@vibe80/vibe80 0.1.3 → 0.1.8

package/bin/vibe80.js

@@ -14,12 +14,14 @@ const monoAuthUrlFile = path.join(
 );
 const defaultEnv = {
   DEPLOYMENT_MODE: "mono_user",
-  JWT_KEY_PATH: path.join(homeDir, ".vibe80", "jwt.key"),
+  VIBE80_DATA_DIRECTORY: path.join(homeDir, ".vibe80"),
   STORAGE_BACKEND: "sqlite",
-  SQLITE_PATH: path.join(homeDir, ".vibe80", "data.sqlite"),
 };
 const deploymentMode = process.env.DEPLOYMENT_MODE || defaultEnv.DEPLOYMENT_MODE;
 const serverPort = process.env.PORT || "5179";
+const cliArgs = process.argv.slice(2);
+const enableCodexFromCli = cliArgs.includes("--codex");
+const enableClaudeFromCli = cliArgs.includes("--claude");
 
 const spawnProcess = (cmd, args, label, extraEnv = {}) => {
   const child = spawn(cmd, args, {
@@ -128,11 +130,21 @@ const shutdown = (code = 0) => {
 
 const startServer = () => {
   unlinkMonoAuthUrlFile();
+  const monoProviderEnv = {};
+  if (enableCodexFromCli) {
+    monoProviderEnv.VIBE80_MONO_ENABLE_CODEX = "true";
+  }
+  if (enableClaudeFromCli) {
+    monoProviderEnv.VIBE80_MONO_ENABLE_CLAUDE = "true";
+  }
   server = spawnProcess(
     process.execPath,
     ["server/src/index.js"],
     "server",
-    { VIBE80_MONO_AUTH_URL_FILE: monoAuthUrlFile }
+    {
+      VIBE80_MONO_AUTH_URL_FILE: monoAuthUrlFile,
+      ...monoProviderEnv,
+    }
   );
   void maybeOpenMonoAuthUrl();
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@vibe80/vibe80",
-  "version": "0.1.3",
+  "version": "0.1.8",
   "private": false,
   "workspaces": [
     "server",

package/server/src/claudeClient.js

@@ -48,7 +48,7 @@ export class ClaudeCliClient extends EventEmitter {
     this.tmpDir = tmpDir || null;
     this.sessionId = sessionId || null;
     this.worktreeId = worktreeId || "main";
-    this.ready = false;
+    this.ready = true;
     this.threadId = threadId || null;
     this.pendingForkFromThreadId = forkFromThreadId || null;
     this.modelInfo = null;
@@ -77,7 +77,6 @@ export class ClaudeCliClient extends EventEmitter {
       return;
     }
     this.activeProcess = null;
-    this.ready = false;
     const exitPromise = new Promise((resolve) => {
       proc.once("exit", resolve);
       proc.once("close", resolve);
@@ -223,6 +222,7 @@ export class ClaudeCliClient extends EventEmitter {
       cwd: isMonoUser ? this.cwd : undefined,
     });
     this.activeProcess = proc;
+    this.ready = false;
 
     proc.stdout.setEncoding("utf8");
     proc.stdout.on("data", (chunk) => {
@@ -264,6 +264,7 @@ export class ClaudeCliClient extends EventEmitter {
       if (this.activeProcess === proc) {
         this.activeProcess = null;
       }
+      this.ready = true;
       this.#flushLogBuffer("OUT", "stdoutLogBuffer");
       this.#flushLogBuffer("ERR", "stderrLogBuffer");
       this.providerLogger?.close?.();

package/server/src/index.js

@@ -45,6 +45,7 @@ import {
 } from "./services/auth.js";
 import {
   ensureDefaultMonoWorkspace,
+  applyMonoUserProviderOverridesFromEnv,
   isMonoUser,
   getWorkspacePaths,
   getWorkspaceSshPaths,
@@ -154,6 +155,7 @@ const sudoPath = process.env.VIBE80_SUDO_PATH || "sudo";
 
 await storage.init();
 await ensureDefaultMonoWorkspace();
+await applyMonoUserProviderOverridesFromEnv();
 
