@ouro.bot/cli 0.1.0-alpha.466 → 0.1.0-alpha.467

package/changelog.json

@@ -1,6 +1,14 @@
 {
   "_note": "This changelog is maintained as part of the PR/version-bump workflow. Agent-curated, not auto-generated. Agents read this file directly via read_file to understand what changed between versions.",
   "versions": [
+    {
+      "version": "0.1.0-alpha.467",
+      "changes": [
+        "`ouro dns certificate` can now retrieve the TLS bundle named by a DNS workflow binding and store it as an ordinary workflow-managed vault item without printing private key material.",
+        "DNS workflow bindings now reject unknown certificate sources instead of silently treating typos as Porkbun SSL, while preserving the future `acme-dns-01` shape as an explicit not-yet-implemented source.",
+        "Porkbun record verification now ignores the provider's default priority zero on non-MX records while still treating real MX priority drift as a planned update."
+      ]
+    },
     {
       "version": "0.1.0-alpha.466",
       "changes": [

package/dist/heart/daemon/cli-exec.js

@@ -329,6 +329,7 @@ function agentResolutionFailureMode(command) {
         case "vault.item.set":
         case "vault.item.status":
         case "vault.item.list":
+        case "dns.workflow":
         case "connect":
         case "account.ensure":
         case "mail.import-mbox":
@@ -2177,6 +2178,126 @@ async function executeVaultItemList(command, deps) {
     deps.writeStdout(message);
     return message;
 }
+function resolveWorkflowFilePath(filePath, deps) {
+    return path.isAbsolute(filePath)
+        ? filePath
+        : path.resolve(deps.getRepoCwd?.() ?? process.cwd(), filePath);
+}
+function extractDnsBackupRecords(input) {
+    const value = input;
+    const records = value.plan?.backup?.records ?? value.backup?.records ?? value.records;
+    if (!Array.isArray(records))
+        throw new Error("dns rollback backup does not contain records");
+    return records;
+}
+async function executeDnsWorkflow(command, deps) {
+    const workflow = await Promise.resolve().then(() => __importStar(require("./dns-workflow")));
+    const bindingPath = resolveWorkflowFilePath(command.bindingPath, deps);
+    const binding = workflow.loadDnsWorkflowBinding(JSON.parse(fs.readFileSync(bindingPath, "utf-8")));
+    const store = (0, credential_access_1.getCredentialStore)(command.agent);
+    const reader = {
+        readSecretField: async (item, field) => {
+            const raw = await store.getRawSecret(item, "password");
+            const payload = JSON.parse(raw);
+            const value = [payload.secretFields?.[field], payload[field]]
+                .find((candidate) => typeof candidate === "string" && candidate.trim() !== "");
+            if (!value) {
+                throw new Error(`vault item ${item} is missing required secret field ${field}`);
+            }
+            return value;
+        },
+    };
+    const secrets = await workflow.resolveDnsWorkflowSecrets(binding, reader);
+    const driver = workflow.createPorkbunDnsDriver({ fetchImpl: deps.fetchImpl ?? fetch });
+    if (command.action === "certificate") {
+        if (!binding.certificate)
+            throw new Error("DNS workflow binding does not define a certificate");
+        if (binding.certificate.source !== "porkbun-ssl") {
+            throw new Error(`DNS workflow certificate source ${binding.certificate.source} is not implemented`);
+        }
+        const certificate = await driver.retrieveCertificate({ domain: binding.domain, secrets });
+        const payload = {
+            schemaVersion: 1,
+            updatedAt: providerCliNow(deps).toISOString(),
+            publicFields: {
+                domain: binding.domain,
+                host: binding.certificate.host,
+                source: binding.certificate.source,
+            },
+            secretFields: certificate,
+        };
+        await store.store(binding.certificate.storeItem, {
+            username: binding.certificate.host,
+            password: JSON.stringify(payload),
+            notes: "TLS certificate bundle retrieved by DNS workflow. Notes are for human/agent orientation only; workflow bindings and deploy config remain the machine contract.",
+        });
+        const artifactPayload = workflow.redactDnsWorkflowArtifact({
+            action: command.action,
+            binding,
+            certificate: {
+                host: binding.certificate.host,
+                storeItem: binding.certificate.storeItem,
+                ...certificate,
+            },
+        });
+        if (command.outputPath) {
+            const outputPath = resolveWorkflowFilePath(command.outputPath, deps);
+            fs.mkdirSync(path.dirname(outputPath), { recursive: true });
+            fs.writeFileSync(outputPath, `${JSON.stringify(artifactPayload, null, 2)}\n`, "utf-8");
+        }
+        const message = [
+            `dns certificate for ${binding.domain}`,
+            `driver: ${binding.driver}`,
+            `credential item: vault:${command.agent}:${binding.credentialItem}`,
+            `certificate item: vault:${command.agent}:${binding.certificate.storeItem}`,
+            command.outputPath ? `artifact: ${command.outputPath}` : "artifact: not written",
+            "secret values were not printed",
+        ].join("\n");
+        deps.writeStdout(message);
+        return message;
+    }
+    const currentRecords = await driver.retrieveRecords({ domain: binding.domain, secrets });
+    let plan;
+    if (command.action === "rollback") {
+        const backupPath = command.backupPath;
+        plan = workflow.planDnsRollback({
+            binding,
+            currentRecords,
+            backupRecords: extractDnsBackupRecords(JSON.parse(fs.readFileSync(resolveWorkflowFilePath(backupPath, deps), "utf-8"))),
+        });
+    }
+    else {
+        plan = workflow.planDnsWorkflow({ binding, currentRecords });
+    }
+    const applied = command.action === "apply" || command.action === "rollback"
+        ? await workflow.applyDnsWorkflowPlan({ driver, domain: binding.domain, secrets, plan })
+        : [];
+    const payload = workflow.redactDnsWorkflowArtifact({
+        action: command.action,
+        binding,
+        plan,
+        applied,
+    });
+    if (command.outputPath) {
+        const outputPath = resolveWorkflowFilePath(command.outputPath, deps);
+        fs.mkdirSync(path.dirname(outputPath), { recursive: true });
+        fs.writeFileSync(outputPath, `${JSON.stringify(payload, null, 2)}\n`, "utf-8");
+    }
+    const changed = plan.changes.length;
+    const preserved = plan.preservedRecords.length;
+    const message = [
+        `dns ${command.action} for ${binding.domain}`,
+        `driver: ${binding.driver}`,
+        `credential item: vault:${command.agent}:${binding.credentialItem}`,
+        `changes: ${changed}`,
+        ...(applied.length > 0 ? [`applied: ${applied.length}`] : []),
+        `preserved records: ${preserved}`,
+        command.outputPath ? `artifact: ${command.outputPath}` : "artifact: not written",
+        "secret values were not printed",
+    ].join("\n");
+    deps.writeStdout(message);
