npm - @cryptiklemur/lattice - Versions diffs - 5.2.0 → 5.3.0 - Mend

@cryptiklemur/lattice 5.2.0 → 5.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/server/daemon.js CHANGED Viewed

@@ -407,7 +407,12 @@ export async function startDaemon(portOverride, tlsOverride) {
             log.server("TLS enabled (cert: %s)", certs.cert);
         }
         catch (err) {
-            console.error("[lattice] Failed to load TLS certs, falling back to HTTP:", err);
+            if (err?.code === "EACCES") {
+                console.error("[lattice] Permission denied reading TLS certs. Run 'lattice setup-tls' to fix permissions.");
+            }
+            else {
+                console.error("[lattice] Failed to load TLS certs, falling back to HTTP:", err);
+            }
         }
     }
     if (tlsOptions) {

package/dist/server/index.js CHANGED Viewed

@@ -18,7 +18,7 @@ function getCurrentVersion() {
     }
 }
 var args = process.argv.slice(2);
-var command = "start";
+var command = "help";
 var portOverride = null;
 var tlsOverride = null;
 for (var i = 0; i < args.length; i++) {
@@ -92,11 +92,11 @@ function spawnDaemon(port, tls) {
         var pkgRoot = join(__dirname_local, "..");
         var localTsx = join(pkgRoot, "node_modules", ".bin", "tsx");
         spawnCmd = existsSync(localTsx) ? localTsx : "tsx";
-        spawnArgs = ["--tsconfig", join(pkgRoot, "tsconfig.json"), __filename_local, "daemon", "--port", String(port)];
+        spawnArgs = ["--tsconfig", join(pkgRoot, "tsconfig.json"), __filename_local, "run", "--port", String(port)];
     }
     else {
         spawnCmd = process.execPath;
-        spawnArgs = [__filename_local, "daemon", "--port", String(port)];
+        spawnArgs = [__filename_local, "run", "--port", String(port)];
     }
     if (tls === true)
         spawnArgs.push("--tls");
@@ -111,6 +111,7 @@ function spawnDaemon(port, tls) {
     return child.pid;
 }
 switch (command) {
+    case "run":
     case "daemon":
         await runDaemon();
         break;
@@ -263,7 +264,8 @@ function runHelp() {
     console.log("  Usage: lattice [command] [options]");
     console.log("");
     console.log("  Commands:");
-    console.log("    start      Start the daemon and open the UI (default)");
+    console.log("    start      Start the daemon and open the UI");
+    console.log("    run        Run the daemon in the foreground");
     console.log("    stop       Stop the running daemon");
     console.log("    restart    Stop and restart the daemon");
     console.log("    status     Show daemon status and connection info");
@@ -273,7 +275,7 @@ function runHelp() {
     console.log("    open       Open the UI in the browser");
     console.log("    config     Show configuration paths and settings");
     console.log("    setup-tls  Set up HTTPS (Tailscale or self-signed)");
-    console.log("    help       Show this help message");
+    console.log("    help       Show this help message (default)");
     console.log("");
     console.log("  Options:");
     console.log("    --port=N   Override the server port");
@@ -286,51 +288,148 @@ function runHelp() {
     console.log("");
 }
 async function runSetupTls() {
-    var { execSync: exec } = await import("node:child_process");
+    var { spawnSync } = await import("node:child_process");
+    var { createInterface } = await import("node:readline");
+    var { mkdirSync, chmodSync, chownSync, statSync } = await import("node:fs");
     var certsDir = join(getLatticeHome(), "certs");
     var certPath = join(certsDir, "cert.pem");
     var keyPath = join(certsDir, "key.pem");
-    console.log("[lattice] TLS Setup");
+    function prompt(question) {
+        var rl = createInterface({ input: process.stdin, output: process.stdout });
+        return new Promise(function (resolve) {
+            rl.question(question, function (answer) {
+                rl.close();
+                resolve(answer.trim().toLowerCase());
+            });
+        });
+    }
+    console.log("");
+    console.log("  lattice — TLS Setup");
     console.log("");
     var hasTailscale = false;
+    var hostname = "";
     try {
-        exec("tailscale version", { stdio: "ignore" });
+        spawnSync("tailscale", ["version"], { stdio: "ignore" });
         hasTailscale = true;
+        var statusResult = spawnSync("tailscale", ["status", "--json"], { encoding: "utf-8" });
+        if (statusResult.status === 0) {
+            hostname = JSON.parse(statusResult.stdout).Self.DNSName.replace(/\.$/, "");
+        }
     }
     catch { }
-    if (hasTailscale) {
-        console.log("  Tailscale detected. To use trusted Tailscale HTTPS certs:");
+    if (hasTailscale && hostname) {
+        console.log("  Tailscale detected: " + hostname);
         console.log("");
-        try {
-            var dnsName = exec("tailscale status --json", { encoding: "utf-8" });
-            var hostname = JSON.parse(dnsName).Self.DNSName.replace(/\.$/, "");
-            console.log("  1. Generate cert:");
-            console.log("     sudo tailscale cert --cert-file " + certPath + " --key-file " + keyPath + " " + hostname);
+        var answer = await prompt("  Set up Tailscale HTTPS certs automatically? [Y/n] ");
+        if (answer !== "n" && answer !== "no") {
+            if (!existsSync(certsDir)) {
+                mkdirSync(certsDir, { recursive: true });
+            }
             console.log("");
-            console.log("  2. Enable TLS and restart:");
-            console.log("     lattice restart --tls");
+            console.log("  Generating Tailscale cert (sudo required)...");
             console.log("");
-            console.log("  3. Access at:");
-            console.log("     https://" + hostname + ":" + loadConfig().port);
-        }
-        catch {
-            console.log("  1. Run: sudo tailscale cert --cert-file " + certPath + " --key-file " + keyPath + " <your-hostname>.ts.net");