 // ---------------------------------------------------------------------------
 // Middleware pipeline
@@ -660,9 +662,20 @@ wss.on("connection", (socket, req) => {
           return;
         }
         const isMainWorktree = worktreeId === "main";
-        const client = isMainWorktree
+        let client = isMainWorktree
           ? getActiveClient(session)
           : runtime.worktreeClients.get(worktreeId);
+        if (isMainWorktree && !client) {
+          const provider = session.activeProvider === "claude" ? "claude" : "codex";
+          client = await getOrCreateClient(session, provider);
+          if (!client.listenerCount("ready")) {
+            if (provider === "claude") {
+              attachClaudeEvents(sessionId, client, provider);
+            } else {
+              attachClientEvents(sessionId, client, provider);
+            }
+          }
+        }
         if (!client?.ready) {
           const label = isMainWorktree
             ? getProviderLabel(session)
@@ -1144,6 +1157,20 @@ wss.on("connection", (socket, req) => {
             });
           });
         }
+      } else if (session.activeProvider === "claude") {
+        const client = await getOrCreateClient(session, "claude");
+        if (!client.listenerCount("ready")) {
+          attachClaudeEvents(sessionId, client, "claude");
+        }
+        if (!client.ready && !client.activeProcess) {
+          client.start().catch((error) => {
+            console.error("Failed to restart Claude CLI:", error);
+            broadcastToSession(sessionId, {
+              type: "error",
+              message: "Claude CLI failed to start.",
+            });
+          });
+        }
       }
 
       authenticated = true;

package/server/src/middleware/auth.js

@@ -1,9 +1,16 @@
 import crypto from "crypto";
 import fs from "fs";
+import os from "os";
 import path from "path";
 import jwt from "jsonwebtoken";
 
-const jwtKeyPath = process.env.JWT_KEY_PATH || "/var/lib/vibe80/jwt.key";
+const homeDir = process.env.HOME || os.homedir();
+const isMonoUser = process.env.DEPLOYMENT_MODE === "mono_user";
+const defaultDataDirectory = isMonoUser
+  ? path.join(homeDir, ".vibe80")
+  : "/var/lib/vibe80";
+const dataDirectory = process.env.VIBE80_DATA_DIRECTORY || defaultDataDirectory;
+const jwtKeyPath = process.env.JWT_KEY_PATH || path.join(dataDirectory, "jwt.key");
 const jwtIssuer = process.env.JWT_ISSUER || "vibe80";
 const jwtAudience = process.env.JWT_AUDIENCE || "workspace";
 const accessTokenTtlSeconds =

package/server/src/routes/worktrees.js

@@ -430,9 +430,20 @@ export default function worktreeRoutes(deps) {
 
     const isMainWorktree = worktreeId === "main";
     const runtime = getSessionRuntime(sessionId);
-    const client = isMainWorktree
+    let client = isMainWorktree
       ? getActiveClient(session)
       : runtime?.worktreeClients?.get(worktreeId);
+    if (isMainWorktree && !client) {
+      const provider = session.activeProvider === "claude" ? "claude" : "codex";
+      client = await getOrCreateClient(session, provider);
+      if (!client.listenerCount("ready")) {
+        if (provider === "claude") {
+          attachClaudeEvents(sessionId, client, provider);
+        } else {
+          attachClientEvents(sessionId, client, provider);
+        }
+      }
+    }
     if (!client?.ready) {
       const label = isMainWorktree
         ? worktree.provider === "claude"

package/server/src/runAs.js

@@ -8,6 +8,8 @@ const SUDO_PATH = process.env.VIBE80_SUDO_PATH || "sudo";
 const DEPLOYMENT_MODE = process.env.DEPLOYMENT_MODE;
 const IS_MONO_USER = DEPLOYMENT_MODE === "mono_user";
 const WORKSPACE_ROOT_DIRECTORY = process.env.WORKSPACE_ROOT_DIRECTORY || "/workspaces";
+const MONO_USER_WORKSPACE_DIR =
+  process.env.MONO_USER_WORKSPACE_DIR || path.join(os.homedir(), "vibe80_workspace");
 const ALLOWED_ENV_KEYS = new Set([
   "GIT_SSH_COMMAND",
   "GIT_CONFIG_GLOBAL",
@@ -151,15 +153,21 @@ export const getWorkspaceHome = (workspaceId) => {
 
