRemoteHandler, Context, Empty, HandlerExt, ParentHandler,
+    CallRemoteHandler, Context, Empty, HandlerExt, ParentHandler, from_fn, from_fn_async,
 };
 
 use crate::context::{CliContext, DiagnosticContext, RpcContext};
+use crate::disk::repair;
 use crate::init::SYSTEM_REBUILD_PATH;
+use crate::prelude::*;
 use crate::shutdown::Shutdown;
 use crate::util::io::delete_file;
-use crate::{Error, DATA_DIR};
 
 pub fn diagnostic<C: Context>() -> ParentHandler<C> {
     ParentHandler::new()
@@ -68,13 +68,11 @@ pub fn error(ctx: DiagnosticContext) -> Result<Arc<RpcError>, Error> {
 pub fn restart(ctx: DiagnosticContext) -> Result<(), Error> {
     ctx.shutdown
         .send(Shutdown {
-            export_args: ctx
-                .disk_guid
-                .clone()
-                .map(|guid| (guid, Path::new(DATA_DIR).to_owned())),
+            disk_guid: ctx.disk_guid.clone(),
             restart: true,
         })
-        .expect("receiver dropped");
+        .map_err(|_| eyre!("receiver dropped"))
+        .log_err();
     Ok(())
 }
 pub async fn rebuild(ctx: DiagnosticContext) -> Result<(), Error> {
@@ -93,6 +91,15 @@ pub fn disk<C: Context>() -> ParentHandler<C> {
             .no_display()
             .with_about("Remove disk from filesystem"),
         )
+        .subcommand("repair", from_fn_async(|_: C| repair()).no_cli())
+        .subcommand(
+            "repair",
+            CallRemoteHandler::<CliContext, _, _>::new(
+                from_fn_async(|_: RpcContext| repair())
+                    .no_display()
+                    .with_about("Repair disk in the event of corruption"),
+            ),
+        )
 }
 
 pub async fn forget_disk<C: Context>(_: C) -> Result<(), Error> {