npm - @geekbeer/minion - Versions diffs - 3.6.1 → 3.6.3 - Mend

@geekbeer/minion 3.6.1 → 3.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/package.json +1 -1
package/win/minion-cli.ps1 +79 -21

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@geekbeer/minion",
-  "version": "3.6.1",
+  "version": "3.6.3",
   "description": "AI Agent runtime for Minion - manages status and skill deployment on VPS",
   "main": "linux/server.js",
   "bin": {

package/win/minion-cli.ps1 CHANGED Viewed

@@ -451,7 +451,7 @@ function Restart-MinionService {
 # ============================================================
 function Invoke-Setup {
-    $totalSteps = 11
+    $totalSteps = 12
     # Minionization warning
     Write-Host ""
@@ -877,8 +877,59 @@ function Invoke-Setup {
         Write-Warn "websockify not available, VNC WebSocket proxy will not be registered"
     }
+    # Step 10: Download and register cloudflared
+    Write-Step 10 $totalSteps "Setting up Cloudflare Tunnel (cloudflared)..."
+    $cfExe = $null
+    if (Get-Command cloudflared -ErrorAction SilentlyContinue) {
+        $cfExe = (Get-Command cloudflared).Source
+        Write-Detail "cloudflared already installed: $cfExe"
+    } else {
+        Write-Host "  Downloading cloudflared..."
+        try {
+            $cfUrl = 'https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-windows-amd64.exe'
+            $cfPath = Join-Path $DataDir 'cloudflared.exe'
+            Invoke-WebRequest -Uri $cfUrl -OutFile $cfPath -UseBasicParsing
+            $cfExe = $cfPath
+            Write-Detail "cloudflared downloaded to $cfExe"
+        }
+        catch {
+            Write-Warn "Failed to download cloudflared: $_"
+            Write-Host "  You can install manually or re-run setup later." -ForegroundColor Gray
+        }
+    }
+    if ($cfExe) {
+        # Register cloudflared as NSSM service (config will be set by 'configure --setup-tunnel')
+        Invoke-Nssm stop minion-cloudflared
+        Invoke-Nssm remove minion-cloudflared confirm
+        $cfConfigDir = Join-Path $TargetUserProfile '.cloudflared'
+        $cfConfigPath = Join-Path $cfConfigDir 'config.yml'
+        Invoke-Nssm install minion-cloudflared $cfExe "tunnel run --config `"$cfConfigPath`""
+        # Set USERPROFILE/HOME so cloudflared resolves ~/.cloudflared/ to the target user's profile
+        # (NSSM runs as LocalSystem, whose ~ is C:\Windows\system32\config\systemprofile)
+        $cfEnvLines = @(
+            "USERPROFILE=$TargetUserProfile",
+            "HOME=$TargetUserProfile"
+        )
+        Invoke-Nssm set minion-cloudflared AppEnvironmentExtra ($cfEnvLines -join "`n")
+        Invoke-Nssm set minion-cloudflared Start SERVICE_DEMAND_START
+        Invoke-Nssm set minion-cloudflared DisplayName "Minion Cloudflared"
+        Invoke-Nssm set minion-cloudflared Description "Cloudflare Tunnel for Minion"
+        Invoke-Nssm set minion-cloudflared AppRestartDelay 5000
+        Invoke-Nssm set minion-cloudflared AppStdout (Join-Path $LogDir 'cloudflared-stdout.log')
+        Invoke-Nssm set minion-cloudflared AppStderr (Join-Path $LogDir 'cloudflared-stderr.log')
+        Invoke-Nssm set minion-cloudflared AppStdoutCreationDisposition 4
+        Invoke-Nssm set minion-cloudflared AppStderrCreationDisposition 4
+        Invoke-Nssm set minion-cloudflared AppRotateFiles 1
+        Invoke-Nssm set minion-cloudflared AppRotateBytes 10485760
+        Grant-ServiceControlToUser 'minion-cloudflared' $setupUserSid
+        if ($targetUserSid -and $targetUserSid -ne $setupUserSid) {
+            Grant-ServiceControlToUser 'minion-cloudflared' $targetUserSid
+        }
+        Write-Detail "minion-cloudflared service registered (starts via 'configure --setup-tunnel')"
+    }
     # Step 11: Disable screensaver, lock screen, and sleep
-    Write-Step 10 $totalSteps "Disabling screensaver, lock screen, and sleep..."
+    Write-Step 11 $totalSteps "Disabling screensaver, lock screen, and sleep..."
     Set-ItemProperty -Path 'HKCU:\Control Panel\Desktop' -Name ScreenSaveActive -Value '0'
     Set-ItemProperty -Path 'HKCU:\Control Panel\Desktop' -Name ScreenSaveTimeOut -Value '0'
     Set-ItemProperty -Path 'HKCU:\Control Panel\Desktop' -Name SCRNSAVE.EXE -Value ''
@@ -892,7 +943,7 @@ function Invoke-Setup {
     Write-Detail "Sleep and monitor timeout disabled"
     # Configure firewall rules
-    Write-Step 11 $totalSteps "Configuring firewall rules..."
+    Write-Step 12 $totalSteps "Configuring firewall rules..."
     $fwRules = @(
         @{ Name = 'Minion Agent'; Port = 8080 },
         @{ Name = 'Minion Terminal'; Port = 7681 },
@@ -985,6 +1036,7 @@ function Invoke-Setup {
     Write-Host "Services registered (not yet started):"
