@geekbeer/minion 2.16.5 → 2.25.0

package/.env.example

@@ -15,8 +15,8 @@ API_TOKEN=
 # Minion ID (optional) - The minion's UUID assigned by HQ
 MINION_ID=
 
-# Agent port (optional, default: 3001)
-AGENT_PORT=3001
+# Agent port (optional, default: 8080)
+AGENT_PORT=8080
 
 # Heartbeat interval in seconds (optional, default: 30)
 HEARTBEAT_INTERVAL=30

package/README.md

@@ -57,7 +57,7 @@ await reportIssue({
 | `HQ_URL` | Minion HQ server URL | - |
 | `API_TOKEN` | Authentication token | - |
 | `MINION_ID` | Minion UUID | - |
-| `AGENT_PORT` | Agent API listen port | `3001` |
+| `AGENT_PORT` | Agent API listen port | `8080` |
 | `HEARTBEAT_INTERVAL` | Heartbeat interval (ms) | `30000` |
 
 ## License

package/api.js

@@ -53,7 +53,7 @@ async function reportExecution(data) {
 /**
  * Report a single workflow step completion to HQ.
  * Called by the post-execution hook after a dispatched skill finishes.
- * @param {object} data - { workflow_execution_id, step_index, status }
+ * @param {object} data - { workflow_execution_id, step_index, status, output_summary? }
  */
 async function reportStepComplete(data) {
   return request('/step-complete', {

package/config.js

@@ -10,7 +10,7 @@
  * (no HQ communication).
  *
  * Other optional environment variables:
- * - AGENT_PORT: Port for the local agent server (default: 3001)
+ * - AGENT_PORT: Port for the local agent server (default: 8080)
  * - MINION_USER: System user running the agent (used to resolve home directory)
  */
 
@@ -44,10 +44,17 @@ const config = {
   MINION_ID: process.env.MINION_ID || '',
 
   // Server settings
-  AGENT_PORT: parseInt(process.env.AGENT_PORT, 10) || 3001,
+  AGENT_PORT: parseInt(process.env.AGENT_PORT, 10) || 8080,
 
   // Resolved home directory (safe for supervisord environments)
   HOME_DIR: resolveHomeDir(),
+
+  // LLM command template (user-configured)
+  // Use {prompt} as placeholder for the prompt text.
+  // Examples:
+  //   LLM_COMMAND="claude -p '{prompt}'"
+  //   LLM_COMMAND="gemini-cli --prompt '{prompt}'"
+  LLM_COMMAND: process.env.LLM_COMMAND || '',
 }
 
 /**
@@ -68,4 +75,11 @@ function validate() {
   }
 }
 
-module.exports = { config, validate, isHqConfigured }
+/**
+ * Check if LLM command is configured
+ */
+function isLlmConfigured() {
+  return !!config.LLM_COMMAND
+}
+
+module.exports = { config, validate, isHqConfigured, isLlmConfigured }

package/docs/api-reference.md

@@ -5,7 +5,7 @@ HQのソースコードを読む必要はありません — 必要な情報は
 
 ---
 
-## Agent API Endpoints (http://localhost:3001)
+## Agent API Endpoints (http://localhost:8080)
 
 Authentication: `Authorization: Bearer $API_TOKEN` header (except where noted).
 

package/docs/task-guides.md

@@ -87,11 +87,11 @@ curl -s -X POST "$HQ_URL/api/minion/workflows" \
 
 ```bash
 # HQからワークフローを取得 (不足スキルも自動fetch)
-curl -s -X POST "http://localhost:3001/api/workflows/fetch/<name>" \
+curl -s -X POST "http://localhost:8080/api/workflows/fetch/<name>" \
   -H "Authorization: Bearer $API_TOKEN"
 
 # ローカルワークフローをHQにpush (スキルも自動push)
-curl -s -X POST "http://localhost:3001/api/workflows/push/<name>" \
+curl -s -X POST "http://localhost:8080/api/workflows/push/<name>" \
   -H "Authorization: Bearer $API_TOKEN"
 ```
 
