@stage-labs/metro 0.1.0-beta.13 → 0.1.0-beta.15

package/dist/cli/messenger-api.js

@@ -0,0 +1,214 @@
+/** Messenger endpoints: send + react + register, plus Expo push delivery. Upload/serve in messenger-uploads.ts. */
+import { existsSync, readFileSync, writeFileSync } from 'node:fs';
+import { basename, join } from 'node:path';
+import { mintId, readHistory, userSelf } from '../history.js';
+import { errMsg, log } from '../log.js';
+import { STATE_DIR } from '../paths.js';
+import { handleMessengerFile, handleMessengerUpload } from './messenger-uploads.js';
+import { transcribeAudio } from './messenger-transcribe.js';
+const UPLOADS_DIR = join(STATE_DIR, 'messenger-uploads');
+const MESSENGER_LINE = 'metro://messenger/owner';
+const MESSENGER_USER = 'metro://messenger/user/owner';
+const PUSH_TOKENS_FILE = join(STATE_DIR, 'push-tokens.json');
+function readPushTokens() {
+    try {
+        return existsSync(PUSH_TOKENS_FILE) ? JSON.parse(readFileSync(PUSH_TOKENS_FILE, 'utf8')) : [];
+    }
+    catch {
+        return [];
+    }
+}
+function writePushTokens(tokens) {
+    writeFileSync(PUSH_TOKENS_FILE, JSON.stringify([...new Set(tokens)]));
+}
+async function pushExpo(tokens, title, body, replyTo) {
+    if (tokens.length === 0)
+        return;
+    /** `categoryId: 'messenger.reply'` opts the notification into the inline Reply
+     *  action the app registered at startup; `data.replyTo` lets the response
+     *  listener thread the answer back to the originating message. */
+    const messages = tokens.map(to => ({
+        to, title, body, sound: 'default',
+        categoryId: 'messenger.reply',
+        ...(replyTo ? { data: { replyTo } } : {}),
+    }));
+    try {
+        await fetch('https://exp.host/--/api/v2/push/send', {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json', 'Accept-Encoding': 'gzip, deflate' },
+            body: JSON.stringify(messages),
+            signal: AbortSignal.timeout(10_000),
+        });
+    }
+    catch (err) {
+        log.warn({ err: errMsg(err) }, 'expo push failed');
+    }
+}
+async function readJsonBody(req) {
+    const chunks = [];
+    for await (const c of req)
+        chunks.push(Buffer.isBuffer(c) ? c : Buffer.from(c));
+    const raw = Buffer.concat(chunks).toString('utf8').trim();
+    if (!raw)
+        return {};
+    try {
+        return JSON.parse(raw);
+    }
+    catch (err) {
+        return { __error: `bad JSON body: ${errMsg(err)}` };
+    }
+}
+/** Route all /api/messenger/* paths. Returns true if handled. */
+export function routeMessenger(req, res, path, emit, send) {
+    const guard = (p, label, methodOk = true) => {
+        if (!methodOk) {
+            send(res, req, 405, { error: 'method not allowed' });
+            return true;
+        }
+        Promise.resolve(p()).catch(err => {
+            log.warn({ err: errMsg(err) }, `monitor: ${label} error`);
+            try {
+                send(res, req, 500, { error: errMsg(err) });
+            }
+            catch { /* ignore */ }
+        });
+        return true;
+    };
+    if (path === '/api/messenger/send') {
+        if (!emit) {
+            send(res, req, 500, { error: 'emit not wired' });
+            return true;
+        }
+        return guard(() => handleMessengerSend(req, res, emit, send), 'messenger-send', req.method === 'POST');
+    }
+    if (path === '/api/messenger/react') {
+        if (!emit) {
+            send(res, req, 500, { error: 'emit not wired' });
+            return true;
+        }
+        return guard(() => handleMessengerReact(req, res, emit, send), 'messenger-react', req.method === 'POST');
+    }
+    if (path === '/api/messenger/register') {
