@cybermem/dashboard 0.9.12 → 0.13.3

package/Dockerfile

@@ -15,10 +15,10 @@ RUN --mount=type=cache,target=/root/.pnpm-store pnpm install --no-frozen-lockfil
 # Copy source code
 COPY . .
 
-# Development stage - skips build, runs dev server
+# Development stage - skips build, runs Turbopack dev server (instant startup)
 FROM base AS dev
 ENV NODE_ENV=development
-CMD ["pnpm", "dev"]
+CMD ["pnpm", "dev", "--turbopack"]
 
 # Builder stage - runs build (slow)
 FROM base AS builder
@@ -28,7 +28,7 @@ RUN --mount=type=cache,target=/root/.pnpm-store \
 
 # Native stage for sqlite3 bindings and wrapper
 FROM node:20-alpine AS native-builder
-RUN apk add --no-cache python3 make g++
+RUN apk update && apk add --no-cache python3 python3-dev make g++
 WORKDIR /native
 RUN npm init -y && npm install sqlite3@5.1.7 sqlite@5.1.1
 

package/app/api/audit-logs/route.ts

@@ -71,25 +71,32 @@ export async function GET(request: Request) {
     const db = await open({
       filename: dbPath,
       driver: sqlite3.Database,
+      mode: sqlite3.OPEN_READONLY,
     });
 
-    const rawLogs = await db.all(
+    await db.run("PRAGMA busy_timeout=5000");
+
+    const rawLogsResults = await db.all(
       "SELECT * FROM cybermem_access_log ORDER BY timestamp DESC LIMIT 100",
     );
+    const rawLogs = JSON.parse(JSON.stringify(rawLogsResults || []));
     await db.close();
 
     console.error(`[AUDIT-LOGS-API] Found ${rawLogs.length} logs in SQLite`);
 
-    const logs = rawLogs.map((log: any) => {
+    const logs = (rawLogs || []).map((log: any) => {
       const statusCode = parseInt(log.status) || 0;
       let status = "Success";
       if (log.is_error === 1 || statusCode >= 400 || statusCode === 0)
         status = "Error";
       else if (statusCode >= 300) status = "Warning";
 
-      // Capitalize operation
-      const operation =
-        log.operation.charAt(0).toUpperCase() + log.operation.slice(1);
+      let operation = log.operation.toLowerCase();
+      if (operation === "create") operation = "Write";
+      else if (operation === "read") operation = "Read";
+      else if (operation === "update") operation = "Update";
+      else if (operation === "delete") operation = "Delete";
+      else operation = operation.charAt(0).toUpperCase() + operation.slice(1);
 
       return {
         timestamp: log.timestamp,
@@ -105,7 +112,6 @@ export async function GET(request: Request) {
     return NextResponse.json({ logs });
   } catch (error) {
     console.error("[AUDIT-LOGS-API] Error fetching audit logs:", error);
-    // Return empty list on error to avoid breaking UI with 500
     return NextResponse.json({ logs: [] });
   }
 }

package/app/api/health/route.ts

@@ -32,7 +32,7 @@ async function checkService(
       signal: controller.signal,
       cache: "no-store",
       headers: {
-        "X-Client-Name": "CyberMem-Dashboard",
+        "X-Client-Name": "antigravity-client",
       },
     });
     clearTimeout(timeoutId);
@@ -100,6 +100,7 @@ export async function GET(request: NextRequest) {
 
   // Check Core API if explicitly configured
   const apiEndpoint =
+    process.env.INTERNAL_MCP_URL ||
     process.env.CYBERMEM_URL ||
     process.env.OPENMEMORY_URL ||
     "http://localhost:8626";