@@ -128,18 +128,18 @@ curl -s -X PUT "$HQ_URL/api/minion/me/project/<project-id>/context" \
 
 ```bash
 # 最近の実行一覧
-curl -s "http://localhost:3001/api/executions?limit=10" \
+curl -s "http://localhost:8080/api/executions?limit=10" \
   -H "Authorization: Bearer $API_TOKEN"
 
 # 特定の実行ログ
-curl -s "http://localhost:3001/api/executions/<id>/log" \
+curl -s "http://localhost:8080/api/executions/<id>/log" \
   -H "Authorization: Bearer $API_TOKEN"
 ```
 
 ### 実行結果の報告
 
 ```bash
-curl -s -X POST "http://localhost:3001/api/executions/<id>/outcome" \
+curl -s -X POST "http://localhost:8080/api/executions/<id>/outcome" \
   -H "Content-Type: application/json" \
   -d '{
     "outcome": "success",
@@ -199,11 +199,11 @@ minion-cli skill fetch <name>
 
 ```bash
 # ローカルワークフロー一覧 (next_run を確認)
-curl -s "http://localhost:3001/api/workflows" \
+curl -s "http://localhost:8080/api/workflows" \
   -H "Authorization: Bearer $API_TOKEN"
 
 # 手動トリガー
-curl -s -X POST "http://localhost:3001/api/workflows/trigger" \
+curl -s -X POST "http://localhost:8080/api/workflows/trigger" \
   -H "Authorization: Bearer $API_TOKEN" \
   -H "Content-Type: application/json" \
   -d '{ "workflow_id": "<workflow-uuid>" }'

package/lib/llm-checker.js

@@ -2,12 +2,13 @@
  * LLM Service authentication checker
  *
  * Detects whether supported LLM CLIs are authenticated and ready to use.
- * CLIs are pre-installed on all minions; this module only checks auth status.
+ * Also checks whether LLM_COMMAND is configured for workflow/routine execution.
  * Results are cached in memory for 60 seconds to avoid excessive filesystem checks.
  */
 
 const fs = require('fs')
 const path = require('path')
+const { execSync } = require('child_process')
 const { config } = require('../config')
 
 const CACHE_TTL_MS = 60000
@@ -15,11 +16,28 @@ const CACHE_TTL_MS = 60000
 let cachedResult = null
 let cachedAt = 0
 
+/**
+ * Build extended PATH that includes common Claude CLI installation locations
+ */
+function getExtendedPath() {
+  const additionalPaths = [
+    path.join(config.HOME_DIR, '.local', 'bin'),
+    path.join(config.HOME_DIR, 'bin'),
+    path.join(config.HOME_DIR, '.npm-global', 'bin'),
+    path.join(config.HOME_DIR, '.claude', 'bin'),
+    '/usr/local/bin',
+  ]
+  return [...additionalPaths, process.env.PATH || '/usr/bin:/bin'].join(':')
+}
+
 /**
  * Check Claude Code authentication.
- * Claude stores OAuth credentials in ~/.claude/.credentials.json
+ * First checks known credential file locations (fast path),
+ * then falls back to `claude auth whoami` CLI command for newer CLI versions
+ * that may store credentials differently.
  */
 function isClaudeAuthenticated() {
+  // Fast path: check known credential file locations
   const candidates = [
     path.join(config.HOME_DIR, '.claude', '.credentials.json'),
     path.join(config.HOME_DIR, '.claude', 'credentials.json'),
@@ -35,7 +53,24 @@ function isClaudeAuthenticated() {
       // Invalid JSON or read error — not authenticated
     }
   }
-  return false
+
+  // Fallback: check via claude CLI command (handles newer credential storage)
+  try {
+    const claudePath = path.join(config.HOME_DIR, '.local', 'bin', 'claude')
+    const claudeBin = fs.existsSync(claudePath) ? claudePath : 'claude'
+    execSync(`${claudeBin} auth whoami`, {
+      encoding: 'utf-8',
+      timeout: 5000,
+      stdio: 'pipe',
+      env: {
+        HOME: config.HOME_DIR,
+        PATH: getExtendedPath(),
+      },
+    })
+    return true
+  } catch {
+    return false
+  }
 }
 