+        return guard(() => handleMessengerRegister(req, res, send), 'messenger-register', req.method === 'POST');
+    }
+    if (path === '/api/messenger/upload') {
+        return guard(() => handleMessengerUpload(req, res, send), 'messenger-upload', req.method === 'POST');
+    }
+    const fileMatch = path.match(/^\/api\/messenger\/files\/([^/]+)$/);
+    if (fileMatch) {
+        if (req.method !== 'GET') {
+            send(res, req, 405, { error: 'method not allowed' });
+            return true;
+        }
+        handleMessengerFile(req, res, decodeURIComponent(fileMatch[1]), send);
+        return true;
+    }
+    return false;
+}
+export async function handleMessengerSend(req, res, emit, send) {
+    const body = await readJsonBody(req);
+    if ('__error' in body)
+        return send(res, req, 400, { error: body.__error });
+    const text = (body.text ?? '').trim();
+    const attachments = Array.isArray(body.attachments) ? body.attachments : [];
+    const question = body.question && Array.isArray(body.question.options) && body.question.options.length > 0
+        ? body.question : undefined;
+    if (!text && attachments.length === 0 && !question) {
+        return send(res, req, 400, { error: 'text, attachments, or question required' });
+    }
+    const fromAgent = body.as === 'agent';
+    const agent = userSelf();
+    const replyTo = typeof body.replyTo === 'string' && body.replyTo ? body.replyTo : undefined;
+    /** Merge attachments + question into a single payload object so the client can read
+     *  both off `payload.attachments` and `payload.question`. */
+    const payload = (attachments.length > 0 || question)
+        ? { ...(attachments.length > 0 ? { attachments } : {}), ...(question ? { question } : {}) }
+        : undefined;
+    const entry = {
+        id: mintId(),
+        ts: new Date().toISOString(),
+        station: 'messenger',
+        line: MESSENGER_LINE,
+        from: fromAgent ? agent : MESSENGER_USER,
+        to: fromAgent ? MESSENGER_USER : agent,
+        text: text || undefined,
+        ...(replyTo ? { replyTo } : {}),
+        ...(payload ? { payload } : {}),
+    };
+    emit(entry);
+    /** Agent → user: push to registered tokens. User → agent: their own message; skip. */
+    if (fromAgent) {
+        const a = attachments[0];
+        const kindLabel = a?.kind === 'image' ? '📷 Photo'
+            : a?.kind === 'audio' ? '🎤 Voice message'
+                : a?.kind === 'video' ? '🎬 Video'
+                    : a ? `📎 ${a.name ?? 'File'}` : '';
+        const questionLabel = question ? `❓ ${question.header ?? 'Choose an option'}` : '';
+        const summary = text || kindLabel || questionLabel || '(empty)';
+        void pushExpo(readPushTokens(), 'Metro', summary.slice(0, 200), entry.id);
+    }
+    /** Fire-and-forget: transcribe any audio attachments and emit a follow-up event. */
+    for (const att of attachments) {
+        if (att.kind !== 'audio')
+            continue;
+        const filename = basename(att.url);
+        void transcribeAudio(join(UPLOADS_DIR, filename)).then(transcript => {
+            if (!transcript)
+                return;
+            emit({
+                id: mintId(), ts: new Date().toISOString(),
+                station: 'messenger', line: MESSENGER_LINE,
+                from: entry.from, to: entry.to,
+                payload: { transcribeFor: entry.id, transcript },
+            });
+        });
+    }
+    send(res, req, 200, { id: entry.id, line: entry.line });
+}
+/** Toggle a reaction; if already-active, emit `{removed: true}` so the client folds pairs. */
