agent-yes 1.121.0 → 1.122.0

package/ts/schedule.ts

@@ -0,0 +1,161 @@
+import { createHash } from "node:crypto";
+import { SUPPORTED_CLIS } from "./SUPPORTED_CLIS.ts";
+import { resolveSpawnCwd } from "./workspaceConfig.ts";
+import { ensureBootAutostart } from "./oxmgrService.ts";
+
+// `ay schedule` — run an agent on a recurring schedule via oxmgr's cron support.
+// A scheduled job runs once immediately AND on every cron tick (with
+// --restart never so it isn't relaunched merely on exit), and — like the share
+// daemon — survives reboot once oxmgr's system service is installed.
+
+const SCHED_PREFIX = "agent-yes-cron-";
+
+/** `HH:MM` → a daily cron; otherwise a raw 5-field cron passes through. null if neither. */
+export function toCron(spec: string): string | null {
+  const s = spec.trim();
+  const hm = /^(\d{1,2}):(\d{2})$/.exec(s);
+  if (hm) {
+    const h = Number(hm[1]),
+      m = Number(hm[2]);
+    return h < 24 && m < 60 ? `${m} ${h} * * *` : null;
+  }
+  return /^\S+(\s+\S+){4}$/.test(s) ? s : null; // exactly 5 whitespace-separated fields
+}
+
+/** Single-quote for oxmgr's shell-style command parsing (verified: it respects quotes). */
+export function shellQuote(s: string): string {
+  return `'${s.replace(/'/g, `'\\''`)}'`;
+}
+
+function schedName(explicit: string | undefined, cli: string, key: string): string {
+  if (explicit) return explicit.startsWith(SCHED_PREFIX) ? explicit : SCHED_PREFIX + explicit;
+  return SCHED_PREFIX + cli + "-" + createHash("sha1").update(key).digest("hex").slice(0, 6);
+}
+
+async function run(cmd: string[], capture = false): Promise<{ code: number; out: string }> {
+  const p = Bun.spawn(cmd, {
+    stdin: "ignore",
+    stdout: capture ? "pipe" : "inherit",
+    stderr: capture ? "pipe" : "inherit",
+  });
+  const out = capture ? await new Response(p.stdout).text() : "";
+  return { code: (await p.exited) ?? 1, out };
+}
+
+export async function cmdSchedule(rest: string[]): Promise<number> {
+  const oxmgrBin = Bun.which("oxmgr");
+  if (!oxmgrBin) {
+    process.stderr.write(
+      "ay schedule: oxmgr not found\n" +
+        "  install with:  cargo install oxmgr\n" +
+        "             or: bun add -g oxmgr\n",
+    );
+    return 1;
+  }
+
+  const sub = rest[0];
+
+  if (!sub || sub === "-h" || sub === "--help") {
+    process.stdout.write(
+      `Usage:\n` +
+        `  ay schedule <when> <cli> [--cwd DIR] [--name N] [-- <prompt>]\n` +
+        `                                    schedule a recurring agent\n` +
+        `  ay schedule list                  list scheduled agents\n` +
+        `  ay schedule remove <name>         remove one\n\n` +
+        `<when> is a daily HH:MM (e.g. 10:00) or a 5-field cron ("0 10 * * *").\n` +
+        `The agent runs once now and then on every tick, and survives reboot.\n\n` +
+        `Example — a 10am daily QA pass:\n` +
+        `  ay schedule 10:00 claude --cwd ~/ws/product -- "run a full QA pass and write a report"\n`,
+    );
+    return 0;
+  }
+
+  if (sub === "list" || sub === "ls") {
+    // oxmgr lists everything; scheduled agents are the agent-yes-cron-* rows.
+    process.stdout.write(`scheduled agents are named '${SCHED_PREFIX}*':\n`);
+    return (await run([oxmgrBin, "list"])).code;
