@openape/cli 0.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 openape-ai
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,53 @@
+# @openape/cli
+
+Install and manage OpenApe components.
+
+## Usage
+
+```bash
+# Install the HTTP proxy (grant-controlled outbound traffic)
+sudo npx @openape/cli install-proxy
+
+# Install apes (privilege elevation via grants)
+sudo npx @openape/cli install-sudo
+```
+
+## Commands
+
+### `install-proxy`
+
+Installs the OpenApe HTTP proxy as a system service:
+
+- Creates `/etc/openape-proxy/config.toml` (root-only, `600`)
+- Downloads proxy source to `/opt/openape-proxy`
+- Sets up launchd (macOS) or systemd (Linux) service
+- Starts the proxy
+
+The proxy runs as a system service. Agents send HTTP requests through it.
+The config is **not accessible to agents** — only root can modify it.
+
+### `install-sudo`
+
+Builds and installs `apes` (OpenApe Sudo):
+
+- Builds from source via Cargo (Rust toolchain required)
+- Installs to `/usr/local/bin/apes` with setuid bit
+- Creates `/etc/apes/config.toml` (root-only, `600`)
+
+After installation, register the agent on the IdP with `apes enroll`.
+
+## Security
+
+Both installers create root-owned config files that agents cannot modify.
+This is by design — the security boundary between agent and config must be
+enforced by the OS file permission system.
+
+| Path | Owner | Mode | Purpose |
+|------|-------|------|---------|
+| `/etc/openape-proxy/config.toml` | root | `600` | Proxy rules |
+| `/etc/apes/config.toml` | root | `600` | apes config |
+| `/usr/local/bin/apes` | root | `4755` (setuid) | Privilege elevation |
+
+## License
+
+MIT

package/package.json

@@ -0,0 +1,50 @@
+{
+  "name": "@openape/cli",
+  "version": "0.1.0",
+  "description": "OpenApe CLI — install and manage OpenApe components (proxy, sudo, auth)",
+  "type": "module",
+  "bin": {
+    "openape": "./src/index.ts"
+  },
+  "scripts": {
+    "start": "bun run src/index.ts",
+    "typecheck": "tsc --noEmit"
+  },
+  "keywords": [
+    "openape",
+    "security",
+    "proxy",
+    "sudo",
+    "grants",
+    "agent",
+    "ai",
+    "auth",
+    "passkey",
+    "webauthn"
+  ],
+  "author": "Patrick Hofmann <patrick@hofmann.eco>",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/openape-ai/cli.git"
+  },
+  "homepage": "https://openape.at",
+  "bugs": {
+    "url": "https://github.com/openape-ai/cli/issues"
+  },
+  "dependencies": {
+    "smol-toml": "^1.3.0"
+  },
+  "devDependencies": {
+    "@types/node": "^22.0.0",
+    "typescript": "^5.7.0"
+  },
+  "engines": {
+    "node": ">=18"
+  },
+  "files": [
+    "src/",
+    "README.md",
+    "LICENSE"
+  ]
+}

