@mooncompany/uplink-chat 0.5.0

package/server/routes/config.js

@@ -0,0 +1,603 @@
+/**
+ * Config Routes - Configuration and gateway validation
+ */
+
+import { badRequest, internalError, ErrorCodes } from '../../utils/errors.js';
+import { isEdgeTTSAvailable, isPiperConfigured, isLocalTTSConfigured, listEdgeTTSVoices } from '../tts.js';
+import { GATEWAY_VALIDATION_TIMEOUT_MS } from '../config.js';
+
+/**
+ * Setup config routes
+ * @param {Express} app - Express app instance
+ * @param {Object} context - Request context
+ */
+export function setupConfigRoutes(app, context) {
+  const {
+    getClientConfig,
+    saveConfig,
+    loadConfig,
+    needsOnboarding,
+    strictLimiter,
+    isPrivateIP,
+    log,
+  } = context;
+
+  // ===========================================
+  // Gateway Validation
+  // ===========================================
+
+  app.post('/api/gateway/validate', strictLimiter, async (req, res) => {
+    let { url } = req.body;
+
+    if (!url) {
+      return badRequest(res, 'No URL provided', ErrorCodes.MISSING_FIELD);
+    }
+
+    url = url.replace(/^(wss?|https?)\/*:+\/*/, '$1://');
+    url = url.replace(/^ws:\/\//, 'http://').replace(/^wss:\/\//, 'https://');
+
+    if (!/^https?:\/\//i.test(url)) {
+      url = 'http://' + url;
+    }
+
+    let parsedUrl;
+    try {
+      parsedUrl = new URL(url);
+    } catch (e) {
+      return badRequest(res, 'Invalid URL format', ErrorCodes.INVALID_FORMAT);
+    }
+
+    if (!['http:', 'https:'].includes(parsedUrl.protocol)) {
+      return badRequest(res, 'Only HTTP/HTTPS URLs are allowed', ErrorCodes.INVALID_FORMAT);
+    }
+
+    const hostname = parsedUrl.hostname.replace(/^\[|\]$/g, ''); // Strip IPv6 brackets
+    
+    // Reject link-local addresses (169.254.x.x, fe80::) - never valid gateway targets
+    const isLinkLocal = /^169\.254\./.test(hostname) || /^fe80:/i.test(hostname);
+    if (isLinkLocal) {
+      return badRequest(res, 'Link-local addresses are not allowed as gateway URLs.', ErrorCodes.FORBIDDEN);
+    }
+    
+    if (isPrivateIP(hostname)) {
+      // Localhost is always allowed — Uplink is local-first, gateway is typically on localhost
+      const isLocalhost = hostname === 'localhost' || hostname === '127.0.0.1' || hostname === '::1';
+      if (!isLocalhost) {
+        // Block other private IPs (10.x, 192.168.x, etc.) unless explicitly allowed
+        const allowPrivate = process.env.ALLOW_PRIVATE_GATEWAY === 'true';
+        if (!allowPrivate) {
+          return badRequest(res, 'Private/internal URLs are not allowed. Set ALLOW_PRIVATE_GATEWAY=true to allow LAN addresses.', ErrorCodes.FORBIDDEN);
+        }
+      }
+    }
+
+    try {
+      const controller = new AbortController();
+      const timeout = setTimeout(() => controller.abort(), GATEWAY_VALIDATION_TIMEOUT_MS);
+
+      // Try multiple endpoints - OpenClaw serves HTML on root, so just check reachability
+      const baseUrl = url.replace(/\/$/, '');
+      let response;
+      let lastError;
+      
+      for (const path of ['', '/health', '/v1/models']) {
+        try {
+          response = await fetch(`${baseUrl}${path}`, {
+            signal: controller.signal,
+            method: 'GET'
+          });
+          if (response.ok) break;
+        } catch (e) {
+          lastError = e;
+        }
+      }
+
+      clearTimeout(timeout);
+
+      if (response?.ok) {
+        res.json({ valid: true, status: response.status });
+      } else {
+        res.json({ valid: false, error: lastError?.message || `Gateway returned ${response?.status || 'no response'}` });
+      }
+    } catch (error) {
+      if (error.code === 'ECONNREFUSED' || error.cause?.code === 'ECONNREFUSED') {
+        return res.json({ valid: false, error: 'Gateway not responding. Is it running? Try: openclaw gateway start' });
+      } else if (error.name === 'AbortError') {
+        return res.json({ valid: false, error: 'Connection timed out. Check firewall settings or try a different URL.' });
+      }
+      return res.json({
+        valid: false,
+        error: process.env.NODE_ENV === 'production' ? 'Could not connect to gateway.' : error.message
+      });
+    }
+  });
+
