@runuai/host 0.1.0

package/lib/preview-ports.ts

@@ -0,0 +1,85 @@
+import { z } from "zod";
+
+export const PREVIEW_PORT_NAME_RE = /^[a-z0-9][a-z0-9_-]{0,62}$/;
+
+export const PreviewPortDeclarationSchema = z.object({
+  name: z
+    .string()
+    .trim()
+    .min(1)
+    .max(63)
+    .regex(
+      PREVIEW_PORT_NAME_RE,
+      "name must be lowercase letters, digits, _ or -, starting with a letter or digit",
+    ),
+  containerPort: z.coerce.number().int().min(1).max(65535),
+});
+
+export const PreviewPortRuntimeSchema = z.object({
+  name: z.string().trim().min(1).max(63).regex(PREVIEW_PORT_NAME_RE),
+  hostPort: z.coerce.number().int().min(1).max(65535),
+});
+
+export const PreviewPortDeclarationsSchema = z
+  .array(PreviewPortDeclarationSchema)
+  .max(20)
+  .superRefine((ports, ctx) => {
+    const seen = new Set<string>();
+    for (const [index, port] of ports.entries()) {
+      if (seen.has(port.name)) {
+        ctx.addIssue({
+          code: z.ZodIssueCode.custom,
+          path: [index, "name"],
+          message: `duplicate preview port name: ${port.name}`,
+        });
+      }
+      seen.add(port.name);
+    }
+  });
+
+export const PreviewPortRuntimesSchema = z
+  .array(PreviewPortRuntimeSchema)
+  .max(20)
+  .superRefine((ports, ctx) => {
+    const seen = new Set<string>();
+    for (const [index, port] of ports.entries()) {
+      if (seen.has(port.name)) {
+        ctx.addIssue({
+          code: z.ZodIssueCode.custom,
+          path: [index, "name"],
+          message: `duplicate preview port name: ${port.name}`,
+        });
+      }
+      seen.add(port.name);
+    }
+  });
+
+export type PreviewPortDeclaration = z.infer<
+  typeof PreviewPortDeclarationSchema
+>;
+export type PreviewPortRuntime = z.infer<typeof PreviewPortRuntimeSchema>;
+
+export function parsePreviewPortDeclarations(
+  raw: string | null | undefined,
+): PreviewPortDeclaration[] {
+  return parseJsonList(raw, PreviewPortDeclarationsSchema);
+}
+
+export function parsePreviewPortRuntimes(
+  raw: string | null | undefined,
+): PreviewPortRuntime[] {
+  return parseJsonList(raw, PreviewPortRuntimesSchema);
+}
+
+function parseJsonList<T extends z.ZodTypeAny>(
+  raw: string | null | undefined,
+  schema: T,
+): z.infer<T> {
+  if (!raw) return [];
+  try {
+    const parsed = schema.safeParse(JSON.parse(raw));
+    return parsed.success ? parsed.data : [];
+  } catch {
+    return [];
+  }
+}

