Update Canary to v1.5.0 with generated credentials

[schjonhaug]

Summary

• Update Canary to v1.5.0 using the official Docker image tags
• Generate a persistent Canary admin password and JWT secret under /mnt/hdd/mynode/canary
• Pass the generated secrets into Canary with canary.env
• Show Canary credentials on the myNode app info page
• Write/read the installed Canary version marker so the info page does not show error
• Write the runtime Docker Compose file from install/pre-start scripts so the app does not depend on packaged app_data at runtime

Testing

• Built the standalone package with mynode-sdk build canary
• Verified shell syntax with bash -n for install/pre/uninstall scripts
• Verified Python syntax with python3 -m py_compile canary/www/python/canary.py
• Sideload-tested the rebuilt package on a real myNode device
• Confirmed Canary installs as v1.5.0 and the service turns green
• Confirmed myNode shows username admin@local and a generated password
• Confirmed login succeeds with the generated credentials
• Confirmed restart keeps the same credentials working

[Copilot]

Pull request overview

This PR updates the Canary dynamic app packaging to v1.5.0 and improves runtime configuration by generating/persisting Canary credentials on the device, surfacing them in a dedicated myNode Canary info page, and writing the Docker Compose runtime file from scripts instead of relying on packaged app_data at runtime.

Changes:

• Added a dedicated Canary app info page (Flask route + template) that displays the generated admin credentials and reads the installed version marker.
• Updated install/pre-start/uninstall scripts to generate persistent secrets under /mnt/hdd/mynode/canary, write canary.env, write a runtime docker-compose.yml, and maintain a Canary version marker.
• Bumped Canary metadata to v1.5.0 and adjusted tile behavior to link into the new info page.

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
rootfs/standard/usr/share/mynode_apps/canary/www/templates/canary.html	New Canary-specific app info template including credentials UI and copy-to-clipboard behavior.
rootfs/standard/usr/share/mynode_apps/canary/www/python/canary.py	New Flask handler for /app/canary/info that reads the stored password and version marker and renders the Canary template.
rootfs/standard/usr/share/mynode_apps/canary/scripts/uninstall_canary.sh	Updates uninstall flow to use app directory paths, remove Canary images, and clean up version marker and data dir.
rootfs/standard/usr/share/mynode_apps/canary/scripts/pre_canary.sh	Generates persistent secrets + env file and writes docker-compose.yml at service pre-start.
rootfs/standard/usr/share/mynode_apps/canary/scripts/install_canary.sh	Pins install to v1.5.0 images, writes docker-compose.yml, writes version marker, and triggers app refresh.
rootfs/standard/usr/share/mynode_apps/canary/canary.json	Updates latest version and adds tile button text/href to reach the new info page.
rootfs/standard/usr/share/mynode_apps/canary/app_data/docker-compose.yml	Adds env_file reference to support injected secrets.

[tehelsper]

Lines 67-69 should not be necessary along with 12-14. You should already be in the app dir during install time. Can you remove those?

[tehelsper]

The compose file should not need to be written again. I'm fine with writing as part of a pre-startup script, but it should be done in one place or as part of an app_data file.

[tehelsper]

Remove all this. Why are you managing version files? That's all handled by the platform.

[tehelsper]

Remove this line

[schjonhaug]

Thanks for the feedback. I updated the Canary v1.5.0 changes to align with the existing myNode app lifecycle behavior.

Summary of changes:

• Removed the duplicated docker-compose.yml heredocs from install_canary.sh and pre_canary.sh.
• Switched install/pre-start/uninstall to use app_data/docker-compose.yml as the single compose source.
• Removed the custom /mnt/hdd/mynode/settings/canary_version handling and the manual app["current_version"] override in canary.py, so the platform-managed app version marker is used instead.
• Simplified uninstall cleanup to stop the Canary compose project, remove Canary images via remove_docker_images_by_name, and remove /mnt/hdd/mynode/canary.
• Changed the app tile button from Open to Info and set app_tile_button_open_app_directly to false, so it opens /app/canary/info.