+  // ===========================================
+  // Configuration API
+  // ===========================================
+
+  /**
+   * Get client-safe configuration
+   */
+  app.get('/api/config', async (req, res) => {
+    try {
+      const clientConfig = await getClientConfig();
+      res.json(clientConfig);
+    } catch (error) {
+      log('error', '[Config] Get error:', error.message);
+      internalError(res, 'Failed to load configuration', ErrorCodes.CONFIG_ERROR);
+    }
+  });
+
+  /**
+   * Check if onboarding is needed
+   */
+  app.get('/api/config/needs-onboarding', async (req, res) => {
+    try {
+      const needs = await needsOnboarding();
+      res.json({ needsOnboarding: needs });
+    } catch (error) {
+      log('error', '[Config] Onboarding check error:', error.message);
+      internalError(res, 'Failed to check onboarding status', ErrorCodes.CONFIG_ERROR);
+    }
+  });
+
+  /**
+   * Update configuration (used by onboarding wizard)
+   */
+  app.post('/api/config', strictLimiter, async (req, res) => {
+    try {
+      // Only allow known config keys to prevent config pollution
+      const ALLOWED_CONFIG_KEYS = new Set([
+        'userName', 'assistantName', 'gatewayUrl', 'gatewayToken',
+        'sessionUser', 'ttsProvider', 'elevenLabsApiKey', 'elevenLabsVoiceId',
+        'ttsVoiceName', 'edgeTtsVoice', 'localTtsUrl', 'encryptHistory',
+        'wakeWord', 'onboardingComplete', 'openaiApiKey', 'openaiTtsVoice',
+        'openaiTtsModel', 'sttProvider', 'groqApiKey', 'groqSttModel',
+        'fasterWhisperUrl', 'openaiSttModel', 'port', 'allowedOrigins',
+        'watchdogEnabled', 'networkAccess',
+        'realtimeVoiceEnabled', 'realtimeVoice', 'realtimeModel',
+        'voiceMode', 'voiceModel', 'agentVoiceTtsEngine', 'agentVoiceTtsVoice',
+      ]);
+      
+      const updates = {};
+      for (const [key, value] of Object.entries(req.body)) {
+        if (ALLOWED_CONFIG_KEYS.has(key)) {
+          updates[key] = value;
+        }
+      }
+      
+      if (Object.keys(updates).length === 0) {
+        return badRequest(res, 'No valid config keys provided', ErrorCodes.VALIDATION_ERROR);
+      }
+      
+      // Validate required fields for onboarding
+      if (updates.onboardingComplete) {
+        const currentConfig = await loadConfig();
+        if (!updates.gatewayToken && !process.env.GATEWAY_TOKEN && !currentConfig.gatewayToken) {
+          return badRequest(res, 'Gateway token is required', ErrorCodes.MISSING_FIELD);
+        }
+      }
+      
+      const newConfig = await saveConfig(updates);
+      const clientConfig = await getClientConfig();
+      
+      log('info', '[Config] Configuration updated');
+      res.json({ ok: true, config: clientConfig });
+    } catch (error) {
+      log('error', '[Config] Update error:', error.message);
+      internalError(res, 'Failed to save configuration', ErrorCodes.CONFIG_ERROR);
+    }
+  });
+
+  // ===========================================
+  // Server Settings
+  // ===========================================
+
+  /**
+   * Get server status (watchdog, network binding)
+   */
+  app.get('/api/config/server', async (req, res) => {
+    try {
+      const config = await loadConfig();
+      const isNetworkAccess = process.env.UPLINK_HOST === '0.0.0.0' || config.networkAccess === true;
+      
+      // Check if watchdog is running
+      let watchdogRunning = false;
+      try {
+        const { readFileSync } = await import('fs');
+        const { join } = await import('path');
+        const stateFile = join(process.cwd(), '.uplink-watchdog.json');
+        const state = JSON.parse(readFileSync(stateFile, 'utf8'));
+        watchdogRunning = state.status === 'running' && state.watchdogPid != null;
+      } catch {
+        // No watchdog state file
+      }
+
+      res.json({
+        watchdogEnabled: config.watchdogEnabled !== false, // default true
+        watchdogRunning,
+        networkAccess: isNetworkAccess,
+        bindAddress: process.env.UPLINK_HOST || (isNetworkAccess ? '0.0.0.0' : '127.0.0.1'),
+      });
+    } catch (error) {
+      log('error', '[Config] Server status error:', error.message);
+      internalError(res, 'Failed to get server status', ErrorCodes.CONFIG_ERROR);
