charon-hooks 0.1.0

package/dist/server/index.js

@@ -0,0 +1,1610 @@
+// src/server/app.ts
+import { Hono as Hono7 } from "hono";
+import { logger } from "hono/logger";
+
+// src/server/middleware/static.ts
+import { createMiddleware } from "hono/factory";
+import { readFileSync, existsSync, statSync } from "fs";
+import { join, extname, resolve } from "path";
+var MIME_TYPES = {
+  ".html": "text/html; charset=utf-8",
+  ".css": "text/css; charset=utf-8",
+  ".js": "text/javascript; charset=utf-8",
+  ".json": "application/json; charset=utf-8",
+  ".png": "image/png",
+  ".jpg": "image/jpeg",
+  ".jpeg": "image/jpeg",
+  ".gif": "image/gif",
+  ".svg": "image/svg+xml",
+  ".ico": "image/x-icon",
+  ".woff": "font/woff",
+  ".woff2": "font/woff2",
+  ".ttf": "font/ttf",
+  ".eot": "application/vnd.ms-fontobject"
+};
+function serveStatic({ root, path: fallbackPath }) {
+  const rootDir = root ? resolve(root) : process.cwd();
+  const fallback = fallbackPath ? resolve(fallbackPath) : null;
+  return createMiddleware(async (c, next) => {
+    if (c.req.method !== "GET" && c.req.method !== "HEAD") {
+      return next();
+    }
+    const url = new URL(c.req.url);
+    let pathname = decodeURIComponent(url.pathname);
+    if (pathname.includes("..")) {
+      return next();
+    }
+    if (root) {
+      const relativePath = pathname.replace(/^\//, "");
+      const filePath = join(rootDir, relativePath);
+      if (existsSync(filePath)) {
+        try {
+          const stat = statSync(filePath);
+          if (stat.isFile()) {
+            const ext = extname(filePath).toLowerCase();
+            const contentType = MIME_TYPES[ext] || "application/octet-stream";
+            const content = readFileSync(filePath);
+            return new Response(content, {
+              headers: {
+                "Content-Type": contentType,
+                "Content-Length": String(content.length)
+              }
+            });
+          }
+        } catch {
+        }
+      }
+    }
+    if (fallback && existsSync(fallback)) {
+      try {
+        const stat = statSync(fallback);
+        if (stat.isFile()) {
+          const ext = extname(fallback).toLowerCase();
+          const contentType = MIME_TYPES[ext] || "application/octet-stream";
+          const content = readFileSync(fallback);
+          return new Response(content, {
+            headers: {
+              "Content-Type": contentType,
+              "Content-Length": String(content.length)
+            }
+          });
+        }
+      } catch {
+      }
+    }
+    return next();
+  });
+}
+
+// src/server/routes/triggers.ts
+import { Hono } from "hono";
+
+// src/lib/config/loader.ts
+import { readFileSync as readFileSync2, writeFileSync, mkdirSync, watch, existsSync as existsSync2 } from "fs";
+import { dirname } from "path";
+
+// src/lib/config/schema.ts
+import { z } from "zod";
+import { parse as parseYaml } from "yaml";
+var TriggerSchema = z.object({
+  id: z.string().min(1),
+  name: z.string().min(1),
+  type: z.enum(["webhook", "cron"]),
+  enabled: z.boolean(),
+  schedule: z.string().optional(),
+  template: z.string().min(1),
+  sanitizer: z.string().optional(),
+  egress: z.string().min(1),
+  context: z.record(z.string(), z.unknown()).optional()
+}).refine((data) => data.type !== "cron" || data.schedule, {
+  message: "Cron triggers require a schedule"
+});
+var TunnelSchema = z.object({
+  enabled: z.boolean().default(false),
+  provider: z.enum(["ngrok"]).default("ngrok"),
+  authtoken: z.string().min(1),
+  domain: z.string().optional(),
+  // Static domain (e.g., "your-name.ngrok-free.app")
+  expose_ui: z.boolean().default(false)
+  // Only expose /api/webhook/* by default
+});
+var ConfigSchema = z.object({
+  triggers: z.array(TriggerSchema),
+  tunnel: TunnelSchema.optional()
+});
+function validateTrigger(input) {
+  const result = TriggerSchema.safeParse(input);
+  if (result.success) {
+    return { success: true, data: result.data };
+  }
+  return { success: false, error: result.error };
+}
+function parseConfig(yamlContent) {
+  const parsed = parseYaml(yamlContent);
+  const result = ConfigSchema.safeParse(parsed);
+  if (result.success) {
+    return { success: true, data: result.data };
+  }
+  return { success: false, error: result.error };
+}
+
+// src/lib/db/sqlite.ts
+var createDatabase;
+var isBun = typeof globalThis.Bun !== "undefined";
+if (isBun) {
+  const { Database } = await import("bun:sqlite");
+  createDatabase = (path) => {
+    const db2 = new Database(path);
+    return {
+      exec: (sql) => db2.run(sql),
+      prepare: (sql) => {
+        const stmt = db2.query(sql);
+        return {
+          run: (...params) => stmt.run(...params),
+          get: (...params) => stmt.get(...params),
+          all: (...params) => stmt.all(...params)
+        };
+      },
+      close: () => db2.close()
+    };
+  };
+} else {
+  const BetterSqlite3 = (await import("better-sqlite3")).default;
+  createDatabase = (path) => {
+    const db2 = new BetterSqlite3(path);
+    return {
+      exec: (sql) => db2.exec(sql),
+      prepare: (sql) => {
+        const stmt = db2.prepare(sql);
+        return {
+          run: (...params) => stmt.run(...params),
+          get: (...params) => stmt.get(...params),
+          all: (...params) => stmt.all(...params)
+        };
+      },
+      close: () => db2.close()
+    };
+  };
+}
+
+// src/lib/db/schema.ts
+function initSchema(db2) {
+  db2.exec(`
+    CREATE TABLE IF NOT EXISTS runs (
+      id TEXT PRIMARY KEY,
+      trigger_id TEXT NOT NULL,
+      trigger_type TEXT NOT NULL,
+      status TEXT NOT NULL DEFAULT 'pending',
+      started_at TEXT NOT NULL,
+      completed_at TEXT,
+      webhook_payload TEXT,
+      webhook_headers TEXT,
+      sanitizer_result TEXT,
+      composer_result TEXT,
+      task_descriptor TEXT,
+      egress_result TEXT,
+      error TEXT
+    )
+  `);
+  try {
+    db2.exec(`ALTER TABLE runs ADD COLUMN egress_result TEXT`);
