@bitmacro/relay-agent 0.1.3 → 0.1.5

package/README.md

@@ -8,6 +8,12 @@
 
 `relay-agent` is a REST API agent that runs on your relay server and translates HTTP requests into strfry CLI commands. It is part of the [BitMacro Relay Manager](https://bitmacro.io) ecosystem.
 
+| Project | Description | License |
+|---------|-------------|---------|
+| **relay-agent** | This repo — REST API for strfry | MIT |
+| [relay-api](https://github.com/bitmacro/relay-api) | Central hub (Supabase, proxy) | Private |
+| [relay-panel](https://github.com/bitmacro/relay-panel) | Frontend | BSL 1.1 |
+
 ---
 
 ## Quick Start
@@ -18,6 +24,8 @@
 npx @bitmacro/relay-agent --port 7800 --token your-secret-token
 ```
 
+Use `--version` or `--help` to check version or CLI options.
+
 ### Via Docker
 
 Multi-arch image (amd64, arm64) at `ghcr.io/bitmacro/relay-agent`. Includes strfry binary. Mount your strfry data volume:
@@ -135,7 +143,7 @@ Authorization: Bearer <your-token>
 | `STRFRY_CONFIG` | — | Path to strfry config file (for explicit db path) |
 | `WHITELIST_PATH` | `/etc/strfry/whitelist.txt` | Path to whitelist file |
 | `PORT` | `7800` | HTTP server port |
-| `ALLOWED_ORIGINS` | — | Comma-separated extra CORS origins (defaults include `https://admin.bitmacro.io`, `http://localhost:3000`) |
+| `ALLOWED_ORIGINS` | — | Comma-separated extra CORS origins (defaults include `relay-panel.bitmacro.cloud`, `relay-panel.bitmacro.pro`, `http://localhost:3000`) |
 
 ---
 
@@ -150,16 +158,19 @@ Authorization: Bearer <your-token>
 ## Architecture
 
 ```
-bitmacro-api (Vercel)
+relay-panel
+    │  HTTP + JWT
+    ▼
+relay-api (Vercel)
     │  HTTP REST + Bearer JWT
     ▼
-relay-agent  ← this package
+relay-agent (this repo)
     │  child_process spawn()
     ▼
 strfry (local C++ process / LMDB)
 ```
 
-The relay-agent is **stateless** — it has no database. State lives in Supabase, managed by bitmacro-api. The relay-agent only translates HTTP calls into strfry CLI commands.
+The relay-agent is **stateless** — it has no database. State lives in Supabase, managed by relay-api. The relay-agent only translates HTTP calls into strfry CLI commands.
 
 ---
 
@@ -200,7 +211,7 @@ The relay-agent is **stateless** — it has no database. State lives in Supabase
 ## Security
 
 - **Run on a private network.** The relay-agent should run on the operator's server and **never be exposed directly to the internet**.
-- Access is controlled by the bitmacro-api, which proxies requests with a shared Bearer token.
+- Access is controlled by the relay-api, which proxies requests with a shared Bearer token.
 - Use a strong, random token in production. Rotate it if compromised.
 
 ---

package/dist/bin/relay-agent.mjs

@@ -2,7 +2,7 @@
 
 // bin/relay-agent.ts
 import { parseArgs } from "util";
-import { readFileSync } from "fs";
+import { readFileSync, realpathSync } from "fs";
 import { dirname as dirname2, join } from "path";
 
 // node_modules/hono/dist/compose.js
@@ -2986,6 +2986,25 @@ async function readWhitelist() {
   const content = await readFile(WHITELIST_PATH, "utf-8");
   return content.split("\n").map((l) => l.trim()).filter(Boolean);
 }
+var PUBKEY_HEX_REGEX = /^[0-9a-f]{64}$/;
+function isValidPubkey(s) {
+  return PUBKEY_HEX_REGEX.test(s.toLowerCase());
+}
+async function getPolicyEntries() {
+  const lines = await readWhitelist();
+  const entries = [];
+  for (const line of lines) {
+    if (line.startsWith("#") || !line) continue;
+    if (line.startsWith("!")) {
+      const pubkey2 = line.slice(1).toLowerCase();
+      if (isValidPubkey(pubkey2)) entries.push({ pubkey: pubkey2, status: "blocked" });
+      continue;
+    }
+    const pubkey = line.toLowerCase();
+    if (isValidPubkey(pubkey)) entries.push({ pubkey, status: "allowed" });
+  }
+  return entries;
+}
 async function writeWhitelist(lines) {
   const dir = dirname(WHITELIST_PATH);
   if (!existsSync(dir)) {
@@ -3084,6 +3103,14 @@ statsRoutes.get("/stats", async (c) => {
 // src/routes/policy.ts
 var PUBKEY_REGEX = /^[0-9a-f]{64}$/;
 var policyRoutes = new Hono2();
+policyRoutes.get("/policy", async (c) => {
+  try {
+    const entries = await getPolicyEntries();
+    return c.json({ entries });
+  } catch {
+    return c.json({ error: "relay unavailable" }, 503);
+  }
+});
 policyRoutes.post("/policy/block", async (c) => {
   try {
     const body = await c.req.json();
@@ -3137,12 +3164,18 @@ usersRoutes.get("/users", async (c) => {
 
 // src/index.ts
 var DEFAULT_ORIGINS = [
-  "https://admin.bitmacro.io",
+  "https://relay-panel.bitmacro.cloud",
+  "https://relay-panel.bitmacro.pro",
   "http://localhost:3000"
 ];
 var EXTRA_ORIGINS = (process.env.ALLOWED_ORIGINS ?? "").split(",").map((s) => s.trim()).filter(Boolean);
 var ALLOWED_ORIGINS = [...DEFAULT_ORIGINS, ...EXTRA_ORIGINS];
 var app = new Hono2();
+app.use("*", async (c, next) => {
+  const start = Date.now();
+  await next();
+  console.log(`[relay-agent] ${c.req.method} ${c.req.path} ${c.res.status} ${Date.now() - start}ms`);
+});
 app.use("*", cors({ origin: ALLOWED_ORIGINS }));
 app.use("*", async (c, next) => {
   if (c.req.path === "/health") return next();
@@ -3168,7 +3201,8 @@ process.on("uncaughtException", (err) => {
 process.on("unhandledRejection", (reason, promise) => {
   console.error("[relay-agent] unhandledRejection:", reason, promise);
 });
-var __dirname = dirname2(process.argv[1] ?? ".");
+var scriptPath = process.argv[1] ? realpathSync(process.argv[1]) : ".";
+var __dirname = dirname2(scriptPath);
 function getVersion() {
   for (const rel of ["../../package.json", "../package.json"]) {
     try {