+    }
+  });
+
+  /**
+   * Update server settings (requires restart to take effect)
+   */
+  app.post('/api/config/server', strictLimiter, async (req, res) => {
+    try {
+      const updates = {};
+      
+      if (typeof req.body.watchdogEnabled === 'boolean') {
+        updates.watchdogEnabled = req.body.watchdogEnabled;
+      }
+      if (typeof req.body.networkAccess === 'boolean') {
+        updates.networkAccess = req.body.networkAccess;
+      }
+
+      if (Object.keys(updates).length === 0) {
+        return badRequest(res, 'No valid settings provided', ErrorCodes.VALIDATION_ERROR);
+      }
+
+      await saveConfig(updates);
+      log('info', `[Config] Server settings updated: ${JSON.stringify(updates)}`);
+      res.json({ ok: true, restartRequired: true });
+    } catch (error) {
+      log('error', '[Config] Server settings error:', error.message);
+      internalError(res, 'Failed to save server settings', ErrorCodes.CONFIG_ERROR);
+    }
+  });
+
+  /**
+   * Restart the server process
+   */
+  app.post('/api/config/server/restart', strictLimiter, async (req, res) => {
+    try {
+      log('info', '[Config] Server restart requested via settings UI');
+      res.json({ ok: true, message: 'Restarting...' });
+      
+      // Give time for response to send, then exit
+      // Watchdog (if running) will auto-restart the process
+      setTimeout(() => {
+        process.exit(0);
+      }, 500);
+    } catch (error) {
+      log('error', '[Config] Restart error:', error.message);
+      internalError(res, 'Failed to restart server', ErrorCodes.CONFIG_ERROR);
+    }
+  });
+
+  // ===========================================
+  // API Keys Management
+  // ===========================================
+
+  /**
+   * Save ElevenLabs API key (validates first)
+   */
+  app.post('/api/config/elevenlabs-key', strictLimiter, async (req, res) => {
+    const { apiKey } = req.body;
+
+    if (!apiKey) {
+      return badRequest(res, 'API key is required', ErrorCodes.MISSING_FIELD);
+    }
+
+    // Validate the key by fetching user info
+    try {
+      const response = await fetch('https://api.elevenlabs.io/v1/user', {
+        headers: { 'xi-api-key': apiKey }
+      });
+
+      if (!response.ok) {
+        return res.json({ valid: false, error: 'Invalid API key' });
+      }
+
+      const userData = await response.json();
+      
+      // Key is valid - save it
+      await saveConfig({ elevenLabsApiKey: apiKey, ttsProvider: 'elevenlabs' });
+      
+      log('info', '[Config] ElevenLabs API key saved');
+      res.json({ 
+        valid: true, 
+        subscription: userData.subscription?.tier || 'unknown'
+      });
+    } catch (error) {
+      log('error', '[Config] ElevenLabs validation error:', error.message);
+      res.json({ valid: false, error: 'Failed to validate key' });
+    }
+  });
+
+  /**
+   * Remove ElevenLabs API key
+   */
+  app.delete('/api/config/elevenlabs-key', strictLimiter, async (req, res) => {
+    try {
+      await saveConfig({ elevenLabsApiKey: '', ttsProvider: 'none' });
+      log('info', '[Config] ElevenLabs API key removed');
+      res.json({ ok: true });
+    } catch (error) {
+      log('error', '[Config] Failed to remove key:', error.message);
+      internalError(res, 'Failed to remove key', ErrorCodes.CONFIG_ERROR);
+    }
+  });
+
+  /**
+   * Get available ElevenLabs voices
+   */
+  app.get('/api/config/elevenlabs-voices', async (req, res) => {
+    try {
+      const config = await loadConfig();
+      
+      if (!config.elevenLabsApiKey) {
+        return res.json({ voices: [], error: 'No API key configured' });
+      }
+
+      const response = await fetch('https://api.elevenlabs.io/v1/voices', {
+        headers: { 'xi-api-key': config.elevenLabsApiKey }
+      });
+
+      if (!response.ok) {
+        return res.json({ voices: [], error: 'Failed to fetch voices' });
+      }
+
+      const data = await response.json();
+      const voices = data.voices?.map(v => ({
+        id: v.voice_id,
+        name: v.name,
+        category: v.category,
+        previewUrl: v.preview_url
+      })) || [];
+
+      res.json({ voices });