package/lib/repo-clone.ts

@@ -0,0 +1,127 @@
+/**
+ * Bare-mirror clone helper.
+ *
+ * Used by project creation. A project is a single repo (ADR-022), bare-
+ * mirrored into `<projectDir>/repo.git/` — one mirror per project, no repoId.
+ * Per-task worktrees pick it up from there (see scripts/agent/task-up.sh).
+ *
+ * Uses the same init + remote-add + refspec + fetch pattern as `task-up`
+ * instead of `git clone --bare`. Plain `git clone --bare` copies upstream
+ * heads straight into `refs/heads/*` and never populates
+ * `refs/remotes/origin/*`, so a later `git worktree add ...
+ * origin/<defaultBranch>` would fail with "invalid reference". `task-up`
+ * self-heals an existing mirror's refspec on subsequent runs, but only
+ * if the first task-up runs online — initialising the mirror correctly
+ * here closes the offline-first-task gap.
+ *
+ * Sync in v0.1 — the spec doesn't pin sync-vs-async, and async pipelines
+ * add a state machine we don't need until the UI shows progress.
+ *
+ * Idempotent: if the bare mirror already exists, (re-)assert the refspec
+ * and treat the repo as ready without re-fetching. Healing an existing
+ * mirror's refspec is cheap and protects against a mirror created before
+ * this helper learned the right refspec.
+ */
+
+import { spawnSync } from "node:child_process";
+import { existsSync, rmSync, statSync } from "node:fs";
+import { mkdirSync } from "node:fs";
+import { dirname } from "node:path";
+
+import { projectRepoMirror } from "./env";
+
+export interface CloneRepoInput {
+  url: string;
+  projectId: string;
+}
+
+export interface CloneRepoResult {
+  status: "ready" | "error";
+  error?: string;
+  /** Absolute path to the bare mirror directory. */
+  absolutePath: string;
+}
+
+const REMOTE_REFSPEC = "+refs/heads/*:refs/remotes/origin/*";
+
+export function cloneRepo(input: CloneRepoInput): CloneRepoResult {
+  const target = projectRepoMirror(input.projectId);
+
+  if (existsSync(target) && statSync(target).isDirectory()) {
+    // Heal an existing mirror's refspec — no-op when already correct.
+    const setRefspec = git(target, [
+      "config",
+      "remote.origin.fetch",
+      REMOTE_REFSPEC,
+    ]);
+    if (setRefspec.status !== 0) {
+      return errorResult(target, setRefspec, "git config remote.origin.fetch");
+    }
+    return { status: "ready", absolutePath: target };
+  }
+
+  mkdirSync(dirname(target), { recursive: true });
+
+  const init = spawnSync("git", ["init", "--bare", target], { encoding: "utf8" });
+  if (init.status !== 0) {
+    return errorResult(target, init, "git init --bare");
+  }
+
+  const remote = git(target, ["remote", "add", "origin", input.url]);
+  if (remote.status !== 0) {
+    cleanup(target);
+    return errorResult(target, remote, "git remote add origin");
+  }
+
+  const refspec = git(target, [
+    "config",
+    "remote.origin.fetch",
+    REMOTE_REFSPEC,
+  ]);
+  if (refspec.status !== 0) {
+    cleanup(target);
+    return errorResult(target, refspec, "git config remote.origin.fetch");
+  }
+
+  const fetch = git(target, ["fetch", "origin"]);
+  if (fetch.status !== 0) {
+    // A failed initial fetch leaves a half-built mirror that task-up
+    // would later mistake for a healthy one. Tear it down so the next
+    // retry starts clean.
+    cleanup(target);
+    return errorResult(target, fetch, "git fetch origin");
+  }
+
+  return { status: "ready", absolutePath: target };
+}
+
+function git(
+  cwd: string,
+  args: string[],
+): ReturnType<typeof spawnSync> {
+  return spawnSync("git", ["-C", cwd, ...args], { encoding: "utf8" });
+}
+
+function cleanup(target: string): void {
+  try {
+    rmSync(target, { recursive: true, force: true });
+  } catch {
+    // Best-effort: the caller will surface the original error.
+  }
+}
+
+function errorResult(
+  target: string,
+  result: ReturnType<typeof spawnSync>,
+  step: string,
+): CloneRepoResult {
+  return {
+    status: "error",
+    absolutePath: target,
+    error: (
+      `${step}: ${result.stderr || result.stdout || "failed"}`
+    )
+      .trim()
+      .slice(0, 1024),
+  };
+}