+    return message;
+}
 function requirePromptSecret(deps, purpose) {
     if (deps.promptSecret)
         return deps.promptSecret;
@@ -2894,6 +3015,53 @@ function mailroomPrivateKeys(mailroom) {
     const keys = isPlainRecord(mailroom?.privateKeys) ? mailroom.privateKeys : {};
     return Object.fromEntries(Object.entries(keys).filter((entry) => typeof entry[1] === "string"));
 }
+function hostedMailControlConfig(config) {
+    const workSubstrate = isPlainRecord(config.workSubstrate) ? config.workSubstrate : undefined;
+    if (!workSubstrate || stringField(workSubstrate, "mode") !== "hosted")
+        return null;
+    const mailControl = isPlainRecord(workSubstrate.mailControl) ? workSubstrate.mailControl : undefined;
+    const url = mailControl ? stringField(mailControl, "url").replace(/\/+$/, "") : "";
+    const token = mailControl ? (stringField(mailControl, "token") || stringField(mailControl, "adminToken")) : "";
+    if (!url || !token) {
+        throw new Error("hosted workSubstrate.mailControl requires url and token in the agent vault runtime/config item");
+    }
+    return { url, token };
+}
+function cleanHostedMailroomBase(existingMailroom) {
+    const base = { ...(existingMailroom ?? {}) };
+    delete base.registryPath;
+    delete base.storePath;
+    return base;
+}
+function requiredResponseRecord(value, label) {
+    if (!isPlainRecord(value))
+        throw new Error(`Mail Control response missing ${label}`);
+    return value;
+}
+function requiredResponseText(record, key, label) {
+    const value = stringField(record, key);
+    if (!value)
+        throw new Error(`Mail Control response missing ${label}`);
+    return value;
+}
+function responsePrivateKeys(value) {
+    if (!isPlainRecord(value))
+        return {};
+    return Object.fromEntries(Object.entries(value).filter((entry) => typeof entry[0] === "string" && typeof entry[1] === "string" && entry[1].trim().length > 0));
+}
+function requiredHostedKeyIds(body) {
+    return [body.mailbox, body.sourceGrant]
+        .filter(isPlainRecord)
+        .map((record) => stringField(record, "keyId"))
+        .filter((keyId) => keyId.length > 0);
+}
+function assertHostedPrivateKeys(input) {
+    for (const keyId of input.requiredKeyIds) {
+        if (input.keys[keyId])
+            continue;
+        throw new Error(`hosted Mail Control references private mail key ${keyId}, but it was not returned and is not present in ${input.agent}'s vault runtime/config. Repair requires a fresh Mail Control one-time key response or key rotation.`);
+    }
+}
 async function promptDelegatedMailSource(deps, input = {}) {
     if (input.noDelegatedSource)
         return { ownerEmail: "", source: "" };
@@ -2921,8 +3089,11 @@ async function ensureAgentMailroom(agent, input, deps, progressLabel) {
     let stored;
     let mailboxAddress = `${agent.toLowerCase()}@ouro.bot`;
     let sourceAlias = null;
+    let mode = "local";
     let registryPath = path.join(mailStateDir, "registry.json");
     let storePath = mailStateDir;
+    let hostedControlUrl;
+    let blobStoreLabel;
     try {
         progress.startPhase("checking Mailroom runtime config");
         const current = await (0, runtime_credentials_1.refreshRuntimeCredentialConfig)(agent, { preserveCachedOnFailure: true });
@@ -2931,31 +3102,94 @@ async function ensureAgentMailroom(agent, input, deps, progressLabel) {
         }
         const currentConfig = current.ok ? current.config : {};
         const existingMailroom = isPlainRecord(currentConfig.mailroom) ? currentConfig.mailroom : undefined;
+        const hostedConfig = hostedMailControlConfig(currentConfig);
         registryPath = stringField(existingMailroom ?? {}, "registryPath") || registryPath;
         storePath = stringField(existingMailroom ?? {}, "storePath") || storePath;
-        progress.updateDetail("ensuring Mailroom identity");
-        const ensured = (0, core_1.ensureMailboxRegistry)({
-            agentId: agent,
-            registry: readMailroomRegistryFromDisk(registryPath),
-            keys: mailroomPrivateKeys(existingMailroom),
-            ownerEmail: input.ownerEmail || undefined,
-            source: input.source || undefined,
-        });
-        mailboxAddress = ensured.mailboxAddress;
-        sourceAlias = ensured.sourceAlias;
-        fs.mkdirSync(path.dirname(registryPath), { recursive: true });
-        fs.mkdirSync(storePath, { recursive: true });
-        fs.writeFileSync(registryPath, `${JSON.stringify(ensured.registry, null, 2)}\n`, "utf-8");
-        const nextConfig = {
-            ...currentConfig,
-            mailroom: {
-                ...(existingMailroom ?? {}),
-                mailboxAddress,
-                registryPath,
-                storePath,
-                privateKeys: ensured.keys,
-            },
-        };
+        let nextConfig;
+        if (hostedConfig) {
+            progress.updateDetail("calling hosted Mail Control");
+            const fetchImpl = deps.fetchImpl ?? fetch;
+            const response = await fetchImpl(`${hostedConfig.url}/v1/mailboxes/ensure`, {
+                method: "POST",
+                headers: {
+                    authorization: `Bearer ${hostedConfig.token}`,
+                    "content-type": "application/json",
+                },
+                body: JSON.stringify({
+                    agentId: agent,
+                    ...(input.ownerEmail ? { ownerEmail: input.ownerEmail } : {}),
+                    ...(input.source ? { source: input.source } : {}),
+                }),
+            });
+            const body = await response.json();
+            if (!response.ok || body.ok === false) {
+                throw new Error(`hosted Mail Control ensure failed (${response.status}): ${body.error ?? response.statusText}`);
+            }
+            const publicRegistry = requiredResponseRecord(body.publicRegistry, "publicRegistry");
+            const blobStore = requiredResponseRecord(body.blobStore, "blobStore");
+            mailboxAddress = typeof body.mailboxAddress === "string" && body.mailboxAddress.trim()
+                ? body.mailboxAddress.trim()
+                : requiredResponseText(requiredResponseRecord(body.mailbox, "mailbox"), "canonicalAddress", "mailboxAddress");
+            sourceAlias = typeof body.sourceAlias === "string" && body.sourceAlias.trim() ? body.sourceAlias.trim() : null;
+            const generatedPrivateKeys = responsePrivateKeys(body.generatedPrivateKeys);
+            const privateKeys = {
+                ...mailroomPrivateKeys(existingMailroom),
+                ...generatedPrivateKeys,
+            };
+            assertHostedPrivateKeys({
+                agent,
+                keys: privateKeys,
+                requiredKeyIds: requiredHostedKeyIds(body),
+            });
+            mode = "hosted";
+            registryPath = null;
+            storePath = null;
+            hostedControlUrl = hostedConfig.url;
+            blobStoreLabel = `${requiredResponseText(blobStore, "azureAccountUrl", "blobStore.azureAccountUrl")}/${requiredResponseText(blobStore, "container", "blobStore.container")}`;
+            nextConfig = {
