npm - @decentnetwork/lan - Versions diffs - 0.1.27 → 0.1.29 - Mend

@decentnetwork/lan 0.1.27 → 0.1.29

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/bin/tun-helper-darwin-amd64 +0 -0
package/bin/tun-helper-darwin-arm64 +0 -0
package/bin/tun-helper-linux-amd64 +0 -0
package/bin/tun-helper-linux-arm64 +0 -0
package/dist/cli/commands.d.ts +9 -0
package/dist/cli/commands.js +19 -0
package/dist/cli/index.js +9 -1
package/dist/daemon/ipc.d.ts +9 -1
package/dist/daemon/ipc.js +2 -0
package/dist/daemon/server.js +80 -3
package/package.json +1 -1

package/bin/tun-helper-darwin-amd64 CHANGED Viewed

Binary file

package/bin/tun-helper-darwin-arm64 CHANGED Viewed

Binary file

package/bin/tun-helper-linux-amd64 CHANGED Viewed

Binary file

package/bin/tun-helper-linux-arm64 CHANGED Viewed

Binary file

package/dist/cli/commands.d.ts CHANGED Viewed

@@ -296,3 +296,12 @@ export declare function cmdServiceInstall(args: {
 export declare function cmdServiceStatus(_args: {
     configDir?: string;
 }): Promise<void>;
+/**
+ * Ask the running daemon to re-exec itself. Used after
+ * `npm install -g @decentnetwork/lan@<new>` so the daemon picks up
+ * the new code without a sudo prompt — the daemon already has the
+ * privileges it needs to rebind the TUN.
+ */
+export declare function cmdRestart(args: {
+    configDir?: string;
+}): Promise<void>;

package/dist/cli/commands.js CHANGED Viewed

@@ -1453,3 +1453,22 @@ export async function cmdServiceStatus(_args) {
     }
     console.log(`'service status' isn't wired up for ${process.platform}.`);
 }
+/**
+ * Ask the running daemon to re-exec itself. Used after
+ * `npm install -g @decentnetwork/lan@<new>` so the daemon picks up
+ * the new code without a sudo prompt — the daemon already has the
+ * privileges it needs to rebind the TUN.
+ */
+export async function cmdRestart(args) {
+    const dir = args.configDir || ConfigLoader.defaultConfigDir();
+    const config = await ConfigLoader.load(resolve(dir, "config.yaml"));
+    if (daemonPid(config) === null) {
+        throw new Error("Daemon not running. Start it once with 'agentnet up' (needs sudo for TUN); after that 'agentnet restart' takes care of upgrades without further sudo prompts.");
+    }
+    const res = await ipcCall(config, { op: "self-restart" });
+    if (!res.ok)
+        throw new Error(`Daemon refused: ${res.error}`);
+    const data = res.data;
+    console.log(`Daemon scheduled for self-restart. New process will exec: ${(data.argv || []).join(" ")}`);
+    console.log("Allow ~5s for the daemon to come back up. Verify with 'agentnet diag'.");
+}

package/dist/cli/index.js CHANGED Viewed

@@ -10,7 +10,7 @@ import { hideBin } from "yargs/helpers";
 // Belt-and-braces — also raise it here in case the CLI is run directly
 // (e.g. `node dist/cli/index.js` rather than via dist/index.js).
 EventEmitter.defaultMaxListeners = 100;
-import { cmdInit, cmdIdentityShow, cmdPeersList, cmdIpamAssign, cmdGrant, cmdRevoke, cmdResolve, cmdStatus, cmdUp, cmdAuditLog, cmdFriendRequest, cmdFriendAccept, cmdFriendsList, cmdFriendsPending, cmdFriendsAccept, cmdFriendsReject, cmdProxyEnable, cmdProxyDisable, cmdProxyStatus, cmdProxyAllowHost, cmdProxyRevokeHost, cmdProxyListHosts, cmdProxyUse, cmdDoraEnable, cmdDoraDisable, cmdDoraStatus, cmdDoraAutofriend, cmdDiag, cmdDnsInstall, cmdDnsHosts, cmdServiceInstall, cmdServiceStatus, } from "./commands.js";
+import { cmdInit, cmdIdentityShow, cmdPeersList, cmdIpamAssign, cmdGrant, cmdRevoke, cmdResolve, cmdStatus, cmdUp, cmdAuditLog, cmdFriendRequest, cmdFriendAccept, cmdFriendsList, cmdFriendsPending, cmdFriendsAccept, cmdFriendsReject, cmdProxyEnable, cmdProxyDisable, cmdProxyStatus, cmdProxyAllowHost, cmdProxyRevokeHost, cmdProxyListHosts, cmdProxyUse, cmdDoraEnable, cmdDoraDisable, cmdDoraStatus, cmdDoraAutofriend, cmdDiag, cmdDnsInstall, cmdDnsHosts, cmdServiceInstall, cmdRestart, cmdServiceStatus, } from "./commands.js";
 async function main() {
     await yargs(hideBin(process.argv))
         .scriptName("agentnet")
@@ -118,6 +118,14 @@ async function main() {
     })
         .demandCommand(1, "Specify a service subcommand (run 'agentnet service --help')"), () => {
         // parent handler — never invoked because demandCommand above
+    })
+        // Tell the running daemon to re-exec itself with its original argv.
+        // The daemon inherits its own uid (root if it was launched as root)
+        // so the relaunch needs NO sudo prompt — useful after
+        // `npm install -g @decentnetwork/lan@<new>` to pick up new code
+        // without breaking the operator's flow.
+        .command("restart", "Tell the running daemon to re-exec itself (no sudo prompt; daemon must be up)", (y) => y.option("config-dir", { type: "string" }), async (argv) => {
+        await cmdRestart({ configDir: argv["config-dir"] });
     })
         .command("up", "Start the daemon", (y) => y
         .option("name", { type: "string" })

