aquaman-proxy 0.6.0 → 0.7.1

package/README.md

@@ -8,15 +8,16 @@ Credential isolation proxy and CLI for [aquaman](https://github.com/tech4242/aqu
 Agent / OpenClaw Gateway              Aquaman Proxy
 ┌──────────────────────┐              ┌──────────────────────┐
 │                      │              │                      │
-│  ANTHROPIC_BASE_URL  │──request────>│  Keychain / 1Pass /  │
-│  = localhost:8081    │              │  Vault / Encrypted   │
-│                      │<─response────│                      │
-│  fetch() interceptor │──channel────>│  + Auth injected:    │
-│  redirects channel   │   traffic    │    header / url-path │
+│  ANTHROPIC_BASE_URL  │══ Unix ════>│  Keychain / 1Pass /  │
+│  = aquaman.local     │   Domain    │  Vault / Encrypted   │
+│                      │<═ Socket ═══│                      │
+│  fetch() interceptor │══ (UDS) ══=>│  + Auth injected:    │
+│  redirects channel   │              │    header / url-path │
 │  API traffic         │              │    basic / oauth     │
 │                      │              │                      │
-│  No credentials.     │              │                      │
-│  Nothing to steal.   │              │                      │
+│  No credentials.     │  ~/.aquaman/ │                      │
+│  No open ports.      │  proxy.sock  │                      │
+│  Nothing to steal.   │  (chmod 600) │                      │
 └──────────────────────┘              └───┬──────────┬───────┘
                                          │          │
                                          │          ▼
@@ -28,7 +29,7 @@ Agent / OpenClaw Gateway              Aquaman Proxy
                                slack.com/api  ...
 ```
 
-This package is the right side. A reverse proxy that intercepts API requests and injects credentials from secure backends. 23 builtin services, four auth modes.
+This package is the right side. A reverse proxy that listens on a Unix domain socket (`~/.aquaman/proxy.sock`) and injects credentials from secure backends. No TCP port, no network exposure. 23 builtin services, four auth modes.
 
 ## Quick Start
 
@@ -54,7 +55,7 @@ Standalone:
 npm install -g aquaman-proxy
 aquaman init
 aquaman credentials add anthropic api_key
-aquaman daemon
+aquaman daemon                               # listens on ~/.aquaman/proxy.sock
 ```
 
 Troubleshooting: `aquaman doctor`

package/dist/cli/index.js

@@ -9,10 +9,10 @@
  * - Custom service registry: YAML-based service config
  */
 import { Command } from 'commander';
-import * as crypto from 'node:crypto';
 import * as path from 'node:path';
 import * as fs from 'node:fs';
-import { loadConfig, getConfigDir, ensureConfigDir, getDefaultConfig, expandPath, createAuditLogger, createCredentialStore, generateSelfSignedCert, saveConfig } from 'aquaman-core';
+import * as http from 'node:http';
+import { loadConfig, getConfigDir, ensureConfigDir, getDefaultConfig, expandPath, createAuditLogger, createCredentialStore, saveConfig } from '../core/index.js';
 import { fileURLToPath } from 'node:url';
 import { createCredentialProxy } from '../daemon.js';
 import { createServiceRegistry, ServiceRegistry } from '../service-registry.js';
@@ -54,6 +54,48 @@ const isProcessRunning = (pid) => {
         return false;
     }
 };
+/** Prompt for secret input with echo suppression (TTY) or plain readline (pipe) */
+async function promptSecretInput(prompt) {
+    const readline = await import('node:readline');
+    const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
+    if (process.stdin.isTTY) {
+        return new Promise((resolve) => {
+            process.stdout.write(prompt);
+            const stdin = process.stdin;
+            stdin.setRawMode(true);
+            stdin.resume();
+            let input = '';
+            const onData = (data) => {
+                const char = data.toString();
+                if (char === '\n' || char === '\r') {
+                    stdin.setRawMode(false);
+                    stdin.removeListener('data', onData);
+                    stdin.pause();
+                    rl.close();
+                    process.stdout.write('\n');
+                    resolve(input.trim());
+                }
+                else if (char === '\x7f' || char === '\b') {
+                    input = input.slice(0, -1);
+                }
+                else if (char === '\x03') {
+                    stdin.setRawMode(false);
+                    process.exit(0);
+                }
+                else {
+                    input += char;
+                }
+            };
+            stdin.on('data', onData);
+        });
+    }
+    return new Promise((resolve) => {