+                ...currentConfig,
+                mailroom: {
+                    ...cleanHostedMailroomBase(existingMailroom),
+                    mode,
+                    mailboxAddress,
+                    sourceAlias,
+                    azureAccountUrl: requiredResponseText(blobStore, "azureAccountUrl", "blobStore.azureAccountUrl"),
+                    azureContainer: requiredResponseText(blobStore, "container", "blobStore.container"),
+                    registryAzureAccountUrl: requiredResponseText(publicRegistry, "azureAccountUrl", "publicRegistry.azureAccountUrl"),
+                    registryContainer: requiredResponseText(publicRegistry, "container", "publicRegistry.container"),
+                    registryBlob: requiredResponseText(publicRegistry, "blob", "publicRegistry.blob"),
+                    registryDomain: requiredResponseText(publicRegistry, "domain", "publicRegistry.domain"),
+                    registryRevision: requiredResponseText(publicRegistry, "revision", "publicRegistry.revision"),
+                    privateKeys,
+                },
+            };
+        }
+        else {
+            progress.updateDetail("ensuring local Mailroom identity");
+            const ensured = (0, core_1.ensureMailboxRegistry)({
+                agentId: agent,
+                registry: readMailroomRegistryFromDisk(registryPath),
+                keys: mailroomPrivateKeys(existingMailroom),
+                ownerEmail: input.ownerEmail || undefined,
+                source: input.source || undefined,
+            });
+            mailboxAddress = ensured.mailboxAddress;
+            sourceAlias = ensured.sourceAlias;
+            fs.mkdirSync(path.dirname(registryPath), { recursive: true });
+            fs.mkdirSync(storePath, { recursive: true });
+            fs.writeFileSync(registryPath, `${JSON.stringify(ensured.registry, null, 2)}\n`, "utf-8");
+            nextConfig = {
+                ...currentConfig,
+                mailroom: {
+                    ...(existingMailroom ?? {}),
+                    mode,
+                    mailboxAddress,
+                    registryPath,
+                    storePath,
+                    privateKeys: ensured.keys,
+                },
+            };
+        }
         progress.updateDetail("storing private mail keys in vault");
         stored = await (0, runtime_credentials_1.upsertRuntimeCredentialConfig)(agent, nextConfig, providerCliNow(deps));
         progress.updateDetail("enabling Mail sense in agent.json");
@@ -2971,7 +3205,7 @@ async function ensureAgentMailroom(agent, input, deps, progressLabel) {
     if (!stored)
         throw new Error("Mailroom setup did not store runtime credentials");
     const syncSummary = pushAgentBundleAfterCliMutation(agent, deps);
-    return { mailboxAddress, sourceAlias, registryPath, storePath, stored, syncSummary };
+    return { mailboxAddress, sourceAlias, mode, registryPath, storePath, hostedControlUrl, blobStoreLabel, stored, syncSummary };
 }
 async function executeConnectMail(agent, deps, input = {}) {
     writeConnectorIntro(deps, {
@@ -3016,8 +3250,10 @@ async function executeConnectMail(agent, deps, input = {}) {
         whatChanged: [
             `Mailbox: ${outcome.mailboxAddress}`,
             ...(outcome.sourceAlias ? [`Delegated alias: ${outcome.sourceAlias}`] : []),
-            `Registry: ${outcome.registryPath}`,
-            `Encrypted store: ${outcome.storePath}`,
+            ...(outcome.hostedControlUrl ? [`Hosted Mail Control: ${outcome.hostedControlUrl}`] : []),
+            ...(outcome.blobStoreLabel ? [`Blob store: ${outcome.blobStoreLabel}`] : []),
+            ...(outcome.registryPath ? [`Registry: ${outcome.registryPath}`] : []),
+            ...(outcome.storePath ? [`Encrypted store: ${outcome.storePath}`] : []),
             `Stored: ${outcome.stored.itemPath}`,
             "agent.json: senses.mail.enabled = true",
             "private mail keys were not printed",
@@ -3033,8 +3269,10 @@ async function executeConnectMail(agent, deps, input = {}) {
             `Agent Mail connected for ${agent}`,
             `mailbox: ${outcome.mailboxAddress}`,
             ...(outcome.sourceAlias ? [`delegated alias: ${outcome.sourceAlias}`] : []),
-            `registry: ${outcome.registryPath}`,
-            `encrypted store: ${outcome.storePath}`,
+            ...(outcome.hostedControlUrl ? [`Hosted Mail Control: ${outcome.hostedControlUrl}`] : []),
+            ...(outcome.blobStoreLabel ? [`Blob store: ${outcome.blobStoreLabel}`] : []),
+            ...(outcome.registryPath ? [`registry: ${outcome.registryPath}`] : []),
+            ...(outcome.storePath ? [`encrypted store: ${outcome.storePath}`] : []),
             `stored: ${outcome.stored.itemPath}`,
             "agent.json: senses.mail.enabled = true",
             "private mail keys were not printed",
@@ -3079,9 +3317,12 @@ async function executeAccountEnsure(command, deps) {
             "Vault item: runtime/config",
             `Mailbox: ${outcome.mailboxAddress}`,
             ...(outcome.sourceAlias ? [`Delegated alias: ${outcome.sourceAlias}`] : []),
-            `Registry: ${outcome.registryPath}`,
-            `Encrypted store: ${outcome.storePath}`,
+            ...(outcome.hostedControlUrl ? [`Hosted Mail Control: ${outcome.hostedControlUrl}`] : []),
+            ...(outcome.blobStoreLabel ? [`Blob store: ${outcome.blobStoreLabel}`] : []),
+            ...(outcome.registryPath ? [`Registry: ${outcome.registryPath}`] : []),
+            ...(outcome.storePath ? [`Encrypted store: ${outcome.storePath}`] : []),
             "agent.json: senses.mail.enabled = true",
+            "private mail keys were not printed",
             ...(outcome.syncSummary ? [outcome.syncSummary] : []),
         ],
         nextMoves: [
@@ -3094,9 +3335,12 @@ async function executeAccountEnsure(command, deps) {
             "vault: runtime/config",
             `mailbox: ${outcome.mailboxAddress}`,
             ...(outcome.sourceAlias ? [`delegated alias: ${outcome.sourceAlias}`] : []),
-            `registry: ${outcome.registryPath}`,
-            `encrypted store: ${outcome.storePath}`,
+            ...(outcome.hostedControlUrl ? [`Hosted Mail Control: ${outcome.hostedControlUrl}`] : []),
+            ...(outcome.blobStoreLabel ? [`Blob store: ${outcome.blobStoreLabel}`] : []),
+            ...(outcome.registryPath ? [`registry: ${outcome.registryPath}`] : []),
+            ...(outcome.storePath ? [`encrypted store: ${outcome.storePath}`] : []),
             "agent.json: senses.mail.enabled = true",
+            "private mail keys were not printed",
             ...(outcome.syncSummary ? [outcome.syncSummary] : []),
         ],
     });
@@ -5531,6 +5775,9 @@ async function runOuroCli(args, deps = (0, cli_defaults_1.createDefaultOuroCliDe
     if (command.kind === "vault.item.list") {
         return executeVaultItemList(command, deps);
     }
+    if (command.kind === "dns.workflow") {
+        return executeDnsWorkflow(command, deps);
+    }
     // ── auth (local, no daemon socket needed) ──
     if (command.kind === "auth.run") {
         return executeAuthRun(command, deps);