package/src/commands/install-proxy.ts

@@ -0,0 +1,205 @@
+import { existsSync } from 'node:fs'
+import { execSync } from 'node:child_process'
+import { ask, closePrompt, requireRoot, ensureDir, writeSecureFile, isMacOS, isLinux, run } from '../utils.js'
+
+const CONFIG_DIR = '/etc/openape-proxy'
+const CONFIG_PATH = `${CONFIG_DIR}/config.toml`
+const LAUNCHD_LABEL = 'ai.openape.proxy'
+const LAUNCHD_PLIST = `/Library/LaunchDaemons/${LAUNCHD_LABEL}.plist`
+const SYSTEMD_UNIT = '/etc/systemd/system/openape-proxy.service'
+
+export async function installProxy(): Promise<void> {
+  requireRoot()
+
+  console.log('\n🐾 OpenApe Proxy Installer\n')
+
+  // Check if bun is available
+  try {
+    run('which bun')
+  } catch {
+    throw new Error('Bun is required but not found. Install it: https://bun.sh')
+  }
+
+  // Check if already installed
+  if (existsSync(CONFIG_PATH)) {
+    const overwrite = await ask('Config already exists. Overwrite?', 'n')
+    if (overwrite.toLowerCase() !== 'y') {
+      console.log('Aborted.')
+      closePrompt()
+      return
+    }
+  }
+
+  // Gather config
+  const idpUrl = await ask('IdP URL', 'https://id.test.openape.at')
+  const agentEmail = await ask('Agent email')
+  const listen = await ask('Listen address', '127.0.0.1:9090')
+  const defaultAction = await ask('Default action (block/request/request-async)', 'block')
+  const auditLog = await ask('Audit log path', '/var/log/openape-proxy/audit.log')
+
+  console.log('\nConfiguring rules...')
+  console.log('(You can edit the config later at ' + CONFIG_PATH + ')\n')
+
+  // Generate config
+  const config = `# OpenApe Proxy Configuration
+# Generated by: openape install-proxy
+# Edit this file to add/remove rules. Restart the service after changes.
+
+[proxy]
+listen = "${listen}"
+idp_url = "${idpUrl}"
+agent_email = "${agentEmail}"
+default_action = "${defaultAction}"
+audit_log = "${auditLog}"
+
+# Example rules — customize these for your use case:
+
+# [[allow]]
+# domain = "api.github.com"
+# methods = ["GET"]
+# note = "GitHub API read-only"
+
+# [[deny]]
+# domain = "*.malware.example.com"
+# note = "Known bad domain"
+
+# [[grant_required]]
+# domain = "api.github.com"
+# methods = ["POST", "PUT", "DELETE"]
+# grant_type = "allow_once"
+# note = "GitHub API write operations need approval"
+`
+
+  // Write config
+  ensureDir(CONFIG_DIR, 0o700)
+  writeSecureFile(CONFIG_PATH, config)
+  console.log(`✅ Config written to ${CONFIG_PATH}`)
+
+  // Create audit log directory
+  const auditDir = auditLog.substring(0, auditLog.lastIndexOf('/'))
+  if (auditDir) {
+    ensureDir(auditDir, 0o755)
+    console.log(`✅ Audit log directory created: ${auditDir}`)
+  }
+
+  // Install proxy source
+  const installDir = '/opt/openape-proxy'
+  ensureDir(installDir, 0o755)
+
+  // Clone or update proxy source
+  if (existsSync(`${installDir}/package.json`)) {
+    console.log('Updating proxy source...')
+    execSync(`cd ${installDir} && git pull`, { stdio: 'inherit' })
+  } else {
+    console.log('Downloading proxy source...')
+    execSync(`git clone https://github.com/openape-ai/proxy.git ${installDir}`, { stdio: 'inherit' })
+  }
+
+  // Install dependencies
+  console.log('Installing dependencies...')
+  execSync(`cd ${installDir} && bun install`, { stdio: 'inherit' })
+
+  // Set up system service
+  if (isMacOS()) {
+    await setupLaunchd(installDir)
+  } else if (isLinux()) {
+    await setupSystemd(installDir)
+  } else {
+    console.log('\n⚠️  Unsupported platform for service setup. Start manually:')
+    console.log(`   cd ${installDir} && bun run src/index.ts --config ${CONFIG_PATH}`)
+  }
+
+  closePrompt()
+
+  console.log('\n🎉 OpenApe Proxy installed!\n')
+  console.log(`   Config:    ${CONFIG_PATH}`)
+  console.log(`   Proxy:     ${installDir}`)
+  console.log(`   Audit log: ${auditLog}`)
+  console.log(`   Listening: ${listen}`)
+  console.log(`\n   Edit ${CONFIG_PATH} to configure rules.`)
+  console.log(`   The proxy must be restarted after config changes.\n`)
+
+  // Quick test
+  try {
+    const port = listen.split(':')[1] || '9090'
+    const host = listen.split(':')[0] || '127.0.0.1'
+    const res = execSync(`curl -s http://${host}:${port}/healthz`, { timeout: 3000, encoding: 'utf-8' })
+    console.log(`   Health check: ${res}`)
+  } catch {
+    console.log('   ⚠️  Health check failed — service may still be starting.')
+  }
+}
+
+async function setupLaunchd(installDir: string): Promise<void> {
+  const bunPath = run('which bun')
+
+  const plist = `<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+    <key>Label</key>
+    <string>${LAUNCHD_LABEL}</string>
+    <key>ProgramArguments</key>
+    <array>
+        <string>${bunPath}</string>
+        <string>run</string>
+        <string>${installDir}/src/index.ts</string>
+        <string>--config</string>
+        <string>${CONFIG_PATH}</string>
+    </array>
+    <key>RunAtLoad</key>
+    <true/>
+    <key>KeepAlive</key>
+    <true/>
+    <key>StandardOutPath</key>
+    <string>/var/log/openape-proxy/stdout.log</string>
+    <key>StandardErrorPath</key>
+    <string>/var/log/openape-proxy/stderr.log</string>
+    <key>WorkingDirectory</key>
+    <string>${installDir}</string>
+</dict>
+</plist>`
+
+  writeSecureFile(LAUNCHD_PLIST, plist, 0o644)
+  console.log(`✅ launchd service created: ${LAUNCHD_LABEL}`)
+
+  // Stop if already running
+  try { execSync(`launchctl unload ${LAUNCHD_PLIST}`, { stdio: 'ignore' }) } catch {}
+
+  execSync(`launchctl load ${LAUNCHD_PLIST}`)
+  console.log('✅ Service started')
+}
+
+async function setupSystemd(installDir: string): Promise<void> {
+  const bunPath = run('which bun')
+
+  const unit = `[Unit]
+Description=OpenApe HTTP Proxy
+After=network.target
+
+[Service]
+Type=simple
+ExecStart=${bunPath} run ${installDir}/src/index.ts --config ${CONFIG_PATH}
+WorkingDirectory=${installDir}
+Restart=on-failure
+RestartSec=5
+StandardOutput=journal
+StandardError=journal
+
+# Security hardening
+NoNewPrivileges=true
+ProtectSystem=strict
+ProtectHome=true
+ReadOnlyPaths=/
+ReadWritePaths=/var/log/openape-proxy
+
+[Install]
+WantedBy=multi-user.target
+`
+
+  writeSecureFile(SYSTEMD_UNIT, unit, 0o644)
+  execSync('systemctl daemon-reload')
+  execSync('systemctl enable openape-proxy')
+  execSync('systemctl start openape-proxy')
+  console.log('✅ systemd service created and started: openape-proxy')
+}