+        rl.question(prompt, (answer) => {
+            rl.close();
+            resolve(answer.trim());
+        });
+    });
+}
 const program = new Command();
 program
     .name('aquaman')
@@ -83,8 +125,7 @@ program
     if (options.dryRun) {
         console.log('Dry run - would start with this configuration:\n');
         console.log('Credential proxy:');
-        console.log(`  Port: ${config.credentials.proxyPort}`);
-        console.log(`  TLS: ${config.credentials.tls?.enabled ? 'enabled' : 'disabled'}`);
+        console.log(`  Socket: ${path.join(getConfigDir(), 'proxy.sock')}`);
         console.log(`  Backend: ${config.credentials.backend}`);
         console.log(`  Services: ${config.credentials.proxiedServices.join(', ')}`);
         console.log('');
@@ -127,14 +168,12 @@ program
     // Initialize service registry
     const serviceRegistry = createServiceRegistry({ configPath: config.services.configPath });
     // Start credential proxy
-    const bindAddr = config.credentials.bindAddress || '127.0.0.1';
+    const socketPath = path.join(getConfigDir(), 'proxy.sock');
     const credentialProxy = createCredentialProxy({
-        port: config.credentials.proxyPort,
-        bindAddress: bindAddr,
+        socketPath,
         store: credentialStore,
         allowedServices: config.credentials.proxiedServices,
         serviceRegistry,
-        tls: config.credentials.tls,
         onRequest: (info) => {
             auditLogger.logCredentialAccess('system', 'system', {
                 service: info.service,
@@ -145,8 +184,7 @@ program
         }
     });
     await credentialProxy.start();
-    const protocol = credentialProxy.isTlsEnabled() ? 'https' : 'http';
-    console.log(`Credential proxy started on ${protocol}://${bindAddr}:${config.credentials.proxyPort}`);
+    console.log(`Credential proxy started on ${socketPath}`);
     if (options.launch !== false && config.openclaw.autoLaunch) {
         // Get services for OpenClaw integration
         const services = serviceRegistry.getAll().filter(s => config.credentials.proxiedServices.includes(s.name));
@@ -225,6 +263,11 @@ program
             process.kill(pid, 'SIGKILL');
         }
         removePidFile();
+        const sockPath = path.join(getConfigDir(), 'proxy.sock');
+        try {
+            fs.unlinkSync(sockPath);
+        }
+        catch { /* already removed */ }
         console.log('Daemon stopped.');
     }
     catch (err) {
@@ -235,8 +278,7 @@ program
 program
     .command('daemon')
     .description('Run the credential proxy daemon (for advanced users)')
-    .option('--token <token>', 'Client authentication token (reads AQUAMAN_CLIENT_TOKEN env if not set)')
-    .action(async (options) => {
+    .action(async () => {
     // Check if daemon is already running
     const existingPid = readPidFile();
     if (existingPid && isProcessRunning(existingPid)) {
@@ -244,6 +286,7 @@ program
         process.exit(1);
     }
     const config = loadConfig();
+    const socketPath = path.join(getConfigDir(), 'proxy.sock');
     console.log('Starting aquaman credential proxy daemon...\n');
     // Initialize audit logger
     const auditLogger = createAuditLogger({
@@ -274,18 +317,12 @@ program
     }
     // Initialize service registry
     const serviceRegistry = createServiceRegistry({ configPath: config.services.configPath });
-    // Client token: CLI flag → env var → none
-    const daemonClientToken = options.token || process.env.AQUAMAN_CLIENT_TOKEN || undefined;
     // Start credential proxy
-    const bindAddr = config.credentials.bindAddress || '127.0.0.1';
     const credentialProxy = createCredentialProxy({
-        port: config.credentials.proxyPort,
-        bindAddress: bindAddr,
+        socketPath,
         store: credentialStore,
         allowedServices: config.credentials.proxiedServices,
         serviceRegistry,
-        tls: config.credentials.tls,
-        clientToken: daemonClientToken,
         onRequest: (info) => {
             auditLogger.logCredentialAccess('system', 'system', {
                 service: info.service,
@@ -298,9 +335,7 @@ program
     await credentialProxy.start();
     // Write PID file
     writePidFile();
-    const protocol = credentialProxy.isTlsEnabled() ? 'https' : 'http';
-    console.log(`Credential proxy: ${protocol}://${bindAddr}:${config.credentials.proxyPort}`);
-    console.log(`Client auth: ${daemonClientToken ? 'enabled' : 'disabled'}`);
+    console.log(`Credential proxy: ${socketPath}`);
     console.log(`Audit logging: ${config.audit.enabled ? 'enabled' : 'disabled'}`);
     console.log(`Credential backend: ${config.credentials.backend}`);
     console.log(`PID file: ${getPidFile()}`);
