@nordbyte/nordrelay 0.4.1 → 0.5.0

package/dist/channel-runtime.js

@@ -0,0 +1,89 @@
+export class ChannelCommandRouter {
+    handlers = new Map();
+    command(name, handler) {
+        const normalized = normalizeCommandName(name);
+        if (!normalized) {
+            throw new Error("Channel command name is required.");
+        }
+        this.handlers.set(normalized, handler);
+        return this;
+    }
+    async dispatch(message) {
+        const parsed = parseChannelCommand(message.text ?? "");
+        if (!parsed) {
+            return { matched: false };
+        }
+        const handler = this.handlers.get(parsed.command);
+        if (!handler) {
+            return { matched: false, command: parsed.command };
+        }
+        const response = await handler({
+            ...message,
+            text: parsed.argument,
+        });
+        return {
+            matched: true,
+            command: parsed.command,
+            response: response ?? undefined,
+        };
+    }
+}
+export async function deliverChannelAction(runtime, context, response) {
+    return runtime.sendMessage(context, {
+        text: response.html,
+        fallbackText: response.plain,
+        parseMode: "html",
+        buttons: response.buttons,
+    });
+}
+export function parseChannelCommand(text) {
+    const match = text.trimStart().match(/^\/([a-zA-Z0-9_-]+)(?:@\w+)?(?:\s+([\s\S]*))?$/);
+    if (!match?.[1]) {
+        return null;
+    }
+    return {
+        command: normalizeCommandName(match[1]),
+        argument: match[2]?.trim() ?? "",
+    };
+}
+export class InMemoryChannelRuntime {
+    descriptor;
+    capabilities;
+    id;
+    label;
+    sentMessages = [];
+    editedMessages = [];
+    typingContexts = [];
+    sentFiles = [];
+    constructor(descriptor) {
+        this.descriptor = descriptor;
+        this.id = descriptor.id;
+        this.label = descriptor.label;
+        this.capabilities = new Set(descriptor.capabilities);
+    }
+    describe() {
+        return {
+            ...this.descriptor,
+            capabilities: [...this.descriptor.capabilities],
+        };
+    }
+    async sendMessage(context, message) {
+        const messageId = `${this.id}-message-${this.sentMessages.length + 1}`;
+        this.sentMessages.push({ context, message, messageId });
+        return { messageId };
+    }
+    async editMessage(context, messageId, message) {
+        this.editedMessages.push({ context, messageId, message });
+    }
+    async sendTyping(context) {
+        this.typingContexts.push(context);
+    }
+    async sendFile(context, file) {
+        const messageId = `${this.id}-file-${this.sentFiles.length + 1}`;
+        this.sentFiles.push({ context, file, messageId });
+        return { messageId };
+    }
+}
+function normalizeCommandName(name) {
+    return name.trim().replace(/^\//, "").toLowerCase();
+}

package/dist/config-metadata.js

@@ -0,0 +1,238 @@
+export const SECRET_KEYS = new Set([
+    "TELEGRAM_BOT_TOKEN",
+    "CODEX_API_KEY",
+    "HERMES_API_KEY",
+    "OPENCLAW_GATEWAY_TOKEN",
+    "OPENCLAW_GATEWAY_PASSWORD",
+    "OPENAI_API_KEY",
+    "TELEGRAM_WEBHOOK_SECRET",
+]);
+export const SETTING_DEFINITIONS = [
+    setting("TELEGRAM_BOT_TOKEN", "Telegram bot token", "Telegram", "secret", "BotFather token.", true),
+    setting("TELEGRAM_TRANSPORT", "Telegram transport", "Telegram", "string", "polling or webhook.", true, ["polling", "webhook"]),
+    setting("TELEGRAM_WEBHOOK_URL", "Webhook public URL", "Telegram", "string", "Public base URL for webhook mode.", true),
+    setting("TELEGRAM_WEBHOOK_HOST", "Webhook bind host", "Telegram", "string", "Local webhook bind host.", true),
+    setting("TELEGRAM_WEBHOOK_PORT", "Webhook bind port", "Telegram", "number", "Local webhook bind port.", true),
+    setting("TELEGRAM_WEBHOOK_PATH", "Webhook path", "Telegram", "string", "Webhook request path.", true),