package/dist/heart/daemon/cli-parse.js

@@ -101,6 +101,7 @@ function usage() {
         "  ouro vault item list [--agent <name>] [--prefix <path-prefix>]",
         "  ouro vault ops porkbun set [--agent <name>] --account <account>",
         "  ouro vault ops porkbun status [--agent <name>] [--account <account>]",
+        "  ouro dns backup|plan|apply|verify|rollback|certificate [--agent <name>] --binding <path> [--output <path>] [--backup <path>] [--yes]",
         "  ouro chat <agent>",
         "  ouro msg --to <agent> [--session <id>] [--task <ref>] <message>",
         "  ouro poke <agent> --task <task-id>",
@@ -681,6 +682,74 @@ function parseVaultOpsCommand(args) {
         compatibilityAlias: vault_items_1.PORKBUN_OPS_COMPATIBILITY_ALIAS,
     };
 }
+function isDnsWorkflowAction(value) {
+    return value === "backup" || value === "plan" || value === "apply" || value === "verify" || value === "rollback" || value === "certificate";
+}
+function normalizeWorkflowPath(value, label) {
+    const trimmed = value?.trim() ?? "";
+    if (!trimmed || /[\r\n\t]/.test(trimmed)) {
+        throw new Error(`${label} must be a non-empty path without control characters.`);
+    }
+    return trimmed;
+}
+function parseDnsCommand(args) {
+    const action = args[0];
+    if (!isDnsWorkflowAction(action)) {
+        throw new Error("Usage: ouro dns backup|plan|apply|verify|rollback|certificate [--agent <name>] --binding <path>");
+    }
+    const { agent, rest } = extractAgentFlag(args.slice(1));
+    let bindingPath;
+    let outputPath;
+    let backupPath;
+    let yes = false;
+    for (let i = 0; i < rest.length; i += 1) {
+        const token = rest[i];
+        if (token === "--binding") {
+            bindingPath = normalizeWorkflowPath(rest[i + 1], "dns --binding");
+            i += 1;
+            continue;
+        }
+        if (token === "--output") {
+            outputPath = normalizeWorkflowPath(rest[i + 1], "dns --output");
+            i += 1;
+            continue;
+        }
+        if (token === "--backup") {
+            backupPath = normalizeWorkflowPath(rest[i + 1], "dns --backup");
+            i += 1;
+            continue;
+        }
+        if (token === "--yes") {
+            yes = true;
+            continue;
+        }
+        if (token === "--credential-item") {
+            throw new Error("credential item belongs in the DNS workflow binding");
+        }
+        throw new Error(`Usage: ouro dns ${action} [--agent <name>] --binding <path>`);
+    }
+    if (!bindingPath) {
+        throw new Error(`Usage: ouro dns ${action} [--agent <name>] --binding <path>`);
+    }
+    if (action === "apply" && !yes) {
+        throw new Error("dns apply requires --yes after a reviewed dry-run");
+    }
+    if (action === "rollback") {
+        if (!backupPath)
+            throw new Error("dns rollback requires --backup <path>");
+        if (!yes)
+            throw new Error("dns rollback requires --yes after choosing a backup");
+    }
+    return {
+        kind: "dns.workflow",
+        action,
+        ...(agent ? { agent } : {}),
+        bindingPath,
+        ...(outputPath ? { outputPath } : {}),
+        ...(backupPath ? { backupPath } : {}),
+        ...(yes ? { yes: true } : {}),
+    };
+}
 function parseVaultConfigCommand(args) {
     const sub = args[0];
     const { agent, rest } = extractAgentFlag(args.slice(1));
@@ -1330,6 +1399,8 @@ function parseOuroCommand(args) {
         return parseProviderCommand(args.slice(1));
     if (head === "mail")
         return parseMailCommand(args.slice(1));
+    if (head === "dns")
+        return parseDnsCommand(args.slice(1));
     if (head === "logs") {
         if (second === "prune")
             return { kind: "daemon.logs.prune" };