+  } catch {
+  }
+  db2.exec(`CREATE INDEX IF NOT EXISTS idx_runs_trigger ON runs(trigger_id)`);
+  db2.exec(`CREATE INDEX IF NOT EXISTS idx_runs_status ON runs(status)`);
+  db2.exec(`CREATE INDEX IF NOT EXISTS idx_runs_started ON runs(started_at DESC)`);
+  db2.exec(`
+    CREATE TABLE IF NOT EXISTS events (
+      id TEXT PRIMARY KEY,
+      type TEXT NOT NULL,
+      trigger_id TEXT NOT NULL,
+      run_id TEXT NOT NULL,
+      timestamp TEXT NOT NULL,
+      data TEXT NOT NULL
+    )
+  `);
+  db2.exec(`CREATE INDEX IF NOT EXISTS idx_events_run ON events(run_id)`);
+  db2.exec(`CREATE INDEX IF NOT EXISTS idx_events_type ON events(type)`);
+  db2.exec(`
+    CREATE TABLE IF NOT EXISTS tunnel_state (
+      id INTEGER PRIMARY KEY CHECK (id = 1),
+      configured INTEGER NOT NULL DEFAULT 0,
+      enabled INTEGER NOT NULL DEFAULT 0,
+      connected INTEGER NOT NULL DEFAULT 0,
+      url TEXT,
+      domain TEXT,
+      expose_ui INTEGER NOT NULL DEFAULT 0,
+      error TEXT,
+      updated_at TEXT NOT NULL
+    )
+  `);
+  try {
+    db2.exec(`ALTER TABLE tunnel_state ADD COLUMN configured INTEGER NOT NULL DEFAULT 0`);
+  } catch {
+  }
+  db2.exec(`
+    INSERT OR IGNORE INTO tunnel_state (id, configured, enabled, connected, expose_ui, updated_at)
+    VALUES (1, 0, 0, 0, 0, datetime('now'))
+  `);
+}
+
+// src/lib/db/client.ts
+var db = null;
+function getDb() {
+  if (!db) {
+    const dbPath = process.env.CHARON_DB || "charon.db";
+    db = createDatabase(dbPath);
+    initSchema(db);
+  }
+  return db;
+}
+
+// src/lib/scheduler/cron.ts
+import cron from "node-cron";
+
+// src/lib/db/runs.ts
+function generateId() {
+  return "run_" + Math.random().toString(36).slice(2, 10);
+}
+function createRun(db2, input) {
+  const id = generateId();
+  const now = (/* @__PURE__ */ new Date()).toISOString();
+  db2.prepare(
+    `INSERT INTO runs (id, trigger_id, trigger_type, status, started_at, webhook_payload, webhook_headers)
+     VALUES (?, ?, ?, 'pending', ?, ?, ?)`
+  ).run(
+    id,
+    input.trigger_id,
+    input.trigger_type,
+    now,
+    input.webhook_payload ? JSON.stringify(input.webhook_payload) : null,
+    input.webhook_headers ? JSON.stringify(input.webhook_headers) : null
+  );
+  return getRun(db2, id);
+}
+function getRun(db2, id) {
+  const row = db2.prepare(`SELECT * FROM runs WHERE id = ?`).get(id);
+  if (!row) return null;
+  return deserializeRun(row);
+}
+function updateRun(db2, id, input) {
+  const sets = [];
+  const values = [];
+  if (input.status !== void 0) {
+    sets.push("status = ?");
+    values.push(input.status);
+  }
+  if (input.completed_at !== void 0) {
+    sets.push("completed_at = ?");
+    values.push(input.completed_at);
+  }
+  if (input.sanitizer_result !== void 0) {
+    sets.push("sanitizer_result = ?");
+    values.push(JSON.stringify(input.sanitizer_result));
+  }
+  if (input.composer_result !== void 0) {
+    sets.push("composer_result = ?");
+    values.push(JSON.stringify(input.composer_result));
+  }
+  if (input.task_descriptor !== void 0) {
+    sets.push("task_descriptor = ?");
+    values.push(JSON.stringify(input.task_descriptor));
+  }
+  if (input.egress_result !== void 0) {
+    sets.push("egress_result = ?");
+    values.push(JSON.stringify(input.egress_result));
+  }
+  if (input.error !== void 0) {
+    sets.push("error = ?");
+    values.push(JSON.stringify(input.error));
+  }
+  if (sets.length === 0) return;
+  values.push(id);
+  db2.prepare(`UPDATE runs SET ${sets.join(", ")} WHERE id = ?`).run(...values);
+}
+function listRuns(db2, filter) {
+  const conditions = [];
+  const values = [];
+  if (filter.trigger_id) {
+    conditions.push("trigger_id = ?");
+    values.push(filter.trigger_id);
+  }
+  if (filter.status) {
+    conditions.push("status = ?");
+    values.push(filter.status);
+  }
+  let sql = "SELECT * FROM runs";
+  if (conditions.length > 0) {
+    sql += " WHERE " + conditions.join(" AND ");
+  }
+  sql += " ORDER BY started_at DESC";
+  if (filter.limit) {
+    sql += " LIMIT ?";
+    values.push(filter.limit);
+  }
+  if (filter.offset) {
+    sql += " OFFSET ?";
+    values.push(filter.offset);
+  }
+  const rows = db2.prepare(sql).all(...values);
+  return rows.map(deserializeRun);
+}
+function deserializeRun(row) {
+  return {
+    id: row.id,
+    trigger_id: row.trigger_id,
+    trigger_type: row.trigger_type,
+    status: row.status,
+    started_at: row.started_at,
+    completed_at: row.completed_at,
+    webhook_payload: row.webhook_payload ? JSON.parse(row.webhook_payload) : void 0,
+    webhook_headers: row.webhook_headers ? JSON.parse(row.webhook_headers) : void 0,
+    sanitizer_result: row.sanitizer_result ? JSON.parse(row.sanitizer_result) : null,
+    composer_result: row.composer_result ? JSON.parse(row.composer_result) : null,
+    task_descriptor: row.task_descriptor ? JSON.parse(row.task_descriptor) : null,
+    egress_result: row.egress_result ? JSON.parse(row.egress_result) : null,
+    error: row.error ? JSON.parse(row.error) : null
+  };
+}
+
+// src/lib/db/events.ts
+function generateId2() {
+  return "evt_" + Math.random().toString(36).slice(2, 10);
+}
+function logEvent(db2, input) {
+  const id = generateId2();
+  const timestamp = (/* @__PURE__ */ new Date()).toISOString();
+  db2.prepare(
+    `INSERT INTO events (id, type, trigger_id, run_id, timestamp, data)
+     VALUES (?, ?, ?, ?, ?, ?)`
+  ).run(id, input.type, input.trigger_id, input.run_id, timestamp, JSON.stringify(input.data));
+  return { id, timestamp, ...input };
+}
+function listEvents(db2, filter) {
+  const conditions = [];
+  const values = [];
+  if (filter.run_id) {
+    conditions.push("run_id = ?");
+    values.push(filter.run_id);
+  }
+  if (filter.trigger_id) {
+    conditions.push("trigger_id = ?");
+    values.push(filter.trigger_id);
+  }
+  if (filter.type) {
+    conditions.push("type = ?");
+    values.push(filter.type);
+  }
