create-tunnlo 0.1.1

package/dist/index.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":""}

package/dist/index.js

@@ -0,0 +1,264 @@
+#!/usr/bin/env node
+import { mkdir, writeFile } from 'node:fs/promises';
+import { join } from 'node:path';
+import { createInterface } from 'node:readline';
+const rl = createInterface({ input: process.stdin, output: process.stdout });
+let rlClosed = false;
+rl.on('close', () => { rlClosed = true; });
+function ask(question) {
+    return new Promise((resolve) => {
+        if (rlClosed)
+            return resolve('');
+        rl.question(question, (a) => resolve(a.trim()));
+        rl.once('close', () => resolve(''));
+    });
+}
+async function choose(question, options) {
+    console.log(question);
+    options.forEach((opt, i) => console.log(`  ${i + 1}) ${opt.label}`));
+    const answer = await ask(`  Choice [1]: `);
+    const index = parseInt(answer || '1', 10) - 1;
+    return (index >= 0 && index < options.length) ? options[index].value : options[0].value;
+}
+// ── Config generators ──────────────────────────────────────────────────────
+function stdinConfig(model) {
+    return `# Tunnlo Pipeline Configuration
+# Docs: https://tunnlo.dev
+
+sources:
+  - id: stdin-input
+    adapter: native/stdin
+    config: {}
+
+# ─── Alternative: Wireshark / tshark ────────────────────────────────────────
+# To monitor live network traffic instead, replace the source above with:
+#
+# Prerequisite: install tshark — https://www.wireshark.org/download.html
+#   macOS:  brew install wireshark
+#   Ubuntu: sudo apt install tshark
+#
+# sources:
+#   - id: network-traffic
+#     adapter: native/tshark
+#     config:
+#       interface: en0          # find yours: ip link (Linux) or networksetup -listallnetworkservices (macOS)
+#       capture_filter: tcp     # optional BPF filter, e.g. "tcp port 443"
+#       output_format: json
+# ────────────────────────────────────────────────────────────────────────────
+
+filters:
+  - type: rate-limiter
+    max_events_per_minute: 30
+
+  - type: dedup
+    window_seconds: 10
+    key_fields:
+      - payload.data
+
+agent:
+  runtime: direct-llm
+  model: ${model}
+  system_prompt: |
+    You are a monitoring agent. Analyze incoming events and respond with
+    observations, potential issues, and recommended actions.
+
+    If you want to trigger a webhook action, include a JSON block like:
+    \`\`\`json:actions
+    [{"type": "webhook", "config": {}, "payload": {"message": "your alert"}}]
+    \`\`\`
+  token_budget:
+    max_per_hour: 50000
+    max_per_event: 4000
+
+behavior:
+  on_llm_unreachable: drop_and_alert
+`;
+}
+function tsharkConfig(model, iface, captureFilter) {
+    const filterLine = captureFilter ? `      capture_filter: "${captureFilter}"` : `      # capture_filter: tcp   # optional BPF filter, e.g. "tcp port 443"`;
+    return `# Tunnlo Pipeline Configuration — Network Monitor
+# Docs: https://tunnlo.dev
+#
+# Prerequisite: tshark must be installed.
+#   macOS:  brew install wireshark
+#   Ubuntu: sudo apt install tshark
+#   Windows: install Wireshark from https://www.wireshark.org/download.html
+
+sources:
+  - id: network-traffic
+    adapter: native/tshark
+    config:
+      interface: ${iface}
+${filterLine}
+      output_format: json
+
+filters:
+  - type: dedup
+    window_seconds: 30
+    key_fields:
+      - payload.src_ip
+      - payload.dst_port
+
+  - type: rate-limiter
+    max_events_per_minute: 20
+
+agent:
+  runtime: direct-llm
+  model: ${model}
+  system_prompt: |
+    You are a network security analyst monitoring live traffic.
+    For each packet event, assess:
+    1. Is this normal traffic or potentially suspicious?
+    2. What kind of activity does this represent?
+    3. Should an alert be raised?
+
+    If you detect suspicious activity, trigger a webhook alert:
+    \`\`\`json:actions
+    [{"type": "webhook", "config": {}, "payload": {"severity": "high", "message": "description"}}]
+    \`\`\`
+  token_budget:
+    max_per_hour: 100000
+    max_per_event: 4000
+
+behavior:
+  on_llm_unreachable: drop_and_alert
+`;
+}
+function logConfig(model, logPath) {
+    return `# Tunnlo Pipeline Configuration — Log Monitor
+# Docs: https://tunnlo.dev
+
+sources:
+  - id: log-file
+    adapter: native/log-tailer
+    config:
+      path: ${logPath}
+      # poll_interval_ms: 500   # how often to check for new lines
+
+filters:
+  - type: rate-limiter
+    max_events_per_minute: 30
+
+  - type: dedup
+    window_seconds: 10
+    key_fields:
+      - payload.data
+
+agent:
+  runtime: direct-llm
+  model: ${model}
+  system_prompt: |
+    You are a log analysis agent. Monitor incoming log lines and identify
+    errors, warnings, anomalies, or patterns worth flagging.