package/dist/daemon/ipc.d.ts CHANGED Viewed

@@ -45,9 +45,17 @@ export interface IpcHandlers {
      *  restart (which drops every Carrier session). Returns the applied
      *  allowlist for the CLI to echo. */
     proxyReload: () => Promise<Record<string, unknown>>;
+    /** Re-exec the running daemon with its original argv. The new
+     *  process inherits the current process's privileges (so a
+     *  root-owned daemon re-execs as root with no sudo prompt),
+     *  picks up freshly-installed code on disk, and rebinds the
+     *  TUN. Used for the upgrade flow: `npm install` the new
+     *  decentlan, then call this to roll forward without an
+     *  operator-side sudo step. */
+    selfRestart: () => Promise<Record<string, unknown>>;
 }
 export interface IpcRequest {
-    op: "friend-request" | "ping" | "diag" | "friends-pending" | "friends-accept" | "friends-reject" | "proxy-reload";
+    op: "friend-request" | "ping" | "diag" | "friends-pending" | "friends-accept" | "friends-reject" | "proxy-reload" | "self-restart";
     address?: string;
     hello?: string;
     userid?: string;

package/dist/daemon/ipc.js CHANGED Viewed

@@ -146,6 +146,8 @@ export class IpcServer {
             }
             case "proxy-reload":
                 return await this.handlers.proxyReload();
+            case "self-restart":
+                return await this.handlers.selfRestart();
             default:
                 throw new Error(`unknown op: ${req.op}`);
         }