+export async function handleMessengerReact(req, res, emit, send) {
+    const body = await readJsonBody(req);
+    if ('__error' in body)
+        return send(res, req, 400, { error: body.__error });
+    const messageId = (body.messageId ?? '').trim();
+    const emoji = (body.emoji ?? '').trim();
+    if (!messageId || !emoji)
+        return send(res, req, 400, { error: 'messageId + emoji required' });
+    const fromAgent = body.as === 'agent';
+    const agent = userSelf();
+    const sender = fromAgent ? agent : MESSENGER_USER;
+    /** Scan recent messenger history for an already-active reaction from this sender. */
+    /** readHistory returns newest-first; break on first match so we get the latest event's state. */
+    const recent = readHistory({ limit: 500, station: 'messenger' });
+    let active = false;
+    for (const e of recent) {
+        const p = e.payload;
+        if (!p?.reactTo || p.reactTo !== messageId || p.emoji !== emoji || e.from !== sender)
+            continue;
+        active = !p.removed;
+        break;
+    }
+    const entry = {
+        id: mintId(),
+        ts: new Date().toISOString(),
+        station: 'messenger',
+        line: MESSENGER_LINE,
+        from: sender,
+        to: fromAgent ? MESSENGER_USER : agent,
+        payload: { reactTo: messageId, emoji, ...(active ? { removed: true } : {}) },
+    };
+    emit(entry);
+    send(res, req, 200, { id: entry.id, removed: active });
+}
+export async function handleMessengerRegister(req, res, send) {
+    const body = await readJsonBody(req);
+    if ('__error' in body)
+        return send(res, req, 400, { error: body.__error });
+    const token = (body.pushToken ?? '').trim();
+    if (!token)
+        return send(res, req, 400, { error: 'pushToken is required' });
+    const tokens = readPushTokens();
+    if (!tokens.includes(token))
+        writePushTokens([...tokens, token]);
+    send(res, req, 200, { ok: true, count: tokens.includes(token) ? tokens.length : tokens.length + 1 });
+}

package/dist/cli/messenger-transcribe.js

@@ -0,0 +1,43 @@
+/** Local whisper.cpp audio transcription. Opt-in: requires whisper-cli + ggml model on disk. */
+import { spawn } from 'node:child_process';
+import { existsSync, readFileSync, unlinkSync } from 'node:fs';
+import { homedir, tmpdir } from 'node:os';
+import { basename, extname, join } from 'node:path';
+import { errMsg, log } from '../log.js';
+const WHISPER_BIN = process.env.METRO_WHISPER_BIN ?? 'whisper-cli';
+const WHISPER_MODEL = process.env.METRO_WHISPER_MODEL
+    ?? join(homedir(), '.cache', 'whisper-cpp', 'ggml-base.bin');
+const FFMPEG_BIN = process.env.METRO_FFMPEG_BIN ?? 'ffmpeg';
+function runCmd(bin, args) {
+    return new Promise((resolve, reject) => {
+        const child = spawn(bin, args, { stdio: 'ignore' });
+        child.on('error', reject);
+        child.on('exit', code => (code === 0 ? resolve() : reject(new Error(`${bin} exited ${code}`))));
+    });
+}
+/** Transcribe a local audio file to text. Returns null on any failure (incl. missing tooling). */
+export async function transcribeAudio(filePath) {
+    if (!existsSync(WHISPER_MODEL) || !existsSync(filePath))
+        return null;
+    const base = basename(filePath, extname(filePath));
+    const wav = join(tmpdir(), `metro-tx-${base}.wav`);
+    const outPrefix = join(tmpdir(), `metro-tx-${base}`);
+    try {
+        await runCmd(FFMPEG_BIN, ['-y', '-i', filePath, '-ar', '16000', '-ac', '1', wav]);
+        await runCmd(WHISPER_BIN, ['-m', WHISPER_MODEL, '-f', wav, '--output-txt', '-of', outPrefix]);
+        const text = readFileSync(`${outPrefix}.txt`, 'utf8').trim();
+        return text || null;