package/app/api/mcp-config/route.ts

@@ -0,0 +1,128 @@
+import fs from "fs";
+import { NextResponse } from "next/server";
+import path from "path";
+
+export const dynamic = "force-dynamic";
+
+// Load clients config
+let clientsConfig: any[] = [];
+try {
+  const configPath = path.join(process.cwd(), "public", "clients.json");
+  clientsConfig = JSON.parse(fs.readFileSync(configPath, "utf-8"));
+} catch (e) {
+  console.error("Failed to load clients.json:", e);
+}
+
+export async function GET(request: Request) {
+  try {
+    const { searchParams } = new URL(request.url);
+    const clientId = searchParams.get("client") || "claude";
+    const maskKey = searchParams.get("mask") === "true";
+
+    // Fetch settings to get env, endpoint, apiKey, isManaged
+    // We try to fetch from the origin first, but fallback to localhost:3000 if interior to Docker
+    const origin =
+      request.headers.get("origin") || request.headers.get("referer");
+    const internalUrl = `http://localhost:3000/api/settings`;
+    const externalUrl = `${origin}/api/settings`;
+
+    let settings: any = {};
+    try {
+      // Priority: Try fetching from the same process/port (Localhost:3000)
+      const settingsRes = await fetch(internalUrl, {
+        headers: request.headers,
+        signal: AbortSignal.timeout(2000),
+      });
+      if (settingsRes.ok) {
+        settings = await settingsRes.json();
+      } else if (origin) {
+        // Fallback to origin if internal fetch failed
+        const extRes = await fetch(externalUrl, { headers: request.headers });
+        if (extRes.ok) settings = await extRes.json();
+      }
+    } catch (e) {
+      console.warn(
+        "[MCP-CONFIG-API] Internal fetch failed, using fallback empty settings",
+        e,
+      );
+    }
+
+    const apiKey = settings.apiKey !== "not-set" ? settings.apiKey : "";
+    const baseUrl =
+      searchParams.get("baseUrl") ||
+      settings.endpoint ||
+      "http://localhost:8626/mcp";
+    const isManaged = settings.isManaged || false;
+    const env = settings.env || "prod";
+    const isStaging = env === "staging";
+
+    const displayKey = maskKey
+      ? "••••••••••••••••"
+      : apiKey || "sk-your-generated-token";
+    const actualKey = apiKey || "sk-your-generated-token";
+
+    const client = clientsConfig.find((c: any) => c.id === clientId);
+
+    // Generate config based on client type
+    let config: any;
+    let configType = client?.configType || "json";
+
+    if (configType === "toml") {
+      if (isManaged) {
+        config = `[mcpServers.cybermem]\ncommand = "npx"\nargs = ["@cybermem/mcp"]`;
+      } else {
+        const keyVal = maskKey ? displayKey : actualKey;
+        config = `[mcpServers.cybermem]\ncommand = "npx"\nargs = ["@cybermem/mcp", "--url", "${baseUrl}", "--token", "${keyVal}"]`;
+      }
+    } else if (configType === "command" || configType === "cmd") {
+      let cmd = isManaged ? client?.localCommand : client?.remoteCommand;
+      if (!cmd) {
+        cmd = client?.command?.replace("http://localhost:8080", baseUrl) || "";
+      }
+      cmd = cmd.replace("{{ENDPOINT}}", baseUrl);
+      cmd = cmd.replace("{{API_KEY}}", maskKey ? displayKey : actualKey);
+      cmd = cmd.replace("{{TOKEN}}", maskKey ? displayKey : actualKey);
+      config = cmd;
+    } else {
+      // JSON (default)
+      const args = isManaged
+        ? ["-y", "@cybermem/mcp"]
+        : [
+            "-y",
+            "@cybermem/mcp",
+            "--url",
+            baseUrl,
+            "--token",
+            maskKey ? displayKey : actualKey,
+          ];
+
+      if (isStaging && !isManaged) {
+        args.push("--staging");
+      }
+
+      config = {
+        mcpServers: {
+          cybermem: {
+            command: "npx",
+            args: args,
+          },
+        },
+      };
+    }
+
+    return NextResponse.json({
+      config,
+      configType,
+      apiKey: maskKey ? displayKey : actualKey,
+      baseUrl,
+      isManaged,
+      env,
+    });
+  } catch (error) {
+    console.error("[MCP-CONFIG-API] Error generating config:", error);
+    return NextResponse.json(
+      { error: "Failed to generate config" },
+      { status: 500 },
+    );
+  }
+}

package/app/api/metrics/route.ts

@@ -79,14 +79,19 @@ export async function GET(request: Request) {
 
     if (fs.existsSync(dbPath)) {
       console.error(`[STATS-API] Reading SQLite from ${dbPath}`);
+      let db: any = null;
       try {
         const sqlite3 = require("sqlite3").verbose();
         const { open } = require("sqlite");
-        const db = await open({
+        db = await open({
           filename: dbPath,
           driver: sqlite3.Database,
+          mode: sqlite3.OPEN_READONLY,
         });
 
+        // Wait for locks if needed
+        await db.exec("PRAGMA busy_timeout=5000");
+
         // Basic Stats
         const memories = await db.get("SELECT COUNT(*) as count FROM memories");
         const totalReqs = await db.get(
@@ -115,23 +120,17 @@ export async function GET(request: Request) {
               100
             : 100;
 