 export const getWorkspaceRoot = (workspaceId) =>
   (IS_MONO_USER
-    ? path.join(os.homedir(), "vibe80_workspace")
+    ? MONO_USER_WORKSPACE_DIR
     : path.join(WORKSPACE_ROOT_DIRECTORY, workspaceId));
 
 const validateCwd = (workspaceId, cwd) => {
   const resolved = path.resolve(cwd);
   const homeDir = getWorkspaceHome(workspaceId);
+  const workspaceRootDir = getWorkspaceRoot(workspaceId);
+  const inHome =
+    resolved === homeDir || resolved.startsWith(homeDir + path.sep);
+  const inWorkspaceRoot =
+    resolved === workspaceRootDir ||
+    resolved.startsWith(workspaceRootDir + path.sep);
   if (
-    resolved !== homeDir &&
-    !resolved.startsWith(homeDir + path.sep)
+    !inHome &&
+    !(IS_MONO_USER && inWorkspaceRoot)
   ) {
     throw new Error("cwd outside workspace");
   }

package/server/src/services/workspace.js

@@ -16,6 +16,8 @@ const isMonoUser = deploymentMode === "mono_user";
 const workspaceHomeBase = process.env.WORKSPACE_HOME_BASE || "/home";
 const workspaceRootBase = process.env.WORKSPACE_ROOT_DIRECTORY || "/workspaces";
 const workspaceRootName = "vibe80_workspace";
+const monoUserWorkspaceDir =
+  process.env.MONO_USER_WORKSPACE_DIR || path.join(os.homedir(), workspaceRootName);
 const workspaceSessionsDirName = "sessions";
 const rootHelperPath = process.env.VIBE80_ROOT_HELPER || "/usr/local/bin/vibe80-root";
 const sudoPath = process.env.VIBE80_SUDO_PATH || "sudo";
@@ -37,7 +39,7 @@ const runRootCommand = (args, options = {}) => {
 export const getWorkspacePaths = (workspaceId) => {
   const home = isMonoUser ? os.homedir() : path.join(workspaceHomeBase, workspaceId);
   const root = isMonoUser
-    ? path.join(home, workspaceRootName)
+    ? monoUserWorkspaceDir
     : path.join(workspaceRootBase, workspaceId);
   const sessionsDir = path.join(root, workspaceSessionsDirName);
   return {
@@ -763,14 +765,12 @@ export const ensureDefaultMonoWorkspace = async () => {
     return;
   }
   const workspaceId = "default";
+  const enabledProviders = getMonoEnabledProvidersFromEnv();
   await ensureWorkspaceDirs(workspaceId);
   const ids = await getWorkspaceUserIds(workspaceId);
   const existing = await storage.getWorkspace(workspaceId);
   if (!existing) {
-    const providers = {
-      codex: { enabled: true, auth: null },
-      claude: { enabled: true, auth: null },
-    };
+    const providers = applyMonoEnabledProviders({}, enabledProviders);
     await persistWorkspaceRecord({
       workspaceId,
       providers,
@@ -779,7 +779,177 @@ export const ensureDefaultMonoWorkspace = async () => {
       existing: null,
     });
     await appendAuditLog(workspaceId, "workspace_created");
+    return;
+  }
+  const providers = applyMonoEnabledProviders(existing.providers || {}, enabledProviders);
+  await persistWorkspaceRecord({
+    workspaceId,
+    providers,
+    ids,
+    existing,
+  });
+  await appendAuditLog(workspaceId, "workspace_providers_activation_updated", {
+    codexEnabled: providers.codex?.enabled ?? false,
+    claudeEnabled: providers.claude?.enabled ?? false,
+  });
+};
+
+const readEnvValue = (name) =>
+  typeof process.env[name] === "string" ? process.env[name].trim() : "";
+
+const parseMonoEnableEnv = (name) => {
+  const raw = process.env[name];
+  if (typeof raw !== "string") {
+    return false;
+  }
+  const value = raw.trim().toLowerCase();
+  if (["1", "true", "yes", "on"].includes(value)) {
+    return true;
+  }
+  if (["0", "false", "no", "off", ""].includes(value)) {
+    return false;
+  }
+  throw new Error(
+    `Invalid ${name} value \"${raw}\". Use one of: true/false, 1/0, yes/no, on/off.`
+  );
+};
+
+const getMonoEnabledProvidersFromEnv = () => {
+  const codexEnabled = parseMonoEnableEnv("VIBE80_MONO_ENABLE_CODEX");
+  const claudeEnabled = parseMonoEnableEnv("VIBE80_MONO_ENABLE_CLAUDE");
+  if (!codexEnabled && !claudeEnabled) {
+    throw new Error(
+      "In mono_user mode, enable at least one provider via --codex/--claude or VIBE80_MONO_ENABLE_CODEX/VIBE80_MONO_ENABLE_CLAUDE."