package/lib/runtime-state.ts

@@ -0,0 +1,120 @@
+import { eq } from "drizzle-orm";
+
+import { getDb, schema } from "./db";
+import { newId } from "./ulid";
+import type { HostTask } from "../db/schema";
+import type { TaskUpResult } from "../src/protocol";
+
+/** Lifecycle event kinds recorded for the local UI's `/api/events` (ADR-028). */
+export type HostEventKind =
+  | "task.created"
+  | "task.started"
+  | "task.ended"
+  | "task.ship";
+
+export function getHostTask(taskId: string): HostTask | null {
+  return (
+    getDb()
+      .select()
+      .from(schema.hostTasks)
+      .where(eq(schema.hostTasks.taskId, taskId))
+      .get() ?? null
+  );
+}
+
+export function upsertHostTask(
+  taskId: string,
+  values: Partial<Omit<HostTask, "taskId" | "updatedAt">>,
+): void {
+  const now = Date.now();
+  getDb()
+    .insert(schema.hostTasks)
+    .values({
+      taskId,
+      previewPorts: "[]",
+      ...values,
+      updatedAt: now,
+    })
+    .onConflictDoUpdate({
+      target: schema.hostTasks.taskId,
+      set: {
+        ...values,
+        updatedAt: now,
+      },
+    })
+    .run();
+}
+
+export function recordTaskUpResult(taskId: string, result: TaskUpResult): void {
+  upsertHostTask(taskId, {
+    codeServerPort: result.codeServerPort ?? null,
+    previewPorts: JSON.stringify(result.previewPorts ?? []),
+    composeProject: result.composeProject,
+    worktreePath: result.worktreePath,
+    statusMirror: "running",
+    lockedAt: null,
+    startedAt: Date.now(),
+    endedAt: null,
+  });
+}
+
+export function recordTaskStarting(taskId: string): void {
+  upsertHostTask(taskId, {
+    statusMirror: "starting",
+    lockedAt: Date.now(),
+    startedAt: Date.now(),
+    endedAt: null,
+  });
+}
+
+export function recordTaskDown(taskId: string, status: string | undefined): void {
+  upsertHostTask(taskId, {
+    codeServerPort: null,
+    previewPorts: "[]",
+    composeProject: null,
+    worktreePath: null,
+    statusMirror: status ?? "killed",
+    lockedAt: null,
+    endedAt: Date.now(),
+  });
+}
+
+export function recordTaskError(taskId: string): void {
+  upsertHostTask(taskId, {
+    statusMirror: "error",
+    lockedAt: null,
+    endedAt: Date.now(),
+  });
+}
+
+/**
+ * Persist the owner + project slugs the host received in TaskLaunchInput, so
+ * the local UI can show "who/what" for active tasks (ADR-028). The cloud
+ * remains the audit authority; this is a local read-convenience mirror.
+ */
+export function recordTaskOwner(
+  taskId: string,
+  ownerUserId: string,
+  ownerEmail: string | null,
+  ownerName: string | null,
+  projectSlugs: string[],
+): void {
+  upsertHostTask(taskId, {
+    ownerUserId,
+    ownerEmail,
+    ownerName,
+    projectSlugs: JSON.stringify(projectSlugs),
+  });
+}
+
+/** Append a task lifecycle event to the host event log (local `/api/events`). */
+export function recordHostEvent(
+  taskId: string,
+  kind: HostEventKind,
+  detail?: string | null,
+): void {
+  getDb()
+    .insert(schema.hostEvents)
+    .values({ id: newId(), taskId, kind, detail: detail ?? null })
+    .run();
+}

package/lib/secrets.ts

@@ -0,0 +1,71 @@
+/**
+ * Host secret store crypto (ADR-027) — AES-256-GCM under the host master key.
+ * First user of host-side encryption (the ADR-022 project-env store isn't
+ * built yet); these helpers anchor it.
+ *
+ * The 16-byte GCM auth tag is appended to the ciphertext; `nonce` is the random
+ * 12-byte IV. Master key: 32 bytes from `env.hostKeyPath` (UAI_HOST_KEY_FILE or
+ * $UAI_DATA_DIR/host-master.key), generated 0600 on first use.
+ */
+
+import {
+  createCipheriv,
+  createDecipheriv,
+  randomBytes,
+} from "node:crypto";
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
+import { dirname } from "node:path";
+
+import { env } from "./env";
+
+const KEY_BYTES = 32;
+const NONCE_BYTES = 12;
+const TAG_BYTES = 16;
+
+let cachedKey: Buffer | null = null;
+
+/** Load (or generate, 0600) the 32-byte host master key. */
+export function masterKey(): Buffer {
+  if (cachedKey) return cachedKey;
+  const path = env.hostKeyPath;
+  if (existsSync(path)) {
+    const key = readFileSync(path);
+    if (key.length !== KEY_BYTES) {
+      throw new Error(
+        `host master key must be ${KEY_BYTES} bytes; ${path} has ${key.length}`,
+      );
+    }
+    cachedKey = key;
+    return key;
+  }
+  const key = randomBytes(KEY_BYTES);
+  mkdirSync(dirname(path), { recursive: true, mode: 0o700 });
+  writeFileSync(path, key, { mode: 0o600 });
+  cachedKey = key;
+  return key;
+}
+
+export interface Sealed {
+  ct: Buffer; // ciphertext + 16-byte GCM tag
+  nonce: Buffer; // 12-byte IV
+}
+
+export function sealAesGcm(plaintext: string, key: Buffer = masterKey()): Sealed {
+  const nonce = randomBytes(NONCE_BYTES);
+  const cipher = createCipheriv("aes-256-gcm", key, nonce);
+  const enc = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
+  return { ct: Buffer.concat([enc, cipher.getAuthTag()]), nonce };
+}
+
+export function openAesGcm(
+  ct: Buffer,
+  nonce: Buffer,
+  key: Buffer = masterKey(),
+): string {
+  if (ct.length < TAG_BYTES) throw new Error("ciphertext too short");
+  const enc = ct.subarray(0, ct.length - TAG_BYTES);
+  const tag = ct.subarray(ct.length - TAG_BYTES);
+  const decipher = createDecipheriv("aes-256-gcm", key, nonce);
+  decipher.setAuthTag(tag);
+  return Buffer.concat([decipher.update(enc), decipher.final()]).toString("utf8");
+}

