@cluesmith/codev 2.0.0-rc.64 → 2.0.0-rc.69

package/dist/agent-farm/servers/tower-server.js

@@ -21,6 +21,7 @@ import { TerminalManager } from '../../terminal/pty-manager.js';
 import { encodeData, encodeControl, decodeFrame } from '../../terminal/ws-protocol.js';
 import { TunnelClient } from '../lib/tunnel-client.js';
 import { readCloudConfig, getCloudConfigPath, maskApiKey } from '../lib/cloud-config.js';
+import { parseTmuxSessionName } from '../utils/session.js';
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
 // Default port for tower dashboard
@@ -456,14 +457,16 @@ function createTmuxSession(sessionName, command, args, cwd, cols, rows) {
         killTmuxSession(sessionName);
     }
     try {
-        // Use spawnSync with array args to avoid shell injection via project paths
+        // Use spawnSync with array args to avoid shell injection via project paths.
+        // Wrap command with `env -u CLAUDECODE` to prevent Claude from detecting
+        // a nested session when the Tower was started from within Claude Code.
         const tmuxArgs = [
             'new-session', '-d',
             '-s', sessionName,
             '-c', cwd,
             '-x', String(cols),
             '-y', String(rows),
-            command, ...args,
+            'env', '-u', 'CLAUDECODE', command, ...args,
         ];
         const result = spawnSync('tmux', tmuxArgs, { stdio: 'ignore' });
         if (result.status !== 0) {
@@ -476,7 +479,17 @@ function createTmuxSession(sessionName, command, args, cwd, cols, rows) {
         // events during layout settling. Default tmux behavior (size to smallest
         // client) is more stable since we only have one client per session.
         spawnSync('tmux', ['set-option', '-t', sessionName, 'status', 'off'], { stdio: 'ignore' });
-        spawnSync('tmux', ['set-option', '-t', sessionName, 'mouse', 'on'], { stdio: 'ignore' });
+        // Mouse OFF — xterm.js in the browser handles selection and Cmd+C/Cmd+V
+        // clipboard. tmux mouse mode conflicts (auto-copy on selection, intercepts
+        // click/drag). See codev/resources/terminal-tmux.md.
+        spawnSync('tmux', ['set-option', '-t', sessionName, 'mouse', 'off'], { stdio: 'ignore' });
+        // Alternate screen OFF — without this, tmux puts xterm.js into alternate
+        // buffer which has no scrollback. xterm.js then translates wheel events
+        // to arrow keys (cycling command history). With alternate-screen off,
+        // tmux writes to the normal buffer and xterm.js native scroll works.
+        spawnSync('tmux', ['set-option', '-t', sessionName, 'alternate-screen', 'off'], { stdio: 'ignore' });
+        // Unset CLAUDECODE so spawned Claude processes don't detect a nested session
+        spawnSync('tmux', ['set-environment', '-t', sessionName, '-u', 'CLAUDECODE'], { stdio: 'ignore' });
         return sessionName;
     }
     catch (err) {
@@ -522,36 +535,14 @@ function killTmuxSession(sessionName) {
         // Session may have already died
     }
 }
-/**
- * Parse a codev tmux session name to extract type, project, and role.
- * Returns null if the name doesn't match any known codev pattern.
- *
- * Examples:
- *   "architect-codev-public"           → { type: 'architect', projectBasename: 'codev-public', roleId: null }
- *   "builder-codevos_ai-0001"          → { type: 'builder', projectBasename: 'codevos_ai', roleId: '0001' }
- *   "shell-codev-public-shell-1"       → { type: 'shell', projectBasename: 'codev-public', roleId: 'shell-1' }
- */
-function parseTmuxSessionName(name) {
-    // architect-{basename}
-    const architectMatch = name.match(/^architect-(.+)$/);
-    if (architectMatch) {
-        return { type: 'architect', projectBasename: architectMatch[1], roleId: null };
-    }
-    // builder-{basename}-{specId} — specId is always the last segment (digits like "0001")
-    const builderMatch = name.match(/^builder-(.+)-(\d{4,})$/);
-    if (builderMatch) {
-        return { type: 'builder', projectBasename: builderMatch[1], roleId: builderMatch[2] };
-    }
-    // shell-{basename}-{shellId} — shellId is "shell-N" (last two segments)
-    const shellMatch = name.match(/^shell-(.+)-(shell-\d+)$/);
-    if (shellMatch) {
-        return { type: 'shell', projectBasename: shellMatch[1], roleId: shellMatch[2] };
-    }
-    return null;
-}
+// ============================================================================
+// Tmux-First Discovery (tmux is source of truth for existence)
+// ============================================================================
 /**
  * List all tmux sessions that match codev naming conventions.