+  }
+
+  if (sub === "remove" || sub === "rm" || sub === "delete") {
+    const name = rest[1];
+    if (!name) {
+      process.stderr.write("usage: ay schedule remove <name>\n");
+      return 1;
+    }
+    const full = name.startsWith(SCHED_PREFIX) ? name : SCHED_PREFIX + name;
+    return (await run([oxmgrBin, "delete", full])).code;
+  }
+
+  // ay schedule <when> <cli> [--cwd DIR] [--name N] [-- <prompt>]
+  const dashIdx = rest.indexOf("--");
+  const head = dashIdx >= 0 ? rest.slice(0, dashIdx) : rest;
+  const prompt = dashIdx >= 0 ? rest.slice(dashIdx + 1).join(" ") : "";
+
+  let nameFlag: string | undefined;
+  let cwdFlag: string | undefined;
+  const pos: string[] = [];
+  for (let i = 0; i < head.length; i++) {
+    if (head[i] === "--name") nameFlag = head[++i];
+    else if (head[i] === "--cwd") cwdFlag = head[++i];
+    else pos.push(head[i]!);
+  }
+
+  const [when, cli] = pos;
+  if (!when || !cli) {
+    process.stderr.write("usage: ay schedule <when> <cli> [-- <prompt>]\n");
+    return 1;
+  }
+  const cron = toCron(when);
+  if (!cron) {
+    process.stderr.write(`ay schedule: bad <when> "${when}" — use HH:MM or a 5-field cron\n`);
+    return 1;
+  }
+  if (!SUPPORTED_CLIS.includes(cli as never)) {
+    process.stderr.write(`ay schedule: unsupported cli "${cli}"\n`);
+    return 1;
+  }
+
+  const cwd = resolveSpawnCwd(cwdFlag);
+  // Absolute interpreter + bin: oxmgr's daemon PATH may lack ~/.bun/bin. Quote
+  // every piece — oxmgr shell-parses the command, so a space in the interpreter
+  // path, the ay path, or the prompt would otherwise split into bogus args.
+  const ayBin = Bun.which("ay");
+  const ayInvoke = ayBin ? `${shellQuote(process.execPath)} ${shellQuote(ayBin)}` : "ay";
+  const agentCmd = `${ayInvoke} ${cli}${prompt ? ` -- ${shellQuote(prompt)}` : ""}`;
+  const name = schedName(nameFlag, cli, cron + "\0" + prompt + "\0" + cwd);
+
+  const { code } = await run([
+    oxmgrBin,
+    "start",
+    agentCmd,
+    "--name",
+    name,
+    "--cwd",
+    cwd,
+    "--restart",
+    "never", // only (re)launched by the cron tick, not on plain exit
+    "--cron-restart",
+    cron,
+  ]);
+  if (code !== 0) return code;
+
+  // Persist across reboots (idempotent; same wrapper the daemon install uses).
+  // Best-effort: the schedule is already registered, so don't fail the command if
+  // boot registration can't be done here — just report it honestly. This SKIPS
+  // the install when the service is already registered, so it won't bounce the
+  // oxmgr daemon (and every process it manages) on a routine `ay schedule`.
+  const onBoot = await ensureBootAutostart(oxmgrBin);
+
+  process.stdout.write(
+    `\nscheduled '${name}'\n` +
+      `  ${cli}${prompt ? ` -- "${prompt.slice(0, 60)}${prompt.length > 60 ? "…" : ""}"` : ""}\n` +
+      `  when: ${cron}   cwd: ${cwd}\n` +
+      (onBoot
+        ? `  runs now and on every tick; survives reboot.\n`
+        : `  runs now and on every tick.\n` +
+          `  start-on-boot: not registered — run \`oxmgr service install\` to enable\n`) +
+      `\n  ay schedule list                     # all scheduled agents\n` +
+      `  ay schedule remove ${name.slice(SCHED_PREFIX.length)}\n`,
+  );
+  return 0;
+}