+  let sql = "SELECT * FROM events";
+  if (conditions.length > 0) {
+    sql += " WHERE " + conditions.join(" AND ");
+  }
+  sql += " ORDER BY timestamp DESC";
+  if (filter.limit) {
+    sql += " LIMIT ?";
+    values.push(filter.limit);
+  }
+  const rows = db2.prepare(sql).all(...values);
+  return rows.map((row) => ({
+    id: row.id,
+    type: row.type,
+    trigger_id: row.trigger_id,
+    run_id: row.run_id,
+    timestamp: row.timestamp,
+    data: JSON.parse(row.data)
+  }));
+}
+
+// src/lib/pipeline/sanitizer.ts
+import { resolve as resolve2 } from "path";
+import { pathToFileURL } from "url";
+var sanitizerCache = /* @__PURE__ */ new Map();
+var SANITIZERS_DIR = process.env.CHARON_SANITIZERS_DIR || "sanitizers";
+async function loadSanitizer(name) {
+  if (sanitizerCache.has(name)) {
+    return sanitizerCache.get(name);
+  }
+  try {
+    const sanitizerPath = resolve2(SANITIZERS_DIR, `${name}.ts`);
+    const sanitizerUrl = pathToFileURL(sanitizerPath).href;
+    const mod = await import(sanitizerUrl);
+    const fn = mod.default;
+    sanitizerCache.set(name, fn);
+    return fn;
+  } catch {
+    sanitizerCache.set(name, null);
+    return null;
+  }
+}
+async function executeSanitizer(sanitizer, payload, headers, trigger) {
+  if (!sanitizer) {
+    return { payload };
+  }
+  const result = await sanitizer(payload, headers, trigger);
+  return result;
+}
+
+// src/lib/egress/loader.ts
+var egressCache = /* @__PURE__ */ new Map();
+async function loadEgress(name) {
+  if (egressCache.has(name)) {
+    return egressCache.get(name);
+  }
+  try {
+    const mod = await import(`@/egress/${name}`);
+    const fn = mod.default;
+    egressCache.set(name, fn);
+    return fn;
+  } catch {
+    egressCache.set(name, null);
+    return null;
+  }
+}
+async function executeEgress(egress, task, trigger) {
+  await egress(task, trigger);
+}
+
+// src/lib/pipeline/composer.ts
+function compose(template, context) {
+  return template.replace(/\{(\w+)\}/g, (match, key) => {
+    if (key in context) {
+      const value = context[key];
+      return typeof value === "object" ? JSON.stringify(value) : String(value);
+    }
+    return match;
+  });
+}
+
+// src/lib/pipeline/processor.ts
+function generateTaskId() {
+  return "task_" + Math.random().toString(36).slice(2, 10);
+}
+async function processWebhook(db2, trigger, payload, headers) {
+  const run = createRun(db2, {
+    trigger_id: trigger.id,
+    trigger_type: "webhook",
+    webhook_payload: payload,
+    webhook_headers: headers
+  });
+  logEvent(db2, {
+    type: "trigger.received",
+    trigger_id: trigger.id,
+    run_id: run.id,
+    data: { payload_size: JSON.stringify(payload).length }
+  });
+  updateRun(db2, run.id, { status: "processing" });
+  return processPipeline(db2, run.id, trigger, payload, headers);
+}
+async function processCron(db2, trigger) {
+  const run = createRun(db2, {
+    trigger_id: trigger.id,
+    trigger_type: "cron"
+  });
+  logEvent(db2, {
+    type: "trigger.scheduled",
+    trigger_id: trigger.id,
+    run_id: run.id,
+    data: { scheduled_time: (/* @__PURE__ */ new Date()).toISOString() }
+  });
+  updateRun(db2, run.id, { status: "processing" });
+  const cronContext = {
+    trigger_time: (/* @__PURE__ */ new Date()).toISOString(),
+    trigger_id: trigger.id,
+    ...trigger.context
+  };
+  return processPipeline(db2, run.id, trigger, cronContext, {});
+}
+async function processPipeline(db2, runId, trigger, payload, headers) {
+  const startTime = Date.now();
+  try {
+    let context;
+    if (trigger.sanitizer) {
+      const sanitizerStart = Date.now();
+      const sanitizer = await loadSanitizer(trigger.sanitizer);
+      const result = await executeSanitizer(sanitizer, payload, headers, trigger);
+      if (result === null) {
+        updateRun(db2, runId, {
+          status: "skipped",
+          completed_at: (/* @__PURE__ */ new Date()).toISOString(),
+          sanitizer_result: {
+            success: true,
+            skipped: true,
+            context: null,
+            duration_ms: Date.now() - sanitizerStart
+          }
+        });
+        logEvent(db2, {
+          type: "trigger.skipped",
+          trigger_id: trigger.id,
+          run_id: runId,
+          data: { reason: "sanitizer_null" }
+        });
+        return { run: getRun(db2, runId), task: null };
+      }
+      context = { ...trigger.context, ...result };
+      updateRun(db2, runId, {
+        sanitizer_result: {
+          success: true,
+          skipped: false,
+          context: result,
+          duration_ms: Date.now() - sanitizerStart
+        }
+      });
+      logEvent(db2, {
+        type: "trigger.sanitized",
+        trigger_id: trigger.id,
+        run_id: runId,
+        data: { context_keys: Object.keys(result) }
+      });
+    } else {
+      context = typeof payload === "object" && payload !== null ? { ...trigger.context, ...payload } : { ...trigger.context, payload };
+    }
+    const composerStart = Date.now();
+    const description = compose(trigger.template, context);
+    updateRun(db2, runId, {
+      composer_result: {
+        success: true,
+        description,
+        duration_ms: Date.now() - composerStart
+      }
+    });
+    logEvent(db2, {
+      type: "trigger.composed",
+      trigger_id: trigger.id,
+      run_id: runId,
+      data: { description_length: description.length }
+    });
+    const task = {
+      id: generateTaskId(),
+      run_id: runId,
+      trigger_id: trigger.id,
+      trigger_type: trigger.type,
+      triggered_at: (/* @__PURE__ */ new Date()).toISOString(),
+      task: { description, context }
+    };
+    const egress = await loadEgress(trigger.egress);
+    if (egress) {
+      await executeEgress(egress, task, trigger);
+    }
+    updateRun(db2, runId, {
+      status: "completed",
+      completed_at: (/* @__PURE__ */ new Date()).toISOString(),
+      task_descriptor: task
+    });
+    logEvent(db2, {