@@ -311,6 +346,10 @@ program
         console.log('\nShutting down daemon...');
         await credentialProxy.stop();
         removePidFile();
+        try {
+            fs.unlinkSync(socketPath);
+        }
+        catch { /* already removed */ }
         process.exit(0);
     };
     process.on('SIGINT', shutdown);
@@ -320,13 +359,9 @@ program
 program
     .command('plugin-mode')
     .description('Run in plugin mode (managed by OpenClaw plugin)')
-    .option('--port <port>', 'Port to listen on', '8081')
-    .option('--token <token>', 'Client authentication token (generated if not provided)')
-    .option('--ipc', 'Use IPC instead of HTTP for communication')
-    .action(async (options) => {
+    .action(async () => {
     const config = loadConfig();
-    const port = parseInt(options.port, 10);
-    const clientToken = options.token || crypto.randomBytes(32).toString('hex');
+    const socketPath = path.join(getConfigDir(), 'proxy.sock');
     // Initialize credential store
     let credentialStore;
     try {
@@ -348,21 +383,31 @@ program
         console.error('Fix the backend configuration and retry. Run: aquaman doctor');
         process.exit(1);
     }
+    // Initialize audit logger
+    const auditLogger = createAuditLogger({
+        logDir: config.audit.logDir,
+        enabled: config.audit.enabled
+    });
+    await auditLogger.initialize();
     // Initialize service registry
     const serviceRegistry = createServiceRegistry({ configPath: config.services.configPath });
     // Start credential proxy
     const credentialProxy = createCredentialProxy({
-        port,
-        bindAddress: config.credentials.bindAddress || '127.0.0.1',
+        socketPath,
         store: credentialStore,
         allowedServices: config.credentials.proxiedServices,
         serviceRegistry,
-        tls: config.credentials.tls,
-        clientToken
+        onRequest: (info) => {
+            auditLogger.logCredentialAccess('system', 'system', {
+                service: info.service,
+                operation: 'use',
+                success: !info.error,
+                error: info.error
+            });
+        }
     });
     await credentialProxy.start();
-    const protocol = credentialProxy.isTlsEnabled() ? 'https' : 'http';
-    // Build host map from service registry for the plugin's fetch interceptor
+    // Build host map from service registry for the plugin's interceptor
     const hostMap = serviceRegistry.buildHostMap();
     const hostMapObj = {};
     for (const [pattern, serviceName] of hostMap) {
@@ -371,18 +416,19 @@ program
     // Output connection info as JSON for plugin to parse
     const connectionInfo = {
         ready: true,
-        port: credentialProxy.getPort(),
-        protocol,
-        baseUrl: `${protocol}://127.0.0.1:${credentialProxy.getPort()}`,
+        socketPath,
         services: config.credentials.proxiedServices,
         backend: config.credentials.backend,
-        token: clientToken,
         hostMap: hostMapObj
     };
     console.log(JSON.stringify(connectionInfo));
     // Handle shutdown
     const shutdown = async () => {
         await credentialProxy.stop();
+        try {
+            fs.unlinkSync(socketPath);
+        }
+        catch { /* already removed */ }
         process.exit(0);
     };
     process.on('SIGINT', shutdown);
@@ -400,7 +446,7 @@ program
     const registry = createServiceRegistry({ configPath: config.services.configPath });
     const services = registry.getAll().filter(s => config.credentials.proxiedServices.includes(s.name));
     const integration = createOpenClawIntegration(config, services);
-    const env = await integration.configureOpenClaw(config.credentials.proxyPort, config.credentials.tls?.enabled ?? false);
+    const env = await integration.configureOpenClaw();
     if (options.dryRun || options.method === 'env') {
         console.log('Environment variables for OpenClaw:\n');
         for (const [key, value] of Object.entries(env)) {
@@ -418,7 +464,6 @@ program
     .command('init')
     .description('Initialize aquaman configuration')
     .option('--force', 'Overwrite existing configuration')
-    .option('--no-tls', 'Skip TLS certificate generation')
     .action(async (options) => {
     ensureConfigDir();
     const configPath = path.join(getConfigDir(), 'config.yaml');
@@ -428,36 +473,12 @@ program
         return;
     }
     const config = getDefaultConfig();
-    fs.writeFileSync(configPath, yamlStringify(config), 'utf-8');
+    fs.writeFileSync(configPath, yamlStringify(config), { encoding: 'utf-8', mode: 0o600 });
     console.log(`Created ${configPath}`);
     // Create audit directory