+    setting("TELEGRAM_WEBHOOK_SECRET", "Webhook secret", "Telegram", "secret", "Optional Telegram webhook secret token.", true),
+    setting("NORDRELAY_CODEX_ENABLED", "Enable Codex", "Agents", "boolean", "Allow Codex sessions.", true),
+    setting("NORDRELAY_PI_ENABLED", "Enable Pi", "Agents", "boolean", "Allow Pi sessions.", true),
+    setting("NORDRELAY_HERMES_ENABLED", "Enable Hermes", "Agents", "boolean", "Allow Hermes sessions through the Hermes API Server.", true),
+    setting("NORDRELAY_OPENCLAW_ENABLED", "Enable OpenClaw", "Agents", "boolean", "Allow OpenClaw sessions through the OpenClaw Gateway.", true),
+    setting("NORDRELAY_CLAUDE_CODE_ENABLED", "Enable Claude Code", "Agents", "boolean", "Allow Claude Code sessions through the Claude Agent SDK.", true),
+    setting("NORDRELAY_DEFAULT_AGENT", "Default agent", "Agents", "string", "codex, pi, hermes, openclaw, or claude-code.", true, ["codex", "pi", "hermes", "openclaw", "claude-code"]),
+    setting("CODEX_API_KEY", "Codex API key", "Codex", "secret", "Optional Codex SDK API key.", true),
+    setting("CODEX_CLI_PATH", "Codex CLI path", "Codex", "string", "Optional explicit Codex executable path.", true),
+    setting("CODEX_USE_BUNDLED_CLI", "Use bundled Codex CLI", "Codex", "boolean", "Force SDK-bundled CLI instead of host CLI.", true),
+    setting("CODEX_MODEL", "Default Codex model", "Codex", "string", "Default model for new Codex threads.", false),
+    setting("CODEX_SYNC_INTERVAL_MS", "Codex sync interval", "Codex", "number", "Local state sync interval.", true),
+    setting("CODEX_EXTERNAL_BUSY_CHECK_MS", "External busy check", "Codex", "number", "External CLI busy polling interval.", true),
+    setting("CODEX_EXTERNAL_BUSY_STALE_MS", "External busy stale timeout", "Codex", "number", "External CLI stale timeout.", true),
+    setting("CODEX_SANDBOX_MODE", "Codex sandbox mode", "Codex", "string", "read-only, workspace-write, or danger-full-access.", true, ["read-only", "workspace-write", "danger-full-access"]),
+    setting("CODEX_APPROVAL_POLICY", "Codex approval policy", "Codex", "string", "never, on-request, on-failure, or untrusted.", true, ["never", "on-request", "on-failure", "untrusted"]),
+    setting("CODEX_LAUNCH_PROFILES_JSON", "Launch profiles JSON", "Codex", "json", "Additional launch profile definitions.", true),
+    setting("CODEX_DEFAULT_LAUNCH_PROFILE", "Default launch profile", "Codex", "string", "Launch profile ID used by default.", true),
+    setting("ENABLE_UNSAFE_LAUNCH_PROFILES", "Enable unsafe profiles", "Codex", "boolean", "Expose danger-full-access profiles.", true),
+    setting("PI_CLI_PATH", "Pi CLI path", "Pi", "string", "Optional Pi executable path.", true),
+    setting("PI_SESSION_DIR", "Pi session dir", "Pi", "string", "Optional Pi session directory.", true),
+    setting("PI_DEFAULT_MODEL", "Default Pi model", "Pi", "string", "Default Pi model slug.", false),
+    setting("PI_DEFAULT_THINKING", "Default Pi thinking", "Pi", "string", "off, minimal, low, medium, high, or xhigh.", false, ["off", "minimal", "low", "medium", "high", "xhigh"]),
+    setting("PI_DEFAULT_PROFILE", "Default Pi profile", "Pi", "string", "default, readonly, no-tools, offline, or safe-offline.", true, ["default", "readonly", "no-tools", "offline", "safe-offline"]),
+    setting("HERMES_CLI_PATH", "Hermes CLI path", "Hermes", "string", "Optional Hermes executable path.", true),
+    setting("HERMES_HOME", "Hermes home", "Hermes", "string", "Optional Hermes home directory. Defaults to ~/.hermes.", true),
+    setting("HERMES_STATE_DB_PATH", "Hermes state DB path", "Hermes", "string", "Optional explicit Hermes state.db path.", true),
+    setting("HERMES_API_BASE_URL", "Hermes API base URL", "Hermes", "string", "Hermes API Server base URL.", true),
+    setting("HERMES_API_KEY", "Hermes API key", "Hermes", "secret", "Bearer token for the Hermes API Server.", true),