     Write-Host "  minion-agent       - AI Agent (port 8080)"
     Write-Host "  minion-websockify  - WebSocket proxy (port 6080)"
+    Write-Host "  minion-cloudflared - Cloudflare Tunnel (starts via configure --setup-tunnel)"
     Write-Host "  MinionVNC (task)   - TightVNC (port 5900, starts at logon)"
     Write-Host ""
     Write-Host "Next step: Connect to HQ (run as regular user):" -ForegroundColor Yellow
@@ -1303,23 +1355,32 @@ function Invoke-Configure {
                 [System.IO.File]::WriteAllText((Join-Path $cfConfigDir 'config.yml'), $tunnelData.config_yml, [System.Text.UTF8Encoding]::new($false))
                 Write-Detail "Tunnel config saved"
-                # Register cloudflared as NSSM service (requires admin — will be skipped if non-admin)
-                $cfExe = $null
-                if (Get-Command cloudflared -ErrorAction SilentlyContinue) {
-                    $cfExe = (Get-Command cloudflared).Source
-                } elseif (Test-Path (Join-Path $DataDir 'cloudflared.exe')) {
-                    $cfExe = Join-Path $DataDir 'cloudflared.exe'
-                }
-                if ($cfExe) {
-                    $cfState = Get-ServiceState 'minion-cloudflared'
-                    if (-not $cfState) {
-                        # Service not registered — try to register via NSSM (requires admin)
+                # Start cloudflared service (registered during setup)
+                $cfState = Get-ServiceState 'minion-cloudflared'
+                if ($cfState) {
+                    # Enable auto-start now that tunnel config is in place
+                    Invoke-Nssm set minion-cloudflared Start SERVICE_AUTO_START 2>&1 | Out-Null
+                    sc.exe start minion-cloudflared 2>&1 | Out-Null
+                    Write-Detail "minion-cloudflared started"
+                } else {
+                    # Fallback: service not registered (e.g. setup was run before v3.6.2)
+                    $cfExe = $null
+                    if (Get-Command cloudflared -ErrorAction SilentlyContinue) {
+                        $cfExe = (Get-Command cloudflared).Source
+                    } elseif (Test-Path (Join-Path $DataDir 'cloudflared.exe')) {
+                        $cfExe = Join-Path $DataDir 'cloudflared.exe'
+                    }
+                    if ($cfExe) {
                         $isAdmin = ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
                         if ($isAdmin) {
                             $cfConfigPath = Join-Path $cfConfigDir 'config.yml'
-                            Invoke-Nssm stop minion-cloudflared
-                            Invoke-Nssm remove minion-cloudflared confirm
                             Invoke-Nssm install minion-cloudflared $cfExe "tunnel run --config `"$cfConfigPath`""
+                            # Set USERPROFILE/HOME so cloudflared resolves ~/.cloudflared/ to the target user's profile
+                            $cfEnvLines = @(
+                                "USERPROFILE=$TargetUserProfile",
+                                "HOME=$TargetUserProfile"
+                            )
+                            Invoke-Nssm set minion-cloudflared AppEnvironmentExtra ($cfEnvLines -join "`n")
                             Invoke-Nssm set minion-cloudflared Start SERVICE_AUTO_START
                             Invoke-Nssm set minion-cloudflared DisplayName "Minion Cloudflared"
                             Invoke-Nssm set minion-cloudflared Description "Cloudflare Tunnel for Minion"
@@ -1332,15 +1393,12 @@ function Invoke-Configure {
                             Invoke-Nssm set minion-cloudflared AppRotateBytes 10485760
                             $setupUserSid = Get-SetupUserSid
                             Grant-ServiceControlToUser 'minion-cloudflared' $setupUserSid
-                            Write-Detail "minion-cloudflared service registered"
+                            Write-Detail "minion-cloudflared service registered (fallback)"
                             sc.exe start minion-cloudflared 2>&1 | Out-Null
                             Write-Detail "minion-cloudflared started"
                         } else {
-                            Write-Warn "minion-cloudflared service not registered. Run 'configure --setup-tunnel' as admin to register tunnel service."
+                            Write-Warn "minion-cloudflared service not registered. Run 'setup' as admin to register, or run 'configure --setup-tunnel' as admin."
                         }
-                    } else {
-                        sc.exe start minion-cloudflared 2>&1 | Out-Null
-                        Write-Detail "minion-cloudflared started"
                     }
                 }
             }