-        console.error(
-          `[STATS-API] SQLite stats: ${stats.totalRequests} total requests, ${stats.memoryRecords} records`,
-        );
-
         if (lastWrite) {
           stats.lastWriter = {
             name: normalizeClientName(lastWrite.client_name),
             timestamp: lastWrite.timestamp,
           };
-          console.error(`[STATS-API] Last writer: ${stats.lastWriter.name}`);
         }
         if (lastRead) {
           stats.lastReader = {
             name: normalizeClientName(lastRead.client_name),
             timestamp: lastRead.timestamp,
           };
-          console.error(`[STATS-API] Last reader: ${stats.lastReader.name}`);
         }
 
         // Top activity
@@ -154,46 +153,30 @@ export async function GET(request: Request) {
           };
 
         // --- TIME SERIES AGGREGATION (Robust Linear Sampling) ---
-        let periodMs = 24 * 60 * 60 * 1000; // Default 24h
+        let periodMs = 24 * 60 * 60 * 1000;
         if (period === "1h") periodMs = 60 * 60 * 1000;
         else if (period === "7d") periodMs = 7 * 24 * 60 * 60 * 1000;
         else if (period === "30d") periodMs = 30 * 24 * 60 * 60 * 1000;
-        else if (period === "90d") periodMs = 90 * 24 * 60 * 60 * 1000;
         else if (period === "24h") periodMs = 24 * 60 * 60 * 1000;
 
         const now = Date.now();
         const startTime = now - periodMs;
 
-        console.error(
-          `[STATS-API] Fetching cumulative chart data since ${new Date(startTime).toISOString()}`,
-        );
-
-        // Get all logs in period
-        const allLogs = await db.all(
-          `
-          SELECT timestamp, operation, client_name
-          FROM cybermem_access_log
-          WHERE timestamp > ?
-          ORDER BY timestamp ASC
-        `,
+        // Strip any potential native proxy bits from sqlite3 results
+        const rawAllLogs = await db.all(
+          `SELECT timestamp, operation, client_name FROM cybermem_access_log WHERE timestamp > ? ORDER BY timestamp ASC`,
           [startTime],
         );
+        const allLogs = JSON.parse(JSON.stringify(rawAllLogs || []));
 
-        // Get base counts (before startTime) to start the cumulative graph correctly
-        const baseCounts = await db.all(
-          `
-          SELECT operation, client_name, COUNT(*) as count
-          FROM cybermem_access_log
-          WHERE timestamp <= ?
-          GROUP BY 1, 2
-        `,
+        const rawBaseCounts = await db.all(
+          `SELECT operation, client_name, COUNT(*) as count FROM cybermem_access_log WHERE timestamp <= ? GROUP BY 1, 2`,
           [startTime],
         );
+        const baseCounts = JSON.parse(JSON.stringify(rawBaseCounts || []));
 
         const buildBeautifulSeries = (targetOp: string) => {
           const clientTotals: Record<string, number> = {};
-
-          // 1. Initialize with base counts
           baseCounts
             .filter((b: any) => b.operation === targetOp)
             .forEach((b: any) => {
@@ -202,16 +185,12 @@ export async function GET(request: Request) {
 
           const series: any[] = [];
           const opLogs = allLogs.filter((l: any) => l.operation === targetOp);
-
-          // 2. Linear Sampling (60 points)
           const SAMPLES = 60;
           const interval = (now - startTime) / SAMPLES;
           let currentLogIdx = 0;
 
           for (let i = 0; i <= SAMPLES; i++) {
             const timePoint = startTime + i * interval;
-
-            // Catch up logs that happened before this timePoint
             while (
               currentLogIdx < opLogs.length &&
               opLogs[currentLogIdx].timestamp <= timePoint
@@ -221,14 +200,11 @@ export async function GET(request: Request) {
                 (clientTotals[log.client_name] || 0) + 1;
               currentLogIdx++;
             }
-
-            // Record state at this exact linear time point
             series.push({
               time: Math.floor(timePoint / 1000),
               ...clientTotals,
             });
           }
-
           return series;
         };
 
@@ -237,44 +213,19 @@ export async function GET(request: Request) {
         timeseries.updates = buildBeautifulSeries("update");
         timeseries.deletes = buildBeautifulSeries("delete");
 