 /**
@@ -89,10 +124,18 @@ const SERVICE_DEFINITIONS = [
   { name: 'codex', display_name: 'Codex', check: isCodexAuthenticated },
 ]
 
+/**
+ * Check if LLM_COMMAND is configured for workflow/routine execution.
+ */
+function isLlmCommandConfigured() {
+  return !!config.LLM_COMMAND
+}
+
 /**
  * Get authenticated LLM services (cached for 60s).
- * Returns all services with their authentication status.
- * @returns {{ name: string, display_name: string, authenticated: boolean }[]}
+ * Returns all services with their authentication status,
+ * plus whether LLM_COMMAND is configured.
+ * @returns {{ services: { name: string, display_name: string, authenticated: boolean }[], llm_command_configured: boolean }}
  */
 function getLlmServices() {
   const now = Date.now()
@@ -117,4 +160,4 @@ function clearLlmCache() {
   cachedAt = 0
 }
 
-module.exports = { getLlmServices, clearLlmCache }
+module.exports = { getLlmServices, clearLlmCache, isLlmCommandConfigured }

package/minion-cli.sh

@@ -5,6 +5,7 @@
 #
 # Usage:
 #   sudo minion-cli setup [options]          # Set up minion agent service (root)
+#   sudo minion-cli reconfigure [options]    # Re-register with new HQ credentials (root)
 #   sudo minion-cli start                    # Start agent service (root)
 #   sudo minion-cli stop                     # Stop agent service (root)
 #   sudo minion-cli restart                  # Restart agent service (root)
@@ -86,7 +87,7 @@ svc_control() {
   esac
 }
 
-AGENT_URL="${MINION_AGENT_URL:-http://localhost:3001}"
+AGENT_URL="${MINION_AGENT_URL:-http://localhost:8080}"
 
 # Auto-load .env so that API_TOKEN etc. are available in interactive shells
 ENV_FILE="/opt/minion-agent/.env"
@@ -279,11 +280,12 @@ do_setup() {
     ENV_CONTENT+="MINION_ID=${MINION_ID}\n"
   fi
 
-  ENV_CONTENT+="AGENT_PORT=3001\n"
+  ENV_CONTENT+="AGENT_PORT=8080\n"
   ENV_CONTENT+="HEARTBEAT_INTERVAL=30\n"
   ENV_CONTENT+="MINION_USER=${TARGET_USER}\n"
 
   echo -e "$ENV_CONTENT" | $SUDO tee /opt/minion-agent/.env > /dev/null
+  $SUDO chown "${TARGET_USER}:${TARGET_USER}" /opt/minion-agent/.env
   echo "  -> /opt/minion-agent/.env generated"
 
   # Step 5: Configure sudoers for agent user
@@ -581,7 +583,7 @@ SUPEOF
   local SUCCESS=false
 
   for i in $(seq 1 $RETRIES); do
-    if curl -sf http://localhost:3001/api/health > /dev/null 2>&1; then
+    if curl -sf http://localhost:8080/api/health > /dev/null 2>&1; then
       SUCCESS=true
       break
     fi
@@ -649,10 +651,12 @@ SUPEOF
       exit 1
     fi
 
-    # Install cloudflared if not present
+    # Install cloudflared if not present (architecture-aware)
     if ! command -v cloudflared &>/dev/null; then
       echo "  Installing cloudflared..."
-      curl -fsSL https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb \
+      local CF_ARCH
+      CF_ARCH=$(dpkg --print-architecture 2>/dev/null || echo "amd64")
+      curl -fsSL "https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-${CF_ARCH}.deb" \
         -o /tmp/cloudflared.deb
       $SUDO dpkg -i /tmp/cloudflared.deb
       rm -f /tmp/cloudflared.deb
@@ -688,10 +692,36 @@ SUPEOF
       echo "$CONFIG_YML" | $SUDO tee /etc/cloudflared/config.yml > /dev/null
       echo "  -> /etc/cloudflared/config.yml saved"
 