+      type: "trigger.completed",
+      trigger_id: trigger.id,
+      run_id: runId,
+      data: { task_id: task.id, total_duration_ms: Date.now() - startTime }
+    });
+    return { run: getRun(db2, runId), task };
+  } catch (error) {
+    const message = error instanceof Error ? error.message : "Unknown error";
+    updateRun(db2, runId, {
+      status: "error",
+      completed_at: (/* @__PURE__ */ new Date()).toISOString(),
+      error: { stage: "unknown", message }
+    });
+    logEvent(db2, {
+      type: "trigger.error",
+      trigger_id: trigger.id,
+      run_id: runId,
+      data: { error: message }
+    });
+    return { run: getRun(db2, runId), task: null };
+  }
+}
+
+// src/lib/scheduler/cron.ts
+var scheduledJobs = /* @__PURE__ */ new Map();
+function initScheduler(db2, triggers) {
+  stopScheduler();
+  for (const trigger of triggers) {
+    if (trigger.type !== "cron" || !trigger.enabled || !trigger.schedule) {
+      continue;
+    }
+    const task = cron.schedule(trigger.schedule, async () => {
+      console.log(`[scheduler] Firing trigger: ${trigger.id}`);
+      await processCron(db2, trigger);
+    });
+    scheduledJobs.set(trigger.id, task);
+  }
+  console.log(`[scheduler] Initialized ${scheduledJobs.size} cron jobs`);
+}
+function stopScheduler() {
+  for (const task of scheduledJobs.values()) {
+    task.stop();
+  }
+  scheduledJobs.clear();
+}
+
+// src/lib/tunnel/ngrok.ts
+import ngrok from "@ngrok/ngrok";
+
+// src/lib/db/tunnel.ts
+function getTunnelState(db2) {
+  const row = db2.prepare(`
+    SELECT configured, enabled, connected, url, domain, expose_ui, error
+    FROM tunnel_state WHERE id = 1
+  `).get();
+  if (!row) {
+    return {
+      configured: false,
+      enabled: false,
+      connected: false,
+      url: null,
+      domain: null,
+      expose_ui: false,
+      error: null
+    };
+  }
+  return {
+    configured: Boolean(row.configured),
+    enabled: Boolean(row.enabled),
+    connected: Boolean(row.connected),
+    url: row.url,
+    domain: row.domain,
+    expose_ui: Boolean(row.expose_ui),
+    error: row.error
+  };
+}
+function setTunnelState(db2, state) {
+  db2.prepare(`
+    UPDATE tunnel_state SET
+      configured = ?,
+      enabled = ?,
+      connected = ?,
+      url = ?,
+      domain = ?,
+      expose_ui = ?,
+      error = ?,
+      updated_at = datetime('now')
+    WHERE id = 1
+  `).run(
+    state.configured ? 1 : 0,
+    state.enabled ? 1 : 0,
+    state.connected ? 1 : 0,
+    state.url,
+    state.domain,
+    state.expose_ui ? 1 : 0,
+    state.error
+  );
+}
+
+// src/lib/tunnel/ngrok.ts
+var listener = null;
+async function startTunnel(config, port = 3e3) {
+  const db2 = getDb();
+  if (!config.enabled) {
+    try {
+      await ngrok.disconnect();
+      console.log("[tunnel] Tunnel disabled in config");
+    } catch {
+    }
+    listener = null;
+    const state = {
+      configured: true,
+      // Config exists but disabled
+      enabled: false,
+      connected: false,
+      url: null,
+      domain: null,
+      expose_ui: false,
+      error: null
+    };
+    setTunnelState(db2, state);
+    return state;
+  }
+  try {
+    const currentState = getTunnelState(db2);
+    const targetDomain = config.domain || null;
+    if (currentState.connected && currentState.domain === targetDomain) {
+      if (currentState.expose_ui !== (config.expose_ui ?? false)) {
+        console.log(`[tunnel] Updating expose_ui to ${config.expose_ui ?? false}`);
+        const updatedState = {
+          ...currentState,
+          expose_ui: config.expose_ui ?? false
+        };
+        setTunnelState(db2, updatedState);
+        return updatedState;
+      }
+      console.log("[tunnel] Tunnel already connected with same config");
+      return currentState;
+    }
+    try {
+      await ngrok.disconnect();
+      await new Promise((resolve3) => setTimeout(resolve3, 1e3));
+    } catch {
+    }
+    listener = null;
+    console.log("[tunnel] Starting ngrok tunnel...");
+    const forwardOptions = {
+      addr: port,
+      authtoken: config.authtoken
+    };
+    if (config.domain) {
+      forwardOptions.domain = config.domain;
+      console.log(`[tunnel] Using static domain: ${config.domain}`);
+    }
+    listener = await ngrok.forward(forwardOptions);
+    const url = listener.url();
+    const domain = url ? new URL(url).host : null;
+    const state = {
+      configured: true,
+      enabled: true,
+      connected: true,
+      url,
+      domain,
+      expose_ui: config.expose_ui ?? false,
+      error: null
+    };
+    setTunnelState(db2, state);
+    console.log(`[tunnel] Connected! Public URL: ${url}`);
+    if (!state.expose_ui) {
+      console.log("[tunnel] UI not exposed - only /api/webhook/* routes accessible via tunnel");
+    }
+    return state;
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error);
+    const state = {
+      configured: true,
+      enabled: true,
+      connected: false,
+      url: null,
+      domain: null,
+      expose_ui: false,
+      error: message
+    };
+    setTunnelState(db2, state);
+    console.error(`[tunnel] Failed to start: ${message}`);
+    return state;
+  }
+}
+async function stopTunnel() {
+  const db2 = getDb();
+  try {
+    await ngrok.disconnect();
+    console.log("[tunnel] All tunnels disconnected");
+  } catch (error) {
+    console.error("[tunnel] Error disconnecting:", error);
+  }
+  listener = null;
+  const state = {
+    configured: false,
+    // No tunnel config
+    enabled: false,
+    connected: false,
+    url: null,
+    domain: null,
+    expose_ui: false,
+    error: null
+  };
+  setTunnelState(db2, state);
+}
+function getTunnelStatus() {
+  const db2 = getDb();
+  return getTunnelState(db2);
+}
+
+// src/lib/config/loader.ts
+var cachedConfig = null;
+var configWatcher = null;
+var reloadTimeout = null;
+var watchedConfigPath = null;
+var DEFAULT_CONFIG = `# Charon trigger configuration