  * Returns an array of { tmuxName, parsed } for each matching session.
+ * Sessions with recognized prefixes (architect-, builder-, shell-) but
+ * unparseable ID formats are included with parsed: null for SQLite lookup.
  */
 // Cache for listCodevTmuxSessions — avoid shelling out on every dashboard poll
 let _tmuxListCache = [];
@@ -573,6 +564,10 @@ function listCodevTmuxSessions(bypassCache = false) {
             if (parsed) {
                 codevSessions.push({ tmuxName: name, parsed });
             }
+            else if (/^(?:architect|builder|shell)-/.test(name)) {
+                // Recognized codev prefix but unparseable ID format — include for SQLite lookup
+                codevSessions.push({ tmuxName: name, parsed: null });
+            }
         }
         _tmuxListCache = codevSessions;
         _tmuxListCacheTime = now;
@@ -655,11 +650,11 @@ async function reconcileTerminalSessions() {
         const dbRow = findSqliteRowForTmuxSession(tmuxName);
         matchedTmuxNames.add(tmuxName);
         // Determine metadata — prefer SQLite, fall back to parsed name
-        const projectPath = dbRow?.project_path || resolveProjectPathFromBasename(parsed.projectBasename);
-        const type = dbRow?.type || parsed.type;
-        const roleId = dbRow?.role_id || parsed.roleId;
-        if (!projectPath) {
-            log('WARN', `Cannot resolve project path for tmux session "${tmuxName}" (basename: ${parsed.projectBasename}) — skipping`);
+        const projectPath = dbRow?.project_path || (parsed && resolveProjectPathFromBasename(parsed.projectBasename));
+        const type = (dbRow?.type || parsed?.type);
+        const roleId = dbRow?.role_id ?? parsed?.roleId ?? null;
+        if (!projectPath || !type) {
+            log('WARN', `Cannot resolve ${!projectPath ? 'project path' : 'type'} for tmux session "${tmuxName}"${parsed ? ` (basename: ${parsed.projectBasename})` : ''} — skipping`);
             continue;
         }
         // Skip sessions whose project path doesn't exist on disk or is in a
@@ -703,6 +698,10 @@ async function reconcileTerminalSessions() {
                 db.prepare('DELETE FROM terminal_sessions WHERE id = ?').run(dbRow.id);
             }
             saveTerminalSession(newSession.id, projectPath, type, roleId, newSession.pid, tmuxName);
+            registerKnownProject(projectPath);
+            // Ensure correct tmux options on reconnected sessions
+            spawnSync('tmux', ['set-option', '-t', tmuxName, 'mouse', 'off'], { stdio: 'ignore' });
+            spawnSync('tmux', ['set-option', '-t', tmuxName, 'alternate-screen', 'off'], { stdio: 'ignore' });
             if (dbRow) {
                 log('INFO', `Reconnected tmux "${tmuxName}" → terminal ${newSession.id} (${type} for ${path.basename(projectPath)})`);
                 reconnected++;
@@ -935,11 +934,39 @@ if (isNaN(port) || port < 1 || port > 65535) {
 }
 log('INFO', `Tower server starting on port ${port}`);
 /**
- * Get all known project paths from terminal_sessions and in-memory cache
+ * Register a project in the known_projects table so it persists across restarts
+ * even when all terminal sessions are gone.
+ */
+function registerKnownProject(projectPath) {
+    try {
+        const db = getGlobalDb();
+        db.prepare(`
+      INSERT INTO known_projects (project_path, name, last_launched_at)
+      VALUES (?, ?, datetime('now'))
+      ON CONFLICT(project_path) DO UPDATE SET last_launched_at = datetime('now')
+    `).run(projectPath, path.basename(projectPath));
+    }
+    catch {
+        // Table may not exist yet (pre-migration)
+    }
+}
+/**
+ * Get all known project paths from known_projects, terminal_sessions, and in-memory cache
  */
 function getKnownProjectPaths() {
     const projectPaths = new Set();
-    // From terminal_sessions table (persists across Tower restarts)
+    // From known_projects table (persists even after all terminals are killed)
+    try {
+        const db = getGlobalDb();
+        const projects = db.prepare('SELECT project_path FROM known_projects').all();
+        for (const p of projects) {
+            projectPaths.add(p.project_path);
+        }
+    }
+    catch {
+        // Table may not exist yet
+    }
+    // From terminal_sessions table (catches any missed by known_projects)
     try {
         const db = getGlobalDb();
         const sessions = db.prepare('SELECT DISTINCT project_path FROM terminal_sessions').all();
@@ -1141,6 +1168,9 @@ async function getTerminalsForProject(projectPath, proxyUrl) {
     const projectBasename = sanitizeTmuxSessionName(path.basename(normalizedPath));
     const liveTmux = listCodevTmuxSessions();
     for (const { tmuxName, parsed } of liveTmux) {
+        // Skip sessions we couldn't fully parse (no projectBasename to match)
+        if (!parsed)
+            continue;
         // Only process sessions whose sanitized project basename matches
         if (parsed.projectBasename !== projectBasename)
             continue;
@@ -1151,9 +1181,7 @@ async function getTerminalsForProject(projectPath, proxyUrl) {
         if (alreadyRegistered)
             continue;
         // Orphaned tmux session — reconnect it.