package/lib/ssh.ts

@@ -0,0 +1,186 @@
+/**
+ * Host-side per-user SSH key manager (ADR-029).
+ *
+ * Each user gets one ed25519 keypair, GENERATED ON THIS HOST. The private key
+ * lives encrypted at rest with the host master key (`host_ssh_keys` —
+ * ADR-015 secret-blindness, same shape as host_github_tokens). The cloud only
+ * ever sees the PUBLIC key, which the user pastes into GitHub themselves; there
+ * is no upload path. At task-up the private key is written into the task
+ * container so git-over-SSH works as the task creator.
+ */
+
+import { spawnSync } from "node:child_process";
+import {
+  mkdirSync,
+  mkdtempSync,
+  readFileSync,
+  rmSync,
+  writeFileSync,
+} from "node:fs";
+import { tmpdir } from "node:os";
+import { join, resolve } from "node:path";
+
+import { eq } from "drizzle-orm";
+
+import { getDb, schema } from "./db";
+import { env } from "./env";
+import { sealAesGcm, openAesGcm } from "./secrets";
+
+const withNewline = (s: string): string => (s.endsWith("\n") ? s : `${s}\n`);
+
+const EXEC_TIMEOUT_MS = 10_000;
+
+export interface GeneratedKey {
+  publicKey: string; // "ssh-ed25519 AAAA… <comment>"
+  privateKey: string; // OpenSSH private key PEM
+}
+
+/**
+ * Generate an ed25519 keypair via `ssh-keygen` (canonical OpenSSH formats that
+ * git + GitHub accept directly). Runs in a throwaway temp dir; nothing touches
+ * the operator's own ~/.ssh.
+ */
+export function generateEd25519(comment: string): GeneratedKey {
+  const dir = mkdtempSync(join(tmpdir(), "uai-ssh-"));
+  try {
+    const keyPath = join(dir, "id_ed25519");
+    const res = spawnSync(
+      "ssh-keygen",
+      ["-t", "ed25519", "-N", "", "-C", comment, "-f", keyPath],
+      { encoding: "utf8", timeout: EXEC_TIMEOUT_MS },
+    );
+    if (res.status !== 0) {
+      throw new Error(
+        `ssh-keygen failed: ${(res.stderr || res.error?.message || "").trim()}`,
+      );
+    }
+    return {
+      privateKey: readFileSync(keyPath, "utf8"),
+      publicKey: readFileSync(`${keyPath}.pub`, "utf8").trim(),
+    };
+  } finally {
+    rmSync(dir, { recursive: true, force: true });
+  }
+}
+
+// --- key store --------------------------------------------------------------
+
+/** The user's public key, or null if they have no key on this host yet. */
+export function getPublicKey(userId: string): string | null {
+  const row = getDb()
+    .select({ publicKey: schema.sshKeys.publicKey })
+    .from(schema.sshKeys)
+    .where(eq(schema.sshKeys.userId, userId))
+    .get();
+  return row?.publicKey ?? null;
+}
+
+export function hasKey(userId: string): boolean {
+  return getPublicKey(userId) !== null;
+}
+
+/**
+ * Ensure the user has a key on this host; generate + persist one if not.
+ * Idempotent — returns the (existing or freshly created) public key.
+ */
+export function ensureKeyForUser(userId: string): string {
+  const existing = getPublicKey(userId);
+  if (existing) return existing;
+
+  const { publicKey, privateKey } = generateEd25519(`uai-${userId}`);
+  const sealed = sealAesGcm(privateKey);
+  const now = Date.now();
+  getDb()
+    .insert(schema.sshKeys)
+    .values({
+      userId,