+# See docs/SPEC.md for configuration options
+
+triggers: []
+`;
+async function loadConfig(path = "config/triggers.yaml") {
+  if (!existsSync2(path)) {
+    mkdirSync(dirname(path), { recursive: true });
+    writeFileSync(path, DEFAULT_CONFIG, "utf-8");
+    console.log(`[config] Created default config at ${path}`);
+  }
+  const content = readFileSync2(path, "utf-8");
+  const result = parseConfig(content);
+  if (!result.success) {
+    throw new Error(`Invalid config: ${result.error.message}`);
+  }
+  cachedConfig = result.data;
+  return result.data;
+}
+async function initializeApp(configPath = "config/triggers.yaml") {
+  const config = await loadConfig(configPath);
+  const db2 = getDb();
+  initScheduler(db2, config.triggers);
+  if (config.tunnel) {
+    await startTunnel(config.tunnel);
+  } else {
+    await stopTunnel();
+  }
+  startConfigWatcher(configPath);
+  return {
+    config,
+    tunnel: getTunnelStatus()
+  };
+}
+function getConfig() {
+  if (!cachedConfig) {
+    throw new Error("Config not loaded. Call initializeApp() first.");
+  }
+  return cachedConfig;
+}
+function getTrigger(id) {
+  const config = getConfig();
+  return config.triggers.find((t) => t.id === id);
+}
+function startConfigWatcher(configPath = "config/triggers.yaml") {
+  if (configWatcher && watchedConfigPath === configPath) {
+    return;
+  }
+  stopConfigWatcher();
+  if (!existsSync2(configPath)) {
+    console.warn(`[config] Config file not found: ${configPath}, skipping watcher`);
+    return;
+  }
+  watchedConfigPath = configPath;
+  configWatcher = watch(configPath, (eventType) => {
+    if (eventType === "change") {
+      if (reloadTimeout) {
+        clearTimeout(reloadTimeout);
+      }
+      reloadTimeout = setTimeout(async () => {
+        console.log("[config] File changed, reloading...");
+        try {
+          await reloadConfig(configPath);
+          console.log("[config] Reload complete");
+        } catch (err) {
+          console.error("[config] Reload failed:", err instanceof Error ? err.message : err);
+        }
+      }, 300);
+    }
+  });
+  console.log(`[config] Watching ${configPath} for changes`);
+}
+function stopConfigWatcher() {
+  if (reloadTimeout) {
+    clearTimeout(reloadTimeout);
+    reloadTimeout = null;
+  }
+  if (configWatcher) {
+    configWatcher.close();
+    configWatcher = null;
+    watchedConfigPath = null;
+    console.log("[config] Stopped watching config file");
+  }
+}
+async function reloadConfig(configPath) {
+  const config = await loadConfig(configPath);
+  const db2 = getDb();
+  initScheduler(db2, config.triggers);
+  if (config.tunnel) {
+    await startTunnel(config.tunnel);
+  } else {
+    await stopTunnel();
+  }
+}
+
+// src/lib/config/writer.ts
+import { readFileSync as readFileSync3, writeFileSync as writeFileSync2 } from "fs";
+import { parse as parseYaml2, stringify as stringifyYaml } from "yaml";
+var DEFAULT_CONFIG_PATH = "config/triggers.yaml";
+async function writeTrigger(trigger, configPath = DEFAULT_CONFIG_PATH) {
+  const validation = validateTrigger(trigger);
+  if (!validation.success) {
+    const messages = validation.error.issues.map((i) => `${i.path.join(".")}: ${i.message}`).join(", ");
+    return { success: false, error: `Validation failed: ${messages}` };
+  }
+  try {
+    const content = readFileSync3(configPath, "utf-8");
+    const config = parseYaml2(content) || {};
+    if (!config.triggers) {
+      config.triggers = [];
+    }
+    const existingIndex = config.triggers.findIndex((t) => t.id === trigger.id);
+    const triggerObj = {
+      id: trigger.id,
+      name: trigger.name,
+      type: trigger.type,
+      enabled: trigger.enabled,
+      template: trigger.template,
+      egress: trigger.egress
+    };
+    if (trigger.schedule) {
+      triggerObj.schedule = trigger.schedule;
+    }
+    if (trigger.sanitizer) {
+      triggerObj.sanitizer = trigger.sanitizer;
+    }
+    if (trigger.context && Object.keys(trigger.context).length > 0) {
+      triggerObj.context = trigger.context;
+    }
+    if (existingIndex >= 0) {
+      config.triggers[existingIndex] = triggerObj;
+    } else {
+      config.triggers.push(triggerObj);
+    }
+    const yamlOutput = stringifyYaml(config, {
+      lineWidth: 0,
+      // Don't wrap long lines
+      defaultStringType: "PLAIN",
+      defaultKeyType: "PLAIN"
+    });
+    writeFileSync2(configPath, yamlOutput);
+    return { success: true };
+  } catch (err) {
+    return { success: false, error: `Write failed: ${err instanceof Error ? err.message : String(err)}` };
+  }
+}
+async function deleteTrigger(id, configPath = DEFAULT_CONFIG_PATH) {
+  try {
+    const content = readFileSync3(configPath, "utf-8");
+    const config = parseYaml2(content) || {};
+    if (!config.triggers || !Array.isArray(config.triggers)) {
+      return { success: false, error: `Trigger '${id}' not found` };
+    }
+    const existingIndex = config.triggers.findIndex((t) => t.id === id);
+    if (existingIndex < 0) {
+      return { success: false, error: `Trigger '${id}' not found` };
+    }
+    config.triggers.splice(existingIndex, 1);
+    const yamlOutput = stringifyYaml(config, {
+      lineWidth: 0,
+      defaultStringType: "PLAIN",
+      defaultKeyType: "PLAIN"
+    });
+    writeFileSync2(configPath, yamlOutput);
+    return { success: true };
+  } catch (err) {
+    return { success: false, error: `Delete failed: ${err instanceof Error ? err.message : String(err)}` };
+  }
+}
+async function listTriggerIds(configPath = DEFAULT_CONFIG_PATH) {
+  try {
+    const content = readFileSync3(configPath, "utf-8");
+    const config = parseYaml2(content) || {};
+    if (!config.triggers || !Array.isArray(config.triggers)) {
+      return [];
+    }
+    return config.triggers.map((t) => t.id).filter((id) => !!id);
+  } catch {
+    return [];
+  }
+}
+async function writeTunnelConfig(tunnel, configPath = DEFAULT_CONFIG_PATH) {
+  try {
+    const content = readFileSync3(configPath, "utf-8");
