@geekbeer/minion 2.58.1 → 2.60.0

package/core/lib/permissions.js

@@ -0,0 +1,279 @@
+/**
+ * CLI Permission Abstraction Layer
+ *
+ * Provides a unified interface for reading/writing permission configurations
+ * across multiple AI coding CLI tools:
+ * - Claude Code: ~/.claude/settings.local.json (JSON)
+ * - Gemini CLI: ~/.gemini/settings.json (JSON)
+ * - Codex CLI: ~/.codex/config.toml (TOML)
+ */
+
+const fs = require('fs')
+const path = require('path')
+
+// ── CLI Definitions ──────────────────────────────────────────────────────────
+
+const CLI_DEFS = {
+  'claude-code': {
+    label: 'Claude Code',
+    configDir: '.claude',
+    // Read from settings.json (bundled sync target) + merge settings.local.json (user overrides)
+    readFiles: ['settings.json', 'settings.local.json'],
+    // Write to settings.local.json to survive server restarts (settings.json is overwritten by syncPermissions)
+    writeFile: 'settings.local.json',
+    format: 'json',
+  },
+  'gemini': {
+    label: 'Gemini CLI',
+    configDir: '.gemini',
+    readFiles: ['settings.json'],
+    writeFile: 'settings.json',
+    format: 'json',
+  },
+  'codex': {
+    label: 'Codex CLI',
+    configDir: '.codex',
+    readFiles: ['config.toml'],
+    writeFile: 'config.toml',
+    format: 'toml',
+  },
+}
+
+// ── TOML Helpers (minimal, for Codex config.toml) ────────────────────────────
+
+/**
+ * Parse a minimal TOML file to extract permissions.allow and permissions.deny arrays.
+ * Only supports the subset needed for Codex CLI config.
+ */
+function parseTomlPermissions(content) {
+  const allow = []
+  const deny = []
+
+  let currentSection = ''
+  for (const rawLine of content.split('\n')) {
+    const line = rawLine.trim()
+    if (!line || line.startsWith('#')) continue
+
+    // Section header: [permissions] or [permissions.default] etc.
+    const sectionMatch = line.match(/^\[([^\]]+)\]$/)
+    if (sectionMatch) {
+      currentSection = sectionMatch[1]
+      continue
+    }
+
+    if (currentSection !== 'permissions') continue
+
+    // Key = value
+    const kvMatch = line.match(/^(\w+)\s*=\s*(.+)$/)
+    if (!kvMatch) continue
+    const [, key, rawValue] = kvMatch
+
+    if (key === 'allow' || key === 'deny') {
+      const arr = parseTomlArray(rawValue)
+      if (key === 'allow') allow.push(...arr)
+      else deny.push(...arr)
+    }
+  }
+
+  return { allow, deny }
+}
+
+/**
+ * Parse a TOML inline array: ["a", "b", "c"]
+ */
+function parseTomlArray(raw) {
+  const trimmed = raw.trim()
+  if (!trimmed.startsWith('[') || !trimmed.endsWith(']')) return []
+  const inner = trimmed.slice(1, -1)
+  const items = []
+  // Match quoted strings
+  const re = /"([^"]*?)"|'([^']*?)'/g
+  let m
+  while ((m = re.exec(inner)) !== null) {
+    items.push(m[1] ?? m[2])
+  }
+  return items
+}
+
+/**
+ * Write permissions into a TOML file, preserving non-permissions content.
+ */
+function writeTomlPermissions(existingContent, { allow, deny }) {
+  const lines = existingContent ? existingContent.split('\n') : []
+  const outputLines = []
+  let inPermissionsSection = false
+  let permissionsWritten = false
+
+  for (const line of lines) {
+    const trimmed = line.trim()
+    const sectionMatch = trimmed.match(/^\[([^\]]+)\]$/)
+
+    if (sectionMatch) {
+      if (sectionMatch[1] === 'permissions') {
+        inPermissionsSection = true
+        // Write our new permissions section
+        outputLines.push('[permissions]')
+        outputLines.push(`allow = [${allow.map(s => `"${s}"`).join(', ')}]`)
+        outputLines.push(`deny = [${deny.map(s => `"${s}"`).join(', ')}]`)
+        permissionsWritten = true
+        continue
+      } else {
+        inPermissionsSection = false
+      }
+    }
+
+    if (inPermissionsSection) continue // skip old permission lines
+    outputLines.push(line)
+  }
+
+  // If no existing [permissions] section, append one
+  if (!permissionsWritten) {
+    if (outputLines.length > 0 && outputLines[outputLines.length - 1] !== '') {
+      outputLines.push('')
+    }
+    outputLines.push('[permissions]')
+    outputLines.push(`allow = [${allow.map(s => `"${s}"`).join(', ')}]`)
+    outputLines.push(`deny = [${deny.map(s => `"${s}"`).join(', ')}]`)
+  }
+