+    } catch (error) {
+      log('error', '[Config] Failed to fetch voices:', error.message);
+      const errorMsg = process.env.NODE_ENV === 'production' 
+        ? 'Failed to fetch voices' 
+        : error.message;
+      res.json({ voices: [], error: errorMsg });
+    }
+  });
+
+  /**
+   * Set ElevenLabs voice
+   */
+  app.post('/api/config/elevenlabs-voice', strictLimiter, async (req, res) => {
+    const { voiceId, voiceName } = req.body;
+
+    if (!voiceId) {
+      return badRequest(res, 'Voice ID is required', ErrorCodes.MISSING_FIELD);
+    }
+
+    try {
+      await saveConfig({ 
+        elevenLabsVoiceId: voiceId,
+        ttsVoiceName: voiceName || 'Assistant'
+      });
+      
+      log('info', `[Config] ElevenLabs voice set to ${voiceName || voiceId}`);
+      res.json({ ok: true });
+    } catch (error) {
+      log('error', '[Config] Failed to set voice:', error.message);
+      internalError(res, 'Failed to save voice', ErrorCodes.CONFIG_ERROR);
+    }
+  });
+
+  // ===========================================
+  // OpenAI API Key
+  // ===========================================
+
+  /**
+   * Save OpenAI API key (validates first)
+   */
+  app.post('/api/config/openai-key', strictLimiter, async (req, res) => {
+    const { apiKey } = req.body;
+
+    if (!apiKey) {
+      return badRequest(res, 'API key is required', ErrorCodes.MISSING_FIELD);
+    }
+
+    // Validate the key by hitting the models endpoint
+    try {
+      const response = await fetch('https://api.openai.com/v1/models', {
+        headers: { 'Authorization': `Bearer ${apiKey}` }
+      });
+
+      if (!response.ok) {
+        return res.json({ valid: false, error: 'Invalid API key' });
+      }
+
+      // Key is valid — save it
+      await saveConfig({ openaiApiKey: apiKey });
+
+      log('info', '[Config] OpenAI API key saved');
+      res.json({ valid: true });
+    } catch (error) {
+      log('error', '[Config] OpenAI key validation error:', error.message);
+      res.json({ valid: false, error: 'Failed to validate key' });
+    }
+  });
+
+  /**
+   * Remove OpenAI API key
+   */
+  app.delete('/api/config/openai-key', strictLimiter, async (req, res) => {
+    try {
+      await saveConfig({ openaiApiKey: '' });
+      log('info', '[Config] OpenAI API key removed');
+      res.json({ ok: true });
+    } catch (error) {
+      log('error', '[Config] Failed to remove OpenAI key:', error.message);
+      internalError(res, 'Failed to remove key', ErrorCodes.CONFIG_ERROR);
+    }
+  });
+
+  // ===========================================
+  // TTS Provider Status & Configuration
+  // ===========================================
+
+  /**
+   * Get status of all TTS providers
+   */
+  app.get('/api/config/tts-status', async (req, res) => {
+    try {
+      const config = await loadConfig();
+      
+      res.json({
+        elevenlabs: {
+          available: true,
+          configured: !!config.elevenLabsApiKey,
+          needsKey: true,
+          label: 'ElevenLabs',
+          description: 'High-quality cloud TTS (requires API key)',
+        },
+        openai: {
+          available: true,
+          configured: !!(config.openaiApiKey || process.env.OPENAI_API_KEY),
+          needsKey: true,
+          hasKey: !!(config.openaiApiKey || process.env.OPENAI_API_KEY),
+          voice: config.openaiTtsVoice || 'nova',
+          model: config.openaiTtsModel || 'tts-1',
+          label: 'OpenAI TTS',
+          description: 'Cloud TTS (uses your OpenAI API key)',
+        },
+        edge: {
+          available: isEdgeTTSAvailable(),
+          configured: isEdgeTTSAvailable(),
+          installed: isEdgeTTSAvailable(),
+          voice: config.edgeTtsVoice || 'en-US-AriaNeural',
+          label: 'Edge TTS',
+          description: isEdgeTTSAvailable() 
+            ? 'Free Microsoft TTS (no API key needed)' 
+            : 'Not installed — run: npm install node-edge-tts',
+        },
+        piper: {
+          available: isPiperConfigured(),
+          configured: isPiperConfigured(),
+          label: 'Piper',
+          description: isPiperConfigured()
+            ? 'Fast local TTS (configured via environment)'