+    setting("HERMES_DEFAULT_MODEL", "Default Hermes model", "Hermes", "string", "Default model label sent to Hermes API runs.", false),
+    setting("HERMES_DEFAULT_REASONING", "Default Hermes reasoning", "Hermes", "string", "none, minimal, low, medium, high, or xhigh.", false, ["none", "minimal", "low", "medium", "high", "xhigh"]),
+    setting("HERMES_DEFAULT_PROFILE", "Default Hermes profile", "Hermes", "string", "default, safe, readonly, or yolo.", true, ["default", "safe", "readonly", "yolo"]),
+    setting("OPENCLAW_CLI_PATH", "OpenClaw CLI path", "OpenClaw", "string", "Optional OpenClaw executable path.", true),
+    setting("OPENCLAW_GATEWAY_URL", "OpenClaw Gateway URL", "OpenClaw", "string", "OpenClaw Gateway WebSocket URL.", true),
+    setting("OPENCLAW_GATEWAY_TOKEN", "OpenClaw Gateway token", "OpenClaw", "secret", "Shared-secret token for the OpenClaw Gateway.", true),
+    setting("OPENCLAW_GATEWAY_PASSWORD", "OpenClaw Gateway password", "OpenClaw", "secret", "Shared-secret password for the OpenClaw Gateway.", true),
+    setting("OPENCLAW_AGENT_ID", "OpenClaw agent ID", "OpenClaw", "string", "Configured OpenClaw agent id, for example main or work.", false),
+    setting("OPENCLAW_HOME", "OpenClaw home", "OpenClaw", "string", "Optional OpenClaw home directory. Defaults to ~/.openclaw.", true),
+    setting("OPENCLAW_STATE_DIR", "OpenClaw state dir", "OpenClaw", "string", "Optional OpenClaw state directory.", true),
+    setting("OPENCLAW_DEFAULT_MODEL", "Default OpenClaw model", "OpenClaw", "string", "Default OpenClaw model id.", false),
+    setting("OPENCLAW_DEFAULT_THINKING", "Default OpenClaw thinking", "OpenClaw", "string", "off, minimal, low, medium, high, or xhigh.", false, ["off", "minimal", "low", "medium", "high", "xhigh"]),
+    setting("OPENCLAW_DEFAULT_PROFILE", "Default OpenClaw profile", "OpenClaw", "string", "default, safe, readonly, local, or deliver.", true, ["default", "safe", "readonly", "local", "deliver"]),
+    setting("CLAUDE_CODE_CLI_PATH", "Claude Code CLI path", "Claude Code", "string", "Optional Claude Code executable path. Defaults to claude on PATH or the SDK bundled runtime.", true),
+    setting("CLAUDE_CONFIG_DIR", "Claude config dir", "Claude Code", "string", "Optional Claude config directory. Defaults to ~/.claude.", true),
+    setting("CLAUDE_CODE_DEFAULT_MODEL", "Default Claude Code model", "Claude Code", "string", "Default Claude Code model alias or model id.", false),
+    setting("CLAUDE_CODE_DEFAULT_EFFORT", "Default Claude Code effort", "Claude Code", "string", "off, low, medium, high, or xhigh.", false, ["off", "low", "medium", "high", "xhigh"]),
+    setting("CLAUDE_CODE_DEFAULT_PROFILE", "Default Claude Code profile", "Claude Code", "string", "default, accept-edits, plan, readonly, no-tools, or bypass-permissions.", true, ["default", "accept-edits", "plan", "readonly", "no-tools", "bypass-permissions"]),
+    setting("CLAUDE_CODE_MAX_TURNS", "Claude Code max turns", "Claude Code", "number", "Maximum agentic turns for each Claude Code prompt.", false),
+    setting("CONNECTOR_LOG_FORMAT", "Log format", "Operations", "string", "text or json.", true, ["text", "json"]),
+    setting("TOOL_VERBOSITY", "Tool verbosity", "Operations", "string", "all, summary, errors-only, or none.", false, ["all", "summary", "errors-only", "none"]),
+    setting("SHOW_TURN_TOKEN_USAGE", "Show turn token usage", "Operations", "boolean", "Append per-turn token usage.", false),
+    setting("ENABLE_TELEGRAM_LOGIN", "Enable Telegram login", "Operations", "boolean", "Allow /login and /logout.", true),
+    setting("ENABLE_TELEGRAM_REACTIONS", "Enable Telegram reactions", "Operations", "boolean", "Send Telegram reactions.", true),
+    setting("TELEGRAM_RATE_LIMIT_MIN_INTERVAL_MS", "Telegram send interval", "Operations", "number", "Minimum send interval.", true),