+  token_budget:
+    max_per_hour: 50000
+    max_per_event: 4000
+
+behavior:
+  on_llm_unreachable: drop_and_alert
+`;
+}
+function envExample(model) {
+    if (model.startsWith('anthropic/'))
+        return 'ANTHROPIC_API_KEY=\n';
+    if (model.startsWith('openai/'))
+        return 'OPENAI_API_KEY=\n';
+    // ollama — no key needed
+    return '# Ollama runs locally — no API key required.\n# Make sure ollama is running: ollama serve\n';
+}
+function startInstructions(source, projectName, model) {
+    const lines = [
+        '',
+        `Done! To get started:`,
+        '',
+        `  cd ${projectName}`,
+        `  npm install`,
+    ];
+    if (!model.startsWith('ollama/')) {
+        lines.push(`  cp .env.example .env  # add your API key`);
+    }
+    if (source === 'tshark') {
+        lines.push('', '  # tshark must be installed:', '  #   macOS:  brew install wireshark', '  #   Ubuntu: sudo apt install tshark');
+    }
+    lines.push(`  npm start`, '');
+    return lines.join('\n');
+}
+// ── Main ───────────────────────────────────────────────────────────────────
+async function main() {
+    const projectName = process.argv[2];
+    if (!projectName) {
+        console.log('Usage: npm create tunnlo <project-name>');
+        process.exit(1);
+    }
+    if (!/^[a-zA-Z0-9_-]+$/.test(projectName)) {
+        console.error('Error: project name must only contain letters, numbers, hyphens, and underscores.');
+        process.exit(1);
+    }
+    const projectDir = join(process.cwd(), projectName);
+    console.log(`\nCreating Tunnlo project: ${projectName}\n`);
+    // ── Prompts ──
+    const source = await choose('What data source will you use?', [
+        { label: 'Standard input (stdin) — pipe data in manually', value: 'stdin' },
+        { label: 'Wireshark / tshark — monitor live network traffic', value: 'tshark' },
+        { label: 'Log file — tail a log file on disk', value: 'log' },
+    ]);
+    let iface = 'en0';
+    let captureFilter = '';
+    let logPath = '/var/log/syslog';
+    if (source === 'tshark') {
+        iface = await ask('  Network interface (e.g. en0, eth0) [en0]: ') || 'en0';
+        captureFilter = await ask('  Capture filter — leave blank for all traffic (e.g. tcp, "tcp port 443") [none]: ');
+    }
+    else if (source === 'log') {
+        logPath = await ask('  Path to log file [/var/log/syslog]: ') || '/var/log/syslog';
+    }
+    console.log('');
+    const model = await choose('Which LLM will you use?', [
+        { label: 'Anthropic Claude (requires ANTHROPIC_API_KEY)', value: 'anthropic/claude-sonnet-4-5' },
+        { label: 'OpenAI GPT-4o (requires OPENAI_API_KEY)', value: 'openai/gpt-4o' },
+        { label: 'Ollama — local models, no API key needed', value: 'ollama/llama3.1:8b' },
+    ]);
+    rl.close();
+    // ── Generate config ──
+    let tunnloYaml;
+    if (source === 'tshark') {
+        tunnloYaml = tsharkConfig(model, iface, captureFilter);
+    }
+    else if (source === 'log') {
+        tunnloYaml = logConfig(model, logPath);
+    }
+    else {
+        tunnloYaml = stdinConfig(model);
+    }
+    // ── Scaffold files ──
+    await mkdir(projectDir, { recursive: true });
+    const pkg = {
+        name: projectName,
+        version: '0.1.0',
+        private: true,
+        type: 'module',
+        scripts: {
+            start: 'tunnlo start tunnlo.yaml',
+            validate: 'tunnlo validate tunnlo.yaml',
+        },
+        dependencies: {
+            '@tunnlo/cli': '^0.1.0',
+            '@tunnlo/core': '^0.1.0',
+            '@tunnlo/adapters': '^0.1.0',
+            '@tunnlo/filters': '^0.1.0',
+            '@tunnlo/bridge-llm': '^0.1.0',
+            '@tunnlo/actions': '^0.1.0',