package/ts/serve.ts

@@ -40,6 +40,26 @@ async function loadOrCreateToken(tokenFlag?: string): Promise<string> {
   }
 }
 
+// Read the serve token WITHOUT creating one — `ay serve status` must be a pure
+// read (creating a token as a side effect of asking "is it running?" is wrong).
+async function loadTokenReadOnly(): Promise<string | null> {
+  try {
+    return (await readFile(tokenPath(), "utf-8")).trim();
+  } catch {
+    return null;
+  }
+}
+
+// The persisted WebRTC share link (mode 0600), written by a --share/--webrtc
+// daemon so the secret-bearing link survives restarts. null if not sharing.
+async function readShareLink(): Promise<string | null> {
+  try {
+    return (await readFile(path.join(agentYesHome(), ".share-link"), "utf-8")).trim();
+  } catch {
+    return null;
+  }
+}
+
 function tokenEqual(provided: string, expectedToken: string): boolean {
   // Constant-time compare; pad both to the same length first
   const maxLen = Math.max(provided.length, expectedToken.length);
@@ -133,32 +153,67 @@ function ayServeArgv(args: string[]): string[] {
   return [...launcher, "serve", ...args];
 }
 
+// Per-user login auto-start entry on Windows. pm2 core has no Windows startup
+// integration (`pm2 startup` errors "Init system not found"), so we register a
+// HKCU Run value that runs `pm2 resurrect` at login — no admin, removed on
+// uninstall. HKCU (not HKLM) keeps it user-scoped and admin-free.
+const WIN_RUN_KEY = "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run";
+const WIN_RUN_VALUE = DAEMON_NAME;
+
 // Register the daemon to come up automatically. The *scope* is per-platform by
-// design: Linux → at system boot (before login); Windows → at user login.
+// design: Linux → at system boot (before login); macOS/Windows → at user login.
 //   - Linux (oxmgr): `oxmgr service install` wires a systemd **--user** unit,
 //     which on its own only starts after the user logs in. To make it start at
 //     boot without requiring root (no system-scope unit, no sudo), we also
 //     `loginctl enable-linger`, which keeps the user's systemd instance — and
 //     thus our service — running from boot. Best-effort; linger failing just
 //     downgrades us to login-scope.
-//   - Windows (pm2): `pm2 save` persists the process list so the once-installed
-//     `pm2 startup` logon hook resurrects it at user login.
+//   - Windows (pm2): pm2 core can't install a startup hook here, so we save the
+//     process list and add a HKCU Run entry that runs `pm2 resurrect` at login.
+//   - macOS (pm2): `pm2 startup` wires a launchd agent (best-effort).
 // Idempotent and best-effort: returns false on failure without aborting the
 // install — the process is still crash-managed, just not boot/login-persistent.
 async function ensureBootAutostart(mgr: DaemonManager): Promise<boolean> {
   try {
-    if (mgr.id !== "oxmgr") {
-      // pm2 (Windows): logon-scoped resurrect via the saved process list.
-      return (await spawnExit([mgr.bin, "save"])) === 0;
+    if (mgr.id === "oxmgr") {
+      // Skip `service install` when the service is ALREADY registered: re-running
+      // it re-bootstraps the oxmgr daemon, which restarts every managed process —
+      // it once took down a VS Code serve-web session on each `ay serve install`.
+      // `oxmgr service status` exits 0 only when already installed.
+      // oxmgr's --system defaults to "auto" (launchd/systemd/Task Scheduler); it's
+      // a `service`-level flag, so it goes before the subcommand, not after.
+      const installed =
+        (await spawnExit([mgr.bin, "service", "status"])) === 0 ||