-        console.error(`[STATS-API] SQLite Stats & Beautiful Charts processed.`);
-
-        await db.close();
+        console.error(`[STATS-API] SQLite + Charts processed successfully.`);
       } catch (dbErr) {
-        console.error(
-          "[STATS-API] Direct SQLite metrics fetch failed, trying db-exporter fallback:",
-          dbErr,
-        );
-        try {
-          const exporterRes = await fetch(`${DB_EXPORTER_URL}/metrics`, {
-            signal: controller.signal,
-          });
-          if (exporterRes.ok) {
-            const text = await exporterRes.text();
-            const getValue = (name: string) => {
-              const match = text.match(new RegExp(`${name}\\s+([\\d.]+)`));
-              return match ? parseFloat(match[1]) : 0;
-            };
-            stats.memoryRecords = getValue("openmemory_memories_total");
-            stats.totalRequests = getValue(
-              "openmemory_requests_aggregate_total",
-            );
-            stats.successRate = getValue("openmemory_success_rate_aggregate");
-            console.error(
-              `[STATS-API] Fallback stats from db-exporter: ${stats.totalRequests} total requests`,
-            );
-          }
-        } catch (exporterErr) {
-          console.error("[STATS-API] Fallback fetch failed:", exporterErr);
+        console.error("[STATS-API] Direct SQLite metrics fetch failed:", dbErr);
+      } finally {
+        if (db) {
+          await db.close();
         }
       }
-    } else {
-      console.error(`[STATS-API] SQLite DB NOT FOUND at ${dbPath}`);
     }
 
     clearTimeout(timeoutId);
 
-    return NextResponse.json({
+    const responseData = {
       stats: {
         ...stats,
         topWriter: {
@@ -300,7 +251,8 @@ export async function GET(request: Request) {
         updates: normalizeTimeSeries(timeseries.updates || []),
         deletes: normalizeTimeSeries(timeseries.deletes || []),
       },
-    });
+    };
+    return NextResponse.json(responseData);
   } catch (error) {
     console.error("Failed to fetch metrics:", error);
     return NextResponse.json(

package/app/api/settings/route.ts

@@ -1,54 +1,115 @@
 import { checkRateLimit, rateLimitResponse } from "@/lib/rate-limit";
 import fs from "fs";
 import { NextRequest, NextResponse } from "next/server";
+import os from "os";
+import path from "path";
 
 export const dynamic = "force-dynamic";
 
 const CONFIG_PATH = "/data/config.json";
 
-// Detect the correct MCP endpoint based on request host
+// Detect the correct MCP endpoint based on request host and environment
 function getMcpEndpoint(request: NextRequest): {
   endpoint: string;
   isLocal: boolean;
 } {
-  const host = request.headers.get("host") || "localhost:3000";
+  const host = request.headers.get("host") || "localhost:8626";
   const hostname = host.split(":")[0];
+  const port = host.split(":")[1] || "";
+  const env = process.env.CYBERMEM_ENV || "prod";
+  const isStaging = env === "staging";
+  const isTailscale =
+    process.env.CYBERMEM_TAILSCALE === "true" || host.includes(".ts.net");
+
+  // Priority 1: Explicit public override
+  if (process.env.CYBERMEM_PUBLIC_URL) {
+    const url = process.env.CYBERMEM_PUBLIC_URL;
+    return {
+      endpoint: url.endsWith("/mcp") ? url : `${url.replace(/\/$/, "")}/mcp`,
+      isLocal: false,
+    };
+  }
+
+  // Priority 2: Tailscale / Funnel (Port-Based)
+  if (isTailscale) {
+    const protocol = request.headers.get("x-forwarded-proto") || "https";
+    const displayPort = isStaging ? "8443" : "443";
+    // If port is already in the host, it will be used. Hostname is enough.
+    return {
+      endpoint: `${protocol}://${hostname}${port ? ":" + port : displayPort === "443" ? "" : ":" + displayPort}/mcp`,
+      isLocal: false,
+    };
+  }
 
-  // Priority 1: Explicit env var
-  if (process.env.CYBERMEM_URL) {
-    return { endpoint: process.env.CYBERMEM_URL, isLocal: false };
+  // Priority 3: Localhost / LAN
+  if (
+    hostname === "localhost" ||
+    hostname === "127.0.0.1" ||
+    hostname.endsWith(".local")
+  ) {
+    // Port detection priority: Host header > X-Forwarded-Port > TRAEFIK_PORT env > env-based default
+    const forwardedPort = request.headers.get("x-forwarded-port") || "";
+    const traefikPort = process.env.TRAEFIK_PORT || "";
+    const effectivePort = port || forwardedPort || traefikPort;
+
+    const isStandardPort =
+      effectivePort === "8625" ||
+      effectivePort === "8626" ||
+      effectivePort === "8627";
+    // If accessed via non-standard port (k3d 8081), suggest placeholder
+    const isLoopback = hostname === "localhost" || hostname === "127.0.0.1";
+    const isRemote = !isStandardPort && isLoopback;
+
+    const displayHost = isRemote ? "YOUR_VPS_IP" : hostname;
+    // Use detected port if standard, otherwise fall back to env-based default
+    const displayPort = isStandardPort
+      ? effectivePort
+      : isStaging
+        ? "8625"
+        : "8626";
+
+    return {
+      endpoint: `http://${displayHost}:${displayPort}/mcp`,
+      isLocal: isLoopback && !isRemote,
+    };
   }
 