-      # Install and start cloudflared service
-      $SUDO cloudflared service install 2>/dev/null || true
-      $SUDO systemctl enable cloudflared 2>/dev/null || true
-      $SUDO systemctl start cloudflared 2>/dev/null || true
+      # Install and start cloudflared service (process-manager aware)
+      case "$PROC_MGR" in
+        systemd)
+          $SUDO cloudflared service install 2>/dev/null || true
+          $SUDO systemctl enable cloudflared 2>/dev/null || true
+          $SUDO systemctl start cloudflared 2>/dev/null || true
+          ;;
+        supervisord)
+          # Create supervisord config for cloudflared
+          $SUDO tee /etc/supervisor/conf.d/cloudflared.conf > /dev/null <<CFEOF
+[program:cloudflared]
+command=/usr/bin/cloudflared tunnel --config /etc/cloudflared/config.yml run
+autorestart=true
+priority=150
+startsecs=5
+stdout_logfile=/var/log/supervisor/cloudflared.log
+stderr_logfile=/var/log/supervisor/cloudflared.log
+CFEOF
+          # Reload supervisord if running
+          if $SUDO supervisorctl status &>/dev/null; then
+            $SUDO supervisorctl reread
+            $SUDO supervisorctl update
+          fi
+          ;;
+        *)
+          echo "  WARNING: No supported process manager for cloudflared"
+          echo "  You may need to start cloudflared manually:"
+          echo "  cloudflared tunnel --config /etc/cloudflared/config.yml run"
+          ;;
+      esac
       echo "  -> cloudflared tunnel configured and started"
     fi
   fi
@@ -701,10 +731,12 @@ SUPEOF
     echo ""
     echo "Notifying HQ of setup completion..."
     local NOTIFY_RESPONSE
+    local HOSTNAME_VAL
+    HOSTNAME_VAL=$(hostname 2>/dev/null || echo "")
     NOTIFY_RESPONSE=$(curl -sfL -X POST "${HQ_URL}/api/minion/setup-complete" \
       -H "Content-Type: application/json" \
       -H "Authorization: Bearer ${API_TOKEN}" \
-      -d "{}" 2>&1) || true
+      -d "{\"internal_ip_address\":\"${HOSTNAME_VAL}\"}" 2>&1) || true
 
     if echo "$NOTIFY_RESPONSE" | grep -q '"success":true' 2>/dev/null; then
       echo "  -> HQ notified successfully"
@@ -732,6 +764,177 @@ SUPEOF
   fi
 }
 