+            : 'Not configured — set PIPER_MODEL in .env',
+        },
+        local: {
+          available: isLocalTTSConfigured() || !!config.localTtsUrl,
+          configured: isLocalTTSConfigured() || !!config.localTtsUrl,
+          url: config.localTtsUrl || process.env.LOCAL_TTS_URL || '',
+          label: 'XTTS (Local GPU)',
+          description: (isLocalTTSConfigured() || config.localTtsUrl)
+            ? 'GPU-accelerated local TTS'
+            : 'Not configured — enter server URL below',
+        },
+      });
+    } catch (error) {
+      log('error', '[Config] TTS status error:', error.message);
+      internalError(res, 'Failed to get TTS status', ErrorCodes.CONFIG_ERROR);
+    }
+  });
+
+  /**
+   * Get available Edge TTS voices
+   */
+  app.get('/api/config/edge-voices', async (req, res) => {
+    try {
+      if (!isEdgeTTSAvailable()) {
+        return res.json({ voices: [], error: 'Edge TTS not installed' });
+      }
+      
+      const voices = await listEdgeTTSVoices();
+      
+      // Filter to English by default, but include all if requested
+      const lang = req.query.lang || 'en';
+      const filtered = lang === 'all' 
+        ? voices 
+        : voices.filter(v => v.locale?.startsWith(lang));
+      
+      res.json({ voices: filtered });
+    } catch (error) {
+      log('error', '[Config] Edge TTS voices error:', error.message);
+      const errorMsg = process.env.NODE_ENV === 'production' 
+        ? 'Failed to fetch Edge TTS voices' 
+        : error.message;
+      res.json({ voices: [], error: errorMsg });
+    }
+  });
+
+  /**
+   * Save OpenAI TTS settings (voice + model)
+   */
+  app.post('/api/config/openai-tts', strictLimiter, async (req, res) => {
+    const { voice, model } = req.body;
+    
+    const allowedVoices = ['alloy', 'ash', 'ballad', 'coral', 'echo', 'fable', 'onyx', 'nova', 'sage', 'shimmer'];
+    const allowedModels = ['tts-1', 'tts-1-hd', 'gpt-4o-mini-tts'];
+    
+    if (voice && !allowedVoices.includes(voice)) {
+      return badRequest(res, `Invalid voice. Options: ${allowedVoices.join(', ')}`, ErrorCodes.INVALID_FORMAT);
+    }
+    if (model && !allowedModels.includes(model)) {
+      return badRequest(res, `Invalid model. Options: ${allowedModels.join(', ')}`, ErrorCodes.INVALID_FORMAT);
+    }
+
+    try {
+      const updates = {};
+      if (voice) updates.openaiTtsVoice = voice;
+      if (model) updates.openaiTtsModel = model;
+      
+      await saveConfig(updates);
+      log('info', `[Config] OpenAI TTS updated: voice=${voice || '(unchanged)'}, model=${model || '(unchanged)'}`);
+      res.json({ ok: true });
+    } catch (error) {
+      log('error', '[Config] OpenAI TTS save error:', error.message);
+      internalError(res, 'Failed to save OpenAI TTS settings', ErrorCodes.CONFIG_ERROR);
+    }
+  });
+
+  /**
+   * Save Edge TTS voice selection
+   */
+  app.post('/api/config/edge-voice', strictLimiter, async (req, res) => {
+    const { voice } = req.body;
+    
+    if (!voice || typeof voice !== 'string') {
+      return badRequest(res, 'Voice name is required', ErrorCodes.MISSING_FIELD);
+    }
+
+    try {
+      await saveConfig({ edgeTtsVoice: voice });
+      log('info', `[Config] Edge TTS voice set to ${voice}`);
+      res.json({ ok: true });
+    } catch (error) {
+      log('error', '[Config] Edge TTS voice save error:', error.message);
+      internalError(res, 'Failed to save Edge TTS voice', ErrorCodes.CONFIG_ERROR);
+    }
+  });
+
+  /**
+   * Save XTTS server URL
+   */
+  app.post('/api/config/local-tts', strictLimiter, async (req, res) => {
+    const { url } = req.body;
+    
+    if (url !== undefined && url !== '') {
+      // Validate URL format
+      try {
+        new URL(url);
+      } catch {
+        return badRequest(res, 'Invalid URL format', ErrorCodes.INVALID_FORMAT);
+      }
+    }
+
+    try {
+      await saveConfig({ localTtsUrl: url || '' });
+      log('info', `[Config] XTTS URL set to ${url || '(cleared)'}`);
+      res.json({ ok: true });
+    } catch (error) {
+      log('error', '[Config] XTTS URL save error:', error.message);
+      internalError(res, 'Failed to save XTTS URL', ErrorCodes.CONFIG_ERROR);
+    }
+  });
+}