+      publicKey,
+      privateKeyCt: sealed.ct,
+      privateKeyNonce: sealed.nonce,
+      createdAt: now,
+      updatedAt: now,
+    })
+    .onConflictDoNothing({ target: schema.sshKeys.userId })
+    .run();
+  // Re-read in case a concurrent task-up won the insert race.
+  return getPublicKey(userId) ?? publicKey;
+}
+
+export function deleteKey(userId: string): void {
+  getDb().delete(schema.sshKeys).where(eq(schema.sshKeys.userId, userId)).run();
+}
+
+/** Decrypt + return the user's private key, or null if they have none. */
+export function privateKeyForUser(userId: string): string | null {
+  const row = getDb()
+    .select()
+    .from(schema.sshKeys)
+    .where(eq(schema.sshKeys.userId, userId))
+    .get();
+  if (!row) return null;
+  return openAesGcm(
+    Buffer.from(row.privateKeyCt as Uint8Array),
+    Buffer.from(row.privateKeyNonce as Uint8Array),
+  );
+}
+
+/** Decrypt + return BOTH halves of the user's key, or null if they have none. */
+export function keyPairForUser(
+  userId: string,
+): { privateKey: string; publicKey: string } | null {
+  const row = getDb()
+    .select()
+    .from(schema.sshKeys)
+    .where(eq(schema.sshKeys.userId, userId))
+    .get();
+  if (!row) return null;
+  return {
+    privateKey: openAesGcm(
+      Buffer.from(row.privateKeyCt as Uint8Array),
+      Buffer.from(row.privateKeyNonce as Uint8Array),
+    ),
+    publicKey: row.publicKey,
+  };
+}
+
+// --- per-task on-disk identity (host clone + container, ADR-029) -------------
+//
+// task-up.sh installs the creator's key into the container (and uses it for the
+// host clone). The cloud relays ssh.key.get/ensure/delete for the Account card
+// via the store functions above; there is no separate docker-exec injection.
+
+function taskIdentityDir(taskId: string): string {
+  return resolve(env.dataDir, "identity", "tasks", taskId);
+}
+
+/**
+ * Materialize the task creator's keypair to a per-task on-disk identity that
+ * task-up.sh uses for BOTH the host-side bare clone and the container copy
+ * (ADR-029) — so a task clones + pushes as its creator, not the operator.
+ * Returns the dir, or null when the creator has no key on this host (task-up.sh
+ * then falls back to the operator identity from `pnpm setup-identity`). The
+ * decrypted key lives only on the trusted host (ADR-015) and is removed right
+ * after task-up — see {@link removeTaskIdentity}.
+ */
+export function writeTaskIdentity(
+  taskId: string,
+  userId: string | null | undefined,
+): string | null {
+  if (!userId) return null;
+  const pair = keyPairForUser(userId);
+  if (!pair) return null;
+  const dir = taskIdentityDir(taskId);
+  mkdirSync(dir, { recursive: true, mode: 0o700 });
+  writeFileSync(resolve(dir, "id_ed25519"), withNewline(pair.privateKey), {
+    mode: 0o600,
+  });
+  writeFileSync(resolve(dir, "id_ed25519.pub"), withNewline(pair.publicKey), {
+    mode: 0o644,
+  });
+  return dir;
+}
+
+/** Remove a task's on-disk identity (idempotent; call after task-up). */
+export function removeTaskIdentity(taskId: string): void {
+  rmSync(taskIdentityDir(taskId), { recursive: true, force: true });
+}