lfg2025/archy
1
0
Fork 0
Code Issues 7 Pull Requests Actions Packages Projects Releases 33 Wiki Activity

fix: nostr-vpn crash-loop on fresh install, relay config lost on LUKS
Some checks failed
Build Archipelago ISO (dev) / build-iso (push) Has been cancelled
Details

Browse Source 
Two issues on fresh ISO install:
1. nostr-vpn.service was enabled in rootfs but env file doesn't exist
   until first-boot generates Nostr identity — crash-loop on boot.
   Now only enabled by first-boot-containers.sh after identity exists.
2. LUKS encrypted partition mounts over /var/lib/archipelago/, hiding
   the relay config.toml the Dockerfile put there. Now copies relay
   config and creates nostr-relay/nostr-vpn dirs on the LUKS partition.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Dorian
2026-04-08 17:48:38 +02:00
parent 54ec723743
commit 980b3a7c00
1 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
image-recipe/build-auto-installer-iso.sh
View File

@@ -398,9 +398,9 @@ RUN systemctl enable NetworkManager || true && \
systemctl enable archipelago-doctor.timer || true && \
systemctl enable archipelago-reconcile.timer || true && \
systemctl enable archipelago-tor-helper.path || true && \
systemctl enable nostr-relay || true && \
systemctl enable nostr-vpn || true && \
systemctl enable archipelago-wg-address || true
systemctl enable nostr-relay || true
# nostr-vpn and wg-address are enabled by first-boot after Nostr identity is generated
# (env file doesn't exist until onboarding, so pre-enabling causes crash-loop)
# Remove policy-rc.d so services can start on first boot
RUN rm -f /usr/sbin/policy-rc.d
@@ -1965,9 +1965,13 @@ mkdir -p /mnt/target/var/lib/archipelago
mount /dev/mapper/archipelago-data /mnt/target/var/lib/archipelago
# Recreate directory structure on encrypted partition
mkdir -p /mnt/target/var/lib/archipelago/{data,config,containers,secrets,tor,identities,lnd}
mkdir -p /mnt/target/var/lib/archipelago/{data,config,containers,secrets,tor,identities,lnd,nostr-relay,nostr-vpn}
mkdir -p /mnt/target/var/lib/archipelago/containers/storage
mkdir -p /mnt/target/var/lib/archipelago/data/cloud/{Documents,Photos,Music,Videos,Downloads}
# Copy relay config from rootfs (LUKS mount hides what the Dockerfile put there)
if [ -f /mnt/target/etc/archipelago/nostr-relay-config.toml ]; then
cp /mnt/target/etc/archipelago/nostr-relay-config.toml /mnt/target/var/lib/archipelago/nostr-relay/config.toml
fi
chown -R 1000:1000 /mnt/target/var/lib/archipelago
echo " ✅ Data partition encrypted with LUKS2 ($LUKS_CIPHER)"