+    setting("TELEGRAM_EDIT_MIN_INTERVAL_MS", "Telegram edit interval", "Operations", "number", "Minimum edit interval.", true),
+    setting("TELEGRAM_CLI_MIRROR_MODE", "CLI mirror mode", "Operations", "string", "off, status, final, or full.", false, ["off", "status", "final", "full"]),
+    setting("TELEGRAM_CLI_MIRROR_MIN_UPDATE_MS", "CLI mirror update interval", "Operations", "number", "Minimum mirrored edit interval.", true),
+    setting("TELEGRAM_NOTIFY_MODE", "Notify mode", "Operations", "string", "off, minimal, or all.", false, ["off", "minimal", "all"]),
+    setting("TELEGRAM_QUIET_HOURS", "Quiet hours", "Operations", "string", "HH-HH or blank.", false),
+    setting("TELEGRAM_REDACT_PATTERNS", "Redaction patterns", "Operations", "list", "Additional comma-separated regex patterns.", true),
+    setting("NORDRELAY_UPDATE_METHOD", "Update method", "Operations", "string", "auto, npm, or git.", true, ["auto", "npm", "git"]),
+    setting("MAX_FILE_SIZE", "Max file size", "Artifacts", "number", "Max inbound/outbound file size.", true),
+    setting("ARTIFACT_RETENTION_DAYS", "Artifact retention days", "Artifacts", "number", "Days before pruning.", true),
+    setting("ARTIFACT_MAX_TURNS", "Max artifact turns", "Artifacts", "number", "Maximum artifact turns retained.", true),
+    setting("ARTIFACT_MAX_INBOX_DIRS", "Max inbox dirs", "Artifacts", "number", "Maximum inbox dirs retained.", true),
+    setting("ARTIFACT_IGNORE_DIRS", "Artifact ignore dirs", "Artifacts", "list", "Extra ignored dirs or relative paths.", true),
+    setting("ARTIFACT_IGNORE_GLOBS", "Artifact ignore globs", "Artifacts", "list", "Extra ignored glob patterns.", true),
+    setting("TELEGRAM_AUTO_SEND_ARTIFACTS", "Auto-send artifacts", "Artifacts", "boolean", "Automatically send artifact files.", false),
+    setting("WORKSPACE_ALLOWED_ROOTS", "Workspace allowed roots", "Workspace", "list", "Restrict selectable workspaces.", true),
+    setting("WORKSPACE_WARN_ROOTS", "Workspace warn roots", "Workspace", "list", "Warn for broad workspace roots.", true),
+    setting("NORDRELAY_STATE_BACKEND", "State backend", "Workspace", "string", "json or sqlite.", true, ["json", "sqlite"]),
+    setting("NORDRELAY_AUDIT_MAX_EVENTS", "Audit max events", "Workspace", "number", "Retained audit events.", true),
+    setting("NORDRELAY_SESSION_LOCK_TTL_MS", "Session lock TTL", "Workspace", "number", "Write-lock TTL.", true),
+    setting("NORDRELAY_VERSION_CACHE_TTL_MS", "Version cache TTL", "Workspace", "number", "NPM version cache TTL.", true),
+    setting("OPENAI_API_KEY", "OpenAI API key", "Voice", "secret", "Whisper fallback API key.", true),
+    setting("VOICE_PREFERRED_BACKEND", "Voice backend", "Voice", "string", "auto, parakeet, faster-whisper, or openai.", false, ["auto", "parakeet", "faster-whisper", "openai"]),
+    setting("VOICE_DEFAULT_LANGUAGE", "Voice language", "Voice", "string", "Default transcription language.", false),
+    setting("VOICE_TRANSCRIBE_ONLY", "Voice transcribe only", "Voice", "boolean", "Do not send voice transcripts as prompts.", false),
+    setting("FASTER_WHISPER_PYTHON", "faster-whisper Python", "Voice", "string", "Python executable.", true),
+    setting("FASTER_WHISPER_MODEL", "faster-whisper model", "Voice", "string", "Model name.", true),
+    setting("FASTER_WHISPER_DEVICE", "faster-whisper device", "Voice", "string", "cpu, cuda, etc.", true),
+    setting("FASTER_WHISPER_COMPUTE_TYPE", "faster-whisper compute type", "Voice", "string", "int8, float16, etc.", true),
+    setting("FASTER_WHISPER_LANGUAGE", "faster-whisper language", "Voice", "string", "Fixed transcription language.", true),
+    setting("FASTER_WHISPER_TIMEOUT_MS", "faster-whisper timeout", "Voice", "number", "Transcription timeout.", true),
+    setting("NORDRELAY_DASHBOARD_HOST", "Dashboard host", "Dashboard", "string", "WebUI bind host.", true),
+    setting("NORDRELAY_DASHBOARD_PORT", "Dashboard port", "Dashboard", "number", "WebUI bind port.", true),