+        (await spawnExit([mgr.bin, "service", "install"])) === 0;
+      if (installed && process.platform === "linux") {
+        // Upgrade login-scope → boot-scope: linger starts the user manager at boot.
+        await spawnExit(["loginctl", "enable-linger", userInfo().username]);
+      }
+      return installed;
     }
-    // oxmgr's --system defaults to "auto" (launchd/systemd/Task Scheduler); it's
-    // a `service`-level flag, so it goes before the subcommand, not after.
-    const installed = (await spawnExit([mgr.bin, "service", "install"])) === 0;
-    if (installed && process.platform === "linux") {
-      // Upgrade login-scope → boot-scope: linger starts the user manager at boot.
-      await spawnExit(["loginctl", "enable-linger", userInfo().username]);
+    // pm2: persist the current process list first — boot/login resurrect reads it.
+    if ((await spawnExit([mgr.bin, "save"])) !== 0) return false;
+    if (process.platform === "win32") {
+      // pm2 has no Windows startup integration — add a HKCU Run entry ourselves.
+      const data = mgr.bin.includes(" ") ? `"${mgr.bin}" resurrect` : `${mgr.bin} resurrect`;
+      return (
+        (await spawnExit([
+          "reg",
+          "add",
+          WIN_RUN_KEY,
+          "/v",
+          WIN_RUN_VALUE,
+          "/t",
+          "REG_SZ",
+          "/d",
+          data,
+          "/f",
+        ])) === 0
+      );
     }
-    return installed;
+    // macOS (and any non-Windows pm2 install): pm2 startup wires the init script
+    // (may need sudo; best-effort).
+    return (await spawnExit([mgr.bin, "startup"])) === 0;
   } catch {
     return false;
   }
@@ -298,11 +353,17 @@ async function cmdServeDaemon(sub: string, args: string[]): Promise<number> {
             ? `start-on-boot: enabled (systemd --user + linger, starts at boot)\n`
             : `start-on-boot: not registered — needs a user systemd session; run \`oxmgr service install\` to enable\n`,
         );
+      else if (process.platform === "win32")
+        process.stdout.write(
+          onBoot
+            ? `start-on-login: enabled (a HKCU Run entry runs \`pm2 resurrect\`)\n`
+            : `start-on-login: not registered — \`pm2 save\` or the registry write failed\n`,
+        );
       else
         process.stdout.write(
           onBoot
-            ? `start-on-login: enabled (pm2 list saved; run \`pm2 startup\` once if logon resurrect is not yet installed)\n`
-            : `start-on-login: \`pm2 save\` failed — run it manually to persist across logins\n`,
+            ? `start-on-boot: enabled (pm2 startup registered with the system init)\n`
+            : `start-on-boot: not registered — run \`pm2 startup\` (may need sudo) to enable\n`,
         );
       process.stdout.write(`token: ${token}\n\n`);
       if (httpish) {
@@ -327,9 +388,13 @@ async function cmdServeDaemon(sub: string, args: string[]): Promise<number> {
       stdio: ["ignore", "inherit", "inherit"],
     });
     const code = (await proc.exited) ?? 1;
-    // Drop it from the persisted pm2 list too, so `pm2 resurrect` won't revive it.
-    if (mgr.id === "pm2" && code === 0)
-      await Bun.spawn([mgr.bin, "save"], { stdio: ["ignore", "ignore", "ignore"] }).exited;
+    if (mgr.id === "pm2" && code === 0) {
+      // Drop it from the persisted pm2 list too, so `pm2 resurrect` won't revive it.
+      await spawnExit([mgr.bin, "save"]);
+      // Remove the Windows login auto-start entry we added at install time.
+      if (process.platform === "win32")
+        await spawnExit(["reg", "delete", WIN_RUN_KEY, "/v", WIN_RUN_VALUE, "/f"]);
+    }
     return code;
   }
 