+  return outputLines.join('\n')
+}
+
+// ── JSON Helpers ─────────────────────────────────────────────────────────────
+
+function readJsonPermissions(filePath) {
+  try {
+    const content = fs.readFileSync(filePath, 'utf-8')
+    const data = JSON.parse(content)
+    const perms = data.permissions || {}
+    return {
+      allow: Array.isArray(perms.allow) ? perms.allow : [],
+      deny: Array.isArray(perms.deny) ? perms.deny : [],
+    }
+  } catch {
+    return { allow: [], deny: [] }
+  }
+}
+
+function writeJsonPermissions(filePath, { allow, deny }) {
+  let data = {}
+  try {
+    data = JSON.parse(fs.readFileSync(filePath, 'utf-8'))
+  } catch {
+    // File doesn't exist or is invalid — start fresh
+  }
+  data.permissions = { allow, deny }
+  fs.mkdirSync(path.dirname(filePath), { recursive: true })
+  fs.writeFileSync(filePath, JSON.stringify(data, null, 2) + '\n', 'utf-8')
+}
+
+// ── Public API ───────────────────────────────────────────────────────────────
+
+/**
+ * Detect which CLIs have config directories present.
+ * @param {string} homeDir
+ * @returns {string[]} Array of cli_type strings
+ */
+function detectInstalledClis(homeDir) {
+  return Object.entries(CLI_DEFS)
+    .filter(([, def]) => fs.existsSync(path.join(homeDir, def.configDir)))
+    .map(([type]) => type)
+}
+
+/**
+ * Read effective permissions for a specific CLI.
+ * For Claude Code, merges settings.json + settings.local.json.
+ * @param {string} homeDir
+ * @param {string} cliType
+ * @returns {{ cli_type: string, label: string, allow: string[], deny: string[], config_path: string } | null}
+ */
+function getPermissions(homeDir, cliType) {
+  const def = CLI_DEFS[cliType]
+  if (!def) return null
+
+  const configDir = path.join(homeDir, def.configDir)
+  if (!fs.existsSync(configDir)) return null
+
+  let mergedAllow = []
+  let mergedDeny = []
+
+  for (const file of def.readFiles) {
+    const filePath = path.join(configDir, file)
+    if (!fs.existsSync(filePath)) continue
+
+    if (def.format === 'json') {
+      const perms = readJsonPermissions(filePath)
+      // Later files override earlier ones (settings.local.json overrides settings.json)
+      if (perms.allow.length > 0 || perms.deny.length > 0) {
+        mergedAllow = perms.allow
+        mergedDeny = perms.deny
+      }
+    } else if (def.format === 'toml') {
+      try {
+        const content = fs.readFileSync(filePath, 'utf-8')
+        const perms = parseTomlPermissions(content)
+        if (perms.allow.length > 0 || perms.deny.length > 0) {
+          mergedAllow = perms.allow
+          mergedDeny = perms.deny
+        }
+      } catch {
+        // Skip unreadable files
+      }
+    }
+  }
+
+  return {
+    cli_type: cliType,
+    label: def.label,
+    allow: mergedAllow,
+    deny: mergedDeny,
+    config_path: path.join(configDir, def.writeFile),
+  }
+}
+
+/**
+ * Read permissions for all detected CLIs.
+ * @param {string} homeDir
+ * @returns {Array<{ cli_type: string, label: string, allow: string[], deny: string[], config_path: string }>}
+ */
+function getAllPermissions(homeDir) {
+  const results = []
+  for (const cliType of Object.keys(CLI_DEFS)) {
+    const perms = getPermissions(homeDir, cliType)
+    if (perms) results.push(perms)
+  }
+  return results
+}
+
+/**
+ * Update permissions for a specific CLI.
+ * @param {string} homeDir
+ * @param {string} cliType
+ * @param {{ allow: string[], deny: string[] }} permissions
+ */
+function setPermissions(homeDir, cliType, { allow, deny }) {
+  const def = CLI_DEFS[cliType]
+  if (!def) throw new Error(`Unsupported CLI type: ${cliType}`)
+
+  const configDir = path.join(homeDir, def.configDir)
+  const filePath = path.join(configDir, def.writeFile)
+
+  fs.mkdirSync(configDir, { recursive: true })
+
+  if (def.format === 'json') {
+    writeJsonPermissions(filePath, { allow, deny })
+  } else if (def.format === 'toml') {
+    let existing = ''
+    try { existing = fs.readFileSync(filePath, 'utf-8') } catch {}
+    const newContent = writeTomlPermissions(existing, { allow, deny })
+    fs.writeFileSync(filePath, newContent, 'utf-8')
+  }
+}
+
+module.exports = {
+  detectInstalledClis,
+  getPermissions,
+  getAllPermissions,
+  setPermissions,
+  CLI_DEFS,
+}