+    setting("NORDRELAY_ENV_FILE", "Env file path", "Dashboard", "string", "Optional explicit env-file path used by the CLI wrapper and dashboard.", true),
+];
+const EXAMPLE_VALUES = {
+    "TELEGRAM_BOT_TOKEN": "123456789:replace-me",
+    "NORDRELAY_CODEX_ENABLED": "true",
+    "NORDRELAY_PI_ENABLED": "false",
+    "NORDRELAY_HERMES_ENABLED": "false",
+    "NORDRELAY_OPENCLAW_ENABLED": "false",
+    "NORDRELAY_CLAUDE_CODE_ENABLED": "false",
+    "NORDRELAY_DEFAULT_AGENT": "codex",
+    "CODEX_API_KEY": "",
+    "CODEX_CLI_PATH": "",
+    "CODEX_USE_BUNDLED_CLI": "false",
+    "CODEX_MODEL": "",
+    "CODEX_SYNC_INTERVAL_MS": "10000",
+    "CODEX_EXTERNAL_BUSY_CHECK_MS": "5000",
+    "CODEX_EXTERNAL_BUSY_STALE_MS": "300000",
+    "CODEX_SANDBOX_MODE": "workspace-write",
+    "CODEX_APPROVAL_POLICY": "never",
+    "CODEX_LAUNCH_PROFILES_JSON": "",
+    "CODEX_DEFAULT_LAUNCH_PROFILE": "default",
+    "ENABLE_UNSAFE_LAUNCH_PROFILES": "false",
+    "PI_CLI_PATH": "",
+    "PI_SESSION_DIR": "",
+    "PI_DEFAULT_MODEL": "",
+    "PI_DEFAULT_THINKING": "medium",
+    "PI_DEFAULT_PROFILE": "default",
+    "HERMES_CLI_PATH": "",
+    "HERMES_HOME": "",
+    "HERMES_STATE_DB_PATH": "",
+    "HERMES_API_BASE_URL": "http://127.0.0.1:8642",
+    "HERMES_API_KEY": "",
+    "HERMES_DEFAULT_MODEL": "",
+    "HERMES_DEFAULT_REASONING": "",
+    "HERMES_DEFAULT_PROFILE": "default",
+    "OPENCLAW_CLI_PATH": "",
+    "OPENCLAW_GATEWAY_URL": "ws://127.0.0.1:18789",
+    "OPENCLAW_GATEWAY_TOKEN": "",
+    "OPENCLAW_GATEWAY_PASSWORD": "",
+    "OPENCLAW_AGENT_ID": "main",
+    "OPENCLAW_HOME": "",
+    "OPENCLAW_STATE_DIR": "",
+    "OPENCLAW_DEFAULT_MODEL": "",
+    "OPENCLAW_DEFAULT_THINKING": "",
+    "OPENCLAW_DEFAULT_PROFILE": "default",
+    "CLAUDE_CODE_CLI_PATH": "",
+    "CLAUDE_CONFIG_DIR": "",
+    "CLAUDE_CODE_DEFAULT_MODEL": "",
+    "CLAUDE_CODE_DEFAULT_EFFORT": "",
+    "CLAUDE_CODE_DEFAULT_PROFILE": "default",
+    "CLAUDE_CODE_MAX_TURNS": "100",
+    "CONNECTOR_LOG_FORMAT": "text",
+    "TOOL_VERBOSITY": "summary",
+    "SHOW_TURN_TOKEN_USAGE": "false",
+    "ENABLE_TELEGRAM_LOGIN": "true",
+    "ENABLE_TELEGRAM_REACTIONS": "false",
+    "TELEGRAM_RATE_LIMIT_MIN_INTERVAL_MS": "80",
+    "TELEGRAM_EDIT_MIN_INTERVAL_MS": "1200",
+    "TELEGRAM_TRANSPORT": "polling",
+    "TELEGRAM_WEBHOOK_URL": "",
+    "TELEGRAM_WEBHOOK_HOST": "127.0.0.1",
+    "TELEGRAM_WEBHOOK_PORT": "8080",
+    "TELEGRAM_WEBHOOK_PATH": "/telegram/webhook",
+    "TELEGRAM_WEBHOOK_SECRET": "",
+    "TELEGRAM_CLI_MIRROR_MODE": "status",
+    "TELEGRAM_CLI_MIRROR_MIN_UPDATE_MS": "4000",
+    "TELEGRAM_NOTIFY_MODE": "minimal",
+    "TELEGRAM_QUIET_HOURS": "",
+    "TELEGRAM_REDACT_PATTERNS": "",
+    "MAX_FILE_SIZE": "20971520",
+    "ARTIFACT_RETENTION_DAYS": "7",
+    "ARTIFACT_MAX_TURNS": "30",
+    "ARTIFACT_MAX_INBOX_DIRS": "30",
+    "ARTIFACT_IGNORE_DIRS": "",
+    "ARTIFACT_IGNORE_GLOBS": "",
+    "TELEGRAM_AUTO_SEND_ARTIFACTS": "false",
+    "NORDRELAY_STATE_BACKEND": "json",
+    "NORDRELAY_AUDIT_MAX_EVENTS": "1000",
+    "NORDRELAY_SESSION_LOCK_TTL_MS": "1800000",
+    "NORDRELAY_VERSION_CACHE_TTL_MS": "3600000",
+    "NORDRELAY_DASHBOARD_HOST": "127.0.0.1",
+    "NORDRELAY_DASHBOARD_PORT": "31878",
+    "NORDRELAY_ENV_FILE": "",
+    "WORKSPACE_ALLOWED_ROOTS": "",
+    "WORKSPACE_WARN_ROOTS": "",
+    "OPENAI_API_KEY": "",
+    "VOICE_PREFERRED_BACKEND": "auto",
+    "VOICE_DEFAULT_LANGUAGE": "",
+    "VOICE_TRANSCRIBE_ONLY": "false",
+    "FASTER_WHISPER_PYTHON": ".venv/bin/python",
+    "FASTER_WHISPER_MODEL": "base",
+    "FASTER_WHISPER_DEVICE": "cpu",
+    "FASTER_WHISPER_COMPUTE_TYPE": "int8",
+    "FASTER_WHISPER_LANGUAGE": "",
+    "FASTER_WHISPER_TIMEOUT_MS": "600000",
+};
+const GROUP_INTROS = {
+    Telegram: "Required Telegram bot and transport settings.",
+    Agents: "Agent access. Codex is enabled by default; Pi, Hermes, OpenClaw, and Claude Code are opt-in.",