+    }
+    catch (err) {
+        log.warn({ err: errMsg(err) }, 'messenger transcribe failed');
+        return null;
+    }
+    finally {
+        for (const f of [wav, `${outPrefix}.txt`]) {
+            try {
+                unlinkSync(f);
+            }
+            catch { /* ignore */ }
+        }
+    }
+}

package/dist/cli/messenger-uploads.js

@@ -0,0 +1,116 @@
+/** Messenger upload + serve: POST /api/messenger/upload, GET /api/messenger/files/:name. */
+import { createReadStream, createWriteStream, existsSync, mkdirSync, readdirSync, statSync, unlinkSync } from 'node:fs';
+import { extname, join } from 'node:path';
+import { pipeline } from 'node:stream/promises';
+import { mintId } from '../history.js';
+import { errMsg, log } from '../log.js';
+import { STATE_DIR } from '../paths.js';
+const UPLOADS_DIR = join(STATE_DIR, 'messenger-uploads');
+const UPLOAD_MAX = 25 * 1024 * 1024;
+/** Tunable via env: how long uploaded files stick around before they're pruned (ms). */
+const UPLOAD_TTL_MS = Number(process.env.METRO_UPLOAD_TTL_MS ?? String(90 * 24 * 60 * 60 * 1000));
+mkdirSync(UPLOADS_DIR, { recursive: true });
+/** Best-effort: delete uploads older than UPLOAD_TTL_MS. Called once at module load + periodically. */
+function pruneOldUploads() {
+    const cutoff = Date.now() - UPLOAD_TTL_MS;
+    let removed = 0;
+    try {
+        for (const name of readdirSync(UPLOADS_DIR)) {
+            const path = join(UPLOADS_DIR, name);
+            try {
+                if (statSync(path).mtimeMs < cutoff) {
+                    unlinkSync(path);
+                    removed += 1;
+                }
+            }
+            catch { /* ignore individual file errors */ }
+        }
+    }
+    catch { /* dir missing — nothing to prune */ }
+    if (removed > 0)
+        log.info({ removed, dir: UPLOADS_DIR }, 'messenger-uploads: pruned old files');
+}
+pruneOldUploads();
+setInterval(pruneOldUploads, 12 * 60 * 60 * 1000).unref();
+/** Map MIME prefix → attachment kind. */
+export function kindFromMime(mime) {
+    if (mime.startsWith('image/'))
+        return 'image';
+    if (mime.startsWith('audio/'))
+        return 'audio';
+    if (mime.startsWith('video/'))
+        return 'video';
+    return 'file';
+}
+const MIME_TO_EXT = {
+    'image/png': '.png', 'image/jpeg': '.jpg', 'image/jpg': '.jpg',
+    'image/webp': '.webp', 'image/gif': '.gif', 'image/heic': '.heic',
+    'audio/mp4': '.m4a', 'audio/m4a': '.m4a', 'audio/aac': '.aac',
+    'audio/mpeg': '.mp3', 'audio/ogg': '.ogg', 'audio/webm': '.webm', 'audio/wav': '.wav',
+    'video/mp4': '.mp4', 'video/webm': '.webm', 'video/quicktime': '.mov',
+    'application/pdf': '.pdf', 'application/zip': '.zip',
+    'text/plain': '.txt', 'text/markdown': '.md',
+};
+/** mime → file extension. Best-effort, falls back to '.bin'. */
+function extFromMime(mime) {
+    return MIME_TO_EXT[mime.toLowerCase().split(';')[0]] ?? '.bin';
+}
+/** ext → mime, used when serving uploads so browsers / image tags interpret them correctly. */
+function mimeFromExt(ext) {
+    const reverse = Object.entries(MIME_TO_EXT).find(([, e]) => e === ext.toLowerCase());
+    return reverse ? reverse[0] : 'application/octet-stream';
+}
+/** Raw binary upload: body = file bytes, headers `Content-Type` and `X-Filename` (optional). */
+export async function handleMessengerUpload(req, res, send) {
+    const mime = (req.headers['content-type'] ?? 'application/octet-stream').toString().split(';')[0].trim();
+    const declared = Number(req.headers['content-length'] ?? '0');
+    if (declared > UPLOAD_MAX)
+        return send(res, req, 413, { error: `upload exceeds ${UPLOAD_MAX} bytes` });