package/dist/heart/daemon/dns-workflow.js

@@ -0,0 +1,365 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.loadDnsWorkflowBinding = loadDnsWorkflowBinding;
+exports.resolveDnsWorkflowSecrets = resolveDnsWorkflowSecrets;
+exports.createPorkbunDnsDriver = createPorkbunDnsDriver;
+exports.planDnsWorkflow = planDnsWorkflow;
+exports.planDnsRollback = planDnsRollback;
+exports.applyDnsWorkflowPlan = applyDnsWorkflowPlan;
+exports.redactDnsWorkflowArtifact = redactDnsWorkflowArtifact;
+const runtime_1 = require("../../nerves/runtime");
+function isRecordType(value) {
+    return value === "A" || value === "AAAA" || value === "CNAME" || value === "MX" || value === "TXT";
+}
+function requireString(value, label) {
+    if (typeof value !== "string" || value.trim() === "")
+        throw new Error(`${label} is required`);
+    return value.trim();
+}
+function requireRecordType(value, label) {
+    if (!isRecordType(value))
+        throw new Error(`${label} must be A, AAAA, CNAME, MX, or TXT`);
+    return value;
+}
+function parseCertificateSource(value) {
+    if (value === undefined || value === "porkbun-ssl")
+        return "porkbun-ssl";
+    if (value === "acme-dns-01")
+        return "acme-dns-01";
+    throw new Error("certificate.source must be porkbun-ssl or acme-dns-01");
+}
+function recordKey(record) {
+    return `${record.type}:${record.name}`;
+}
+function parseRecord(input, label) {
+    const value = input;
+    const record = {
+        ...(typeof value.id === "string" ? { id: value.id } : {}),
+        type: requireRecordType(value.type, `${label}.type`),
+        name: requireString(value.name, `${label}.name`),
+        content: requireString(value.content, `${label}.content`),
+        ...(typeof value.ttl === "number" ? { ttl: value.ttl } : {}),
+        ...(typeof value.priority === "number" ? { priority: value.priority } : {}),
+    };
+    return record;
+}
+function parseResourceRecord(input, label) {
+    const value = input;
+    return {
+        type: requireRecordType(value.type, `${label}.type`),
+        name: requireString(value.name, `${label}.name`),
+    };
+}
+function assertNoCredentialOntology(input) {
+    if ("credentialItemNoteQuery" in input || "noteQuery" in input || "notes" in input) {
+        throw new Error("notes are not machine contracts");
+    }
+    if ("authority" in input || "kind" in input) {
+        throw new Error("workflow binding must not give a vault item assumed use");
+    }
+}
+function loadDnsWorkflowBinding(input) {
+    if (!input || typeof input !== "object")
+        throw new Error("DNS workflow binding must be an object");
+    const value = input;
+    assertNoCredentialOntology(value);
+    if (value.workflow !== "dns")
+        throw new Error("DNS workflow binding must set workflow to dns");
+    if (value.driver !== "porkbun")
+        throw new Error("DNS workflow binding driver must be porkbun");
+    const resources = value.resources;
+    const desired = value.desired;
+    if (!Array.isArray(resources?.records) || resources.records.length === 0) {
+        throw new Error("DNS workflow binding requires a resource allowlist");
+    }
+    if (!Array.isArray(desired?.records))
+        throw new Error("DNS workflow binding requires desired records");
+    const certificate = value.certificate;
+    return {
+        workflow: "dns",
+        domain: requireString(value.domain, "domain"),
+        driver: "porkbun",
+        credentialItem: requireString(value.credentialItem, "credentialItem"),
+        resources: {
+            records: resources.records.map((record, index) => parseResourceRecord(record, `resources.records[${index}]`)),
+        },
+        desired: {
+            records: desired.records.map((record, index) => parseRecord(record, `desired.records[${index}]`)),
+        },
+        ...(certificate ? {
+            certificate: {
+                host: requireString(certificate.host, "certificate.host"),
+                source: parseCertificateSource(certificate.source),
+                storeItem: requireString(certificate.storeItem, "certificate.storeItem"),
+                ...(certificate.acmeChallengeRecord
+                    ? {
+                        acmeChallengeRecord: parseResourceRecord(certificate.acmeChallengeRecord, "certificate.acmeChallengeRecord"),
+                    }
+                    : {}),
+            },
+        } : {}),
+    };
+}
+async function resolveDnsWorkflowSecrets(binding, reader) {
+    return {
+        apiKey: await reader.readSecretField(binding.credentialItem, "apiKey"),
+        secretApiKey: await reader.readSecretField(binding.credentialItem, "secretApiKey"),
+    };
+}
+async function readPorkbunJson(response) {
+    const payload = await response.json();
+    if (!response.ok || payload.status === "ERROR") {
+        throw new Error(payload.message ?? `Porkbun request failed with status ${response.status}`);
+    }
+    return payload;
+}
+function porkbunHeaders(secrets) {
+    return {
+        "X-API-Key": secrets.apiKey,
+        "X-Secret-API-Key": secrets.secretApiKey,
+    };
+}
+function porkbunRecordBody(record) {
+    return {
+        type: record.type,
+        name: record.name === "@" ? "" : record.name,
+        content: record.content,
+        ttl: record.ttl ?? 600,
+        prio: record.priority ?? 0,
+    };
+}
+function normalizePorkbunRecordName(domain, name) {
+    const suffix = `.${domain}`;
+    if (name === domain)
+        return "@";
+    if (name.endsWith(suffix))
+        return name.slice(0, -suffix.length);
+    return name;
+}
+function normalizePorkbunNumber(value) {
+    const parsed = value === null || value === undefined || value === "" ? Number.NaN : Number(value);
+    return Number.isFinite(parsed) ? parsed : undefined;
+}
+function normalizePorkbunRecord(domain, input) {
+    const value = input;
+    const ttl = normalizePorkbunNumber(value.ttl);
+    const priority = normalizePorkbunNumber(value.priority ?? value.prio);
+    return {
+        ...(typeof value.id === "string" ? { id: value.id } : {}),
+        type: requireString(value.type, "provider record type"),
+        name: normalizePorkbunRecordName(domain, requireString(value.name, "provider record name")),
+        content: requireString(value.content, "provider record content"),
+        ...(ttl === undefined ? {} : { ttl }),
+        ...(priority === undefined ? {} : { priority }),
+    };
+}
+async function emitPorkbunRequest(input) {
+    (0, runtime_1.emitNervesEvent)({
+        event: "daemon.dns_provider_request_start",
+        component: "daemon",
+        message: `DNS provider ${input.method} ${input.path} started`,
+        meta: {
+            driver: "porkbun",
+            method: input.method,
+            path: input.path,
+        },
+    });
+    try {
+        const result = await input.execute();
+        (0, runtime_1.emitNervesEvent)({
+            event: "daemon.dns_provider_request_end",
+            component: "daemon",
+            message: `DNS provider ${input.method} ${input.path} completed`,
+            meta: {
+                driver: "porkbun",
+                method: input.method,
+                path: input.path,
+            },
+        });
+        return result;
+    }
+    catch (error) {
+        (0, runtime_1.emitNervesEvent)({
+            level: "error",
+            event: "daemon.dns_provider_request_error",
+            component: "daemon",
+            message: `DNS provider ${input.method} ${input.path} failed`,
+            meta: {
+                driver: "porkbun",
+                method: input.method,
+                path: input.path,
+                error: String(error),
+            },