+    Codex: "Codex defaults for newly created or reattached sessions.",
+    Pi: "Pi coding agent defaults.",
+    Hermes: "Hermes Agent defaults. Hermes uses the Hermes API Server.",
+    OpenClaw: "OpenClaw Agent defaults. OpenClaw uses the OpenClaw Gateway WebSocket RPC endpoint.",
+    "Claude Code": "Claude Code defaults. NordRelay uses the Claude Agent SDK and the host claude CLI when present.",
+    Operations: "Runtime output, logging, update, and Telegram behavior controls.",
+    Artifacts: "File, artifact, and retention controls.",
+    Workspace: "State and workspace guardrails.",
+    Voice: "Optional voice transcription settings.",
+    Dashboard: "Local WebUI dashboard. User login is required for every page, API route, SSE stream, artifact download, and health endpoint.",
+};
+export function envExampleValue(key) {
+    return EXAMPLE_VALUES[key] ?? "";
+}
+export function renderEnvExample() {
+    const lines = [
+        "# NordRelay runtime config example.",
+        "# Access is managed with NordRelay users, groups, linked Telegram identities, and enabled Telegram group chats.",
+        "# Create the first admin with `nordrelay init` or `nordrelay user create-admin`.",
+    ];
+    let currentGroup = "";
+    for (const definition of SETTING_DEFINITIONS) {
+        if (definition.group !== currentGroup) {
+            currentGroup = definition.group;
+            lines.push('', `# ${currentGroup}`, `# ${GROUP_INTROS[currentGroup] ?? definition.description}`);
+        }
+        lines.push(`# ${definition.description}`);
+        if (definition.options?.length) {
+            lines.push(`# Options: ${definition.options.join(", ")}`);
+        }
+        lines.push(`${definition.key}=${envExampleValue(definition.key)}`);
+    }
+    return `${lines.join('\n')}\n`;
+}
+function setting(key, label, group, kind, description, restartRequired, options) {
+    return { key, label, group, kind, description, restartRequired, options };
+}

package/dist/config.js

@@ -2,21 +2,10 @@ import { existsSync, readFileSync } from "node:fs";
 import path from "node:path";
 import { createBuiltinLaunchProfiles, createDefaultLaunchProfile, findLaunchProfile, isCodexApprovalPolicy, isCodexSandboxMode, parseLaunchProfilesJson, } from "./codex-launch.js";
 import { CLAUDE_CODE_EFFORT_LEVELS, HERMES_REASONING_EFFORTS, OPENCLAW_THINKING_LEVELS, isAgentId, PI_THINKING_LEVELS, } from "./agent.js";
-import { parseRolePoliciesJson, } from "./access-control.js";
 import { parseMirrorMode, parseNotifyMode, parseQuietHours, parseVoiceBackendPreference, } from "./bot-preferences.js";
 export function loadConfig() {
     loadEnvFile(path.resolve(process.cwd(), ".env"));
     const telegramBotToken = requireEnv("TELEGRAM_BOT_TOKEN");
-    const telegramAllowAnyChat = parseBooleanEnv(optionalString(process.env.TELEGRAM_ALLOW_ANY_CHAT), false);
-    const configuredAllowedUserIds = parseOptionalIdList(optionalString(process.env.TELEGRAM_ALLOWED_USER_IDS), "TELEGRAM_ALLOWED_USER_IDS", { positiveOnly: true });
-    const telegramAllowedChatIds = parseOptionalIdList(optionalString(process.env.TELEGRAM_ALLOWED_CHAT_IDS), "TELEGRAM_ALLOWED_CHAT_IDS", { positiveOnly: false });
-    const configuredAdminUserIds = parseOptionalIdList(optionalString(process.env.TELEGRAM_ADMIN_USER_IDS), "TELEGRAM_ADMIN_USER_IDS", { positiveOnly: true });
-    ensureTelegramAdminIds(configuredAdminUserIds);
-    const telegramAllowedUserIds = mergeUniqueIds(configuredAllowedUserIds, configuredAdminUserIds);
-    const telegramReadOnlyUserIds = parseOptionalIdList(optionalString(process.env.TELEGRAM_READONLY_USER_IDS), "TELEGRAM_READONLY_USER_IDS", { positiveOnly: true });
-    const telegramRolePolicies = parseRolePoliciesJson(optionalString(process.env.TELEGRAM_ROLE_POLICIES_JSON));
-    ensureTelegramAllowlist(telegramAllowedUserIds, telegramAllowedChatIds, telegramAllowAnyChat);