+    );
+  }
+  return { codexEnabled, claudeEnabled };
+};
+
+const applyMonoEnabledProviders = (providers = {}, enabledConfig) => {
+  const { codexEnabled, claudeEnabled } = enabledConfig;
+  const codexPrev = providers?.codex && typeof providers.codex === "object" ? providers.codex : {};
+  const claudePrev = providers?.claude && typeof providers.claude === "object" ? providers.claude : {};
+  return {
+    ...providers,
+    codex: {
+      enabled: Boolean(codexEnabled),
+      auth: codexPrev.auth || null,
+    },
+    claude: {
+      enabled: Boolean(claudeEnabled),
+      auth: claudePrev.auth || null,
+    },
+  };
+};
+
+const buildMonoUserProviderOverridesFromEnv = () => {
+  const codexApiKey = readEnvValue("CODEX_API_KEY");
+  const codexAuthJsonB64Raw = process.env.CODEX_AUTH_JSON_B64;
+  const hasCodexAuthJsonB64 = typeof codexAuthJsonB64Raw === "string";
+  const codexAuthJsonB64 = hasCodexAuthJsonB64 ? codexAuthJsonB64Raw.trim() : "";
+  const claudeApiKey = readEnvValue("CLAUDE_API_KEY");
+  const claudeSetupTokenRaw = process.env.CLAUDE_SETUP_TOKEN;
+  const hasClaudeSetupToken = typeof claudeSetupTokenRaw === "string";
+  const claudeSetupToken = hasClaudeSetupToken ? claudeSetupTokenRaw.trim() : "";
+
+  const overrides = {};
+
+  if (codexApiKey && hasCodexAuthJsonB64) {
+    console.warn(
+      "[warn] Both CODEX_API_KEY and CODEX_AUTH_JSON_B64 are set; using CODEX_AUTH_JSON_B64."
+    );
+  }
+  if (hasCodexAuthJsonB64) {
+    if (!codexAuthJsonB64) {
+      console.warn(
+        "[warn] Invalid CODEX_AUTH_JSON_B64 detected; ignoring codex preprovisioning."
+      );
+    } else {
+      try {
+        const decoded = decodeBase64(codexAuthJsonB64);
+        validateCodexAuthJson(decoded);
+        overrides.codex = {
+          auth: { type: "auth_json_b64", value: codexAuthJsonB64 },
+        };
+      } catch {
+        console.warn(
+          "[warn] Invalid CODEX_AUTH_JSON_B64 detected; ignoring codex preprovisioning."
+        );
+      }
+    }
+  } else if (codexApiKey) {
+    overrides.codex = {
+      auth: { type: "api_key", value: codexApiKey },
+    };
+  }
+
+  if (claudeApiKey && hasClaudeSetupToken) {
+    console.warn(
+      "[warn] Both CLAUDE_API_KEY and CLAUDE_SETUP_TOKEN are set; using CLAUDE_SETUP_TOKEN."
+    );
+  }
+  if (hasClaudeSetupToken) {
+    if (!claudeSetupToken) {
+      console.warn(
+        "[warn] Invalid CLAUDE_SETUP_TOKEN detected; ignoring claude preprovisioning."
+      );
+    } else {
+      overrides.claude = {
+        auth: { type: "setup_token", value: claudeSetupToken },
+      };
+    }
+  } else if (claudeApiKey) {
+    overrides.claude = {
+      auth: { type: "api_key", value: claudeApiKey },
+    };
+  }
+
+  return overrides;
+};
+
+export const applyMonoUserProviderOverridesFromEnv = async () => {
+  if (!isMonoUser) {
+    return;
+  }
+  const overrides = buildMonoUserProviderOverridesFromEnv();
+  if (Object.keys(overrides).length === 0) {
+    return;
+  }
+  const workspaceId = "default";
+  const existing = await storage.getWorkspace(workspaceId);
+  if (!existing) {
+    return;
   }
+  const activationConfig = getMonoEnabledProvidersFromEnv();
+  const mergedProviders = mergeProvidersForUpdate(existing.providers || {}, {
+    ...(overrides.codex
+      ? {
+          codex: {
+            enabled: activationConfig.codexEnabled,
+            auth: overrides.codex.auth,
+          },
+        }
+      : {}),
+    ...(overrides.claude
+      ? {
+          claude: {
+            enabled: activationConfig.claudeEnabled,
+            auth: overrides.claude.auth,
+          },
+        }
+      : {}),
+  });
+  const ids = await getWorkspaceUserIds(workspaceId);
+  await writeWorkspaceProviderAuth(workspaceId, mergedProviders);
+  await persistWorkspaceRecord({
+    workspaceId,
+    providers: mergedProviders,
+    ids,
+    existing,
+  });
+  await appendAuditLog(workspaceId, "workspace_providers_preprovisioned_from_env", {
+    providers: Object.keys(overrides),
+  });
 };
 