+        });
+        throw error;
+    }
+}
+function createPorkbunDnsDriver(options) {
+    const baseUrl = (options.baseUrl ?? "https://api.porkbun.com/api/json/v3").replace(/\/+$/, "");
+    const readOnly = async (path, secrets) => {
+        return emitPorkbunRequest({
+            method: "GET",
+            path,
+            execute: async () => readPorkbunJson(await options.fetchImpl(`${baseUrl}${path}`, {
+                method: "GET",
+                headers: porkbunHeaders(secrets),
+            })),
+        });
+    };
+    const mutate = async (path, secrets, body = {}) => {
+        return emitPorkbunRequest({
+            method: "POST",
+            path,
+            execute: async () => readPorkbunJson(await options.fetchImpl(`${baseUrl}${path}`, {
+                method: "POST",
+                headers: {
+                    ...porkbunHeaders(secrets),
+                    "Content-Type": "application/json",
+                },
+                body: JSON.stringify(body),
+            })),
+        });
+    };
+    return {
+        async ping(secrets) {
+            const payload = await readOnly("/ping", secrets);
+            return { credentialsValid: payload.credentialsValid === true };
+        },
+        async retrieveRecords({ domain, secrets }) {
+            const payload = await readOnly(`/dns/retrieve/${encodeURIComponent(domain)}`, secrets);
+            return (payload.records ?? []).map((record) => normalizePorkbunRecord(domain, record));
+        },
+        async retrieveCertificate({ domain, secrets }) {
+            const payload = await readOnly(`/ssl/retrieve/${encodeURIComponent(domain)}`, secrets);
+            return {
+                certificatechain: requireString(payload.certificatechain, "certificatechain"),
+                publickey: requireString(payload.publickey, "publickey"),
+                privatekey: requireString(payload.privatekey, "privatekey"),
+            };
+        },
+        async createRecord({ domain, secrets, record }) {
+            const payload = await mutate(`/dns/create/${encodeURIComponent(domain)}`, secrets, porkbunRecordBody(record));
+            return typeof payload.id === "string" ? { id: payload.id } : {};
+        },
+        async editRecord({ domain, secrets, id, record }) {
+            await mutate(`/dns/edit/${encodeURIComponent(domain)}/${encodeURIComponent(id)}`, secrets, porkbunRecordBody(record));
+        },
+        async deleteRecord({ domain, secrets, id }) {
+            await mutate(`/dns/delete/${encodeURIComponent(domain)}/${encodeURIComponent(id)}`, secrets);
+        },
+    };
+}
+function assertDesiredRecordsAllowed(binding) {
+    const allowed = new Set(binding.resources.records.map(recordKey));
+    for (const desired of binding.desired.records) {
+        if (!allowed.has(recordKey(desired)))
+            throw new Error("desired DNS record is outside DNS workflow allowlist");
+    }
+}
+function recordsEqual(left, right) {
+    const priorityEqual = left.type === "MX"
+        ? (left.priority ?? 0) === (right.priority ?? 0)
+        : true;
+    return left.type === right.type &&
+        left.name === right.name &&
+        left.content === right.content &&
+        left.ttl === right.ttl &&
+        priorityEqual;
+}
+function planDnsWorkflow(input) {
+    assertDesiredRecordsAllowed(input.binding);
+    const allowedKeys = new Set(input.binding.resources.records.map(recordKey));
+    const desiredKeys = new Set(input.binding.desired.records.map(recordKey));
+    const changes = [];
+    for (const desired of input.binding.desired.records) {
+        const current = input.currentRecords.find((record) => recordKey(record) === recordKey(desired));
+        if (!current) {
+            changes.push({ action: "create", record: desired, reason: "desired record is missing" });
+        }
+        else if (!recordsEqual(current, desired)) {
+            changes.push({ action: "update", record: desired, currentRecord: current, reason: "desired record differs from current provider record" });
+        }
+    }
+    if (input.deleteExtraAllowedRecords) {
+        for (const current of input.currentRecords) {
+            if (allowedKeys.has(recordKey(current)) && !desiredKeys.has(recordKey(current))) {
+                changes.push({ action: "delete", record: current, currentRecord: current, reason: "allowlisted record is absent from rollback backup" });
+            }
+        }
+    }
+    const preservedRecords = input.currentRecords.filter((record) => !desiredKeys.has(recordKey(record)));
+    return {
+        backup: { domain: input.binding.domain, records: input.currentRecords },
+        changes,
+        preservedRecords,
+        certificateActions: input.binding.certificate
+            ? [{
+                    action: "retrieve-and-store",
+                    host: input.binding.certificate.host,
+                    secretItem: input.binding.certificate.storeItem,
+                }]
+            : [],
+    };
+}
+function planDnsRollback(input) {
+    const allowedKeys = new Set(input.binding.resources.records.map(recordKey));
+    const rollbackBinding = {
+        ...input.binding,
+        desired: {
+            records: input.backupRecords.filter((record) => allowedKeys.has(recordKey(record))),
+        },
+    };
+    return planDnsWorkflow({
+        binding: rollbackBinding,
+        currentRecords: input.currentRecords,
+        deleteExtraAllowedRecords: true,
+    });
+}
+async function applyDnsWorkflowPlan(input) {
+    const applied = [];
+    for (const change of input.plan.changes) {
+        if (change.action === "create") {
+            const result = await input.driver.createRecord({ domain: input.domain, secrets: input.secrets, record: change.record });
+            applied.push({ action: "create", record: change.record, ...(result.id ? { id: result.id } : {}) });
+            continue;
+        }
+        const id = change.currentRecord?.id ?? change.record.id;
+        if (!id)
+            throw new Error(`cannot ${change.action} ${change.record.type} ${change.record.name} without provider record id`);
+        if (change.action === "update") {
+            await input.driver.editRecord({ domain: input.domain, secrets: input.secrets, id, record: change.record });
+            applied.push({ action: "update", record: change.record, id });
+            continue;
+        }
+        await input.driver.deleteRecord({ domain: input.domain, secrets: input.secrets, id });
+        applied.push({ action: "delete", record: change.record, id });
+    }
+    return applied;
+}
+function redactedValueForKey(key, value) {
+    const normalized = key.toLowerCase();
+    if (normalized === "apikey" || normalized === "secretapikey" || normalized === "x-api-key" || normalized === "x-secret-api-key") {
+        return "[redacted]";
+    }
+    if (normalized === "privatekey" || normalized === "privatekeypem" || normalized === "privatekeypath") {
+        return "[redacted]";
+    }
+    if (typeof value === "string" && value.includes("BEGIN PRIVATE KEY")) {
+        return "[redacted]";
+    }
+    return undefined;
+}
+function redactDnsWorkflowArtifact(input) {
+    if (Array.isArray(input))
+        return input.map((item) => redactDnsWorkflowArtifact(item));
+    if (input && typeof input === "object") {
+        const output = {};
+        for (const [key, value] of Object.entries(input)) {
+            output[key] = redactedValueForKey(key, value) ?? redactDnsWorkflowArtifact(value);
+        }
+        return output;
+    }
+    if (typeof input === "string" && input.includes("BEGIN PRIVATE KEY"))
+        return "[redacted]";
+    return input;
+}