-  // Priority 2: Tailscale domain (from env or detect)
-  const tailscaleDomain = process.env.TAILSCALE_DOMAIN;
+  // Fallback
+  const protocol = request.headers.get("x-forwarded-proto") || "http";
+  const displayPort = port || (isStaging ? "8625" : "8626");
+  return {
+    endpoint: `${protocol}://${hostname}:${displayPort}/mcp`,
+    isLocal: false,
+  };
+}
 
-  // Priority 3: Based on request host
-  if (hostname === "localhost" || hostname === "127.0.0.1") {
-    // Local development
-    return { endpoint: "http://localhost:8626/mcp", isLocal: true };
+// Detect hardware type
+function getInstanceType(): "local" | "rpi" | "vps" {
+  // Explicit override
+  if (process.env.CYBERMEM_INSTANCE) {
+    const val = process.env.CYBERMEM_INSTANCE.toLowerCase();
+    if (val === "rpi") return "rpi";
+    if (val === "vps") return "vps";
+    return "local";
   }
 
-  if (hostname.endsWith(".local")) {
-    // LAN access (raspberrypi.local)
-    // If Tailscale domain is available, prefer it for remote config
-    if (tailscaleDomain) {
-      return {
-        endpoint: `https://${tailscaleDomain}/cybermem/mcp`,
-        isLocal: false,
-        // Also provide LAN endpoint as fallback
-      };
-    }
-    return { endpoint: `http://${hostname}:8626/mcp`, isLocal: true };
+  const hostname = os.hostname().toLowerCase();
+  const arch = process.arch;
+
+  // RPi detection: hostname has 'raspberry' OR it's arm/arm64 on linux
+  if (
+    hostname.includes("raspberry") ||
+    (process.platform === "linux" && (arch === "arm" || arch === "arm64"))
+  ) {
+    return "rpi";
   }
 
-  if (hostname.includes(".ts.net")) {
-    // Tailscale Funnel access
-    return { endpoint: `https://${hostname}/cybermem/mcp`, isLocal: false };
+  // Cloud/VPS detection (heuristic)
+  if (process.env.VERCEL || process.env.KUBERNETES_SERVICE_HOST) {
+    return "vps";
   }
 
-  // Fallback: use request host
-  const protocol = request.headers.get("x-forwarded-proto") || "http";
-  return { endpoint: `${protocol}://${hostname}:8626/mcp`, isLocal: false };
+  return "local";
 }
 
 export async function GET(request: NextRequest) {
@@ -77,12 +138,42 @@ export async function GET(request: NextRequest) {
     // ignore
   }
 
+  // Priority: Docker Secrets (Standard production way)
+  try {
+    const secretPath = "/run/secrets/om_api_key";
+    if (fs.existsSync(secretPath)) {
+      const secret = fs.readFileSync(secretPath, "utf-8").trim();
+      if (secret) apiKey = secret;
+    }
+  } catch (e) {
+    // ignore
+  }
+
   // Get dynamic endpoint based on request host
   const { endpoint, isLocal } = getMcpEndpoint(request);
 
+  // Detect instance type
+  const instanceType = getInstanceType();
+
   // isManaged = Local Mode (localhost auto-login)
   const isManaged = isLocal;
 
+  // Read version from package.json
+  let version = "v0.11.4"; // Default fallback
+  try {
+    const pkgPath = path.join(process.cwd(), "package.json");
+    if (fs.existsSync(pkgPath)) {
+      const pkg = JSON.parse(fs.readFileSync(pkgPath, "utf-8"));
+      version = `v${pkg.version}`;
+    }
+  } catch (e) {
+    // ignore
+  }
+
+  // Environment detection SSoT: Trust environment variables set during stack start
+  const env = process.env.CYBERMEM_ENV || "prod";
+  const instance = process.env.CYBERMEM_INSTANCE || "local";
+
   return NextResponse.json(
     {
       token: apiKey,
@@ -90,8 +181,12 @@ export async function GET(request: NextRequest) {
       endpoint,
       isManaged,
       isLocal,
-      dashboardVersion: "v0.8.0",
-      mcpVersion: "v0.8.0",
+      instanceType,
+      env: env,
+      instance: instance,
+      tailscale: process.env.CYBERMEM_TAILSCALE === "true",
+      dashboardVersion: version,
+      mcpVersion: version,
     },
     {
       headers: {