-    const telegramAdminUserIds = configuredAdminUserIds;
     const telegramRateLimitMinIntervalMs = parseNonNegativeIntegerEnv(optionalString(process.env.TELEGRAM_RATE_LIMIT_MIN_INTERVAL_MS), 80, "TELEGRAM_RATE_LIMIT_MIN_INTERVAL_MS");
     const telegramEditMinIntervalMs = parseNonNegativeIntegerEnv(optionalString(process.env.TELEGRAM_EDIT_MIN_INTERVAL_MS), 1_200, "TELEGRAM_EDIT_MIN_INTERVAL_MS");
     const telegramMirrorMode = parseMirrorMode(optionalString(process.env.TELEGRAM_CLI_MIRROR_MODE), "status");
@@ -102,16 +91,6 @@ export function loadConfig() {
     }
     return {
         telegramBotToken,
-        telegramAllowedUserIds,
-        telegramAllowedUserIdSet: new Set(telegramAllowedUserIds),
-        telegramAllowedChatIds,
-        telegramAllowedChatIdSet: new Set(telegramAllowedChatIds),
-        telegramAdminUserIds,
-        telegramAdminUserIdSet: new Set(telegramAdminUserIds),
-        telegramReadOnlyUserIds,
-        telegramReadOnlyUserIdSet: new Set(telegramReadOnlyUserIds),
-        telegramRolePolicies,
-        telegramAllowAnyChat,
         telegramRateLimitMinIntervalMs,
         telegramEditMinIntervalMs,
         telegramMirrorMode,
@@ -245,26 +224,6 @@ function optionalString(value) {
     const trimmed = value?.trim();
     return trimmed ? trimmed : undefined;
 }
-function parseOptionalIdList(raw, envName, options) {
-    if (!raw) {
-        return [];
-    }
-    const ids = raw
-        .split(",")
-        .map((value) => value.trim())
-        .filter(Boolean)
-        .map((value) => {
-        const parsed = Number(value);
-        if (!Number.isInteger(parsed) || (options.positiveOnly ? parsed <= 0 : parsed === 0)) {
-            throw new Error(`Invalid Telegram id in ${envName}: ${value}`);
-        }
-        return parsed;
-    });
-    if (raw.trim() && ids.length === 0) {
-        throw new Error(`${envName} must contain at least one id`);
-    }
-    return ids;
-}
 function parseOptionalStringList(raw) {
     if (!raw) {
         return [];
@@ -277,23 +236,6 @@ function parseOptionalStringList(raw) {
 function parsePathList(raw) {
     return parseOptionalStringList(raw).map((value) => path.resolve(value));
 }
-function ensureTelegramAllowlist(userIds, chatIds, allowAnyChat) {
-    if (allowAnyChat) {
-        return;
-    }
-    if (userIds.length > 0 || chatIds.length > 0) {
-        return;
-    }
-    throw new Error("TELEGRAM_ALLOWED_USER_IDS or TELEGRAM_ALLOWED_CHAT_IDS must contain at least one id");
-}
-function ensureTelegramAdminIds(userIds) {
-    if (userIds.length === 0) {
-        throw new Error("TELEGRAM_ADMIN_USER_IDS must contain at least one id");
-    }
-}
-function mergeUniqueIds(...groups) {
-    return Array.from(new Set(groups.flat()));
-}
 function parseBooleanEnv(raw, defaultValue) {
     if (!raw) {
         return defaultValue;

package/dist/index.js

@@ -20,6 +20,7 @@ import { checkPiAuthStatus } from "./pi-auth.js";
 import { describePiCli, resolvePiCli } from "./pi-cli.js";
 import { configureRedaction } from "./redaction.js";
 import { SessionRegistry } from "./session-registry.js";
+import { UserStore } from "./user-management.js";
 let registry;
 let bot;
 let webhookServer;
@@ -33,6 +34,13 @@ try {
     bot = createBot(config, registry);
     await registerCommands(bot);
     console.log("NordRelay running");
+    const userStore = new UserStore();
+    if (userStore.hasAdminUser()) {
+        console.log("User management: admin user configured");
+    }
+    else {
+        console.warn("Warning: no NordRelay admin user exists. Run `nordrelay user create-admin` to enable WebUI and Telegram access.");
+    }
     const authStatus = await checkDefaultAgentAuth(config);
     console.log(`Auth (${agentLabel(config.defaultAgent)}): ${authStatus.authenticated ? "authenticated" : "not authenticated"} (${authStatus.method})`);
     if (!authStatus.authenticated) {