package/core/routes/permissions.js

@@ -0,0 +1,93 @@
+/**
+ * Permission management endpoints
+ *
+ * Provides read/write access to CLI tool permission configurations.
+ * Supports Claude Code, Gemini CLI, and Codex CLI.
+ *
+ * Endpoints:
+ *   GET  /api/config/permissions           - Get permissions for all detected CLIs
+ *   GET  /api/config/permissions/:cli_type - Get permissions for a specific CLI
+ *   POST /api/config/permissions           - Update permissions for a specific CLI
+ */
+
+const { verifyToken } = require('../lib/auth')
+const { config } = require('../config')
+const { getAllPermissions, getPermissions, setPermissions, CLI_DEFS } = require('../lib/permissions')
+
+/**
+ * Register permission routes as Fastify plugin
+ * @param {import('fastify').FastifyInstance} fastify
+ */
+async function permissionRoutes(fastify) {
+
+  // GET /api/config/permissions - Get permissions for all detected CLIs
+  fastify.get('/api/config/permissions', async (request, reply) => {
+    if (!verifyToken(request)) {
+      reply.code(401)
+      return { success: false, error: 'Unauthorized' }
+    }
+
+    const permissions = getAllPermissions(config.HOME_DIR)
+    return { success: true, permissions }
+  })
+
+  // GET /api/config/permissions/:cli_type - Get permissions for a specific CLI
+  fastify.get('/api/config/permissions/:cli_type', async (request, reply) => {
+    if (!verifyToken(request)) {
+      reply.code(401)
+      return { success: false, error: 'Unauthorized' }
+    }
+
+    const { cli_type } = request.params
+    if (!CLI_DEFS[cli_type]) {
+      reply.code(400)
+      return { success: false, error: `Unsupported CLI type: ${cli_type}. Supported: ${Object.keys(CLI_DEFS).join(', ')}` }
+    }
+
+    const perms = getPermissions(config.HOME_DIR, cli_type)
+    if (!perms) {
+      reply.code(404)
+      return { success: false, error: `CLI ${cli_type} is not installed on this minion` }
+    }
+
+    return { success: true, ...perms }
+  })
+
+  // POST /api/config/permissions - Update permissions for a specific CLI
+  fastify.post('/api/config/permissions', async (request, reply) => {
+    if (!verifyToken(request)) {
+      reply.code(401)
+      return { success: false, error: 'Unauthorized' }
+    }
+
+    const { cli_type, allow, deny } = request.body || {}
+
+    if (!cli_type) {
+      reply.code(400)
+      return { success: false, error: 'cli_type is required' }
+    }
+    if (!CLI_DEFS[cli_type]) {
+      reply.code(400)
+      return { success: false, error: `Unsupported CLI type: ${cli_type}. Supported: ${Object.keys(CLI_DEFS).join(', ')}` }
+    }
+    if (!Array.isArray(allow) || !Array.isArray(deny)) {
+      reply.code(400)
+      return { success: false, error: 'allow and deny must be arrays' }
+    }
+
+    try {
+      setPermissions(config.HOME_DIR, cli_type, { allow, deny })
+
+      // Read back effective permissions to confirm
+      const updated = getPermissions(config.HOME_DIR, cli_type)
+      console.log(`[Permissions] Updated ${cli_type}: allow=${allow.length}, deny=${deny.length}`)
+
+      return { success: true, ...updated }
+    } catch (err) {
+      reply.code(500)
+      return { success: false, error: err.message }
+    }
+  })
+}
+
+module.exports = { permissionRoutes }