package/dist/heart/outlook/readers/mail.js

@@ -5,6 +5,7 @@ exports.readMailMessageView = readMailMessageView;
 const runtime_1 = require("../../../nerves/runtime");
 const file_store_1 = require("../../../mailroom/file-store");
 const reader_1 = require("../../../mailroom/reader");
+const core_1 = require("../../../mailroom/core");
 const OUTLOOK_MAIL_LIST_LIMIT = 50;
 const OUTLOOK_MAIL_COUNT_LIMIT = 500;
 const OUTLOOK_MAIL_BODY_LIMIT = 12_000;
@@ -92,13 +93,27 @@ function buildFolders(messages, outbound) {
         { id: "native", label: "Native", count: messages.filter((message) => message.compartmentKind === "native").length },
     ];
     const sourceCounts = new Map();
+    const sourceOwnerCounts = new Map();
     for (const message of messages) {
         if (!message.source)
             continue;
         sourceCounts.set(message.source, (sourceCounts.get(message.source) ?? 0) + 1);
+        const owner = message.ownerEmail ?? "";
+        const ownerCounts = sourceOwnerCounts.get(message.source) ?? new Map();
+        ownerCounts.set(owner, (ownerCounts.get(owner) ?? 0) + 1);
+        sourceOwnerCounts.set(message.source, ownerCounts);
     }
     for (const [source, count] of [...sourceCounts.entries()].sort((a, b) => a[0].localeCompare(b[0]))) {
-        folders.push({ id: `source:${source}`, label: source.toUpperCase(), count });
+        const ownerCounts = sourceOwnerCounts.get(source);
+        if (!ownerCounts || ownerCounts.size <= 1) {
+            folders.push({ id: `source:${source}`, label: source.toUpperCase(), count });
+            continue;
+        }
+        for (const [owner, ownerCount] of [...ownerCounts.entries()].sort((a, b) => a[0].localeCompare(b[0]))) {
+            const ownerLabel = owner || "unknown owner";
+            const ownerId = owner || "unknown-owner";
+            folders.push({ id: `source:${source}:${ownerId}`, label: `${source.toUpperCase()} / ${ownerLabel}`, count: ownerCount });
+        }
     }
     return folders;
 }
@@ -123,6 +138,10 @@ function outboundRecord(record) {
     return {
         id: record.id,
         status: record.status,
+        mailboxRole: record.mailboxRole ?? "agent-native-mailbox",
+        sendAuthority: record.sendAuthority ?? "agent-native",
+        ownerEmail: record.ownerEmail ?? null,
+        source: record.source ?? null,
         from: record.from,
         to: record.to,
         cc: record.cc,
@@ -152,9 +171,22 @@ function accessEntries(entries) {
         threadId: entry.threadId ?? null,
         tool: entry.tool,
         reason: entry.reason,
+        mailboxRole: entry.mailboxRole ?? null,
+        compartmentKind: entry.compartmentKind ?? null,
+        ownerEmail: entry.ownerEmail ?? null,
+        source: entry.source ?? null,
         accessedAt: entry.accessedAt,
     }));
 }
+function accessProvenance(message) {
+    const provenance = (0, core_1.describeMailProvenance)(message);
+    return {
+        mailboxRole: provenance.mailboxRole,
+        compartmentKind: message.compartmentKind,
+        ownerEmail: provenance.ownerEmail,
+        source: provenance.source,
+    };
+}
 function emitMailRead(agentName, mode, status) {
     (0, runtime_1.emitNervesEvent)({
         component: "heart",
@@ -238,6 +270,7 @@ async function readMailMessageView(agentName, messageId) {
             messageId,
             tool: "outlook_mail_message",
             reason: "outlook read-only message body",
+            ...accessProvenance(decrypted),
         });
         const body = decrypted.private.text.length > OUTLOOK_MAIL_BODY_LIMIT
             ? decrypted.private.text.slice(0, OUTLOOK_MAIL_BODY_LIMIT)

package/dist/mailroom/attention.js

@@ -74,6 +74,14 @@ function displaySender(candidate) {
     }
     return candidate.senderEmail;
 }
+function candidateCompartmentKind(candidate) {
+    return candidate.ownerEmail || candidate.source ? "delegated" : "native";
+}
+function candidateMailboxRole(candidate) {
+    return candidateCompartmentKind(candidate) === "delegated"
+        ? "delegated-human-mailbox"
+        : "agent-native-mailbox";
+}
 function renderAttentionContent(candidate) {
     return [
         "[Mail Screener]",
@@ -92,6 +100,7 @@ function renderAttentionContent(candidate) {
     ].filter(Boolean).join("\n");
 }
 function queuedSummary(candidate, queuedAt) {
+    const compartmentKind = candidateCompartmentKind(candidate);
     return {
         candidateId: candidate.id,
         messageId: candidate.messageId,
@@ -99,6 +108,10 @@ function queuedSummary(candidate, queuedAt) {
         senderDisplay: candidate.senderDisplay,
         recipient: candidate.recipient,
         placement: candidate.placement,
+        mailboxRole: candidateMailboxRole(candidate),
+        compartmentKind,
+        ownerEmail: candidate.ownerEmail ?? null,
+        source: candidate.source ?? null,
         queuedAt,
     };
 }

package/dist/mailroom/core.js

@@ -42,6 +42,7 @@ exports.decryptMailPayload = decryptMailPayload;
 exports.encryptJsonForMailKey = encryptJsonForMailKey;
 exports.decryptMailJson = decryptMailJson;
 exports.resolveMailAddress = resolveMailAddress;
+exports.describeMailProvenance = describeMailProvenance;
 exports.buildStoredMailMessage = buildStoredMailMessage;
 exports.decryptStoredMailMessage = decryptStoredMailMessage;
 exports.provisionMailboxRegistry = provisionMailboxRegistry;
@@ -237,6 +238,32 @@ function resolveMailAddress(registry, address) {
         defaultPlacement: grant.defaultPlacement,
     };
 }
+function describeMailProvenance(message) {
+    if (message.compartmentKind === "delegated") {
+        const ownerEmail = message.ownerEmail ?? null;
+        const source = message.source ?? null;
+        const ownerLabel = ownerEmail ?? "unknown owner";
+        const sourceLabel = source ?? "unknown source";
+        return {
+            mailboxRole: "delegated-human-mailbox",
+            mailboxLabel: `${ownerLabel} / ${sourceLabel} delegated to ${message.agentId}`,
+            agentId: message.agentId,
+            ownerEmail,
+            source,
+            recipient: message.recipient,
+            sendAsHumanAllowed: false,
+        };
+    }
+    return {
+        mailboxRole: "agent-native-mailbox",
+        mailboxLabel: `${message.recipient} (native agent mail)`,
+        agentId: message.agentId,
+        ownerEmail: null,
+        source: null,
+        recipient: message.recipient,
+        sendAsHumanAllowed: false,
+    };
+}
 function addressList(values) {
     /* v8 ignore next -- parsedAddressList filters undefined top-level values; this guards malformed address-group entries. @preserve */
     return (values ?? [])