+    const config = parseYaml2(content) || {};
+    const tunnelObj = {
+      enabled: tunnel.enabled,
+      provider: tunnel.provider,
+      authtoken: tunnel.authtoken
+    };
+    if (tunnel.domain) {
+      tunnelObj.domain = tunnel.domain;
+    }
+    if (tunnel.expose_ui !== void 0) {
+      tunnelObj.expose_ui = tunnel.expose_ui;
+    }
+    config.tunnel = tunnelObj;
+    const yamlOutput = stringifyYaml(config, {
+      lineWidth: 0,
+      defaultStringType: "PLAIN",
+      defaultKeyType: "PLAIN"
+    });
+    writeFileSync2(configPath, yamlOutput);
+    return { success: true };
+  } catch (err) {
+    return { success: false, error: `Write failed: ${err instanceof Error ? err.message : String(err)}` };
+  }
+}
+async function getTunnelConfig(configPath = DEFAULT_CONFIG_PATH) {
+  try {
+    const content = readFileSync3(configPath, "utf-8");
+    const config = parseYaml2(content) || {};
+    if (!config.tunnel) {
+      return null;
+    }
+    return {
+      enabled: config.tunnel.enabled ?? false,
+      provider: config.tunnel.provider ?? "ngrok",
+      authtoken: config.tunnel.authtoken ?? "",
+      domain: config.tunnel.domain,
+      expose_ui: config.tunnel.expose_ui
+    };
+  } catch {
+    return null;
+  }
+}
+
+// src/server/routes/triggers.ts
+var triggersRoutes = new Hono();
+async function createTriggerInternal(trigger, configPath) {
+  const validation = validateTrigger(trigger);
+  if (!validation.success) {
+    return {
+      success: false,
+      error: "Validation failed",
+      details: validation.error.issues,
+      status: 400
+    };
+  }
+  const existingIds = await listTriggerIds(configPath);
+  if (existingIds.includes(trigger.id)) {
+    return {
+      success: false,
+      error: `Trigger '${trigger.id}' already exists`,
+      status: 409
+    };
+  }
+  const result = await writeTrigger(trigger, configPath);
+  if (!result.success) {
+    return {
+      success: false,
+      error: result.error,
+      status: 500
+    };
+  }
+  return {
+    success: true,
+    trigger,
+    status: 201
+  };
+}
+async function updateTriggerInternal(id, trigger, configPath) {
+  const validation = validateTrigger(trigger);
+  if (!validation.success) {
+    return {
+      success: false,
+      error: "Validation failed",
+      details: validation.error.issues,
+      status: 400
+    };
+  }
+  const existingIds = await listTriggerIds(configPath);
+  if (!existingIds.includes(id)) {
+    return {
+      success: false,
+      error: `Trigger '${id}' not found`,
+      status: 404
+    };
+  }
+  const idChanged = trigger.id !== id;
+  if (idChanged && existingIds.includes(trigger.id)) {
+    return {
+      success: false,
+      error: `Trigger '${trigger.id}' already exists`,
+      status: 409
+    };
+  }
+  if (idChanged) {
+    const deleteResult = await deleteTrigger(id, configPath);
+    if (!deleteResult.success) {
+      return {
+        success: false,
+        error: deleteResult.error,
+        status: 500
+      };
+    }
+  }
+  const result = await writeTrigger(trigger, configPath);
+  if (!result.success) {
+    return {
+      success: false,
+      error: result.error,
+      status: 500
+    };
+  }
+  return {
+    success: true,
+    trigger,
+    id_changed: idChanged || void 0,
+    old_id: idChanged ? id : void 0,
+    status: 200
+  };
+}
+async function deleteTriggerInternal(id, configPath) {
+  const existingIds = await listTriggerIds(configPath);
+  if (!existingIds.includes(id)) {
+    return {
+      success: false,
+      error: `Trigger '${id}' not found`,
+      status: 404
+    };
+  }
+  const result = await deleteTrigger(id, configPath);
+  if (!result.success) {
+    return {
+      success: false,
+      error: result.error,
+      status: 500
+    };
+  }
+  return {
+    success: true,
+    deleted_id: id,
+    status: 200
+  };
+}
+var configLoaded = false;
+async function ensureConfig() {
+  if (!configLoaded) {
+    await loadConfig();
+    configLoaded = true;
+  }
+}
+async function testTriggerInternal(id, payload, configPath) {
+  if (configPath) {
+    await loadConfig(configPath);
+  } else {
+    await ensureConfig();
+  }
+  const config = getConfig();
+  const trigger = config.triggers.find((t) => t.id === id);
+  if (!trigger) {
+    return {
+      success: false,
+      error: `Trigger '${id}' not found`,
+      status: 404
+    };
+  }
+  const db2 = getDb();
+  try {
+    let result;
+    if (trigger.type === "cron") {
+      result = await processCron(db2, trigger);
+    } else {
+      const webhookPayload = payload || {};
+      result = await processWebhook(db2, trigger, webhookPayload, {});
+    }
+    return {
+      success: true,
+      run: result.run,
+      task_descriptor: result.task,
+      status: 200
+    };
+  } catch (error) {
+    return {
+      success: false,
+      error: error instanceof Error ? error.message : "Test execution failed",
+      status: 500
+    };
+  }
+}
+triggersRoutes.get("/", async (c) => {
+  const config = await loadConfig();
+  const db2 = getDb();
+  const triggers = config.triggers.map((trigger) => {
+    const runs = listRuns(db2, { trigger_id: trigger.id, limit: 100 });
+    const now = Date.now();
+    const oneDayAgo = now - 24 * 60 * 60 * 1e3;
+    const recentRuns = runs.filter(
+      (r) => new Date(r.started_at).getTime() > oneDayAgo
+    );
+    return {
+      config: trigger,
+      stats: {
+        last_triggered: runs[0]?.started_at ?? null,
+        runs_24h: recentRuns.length,
+        completed_24h: recentRuns.filter((r) => r.status === "completed").length,
+        skipped_24h: recentRuns.filter((r) => r.status === "skipped").length,
+        errors_24h: recentRuns.filter((r) => r.status === "error").length
+      }
+    };
+  });
+  return c.json({ triggers });
+});
+triggersRoutes.post("/", async (c) => {
+  const body = await c.req.json();
+  const result = await createTriggerInternal(body);