-            console.log("  2. Run: lattice restart --tls");
+            var certResult = spawnSync("sudo", ["tailscale", "cert", "--cert-file", certPath, "--key-file", keyPath, hostname], { stdio: "inherit" });
+            if (certResult.status !== 0) {
+                console.error("");
+                console.error("  Failed to generate Tailscale certs.");
+                console.error("  You can run manually:");
+                console.error("    sudo tailscale cert --cert-file " + certPath + " --key-file " + keyPath + " " + hostname);
+                process.exit(1);
+            }
+            var uid = process.getuid ? process.getuid() : 0;
+            var gid = process.getgid ? process.getgid() : 0;
+            try {
+                chownSync(certPath, uid, gid);
+                chownSync(keyPath, uid, gid);
+                chmodSync(certPath, 0o644);
+                chmodSync(keyPath, 0o600);
+            }
+            catch {
+                console.log("  Fixing permissions with sudo...");
+                spawnSync("sudo", ["chown", uid + ":" + gid, certPath, keyPath], { stdio: "inherit" });
+                spawnSync("sudo", ["chmod", "644", certPath], { stdio: "inherit" });
+                spawnSync("sudo", ["chmod", "600", keyPath], { stdio: "inherit" });
+            }
+            console.log("");
+            console.log("  Certs installed and permissions fixed.");
+            var config = loadConfig();
+            if (!config.tls) {
+                var { saveConfig: saveCfg } = await import("./config.js");
+                config.tls = true;
+                saveCfg(config);
+                console.log("  TLS enabled in config.");
+            }
+            var pid = readPid();
+            if (pid !== null && isDaemonRunning(pid)) {
+                var restartAnswer = await prompt("  Daemon is running. Restart with TLS? [Y/n] ");
+                if (restartAnswer !== "n" && restartAnswer !== "no") {
+                    console.log("  Restarting daemon...");
+                    try {
+                        process.kill(pid, "SIGTERM");
+                    }
+                    catch { }
+                    removePid();
+                    await new Promise(function (r) { setTimeout(r, 1500); });
+                    var port = portOverride ?? config.port;
+                    var childPid = spawnDaemon(port, true);
+                    writePid(childPid);
+                    console.log("  Daemon restarted (PID " + childPid + ")");
+                }
+            }
+            console.log("");
+            console.log("  Access at: https://" + hostname + ":" + loadConfig().port);
+            console.log("");
+            return;
         }
     }
-    else {
-        console.log("  Tailscale not found. Using self-signed certificate.");
+    else if (hasTailscale) {
+        console.log("  Tailscale detected but could not determine hostname.");
+        console.log("  Run 'tailscale status' to verify your connection.");
         console.log("");
     }
-    console.log("");
     console.log("  ── Self-signed certificate ──");
     console.log("");
-    if (existsSync(certPath)) {
+    if (existsSync(certPath) && existsSync(keyPath)) {
         console.log("  Cert exists: " + certPath);
-        console.log("  To regenerate: rm -rf " + certsDir + " && lattice restart --tls");
+        console.log("  To regenerate: rm -rf " + certsDir + " && lattice setup-tls");
     }
     else {
-        console.log("  No cert yet. Run 'lattice restart --tls' to auto-generate one.");
+        var selfSignAnswer = await prompt("  Generate a self-signed certificate? [Y/n] ");
+        if (selfSignAnswer !== "n" && selfSignAnswer !== "no") {
+            var { ensureCerts } = await import("./tls.js");
+            try {
+                var certs = ensureCerts();
+                console.log("  Certificate generated: " + certs.cert);
+                var config = loadConfig();
+                if (!config.tls) {
+                    var { saveConfig: saveCfg } = await import("./config.js");
+                    config.tls = true;
+                    saveCfg(config);
+                    console.log("  TLS enabled in config.");
+                }
+                var pid = readPid();
+                if (pid !== null && isDaemonRunning(pid)) {
+                    var restartAnswer = await prompt("  Daemon is running. Restart with TLS? [Y/n] ");
+                    if (restartAnswer !== "n" && restartAnswer !== "no") {
+                        console.log("  Restarting daemon...");
+                        try {
+                            process.kill(pid, "SIGTERM");
+                        }
+                        catch { }
+                        removePid();
+                        await new Promise(function (r) { setTimeout(r, 1500); });
+                        var port = portOverride ?? config.port;
+                        var childPid = spawnDaemon(port, true);
+                        writePid(childPid);
+                        console.log("  Daemon restarted (PID " + childPid + ")");
+                    }
+                }
+            }
+            catch (err) {
+                console.error("  Failed to generate certificate:", err);
+                process.exit(1);
+            }
+        }
     }
     console.log("");
     console.log("  To trust the self-signed cert (removes browser warnings):");

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@cryptiklemur/lattice",
-  "version": "5.2.0",
+  "version": "5.3.0",
   "description": "Multi-machine agentic dashboard for Claude Code. Monitor sessions, manage MCP servers and skills, orchestrate across mesh-networked nodes.",
   "license": "MIT",
   "author": "Aaron Scherer <me@aaronscherer.me>",