@@ -343,6 +408,84 @@ async function cmdServeDaemon(sub: string, args: string[]): Promise<number> {
   return 1;
 }
 
+// ay serve status — report whether the server is installed as a daemon and/or
+// currently reachable, plus its mode, port, version, token, and share link.
+// Read-only: never mints a token or disturbs the daemon. `--json` for scripts.
+async function cmdServeStatus(args: string[]): Promise<number> {
+  const json = args.includes("--json");
+  const mgr = resolveDaemonManager();
+  const token = await loadTokenReadOnly();
+  const shareLink = await readShareLink();
+
+  // A non-null arg list means the daemon is registered with the manager.
+  const daemonArgs = mgr ? await readDaemonServeArgs(mgr) : null;
+  const installed = daemonArgs !== null;
+  const a = daemonArgs ?? [];
+  const port = portFromArgs(a);
+  // Mirror cmdServe/install mode resolution: webrtc when --webrtc/--share; http
+  // when --http/--share OR no --webrtc at all (http is the implicit default).
+  const webrtcish = a.some((x) => x.startsWith("--webrtc") || x.startsWith("--share"));
+  const httpish =
+    a.some((x) => x.startsWith("--http") || x.startsWith("--share")) ||
+    !a.some((x) => x.startsWith("--webrtc"));
+  const mode = httpish && webrtcish ? "http+webrtc" : webrtcish ? "webrtc" : "http";
+
+  // Probe the local HTTP API — catches both a daemon and a foreground `ay serve`.
+  // Webrtc-only servers open no port, so a null probe there is expected, not down.
+  const runningVersion = httpish && token ? await fetchDaemonVersion(port, token) : null;
+  const current = getInstalledPackage().version;
+
+  if (json) {
+    process.stdout.write(
+      JSON.stringify(
+        {
+          manager: mgr?.id ?? null,
+          installed,
+          mode,
+          port: httpish ? port : null,
+          reachable: runningVersion !== null,
+          runningVersion,
+          currentVersion: current,
+          upToDate: runningVersion !== null && runningVersion === current,
+          args: a,
+          hasToken: !!token,
+          shareLink,
+        },
+        null,
+        2,
+      ) + "\n",
+    );
+    return 0;
+  }
+
+  const w = (s = "") => process.stdout.write(s + "\n");
+  w(`daemon name:  ${DAEMON_NAME}`);
+  w(`manager:      ${mgr ? mgr.id : "none — install pm2 or oxmgr to daemonize"}`);
+  if (installed) {
+    w(`installed:    yes (via ${mgr!.id})`);
+    w(`mode:         ${mode}${httpish ? `  (port ${port})` : ""}`);
+    if (a.length) w(`args:         ${a.join(" ")}`);
+  } else {
+    w(`installed:    no — start a daemon with:  ay serve install [--share]`);
+  }
+  if (runningVersion !== null) {
+    const tag = runningVersion === current ? "up to date" : `outdated (current v${current})`;
+    w(`http api:     reachable on 127.0.0.1:${port} — v${runningVersion} (${tag})`);
+  } else if (mode === "webrtc") {
+    w(`http api:     none (webrtc-only)`);
+  } else {
+    w(`http api:     not reachable on 127.0.0.1:${port} (not running)`);
+  }
+  w(`token:        ${token ?? "(none yet — created on first serve)"}`);
+  if (shareLink) w(`share link:   ${shareLink}`);
+  if (token && httpish) {
+    w();
+    w(`connect:  ay ls   ${token}@<host>:${port}`);
+    w(`          ay remote add <alias> http://${token}@<host>:${port}`);
+  }
+  return 0;
+}
+
 // ---------------------------------------------------------------------------
 // ay serve
 // ---------------------------------------------------------------------------
@@ -372,6 +515,7 @@ export async function cmdServe(rest: string[]): Promise<number> {
         `  --tls-key  FILE   TLS private key PEM\n\n` +
         `Subcommands:\n` +
         `  ay serve install    install as background daemon (pm2 on Windows, else oxmgr)\n` +
+        `  ay serve status     show daemon/server status (add --json for scripts)\n` +
         `  ay serve uninstall  remove daemon\n` +
         `  ay serve logs       view daemon logs\n\n` +
         `Once running, connect from another machine:\n` +
@@ -383,6 +527,7 @@ export async function cmdServe(rest: string[]): Promise<number> {
 
   // Daemon subcommands
   const sub = rest[0];
+  if (sub === "status") return cmdServeStatus(rest.slice(1));
   if (sub === "install" || sub === "uninstall" || sub === "logs") {
     return cmdServeDaemon(sub, rest.slice(1));
   }
@@ -962,8 +1107,18 @@ export async function cmdServe(rest: string[]): Promise<number> {
       process.stderr.write(
         `→ console spawned:  ay ${cli}${prompt ? ` -- "${prompt.slice(0, 60)}"` : ""}  (cwd: ${cwd})\n`,
       );
+      // Resolve `ay` to an absolute command. The detached daemon (oxmgr/launchd/
+      // pm2) usually has a PATH WITHOUT ~/.bun/bin, so a bare "ay" fails with
+      // "Executable not found in $PATH: ay". Prefer PATH; fall back to re-running
+      // THIS process's own ay entry (process.argv[1]) — always present, since the
+      // daemon is itself an `ay serve`.
+      const ayBin = Bun.which("ay") ?? process.argv[1];
+      const ayCmd =
+        process.platform === "win32" && ayBin.toLowerCase().endsWith(".exe")
+          ? [ayBin]
+          : [process.execPath, ayBin];
       try {
-        const child = Bun.spawn(["ay", cli, ...(prompt ? ["--", prompt] : [])], {
+        const child = Bun.spawn([...ayCmd, cli, ...(prompt ? ["--", prompt] : [])], {
           cwd,
           env: freshAgentEnv(), // don't leak our Claude Code session into the agent
           stdin: "ignore",