+  if (!result.success) {
+    return c.json({
+      success: false,
+      error: result.error,
+      details: result.details
+    }, result.status);
+  }
+  return c.json({
+    success: true,
+    trigger: result.trigger
+  }, 201);
+});
+triggersRoutes.put("/:id", async (c) => {
+  const id = c.req.param("id");
+  const body = await c.req.json();
+  const result = await updateTriggerInternal(id, body);
+  if (!result.success) {
+    return c.json({
+      success: false,
+      error: result.error,
+      details: result.details
+    }, result.status);
+  }
+  const response = {
+    success: true,
+    trigger: result.trigger
+  };
+  if (result.id_changed) {
+    response.id_changed = true;
+    response.old_id = result.old_id;
+  }
+  return c.json(response, 200);
+});
+triggersRoutes.delete("/:id", async (c) => {
+  const id = c.req.param("id");
+  const result = await deleteTriggerInternal(id);
+  if (!result.success) {
+    return c.json({
+      success: false,
+      error: result.error
+    }, result.status);
+  }
+  return c.json({
+    success: true,
+    deleted_id: result.deleted_id
+  }, 200);
+});
+triggersRoutes.post("/:id/test", async (c) => {
+  const id = c.req.param("id");
+  const body = await c.req.json().catch(() => ({}));
+  const result = await testTriggerInternal(id, body.payload);
+  if (!result.success) {
+    return c.json({
+      success: false,
+      error: result.error
+    }, result.status);
+  }
+  return c.json({
+    run: result.run,
+    task_descriptor: result.task_descriptor
+  }, 200);
+});
+
+// src/server/routes/runs.ts
+import { Hono as Hono2 } from "hono";
+var runsRoutes = new Hono2();
+runsRoutes.get("/", async (c) => {
+  const trigger_id = c.req.query("trigger_id") ?? void 0;
+  const status = c.req.query("status") ?? void 0;
+  const limit = parseInt(c.req.query("limit") ?? "50", 10);
+  const offset = parseInt(c.req.query("offset") ?? "0", 10);
+  const db2 = getDb();
+  const runs = listRuns(db2, { trigger_id, status, limit: limit + 1, offset });
+  const hasMore = runs.length > limit;
+  if (hasMore) runs.pop();
+  return c.json({
+    runs,
+    total: runs.length,
+    has_more: hasMore
+  });
+});
+runsRoutes.get("/:id", async (c) => {
+  const id = c.req.param("id");
+  const db2 = getDb();
+  const run = getRun(db2, id);
+  if (!run) {
+    return c.json(
+      { error: "run_not_found", message: `Run '${id}' does not exist` },
+      404
+    );
+  }
+  const events = listEvents(db2, { run_id: id });
+  return c.json({ run, events });
+});
+
+// src/server/routes/sanitizers.ts
+import { Hono as Hono3 } from "hono";
+import { readdirSync, existsSync as existsSync3, writeFileSync as writeFileSync3, mkdirSync as mkdirSync2 } from "fs";
+import { join as join2 } from "path";
+var sanitizersRoutes = new Hono3();
+var DEFAULT_SANITIZERS_DIR = process.env.CHARON_SANITIZERS_DIR || "sanitizers";
+var BOILERPLATE = `/**
+ * Sanitizer function for processing webhook payloads.
+ *
+ * @param payload - The raw webhook payload
+ * @param headers - HTTP headers from the webhook request
+ * @param trigger - The trigger configuration
+ * @returns Extracted context object, or null to skip this trigger
+ */
+const sanitize = (payload: unknown, headers: Record<string, string>, trigger: { id: string }) => {
+  // Return null to skip this trigger
+  // Return extracted context to continue processing
+  return { payload };
+};
+
+export default sanitize;
+`;
+function sanitizeName(name) {
+  return name.toLowerCase().replace(/[^a-z0-9]+/g, "-").replace(/^-+|-+$/g, "").replace(/-+/g, "-");
+}
+function listSanitizersInternal(sanitizersDir = DEFAULT_SANITIZERS_DIR) {
+  if (!existsSync3(sanitizersDir)) {
+    return [];
+  }
+  const files = readdirSync(sanitizersDir);
+  return files.filter((f) => f.endsWith(".ts")).map((f) => ({
+    name: f.replace(".ts", ""),
+    path: join2(sanitizersDir, f)
+  }));
+}
+function createSanitizerInternal(rawName, sanitizersDir = DEFAULT_SANITIZERS_DIR) {
+  if (!rawName || typeof rawName !== "string") {
+    return { success: false, error: "Name is required", status: 400 };
+  }
+  const name = sanitizeName(rawName);
+  if (!name) {
+    return { success: false, error: "Invalid name", status: 400 };
+  }
+  const filePath = join2(sanitizersDir, `${name}.ts`);
+  if (existsSync3(filePath)) {
+    return { success: false, error: `Sanitizer '${name}' already exists`, status: 409 };
+  }
+  if (!existsSync3(sanitizersDir)) {
+    mkdirSync2(sanitizersDir, { recursive: true });
+  }
+  writeFileSync3(filePath, BOILERPLATE);
+  return { success: true, name, path: filePath, status: 201 };
+}
+sanitizersRoutes.get("/", async (c) => {
+  try {
+    const sanitizers = listSanitizersInternal();
+    return c.json({ sanitizers });
+  } catch (error) {
+    return c.json({
+      success: false,
+      error: error instanceof Error ? error.message : "Failed to list sanitizers"
+    }, 500);
+  }
+});
+sanitizersRoutes.post("/", async (c) => {
+  try {
+    const body = await c.req.json();
+    const result = createSanitizerInternal(body.name);
+    if (!result.success) {
+      return c.json({
+        success: false,
+        error: result.error
+      }, result.status);
+    }
+    return c.json({
+      success: true,
+      name: result.name,
+      path: result.path
+    }, 201);
+  } catch (error) {
+    return c.json({
+      success: false,
+      error: error instanceof Error ? error.message : "Failed to create sanitizer"
+    }, 500);
+  }
+});
+
+// src/server/routes/tunnel.ts
+import { Hono as Hono4 } from "hono";
+var tunnelRoutes = new Hono4();
+tunnelRoutes.get("/", async (c) => {
+  const status = getTunnelStatus();
+  const config = await getTunnelConfig();
+  return c.json({ ...status, config });
+});
+tunnelRoutes.post("/", async (c) => {
+  try {
+    const config = getConfig();
+    if (!config.tunnel?.enabled) {
+      return c.json(
+        { success: false, error: "Tunnel not enabled in config" },
