Add Linux Flatpak packaging (retains CPU + GPU mining)

[nattatt]

What

Adds a Flatpak package for Linux (com.tari.universe) plus a standalone CI
workflow that builds it and attaches the bundle to releases. CPU and GPU
mining are retained — the existing sidecars (xmrig, lolMiner, minotari node/
wallet, mmproxy, sha-p2pool, tor) download and run inside the sandbox as today.

Why

Linux mining was never removed from the app, only the .deb/.AppImage
packaging (per the note in release.yml: too many distro variations). A
single Flatpak runtime is the targeted fix for that fragmentation.

Contents

• flatpak/ — fully offline flatpak-builder manifest (GNOME 50 runtime),
  the Ayatana AppIndicator + protoc build modules, four packaging patches,
  generated cargo/npm offline sources, desktop + AppStream metadata, docs.
• .github/workflows/flatpak.yml — standalone, additive; regenerates the
  offline sources from each release's lockfiles so it needs no per-release
  upkeep. Does not touch release.yml.
• Two source fixes (independent of packaging, useful on their own):
  • PoolStatus widened to pub — Rust 1.96 rejects the pub(crate) leak (E0446).
  • Tray icon renders under Flatpak — written to the host-shared
    $XDG_RUNTIME_DIR/app/$FLATPAK_ID path; FLATPAK_ID-gated, inert elsewhere.

Testing

Built and run on KDE Plasma (Wayland) / Alpine: launches, theme follows the DE,
tray renders, local mainnet node + CPU mining (xmrig) verified. Produces a
sideload .flatpak (no auto-update — the bundled updater is disabled under
Flatpak by design).

Notes

• GPU: NVIDIA path is wired via the auto GL extension; AMD OpenCL is untested
  — would appreciate a tester.
• x86_64 only for now (arm64 = a second matrix leg).
• Happy to split the two source fixes into separate PRs if preferred.

[gemini-code-assist]

Code Review

This pull request introduces Flatpak packaging for Tari Universe, including the Flatpak manifest, desktop entry, AppStream metadata, helper scripts, and several patches to accommodate the sandboxed environment. Feedback on the changes highlights a redundant and incorrect DBus permission in the Flatpak manifest, and suggests using std::env::var_os instead of std::env::var for XDG_RUNTIME_DIR in the system tray manager to robustly handle non-UTF-8 paths.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

[gemini-code-assist]

The --talk-name=org.freedesktop.portal.Background permission is redundant and uses an incorrect DBus bus name. Portals are hosted under the org.freedesktop.portal.Desktop bus name, and Flatpak automatically grants sandboxed applications access to the portal service by default. Therefore, no explicit --talk-name permission is required to use the Background portal.

  # Autostart-on-login is requested through the Background portal (no explicit permission needed)

[nattatt]

Good catch — removed the org.freedesktop.portal.Background talk-name; portals are auto-granted and that was a vestigial line. Fixed in the latest push.

[gemini-code-assist]

Using std::env::var for XDG_RUNTIME_DIR can fail if the environment variable contains non-UTF-8 characters. Since XDG_RUNTIME_DIR represents a filesystem path, it is more robust to use std::env::var_os which returns an OsString. This avoids potential UTF-8 decoding errors and integrates seamlessly with std::path::Path APIs.

Suggested change

	if let (Some(flatpak_id), Ok(runtime_dir)) =
	(std::env::var_os("FLATPAK_ID"), std::env::var("XDG_RUNTIME_DIR"))
	{
	if let (Some(flatpak_id), Some(runtime_dir)) =
	(std::env::var_os("FLATPAK_ID"), std::env::var_os("XDG_RUNTIME_DIR"))
	{

[nattatt]

Done — switched XDG_RUNTIME_DIR (and FLATPAK_ID) to env::var_os so it stays in OsString/Path land. Pushed.