package/ts/share.ts

@@ -25,8 +25,47 @@ import {
 } from "../lab/ui/e2e.js";
 
 const SUB = "ay-signal-1";
-const ICE = [{ urls: "stun:stun.l.google.com:19302" }];
+// MAX_CHUNK is imported from e2e.js; ICE is replaced by STUN + getIceServers (TURN) below.
 const DEFAULT_SIGHOST = "s.agent-yes.com";
+const HOST_HEARTBEAT_MS = 20000; // keepalive ping to the rendezvous + silent-drop detection
+
+type IceServer = { urls: string | string[]; username?: string; credential?: string };
+const STUN: IceServer[] = [{ urls: "stun:stun.l.google.com:19302" }];
+
+// Short-lived Cloudflare TURN credentials, minted from a long-term TURN key, so
+// browsers can RELAY when a direct P2P path is impossible (symmetric NAT /
+// CGNAT — the main cause of "rooms offline"). Set CF_TURN_KEY_ID +
+// CF_TURN_API_TOKEN (create a TURN key in the Cloudflare dashboard: Realtime →
+// TURN) to enable; without them we use STUN only, exactly as before. Cached
+// until just before expiry; STUN-only fallback on any error so sharing never
+// breaks because TURN is misconfigured or unreachable.
+let iceCache: { servers: IceServer[]; exp: number } | null = null;
+async function getIceServers(): Promise<IceServer[]> {
+  const keyId = process.env.CF_TURN_KEY_ID;
+  const apiToken = process.env.CF_TURN_API_TOKEN;
+  if (!keyId || !apiToken) return STUN;
+  if (iceCache && iceCache.exp > Date.now()) return iceCache.servers;
+  const ttl = 3600; // credential lifetime, seconds
+  try {
+    const r = await fetch(
+      `https://rtc.live.cloudflare.com/v1/turn/keys/${keyId}/credentials/generate-ice-servers`,
+      {
+        method: "POST",
+        headers: { Authorization: `Bearer ${apiToken}`, "Content-Type": "application/json" },
+        body: JSON.stringify({ ttl }),
+        signal: AbortSignal.timeout(5000),
+      },
+    );
+    if (!r.ok) throw new Error(`Cloudflare TURN ${r.status}`);
+    const j = (await r.json()) as { iceServers?: IceServer[] };
+    const servers = j.iceServers?.length ? j.iceServers : STUN;
+    iceCache = { servers, exp: Date.now() + (ttl - 300) * 1000 }; // refresh ~5min early
+    return servers;
+  } catch (e) {
+    console.error(`[share] Cloudflare TURN credential fetch failed; using STUN only: ${e}`);
+    return STUN;
+  }
+}
 
 export interface ShareOpts {
   /** webrtc://room:token@host, or undefined to mint a fresh (unpersisted)
@@ -216,15 +255,43 @@ export async function startShare(
     const ws = new WebSocket(`${wsScheme}://${host}/${room}`, [SUB]);
     currentWs = ws;
     let ready = false;
+    let lastRecv = Date.now();
+    let hb: ReturnType<typeof setInterval> | undefined;
+    const stopHb = () => {
+      if (hb) {
+        clearInterval(hb);
+        hb = undefined;
+      }
+    };
     ws.onopen = () => {
       ws.send(JSON.stringify({ type: "hello", role: "host", v: 2, token: authToken }));
       ready = true;
+      lastRecv = Date.now();
+      // Keepalive + dead-link detection: ping the rendezvous and expect a pong.
+      // A silently dropped ws (idle DO timeout, network flap) never fires
+      // onclose, so if the server goes quiet for ~2 intervals, close+reconnect
+      // ourselves — otherwise new browsers can't join until the process restarts.
+      stopHb();
+      hb = setInterval(() => {
+        if (Date.now() - lastRecv > HOST_HEARTBEAT_MS * 2 + 5000) {
+          stopHb();
+          try {
+            ws.close();
+          } catch {}
+          return;
+        }
+        try {
+          ws.send(JSON.stringify({ type: "ping" }));
+        } catch {}
+      }, HOST_HEARTBEAT_MS);
       onReady();
     };
     ws.onmessage = async (ev) => {
       if (closed) return;
+      lastRecv = Date.now();
       const m = JSON.parse(ev.data as string);
-      if (m.type === "peer-join") startPeer(ws, m.peer);
+      if (m.type === "pong") return; // heartbeat ack — liveness already recorded
+      if (m.type === "peer-join") startPeer(ws, m.peer).catch(() => {});
       else if (m.type === "answer") {
         const peer = peers.get(m.from);
         if (!peer) return;
@@ -252,6 +319,7 @@ export async function startShare(
       else if (m.type === "peer-leave") closePeer(m.peer);
     };
     ws.onclose = (ev: any) => {
+      stopHb();
       if (closed) return; // shutting down — don't resurrect the rendezvous
       // The signaling server pins a room to its first host's authToken. A 1008
       // means a different generation already owns this room — don't hot-loop;
@@ -265,14 +333,15 @@ export async function startShare(
       }
       // Keep established WebRTC peers; just re-establish the rendezvous so new
       // browsers can still join. Backoff a little to avoid hot-looping.
-      setTimeout(() => connectSignaling(() => {}), ready ? 1500 : 4000);
+      setTimeout(() => connectSignaling(() => {}), ready ? 1000 : 2000);
     };
     ws.onerror = () => {};
     return ws;
   };
 