+    const name = req.headers['x-filename']?.toString().slice(0, 256);
+    const id = mintId();
+    const ext = name ? extname(name) || extFromMime(mime) : extFromMime(mime);
+    const filename = `${id}${ext}`;
+    const dest = join(UPLOADS_DIR, filename);
+    let total = 0;
+    const out = createWriteStream(dest);
+    req.on('data', (chunk) => {
+        total += chunk.length;
+        if (total > UPLOAD_MAX) {
+            req.destroy(new Error('upload too large'));
+            out.destroy();
+        }
+    });
+    try {
+        await pipeline(req, out);
+    }
+    catch (err) {
+        try {
+            send(res, req, 413, { error: errMsg(err) });
+        }
+        catch { /* ignore */ }
+        return;
+    }
+    /** Path-only URL; the client adds host + token. Stable, host-independent across tunnels. */
+    send(res, req, 200, {
+        id, url: `/api/messenger/files/${filename}`, kind: kindFromMime(mime), mime, size: total, name,
+    });
+}
+/** GET /api/messenger/files/:filename — stream a previously uploaded file back. */
+export function handleMessengerFile(req, res, filename, send) {
+    /** Guard path traversal — only basenames allowed. */
+    if (filename.includes('/') || filename.includes('..') || !filename) {
+        return send(res, req, 400, { error: 'bad filename' });
+    }
+    const path = join(UPLOADS_DIR, filename);
+    if (!existsSync(path))
+        return send(res, req, 404, { error: 'not found' });
+    const stat = statSync(path);
+    const dot = filename.lastIndexOf('.');
+    const ext = dot >= 0 ? filename.slice(dot) : '';
+    res.writeHead(200, {
+        'content-type': mimeFromExt(ext),
+        'content-length': stat.size.toString(),
+        'cache-control': 'private, max-age=31536000',
+    });
+    createReadStream(path).pipe(res);
+}

package/dist/cli/monitor-api.js

@@ -0,0 +1,205 @@
+/** HTTP monitor endpoints: GET /api/state, GET /api/tail (SSE), POST /api/call/<train>/<action>. */
+import { timingSafeEqual } from 'node:crypto';
+import pkg from '../../package.json' with { type: 'json' };
+import { readClaims } from '../broker/claims.js';
+import { drainTail, followTail, historySize, } from '../broker/history-stream.js';
+import { readHistory } from '../history.js';
+import { ipcCall } from '../ipc.js';
+import { asLine } from '../lines.js';
+import { errMsg, log } from '../log.js';
+import { readBotIds } from '../paths.js';
+import { routeMessenger } from './messenger-api.js';
+/** Monitor endpoints answer only on dedicated hostnames so webhook tunnel can't double-serve them. */
+const MONITOR_HOSTS = new Set((process.env.METRO_MONITOR_HOSTS ?? 'monitor.metro.box,localhost,127.0.0.1')
+    .toLowerCase().split(',').map(s => s.trim()).filter(Boolean));
+const CALL_BODY_MAX = 256 * 1024;
+/** Reflect request Origin so browsers (Netlify, custom domains, file://) can call cross-origin. */
+function cors(req) {
+    return {
+        'access-control-allow-origin': req.headers.origin ?? '*',
+        'access-control-allow-methods': 'GET, POST, OPTIONS',
+        'access-control-allow-headers': 'Authorization, Content-Type',
+        'access-control-max-age': '86400',
+        vary: 'Origin',
+    };
+}
+function send(res, req, status, body) {
+    res.writeHead(status, { 'content-type': 'application/json', ...cors(req) });
+    res.end(JSON.stringify(body));
+}
+function tokenEq(given, want) {
+    const g = Buffer.from(given), w = Buffer.from(want);
+    return g.length === w.length && timingSafeEqual(g, w);
+}
+function authorized(req, q) {
+    const token = process.env.METRO_MONITOR_TOKEN;
+    if (!token)