package/dist/relay-runtime.js

@@ -39,6 +39,7 @@ export class RelayRuntime {
     subscribers = new Set();
     externalMonitor;
     draining = false;
+    externalMonitorRunning = false;
     currentTurnId = null;
     accumulatedText = "";
     currentTurnStartedAt = 0;
@@ -60,7 +61,7 @@ export class RelayRuntime {
         });
         if (config.codexExternalBusyCheckMs > 0) {
             this.externalMonitor = setInterval(() => {
-                void this.monitorExternalActivity().catch((error) => this.broadcastStatus(friendlyErrorText(error), "error"));
+                void this.monitorExternalActivitySafe();
             }, config.codexExternalBusyCheckMs);
             this.externalMonitor.unref?.();
         }
@@ -161,6 +162,18 @@ export class RelayRuntime {
     agentUpdateLog(id) {
         return this.agentUpdates.readLog(id);
     }
+    deleteAgentUpdateLog(id) {
+        const job = this.agentUpdates.deleteLog(id);
+        this.appendAudit({
+            action: "command",
+            status: "ok",
+            contextKey: WEB_CONTEXT_KEY,
+            agentId: job.agentId,
+            description: `delete update log ${id}`,
+            detail: job.logPath,
+        });
+        return job;
+    }
     sendAgentUpdateInput(id, input) {
         return this.agentUpdates.sendInput(id, input);
     }
@@ -224,12 +237,8 @@ export class RelayRuntime {
     }
     permissions() {
         return {
-            telegramAllowAnyChat: this.config.telegramAllowAnyChat,
-            telegramAdminUserIds: this.config.telegramAdminUserIds,
-            telegramAllowedUserIds: this.config.telegramAllowedUserIds,
-            telegramReadOnlyUserIds: this.config.telegramReadOnlyUserIds,
-            telegramAllowedChatIds: this.config.telegramAllowedChatIds,
-            telegramRolePolicies: this.config.telegramRolePolicies,
+            mode: "users",
+            message: "Access is managed by NordRelay users, groups, Telegram identities, and Telegram chat access records.",
         };
     }
     tasks() {
@@ -450,7 +459,8 @@ export class RelayRuntime {
         return { removed, messages };
     }
     activity(options = {}) {
-        return this.activityStore.list(options).map((event) => this.enrichActivityEvent(event));
+        const currentInfo = this.registry.get(WEB_CONTEXT_KEY)?.getInfo();
+        return this.activityStore.list(options).map((event) => this.enrichActivityEvent(event, currentInfo));
     }
     async retry() {
         const cached = this.promptStore.getLastPrompt(WEB_CONTEXT_KEY);
@@ -1008,6 +1018,21 @@ export class RelayRuntime {
         }
         mirror.lastLine = Math.max(mirror.lastLine, snapshot.lineCount);
     }
+    async monitorExternalActivitySafe() {
+        if (this.externalMonitorRunning) {
+            return;
+        }
+        this.externalMonitorRunning = true;
+        try {
+            await this.monitorExternalActivity();
+        }
+        catch (error) {
+            this.broadcastStatus(friendlyErrorText(error), "error");
+        }
+        finally {
+            this.externalMonitorRunning = false;
+        }
+    }
     startExternalTurn(snapshot) {
         const prompt = snapshot.latestUserMessage ?? `${snapshot.agentLabel} CLI task`;
         this.chatStore.append({
@@ -1346,11 +1371,10 @@ export class RelayRuntime {
     enrichActivityInput(input) {
         return this.enrichActivityFields(input);
     }
-    enrichActivityEvent(event) {
-        return this.enrichActivityFields(event);
+    enrichActivityEvent(event, info) {
+        return this.enrichActivityFields(event, info);
     }
-    enrichActivityFields(event) {
-        const info = this.registry.get(WEB_CONTEXT_KEY)?.getInfo();
+    enrichActivityFields(event, info) {
         if (!info) {
             return !event.threadId && !event.workspace ? { ...event, workspace: this.config.workspace } : event;
         }