+        },
+    };
+    await writeFile(join(projectDir, 'package.json'), JSON.stringify(pkg, null, 2));
+    await writeFile(join(projectDir, 'tunnlo.yaml'), tunnloYaml);
+    await writeFile(join(projectDir, '.gitignore'), 'node_modules/\n.env\n.env.*\n');
+    await writeFile(join(projectDir, '.env.example'), envExample(model));
+    console.log(startInstructions(source, projectName, model));
+}
+main().catch((err) => {
+    rl.close();
+    console.error('Error:', err.message);
+    process.exit(1);
+});
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAEhD,MAAM,EAAE,GAAG,eAAe,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;AAC7E,IAAI,QAAQ,GAAG,KAAK,CAAC;AACrB,EAAE,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,QAAQ,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;AAE3C,SAAS,GAAG,CAAC,QAAgB;IAC3B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,IAAI,QAAQ;YAAE,OAAO,OAAO,CAAC,EAAE,CAAC,CAAC;QACjC,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QAChD,EAAE,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,MAAM,CAAC,QAAgB,EAAE,OAA2C;IACjF,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACtB,OAAO,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;IACrE,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAC3C,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,IAAI,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;IAC9C,OAAO,CAAC,KAAK,IAAI,CAAC,IAAI,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;AAC1F,CAAC;AAED,8EAA8E;AAE9E,SAAS,WAAW,CAAC,KAAa;IAChC,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;WAmCE,KAAK;;;;;;;;;;;;;;;CAef,CAAC;AACF,CAAC;AAED,SAAS,YAAY,CAAC,KAAa,EAAE,KAAa,EAAE,aAAqB;IACvE,MAAM,UAAU,GAAG,aAAa,CAAC,CAAC,CAAC,0BAA0B,aAAa,GAAG,CAAC,CAAC,CAAC,0EAA0E,CAAC;IAC3J,OAAO;;;;;;;;;;;;mBAYU,KAAK;EACtB,UAAU;;;;;;;;;;;;;;;WAeD,KAAK;;;;;;;;;;;;;;;;;;CAkBf,CAAC;AACF,CAAC;AAED,SAAS,SAAS,CAAC,KAAa,EAAE,OAAe;IAC/C,OAAO;;;;;;;cAOK,OAAO;;;;;;;;;;;;;;WAcV,KAAK;;;;;;;;;;CAUf,CAAC;AACF,CAAC;AAED,SAAS,UAAU,CAAC,KAAa;IAC/B,IAAI,KAAK,CAAC,UAAU,CAAC,YAAY,CAAC;QAAE,OAAO,sBAAsB,CAAC;IAClE,IAAI,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,mBAAmB,CAAC;IAC5D,yBAAyB;IACzB,OAAO,6FAA6F,CAAC;AACvG,CAAC;AAED,SAAS,iBAAiB,CAAC,MAAc,EAAE,WAAmB,EAAE,KAAa;IAC3E,MAAM,KAAK,GAAa;QACtB,EAAE;QACF,uBAAuB;QACvB,EAAE;QACF,QAAQ,WAAW,EAAE;QACrB,eAAe;KAChB,CAAC;IAEF,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QACjC,KAAK,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;IAC3D,CAAC;IAED,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;QACxB,KAAK,CAAC,IAAI,CACR,EAAE,EACF,+BAA+B,EAC/B,sCAAsC,EACtC,uCAAuC,CACxC,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;IAC9B,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,8EAA8E;AAE9E,KAAK,UAAU,IAAI;IACjB,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAEpC,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,CAAC,GAAG,CAAC,yCAAyC,CAAC,CAAC;QACvD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;QAC1C,OAAO,CAAC,KAAK,CAAC,mFAAmF,CAAC,CAAC;QACnG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,WAAW,CAAC,CAAC;IACpD,OAAO,CAAC,GAAG,CAAC,8BAA8B,WAAW,IAAI,CAAC,CAAC;IAE3D,gBAAgB;IAEhB,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,gCAAgC,EAAE;QAC5D,EAAE,KAAK,EAAE,gDAAgD,EAAE,KAAK,EAAE,OAAO,EAAE;QAC3E,EAAE,KAAK,EAAE,mDAAmD,EAAE,KAAK,EAAE,QAAQ,EAAE;QAC/E,EAAE,KAAK,EAAE,oCAAoC,EAAE,KAAK,EAAE,KAAK,EAAE;KAC9D,CAAC,CAAC;IAEH,IAAI,KAAK,GAAG,KAAK,CAAC;IAClB,IAAI,aAAa,GAAG,EAAE,CAAC;IACvB,IAAI,OAAO,GAAG,iBAAiB,CAAC;IAEhC,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;QACxB,KAAK,GAAG,MAAM,GAAG,CAAC,8CAA8C,CAAC,IAAI,KAAK,CAAC;QAC3E,aAAa,GAAG,MAAM,GAAG,CAAC,oFAAoF,CAAC,CAAC;IAClH,CAAC;SAAM,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