+        return { status: 503, msg: 'monitor endpoints not configured (METRO_MONITOR_TOKEN unset)' };
+    const header = [].concat(req.headers['authorization'] ?? [])[0];
+    if (header?.startsWith('Bearer ') && tokenEq(header.slice(7), token))
+        return null;
+    /** Query-token path is for media tags (img/audio) that can't send Authorization headers. */
+    const qt = q?.get('token');
+    if (qt && tokenEq(qt, token))
+        return null;
+    return { status: 401, msg: 'unauthorized' };
+}
+/** Mode picker — shared with CLI tail. Conflict/strict-no-self routed through `onErr`. */
+export function pickMode(strict, unclaimed, all, self, onErr) {
+    if ([strict, unclaimed, all].filter(Boolean).length > 1) {
+        return onErr('strict/unclaimed/all are mutually exclusive');
+    }
+    if (strict)
+        return self ? 'mine-only' : onErr('strict requires --as <user-uri>');
+    if (unclaimed)
+        return 'unclaimed';
+    if (all || !self)
+        return 'all';
+    return 'mine-or-unclaimed';
+}
+export function handleMonitorRequest(req, res, emit) {
+    const url = req.url ?? '';
+    if (!url.startsWith('/api/'))
+        return false;
+    const host = req.headers[':authority'] ?? req.headers.host;
+    if (host && !MONITOR_HOSTS.has(host.split(':')[0].toLowerCase()))
+        return false;
+    /** CORS preflight — short-circuit before auth so browsers can OPTIONS without a token. */
+    if (req.method === 'OPTIONS') {
+        res.writeHead(204, cors(req));
+        res.end();
+        return true;
+    }
+    const [path, qs = ''] = url.split('?', 2);
+    const q = new URLSearchParams(qs);
+    const auth = authorized(req, q);
+    if (auth) {
+        send(res, req, auth.status, { error: auth.msg });
+        return true;
+    }
+    if (req.method === 'GET' && path === '/api/state') {
+        handleState(res, req, q);
+        return true;
+    }
+    if (req.method === 'GET' && path === '/api/tail') {
+        handleTail(req, res, q).catch(err => {
+            log.warn({ err: errMsg(err) }, 'monitor: tail handler error');
+            try {
+                if (!res.headersSent)
+                    res.writeHead(500).end();
+                else
+                    res.end();
+            }
+            catch { /* ignore */ }
+        });
+        return true;
+    }
+    /** POST /api/call/<train>/<action> — JSON body {args} forwarded to train via IPC forward-call. */
+    const callMatch = path.match(/^\/api\/call\/([^/]+)\/([^/]+)$/);
+    if (callMatch) {
+        if (req.method !== 'POST') {
+            send(res, req, 405, { error: 'method not allowed' });
+            return true;
+        }
+        handleCall(req, res, callMatch[1], callMatch[2]).catch(err => {
+            log.warn({ err: errMsg(err) }, 'monitor: call handler error');
+            try {
+                send(res, req, 500, { error: errMsg(err) });
+            }
+            catch { /* ignore */ }
+        });
+        return true;
+    }
+    /** /api/messenger/* — send, register, upload, files/:name. */
+    if (path.startsWith('/api/messenger/') && routeMessenger(req, res, path, emit, send))
+        return true;
+    /** GET-only paths reject other verbs with 405. Anything else → 404. */
+    if (req.method !== 'GET' && (path === '/api/state' || path === '/api/tail')) {
+        send(res, req, 405, { error: 'method not allowed' });
+        return true;
+    }
+    send(res, req, 404, { error: 'not found' });
+    return true;
+}
+function nonNegInt(raw) {
+    const n = raw == null ? NaN : Number(raw);
+    return Number.isInteger(n) && n >= 0 ? n : null;
+}
+function handleState(res, req, q) {