-        // Skip architect sessions: launchInstance handles architect creation/reconnection
-        // and has its own exit handler for auto-restart. Reconnecting here races with
-        // the restart logic and can attach to a dead tmux session.
+        // Skip architect sessions: launchInstance handles creation/reconnection.
         if (parsed.type === 'architect')
             continue;
         try {
@@ -1351,6 +1379,8 @@ async function launchInstance(projectPath) {
     try {
         // Ensure project has port allocation
         const resolvedPath = fs.realpathSync(projectPath);
+        // Persist in known_projects so the project survives terminal cleanup
+        registerKnownProject(resolvedPath);
         // Initialize project terminal entry
         const entry = getProjectTerminalsEntry(resolvedPath);
         // Create architect terminal if not already present
@@ -1390,12 +1420,17 @@ async function launchInstance(projectPath) {
                         log('INFO', `Reconnecting to existing tmux session "${sanitizedTmuxName}" for architect`);
                     }
                     else {
-                        const createdName = createTmuxSession(tmuxName, cmd, cmdArgs, projectPath, 200, 50);
+                        // Wrap architect in a restart loop inside tmux so it auto-restarts
+                        // when the user exits Claude Code (e.g., /exit). The loop runs
+                        // inside tmux itself, independent of Tower's node-pty exit handler.
+                        const innerCmd = [cmd, ...cmdArgs].map(a => `'${a.replace(/'/g, "'\\''")}'`).join(' ');
+                        const loopCmd = `while true; do ${innerCmd}; echo "Architect exited. Restarting in 2s..."; sleep 2; done`;
+                        const createdName = createTmuxSession(tmuxName, 'sh', ['-c', loopCmd], projectPath, 200, 50);
                         if (createdName) {
                             cmd = 'tmux';
                             cmdArgs = ['attach-session', '-t', createdName];
                             activeTmuxSession = createdName;
-                            log('INFO', `Created tmux session "${createdName}" for architect`);
+                            log('INFO', `Created tmux session "${createdName}" for architect (with restart loop)`);
                         }
                     }
                 }
@@ -1409,49 +1444,17 @@ async function launchInstance(projectPath) {
                 entry.architect = session.id;
                 // TICK-001: Save to SQLite for persistence (with tmux session name)
                 saveTerminalSession(session.id, resolvedPath, 'architect', null, session.pid, activeTmuxSession);
-                // Auto-restart architect on exit
+                // Clean up cache/SQLite when the node-pty session exits.
+                // Restart is handled by the while-true loop inside tmux (not here).
                 const ptySession = manager.getSession(session.id);
                 if (ptySession) {
-                    const startedAt = Date.now();
                     ptySession.on('exit', () => {
-                        // Re-read entry from the Map — getTerminalsForProject() periodically
-                        // replaces the Map entry with a fresh object, so the `entry` captured
-                        // in the closure may be stale.
                         const currentEntry = getProjectTerminalsEntry(resolvedPath);
                         if (currentEntry.architect === session.id) {
                             currentEntry.architect = undefined;
                         }
                         deleteTerminalSession(session.id);
-                        // Check if the tmux session's inner process is still alive.
-                        // The node-pty process is `tmux attach` — it exits on disconnect
-                        // timeout, but the tmux session (and the architect process inside
-                        // it) may still be running. Only kill tmux if the inner process
-                        // has also exited (e.g., user typed "exit" or process crashed).