 export const createWorkspace = async (providers) => {
@@ -790,13 +960,18 @@ export const createWorkspace = async (providers) => {
   if (isMonoUser) {
     const workspaceId = "default";
     await ensureWorkspaceDirs(workspaceId);
+    const enabledProviders = getMonoEnabledProvidersFromEnv();
     const secret = "default";
     const ids = await getWorkspaceUserIds(workspaceId);
     const existing = await storage.getWorkspace(workspaceId);
-    await writeWorkspaceProviderAuth(workspaceId, providers);
+    const providersWithActivation = applyMonoEnabledProviders(
+      providers || existing?.providers || {},
+      enabledProviders
+    );
+    await writeWorkspaceProviderAuth(workspaceId, providersWithActivation);
     await persistWorkspaceRecord({
       workspaceId,
-      providers,
+      providers: providersWithActivation,
       ids,
       workspaceSecretHash: hashWorkspaceSecret(secret),
       existing,

package/server/src/storage/sqlite.js

@@ -1,4 +1,5 @@
 import fs from "fs";
+import os from "os";
 import path from "path";
 import sqlite3 from "sqlite3";
 
@@ -70,7 +71,13 @@ const all = (db, sql, params = []) =>
   });
 
 export const createSqliteStorage = () => {
-  const dbPath = process.env.SQLITE_PATH || "/var/lib/vibe80/base.sqlite";
+  const homeDir = process.env.HOME || os.homedir();
+  const isMonoUser = process.env.DEPLOYMENT_MODE === "mono_user";
+  const defaultDataDirectory = isMonoUser
+    ? path.join(homeDir, ".vibe80")
+    : "/var/lib/vibe80";
+  const dataDirectory = process.env.VIBE80_DATA_DIRECTORY || defaultDataDirectory;
+  const dbPath = process.env.SQLITE_PATH || path.join(dataDirectory, "base.sqlite");
   const resolvedPath = path.resolve(dbPath);
   const dir = path.dirname(resolvedPath);
   fs.mkdirSync(dir, { recursive: true, mode: 0o750 });