+    const before = nonNegInt(q.get('before'));
+    const limit = Math.min(nonNegInt(q.get('limit')) ?? 100, 500);
+    if (before !== null)
+        return send(res, req, 200, { recent_history: readHistory({ limit, skip: before }) });
+    const recent = readHistory({ limit }), claims = readClaims();
+    const lines = new Set([...recent.map(e => e.line), ...Object.keys(claims)]);
+    send(res, req, 200, {
+        claims, lines: [...lines], recent_history: recent, bot_ids: readBotIds(), version: pkg.version,
+    });
+}
+async function handleTail(req, res, q) {
+    const asParam = q.get('as');
+    const self = asParam ? asLine(asParam) : null;
+    const isOn = (k) => q.get(k) === 'true' || q.get('mode') === k;
+    const mode = pickMode(isOn('strict'), isOn('unclaimed'), isOn('all'), self, () => 'all');
+    const excludeFromCsv = q.get('exclude_from');
+    const opts = {
+        mode, self, chatFilter: q.get('chat') ?? undefined,
+        stationFilter: q.get('station') ?? undefined,
+        includeWebhooks: q.get('include_webhooks') === 'true',
+        excludeFrom: excludeFromCsv ? excludeFromCsv.split(',').map(s => s.trim()).filter(Boolean) : undefined,
+    };
+    res.writeHead(200, {
+        'content-type': 'text/event-stream', 'cache-control': 'no-cache, no-transform',
+        'connection': 'keep-alive', ...cors(req),
+        /** Cloudflare/proxies buffer SSE without this hint. */
+        'x-accel-buffering': 'no',
+    });
+    /** `since=tail` (default) starts at EOF; `since=0` replays the full file; numeric = byte offset. */
+    const since = q.get('since');
+    const sinceN = since && since !== 'tail' ? Number(since) : NaN;
+    let offset = Number.isFinite(sinceN) && sinceN >= 0 ? sinceN : historySize();
+    /** 4 KiB padding so Cloudflare's HTTP/2 buffer flushes (else holds 30+ s on free tier). */
+    res.write(`: metro monitor tail (mode=${opts.mode}${self ? `, as=${self}` : ''})\n: ${'-'.repeat(4096)}\n\n`);
+    const sse = (e) => {
+        res.write(`id: ${e.id}\nevent: history\ndata: ${JSON.stringify(e)}\n\n`);
+    };
+    offset = drainTail(offset, opts, sse);
+    const stop = followTail(offset, opts, sse, 1_000);
+    const keepalive = setInterval(() => res.write(': keepalive\n\n'), 25_000);
+    const cleanup = () => { stop(); clearInterval(keepalive); try {
+        res.end();
+    }
+    catch { /* ignore */ } };
+    req.on('close', cleanup);
+    req.on('error', cleanup);
+}
+async function handleCall(req, res, train, action) {
+    const chunks = [];
+    let total = 0;
+    for await (const chunk of req) {
+        const buf = Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk);
+        total += buf.length;
+        if (total > CALL_BODY_MAX)
+            throw new Error(`request body exceeds ${CALL_BODY_MAX} bytes`);
+        chunks.push(buf);
+    }
+    const raw = Buffer.concat(chunks).toString('utf8').trim();
+    let args = {};
+    if (raw) {
+        try {
+            const parsed = JSON.parse(raw);
+            args = parsed && typeof parsed === 'object' && 'args' in parsed ? parsed.args : parsed;
+        }
+        catch (err) {
+            return send(res, req, 400, { error: `bad JSON body: ${errMsg(err)}` });
+        }
+    }
+    const resp = await ipcCall({ op: 'forward-call', train, action, args });
+    if (!resp.ok)
+        return send(res, req, 502, { error: resp.error });
+    if (!('response' in resp))
+        return send(res, req, 502, { error: 'malformed daemon response' });
+    if (resp.response.error)
+        return send(res, req, 502, { error: resp.response.error });
+    send(res, req, 200, { result: resp.response.result ?? null });
+}