-  function startPeer(ws: WebSocket, peerId: string) {
-    const pc = new RTCPeerConnection({ iceServers: ICE });
+  async function startPeer(ws: WebSocket, peerId: string) {
+    const iceServers = await getIceServers();
+    const pc = new RTCPeerConnection({ iceServers });
     let resolveKeys!: () => void;
     const keysReady = new Promise<void>((r) => (resolveKeys = r));
     const peer: Peer = {
@@ -318,11 +387,13 @@ export async function startShare(
     dc.onmessage = (e: any) => {
       peer.recvChain = peer.recvChain.then(() => onFrame(peerId, dc, peer, e.data)).catch(() => {});
     };
-    pc.createOffer()
-      .then((o: any) => pc.setLocalDescription(o))
-      .then(() =>
-        ws.send(JSON.stringify({ type: "offer", to: peerId, sdp: pc.localDescription.sdp })),
-      );
+    const offer = await pc.createOffer();
+    await pc.setLocalDescription(offer);
+    // Hand the browser the same ICE servers (incl. the short-lived TURN creds)
+    // so it can relay too when there's no direct path.
+    ws.send(
+      JSON.stringify({ type: "offer", to: peerId, sdp: pc.localDescription.sdp, iceServers }),
+    );
   }
 
   function closePeer(peerId: string) {

package/ts/tray.spec.ts

@@ -243,9 +243,12 @@ describe("tray", () => {
       const originalPlatform = process.platform;
       Object.defineProperty(process, "platform", { value: "darwin" });
 
-      // Simulate existing tray PID file with a live process (our own PID)
+      // Simulate existing tray PID file with a live process (our own PID):
+      // the exclusive-create claim (writeFile flag "wx") fails, and the live
+      // owner check confirms a tray is already running, so we bail.
       mockFs.existsSync.mockReturnValue(true);
       mockFsPromises.readFile.mockResolvedValue(String(process.pid));
+      mockFsPromises.writeFile.mockRejectedValueOnce(new Error("EEXIST"));
 
       const { startTray } = await import("./tray.ts");
       await startTray();
@@ -295,6 +298,9 @@ describe("tray", () => {
       const originalPlatform = process.platform;
       Object.defineProperty(process, "platform", { value: "darwin" });
       mockFs.existsSync.mockReturnValue(false);
+      // Auto-spawn is opt-in (the systray2 helper busy-loops under Bun).
+      const prevTrayEnv = process.env.AGENT_YES_TRAY;
+      process.env.AGENT_YES_TRAY = "1";
 
       const { ensureTray } = await import("./tray.ts");
       await ensureTray();
@@ -306,6 +312,8 @@ describe("tray", () => {
       );
       expect(mockSpawn.child.unref).toHaveBeenCalled();
 
+      if (prevTrayEnv === undefined) delete process.env.AGENT_YES_TRAY;
+      else process.env.AGENT_YES_TRAY = prevTrayEnv;
       Object.defineProperty(process, "platform", { value: originalPlatform });
     });