Vere will not run a ship if STDIN is closed, unless passed the `-t`
flag. Hosted docker containers will not be interactive, but we would
like the docker image to be usable locally and interactively as well.
Thus, we check for STDIN being closed in the shell prior to launching
Vere, and if it is closed, pass the `-t` flag.
When pushing the docker image, update the "latest" tag as well as
pushing a tag for the current Urbit version. This way users pulling
tloncorp/urbit:latest will always get an image with the latest point
release of Urbit.
Ensure that the resource from the wire, the resource for the update
match up. Also ensure that the source ship and the ship that is being
pulled from for the resource match up. Without this, a host of a graph
could send updates for graphs that they do not hosts, and these would be
unconditionally forwarded, allowing malicious hosts to overwrite graphs
that they do not host.
d3c5aa74c1 introduced a Docker image intended for deploying Urbit ships
This commit modifies the build.yml GitHub Actions workflow to build the
docker image as part of the push/PR workflow, and adds a
`release-docker.yml` workflow, which runs on any tag push `urbit-v*` and
pushes the image to Docker Hub, also synchronizing the README.
Co-authored-by: Josh Lehman <josh@urbit.org>
This commit adds the `docker-image` attribute to the main Nix
entrypoint, invoking `nix/pkgs/docker-image` which will build
a 'smart' docker image that can load keyfiles or a pier and
boot a ship
It includes a README for the official docker image, suitable
for posting as the README to a Docker Hub or similar docker
image repository.
Hark, when calculating unread totals was ignoring notifications that
were under the same stats-index, but a different index. Reworks the
cache to calculate unread totals correctly.
Scrapes groups and graphs for member counts and recent activity respectively,
and uses that to print out a "tally" of activity for all local groups and their
channels. Since this output is intended to be shared with other parties,
anonymizes resource identifiers by default.
When %remove-nodes is sent as an update, it may refer to a parent node,
in which case the deletion of all the parent's children is implied. If
we hold onto references to nodes outside of graph-store, we are unable
to tell which of our references were affected, other than iterating over
every reference to check if one of the deleted indices is a prefix of
the reference. This is obviously undesirable, so we emit all of the
nodes we deleted, including the nodes deleted implicitly.
Creates a noun poke %fix-dangling, which iterates through the unreads
and dismiss those which refer to nodes which no longer exist.
Additionally, adds a migration which runs this poke.