package/src/commands/install-sudo.ts

@@ -0,0 +1,102 @@
+import { existsSync } from 'node:fs'
+import { execSync } from 'node:child_process'
+import { arch, platform } from 'node:os'
+import { ask, closePrompt, requireRoot, ensureDir, writeSecureFile, run } from '../utils.js'
+
+const CONFIG_DIR = '/etc/apes'
+const CONFIG_PATH = `${CONFIG_DIR}/config.toml`
+const BIN_PATH = '/usr/local/bin/apes'
+
+export async function installSudo(): Promise<void> {
+  requireRoot()
+
+  console.log('\n🐾 OpenApe Sudo (apes) Installer\n')
+
+  // Check if already installed
+  if (existsSync(BIN_PATH)) {
+    const overwrite = await ask('apes is already installed. Reinstall?', 'n')
+    if (overwrite.toLowerCase() !== 'y') {
+      console.log('Aborted.')
+      closePrompt()
+      return
+    }
+  }
+
+  // Check for Rust toolchain
+  let hasCargo = false
+  try {
+    run('cargo --version')
+    hasCargo = true
+  } catch {}
+
+  if (!hasCargo) {
+    console.log('⚠️  Rust/Cargo not found. Checking for pre-built binary...')
+    // TODO: download pre-built binary from GitHub releases
+    throw new Error(
+      'Rust toolchain required to build apes. Install it: https://rustup.rs\n' +
+      'Pre-built binaries will be available in a future release.'
+    )
+  }
+
+  // Build from source
+  const buildDir = '/tmp/openape-sudo-build'
+  if (existsSync(`${buildDir}/.git`)) {
+    console.log('Updating source...')
+    execSync(`cd ${buildDir} && git pull`, { stdio: 'inherit' })
+  } else {
+    console.log('Downloading source...')
+    execSync(`rm -rf ${buildDir}`, { stdio: 'ignore' })
+    execSync(`git clone https://github.com/openape-ai/sudo.git ${buildDir}`, { stdio: 'inherit' })
+  }
+
+  console.log('Building apes (release mode)...')
+  execSync(`cd ${buildDir} && cargo build --release`, { stdio: 'inherit' })
+
+  // Install binary with setuid
+  execSync(`cp ${buildDir}/target/release/apes ${BIN_PATH}`)
+  execSync(`chown root:wheel ${BIN_PATH}`)
+  execSync(`chmod u+s ${BIN_PATH}`)
+  console.log(`✅ apes installed at ${BIN_PATH} (setuid root)`)
+
+  // Config setup
+  if (existsSync(CONFIG_PATH)) {
+    const overwriteConfig = await ask('Config already exists. Overwrite?', 'n')
+    if (overwriteConfig.toLowerCase() !== 'y') {
+      closePrompt()
+      console.log('\n🎉 apes binary updated! Existing config preserved.\n')
+      return
+    }
+  }
+
+  const serverUrl = await ask('IdP URL', 'https://id.test.openape.at')
+  const timeoutSecs = await ask('Poll timeout (seconds)', '300')
+  const intervalSecs = await ask('Poll interval (seconds)', '2')
+
+  const config = `# OpenApe Sudo (apes) Configuration
+# Generated by: openape install-sudo
+
+server_url = "${serverUrl}"
+
+# Agent identity is determined by the key passed via --key flag.
+# Each user provides their own key: apes --key ~/.ssh/id_ed25519 -- <command>
+
+[poll]
+interval_secs = ${intervalSecs}
+timeout_secs = ${timeoutSecs}
+`
+
+  ensureDir(CONFIG_DIR, 0o700)
+  writeSecureFile(CONFIG_PATH, config)
+  console.log(`✅ Config written to ${CONFIG_PATH}`)
+
+  closePrompt()
+
+  console.log('\n🎉 apes installed!\n')
+  console.log(`   Binary: ${BIN_PATH} (setuid root)`)
+  console.log(`   Config: ${CONFIG_PATH}`)
+  console.log('\n   Next steps:')
+  console.log('   1. Register this agent on the IdP:')
+  console.log(`      sudo apes enroll --server ${serverUrl} --agent-email <email> --agent-name <name> --key <path>`)
+  console.log('   2. Ask your admin to approve the enrollment')
+  console.log('   3. Use it: apes --key ~/.ssh/id_ed25519 --reason "why" -- <command>\n')
+}