+        400
+      );
+    }
+    const status = await startTunnel(config.tunnel);
+    return c.json({
+      success: status.connected,
+      ...status
+    });
+  } catch (error) {
+    const message = error instanceof Error ? error.message : "Unknown error";
+    return c.json(
+      { success: false, error: message },
+      500
+    );
+  }
+});
+tunnelRoutes.put("/", async (c) => {
+  try {
+    const body = await c.req.json();
+    if (!body.provider) {
+      return c.json(
+        { success: false, error: "Provider is required" },
+        400
+      );
+    }
+    if (!body.authtoken) {
+      return c.json(
+        { success: false, error: "Auth token is required" },
+        400
+      );
+    }
+    const result = await writeTunnelConfig(body);
+    if (!result.success) {
+      return c.json(
+        { success: false, error: result.error },
+        500
+      );
+    }
+    return c.json({ success: true });
+  } catch (error) {
+    const message = error instanceof Error ? error.message : "Unknown error";
+    return c.json(
+      { success: false, error: message },
+      500
+    );
+  }
+});
+tunnelRoutes.delete("/", async (c) => {
+  await stopTunnel();
+  return c.json({ success: true, message: "Tunnel stopped" });
+});
+
+// src/server/routes/webhook.ts
+import { Hono as Hono5 } from "hono";
+var webhookRoutes = new Hono5();
+var configLoaded2 = false;
+async function ensureConfig2() {
+  if (!configLoaded2) {
+    await loadConfig();
+    configLoaded2 = true;
+  }
+}
+webhookRoutes.post("/:id", async (c) => {
+  await ensureConfig2();
+  const id = c.req.param("id");
+  const trigger = getTrigger(id);
+  if (!trigger) {
+    return c.json(
+      { error: "trigger_not_found", message: `Trigger '${id}' does not exist` },
+      404
+    );
+  }
+  if (!trigger.enabled) {
+    return c.json(
+      { error: "trigger_disabled", message: `Trigger '${id}' is disabled` },
+      400
+    );
+  }
+  if (trigger.type !== "webhook") {
+    return c.json(
+      { error: "invalid_trigger_type", message: `Trigger '${id}' is not a webhook` },
+      400
+    );
+  }
+  const payload = await c.req.json().catch(() => ({}));
+  const headers = {};
+  c.req.raw.headers.forEach((value, key) => {
+    headers[key] = value;
+  });
+  const db2 = getDb();
+  const result = await processWebhook(db2, trigger, payload, headers);
+  return c.json(
+    { run_id: result.run.id, status: result.run.status },
+    202
+  );
+});
+
+// src/server/routes/task.ts
+import { Hono as Hono6 } from "hono";
+var taskRoutes = new Hono6();
+taskRoutes.post("/complete", async (c) => {
+  try {
+    const body = await c.req.json();
+    const { summary, pid: _pid } = body;
+    const now = (/* @__PURE__ */ new Date()).toISOString();
+    const db2 = getDb();
+    const recentRuns = listRuns(db2, { status: "completed", limit: 10 });
+    const run = recentRuns.find((r) => {
+      if (!r.task_descriptor) return false;
+      if (r.egress_result) return false;
+      const startedAt = new Date(r.started_at).getTime();
+      const hourAgo = Date.now() - 60 * 60 * 1e3;
+      return startedAt > hourAgo;
+    });
+    if (!run) {
+      console.log("[task/complete] No matching run found, logging completion anyway");
+      return c.json({
+        success: true,
+        message: "Completion logged (no matching run found)",
+        summary
+      });
+    }
+    updateRun(db2, run.id, {
+      egress_result: {
+        completed_at: now,
+        summary
+      }
+    });
+    console.log(`[task/complete] Run ${run.id} updated with egress result. Summary: ${summary ?? "(none)"}`);
+    return c.json({
+      success: true,
+      run_id: run.id,
+      summary
+    });
+  } catch (error) {
+    console.error("[task/complete] Error:", error);
+    return c.json(
+      { success: false, error: String(error) },
+      500
+    );
+  }
+});
+
+// src/server/middleware/tunnel-proxy.ts
+var TUNNEL_PATTERNS = [
+  ".ngrok-free.app",
+  ".ngrok-free.dev",
+  ".ngrok.io",
+  ".ngrok.app"
+];
+function isTunnelHost(host) {
+  return TUNNEL_PATTERNS.some((pattern) => host.includes(pattern));
+}
+async function tunnelProxyMiddleware(c, next) {
+  const host = c.req.header("host") || "";
+  const pathname = new URL(c.req.url).pathname;
+  if (!isTunnelHost(host)) {
+    return next();
+  }
+  if (pathname.startsWith("/api/webhook/")) {
+    return next();
+  }
+  const status = getTunnelStatus();
+  if (!status.expose_ui) {
+    return c.text("Not Found", 404);
+  }
+  return next();
+}
+
+// src/server/app.ts
+var app = new Hono7();
+app.use("*", logger());
+app.use("*", tunnelProxyMiddleware);
+app.route("/api/triggers", triggersRoutes);
+app.route("/api/runs", runsRoutes);
+app.route("/api/sanitizers", sanitizersRoutes);
+app.route("/api/tunnel", tunnelRoutes);
+app.route("/api/webhook", webhookRoutes);
+app.route("/api/task", taskRoutes);
+app.use("/*", serveStatic({ root: "./dist/client" }));
+app.get("*", serveStatic({ path: "./dist/client/index.html" }));
+
+// src/server/init.ts
+async function initializeServices() {
+  try {
+    const { config, tunnel } = await initializeApp();
+    console.log(`[init] Loaded ${config.triggers.length} triggers`);
+    if (tunnel.connected) {
+      console.log(`[init] Tunnel connected: ${tunnel.url}`);
+    }
+  } catch (error) {
+    console.error("[init] Failed to initialize:", error);
+    throw error;
+  }
+}
+
+// src/server/index.ts
+var PORT = parseInt(process.env.PORT || "3000", 10);
+await initializeServices();
+if (typeof Bun !== "undefined") {
+  const server = Bun.serve({
+    fetch: app.fetch,
+    port: PORT
+  });
+  console.log(`[server] Charon running at http://localhost:${server.port}`);
+} else {
+  const { serve } = await import("@hono/node-server");
+  serve({
+    fetch: app.fetch,
+    port: PORT
+  }, (info) => {
+    console.log(`[server] Charon running at http://localhost:${info.port}`);
+  });
+}