     const auditDir = path.join(getConfigDir(), 'audit');
-    fs.mkdirSync(auditDir, { recursive: true });
+    fs.mkdirSync(auditDir, { recursive: true, mode: 0o700 });
     console.log(`Created ${auditDir}`);
-    // Generate TLS certificates if enabled
-    if (options.tls !== false && config.credentials.tls?.autoGenerate) {
-        const certsDir = path.join(getConfigDir(), 'certs');
-        fs.mkdirSync(certsDir, { recursive: true });
-        const certPath = config.credentials.tls.certPath || path.join(certsDir, 'proxy.crt');
-        const keyPath = config.credentials.tls.keyPath || path.join(certsDir, 'proxy.key');
-        if (!fs.existsSync(certPath) || options.force) {
-            console.log('Generating TLS certificates...');
-            try {
-                const { cert, key } = generateSelfSignedCert('aquaman-proxy', 365);
-                fs.writeFileSync(certPath, cert, { mode: 0o644 });
-                fs.writeFileSync(keyPath, key, { mode: 0o600 });
-                console.log(`Created ${certPath}`);
-                console.log(`Created ${keyPath}`);
-            }
-            catch (error) {
-                console.error('Warning: Failed to generate TLS certificates:', error);
-                console.log('TLS will be disabled. Run "aquaman init --force" to retry.');
-            }
-        }
-        else {
-            console.log('TLS certificates already exist (use --force to regenerate)');
-        }
-    }
     console.log('\nNext steps:');
     console.log('1. Add your API keys: aquaman credentials add anthropic api_key');
     console.log('2. Start the proxy:   aquaman start');
@@ -574,12 +595,8 @@ program
                 process.exit(1);
             }
             else {
-                const readline = await import('node:readline');
-                const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
-                const password = await new Promise((resolve) => {
-                    rl.question('  ? KeePassXC master password: ', resolve);
-                });
-                rl.close();
+                // Use hidden input to avoid echoing the master password
+                const password = await promptSecretInput('  ? KeePassXC master password: ');
                 if (!password.trim()) {
                     console.error('  KeePassXC backend requires a master password.');
                     process.exit(1);
@@ -588,15 +605,14 @@ program
             }
         }
     }
-    // 2. Run init internally (create dirs, config, no TLS by default)
+    // 2. Run init internally (create dirs, config)
     ensureConfigDir();
     const config = getDefaultConfig();
     config.credentials.backend = backend;
-    config.credentials.tls = { enabled: false };
-    fs.writeFileSync(configPath, yamlStringify(config), 'utf-8');
+    fs.writeFileSync(configPath, yamlStringify(config), { encoding: 'utf-8', mode: 0o600 });
     // Create audit directory
     const auditDir = path.join(configDir, 'audit');
-    fs.mkdirSync(auditDir, { recursive: true });
+    fs.mkdirSync(auditDir, { recursive: true, mode: 0o700 });
     // 3. Prompt for API keys (or read from env in non-interactive mode)
     let store;
     try {
@@ -761,10 +777,8 @@ program
                 openclawConfig.plugins.entries['aquaman-plugin'] = {
                     enabled: true,
                     config: {
-                        mode: 'proxy',
                         backend,
                         services: storedServices.length > 0 ? storedServices : ['anthropic', 'openai'],
-                        proxyPort: 8081
                     }
                 };
                 fs.writeFileSync(openclawJsonPath, JSON.stringify(openclawConfig, null, 2), 'utf-8');
@@ -786,8 +800,8 @@ program
                         }
                     }
                     const profilesDir = path.dirname(profilesPath);
-                    fs.mkdirSync(profilesDir, { recursive: true });
-                    fs.writeFileSync(profilesPath, JSON.stringify({ version: 1, profiles, order }, null, 2));
+                    fs.mkdirSync(profilesDir, { recursive: true, mode: 0o700 });
+                    fs.writeFileSync(profilesPath, JSON.stringify({ version: 1, profiles, order }, null, 2), { mode: 0o600 });
                     console.log('  \u2713 Auth profiles generated at ' + profilesPath);
                 }
             }
@@ -900,35 +914,77 @@ program
         config = loadConfig();
     }
     // 4. Proxy running
-    const proxyPort = config.credentials.proxyPort;
+    const sockPath = path.join(getConfigDir(), 'proxy.sock');
     const pluginInstalled = fs.existsSync(path.join(openclawStateDir, 'extensions', 'aquaman-plugin'));