+# ============================================================
+# reconfigure subcommand
+# ============================================================
+do_reconfigure() {
+  local HQ_URL=""
+  local MINION_ID=""
+  local API_TOKEN=""
+
+  # Parse arguments
+  while [[ $# -gt 0 ]]; do
+    case "$1" in
+      --hq-url)
+        HQ_URL="$2"
+        shift 2
+        ;;
+      --minion-id)
+        MINION_ID="$2"
+        shift 2
+        ;;
+      --api-token)
+        API_TOKEN="$2"
+        shift 2
+        ;;
+      *)
+        echo "Unknown option: $1"
+        echo "Usage: sudo minion-cli reconfigure --hq-url <URL> --minion-id <UUID> --api-token <TOKEN>"
+        exit 1
+        ;;
+    esac
+  done
+
+  # Validate required arguments
+  if [ -z "$HQ_URL" ] || [ -z "$MINION_ID" ] || [ -z "$API_TOKEN" ]; then
+    echo "ERROR: All three options are required: --hq-url, --minion-id, --api-token"
+    echo "Usage: sudo minion-cli reconfigure --hq-url <URL> --minion-id <UUID> --api-token <TOKEN>"
+    exit 1
+  fi
+
+  # Check that .env exists (setup must have been run before)
+  if [ ! -f /opt/minion-agent/.env ]; then
+    echo "ERROR: /opt/minion-agent/.env not found."
+    echo "It looks like minion-cli setup has not been run on this server."
+    echo "Please run 'sudo minion-cli setup' first for initial installation."
+    exit 1
+  fi
+
+  echo "========================================="
+  echo " @geekbeer/minion Reconfigure"
+  echo "========================================="
+  echo "HQ: $HQ_URL"
+  echo "Minion ID: $MINION_ID"
+  echo ""
+
+  # Step 1: Read existing .env and preserve non-credential keys
+  echo "[1/4] Updating .env credentials..."
+  local ENV_CONTENT=""
+  ENV_CONTENT+="# Minion Agent Configuration\n"
+  ENV_CONTENT+="# Reconfigured by minion-cli reconfigure\n\n"
+  ENV_CONTENT+="HQ_URL=${HQ_URL}\n"
+  ENV_CONTENT+="API_TOKEN=${API_TOKEN}\n"
+  ENV_CONTENT+="MINION_ID=${MINION_ID}\n"
+
+  # Preserve non-credential keys from existing .env
+  while IFS='=' read -r key value; do
+    [[ -z "$key" || "$key" == \#* ]] && continue
+    case "$key" in
+      HQ_URL|API_TOKEN|MINION_ID) ;; # Skip — already set above
+      *) ENV_CONTENT+="${key}=${value}\n" ;;
+    esac
+  done < /opt/minion-agent/.env
+
+  echo -e "$ENV_CONTENT" | $SUDO tee /opt/minion-agent/.env > /dev/null
+  echo "  -> /opt/minion-agent/.env updated"
+
+  # Step 2: Update process manager config & restart service
+  echo "[2/4] Restarting minion-agent service..."
+  if [ -z "$PROC_MGR" ]; then
+    echo "  WARNING: No supported process manager found"
+    echo "  Please restart the minion-agent service manually"
+  elif [ "$PROC_MGR" = "supervisord" ]; then
+    # supervisord bakes env vars into conf — must regenerate
+    local CONF_FILE="/etc/supervisor/conf.d/minion-agent.conf"
+    if [ -f "$CONF_FILE" ]; then
+      # Read current conf to preserve command, user, and other settings
+      local CURRENT_COMMAND
+      CURRENT_COMMAND=$(grep '^command=' "$CONF_FILE" | head -1)
+      local CURRENT_DIRECTORY
+      CURRENT_DIRECTORY=$(grep '^directory=' "$CONF_FILE" | head -1)
+      local CURRENT_USER_LINE
+      CURRENT_USER_LINE=$(grep '^user=' "$CONF_FILE" || echo "")
+
+      # Rebuild environment line from updated .env
+      local ENV_LINE="environment="
+      # Detect home dir for the service user
+      local SVC_USER
+      SVC_USER=$(echo "$CURRENT_USER_LINE" | sed 's/user=//')
+      local SVC_HOME="$HOME"
+      if [ -n "$SVC_USER" ]; then
+        SVC_HOME=$(getent passwd "$SVC_USER" | cut -d: -f6 || echo "$HOME")
+      fi
+      local ENV_PAIRS=("HOME=\"${SVC_HOME}\"" "DISPLAY=\":99\"")
+      while IFS='=' read -r key value; do
+        [[ -z "$key" || "$key" == \#* ]] && continue
+        ENV_PAIRS+=("${key}=\"${value}\"")
+      done < /opt/minion-agent/.env
+      ENV_LINE+="$(IFS=,; echo "${ENV_PAIRS[*]}")"
+
+      $SUDO tee "$CONF_FILE" > /dev/null <<SUPEOF
+[program:minion-agent]
+${CURRENT_COMMAND}
+${CURRENT_DIRECTORY}
+${CURRENT_USER_LINE}
+${ENV_LINE}
+autorestart=true
+priority=500
+startsecs=3
+stdout_logfile=/var/log/supervisor/minion-agent.log
+stderr_logfile=/var/log/supervisor/minion-agent.log
+SUPEOF
+      echo "  -> supervisord conf updated"
+    fi
+    $SUDO supervisorctl reread > /dev/null 2>&1
+    $SUDO supervisorctl update > /dev/null 2>&1
+    echo "  -> minion-agent restarted (supervisord)"
+  else
+    # systemd reads .env via EnvironmentFile — just restart
+    svc_control restart
+    echo "  -> minion-agent restarted (systemd)"
+  fi
+
+  # Step 3: Health check
+  echo "[3/4] Verifying agent health..."
+  local HEALTH_OK=false
+  for i in $(seq 1 5); do
+    if curl -sf http://localhost:8080/api/health > /dev/null 2>&1; then
+      HEALTH_OK=true
+      break
+    fi
+    sleep 2
+  done
+  if [ "$HEALTH_OK" = true ]; then
+    echo "  -> Agent is healthy"
+  else
+    echo "  WARNING: Agent health check failed after 5 attempts"
+    echo "  Check logs for details"
+  fi
+
+  # Step 4: Notify HQ (best-effort — heartbeat will also notify automatically)
+  echo "[4/4] Notifying HQ..."
+  local NOTIFY_RESPONSE
+  local HOSTNAME_VAL
+  HOSTNAME_VAL=$(hostname 2>/dev/null || echo "")
+  NOTIFY_RESPONSE=$(curl -sfL -X POST "${HQ_URL}/api/minion/setup-complete" \
+    -H "Content-Type: application/json" \
+    -H "Authorization: Bearer ${API_TOKEN}" \
+    -d "{\"internal_ip_address\":\"${HOSTNAME_VAL}\"}" 2>&1) || true
+
+  if echo "$NOTIFY_RESPONSE" | grep -q '"success":true' 2>/dev/null; then
+    echo "  -> HQ notified successfully"
+  else
+    echo "  -> Skipped (heartbeat will notify HQ within 30s)"
+  fi
+
+  echo ""
+  echo "========================================="
+  echo " Reconfigure Complete!"
+  echo "========================================="
+  echo ""
+  echo "The minion should appear online in HQ shortly."
+}
+
 # ============================================================
 # Main command dispatch
 # ============================================================
@@ -745,6 +948,12 @@ case "${1:-}" in
     do_setup "$@"
     ;;
 