package/dist/mailroom/outbound.js

@@ -96,6 +96,10 @@ async function createMailDraft(input) {
         id: draftId(),
         agentId: input.agentId,
         status: "draft",
+        mailboxRole: "agent-native-mailbox",
+        sendAuthority: "agent-native",
+        ownerEmail: null,
+        source: null,
         from: (0, core_1.normalizeMailAddress)(input.from),
         to,
         cc: normalizeList(input.cc ?? []),

package/dist/repertoire/tools-mail.js

@@ -125,10 +125,29 @@ function renderAccessLog(entries) {
         .reverse()
         .map((entry) => {
         const target = entry.messageId ? `message=${entry.messageId}` : entry.threadId ? `thread=${entry.threadId}` : "mailbox";
-        return `- ${entry.accessedAt} ${entry.tool} ${target} reason="${entry.reason}"`;
+        const provenance = renderAccessLogProvenance(entry);
+        return `- ${entry.accessedAt} ${entry.tool} ${target}${provenance} reason="${entry.reason}"`;
     })
         .join("\n");
 }
+function renderAccessLogProvenance(entry) {
+    if (entry.mailboxRole === "delegated-human-mailbox") {
+        return ` delegated human mailbox: ${entry.ownerEmail ?? "unknown owner"} / ${entry.source ?? "unknown source"}`;
+    }
+    if (entry.mailboxRole === "agent-native-mailbox") {
+        return " native agent mailbox";
+    }
+    return "";
+}
+function accessProvenance(message) {
+    const provenance = (0, core_1.describeMailProvenance)(message);
+    return {
+        mailboxRole: provenance.mailboxRole,
+        compartmentKind: message.compartmentKind,
+        ownerEmail: provenance.ownerEmail,
+        source: provenance.source,
+    };
+}
 function renderSourceGrantStatus(config, agentId) {
     if (!config.registryPath) {
         return [
@@ -597,6 +616,7 @@ exports.mailToolDefinitions = [
                 messageId,
                 tool: "mail_thread",
                 reason: args.reason,
+                ...accessProvenance(message),
             });
             const maxChars = numberArg(args.max_chars, 2000, 200, 6000);
             const body = decrypted.private.text.length > maxChars
@@ -717,6 +737,7 @@ exports.mailToolDefinitions = [
                 messageId,
                 tool: "mail_decide",
                 reason,
+                ...accessProvenance(message),
             });
             const senderPolicyLine = persistSenderPolicyForDecision({
                 registryPath: resolved.config.registryPath,

package/dist/senses/mail.js

@@ -113,22 +113,28 @@ async function startMailSenseApp(options) {
     if (!resolved.ok) {
         throw new Error(resolved.error);
     }
-    if (!resolved.config.registryPath) {
+    const hostedReaderOnly = resolved.storeKind === "azure-blob" && !resolved.config.registryPath;
+    if (!resolved.config.registryPath && !hostedReaderOnly) {
         throw new Error(`missing mailroom.registryPath for ${options.agentName}; agent-runnable repair: 'ouro connect mail --agent ${options.agentName}'`);
     }
-    const registry = readRegistry(resolved.config.registryPath);
     const host = resolved.config.host ?? "127.0.0.1";
-    const ingress = (options.startIngress ?? smtp_ingress_1.startMailroomIngress)({
-        registry,
-        store: resolved.store,
-        smtpPort: validPort(resolved.config.smtpPort),
-        httpPort: validPort(resolved.config.httpPort),
-        host,
-    });
-    await Promise.all([
-        waitForListening(ingress.smtp),
-        waitForListening(ingress.health),
-    ]);
+    const ingress = hostedReaderOnly
+        ? null
+        : (options.startIngress ?? smtp_ingress_1.startMailroomIngress)({
+            registry: readRegistry(resolved.config.registryPath),
+            store: resolved.store,
+            smtpPort: validPort(resolved.config.smtpPort),
+            httpPort: validPort(resolved.config.httpPort),
+            host,
+        });
+    if (ingress) {
+        await Promise.all([
+            waitForListening(ingress.smtp),
+            waitForListening(ingress.health),
+        ]);
+    }
+    const activeSmtpPort = () => ingress ? serverPort(ingress.smtp) : null;
+    const activeHttpPort = () => ingress ? serverPort(ingress.health) : null;
     const runtimePath = runtimeStatePath(options.agentName);
     const attentionPath = attentionStatePath(options.agentName);
     let lastScanAt = null;
@@ -150,8 +156,8 @@ async function startMailSenseApp(options) {
                 agentName: options.agentName,
                 status: "running",
                 mailboxAddress: resolved.config.mailboxAddress,
-                smtpPort: serverPort(ingress.smtp),
-                httpPort: serverPort(ingress.health),
+                smtpPort: activeSmtpPort(),
+                httpPort: activeHttpPort(),
                 host,
                 storeKind: resolved.storeKind,
                 storeLabel: resolved.storeLabel,
@@ -182,30 +188,32 @@ async function startMailSenseApp(options) {
         meta: {
             agentName: options.agentName,
             mailboxAddress: resolved.config.mailboxAddress,
-            smtpPort: serverPort(ingress.smtp),
-            httpPort: serverPort(ingress.health),
+            smtpPort: activeSmtpPort(),
+            httpPort: activeHttpPort(),
             intervalMs,
         },
     });
     return {
         runtimeStatePath: runtimePath,
         attentionStatePath: attentionPath,
-        smtpPort: serverPort(ingress.smtp),
-        httpPort: serverPort(ingress.health),
+        smtpPort: activeSmtpPort(),
+        httpPort: activeHttpPort(),
         async stop() {
             ;
             (options.clearIntervalFn ?? ((activeTimer) => clearInterval(activeTimer)))(timer);
-            await Promise.all([
-                closeServer(ingress.smtp),
-                closeServer(ingress.health),
-            ]);
+            if (ingress) {
+                await Promise.all([
+                    closeServer(ingress.smtp),
+                    closeServer(ingress.health),
+                ]);
+            }
             writeRuntimeState(runtimePath, {
                 schemaVersion: 1,
                 agentName: options.agentName,
                 status: "stopped",
                 mailboxAddress: resolved.config.mailboxAddress,
-                smtpPort: serverPort(ingress.smtp),
-                httpPort: serverPort(ingress.health),
+                smtpPort: activeSmtpPort(),
+                httpPort: activeHttpPort(),
                 host,
                 storeKind: resolved.storeKind,
                 storeLabel: resolved.storeLabel,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ouro.bot/cli",
-  "version": "0.1.0-alpha.466",
+  "version": "0.1.0-alpha.467",
   "main": "dist/heart/daemon/ouro-entry.js",
   "bin": {
     "cli": "dist/heart/daemon/ouro-bot-entry.js",