     const proxyFix = pluginInstalled
         ? 'Proxy starts automatically with OpenClaw. Run: openclaw'
         : 'Install plugin first: aquaman setup';
     try {
-        const resp = await fetch(`http://127.0.0.1:${proxyPort}/_health`);
-        if (resp.ok) {
-            const health = await resp.json();
-            const proxyVer = health.version || 'unknown';
-            console.log(`  \u2713 ${aqua('Proxy')} running on port ${proxyPort} (v${proxyVer})`);
-            if (health.version && health.version !== VERSION) {
-                console.log(`  \u2717 ${aqua('Version mismatch:')} CLI v${VERSION} \u2260 proxy v${health.version}`);
-                console.log('    \u2192 Update: npm install -g aquaman-proxy');
-                issues++;
-            }
-        }
-        else {
-            console.log(`  \u2717 ${aqua('Proxy')} not running on port ${proxyPort}`);
-            console.log(`    \u2192 ${proxyFix}`);
+        const healthData = await new Promise((resolve, reject) => {
+            const req = http.request({ socketPath: sockPath, path: '/_health', method: 'GET' }, (res) => {
+                let body = '';
+                res.on('data', (chunk) => { body += chunk.toString(); });
+                res.on('end', () => {
+                    if (res.statusCode && res.statusCode >= 200 && res.statusCode < 300) {
+                        resolve(body);
+                    }
+                    else {
+                        reject(new Error(`HTTP ${res.statusCode}`));
+                    }
+                });
+            });
+            req.on('error', reject);
+            req.end();
+        });
+        const health = JSON.parse(healthData);
+        const proxyVer = health.version || 'unknown';
+        console.log(`  \u2713 ${aqua('Proxy')} running on socket (v${proxyVer})`);
+        if (health.version && health.version !== VERSION) {
+            console.log(`  \u2717 ${aqua('Version mismatch:')} CLI v${VERSION} \u2260 proxy v${health.version}`);
+            console.log('    \u2192 Update: npm install -g aquaman-proxy');
             issues++;
         }
     }
     catch {
-        console.log(`  \u2717 ${aqua('Proxy')} not running on port ${proxyPort}`);
+        console.log(`  \u2717 ${aqua('Proxy')} not running on socket`);
         console.log(`    \u2192 ${proxyFix}`);
         issues++;
     }
-    // 5. OpenClaw detection
+    // 5. Audit logger
+    if (config) {
+        const auditDir = config.audit.logDir;
+        const auditLog = path.join(auditDir, 'current.jsonl');
+        if (!config.audit.enabled) {
+            console.log(`  - ${aqua('Audit')} disabled in config`);
+        }
+        else if (!fs.existsSync(auditDir)) {
+            console.log(`  \u2717 ${aqua('Audit')} directory missing (${auditDir})`);
+            console.log('    \u2192 Run: aquaman init');
+            issues++;
+        }
+        else {
+            // Check log file exists and is writable
+            try {
+                if (fs.existsSync(auditLog)) {
+                    fs.accessSync(auditLog, fs.constants.W_OK);
+                    const content = fs.readFileSync(auditLog, 'utf-8').trim();
+                    const entryCount = content ? content.split('\n').length : 0;
+                    console.log(`  \u2713 ${aqua('Audit')} log writable (${entryCount} entries)`);
+                }
+                else {
+                    // Dir exists but no log yet — that's fine, first request will create it
+                    fs.accessSync(auditDir, fs.constants.W_OK);
+                    console.log(`  \u2713 ${aqua('Audit')} directory writable (no entries yet)`);
+                }
+            }
+            catch {
+                console.log(`  \u2717 ${aqua('Audit')} log not writable (${auditLog})`);
+                console.log('    \u2192 Check file permissions on ~/.aquaman/audit/');
+                issues++;
+            }
+        }
+    }
+    // 6. OpenClaw detection
     let openclawDetected = false;
     let cliFound = false;
     try {
@@ -1832,8 +1888,7 @@ program
     console.log('Configuration:');
     console.log(`  Config dir: ${getConfigDir()}`);
     console.log(`  Credential backend: ${config.credentials.backend}`);
-    console.log(`  Proxy port: ${config.credentials.proxyPort}`);
-    console.log(`  TLS: ${config.credentials.tls?.enabled ? 'enabled' : 'disabled'}`);
+    console.log(`  Socket path: ${path.join(getConfigDir(), 'proxy.sock')}`);
     console.log(`  Audit logging: ${config.audit.enabled ? 'enabled' : 'disabled'}`);
     console.log('\nProxied services:');
     for (const service of config.credentials.proxiedServices) {