;QAC5B,OAAO,GAAG,MAAM,GAAG,CAAC,wCAAwC,CAAC,IAAI,iBAAiB,CAAC;IACrF,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAEhB,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,yBAAyB,EAAE;QACpD,EAAE,KAAK,EAAE,+CAA+C,EAAE,KAAK,EAAE,6BAA6B,EAAE;QAChG,EAAE,KAAK,EAAE,yCAAyC,EAAE,KAAK,EAAE,eAAe,EAAE;QAC5E,EAAE,KAAK,EAAE,0CAA0C,EAAE,KAAK,EAAE,oBAAoB,EAAE;KACnF,CAAC,CAAC;IAEH,EAAE,CAAC,KAAK,EAAE,CAAC;IAEX,wBAAwB;IAExB,IAAI,UAAkB,CAAC;IACvB,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;QACxB,UAAU,GAAG,YAAY,CAAC,KAAK,EAAE,KAAK,EAAE,aAAa,CAAC,CAAC;IACzD,CAAC;SAAM,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;QAC5B,UAAU,GAAG,SAAS,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IACzC,CAAC;SAAM,CAAC;QACN,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;IAClC,CAAC;IAED,uBAAuB;IAEvB,MAAM,KAAK,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE7C,MAAM,GAAG,GAAG;QACV,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,OAAO;QAChB,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,QAAQ;QACd,OAAO,EAAE;YACP,KAAK,EAAE,0BAA0B;YACjC,QAAQ,EAAE,6BAA6B;SACxC;QACD,YAAY,EAAE;YACZ,aAAa,EAAE,QAAQ;YACvB,cAAc,EAAE,QAAQ;YACxB,kBAAkB,EAAE,QAAQ;YAC5B,iBAAiB,EAAE,QAAQ;YAC3B,oBAAoB,EAAE,QAAQ;YAC9B,iBAAiB,EAAE,QAAQ;SAC5B;KACF,CAAC;IAEF,MAAM,SAAS,CAAC,IAAI,CAAC,UAAU,EAAE,cAAc,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAChF,MAAM,SAAS,CAAC,IAAI,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,UAAU,CAAC,CAAC;IAC7D,MAAM,SAAS,CAAC,IAAI,CAAC,UAAU,EAAE,YAAY,CAAC,EAAE,+BAA+B,CAAC,CAAC;IACjF,MAAM,SAAS,CAAC,IAAI,CAAC,UAAU,EAAE,cAAc,CAAC,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;IAErE,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,MAAM,EAAE,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;AAC7D,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACnB,EAAE,CAAC,KAAK,EAAE,CAAC;IACX,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;IACrC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/package.json

@@ -0,0 +1,14 @@
+{
+  "name": "create-tunnlo",
+  "version": "0.1.1",
+  "description": "Scaffolding tool for new Tunnlo projects",
+  "license": "MIT",
+  "type": "module",
+  "bin": {
+    "create-tunnlo": "dist/index.js"
+  },
+  "scripts": {
+    "build": "tsc -b"
+  },
+  "files": ["dist", "templates"]
+}

package/templates/security-monitor/tunnlo.yaml

@@ -0,0 +1,53 @@
+# Tunnlo Security Monitor Template
+# Monitors network traffic via tshark and sends alerts to LLM
+
+sources:
+  - id: wireshark-capture
+    adapter: native/tshark
+    config:
+      interface: eth0
+      capture_filter: "tcp port 80 or tcp port 443"
+      output_format: json
+
+filters:
+  - type: content-filter
+    rules:
+      - field: payload.flags
+        match: "SYN"
+      - field: payload.dst_port
+        in: [22, 3389, 445]
+    mode: any
+
+  - type: dedup
+    window_seconds: 30
+    key_fields:
+      - payload.src_ip
+      - payload.dst_port
+
+  - type: rate-limiter
+    max_events_per_minute: 20
+
+agent:
+  runtime: direct-llm
+  model: anthropic/claude-sonnet-4-5
+  system_prompt: |
+    You are a security monitoring agent analyzing network traffic events.
+
+    For each event, assess:
+    1. Is this normal traffic or potentially suspicious?
+    2. What kind of activity does this represent?
+    3. Should an alert be raised?
+
+    If you detect suspicious activity, trigger a webhook alert:
+    ```json:actions
+    [{"type": "webhook", "config": {}, "payload": {"severity": "high", "message": "description"}}]
+    ```
+  token_budget:
+    max_per_hour: 100000
+    max_per_event: 4000
+  actions:
+    - type: webhook
+      url: "https://hooks.slack.com/services/YOUR/WEBHOOK/URL"
+
+behavior:
+  on_llm_unreachable: drop_and_alert