package/docs/api-reference.md

@@ -204,6 +204,46 @@ Changes via the config API take effect immediately (no restart required).
 
 Allowed keys: `LLM_COMMAND`, `REFLECTION_TIME`
 
+### Permissions
+
+CLIツール（Claude Code, Gemini CLI, Codex CLI）のパーミッション管理。
+CLIツールは自身の設定ファイルを直接編集できないため、このAPIを経由して更新する。
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| GET | `/api/config/permissions` | Get permissions for all detected CLIs |
+| GET | `/api/config/permissions/:cli_type` | Get permissions for a specific CLI |
+| POST | `/api/config/permissions` | Update permissions. Body: `{cli_type, allow, deny}` |
+
+Supported `cli_type`: `claude-code`, `gemini`, `codex`
+
+**GET response**:
+```json
+{
+  "success": true,
+  "permissions": [
+    {
+      "cli_type": "claude-code",
+      "label": "Claude Code",
+      "allow": ["Bash", "Read", "Write", "Edit"],
+      "deny": ["Bash(sudo *)"],
+      "config_path": "/home/minion/.claude/settings.local.json"
+    }
+  ]
+}
+```
+
+**POST body**:
+```json
+{
+  "cli_type": "claude-code",
+  "allow": ["Bash", "Read", "Write", "Edit", "WebSearch"],
+  "deny": ["Bash(sudo *)", "Bash(rm -rf *)"]
+}
+```
+
+Note: Claude Code の場合、書き込み先は `settings.local.json`（サーバー再起動時に上書きされない）。
+
 ### Commands
 
 | Method | Endpoint | Description |

package/linux/minion-cli.sh

@@ -320,6 +320,9 @@ do_setup() {
     local SUDOERS_FILE="/etc/sudoers.d/minion-agent"
 
     {
+      # Fail immediately instead of prompting for password (safety net for LLM agents)
+      echo "Defaults:${TARGET_USER} passwd_tries=0"
+      echo ""
       echo "${TARGET_USER} ALL=(root) NOPASSWD: ${NPM_BIN} install -g @geekbeer/minion@latest"
       echo "${TARGET_USER} ALL=(root) NOPASSWD: ${NPM_BIN} install -g @geekbeer/minion@latest --registry *"
       echo "${TARGET_USER} ALL=(root) NOPASSWD: /usr/bin/apt-get install *"

package/linux/server.js

@@ -67,6 +67,7 @@ const { variableRoutes } = require('../core/routes/variables')
 const { memoryRoutes } = require('../core/routes/memory')
 const { dailyLogRoutes } = require('../core/routes/daily-logs')
 const { sudoersRoutes } = require('../core/routes/sudoers')
+const { permissionRoutes } = require('../core/routes/permissions')
 