package/dist/daemon/server.js CHANGED Viewed

@@ -18,6 +18,18 @@ import { DnsServer } from "../dns/server.js";
 import { IpcServer, ipcSocketPath } from "./ipc.js";
 import { PendingFriendsStore } from "./pending-friends.js";
 import { Logger } from "../utils/logger.js";
+/**
+ * Quote argv safely for `sh -c`. Wraps single-quotes by closing,
+ * escaping the quote, and reopening — covers paths with spaces and
+ * the rare argv that contains a literal '. Used by the self-restart
+ * relauncher so the spawned `sh -c '... exec X Y Z'` shell receives
+ * argv intact even if a path has weird characters.
+ */
+function shellQuote(parts) {
+    return parts
+        .map((p) => "'" + p.replace(/'/g, `'\\''`) + "'")
+        .join(" ");
+}
 import { ConfigLoader } from "../config/loader.js";
 export class DaemonServer {
     config;
@@ -175,6 +187,47 @@ export class DaemonServer {
                     }
                     return { applied: true, allowHosts };
                 },
+                selfRestart: async () => {
+                    // Detach a child process that waits briefly and then re-execs
+                    // the same argv we were started with. Inherits privileges
+                    // (root daemon → root child, no sudo prompt). The current
+                    // process exits cleanly after responding to the IPC call so
+                    // the child can rebind the TUN. The brief sleep gives the
+                    // current process time to flush its IPC response, close
+                    // sockets, and release the pidfile/TUN before the new
+                    // process tries to claim them.
+                    const { spawn } = await import("child_process");
+                    const argv = process.argv.slice();
+                    const node = argv.shift();
+                    this.logger.info(`Self-restart requested via IPC — relaunching ${node} ${argv.join(" ")}`);
+                    // Schedule shutdown for after the IPC response goes out. The
+                    // 50ms timeout is plenty for the response to leave; the
+                    // child's own 1s sleep below is the real arbiter.
+                    setTimeout(() => {
+                        try {
+                            // sh -c so we can shell-quote argv safely and use sleep.
+                            // The trailing `&` puts the relauncher into the
+                            // background of sh — sh then exits — and Node's detached
+                            // flag reparents the relauncher to PID 1. Result: a
+                            // fully detached new daemon that inherits our uid/gid.
+                            const cmd = `sleep 1 && exec ${shellQuote([node, ...argv])}`;
+                            const child = spawn("sh", ["-c", cmd], {
+                                detached: true,
+                                stdio: "ignore",
+                                env: process.env,
+                            });
+                            child.unref();
+                        }
+                        catch (err) {
+                            this.logger.error(`Self-restart spawn failed: ${err instanceof Error ? err.message : err}`);
+                        }
+                        // Give the child its 1s head-start, then exit so the
+                        // pidfile and TUN are released before the relauncher tries
+                        // to grab them.
+                        setTimeout(() => process.exit(0), 200);
+                    }, 50);
+                    return { scheduledMs: 250, argv: [node, ...argv] };
+                },
                 diag: async () => {
                     // Snapshot of everything an operator needs to debug why
                     // packets aren't moving: forwarding counters, friend
@@ -218,9 +271,29 @@ export class DaemonServer {
             // 6. Optional dora (DHCP-style) registration. When enabled and the
             // server is reachable, dora hands us a virtual IP and tells us
             // who else is on the network — eliminating the manual ipam.yaml
-            // sync between operators. On any failure we fall through to the
-            // IP already loaded from config + ipam.yaml.
+            // sync between operators.
+            //
+            // Fallback policy when dora is unreachable: DON'T use
+            // config.network.ip blindly. `agentnet init` defaults every
+            // fresh install to 10.86.1.10, so two new peers that can't
+            // reach dora will BOTH claim the same fallback and silently
+            // collide — symptom seen in the wild as packets going to the
+            // wrong daemon and 100% loss to legitimate peers. Use the
+            // deterministic-from-userid IP instead (sha256(userid) → last
+            // two octets of 10.86.X.Y). That guarantees every peer gets a
+            // unique IP keyed off identity, with no shared default to
+            // collide on. If dora comes up later, the
+            // onAllocatedIpChanged callback swaps the TUN to dora's value.
             let tunIp = this.config.network.ip;
+            const ownUserid = this.peerManager.getPubkey();
+            const deterministicFallback = Ipam.deterministicIpForUserid(ownUserid);
+            if (tunIp === "10.86.1.10" || !tunIp) {
+                // The init-default fallback IP — every fresh decentlan installs with
+                // this. Override with a per-identity deterministic value before
+                // dora even gets to try.
+                tunIp = deterministicFallback;
+                this.logger.info(`Using deterministic fallback IP ${tunIp} (derived from userid; avoids the 10.86.1.10 init-default collision)`);
+            }
             if (this.config.dora?.enabled && (this.config.dora.userids?.length ?? 0) > 0) {
                 // Need to be on the Carrier network before dora can talk to its
                 // server. Wait synchronously here — without joinNetwork the
@@ -234,7 +307,11 @@ export class DaemonServer {
                     peerManager: this.peerManager,
                     ipam: this.ipam,
                     nodeName: this.config.node.name,
-                    preferredIp: this.config.network.ip,
+                    // Hand dora our deterministic fallback as the requestedIp so
+                    // a successful register returns the same IP across restarts
+                    // (avoids the dora-stole-someone-else's-IP race that bit us
+                    // when ubuntu was momentarily offline during reallocation).
+                    preferredIp: tunIp,
                     // Fires when dora's background retry eventually succeeds
                     // AFTER the initial bootstrap already returned the fallback
                     // IP. At that point the TUN is up on the fallback (e.g.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@decentnetwork/lan",
-  "version": "0.1.27",
+  "version": "0.1.29",
   "description": "Private virtual LAN for self-hosted services and AI agents, built on Elastos Carrier. NAT-traversal, name service, ACL, all over a peer-to-peer mesh — no public IP required.",
   "type": "module",
   "main": "./dist/index.js",