+  reconfigure)
+    require_root reconfigure
+    shift
+    do_reconfigure "$@"
+    ;;
+
   status)
     curl -s "$AGENT_URL/api/status" | jq .
     ;;
@@ -835,6 +1044,7 @@ case "${1:-}" in
     echo ""
     echo "Usage:"
     echo "  sudo minion-cli setup [options]           # Set up agent service (root)"
+    echo "  sudo minion-cli reconfigure [options]     # Re-register with new HQ credentials (root)"
     echo "  sudo minion-cli start                     # Start agent service (root)"
     echo "  sudo minion-cli stop                      # Stop agent service (root)"
     echo "  sudo minion-cli restart                   # Restart agent service (root)"
@@ -851,9 +1061,14 @@ case "${1:-}" in
     echo "  --api-token <TOKEN>   API token (optional)"
     echo "  --setup-tunnel        Set up cloudflared tunnel (requires --hq-url, --api-token)"
     echo ""
+    echo "Reconfigure options:"
+    echo "  --hq-url <URL>        HQ server URL (required)"
+    echo "  --minion-id <UUID>    Minion ID (required)"
+    echo "  --api-token <TOKEN>   API token (required)"
+    echo ""
     echo "Status values: online, offline, busy"
     echo ""
     echo "Environment:"
-    echo "  MINION_AGENT_URL  Agent URL (default: http://localhost:3001)"
+    echo "  MINION_AGENT_URL  Agent URL (default: http://localhost:8080)"
     ;;
 esac

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@geekbeer/minion",
-  "version": "2.16.5",
+  "version": "2.25.0",
   "description": "AI Agent runtime for Minion - manages status and skill deployment on VPS",
   "main": "server.js",
   "bin": {

package/roles/pm.md

@@ -25,7 +25,7 @@
 ポイント:
 - HQの責務は「executionレコードを作る（指示書発行）」だけ
 - 各ミニオンは自分の担当ステップだけをポーリングして実行
-- ミニオンエージェント（Port 3001）が軽量HTTPポーリングを行い、pending検知時のみClaude Codeを起動
+- ミニオンエージェント（Port 8080）が軽量HTTPポーリングを行い、pending検知時のみClaude Codeを起動
 
 ## Workflow 管理