 // Linux-specific routes
 const { commandRoutes, getProcessManager, getAllowedCommands } = require('./routes/commands')
@@ -268,6 +269,7 @@ async function registerAllRoutes(app) {
   await app.register(memoryRoutes)
   await app.register(dailyLogRoutes)
   await app.register(sudoersRoutes)
+  await app.register(permissionRoutes)
 
   // Linux-specific routes
   await app.register(commandRoutes)

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@geekbeer/minion",
-  "version": "2.58.1",
+  "version": "2.60.0",
   "description": "AI Agent runtime for Minion - manages status and skill deployment on VPS",
   "main": "linux/server.js",
   "bin": {

package/rules/core.md

@@ -7,6 +7,7 @@ You are an AI agent running on a Minion VPS, managed by @geekbeer/minion.
 - **HQサーバーのソースコードを読みに行く必要はありません。** 必要なAPI仕様はすべてドキュメントに記載されています。
 - API の詳細仕様が必要な場合は `~/.minion/docs/api-reference.md` を参照してください。
 - タスクの手順が不明な場合は `~/.minion/docs/task-guides.md` を参照してください。
+- **`sudo` を使用しないこと。** 必要なツール・ライブラリはすべてセットアップ済みです。`sudo` はパスワード未設定のため実行できません。パッケージのインストールや環境構築が必要に見える場合でも、既にインストール済みであることを前提に作業を進めてください。
 
 ## Architecture
 
@@ -44,7 +45,27 @@ minion-cli --version                      # バージョン確認
 
 `http://localhost:8080` — 認証: `Authorization: Bearer $API_TOKEN`
 
-主なカテゴリ: Health, Skills, Workflows, Executions, Terminal, Files, Commands
+主なカテゴリ: Health, Skills, Workflows, Executions, Terminal, Files, Commands, Permissions
+
+#### Permission Management
+
+CLIツール（Claude Code, Gemini CLI, Codex CLI）のパーミッション（allow/denyリスト）をAPI経由で読み書きできる。
+CLIツールは自身の設定ファイルを直接編集できないため、このAPIを使用すること。
+
+```bash
+# 全CLIのパーミッション取得
+curl -H "Authorization: Bearer $API_TOKEN" http://localhost:8080/api/config/permissions
+
+# 特定CLIのパーミッション取得
+curl -H "Authorization: Bearer $API_TOKEN" http://localhost:8080/api/config/permissions/claude-code
+
+# パーミッション更新
+curl -X POST -H "Authorization: Bearer $API_TOKEN" -H "Content-Type: application/json" \
+  http://localhost:8080/api/config/permissions \
+  -d '{"cli_type": "claude-code", "allow": ["Bash", "Read", "Write", "Edit"], "deny": ["Bash(sudo *)"]}'
+```
+
+対応CLI: `claude-code` (.claude/settings.local.json), `gemini` (.gemini/settings.json), `codex` (.codex/config.toml)
 
 ### HQ API
 

package/win/server.js

@@ -50,6 +50,7 @@ const { authRoutes } = require('../core/routes/auth')
 const { variableRoutes } = require('../core/routes/variables')
 const { memoryRoutes } = require('../core/routes/memory')
 const { dailyLogRoutes } = require('../core/routes/daily-logs')
+const { permissionRoutes } = require('../core/routes/permissions')
 
 // Validate configuration
 validate()
@@ -201,6 +202,7 @@ async function registerRoutes(app) {
   await app.register(variableRoutes)
   await app.register(memoryRoutes)
   await app.register(dailyLogRoutes)
+  await app.register(permissionRoutes)
 
   // Windows-specific routes
   await app.register(commandRoutes)