package/src/index.ts

@@ -0,0 +1,47 @@
+#!/usr/bin/env bun
+import { parseArgs } from 'node:util'
+import { installProxy } from './commands/install-proxy.js'
+import { installSudo } from './commands/install-sudo.js'
+
+const command = process.argv[2]
+
+const HELP = `
+OpenApe CLI — install and manage OpenApe components
+
+Usage: openape <command> [options]
+
+Commands:
+  install-proxy    Install and configure the OpenApe HTTP proxy
+  install-sudo     Install and configure apes (privilege elevation)
+  help             Show this help message
+
+Examples:
+  sudo openape install-proxy
+  sudo openape install-sudo
+`
+
+async function main() {
+  switch (command) {
+    case 'install-proxy':
+      await installProxy()
+      break
+    case 'install-sudo':
+      await installSudo()
+      break
+    case 'help':
+    case '--help':
+    case '-h':
+    case undefined:
+      console.log(HELP)
+      process.exit(0)
+    default:
+      console.error(`Unknown command: ${command}`)
+      console.log(HELP)
+      process.exit(1)
+  }
+}
+
+main().catch((err) => {
+  console.error(`\n❌ ${err.message}`)
+  process.exit(1)
+})

package/src/utils.ts

@@ -0,0 +1,63 @@
+import { createInterface } from 'node:readline'
+import { execSync } from 'node:child_process'
+import { existsSync, mkdirSync, writeFileSync, chmodSync, chownSync } from 'node:fs'
+import { platform } from 'node:os'
+
+const rl = createInterface({ input: process.stdin, output: process.stdout })
+
+export function ask(question: string, defaultValue?: string): Promise<string> {
+  const suffix = defaultValue ? ` [${defaultValue}]` : ''
+  return new Promise((resolve) => {
+    rl.question(`${question}${suffix}: `, (answer) => {
+      resolve(answer.trim() || defaultValue || '')
+    })
+  })
+}
+
+export function closePrompt(): void {
+  rl.close()
+}
+
+export function requireRoot(): void {
+  if (process.getuid?.() !== 0) {
+    throw new Error('This command must be run as root (use sudo)')
+  }
+}
+
+export function ensureDir(path: string, mode: number = 0o755): void {
+  if (!existsSync(path)) {
+    mkdirSync(path, { recursive: true })
+  }
+  chmodSync(path, mode)
+}
+
+export function writeSecureFile(path: string, content: string, mode: number = 0o600): void {
+  writeFileSync(path, content, 'utf-8')
+  chmodSync(path, mode)
+  // Ensure root ownership
+  try { chownSync(path, 0, 0) } catch {}
+}
+
+export function run(cmd: string): string {
+  return execSync(cmd, { encoding: 'utf-8' }).trim()
+}
+
+export function isMacOS(): boolean {
+  return platform() === 'darwin'
+}
+
+export function isLinux(): boolean {
+  return platform() === 'linux'
+}
+
+export function serviceExists(name: string): boolean {
+  if (isMacOS()) {
+    return existsSync(`/Library/LaunchDaemons/${name}.plist`)
+  }
+  try {
+    execSync(`systemctl cat ${name}`, { stdio: 'ignore' })
+    return true
+  } catch {
+    return false
+  }
+}