@afffun/codexbot 1.0.89 → 1.0.90

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@afffun/codexbot",
-  "version": "1.0.89",
+  "version": "1.0.90",
   "description": "Thin npm bootstrap CLI for installing and operating Codexbot nodes",
   "type": "module",
   "author": "john88188 <john88188@outlook.com>",

package/src/auth_service.mjs

@@ -3,6 +3,12 @@ import path from 'node:path';
 import { spawn } from 'node:child_process';
 import { resolveInstalledControlLayout } from './installed_layout_service.mjs';
 
+const PROJECTED_FILES = Object.freeze([
+  Object.freeze({ name: 'auth.json', mode: '640' }),
+  Object.freeze({ name: 'config.toml', mode: '640' }),
+  Object.freeze({ name: 'models_cache.json', mode: '640' }),
+]);
+
 function runChild(spawnFn, command, args, options = {}) {
   return new Promise((resolve, reject) => {
     const child = spawnFn(command, args, {
@@ -33,6 +39,33 @@ function mapAuthModeToCodexArgs(mode) {
   throw new Error(`unsupported auth mode: ${mode}`);
 }
 
+function buildProjectionScript(layout) {
+  const controlDir = trim(layout.codexHomeDir);
+  const agentHomeDir = trim(layout.agentHomeDir);
+  if (!controlDir || !agentHomeDir) return '';
+  const agentDir = path.join(agentHomeDir, '.codex');
+  const lines = [
+    'set -euo pipefail',
+    `control_dir=${JSON.stringify(controlDir)}`,
+    `agent_dir=${JSON.stringify(agentDir)}`,
+    'if [[ -d "$agent_dir" ]]; then',
+    '  :',
+    'else',
+    '  mkdir -p "$agent_dir"',
+    'fi',
+  ];
+  for (const entry of PROJECTED_FILES) {
+    lines.push(`src="$control_dir/${entry.name}"`);
+    lines.push(`dst="$agent_dir/${entry.name}"`);
+    lines.push('if [[ -f "$src" ]]; then');
+    lines.push('  rm -f "$dst"');
+    lines.push('  cp "$src" "$dst"');
+    lines.push(`  chmod ${entry.mode} "$dst"`);
+    lines.push('fi');
+  }
+  return lines.join('\n');
+}
+
 export function createNpmDistributionAuthService(deps = {}) {
   const fsSync = deps.fsSync || fs;
   const pathModule = deps.pathModule || path;
@@ -64,19 +97,40 @@ export function createNpmDistributionAuthService(deps = {}) {
     const isRoot = typeof processImpl.getuid === 'function' ? processImpl.getuid() === 0 : false;
     const envArgs = ['env', `CODEX_HOME=${layout.codexHomeDir}`, `PATH=${pathModule.dirname(layout.codexBinPath)}:${processImpl.env.PATH || ''}`, layout.codexBinPath, ...codexArgs];
     logger.log(`==> Run Codex auth command for ${layout.profile} install as ${layout.controlUser}`);
+    let exitCode;
     if (isRoot) {
-      return runChild(spawnFn, 'sudo', ['-u', layout.controlUser, ...envArgs]);
-    }
-    if (currentUser && currentUser === layout.controlUser) {
-      return runChild(spawnFn, layout.codexBinPath, codexArgs, {
+      exitCode = await runChild(spawnFn, 'sudo', ['-u', layout.controlUser, ...envArgs]);
+    } else if (currentUser && currentUser === layout.controlUser) {
+      exitCode = await runChild(spawnFn, layout.codexBinPath, codexArgs, {
         env: {
           ...processImpl.env,
           CODEX_HOME: layout.codexHomeDir,
           PATH: `${pathModule.dirname(layout.codexBinPath)}:${processImpl.env.PATH || ''}`,
         },
       });
+    } else {
+      exitCode = await runChild(spawnFn, 'sudo', ['-u', layout.controlUser, ...envArgs]);
     }
-    return runChild(spawnFn, 'sudo', ['-u', layout.controlUser, ...envArgs]);
+
+    if (exitCode === 0 && layout.profile === 'split' && (mode === 'login' || mode === 'login-link')) {
+      const projectionScript = buildProjectionScript(layout);
+      if (projectionScript) {
+        const projectionArgs = ['-u', layout.controlUser, 'env', `CODEX_HOME=${layout.codexHomeDir}`, `PATH=${pathModule.dirname(layout.codexBinPath)}:${processImpl.env.PATH || ''}`, 'bash', '-lc', projectionScript];
+        if (isRoot || !(currentUser && currentUser === layout.controlUser)) {
+          await runChild(spawnFn, 'sudo', projectionArgs);
+        } else {
+          await runChild(spawnFn, 'bash', ['-lc', projectionScript], {
+            env: {
+              ...processImpl.env,
+              CODEX_HOME: layout.codexHomeDir,
+              PATH: `${pathModule.dirname(layout.codexBinPath)}:${processImpl.env.PATH || ''}`,
+            },
+          });
+        }
+      }
+    }
+
+    return exitCode;
   }
 
   function formatDoctorReport(options = {}) {

package/src/installed_layout_service.mjs

@@ -8,6 +8,7 @@ const SPLIT_DEFAULTS = Object.freeze({
   controlEnvFile: '/etc/codexbot/control.env',
   controlUser: 'codexbotd',
   codexHomeDir: '/var/lib/codexbot/control/home/.codex',
+  agentHomeDir: '/var/lib/codexbot/agent/home',
 });
 
 const LEGACY_DEFAULTS = Object.freeze({
@@ -16,6 +17,7 @@ const LEGACY_DEFAULTS = Object.freeze({
   controlEnvFile: '/home/codexbot/codexbot-telegram/.env',
   controlUser: 'codexbot',
   codexHomeDir: '/home/codexbot/codexbot-home/.codex',
+  agentHomeDir: '',
 });
 
 function trim(value, fallback = '') {
@@ -72,6 +74,9 @@ export function resolveInstalledControlLayout({
       || fileEnv.CODEXBOT_CONTROL_HOME && `${fileEnv.CODEXBOT_CONTROL_HOME}/.codex`,
     defaults.codexHomeDir,
   ));
+  const resolvedAgentHomeDir = resolvedProfile === 'split'
+    ? pathModule.resolve(trim(fileEnv.CODEXBOT_AGENT_HOME, defaults.agentHomeDir))
+    : '';
   const codexBinPath = pathModule.join(resolvedAppDir, 'node_modules', '.bin', 'codex');
   return {
     profile: resolvedProfile,
@@ -79,6 +84,7 @@ export function resolveInstalledControlLayout({
     controlEnvFile: envFile,
     controlUser: resolvedControlUser,
     codexHomeDir: resolvedCodexHomeDir,
+    agentHomeDir: resolvedAgentHomeDir,
     codexBinPath,
     env: fileEnv,
     currentUser: trim(env.USER || env.LOGNAME || ''),