Validated locally:

• bash -n on install_canary.sh, pre_canary.sh, and uninstall_canary.sh
• python3 -m py_compile on canary.py
• JSON parse check for canary.json
• git diff --check
• mynode-sdk build canary from rootfs/standard/usr/share/mynode_apps

[tehelsper]

Thanks! I'll merge this now. Was there a reason for the VERSION="${VERSION:-v1.5.0}" line in install_canary.sh? As far as I know, VERSION should always be specified. Was there a situation where is was not correct?

[schjonhaug]

Thanks for merging the Canary v1.5.0 update to master.

Good question. For the normal myNode app-manager path, I agree VERSION should be supplied by the platform.

That fallback was added while debugging sideload/manual package testing. At one point Canary showed Installed Version: error, and one hypothesis was that the install script could be invoked without VERSION, causing the Docker pull/tag step to fail. The fallback was meant as a defensive guard for that path, not as something Canary should need in the standard lifecycle.

After your earlier feedback, we removed the Canary-specific version marker handling and now rely on myNode’s app version marker.

One related thing I’m still seeing during sideload testing is Installed Version: error on the Canary info page even when the app appears to install/run. I don’t want to work around that by having Canary write the platform version marker itself if myNode owns that state. Should I open a separate issue with sideload reproduction steps for that?

[tehelsper]

No problem. Yeah, if you can reproduce just that and log an issue that may be helpful. Sideloading apps is really very rare though once an app makes it into the app store. Even for development, I normally add the app to the main source inthe repo and update by running mynode-local-update <ip> www and then installing the app via the Marketplace.

[schjonhaug]

Thanks. I was able to reproduce and gather more detail.

Environment: myNode 0.3.43, Canary sideloaded as a community app.

What happened:

1. The Canary marketplace page showed:

   • Canary Added!
   • Installed Version error
   • Latest Version v1.5.1

2. Existing logs showed the original install/reinstall failure was:

   /usr/bin/service_scripts/install_canary.sh: line 21: remove_docker_images_by_name: command not found
   Upgrade FAILED! (... exit status 127.)
   

3. On this myNode install, /usr/share/mynode/mynode_functions.sh does not define remove_docker_images_by_name.

4. I patched Canary’s install/uninstall scripts to avoid depending on that helper, rebuilt the app tarball, and sideloaded it again.

5. Sideloading the corrected tarball copied the updated app files, but the UI still showed Installed Version error. The stale marker file was still:

   /home/bitcoin/.mynode/canary_version = error
   

6. Running Reinstall from the myNode UI forced the actual app-manager path. That completed successfully:

   Running upgrade_dynamic_apps...
     Upgrading canary (not installed vs v1.5.1)...
     Upgrade success!
   UPGRADE COMPLETE!!!
   

7. After reboot:

   /home/bitcoin/.mynode/canary_version = v1.5.1
   

   and the UI now shows:

   Installed Version v1.5.1
   Latest Version v1.5.1
   

   canary.service is active and both containers are running.

My interpretation: there were two things interacting here. The original install failed because the Canary scripts used remove_docker_images_by_name, which is not available on this myNode version. After that, sideloading a corrected tarball copied the app files and displayed “Canary Added!”, but it did not clear or replace the stale canary_version=error marker. A Reinstall was needed to run the app-manager upgrade path and write the correct installed version.

[schjonhaug]

Follow-up: I addressed the myNode feedback in the new Canary v1.5.1 PR.

The fix is now committed on #1004 as 89f0b873 Fix Canary image cleanup on myNode.

That commit removes Canary’s dependency on remove_docker_images_by_name in the install/uninstall scripts by using a local image cleanup helper, which matches the failure we reproduced here. I also adjusted my local release/test workflow to follow the recommended myNode path: update the app in the main source tree, run mynode-local-update <host> www, then install/reinstall Canary from Marketplace instead of relying on /marketplace/add_app sideloading as the primary validation path.