-                        const tmuxAlive = activeTmuxSession && tmuxSessionExists(activeTmuxSession);
-                        if (activeTmuxSession && !tmuxAlive) {
-                            log('INFO', `Tmux session "${activeTmuxSession}" already gone for ${projectPath}`);
-                        }
-                        else if (tmuxAlive) {
-                            log('INFO', `Tmux session "${activeTmuxSession}" still alive for ${projectPath}, preserving for reconnect`);
-                        }
-                        // Only restart if the architect ran for at least 5s (prevents crash loops)
-                        const uptime = Date.now() - startedAt;
-                        if (uptime < 5000) {
-                            log('INFO', `Architect exited after ${uptime}ms for ${projectPath}, not restarting (too short)`);
-                            return;
-                        }
-                        // Kill the stale tmux session so launchInstance creates a fresh one
-                        // instead of reconnecting to the dead session.
-                        if (activeTmuxSession && tmuxSessionExists(activeTmuxSession)) {
-                            killTmuxSession(activeTmuxSession);
-                            log('INFO', `Killed stale tmux session "${activeTmuxSession}" before restart`);
-                        }
-                        log('INFO', `Architect exited for ${projectPath}, restarting in 2s...`);
-                        setTimeout(() => {
-                            launchInstance(projectPath).catch((err) => {
-                                log('WARN', `Failed to restart architect for ${projectPath}: ${err.message}`);
-                            });
-                        }, 2000);
+                        log('INFO', `Architect pty exited for ${projectPath} (tmux loop handles restart)`);
                     });
                 }
                 log('INFO', `Created architect terminal for project: ${projectPath}`);
@@ -1598,6 +1601,73 @@ function serveStaticFile(filePath, res) {
         return false;
     }
 }
+/**
+ * Handle tunnel management endpoints (Spec 0097 Phase 4).
+ * Extracted so both /api/tunnel/* and /project/<encoded>/api/tunnel/* can use it.
+ */
+async function handleTunnelEndpoint(req, res, tunnelSub) {
+    // POST connect
+    if (req.method === 'POST' && tunnelSub === 'connect') {
+        try {
+            const config = readCloudConfig();
+            if (!config) {
+                res.writeHead(400, { 'Content-Type': 'application/json' });
+                res.end(JSON.stringify({ success: false, error: 'Not registered. Run \'af tower register\' first.' }));
+                return;
+            }
+            if (tunnelClient)
+                tunnelClient.resetCircuitBreaker();
+            const client = await connectTunnel(config);
+            res.writeHead(200, { 'Content-Type': 'application/json' });
+            res.end(JSON.stringify({ success: true, state: client.getState() }));
+        }
+        catch (err) {
+            log('ERROR', `Tunnel connect failed: ${err.message}`);
+            res.writeHead(500, { 'Content-Type': 'application/json' });
+            res.end(JSON.stringify({ success: false, error: err.message }));
+        }
+        return;
+    }
+    // POST disconnect
+    if (req.method === 'POST' && tunnelSub === 'disconnect') {
+        if (tunnelClient) {
+            tunnelClient.disconnect();
+            tunnelClient = null;
+        }
+        res.writeHead(200, { 'Content-Type': 'application/json' });
+        res.end(JSON.stringify({ success: true }));
+        return;
+    }
+    // GET status
+    if (req.method === 'GET' && tunnelSub === 'status') {
+        let config = null;
+        try {
+            config = readCloudConfig();
+        }
+        catch {
+            // Config file may be corrupted — treat as unregistered
+        }
+        const state = tunnelClient?.getState() ?? 'disconnected';
+        const uptime = tunnelClient?.getUptime() ?? null;
+        const response = {
+            registered: config !== null,
+            state,
+            uptime,
+        };
+        if (config) {
+            response.towerId = config.tower_id;
+            response.towerName = config.tower_name;
+            response.serverUrl = config.server_url;
+            response.accessUrl = `${config.server_url}/t/${config.tower_name}/`;
+        }
+        res.writeHead(200, { 'Content-Type': 'application/json' });
+        res.end(JSON.stringify(response));
+        return;
+    }
+    // Unknown tunnel endpoint
+    res.writeHead(404, { 'Content-Type': 'application/json' });
+    res.end(JSON.stringify({ error: 'Not found' }));
+}
 // Create server
 const server = http.createServer(async (req, res) => {
     // Security: Validate Host and Origin headers
@@ -1606,13 +1676,15 @@ const server = http.createServer(async (req, res) => {
         res.end('Forbidden');
         return;
     }
-    // CORS headers
+    // CORS headers — allow localhost and tunnel proxy origins
     const origin = req.headers.origin;
-    if (origin && (origin.startsWith('http://localhost:') || origin.startsWith('http://127.0.0.1:'))) {
+    if (origin && (origin.startsWith('http://localhost:') ||
+        origin.startsWith('http://127.0.0.1:') ||
+        origin.startsWith('https://'))) {
         res.setHeader('Access-Control-Allow-Origin', origin);
     }
-    res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS');
-    res.setHeader('Access-Control-Allow-Headers', 'Content-Type');
+    res.setHeader('Access-Control-Allow-Methods', 'GET, POST, DELETE, OPTIONS');
+    res.setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization');
     res.setHeader('Cache-Control', 'no-store');
     if (req.method === 'OPTIONS') {
         res.writeHead(200);
@@ -1641,64 +1713,11 @@ const server = http.createServer(async (req, res) => {
         }
         // =========================================================================
         // Tunnel Management Endpoints (Spec 0097 Phase 4)
+        // Also reachable from /project/<encoded>/api/tunnel/* (see project router)
         // =========================================================================
-        // POST /api/tunnel/connect — Connect or reconnect tunnel to codevos.ai
-        if (req.method === 'POST' && url.pathname === '/api/tunnel/connect') {
-            try {
-                const config = readCloudConfig();
-                if (!config) {
-                    res.writeHead(400, { 'Content-Type': 'application/json' });
-                    res.end(JSON.stringify({ success: false, error: 'Not registered. Run \'af tower register\' first.' }));
-                    return;
-                }
-                // Reset circuit breaker if in auth_failed state
-                if (tunnelClient)
-                    tunnelClient.resetCircuitBreaker();
-                const client = await connectTunnel(config);
-                res.writeHead(200, { 'Content-Type': 'application/json' });
-                res.end(JSON.stringify({ success: true, state: client.getState() }));
-            }
-            catch (err) {
-                log('ERROR', `Tunnel connect failed: ${err.message}`);
-                res.writeHead(500, { 'Content-Type': 'application/json' });
-                res.end(JSON.stringify({ success: false, error: err.message }));
-            }
-            return;
-        }
-        // POST /api/tunnel/disconnect — Disconnect tunnel from codevos.ai
-        if (req.method === 'POST' && url.pathname === '/api/tunnel/disconnect') {
-            if (tunnelClient) {
-                tunnelClient.disconnect();
-                tunnelClient = null;
-            }
-            res.writeHead(200, { 'Content-Type': 'application/json' });
-            res.end(JSON.stringify({ success: true }));
-            return;
-        }
-        // GET /api/tunnel/status — Return tunnel connection status
-        if (req.method === 'GET' && url.pathname === '/api/tunnel/status') {
-            let config = null;
-            try {
-                config = readCloudConfig();
-            }
-            catch {
-                // Config file may be corrupted — treat as unregistered
-            }
-            const state = tunnelClient?.getState() ?? 'disconnected';
-            const uptime = tunnelClient?.getUptime() ?? null;
-            const response = {
-                registered: config !== null,
-                state,
-                uptime,
-            };
-            if (config) {
-                response.towerId = config.tower_id;
-                response.towerName = config.tower_name;
-                response.serverUrl = config.server_url;
-                response.accessUrl = `${config.server_url}/t/${config.tower_name}/`;
-            }
-            res.writeHead(200, { 'Content-Type': 'application/json' });
-            res.end(JSON.stringify(response));
+        if (url.pathname.startsWith('/api/tunnel/')) {
+            const tunnelSub = url.pathname.slice('/api/tunnel/'.length);
+            await handleTunnelEndpoint(req, res, tunnelSub);
             return;
         }
         // API: List all projects (Spec 0090 Phase 1)
@@ -2167,6 +2186,15 @@ const server = http.createServer(async (req, res) => {
             // Phase 4 (Spec 0090): Tower handles everything directly
             const isApiCall = subPath.startsWith('api/') || subPath === 'api';
             const isWsPath = subPath.startsWith('ws/') || subPath === 'ws';
+            // Tunnel endpoints are tower-level, not project-scoped, but the React
+            // dashboard uses relative paths (./api/tunnel/...) which resolve to
+            // /project/<encoded>/api/tunnel/... in project context. Handle here by
+            // extracting the tunnel sub-path and dispatching to handleTunnelEndpoint().
+            if (subPath.startsWith('api/tunnel/')) {
+                const tunnelSub = subPath.slice('api/tunnel/'.length); // e.g. "status", "connect", "disconnect"
+                await handleTunnelEndpoint(req, res, tunnelSub);
+                return;
+            }
             // GET /file?path=<relative-path> — Read project file by path (for StatusPanel project list)
             if (req.method === 'GET' && subPath === 'file' && url.searchParams.has('path')) {
                 const relPath = url.searchParams.get('path');